Pref-backed SSLConfigService for Linux.

Makes SSLConfigService into a ref-counted interface, and makes Profile own an SSLConfigServiceFactory which is used to create the SSLConfigService and pass it through the URLRequestContext on down to where it is actually used. R=eroman,wtc BUG=11507,19290 Review URL: http://codereview.chromium.org/165003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@23757 0039d316-1c4b-4281-b951-d872f2087c98
author: mattm@chromium.org <mattm@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2009-08-19 21:48:42 +0000
committer: mattm@chromium.org <mattm@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2009-08-19 21:48:42 +0000
commit: db36938cb26cf265a5fd93690a8e783d01406958 (patch)
tree: 7261d389592cdfbbb3063f223455518db12d3bda /net/base/ssl_config_service_win.cc
parent: 0d1872ebba9b790f3a33bcaecc11258ea924b397 (diff)
download: chromium_src-db36938cb26cf265a5fd93690a8e783d01406958.zip
chromium_src-db36938cb26cf265a5fd93690a8e783d01406958.tar.gz
chromium_src-db36938cb26cf265a5fd93690a8e783d01406958.tar.bz2
1 files changed, 114 insertions, 0 deletions
diff --git a/net/base/ssl_config_service_win.cc b/net/base/ssl_config_service_win.cc
new file mode 100644
index 0000000..dcb9b89
--- /dev/null
+++ b/net/base/ssl_config_service_win.cc
@@ -0,0 +1,114 @@
+// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "net/base/ssl_config_service_win.h"
+
+#include "base/registry.h"
+
+using base::TimeDelta;
+using base::TimeTicks;
+
+namespace net {
+
+static const int kConfigUpdateInterval = 10;  // seconds
+
+static const wchar_t kInternetSettingsSubKeyName[] =
+    L"Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings";
+
+static const wchar_t kRevocationValueName[] = L"CertificateRevocation";
+
+static const wchar_t kProtocolsValueName[] = L"SecureProtocols";
+
+// In SecureProtocols, each SSL version is represented by a bit:
+//   SSL 2.0: 0x08
+//   SSL 3.0: 0x20
+//   TLS 1.0: 0x80
+// The bits are OR'ed to form the DWORD value.  So 0xa0 means SSL 3.0 and
+// TLS 1.0.
+enum {
+  SSL2 = 0x08,
+  SSL3 = 0x20,
+  TLS1 = 0x80
+};
+
+// If CertificateRevocation or SecureProtocols is missing, IE uses a default
+// value.  Unfortunately the default is IE version specific.  We use WinHTTP's
+// default.
+enum {
+  REVOCATION_DEFAULT = 0,
+  PROTOCOLS_DEFAULT = SSL3 | TLS1
+};
+
+SSLConfigServiceWin::SSLConfigServiceWin() : ever_updated_(false) {
+  // We defer retrieving the settings until the first call to GetSSLConfig, to
+  // avoid a blocking call on the UI thread.
+}
+
+SSLConfigServiceWin::SSLConfigServiceWin(TimeTicks now) : ever_updated_(false) {
+  UpdateConfig(now);
+}
+
+void SSLConfigServiceWin::GetSSLConfigAt(SSLConfig* config, TimeTicks now) {
+  if (!ever_updated_ ||
+      now - config_time_ > TimeDelta::FromSeconds(kConfigUpdateInterval))
+    UpdateConfig(now);
+  *config = config_info_;
+}
+
+// static
+bool SSLConfigServiceWin::GetSSLConfigNow(SSLConfig* config) {
+  RegKey internet_settings;
+  if (!internet_settings.Open(HKEY_CURRENT_USER, kInternetSettingsSubKeyName,
+                              KEY_READ))
+    return false;
+
+  DWORD revocation;
+  if (!internet_settings.ReadValueDW(kRevocationValueName, &revocation))
+    revocation = REVOCATION_DEFAULT;
+
+  DWORD protocols;
+  if (!internet_settings.ReadValueDW(kProtocolsValueName, &protocols))
+    protocols = PROTOCOLS_DEFAULT;
+
+  config->rev_checking_enabled = (revocation != 0);
+  config->ssl2_enabled = ((protocols & SSL2) != 0);
+  config->ssl3_enabled = ((protocols & SSL3) != 0);
+  config->tls1_enabled = ((protocols & TLS1) != 0);
+
+  return true;
+}
+
+// static
+void SSLConfigServiceWin::SetRevCheckingEnabled(bool enabled) {
+  DWORD value = enabled;
+  RegKey internet_settings(HKEY_CURRENT_USER, kInternetSettingsSubKeyName,
+                           KEY_WRITE);
+  internet_settings.WriteValue(kRevocationValueName, value);
+  // TODO(mattm): We should call UpdateConfig after updating settings, but these
+  // methods are static.
+}
+
+// static
+void SSLConfigServiceWin::SetSSL2Enabled(bool enabled) {
+  RegKey internet_settings(HKEY_CURRENT_USER, kInternetSettingsSubKeyName,
+                           KEY_READ | KEY_WRITE);
+  DWORD value;
+  if (!internet_settings.ReadValueDW(kProtocolsValueName, &value))
+    value = PROTOCOLS_DEFAULT;
+  if (enabled)
+    value |= SSL2;
+  else
+    value &= ~SSL2;
+  internet_settings.WriteValue(kProtocolsValueName, value);
+  // TODO(mattm): We should call UpdateConfig after updating settings, but these
+  // methods are static.
+}
+
+void SSLConfigServiceWin::UpdateConfig(TimeTicks now) {
+  GetSSLConfigNow(&config_info_);
+  config_time_ = now;
+  ever_updated_ = true;
+}
+
+}  // namespace net
author	mattm@chromium.org <mattm@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2009-08-19 21:48:42 +0000
committer	mattm@chromium.org <mattm@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2009-08-19 21:48:42 +0000
commit	db36938cb26cf265a5fd93690a8e783d01406958 (patch)
tree	7261d389592cdfbbb3063f223455518db12d3bda /net/base/ssl_config_service_win.cc
parent	0d1872ebba9b790f3a33bcaecc11258ea924b397 (diff)
download	chromium_src-db36938cb26cf265a5fd93690a8e783d01406958.zip chromium_src-db36938cb26cf265a5fd93690a8e783d01406958.tar.gz chromium_src-db36938cb26cf265a5fd93690a8e783d01406958.tar.bz2