OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/extras/sqlite/sqlite_channel_id_store.h" | 5 #include "net/extras/sqlite/sqlite_channel_id_store.h" |
6 | 6 |
7 #include <set> | 7 #include <set> |
8 | 8 |
9 #include "base/basictypes.h" | 9 #include "base/basictypes.h" |
10 #include "base/bind.h" | 10 #include "base/bind.h" |
11 #include "base/files/file_path.h" | 11 #include "base/files/file_path.h" |
12 #include "base/files/file_util.h" | 12 #include "base/files/file_util.h" |
13 #include "base/location.h" | 13 #include "base/location.h" |
14 #include "base/logging.h" | 14 #include "base/logging.h" |
15 #include "base/memory/scoped_ptr.h" | 15 #include "base/memory/scoped_ptr.h" |
16 #include "base/memory/scoped_vector.h" | 16 #include "base/memory/scoped_vector.h" |
17 #include "base/metrics/histogram.h" | 17 #include "base/metrics/histogram.h" |
18 #include "base/sequenced_task_runner.h" | 18 #include "base/sequenced_task_runner.h" |
19 #include "base/strings/string_util.h" | 19 #include "base/strings/string_util.h" |
20 #include "crypto/ec_private_key.h" | |
21 #include "net/cert/asn1_util.h" | |
20 #include "net/cert/x509_certificate.h" | 22 #include "net/cert/x509_certificate.h" |
21 #include "net/cookies/cookie_util.h" | 23 #include "net/cookies/cookie_util.h" |
24 #include "net/ssl/channel_id_service.h" | |
22 #include "net/ssl/ssl_client_cert_type.h" | 25 #include "net/ssl/ssl_client_cert_type.h" |
23 #include "sql/error_delegate_util.h" | 26 #include "sql/error_delegate_util.h" |
24 #include "sql/meta_table.h" | 27 #include "sql/meta_table.h" |
25 #include "sql/statement.h" | 28 #include "sql/statement.h" |
26 #include "sql/transaction.h" | 29 #include "sql/transaction.h" |
27 #include "url/gurl.h" | 30 #include "url/gurl.h" |
28 | 31 |
29 namespace { | 32 namespace { |
30 | 33 |
31 // Version number of the database. | 34 // Version number of the database. |
32 const int kCurrentVersionNumber = 4; | 35 const int kCurrentVersionNumber = 5; |
33 const int kCompatibleVersionNumber = 1; | 36 const int kCompatibleVersionNumber = 5; |
34 | |
35 // Initializes the certs table, returning true on success. | |
36 bool InitTable(sql::Connection* db) { | |
37 // The table is named "origin_bound_certs" for backwards compatability before | |
38 // we renamed this class to SQLiteChannelIDStore. Likewise, the primary | |
39 // key is "origin", but now can be other things like a plain domain. | |
40 if (!db->DoesTableExist("origin_bound_certs")) { | |
41 if (!db->Execute( | |
42 "CREATE TABLE origin_bound_certs (" | |
43 "origin TEXT NOT NULL UNIQUE PRIMARY KEY," | |
44 "private_key BLOB NOT NULL," | |
45 "cert BLOB NOT NULL," | |
46 "cert_type INTEGER," | |
47 "expiration_time INTEGER," | |
48 "creation_time INTEGER)")) { | |
49 return false; | |
50 } | |
51 } | |
52 | |
53 return true; | |
54 } | |
55 | 37 |
56 } // namespace | 38 } // namespace |
57 | 39 |
58 namespace net { | 40 namespace net { |
59 | 41 |
60 // This class is designed to be shared between any calling threads and the | 42 // This class is designed to be shared between any calling threads and the |
61 // background task runner. It batches operations and commits them on a timer. | 43 // background task runner. It batches operations and commits them on a timer. |
62 class SQLiteChannelIDStore::Backend | 44 class SQLiteChannelIDStore::Backend |
63 : public base::RefCountedThreadSafe<SQLiteChannelIDStore::Backend> { | 45 : public base::RefCountedThreadSafe<SQLiteChannelIDStore::Backend> { |
64 public: | 46 public: |
(...skipping 136 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
201 base::Unretained(this))); | 183 base::Unretained(this))); |
202 | 184 |
203 if (!db_->Open(path_)) { | 185 if (!db_->Open(path_)) { |
204 NOTREACHED() << "Unable to open cert DB."; | 186 NOTREACHED() << "Unable to open cert DB."; |
205 if (corruption_detected_) | 187 if (corruption_detected_) |
206 KillDatabase(); | 188 KillDatabase(); |
207 db_.reset(); | 189 db_.reset(); |
208 return; | 190 return; |
209 } | 191 } |
210 | 192 |
211 if (!EnsureDatabaseVersion() || !InitTable(db_.get())) { | 193 if (!EnsureDatabaseVersion()) { |
212 NOTREACHED() << "Unable to open cert DB."; | 194 NOTREACHED() << "Unable to open cert DB."; |
213 if (corruption_detected_) | 195 if (corruption_detected_) |
214 KillDatabase(); | 196 KillDatabase(); |
215 meta_table_.Reset(); | 197 meta_table_.Reset(); |
216 db_.reset(); | 198 db_.reset(); |
217 return; | 199 return; |
218 } | 200 } |
219 | 201 |
220 db_->Preload(); | 202 db_->Preload(); |
221 | 203 |
222 // Slurp all the certs into the out-vector. | 204 // Slurp all the certs into the out-vector. |
223 sql::Statement smt(db_->GetUniqueStatement( | 205 sql::Statement smt(db_->GetUniqueStatement( |
224 "SELECT origin, private_key, cert, cert_type, expiration_time, " | 206 "SELECT host, private_key, public_key, creation_time FROM channel_id")); |
225 "creation_time FROM origin_bound_certs")); | |
226 if (!smt.is_valid()) { | 207 if (!smt.is_valid()) { |
227 if (corruption_detected_) | 208 if (corruption_detected_) |
228 KillDatabase(); | 209 KillDatabase(); |
229 meta_table_.Reset(); | 210 meta_table_.Reset(); |
230 db_.reset(); | 211 db_.reset(); |
231 return; | 212 return; |
232 } | 213 } |
233 | 214 |
234 while (smt.Step()) { | 215 while (smt.Step()) { |
235 SSLClientCertType type = static_cast<SSLClientCertType>(smt.ColumnInt(3)); | 216 std::vector<uint8> private_key_from_db, public_key_from_db; |
236 if (type != CLIENT_CERT_ECDSA_SIGN) | 217 smt.ColumnBlobAsVector(1, &private_key_from_db); |
218 smt.ColumnBlobAsVector(2, &public_key_from_db); | |
219 scoped_ptr<crypto::ECPrivateKey> key( | |
220 crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( | |
221 ChannelIDService::kEPKIPassword, private_key_from_db, | |
222 public_key_from_db)); | |
223 if (!key) | |
237 continue; | 224 continue; |
238 std::string private_key_from_db, cert_from_db; | |
239 smt.ColumnBlobAsString(1, &private_key_from_db); | |
240 smt.ColumnBlobAsString(2, &cert_from_db); | |
241 scoped_ptr<DefaultChannelIDStore::ChannelID> channel_id( | 225 scoped_ptr<DefaultChannelIDStore::ChannelID> channel_id( |
242 new DefaultChannelIDStore::ChannelID( | 226 new DefaultChannelIDStore::ChannelID( |
243 smt.ColumnString(0), // origin | 227 smt.ColumnString(0), // host |
244 base::Time::FromInternalValue(smt.ColumnInt64(5)), | 228 base::Time::FromInternalValue(smt.ColumnInt64(3)), key.release())); |
mattm
2015/05/09 00:01:00
key is leaked
nharper
2015/05/11 21:26:43
Done.
| |
245 base::Time::FromInternalValue(smt.ColumnInt64(4)), | |
246 private_key_from_db, | |
247 cert_from_db)); | |
248 channel_ids->push_back(channel_id.release()); | 229 channel_ids->push_back(channel_id.release()); |
249 } | 230 } |
250 | 231 |
251 UMA_HISTOGRAM_COUNTS_10000( | 232 UMA_HISTOGRAM_COUNTS_10000( |
252 "DomainBoundCerts.DBLoadedCount", | 233 "DomainBoundCerts.DBLoadedCount", |
253 static_cast<base::HistogramBase::Sample>(channel_ids->size())); | 234 static_cast<base::HistogramBase::Sample>(channel_ids->size())); |
254 base::TimeDelta load_time = base::TimeTicks::Now() - start; | 235 base::TimeDelta load_time = base::TimeTicks::Now() - start; |
255 UMA_HISTOGRAM_CUSTOM_TIMES("DomainBoundCerts.DBLoadTime", | 236 UMA_HISTOGRAM_CUSTOM_TIMES("DomainBoundCerts.DBLoadTime", |
256 load_time, | 237 load_time, |
257 base::TimeDelta::FromMilliseconds(1), | 238 base::TimeDelta::FromMilliseconds(1), |
258 base::TimeDelta::FromMinutes(1), | 239 base::TimeDelta::FromMinutes(1), |
259 50); | 240 50); |
260 DVLOG(1) << "loaded " << channel_ids->size() << " in " | 241 DVLOG(1) << "loaded " << channel_ids->size() << " in " |
261 << load_time.InMilliseconds() << " ms"; | 242 << load_time.InMilliseconds() << " ms"; |
262 } | 243 } |
263 | 244 |
264 bool SQLiteChannelIDStore::Backend::EnsureDatabaseVersion() { | 245 bool SQLiteChannelIDStore::Backend::EnsureDatabaseVersion() { |
265 // Version check. | 246 // Version check. |
266 if (!meta_table_.Init( | 247 if (!meta_table_.Init( |
267 db_.get(), kCurrentVersionNumber, kCompatibleVersionNumber)) { | 248 db_.get(), kCurrentVersionNumber, kCompatibleVersionNumber)) { |
268 return false; | 249 return false; |
269 } | 250 } |
270 | 251 |
271 if (meta_table_.GetCompatibleVersionNumber() > kCurrentVersionNumber) { | 252 if (meta_table_.GetCompatibleVersionNumber() > kCurrentVersionNumber) { |
272 LOG(WARNING) << "Server bound cert database is too new."; | 253 LOG(WARNING) << "Server bound cert database is too new."; |
273 return false; | 254 return false; |
274 } | 255 } |
275 | 256 |
276 int cur_version = meta_table_.GetVersionNumber(); | 257 int cur_version = meta_table_.GetVersionNumber(); |
277 if (cur_version == 1) { | 258 |
278 sql::Transaction transaction(db_.get()); | 259 sql::Transaction transaction(db_.get()); |
279 if (!transaction.Begin()) | 260 if (!transaction.Begin()) |
280 return false; | 261 return false; |
262 | |
263 // Create new table if it doesn't already exist | |
264 if (!db_->DoesTableExist("channel_id")) { | |
281 if (!db_->Execute( | 265 if (!db_->Execute( |
282 "ALTER TABLE origin_bound_certs ADD COLUMN cert_type " | 266 "CREATE TABLE channel_id (" |
283 "INTEGER")) { | 267 "host TEXT NOT NULL UNIQUE PRIMARY KEY," |
284 LOG(WARNING) << "Unable to update server bound cert database to " | 268 "private_key BLOB NOT NULL," |
285 << "version 2."; | 269 "public_key BLOB NOT NULL," |
270 "creation_time INTEGER)")) { | |
286 return false; | 271 return false; |
287 } | 272 } |
288 // All certs in version 1 database are rsa_sign, which are unsupported. | |
289 // Just discard them all. | |
290 if (!db_->Execute("DELETE from origin_bound_certs")) { | |
291 LOG(WARNING) << "Unable to update server bound cert database to " | |
292 << "version 2."; | |
293 return false; | |
294 } | |
295 ++cur_version; | |
296 meta_table_.SetVersionNumber(cur_version); | |
297 meta_table_.SetCompatibleVersionNumber( | |
298 std::min(cur_version, kCompatibleVersionNumber)); | |
299 transaction.Commit(); | |
300 } | 273 } |
301 | 274 |
302 if (cur_version <= 3) { | 275 // Migrate from previous versions to new version if possible |
303 sql::Transaction transaction(db_.get()); | 276 if (cur_version >= 2 && cur_version <= 4) { |
304 if (!transaction.Begin()) | 277 sql::Statement statement(db_->GetUniqueStatement( |
305 return false; | 278 "SELECT origin, cert, private_key, cert_type FROM origin_bound_certs")); |
306 | 279 sql::Statement insert_statement(db_->GetUniqueStatement( |
307 if (cur_version == 2) { | 280 "INSERT INTO channel_id (host, private_key, public_key, creation_time) " |
308 if (!db_->Execute( | 281 "VALUES (?, ?, ?, ?)")); |
309 "ALTER TABLE origin_bound_certs ADD COLUMN " | 282 if (!statement.is_valid() || !insert_statement.is_valid()) { |
310 "expiration_time INTEGER")) { | |
311 LOG(WARNING) << "Unable to update server bound cert database to " | |
312 << "version 4."; | |
313 return false; | |
314 } | |
315 } | |
316 | |
317 if (!db_->Execute( | |
318 "ALTER TABLE origin_bound_certs ADD COLUMN " | |
319 "creation_time INTEGER")) { | |
320 LOG(WARNING) << "Unable to update server bound cert database to " | 283 LOG(WARNING) << "Unable to update server bound cert database to " |
321 << "version 4."; | 284 << "version 5."; |
322 return false; | 285 return false; |
323 } | 286 } |
324 | 287 |
325 sql::Statement statement( | |
326 db_->GetUniqueStatement("SELECT origin, cert FROM origin_bound_certs")); | |
327 sql::Statement update_expires_statement(db_->GetUniqueStatement( | |
328 "UPDATE origin_bound_certs SET expiration_time = ? WHERE origin = ?")); | |
329 sql::Statement update_creation_statement(db_->GetUniqueStatement( | |
330 "UPDATE origin_bound_certs SET creation_time = ? WHERE origin = ?")); | |
331 if (!statement.is_valid() || !update_expires_statement.is_valid() || | |
332 !update_creation_statement.is_valid()) { | |
333 LOG(WARNING) << "Unable to update server bound cert database to " | |
334 << "version 4."; | |
335 return false; | |
336 } | |
337 | |
338 while (statement.Step()) { | 288 while (statement.Step()) { |
339 std::string origin = statement.ColumnString(0); | 289 std::string origin = statement.ColumnString(0); |
340 std::string cert_from_db; | 290 std::string cert_from_db; |
341 statement.ColumnBlobAsString(1, &cert_from_db); | 291 statement.ColumnBlobAsString(1, &cert_from_db); |
292 std::string private_key; | |
293 statement.ColumnBlobAsString(2, &private_key); | |
294 if (statement.ColumnInt64(3) != CLIENT_CERT_ECDSA_SIGN) | |
295 continue; | |
342 // Parse the cert and extract the real value and then update the DB. | 296 // Parse the cert and extract the real value and then update the DB. |
343 scoped_refptr<X509Certificate> cert(X509Certificate::CreateFromBytes( | 297 scoped_refptr<X509Certificate> cert(X509Certificate::CreateFromBytes( |
344 cert_from_db.data(), static_cast<int>(cert_from_db.size()))); | 298 cert_from_db.data(), static_cast<int>(cert_from_db.size()))); |
345 if (cert.get()) { | 299 if (cert.get()) { |
346 if (cur_version == 2) { | 300 insert_statement.Reset(true); |
347 update_expires_statement.Reset(true); | 301 insert_statement.BindString(0, origin); |
348 update_expires_statement.BindInt64( | 302 insert_statement.BindBlob(1, private_key.data(), |
349 0, cert->valid_expiry().ToInternalValue()); | 303 static_cast<int>(private_key.size())); |
350 update_expires_statement.BindString(1, origin); | 304 base::StringPiece spki; |
351 if (!update_expires_statement.Run()) { | 305 if (!asn1::ExtractSPKIFromDERCert(cert_from_db, &spki)) { |
352 LOG(WARNING) << "Unable to update server bound cert database to " | 306 LOG(WARNING) << "Unable to extract SPKI from cert when migrating " |
353 << "version 4."; | 307 "channel id database to version 5."; |
354 return false; | 308 return false; |
355 } | |
356 } | 309 } |
357 | 310 insert_statement.BindBlob(2, spki.data(), spki.size()); |
358 update_creation_statement.Reset(true); | 311 insert_statement.BindInt64(3, cert->valid_start().ToInternalValue()); |
359 update_creation_statement.BindInt64( | 312 if (!insert_statement.Run()) { |
360 0, cert->valid_start().ToInternalValue()); | 313 LOG(WARNING) << "Unable to update channel id database to " |
361 update_creation_statement.BindString(1, origin); | 314 << "version 5."; |
362 if (!update_creation_statement.Run()) { | |
363 LOG(WARNING) << "Unable to update server bound cert database to " | |
364 << "version 4."; | |
365 return false; | 315 return false; |
366 } | 316 } |
367 } else { | 317 } else { |
368 // If there's a cert we can't parse, just leave it. It'll get replaced | 318 // If there's a cert we can't parse, just leave it. It'll get replaced |
369 // with a new one if we ever try to use it. | 319 // with a new one if we ever try to use it. |
370 LOG(WARNING) << "Error parsing cert for database upgrade for origin " | 320 LOG(WARNING) << "Error parsing cert for database upgrade for origin " |
371 << statement.ColumnString(0); | 321 << statement.ColumnString(0); |
372 } | 322 } |
373 } | 323 } |
374 | |
375 cur_version = 4; | |
376 meta_table_.SetVersionNumber(cur_version); | |
377 meta_table_.SetCompatibleVersionNumber( | |
378 std::min(cur_version, kCompatibleVersionNumber)); | |
379 transaction.Commit(); | |
380 } | 324 } |
381 | 325 |
326 if (cur_version < kCurrentVersionNumber) { | |
327 sql::Statement statement( | |
328 db_->GetUniqueStatement("DROP TABLE origin_bound_certs")); | |
329 if (!statement.Run()) { | |
330 LOG(WARNING) << "Error dropping old origin_bound_certs table"; | |
331 return false; | |
332 } | |
333 meta_table_.SetVersionNumber(kCurrentVersionNumber); | |
334 meta_table_.SetCompatibleVersionNumber(kCompatibleVersionNumber); | |
335 } | |
336 transaction.Commit(); | |
337 | |
382 // Put future migration cases here. | 338 // Put future migration cases here. |
383 | 339 |
384 // When the version is too old, we just try to continue anyway, there should | |
385 // not be a released product that makes a database too old for us to handle. | |
386 LOG_IF(WARNING, cur_version < kCurrentVersionNumber) | |
387 << "Server bound cert database version " << cur_version | |
388 << " is too old to handle."; | |
389 | |
390 return true; | 340 return true; |
391 } | 341 } |
392 | 342 |
393 void SQLiteChannelIDStore::Backend::DatabaseErrorCallback( | 343 void SQLiteChannelIDStore::Backend::DatabaseErrorCallback( |
394 int error, | 344 int error, |
395 sql::Statement* stmt) { | 345 sql::Statement* stmt) { |
396 DCHECK(background_task_runner_->RunsTasksOnCurrentThread()); | 346 DCHECK(background_task_runner_->RunsTasksOnCurrentThread()); |
397 | 347 |
398 if (!sql::IsErrorCatastrophic(error)) | 348 if (!sql::IsErrorCatastrophic(error)) |
399 return; | 349 return; |
(...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
486 pending_.swap(ops); | 436 pending_.swap(ops); |
487 num_pending_ = 0; | 437 num_pending_ = 0; |
488 } | 438 } |
489 | 439 |
490 // Maybe an old timer fired or we are already Close()'ed. | 440 // Maybe an old timer fired or we are already Close()'ed. |
491 if (!db_.get() || ops.empty()) | 441 if (!db_.get() || ops.empty()) |
492 return; | 442 return; |
493 | 443 |
494 sql::Statement add_statement(db_->GetCachedStatement( | 444 sql::Statement add_statement(db_->GetCachedStatement( |
495 SQL_FROM_HERE, | 445 SQL_FROM_HERE, |
496 "INSERT INTO origin_bound_certs (origin, private_key, cert, cert_type, " | 446 "INSERT INTO channel_id (host, private_key, public_key, " |
497 "expiration_time, creation_time) VALUES (?,?,?,?,?,?)")); | 447 "creation_time) VALUES (?,?,?,?)")); |
498 if (!add_statement.is_valid()) | 448 if (!add_statement.is_valid()) |
499 return; | 449 return; |
500 | 450 |
501 sql::Statement del_statement(db_->GetCachedStatement( | 451 sql::Statement del_statement(db_->GetCachedStatement( |
502 SQL_FROM_HERE, "DELETE FROM origin_bound_certs WHERE origin=?")); | 452 SQL_FROM_HERE, "DELETE FROM channel_id WHERE host=?")); |
503 if (!del_statement.is_valid()) | 453 if (!del_statement.is_valid()) |
504 return; | 454 return; |
505 | 455 |
506 sql::Transaction transaction(db_.get()); | 456 sql::Transaction transaction(db_.get()); |
507 if (!transaction.Begin()) | 457 if (!transaction.Begin()) |
508 return; | 458 return; |
509 | 459 |
510 for (PendingOperationsList::iterator it = ops.begin(); it != ops.end(); | 460 for (PendingOperationsList::iterator it = ops.begin(); it != ops.end(); |
511 ++it) { | 461 ++it) { |
512 // Free the certs as we commit them to the database. | 462 // Free the certs as we commit them to the database. |
513 scoped_ptr<PendingOperation> po(*it); | 463 scoped_ptr<PendingOperation> po(*it); |
514 switch (po->op()) { | 464 switch (po->op()) { |
515 case PendingOperation::CHANNEL_ID_ADD: { | 465 case PendingOperation::CHANNEL_ID_ADD: { |
516 add_statement.Reset(true); | 466 add_statement.Reset(true); |
517 add_statement.BindString(0, po->channel_id().server_identifier()); | 467 add_statement.BindString(0, po->channel_id().server_identifier()); |
518 const std::string& private_key = po->channel_id().private_key(); | 468 std::vector<uint8> private_key, public_key; |
469 if (!po->channel_id().key()->ExportEncryptedPrivateKey( | |
470 ChannelIDService::kEPKIPassword, 1, &private_key)) | |
471 continue; | |
472 if (!po->channel_id().key()->ExportPublicKey(&public_key)) | |
473 continue; | |
519 add_statement.BindBlob( | 474 add_statement.BindBlob( |
520 1, private_key.data(), static_cast<int>(private_key.size())); | 475 1, private_key.data(), static_cast<int>(private_key.size())); |
521 const std::string& cert = po->channel_id().cert(); | 476 add_statement.BindBlob(2, public_key.data(), |
522 add_statement.BindBlob(2, cert.data(), static_cast<int>(cert.size())); | 477 static_cast<int>(public_key.size())); |
523 add_statement.BindInt(3, CLIENT_CERT_ECDSA_SIGN); | |
524 add_statement.BindInt64( | 478 add_statement.BindInt64( |
525 4, po->channel_id().expiration_time().ToInternalValue()); | 479 3, po->channel_id().creation_time().ToInternalValue()); |
526 add_statement.BindInt64( | |
527 5, po->channel_id().creation_time().ToInternalValue()); | |
528 if (!add_statement.Run()) | 480 if (!add_statement.Run()) |
529 NOTREACHED() << "Could not add a server bound cert to the DB."; | 481 NOTREACHED() << "Could not add a server bound cert to the DB."; |
530 break; | 482 break; |
531 } | 483 } |
532 case PendingOperation::CHANNEL_ID_DELETE: | 484 case PendingOperation::CHANNEL_ID_DELETE: |
533 del_statement.Reset(true); | 485 del_statement.Reset(true); |
534 del_statement.BindString(0, po->channel_id().server_identifier()); | 486 del_statement.BindString(0, po->channel_id().server_identifier()); |
535 if (!del_statement.Run()) | 487 if (!del_statement.Run()) |
536 NOTREACHED() << "Could not delete a server bound cert from the DB."; | 488 NOTREACHED() << "Could not delete a server bound cert from the DB."; |
537 break; | 489 break; |
(...skipping 23 matching lines...) Expand all Loading... | |
561 } | 513 } |
562 | 514 |
563 void SQLiteChannelIDStore::Backend::BackgroundDeleteAllInList( | 515 void SQLiteChannelIDStore::Backend::BackgroundDeleteAllInList( |
564 const std::list<std::string>& server_identifiers) { | 516 const std::list<std::string>& server_identifiers) { |
565 DCHECK(background_task_runner_->RunsTasksOnCurrentThread()); | 517 DCHECK(background_task_runner_->RunsTasksOnCurrentThread()); |
566 | 518 |
567 if (!db_.get()) | 519 if (!db_.get()) |
568 return; | 520 return; |
569 | 521 |
570 sql::Statement del_smt(db_->GetCachedStatement( | 522 sql::Statement del_smt(db_->GetCachedStatement( |
571 SQL_FROM_HERE, "DELETE FROM origin_bound_certs WHERE origin=?")); | 523 SQL_FROM_HERE, "DELETE FROM channel_id WHERE host=?")); |
572 if (!del_smt.is_valid()) { | 524 if (!del_smt.is_valid()) { |
573 LOG(WARNING) << "Unable to delete channel ids."; | 525 LOG(WARNING) << "Unable to delete channel ids."; |
574 return; | 526 return; |
575 } | 527 } |
576 | 528 |
577 sql::Transaction transaction(db_.get()); | 529 sql::Transaction transaction(db_.get()); |
578 if (!transaction.Begin()) { | 530 if (!transaction.Begin()) { |
579 LOG(WARNING) << "Unable to delete channel ids."; | 531 LOG(WARNING) << "Unable to delete channel ids."; |
580 return; | 532 return; |
581 } | 533 } |
(...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
627 backend_->SetForceKeepSessionState(); | 579 backend_->SetForceKeepSessionState(); |
628 } | 580 } |
629 | 581 |
630 SQLiteChannelIDStore::~SQLiteChannelIDStore() { | 582 SQLiteChannelIDStore::~SQLiteChannelIDStore() { |
631 backend_->Close(); | 583 backend_->Close(); |
632 // We release our reference to the Backend, though it will probably still have | 584 // We release our reference to the Backend, though it will probably still have |
633 // a reference if the background task runner has not run Close() yet. | 585 // a reference if the background task runner has not run Close() yet. |
634 } | 586 } |
635 | 587 |
636 } // namespace net | 588 } // namespace net |
OLD | NEW |