OLD | NEW |
---|---|
(Empty) | |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #ifndef COMPONENTS_CERTIFICATE_TRANSPARENCY_CT_POLICY_MANAGER_H_ | |
6 #define COMPONENTS_CERTIFICATE_TRANSPARENCY_CT_POLICY_MANAGER_H_ | |
7 | |
8 #include <memory> | |
9 | |
10 #include "base/macros.h" | |
11 #include "base/memory/ref_counted.h" | |
12 #include "base/memory/weak_ptr.h" | |
13 #include "components/prefs/pref_change_registrar.h" | |
14 #include "net/http/transport_security_state.h" | |
15 | |
16 namespace base { | |
17 class SequencedTaskRunner; | |
18 } // base | |
19 | |
20 class PrefRegistrySimple; | |
21 | |
22 namespace certificate_transparency { | |
23 | |
24 // CTPolicyManager serves as the bridge between the Certificate Transparency | |
25 // preferences (see pref_names.h) and the actual implementation, by exposing | |
26 // a TransportSecurityState::RequireCTDelegate that can be used to query for | |
27 // CT-related policies. | |
28 class CTPolicyManager { | |
29 public: | |
30 // Registers the preferences related to Certificate Transparency policy | |
31 // in the given pref registry. | |
32 static void RegisterPrefs(PrefRegistrySimple* registry); | |
33 | |
34 // Creates a CTPolicyManager that will monitor the preferences on | |
35 // |pref_service| and make them available to a RequireCTDelegate that | |
36 // can be used on |network_task_runner|. | |
37 // | |
38 // The CTPolicyManager should be constructed on the same task runner | |
39 // associated with the |pref_service|, but can be destructed on any | |
40 // task runner, provided that Shutdown() has been called. | |
41 CTPolicyManager(PrefService* pref_service, | |
42 scoped_refptr<base::SequencedTaskRunner> network_task_runner); | |
43 ~CTPolicyManager(); | |
44 | |
45 // Unregisters the CTPolicyManager from the preference subsystem. This | |
46 // should be called on the same task runner that the pref service | |
47 // it was constructed with lives on. | |
48 void Shutdown(); | |
49 | |
50 // Returns a RequireCTDelegate() that responds based on the policies set | |
eroman
2016/06/30 02:24:36
Why parens on RequiredCTDelegate() ?
| |
51 // via preferences. | |
52 // | |
53 // The order of priority of the preferences is that: | |
54 // - Specific hosts are preferred over those that match subdomains. | |
55 // - The most specific host is preferred. | |
56 // - Requiring CT is preferred over excluding CT | |
57 // | |
58 // This object MUST only be used on the network task runner supplied during | |
59 // construction, MAY be used after Shutdown() is called (at which point, | |
60 // it will reflect the last status before Shutdown() was called), and | |
61 // MUST NOT be used after this object has been deleted. | |
62 net::TransportSecurityState::RequireCTDelegate* GetDelegate(); | |
63 | |
64 private: | |
65 class CTDelegate; | |
66 | |
67 // Schedules an update of the CTPolicyDelegate. As it's possible that | |
68 // multiple preferences may be updated at the same time, this exists to | |
69 // schedule only a single update. | |
70 void ScheduleUpdate(); | |
71 | |
72 // Performs the actual update of the CTPolicyDelegate once preference | |
73 // changes have quiesced. | |
74 void Update(); | |
75 | |
76 PrefChangeRegistrar pref_change_registrar_; | |
77 std::unique_ptr<CTDelegate> delegate_; | |
78 | |
79 base::WeakPtrFactory<CTPolicyManager> weak_factory_; | |
80 | |
81 DISALLOW_COPY_AND_ASSIGN(CTPolicyManager); | |
82 }; | |
83 | |
84 } // namespace certificate_transparency | |
85 | |
86 #endif // COMPONENTS_CERTIFICATE_TRANSPARENCY_CT_POLICY_MANAGER_H_ | |
OLD | NEW |