Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(118)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/test_root_certs.h

Issue 14492003: Work around GTE CyberTrust/Baltimore CyberTrust cross-signing issues (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Review feedback Created 7 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/cert/cert_verify_proc_unittest.cc ('k') | net/cert/test_root_certs_mac.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_CERT_TEST_ROOT_CERTS_H_ 5 #ifndef NET_CERT_TEST_ROOT_CERTS_H_
6 #define NET_CERT_TEST_ROOT_CERTS_H_ 6 #define NET_CERT_TEST_ROOT_CERTS_H_
7 7
8 #include "base/lazy_instance.h" 8 #include "base/lazy_instance.h"
9 #include "base/memory/ref_counted.h" 9 #include "base/memory/ref_counted.h"
10 #include "build/build_config.h" 10 #include "build/build_config.h"
(...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after
56 // Returns true if there are no certificates that have been marked trusted. 56 // Returns true if there are no certificates that have been marked trusted.
57 bool IsEmpty() const; 57 bool IsEmpty() const;
58 58
59 #if defined(OS_MACOSX) && !defined(OS_IOS) 59 #if defined(OS_MACOSX) && !defined(OS_IOS)
60 CFArrayRef temporary_roots() const { return temporary_roots_; } 60 CFArrayRef temporary_roots() const { return temporary_roots_; }
61 61
62 // Modifies the root certificates of |trust_ref| to include the 62 // Modifies the root certificates of |trust_ref| to include the
63 // certificates stored in |temporary_roots_|. If IsEmpty() is true, this 63 // certificates stored in |temporary_roots_|. If IsEmpty() is true, this
64 // does not modify |trust_ref|. 64 // does not modify |trust_ref|.
65 OSStatus FixupSecTrustRef(SecTrustRef trust_ref) const; 65 OSStatus FixupSecTrustRef(SecTrustRef trust_ref) const;
66
67 // Configures whether or not the default/system root store should also
68 // be trusted. By default, this is true, indicating that the TestRootCerts
69 // are used in addition to OS trust store.
70 void SetAllowSystemTrust(bool allow_system_trust);
71
66 #elif defined(OS_WIN) 72 #elif defined(OS_WIN)
67 HCERTSTORE temporary_roots() const { return temporary_roots_; } 73 HCERTSTORE temporary_roots() const { return temporary_roots_; }
68 74
69 // Returns an HCERTCHAINENGINE suitable to be used for certificate 75 // Returns an HCERTCHAINENGINE suitable to be used for certificate
70 // validation routines, or NULL to indicate that the default system chain 76 // validation routines, or NULL to indicate that the default system chain
71 // engine is appropriate. The caller is responsible for freeing the 77 // engine is appropriate. The caller is responsible for freeing the
72 // returned HCERTCHAINENGINE. 78 // returned HCERTCHAINENGINE.
73 HCERTCHAINENGINE GetChainEngine() const; 79 HCERTCHAINENGINE GetChainEngine() const;
74 #endif 80 #endif
75 81
76 private: 82 private:
77 friend struct base::DefaultLazyInstanceTraits<TestRootCerts>; 83 friend struct base::DefaultLazyInstanceTraits<TestRootCerts>;
78 84
79 TestRootCerts(); 85 TestRootCerts();
80 ~TestRootCerts(); 86 ~TestRootCerts();
81 87
82 // Performs platform-dependent initialization. 88 // Performs platform-dependent initialization.
83 void Init(); 89 void Init();
84 90
85 #if defined(USE_NSS) || defined(OS_IOS) 91 #if defined(USE_NSS) || defined(OS_IOS)
86 // It is necessary to maintain a cache of the original certificate trust 92 // It is necessary to maintain a cache of the original certificate trust
87 // settings, in order to restore them when Clear() is called. 93 // settings, in order to restore them when Clear() is called.
88 class TrustEntry; 94 class TrustEntry;
89 std::list<TrustEntry*> trust_cache_; 95 std::list<TrustEntry*> trust_cache_;
90 #elif defined(OS_WIN) 96 #elif defined(OS_WIN)
91 HCERTSTORE temporary_roots_; 97 HCERTSTORE temporary_roots_;
92 #elif defined(OS_MACOSX) 98 #elif defined(OS_MACOSX)
93 base::mac::ScopedCFTypeRef<CFMutableArrayRef> temporary_roots_; 99 base::mac::ScopedCFTypeRef<CFMutableArrayRef> temporary_roots_;
100 bool allow_system_trust_;
94 #endif 101 #endif
95 102
96 #if defined(OS_WIN) || defined(USE_OPENSSL) 103 #if defined(OS_WIN) || defined(USE_OPENSSL)
97 // True if there are no temporarily trusted root certificates. 104 // True if there are no temporarily trusted root certificates.
98 bool empty_; 105 bool empty_;
99 #endif 106 #endif
100 107
101 DISALLOW_COPY_AND_ASSIGN(TestRootCerts); 108 DISALLOW_COPY_AND_ASSIGN(TestRootCerts);
102 }; 109 };
103 110
(...skipping 14 matching lines...) Expand all
118 125
119 private: 126 private:
120 scoped_refptr<X509Certificate> cert_; 127 scoped_refptr<X509Certificate> cert_;
121 128
122 DISALLOW_COPY_AND_ASSIGN(ScopedTestRoot); 129 DISALLOW_COPY_AND_ASSIGN(ScopedTestRoot);
123 }; 130 };
124 131
125 } // namespace net 132 } // namespace net
126 133
127 #endif // NET_CERT_TEST_ROOT_CERTS_H_ 134 #endif // NET_CERT_TEST_ROOT_CERTS_H_
OLDNEW
« no previous file with comments | « net/cert/cert_verify_proc_unittest.cc ('k') | net/cert/test_root_certs_mac.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698