| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 #include "components/ssl_config/ssl_config_service_manager.h" | 4 #include "components/ssl_config/ssl_config_service_manager.h" |
| 5 | 5 |
| 6 #include <stdint.h> | 6 #include <stdint.h> |
| 7 | 7 |
| 8 #include <algorithm> | 8 #include <algorithm> |
| 9 #include <string> | 9 #include <string> |
| 10 #include <vector> | 10 #include <vector> |
| (...skipping 150 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 161 void OnDisabledCipherSuitesChange(PrefService* local_state); | 161 void OnDisabledCipherSuitesChange(PrefService* local_state); |
| 162 | 162 |
| 163 PrefChangeRegistrar local_state_change_registrar_; | 163 PrefChangeRegistrar local_state_change_registrar_; |
| 164 | 164 |
| 165 // The local_state prefs (should only be accessed from UI thread) | 165 // The local_state prefs (should only be accessed from UI thread) |
| 166 BooleanPrefMember rev_checking_enabled_; | 166 BooleanPrefMember rev_checking_enabled_; |
| 167 BooleanPrefMember rev_checking_required_local_anchors_; | 167 BooleanPrefMember rev_checking_required_local_anchors_; |
| 168 StringPrefMember ssl_version_min_; | 168 StringPrefMember ssl_version_min_; |
| 169 StringPrefMember ssl_version_max_; | 169 StringPrefMember ssl_version_max_; |
| 170 StringPrefMember ssl_version_fallback_min_; | 170 StringPrefMember ssl_version_fallback_min_; |
| 171 BooleanPrefMember rc4_enabled_; | |
| 172 | 171 |
| 173 // The cached list of disabled SSL cipher suites. | 172 // The cached list of disabled SSL cipher suites. |
| 174 std::vector<uint16_t> disabled_cipher_suites_; | 173 std::vector<uint16_t> disabled_cipher_suites_; |
| 175 | 174 |
| 176 scoped_refptr<SSLConfigServicePref> ssl_config_service_; | 175 scoped_refptr<SSLConfigServicePref> ssl_config_service_; |
| 177 | 176 |
| 178 scoped_refptr<base::SingleThreadTaskRunner> io_task_runner_; | 177 scoped_refptr<base::SingleThreadTaskRunner> io_task_runner_; |
| 179 | 178 |
| 180 DISALLOW_COPY_AND_ASSIGN(SSLConfigServiceManagerPref); | 179 DISALLOW_COPY_AND_ASSIGN(SSLConfigServiceManagerPref); |
| 181 }; | 180 }; |
| (...skipping 13 matching lines...) Expand all Loading... |
| 195 local_state, local_state_callback); | 194 local_state, local_state_callback); |
| 196 rev_checking_required_local_anchors_.Init( | 195 rev_checking_required_local_anchors_.Init( |
| 197 ssl_config::prefs::kCertRevocationCheckingRequiredLocalAnchors, | 196 ssl_config::prefs::kCertRevocationCheckingRequiredLocalAnchors, |
| 198 local_state, local_state_callback); | 197 local_state, local_state_callback); |
| 199 ssl_version_min_.Init(ssl_config::prefs::kSSLVersionMin, local_state, | 198 ssl_version_min_.Init(ssl_config::prefs::kSSLVersionMin, local_state, |
| 200 local_state_callback); | 199 local_state_callback); |
| 201 ssl_version_max_.Init(ssl_config::prefs::kSSLVersionMax, local_state, | 200 ssl_version_max_.Init(ssl_config::prefs::kSSLVersionMax, local_state, |
| 202 local_state_callback); | 201 local_state_callback); |
| 203 ssl_version_fallback_min_.Init(ssl_config::prefs::kSSLVersionFallbackMin, | 202 ssl_version_fallback_min_.Init(ssl_config::prefs::kSSLVersionFallbackMin, |
| 204 local_state, local_state_callback); | 203 local_state, local_state_callback); |
| 205 rc4_enabled_.Init(ssl_config::prefs::kRC4Enabled, local_state, | |
| 206 local_state_callback); | |
| 207 | 204 |
| 208 local_state_change_registrar_.Init(local_state); | 205 local_state_change_registrar_.Init(local_state); |
| 209 local_state_change_registrar_.Add(ssl_config::prefs::kCipherSuiteBlacklist, | 206 local_state_change_registrar_.Add(ssl_config::prefs::kCipherSuiteBlacklist, |
| 210 local_state_callback); | 207 local_state_callback); |
| 211 | 208 |
| 212 OnDisabledCipherSuitesChange(local_state); | 209 OnDisabledCipherSuitesChange(local_state); |
| 213 | 210 |
| 214 // Initialize from UI thread. This is okay as there shouldn't be anything on | 211 // Initialize from UI thread. This is okay as there shouldn't be anything on |
| 215 // the IO thread trying to access it yet. | 212 // the IO thread trying to access it yet. |
| 216 GetSSLConfigFromPrefs(&ssl_config_service_->cached_config_); | 213 GetSSLConfigFromPrefs(&ssl_config_service_->cached_config_); |
| 217 } | 214 } |
| 218 | 215 |
| 219 // static | 216 // static |
| 220 void SSLConfigServiceManagerPref::RegisterPrefs(PrefRegistrySimple* registry) { | 217 void SSLConfigServiceManagerPref::RegisterPrefs(PrefRegistrySimple* registry) { |
| 221 net::SSLConfig default_config; | 218 net::SSLConfig default_config; |
| 222 registry->RegisterBooleanPref( | 219 registry->RegisterBooleanPref( |
| 223 ssl_config::prefs::kCertRevocationCheckingEnabled, | 220 ssl_config::prefs::kCertRevocationCheckingEnabled, |
| 224 default_config.rev_checking_enabled); | 221 default_config.rev_checking_enabled); |
| 225 registry->RegisterBooleanPref( | 222 registry->RegisterBooleanPref( |
| 226 ssl_config::prefs::kCertRevocationCheckingRequiredLocalAnchors, | 223 ssl_config::prefs::kCertRevocationCheckingRequiredLocalAnchors, |
| 227 default_config.rev_checking_required_local_anchors); | 224 default_config.rev_checking_required_local_anchors); |
| 228 registry->RegisterStringPref(ssl_config::prefs::kSSLVersionMin, | 225 registry->RegisterStringPref(ssl_config::prefs::kSSLVersionMin, |
| 229 std::string()); | 226 std::string()); |
| 230 registry->RegisterStringPref(ssl_config::prefs::kSSLVersionMax, | 227 registry->RegisterStringPref(ssl_config::prefs::kSSLVersionMax, |
| 231 std::string()); | 228 std::string()); |
| 232 registry->RegisterStringPref(ssl_config::prefs::kSSLVersionFallbackMin, | 229 registry->RegisterStringPref(ssl_config::prefs::kSSLVersionFallbackMin, |
| 233 std::string()); | 230 std::string()); |
| 234 registry->RegisterListPref(ssl_config::prefs::kCipherSuiteBlacklist); | 231 registry->RegisterListPref(ssl_config::prefs::kCipherSuiteBlacklist); |
| 235 registry->RegisterBooleanPref(ssl_config::prefs::kRC4Enabled, | |
| 236 default_config.rc4_enabled); | |
| 237 } | 232 } |
| 238 | 233 |
| 239 net::SSLConfigService* SSLConfigServiceManagerPref::Get() { | 234 net::SSLConfigService* SSLConfigServiceManagerPref::Get() { |
| 240 return ssl_config_service_.get(); | 235 return ssl_config_service_.get(); |
| 241 } | 236 } |
| 242 | 237 |
| 243 void SSLConfigServiceManagerPref::OnPreferenceChanged( | 238 void SSLConfigServiceManagerPref::OnPreferenceChanged( |
| 244 PrefService* prefs, | 239 PrefService* prefs, |
| 245 const std::string& pref_name_in) { | 240 const std::string& pref_name_in) { |
| 246 DCHECK(prefs); | 241 DCHECK(prefs); |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 283 if (version_max) { | 278 if (version_max) { |
| 284 uint16_t supported_version_max = config->version_max; | 279 uint16_t supported_version_max = config->version_max; |
| 285 config->version_max = std::min(supported_version_max, version_max); | 280 config->version_max = std::min(supported_version_max, version_max); |
| 286 } | 281 } |
| 287 // Values below TLS 1.1 are invalid. | 282 // Values below TLS 1.1 are invalid. |
| 288 if (version_fallback_min && | 283 if (version_fallback_min && |
| 289 version_fallback_min >= net::SSL_PROTOCOL_VERSION_TLS1_1) { | 284 version_fallback_min >= net::SSL_PROTOCOL_VERSION_TLS1_1) { |
| 290 config->version_fallback_min = version_fallback_min; | 285 config->version_fallback_min = version_fallback_min; |
| 291 } | 286 } |
| 292 config->disabled_cipher_suites = disabled_cipher_suites_; | 287 config->disabled_cipher_suites = disabled_cipher_suites_; |
| 293 config->rc4_enabled = rc4_enabled_.GetValue(); | |
| 294 } | 288 } |
| 295 | 289 |
| 296 void SSLConfigServiceManagerPref::OnDisabledCipherSuitesChange( | 290 void SSLConfigServiceManagerPref::OnDisabledCipherSuitesChange( |
| 297 PrefService* local_state) { | 291 PrefService* local_state) { |
| 298 const base::ListValue* value = | 292 const base::ListValue* value = |
| 299 local_state->GetList(ssl_config::prefs::kCipherSuiteBlacklist); | 293 local_state->GetList(ssl_config::prefs::kCipherSuiteBlacklist); |
| 300 disabled_cipher_suites_ = ParseCipherSuites(ListValueToStringVector(value)); | 294 disabled_cipher_suites_ = ParseCipherSuites(ListValueToStringVector(value)); |
| 301 } | 295 } |
| 302 | 296 |
| 303 //////////////////////////////////////////////////////////////////////////////// | 297 //////////////////////////////////////////////////////////////////////////////// |
| 304 // SSLConfigServiceManager | 298 // SSLConfigServiceManager |
| 305 | 299 |
| 306 namespace ssl_config { | 300 namespace ssl_config { |
| 307 // static | 301 // static |
| 308 SSLConfigServiceManager* SSLConfigServiceManager::CreateDefaultManager( | 302 SSLConfigServiceManager* SSLConfigServiceManager::CreateDefaultManager( |
| 309 PrefService* local_state, | 303 PrefService* local_state, |
| 310 const scoped_refptr<base::SingleThreadTaskRunner>& io_task_runner) { | 304 const scoped_refptr<base::SingleThreadTaskRunner>& io_task_runner) { |
| 311 return new SSLConfigServiceManagerPref(local_state, io_task_runner); | 305 return new SSLConfigServiceManagerPref(local_state, io_task_runner); |
| 312 } | 306 } |
| 313 | 307 |
| 314 // static | 308 // static |
| 315 void SSLConfigServiceManager::RegisterPrefs(PrefRegistrySimple* registry) { | 309 void SSLConfigServiceManager::RegisterPrefs(PrefRegistrySimple* registry) { |
| 316 SSLConfigServiceManagerPref::RegisterPrefs(registry); | 310 SSLConfigServiceManagerPref::RegisterPrefs(registry); |
| 317 } | 311 } |
| 318 } // namespace ssl_config | 312 } // namespace ssl_config |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2030263002:
Remove the last vestiges of RC4. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master