| Index: net/base/cert_verifier.cc
|
| ===================================================================
|
| --- net/base/cert_verifier.cc (revision 7188)
|
| +++ net/base/cert_verifier.cc (working copy)
|
| @@ -1,95 +1,46 @@
|
| -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
|
| +// Copyright (c) 2008 The Chromium Authors. All rights reserved.
|
| // Use of this source code is governed by a BSD-style license that can be
|
| // found in the LICENSE file.
|
|
|
| -#include "net/base/host_resolver.h"
|
| +#include "net/base/cert_verifier.h"
|
|
|
| -#if defined(OS_WIN)
|
| -#include <ws2tcpip.h>
|
| -#include <wspiapi.h> // Needed for Win2k compat.
|
| -#elif defined(OS_POSIX)
|
| -#include <netdb.h>
|
| -#include <sys/socket.h>
|
| -#endif
|
| -
|
| #include "base/message_loop.h"
|
| -#include "base/string_util.h"
|
| #include "base/worker_pool.h"
|
| -#include "net/base/address_list.h"
|
| #include "net/base/net_errors.h"
|
| +#include "net/base/x509_certificate.h"
|
|
|
| -#if defined(OS_WIN)
|
| -#include "net/base/winsock_init.h"
|
| -#endif
|
| -
|
| namespace net {
|
|
|
| -//-----------------------------------------------------------------------------
|
| -
|
| -static HostMapper* host_mapper;
|
| -
|
| -HostMapper* SetHostMapper(HostMapper* value) {
|
| - std::swap(host_mapper, value);
|
| - return value;
|
| -}
|
| -
|
| -static int HostResolverProc(
|
| - const std::string& host, const std::string& port, struct addrinfo** out) {
|
| - struct addrinfo hints = {0};
|
| - hints.ai_family = PF_UNSPEC;
|
| - hints.ai_flags = AI_ADDRCONFIG;
|
| -
|
| - // Restrict result set to only this socket type to avoid duplicates.
|
| - hints.ai_socktype = SOCK_STREAM;
|
| -
|
| - int err = getaddrinfo(host.c_str(), port.c_str(), &hints, out);
|
| - return err ? ERR_NAME_NOT_RESOLVED : OK;
|
| -}
|
| -
|
| -static int ResolveAddrInfo(
|
| - const std::string& host, const std::string& port, struct addrinfo** out) {
|
| - int rv;
|
| - if (host_mapper) {
|
| - rv = HostResolverProc(host_mapper->Map(host), port, out);
|
| - } else {
|
| - rv = HostResolverProc(host, port, out);
|
| - }
|
| - return rv;
|
| -}
|
| -
|
| -//-----------------------------------------------------------------------------
|
| -
|
| -class HostResolver::Request :
|
| - public base::RefCountedThreadSafe<HostResolver::Request> {
|
| +class CertVerifier::Request :
|
| + public base::RefCountedThreadSafe<CertVerifier::Request> {
|
| public:
|
| - Request(HostResolver* resolver,
|
| - const std::string& host,
|
| - const std::string& port,
|
| - AddressList* addresses,
|
| + Request(CertVerifier* verifier,
|
| + X509Certificate* cert,
|
| + const std::string& hostname,
|
| + bool rev_checking_enabled,
|
| + int* cert_status,
|
| CompletionCallback* callback)
|
| - : host_(host),
|
| - port_(port),
|
| - resolver_(resolver),
|
| - addresses_(addresses),
|
| + : cert_(cert),
|
| + hostname_(hostname),
|
| + rev_checking_enabled_(rev_checking_enabled),
|
| + verifier_(verifier),
|
| + cert_status_(cert_status),
|
| callback_(callback),
|
| origin_loop_(MessageLoop::current()),
|
| error_(OK),
|
| - results_(NULL) {
|
| + result_(0) {
|
| }
|
| -
|
| - ~Request() {
|
| - if (results_)
|
| - freeaddrinfo(results_);
|
| - }
|
|
|
| - void DoLookup() {
|
| + ~Request() {}
|
| +
|
| + void DoVerify() {
|
| // Running on the worker thread
|
| - error_ = ResolveAddrInfo(host_, port_, &results_);
|
| + error_ = cert_->Verify(hostname_, rev_checking_enabled_, &result_);
|
|
|
| Task* reply = NewRunnableMethod(this, &Request::DoCallback);
|
|
|
| // The origin loop could go away while we are trying to post to it, so we
|
| - // need to call its PostTask method inside a lock. See ~HostResolver.
|
| + // need to call its PostTask method inside a lock. See ~CertVerifier.
|
| {
|
| AutoLock locked(origin_loop_lock_);
|
| if (origin_loop_) {
|
| @@ -97,47 +48,45 @@
|
| reply = NULL;
|
| }
|
| }
|
| -
|
| +
|
| // Does nothing if it got posted.
|
| delete reply;
|
| }
|
|
|
| void DoCallback() {
|
| // Running on the origin thread.
|
| - DCHECK(error_ || results_);
|
| + DCHECK(error_ || result_);
|
|
|
| // We may have been cancelled!
|
| - if (!resolver_)
|
| + if (!verifier_)
|
| return;
|
|
|
| - if (!error_) {
|
| - addresses_->Adopt(results_);
|
| - results_ = NULL;
|
| - }
|
| + *cert_status_ = result_;
|
|
|
| - // Drop the resolver's reference to us. Do this before running the
|
| - // callback since the callback might result in the resolver being
|
| + // Drop the verifier's reference to us. Do this before running the
|
| + // callback since the callback might result in the verifier being
|
| // destroyed.
|
| - resolver_->request_ = NULL;
|
| + verifier_->request_ = NULL;
|
|
|
| callback_->Run(error_);
|
| }
|
|
|
| void Cancel() {
|
| - resolver_ = NULL;
|
| + verifier_ = NULL;
|
|
|
| AutoLock locked(origin_loop_lock_);
|
| origin_loop_ = NULL;
|
| }
|
| -
|
| +
|
| private:
|
| // Set on the origin thread, read on the worker thread.
|
| - std::string host_;
|
| - std::string port_;
|
| + scoped_refptr<X509Certificate> cert_;
|
| + std::string hostname_;
|
| + bool rev_checking_enabled_;
|
|
|
| - // Only used on the origin thread (where Resolve was called).
|
| - HostResolver* resolver_;
|
| - AddressList* addresses_;
|
| + // Only used on the origin thread (where Verify was called).
|
| + CertVerifier* verifier_;
|
| + int* cert_status_;
|
| CompletionCallback* callback_;
|
|
|
| // Used to post ourselves onto the origin thread.
|
| @@ -146,43 +95,40 @@
|
|
|
| // Assigned on the worker thread, read on the origin thread.
|
| int error_;
|
| - struct addrinfo* results_;
|
| + int result_;
|
| };
|
|
|
| //-----------------------------------------------------------------------------
|
|
|
| -HostResolver::HostResolver() {
|
| -#if defined(OS_WIN)
|
| - EnsureWinsockInit();
|
| -#endif
|
| +CertVerifier::CertVerifier() {
|
| }
|
|
|
| -HostResolver::~HostResolver() {
|
| +CertVerifier::~CertVerifier() {
|
| if (request_)
|
| request_->Cancel();
|
| }
|
|
|
| -int HostResolver::Resolve(const std::string& hostname, int port,
|
| - AddressList* addresses,
|
| - CompletionCallback* callback) {
|
| - DCHECK(!request_) << "resolver already in use";
|
| +int CertVerifier::Verify(X509Certificate* cert,
|
| + const std::string& hostname,
|
| + bool rev_checking_enabled,
|
| + int* cert_status,
|
| + CompletionCallback* callback) {
|
| + DCHECK(!request_) << "verifier already in use";
|
|
|
| - const std::string& port_str = IntToString(port);
|
| -
|
| - // Do a synchronous resolution.
|
| + // Do a synchronous verification.
|
| if (!callback) {
|
| - struct addrinfo* results;
|
| - int rv = ResolveAddrInfo(hostname, port_str, &results);
|
| - if (rv == OK)
|
| - addresses->Adopt(results);
|
| + int result;
|
| + int rv = cert->Verify(hostname, rev_checking_enabled, &result);
|
| + *cert_status = result;
|
| return rv;
|
| }
|
|
|
| - request_ = new Request(this, hostname, port_str, addresses, callback);
|
| + request_ = new Request(this, cert, hostname, rev_checking_enabled,
|
| + cert_status, callback);
|
|
|
| // Dispatch to worker thread...
|
| if (!WorkerPool::PostTask(FROM_HERE,
|
| - NewRunnableMethod(request_.get(), &Request::DoLookup), true)) {
|
| + NewRunnableMethod(request_.get(), &Request::DoVerify), true)) {
|
| NOTREACHED();
|
| request_ = NULL;
|
| return ERR_FAILED;
|
|
|
| Property changes on: net\base\cert_verifier.cc
|
| ___________________________________________________________________
|
| Added: svn:mergeinfo
|
| Merged /branches/chrome_webkit_merge_branch/net/base/host_resolver.cc:r69-2775
|
|
|
|
|
Chromium Code Reviews
Issue 14868:
Add the CertVerifier class. It is based on the... (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/