| // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #ifndef NET_SSL_SSL_CONFIG_SERVICE_H_ |
| #define NET_SSL_SSL_CONFIG_SERVICE_H_ |
| |
| #include <vector> |
| |
| #include "base/memory/ref_counted.h" |
| #include "base/observer_list.h" |
| #include "net/base/net_export.h" |
| #include "net/cert/crl_set.h" |
| #include "net/cert/ct_ev_whitelist.h" |
| #include "net/ssl/ssl_config.h" |
| |
| namespace net { |
| |
| // The interface for retrieving the SSL configuration. This interface |
| // does not cover setting the SSL configuration, as on some systems, the |
| // SSLConfigService objects may not have direct access to the configuration, or |
| // live longer than the configuration preferences. |
| class NET_EXPORT SSLConfigService |
| : public base::RefCountedThreadSafe<SSLConfigService> { |
| public: |
| // Observer is notified when SSL config settings have changed. |
| class NET_EXPORT Observer { |
| public: |
| // Notify observers if SSL settings have changed. We don't check all of the |
| // data in SSLConfig, just those that qualify as a user config change. |
| // The following settings are considered user changes: |
| // rev_checking_enabled |
| // version_min |
| // version_max |
| // disabled_cipher_suites |
| // channel_id_enabled |
| // false_start_enabled |
| // require_forward_secrecy |
| virtual void OnSSLConfigChanged() = 0; |
| |
| protected: |
| virtual ~Observer() {} |
| }; |
| |
| SSLConfigService(); |
| |
| // May not be thread-safe, should only be called on the IO thread. |
| virtual void GetSSLConfig(SSLConfig* config) = 0; |
| |
| // Sets and gets the current, global CRL set. |
| static void SetCRLSet(scoped_refptr<CRLSet> crl_set); |
| static scoped_refptr<CRLSet> GetCRLSet(); |
| |
| // Sets and gets the current, global EV certificates whitelist |
| static void SetEVCertsWhitelist( |
| scoped_refptr<ct::EVCertsWhitelist> ev_whitelist); |
| static scoped_refptr<ct::EVCertsWhitelist> GetEVCertsWhitelist(); |
| |
| // Add an observer of this service. |
| void AddObserver(Observer* observer); |
| |
| // Remove an observer of this service. |
| void RemoveObserver(Observer* observer); |
| |
| // Calls the OnSSLConfigChanged method of registered observers. Should only be |
| // called on the IO thread. |
| void NotifySSLConfigChange(); |
| |
| protected: |
| friend class base::RefCountedThreadSafe<SSLConfigService>; |
| |
| virtual ~SSLConfigService(); |
| |
| // Process before/after config update. |
| void ProcessConfigUpdate(const SSLConfig& orig_config, |
| const SSLConfig& new_config); |
| |
| private: |
| base::ObserverList<Observer> observer_list_; |
| }; |
| |
| } // namespace net |
| |
| #endif // NET_SSL_SSL_CONFIG_SERVICE_H_ |