| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 #include "chrome/browser/net/ssl_config_service_manager.h" | 4 #include "chrome/browser/net/ssl_config_service_manager.h" |
| 5 | 5 |
| 6 #include <algorithm> | 6 #include <algorithm> |
| 7 #include <string> | 7 #include <string> |
| 8 #include <vector> | 8 #include <vector> |
| 9 | 9 |
| 10 #include "base/basictypes.h" | 10 #include "base/basictypes.h" |
| (...skipping 158 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 169 | 169 |
| 170 PrefChangeRegistrar local_state_change_registrar_; | 170 PrefChangeRegistrar local_state_change_registrar_; |
| 171 | 171 |
| 172 // The local_state prefs (should only be accessed from UI thread) | 172 // The local_state prefs (should only be accessed from UI thread) |
| 173 BooleanPrefMember rev_checking_enabled_; | 173 BooleanPrefMember rev_checking_enabled_; |
| 174 BooleanPrefMember rev_checking_required_local_anchors_; | 174 BooleanPrefMember rev_checking_required_local_anchors_; |
| 175 StringPrefMember ssl_version_min_; | 175 StringPrefMember ssl_version_min_; |
| 176 StringPrefMember ssl_version_max_; | 176 StringPrefMember ssl_version_max_; |
| 177 BooleanPrefMember channel_id_enabled_; | 177 BooleanPrefMember channel_id_enabled_; |
| 178 BooleanPrefMember ssl_record_splitting_disabled_; | 178 BooleanPrefMember ssl_record_splitting_disabled_; |
| 179 BooleanPrefMember unrestricted_ssl3_fallback_enabled_; | |
| 180 | 179 |
| 181 // The cached list of disabled SSL cipher suites. | 180 // The cached list of disabled SSL cipher suites. |
| 182 std::vector<uint16> disabled_cipher_suites_; | 181 std::vector<uint16> disabled_cipher_suites_; |
| 183 | 182 |
| 184 scoped_refptr<SSLConfigServicePref> ssl_config_service_; | 183 scoped_refptr<SSLConfigServicePref> ssl_config_service_; |
| 185 | 184 |
| 186 DISALLOW_COPY_AND_ASSIGN(SSLConfigServiceManagerPref); | 185 DISALLOW_COPY_AND_ASSIGN(SSLConfigServiceManagerPref); |
| 187 }; | 186 }; |
| 188 | 187 |
| 189 SSLConfigServiceManagerPref::SSLConfigServiceManagerPref( | 188 SSLConfigServiceManagerPref::SSLConfigServiceManagerPref( |
| (...skipping 13 matching lines...) Expand all Loading... |
| 203 local_state, | 202 local_state, |
| 204 local_state_callback); | 203 local_state_callback); |
| 205 ssl_version_min_.Init( | 204 ssl_version_min_.Init( |
| 206 prefs::kSSLVersionMin, local_state, local_state_callback); | 205 prefs::kSSLVersionMin, local_state, local_state_callback); |
| 207 ssl_version_max_.Init( | 206 ssl_version_max_.Init( |
| 208 prefs::kSSLVersionMax, local_state, local_state_callback); | 207 prefs::kSSLVersionMax, local_state, local_state_callback); |
| 209 channel_id_enabled_.Init( | 208 channel_id_enabled_.Init( |
| 210 prefs::kEnableOriginBoundCerts, local_state, local_state_callback); | 209 prefs::kEnableOriginBoundCerts, local_state, local_state_callback); |
| 211 ssl_record_splitting_disabled_.Init( | 210 ssl_record_splitting_disabled_.Init( |
| 212 prefs::kDisableSSLRecordSplitting, local_state, local_state_callback); | 211 prefs::kDisableSSLRecordSplitting, local_state, local_state_callback); |
| 213 unrestricted_ssl3_fallback_enabled_.Init( | |
| 214 prefs::kEnableUnrestrictedSSL3Fallback, | |
| 215 local_state, | |
| 216 local_state_callback); | |
| 217 | 212 |
| 218 local_state_change_registrar_.Init(local_state); | 213 local_state_change_registrar_.Init(local_state); |
| 219 local_state_change_registrar_.Add( | 214 local_state_change_registrar_.Add( |
| 220 prefs::kCipherSuiteBlacklist, local_state_callback); | 215 prefs::kCipherSuiteBlacklist, local_state_callback); |
| 221 | 216 |
| 222 OnDisabledCipherSuitesChange(local_state); | 217 OnDisabledCipherSuitesChange(local_state); |
| 223 | 218 |
| 224 // Initialize from UI thread. This is okay as there shouldn't be anything on | 219 // Initialize from UI thread. This is okay as there shouldn't be anything on |
| 225 // the IO thread trying to access it yet. | 220 // the IO thread trying to access it yet. |
| 226 GetSSLConfigFromPrefs(&ssl_config_service_->cached_config_); | 221 GetSSLConfigFromPrefs(&ssl_config_service_->cached_config_); |
| (...skipping 10 matching lines...) Expand all Loading... |
| 237 std::string version_min_str = | 232 std::string version_min_str = |
| 238 SSLProtocolVersionToString(default_config.version_min); | 233 SSLProtocolVersionToString(default_config.version_min); |
| 239 std::string version_max_str = | 234 std::string version_max_str = |
| 240 SSLProtocolVersionToString(default_config.version_max); | 235 SSLProtocolVersionToString(default_config.version_max); |
| 241 registry->RegisterStringPref(prefs::kSSLVersionMin, version_min_str); | 236 registry->RegisterStringPref(prefs::kSSLVersionMin, version_min_str); |
| 242 registry->RegisterStringPref(prefs::kSSLVersionMax, version_max_str); | 237 registry->RegisterStringPref(prefs::kSSLVersionMax, version_max_str); |
| 243 registry->RegisterBooleanPref(prefs::kEnableOriginBoundCerts, | 238 registry->RegisterBooleanPref(prefs::kEnableOriginBoundCerts, |
| 244 default_config.channel_id_enabled); | 239 default_config.channel_id_enabled); |
| 245 registry->RegisterBooleanPref(prefs::kDisableSSLRecordSplitting, | 240 registry->RegisterBooleanPref(prefs::kDisableSSLRecordSplitting, |
| 246 !default_config.false_start_enabled); | 241 !default_config.false_start_enabled); |
| 247 registry->RegisterBooleanPref(prefs::kEnableUnrestrictedSSL3Fallback, | |
| 248 default_config.unrestricted_ssl3_fallback_enabled); | |
| 249 registry->RegisterListPref(prefs::kCipherSuiteBlacklist); | 242 registry->RegisterListPref(prefs::kCipherSuiteBlacklist); |
| 250 } | 243 } |
| 251 | 244 |
| 252 net::SSLConfigService* SSLConfigServiceManagerPref::Get() { | 245 net::SSLConfigService* SSLConfigServiceManagerPref::Get() { |
| 253 return ssl_config_service_.get(); | 246 return ssl_config_service_.get(); |
| 254 } | 247 } |
| 255 | 248 |
| 256 void SSLConfigServiceManagerPref::OnPreferenceChanged( | 249 void SSLConfigServiceManagerPref::OnPreferenceChanged( |
| 257 PrefService* prefs, | 250 PrefService* prefs, |
| 258 const std::string& pref_name_in) { | 251 const std::string& pref_name_in) { |
| (...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 297 if (version_max) { | 290 if (version_max) { |
| 298 // TODO(wtc): get the maximum SSL protocol version supported by the | 291 // TODO(wtc): get the maximum SSL protocol version supported by the |
| 299 // SSLClientSocket class. | 292 // SSLClientSocket class. |
| 300 uint16 supported_version_max = config->version_max; | 293 uint16 supported_version_max = config->version_max; |
| 301 config->version_max = std::min(supported_version_max, version_max); | 294 config->version_max = std::min(supported_version_max, version_max); |
| 302 } | 295 } |
| 303 config->disabled_cipher_suites = disabled_cipher_suites_; | 296 config->disabled_cipher_suites = disabled_cipher_suites_; |
| 304 config->channel_id_enabled = channel_id_enabled_.GetValue(); | 297 config->channel_id_enabled = channel_id_enabled_.GetValue(); |
| 305 // disabling False Start also happens to disable record splitting. | 298 // disabling False Start also happens to disable record splitting. |
| 306 config->false_start_enabled = !ssl_record_splitting_disabled_.GetValue(); | 299 config->false_start_enabled = !ssl_record_splitting_disabled_.GetValue(); |
| 307 config->unrestricted_ssl3_fallback_enabled = | |
| 308 unrestricted_ssl3_fallback_enabled_.GetValue(); | |
| 309 } | 300 } |
| 310 | 301 |
| 311 void SSLConfigServiceManagerPref::OnDisabledCipherSuitesChange( | 302 void SSLConfigServiceManagerPref::OnDisabledCipherSuitesChange( |
| 312 PrefService* local_state) { | 303 PrefService* local_state) { |
| 313 const base::ListValue* value = | 304 const base::ListValue* value = |
| 314 local_state->GetList(prefs::kCipherSuiteBlacklist); | 305 local_state->GetList(prefs::kCipherSuiteBlacklist); |
| 315 disabled_cipher_suites_ = ParseCipherSuites(ListValueToStringVector(value)); | 306 disabled_cipher_suites_ = ParseCipherSuites(ListValueToStringVector(value)); |
| 316 } | 307 } |
| 317 | 308 |
| 318 //////////////////////////////////////////////////////////////////////////////// | 309 //////////////////////////////////////////////////////////////////////////////// |
| 319 // SSLConfigServiceManager | 310 // SSLConfigServiceManager |
| 320 | 311 |
| 321 // static | 312 // static |
| 322 SSLConfigServiceManager* SSLConfigServiceManager::CreateDefaultManager( | 313 SSLConfigServiceManager* SSLConfigServiceManager::CreateDefaultManager( |
| 323 PrefService* local_state) { | 314 PrefService* local_state) { |
| 324 return new SSLConfigServiceManagerPref(local_state); | 315 return new SSLConfigServiceManagerPref(local_state); |
| 325 } | 316 } |
| 326 | 317 |
| 327 // static | 318 // static |
| 328 void SSLConfigServiceManager::RegisterPrefs(PrefRegistrySimple* registry) { | 319 void SSLConfigServiceManager::RegisterPrefs(PrefRegistrySimple* registry) { |
| 329 SSLConfigServiceManagerPref::RegisterPrefs(registry); | 320 SSLConfigServiceManagerPref::RegisterPrefs(registry); |
| 330 } | 321 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 200693006:
Remove --enable-unrestricted-ssl3-fallback. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/