Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(178)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/cert_verifier.cc

Issue 8400075: Fix the "certificate is not yet valid" error for server certificates (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Use NSS BLAPI. Add comments. Created 9 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | net/base/cert_verifier_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/base/cert_verifier.h" 5 #include "net/base/cert_verifier.h"
6 6
7 #include "base/bind.h" 7 #include "base/bind.h"
8 #include "base/bind_helpers.h" 8 #include "base/bind_helpers.h"
9 #include "base/compiler_specific.h" 9 #include "base/compiler_specific.h"
10 #include "base/message_loop.h" 10 #include "base/message_loop.h"
(...skipping 346 matching lines...) Expand 10 before | Expand all | Expand 10 after
357 const BoundNetLog& net_log) { 357 const BoundNetLog& net_log) {
358 DCHECK(CalledOnValidThread()); 358 DCHECK(CalledOnValidThread());
359 359
360 if (callback.is_null() || !verify_result || hostname.empty()) { 360 if (callback.is_null() || !verify_result || hostname.empty()) {
361 *out_req = NULL; 361 *out_req = NULL;
362 return ERR_INVALID_ARGUMENT; 362 return ERR_INVALID_ARGUMENT;
363 } 363 }
364 364
365 requests_++; 365 requests_++;
366 366
367 const RequestParams key = {cert->fingerprint(), hostname, flags}; 367 const RequestParams key = {cert->chain_fingerprint(), hostname, flags};
368 // First check the cache. 368 // First check the cache.
369 std::map<RequestParams, CachedCertVerifyResult>::iterator i; 369 std::map<RequestParams, CachedCertVerifyResult>::iterator i;
370 i = cache_.find(key); 370 i = cache_.find(key);
371 if (i != cache_.end()) { 371 if (i != cache_.end()) {
372 if (!i->second.HasExpired(time_service_->Now())) { 372 if (!i->second.HasExpired(time_service_->Now())) {
373 cache_hits_++; 373 cache_hits_++;
374 *out_req = NULL; 374 *out_req = NULL;
375 *verify_result = i->second.result; 375 *verify_result = i->second.result;
376 return i->second.error; 376 return i->second.error;
377 } 377 }
(...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after
442 DCHECK(CalledOnValidThread()); 442 DCHECK(CalledOnValidThread());
443 443
444 const base::Time current_time(time_service_->Now()); 444 const base::Time current_time(time_service_->Now());
445 445
446 CachedCertVerifyResult cached_result; 446 CachedCertVerifyResult cached_result;
447 cached_result.error = error; 447 cached_result.error = error;
448 cached_result.result = verify_result; 448 cached_result.result = verify_result;
449 uint32 ttl = kTTLSecs; 449 uint32 ttl = kTTLSecs;
450 cached_result.expiry = current_time + base::TimeDelta::FromSeconds(ttl); 450 cached_result.expiry = current_time + base::TimeDelta::FromSeconds(ttl);
451 451
452 const RequestParams key = {cert->fingerprint(), hostname, flags}; 452 const RequestParams key = {cert->chain_fingerprint(), hostname, flags};
453 453
454 DCHECK_GE(max_cache_entries_, 1u); 454 DCHECK_GE(max_cache_entries_, 1u);
455 DCHECK_LE(cache_.size(), max_cache_entries_); 455 DCHECK_LE(cache_.size(), max_cache_entries_);
456 if (cache_.size() == max_cache_entries_) { 456 if (cache_.size() == max_cache_entries_) {
457 // Need to remove an element of the cache. 457 // Need to remove an element of the cache.
458 std::map<RequestParams, CachedCertVerifyResult>::iterator i, cur; 458 std::map<RequestParams, CachedCertVerifyResult>::iterator i, cur;
459 for (i = cache_.begin(); i != cache_.end(); ) { 459 for (i = cache_.begin(); i != cache_.end(); ) {
460 cur = i++; 460 cur = i++;
461 if (cur->second.HasExpired(current_time)) 461 if (cur->second.HasExpired(current_time))
462 cache_.erase(cur); 462 cache_.erase(cur);
(...skipping 82 matching lines...) Expand 10 before | Expand all | Expand 10 after
545 545
546 // Clear the outstanding request information. 546 // Clear the outstanding request information.
547 cur_request_ = NULL; 547 cur_request_ = NULL;
548 cur_request_callback_.Reset(); 548 cur_request_callback_.Reset();
549 549
550 // Call the user's original callback. 550 // Call the user's original callback.
551 callback.Run(result); 551 callback.Run(result);
552 } 552 }
553 553
554 } // namespace net 554 } // namespace net
OLDNEW
« no previous file with comments | « no previous file | net/base/cert_verifier_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698