Index: chrome/browser/chromeos/policy/network_configuration_updater.h |
diff --git a/chrome/browser/chromeos/policy/network_configuration_updater.h b/chrome/browser/chromeos/policy/network_configuration_updater.h |
index 70634255bafe406d005ae718c46f1c476d79dd48..68098404f3eb1ed48e28cfb6e1dca11b1f944b56 100644 |
--- a/chrome/browser/chromeos/policy/network_configuration_updater.h |
+++ b/chrome/browser/chromeos/policy/network_configuration_updater.h |
@@ -6,6 +6,8 @@ |
#define CHROME_BROWSER_CHROMEOS_POLICY_NETWORK_CONFIGURATION_UPDATER_H_ |
#include "base/basictypes.h" |
+#include "base/memory/scoped_ptr.h" |
+#include "net/cert/x509_certificate.h" |
namespace net { |
class CertTrustAnchorProvider; |
@@ -18,21 +20,20 @@ namespace policy { |
// to Shill. |
class NetworkConfigurationUpdater { |
public: |
- NetworkConfigurationUpdater() {} |
- virtual ~NetworkConfigurationUpdater() {} |
+ NetworkConfigurationUpdater(); |
+ virtual ~NetworkConfigurationUpdater(); |
// Notifies this updater that the user policy is initialized. Before this |
// function is called, the user policy is not applied. This function may |
// trigger immediate policy applications. |
virtual void OnUserPolicyInitialized() = 0; |
- // TODO(pneubeck): Extract the following two certificate related functions |
- // into a separate CertificateUpdater. |
- |
// Web trust isn't given to certificates imported from ONC by default. Setting |
// |allow| to true allows giving Web trust to the certificates that |
// request it. |
- virtual void set_allow_trusted_certificates_from_policy(bool allow) = 0; |
+ void set_allow_trusted_certificates_from_policy(bool allow) { |
+ allow_trusted_certificates_from_policy_ = allow; |
+ } |
// Returns a CertTrustAnchorProvider that provides the list of server and |
// CA certificates with the Web trust flag set that were retrieved from the |
@@ -41,9 +42,19 @@ class NetworkConfigurationUpdater { |
// on the IO thread. It is only valid as long as the |
// NetworkConfigurationUpdater is valid; the NetworkConfigurationUpdater |
// outlives all the profiles, and deletes the provider on the IO thread. |
- virtual net::CertTrustAnchorProvider* GetCertTrustAnchorProvider() = 0; |
+ net::CertTrustAnchorProvider* GetCertTrustAnchorProvider(); |
+ |
+ protected: |
+ void SetTrustAnchors(scoped_ptr<net::CertificateList> web_trust_certs); |
private: |
+ // Whether Web trust is allowed or not. |
+ bool allow_trusted_certificates_from_policy_; |
+ |
+ // An implementation of CertTrustAnchorProvider. Owned by this class, but |
+ // runs and is deleted on the IO thread. |
+ net::CertTrustAnchorProvider* cert_trust_provider_; |
+ |
DISALLOW_COPY_AND_ASSIGN(NetworkConfigurationUpdater); |
}; |