| Index: chrome/browser/chromeos/policy/network_configuration_updater.h
|
| diff --git a/chrome/browser/chromeos/policy/network_configuration_updater.h b/chrome/browser/chromeos/policy/network_configuration_updater.h
|
| index 70634255bafe406d005ae718c46f1c476d79dd48..68098404f3eb1ed48e28cfb6e1dca11b1f944b56 100644
|
| --- a/chrome/browser/chromeos/policy/network_configuration_updater.h
|
| +++ b/chrome/browser/chromeos/policy/network_configuration_updater.h
|
| @@ -6,6 +6,8 @@
|
| #define CHROME_BROWSER_CHROMEOS_POLICY_NETWORK_CONFIGURATION_UPDATER_H_
|
|
|
| #include "base/basictypes.h"
|
| +#include "base/memory/scoped_ptr.h"
|
| +#include "net/cert/x509_certificate.h"
|
|
|
| namespace net {
|
| class CertTrustAnchorProvider;
|
| @@ -18,21 +20,20 @@ namespace policy {
|
| // to Shill.
|
| class NetworkConfigurationUpdater {
|
| public:
|
| - NetworkConfigurationUpdater() {}
|
| - virtual ~NetworkConfigurationUpdater() {}
|
| + NetworkConfigurationUpdater();
|
| + virtual ~NetworkConfigurationUpdater();
|
|
|
| // Notifies this updater that the user policy is initialized. Before this
|
| // function is called, the user policy is not applied. This function may
|
| // trigger immediate policy applications.
|
| virtual void OnUserPolicyInitialized() = 0;
|
|
|
| - // TODO(pneubeck): Extract the following two certificate related functions
|
| - // into a separate CertificateUpdater.
|
| -
|
| // Web trust isn't given to certificates imported from ONC by default. Setting
|
| // |allow| to true allows giving Web trust to the certificates that
|
| // request it.
|
| - virtual void set_allow_trusted_certificates_from_policy(bool allow) = 0;
|
| + void set_allow_trusted_certificates_from_policy(bool allow) {
|
| + allow_trusted_certificates_from_policy_ = allow;
|
| + }
|
|
|
| // Returns a CertTrustAnchorProvider that provides the list of server and
|
| // CA certificates with the Web trust flag set that were retrieved from the
|
| @@ -41,9 +42,19 @@ class NetworkConfigurationUpdater {
|
| // on the IO thread. It is only valid as long as the
|
| // NetworkConfigurationUpdater is valid; the NetworkConfigurationUpdater
|
| // outlives all the profiles, and deletes the provider on the IO thread.
|
| - virtual net::CertTrustAnchorProvider* GetCertTrustAnchorProvider() = 0;
|
| + net::CertTrustAnchorProvider* GetCertTrustAnchorProvider();
|
| +
|
| + protected:
|
| + void SetTrustAnchors(scoped_ptr<net::CertificateList> web_trust_certs);
|
|
|
| private:
|
| + // Whether Web trust is allowed or not.
|
| + bool allow_trusted_certificates_from_policy_;
|
| +
|
| + // An implementation of CertTrustAnchorProvider. Owned by this class, but
|
| + // runs and is deleted on the IO thread.
|
| + net::CertTrustAnchorProvider* cert_trust_provider_;
|
| +
|
| DISALLOW_COPY_AND_ASSIGN(NetworkConfigurationUpdater);
|
| };
|
|
|
|
|
Chromium Code Reviews
Issue 14192017:
Extract certificate policy application from NetworkLibrary. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src