network_configuration_updater.h revision 7d4cd473f85ac64c3747c96c277f9e506a0d2246
1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef CHROME_BROWSER_CHROMEOS_POLICY_NETWORK_CONFIGURATION_UPDATER_H_ 6#define CHROME_BROWSER_CHROMEOS_POLICY_NETWORK_CONFIGURATION_UPDATER_H_ 7 8#include "base/basictypes.h" 9#include "base/memory/scoped_ptr.h" 10#include "net/cert/x509_certificate.h" 11 12namespace net { 13class CertTrustAnchorProvider; 14} 15 16namespace policy { 17 18class PolicyService; 19 20// Keeps track of the network configuration policy settings and pushes changes 21// to the respective configuration backend, which in turn writes configurations 22// to Shill. 23class NetworkConfigurationUpdater { 24 public: 25 NetworkConfigurationUpdater(); 26 virtual ~NetworkConfigurationUpdater(); 27 28 // Provides the user policy service to the updater. Before this function is 29 // called and the policy service is completely initialized, the user policy is 30 // not applied. This function may trigger immediate policy applications. Web 31 // trust isn't given to certificates imported from ONC by default. Setting 32 // |allow_trust_certs_from_policy| to true allows giving Web trust to the 33 // certificates that request it. The pointer |user_policy_service| is 34 // stored until UnsetUserPolicyService is called. 35 virtual void SetUserPolicyService(bool allow_trusted_certs_from_policy, 36 const std::string& hashed_username, 37 PolicyService* user_policy_service) = 0; 38 39 // Unregisters from the PolicyService previously provided by 40 // SetUserPolicyService and unsets the stored pointer. 41 virtual void UnsetUserPolicyService() = 0; 42 43 // Returns a CertTrustAnchorProvider that provides the list of server and 44 // CA certificates with the Web trust flag set that were retrieved from the 45 // last user ONC policy update. 46 // This getter must be used on the UI thread, and the provider must be used 47 // on the IO thread. It is only valid as long as the 48 // NetworkConfigurationUpdater is valid; the NetworkConfigurationUpdater 49 // outlives all the profiles, and deletes the provider on the IO thread. 50 net::CertTrustAnchorProvider* GetCertTrustAnchorProvider(); 51 52 protected: 53 void SetAllowTrustedCertsFromPolicy(); 54 55 void SetTrustAnchors(scoped_ptr<net::CertificateList> web_trust_certs); 56 57 private: 58 // Whether Web trust is allowed or not. 59 bool allow_trusted_certificates_from_policy_; 60 61 // An implementation of CertTrustAnchorProvider. Owned by this class, but 62 // runs and is deleted on the IO thread. 63 net::CertTrustAnchorProvider* cert_trust_provider_; 64 65 DISALLOW_COPY_AND_ASSIGN(NetworkConfigurationUpdater); 66}; 67 68} // namespace policy 69 70#endif // CHROME_BROWSER_CHROMEOS_POLICY_NETWORK_CONFIGURATION_UPDATER_H_ 71