OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/extras/sqlite/sqlite_channel_id_store.h" | 5 #include "net/extras/sqlite/sqlite_channel_id_store.h" |
6 | 6 |
7 #include <set> | 7 #include <set> |
8 | 8 |
9 #include "base/basictypes.h" | 9 #include "base/basictypes.h" |
10 #include "base/bind.h" | 10 #include "base/bind.h" |
11 #include "base/files/file_path.h" | 11 #include "base/files/file_path.h" |
12 #include "base/files/file_util.h" | 12 #include "base/files/file_util.h" |
13 #include "base/location.h" | 13 #include "base/location.h" |
14 #include "base/logging.h" | 14 #include "base/logging.h" |
15 #include "base/memory/scoped_ptr.h" | 15 #include "base/memory/scoped_ptr.h" |
16 #include "base/memory/scoped_vector.h" | 16 #include "base/memory/scoped_vector.h" |
17 #include "base/metrics/histogram.h" | 17 #include "base/metrics/histogram.h" |
18 #include "base/sequenced_task_runner.h" | 18 #include "base/sequenced_task_runner.h" |
19 #include "base/strings/string_util.h" | 19 #include "base/strings/string_util.h" |
20 #include "net/cert/asn1_util.h" | |
20 #include "net/cert/x509_certificate.h" | 21 #include "net/cert/x509_certificate.h" |
21 #include "net/cookies/cookie_util.h" | 22 #include "net/cookies/cookie_util.h" |
22 #include "net/ssl/ssl_client_cert_type.h" | 23 #include "net/ssl/ssl_client_cert_type.h" |
23 #include "sql/error_delegate_util.h" | 24 #include "sql/error_delegate_util.h" |
24 #include "sql/meta_table.h" | 25 #include "sql/meta_table.h" |
25 #include "sql/statement.h" | 26 #include "sql/statement.h" |
26 #include "sql/transaction.h" | 27 #include "sql/transaction.h" |
27 #include "url/gurl.h" | 28 #include "url/gurl.h" |
28 | 29 |
29 namespace { | 30 namespace { |
30 | 31 |
31 // Version number of the database. | 32 // Version number of the database. |
32 const int kCurrentVersionNumber = 4; | 33 const int kCurrentVersionNumber = 5; |
33 const int kCompatibleVersionNumber = 1; | 34 const int kCompatibleVersionNumber = 1; |
mattm
2015/04/10 01:00:27
Should be 5 also?
nharper
2015/04/25 02:59:18
I need it to be both 1 and 5, depending on the con
mattm
2015/04/27 20:55:53
Hm, it looks to me that in this CL kCompatibleVers
nharper
2015/04/29 22:07:15
Now that I re-read the code and what I wrote, I re
| |
34 | 35 |
35 // Initializes the certs table, returning true on success. | 36 // Creates the new channel_id table (if it doesn't exist) and drops the old |
37 // origin_bound_certs table (if it exists), returning true on success. Success | |
38 // means that the new table exists and the old table doesn't exist at the | |
39 // end of the function, regardless of what sql commands are executed. | |
40 /* | |
36 bool InitTable(sql::Connection* db) { | 41 bool InitTable(sql::Connection* db) { |
37 // The table is named "origin_bound_certs" for backwards compatability before | 42 if (!db->DoesTableExist("channel_id")) { |
38 // we renamed this class to SQLiteChannelIDStore. Likewise, the primary | |
39 // key is "origin", but now can be other things like a plain domain. | |
40 if (!db->DoesTableExist("origin_bound_certs")) { | |
41 if (!db->Execute( | 43 if (!db->Execute( |
42 "CREATE TABLE origin_bound_certs (" | 44 "CREATE TABLE channel_id (" |
43 "origin TEXT NOT NULL UNIQUE PRIMARY KEY," | 45 "host TEXT NOT NULL UNIQUE PRIMARY KEY," |
44 "private_key BLOB NOT NULL," | 46 "private_key BLOB NOT NULL," |
45 "cert BLOB NOT NULL," | 47 "public_key BLOB NOT NULL," |
46 "cert_type INTEGER," | |
47 "expiration_time INTEGER," | |
48 "creation_time INTEGER)")) { | 48 "creation_time INTEGER)")) { |
49 return false; | 49 return false; |
50 } | 50 } |
51 } | 51 } |
52 | 52 |
53 return true; | 53 return true; |
54 } | 54 } |
55 */ | |
Ryan Sleevi
2015/04/09 22:40:09
This code is commented out.
nharper
2015/04/10 00:32:08
Sorry - removed.
| |
55 | 56 |
56 } // namespace | 57 } // namespace |
57 | 58 |
58 namespace net { | 59 namespace net { |
59 | 60 |
60 // This class is designed to be shared between any calling threads and the | 61 // This class is designed to be shared between any calling threads and the |
61 // background task runner. It batches operations and commits them on a timer. | 62 // background task runner. It batches operations and commits them on a timer. |
62 class SQLiteChannelIDStore::Backend | 63 class SQLiteChannelIDStore::Backend |
63 : public base::RefCountedThreadSafe<SQLiteChannelIDStore::Backend> { | 64 : public base::RefCountedThreadSafe<SQLiteChannelIDStore::Backend> { |
64 public: | 65 public: |
(...skipping 136 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
201 base::Unretained(this))); | 202 base::Unretained(this))); |
202 | 203 |
203 if (!db_->Open(path_)) { | 204 if (!db_->Open(path_)) { |
204 NOTREACHED() << "Unable to open cert DB."; | 205 NOTREACHED() << "Unable to open cert DB."; |
205 if (corruption_detected_) | 206 if (corruption_detected_) |
206 KillDatabase(); | 207 KillDatabase(); |
207 db_.reset(); | 208 db_.reset(); |
208 return; | 209 return; |
209 } | 210 } |
210 | 211 |
211 if (!EnsureDatabaseVersion() || !InitTable(db_.get())) { | 212 if (!EnsureDatabaseVersion()) { |
Ryan Sleevi
2015/04/09 22:40:09
Why no InitTable() call?
nharper
2015/04/10 00:32:08
It didn't make sense as its own function - I rolle
| |
212 NOTREACHED() << "Unable to open cert DB."; | 213 NOTREACHED() << "Unable to open cert DB."; |
213 if (corruption_detected_) | 214 if (corruption_detected_) |
214 KillDatabase(); | 215 KillDatabase(); |
215 meta_table_.Reset(); | 216 meta_table_.Reset(); |
216 db_.reset(); | 217 db_.reset(); |
217 return; | 218 return; |
218 } | 219 } |
219 | 220 |
220 db_->Preload(); | 221 db_->Preload(); |
221 | 222 |
222 // Slurp all the certs into the out-vector. | 223 // Slurp all the certs into the out-vector. |
223 sql::Statement smt(db_->GetUniqueStatement( | 224 sql::Statement smt(db_->GetUniqueStatement( |
224 "SELECT origin, private_key, cert, cert_type, expiration_time, " | 225 "SELECT host, private_key, public_key, creation_time FROM channel_id")); |
225 "creation_time FROM origin_bound_certs")); | |
226 if (!smt.is_valid()) { | 226 if (!smt.is_valid()) { |
227 if (corruption_detected_) | 227 if (corruption_detected_) |
228 KillDatabase(); | 228 KillDatabase(); |
229 meta_table_.Reset(); | 229 meta_table_.Reset(); |
230 db_.reset(); | 230 db_.reset(); |
231 return; | 231 return; |
Ryan Sleevi
2015/04/09 22:40:09
Doesn't this cause things to explode if no channel
nharper
2015/04/10 00:32:08
I didn't see any explosions.
I deleted my chromiu
| |
232 } | 232 } |
233 | 233 |
234 while (smt.Step()) { | 234 while (smt.Step()) { |
235 SSLClientCertType type = static_cast<SSLClientCertType>(smt.ColumnInt(3)); | 235 std::string private_key_from_db, public_key_from_db; |
236 if (type != CLIENT_CERT_ECDSA_SIGN) | |
237 continue; | |
238 std::string private_key_from_db, cert_from_db; | |
239 smt.ColumnBlobAsString(1, &private_key_from_db); | 236 smt.ColumnBlobAsString(1, &private_key_from_db); |
240 smt.ColumnBlobAsString(2, &cert_from_db); | 237 smt.ColumnBlobAsString(2, &public_key_from_db); |
241 scoped_ptr<DefaultChannelIDStore::ChannelID> channel_id( | 238 scoped_ptr<DefaultChannelIDStore::ChannelID> channel_id( |
242 new DefaultChannelIDStore::ChannelID( | 239 new DefaultChannelIDStore::ChannelID( |
243 smt.ColumnString(0), // origin | 240 smt.ColumnString(0), // host |
244 base::Time::FromInternalValue(smt.ColumnInt64(5)), | 241 base::Time::FromInternalValue(smt.ColumnInt64(3)), |
245 base::Time::FromInternalValue(smt.ColumnInt64(4)), | 242 private_key_from_db, public_key_from_db)); |
246 private_key_from_db, | |
247 cert_from_db)); | |
248 channel_ids->push_back(channel_id.release()); | 243 channel_ids->push_back(channel_id.release()); |
249 } | 244 } |
250 | 245 |
251 UMA_HISTOGRAM_COUNTS_10000( | 246 UMA_HISTOGRAM_COUNTS_10000( |
252 "DomainBoundCerts.DBLoadedCount", | 247 "DomainBoundCerts.DBLoadedCount", |
253 static_cast<base::HistogramBase::Sample>(channel_ids->size())); | 248 static_cast<base::HistogramBase::Sample>(channel_ids->size())); |
254 base::TimeDelta load_time = base::TimeTicks::Now() - start; | 249 base::TimeDelta load_time = base::TimeTicks::Now() - start; |
255 UMA_HISTOGRAM_CUSTOM_TIMES("DomainBoundCerts.DBLoadTime", | 250 UMA_HISTOGRAM_CUSTOM_TIMES("DomainBoundCerts.DBLoadTime", |
256 load_time, | 251 load_time, |
257 base::TimeDelta::FromMilliseconds(1), | 252 base::TimeDelta::FromMilliseconds(1), |
258 base::TimeDelta::FromMinutes(1), | 253 base::TimeDelta::FromMinutes(1), |
259 50); | 254 50); |
260 DVLOG(1) << "loaded " << channel_ids->size() << " in " | 255 DVLOG(1) << "loaded " << channel_ids->size() << " in " |
261 << load_time.InMilliseconds() << " ms"; | 256 << load_time.InMilliseconds() << " ms"; |
262 } | 257 } |
263 | 258 |
264 bool SQLiteChannelIDStore::Backend::EnsureDatabaseVersion() { | 259 bool SQLiteChannelIDStore::Backend::EnsureDatabaseVersion() { |
265 // Version check. | 260 // Version check. |
266 if (!meta_table_.Init( | 261 if (!meta_table_.Init( |
267 db_.get(), kCurrentVersionNumber, kCompatibleVersionNumber)) { | 262 db_.get(), kCurrentVersionNumber, kCompatibleVersionNumber)) { |
268 return false; | 263 return false; |
269 } | 264 } |
270 | 265 |
271 if (meta_table_.GetCompatibleVersionNumber() > kCurrentVersionNumber) { | 266 if (meta_table_.GetCompatibleVersionNumber() > kCurrentVersionNumber) { |
272 LOG(WARNING) << "Server bound cert database is too new."; | 267 LOG(WARNING) << "Server bound cert database is too new."; |
273 return false; | 268 return false; |
274 } | 269 } |
275 | 270 |
276 int cur_version = meta_table_.GetVersionNumber(); | 271 int cur_version = meta_table_.GetVersionNumber(); |
277 if (cur_version == 1) { | 272 |
278 sql::Transaction transaction(db_.get()); | 273 sql::Transaction transaction(db_.get()); |
279 if (!transaction.Begin()) | 274 if (!transaction.Begin()) |
280 return false; | 275 return false; |
276 | |
277 // Create new table if it doesn't already exist | |
278 if (!db_->DoesTableExist("channel_id")) { | |
281 if (!db_->Execute( | 279 if (!db_->Execute( |
282 "ALTER TABLE origin_bound_certs ADD COLUMN cert_type " | 280 "CREATE TABLE channel_id (" |
283 "INTEGER")) { | 281 "host TEXT NOT NULL UNIQUE PRIMARY KEY," |
284 LOG(WARNING) << "Unable to update server bound cert database to " | 282 "private_key BLOB NOT NULL," |
285 << "version 2."; | 283 "public_key BLOB NOT NULL," |
284 "creation_time INTEGER)")) { | |
286 return false; | 285 return false; |
287 } | 286 } |
288 // All certs in version 1 database are rsa_sign, which are unsupported. | |
289 // Just discard them all. | |
290 if (!db_->Execute("DELETE from origin_bound_certs")) { | |
291 LOG(WARNING) << "Unable to update server bound cert database to " | |
292 << "version 2."; | |
293 return false; | |
294 } | |
295 ++cur_version; | |
296 meta_table_.SetVersionNumber(cur_version); | |
297 meta_table_.SetCompatibleVersionNumber( | |
298 std::min(cur_version, kCompatibleVersionNumber)); | |
299 transaction.Commit(); | |
300 } | 287 } |
301 | 288 |
302 if (cur_version <= 3) { | 289 // Migrate from previous versions to new version if possible |
303 sql::Transaction transaction(db_.get()); | 290 if (cur_version >= 2 && cur_version <= 4) { |
304 if (!transaction.Begin()) | 291 sql::Statement statement(db_->GetUniqueStatement( |
305 return false; | 292 "SELECT origin, cert, private_key, cert_type FROM origin_bound_certs")); |
306 | 293 sql::Statement insert_statement( |
307 if (cur_version == 2) { | 294 db_->GetUniqueStatement("INSERT INTO channel_id VALUES (?, ?, ?, ?)")); |
308 if (!db_->Execute( | 295 if (!statement.is_valid() || !insert_statement.is_valid()) { |
309 "ALTER TABLE origin_bound_certs ADD COLUMN " | |
310 "expiration_time INTEGER")) { | |
311 LOG(WARNING) << "Unable to update server bound cert database to " | |
312 << "version 4."; | |
313 return false; | |
314 } | |
315 } | |
316 | |
317 if (!db_->Execute( | |
318 "ALTER TABLE origin_bound_certs ADD COLUMN " | |
319 "creation_time INTEGER")) { | |
320 LOG(WARNING) << "Unable to update server bound cert database to " | 296 LOG(WARNING) << "Unable to update server bound cert database to " |
321 << "version 4."; | 297 << "version 5."; |
322 return false; | 298 return false; |
323 } | 299 } |
324 | 300 |
325 sql::Statement statement( | |
326 db_->GetUniqueStatement("SELECT origin, cert FROM origin_bound_certs")); | |
327 sql::Statement update_expires_statement(db_->GetUniqueStatement( | |
328 "UPDATE origin_bound_certs SET expiration_time = ? WHERE origin = ?")); | |
329 sql::Statement update_creation_statement(db_->GetUniqueStatement( | |
330 "UPDATE origin_bound_certs SET creation_time = ? WHERE origin = ?")); | |
331 if (!statement.is_valid() || !update_expires_statement.is_valid() || | |
332 !update_creation_statement.is_valid()) { | |
333 LOG(WARNING) << "Unable to update server bound cert database to " | |
334 << "version 4."; | |
335 return false; | |
336 } | |
337 | |
338 while (statement.Step()) { | 301 while (statement.Step()) { |
339 std::string origin = statement.ColumnString(0); | 302 std::string origin = statement.ColumnString(0); |
340 std::string cert_from_db; | 303 std::string cert_from_db; |
341 statement.ColumnBlobAsString(1, &cert_from_db); | 304 statement.ColumnBlobAsString(1, &cert_from_db); |
305 std::string private_key; | |
306 statement.ColumnBlobAsString(2, &private_key); | |
307 if (statement.ColumnInt64(3) != CLIENT_CERT_ECDSA_SIGN) { | |
308 continue; | |
309 } | |
342 // Parse the cert and extract the real value and then update the DB. | 310 // Parse the cert and extract the real value and then update the DB. |
343 scoped_refptr<X509Certificate> cert(X509Certificate::CreateFromBytes( | 311 scoped_refptr<X509Certificate> cert(X509Certificate::CreateFromBytes( |
344 cert_from_db.data(), static_cast<int>(cert_from_db.size()))); | 312 cert_from_db.data(), static_cast<int>(cert_from_db.size()))); |
345 if (cert.get()) { | 313 if (cert.get()) { |
346 if (cur_version == 2) { | 314 insert_statement.Reset(true); |
347 update_expires_statement.Reset(true); | 315 insert_statement.BindString(0, origin); |
348 update_expires_statement.BindInt64( | 316 insert_statement.BindBlob(1, private_key.data(), |
349 0, cert->valid_expiry().ToInternalValue()); | 317 static_cast<int>(private_key.size())); |
350 update_expires_statement.BindString(1, origin); | 318 base::StringPiece spki; |
351 if (!update_expires_statement.Run()) { | 319 if (!asn1::ExtractSPKIFromDERCert(cert_from_db, &spki)) { |
352 LOG(WARNING) << "Unable to update server bound cert database to " | 320 LOG(WARNING) << "Unable to extract SPKI from cert when migrating " |
353 << "version 4."; | 321 "channel id database to version 5."; |
354 return false; | 322 return false; |
355 } | |
356 } | 323 } |
357 | 324 insert_statement.BindBlob(2, spki.data(), spki.size()); |
358 update_creation_statement.Reset(true); | 325 insert_statement.BindInt64(3, cert->valid_start().ToInternalValue()); |
359 update_creation_statement.BindInt64( | 326 if (!insert_statement.Run()) { |
360 0, cert->valid_start().ToInternalValue()); | 327 LOG(WARNING) << "Unable to update channel id database to " |
361 update_creation_statement.BindString(1, origin); | 328 << "version 5."; |
362 if (!update_creation_statement.Run()) { | |
363 LOG(WARNING) << "Unable to update server bound cert database to " | |
364 << "version 4."; | |
365 return false; | 329 return false; |
366 } | 330 } |
367 } else { | 331 } else { |
368 // If there's a cert we can't parse, just leave it. It'll get replaced | 332 // If there's a cert we can't parse, just leave it. It'll get replaced |
369 // with a new one if we ever try to use it. | 333 // with a new one if we ever try to use it. |
370 LOG(WARNING) << "Error parsing cert for database upgrade for origin " | 334 LOG(WARNING) << "Error parsing cert for database upgrade for origin " |
371 << statement.ColumnString(0); | 335 << statement.ColumnString(0); |
372 } | 336 } |
373 } | 337 } |
374 | |
375 cur_version = 4; | |
376 meta_table_.SetVersionNumber(cur_version); | |
377 meta_table_.SetCompatibleVersionNumber( | |
378 std::min(cur_version, kCompatibleVersionNumber)); | |
379 transaction.Commit(); | |
380 } | 338 } |
381 | 339 |
340 if (cur_version < kCurrentVersionNumber) { | |
341 sql::Statement statement( | |
342 db_->GetUniqueStatement("DROP TABLE origin_bound_certs")); | |
343 if (!statement.Run()) { | |
344 LOG(WARNING) << "Error dropping old origin_bound_certs table"; | |
345 return false; | |
346 } | |
347 meta_table_.SetVersionNumber(kCurrentVersionNumber); | |
348 meta_table_.SetCompatibleVersionNumber(kCurrentVersionNumber); | |
mattm
2015/04/10 01:00:27
kCompatibleVersionNumber
nharper
2015/04/25 02:59:18
The compatible version number here needs to be 5,
mattm
2015/04/27 20:55:53
Yeah, I think it should be 5 here also. I don't se
nharper
2015/04/29 22:07:15
I figured out my mistake and set it to 5.
| |
349 } | |
350 transaction.Commit(); | |
351 | |
382 // Put future migration cases here. | 352 // Put future migration cases here. |
383 | 353 |
384 // When the version is too old, we just try to continue anyway, there should | |
385 // not be a released product that makes a database too old for us to handle. | |
386 LOG_IF(WARNING, cur_version < kCurrentVersionNumber) | |
387 << "Server bound cert database version " << cur_version | |
388 << " is too old to handle."; | |
389 | |
390 return true; | 354 return true; |
391 } | 355 } |
392 | 356 |
393 void SQLiteChannelIDStore::Backend::DatabaseErrorCallback( | 357 void SQLiteChannelIDStore::Backend::DatabaseErrorCallback( |
394 int error, | 358 int error, |
395 sql::Statement* stmt) { | 359 sql::Statement* stmt) { |
396 DCHECK(background_task_runner_->RunsTasksOnCurrentThread()); | 360 DCHECK(background_task_runner_->RunsTasksOnCurrentThread()); |
397 | 361 |
398 if (!sql::IsErrorCatastrophic(error)) | 362 if (!sql::IsErrorCatastrophic(error)) |
399 return; | 363 return; |
(...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
486 pending_.swap(ops); | 450 pending_.swap(ops); |
487 num_pending_ = 0; | 451 num_pending_ = 0; |
488 } | 452 } |
489 | 453 |
490 // Maybe an old timer fired or we are already Close()'ed. | 454 // Maybe an old timer fired or we are already Close()'ed. |
491 if (!db_.get() || ops.empty()) | 455 if (!db_.get() || ops.empty()) |
492 return; | 456 return; |
493 | 457 |
494 sql::Statement add_statement(db_->GetCachedStatement( | 458 sql::Statement add_statement(db_->GetCachedStatement( |
495 SQL_FROM_HERE, | 459 SQL_FROM_HERE, |
496 "INSERT INTO origin_bound_certs (origin, private_key, cert, cert_type, " | 460 "INSERT INTO channel_id (host, private_key, public_key, " |
497 "expiration_time, creation_time) VALUES (?,?,?,?,?,?)")); | 461 "creation_time) VALUES (?,?,?,?)")); |
498 if (!add_statement.is_valid()) | 462 if (!add_statement.is_valid()) |
499 return; | 463 return; |
500 | 464 |
501 sql::Statement del_statement(db_->GetCachedStatement( | 465 sql::Statement del_statement(db_->GetCachedStatement( |
502 SQL_FROM_HERE, "DELETE FROM origin_bound_certs WHERE origin=?")); | 466 SQL_FROM_HERE, "DELETE FROM channel_id WHERE host=?")); |
503 if (!del_statement.is_valid()) | 467 if (!del_statement.is_valid()) |
504 return; | 468 return; |
505 | 469 |
506 sql::Transaction transaction(db_.get()); | 470 sql::Transaction transaction(db_.get()); |
507 if (!transaction.Begin()) | 471 if (!transaction.Begin()) |
508 return; | 472 return; |
509 | 473 |
510 for (PendingOperationsList::iterator it = ops.begin(); it != ops.end(); | 474 for (PendingOperationsList::iterator it = ops.begin(); it != ops.end(); |
511 ++it) { | 475 ++it) { |
512 // Free the certs as we commit them to the database. | 476 // Free the certs as we commit them to the database. |
513 scoped_ptr<PendingOperation> po(*it); | 477 scoped_ptr<PendingOperation> po(*it); |
514 switch (po->op()) { | 478 switch (po->op()) { |
515 case PendingOperation::CHANNEL_ID_ADD: { | 479 case PendingOperation::CHANNEL_ID_ADD: { |
516 add_statement.Reset(true); | 480 add_statement.Reset(true); |
517 add_statement.BindString(0, po->channel_id().server_identifier()); | 481 add_statement.BindString(0, po->channel_id().server_identifier()); |
518 const std::string& private_key = po->channel_id().private_key(); | 482 const std::string& private_key = po->channel_id().private_key(); |
519 add_statement.BindBlob( | 483 add_statement.BindBlob( |
520 1, private_key.data(), static_cast<int>(private_key.size())); | 484 1, private_key.data(), static_cast<int>(private_key.size())); |
521 const std::string& cert = po->channel_id().cert(); | 485 const std::string& public_key = po->channel_id().public_key(); |
522 add_statement.BindBlob(2, cert.data(), static_cast<int>(cert.size())); | 486 add_statement.BindBlob(2, public_key.data(), |
523 add_statement.BindInt(3, CLIENT_CERT_ECDSA_SIGN); | 487 static_cast<int>(public_key.size())); |
524 add_statement.BindInt64( | 488 add_statement.BindInt64( |
525 4, po->channel_id().expiration_time().ToInternalValue()); | 489 3, po->channel_id().creation_time().ToInternalValue()); |
526 add_statement.BindInt64( | |
527 5, po->channel_id().creation_time().ToInternalValue()); | |
528 if (!add_statement.Run()) | 490 if (!add_statement.Run()) |
529 NOTREACHED() << "Could not add a server bound cert to the DB."; | 491 NOTREACHED() << "Could not add a server bound cert to the DB."; |
530 break; | 492 break; |
531 } | 493 } |
532 case PendingOperation::CHANNEL_ID_DELETE: | 494 case PendingOperation::CHANNEL_ID_DELETE: |
533 del_statement.Reset(true); | 495 del_statement.Reset(true); |
534 del_statement.BindString(0, po->channel_id().server_identifier()); | 496 del_statement.BindString(0, po->channel_id().server_identifier()); |
535 if (!del_statement.Run()) | 497 if (!del_statement.Run()) |
536 NOTREACHED() << "Could not delete a server bound cert from the DB."; | 498 NOTREACHED() << "Could not delete a server bound cert from the DB."; |
537 break; | 499 break; |
(...skipping 23 matching lines...) Expand all Loading... | |
561 } | 523 } |
562 | 524 |
563 void SQLiteChannelIDStore::Backend::BackgroundDeleteAllInList( | 525 void SQLiteChannelIDStore::Backend::BackgroundDeleteAllInList( |
564 const std::list<std::string>& server_identifiers) { | 526 const std::list<std::string>& server_identifiers) { |
565 DCHECK(background_task_runner_->RunsTasksOnCurrentThread()); | 527 DCHECK(background_task_runner_->RunsTasksOnCurrentThread()); |
566 | 528 |
567 if (!db_.get()) | 529 if (!db_.get()) |
568 return; | 530 return; |
569 | 531 |
570 sql::Statement del_smt(db_->GetCachedStatement( | 532 sql::Statement del_smt(db_->GetCachedStatement( |
571 SQL_FROM_HERE, "DELETE FROM origin_bound_certs WHERE origin=?")); | 533 SQL_FROM_HERE, "DELETE FROM channel_id WHERE host=?")); |
572 if (!del_smt.is_valid()) { | 534 if (!del_smt.is_valid()) { |
573 LOG(WARNING) << "Unable to delete channel ids."; | 535 LOG(WARNING) << "Unable to delete channel ids."; |
574 return; | 536 return; |
575 } | 537 } |
576 | 538 |
577 sql::Transaction transaction(db_.get()); | 539 sql::Transaction transaction(db_.get()); |
578 if (!transaction.Begin()) { | 540 if (!transaction.Begin()) { |
579 LOG(WARNING) << "Unable to delete channel ids."; | 541 LOG(WARNING) << "Unable to delete channel ids."; |
580 return; | 542 return; |
581 } | 543 } |
(...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
627 backend_->SetForceKeepSessionState(); | 589 backend_->SetForceKeepSessionState(); |
628 } | 590 } |
629 | 591 |
630 SQLiteChannelIDStore::~SQLiteChannelIDStore() { | 592 SQLiteChannelIDStore::~SQLiteChannelIDStore() { |
631 backend_->Close(); | 593 backend_->Close(); |
632 // We release our reference to the Backend, though it will probably still have | 594 // We release our reference to the Backend, though it will probably still have |
633 // a reference if the background task runner has not run Close() yet. | 595 // a reference if the background task runner has not run Close() yet. |
634 } | 596 } |
635 | 597 |
636 } // namespace net | 598 } // namespace net |
OLD | NEW |