Read and Write SSL3, TLS1 and Cert revocation SSL preferences

from local_state on Windows and Mac.

BUG=76551
TEST=testing SSL preferences with options UI
R=wtc
Review URL: http://codereview.chromium.org/6693077

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@80635 0039d316-1c4b-4281-b951-d872f2087c98

7 files changed, 22 insertions, 134 deletions

diff --git a/chrome/browser/net/ssl_config_service_manager.h b/chrome/browser/net/ssl_config_service_manager.h
index 2d734d4..213b95266 100644
--- a/chrome/browser/net/ssl_config_service_manager.h
+++ b/chrome/browser/net/ssl_config_service_manager.h
@@ -1,4 +1,4 @@
-// Copyright (c) 2009 The Chromium Authors. All rights reserved.
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
@@ -17,8 +17,8 @@ class SSLConfigServiceManager {
  public:
   // Create an instance of the default SSLConfigServiceManager for the current
   // platform. The lifetime of the PrefService objects must be longer than that
-  // of the manager. On Linux, get SSL preferences from local_state object. If
-  // SSL preferences don't exist in local_state object, then get the data from
+  // of the manager. Get SSL preferences from local_state object. If SSL
+  // preferences don't exist in local_state object, then get the data from
   // user_prefs object and migrate it to local_state object and then delete the
   // data from user_prefs object.
   static SSLConfigServiceManager* CreateDefaultManager(
diff --git a/chrome/browser/ui/options/options_util.cc b/chrome/browser/ui/options/options_util.cc
index 7b4246c..19f5742 100644
--- a/chrome/browser/ui/options/options_util.cc
+++ b/chrome/browser/ui/options/options_util.cc
@@ -38,11 +38,12 @@ void OptionsUtil::ResetToDefaults(Profile* profile) {
     prefs::kDeleteFormData,
     prefs::kDeletePasswords,
     prefs::kDnsPrefetchingEnabled,
-#if defined(OS_LINUX) || defined(OS_FREEBSD) || defined(OS_OPENBSD)
+    // TODO(rtenneti): Remove ssl preferences from user_prefs when we stop
+    // migrating user_prefs to local_state after 6 months (after we delete
+    // migration code).
     prefs::kCertRevocationCheckingEnabled,
     prefs::kSSL3Enabled,
     prefs::kTLS1Enabled,
-#endif
 #if defined(OS_CHROMEOS)
     prefs::kTapToClickEnabled,
     prefs::kTouchpadSensitivity,
@@ -96,11 +97,9 @@ void OptionsUtil::ResetToDefaults(Profile* profile) {
   // don't reset it.
   const char* kLocalStatePrefs[] = {
     prefs::kApplicationLocale,
-#if defined(OS_LINUX) || defined(OS_FREEBSD) || defined(OS_OPENBSD)
     prefs::kCertRevocationCheckingEnabled,
     prefs::kSSL3Enabled,
     prefs::kTLS1Enabled,
-#endif
   };
   for (size_t i = 0; i < arraysize(kLocalStatePrefs); ++i)
     local_state->ClearPref(kLocalStatePrefs[i]);
diff --git a/chrome/browser/ui/webui/options/advanced_options_handler.cc b/chrome/browser/ui/webui/options/advanced_options_handler.cc
index a3a1779..dbac6d5 100644
--- a/chrome/browser/ui/webui/options/advanced_options_handler.cc
+++ b/chrome/browser/ui/webui/options/advanced_options_handler.cc
@@ -44,10 +44,6 @@
 #include "chrome/browser/ui/webui/options/advanced_options_utils.h"
 #endif
 
-#if defined(OS_WIN)
-#include "net/base/ssl_config_service_win.h"
-#endif
-
 AdvancedOptionsHandler::AdvancedOptionsHandler() {
 #if (defined(GOOGLE_CHROME_BUILD) && defined(OS_WIN)) || defined(OS_MACOSX)
   cloud_print_proxy_ui_enabled_ = true;
@@ -196,10 +192,7 @@ void AdvancedOptionsHandler::Initialize() {
   SetupPromptForDownload();
   SetupAutoOpenFileTypesDisabledAttribute();
   SetupProxySettingsSection();
-#if defined(OS_WIN) || defined(OS_LINUX) || defined(OS_FREEBSD) || \
-    defined(OS_OPENBSD)
   SetupSSLConfigSettings();
-#endif
 #if !defined(OS_CHROMEOS)
   if (cloud_print_proxy_ui_enabled_) {
     SetupCloudPrintProxySection();
@@ -237,14 +230,12 @@ WebUIMessageHandler* AdvancedOptionsHandler::Attach(WebUI* web_ui) {
   cloud_print_proxy_enabled_.Init(prefs::kCloudPrintProxyEnabled, prefs, this);
 #endif
 
-#if defined(OS_LINUX) || defined(OS_FREEBSD) || defined(OS_OPENBSD)
   rev_checking_enabled_.Init(prefs::kCertRevocationCheckingEnabled,
                              g_browser_process->local_state(), this);
   ssl3_enabled_.Init(prefs::kSSL3Enabled, g_browser_process->local_state(),
                      this);
   tls1_enabled_.Init(prefs::kTLS1Enabled, g_browser_process->local_state(),
                      this);
-#endif
 
   default_download_location_.Init(prefs::kDownloadDefaultDirectory,
                                   prefs, this);
@@ -306,20 +297,6 @@ void AdvancedOptionsHandler::RegisterMessages() {
       NewCallback(this,
                   &AdvancedOptionsHandler::DisableRemoting));
 #endif
-#if defined(OS_LINUX) || defined(OS_FREEBSD) || defined(OS_OPENBSD)
-  // Setup Linux specific callbacks.
-  web_ui_->RegisterMessageCallback("checkRevocationCheckboxAction",
-      NewCallback(this,
-                  &AdvancedOptionsHandler::HandleCheckRevocationCheckbox));
-  web_ui_->RegisterMessageCallback("useSSL3CheckboxAction",
-      NewCallback(this,
-                  &AdvancedOptionsHandler::HandleUseSSL3Checkbox));
-  web_ui_->RegisterMessageCallback("useTLS1CheckboxAction",
-      NewCallback(this,
-                  &AdvancedOptionsHandler::HandleUseTLS1Checkbox));
-#endif
-#if defined(OS_WIN)
-  // Setup Windows specific callbacks.
   web_ui_->RegisterMessageCallback("checkRevocationCheckboxAction",
       NewCallback(this,
                   &AdvancedOptionsHandler::HandleCheckRevocationCheckbox));
@@ -329,7 +306,6 @@ void AdvancedOptionsHandler::RegisterMessages() {
   web_ui_->RegisterMessageCallback("useTLS1CheckboxAction",
       NewCallback(this,
                   &AdvancedOptionsHandler::HandleUseTLS1Checkbox));
-#endif
 }
 
 void AdvancedOptionsHandler::Observe(NotificationType type,
@@ -421,37 +397,6 @@ void AdvancedOptionsHandler::HandleDefaultFontSize(const ListValue* args) {
   }
 }
 
-#if defined(OS_WIN)
-void AdvancedOptionsHandler::HandleCheckRevocationCheckbox(
-    const ListValue* args) {
-  std::string checked_str = WideToUTF8(ExtractStringValue(args));
-  bool enabled = checked_str == "true";
-  std::string metric =
-      (enabled ? "Options_CheckCertRevocation_Enable"
-               : "Options_CheckCertRevocation_Disable");
-  UserMetricsRecordAction(UserMetricsAction(metric.c_str()));
-  net::SSLConfigServiceWin::SetRevCheckingEnabled(enabled);
-}
-
-void AdvancedOptionsHandler::HandleUseSSL3Checkbox(const ListValue* args) {
-  std::string checked_str = WideToUTF8(ExtractStringValue(args));
-  bool enabled = checked_str == "true";
-  std::string metric =
-      (enabled ? "Options_SSL3_Enable" : "Options_SSL3_Disable");
-  UserMetricsRecordAction(UserMetricsAction(metric.c_str()));
-  net::SSLConfigServiceWin::SetSSL3Enabled(enabled);
-}
-
-void AdvancedOptionsHandler::HandleUseTLS1Checkbox(const ListValue* args) {
-  std::string checked_str = WideToUTF8(ExtractStringValue(args));
-  bool enabled = checked_str == "true";
-  std::string metric =
-      (enabled ? "Options_TLS1_Enable" : "Options_TLS1_Disable");
-  UserMetricsRecordAction(UserMetricsAction(metric.c_str()));
-  net::SSLConfigServiceWin::SetTLS1Enabled(enabled);
-}
-#endif
-#if defined(OS_LINUX) || defined(OS_FREEBSD) || defined(OS_OPENBSD)
 void AdvancedOptionsHandler::HandleCheckRevocationCheckbox(
     const ListValue* args) {
   std::string checked_str = UTF16ToUTF8(ExtractStringValue(args));
@@ -480,7 +425,6 @@ void AdvancedOptionsHandler::HandleUseTLS1Checkbox(const ListValue* args) {
   UserMetricsRecordAction(UserMetricsAction(metric.c_str()));
   tls1_enabled_.SetValue(enabled);
 }
-#endif
 
 #if !defined(OS_CHROMEOS)
 void AdvancedOptionsHandler::ShowNetworkProxySettings(const ListValue* args) {
@@ -667,7 +611,6 @@ void AdvancedOptionsHandler::SetupProxySettingsSection() {
       "options.AdvancedOptions.SetupProxySettingsSection", disabled, label);
 }
 
-#if defined(OS_LINUX) || defined(OS_FREEBSD) || defined(OS_OPENBSD)
 void AdvancedOptionsHandler::SetupSSLConfigSettings() {
   {
     FundamentalValue checked(rev_checking_enabled_.GetValue());
@@ -689,34 +632,3 @@ void AdvancedOptionsHandler::SetupSSLConfigSettings() {
         "options.AdvancedOptions.SetUseTLS1CheckboxState", checked, disabled);
   }
 }
-#endif
-#if defined(OS_WIN)
-void AdvancedOptionsHandler::SetupSSLConfigSettings() {
-  bool checkRevocationSetting = false;
-  bool useSSL3Setting = false;
-  bool useTLS1Setting = false;
-  bool disabled = false;
-
-  net::SSLConfig config;
-  if (net::SSLConfigServiceWin::GetSSLConfigNow(&config)) {
-    checkRevocationSetting = config.rev_checking_enabled;
-    useSSL3Setting = config.ssl3_enabled;
-    useTLS1Setting = config.tls1_enabled;
-  } else {
-    disabled = true;
-  }
-  FundamentalValue disabledValue(disabled);
-  FundamentalValue checkRevocationValue(checkRevocationSetting);
-  web_ui_->CallJavascriptFunction(
-      "options.AdvancedOptions.SetCheckRevocationCheckboxState",
-      checkRevocationValue, disabledValue);
-  FundamentalValue useSSL3Value(useSSL3Setting);
-  web_ui_->CallJavascriptFunction(
-      "options.AdvancedOptions.SetUseSSL3CheckboxState",
-      useSSL3Value, disabledValue);
-  FundamentalValue useTLS1Value(useTLS1Setting);
-  web_ui_->CallJavascriptFunction(
-      "options.AdvancedOptions.SetUseTLS1CheckboxState",
-      useTLS1Value, disabledValue);
-}
-#endif
diff --git a/chrome/browser/ui/webui/options/advanced_options_handler.h b/chrome/browser/ui/webui/options/advanced_options_handler.h
index 2714444..a8f9c1a 100644
--- a/chrome/browser/ui/webui/options/advanced_options_handler.h
+++ b/chrome/browser/ui/webui/options/advanced_options_handler.h
@@ -66,20 +66,18 @@ class AdvancedOptionsHandler
   // one item, the font size as a numeric value.
   void HandleDefaultFontSize(const ListValue* args);
 
-#if defined(OS_WIN) || defined(OS_LINUX) || defined(OS_FREEBSD) || \
-    defined(OS_OPENBSD)
-  // Callback for the "Check SSL Revocation" checkbox.  This is needed so we
-  // can support manual handling on Windows.
+  // Callback for the "Check for server certificate revocation" checkbox. This
+  // is called if the user toggles the "Check for server certificate revocation"
+  // checkbox.
   void HandleCheckRevocationCheckbox(const ListValue* args);
 
-  // Callback for the "Use SSL3" checkbox.  This is needed so we can support
-  // manual handling on Windows.
+  // Callback for the "Use SSL 3.0" checkbox. This is called if the user toggles
+  // the "Use SSL 3.0" checkbox.
   void HandleUseSSL3Checkbox(const ListValue* args);
 
-  // Callback for the "Use TLS1" checkbox.  This is needed so we can support
-  // manual handling on Windows.
+  // Callback for the "Use TLS 1.0" checkbox. This is called if the user toggles
+  // the "Use TLS 1.0" checkbox.
   void HandleUseTLS1Checkbox(const ListValue* args);
-#endif
 
 #if !defined(OS_CHROMEOS)
   // Callback for the "showNetworkProxySettings" message. This will invoke
@@ -150,11 +148,8 @@ class AdvancedOptionsHandler
   // Setup the proxy settings section UI.
   void SetupProxySettingsSection();
 
-#if defined(OS_WIN) || defined(OS_LINUX) || defined(OS_FREEBSD) || \
-    defined(OS_OPENBSD)
   // Setup the checked state for SSL related checkboxes.
   void SetupSSLConfigSettings();
-#endif
 
   scoped_refptr<SelectFileDialog> select_folder_dialog_;
 
@@ -166,12 +161,10 @@ class AdvancedOptionsHandler
   scoped_ptr<CloudPrintSetupHandler> cloud_print_setup_handler_;
 #endif
 
-#if defined(OS_LINUX) || defined(OS_FREEBSD) || defined(OS_OPENBSD)
   // SSLConfigService prefs.
   BooleanPrefMember rev_checking_enabled_;
   BooleanPrefMember ssl3_enabled_;
   BooleanPrefMember tls1_enabled_;
-#endif
 
 #if defined(ENABLE_REMOTING) && !defined(OS_CHROMEOS)
   remoting::RemotingOptionsHandler remoting_options_handler_;
diff --git a/chrome/chrome_browser.gypi b/chrome/chrome_browser.gypi
index 7a53b6e..3bf56e6 100644
--- a/chrome/chrome_browser.gypi
+++ b/chrome/chrome_browser.gypi
@@ -1346,7 +1346,6 @@
         'browser/net/sqlite_persistent_cookie_store.h',
         'browser/net/ssl_config_service_manager.h',
         'browser/net/ssl_config_service_manager_pref.cc',
-        'browser/net/ssl_config_service_manager_system.cc',
         'browser/net/url_fixer_upper.cc',
         'browser/net/url_fixer_upper.h',
         'browser/net/url_info.cc',
@@ -3512,17 +3511,6 @@
             '../build/linux/system.gyp:x11',
           ],
         }],
-        # Use system SSL settings on Mac and Windows.  Use preferences
-        # for SSL settings on other platforms.
-        ['OS=="mac" or OS=="win"', {
-          'sources!': [
-            'browser/net/ssl_config_service_manager_pref.cc',
-          ],
-        }, {  # else
-          'sources!': [
-            'browser/net/ssl_config_service_manager_system.cc',
-          ],
-        }],
         ['OS=="mac"', {
           'sources!': [
             'browser/automation/automation_provider_list_generic.cc',
diff --git a/chrome/common/pref_names.cc b/chrome/common/pref_names.cc
index cf08c3a..13afcda 100644
--- a/chrome/common/pref_names.cc
+++ b/chrome/common/pref_names.cc
@@ -281,14 +281,6 @@ const char kInstantPromo[] = "instant.promo";
 const char kMultipleProfilePrefMigration[] =
     "local_state.multiple_profile_prefs_version";
 
-#if defined(USE_NSS) || defined(USE_OPENSSL)
-// Prefs for SSLConfigServicePref.  Currently, these are only present on
-// and used by NSS/OpenSSL using OSes.
-const char kCertRevocationCheckingEnabled[] = "ssl.rev_checking.enabled";
-const char kSSL3Enabled[] = "ssl.ssl3.enabled";
-const char kTLS1Enabled[] = "ssl.tls1.enabled";
-#endif
-
 #if defined(OS_CHROMEOS)
 // An integer pref to initially mute volume if 1.
 const char kAudioMute[] = "settings.audio.mute";
@@ -699,6 +691,11 @@ const char kDisable3DAPIs[] = "disable_3d_apis";
 // *************** LOCAL STATE ***************
 // These are attached to the machine/installation
 
+// Prefs for SSLConfigServicePref.
+const char kCertRevocationCheckingEnabled[] = "ssl.rev_checking.enabled";
+const char kSSL3Enabled[] = "ssl.ssl3.enabled";
+const char kTLS1Enabled[] = "ssl.tls1.enabled";
+
 // The metrics client GUID and session ID.
 const char kMetricsClientID[] = "user_experience_metrics.client_id";
 const char kMetricsSessionID[] = "user_experience_metrics.session_id";
diff --git a/chrome/common/pref_names.h b/chrome/common/pref_names.h
index acfd6cc..4899cde 100644
--- a/chrome/common/pref_names.h
+++ b/chrome/common/pref_names.h
@@ -93,11 +93,6 @@ extern const char kInstantEnabledOnce[];
 extern const char kInstantEnabledTime[];
 extern const char kInstantPromo[];
 extern const char kMultipleProfilePrefMigration[];
-#if defined(USE_NSS) || defined(USE_OPENSSL)
-extern const char kCertRevocationCheckingEnabled[];
-extern const char kSSL3Enabled[];
-extern const char kTLS1Enabled[];
-#endif
 #if defined(OS_CHROMEOS)
 extern const char kAudioMute[];
 extern const char kAudioVolume[];
@@ -246,6 +241,10 @@ extern const char kPolicyUserPolicyRefreshRate[];
 extern const char kPolicyDevicePolicyRefreshRate[];
 
 // Local state
+extern const char kCertRevocationCheckingEnabled[];
+extern const char kSSL3Enabled[];
+extern const char kTLS1Enabled[];
+
 extern const char kMetricsClientID[];
 extern const char kMetricsSessionID[];
 extern const char kMetricsClientIDTimestamp[];