Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(179)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/net/ssl_config_service_manager_pref.cc

Issue 8772014: Add a preference for enabling the TLS origin-bound certificates extension. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 9 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« chrome/app/policy/policy_templates.json ('K') | « chrome/app/policy/policy_templates.json ('k') | chrome/browser/policy/configuration_policy_handler_list.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 #include "chrome/browser/net/ssl_config_service_manager.h" 4 #include "chrome/browser/net/ssl_config_service_manager.h"
5 5
6 #include <algorithm> 6 #include <algorithm>
7 #include <string> 7 #include <string>
8 #include <vector> 8 #include <vector>
9 9
10 #include "base/basictypes.h" 10 #include "base/basictypes.h"
(...skipping 122 matching lines...) Expand 10 before | Expand all | Expand 10 after
133 // Processes changes to the disabled cipher suites preference, updating the 133 // Processes changes to the disabled cipher suites preference, updating the
134 // cached list of parsed SSL/TLS cipher suites that are disabled. 134 // cached list of parsed SSL/TLS cipher suites that are disabled.
135 void OnDisabledCipherSuitesChange(PrefService* prefs); 135 void OnDisabledCipherSuitesChange(PrefService* prefs);
136 136
137 PrefChangeRegistrar pref_change_registrar_; 137 PrefChangeRegistrar pref_change_registrar_;
138 138
139 // The prefs (should only be accessed from UI thread) 139 // The prefs (should only be accessed from UI thread)
140 BooleanPrefMember rev_checking_enabled_; 140 BooleanPrefMember rev_checking_enabled_;
141 BooleanPrefMember ssl3_enabled_; 141 BooleanPrefMember ssl3_enabled_;
142 BooleanPrefMember tls1_enabled_; 142 BooleanPrefMember tls1_enabled_;
143 BooleanPrefMember origin_bound_certs_enabled_;
143 144
144 // The cached list of disabled SSL cipher suites. 145 // The cached list of disabled SSL cipher suites.
145 std::vector<uint16> disabled_cipher_suites_; 146 std::vector<uint16> disabled_cipher_suites_;
146 147
147 scoped_refptr<SSLConfigServicePref> ssl_config_service_; 148 scoped_refptr<SSLConfigServicePref> ssl_config_service_;
148 149
149 DISALLOW_COPY_AND_ASSIGN(SSLConfigServiceManagerPref); 150 DISALLOW_COPY_AND_ASSIGN(SSLConfigServiceManagerPref);
150 }; 151 };
151 152
152 SSLConfigServiceManagerPref::SSLConfigServiceManagerPref( 153 SSLConfigServiceManagerPref::SSLConfigServiceManagerPref(
153 PrefService* local_state) 154 PrefService* local_state)
154 : ssl_config_service_(new SSLConfigServicePref()) { 155 : ssl_config_service_(new SSLConfigServicePref()) {
155 DCHECK(local_state); 156 DCHECK(local_state);
156 157
157 rev_checking_enabled_.Init(prefs::kCertRevocationCheckingEnabled, 158 rev_checking_enabled_.Init(prefs::kCertRevocationCheckingEnabled,
158 local_state, this); 159 local_state, this);
159 ssl3_enabled_.Init(prefs::kSSL3Enabled, local_state, this); 160 ssl3_enabled_.Init(prefs::kSSL3Enabled, local_state, this);
160 tls1_enabled_.Init(prefs::kTLS1Enabled, local_state, this); 161 tls1_enabled_.Init(prefs::kTLS1Enabled, local_state, this);
162 origin_bound_certs_enabled_.Init(prefs::kEnableOriginBoundCerts,
163 local_state, this);
161 pref_change_registrar_.Init(local_state); 164 pref_change_registrar_.Init(local_state);
162 pref_change_registrar_.Add(prefs::kCipherSuiteBlacklist, this); 165 pref_change_registrar_.Add(prefs::kCipherSuiteBlacklist, this);
163 166
164 OnDisabledCipherSuitesChange(local_state); 167 OnDisabledCipherSuitesChange(local_state);
165 // Initialize from UI thread. This is okay as there shouldn't be anything on 168 // Initialize from UI thread. This is okay as there shouldn't be anything on
166 // the IO thread trying to access it yet. 169 // the IO thread trying to access it yet.
167 GetSSLConfigFromPrefs(&ssl_config_service_->cached_config_); 170 GetSSLConfigFromPrefs(&ssl_config_service_->cached_config_);
168 } 171 }
169 172
170 // static 173 // static
171 void SSLConfigServiceManagerPref::RegisterPrefs(PrefService* prefs) { 174 void SSLConfigServiceManagerPref::RegisterPrefs(PrefService* prefs) {
172 net::SSLConfig default_config; 175 net::SSLConfig default_config;
173 prefs->RegisterBooleanPref(prefs::kCertRevocationCheckingEnabled, 176 prefs->RegisterBooleanPref(prefs::kCertRevocationCheckingEnabled,
174 default_config.rev_checking_enabled); 177 default_config.rev_checking_enabled);
175 prefs->RegisterBooleanPref(prefs::kSSL3Enabled, 178 prefs->RegisterBooleanPref(prefs::kSSL3Enabled,
176 default_config.ssl3_enabled); 179 default_config.ssl3_enabled);
177 prefs->RegisterBooleanPref(prefs::kTLS1Enabled, 180 prefs->RegisterBooleanPref(prefs::kTLS1Enabled,
178 default_config.tls1_enabled); 181 default_config.tls1_enabled);
182 prefs->RegisterBooleanPref(prefs::kEnableOriginBoundCerts,
183 default_config.origin_bound_certs_enabled);
179 prefs->RegisterListPref(prefs::kCipherSuiteBlacklist); 184 prefs->RegisterListPref(prefs::kCipherSuiteBlacklist);
180 // The Options menu used to allow changing the ssl.ssl3.enabled and 185 // The Options menu used to allow changing the ssl.ssl3.enabled and
181 // ssl.tls1.enabled preferences, so some users' Local State may have 186 // ssl.tls1.enabled preferences, so some users' Local State may have
182 // these preferences. Remove them from Local State. 187 // these preferences. Remove them from Local State.
183 prefs->ClearPref(prefs::kSSL3Enabled); 188 prefs->ClearPref(prefs::kSSL3Enabled);
184 prefs->ClearPref(prefs::kTLS1Enabled); 189 prefs->ClearPref(prefs::kTLS1Enabled);
185 } 190 }
186 191
187 net::SSLConfigService* SSLConfigServiceManagerPref::Get() { 192 net::SSLConfigService* SSLConfigServiceManagerPref::Get() {
188 return ssl_config_service_; 193 return ssl_config_service_;
(...skipping 25 matching lines...) Expand all
214 new_config)); 219 new_config));
215 } 220 }
216 } 221 }
217 222
218 void SSLConfigServiceManagerPref::GetSSLConfigFromPrefs( 223 void SSLConfigServiceManagerPref::GetSSLConfigFromPrefs(
219 net::SSLConfig* config) { 224 net::SSLConfig* config) {
220 config->rev_checking_enabled = rev_checking_enabled_.GetValue(); 225 config->rev_checking_enabled = rev_checking_enabled_.GetValue();
221 config->ssl3_enabled = ssl3_enabled_.GetValue(); 226 config->ssl3_enabled = ssl3_enabled_.GetValue();
222 config->tls1_enabled = tls1_enabled_.GetValue(); 227 config->tls1_enabled = tls1_enabled_.GetValue();
223 config->disabled_cipher_suites = disabled_cipher_suites_; 228 config->disabled_cipher_suites = disabled_cipher_suites_;
229 config->origin_bound_certs_enabled = origin_bound_certs_enabled_.GetValue();
224 SSLConfigServicePref::SetSSLConfigFlags(config); 230 SSLConfigServicePref::SetSSLConfigFlags(config);
225 } 231 }
226 232
227 void SSLConfigServiceManagerPref::OnDisabledCipherSuitesChange( 233 void SSLConfigServiceManagerPref::OnDisabledCipherSuitesChange(
228 PrefService* prefs) { 234 PrefService* prefs) {
229 const ListValue* value = prefs->GetList(prefs::kCipherSuiteBlacklist); 235 const ListValue* value = prefs->GetList(prefs::kCipherSuiteBlacklist);
230 disabled_cipher_suites_ = ParseCipherSuites(ListValueToStringVector(value)); 236 disabled_cipher_suites_ = ParseCipherSuites(ListValueToStringVector(value));
231 } 237 }
232 238
233 //////////////////////////////////////////////////////////////////////////////// 239 ////////////////////////////////////////////////////////////////////////////////
234 // SSLConfigServiceManager 240 // SSLConfigServiceManager
235 241
236 // static 242 // static
237 SSLConfigServiceManager* SSLConfigServiceManager::CreateDefaultManager( 243 SSLConfigServiceManager* SSLConfigServiceManager::CreateDefaultManager(
238 PrefService* local_state) { 244 PrefService* local_state) {
239 return new SSLConfigServiceManagerPref(local_state); 245 return new SSLConfigServiceManagerPref(local_state);
240 } 246 }
241 247
242 // static 248 // static
243 void SSLConfigServiceManager::RegisterPrefs(PrefService* prefs) { 249 void SSLConfigServiceManager::RegisterPrefs(PrefService* prefs) {
244 SSLConfigServiceManagerPref::RegisterPrefs(prefs); 250 SSLConfigServiceManagerPref::RegisterPrefs(prefs);
245 } 251 }
OLDNEW
« chrome/app/policy/policy_templates.json ('K') | « chrome/app/policy/policy_templates.json ('k') | chrome/browser/policy/configuration_policy_handler_list.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698