OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 #include "components/ssl_config/ssl_config_service_manager.h" | 4 #include "components/ssl_config/ssl_config_service_manager.h" |
5 | 5 |
6 #include <stdint.h> | 6 #include <stdint.h> |
7 | 7 |
8 #include <algorithm> | 8 #include <algorithm> |
9 #include <string> | 9 #include <string> |
10 #include <vector> | 10 #include <vector> |
(...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
78 } else if (version_str == switches::kSSLVersionTLSv11) { | 78 } else if (version_str == switches::kSSLVersionTLSv11) { |
79 version = net::SSL_PROTOCOL_VERSION_TLS1_1; | 79 version = net::SSL_PROTOCOL_VERSION_TLS1_1; |
80 } else if (version_str == switches::kSSLVersionTLSv12) { | 80 } else if (version_str == switches::kSSLVersionTLSv12) { |
81 version = net::SSL_PROTOCOL_VERSION_TLS1_2; | 81 version = net::SSL_PROTOCOL_VERSION_TLS1_2; |
82 } else if (version_str == switches::kSSLVersionTLSv13) { | 82 } else if (version_str == switches::kSSLVersionTLSv13) { |
83 version = net::SSL_PROTOCOL_VERSION_TLS1_3; | 83 version = net::SSL_PROTOCOL_VERSION_TLS1_3; |
84 } | 84 } |
85 return version; | 85 return version; |
86 } | 86 } |
87 | 87 |
88 const base::Feature kTLS13Feature{ | |
89 "NegotiateTLS13", base::FEATURE_DISABLED_BY_DEFAULT, | |
90 }; | |
91 | |
92 } // namespace | 88 } // namespace |
93 | 89 |
94 //////////////////////////////////////////////////////////////////////////////// | 90 //////////////////////////////////////////////////////////////////////////////// |
95 // SSLConfigServicePref | 91 // SSLConfigServicePref |
96 | 92 |
97 // An SSLConfigService which stores a cached version of the current SSLConfig | 93 // An SSLConfigService which stores a cached version of the current SSLConfig |
98 // prefs, which are updated by SSLConfigServiceManagerPref when the prefs | 94 // prefs, which are updated by SSLConfigServiceManagerPref when the prefs |
99 // change. | 95 // change. |
100 class SSLConfigServicePref : public net::SSLConfigService { | 96 class SSLConfigServicePref : public net::SSLConfigService { |
101 public: | 97 public: |
(...skipping 85 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
187 DISALLOW_COPY_AND_ASSIGN(SSLConfigServiceManagerPref); | 183 DISALLOW_COPY_AND_ASSIGN(SSLConfigServiceManagerPref); |
188 }; | 184 }; |
189 | 185 |
190 SSLConfigServiceManagerPref::SSLConfigServiceManagerPref( | 186 SSLConfigServiceManagerPref::SSLConfigServiceManagerPref( |
191 PrefService* local_state, | 187 PrefService* local_state, |
192 const scoped_refptr<base::SingleThreadTaskRunner>& io_task_runner) | 188 const scoped_refptr<base::SingleThreadTaskRunner>& io_task_runner) |
193 : ssl_config_service_(new SSLConfigServicePref(io_task_runner)), | 189 : ssl_config_service_(new SSLConfigServicePref(io_task_runner)), |
194 io_task_runner_(io_task_runner) { | 190 io_task_runner_(io_task_runner) { |
195 DCHECK(local_state); | 191 DCHECK(local_state); |
196 | 192 |
197 if (base::FeatureList::IsEnabled(kTLS13Feature)) { | |
198 local_state->SetDefaultPrefValue( | |
199 ssl_config::prefs::kSSLVersionMax, | |
200 new base::StringValue(switches::kSSLVersionTLSv13)); | |
201 } | |
202 | |
203 PrefChangeRegistrar::NamedChangeCallback local_state_callback = | 193 PrefChangeRegistrar::NamedChangeCallback local_state_callback = |
204 base::Bind(&SSLConfigServiceManagerPref::OnPreferenceChanged, | 194 base::Bind(&SSLConfigServiceManagerPref::OnPreferenceChanged, |
205 base::Unretained(this), local_state); | 195 base::Unretained(this), local_state); |
206 | 196 |
207 rev_checking_enabled_.Init(ssl_config::prefs::kCertRevocationCheckingEnabled, | 197 rev_checking_enabled_.Init(ssl_config::prefs::kCertRevocationCheckingEnabled, |
208 local_state, local_state_callback); | 198 local_state, local_state_callback); |
209 rev_checking_required_local_anchors_.Init( | 199 rev_checking_required_local_anchors_.Init( |
210 ssl_config::prefs::kCertRevocationCheckingRequiredLocalAnchors, | 200 ssl_config::prefs::kCertRevocationCheckingRequiredLocalAnchors, |
211 local_state, local_state_callback); | 201 local_state, local_state_callback); |
212 sha1_local_anchors_enabled_.Init( | 202 sha1_local_anchors_enabled_.Init( |
(...skipping 101 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
314 PrefService* local_state, | 304 PrefService* local_state, |
315 const scoped_refptr<base::SingleThreadTaskRunner>& io_task_runner) { | 305 const scoped_refptr<base::SingleThreadTaskRunner>& io_task_runner) { |
316 return new SSLConfigServiceManagerPref(local_state, io_task_runner); | 306 return new SSLConfigServiceManagerPref(local_state, io_task_runner); |
317 } | 307 } |
318 | 308 |
319 // static | 309 // static |
320 void SSLConfigServiceManager::RegisterPrefs(PrefRegistrySimple* registry) { | 310 void SSLConfigServiceManager::RegisterPrefs(PrefRegistrySimple* registry) { |
321 SSLConfigServiceManagerPref::RegisterPrefs(registry); | 311 SSLConfigServiceManagerPref::RegisterPrefs(registry); |
322 } | 312 } |
323 } // namespace ssl_config | 313 } // namespace ssl_config |
OLD | NEW |