OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/net/sqlite_origin_bound_cert_store.h" | 5 #include "chrome/browser/net/sqlite_origin_bound_cert_store.h" |
6 | 6 |
7 #include <list> | 7 #include <list> |
8 | 8 |
9 #include "base/basictypes.h" | 9 #include "base/basictypes.h" |
10 #include "base/bind.h" | 10 #include "base/bind.h" |
11 #include "base/file_path.h" | 11 #include "base/file_path.h" |
12 #include "base/file_util.h" | 12 #include "base/file_util.h" |
13 #include "base/logging.h" | 13 #include "base/logging.h" |
14 #include "base/memory/scoped_ptr.h" | 14 #include "base/memory/scoped_ptr.h" |
15 #include "base/string_util.h" | 15 #include "base/string_util.h" |
16 #include "base/threading/thread.h" | 16 #include "base/threading/thread.h" |
17 #include "base/threading/thread_restrictions.h" | 17 #include "base/threading/thread_restrictions.h" |
18 #include "chrome/browser/diagnostics/sqlite_diagnostics.h" | 18 #include "chrome/browser/diagnostics/sqlite_diagnostics.h" |
19 #include "content/public/browser/browser_thread.h" | 19 #include "content/public/browser/browser_thread.h" |
20 #include "net/base/ssl_client_cert_type.h" | 20 #include "net/base/ssl_client_cert_type.h" |
21 #include "net/base/x509_certificate.h" | 21 #include "net/base/x509_certificate.h" |
22 #include "sql/meta_table.h" | 22 #include "sql/meta_table.h" |
23 #include "sql/statement.h" | 23 #include "sql/statement.h" |
24 #include "sql/transaction.h" | 24 #include "sql/transaction.h" |
25 | 25 |
26 using content::BrowserThread; | 26 using content::BrowserThread; |
27 | 27 |
28 // This class is designed to be shared between any calling threads and the | 28 // This class is designed to be shared between any calling threads and the |
29 // database thread. It batches operations and commits them on a timer. | 29 // database thread. It batches operations and commits them on a timer. |
30 class SQLiteOriginBoundCertStore::Backend | 30 class SQLiteServerBoundCertStore::Backend |
31 : public base::RefCountedThreadSafe<SQLiteOriginBoundCertStore::Backend> { | 31 : public base::RefCountedThreadSafe<SQLiteServerBoundCertStore::Backend> { |
32 public: | 32 public: |
33 explicit Backend(const FilePath& path) | 33 explicit Backend(const FilePath& path) |
34 : path_(path), | 34 : path_(path), |
35 db_(NULL), | 35 db_(NULL), |
36 num_pending_(0), | 36 num_pending_(0), |
37 clear_local_state_on_exit_(false) { | 37 clear_local_state_on_exit_(false) { |
38 } | 38 } |
39 | 39 |
40 // Creates or load the SQLite database. | 40 // Creates or load the SQLite database. |
41 bool Load( | 41 bool Load( |
42 std::vector<net::DefaultOriginBoundCertStore::OriginBoundCert*>* certs); | 42 std::vector<net::DefaultServerBoundCertStore::ServerBoundCert*>* certs); |
43 | 43 |
44 // Batch an origin bound cert addition. | 44 // Batch a server bound cert addition. |
45 void AddOriginBoundCert( | 45 void AddServerBoundCert( |
46 const net::DefaultOriginBoundCertStore::OriginBoundCert& cert); | 46 const net::DefaultServerBoundCertStore::ServerBoundCert& cert); |
47 | 47 |
48 // Batch an origin bound cert deletion. | 48 // Batch a server bound cert deletion. |
49 void DeleteOriginBoundCert( | 49 void DeleteServerBoundCert( |
50 const net::DefaultOriginBoundCertStore::OriginBoundCert& cert); | 50 const net::DefaultServerBoundCertStore::ServerBoundCert& cert); |
51 | 51 |
52 // Commit pending operations as soon as possible. | 52 // Commit pending operations as soon as possible. |
53 void Flush(const base::Closure& completion_task); | 53 void Flush(const base::Closure& completion_task); |
54 | 54 |
55 // Commit any pending operations and close the database. This must be called | 55 // Commit any pending operations and close the database. This must be called |
56 // before the object is destructed. | 56 // before the object is destructed. |
57 void Close(); | 57 void Close(); |
58 | 58 |
59 void SetClearLocalStateOnExit(bool clear_local_state); | 59 void SetClearLocalStateOnExit(bool clear_local_state); |
60 | 60 |
61 private: | 61 private: |
62 friend class base::RefCountedThreadSafe<SQLiteOriginBoundCertStore::Backend>; | 62 friend class base::RefCountedThreadSafe<SQLiteServerBoundCertStore::Backend>; |
63 | 63 |
64 // You should call Close() before destructing this object. | 64 // You should call Close() before destructing this object. |
65 ~Backend() { | 65 ~Backend() { |
66 DCHECK(!db_.get()) << "Close should have already been called."; | 66 DCHECK(!db_.get()) << "Close should have already been called."; |
67 DCHECK(num_pending_ == 0 && pending_.empty()); | 67 DCHECK(num_pending_ == 0 && pending_.empty()); |
68 } | 68 } |
69 | 69 |
70 // Database upgrade statements. | 70 // Database upgrade statements. |
71 bool EnsureDatabaseVersion(); | 71 bool EnsureDatabaseVersion(); |
72 | 72 |
73 class PendingOperation { | 73 class PendingOperation { |
74 public: | 74 public: |
75 typedef enum { | 75 typedef enum { |
76 CERT_ADD, | 76 CERT_ADD, |
77 CERT_DELETE | 77 CERT_DELETE |
78 } OperationType; | 78 } OperationType; |
79 | 79 |
80 PendingOperation( | 80 PendingOperation( |
81 OperationType op, | 81 OperationType op, |
82 const net::DefaultOriginBoundCertStore::OriginBoundCert& cert) | 82 const net::DefaultServerBoundCertStore::ServerBoundCert& cert) |
83 : op_(op), cert_(cert) {} | 83 : op_(op), cert_(cert) {} |
84 | 84 |
85 OperationType op() const { return op_; } | 85 OperationType op() const { return op_; } |
86 const net::DefaultOriginBoundCertStore::OriginBoundCert& cert() const { | 86 const net::DefaultServerBoundCertStore::ServerBoundCert& cert() const { |
87 return cert_; | 87 return cert_; |
88 } | 88 } |
89 | 89 |
90 private: | 90 private: |
91 OperationType op_; | 91 OperationType op_; |
92 net::DefaultOriginBoundCertStore::OriginBoundCert cert_; | 92 net::DefaultServerBoundCertStore::ServerBoundCert cert_; |
93 }; | 93 }; |
94 | 94 |
95 private: | 95 private: |
96 // Batch an origin bound cert operation (add or delete) | 96 // Batch a server bound cert operation (add or delete) |
97 void BatchOperation( | 97 void BatchOperation( |
98 PendingOperation::OperationType op, | 98 PendingOperation::OperationType op, |
99 const net::DefaultOriginBoundCertStore::OriginBoundCert& cert); | 99 const net::DefaultServerBoundCertStore::ServerBoundCert& cert); |
100 // Commit our pending operations to the database. | 100 // Commit our pending operations to the database. |
101 void Commit(); | 101 void Commit(); |
102 // Close() executed on the background thread. | 102 // Close() executed on the background thread. |
103 void InternalBackgroundClose(); | 103 void InternalBackgroundClose(); |
104 | 104 |
105 FilePath path_; | 105 FilePath path_; |
106 scoped_ptr<sql::Connection> db_; | 106 scoped_ptr<sql::Connection> db_; |
107 sql::MetaTable meta_table_; | 107 sql::MetaTable meta_table_; |
108 | 108 |
109 typedef std::list<PendingOperation*> PendingOperationsList; | 109 typedef std::list<PendingOperation*> PendingOperationsList; |
(...skipping 24 matching lines...) Expand all Loading... | |
134 "expiration_time INTEGER," | 134 "expiration_time INTEGER," |
135 "creation_time INTEGER)")) | 135 "creation_time INTEGER)")) |
136 return false; | 136 return false; |
137 } | 137 } |
138 | 138 |
139 return true; | 139 return true; |
140 } | 140 } |
141 | 141 |
142 } // namespace | 142 } // namespace |
143 | 143 |
144 bool SQLiteOriginBoundCertStore::Backend::Load( | 144 bool SQLiteServerBoundCertStore::Backend::Load( |
145 std::vector<net::DefaultOriginBoundCertStore::OriginBoundCert*>* certs) { | 145 std::vector<net::DefaultServerBoundCertStore::ServerBoundCert*>* certs) { |
146 // This function should be called only once per instance. | 146 // This function should be called only once per instance. |
147 DCHECK(!db_.get()); | 147 DCHECK(!db_.get()); |
148 | 148 |
149 // Ensure the parent directory for storing certs is created before reading | 149 // Ensure the parent directory for storing certs is created before reading |
150 // from it. We make an exception to allow IO on the UI thread here because | 150 // from it. We make an exception to allow IO on the UI thread here because |
151 // we are going to disk anyway in db_->Open. (This code will be moved to the | 151 // we are going to disk anyway in db_->Open. (This code will be moved to the |
152 // DB thread as part of http://crbug.com/52909.) | 152 // DB thread as part of http://crbug.com/52909.) |
153 { | 153 { |
154 base::ThreadRestrictions::ScopedAllowIO allow_io; | 154 base::ThreadRestrictions::ScopedAllowIO allow_io; |
155 const FilePath dir = path_.DirName(); | 155 const FilePath dir = path_.DirName(); |
(...skipping 12 matching lines...) Expand all Loading... | |
168 NOTREACHED() << "Unable to open cert DB."; | 168 NOTREACHED() << "Unable to open cert DB."; |
169 db_.reset(); | 169 db_.reset(); |
170 return false; | 170 return false; |
171 } | 171 } |
172 | 172 |
173 db_->Preload(); | 173 db_->Preload(); |
174 | 174 |
175 // Slurp all the certs into the out-vector. | 175 // Slurp all the certs into the out-vector. |
176 sql::Statement smt(db_->GetUniqueStatement( | 176 sql::Statement smt(db_->GetUniqueStatement( |
177 "SELECT origin, private_key, cert, cert_type, expiration_time, " | 177 "SELECT origin, private_key, cert, cert_type, expiration_time, " |
178 "creation_time FROM origin_bound_certs")); | 178 "creation_time FROM origin_bound_certs")); |
wtc
2012/03/15 23:46:38
Somewhere in this file, please document why the SQ
mattm
2012/03/16 22:22:00
Done.
| |
179 if (!smt.is_valid()) { | 179 if (!smt.is_valid()) { |
180 db_.reset(); | 180 db_.reset(); |
181 return false; | 181 return false; |
182 } | 182 } |
183 | 183 |
184 while (smt.Step()) { | 184 while (smt.Step()) { |
185 std::string private_key_from_db, cert_from_db; | 185 std::string private_key_from_db, cert_from_db; |
186 smt.ColumnBlobAsString(1, &private_key_from_db); | 186 smt.ColumnBlobAsString(1, &private_key_from_db); |
187 smt.ColumnBlobAsString(2, &cert_from_db); | 187 smt.ColumnBlobAsString(2, &cert_from_db); |
188 scoped_ptr<net::DefaultOriginBoundCertStore::OriginBoundCert> cert( | 188 scoped_ptr<net::DefaultServerBoundCertStore::ServerBoundCert> cert( |
189 new net::DefaultOriginBoundCertStore::OriginBoundCert( | 189 new net::DefaultServerBoundCertStore::ServerBoundCert( |
190 smt.ColumnString(0), // origin | 190 smt.ColumnString(0), // origin |
191 static_cast<net::SSLClientCertType>(smt.ColumnInt(3)), | 191 static_cast<net::SSLClientCertType>(smt.ColumnInt(3)), |
192 base::Time::FromInternalValue(smt.ColumnInt64(5)), | 192 base::Time::FromInternalValue(smt.ColumnInt64(5)), |
193 base::Time::FromInternalValue(smt.ColumnInt64(4)), | 193 base::Time::FromInternalValue(smt.ColumnInt64(4)), |
194 private_key_from_db, | 194 private_key_from_db, |
195 cert_from_db)); | 195 cert_from_db)); |
196 certs->push_back(cert.release()); | 196 certs->push_back(cert.release()); |
197 } | 197 } |
198 | 198 |
199 return true; | 199 return true; |
200 } | 200 } |
201 | 201 |
202 bool SQLiteOriginBoundCertStore::Backend::EnsureDatabaseVersion() { | 202 bool SQLiteServerBoundCertStore::Backend::EnsureDatabaseVersion() { |
203 // Version check. | 203 // Version check. |
204 if (!meta_table_.Init( | 204 if (!meta_table_.Init( |
205 db_.get(), kCurrentVersionNumber, kCompatibleVersionNumber)) { | 205 db_.get(), kCurrentVersionNumber, kCompatibleVersionNumber)) { |
206 return false; | 206 return false; |
207 } | 207 } |
208 | 208 |
209 if (meta_table_.GetCompatibleVersionNumber() > kCurrentVersionNumber) { | 209 if (meta_table_.GetCompatibleVersionNumber() > kCurrentVersionNumber) { |
210 LOG(WARNING) << "Origin bound cert database is too new."; | 210 LOG(WARNING) << "Server bound cert database is too new."; |
211 return false; | 211 return false; |
212 } | 212 } |
213 | 213 |
214 int cur_version = meta_table_.GetVersionNumber(); | 214 int cur_version = meta_table_.GetVersionNumber(); |
215 if (cur_version == 1) { | 215 if (cur_version == 1) { |
216 sql::Transaction transaction(db_.get()); | 216 sql::Transaction transaction(db_.get()); |
217 if (!transaction.Begin()) | 217 if (!transaction.Begin()) |
218 return false; | 218 return false; |
219 if (!db_->Execute("ALTER TABLE origin_bound_certs ADD COLUMN cert_type " | 219 if (!db_->Execute("ALTER TABLE origin_bound_certs ADD COLUMN cert_type " |
220 "INTEGER")) { | 220 "INTEGER")) { |
221 LOG(WARNING) << "Unable to update origin bound cert database to " | 221 LOG(WARNING) << "Unable to update server bound cert database to " |
222 << "version 2."; | 222 << "version 2."; |
223 return false; | 223 return false; |
224 } | 224 } |
225 // All certs in version 1 database are rsa_sign, which has a value of 1. | 225 // All certs in version 1 database are rsa_sign, which has a value of 1. |
226 if (!db_->Execute("UPDATE origin_bound_certs SET cert_type = 1")) { | 226 if (!db_->Execute("UPDATE origin_bound_certs SET cert_type = 1")) { |
227 LOG(WARNING) << "Unable to update origin bound cert database to " | 227 LOG(WARNING) << "Unable to update server bound cert database to " |
228 << "version 2."; | 228 << "version 2."; |
229 return false; | 229 return false; |
230 } | 230 } |
231 ++cur_version; | 231 ++cur_version; |
232 meta_table_.SetVersionNumber(cur_version); | 232 meta_table_.SetVersionNumber(cur_version); |
233 meta_table_.SetCompatibleVersionNumber( | 233 meta_table_.SetCompatibleVersionNumber( |
234 std::min(cur_version, kCompatibleVersionNumber)); | 234 std::min(cur_version, kCompatibleVersionNumber)); |
235 transaction.Commit(); | 235 transaction.Commit(); |
236 } | 236 } |
237 | 237 |
238 if (cur_version <= 3) { | 238 if (cur_version <= 3) { |
239 sql::Transaction transaction(db_.get()); | 239 sql::Transaction transaction(db_.get()); |
240 if (!transaction.Begin()) | 240 if (!transaction.Begin()) |
241 return false; | 241 return false; |
242 | 242 |
243 if (cur_version == 2) { | 243 if (cur_version == 2) { |
244 if (!db_->Execute("ALTER TABLE origin_bound_certs ADD COLUMN " | 244 if (!db_->Execute("ALTER TABLE origin_bound_certs ADD COLUMN " |
245 "expiration_time INTEGER")) { | 245 "expiration_time INTEGER")) { |
246 LOG(WARNING) << "Unable to update origin bound cert database to " | 246 LOG(WARNING) << "Unable to update server bound cert database to " |
247 << "version 4."; | 247 << "version 4."; |
248 return false; | 248 return false; |
249 } | 249 } |
250 } | 250 } |
251 | 251 |
252 if (!db_->Execute("ALTER TABLE origin_bound_certs ADD COLUMN " | 252 if (!db_->Execute("ALTER TABLE origin_bound_certs ADD COLUMN " |
253 "creation_time INTEGER")) { | 253 "creation_time INTEGER")) { |
254 LOG(WARNING) << "Unable to update origin bound cert database to " | 254 LOG(WARNING) << "Unable to update server bound cert database to " |
255 << "version 4."; | 255 << "version 4."; |
256 return false; | 256 return false; |
257 } | 257 } |
258 | 258 |
259 sql::Statement smt(db_->GetUniqueStatement( | 259 sql::Statement smt(db_->GetUniqueStatement( |
260 "SELECT origin, cert FROM origin_bound_certs")); | 260 "SELECT origin, cert FROM origin_bound_certs")); |
261 sql::Statement update_expires_smt(db_->GetUniqueStatement( | 261 sql::Statement update_expires_smt(db_->GetUniqueStatement( |
262 "UPDATE origin_bound_certs SET expiration_time = ? WHERE origin = ?")); | 262 "UPDATE origin_bound_certs SET expiration_time = ? WHERE origin = ?")); |
263 sql::Statement update_creation_smt(db_->GetUniqueStatement( | 263 sql::Statement update_creation_smt(db_->GetUniqueStatement( |
264 "UPDATE origin_bound_certs SET creation_time = ? WHERE origin = ?")); | 264 "UPDATE origin_bound_certs SET creation_time = ? WHERE origin = ?")); |
265 if (!smt.is_valid() || | 265 if (!smt.is_valid() || |
266 !update_expires_smt.is_valid() || | 266 !update_expires_smt.is_valid() || |
267 !update_creation_smt.is_valid()) { | 267 !update_creation_smt.is_valid()) { |
268 LOG(WARNING) << "Unable to update origin bound cert database to " | 268 LOG(WARNING) << "Unable to update server bound cert database to " |
269 << "version 4."; | 269 << "version 4."; |
270 return false; | 270 return false; |
271 } | 271 } |
272 | 272 |
273 while (smt.Step()) { | 273 while (smt.Step()) { |
274 std::string origin = smt.ColumnString(0); | 274 std::string origin = smt.ColumnString(0); |
275 std::string cert_from_db; | 275 std::string cert_from_db; |
276 smt.ColumnBlobAsString(1, &cert_from_db); | 276 smt.ColumnBlobAsString(1, &cert_from_db); |
277 // Parse the cert and extract the real value and then update the DB. | 277 // Parse the cert and extract the real value and then update the DB. |
278 scoped_refptr<net::X509Certificate> cert( | 278 scoped_refptr<net::X509Certificate> cert( |
279 net::X509Certificate::CreateFromBytes( | 279 net::X509Certificate::CreateFromBytes( |
280 cert_from_db.data(), cert_from_db.size())); | 280 cert_from_db.data(), cert_from_db.size())); |
281 if (cert) { | 281 if (cert) { |
282 if (cur_version == 2) { | 282 if (cur_version == 2) { |
283 update_expires_smt.Reset(); | 283 update_expires_smt.Reset(); |
284 update_expires_smt.BindInt64(0, | 284 update_expires_smt.BindInt64(0, |
285 cert->valid_expiry().ToInternalValue()); | 285 cert->valid_expiry().ToInternalValue()); |
286 update_expires_smt.BindString(1, origin); | 286 update_expires_smt.BindString(1, origin); |
287 if (!update_expires_smt.Run()) { | 287 if (!update_expires_smt.Run()) { |
288 LOG(WARNING) << "Unable to update origin bound cert database to " | 288 LOG(WARNING) << "Unable to update server bound cert database to " |
289 << "version 4."; | 289 << "version 4."; |
290 return false; | 290 return false; |
291 } | 291 } |
292 } | 292 } |
293 | 293 |
294 update_creation_smt.Reset(); | 294 update_creation_smt.Reset(); |
295 update_creation_smt.BindInt64(0, cert->valid_start().ToInternalValue()); | 295 update_creation_smt.BindInt64(0, cert->valid_start().ToInternalValue()); |
296 update_creation_smt.BindString(1, origin); | 296 update_creation_smt.BindString(1, origin); |
297 if (!update_creation_smt.Run()) { | 297 if (!update_creation_smt.Run()) { |
298 LOG(WARNING) << "Unable to update origin bound cert database to " | 298 LOG(WARNING) << "Unable to update server bound cert database to " |
299 << "version 4."; | 299 << "version 4."; |
300 return false; | 300 return false; |
301 } | 301 } |
302 } else { | 302 } else { |
303 // If there's a cert we can't parse, just leave it. It'll get replaced | 303 // If there's a cert we can't parse, just leave it. It'll get replaced |
304 // with a new one if we ever try to use it. | 304 // with a new one if we ever try to use it. |
305 LOG(WARNING) << "Error parsing cert for database upgrade for origin " | 305 LOG(WARNING) << "Error parsing cert for database upgrade for origin " |
306 << smt.ColumnString(0); | 306 << smt.ColumnString(0); |
307 } | 307 } |
308 } | 308 } |
309 | 309 |
310 cur_version = 4; | 310 cur_version = 4; |
311 meta_table_.SetVersionNumber(cur_version); | 311 meta_table_.SetVersionNumber(cur_version); |
312 meta_table_.SetCompatibleVersionNumber( | 312 meta_table_.SetCompatibleVersionNumber( |
313 std::min(cur_version, kCompatibleVersionNumber)); | 313 std::min(cur_version, kCompatibleVersionNumber)); |
314 transaction.Commit(); | 314 transaction.Commit(); |
315 } | 315 } |
316 | 316 |
317 // Put future migration cases here. | 317 // Put future migration cases here. |
318 | 318 |
319 // When the version is too old, we just try to continue anyway, there should | 319 // When the version is too old, we just try to continue anyway, there should |
320 // not be a released product that makes a database too old for us to handle. | 320 // not be a released product that makes a database too old for us to handle. |
321 LOG_IF(WARNING, cur_version < kCurrentVersionNumber) << | 321 LOG_IF(WARNING, cur_version < kCurrentVersionNumber) << |
322 "Origin bound cert database version " << cur_version << | 322 "Server bound cert database version " << cur_version << |
323 " is too old to handle."; | 323 " is too old to handle."; |
324 | 324 |
325 return true; | 325 return true; |
326 } | 326 } |
327 | 327 |
328 void SQLiteOriginBoundCertStore::Backend::AddOriginBoundCert( | 328 void SQLiteServerBoundCertStore::Backend::AddServerBoundCert( |
329 const net::DefaultOriginBoundCertStore::OriginBoundCert& cert) { | 329 const net::DefaultServerBoundCertStore::ServerBoundCert& cert) { |
330 BatchOperation(PendingOperation::CERT_ADD, cert); | 330 BatchOperation(PendingOperation::CERT_ADD, cert); |
331 } | 331 } |
332 | 332 |
333 void SQLiteOriginBoundCertStore::Backend::DeleteOriginBoundCert( | 333 void SQLiteServerBoundCertStore::Backend::DeleteServerBoundCert( |
334 const net::DefaultOriginBoundCertStore::OriginBoundCert& cert) { | 334 const net::DefaultServerBoundCertStore::ServerBoundCert& cert) { |
335 BatchOperation(PendingOperation::CERT_DELETE, cert); | 335 BatchOperation(PendingOperation::CERT_DELETE, cert); |
336 } | 336 } |
337 | 337 |
338 void SQLiteOriginBoundCertStore::Backend::BatchOperation( | 338 void SQLiteServerBoundCertStore::Backend::BatchOperation( |
339 PendingOperation::OperationType op, | 339 PendingOperation::OperationType op, |
340 const net::DefaultOriginBoundCertStore::OriginBoundCert& cert) { | 340 const net::DefaultServerBoundCertStore::ServerBoundCert& cert) { |
341 // Commit every 30 seconds. | 341 // Commit every 30 seconds. |
342 static const int kCommitIntervalMs = 30 * 1000; | 342 static const int kCommitIntervalMs = 30 * 1000; |
343 // Commit right away if we have more than 512 outstanding operations. | 343 // Commit right away if we have more than 512 outstanding operations. |
344 static const size_t kCommitAfterBatchSize = 512; | 344 static const size_t kCommitAfterBatchSize = 512; |
345 DCHECK(!BrowserThread::CurrentlyOn(BrowserThread::DB)); | 345 DCHECK(!BrowserThread::CurrentlyOn(BrowserThread::DB)); |
346 | 346 |
347 // We do a full copy of the cert here, and hopefully just here. | 347 // We do a full copy of the cert here, and hopefully just here. |
348 scoped_ptr<PendingOperation> po(new PendingOperation(op, cert)); | 348 scoped_ptr<PendingOperation> po(new PendingOperation(op, cert)); |
349 | 349 |
350 PendingOperationsList::size_type num_pending; | 350 PendingOperationsList::size_type num_pending; |
(...skipping 10 matching lines...) Expand all Loading... | |
361 base::Bind(&Backend::Commit, this), | 361 base::Bind(&Backend::Commit, this), |
362 base::TimeDelta::FromMilliseconds(kCommitIntervalMs)); | 362 base::TimeDelta::FromMilliseconds(kCommitIntervalMs)); |
363 } else if (num_pending == kCommitAfterBatchSize) { | 363 } else if (num_pending == kCommitAfterBatchSize) { |
364 // We've reached a big enough batch, fire off a commit now. | 364 // We've reached a big enough batch, fire off a commit now. |
365 BrowserThread::PostTask( | 365 BrowserThread::PostTask( |
366 BrowserThread::DB, FROM_HERE, | 366 BrowserThread::DB, FROM_HERE, |
367 base::Bind(&Backend::Commit, this)); | 367 base::Bind(&Backend::Commit, this)); |
368 } | 368 } |
369 } | 369 } |
370 | 370 |
371 void SQLiteOriginBoundCertStore::Backend::Commit() { | 371 void SQLiteServerBoundCertStore::Backend::Commit() { |
372 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::DB)); | 372 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::DB)); |
373 | 373 |
374 PendingOperationsList ops; | 374 PendingOperationsList ops; |
375 { | 375 { |
376 base::AutoLock locked(lock_); | 376 base::AutoLock locked(lock_); |
377 pending_.swap(ops); | 377 pending_.swap(ops); |
378 num_pending_ = 0; | 378 num_pending_ = 0; |
379 } | 379 } |
380 | 380 |
381 // Maybe an old timer fired or we are already Close()'ed. | 381 // Maybe an old timer fired or we are already Close()'ed. |
(...skipping 15 matching lines...) Expand all Loading... | |
397 if (!transaction.Begin()) | 397 if (!transaction.Begin()) |
398 return; | 398 return; |
399 | 399 |
400 for (PendingOperationsList::iterator it = ops.begin(); | 400 for (PendingOperationsList::iterator it = ops.begin(); |
401 it != ops.end(); ++it) { | 401 it != ops.end(); ++it) { |
402 // Free the certs as we commit them to the database. | 402 // Free the certs as we commit them to the database. |
403 scoped_ptr<PendingOperation> po(*it); | 403 scoped_ptr<PendingOperation> po(*it); |
404 switch (po->op()) { | 404 switch (po->op()) { |
405 case PendingOperation::CERT_ADD: { | 405 case PendingOperation::CERT_ADD: { |
406 add_smt.Reset(); | 406 add_smt.Reset(); |
407 add_smt.BindString(0, po->cert().origin()); | 407 add_smt.BindString(0, po->cert().server()); |
408 const std::string& private_key = po->cert().private_key(); | 408 const std::string& private_key = po->cert().private_key(); |
409 add_smt.BindBlob(1, private_key.data(), private_key.size()); | 409 add_smt.BindBlob(1, private_key.data(), private_key.size()); |
410 const std::string& cert = po->cert().cert(); | 410 const std::string& cert = po->cert().cert(); |
411 add_smt.BindBlob(2, cert.data(), cert.size()); | 411 add_smt.BindBlob(2, cert.data(), cert.size()); |
412 add_smt.BindInt(3, po->cert().type()); | 412 add_smt.BindInt(3, po->cert().type()); |
413 add_smt.BindInt64(4, po->cert().expiration_time().ToInternalValue()); | 413 add_smt.BindInt64(4, po->cert().expiration_time().ToInternalValue()); |
414 add_smt.BindInt64(5, po->cert().creation_time().ToInternalValue()); | 414 add_smt.BindInt64(5, po->cert().creation_time().ToInternalValue()); |
415 if (!add_smt.Run()) | 415 if (!add_smt.Run()) |
416 NOTREACHED() << "Could not add an origin bound cert to the DB."; | 416 NOTREACHED() << "Could not add a server bound cert to the DB."; |
417 break; | 417 break; |
418 } | 418 } |
419 case PendingOperation::CERT_DELETE: | 419 case PendingOperation::CERT_DELETE: |
420 del_smt.Reset(); | 420 del_smt.Reset(); |
421 del_smt.BindString(0, po->cert().origin()); | 421 del_smt.BindString(0, po->cert().server()); |
422 if (!del_smt.Run()) | 422 if (!del_smt.Run()) |
423 NOTREACHED() << "Could not delete an origin bound cert from the DB."; | 423 NOTREACHED() << "Could not delete a server bound cert from the DB."; |
424 break; | 424 break; |
425 | 425 |
426 default: | 426 default: |
427 NOTREACHED(); | 427 NOTREACHED(); |
428 break; | 428 break; |
429 } | 429 } |
430 } | 430 } |
431 transaction.Commit(); | 431 transaction.Commit(); |
432 } | 432 } |
433 | 433 |
434 void SQLiteOriginBoundCertStore::Backend::Flush( | 434 void SQLiteServerBoundCertStore::Backend::Flush( |
435 const base::Closure& completion_task) { | 435 const base::Closure& completion_task) { |
436 DCHECK(!BrowserThread::CurrentlyOn(BrowserThread::DB)); | 436 DCHECK(!BrowserThread::CurrentlyOn(BrowserThread::DB)); |
437 BrowserThread::PostTask( | 437 BrowserThread::PostTask( |
438 BrowserThread::DB, FROM_HERE, base::Bind(&Backend::Commit, this)); | 438 BrowserThread::DB, FROM_HERE, base::Bind(&Backend::Commit, this)); |
439 if (!completion_task.is_null()) { | 439 if (!completion_task.is_null()) { |
440 // We want the completion task to run immediately after Commit() returns. | 440 // We want the completion task to run immediately after Commit() returns. |
441 // Posting it from here means there is less chance of another task getting | 441 // Posting it from here means there is less chance of another task getting |
442 // onto the message queue first, than if we posted it from Commit() itself. | 442 // onto the message queue first, than if we posted it from Commit() itself. |
443 BrowserThread::PostTask(BrowserThread::DB, FROM_HERE, completion_task); | 443 BrowserThread::PostTask(BrowserThread::DB, FROM_HERE, completion_task); |
444 } | 444 } |
445 } | 445 } |
446 | 446 |
447 // Fire off a close message to the background thread. We could still have a | 447 // Fire off a close message to the background thread. We could still have a |
448 // pending commit timer that will be holding a reference on us, but if/when | 448 // pending commit timer that will be holding a reference on us, but if/when |
449 // this fires we will already have been cleaned up and it will be ignored. | 449 // this fires we will already have been cleaned up and it will be ignored. |
450 void SQLiteOriginBoundCertStore::Backend::Close() { | 450 void SQLiteServerBoundCertStore::Backend::Close() { |
451 DCHECK(!BrowserThread::CurrentlyOn(BrowserThread::DB)); | 451 DCHECK(!BrowserThread::CurrentlyOn(BrowserThread::DB)); |
452 // Must close the backend on the background thread. | 452 // Must close the backend on the background thread. |
453 BrowserThread::PostTask( | 453 BrowserThread::PostTask( |
454 BrowserThread::DB, FROM_HERE, | 454 BrowserThread::DB, FROM_HERE, |
455 base::Bind(&Backend::InternalBackgroundClose, this)); | 455 base::Bind(&Backend::InternalBackgroundClose, this)); |
456 } | 456 } |
457 | 457 |
458 void SQLiteOriginBoundCertStore::Backend::InternalBackgroundClose() { | 458 void SQLiteServerBoundCertStore::Backend::InternalBackgroundClose() { |
459 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::DB)); | 459 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::DB)); |
460 // Commit any pending operations | 460 // Commit any pending operations |
461 Commit(); | 461 Commit(); |
462 | 462 |
463 db_.reset(); | 463 db_.reset(); |
464 | 464 |
465 if (clear_local_state_on_exit_) | 465 if (clear_local_state_on_exit_) |
466 file_util::Delete(path_, false); | 466 file_util::Delete(path_, false); |
467 } | 467 } |
468 | 468 |
469 void SQLiteOriginBoundCertStore::Backend::SetClearLocalStateOnExit( | 469 void SQLiteServerBoundCertStore::Backend::SetClearLocalStateOnExit( |
470 bool clear_local_state) { | 470 bool clear_local_state) { |
471 base::AutoLock locked(lock_); | 471 base::AutoLock locked(lock_); |
472 clear_local_state_on_exit_ = clear_local_state; | 472 clear_local_state_on_exit_ = clear_local_state; |
473 } | 473 } |
474 | 474 |
475 SQLiteOriginBoundCertStore::SQLiteOriginBoundCertStore(const FilePath& path) | 475 SQLiteServerBoundCertStore::SQLiteServerBoundCertStore(const FilePath& path) |
476 : backend_(new Backend(path)) { | 476 : backend_(new Backend(path)) { |
477 } | 477 } |
478 | 478 |
479 SQLiteOriginBoundCertStore::~SQLiteOriginBoundCertStore() { | 479 SQLiteServerBoundCertStore::~SQLiteServerBoundCertStore() { |
480 if (backend_.get()) { | 480 if (backend_.get()) { |
481 backend_->Close(); | 481 backend_->Close(); |
482 // Release our reference, it will probably still have a reference if the | 482 // Release our reference, it will probably still have a reference if the |
483 // background thread has not run Close() yet. | 483 // background thread has not run Close() yet. |
484 backend_ = NULL; | 484 backend_ = NULL; |
485 } | 485 } |
486 } | 486 } |
487 | 487 |
488 bool SQLiteOriginBoundCertStore::Load( | 488 bool SQLiteServerBoundCertStore::Load( |
489 std::vector<net::DefaultOriginBoundCertStore::OriginBoundCert*>* certs) { | 489 std::vector<net::DefaultServerBoundCertStore::ServerBoundCert*>* certs) { |
490 return backend_->Load(certs); | 490 return backend_->Load(certs); |
491 } | 491 } |
492 | 492 |
493 void SQLiteOriginBoundCertStore::AddOriginBoundCert( | 493 void SQLiteServerBoundCertStore::AddServerBoundCert( |
494 const net::DefaultOriginBoundCertStore::OriginBoundCert& cert) { | 494 const net::DefaultServerBoundCertStore::ServerBoundCert& cert) { |
495 if (backend_.get()) | 495 if (backend_.get()) |
496 backend_->AddOriginBoundCert(cert); | 496 backend_->AddServerBoundCert(cert); |
497 } | 497 } |
498 | 498 |
499 void SQLiteOriginBoundCertStore::DeleteOriginBoundCert( | 499 void SQLiteServerBoundCertStore::DeleteServerBoundCert( |
500 const net::DefaultOriginBoundCertStore::OriginBoundCert& cert) { | 500 const net::DefaultServerBoundCertStore::ServerBoundCert& cert) { |
501 if (backend_.get()) | 501 if (backend_.get()) |
502 backend_->DeleteOriginBoundCert(cert); | 502 backend_->DeleteServerBoundCert(cert); |
503 } | 503 } |
504 | 504 |
505 void SQLiteOriginBoundCertStore::SetClearLocalStateOnExit( | 505 void SQLiteServerBoundCertStore::SetClearLocalStateOnExit( |
506 bool clear_local_state) { | 506 bool clear_local_state) { |
507 if (backend_.get()) | 507 if (backend_.get()) |
508 backend_->SetClearLocalStateOnExit(clear_local_state); | 508 backend_->SetClearLocalStateOnExit(clear_local_state); |
509 } | 509 } |
510 | 510 |
511 void SQLiteOriginBoundCertStore::Flush(const base::Closure& completion_task) { | 511 void SQLiteServerBoundCertStore::Flush(const base::Closure& completion_task) { |
512 if (backend_.get()) | 512 if (backend_.get()) |
513 backend_->Flush(completion_task); | 513 backend_->Flush(completion_task); |
514 else if (!completion_task.is_null()) | 514 else if (!completion_task.is_null()) |
515 MessageLoop::current()->PostTask(FROM_HERE, completion_task); | 515 MessageLoop::current()->PostTask(FROM_HERE, completion_task); |
516 } | 516 } |
OLD | NEW |