SPDY: augment Strict Transport Security with the beginnings of SPDY upgrade.

This adds an opportunistic flag to the information that we store in
the Strict Transport Security State. Given this, STSS might be
misnamed now, but renaming it in this patch would add huge amounts of
noise.

We process the 'X-Bodge-Transport-Security' header which has the same
format as the STS header. When we see this on an HTTP connection,
we'll probe for a clean HTTPS path to the host and then remember it.
This header should be considered mutually exclusive with STS, although
this isn't enforced in the code.

The remembered flag is currently ignored by the rest of the code. This
will be addressed in a future patch.

The header should be called 'Opportunistic-Transport-Security' in the
future, but we have some issues to work out before we take that name.

http://codereview.chromium.org/456011

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@34380 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 75 insertions, 0 deletions

diff --git a/chrome/browser/transport_security_persister.h b/chrome/browser/transport_security_persister.h
new file mode 100644
index 0000000..660faa7
--- /dev/null
+++ b/chrome/browser/transport_security_persister.h
@@ -0,0 +1,75 @@
+// Copyright (c) 2009 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// TransportSecurityState maintains an in memory database containing the
+// list of hosts that currently have transport security enabled. This
+// singleton object deals with writing that data out to disk as needed and
+// loading it at startup.
+
+// At startup we need to load the transport security state from the
+// disk. For the moment, we don't want to delay startup for this load, so we
+// let the TransportSecurityState run for a while without being loaded.
+// This means that it's possible for pages opened very quickly not to get the
+// correct transport security information.
+//
+// To load the state, we schedule a Task on the file thread which loads,
+// deserialises and configures the TransportSecurityState.
+//
+// The TransportSecurityState object supports running a callback function
+// when it changes. This object registers the callback, pointing at itself.
+//
+// TransportSecurityState calls...
+// TransportSecurityPersister::StateIsDirty
+//   since the callback isn't allowed to block or reenter, we schedule a Task
+//   on the file thread after some small amount of time
+//
+// ...
+//
+// TransportSecurityPersister::SerialiseState
+//   copies the current state of the TransportSecurityState, serialises
+//   and writes to disk.
+
+#ifndef CHROME_BROWSER_STRICT_TRANSPORT_SECURITY_PERSISTER_H_
+#define CHROME_BROWSER_STRICT_TRANSPORT_SECURITY_PERSISTER_H_
+
+#include "base/file_path.h"
+#include "base/lock.h"
+#include "base/ref_counted.h"
+#include "net/base/transport_security_state.h"
+
+class TransportSecurityPersister
+    : public base::RefCountedThreadSafe<TransportSecurityPersister>,
+      public net::TransportSecurityState::Delegate {
+ public:
+  TransportSecurityPersister();
+  void Initialize(net::TransportSecurityState* state,
+                  const FilePath& profile_path);
+
+  // Called by the TransportSecurityState when it changes its state.
+  virtual void StateIsDirty(net::TransportSecurityState*);
+
+ private:
+  friend class base::RefCountedThreadSafe<TransportSecurityPersister>;
+
+  ~TransportSecurityPersister();
+
+  // a Task callback for when the state needs to be written out.
+  void SerialiseState();
+
+  // a Task callback for when the state needs to be loaded from disk at startup.
+  void LoadState();
+
+  Lock lock_;  // protects all the members
+
+  // true when the state object has signaled that we're dirty and we haven't
+  // serialised the state yet.
+  bool state_is_dirty_;
+
+  scoped_refptr<net::TransportSecurityState>
+      transport_security_state_;
+  // The path to the file in which we store the serialised state.
+  FilePath state_file_;
+};
+
+#endif  // CHROME_BROWSER_STRICT_TRANSPORT_SECURITY_PERSISTER_H_