OLD | NEW |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "components/certificate_transparency/ct_policy_manager.h" | 5 #include "components/certificate_transparency/ct_policy_manager.h" |
6 | 6 |
7 #include <map> | 7 #include <map> |
8 #include <set> | 8 #include <set> |
9 #include <string> | 9 #include <string> |
10 | 10 |
(...skipping 71 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
82 const base::ListValue* excluded_hosts) { | 82 const base::ListValue* excluded_hosts) { |
83 network_task_runner_->PostTask( | 83 network_task_runner_->PostTask( |
84 FROM_HERE, | 84 FROM_HERE, |
85 base::Bind(&CTDelegate::Update, base::Unretained(this), | 85 base::Bind(&CTDelegate::Update, base::Unretained(this), |
86 base::Owned(required_hosts->CreateDeepCopy().release()), | 86 base::Owned(required_hosts->CreateDeepCopy().release()), |
87 base::Owned(excluded_hosts->CreateDeepCopy().release()))); | 87 base::Owned(excluded_hosts->CreateDeepCopy().release()))); |
88 } | 88 } |
89 | 89 |
90 net::TransportSecurityState::RequireCTDelegate::CTRequirementLevel | 90 net::TransportSecurityState::RequireCTDelegate::CTRequirementLevel |
91 CTPolicyManager::CTDelegate::IsCTRequiredForHost(const std::string& hostname) { | 91 CTPolicyManager::CTDelegate::IsCTRequiredForHost(const std::string& hostname) { |
92 DCHECK(network_task_runner_->RunsTasksOnCurrentThread()); | 92 DCHECK(network_task_runner_->RunsTasksInCurrentSequence()); |
93 | 93 |
94 // Scheme and port are ignored by the policy, so it's OK to construct a | 94 // Scheme and port are ignored by the policy, so it's OK to construct a |
95 // new GURL here. However, |hostname| is in network form, not URL form, | 95 // new GURL here. However, |hostname| is in network form, not URL form, |
96 // so it's necessary to wrap IPv6 addresses in brackets. | 96 // so it's necessary to wrap IPv6 addresses in brackets. |
97 std::set<url_matcher::URLMatcherConditionSet::ID> matching_ids = | 97 std::set<url_matcher::URLMatcherConditionSet::ID> matching_ids = |
98 url_matcher_->MatchURL( | 98 url_matcher_->MatchURL( |
99 GURL("https://" + net::HostPortPair(hostname, 443).HostForURL())); | 99 GURL("https://" + net::HostPortPair(hostname, 443).HostForURL())); |
100 if (matching_ids.empty()) | 100 if (matching_ids.empty()) |
101 return CTRequirementLevel::DEFAULT; | 101 return CTRequirementLevel::DEFAULT; |
102 | 102 |
(...skipping 15 matching lines...) Expand all Loading... |
118 active_filter = &it->second; | 118 active_filter = &it->second; |
119 } | 119 } |
120 CHECK(active_filter); | 120 CHECK(active_filter); |
121 | 121 |
122 return active_filter->ct_required ? CTRequirementLevel::REQUIRED | 122 return active_filter->ct_required ? CTRequirementLevel::REQUIRED |
123 : CTRequirementLevel::NOT_REQUIRED; | 123 : CTRequirementLevel::NOT_REQUIRED; |
124 } | 124 } |
125 | 125 |
126 void CTPolicyManager::CTDelegate::Update(base::ListValue* required_hosts, | 126 void CTPolicyManager::CTDelegate::Update(base::ListValue* required_hosts, |
127 base::ListValue* excluded_hosts) { | 127 base::ListValue* excluded_hosts) { |
128 DCHECK(network_task_runner_->RunsTasksOnCurrentThread()); | 128 DCHECK(network_task_runner_->RunsTasksInCurrentSequence()); |
129 | 129 |
130 url_matcher_.reset(new url_matcher::URLMatcher); | 130 url_matcher_.reset(new url_matcher::URLMatcher); |
131 filters_.clear(); | 131 filters_.clear(); |
132 next_id_ = 0; | 132 next_id_ = 0; |
133 | 133 |
134 url_matcher::URLMatcherConditionSet::Vector all_conditions; | 134 url_matcher::URLMatcherConditionSet::Vector all_conditions; |
135 AddFilters(true, required_hosts, &all_conditions); | 135 AddFilters(true, required_hosts, &all_conditions); |
136 AddFilters(false, excluded_hosts, &all_conditions); | 136 AddFilters(false, excluded_hosts, &all_conditions); |
137 | 137 |
138 url_matcher_->AddConditionSets(all_conditions); | 138 url_matcher_->AddConditionSets(all_conditions); |
(...skipping 123 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
262 base::Bind(&CTPolicyManager::Update, weak_factory_.GetWeakPtr())); | 262 base::Bind(&CTPolicyManager::Update, weak_factory_.GetWeakPtr())); |
263 } | 263 } |
264 | 264 |
265 void CTPolicyManager::Update() { | 265 void CTPolicyManager::Update() { |
266 delegate_->UpdateFromPrefs( | 266 delegate_->UpdateFromPrefs( |
267 pref_change_registrar_.prefs()->GetList(prefs::kCTRequiredHosts), | 267 pref_change_registrar_.prefs()->GetList(prefs::kCTRequiredHosts), |
268 pref_change_registrar_.prefs()->GetList(prefs::kCTExcludedHosts)); | 268 pref_change_registrar_.prefs()->GetList(prefs::kCTExcludedHosts)); |
269 } | 269 } |
270 | 270 |
271 } // namespace certificate_transparency | 271 } // namespace certificate_transparency |
OLD | NEW |