Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(4002)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/chromeos/policy/network_configuration_updater.h

Issue 13035003: Added a PolicyCertVerifier that uses the trust anchors from the ONC policies. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Addressed comments Created 7 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/chromeos/cros/network_library_unittest.cc ('k') | chrome/browser/chromeos/policy/network_configuration_updater.cc » ('j') | chrome/browser/chromeos/policy/policy_cert_verifier.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/chromeos/policy/network_configuration_updater.h
diff --git a/chrome/browser/chromeos/policy/network_configuration_updater.h b/chrome/browser/chromeos/policy/network_configuration_updater.h
index bd0bcd94619a928c0df5c7d04a71b36da042947d..98fb64c0f6ca3b8d1676975cc475e2f21f7fe880 100644
--- a/chrome/browser/chromeos/policy/network_configuration_updater.h
+++ b/chrome/browser/chromeos/policy/network_configuration_updater.h
@@ -17,6 +17,10 @@ namespace base {
class Value;
}
+namespace net {
+class CertTrustAnchorProvider;
+}
+
namespace policy {
class PolicyMap;
@@ -45,9 +49,20 @@ class NetworkConfigurationUpdater
void OnUserPolicyInitialized();
// Web trust isn't given to certificates imported from ONC by default. Setting
- // |allow_web_trust| to true allows giving Web trust to the certificates that
+ // |allow| to true allows giving Web trust to the certificates that
// request it.
- void set_allow_web_trust(bool allow) { allow_web_trust_ = allow; }
+ void set_allow_trusted_certificates_from_policy(bool allow) {
+ allow_trusted_certificates_from_policy_ = allow;
+ }
+
+ // Returns a CertTrustAnchorProvider that provides the list of server and
+ // CA certificates with the Web trust flag set that were retrieved from the
+ // last user ONC policy update.
+ // This getter must be used on UI, and the provider must be used on IO. It
Greg Spencer (Chromium) 2013/04/01 16:03:42 "on UI" --> "on the UI thread" (same with IO)
Joao da Silva 2013/04/03 15:24:39 Done.
+ // is only valid as long as the NetworkConfigurationUpdater is valid; the
+ // NetworkConfigurationUpdater outlives all the profiles, and deletes the
+ // provider on the IO thread.
+ net::CertTrustAnchorProvider* GetCertTrustAnchorProvider();
private:
// Callback that's called by |policy_service_| if the respective ONC policy
@@ -76,11 +91,15 @@ class NetworkConfigurationUpdater
bool user_policy_initialized_;
// Whether Web trust is allowed or not.
- bool allow_web_trust_;
+ bool allow_trusted_certificates_from_policy_;
// The policy service storing the ONC policies.
PolicyService* policy_service_;
+ // An implementation of CertTrustAnchorProvider. Owned by the updater, but
+ // lives on the IO thread.
+ net::CertTrustAnchorProvider* cert_trust_provider_;
+
DISALLOW_COPY_AND_ASSIGN(NetworkConfigurationUpdater);
};
« no previous file with comments | « chrome/browser/chromeos/cros/network_library_unittest.cc ('k') | chrome/browser/chromeos/policy/network_configuration_updater.cc » ('j') | chrome/browser/chromeos/policy/policy_cert_verifier.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698