1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#include "net/ssl/ssl_config_service.h" 6 7#include "base/lazy_instance.h" 8#include "base/synchronization/lock.h" 9#include "net/ssl/ssl_config_service_defaults.h" 10 11namespace net { 12 13SSLConfigService::SSLConfigService() 14 : observer_list_(ObserverList<Observer>::NOTIFY_EXISTING_ONLY) { 15} 16 17// GlobalCRLSet holds a reference to the global CRLSet. It simply wraps a lock 18// around a scoped_refptr so that getting a reference doesn't race with 19// updating the CRLSet. 20class GlobalCRLSet { 21 public: 22 void Set(const scoped_refptr<CRLSet>& new_crl_set) { 23 base::AutoLock locked(lock_); 24 crl_set_ = new_crl_set; 25 } 26 27 scoped_refptr<CRLSet> Get() const { 28 base::AutoLock locked(lock_); 29 return crl_set_; 30 } 31 32 private: 33 scoped_refptr<CRLSet> crl_set_; 34 mutable base::Lock lock_; 35}; 36 37base::LazyInstance<GlobalCRLSet>::Leaky g_crl_set = LAZY_INSTANCE_INITIALIZER; 38 39// static 40void SSLConfigService::SetCRLSet(scoped_refptr<CRLSet> crl_set) { 41 // Note: this can be called concurently with GetCRLSet(). 42 g_crl_set.Get().Set(crl_set); 43} 44 45// static 46scoped_refptr<CRLSet> SSLConfigService::GetCRLSet() { 47 return g_crl_set.Get().Get(); 48} 49 50void SSLConfigService::AddObserver(Observer* observer) { 51 observer_list_.AddObserver(observer); 52} 53 54void SSLConfigService::RemoveObserver(Observer* observer) { 55 observer_list_.RemoveObserver(observer); 56} 57 58void SSLConfigService::NotifySSLConfigChange() { 59 FOR_EACH_OBSERVER(Observer, observer_list_, OnSSLConfigChanged()); 60} 61 62SSLConfigService::~SSLConfigService() { 63} 64 65void SSLConfigService::ProcessConfigUpdate(const SSLConfig& orig_config, 66 const SSLConfig& new_config) { 67 bool config_changed = 68 (orig_config.rev_checking_enabled != new_config.rev_checking_enabled) || 69 (orig_config.rev_checking_required_local_anchors != 70 new_config.rev_checking_required_local_anchors) || 71 (orig_config.version_min != new_config.version_min) || 72 (orig_config.version_max != new_config.version_max) || 73 (orig_config.disabled_cipher_suites != 74 new_config.disabled_cipher_suites) || 75 (orig_config.channel_id_enabled != new_config.channel_id_enabled) || 76 (orig_config.false_start_enabled != new_config.false_start_enabled) || 77 (orig_config.require_forward_secrecy != 78 new_config.require_forward_secrecy); 79 80 if (config_changed) 81 NotifySSLConfigChange(); 82} 83 84} // namespace net 85