Home | History | Annotate | Download | only in policy 
      1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #include "chrome/browser/chromeos/policy/network_configuration_updater.h"
      6 #include "chromeos/network/onc/onc_constants.h"
      7 #include "content/public/browser/browser_thread.h"
      8 #include "net/cert/cert_trust_anchor_provider.h"
      9 
     10 using content::BrowserThread;
     11 
     12 namespace policy {
     13 
     14 namespace {
     15 
     16 // A simple implementation of net::CertTrustAnchorProvider that returns a list
     17 // of certificates that can be set by the owner of this object.
     18 class CrosTrustAnchorProvider : public net::CertTrustAnchorProvider {
     19  public:
     20   CrosTrustAnchorProvider()
     21       : trust_anchors_(new net::CertificateList) {
     22   }
     23 
     24   virtual ~CrosTrustAnchorProvider() {
     25   }
     26 
     27   // CertTrustAnchorProvider overrides.
     28   virtual const net::CertificateList& GetAdditionalTrustAnchors() OVERRIDE {
     29     DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
     30     return *trust_anchors_;
     31   }
     32 
     33   void SetTrustAnchors(scoped_ptr<net::CertificateList> trust_anchors) {
     34     DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
     35     trust_anchors_ = trust_anchors.Pass();
     36   }
     37 
     38  private:
     39   scoped_ptr<net::CertificateList> trust_anchors_;
     40 
     41   DISALLOW_COPY_AND_ASSIGN(CrosTrustAnchorProvider);
     42 };
     43 
     44 }  // namespace
     45 
     46 NetworkConfigurationUpdater::NetworkConfigurationUpdater()
     47     : allow_trusted_certificates_from_policy_(false),
     48       cert_trust_provider_(new CrosTrustAnchorProvider()) {
     49 }
     50 
     51 NetworkConfigurationUpdater::~NetworkConfigurationUpdater() {
     52   bool posted = BrowserThread::DeleteSoon(
     53       BrowserThread::IO, FROM_HERE, cert_trust_provider_);
     54   if (!posted)
     55     delete cert_trust_provider_;
     56 }
     57 
     58 net::CertTrustAnchorProvider*
     59 NetworkConfigurationUpdater::GetCertTrustAnchorProvider() {
     60   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
     61   return cert_trust_provider_;
     62 }
     63 
     64 void NetworkConfigurationUpdater::SetAllowTrustedCertsFromPolicy() {
     65   allow_trusted_certificates_from_policy_ = true;
     66 }
     67 
     68 void NetworkConfigurationUpdater::SetTrustAnchors(
     69     scoped_ptr<net::CertificateList> web_trust_certs) {
     70   if (allow_trusted_certificates_from_policy_) {
     71     BrowserThread::PostTask(
     72         BrowserThread::IO, FROM_HERE,
     73         base::Bind(&CrosTrustAnchorProvider::SetTrustAnchors,
     74                    base::Unretained(static_cast<CrosTrustAnchorProvider*>(
     75                        cert_trust_provider_)),
     76                    base::Passed(&web_trust_certs)));
     77   }
     78 }
     79 
     80 }  // namespace policy
     81