| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 #include "chrome/browser/net/ssl_config_service_manager.h" | 4 #include "chrome/browser/net/ssl_config_service_manager.h" |
| 5 | 5 |
| 6 #include <algorithm> | 6 #include <algorithm> |
| 7 #include <string> | 7 #include <string> |
| 8 #include <vector> | 8 #include <vector> |
| 9 | 9 |
| 10 #include "base/basictypes.h" | 10 #include "base/basictypes.h" |
| 11 #include "base/bind.h" | 11 #include "base/bind.h" |
| 12 #include "base/command_line.h" | |
| 13 #include "chrome/browser/prefs/pref_change_registrar.h" | 12 #include "chrome/browser/prefs/pref_change_registrar.h" |
| 14 #include "chrome/browser/prefs/pref_member.h" | 13 #include "chrome/browser/prefs/pref_member.h" |
| 15 #include "chrome/browser/prefs/pref_service.h" | 14 #include "chrome/browser/prefs/pref_service.h" |
| 16 #include "chrome/common/chrome_notification_types.h" | 15 #include "chrome/common/chrome_notification_types.h" |
| 17 #include "chrome/common/chrome_switches.h" | |
| 18 #include "chrome/common/pref_names.h" | 16 #include "chrome/common/pref_names.h" |
| 19 #include "content/browser/browser_thread.h" | 17 #include "content/browser/browser_thread.h" |
| 20 #include "content/common/notification_details.h" | 18 #include "content/common/notification_details.h" |
| 21 #include "content/common/notification_source.h" | 19 #include "content/common/notification_source.h" |
| 22 #include "net/base/ssl_cipher_suite_names.h" | 20 #include "net/base/ssl_cipher_suite_names.h" |
| 23 #include "net/base/ssl_config_service.h" | 21 #include "net/base/ssl_config_service.h" |
| 24 | 22 |
| 25 namespace { | 23 namespace { |
| 26 | 24 |
| 27 // Converts a ListValue of StringValues into a vector of strings. Any Values | 25 // Converts a ListValue of StringValues into a vector of strings. Any Values |
| (...skipping 102 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 130 void GetSSLConfigFromPrefs(net::SSLConfig* config); | 128 void GetSSLConfigFromPrefs(net::SSLConfig* config); |
| 131 | 129 |
| 132 // Processes changes to the disabled cipher suites preference, updating the | 130 // Processes changes to the disabled cipher suites preference, updating the |
| 133 // cached list of parsed SSL/TLS cipher suites that are disabled. | 131 // cached list of parsed SSL/TLS cipher suites that are disabled. |
| 134 void OnDisabledCipherSuitesChange(PrefService* prefs); | 132 void OnDisabledCipherSuitesChange(PrefService* prefs); |
| 135 | 133 |
| 136 PrefChangeRegistrar pref_change_registrar_; | 134 PrefChangeRegistrar pref_change_registrar_; |
| 137 | 135 |
| 138 // The prefs (should only be accessed from UI thread) | 136 // The prefs (should only be accessed from UI thread) |
| 139 BooleanPrefMember rev_checking_enabled_; | 137 BooleanPrefMember rev_checking_enabled_; |
| 138 BooleanPrefMember ssl3_enabled_; |
| 139 BooleanPrefMember tls1_enabled_; |
| 140 | 140 |
| 141 // The cached list of disabled SSL cipher suites. | 141 // The cached list of disabled SSL cipher suites. |
| 142 std::vector<uint16> disabled_cipher_suites_; | 142 std::vector<uint16> disabled_cipher_suites_; |
| 143 | 143 |
| 144 scoped_refptr<SSLConfigServicePref> ssl_config_service_; | 144 scoped_refptr<SSLConfigServicePref> ssl_config_service_; |
| 145 | 145 |
| 146 DISALLOW_COPY_AND_ASSIGN(SSLConfigServiceManagerPref); | 146 DISALLOW_COPY_AND_ASSIGN(SSLConfigServiceManagerPref); |
| 147 }; | 147 }; |
| 148 | 148 |
| 149 SSLConfigServiceManagerPref::SSLConfigServiceManagerPref( | 149 SSLConfigServiceManagerPref::SSLConfigServiceManagerPref( |
| 150 PrefService* local_state) | 150 PrefService* local_state) |
| 151 : ssl_config_service_(new SSLConfigServicePref()) { | 151 : ssl_config_service_(new SSLConfigServicePref()) { |
| 152 DCHECK(local_state); | 152 DCHECK(local_state); |
| 153 | 153 |
| 154 rev_checking_enabled_.Init(prefs::kCertRevocationCheckingEnabled, | 154 rev_checking_enabled_.Init(prefs::kCertRevocationCheckingEnabled, |
| 155 local_state, this); | 155 local_state, this); |
| 156 ssl3_enabled_.Init(prefs::kSSL3Enabled, local_state, this); |
| 157 tls1_enabled_.Init(prefs::kTLS1Enabled, local_state, this); |
| 156 pref_change_registrar_.Init(local_state); | 158 pref_change_registrar_.Init(local_state); |
| 157 pref_change_registrar_.Add(prefs::kCipherSuiteBlacklist, this); | 159 pref_change_registrar_.Add(prefs::kCipherSuiteBlacklist, this); |
| 158 | 160 |
| 159 OnDisabledCipherSuitesChange(local_state); | 161 OnDisabledCipherSuitesChange(local_state); |
| 160 // Initialize from UI thread. This is okay as there shouldn't be anything on | 162 // Initialize from UI thread. This is okay as there shouldn't be anything on |
| 161 // the IO thread trying to access it yet. | 163 // the IO thread trying to access it yet. |
| 162 GetSSLConfigFromPrefs(&ssl_config_service_->cached_config_); | 164 GetSSLConfigFromPrefs(&ssl_config_service_->cached_config_); |
| 163 } | 165 } |
| 164 | 166 |
| 165 // static | 167 // static |
| 166 void SSLConfigServiceManagerPref::RegisterPrefs(PrefService* prefs) { | 168 void SSLConfigServiceManagerPref::RegisterPrefs(PrefService* prefs) { |
| 167 net::SSLConfig default_config; | 169 net::SSLConfig default_config; |
| 168 prefs->RegisterBooleanPref(prefs::kCertRevocationCheckingEnabled, | 170 prefs->RegisterBooleanPref(prefs::kCertRevocationCheckingEnabled, |
| 169 default_config.rev_checking_enabled); | 171 default_config.rev_checking_enabled); |
| 172 prefs->RegisterBooleanPref(prefs::kSSL3Enabled, |
| 173 default_config.ssl3_enabled); |
| 174 prefs->RegisterBooleanPref(prefs::kTLS1Enabled, |
| 175 default_config.tls1_enabled); |
| 170 prefs->RegisterListPref(prefs::kCipherSuiteBlacklist); | 176 prefs->RegisterListPref(prefs::kCipherSuiteBlacklist); |
| 177 // The Options menu used to allow changing the ssl.ssl3.enabled and |
| 178 // ssl.tls1.enabled preferences, so some users' Local State may have |
| 179 // these preferences. Remove them from Local State. |
| 180 prefs->ClearPref(prefs::kSSL3Enabled); |
| 181 prefs->ClearPref(prefs::kTLS1Enabled); |
| 171 } | 182 } |
| 172 | 183 |
| 173 net::SSLConfigService* SSLConfigServiceManagerPref::Get() { | 184 net::SSLConfigService* SSLConfigServiceManagerPref::Get() { |
| 174 return ssl_config_service_; | 185 return ssl_config_service_; |
| 175 } | 186 } |
| 176 | 187 |
| 177 void SSLConfigServiceManagerPref::Observe(int type, | 188 void SSLConfigServiceManagerPref::Observe(int type, |
| 178 const NotificationSource& source, | 189 const NotificationSource& source, |
| 179 const NotificationDetails& details) { | 190 const NotificationDetails& details) { |
| 180 if (type == chrome::NOTIFICATION_PREF_CHANGED) { | 191 if (type == chrome::NOTIFICATION_PREF_CHANGED) { |
| (...skipping 15 matching lines...) Expand all Loading... |
| 196 base::Bind( | 207 base::Bind( |
| 197 &SSLConfigServicePref::SetNewSSLConfig, | 208 &SSLConfigServicePref::SetNewSSLConfig, |
| 198 ssl_config_service_.get(), | 209 ssl_config_service_.get(), |
| 199 new_config)); | 210 new_config)); |
| 200 } | 211 } |
| 201 } | 212 } |
| 202 | 213 |
| 203 void SSLConfigServiceManagerPref::GetSSLConfigFromPrefs( | 214 void SSLConfigServiceManagerPref::GetSSLConfigFromPrefs( |
| 204 net::SSLConfig* config) { | 215 net::SSLConfig* config) { |
| 205 config->rev_checking_enabled = rev_checking_enabled_.GetValue(); | 216 config->rev_checking_enabled = rev_checking_enabled_.GetValue(); |
| 206 | 217 config->ssl3_enabled = ssl3_enabled_.GetValue(); |
| 207 config->ssl3_enabled = | 218 config->tls1_enabled = tls1_enabled_.GetValue(); |
| 208 !CommandLine::ForCurrentProcess()->HasSwitch(switches::kDisableSSL3); | |
| 209 config->tls1_enabled = | |
| 210 !CommandLine::ForCurrentProcess()->HasSwitch(switches::kDisableTLS1); | |
| 211 | |
| 212 config->disabled_cipher_suites = disabled_cipher_suites_; | 219 config->disabled_cipher_suites = disabled_cipher_suites_; |
| 213 SSLConfigServicePref::SetSSLConfigFlags(config); | 220 SSLConfigServicePref::SetSSLConfigFlags(config); |
| 214 } | 221 } |
| 215 | 222 |
| 216 void SSLConfigServiceManagerPref::OnDisabledCipherSuitesChange( | 223 void SSLConfigServiceManagerPref::OnDisabledCipherSuitesChange( |
| 217 PrefService* prefs) { | 224 PrefService* prefs) { |
| 218 const ListValue* value = prefs->GetList(prefs::kCipherSuiteBlacklist); | 225 const ListValue* value = prefs->GetList(prefs::kCipherSuiteBlacklist); |
| 219 disabled_cipher_suites_ = ParseCipherSuites(ListValueToStringVector(value)); | 226 disabled_cipher_suites_ = ParseCipherSuites(ListValueToStringVector(value)); |
| 220 } | 227 } |
| 221 | 228 |
| 222 //////////////////////////////////////////////////////////////////////////////// | 229 //////////////////////////////////////////////////////////////////////////////// |
| 223 // SSLConfigServiceManager | 230 // SSLConfigServiceManager |
| 224 | 231 |
| 225 // static | 232 // static |
| 226 SSLConfigServiceManager* SSLConfigServiceManager::CreateDefaultManager( | 233 SSLConfigServiceManager* SSLConfigServiceManager::CreateDefaultManager( |
| 227 PrefService* local_state) { | 234 PrefService* local_state) { |
| 228 return new SSLConfigServiceManagerPref(local_state); | 235 return new SSLConfigServiceManagerPref(local_state); |
| 229 } | 236 } |
| 230 | 237 |
| 231 // static | 238 // static |
| 232 void SSLConfigServiceManager::RegisterPrefs(PrefService* prefs) { | 239 void SSLConfigServiceManager::RegisterPrefs(PrefService* prefs) { |
| 233 SSLConfigServiceManagerPref::RegisterPrefs(prefs); | 240 SSLConfigServiceManagerPref::RegisterPrefs(prefs); |
| 234 } | 241 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 7776002:
Add back prefs::kSSL3Enabled and prefs::kTLS1Enabled, but control (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/