• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef CHROMEOS_NETWORK_CLIENT_CERT_RESOLVER_H_
6 #define CHROMEOS_NETWORK_CLIENT_CERT_RESOLVER_H_
7 
8 #include <string>
9 #include <vector>
10 
11 #include "base/basictypes.h"
12 #include "base/memory/ref_counted.h"
13 #include "base/memory/scoped_ptr.h"
14 #include "base/memory/weak_ptr.h"
15 #include "chromeos/cert_loader.h"
16 #include "chromeos/chromeos_export.h"
17 #include "chromeos/network/network_policy_observer.h"
18 #include "chromeos/network/network_state_handler_observer.h"
19 
20 namespace base {
21 class TaskRunner;
22 }
23 
24 namespace chromeos {
25 
26 class FavoriteState;
27 class NetworkStateHandler;
28 class ManagedNetworkConfigurationHandler;
29 
30 // Observes the known networks. If a network is configured with a client
31 // certificate pattern, this class searches for a matching client certificate.
32 // Each time it finds a match, it configures the network accordingly.
33 class CHROMEOS_EXPORT ClientCertResolver : public NetworkStateHandlerObserver,
34                                            public CertLoader::Observer,
35                                            public NetworkPolicyObserver {
36  public:
37   struct NetworkAndMatchingCert;
38 
39   ClientCertResolver();
40   virtual ~ClientCertResolver();
41 
42   void Init(NetworkStateHandler* network_state_handler,
43             ManagedNetworkConfigurationHandler* managed_network_config_handler);
44 
45   // Sets the task runner that any slow calls will be made from, e.g. calls
46   // to the NSS database. If not set, uses base::WorkerPool.
47   void SetSlowTaskRunnerForTest(
48       const scoped_refptr<base::TaskRunner>& task_runner);
49 
50  private:
51   typedef std::vector<const FavoriteState*> FavoriteStateList;
52 
53    // NetworkStateHandlerObserver overrides
54   virtual void NetworkListChanged() OVERRIDE;
55 
56   // CertLoader::Observer overrides
57   virtual void OnCertificatesLoaded(const net::CertificateList& cert_list,
58                                     bool initial_load) OVERRIDE;
59 
60   // NetworkPolicyObserver overrides
61   virtual void PolicyApplied(const std::string& service_path) OVERRIDE;
62 
63   // Check which networks of |networks| are configured with a client certificate
64   // pattern. Search for certificates, on the worker thread, and configure the
65   // networks for which a matching cert is found (see ConfigureCertificates).
66   void ResolveNetworks(const FavoriteStateList& networks);
67 
68   // |matches| contains networks for which a matching certificate was found.
69   // Configures these networks.
70   void ConfigureCertificates(std::vector<NetworkAndMatchingCert>* matches);
71 
72   // The set of networks that were checked/resolved in previous passes. These
73   // networks are skipped in the NetworkListChanged notification.
74   std::set<std::string> resolved_networks_;
75 
76   // Unowned associated (global or test) instance.
77   NetworkStateHandler* network_state_handler_;
78 
79   // Unowned associated (global or test) instance.
80   ManagedNetworkConfigurationHandler* managed_network_config_handler_;
81 
82   // TaskRunner for slow tasks.
83   scoped_refptr<base::TaskRunner> slow_task_runner_for_test_;
84 
85   base::WeakPtrFactory<ClientCertResolver> weak_ptr_factory_;
86 
87   DISALLOW_COPY_AND_ASSIGN(ClientCertResolver);
88 };
89 
90 }  // namespace chromeos
91 
92 #endif  // CHROMEOS_NETWORK_CLIENT_CERT_RESOLVER_H_
93