| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/base/ssl_config_service.h" | 5 #include "net/base/ssl_config_service.h" |
| 6 | 6 |
| 7 #include "base/lazy_instance.h" | 7 #include "base/lazy_instance.h" |
| 8 #include "base/memory/ref_counted.h" | 8 #include "base/memory/ref_counted.h" |
| 9 #include "base/synchronization/lock.h" | 9 #include "base/synchronization/lock.h" |
| 10 #include "net/base/crl_set.h" | 10 #include "net/base/crl_set.h" |
| (...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 67 } | 67 } |
| 68 } | 68 } |
| 69 return false; | 69 return false; |
| 70 } | 70 } |
| 71 | 71 |
| 72 SSLConfigService::SSLConfigService() | 72 SSLConfigService::SSLConfigService() |
| 73 : observer_list_(ObserverList<Observer>::NOTIFY_EXISTING_ONLY) { | 73 : observer_list_(ObserverList<Observer>::NOTIFY_EXISTING_ONLY) { |
| 74 } | 74 } |
| 75 | 75 |
| 76 static bool g_cached_info_enabled = false; | 76 static bool g_cached_info_enabled = false; |
| 77 static bool g_domain_bound_certs_trial = false; | |
| 78 | 77 |
| 79 // GlobalCRLSet holds a reference to the global CRLSet. It simply wraps a lock | 78 // GlobalCRLSet holds a reference to the global CRLSet. It simply wraps a lock |
| 80 // around a scoped_refptr so that getting a reference doesn't race with | 79 // around a scoped_refptr so that getting a reference doesn't race with |
| 81 // updating the CRLSet. | 80 // updating the CRLSet. |
| 82 class GlobalCRLSet { | 81 class GlobalCRLSet { |
| 83 public: | 82 public: |
| 84 void Set(const scoped_refptr<CRLSet>& new_crl_set) { | 83 void Set(const scoped_refptr<CRLSet>& new_crl_set) { |
| 85 base::AutoLock locked(lock_); | 84 base::AutoLock locked(lock_); |
| 86 crl_set_ = new_crl_set; | 85 crl_set_ = new_crl_set; |
| 87 } | 86 } |
| (...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 126 // static | 125 // static |
| 127 void SSLConfigService::SetDefaultVersionMax(uint16 version_max) { | 126 void SSLConfigService::SetDefaultVersionMax(uint16 version_max) { |
| 128 g_default_version_max = version_max; | 127 g_default_version_max = version_max; |
| 129 } | 128 } |
| 130 | 129 |
| 131 // static | 130 // static |
| 132 uint16 SSLConfigService::default_version_max() { | 131 uint16 SSLConfigService::default_version_max() { |
| 133 return g_default_version_max; | 132 return g_default_version_max; |
| 134 } | 133 } |
| 135 | 134 |
| 136 // static | |
| 137 void SSLConfigService::EnableDomainBoundCertsTrial() { | |
| 138 g_domain_bound_certs_trial = true; | |
| 139 } | |
| 140 | |
| 141 void SSLConfigService::AddObserver(Observer* observer) { | 135 void SSLConfigService::AddObserver(Observer* observer) { |
| 142 observer_list_.AddObserver(observer); | 136 observer_list_.AddObserver(observer); |
| 143 } | 137 } |
| 144 | 138 |
| 145 void SSLConfigService::RemoveObserver(Observer* observer) { | 139 void SSLConfigService::RemoveObserver(Observer* observer) { |
| 146 observer_list_.RemoveObserver(observer); | 140 observer_list_.RemoveObserver(observer); |
| 147 } | 141 } |
| 148 | 142 |
| 149 SSLConfigService::~SSLConfigService() { | 143 SSLConfigService::~SSLConfigService() { |
| 150 } | 144 } |
| 151 | 145 |
| 152 // static | 146 // static |
| 153 void SSLConfigService::SetSSLConfigFlags(SSLConfig* ssl_config) { | 147 void SSLConfigService::SetSSLConfigFlags(SSLConfig* ssl_config) { |
| 154 ssl_config->cached_info_enabled = g_cached_info_enabled; | 148 ssl_config->cached_info_enabled = g_cached_info_enabled; |
| 155 if (g_domain_bound_certs_trial) | |
| 156 ssl_config->domain_bound_certs_enabled = true; | |
| 157 } | 149 } |
| 158 | 150 |
| 159 void SSLConfigService::ProcessConfigUpdate(const SSLConfig& orig_config, | 151 void SSLConfigService::ProcessConfigUpdate(const SSLConfig& orig_config, |
| 160 const SSLConfig& new_config) { | 152 const SSLConfig& new_config) { |
| 161 bool config_changed = | 153 bool config_changed = |
| 162 (orig_config.rev_checking_enabled != new_config.rev_checking_enabled) || | 154 (orig_config.rev_checking_enabled != new_config.rev_checking_enabled) || |
| 163 (orig_config.version_min != new_config.version_min) || | 155 (orig_config.version_min != new_config.version_min) || |
| 164 (orig_config.version_max != new_config.version_max) || | 156 (orig_config.version_max != new_config.version_max) || |
| 165 (orig_config.disabled_cipher_suites != | 157 (orig_config.disabled_cipher_suites != |
| 166 new_config.disabled_cipher_suites) || | 158 new_config.disabled_cipher_suites) || |
| (...skipping 10 matching lines...) Expand all Loading... |
| 177 bool SSLConfigService::IsSNIAvailable(SSLConfigService* service) { | 169 bool SSLConfigService::IsSNIAvailable(SSLConfigService* service) { |
| 178 if (!service) | 170 if (!service) |
| 179 return false; | 171 return false; |
| 180 | 172 |
| 181 SSLConfig ssl_config; | 173 SSLConfig ssl_config; |
| 182 service->GetSSLConfig(&ssl_config); | 174 service->GetSSLConfig(&ssl_config); |
| 183 return ssl_config.version_max >= SSL_PROTOCOL_VERSION_TLS1; | 175 return ssl_config.version_max >= SSL_PROTOCOL_VERSION_TLS1; |
| 184 } | 176 } |
| 185 | 177 |
| 186 } // namespace net | 178 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10544015:
Revert "Add field trial for domain bound certificates." The field trial is done. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src