summaryrefslogtreecommitdiffstats
path: root/net/base/ssl_config_service.cc
diff options
context:
space:
mode:
Diffstat (limited to 'net/base/ssl_config_service.cc')
-rw-r--r--net/base/ssl_config_service.cc13
1 files changed, 13 insertions, 0 deletions
diff --git a/net/base/ssl_config_service.cc b/net/base/ssl_config_service.cc
index d8ecb0b..5c38f97 100644
--- a/net/base/ssl_config_service.cc
+++ b/net/base/ssl_config_service.cc
@@ -99,6 +99,7 @@ static bool g_dnssec_enabled = false;
static bool g_false_start_enabled = true;
static bool g_mitm_proxies_allowed = false;
static bool g_snap_start_enabled = false;
+static bool g_dns_cert_provenance_checking = false;
// static
void SSLConfigService::SetSSLConfigFlags(SSLConfig* ssl_config) {
@@ -106,6 +107,8 @@ void SSLConfigService::SetSSLConfigFlags(SSLConfig* ssl_config) {
ssl_config->false_start_enabled = g_false_start_enabled;
ssl_config->mitm_proxies_allowed = g_mitm_proxies_allowed;
ssl_config->snap_start_enabled = g_snap_start_enabled;
+ ssl_config->dns_cert_provenance_checking_enabled =
+ g_dns_cert_provenance_checking;
}
// static
@@ -148,6 +151,16 @@ bool SSLConfigService::mitm_proxies_allowed() {
return g_mitm_proxies_allowed;
}
+// static
+void SSLConfigService::EnableDNSCertProvenanceChecking() {
+ g_dns_cert_provenance_checking = true;
+}
+
+// static
+bool SSLConfigService::dns_cert_provenance_checking_enabled() {
+ return g_dns_cert_provenance_checking;
+}
+
void SSLConfigService::AddObserver(Observer* observer) {
observer_list_.AddObserver(observer);
}
generated by cgit v1.1 at 2025-11-06 20:23:01 +0000