Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(62)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/socket/ssl_host_info.cc

Issue 4408001: net: Make Snap Start check cert verification and add metrics (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 10 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/socket/ssl_host_info.h ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/socket/ssl_host_info.h" 5 #include "net/socket/ssl_host_info.h"
6 6
7 #include "base/metrics/histogram.h"
7 #include "base/string_piece.h" 8 #include "base/string_piece.h"
8 #include "net/base/cert_verifier.h" 9 #include "net/base/cert_verifier.h"
9 #include "net/base/ssl_config_service.h" 10 #include "net/base/ssl_config_service.h"
10 #include "net/base/x509_certificate.h" 11 #include "net/base/x509_certificate.h"
11 #include "net/socket/ssl_client_socket.h" 12 #include "net/socket/ssl_client_socket.h"
12 #include "net/socket/ssl_host_info.pb.h" 13 #include "net/socket/ssl_host_info.pb.h"
13 14
14 namespace net { 15 namespace net {
15 16
16 SSLHostInfo::State::State() 17 SSLHostInfo::State::State()
(...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after
103 der_certs[i] = state->certs[i]; 104 der_certs[i] = state->certs[i];
104 cert_ = X509Certificate::CreateFromDERCertChain(der_certs); 105 cert_ = X509Certificate::CreateFromDERCertChain(der_certs);
105 if (cert_.get()) { 106 if (cert_.get()) {
106 int flags = 0; 107 int flags = 0;
107 if (verify_ev_cert_) 108 if (verify_ev_cert_)
108 flags |= X509Certificate::VERIFY_EV_CERT; 109 flags |= X509Certificate::VERIFY_EV_CERT;
109 if (rev_checking_enabled_) 110 if (rev_checking_enabled_)
110 flags |= X509Certificate::VERIFY_REV_CHECKING_ENABLED; 111 flags |= X509Certificate::VERIFY_REV_CHECKING_ENABLED;
111 verifier_.reset(new CertVerifier); 112 verifier_.reset(new CertVerifier);
112 VLOG(1) << "Kicking off verification for " << hostname_; 113 VLOG(1) << "Kicking off verification for " << hostname_;
114 verification_start_time_ = base::TimeTicks::Now();
113 if (verifier_->Verify(cert_.get(), hostname_, flags, 115 if (verifier_->Verify(cert_.get(), hostname_, flags,
114 &cert_verify_result_, callback_) == OK) { 116 &cert_verify_result_, callback_) == OK) {
115 VerifyCallback(OK); 117 VerifyCallback(OK);
116 } 118 }
117 } else { 119 } else {
118 cert_parsing_failed_ = true; 120 cert_parsing_failed_ = true;
119 DCHECK(!cert_verification_callback_); 121 DCHECK(!cert_verification_callback_);
120 } 122 }
121 } 123 }
122 124
(...skipping 25 matching lines...) Expand all
148 int SSLHostInfo::WaitForCertVerification(CompletionCallback* callback) { 150 int SSLHostInfo::WaitForCertVerification(CompletionCallback* callback) {
149 if (cert_verification_complete_) 151 if (cert_verification_complete_)
150 return cert_verification_result_; 152 return cert_verification_result_;
151 DCHECK(!cert_parsing_failed_); 153 DCHECK(!cert_parsing_failed_);
152 DCHECK(!cert_verification_callback_); 154 DCHECK(!cert_verification_callback_);
153 DCHECK(!state_.certs.empty()); 155 DCHECK(!state_.certs.empty());
154 cert_verification_callback_ = callback; 156 cert_verification_callback_ = callback;
155 return ERR_IO_PENDING; 157 return ERR_IO_PENDING;
156 } 158 }
157 159
158 void SSLHostInfo::VerifyCallback(int rv) { 160 void SSLHostInfo::VerifyCallback(int rv) {
Mike Belshe 2010/11/03 19:55:11 nit: add DCHECK(!verification_start_time().is_nul
161 base::TimeTicks now = base::TimeTicks::Now();
162 const base::TimeDelta duration = now - verification_start_time();
163 UMA_HISTOGRAM_TIMES("Net.SSLHostInfoVerificationTimeMs", duration);
164 VLOG(1) << "Verification took " << duration.InMilliseconds() << "ms";
159 cert_verification_complete_ = true; 165 cert_verification_complete_ = true;
160 cert_verification_result_ = rv; 166 cert_verification_result_ = rv;
161 if (cert_verification_callback_) { 167 if (cert_verification_callback_) {
162 CompletionCallback* callback = cert_verification_callback_; 168 CompletionCallback* callback = cert_verification_callback_;
163 cert_verification_callback_ = NULL; 169 cert_verification_callback_ = NULL;
164 callback->Run(rv); 170 callback->Run(rv);
165 } 171 }
166 } 172 }
167 173
168 SSLHostInfoFactory::~SSLHostInfoFactory() {} 174 SSLHostInfoFactory::~SSLHostInfoFactory() {}
169 175
170 } // namespace net 176 } // namespace net
OLDNEW
« no previous file with comments | « net/socket/ssl_host_info.h ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698