diff options
| author | hawk@chromium.org <hawk@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-09-09 22:07:32 +0000 |
|---|---|---|
| committer | hawk@chromium.org <hawk@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-09-09 22:07:32 +0000 |
| commit | f37c98ff15a2c2de0b86646be4ff7c5e2f59b703 (patch) | |
| tree | 07f3dab046d81479ad73a521216ded00b32fb051 /net/base/ssl_config_service_mac.h | |
| parent | f7238c977a13f719f2d540a2927a51f6c1e70e74 (diff) | |
| download | chromium_src-f37c98ff15a2c2de0b86646be4ff7c5e2f59b703.zip chromium_src-f37c98ff15a2c2de0b86646be4ff7c5e2f59b703.tar.gz chromium_src-f37c98ff15a2c2de0b86646be4ff7c5e2f59b703.tar.bz2 | |
Add an SSLConfigService implementation for Mac OS X
BUG=19293
TEST=https://test-ssev.verisign.com/ has three links: one should work OK, the other should warn that the certificate is expired, the other that the certificate is revoked.
Review URL: http://codereview.chromium.org/193009
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@25798 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/base/ssl_config_service_mac.h')
| -rw-r--r-- | net/base/ssl_config_service_mac.h | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/net/base/ssl_config_service_mac.h b/net/base/ssl_config_service_mac.h new file mode 100644 index 0000000..4741034 --- /dev/null +++ b/net/base/ssl_config_service_mac.h @@ -0,0 +1,55 @@ +// Copyright (c) 2009 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef NET_BASE_SSL_CONFIG_SERVICE_MAC_H_ +#define NET_BASE_SSL_CONFIG_SERVICE_MAC_H_ + +#include "base/time.h" +#include "net/base/ssl_config_service.h" + +namespace net { + +// This class is responsible for getting and setting the SSL configuration on +// Mac OS X. +class SSLConfigServiceMac : public SSLConfigService { + public: + SSLConfigServiceMac(); + explicit SSLConfigServiceMac(base::TimeTicks now); // Used for testing. + virtual ~SSLConfigServiceMac() {} + + // Get the current SSL configuration settings. Can be called on any + // thread. + static bool GetSSLConfigNow(SSLConfig* config); + + // Setters. Can be called on any thread. + static void SetRevCheckingEnabled(bool enabled); + static void SetSSL2Enabled(bool enabled); + static void SetSSL3Enabled(bool enabled); + static void SetTLS1Enabled(bool enabled); + + // Get the (cached) SSL configuration settings that are fresh within 10 + // seconds. This is cheaper than GetSSLConfigNow and is suitable when + // we don't need the absolutely current configuration settings. This + // method is not thread-safe, so it must be called on the same thread. + void GetSSLConfig(SSLConfig* config) { + GetSSLConfigAt(config, base::TimeTicks::Now()); + } + + // Used for testing. + void GetSSLConfigAt(SSLConfig* config, base::TimeTicks now); + + private: + void UpdateConfig(base::TimeTicks now); + + // We store the system SSL config and the time that we fetched it. + SSLConfig config_info_; + base::TimeTicks config_time_; + bool ever_updated_; + + DISALLOW_EVIL_CONSTRUCTORS(SSLConfigServiceMac); +}; + +} // namespace net + +#endif // NET_BASE_SSL_CONFIG_SERVICE_MAC_H_ |