OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/chromeos/policy/policy_cert_service.h" | 5 #include "chrome/browser/chromeos/policy/policy_cert_service.h" |
6 | 6 |
7 #include "base/bind.h" | 7 #include "base/bind.h" |
8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/memory/ptr_util.h" |
10 #include "chrome/browser/chromeos/policy/policy_cert_service_factory.h" | 11 #include "chrome/browser/chromeos/policy/policy_cert_service_factory.h" |
11 #include "chrome/browser/chromeos/policy/policy_cert_verifier.h" | 12 #include "chrome/browser/chromeos/policy/policy_cert_verifier.h" |
12 #include "components/user_manager/user_manager.h" | 13 #include "components/user_manager/user_manager.h" |
13 #include "content/public/browser/browser_thread.h" | 14 #include "content/public/browser/browser_thread.h" |
14 #include "net/cert/x509_certificate.h" | 15 #include "net/cert/x509_certificate.h" |
15 | 16 |
16 namespace policy { | 17 namespace policy { |
17 | 18 |
18 PolicyCertService::~PolicyCertService() { | 19 PolicyCertService::~PolicyCertService() { |
19 DCHECK(cert_verifier_) | 20 DCHECK(cert_verifier_) |
(...skipping 18 matching lines...) Expand all Loading... |
38 PolicyCertVerifier* verifier, | 39 PolicyCertVerifier* verifier, |
39 user_manager::UserManager* user_manager) | 40 user_manager::UserManager* user_manager) |
40 : cert_verifier_(verifier), | 41 : cert_verifier_(verifier), |
41 user_id_(user_id), | 42 user_id_(user_id), |
42 net_conf_updater_(NULL), | 43 net_conf_updater_(NULL), |
43 user_manager_(user_manager), | 44 user_manager_(user_manager), |
44 has_trust_anchors_(false), | 45 has_trust_anchors_(false), |
45 weak_ptr_factory_(this) { | 46 weak_ptr_factory_(this) { |
46 } | 47 } |
47 | 48 |
48 scoped_ptr<PolicyCertVerifier> PolicyCertService::CreatePolicyCertVerifier() { | 49 std::unique_ptr<PolicyCertVerifier> |
| 50 PolicyCertService::CreatePolicyCertVerifier() { |
49 base::Closure callback = base::Bind( | 51 base::Closure callback = base::Bind( |
50 &PolicyCertServiceFactory::SetUsedPolicyCertificates, user_id_); | 52 &PolicyCertServiceFactory::SetUsedPolicyCertificates, user_id_); |
51 cert_verifier_ = new PolicyCertVerifier( | 53 cert_verifier_ = new PolicyCertVerifier( |
52 base::Bind(base::IgnoreResult(&content::BrowserThread::PostTask), | 54 base::Bind(base::IgnoreResult(&content::BrowserThread::PostTask), |
53 content::BrowserThread::UI, | 55 content::BrowserThread::UI, |
54 FROM_HERE, | 56 FROM_HERE, |
55 callback)); | 57 callback)); |
56 // Certs are forwarded to |cert_verifier_|, thus register here after | 58 // Certs are forwarded to |cert_verifier_|, thus register here after |
57 // |cert_verifier_| is created. | 59 // |cert_verifier_| is created. |
58 net_conf_updater_->AddTrustedCertsObserver(this); | 60 net_conf_updater_->AddTrustedCertsObserver(this); |
59 | 61 |
60 // Set the current list of trust anchors. | 62 // Set the current list of trust anchors. |
61 net::CertificateList trust_anchors; | 63 net::CertificateList trust_anchors; |
62 net_conf_updater_->GetWebTrustedCertificates(&trust_anchors); | 64 net_conf_updater_->GetWebTrustedCertificates(&trust_anchors); |
63 OnTrustAnchorsChanged(trust_anchors); | 65 OnTrustAnchorsChanged(trust_anchors); |
64 | 66 |
65 return make_scoped_ptr(cert_verifier_); | 67 return base::WrapUnique(cert_verifier_); |
66 } | 68 } |
67 | 69 |
68 void PolicyCertService::OnTrustAnchorsChanged( | 70 void PolicyCertService::OnTrustAnchorsChanged( |
69 const net::CertificateList& trust_anchors) { | 71 const net::CertificateList& trust_anchors) { |
70 DCHECK(cert_verifier_); | 72 DCHECK(cert_verifier_); |
71 | 73 |
72 // Do not use certificates installed via ONC policy if the current session has | 74 // Do not use certificates installed via ONC policy if the current session has |
73 // multiple profiles. This is important to make sure that any possibly tainted | 75 // multiple profiles. This is important to make sure that any possibly tainted |
74 // data is absolutely confined to the managed profile and never, ever leaks to | 76 // data is absolutely confined to the managed profile and never, ever leaks to |
75 // any other profile. | 77 // any other profile. |
(...skipping 24 matching lines...) Expand all Loading... |
100 | 102 |
101 void PolicyCertService::Shutdown() { | 103 void PolicyCertService::Shutdown() { |
102 weak_ptr_factory_.InvalidateWeakPtrs(); | 104 weak_ptr_factory_.InvalidateWeakPtrs(); |
103 if (net_conf_updater_) | 105 if (net_conf_updater_) |
104 net_conf_updater_->RemoveTrustedCertsObserver(this); | 106 net_conf_updater_->RemoveTrustedCertsObserver(this); |
105 OnTrustAnchorsChanged(net::CertificateList()); | 107 OnTrustAnchorsChanged(net::CertificateList()); |
106 net_conf_updater_ = NULL; | 108 net_conf_updater_ = NULL; |
107 } | 109 } |
108 | 110 |
109 // static | 111 // static |
110 scoped_ptr<PolicyCertService> PolicyCertService::CreateForTesting( | 112 std::unique_ptr<PolicyCertService> PolicyCertService::CreateForTesting( |
111 const std::string& user_id, | 113 const std::string& user_id, |
112 PolicyCertVerifier* verifier, | 114 PolicyCertVerifier* verifier, |
113 user_manager::UserManager* user_manager) { | 115 user_manager::UserManager* user_manager) { |
114 return make_scoped_ptr( | 116 return base::WrapUnique( |
115 new PolicyCertService(user_id, verifier, user_manager)); | 117 new PolicyCertService(user_id, verifier, user_manager)); |
116 } | 118 } |
117 | 119 |
118 } // namespace policy | 120 } // namespace policy |
OLD | NEW |