net/ssl/ssl_config_service.cc

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "net/ssl/ssl_config_service.h"
   6
   7 #include "base/lazy_instance.h"
   8 #include "base/synchronization/lock.h"
   9 #include "net/ssl/ssl_config_service_defaults.h"
  10
  11 namespace net {
  12
  13 SSLConfigService::SSLConfigService()
  14     : observer_list_(base::ObserverList<Observer>::NOTIFY_EXISTING_ONLY) {
  15 }
  16
  17 // GlobalSSLObject holds a reference to a global SSL object, such as the
  18 // CRLSet or the EVCertsWhitelist. It simply wraps a lock  around a
  19 // scoped_refptr so that getting a reference doesn't race with
  20 // updating the global object.
  21 template <class T>
  22 class GlobalSSLObject {
  23  public:
  24   void Set(const scoped_refptr<T>& new_ssl_object) {
  25     base::AutoLock locked(lock_);
  26     ssl_object_ = new_ssl_object;
  27   }
  28
  29   scoped_refptr<T> Get() const {
  30     base::AutoLock locked(lock_);
  31     return ssl_object_;
  32   }
  33
  34  private:
  35   scoped_refptr<T> ssl_object_;
  36   mutable base::Lock lock_;
  37 };
  38
  39 typedef GlobalSSLObject<CRLSet> GlobalCRLSet;
  40 typedef GlobalSSLObject<ct::EVCertsWhitelist> GlobalEVCertsWhitelist;
  41
  42 base::LazyInstance<GlobalCRLSet>::Leaky g_crl_set = LAZY_INSTANCE_INITIALIZER;
  43 base::LazyInstance<GlobalEVCertsWhitelist>::Leaky g_ev_whitelist =
  44     LAZY_INSTANCE_INITIALIZER;
  45
  46 // static
  47 void SSLConfigService::SetCRLSet(scoped_refptr<CRLSet> crl_set) {
  48   // Note: this can be called concurently with GetCRLSet().
  49   g_crl_set.Get().Set(crl_set);
  50 }
  51
  52 // static
  53 scoped_refptr<CRLSet> SSLConfigService::GetCRLSet() {
  54   return g_crl_set.Get().Get();
  55 }
  56
  57 // static
  58 void SSLConfigService::SetEVCertsWhitelist(
  59     scoped_refptr<ct::EVCertsWhitelist> ev_whitelist) {
  60   g_ev_whitelist.Get().Set(ev_whitelist);
  61 }
  62
  63 // static
  64 scoped_refptr<ct::EVCertsWhitelist> SSLConfigService::GetEVCertsWhitelist() {
  65   return g_ev_whitelist.Get().Get();
  66 }
  67
  68 void SSLConfigService::AddObserver(Observer* observer) {
  69   observer_list_.AddObserver(observer);
  70 }
  71
  72 void SSLConfigService::RemoveObserver(Observer* observer) {
  73   observer_list_.RemoveObserver(observer);
  74 }
  75
  76 void SSLConfigService::NotifySSLConfigChange() {
  77   FOR_EACH_OBSERVER(Observer, observer_list_, OnSSLConfigChanged());
  78 }
  79
  80 SSLConfigService::~SSLConfigService() {
  81 }
  82
  83 void SSLConfigService::ProcessConfigUpdate(const SSLConfig& orig_config,
  84                                            const SSLConfig& new_config) {
  85   bool config_changed =
  86       (orig_config.rev_checking_enabled != new_config.rev_checking_enabled) ||
  87       (orig_config.rev_checking_required_local_anchors !=
  88        new_config.rev_checking_required_local_anchors) ||
  89       (orig_config.version_min != new_config.version_min) ||
  90       (orig_config.version_max != new_config.version_max) ||
  91       (orig_config.disabled_cipher_suites !=
  92        new_config.disabled_cipher_suites) ||
  93       (orig_config.channel_id_enabled != new_config.channel_id_enabled) ||
  94       (orig_config.false_start_enabled != new_config.false_start_enabled) ||
  95       (orig_config.require_ecdhe != new_config.require_ecdhe);
  96
  97   if (config_changed)
  98     NotifySSLConfigChange();
  99 }
 100
 101 }  // namespace net