| Index: chrome/browser/chromeos/policy/policy_cert_service.cc
|
| diff --git a/chrome/browser/chromeos/policy/policy_cert_service.cc b/chrome/browser/chromeos/policy/policy_cert_service.cc
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..990702d0d9c0c59fa3823e31aa352e14bc3ead86
|
| --- /dev/null
|
| +++ b/chrome/browser/chromeos/policy/policy_cert_service.cc
|
| @@ -0,0 +1,87 @@
|
| +// Copyright 2013 The Chromium Authors. All rights reserved.
|
| +// Use of this source code is governed by a BSD-style license that can be
|
| +// found in the LICENSE file.
|
| +
|
| +#include "chrome/browser/chromeos/policy/policy_cert_service.h"
|
| +
|
| +#include "base/bind.h"
|
| +#include "base/bind_helpers.h"
|
| +#include "base/logging.h"
|
| +#include "base/prefs/pref_service.h"
|
| +#include "chrome/browser/chromeos/policy/policy_cert_verifier.h"
|
| +#include "chrome/common/pref_names.h"
|
| +#include "content/public/browser/browser_thread.h"
|
| +#include "net/cert/x509_certificate.h"
|
| +
|
| +namespace policy {
|
| +
|
| +PolicyCertService::~PolicyCertService() {
|
| + DCHECK(cert_verifier_)
|
| + << "CreatePolicyCertVerifier() must be called after construction.";
|
| +}
|
| +
|
| +PolicyCertService::PolicyCertService(
|
| + UserNetworkConfigurationUpdater* net_conf_updater,
|
| + PrefService* user_prefs)
|
| + : cert_verifier_(NULL),
|
| + net_conf_updater_(net_conf_updater),
|
| + user_prefs_(user_prefs),
|
| + weak_ptr_factory_(this) {
|
| + DCHECK(net_conf_updater_);
|
| + DCHECK(user_prefs_);
|
| +}
|
| +
|
| +scoped_ptr<PolicyCertVerifier> PolicyCertService::CreatePolicyCertVerifier() {
|
| + base::Closure callback =
|
| + base::Bind(&PolicyCertService::SetUsedPolicyCertificatesOnce,
|
| + weak_ptr_factory_.GetWeakPtr());
|
| + cert_verifier_ = new PolicyCertVerifier(
|
| + base::Bind(base::IgnoreResult(&content::BrowserThread::PostTask),
|
| + content::BrowserThread::UI,
|
| + FROM_HERE,
|
| + callback));
|
| + // Certs are forwarded to |cert_verifier_|, thus register here after
|
| + // |cert_verifier_| is created.
|
| + net_conf_updater_->AddTrustedCertsObserver(this);
|
| +
|
| + // Set the current list of trust anchors.
|
| + net::CertificateList trust_anchors;
|
| + net_conf_updater_->GetWebTrustedCertificates(&trust_anchors);
|
| + OnTrustAnchorsChanged(trust_anchors);
|
| +
|
| + return make_scoped_ptr(cert_verifier_);
|
| +}
|
| +
|
| +void PolicyCertService::OnTrustAnchorsChanged(
|
| + const net::CertificateList& trust_anchors) {
|
| + DCHECK(cert_verifier_);
|
| + // It's safe to use base::Unretained here, because it's guaranteed that
|
| + // |cert_verifier_| outlives this object (see description of
|
| + // CreatePolicyCertVerifier).
|
| + // Note: ProfileIOData, which owns the CertVerifier is deleted by a
|
| + // DeleteSoon on IO, i.e. after all pending tasks on IO are finished.
|
| + content::BrowserThread::PostTask(
|
| + content::BrowserThread::IO,
|
| + FROM_HERE,
|
| + base::Bind(&PolicyCertVerifier::SetTrustAnchors,
|
| + base::Unretained(cert_verifier_),
|
| + trust_anchors));
|
| +}
|
| +
|
| +bool PolicyCertService::UsedPolicyCertificates() const {
|
| + return user_prefs_->GetBoolean(prefs::kUsedPolicyCertificatesOnce);
|
| +}
|
| +
|
| +void PolicyCertService::Shutdown() {
|
| + weak_ptr_factory_.InvalidateWeakPtrs();
|
| + net_conf_updater_->RemoveTrustedCertsObserver(this);
|
| + OnTrustAnchorsChanged(net::CertificateList());
|
| + net_conf_updater_ = NULL;
|
| + user_prefs_ = NULL;
|
| +}
|
| +
|
| +void PolicyCertService::SetUsedPolicyCertificatesOnce() {
|
| + user_prefs_->SetBoolean(prefs::kUsedPolicyCertificatesOnce, true);
|
| +}
|
| +
|
| +} // namespace policy
|
|
|
Chromium Code Reviews
Issue 24153012:
Fix cyclic dependency between ProfilePolicyConnector and PrefService. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src