Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(753)

Unified Diff: chrome/browser/chromeos/policy/network_configuration_updater.cc

Issue 14192017: Extract certificate policy application from NetworkLibrary. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Rebased. Created 7 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: chrome/browser/chromeos/policy/network_configuration_updater.cc
diff --git a/chrome/browser/chromeos/policy/network_configuration_updater.cc b/chrome/browser/chromeos/policy/network_configuration_updater.cc
index 057a0c2494b8fa74c183078a9f9faa529ca0ea31..ab39944ce06714241abc7ece2afaccbbf7eba57f 100644
--- a/chrome/browser/chromeos/policy/network_configuration_updater.cc
+++ b/chrome/browser/chromeos/policy/network_configuration_updater.cc
@@ -3,13 +3,74 @@
// found in the LICENSE file.
#include "chrome/browser/chromeos/policy/network_configuration_updater.h"
+#include "chromeos/network/onc/onc_constants.h"
+#include "content/public/browser/browser_thread.h"
+#include "net/cert/cert_trust_anchor_provider.h"
+
+using content::BrowserThread;
namespace policy {
-NetworkConfigurationUpdater::NetworkConfigurationUpdater() {
+namespace {
+
+// A simple implementation of net::CertTrustAnchorProvider that returns a list
+// of certificates that can be set by the owner of this object.
+class CrosTrustAnchorProvider : public net::CertTrustAnchorProvider {
+ public:
+ CrosTrustAnchorProvider()
+ : trust_anchors_(new net::CertificateList) {
+ }
+
+ virtual ~CrosTrustAnchorProvider() {
+ }
+
+ // CertTrustAnchorProvider overrides.
+ virtual const net::CertificateList& GetAdditionalTrustAnchors() OVERRIDE {
+ DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
+ return *trust_anchors_;
+ }
+
+ void SetTrustAnchors(scoped_ptr<net::CertificateList> trust_anchors) {
+ DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
+ trust_anchors_ = trust_anchors.Pass();
+ }
+
+ private:
+ scoped_ptr<net::CertificateList> trust_anchors_;
+
+ DISALLOW_COPY_AND_ASSIGN(CrosTrustAnchorProvider);
+};
+
+} // namespace
+
+NetworkConfigurationUpdater::NetworkConfigurationUpdater()
+ : allow_trusted_certificates_from_policy_(false),
+ cert_trust_provider_(new CrosTrustAnchorProvider()) {
}
NetworkConfigurationUpdater::~NetworkConfigurationUpdater() {
+ bool posted = BrowserThread::DeleteSoon(
+ BrowserThread::IO, FROM_HERE, cert_trust_provider_);
+ if (!posted)
+ delete cert_trust_provider_;
+}
+
+net::CertTrustAnchorProvider*
+NetworkConfigurationUpdater::GetCertTrustAnchorProvider() {
+ DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
+ return cert_trust_provider_;
+}
+
+void NetworkConfigurationUpdater::SetTrustAnchors(
+ scoped_ptr<net::CertificateList> web_trust_certs) {
+ if (allow_trusted_certificates_from_policy_) {
+ BrowserThread::PostTask(
+ BrowserThread::IO, FROM_HERE,
+ base::Bind(&CrosTrustAnchorProvider::SetTrustAnchors,
+ base::Unretained(static_cast<CrosTrustAnchorProvider*>(
+ cert_trust_provider_)),
+ base::Passed(&web_trust_certs)));
+ }
}
} // namespace policy

Powered by Google App Engine
This is Rietveld 408576698