diff options
| author | mattm@chromium.org <mattm@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-08-19 21:48:42 +0000 |
|---|---|---|
| committer | mattm@chromium.org <mattm@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-08-19 21:48:42 +0000 |
| commit | db36938cb26cf265a5fd93690a8e783d01406958 (patch) | |
| tree | 7261d389592cdfbbb3063f223455518db12d3bda | |
| parent | 0d1872ebba9b790f3a33bcaecc11258ea924b397 (diff) | |
| download | chromium_src-db36938cb26cf265a5fd93690a8e783d01406958.zip chromium_src-db36938cb26cf265a5fd93690a8e783d01406958.tar.gz chromium_src-db36938cb26cf265a5fd93690a8e783d01406958.tar.bz2 | |
Pref-backed SSLConfigService for Linux.
Makes SSLConfigService into a ref-counted interface, and makes Profile own an SSLConfigServiceFactory which is used to create the SSLConfigService and pass it through the URLRequestContext on down to where it is actually used.
R=eroman,wtc
BUG=11507,19290
Review URL: http://codereview.chromium.org/165003
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@23757 0039d316-1c4b-4281-b951-d872f2087c98
37 files changed, 742 insertions, 140 deletions
diff --git a/chrome/browser/automation/automation_profile_impl.h b/chrome/browser/automation/automation_profile_impl.h index 2262d68..ced38cd 100644 --- a/chrome/browser/automation/automation_profile_impl.h +++ b/chrome/browser/automation/automation_profile_impl.h @@ -120,6 +120,9 @@ class AutomationProfileImpl : public Profile { virtual URLRequestContext* GetRequestContextForExtensions() { return original_profile_->GetRequestContextForExtensions(); } + virtual net::SSLConfigService* GetSSLConfigService() { + return original_profile_->GetSSLConfigService(); + } virtual Blacklist* GetBlacklist() { return original_profile_->GetBlacklist(); } @@ -199,4 +202,3 @@ class AutomationProfileImpl : public Profile { }; #endif // CHROME_BROWSER_AUTOMATION_AUTOMATION_PROFILE_IMPL_H_ - diff --git a/chrome/browser/gtk/options/advanced_contents_gtk.cc b/chrome/browser/gtk/options/advanced_contents_gtk.cc index a4dd27f..416c925 100644 --- a/chrome/browser/gtk/options/advanced_contents_gtk.cc +++ b/chrome/browser/gtk/options/advanced_contents_gtk.cc @@ -62,6 +62,16 @@ GtkWidget* CreateCheckButtonWithWrappedLabel(int string_id) { return checkbox; } +GtkWidget* AddCheckButtonWithWrappedLabel(int string_id, + GtkWidget* container, + GCallback handler, + gpointer data) { + GtkWidget* checkbox = CreateCheckButtonWithWrappedLabel(string_id); + gtk_box_pack_start(GTK_BOX(container), checkbox, FALSE, FALSE, 0); + g_signal_connect(checkbox, "toggled", handler, data); + return checkbox; +} + // Don't let the widget handle scroll events. Instead, pass it on to the // parent widget. gboolean PassScrollToParent(GtkWidget* widget, GdkEvent* event, @@ -142,13 +152,13 @@ class DownloadSection : public OptionsPageBase { // Flag to ignore gtk callbacks while we are loading prefs, to avoid // then turning around and saving them again. - bool initializing_; + bool pref_changing_; DISALLOW_COPY_AND_ASSIGN(DownloadSection); }; DownloadSection::DownloadSection(Profile* profile) - : OptionsPageBase(profile), initializing_(true) { + : OptionsPageBase(profile), pref_changing_(true) { page_ = gtk_vbox_new(FALSE, gtk_util::kControlSpacing); // Download location options. @@ -223,7 +233,7 @@ DownloadSection::DownloadSection(Profile* profile) } void DownloadSection::NotifyPrefChanged(const std::wstring* pref_name) { - initializing_ = true; + pref_changing_ = true; if (!pref_name || *pref_name == prefs::kDownloadDefaultDirectory) { gtk_file_chooser_set_current_folder( GTK_FILE_CHOOSER(download_location_button_), @@ -243,13 +253,13 @@ void DownloadSection::NotifyPrefChanged(const std::wstring* pref_name) { gtk_widget_set_sensitive(reset_file_handlers_label_, enabled); gtk_widget_set_sensitive(reset_file_handlers_button_, enabled); } - initializing_ = false; + pref_changing_ = false; } // static void DownloadSection::OnDownloadLocationChanged(GtkFileChooser* widget, DownloadSection* section) { - if (section->initializing_) + if (section->pref_changing_) return; gchar* folder = gtk_file_chooser_get_filename(widget); @@ -267,7 +277,7 @@ void DownloadSection::OnDownloadLocationChanged(GtkFileChooser* widget, // static void DownloadSection::OnDownloadAskForSaveLocationChanged( GtkWidget* widget, DownloadSection* section) { - if (section->initializing_) + if (section->pref_changing_) return; bool enabled = gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON(widget)); if (enabled) { @@ -464,14 +474,14 @@ class PrivacySection : public OptionsPageBase { // Flag to ignore gtk callbacks while we are loading prefs, to avoid // then turning around and saving them again. - bool initializing_; + bool pref_changing_; DISALLOW_COPY_AND_ASSIGN(PrivacySection); }; PrivacySection::PrivacySection(Profile* profile) : OptionsPageBase(profile), - initializing_(true) { + pref_changing_(true) { page_ = gtk_vbox_new(FALSE, gtk_util::kControlSpacing); GtkWidget* section_description_label = CreateWrappedLabel( @@ -591,7 +601,7 @@ void PrivacySection::OnLearnMoreLinkClicked(GtkButton *button, // static void PrivacySection::OnEnableLinkDoctorChange(GtkWidget* widget, PrivacySection* privacy_section) { - if (privacy_section->initializing_) + if (privacy_section->pref_changing_) return; bool enabled = gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON(widget)); privacy_section->UserMetricsRecordAction( @@ -605,7 +615,7 @@ void PrivacySection::OnEnableLinkDoctorChange(GtkWidget* widget, // static void PrivacySection::OnEnableSuggestChange(GtkWidget* widget, PrivacySection* privacy_section) { - if (privacy_section->initializing_) + if (privacy_section->pref_changing_) return; bool enabled = gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON(widget)); privacy_section->UserMetricsRecordAction( @@ -619,7 +629,7 @@ void PrivacySection::OnEnableSuggestChange(GtkWidget* widget, // static void PrivacySection::OnDNSPrefetchingChange(GtkWidget* widget, PrivacySection* privacy_section) { - if (privacy_section->initializing_) + if (privacy_section->pref_changing_) return; bool enabled = gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON(widget)); privacy_section->UserMetricsRecordAction( @@ -634,7 +644,7 @@ void PrivacySection::OnDNSPrefetchingChange(GtkWidget* widget, // static void PrivacySection::OnSafeBrowsingChange(GtkWidget* widget, PrivacySection* privacy_section) { - if (privacy_section->initializing_) + if (privacy_section->pref_changing_) return; bool enabled = gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON(widget)); privacy_section->UserMetricsRecordAction( @@ -652,7 +662,7 @@ void PrivacySection::OnSafeBrowsingChange(GtkWidget* widget, // static void PrivacySection::OnLoggingChange(GtkWidget* widget, PrivacySection* privacy_section) { - if (privacy_section->initializing_) + if (privacy_section->pref_changing_) return; bool enabled = gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON(widget)); privacy_section->UserMetricsRecordAction( @@ -677,7 +687,7 @@ void PrivacySection::OnLoggingChange(GtkWidget* widget, // static void PrivacySection::OnCookieBehaviorChanged(GtkComboBox* combo_box, PrivacySection* privacy_section) { - if (privacy_section->initializing_) + if (privacy_section->pref_changing_) return; net::CookiePolicy::Type cookie_policy = net::CookiePolicy::FromInt(gtk_combo_box_get_active(combo_box)); @@ -704,7 +714,7 @@ void PrivacySection::OnShowCookiesButtonClicked( } void PrivacySection::NotifyPrefChanged(const std::wstring* pref_name) { - initializing_ = true; + pref_changing_ = true; if (!pref_name || *pref_name == prefs::kAlternateErrorPagesEnabled) { gtk_toggle_button_set_active( GTK_TOGGLE_BUTTON(enable_link_doctor_checkbox_), @@ -737,7 +747,7 @@ void PrivacySection::NotifyPrefChanged(const std::wstring* pref_name) { GTK_COMBO_BOX(cookie_behavior_combobox_), net::CookiePolicy::FromInt(cookie_behavior_.GetValue())); } - initializing_ = false; + pref_changing_ = false; } void PrivacySection::ResolveMetricsReportingEnabled() { @@ -780,18 +790,43 @@ class SecuritySection : public OptionsPageBase { } private: + // Overridden from OptionsPageBase. + virtual void NotifyPrefChanged(const std::wstring* pref_name); + // The callback functions for the options widgets. static void OnManageCertificatesClicked(GtkButton* button, SecuritySection* section); + static void OnRevCheckingEnabledToggled(GtkToggleButton* togglebutton, + SecuritySection* section); + static void OnSSL2EnabledToggled(GtkToggleButton* togglebutton, + SecuritySection* section); + static void OnSSL3EnabledToggled(GtkToggleButton* togglebutton, + SecuritySection* section); + static void OnTLS1EnabledToggled(GtkToggleButton* togglebutton, + SecuritySection* section); // The widget containing the options for this section. GtkWidget* page_; + GtkWidget* rev_checking_enabled_checkbox_; + GtkWidget* ssl2_enabled_checkbox_; + GtkWidget* ssl3_enabled_checkbox_; + GtkWidget* tls1_enabled_checkbox_; + + // SSLConfigService prefs. + BooleanPrefMember rev_checking_enabled_; + BooleanPrefMember ssl2_enabled_; + BooleanPrefMember ssl3_enabled_; + BooleanPrefMember tls1_enabled_; + + // Flag to ignore gtk callbacks while we are loading prefs, to avoid + // then turning around and saving them again. + bool pref_changing_; DISALLOW_COPY_AND_ASSIGN(SecuritySection); }; SecuritySection::SecuritySection(Profile* profile) - : OptionsPageBase(profile) { + : OptionsPageBase(profile), pref_changing_(true) { page_ = gtk_vbox_new(FALSE, gtk_util::kControlSpacing); GtkWidget* manage_certificates_label = CreateWrappedLabel( @@ -814,9 +849,52 @@ SecuritySection::SecuritySection(Profile* profile) g_signal_connect(manage_certificates_link, "clicked", G_CALLBACK(OnManageCertificatesClicked), this); - // TODO(mattm): add SSLConfigService options when that is ported to Linux + // TODO(mattm): should have a description label here and have the checkboxes + // indented, but IDS_OPTIONS_SSL_GROUP_DESCRIPTION isn't appropriate and + // didn't think of adding a Linux specific one before the string freeze. + rev_checking_enabled_checkbox_ = AddCheckButtonWithWrappedLabel( + IDS_OPTIONS_SSL_CHECKREVOCATION, page_, + G_CALLBACK(OnRevCheckingEnabledToggled), this); + ssl2_enabled_checkbox_ = AddCheckButtonWithWrappedLabel( + IDS_OPTIONS_SSL_USESSL2, page_, G_CALLBACK(OnSSL2EnabledToggled), this); + ssl3_enabled_checkbox_ = AddCheckButtonWithWrappedLabel( + IDS_OPTIONS_SSL_USESSL3, page_, G_CALLBACK(OnSSL3EnabledToggled), this); + tls1_enabled_checkbox_ = AddCheckButtonWithWrappedLabel( + IDS_OPTIONS_SSL_USETLS1, page_, G_CALLBACK(OnTLS1EnabledToggled), this); + + + rev_checking_enabled_.Init(prefs::kCertRevocationCheckingEnabled, + profile->GetPrefs(), this); + ssl2_enabled_.Init(prefs::kSSL2Enabled, profile->GetPrefs(), this); + ssl3_enabled_.Init(prefs::kSSL3Enabled, profile->GetPrefs(), this); + tls1_enabled_.Init(prefs::kTLS1Enabled, profile->GetPrefs(), this); + + NotifyPrefChanged(NULL); +} + +void SecuritySection::NotifyPrefChanged(const std::wstring* pref_name) { + pref_changing_ = true; + if (!pref_name || *pref_name == prefs::kCertRevocationCheckingEnabled) { + gtk_toggle_button_set_active( + GTK_TOGGLE_BUTTON(rev_checking_enabled_checkbox_), + rev_checking_enabled_.GetValue()); + } + if (!pref_name || *pref_name == prefs::kSSL2Enabled) { + gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(ssl2_enabled_checkbox_), + ssl2_enabled_.GetValue()); + } + if (!pref_name || *pref_name == prefs::kSSL3Enabled) { + gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(ssl3_enabled_checkbox_), + ssl3_enabled_.GetValue()); + } + if (!pref_name || *pref_name == prefs::kTLS1Enabled) { + gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(tls1_enabled_checkbox_), + tls1_enabled_.GetValue()); + } + pref_changing_ = false; } + // static void SecuritySection::OnManageCertificatesClicked(GtkButton* button, SecuritySection* section) { @@ -825,6 +903,68 @@ void SecuritySection::OnManageCertificatesClicked(GtkButton* button, GURL(), NEW_WINDOW, PageTransition::LINK); } +// static +void SecuritySection::OnRevCheckingEnabledToggled(GtkToggleButton* togglebutton, + SecuritySection* section) { + if (section->pref_changing_) + return; + + bool enabled = gtk_toggle_button_get_active(togglebutton); + if (enabled) { + section->UserMetricsRecordAction(L"Options_CheckCertRevocation_Enable", + NULL); + } else { + section->UserMetricsRecordAction(L"Options_CheckCertRevocation_Disable", + NULL); + } + section->rev_checking_enabled_.SetValue(enabled); +} + +// static +void SecuritySection::OnSSL2EnabledToggled(GtkToggleButton* togglebutton, + SecuritySection* section) { + if (section->pref_changing_) + return; + + bool enabled = gtk_toggle_button_get_active(togglebutton); + if (enabled) { + section->UserMetricsRecordAction(L"Options_SSL2_Enable", NULL); + } else { + section->UserMetricsRecordAction(L"Options_SSL2_Disable", NULL); + } + section->ssl2_enabled_.SetValue(enabled); +} + +// static +void SecuritySection::OnSSL3EnabledToggled(GtkToggleButton* togglebutton, + SecuritySection* section) { + if (section->pref_changing_) + return; + + bool enabled = gtk_toggle_button_get_active(togglebutton); + if (enabled) { + section->UserMetricsRecordAction(L"Options_SSL3_Enable", NULL); + } else { + section->UserMetricsRecordAction(L"Options_SSL3_Disable", NULL); + } + section->ssl3_enabled_.SetValue(enabled); +} + +// static +void SecuritySection::OnTLS1EnabledToggled(GtkToggleButton* togglebutton, + SecuritySection* section) { + if (section->pref_changing_) + return; + + bool enabled = gtk_toggle_button_get_active(togglebutton); + if (enabled) { + section->UserMetricsRecordAction(L"Options_TLS1_Enable", NULL); + } else { + section->UserMetricsRecordAction(L"Options_TLS1_Disable", NULL); + } + section->tls1_enabled_.SetValue(enabled); +} + /////////////////////////////////////////////////////////////////////////////// // WebContentSection diff --git a/chrome/browser/net/chrome_url_request_context.cc b/chrome/browser/net/chrome_url_request_context.cc index 16299ba..891bd82 100644 --- a/chrome/browser/net/chrome_url_request_context.cc +++ b/chrome/browser/net/chrome_url_request_context.cc @@ -121,6 +121,7 @@ ChromeURLRequestContext* ChromeURLRequestContext::CreateOriginal( net::HttpCache* cache = new net::HttpCache(context->host_resolver_, context->proxy_service_, + context->ssl_config_service_, disk_cache_path.ToWStringHack(), cache_size); const CommandLine& command_line = *CommandLine::ForCurrentProcess(); @@ -207,7 +208,8 @@ ChromeURLRequestContext* ChromeURLRequestContext::CreateOffTheRecord( profile->GetOriginalProfile()->GetRequestContext()->proxy_service(); context->http_transaction_factory_ = - new net::HttpCache(context->host_resolver_, context->proxy_service_, 0); + new net::HttpCache(context->host_resolver_, context->proxy_service_, + context->ssl_config_service_, 0); context->cookie_store_ = new net::CookieMonster; // The kNewFtp switch is Windows specific because we have multiple FTP @@ -274,6 +276,7 @@ ChromeURLRequestContext* ChromeURLRequestContext::CreateRequestContextForMedia( // new set of network stack. cache = new net::HttpCache(original_context->host_resolver(), original_context->proxy_service(), + original_context->ssl_config_service(), disk_cache_path.ToWStringHack(), cache_size); } @@ -337,6 +340,8 @@ ChromeURLRequestContext::ChromeURLRequestContext(Profile* profile) registrar_.Add(this, NotificationType::EXTENSION_UNLOADED, NotificationService::AllSources()); } + + ssl_config_service_ = profile->GetSSLConfigService(); } ChromeURLRequestContext::ChromeURLRequestContext( @@ -344,6 +349,7 @@ ChromeURLRequestContext::ChromeURLRequestContext( // Set URLRequestContext members host_resolver_ = other->host_resolver_; proxy_service_ = other->proxy_service_; + ssl_config_service_ = other->ssl_config_service_; http_transaction_factory_ = other->http_transaction_factory_; ftp_transaction_factory_ = other->ftp_transaction_factory_; cookie_store_ = other->cookie_store_; diff --git a/chrome/browser/net/ssl_config_service_manager.h b/chrome/browser/net/ssl_config_service_manager.h new file mode 100644 index 0000000..d2a351f --- /dev/null +++ b/chrome/browser/net/ssl_config_service_manager.h @@ -0,0 +1,31 @@ +// Copyright (c) 2009 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef CHROME_BROWSER_NET_SSL_CONFIG_SERVICE_MANAGER_H_ +#define CHROME_BROWSER_NET_SSL_CONFIG_SERVICE_MANAGER_H_ + +namespace net { +class SSLConfigService; +} // namespace net + +class Profile; + +// An interface for creating SSLConfigService objects for the current platform. +class SSLConfigServiceManager { + public: + // Create an instance of the default SSLConfigServiceManager for the current + // platform. The lifetime of the profile must be longer than that of the + // factory. + static SSLConfigServiceManager* CreateDefaultManager(Profile* profile); + + virtual ~SSLConfigServiceManager() {} + + // Get an SSLConfigService instance. It may be a new instance or the factory + // may return the same instance multiple times. + // The caller should hold a reference as long as it needs the instance (eg, + // using scoped_refptr.) + virtual net::SSLConfigService* Get() = 0; +}; + +#endif // CHROME_BROWSER_NET_SSL_CONFIG_SERVICE_MANAGER_H_ diff --git a/chrome/browser/net/ssl_config_service_manager_defaults.cc b/chrome/browser/net/ssl_config_service_manager_defaults.cc new file mode 100644 index 0000000..a01166e --- /dev/null +++ b/chrome/browser/net/ssl_config_service_manager_defaults.cc @@ -0,0 +1,37 @@ +// Copyright (c) 2009 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "chrome/browser/net/ssl_config_service_manager.h" +#include "net/base/ssl_config_service_defaults.h" + +//////////////////////////////////////////////////////////////////////////////// +// SSLConfigServiceManagerDefaults + +// The factory for creating an SSLConfigServiceDefaults instance. +class SSLConfigServiceManagerDefaults + : public SSLConfigServiceManager { + public: + SSLConfigServiceManagerDefaults() + : ssl_config_service_(new net::SSLConfigServiceDefaults()) { + } + virtual ~SSLConfigServiceManagerDefaults() {} + + virtual net::SSLConfigService* Get() { + return ssl_config_service_; + } + + private: + scoped_refptr<net::SSLConfigServiceDefaults> ssl_config_service_; + + DISALLOW_COPY_AND_ASSIGN(SSLConfigServiceManagerDefaults); +}; + +//////////////////////////////////////////////////////////////////////////////// +// SSLConfigServiceManager + +// static +SSLConfigServiceManager* SSLConfigServiceManager::CreateDefaultManager( + Profile* profile) { + return new SSLConfigServiceManagerDefaults(); +} diff --git a/chrome/browser/net/ssl_config_service_manager_pref.cc b/chrome/browser/net/ssl_config_service_manager_pref.cc new file mode 100644 index 0000000..6c1f5f1 --- /dev/null +++ b/chrome/browser/net/ssl_config_service_manager_pref.cc @@ -0,0 +1,155 @@ +// Copyright (c) 2009 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "base/message_loop.h" +#include "base/thread.h" +#include "chrome/browser/browser_process.h" +#include "chrome/browser/net/ssl_config_service_manager.h" +#include "chrome/browser/profile.h" +#include "chrome/common/notification_service.h" +#include "chrome/common/pref_member.h" +#include "chrome/common/pref_names.h" +#include "net/base/ssl_config_service.h" + +//////////////////////////////////////////////////////////////////////////////// +// SSLConfigServicePref + +// An SSLConfigService which stores a cached version of the current SSLConfig +// prefs, which are updated by SSLConfigServiceManagerPref when the prefs +// change. +class SSLConfigServicePref : public net::SSLConfigService { + public: + SSLConfigServicePref() {} + virtual ~SSLConfigServicePref() {} + + // Store SSL config settings in |config|. Must only be called from IO thread. + virtual void GetSSLConfig(net::SSLConfig* config); + + private: + // Allow the pref watcher to update our internal state. + friend class SSLConfigServiceManagerPref; + + // This method is posted to the IO thread from the browser thread to carry the + // new config information. + void SetNewSSLConfig(const net::SSLConfig& new_config); + + // Cached value of prefs, should only be accessed from IO thread. + net::SSLConfig cached_config_; + + DISALLOW_COPY_AND_ASSIGN(SSLConfigServicePref); +}; + +void SSLConfigServicePref::GetSSLConfig(net::SSLConfig* config) { + *config = cached_config_; +} + +void SSLConfigServicePref::SetNewSSLConfig( + const net::SSLConfig& new_config) { + cached_config_ = new_config; +} + +//////////////////////////////////////////////////////////////////////////////// +// SSLConfigServiceManagerPref + +// The factory for creating and updating an SSLConfigServicePref instance. +class SSLConfigServiceManagerPref + : public SSLConfigServiceManager, + public NotificationObserver { + public: + explicit SSLConfigServiceManagerPref(Profile* profile); + virtual ~SSLConfigServiceManagerPref() {} + + virtual net::SSLConfigService* Get(); + + private: + static void RegisterUserPrefs(PrefService* user_prefs); + + // Callback for preference changes. This will post the changes to the IO + // thread with SetNewSSLConfig. + virtual void Observe(NotificationType type, + const NotificationSource& source, + const NotificationDetails& details); + + // Store SSL config settings in |config|, directly from the preferences. Must + // only be called from UI thread. + void GetSSLConfigFromPrefs(net::SSLConfig* config); + + // The prefs (should only be accessed from UI thread) + BooleanPrefMember rev_checking_enabled_; + BooleanPrefMember ssl2_enabled_; + BooleanPrefMember ssl3_enabled_; + BooleanPrefMember tls1_enabled_; + + scoped_refptr<SSLConfigServicePref> ssl_config_service_; + + DISALLOW_COPY_AND_ASSIGN(SSLConfigServiceManagerPref); +}; + +SSLConfigServiceManagerPref::SSLConfigServiceManagerPref(Profile* profile) + : ssl_config_service_(new SSLConfigServicePref()) { + RegisterUserPrefs(profile->GetPrefs()); + + rev_checking_enabled_.Init(prefs::kCertRevocationCheckingEnabled, + profile->GetPrefs(), this); + ssl2_enabled_.Init(prefs::kSSL2Enabled, profile->GetPrefs(), this); + ssl3_enabled_.Init(prefs::kSSL3Enabled, profile->GetPrefs(), this); + tls1_enabled_.Init(prefs::kTLS1Enabled, profile->GetPrefs(), this); + + // Initialize from UI thread. This is okay as there shouldn't be anything on + // the IO thread trying to access it yet. + GetSSLConfigFromPrefs(&ssl_config_service_->cached_config_); +} + +// static +void SSLConfigServiceManagerPref::RegisterUserPrefs(PrefService* user_prefs) { + net::SSLConfig default_config; + user_prefs->RegisterBooleanPref(prefs::kCertRevocationCheckingEnabled, + default_config.rev_checking_enabled); + user_prefs->RegisterBooleanPref(prefs::kSSL2Enabled, + default_config.ssl2_enabled); + user_prefs->RegisterBooleanPref(prefs::kSSL3Enabled, + default_config.ssl3_enabled); + user_prefs->RegisterBooleanPref(prefs::kTLS1Enabled, + default_config.tls1_enabled); +} + +net::SSLConfigService* SSLConfigServiceManagerPref::Get() { + return ssl_config_service_; +} + +void SSLConfigServiceManagerPref::Observe(NotificationType type, + const NotificationSource& source, + const NotificationDetails& details) { + base::Thread* io_thread = g_browser_process->io_thread(); + if (io_thread) { + net::SSLConfig new_config; + GetSSLConfigFromPrefs(&new_config); + + // Post a task to |io_loop| with the new configuration, so it can + // update |cached_config_|. + io_thread->message_loop()->PostTask( + FROM_HERE, + NewRunnableMethod( + ssl_config_service_.get(), + &SSLConfigServicePref::SetNewSSLConfig, + new_config)); + } +} + +void SSLConfigServiceManagerPref::GetSSLConfigFromPrefs( + net::SSLConfig* config) { + config->rev_checking_enabled = rev_checking_enabled_.GetValue(); + config->ssl2_enabled = ssl2_enabled_.GetValue(); + config->ssl3_enabled = ssl3_enabled_.GetValue(); + config->tls1_enabled = tls1_enabled_.GetValue(); +} + +//////////////////////////////////////////////////////////////////////////////// +// SSLConfigServiceManager + +// static +SSLConfigServiceManager* SSLConfigServiceManager::CreateDefaultManager( + Profile* profile) { + return new SSLConfigServiceManagerPref(profile); +} diff --git a/chrome/browser/net/ssl_config_service_manager_win.cc b/chrome/browser/net/ssl_config_service_manager_win.cc new file mode 100644 index 0000000..c39c472 --- /dev/null +++ b/chrome/browser/net/ssl_config_service_manager_win.cc @@ -0,0 +1,39 @@ +// Copyright (c) 2009 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "chrome/browser/net/ssl_config_service_manager.h" +#include "net/base/ssl_config_service_win.h" + +class Profile; + +//////////////////////////////////////////////////////////////////////////////// +// SSLConfigServiceManagerWin + +// The factory for creating an SSLConfigServiceWin instance. +class SSLConfigServiceManagerWin + : public SSLConfigServiceManager { + public: + SSLConfigServiceManagerWin() + : ssl_config_service_(new net::SSLConfigServiceWin) { + } + virtual ~SSLConfigServiceManagerWin() {} + + virtual net::SSLConfigService* Get() { + return ssl_config_service_; + } + + private: + scoped_refptr<net::SSLConfigService> ssl_config_service_; + + DISALLOW_COPY_AND_ASSIGN(SSLConfigServiceManagerWin); +}; + +//////////////////////////////////////////////////////////////////////////////// +// SSLConfigServiceManager + +// static +SSLConfigServiceManager* SSLConfigServiceManager::CreateDefaultManager( + Profile* profile) { + return new SSLConfigServiceManagerWin(); +} diff --git a/chrome/browser/options_util.cc b/chrome/browser/options_util.cc index 12f653e..a69b11e 100644 --- a/chrome/browser/options_util.cc +++ b/chrome/browser/options_util.cc @@ -23,6 +23,12 @@ void OptionsUtil::ResetToDefaults(Profile* profile) { prefs::kCookieBehavior, prefs::kDefaultCharset, prefs::kDnsPrefetchingEnabled, +#if defined(OS_LINUX) + prefs::kCertRevocationCheckingEnabled, + prefs::kSSL2Enabled, + prefs::kSSL3Enabled, + prefs::kTLS1Enabled, +#endif prefs::kDownloadDefaultDirectory, prefs::kDownloadExtensionsToOpen, prefs::kEnableSpellCheck, diff --git a/chrome/browser/profile.cc b/chrome/browser/profile.cc index 94b4e60..0e473315 100644 --- a/chrome/browser/profile.cc +++ b/chrome/browser/profile.cc @@ -21,6 +21,7 @@ #include "chrome/browser/history/history.h" #include "chrome/browser/in_process_webkit/webkit_context.h" #include "chrome/browser/net/chrome_url_request_context.h" +#include "chrome/browser/net/ssl_config_service_manager.h" #include "chrome/browser/password_manager/password_store_default.h" #include "chrome/browser/privacy_blacklist/blacklist.h" #include "chrome/browser/profile_manager.h" @@ -339,6 +340,10 @@ class OffTheRecordProfileImpl : public Profile, return extensions_request_context_; } + virtual net::SSLConfigService* GetSSLConfigService() { + return GetOriginalProfile()->GetSSLConfigService(); + } + virtual Blacklist* GetBlacklist() { return GetOriginalProfile()->GetBlacklist(); } @@ -539,6 +544,9 @@ ProfileImpl::ProfileImpl(const FilePath& path) // Listen for bookmark model load, to bootstrap the sync service. registrar_.Add(this, NotificationType::BOOKMARK_MODEL_LOADED, Source<Profile>(this)); + + ssl_config_service_manager_.reset( + SSLConfigServiceManager::CreateDefaultManager(this)); } void ProfileImpl::InitExtensions() { @@ -853,6 +861,10 @@ URLRequestContext* ProfileImpl::GetRequestContextForExtensions() { return extensions_request_context_; } +net::SSLConfigService* ProfileImpl::GetSSLConfigService() { + return ssl_config_service_manager_->Get(); +} + Blacklist* ProfileImpl::GetBlacklist() { return blacklist_; } diff --git a/chrome/browser/profile.h b/chrome/browser/profile.h index 318c6e2..bc541d7 100644 --- a/chrome/browser/profile.h +++ b/chrome/browser/profile.h @@ -20,6 +20,7 @@ namespace net { class ForceTLSState; +class SSLConfigService; } class Blacklist; class BookmarkModel; @@ -37,6 +38,7 @@ class PrefService; class ProfileSyncService; class SessionService; class SpellChecker; +class SSLConfigServiceManager; class SSLHostState; class SQLitePersistentCookieStore; class TabRestoreService; @@ -223,6 +225,9 @@ class Profile { // is only used for a separate cookie store currently. virtual URLRequestContext* GetRequestContextForExtensions() = 0; + // Returns the SSLConfigService for this profile. + virtual net::SSLConfigService* GetSSLConfigService() = 0; + // Returns the Privacy Blaclist for this profile. virtual Blacklist* GetBlacklist() = 0; @@ -360,6 +365,7 @@ class ProfileImpl : public Profile, virtual URLRequestContext* GetRequestContext(); virtual URLRequestContext* GetRequestContextForMedia(); virtual URLRequestContext* GetRequestContextForExtensions(); + virtual net::SSLConfigService* GetSSLConfigService(); virtual Blacklist* GetBlacklist(); virtual SessionService* GetSessionService(); virtual void ShutdownSessionService(); @@ -442,6 +448,8 @@ class ProfileImpl : public Profile, ChromeURLRequestContext* extensions_request_context_; + scoped_ptr<SSLConfigServiceManager> ssl_config_service_manager_; + Blacklist* blacklist_; scoped_refptr<DownloadManager> download_manager_; diff --git a/chrome/browser/sync/glue/http_bridge.cc b/chrome/browser/sync/glue/http_bridge.cc index afbbc97..ff613e2c 100644 --- a/chrome/browser/sync/glue/http_bridge.cc +++ b/chrome/browser/sync/glue/http_bridge.cc @@ -58,8 +58,10 @@ HttpBridge::RequestContext::RequestContext( // We don't use a cache for bridged loads, but we do want to share proxy info. host_resolver_ = baseline_context->host_resolver(); proxy_service_ = baseline_context->proxy_service(); + ssl_config_service_ = baseline_context->ssl_config_service(); http_transaction_factory_ = - net::HttpNetworkLayer::CreateFactory(host_resolver_, proxy_service_); + net::HttpNetworkLayer::CreateFactory(host_resolver_, proxy_service_, + ssl_config_service_); // TODO(timsteele): We don't currently listen for pref changes of these // fields or CookiePolicy; I'm not sure we want to strictly follow the diff --git a/chrome/browser/views/options/advanced_contents_view.cc b/chrome/browser/views/options/advanced_contents_view.cc index 134b5c1..d398915 100644 --- a/chrome/browser/views/options/advanced_contents_view.cc +++ b/chrome/browser/views/options/advanced_contents_view.cc @@ -39,7 +39,7 @@ #include "grit/chromium_strings.h" #include "grit/generated_resources.h" #include "grit/locale_settings.h" -#include "net/base/ssl_config_service.h" +#include "net/base/ssl_config_service_win.h" #include "net/base/cookie_policy.h" #include "skia/ext/skia_utils_win.h" #include "third_party/skia/include/core/SkBitmap.h" @@ -889,7 +889,7 @@ void SecuritySection::ButtonPressed(views::Button* sender) { } else { UserMetricsRecordAction(L"Options_SSL2_Disable", NULL); } - net::SSLConfigService::SetSSL2Enabled(enabled); + net::SSLConfigServiceWin::SetSSL2Enabled(enabled); } else if (sender == check_for_cert_revocation_checkbox_) { bool enabled = check_for_cert_revocation_checkbox_->checked(); if (enabled) { @@ -897,7 +897,7 @@ void SecuritySection::ButtonPressed(views::Button* sender) { } else { UserMetricsRecordAction(L"Options_CheckCertRevocation_Disable", NULL); } - net::SSLConfigService::SetRevCheckingEnabled(enabled); + net::SSLConfigServiceWin::SetRevCheckingEnabled(enabled); } else if (sender == manage_certificates_button_) { UserMetricsRecordAction(L"Options_ManagerCerts", NULL); CRYPTUI_CERT_MGR_STRUCT cert_mgr = { 0 }; @@ -955,7 +955,7 @@ void SecuritySection::NotifyPrefChanged(const std::wstring* pref_name) { // These SSL options are system settings and stored in the OS. if (!pref_name) { net::SSLConfig config; - if (net::SSLConfigService::GetSSLConfigNow(&config)) { + if (net::SSLConfigServiceWin::GetSSLConfigNow(&config)) { enable_ssl2_checkbox_->SetChecked(config.ssl2_enabled); check_for_cert_revocation_checkbox_->SetChecked( config.rev_checking_enabled); diff --git a/chrome/chrome.gyp b/chrome/chrome.gyp index d6d6e9f..f73c1bc 100644 --- a/chrome/chrome.gyp +++ b/chrome/chrome.gyp @@ -1425,6 +1425,8 @@ 'browser/net/resolve_proxy_msg_helper.h', 'browser/net/sdch_dictionary_fetcher.cc', 'browser/net/sdch_dictionary_fetcher.h', + 'browser/net/ssl_config_service_manager.h', + 'browser/net/ssl_config_service_manager_win.cc', 'browser/net/url_fetcher.cc', 'browser/net/url_fetcher.h', 'browser/net/url_fetcher_protect.cc', @@ -2070,6 +2072,9 @@ 'browser/password_manager/password_store_win.cc', 'browser/password_manager/password_store_win.h', ], + 'sources': [ + 'browser/net/ssl_config_service_manager_pref.cc', + ], 'conditions': [ ['linux_breakpad==1', { 'sources': [ @@ -2125,6 +2130,7 @@ 'browser/views/extensions/extension_view.h', ], 'sources': [ + 'browser/net/ssl_config_service_manager_defaults.cc', # Build the necessary GTM sources '../third_party/GTM/AppKit/GTMNSBezierPath+RoundRect.m', '../third_party/GTM/AppKit/GTMNSColor+Luminance.m', diff --git a/chrome/common/pref_names.cc b/chrome/common/pref_names.cc index bf6af12..29490f6 100644 --- a/chrome/common/pref_names.cc +++ b/chrome/common/pref_names.cc @@ -193,6 +193,16 @@ const wchar_t kDnsStartupPrefetchList[] = L"StartupDNSPrefetchList"; // This list is adaptively grown and pruned. extern const wchar_t kDnsHostReferralList[] = L"HostReferralList"; +#if defined(OS_LINUX) +// Prefs for SSLConfigServicePref. Currently, these are only present on +// and used by Linux. +extern const wchar_t kCertRevocationCheckingEnabled[] = + L"ssl.rev_checking.enabled"; +extern const wchar_t kSSL2Enabled[] = L"ssl.ssl2.enabled"; +extern const wchar_t kSSL3Enabled[] = L"ssl.ssl3.enabled"; +extern const wchar_t kTLS1Enabled[] = L"ssl.tls1.enabled"; +#endif + // The disabled messages in IPC logging. const wchar_t kIpcDisabledMessages[] = L"ipc_log_disabled_messages"; diff --git a/chrome/common/pref_names.h b/chrome/common/pref_names.h index be1403e..91fcd16 100644 --- a/chrome/common/pref_names.h +++ b/chrome/common/pref_names.h @@ -65,6 +65,12 @@ extern const wchar_t kAlternateErrorPagesEnabled[]; extern const wchar_t kDnsPrefetchingEnabled[]; extern const wchar_t kDnsStartupPrefetchList[]; extern const wchar_t kDnsHostReferralList[]; +#if defined(OS_LINUX) +extern const wchar_t kCertRevocationCheckingEnabled[]; +extern const wchar_t kSSL2Enabled[]; +extern const wchar_t kSSL3Enabled[]; +extern const wchar_t kTLS1Enabled[]; +#endif extern const wchar_t kIpcDisabledMessages[]; extern const wchar_t kShowHomeButton[]; extern const wchar_t kShowPageOptionsButtons[]; diff --git a/chrome/test/testing_profile.h b/chrome/test/testing_profile.h index bfd0249..eb58bf4 100644 --- a/chrome/test/testing_profile.h +++ b/chrome/test/testing_profile.h @@ -153,6 +153,9 @@ class TestingProfile : public Profile { virtual URLRequestContext* GetRequestContextForExtensions() { return NULL; } + virtual net::SSLConfigService* GetSSLConfigService() { + return NULL; + } virtual Blacklist* GetBlacklist() { return NULL; } diff --git a/net/base/ssl_config_service.h b/net/base/ssl_config_service.h index 5354b3e..7bfd08b 100644 --- a/net/base/ssl_config_service.h +++ b/net/base/ssl_config_service.h @@ -7,7 +7,7 @@ #include <vector> -#include "base/time.h" +#include "base/ref_counted.h" #include "net/base/x509_certificate.h" namespace net { @@ -60,45 +60,16 @@ struct SSLConfig { scoped_refptr<X509Certificate> client_cert; }; -// This class is responsible for getting and setting the SSL configuration. -// -// We think the SSL configuration settings should apply to all applications -// used by the user. We consider IE's Internet Options as the de facto -// system-wide network configuration settings, so we just use the values -// from IE's Internet Settings registry key. -class SSLConfigService { +// The interface for retrieving the system SSL configuration. This interface +// does not cover setting the SSL configuration, as on some systems, the +// SSLConfigService objects may not have direct access to the configuration, or +// live longer than the configuration preferences. +class SSLConfigService : public base::RefCountedThreadSafe<SSLConfigService> { public: - SSLConfigService(); - explicit SSLConfigService(base::TimeTicks now); // Used for testing. - ~SSLConfigService() { } - - // Get the current SSL configuration settings. Can be called on any - // thread. - static bool GetSSLConfigNow(SSLConfig* config); - - // Setters. Can be called on any thread. - static void SetRevCheckingEnabled(bool enabled); - static void SetSSL2Enabled(bool enabled); - - // Get the (cached) SSL configuration settings that are fresh within 10 - // seconds. This is cheaper than GetSSLConfigNow and is suitable when - // we don't need the absolutely current configuration settings. This - // method is not thread-safe, so it must be called on the same thread. - void GetSSLConfig(SSLConfig* config) { - GetSSLConfigAt(config, base::TimeTicks::Now()); - } - - // Used for testing. - void GetSSLConfigAt(SSLConfig* config, base::TimeTicks now); - - private: - void UpdateConfig(base::TimeTicks now); - - // We store the IE SSL config and the time that we fetched it. - SSLConfig config_info_; - base::TimeTicks config_time_; + virtual ~SSLConfigService() {} - DISALLOW_EVIL_CONSTRUCTORS(SSLConfigService); + // May not be thread-safe, should only be called on the IO thread. + virtual void GetSSLConfig(SSLConfig* config) = 0; }; } // namespace net diff --git a/net/base/ssl_config_service_defaults.h b/net/base/ssl_config_service_defaults.h new file mode 100644 index 0000000..9360020 --- /dev/null +++ b/net/base/ssl_config_service_defaults.h @@ -0,0 +1,34 @@ +// Copyright (c) 2009 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef NET_BASE_SSL_CONFIG_SERVICE_DEFAULTS_H_ +#define NET_BASE_SSL_CONFIG_SERVICE_DEFAULTS_H_ + +#include "net/base/ssl_config_service.h" + +namespace net { + +// This SSLConfigService always returns the default SSLConfig settings. It is +// mainly useful for unittests, or for platforms that do not have a native +// implementation of SSLConfigService yet. +class SSLConfigServiceDefaults : public SSLConfigService { + public: + SSLConfigServiceDefaults() {} + virtual ~SSLConfigServiceDefaults() {} + + // Store default SSL config settings in |config|. + virtual void GetSSLConfig(SSLConfig* config) { + *config = default_config_; + } + + private: + // Default value of prefs. + const SSLConfig default_config_; + + DISALLOW_COPY_AND_ASSIGN(SSLConfigServiceDefaults); +}; + +} // namespace net + +#endif // NET_BASE_SSL_CONFIG_SERVICE_DEFAULTS_H_ diff --git a/net/base/ssl_config_service.cc b/net/base/ssl_config_service_win.cc index 46421b0..dcb9b89 100644 --- a/net/base/ssl_config_service.cc +++ b/net/base/ssl_config_service_win.cc @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "net/base/ssl_config_service.h" +#include "net/base/ssl_config_service_win.h" #include "base/registry.h" @@ -40,22 +40,24 @@ enum { PROTOCOLS_DEFAULT = SSL3 | TLS1 }; -SSLConfigService::SSLConfigService() { - UpdateConfig(TimeTicks::Now()); +SSLConfigServiceWin::SSLConfigServiceWin() : ever_updated_(false) { + // We defer retrieving the settings until the first call to GetSSLConfig, to + // avoid a blocking call on the UI thread. } -SSLConfigService::SSLConfigService(TimeTicks now) { +SSLConfigServiceWin::SSLConfigServiceWin(TimeTicks now) : ever_updated_(false) { UpdateConfig(now); } -void SSLConfigService::GetSSLConfigAt(SSLConfig* config, TimeTicks now) { - if (now - config_time_ > TimeDelta::FromSeconds(kConfigUpdateInterval)) +void SSLConfigServiceWin::GetSSLConfigAt(SSLConfig* config, TimeTicks now) { + if (!ever_updated_ || + now - config_time_ > TimeDelta::FromSeconds(kConfigUpdateInterval)) UpdateConfig(now); *config = config_info_; } // static -bool SSLConfigService::GetSSLConfigNow(SSLConfig* config) { +bool SSLConfigServiceWin::GetSSLConfigNow(SSLConfig* config) { RegKey internet_settings; if (!internet_settings.Open(HKEY_CURRENT_USER, kInternetSettingsSubKeyName, KEY_READ)) @@ -78,15 +80,17 @@ bool SSLConfigService::GetSSLConfigNow(SSLConfig* config) { } // static -void SSLConfigService::SetRevCheckingEnabled(bool enabled) { +void SSLConfigServiceWin::SetRevCheckingEnabled(bool enabled) { DWORD value = enabled; RegKey internet_settings(HKEY_CURRENT_USER, kInternetSettingsSubKeyName, KEY_WRITE); internet_settings.WriteValue(kRevocationValueName, value); + // TODO(mattm): We should call UpdateConfig after updating settings, but these + // methods are static. } // static -void SSLConfigService::SetSSL2Enabled(bool enabled) { +void SSLConfigServiceWin::SetSSL2Enabled(bool enabled) { RegKey internet_settings(HKEY_CURRENT_USER, kInternetSettingsSubKeyName, KEY_READ | KEY_WRITE); DWORD value; @@ -97,11 +101,14 @@ void SSLConfigService::SetSSL2Enabled(bool enabled) { else value &= ~SSL2; internet_settings.WriteValue(kProtocolsValueName, value); + // TODO(mattm): We should call UpdateConfig after updating settings, but these + // methods are static. } -void SSLConfigService::UpdateConfig(TimeTicks now) { +void SSLConfigServiceWin::UpdateConfig(TimeTicks now) { GetSSLConfigNow(&config_info_); config_time_ = now; + ever_updated_ = true; } } // namespace net diff --git a/net/base/ssl_config_service_win.h b/net/base/ssl_config_service_win.h new file mode 100644 index 0000000..ef3346e --- /dev/null +++ b/net/base/ssl_config_service_win.h @@ -0,0 +1,60 @@ +// Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef NET_BASE_SSL_CONFIG_SERVICE_WIN_H_ +#define NET_BASE_SSL_CONFIG_SERVICE_WIN_H_ + +#include <set> + +#include "base/time.h" +#include "net/base/ssl_config_service.h" + +namespace net { + +// This class is responsible for getting and setting the SSL configuration on +// Windows. +// +// We think the SSL configuration settings should apply to all applications +// used by the user. We consider IE's Internet Options as the de facto +// system-wide network configuration settings, so we just use the values +// from IE's Internet Settings registry key. +class SSLConfigServiceWin : public SSLConfigService { + public: + SSLConfigServiceWin(); + explicit SSLConfigServiceWin(base::TimeTicks now); // Used for testing. + virtual ~SSLConfigServiceWin() {} + + // Get the current SSL configuration settings. Can be called on any + // thread. + static bool GetSSLConfigNow(SSLConfig* config); + + // Setters. Can be called on any thread. + static void SetRevCheckingEnabled(bool enabled); + static void SetSSL2Enabled(bool enabled); + + // Get the (cached) SSL configuration settings that are fresh within 10 + // seconds. This is cheaper than GetSSLConfigNow and is suitable when + // we don't need the absolutely current configuration settings. This + // method is not thread-safe, so it must be called on the same thread. + void GetSSLConfig(SSLConfig* config) { + GetSSLConfigAt(config, base::TimeTicks::Now()); + } + + // Used for testing. + void GetSSLConfigAt(SSLConfig* config, base::TimeTicks now); + + private: + void UpdateConfig(base::TimeTicks now); + + // We store the IE SSL config and the time that we fetched it. + SSLConfig config_info_; + base::TimeTicks config_time_; + bool ever_updated_; + + DISALLOW_EVIL_CONSTRUCTORS(SSLConfigServiceWin); +}; + +} // namespace net + +#endif // NET_BASE_SSL_CONFIG_SERVICE_WIN_H_ diff --git a/net/base/ssl_config_service_unittest.cc b/net/base/ssl_config_service_win_unittest.cc index 8f61fe0..4cf508e 100644 --- a/net/base/ssl_config_service_unittest.cc +++ b/net/base/ssl_config_service_win_unittest.cc @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "net/base/ssl_config_service.h" +#include "net/base/ssl_config_service_win.h" #include "testing/gtest/include/gtest/gtest.h" using base::TimeDelta; @@ -10,12 +10,12 @@ using base::TimeTicks; namespace { -class SSLConfigServiceTest : public testing::Test { +class SSLConfigServiceWinTest : public testing::Test { }; } // namespace -TEST(SSLConfigServiceTest, GetNowTest) { +TEST(SSLConfigServiceWinTest, GetNowTest) { // Verify that the constructor sets the correct default values. net::SSLConfig config; EXPECT_EQ(false, config.rev_checking_enabled); @@ -23,64 +23,67 @@ TEST(SSLConfigServiceTest, GetNowTest) { EXPECT_EQ(true, config.ssl3_enabled); EXPECT_EQ(true, config.tls1_enabled); - bool rv = net::SSLConfigService::GetSSLConfigNow(&config); + bool rv = net::SSLConfigServiceWin::GetSSLConfigNow(&config); EXPECT_TRUE(rv); } -TEST(SSLConfigServiceTest, SetTest) { +TEST(SSLConfigServiceWinTest, SetTest) { // Save the current settings so we can restore them after the tests. net::SSLConfig config_save; - bool rv = net::SSLConfigService::GetSSLConfigNow(&config_save); + bool rv = net::SSLConfigServiceWin::GetSSLConfigNow(&config_save); EXPECT_TRUE(rv); net::SSLConfig config; // Test SetRevCheckingEnabled. - net::SSLConfigService::SetRevCheckingEnabled(true); - rv = net::SSLConfigService::GetSSLConfigNow(&config); + net::SSLConfigServiceWin::SetRevCheckingEnabled(true); + rv = net::SSLConfigServiceWin::GetSSLConfigNow(&config); EXPECT_TRUE(rv); EXPECT_TRUE(config.rev_checking_enabled); - net::SSLConfigService::SetRevCheckingEnabled(false); - rv = net::SSLConfigService::GetSSLConfigNow(&config); + net::SSLConfigServiceWin::SetRevCheckingEnabled(false); + rv = net::SSLConfigServiceWin::GetSSLConfigNow(&config); EXPECT_TRUE(rv); EXPECT_FALSE(config.rev_checking_enabled); - net::SSLConfigService::SetRevCheckingEnabled( + net::SSLConfigServiceWin::SetRevCheckingEnabled( config_save.rev_checking_enabled); // Test SetSSL2Enabled. - net::SSLConfigService::SetSSL2Enabled(true); - rv = net::SSLConfigService::GetSSLConfigNow(&config); + net::SSLConfigServiceWin::SetSSL2Enabled(true); + rv = net::SSLConfigServiceWin::GetSSLConfigNow(&config); EXPECT_TRUE(rv); EXPECT_TRUE(config.ssl2_enabled); - net::SSLConfigService::SetSSL2Enabled(false); - rv = net::SSLConfigService::GetSSLConfigNow(&config); + net::SSLConfigServiceWin::SetSSL2Enabled(false); + rv = net::SSLConfigServiceWin::GetSSLConfigNow(&config); EXPECT_TRUE(rv); EXPECT_FALSE(config.ssl2_enabled); - net::SSLConfigService::SetSSL2Enabled(config_save.ssl2_enabled); + net::SSLConfigServiceWin::SetSSL2Enabled(config_save.ssl2_enabled); } -TEST(SSLConfigServiceTest, GetTest) { +TEST(SSLConfigServiceWinTest, GetTest) { TimeTicks now = TimeTicks::Now(); TimeTicks now_1 = now + TimeDelta::FromSeconds(1); TimeTicks now_11 = now + TimeDelta::FromSeconds(11); net::SSLConfig config, config_1, config_11; - net::SSLConfigService config_service(now); - config_service.GetSSLConfigAt(&config, now); + scoped_refptr<net::SSLConfigServiceWin> config_service( + new net::SSLConfigServiceWin(now)); + config_service->GetSSLConfigAt(&config, now); // Flip rev_checking_enabled. - net::SSLConfigService::SetRevCheckingEnabled(!config.rev_checking_enabled); + net::SSLConfigServiceWin::SetRevCheckingEnabled( + !config.rev_checking_enabled); - config_service.GetSSLConfigAt(&config_1, now_1); + config_service->GetSSLConfigAt(&config_1, now_1); EXPECT_EQ(config.rev_checking_enabled, config_1.rev_checking_enabled); - config_service.GetSSLConfigAt(&config_11, now_11); + config_service->GetSSLConfigAt(&config_11, now_11); EXPECT_EQ(!config.rev_checking_enabled, config_11.rev_checking_enabled); // Restore the original value. - net::SSLConfigService::SetRevCheckingEnabled(config.rev_checking_enabled); + net::SSLConfigServiceWin::SetRevCheckingEnabled( + config.rev_checking_enabled); } diff --git a/net/http/http_cache.cc b/net/http/http_cache.cc index 4d9802a..1299111 100644 --- a/net/http/http_cache.cc +++ b/net/http/http_cache.cc @@ -1505,13 +1505,14 @@ int HttpCache::Transaction::DoPartialCacheReadCompleted(int result) { HttpCache::HttpCache(HostResolver* host_resolver, ProxyService* proxy_service, + SSLConfigService* ssl_config_service, const std::wstring& cache_dir, int cache_size) : disk_cache_dir_(cache_dir), mode_(NORMAL), type_(DISK_CACHE), network_layer_(HttpNetworkLayer::CreateFactory( - host_resolver, proxy_service)), + host_resolver, proxy_service, ssl_config_service)), ALLOW_THIS_IN_INITIALIZER_LIST(task_factory_(this)), in_memory_cache_(false), deleted_(false), @@ -1533,11 +1534,12 @@ HttpCache::HttpCache(HttpNetworkSession* session, HttpCache::HttpCache(HostResolver* host_resolver, ProxyService* proxy_service, + SSLConfigService* ssl_config_service, int cache_size) : mode_(NORMAL), type_(MEMORY_CACHE), network_layer_(HttpNetworkLayer::CreateFactory( - host_resolver, proxy_service)), + host_resolver, proxy_service, ssl_config_service)), ALLOW_THIS_IN_INITIALIZER_LIST(task_factory_(this)), in_memory_cache_(true), deleted_(false), diff --git a/net/http/http_cache.h b/net/http/http_cache.h index 1a76180..19c4331 100644 --- a/net/http/http_cache.h +++ b/net/http/http_cache.h @@ -36,6 +36,7 @@ class HttpNetworkSession; class HttpRequestInfo; class HttpResponseInfo; class ProxyService; +class SSLConfigService; class HttpCache : public HttpTransactionFactory { public: @@ -60,6 +61,7 @@ class HttpCache : public HttpTransactionFactory { // |cache_size| is zero, a default value will be calculated automatically. HttpCache(HostResolver* host_resolver, ProxyService* proxy_service, + SSLConfigService* ssl_config_service, const std::wstring& cache_dir, int cache_size); @@ -77,6 +79,7 @@ class HttpCache : public HttpTransactionFactory { // value will be calculated automatically. HttpCache(HostResolver* host_resolver, ProxyService* proxy_service, + SSLConfigService* ssl_config_service, int cache_size); // Initialize the cache from its component parts, which is useful for diff --git a/net/http/http_network_layer.cc b/net/http/http_network_layer.cc index 7f5c142..87969ba 100644 --- a/net/http/http_network_layer.cc +++ b/net/http/http_network_layer.cc @@ -16,11 +16,12 @@ namespace net { // static HttpTransactionFactory* HttpNetworkLayer::CreateFactory( HostResolver* host_resolver, - ProxyService* proxy_service) { + ProxyService* proxy_service, + SSLConfigService* ssl_config_service) { DCHECK(proxy_service); return new HttpNetworkLayer(ClientSocketFactory::GetDefaultFactory(), - host_resolver, proxy_service); + host_resolver, proxy_service, ssl_config_service); } // static @@ -35,17 +36,21 @@ HttpTransactionFactory* HttpNetworkLayer::CreateFactory( HttpNetworkLayer::HttpNetworkLayer(ClientSocketFactory* socket_factory, HostResolver* host_resolver, - ProxyService* proxy_service) + ProxyService* proxy_service, + SSLConfigService* ssl_config_service) : socket_factory_(socket_factory), host_resolver_(host_resolver), proxy_service_(proxy_service), + ssl_config_service_(ssl_config_service), session_(NULL), suspended_(false) { DCHECK(proxy_service_); + DCHECK(ssl_config_service_.get()); } HttpNetworkLayer::HttpNetworkLayer(HttpNetworkSession* session) : socket_factory_(ClientSocketFactory::GetDefaultFactory()), + ssl_config_service_(NULL), session_(session), suspended_(false) { DCHECK(session_.get()); @@ -76,7 +81,7 @@ HttpNetworkSession* HttpNetworkLayer::GetSession() { if (!session_) { DCHECK(proxy_service_); session_ = new HttpNetworkSession(host_resolver_, proxy_service_, - socket_factory_); + socket_factory_, ssl_config_service_); // These were just temps for lazy-initializing HttpNetworkSession. host_resolver_ = NULL; proxy_service_ = NULL; diff --git a/net/http/http_network_layer.h b/net/http/http_network_layer.h index bd3cb68..c920ce1 100644 --- a/net/http/http_network_layer.h +++ b/net/http/http_network_layer.h @@ -16,13 +16,15 @@ class HostResolver; class HttpNetworkSession; class ProxyInfo; class ProxyService; +class SSLConfigService; class HttpNetworkLayer : public HttpTransactionFactory { public: // |socket_factory|, |proxy_service| and |host_resolver| must remain valid // for the lifetime of HttpNetworkLayer. HttpNetworkLayer(ClientSocketFactory* socket_factory, - HostResolver* host_resolver, ProxyService* proxy_service); + HostResolver* host_resolver, ProxyService* proxy_service, + SSLConfigService* ssl_config_service); // Construct a HttpNetworkLayer with an existing HttpNetworkSession which // contains a valid ProxyService. explicit HttpNetworkLayer(HttpNetworkSession* session); @@ -30,8 +32,10 @@ class HttpNetworkLayer : public HttpTransactionFactory { // This function hides the details of how a network layer gets instantiated // and allows other implementations to be substituted. - static HttpTransactionFactory* CreateFactory(HostResolver* host_resolver, - ProxyService* proxy_service); + static HttpTransactionFactory* CreateFactory( + HostResolver* host_resolver, + ProxyService* proxy_service, + SSLConfigService* ssl_config_service); // Create a transaction factory that instantiate a network layer over an // existing network session. Network session contains some valuable // information (e.g. authentication data) that we want to share across @@ -56,6 +60,9 @@ class HttpNetworkLayer : public HttpTransactionFactory { scoped_refptr<HostResolver> host_resolver_; scoped_refptr<ProxyService> proxy_service_; + // The SSL config service being used for the session. + scoped_refptr<SSLConfigService> ssl_config_service_; + scoped_refptr<HttpNetworkSession> session_; bool suspended_; }; diff --git a/net/http/http_network_layer_unittest.cc b/net/http/http_network_layer_unittest.cc index 0d32335..73d83ec 100644 --- a/net/http/http_network_layer_unittest.cc +++ b/net/http/http_network_layer_unittest.cc @@ -3,6 +3,7 @@ // found in the LICENSE file. #include "net/base/mock_host_resolver.h" +#include "net/base/ssl_config_service_defaults.h" #include "net/http/http_network_layer.h" #include "net/http/http_transaction_unittest.h" #include "net/proxy/proxy_service.h" @@ -15,14 +16,16 @@ class HttpNetworkLayerTest : public PlatformTest { TEST_F(HttpNetworkLayerTest, CreateAndDestroy) { net::HttpNetworkLayer factory( - NULL, new net::MockHostResolver, net::ProxyService::CreateNull()); + NULL, new net::MockHostResolver, net::ProxyService::CreateNull(), + new net::SSLConfigServiceDefaults); scoped_ptr<net::HttpTransaction> trans(factory.CreateTransaction()); } TEST_F(HttpNetworkLayerTest, Suspend) { net::HttpNetworkLayer factory( - NULL, new net::MockHostResolver, net::ProxyService::CreateNull()); + NULL, new net::MockHostResolver, net::ProxyService::CreateNull(), + new net::SSLConfigServiceDefaults); scoped_ptr<net::HttpTransaction> trans(factory.CreateTransaction()); trans.reset(); @@ -54,7 +57,8 @@ TEST_F(HttpNetworkLayerTest, GET) { mock_socket_factory.AddMockSocket(&data); net::HttpNetworkLayer factory(&mock_socket_factory, new net::MockHostResolver, - net::ProxyService::CreateNull()); + net::ProxyService::CreateNull(), + new net::SSLConfigServiceDefaults); TestCompletionCallback callback; diff --git a/net/http/http_network_session.cc b/net/http/http_network_session.cc index b7d32c2..8525e51 100644 --- a/net/http/http_network_session.cc +++ b/net/http/http_network_session.cc @@ -17,13 +17,16 @@ int HttpNetworkSession::max_sockets_per_group_ = 6; HttpNetworkSession::HttpNetworkSession( HostResolver* host_resolver, ProxyService* proxy_service, - ClientSocketFactory* client_socket_factory) + ClientSocketFactory* client_socket_factory, + SSLConfigService* ssl_config_service) : tcp_socket_pool_(new TCPClientSocketPool( max_sockets_, max_sockets_per_group_, host_resolver, client_socket_factory)), host_resolver_(host_resolver), - proxy_service_(proxy_service) { + proxy_service_(proxy_service), + ssl_config_service_(ssl_config_service) { DCHECK(proxy_service); + DCHECK(ssl_config_service); } // static diff --git a/net/http/http_network_session.h b/net/http/http_network_session.h index b6327c6..94555ef 100644 --- a/net/http/http_network_session.h +++ b/net/http/http_network_session.h @@ -21,7 +21,8 @@ class ClientSocketFactory; class HttpNetworkSession : public base::RefCounted<HttpNetworkSession> { public: HttpNetworkSession(HostResolver* host_resolver, ProxyService* proxy_service, - ClientSocketFactory* client_socket_factory); + ClientSocketFactory* client_socket_factory, + SSLConfigService* ssl_config_service); HttpAuthCache* auth_cache() { return &auth_cache_; } SSLClientAuthCache* ssl_client_auth_cache() { @@ -31,9 +32,7 @@ class HttpNetworkSession : public base::RefCounted<HttpNetworkSession> { TCPClientSocketPool* tcp_socket_pool() { return tcp_socket_pool_; } HostResolver* host_resolver() { return host_resolver_; } ProxyService* proxy_service() { return proxy_service_; } -#if defined(OS_WIN) - SSLConfigService* ssl_config_service() { return &ssl_config_service_; } -#endif + SSLConfigService* ssl_config_service() { return ssl_config_service_; } static void set_max_sockets_per_group(int socket_count); @@ -53,10 +52,7 @@ class HttpNetworkSession : public base::RefCounted<HttpNetworkSession> { scoped_refptr<TCPClientSocketPool> tcp_socket_pool_; scoped_refptr<HostResolver> host_resolver_; scoped_refptr<ProxyService> proxy_service_; -#if defined(OS_WIN) - // TODO(port): Port the SSLConfigService class to Linux and Mac OS X. - SSLConfigService ssl_config_service_; -#endif + scoped_refptr<SSLConfigService> ssl_config_service_; }; } // namespace net diff --git a/net/http/http_network_transaction.cc b/net/http/http_network_transaction.cc index 7d2e6da..79be223 100644 --- a/net/http/http_network_transaction.cc +++ b/net/http/http_network_transaction.cc @@ -155,10 +155,7 @@ HttpNetworkTransaction::HttpNetworkTransaction(HttpNetworkSession* session, response_body_read_(0), read_buf_len_(0), next_state_(STATE_NONE) { -#if defined(OS_WIN) - // TODO(port): Port the SSLConfigService class to Linux and Mac OS X. session->ssl_config_service()->GetSSLConfig(&ssl_config_); -#endif } int HttpNetworkTransaction::Start(const HttpRequestInfo* request_info, diff --git a/net/http/http_network_transaction_unittest.cc b/net/http/http_network_transaction_unittest.cc index 164450e..d19df2c 100644 --- a/net/http/http_network_transaction_unittest.cc +++ b/net/http/http_network_transaction_unittest.cc @@ -7,6 +7,7 @@ #include "base/compiler_specific.h" #include "net/base/completion_callback.h" #include "net/base/mock_host_resolver.h" +#include "net/base/ssl_config_service_defaults.h" #include "net/base/ssl_info.h" #include "net/base/test_completion_callback.h" #include "net/base/upload_data.h" @@ -35,15 +36,20 @@ ProxyService* CreateNullProxyService() { class SessionDependencies { public: // Default set of dependencies -- "null" proxy service. - SessionDependencies() : host_resolver(new MockHostResolver), - proxy_service(CreateNullProxyService()) {} + SessionDependencies() + : host_resolver(new MockHostResolver), + proxy_service(CreateNullProxyService()), + ssl_config_service(new SSLConfigServiceDefaults) {} // Custom proxy service dependency. explicit SessionDependencies(ProxyService* proxy_service) - : host_resolver(new MockHostResolver), proxy_service(proxy_service) {} + : host_resolver(new MockHostResolver), + proxy_service(proxy_service), + ssl_config_service(new SSLConfigServiceDefaults) {} scoped_refptr<MockHostResolverBase> host_resolver; scoped_refptr<ProxyService> proxy_service; + scoped_refptr<SSLConfigService> ssl_config_service; MockClientSocketFactory socket_factory; }; @@ -57,7 +63,8 @@ ProxyService* CreateFixedProxyService(const std::string& proxy) { HttpNetworkSession* CreateSession(SessionDependencies* session_deps) { return new HttpNetworkSession(session_deps->host_resolver, session_deps->proxy_service, - &session_deps->socket_factory); + &session_deps->socket_factory, + session_deps->ssl_config_service); } class HttpNetworkTransactionTest : public PlatformTest { diff --git a/net/net.gyp b/net/net.gyp index 0680f4c..b373722 100644 --- a/net/net.gyp +++ b/net/net.gyp @@ -121,8 +121,10 @@ 'base/ssl_cert_request_info.h', 'base/ssl_client_auth_cache.cc', 'base/ssl_client_auth_cache.h', - 'base/ssl_config_service.cc', 'base/ssl_config_service.h', + 'base/ssl_config_service_defaults.h', + 'base/ssl_config_service_win.cc', + 'base/ssl_config_service_win.h', 'base/ssl_info.h', 'base/telnet_server.cc', 'base/telnet_server.h', @@ -390,7 +392,6 @@ }, { # else: OS != "win" 'sources!': [ - 'base/ssl_config_service.cc', 'base/wininet_util.cc', 'base/winsock_init.cc', 'proxy/proxy_resolver_winhttp.cc', @@ -471,7 +472,7 @@ 'base/run_all_unittests.cc', 'base/sdch_filter_unittest.cc', 'base/ssl_client_auth_cache_unittest.cc', - 'base/ssl_config_service_unittest.cc', + 'base/ssl_config_service_win_unittest.cc', 'base/telnet_server_unittest.cc', 'base/test_completion_callback_unittest.cc', 'base/wininet_util_unittest.cc', @@ -543,15 +544,11 @@ ], 'sources!': [ 'base/sdch_filter_unittest.cc', - 'base/ssl_config_service_unittest.cc', ], }, ], [ 'OS == "mac"', { 'sources/': [ ['exclude', '_(linux|win)_unittest\\.cc$'] ], - 'sources!': [ - 'base/ssl_config_service_unittest.cc', - ], }, ], # This is needed to trigger the dll copy step on windows. diff --git a/net/proxy/proxy_script_fetcher_unittest.cc b/net/proxy/proxy_script_fetcher_unittest.cc index d421438..e56e4a8 100644 --- a/net/proxy/proxy_script_fetcher_unittest.cc +++ b/net/proxy/proxy_script_fetcher_unittest.cc @@ -8,6 +8,7 @@ #include "base/compiler_specific.h" #include "base/path_service.h" #include "net/base/net_util.h" +#include "net/base/ssl_config_service_defaults.h" #include "net/disk_cache/disk_cache.h" #include "net/http/http_cache.h" #include "net/url_request/url_request_unittest.h" @@ -32,10 +33,11 @@ class RequestContext : public URLRequestContext { net::ProxyConfig no_proxy; host_resolver_ = net::CreateSystemHostResolver(); proxy_service_ = net::ProxyService::CreateFixed(no_proxy); + ssl_config_service_ = new net::SSLConfigServiceDefaults; http_transaction_factory_ = new net::HttpCache(net::HttpNetworkLayer::CreateFactory( - host_resolver_, proxy_service_), + host_resolver_, proxy_service_, ssl_config_service_), disk_cache::CreateInMemoryCacheBackend(0)); } ~RequestContext() { diff --git a/net/tools/fetch/fetch_client.cc b/net/tools/fetch/fetch_client.cc index 0031ff4..f8b89df 100644 --- a/net/tools/fetch/fetch_client.cc +++ b/net/tools/fetch/fetch_client.cc @@ -2,6 +2,8 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. +#include "build/build_config.h" + #include "base/at_exit.h" #include "base/command_line.h" #include "base/message_loop.h" @@ -12,6 +14,11 @@ #include "net/base/host_resolver.h" #include "net/base/io_buffer.h" #include "net/base/net_errors.h" +#if defined(OS_WIN) +#include "net/base/ssl_config_service_win.h" +#else +#include "net/base/ssl_config_service_defaults.h" +#endif #include "net/http/http_cache.h" #include "net/http/http_network_layer.h" #include "net/http/http_request_info.h" @@ -132,13 +139,21 @@ int main(int argc, char**argv) { net::CreateSystemHostResolver()); scoped_refptr<net::ProxyService> proxy_service(net::ProxyService::CreateNull()); +#if defined(OS_WIN) + scoped_refptr<net::SSLConfigService> ssl_config_service( + new net::SSLConfigServiceWin); +#else + scoped_refptr<net::SSLConfigService> ssl_config_service( + new net::SSLConfigServiceDefaults); +#endif net::HttpTransactionFactory* factory = NULL; if (use_cache) { - factory = new net::HttpCache(host_resolver, proxy_service, 0); + factory = new net::HttpCache(host_resolver, proxy_service, + ssl_config_service, 0); } else { factory = new net::HttpNetworkLayer( net::ClientSocketFactory::GetDefaultFactory(), host_resolver, - proxy_service); + proxy_service, ssl_config_service); } { diff --git a/net/url_request/url_request_context.h b/net/url_request/url_request_context.h index aac651a..72b02ec 100644 --- a/net/url_request/url_request_context.h +++ b/net/url_request/url_request_context.h @@ -15,6 +15,7 @@ #include "net/base/cookie_policy.h" #include "net/base/cookie_store.h" #include "net/base/host_resolver.h" +#include "net/base/ssl_config_service.h" #include "net/ftp/ftp_auth_cache.h" #include "net/proxy/proxy_service.h" @@ -45,6 +46,11 @@ class URLRequestContext : return proxy_service_; } + // Get the ssl config service for this context. + net::SSLConfigService* ssl_config_service() const { + return ssl_config_service_; + } + // Gets the http transaction factory for this context. net::HttpTransactionFactory* http_transaction_factory() { return http_transaction_factory_; @@ -108,6 +114,7 @@ class URLRequestContext : // subclasses. scoped_refptr<net::HostResolver> host_resolver_; scoped_refptr<net::ProxyService> proxy_service_; + scoped_refptr<net::SSLConfigService> ssl_config_service_; net::HttpTransactionFactory* http_transaction_factory_; net::FtpTransactionFactory* ftp_transaction_factory_; net::CookieStore* cookie_store_; diff --git a/net/url_request/url_request_unittest.cc b/net/url_request/url_request_unittest.cc index 93c29f2..d68175b 100644 --- a/net/url_request/url_request_unittest.cc +++ b/net/url_request/url_request_unittest.cc @@ -50,9 +50,11 @@ class URLRequestTestContext : public URLRequestContext { host_resolver_ = net::CreateSystemHostResolver(); proxy_service_ = net::ProxyService::CreateNull(); ftp_transaction_factory_ = new net::FtpNetworkLayer(host_resolver_); + ssl_config_service_ = new net::SSLConfigServiceDefaults; http_transaction_factory_ = new net::HttpCache( - net::HttpNetworkLayer::CreateFactory(host_resolver_, proxy_service_), + net::HttpNetworkLayer::CreateFactory(host_resolver_, proxy_service_, + ssl_config_service_), disk_cache::CreateInMemoryCacheBackend(0)); // In-memory cookie store. cookie_store_ = new net::CookieMonster(); diff --git a/net/url_request/url_request_unittest.h b/net/url_request/url_request_unittest.h index 22e9b99..e058957 100644 --- a/net/url_request/url_request_unittest.h +++ b/net/url_request/url_request_unittest.h @@ -24,6 +24,7 @@ #include "net/base/host_resolver.h" #include "net/base/io_buffer.h" #include "net/base/net_errors.h" +#include "net/base/ssl_config_service_defaults.h" #include "net/http/http_network_layer.h" #include "net/socket/ssl_test_util.h" #include "net/url_request/url_request.h" @@ -45,9 +46,10 @@ class TestURLRequestContext : public URLRequestContext { TestURLRequestContext() { host_resolver_ = net::CreateSystemHostResolver(); proxy_service_ = net::ProxyService::CreateNull(); + ssl_config_service_ = new net::SSLConfigServiceDefaults; http_transaction_factory_ = net::HttpNetworkLayer::CreateFactory(host_resolver_, - proxy_service_); + proxy_service_, ssl_config_service_); } explicit TestURLRequestContext(const std::string& proxy) { @@ -55,9 +57,10 @@ class TestURLRequestContext : public URLRequestContext { net::ProxyConfig proxy_config; proxy_config.proxy_rules.ParseFromString(proxy); proxy_service_ = net::ProxyService::CreateFixed(proxy_config); + ssl_config_service_ = new net::SSLConfigServiceDefaults; http_transaction_factory_ = net::HttpNetworkLayer::CreateFactory(host_resolver_, - proxy_service_); + proxy_service_, ssl_config_service_); } virtual ~TestURLRequestContext() { diff --git a/webkit/tools/test_shell/test_shell_request_context.cc b/webkit/tools/test_shell/test_shell_request_context.cc index 703d316..4b680d6 100644 --- a/webkit/tools/test_shell/test_shell_request_context.cc +++ b/webkit/tools/test_shell/test_shell_request_context.cc @@ -4,8 +4,15 @@ #include "webkit/tools/test_shell/test_shell_request_context.h" +#include "build/build_config.h" + #include "net/base/cookie_monster.h" #include "net/base/host_resolver.h" +#if defined(OS_WIN) +#include "net/base/ssl_config_service_win.h" +#else +#include "net/base/ssl_config_service_defaults.h" +#endif #include "net/ftp/ftp_network_layer.h" #include "net/proxy/proxy_service.h" #include "webkit/glue/webkit_glue.h" @@ -46,12 +53,19 @@ void TestShellRequestContext::Init( host_resolver_ = net::CreateSystemHostResolver(); proxy_service_ = net::ProxyService::Create(no_proxy ? &proxy_config : NULL, false, NULL, NULL); +#if defined(OS_WIN) + ssl_config_service_ = new net::SSLConfigServiceWin; +#else + ssl_config_service_ = new net::SSLConfigServiceDefaults; +#endif net::HttpCache *cache; if (cache_path.empty()) { - cache = new net::HttpCache(host_resolver_, proxy_service_, 0); + cache = new net::HttpCache(host_resolver_, proxy_service_, + ssl_config_service_, 0); } else { - cache = new net::HttpCache(host_resolver_, proxy_service_, cache_path, 0); + cache = new net::HttpCache(host_resolver_, proxy_service_, + ssl_config_service_, cache_path, 0); } cache->set_mode(cache_mode); http_transaction_factory_ = cache; |