Index: net/socket/client_socket_factory.cc |
diff --git a/net/socket/client_socket_factory.cc b/net/socket/client_socket_factory.cc |
index 42f6d4f20cebcf90c4d82d2c1be78d6d38ed099c..cf384d43b415d3694a05bea8921ca5fb1897c86a 100644 |
--- a/net/socket/client_socket_factory.cc |
+++ b/net/socket/client_socket_factory.cc |
@@ -5,6 +5,8 @@ |
#include "net/socket/client_socket_factory.h" |
#include "base/lazy_instance.h" |
+#include "base/thread_task_runner_handle.h" |
+#include "base/threading/thread.h" |
#include "build/build_config.h" |
#include "net/base/cert_database.h" |
#include "net/socket/client_socket_handle.h" |
@@ -31,10 +33,24 @@ namespace { |
bool g_use_system_ssl = false; |
+// ChromeOS uses a hardware TPM module that may cause NSS operations to |
+// block for upwards of several seconds. To avoid blocking all network and |
+// IPC activity, run NSS SSL functions on a dedicated thread. |
+#if defined(OS_CHROMEOS) |
+bool g_use_dedicated_nss_thread = true; |
+#else |
+bool g_use_dedicated_nss_thread = false; |
+#endif |
+ |
class DefaultClientSocketFactory : public ClientSocketFactory, |
public CertDatabase::Observer { |
public: |
DefaultClientSocketFactory() { |
+ if (g_use_dedicated_nss_thread) { |
+ nss_thread_.reset(new base::Thread("NSS SSL Thread")); |
+ nss_thread_->Start(); |
wtc
2012/06/01 01:02:38
This creates a thread with MessageLoop::TYPE_DEFAU
Ryan Sleevi
2012/06/01 01:30:04
Yes.
This is why I need to test on the other plat
|
+ } |
+ |
CertDatabase::AddObserver(this); |
} |
@@ -76,26 +92,35 @@ class DefaultClientSocketFactory : public ClientSocketFactory, |
const SSLClientSocketContext& context) { |
scoped_ptr<SSLHostInfo> shi(ssl_host_info); |
-#if defined(OS_WIN) |
+ scoped_refptr<base::SingleThreadTaskRunner> nss_task_runner( |
+ base::ThreadTaskRunnerHandle::Get()); |
willchan no longer on Chromium
2012/06/04 16:50:38
How about changing this to be acquired once in the
Ryan Sleevi
2012/06/06 00:57:06
Undid this change. Unit tests may change the curre
|
+ |
+ if (g_use_dedicated_nss_thread && nss_thread_->message_loop_proxy()) |
+ nss_task_runner = nss_thread_->message_loop_proxy(); |
+ |
+#if defined(USE_OPENSSL) |
+ return new SSLClientSocketOpenSSL(transport_socket, host_and_port, |
+ ssl_config, context); |
+#elif defined(USE_NSS) |
+ return new SSLClientSocketNSS(nss_task_runner, transport_socket, |
+ host_and_port, ssl_config, shi.release(), |
+ context); |
+#elif defined(OS_WIN) |
if (g_use_system_ssl) { |
return new SSLClientSocketWin(transport_socket, host_and_port, |
ssl_config, context); |
} |
- return new SSLClientSocketNSS(transport_socket, host_and_port, ssl_config, |
- shi.release(), context); |
-#elif defined(USE_OPENSSL) |
- return new SSLClientSocketOpenSSL(transport_socket, host_and_port, |
- ssl_config, context); |
-#elif defined(USE_NSS) |
- return new SSLClientSocketNSS(transport_socket, host_and_port, ssl_config, |
- shi.release(), context); |
+ return new SSLClientSocketNSS(nss_task_runner, transport_socket, |
+ host_and_port, ssl_config, shi.release(), |
+ context); |
#elif defined(OS_MACOSX) |
if (g_use_system_ssl) { |
return new SSLClientSocketMac(transport_socket, host_and_port, |
ssl_config, context); |
} |
- return new SSLClientSocketNSS(transport_socket, host_and_port, ssl_config, |
- shi.release(), context); |
+ return new SSLClientSocketNSS(nss_task_runner, transport_socket, |
+ host_and_port, ssl_config, shi.release(), |
+ context); |
#else |
NOTIMPLEMENTED(); |
return NULL; |
@@ -106,6 +131,8 @@ class DefaultClientSocketFactory : public ClientSocketFactory, |
SSLClientSocket::ClearSessionCache(); |
} |
+ private: |
+ scoped_ptr<base::Thread> nss_thread_; |
}; |
static base::LazyInstance<DefaultClientSocketFactory> |