Chromium Code Reviews Chromium Code Reviews
Issue 2828713002:
Enable client certificate patterns in device ONC policy (Closed)
| Index: chromeos/cert_loader.h |
| diff --git a/chromeos/cert_loader.h b/chromeos/cert_loader.h |
| index 7243c6ddab009804ae2f695c0d4abaf6e87034b7..c4fc765d64868cd621b0209655ca1ab5a5129882 100644 |
| --- a/chromeos/cert_loader.h |
| +++ b/chromeos/cert_loader.h |
| @@ -17,6 +17,10 @@ |
| #include "chromeos/chromeos_export.h" |
| #include "net/cert/cert_database.h" |
| +namespace base { |
| +class TaskRunner; |
|
emaxx
2017/04/24 21:23:13
nit: Include this header directly, as I believe sc
pmarko
2017/04/25 12:10:02
Removed becuse TaskRunner is not necessary in the
|
| +} |
| + |
| namespace net { |
| class NSSCertDatabase; |
| class X509Certificate; |
| @@ -83,9 +87,20 @@ class CHROMEOS_EXPORT CertLoader : public net::CertDatabase::Observer { |
| bool certificates_loaded() const { return certificates_loaded_; } |
| - // This will be empty until certificates_loaded() is true. |
| + // Returns all certificates. This will be empty until certificates_loaded() is |
| + // true. |
| const net::CertificateList& cert_list() const { return *cert_list_; } |
|
stevenjb
2017/04/24 15:53:59
nit: I'm not sure how much churn this would cause,
pmarko
2017/04/25 12:10:02
Good idea, changed to all_certs+system_certs. Not
|
| + // Returns certificates from the system token. This will be empty until |
| + // certificates_loaded() is true. |
| + const net::CertificateList& system_cert_list() const { |
| + return *system_cert_list_; |
| + } |
| + |
| + // Overrides task runner that's used for running slow tasks. |
| + void SetSlowTaskRunnerForTest( |
|
emaxx
2017/04/24 21:23:13
nit: s/ForTest/ForTesting/ - as that form is used
pmarko
2017/04/25 12:10:02
Done. / Removed because the switch to TaskSchedule
|
| + const scoped_refptr<base::TaskRunner>& task_runner); |
| + |
| // Called in tests if |IsCertificateHardwareBacked()| should always return |
| // true. |
| static void ForceHardwareBackedForTesting(); |
| @@ -98,14 +113,24 @@ class CHROMEOS_EXPORT CertLoader : public net::CertDatabase::Observer { |
| // progress, will start a reload once the current task is finished. |
| void LoadCertificates(); |
| + // Called when the underlying NSS database finished loading certificates. |
| + void CertificatesLoaded(std::unique_ptr<net::CertificateList> cert_list); |
| + |
| // Called if a certificate load task is finished. |
| - void UpdateCertificates(std::unique_ptr<net::CertificateList> cert_list); |
| + void UpdateCertificates( |
| + std::unique_ptr<net::CertificateList> cert_list, |
| + std::unique_ptr<net::CertificateList> system_cert_list); |
| void NotifyCertificatesLoaded(bool initial_load); |
| // net::CertDatabase::Observer |
| void OnCertDBChanged() override; |
| + // Gets task runner that should be used for potentially slow tasks like |
| + // certificate filtering. Defaults to a base::WorkerPool runner, but may be |
| + // overriden in tests (see SetSlowTaskRunnerForTest). |
| + scoped_refptr<base::TaskRunner> GetSlowTaskRunner() const; |
| + |
| base::ObserverList<Observer> observers_; |
| // Flags describing current CertLoader state. |
| @@ -117,9 +142,16 @@ class CHROMEOS_EXPORT CertLoader : public net::CertDatabase::Observer { |
| // should be loaded. |
| net::NSSCertDatabase* database_; |
| - // Cached Certificates loaded from the database. |
| + // Cached certificates loaded from the database. |
| std::unique_ptr<net::CertificateList> cert_list_; |
| + // Cached Certifictes from system token. Currently this is a sublist of |
|
emaxx
2017/04/24 21:23:13
nit: s/Certifictes/certificates/
pmarko
2017/04/25 12:10:02
Done.
|
| + // |cert_list_|. |
| + std::unique_ptr<net::CertificateList> system_cert_list_; |
| + |
| + // Task runner that should be used for slow tasks in tests if set. |
| + scoped_refptr<base::TaskRunner> slow_task_runner_for_test_; |
| + |
| base::ThreadChecker thread_checker_; |
| base::WeakPtrFactory<CertLoader> weak_factory_; |
