OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/base/default_origin_bound_cert_store.h" | 5 #include "net/base/default_origin_bound_cert_store.h" |
6 | 6 |
7 #include "base/bind.h" | 7 #include "base/bind.h" |
8 #include "base/message_loop.h" | 8 #include "base/message_loop.h" |
9 | 9 |
10 namespace net { | 10 namespace net { |
11 | 11 |
12 // static | 12 // static |
13 const size_t DefaultOriginBoundCertStore::kMaxCerts = 3300; | 13 const size_t DefaultServerBoundCertStore::kMaxCerts = 3300; |
14 | 14 |
15 DefaultOriginBoundCertStore::DefaultOriginBoundCertStore( | 15 DefaultServerBoundCertStore::DefaultServerBoundCertStore( |
16 PersistentStore* store) | 16 PersistentStore* store) |
17 : initialized_(false), | 17 : initialized_(false), |
18 store_(store) {} | 18 store_(store) {} |
19 | 19 |
20 void DefaultOriginBoundCertStore::FlushStore( | 20 void DefaultServerBoundCertStore::FlushStore( |
21 const base::Closure& completion_task) { | 21 const base::Closure& completion_task) { |
22 base::AutoLock autolock(lock_); | 22 base::AutoLock autolock(lock_); |
23 | 23 |
24 if (initialized_ && store_) | 24 if (initialized_ && store_) |
25 store_->Flush(completion_task); | 25 store_->Flush(completion_task); |
26 else if (!completion_task.is_null()) | 26 else if (!completion_task.is_null()) |
27 MessageLoop::current()->PostTask(FROM_HERE, completion_task); | 27 MessageLoop::current()->PostTask(FROM_HERE, completion_task); |
28 } | 28 } |
29 | 29 |
30 bool DefaultOriginBoundCertStore::GetOriginBoundCert( | 30 bool DefaultServerBoundCertStore::GetServerBoundCert( |
31 const std::string& origin, | 31 const std::string& server, |
32 SSLClientCertType* type, | 32 SSLClientCertType* type, |
33 base::Time* creation_time, | 33 base::Time* creation_time, |
34 base::Time* expiration_time, | 34 base::Time* expiration_time, |
35 std::string* private_key_result, | 35 std::string* private_key_result, |
36 std::string* cert_result) { | 36 std::string* cert_result) { |
37 base::AutoLock autolock(lock_); | 37 base::AutoLock autolock(lock_); |
38 InitIfNecessary(); | 38 InitIfNecessary(); |
39 | 39 |
40 OriginBoundCertMap::iterator it = origin_bound_certs_.find(origin); | 40 ServerBoundCertMap::iterator it = server_bound_certs_.find(server); |
41 | 41 |
42 if (it == origin_bound_certs_.end()) | 42 if (it == server_bound_certs_.end()) |
43 return false; | 43 return false; |
44 | 44 |
45 OriginBoundCert* cert = it->second; | 45 ServerBoundCert* cert = it->second; |
46 *type = cert->type(); | 46 *type = cert->type(); |
47 *creation_time = cert->creation_time(); | 47 *creation_time = cert->creation_time(); |
48 *expiration_time = cert->expiration_time(); | 48 *expiration_time = cert->expiration_time(); |
49 *private_key_result = cert->private_key(); | 49 *private_key_result = cert->private_key(); |
50 *cert_result = cert->cert(); | 50 *cert_result = cert->cert(); |
51 | 51 |
52 return true; | 52 return true; |
53 } | 53 } |
54 | 54 |
55 void DefaultOriginBoundCertStore::SetOriginBoundCert( | 55 void DefaultServerBoundCertStore::SetServerBoundCert( |
56 const std::string& origin, | 56 const std::string& server, |
57 SSLClientCertType type, | 57 SSLClientCertType type, |
58 base::Time creation_time, | 58 base::Time creation_time, |
59 base::Time expiration_time, | 59 base::Time expiration_time, |
60 const std::string& private_key, | 60 const std::string& private_key, |
61 const std::string& cert) { | 61 const std::string& cert) { |
62 base::AutoLock autolock(lock_); | 62 base::AutoLock autolock(lock_); |
63 InitIfNecessary(); | 63 InitIfNecessary(); |
64 | 64 |
65 InternalDeleteOriginBoundCert(origin); | 65 InternalDeleteServerBoundCert(server); |
66 InternalInsertOriginBoundCert( | 66 InternalInsertServerBoundCert( |
67 origin, | 67 server, |
68 new OriginBoundCert( | 68 new ServerBoundCert( |
69 origin, type, creation_time, expiration_time, private_key, cert)); | 69 server, type, creation_time, expiration_time, private_key, cert)); |
70 } | 70 } |
71 | 71 |
72 void DefaultOriginBoundCertStore::DeleteOriginBoundCert( | 72 void DefaultServerBoundCertStore::DeleteServerBoundCert( |
73 const std::string& origin) { | 73 const std::string& server) { |
74 base::AutoLock autolock(lock_); | 74 base::AutoLock autolock(lock_); |
75 InitIfNecessary(); | 75 InitIfNecessary(); |
76 InternalDeleteOriginBoundCert(origin); | 76 InternalDeleteServerBoundCert(server); |
77 } | 77 } |
78 | 78 |
79 void DefaultOriginBoundCertStore::DeleteAllCreatedBetween( | 79 void DefaultServerBoundCertStore::DeleteAllCreatedBetween( |
80 base::Time delete_begin, | 80 base::Time delete_begin, |
81 base::Time delete_end) { | 81 base::Time delete_end) { |
82 base::AutoLock autolock(lock_); | 82 base::AutoLock autolock(lock_); |
83 InitIfNecessary(); | 83 InitIfNecessary(); |
84 for (OriginBoundCertMap::iterator it = origin_bound_certs_.begin(); | 84 for (ServerBoundCertMap::iterator it = server_bound_certs_.begin(); |
85 it != origin_bound_certs_.end();) { | 85 it != server_bound_certs_.end();) { |
86 OriginBoundCertMap::iterator cur = it; | 86 ServerBoundCertMap::iterator cur = it; |
87 ++it; | 87 ++it; |
88 OriginBoundCert* cert = cur->second; | 88 ServerBoundCert* cert = cur->second; |
89 if ((delete_begin.is_null() || cert->creation_time() >= delete_begin) && | 89 if ((delete_begin.is_null() || cert->creation_time() >= delete_begin) && |
90 (delete_end.is_null() || cert->creation_time() < delete_end)) { | 90 (delete_end.is_null() || cert->creation_time() < delete_end)) { |
91 if (store_) | 91 if (store_) |
92 store_->DeleteOriginBoundCert(*cert); | 92 store_->DeleteServerBoundCert(*cert); |
93 delete cert; | 93 delete cert; |
94 origin_bound_certs_.erase(cur); | 94 server_bound_certs_.erase(cur); |
95 } | 95 } |
96 } | 96 } |
97 } | 97 } |
98 | 98 |
99 void DefaultOriginBoundCertStore::DeleteAll() { | 99 void DefaultServerBoundCertStore::DeleteAll() { |
100 DeleteAllCreatedBetween(base::Time(), base::Time()); | 100 DeleteAllCreatedBetween(base::Time(), base::Time()); |
101 } | 101 } |
102 | 102 |
103 void DefaultOriginBoundCertStore::GetAllOriginBoundCerts( | 103 void DefaultServerBoundCertStore::GetAllServerBoundCerts( |
104 std::vector<OriginBoundCert>* origin_bound_certs) { | 104 std::vector<ServerBoundCert>* server_bound_certs) { |
105 base::AutoLock autolock(lock_); | 105 base::AutoLock autolock(lock_); |
106 InitIfNecessary(); | 106 InitIfNecessary(); |
107 for (OriginBoundCertMap::iterator it = origin_bound_certs_.begin(); | 107 for (ServerBoundCertMap::iterator it = server_bound_certs_.begin(); |
108 it != origin_bound_certs_.end(); ++it) { | 108 it != server_bound_certs_.end(); ++it) { |
109 origin_bound_certs->push_back(*it->second); | 109 server_bound_certs->push_back(*it->second); |
110 } | 110 } |
111 } | 111 } |
112 | 112 |
113 int DefaultOriginBoundCertStore::GetCertCount() { | 113 int DefaultServerBoundCertStore::GetCertCount() { |
114 base::AutoLock autolock(lock_); | 114 base::AutoLock autolock(lock_); |
115 InitIfNecessary(); | 115 InitIfNecessary(); |
116 | 116 |
117 return origin_bound_certs_.size(); | 117 return server_bound_certs_.size(); |
118 } | 118 } |
119 | 119 |
120 DefaultOriginBoundCertStore::~DefaultOriginBoundCertStore() { | 120 DefaultServerBoundCertStore::~DefaultServerBoundCertStore() { |
121 DeleteAllInMemory(); | 121 DeleteAllInMemory(); |
122 } | 122 } |
123 | 123 |
124 void DefaultOriginBoundCertStore::DeleteAllInMemory() { | 124 void DefaultServerBoundCertStore::DeleteAllInMemory() { |
125 base::AutoLock autolock(lock_); | 125 base::AutoLock autolock(lock_); |
126 | 126 |
127 for (OriginBoundCertMap::iterator it = origin_bound_certs_.begin(); | 127 for (ServerBoundCertMap::iterator it = server_bound_certs_.begin(); |
128 it != origin_bound_certs_.end(); ++it) { | 128 it != server_bound_certs_.end(); ++it) { |
129 delete it->second; | 129 delete it->second; |
130 } | 130 } |
131 origin_bound_certs_.clear(); | 131 server_bound_certs_.clear(); |
132 } | 132 } |
133 | 133 |
134 void DefaultOriginBoundCertStore::InitStore() { | 134 void DefaultServerBoundCertStore::InitStore() { |
135 lock_.AssertAcquired(); | 135 lock_.AssertAcquired(); |
136 | 136 |
137 DCHECK(store_) << "Store must exist to initialize"; | 137 DCHECK(store_) << "Store must exist to initialize"; |
138 | 138 |
139 // Initialize the store and sync in any saved persistent certs. | 139 // Initialize the store and sync in any saved persistent certs. |
140 std::vector<OriginBoundCert*> certs; | 140 std::vector<ServerBoundCert*> certs; |
141 // Reserve space for the maximum amount of certs a database should have. | 141 // Reserve space for the maximum amount of certs a database should have. |
142 // This prevents multiple vector growth / copies as we append certs. | 142 // This prevents multiple vector growth / copies as we append certs. |
143 certs.reserve(kMaxCerts); | 143 certs.reserve(kMaxCerts); |
144 store_->Load(&certs); | 144 store_->Load(&certs); |
145 | 145 |
146 for (std::vector<OriginBoundCert*>::const_iterator it = certs.begin(); | 146 for (std::vector<ServerBoundCert*>::const_iterator it = certs.begin(); |
147 it != certs.end(); ++it) { | 147 it != certs.end(); ++it) { |
148 origin_bound_certs_[(*it)->origin()] = *it; | 148 server_bound_certs_[(*it)->server()] = *it; |
149 } | 149 } |
150 } | 150 } |
151 | 151 |
152 void DefaultOriginBoundCertStore::InternalDeleteOriginBoundCert( | 152 void DefaultServerBoundCertStore::InternalDeleteServerBoundCert( |
153 const std::string& origin) { | 153 const std::string& server) { |
154 lock_.AssertAcquired(); | 154 lock_.AssertAcquired(); |
155 | 155 |
156 OriginBoundCertMap::iterator it = origin_bound_certs_.find(origin); | 156 ServerBoundCertMap::iterator it = server_bound_certs_.find(server); |
157 if (it == origin_bound_certs_.end()) | 157 if (it == server_bound_certs_.end()) |
158 return; // There is nothing to delete. | 158 return; // There is nothing to delete. |
159 | 159 |
160 OriginBoundCert* cert = it->second; | 160 ServerBoundCert* cert = it->second; |
161 if (store_) | 161 if (store_) |
162 store_->DeleteOriginBoundCert(*cert); | 162 store_->DeleteServerBoundCert(*cert); |
163 origin_bound_certs_.erase(it); | 163 server_bound_certs_.erase(it); |
164 delete cert; | 164 delete cert; |
165 } | 165 } |
166 | 166 |
167 void DefaultOriginBoundCertStore::InternalInsertOriginBoundCert( | 167 void DefaultServerBoundCertStore::InternalInsertServerBoundCert( |
168 const std::string& origin, | 168 const std::string& server, |
169 OriginBoundCert* cert) { | 169 ServerBoundCert* cert) { |
170 lock_.AssertAcquired(); | 170 lock_.AssertAcquired(); |
171 | 171 |
172 if (store_) | 172 if (store_) |
173 store_->AddOriginBoundCert(*cert); | 173 store_->AddServerBoundCert(*cert); |
174 origin_bound_certs_[origin] = cert; | 174 server_bound_certs_[server] = cert; |
175 } | 175 } |
176 | 176 |
177 DefaultOriginBoundCertStore::PersistentStore::PersistentStore() {} | 177 DefaultServerBoundCertStore::PersistentStore::PersistentStore() {} |
178 | 178 |
179 } // namespace net | 179 } // namespace net |
OLD | NEW |