| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CHROMEOS_NETWORK_CLIENT_CERT_RESOLVER_H_ | 5 #ifndef CHROMEOS_NETWORK_CLIENT_CERT_RESOLVER_H_ |
| 6 #define CHROMEOS_NETWORK_CLIENT_CERT_RESOLVER_H_ | 6 #define CHROMEOS_NETWORK_CLIENT_CERT_RESOLVER_H_ |
| 7 | 7 |
| 8 #include <set> | 8 #include <set> |
| 9 #include <string> | 9 #include <string> |
| 10 #include <vector> | 10 #include <vector> |
| (...skipping 61 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 72 void SetClockForTesting(base::Clock* clock); | 72 void SetClockForTesting(base::Clock* clock); |
| 73 | 73 |
| 74 // Returns true and sets the Shill properties that have to be configured in | 74 // Returns true and sets the Shill properties that have to be configured in |
| 75 // |shill_properties| if the certificate pattern |pattern| could be resolved. | 75 // |shill_properties| if the certificate pattern |pattern| could be resolved. |
| 76 // Returns false otherwise and sets empty Shill properties to clear the | 76 // Returns false otherwise and sets empty Shill properties to clear the |
| 77 // certificate configuration. | 77 // certificate configuration. |
| 78 // Note that it uses the global clock when checking the certificates for | 78 // Note that it uses the global clock when checking the certificates for |
| 79 // expiration. | 79 // expiration. |
| 80 static bool ResolveCertificatePatternSync( | 80 static bool ResolveCertificatePatternSync( |
| 81 const client_cert::ConfigType client_cert_type, | 81 const client_cert::ConfigType client_cert_type, |
| 82 const CertificatePattern& pattern, | 82 const client_cert::ClientCertConfig& client_cert_config, |
| 83 base::DictionaryValue* shill_properties); | 83 base::DictionaryValue* shill_properties); |
| 84 | 84 |
| 85 private: | 85 private: |
| 86 // NetworkStateHandlerObserver overrides | 86 // NetworkStateHandlerObserver overrides |
| 87 void NetworkListChanged() override; | 87 void NetworkListChanged() override; |
| 88 void NetworkConnectionStateChanged(const NetworkState* network) override; | 88 void NetworkConnectionStateChanged(const NetworkState* network) override; |
| 89 | 89 |
| 90 // CertLoader::Observer overrides | 90 // CertLoader::Observer overrides |
| 91 void OnCertificatesLoaded(const net::CertificateList& cert_list, | 91 void OnCertificatesLoaded(const net::CertificateList& cert_list, |
| 92 bool initial_load) override; | 92 bool initial_load) override; |
| 93 | 93 |
| 94 // NetworkPolicyObserver overrides | 94 // NetworkPolicyObserver overrides |
| 95 void PolicyAppliedToNetwork(const std::string& service_path) override; | 95 void PolicyAppliedToNetwork(const std::string& service_path) override; |
| 96 | 96 |
| 97 // Check which networks of |networks| are configured with a client certificate | 97 // Check which networks of |networks| are configured with a client certificate |
| 98 // pattern. Search for certificates, on the worker thread, and configure the | 98 // pattern. Search for certificates, on the worker thread, and configure the |
| 99 // networks for which a matching cert is found (see ConfigureCertificates). | 99 // networks for which a matching cert is found (see ConfigureCertificates). |
| 100 void ResolveNetworks(const NetworkStateHandler::NetworkStateList& networks); | 100 void ResolveNetworks(const NetworkStateHandler::NetworkStateList& networks); |
| 101 | 101 |
| 102 // Resolves certificates for the pending networks. This will always trigger a | 102 // Resolves certificates for the pending networks. This will always trigger a |
| 103 // ResolveRequestCompleted notification, even if the queue is empty. | 103 // ResolveRequestCompleted notification, even if the queue is empty. |
| 104 void ResolvePendingNetworks(); | 104 void ResolvePendingNetworks(); |
| 105 | 105 |
| 106 // |matches| contains networks for which a matching certificate was found. | 106 // |matches| contains networks for which a matching certificate was found. |
| 107 // Configures these networks. | 107 // Configures these networks. |
| 108 void ConfigureCertificates(std::vector<NetworkAndMatchingCert>* matches); | 108 void ConfigureCertificates( |
| 109 std::unique_ptr<std::vector<NetworkAndMatchingCert>> matches); |
| 109 | 110 |
| 110 // Trigger a ResolveRequestCompleted event on all observers. | 111 // Trigger a ResolveRequestCompleted event on all observers. |
| 111 void NotifyResolveRequestCompleted(); | 112 void NotifyResolveRequestCompleted(); |
| 112 | 113 |
| 113 // Returns Time::Now() unless a mock clock has been installed with | 114 // Returns Time::Now() unless a mock clock has been installed with |
| 114 // SetClockForTesting, in which case the time according to that clock is used | 115 // SetClockForTesting, in which case the time according to that clock is used |
| 115 // instead. | 116 // instead. |
| 116 base::Time Now() const; | 117 base::Time Now() const; |
| 117 | 118 |
| 118 base::ObserverList<Observer, true> observers_; | 119 base::ObserverList<Observer, true> observers_; |
| (...skipping 22 matching lines...) Expand all Loading... |
| 141 base::Clock* testing_clock_; | 142 base::Clock* testing_clock_; |
| 142 | 143 |
| 143 base::WeakPtrFactory<ClientCertResolver> weak_ptr_factory_; | 144 base::WeakPtrFactory<ClientCertResolver> weak_ptr_factory_; |
| 144 | 145 |
| 145 DISALLOW_COPY_AND_ASSIGN(ClientCertResolver); | 146 DISALLOW_COPY_AND_ASSIGN(ClientCertResolver); |
| 146 }; | 147 }; |
| 147 | 148 |
| 148 } // namespace chromeos | 149 } // namespace chromeos |
| 149 | 150 |
| 150 #endif // CHROMEOS_NETWORK_CLIENT_CERT_RESOLVER_H_ | 151 #endif // CHROMEOS_NETWORK_CLIENT_CERT_RESOLVER_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2828713002:
Enable client certificate patterns in device ONC policy (Closed)
