network_configuration_updater.h revision c2e0dbddbe15c98d52c4786dac06cb8952a8ae6d
1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef CHROME_BROWSER_CHROMEOS_POLICY_NETWORK_CONFIGURATION_UPDATER_H_ 6#define CHROME_BROWSER_CHROMEOS_POLICY_NETWORK_CONFIGURATION_UPDATER_H_ 7 8#include "base/basictypes.h" 9#include "base/memory/scoped_ptr.h" 10#include "net/cert/x509_certificate.h" 11 12namespace net { 13class CertTrustAnchorProvider; 14} 15 16namespace policy { 17 18// Keeps track of the network configuration policy settings and pushes changes 19// to the respective configuration backend, which in turn writes configurations 20// to Shill. 21class NetworkConfigurationUpdater { 22 public: 23 NetworkConfigurationUpdater(); 24 virtual ~NetworkConfigurationUpdater(); 25 26 // Notifies this updater that the user policy is initialized. Before this 27 // function is called, the user policy is not applied. This function may 28 // trigger immediate policy applications. 29 // Web trust isn't given to certificates imported from ONC by default. Setting 30 // |allow_trust_certs_from_policy| to true allows giving Web trust to the 31 // certificates that request it. 32 virtual void OnUserPolicyInitialized(bool allow_trusted_certs_from_policy, 33 const std::string& hashed_username) = 0; 34 35 // Returns a CertTrustAnchorProvider that provides the list of server and 36 // CA certificates with the Web trust flag set that were retrieved from the 37 // last user ONC policy update. 38 // This getter must be used on the UI thread, and the provider must be used 39 // on the IO thread. It is only valid as long as the 40 // NetworkConfigurationUpdater is valid; the NetworkConfigurationUpdater 41 // outlives all the profiles, and deletes the provider on the IO thread. 42 net::CertTrustAnchorProvider* GetCertTrustAnchorProvider(); 43 44 protected: 45 void SetAllowTrustedCertsFromPolicy(); 46 47 void SetTrustAnchors(scoped_ptr<net::CertificateList> web_trust_certs); 48 49 private: 50 // Whether Web trust is allowed or not. 51 bool allow_trusted_certificates_from_policy_; 52 53 // An implementation of CertTrustAnchorProvider. Owned by this class, but 54 // runs and is deleted on the IO thread. 55 net::CertTrustAnchorProvider* cert_trust_provider_; 56 57 DISALLOW_COPY_AND_ASSIGN(NetworkConfigurationUpdater); 58}; 59 60} // namespace policy 61 62#endif // CHROME_BROWSER_CHROMEOS_POLICY_NETWORK_CONFIGURATION_UPDATER_H_ 63