15821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Copyright (c) 2012 The Chromium Authors. All rights reserved. 25821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 35821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// found in the LICENSE file. 45821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 52a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#ifndef NET_SSL_SSL_CONFIG_SERVICE_H_ 62a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#define NET_SSL_SSL_CONFIG_SERVICE_H_ 75821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 85821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include <vector> 95821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/memory/ref_counted.h" 115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/observer_list.h" 125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "net/base/net_export.h" 13c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "net/cert/crl_set.h" 14effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch#include "net/ssl/ssl_config.h" 155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)namespace net { 175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// The interface for retrieving the SSL configuration. This interface 195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// does not cover setting the SSL configuration, as on some systems, the 205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// SSLConfigService objects may not have direct access to the configuration, or 215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// live longer than the configuration preferences. 225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)class NET_EXPORT SSLConfigService 235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) : public base::RefCountedThreadSafe<SSLConfigService> { 245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) public: 255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Observer is notified when SSL config settings have changed. 265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) class NET_EXPORT Observer { 275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) public: 285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Notify observers if SSL settings have changed. We don't check all of the 295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // data in SSLConfig, just those that qualify as a user config change. 305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // The following settings are considered user changes: 315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // rev_checking_enabled 325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // version_min 335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // version_max 345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // disabled_cipher_suites 355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // channel_id_enabled 365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // false_start_enabled 370f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // require_forward_secrecy 385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual void OnSSLConfigChanged() = 0; 395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) protected: 415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual ~Observer() {} 425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) }; 435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SSLConfigService(); 455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // May not be thread-safe, should only be called on the IO thread. 475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual void GetSSLConfig(SSLConfig* config) = 0; 485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Sets and gets the current, global CRL set. 505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) static void SetCRLSet(scoped_refptr<CRLSet> crl_set); 515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) static scoped_refptr<CRLSet> GetCRLSet(); 525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Add an observer of this service. 545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) void AddObserver(Observer* observer); 555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Remove an observer of this service. 575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) void RemoveObserver(Observer* observer); 585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 592a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Calls the OnSSLConfigChanged method of registered observers. Should only be 602a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // called on the IO thread. 612a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void NotifySSLConfigChange(); 622a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) protected: 645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) friend class base::RefCountedThreadSafe<SSLConfigService>; 655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual ~SSLConfigService(); 675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Process before/after config update. 695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) void ProcessConfigUpdate(const SSLConfig& orig_config, 705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const SSLConfig& new_config); 715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) private: 735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ObserverList<Observer> observer_list_; 745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}; 755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} // namespace net 775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 782a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#endif // NET_SSL_SSL_CONFIG_SERVICE_H_ 79