summaryrefslogtreecommitdiffstats
path: root/net/base
diff options
context:
space:
mode:
Diffstat (limited to 'net/base')
-rw-r--r--net/base/ssl_config_service.h47
-rw-r--r--net/base/ssl_config_service_defaults.h34
-rw-r--r--net/base/ssl_config_service_win.cc (renamed from net/base/ssl_config_service.cc)27
-rw-r--r--net/base/ssl_config_service_win.h60
-rw-r--r--net/base/ssl_config_service_win_unittest.cc (renamed from net/base/ssl_config_service_unittest.cc)49
5 files changed, 146 insertions, 71 deletions
diff --git a/net/base/ssl_config_service.h b/net/base/ssl_config_service.h
index 5354b3e..7bfd08b 100644
--- a/net/base/ssl_config_service.h
+++ b/net/base/ssl_config_service.h
@@ -7,7 +7,7 @@
#include <vector>
-#include "base/time.h"
+#include "base/ref_counted.h"
#include "net/base/x509_certificate.h"
namespace net {
@@ -60,45 +60,16 @@ struct SSLConfig {
scoped_refptr<X509Certificate> client_cert;
};
-// This class is responsible for getting and setting the SSL configuration.
-//
-// We think the SSL configuration settings should apply to all applications
-// used by the user. We consider IE's Internet Options as the de facto
-// system-wide network configuration settings, so we just use the values
-// from IE's Internet Settings registry key.
-class SSLConfigService {
+// The interface for retrieving the system SSL configuration. This interface
+// does not cover setting the SSL configuration, as on some systems, the
+// SSLConfigService objects may not have direct access to the configuration, or
+// live longer than the configuration preferences.
+class SSLConfigService : public base::RefCountedThreadSafe<SSLConfigService> {
public:
- SSLConfigService();
- explicit SSLConfigService(base::TimeTicks now); // Used for testing.
- ~SSLConfigService() { }
-
- // Get the current SSL configuration settings. Can be called on any
- // thread.
- static bool GetSSLConfigNow(SSLConfig* config);
-
- // Setters. Can be called on any thread.
- static void SetRevCheckingEnabled(bool enabled);
- static void SetSSL2Enabled(bool enabled);
-
- // Get the (cached) SSL configuration settings that are fresh within 10
- // seconds. This is cheaper than GetSSLConfigNow and is suitable when
- // we don't need the absolutely current configuration settings. This
- // method is not thread-safe, so it must be called on the same thread.
- void GetSSLConfig(SSLConfig* config) {
- GetSSLConfigAt(config, base::TimeTicks::Now());
- }
-
- // Used for testing.
- void GetSSLConfigAt(SSLConfig* config, base::TimeTicks now);
-
- private:
- void UpdateConfig(base::TimeTicks now);
-
- // We store the IE SSL config and the time that we fetched it.
- SSLConfig config_info_;
- base::TimeTicks config_time_;
+ virtual ~SSLConfigService() {}
- DISALLOW_EVIL_CONSTRUCTORS(SSLConfigService);
+ // May not be thread-safe, should only be called on the IO thread.
+ virtual void GetSSLConfig(SSLConfig* config) = 0;
};
} // namespace net
diff --git a/net/base/ssl_config_service_defaults.h b/net/base/ssl_config_service_defaults.h
new file mode 100644
index 0000000..9360020
--- /dev/null
+++ b/net/base/ssl_config_service_defaults.h
@@ -0,0 +1,34 @@
+// Copyright (c) 2009 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef NET_BASE_SSL_CONFIG_SERVICE_DEFAULTS_H_
+#define NET_BASE_SSL_CONFIG_SERVICE_DEFAULTS_H_
+
+#include "net/base/ssl_config_service.h"
+
+namespace net {
+
+// This SSLConfigService always returns the default SSLConfig settings. It is
+// mainly useful for unittests, or for platforms that do not have a native
+// implementation of SSLConfigService yet.
+class SSLConfigServiceDefaults : public SSLConfigService {
+ public:
+ SSLConfigServiceDefaults() {}
+ virtual ~SSLConfigServiceDefaults() {}
+
+ // Store default SSL config settings in |config|.
+ virtual void GetSSLConfig(SSLConfig* config) {
+ *config = default_config_;
+ }
+
+ private:
+ // Default value of prefs.
+ const SSLConfig default_config_;
+
+ DISALLOW_COPY_AND_ASSIGN(SSLConfigServiceDefaults);
+};
+
+} // namespace net
+
+#endif // NET_BASE_SSL_CONFIG_SERVICE_DEFAULTS_H_
diff --git a/net/base/ssl_config_service.cc b/net/base/ssl_config_service_win.cc
index 46421b0..dcb9b89 100644
--- a/net/base/ssl_config_service.cc
+++ b/net/base/ssl_config_service_win.cc
@@ -2,7 +2,7 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
-#include "net/base/ssl_config_service.h"
+#include "net/base/ssl_config_service_win.h"
#include "base/registry.h"
@@ -40,22 +40,24 @@ enum {
PROTOCOLS_DEFAULT = SSL3 | TLS1
};
-SSLConfigService::SSLConfigService() {
- UpdateConfig(TimeTicks::Now());
+SSLConfigServiceWin::SSLConfigServiceWin() : ever_updated_(false) {
+ // We defer retrieving the settings until the first call to GetSSLConfig, to
+ // avoid a blocking call on the UI thread.
}
-SSLConfigService::SSLConfigService(TimeTicks now) {
+SSLConfigServiceWin::SSLConfigServiceWin(TimeTicks now) : ever_updated_(false) {
UpdateConfig(now);
}
-void SSLConfigService::GetSSLConfigAt(SSLConfig* config, TimeTicks now) {
- if (now - config_time_ > TimeDelta::FromSeconds(kConfigUpdateInterval))
+void SSLConfigServiceWin::GetSSLConfigAt(SSLConfig* config, TimeTicks now) {
+ if (!ever_updated_ ||
+ now - config_time_ > TimeDelta::FromSeconds(kConfigUpdateInterval))
UpdateConfig(now);
*config = config_info_;
}
// static
-bool SSLConfigService::GetSSLConfigNow(SSLConfig* config) {
+bool SSLConfigServiceWin::GetSSLConfigNow(SSLConfig* config) {
RegKey internet_settings;
if (!internet_settings.Open(HKEY_CURRENT_USER, kInternetSettingsSubKeyName,
KEY_READ))
@@ -78,15 +80,17 @@ bool SSLConfigService::GetSSLConfigNow(SSLConfig* config) {
}
// static
-void SSLConfigService::SetRevCheckingEnabled(bool enabled) {
+void SSLConfigServiceWin::SetRevCheckingEnabled(bool enabled) {
DWORD value = enabled;
RegKey internet_settings(HKEY_CURRENT_USER, kInternetSettingsSubKeyName,
KEY_WRITE);
internet_settings.WriteValue(kRevocationValueName, value);
+ // TODO(mattm): We should call UpdateConfig after updating settings, but these
+ // methods are static.
}
// static
-void SSLConfigService::SetSSL2Enabled(bool enabled) {
+void SSLConfigServiceWin::SetSSL2Enabled(bool enabled) {
RegKey internet_settings(HKEY_CURRENT_USER, kInternetSettingsSubKeyName,
KEY_READ | KEY_WRITE);
DWORD value;
@@ -97,11 +101,14 @@ void SSLConfigService::SetSSL2Enabled(bool enabled) {
else
value &= ~SSL2;
internet_settings.WriteValue(kProtocolsValueName, value);
+ // TODO(mattm): We should call UpdateConfig after updating settings, but these
+ // methods are static.
}
-void SSLConfigService::UpdateConfig(TimeTicks now) {
+void SSLConfigServiceWin::UpdateConfig(TimeTicks now) {
GetSSLConfigNow(&config_info_);
config_time_ = now;
+ ever_updated_ = true;
}
} // namespace net
diff --git a/net/base/ssl_config_service_win.h b/net/base/ssl_config_service_win.h
new file mode 100644
index 0000000..ef3346e
--- /dev/null
+++ b/net/base/ssl_config_service_win.h
@@ -0,0 +1,60 @@
+// Copyright (c) 2006-2009 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef NET_BASE_SSL_CONFIG_SERVICE_WIN_H_
+#define NET_BASE_SSL_CONFIG_SERVICE_WIN_H_
+
+#include <set>
+
+#include "base/time.h"
+#include "net/base/ssl_config_service.h"
+
+namespace net {
+
+// This class is responsible for getting and setting the SSL configuration on
+// Windows.
+//
+// We think the SSL configuration settings should apply to all applications
+// used by the user. We consider IE's Internet Options as the de facto
+// system-wide network configuration settings, so we just use the values
+// from IE's Internet Settings registry key.
+class SSLConfigServiceWin : public SSLConfigService {
+ public:
+ SSLConfigServiceWin();
+ explicit SSLConfigServiceWin(base::TimeTicks now); // Used for testing.
+ virtual ~SSLConfigServiceWin() {}
+
+ // Get the current SSL configuration settings. Can be called on any
+ // thread.
+ static bool GetSSLConfigNow(SSLConfig* config);
+
+ // Setters. Can be called on any thread.
+ static void SetRevCheckingEnabled(bool enabled);
+ static void SetSSL2Enabled(bool enabled);
+
+ // Get the (cached) SSL configuration settings that are fresh within 10
+ // seconds. This is cheaper than GetSSLConfigNow and is suitable when
+ // we don't need the absolutely current configuration settings. This
+ // method is not thread-safe, so it must be called on the same thread.
+ void GetSSLConfig(SSLConfig* config) {
+ GetSSLConfigAt(config, base::TimeTicks::Now());
+ }
+
+ // Used for testing.
+ void GetSSLConfigAt(SSLConfig* config, base::TimeTicks now);
+
+ private:
+ void UpdateConfig(base::TimeTicks now);
+
+ // We store the IE SSL config and the time that we fetched it.
+ SSLConfig config_info_;
+ base::TimeTicks config_time_;
+ bool ever_updated_;
+
+ DISALLOW_EVIL_CONSTRUCTORS(SSLConfigServiceWin);
+};
+
+} // namespace net
+
+#endif // NET_BASE_SSL_CONFIG_SERVICE_WIN_H_
diff --git a/net/base/ssl_config_service_unittest.cc b/net/base/ssl_config_service_win_unittest.cc
index 8f61fe0..4cf508e 100644
--- a/net/base/ssl_config_service_unittest.cc
+++ b/net/base/ssl_config_service_win_unittest.cc
@@ -2,7 +2,7 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
-#include "net/base/ssl_config_service.h"
+#include "net/base/ssl_config_service_win.h"
#include "testing/gtest/include/gtest/gtest.h"
using base::TimeDelta;
@@ -10,12 +10,12 @@ using base::TimeTicks;
namespace {
-class SSLConfigServiceTest : public testing::Test {
+class SSLConfigServiceWinTest : public testing::Test {
};
} // namespace
-TEST(SSLConfigServiceTest, GetNowTest) {
+TEST(SSLConfigServiceWinTest, GetNowTest) {
// Verify that the constructor sets the correct default values.
net::SSLConfig config;
EXPECT_EQ(false, config.rev_checking_enabled);
@@ -23,64 +23,67 @@ TEST(SSLConfigServiceTest, GetNowTest) {
EXPECT_EQ(true, config.ssl3_enabled);
EXPECT_EQ(true, config.tls1_enabled);
- bool rv = net::SSLConfigService::GetSSLConfigNow(&config);
+ bool rv = net::SSLConfigServiceWin::GetSSLConfigNow(&config);
EXPECT_TRUE(rv);
}
-TEST(SSLConfigServiceTest, SetTest) {
+TEST(SSLConfigServiceWinTest, SetTest) {
// Save the current settings so we can restore them after the tests.
net::SSLConfig config_save;
- bool rv = net::SSLConfigService::GetSSLConfigNow(&config_save);
+ bool rv = net::SSLConfigServiceWin::GetSSLConfigNow(&config_save);
EXPECT_TRUE(rv);
net::SSLConfig config;
// Test SetRevCheckingEnabled.
- net::SSLConfigService::SetRevCheckingEnabled(true);
- rv = net::SSLConfigService::GetSSLConfigNow(&config);
+ net::SSLConfigServiceWin::SetRevCheckingEnabled(true);
+ rv = net::SSLConfigServiceWin::GetSSLConfigNow(&config);
EXPECT_TRUE(rv);
EXPECT_TRUE(config.rev_checking_enabled);
- net::SSLConfigService::SetRevCheckingEnabled(false);
- rv = net::SSLConfigService::GetSSLConfigNow(&config);
+ net::SSLConfigServiceWin::SetRevCheckingEnabled(false);
+ rv = net::SSLConfigServiceWin::GetSSLConfigNow(&config);
EXPECT_TRUE(rv);
EXPECT_FALSE(config.rev_checking_enabled);
- net::SSLConfigService::SetRevCheckingEnabled(
+ net::SSLConfigServiceWin::SetRevCheckingEnabled(
config_save.rev_checking_enabled);
// Test SetSSL2Enabled.
- net::SSLConfigService::SetSSL2Enabled(true);
- rv = net::SSLConfigService::GetSSLConfigNow(&config);
+ net::SSLConfigServiceWin::SetSSL2Enabled(true);
+ rv = net::SSLConfigServiceWin::GetSSLConfigNow(&config);
EXPECT_TRUE(rv);
EXPECT_TRUE(config.ssl2_enabled);
- net::SSLConfigService::SetSSL2Enabled(false);
- rv = net::SSLConfigService::GetSSLConfigNow(&config);
+ net::SSLConfigServiceWin::SetSSL2Enabled(false);
+ rv = net::SSLConfigServiceWin::GetSSLConfigNow(&config);
EXPECT_TRUE(rv);
EXPECT_FALSE(config.ssl2_enabled);
- net::SSLConfigService::SetSSL2Enabled(config_save.ssl2_enabled);
+ net::SSLConfigServiceWin::SetSSL2Enabled(config_save.ssl2_enabled);
}
-TEST(SSLConfigServiceTest, GetTest) {
+TEST(SSLConfigServiceWinTest, GetTest) {
TimeTicks now = TimeTicks::Now();
TimeTicks now_1 = now + TimeDelta::FromSeconds(1);
TimeTicks now_11 = now + TimeDelta::FromSeconds(11);
net::SSLConfig config, config_1, config_11;
- net::SSLConfigService config_service(now);
- config_service.GetSSLConfigAt(&config, now);
+ scoped_refptr<net::SSLConfigServiceWin> config_service(
+ new net::SSLConfigServiceWin(now));
+ config_service->GetSSLConfigAt(&config, now);
// Flip rev_checking_enabled.
- net::SSLConfigService::SetRevCheckingEnabled(!config.rev_checking_enabled);
+ net::SSLConfigServiceWin::SetRevCheckingEnabled(
+ !config.rev_checking_enabled);
- config_service.GetSSLConfigAt(&config_1, now_1);
+ config_service->GetSSLConfigAt(&config_1, now_1);
EXPECT_EQ(config.rev_checking_enabled, config_1.rev_checking_enabled);
- config_service.GetSSLConfigAt(&config_11, now_11);
+ config_service->GetSSLConfigAt(&config_11, now_11);
EXPECT_EQ(!config.rev_checking_enabled, config_11.rev_checking_enabled);
// Restore the original value.
- net::SSLConfigService::SetRevCheckingEnabled(config.rev_checking_enabled);
+ net::SSLConfigServiceWin::SetRevCheckingEnabled(
+ config.rev_checking_enabled);
}
generated by cgit v1.1 at 2025-02-02 17:04:16 +0000