| Index: net/base/ssl_config_service.cc
|
| diff --git a/net/base/ssl_config_service.cc b/net/base/ssl_config_service.cc
|
| deleted file mode 100644
|
| index 7dfe05eaf377ef81c3642d99978ce853a134fae0..0000000000000000000000000000000000000000
|
| --- a/net/base/ssl_config_service.cc
|
| +++ /dev/null
|
| @@ -1,175 +0,0 @@
|
| -// Copyright (c) 2012 The Chromium Authors. All rights reserved.
|
| -// Use of this source code is governed by a BSD-style license that can be
|
| -// found in the LICENSE file.
|
| -
|
| -#include "net/base/ssl_config_service.h"
|
| -
|
| -#include "base/lazy_instance.h"
|
| -#include "base/memory/ref_counted.h"
|
| -#include "base/synchronization/lock.h"
|
| -#include "net/base/crl_set.h"
|
| -#include "net/base/ssl_config_service_defaults.h"
|
| -
|
| -#if defined(USE_OPENSSL)
|
| -#include <openssl/ssl.h>
|
| -#endif
|
| -
|
| -namespace net {
|
| -
|
| -static uint16 g_default_version_min = SSL_PROTOCOL_VERSION_SSL3;
|
| -
|
| -static uint16 g_default_version_max =
|
| -#if defined(USE_OPENSSL)
|
| -#if defined(SSL_OP_NO_TLSv1_1)
|
| - SSL_PROTOCOL_VERSION_TLS1_1;
|
| -#else
|
| - SSL_PROTOCOL_VERSION_TLS1;
|
| -#endif
|
| -#else
|
| - SSL_PROTOCOL_VERSION_TLS1_1;
|
| -#endif
|
| -
|
| -SSLConfig::CertAndStatus::CertAndStatus() : cert_status(0) {}
|
| -
|
| -SSLConfig::CertAndStatus::~CertAndStatus() {}
|
| -
|
| -SSLConfig::SSLConfig()
|
| - : rev_checking_enabled(false),
|
| - version_min(g_default_version_min),
|
| - version_max(g_default_version_max),
|
| - cached_info_enabled(false),
|
| - channel_id_enabled(true),
|
| - false_start_enabled(true),
|
| - send_client_cert(false),
|
| - verify_ev_cert(false),
|
| - version_fallback(false),
|
| - cert_io_enabled(true) {
|
| -}
|
| -
|
| -SSLConfig::~SSLConfig() {
|
| -}
|
| -
|
| -bool SSLConfig::IsAllowedBadCert(X509Certificate* cert,
|
| - CertStatus* cert_status) const {
|
| - std::string der_cert;
|
| - if (!X509Certificate::GetDEREncoded(cert->os_cert_handle(), &der_cert))
|
| - return false;
|
| - return IsAllowedBadCert(der_cert, cert_status);
|
| -}
|
| -
|
| -bool SSLConfig::IsAllowedBadCert(const base::StringPiece& der_cert,
|
| - CertStatus* cert_status) const {
|
| - for (size_t i = 0; i < allowed_bad_certs.size(); ++i) {
|
| - if (der_cert == allowed_bad_certs[i].der_cert) {
|
| - if (cert_status)
|
| - *cert_status = allowed_bad_certs[i].cert_status;
|
| - return true;
|
| - }
|
| - }
|
| - return false;
|
| -}
|
| -
|
| -SSLConfigService::SSLConfigService()
|
| - : observer_list_(ObserverList<Observer>::NOTIFY_EXISTING_ONLY) {
|
| -}
|
| -
|
| -static bool g_cached_info_enabled = false;
|
| -
|
| -// GlobalCRLSet holds a reference to the global CRLSet. It simply wraps a lock
|
| -// around a scoped_refptr so that getting a reference doesn't race with
|
| -// updating the CRLSet.
|
| -class GlobalCRLSet {
|
| - public:
|
| - void Set(const scoped_refptr<CRLSet>& new_crl_set) {
|
| - base::AutoLock locked(lock_);
|
| - crl_set_ = new_crl_set;
|
| - }
|
| -
|
| - scoped_refptr<CRLSet> Get() const {
|
| - base::AutoLock locked(lock_);
|
| - return crl_set_;
|
| - }
|
| -
|
| - private:
|
| - scoped_refptr<CRLSet> crl_set_;
|
| - mutable base::Lock lock_;
|
| -};
|
| -
|
| -base::LazyInstance<GlobalCRLSet>::Leaky g_crl_set = LAZY_INSTANCE_INITIALIZER;
|
| -
|
| -// static
|
| -void SSLConfigService::SetCRLSet(scoped_refptr<CRLSet> crl_set) {
|
| - // Note: this can be called concurently with GetCRLSet().
|
| - g_crl_set.Get().Set(crl_set);
|
| -}
|
| -
|
| -// static
|
| -scoped_refptr<CRLSet> SSLConfigService::GetCRLSet() {
|
| - return g_crl_set.Get().Get();
|
| -}
|
| -
|
| -void SSLConfigService::EnableCachedInfo() {
|
| - g_cached_info_enabled = true;
|
| -}
|
| -
|
| -// static
|
| -bool SSLConfigService::cached_info_enabled() {
|
| - return g_cached_info_enabled;
|
| -}
|
| -
|
| -// static
|
| -uint16 SSLConfigService::default_version_min() {
|
| - return g_default_version_min;
|
| -}
|
| -
|
| -// static
|
| -uint16 SSLConfigService::default_version_max() {
|
| - return g_default_version_max;
|
| -}
|
| -
|
| -void SSLConfigService::AddObserver(Observer* observer) {
|
| - observer_list_.AddObserver(observer);
|
| -}
|
| -
|
| -void SSLConfigService::RemoveObserver(Observer* observer) {
|
| - observer_list_.RemoveObserver(observer);
|
| -}
|
| -
|
| -void SSLConfigService::NotifySSLConfigChange() {
|
| - FOR_EACH_OBSERVER(Observer, observer_list_, OnSSLConfigChanged());
|
| -}
|
| -
|
| -SSLConfigService::~SSLConfigService() {
|
| -}
|
| -
|
| -// static
|
| -void SSLConfigService::SetSSLConfigFlags(SSLConfig* ssl_config) {
|
| - ssl_config->cached_info_enabled = g_cached_info_enabled;
|
| -}
|
| -
|
| -void SSLConfigService::ProcessConfigUpdate(const SSLConfig& orig_config,
|
| - const SSLConfig& new_config) {
|
| - bool config_changed =
|
| - (orig_config.rev_checking_enabled != new_config.rev_checking_enabled) ||
|
| - (orig_config.version_min != new_config.version_min) ||
|
| - (orig_config.version_max != new_config.version_max) ||
|
| - (orig_config.disabled_cipher_suites !=
|
| - new_config.disabled_cipher_suites) ||
|
| - (orig_config.channel_id_enabled != new_config.channel_id_enabled) ||
|
| - (orig_config.false_start_enabled != new_config.false_start_enabled);
|
| -
|
| - if (config_changed)
|
| - NotifySSLConfigChange();
|
| -}
|
| -
|
| -// static
|
| -bool SSLConfigService::IsSNIAvailable(SSLConfigService* service) {
|
| - if (!service)
|
| - return false;
|
| -
|
| - SSLConfig ssl_config;
|
| - service->GetSSLConfig(&ssl_config);
|
| - return ssl_config.version_max >= SSL_PROTOCOL_VERSION_TLS1;
|
| -}
|
| -
|
| -} // namespace net
|
|
|
Chromium Code Reviews
Issue 12680003:
net: split net/ssl out of net/base (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src