Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(395)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/ssl/ssl_config_service.cc

Issue 547603002: Certificate Transparency: Code for unpacking EV cert hashes whitelist (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Adding missing EV initialization to all tests in url_request Created 6 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/socket/ssl_client_socket_nss.cc ('K') | « net/ssl/ssl_config_service.h ('k') | net/url_request/url_request_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/ssl/ssl_config_service.h" 5 #include "net/ssl/ssl_config_service.h"
6 6
7 #include "base/lazy_instance.h" 7 #include "base/lazy_instance.h"
8 #include "base/synchronization/lock.h" 8 #include "base/synchronization/lock.h"
9 #include "net/ssl/ssl_config_service_defaults.h" 9 #include "net/ssl/ssl_config_service_defaults.h"
10 10
11 namespace net { 11 namespace net {
12 12
13 SSLConfigService::SSLConfigService() 13 SSLConfigService::SSLConfigService()
14 : observer_list_(ObserverList<Observer>::NOTIFY_EXISTING_ONLY) { 14 : observer_list_(ObserverList<Observer>::NOTIFY_EXISTING_ONLY) {
15 } 15 }
16 16
17 // GlobalCRLSet holds a reference to the global CRLSet. It simply wraps a lock 17 // GlobalSSLObject holds a reference to a global SSL object, such as the
18 // around a scoped_refptr so that getting a reference doesn't race with 18 // CRLSet or the EVCertsWhitelist. It simply wraps a lock around a
19 // updating the CRLSet. 19 // scoped_refptr so that getting a reference doesn't race with
20 class GlobalCRLSet { 20 // updating the global object.
21 template <class T>
22 class GlobalSSLObject {
21 public: 23 public:
22 void Set(const scoped_refptr<CRLSet>& new_crl_set) { 24 void Set(const scoped_refptr<T>& new_ssl_object) {
23 base::AutoLock locked(lock_); 25 base::AutoLock locked(lock_);
24 crl_set_ = new_crl_set; 26 ssl_object_ = new_ssl_object;
25 } 27 }
26 28
27 scoped_refptr<CRLSet> Get() const { 29 scoped_refptr<T> Get() const {
28 base::AutoLock locked(lock_); 30 base::AutoLock locked(lock_);
29 return crl_set_; 31 return ssl_object_;
30 } 32 }
31 33
32 private: 34 private:
33 scoped_refptr<CRLSet> crl_set_; 35 scoped_refptr<T> ssl_object_;
34 mutable base::Lock lock_; 36 mutable base::Lock lock_;
35 }; 37 };
36 38
39 typedef GlobalSSLObject<CRLSet> GlobalCRLSet;
40 typedef GlobalSSLObject<ct::EVCertsWhitelist> GlobalEVCertsWhitelist;
41
37 base::LazyInstance<GlobalCRLSet>::Leaky g_crl_set = LAZY_INSTANCE_INITIALIZER; 42 base::LazyInstance<GlobalCRLSet>::Leaky g_crl_set = LAZY_INSTANCE_INITIALIZER;
43 base::LazyInstance<GlobalEVCertsWhitelist>::Leaky g_ev_whitelist =
44 LAZY_INSTANCE_INITIALIZER;
38 45
39 // static 46 // static
40 void SSLConfigService::SetCRLSet(scoped_refptr<CRLSet> crl_set) { 47 void SSLConfigService::SetCRLSet(scoped_refptr<CRLSet> crl_set) {
41 // Note: this can be called concurently with GetCRLSet(). 48 // Note: this can be called concurently with GetCRLSet().
42 g_crl_set.Get().Set(crl_set); 49 g_crl_set.Get().Set(crl_set);
43 } 50 }
44 51
45 // static 52 // static
46 scoped_refptr<CRLSet> SSLConfigService::GetCRLSet() { 53 scoped_refptr<CRLSet> SSLConfigService::GetCRLSet() {
47 return g_crl_set.Get().Get(); 54 return g_crl_set.Get().Get();
48 } 55 }
49 56
57 // static
58 void SSLConfigService::SetEVCertsWhitelist(
59 scoped_refptr<ct::EVCertsWhitelist> ev_whitelist) {
60 g_ev_whitelist.Get().Set(ev_whitelist);
61 }
62
63 scoped_refptr<ct::EVCertsWhitelist> SSLConfigService::GetEVCertsWhitelist() {
64 return g_ev_whitelist.Get().Get();
65 }
66 // static
67
50 void SSLConfigService::AddObserver(Observer* observer) { 68 void SSLConfigService::AddObserver(Observer* observer) {
51 observer_list_.AddObserver(observer); 69 observer_list_.AddObserver(observer);
52 } 70 }
53 71
54 void SSLConfigService::RemoveObserver(Observer* observer) { 72 void SSLConfigService::RemoveObserver(Observer* observer) {
55 observer_list_.RemoveObserver(observer); 73 observer_list_.RemoveObserver(observer);
56 } 74 }
57 75
58 void SSLConfigService::NotifySSLConfigChange() { 76 void SSLConfigService::NotifySSLConfigChange() {
59 FOR_EACH_OBSERVER(Observer, observer_list_, OnSSLConfigChanged()); 77 FOR_EACH_OBSERVER(Observer, observer_list_, OnSSLConfigChanged());
(...skipping 25 matching lines...) Expand all
85 bool SSLConfigService::IsSNIAvailable(SSLConfigService* service) { 103 bool SSLConfigService::IsSNIAvailable(SSLConfigService* service) {
86 if (!service) 104 if (!service)
87 return false; 105 return false;
88 106
89 SSLConfig ssl_config; 107 SSLConfig ssl_config;
90 service->GetSSLConfig(&ssl_config); 108 service->GetSSLConfig(&ssl_config);
91 return ssl_config.version_max >= SSL_PROTOCOL_VERSION_TLS1; 109 return ssl_config.version_max >= SSL_PROTOCOL_VERSION_TLS1;
92 } 110 }
93 111
94 } // namespace net 112 } // namespace net
OLDNEW
« net/socket/ssl_client_socket_nss.cc ('K') | « net/ssl/ssl_config_service.h ('k') | net/url_request/url_request_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698