OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/extras/sqlite/sqlite_channel_id_store.h" | 5 #include "net/extras/sqlite/sqlite_channel_id_store.h" |
6 | 6 |
7 #include <set> | 7 #include <set> |
8 | 8 |
9 #include "base/basictypes.h" | 9 #include "base/basictypes.h" |
10 #include "base/bind.h" | 10 #include "base/bind.h" |
11 #include "base/files/file_path.h" | 11 #include "base/files/file_path.h" |
12 #include "base/files/file_util.h" | 12 #include "base/files/file_util.h" |
13 #include "base/location.h" | 13 #include "base/location.h" |
14 #include "base/logging.h" | 14 #include "base/logging.h" |
15 #include "base/memory/scoped_ptr.h" | 15 #include "base/memory/scoped_ptr.h" |
16 #include "base/memory/scoped_vector.h" | 16 #include "base/memory/scoped_vector.h" |
17 #include "base/metrics/histogram.h" | 17 #include "base/metrics/histogram.h" |
18 #include "base/sequenced_task_runner.h" | 18 #include "base/sequenced_task_runner.h" |
19 #include "base/strings/string_util.h" | 19 #include "base/strings/string_util.h" |
20 #include "net/cert/asn1_util.h" | |
20 #include "net/cert/x509_certificate.h" | 21 #include "net/cert/x509_certificate.h" |
21 #include "net/cookies/cookie_util.h" | 22 #include "net/cookies/cookie_util.h" |
22 #include "net/ssl/ssl_client_cert_type.h" | 23 #include "net/ssl/ssl_client_cert_type.h" |
23 #include "sql/error_delegate_util.h" | 24 #include "sql/error_delegate_util.h" |
24 #include "sql/meta_table.h" | 25 #include "sql/meta_table.h" |
25 #include "sql/statement.h" | 26 #include "sql/statement.h" |
26 #include "sql/transaction.h" | 27 #include "sql/transaction.h" |
27 #include "url/gurl.h" | 28 #include "url/gurl.h" |
28 | 29 |
29 namespace { | 30 namespace { |
30 | 31 |
31 // Version number of the database. | 32 // Version number of the database. |
32 const int kCurrentVersionNumber = 4; | 33 const int kCurrentVersionNumber = 5; |
33 const int kCompatibleVersionNumber = 1; | 34 const int kCompatibleVersionNumber = 1; |
34 | 35 |
35 // Initializes the certs table, returning true on success. | |
36 bool InitTable(sql::Connection* db) { | |
37 // The table is named "origin_bound_certs" for backwards compatability before | |
38 // we renamed this class to SQLiteChannelIDStore. Likewise, the primary | |
39 // key is "origin", but now can be other things like a plain domain. | |
40 if (!db->DoesTableExist("origin_bound_certs")) { | |
41 if (!db->Execute( | |
42 "CREATE TABLE origin_bound_certs (" | |
43 "origin TEXT NOT NULL UNIQUE PRIMARY KEY," | |
44 "private_key BLOB NOT NULL," | |
45 "cert BLOB NOT NULL," | |
46 "cert_type INTEGER," | |
47 "expiration_time INTEGER," | |
48 "creation_time INTEGER)")) { | |
49 return false; | |
50 } | |
51 } | |
52 | |
53 return true; | |
54 } | |
55 | |
56 } // namespace | 36 } // namespace |
57 | 37 |
58 namespace net { | 38 namespace net { |
59 | 39 |
60 // This class is designed to be shared between any calling threads and the | 40 // This class is designed to be shared between any calling threads and the |
61 // background task runner. It batches operations and commits them on a timer. | 41 // background task runner. It batches operations and commits them on a timer. |
62 class SQLiteChannelIDStore::Backend | 42 class SQLiteChannelIDStore::Backend |
63 : public base::RefCountedThreadSafe<SQLiteChannelIDStore::Backend> { | 43 : public base::RefCountedThreadSafe<SQLiteChannelIDStore::Backend> { |
64 public: | 44 public: |
65 Backend( | 45 Backend( |
(...skipping 135 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
201 base::Unretained(this))); | 181 base::Unretained(this))); |
202 | 182 |
203 if (!db_->Open(path_)) { | 183 if (!db_->Open(path_)) { |
204 NOTREACHED() << "Unable to open cert DB."; | 184 NOTREACHED() << "Unable to open cert DB."; |
205 if (corruption_detected_) | 185 if (corruption_detected_) |
206 KillDatabase(); | 186 KillDatabase(); |
207 db_.reset(); | 187 db_.reset(); |
208 return; | 188 return; |
209 } | 189 } |
210 | 190 |
211 if (!EnsureDatabaseVersion() || !InitTable(db_.get())) { | 191 if (!EnsureDatabaseVersion()) { |
212 NOTREACHED() << "Unable to open cert DB."; | 192 NOTREACHED() << "Unable to open cert DB."; |
213 if (corruption_detected_) | 193 if (corruption_detected_) |
214 KillDatabase(); | 194 KillDatabase(); |
215 meta_table_.Reset(); | 195 meta_table_.Reset(); |
216 db_.reset(); | 196 db_.reset(); |
217 return; | 197 return; |
218 } | 198 } |
219 | 199 |
220 db_->Preload(); | 200 db_->Preload(); |
221 | 201 |
222 // Slurp all the certs into the out-vector. | 202 // Slurp all the certs into the out-vector. |
223 sql::Statement smt(db_->GetUniqueStatement( | 203 sql::Statement smt(db_->GetUniqueStatement( |
224 "SELECT origin, private_key, cert, cert_type, expiration_time, " | 204 "SELECT host, private_key, public_key, creation_time FROM channel_id")); |
225 "creation_time FROM origin_bound_certs")); | |
226 if (!smt.is_valid()) { | 205 if (!smt.is_valid()) { |
227 if (corruption_detected_) | 206 if (corruption_detected_) |
228 KillDatabase(); | 207 KillDatabase(); |
229 meta_table_.Reset(); | 208 meta_table_.Reset(); |
230 db_.reset(); | 209 db_.reset(); |
231 return; | 210 return; |
232 } | 211 } |
233 | 212 |
234 while (smt.Step()) { | 213 while (smt.Step()) { |
235 SSLClientCertType type = static_cast<SSLClientCertType>(smt.ColumnInt(3)); | 214 std::string private_key_from_db, public_key_from_db; |
236 if (type != CLIENT_CERT_ECDSA_SIGN) | |
237 continue; | |
238 std::string private_key_from_db, cert_from_db; | |
239 smt.ColumnBlobAsString(1, &private_key_from_db); | 215 smt.ColumnBlobAsString(1, &private_key_from_db); |
240 smt.ColumnBlobAsString(2, &cert_from_db); | 216 smt.ColumnBlobAsString(2, &public_key_from_db); |
241 scoped_ptr<DefaultChannelIDStore::ChannelID> channel_id( | 217 scoped_ptr<DefaultChannelIDStore::ChannelID> channel_id( |
242 new DefaultChannelIDStore::ChannelID( | 218 new DefaultChannelIDStore::ChannelID( |
243 smt.ColumnString(0), // origin | 219 smt.ColumnString(0), // host |
244 base::Time::FromInternalValue(smt.ColumnInt64(5)), | 220 base::Time::FromInternalValue(smt.ColumnInt64(3)), |
245 base::Time::FromInternalValue(smt.ColumnInt64(4)), | 221 private_key_from_db, public_key_from_db)); |
246 private_key_from_db, | |
247 cert_from_db)); | |
248 channel_ids->push_back(channel_id.release()); | 222 channel_ids->push_back(channel_id.release()); |
249 } | 223 } |
250 | 224 |
251 UMA_HISTOGRAM_COUNTS_10000( | 225 UMA_HISTOGRAM_COUNTS_10000( |
252 "DomainBoundCerts.DBLoadedCount", | 226 "DomainBoundCerts.DBLoadedCount", |
253 static_cast<base::HistogramBase::Sample>(channel_ids->size())); | 227 static_cast<base::HistogramBase::Sample>(channel_ids->size())); |
254 base::TimeDelta load_time = base::TimeTicks::Now() - start; | 228 base::TimeDelta load_time = base::TimeTicks::Now() - start; |
255 UMA_HISTOGRAM_CUSTOM_TIMES("DomainBoundCerts.DBLoadTime", | 229 UMA_HISTOGRAM_CUSTOM_TIMES("DomainBoundCerts.DBLoadTime", |
256 load_time, | 230 load_time, |
257 base::TimeDelta::FromMilliseconds(1), | 231 base::TimeDelta::FromMilliseconds(1), |
258 base::TimeDelta::FromMinutes(1), | 232 base::TimeDelta::FromMinutes(1), |
259 50); | 233 50); |
260 DVLOG(1) << "loaded " << channel_ids->size() << " in " | 234 DVLOG(1) << "loaded " << channel_ids->size() << " in " |
261 << load_time.InMilliseconds() << " ms"; | 235 << load_time.InMilliseconds() << " ms"; |
262 } | 236 } |
263 | 237 |
264 bool SQLiteChannelIDStore::Backend::EnsureDatabaseVersion() { | 238 bool SQLiteChannelIDStore::Backend::EnsureDatabaseVersion() { |
265 // Version check. | 239 // Version check. |
266 if (!meta_table_.Init( | 240 if (!meta_table_.Init( |
267 db_.get(), kCurrentVersionNumber, kCompatibleVersionNumber)) { | 241 db_.get(), kCurrentVersionNumber, kCompatibleVersionNumber)) { |
268 return false; | 242 return false; |
269 } | 243 } |
270 | 244 |
271 if (meta_table_.GetCompatibleVersionNumber() > kCurrentVersionNumber) { | 245 if (meta_table_.GetCompatibleVersionNumber() > kCurrentVersionNumber) { |
272 LOG(WARNING) << "Server bound cert database is too new."; | 246 LOG(WARNING) << "Server bound cert database is too new."; |
273 return false; | 247 return false; |
274 } | 248 } |
275 | 249 |
276 int cur_version = meta_table_.GetVersionNumber(); | 250 int cur_version = meta_table_.GetVersionNumber(); |
277 if (cur_version == 1) { | 251 |
278 sql::Transaction transaction(db_.get()); | 252 sql::Transaction transaction(db_.get()); |
279 if (!transaction.Begin()) | 253 if (!transaction.Begin()) |
280 return false; | 254 return false; |
255 | |
256 // Create new table if it doesn't already exist | |
257 if (!db_->DoesTableExist("channel_id")) { | |
281 if (!db_->Execute( | 258 if (!db_->Execute( |
282 "ALTER TABLE origin_bound_certs ADD COLUMN cert_type " | 259 "CREATE TABLE channel_id (" |
283 "INTEGER")) { | 260 "host TEXT NOT NULL UNIQUE PRIMARY KEY," |
284 LOG(WARNING) << "Unable to update server bound cert database to " | 261 "private_key BLOB NOT NULL," |
285 << "version 2."; | 262 "public_key BLOB NOT NULL," |
263 "creation_time INTEGER)")) { | |
286 return false; | 264 return false; |
287 } | 265 } |
288 // All certs in version 1 database are rsa_sign, which are unsupported. | |
289 // Just discard them all. | |
290 if (!db_->Execute("DELETE from origin_bound_certs")) { | |
291 LOG(WARNING) << "Unable to update server bound cert database to " | |
292 << "version 2."; | |
293 return false; | |
294 } | |
295 ++cur_version; | |
296 meta_table_.SetVersionNumber(cur_version); | |
297 meta_table_.SetCompatibleVersionNumber( | |
298 std::min(cur_version, kCompatibleVersionNumber)); | |
299 transaction.Commit(); | |
300 } | 266 } |
301 | 267 |
302 if (cur_version <= 3) { | 268 // Migrate from previous versions to new version if possible |
303 sql::Transaction transaction(db_.get()); | 269 if (cur_version >= 2 && cur_version <= 4) { |
304 if (!transaction.Begin()) | 270 sql::Statement statement(db_->GetUniqueStatement( |
305 return false; | 271 "SELECT origin, cert, private_key, cert_type FROM origin_bound_certs")); |
306 | 272 sql::Statement insert_statement( |
307 if (cur_version == 2) { | 273 db_->GetUniqueStatement("INSERT INTO channel_id VALUES (?, ?, ?, ?)")); |
Ryan Sleevi
2015/04/15 22:50:02
Recommendation: Make the column names explicit
IN
nharper
2015/04/25 02:59:19
Done.
| |
308 if (!db_->Execute( | 274 if (!statement.is_valid() || !insert_statement.is_valid()) { |
309 "ALTER TABLE origin_bound_certs ADD COLUMN " | |
310 "expiration_time INTEGER")) { | |
311 LOG(WARNING) << "Unable to update server bound cert database to " | |
312 << "version 4."; | |
313 return false; | |
314 } | |
315 } | |
316 | |
317 if (!db_->Execute( | |
318 "ALTER TABLE origin_bound_certs ADD COLUMN " | |
319 "creation_time INTEGER")) { | |
320 LOG(WARNING) << "Unable to update server bound cert database to " | 275 LOG(WARNING) << "Unable to update server bound cert database to " |
321 << "version 4."; | 276 << "version 5."; |
322 return false; | 277 return false; |
323 } | 278 } |
324 | 279 |
325 sql::Statement statement( | |
326 db_->GetUniqueStatement("SELECT origin, cert FROM origin_bound_certs")); | |
327 sql::Statement update_expires_statement(db_->GetUniqueStatement( | |
328 "UPDATE origin_bound_certs SET expiration_time = ? WHERE origin = ?")); | |
329 sql::Statement update_creation_statement(db_->GetUniqueStatement( | |
330 "UPDATE origin_bound_certs SET creation_time = ? WHERE origin = ?")); | |
331 if (!statement.is_valid() || !update_expires_statement.is_valid() || | |
332 !update_creation_statement.is_valid()) { | |
333 LOG(WARNING) << "Unable to update server bound cert database to " | |
334 << "version 4."; | |
335 return false; | |
336 } | |
337 | |
338 while (statement.Step()) { | 280 while (statement.Step()) { |
339 std::string origin = statement.ColumnString(0); | 281 std::string origin = statement.ColumnString(0); |
340 std::string cert_from_db; | 282 std::string cert_from_db; |
341 statement.ColumnBlobAsString(1, &cert_from_db); | 283 statement.ColumnBlobAsString(1, &cert_from_db); |
284 std::string private_key; | |
285 statement.ColumnBlobAsString(2, &private_key); | |
286 if (statement.ColumnInt64(3) != CLIENT_CERT_ECDSA_SIGN) { | |
287 continue; | |
288 } | |
Ryan Sleevi
2015/04/15 22:50:02
No braces for one-line conditionals, right?
nharper
2015/04/25 02:59:19
Done.
| |
342 // Parse the cert and extract the real value and then update the DB. | 289 // Parse the cert and extract the real value and then update the DB. |
343 scoped_refptr<X509Certificate> cert(X509Certificate::CreateFromBytes( | 290 scoped_refptr<X509Certificate> cert(X509Certificate::CreateFromBytes( |
344 cert_from_db.data(), static_cast<int>(cert_from_db.size()))); | 291 cert_from_db.data(), static_cast<int>(cert_from_db.size()))); |
345 if (cert.get()) { | 292 if (cert.get()) { |
346 if (cur_version == 2) { | 293 insert_statement.Reset(true); |
347 update_expires_statement.Reset(true); | 294 insert_statement.BindString(0, origin); |
348 update_expires_statement.BindInt64( | 295 insert_statement.BindBlob(1, private_key.data(), |
349 0, cert->valid_expiry().ToInternalValue()); | 296 static_cast<int>(private_key.size())); |
350 update_expires_statement.BindString(1, origin); | 297 base::StringPiece spki; |
351 if (!update_expires_statement.Run()) { | 298 if (!asn1::ExtractSPKIFromDERCert(cert_from_db, &spki)) { |
352 LOG(WARNING) << "Unable to update server bound cert database to " | 299 LOG(WARNING) << "Unable to extract SPKI from cert when migrating " |
353 << "version 4."; | 300 "channel id database to version 5."; |
354 return false; | 301 return false; |
Ryan Sleevi
2015/04/15 22:50:02
Is this correct? Should you skip that channel ID i
nharper
2015/04/25 02:59:19
The thought here is that the db should only contai
| |
355 } | |
356 } | 302 } |
357 | 303 insert_statement.BindBlob(2, spki.data(), spki.size()); |
Ryan Sleevi
2015/04/15 22:50:02
In the other cases, you cast to an int. Why do you
nharper
2015/04/25 02:59:19
I don't know why other places cast to an int - pre
| |
358 update_creation_statement.Reset(true); | 304 insert_statement.BindInt64(3, cert->valid_start().ToInternalValue()); |
359 update_creation_statement.BindInt64( | 305 if (!insert_statement.Run()) { |
360 0, cert->valid_start().ToInternalValue()); | 306 LOG(WARNING) << "Unable to update channel id database to " |
361 update_creation_statement.BindString(1, origin); | 307 << "version 5."; |
362 if (!update_creation_statement.Run()) { | |
363 LOG(WARNING) << "Unable to update server bound cert database to " | |
364 << "version 4."; | |
365 return false; | 308 return false; |
366 } | 309 } |
367 } else { | 310 } else { |
368 // If there's a cert we can't parse, just leave it. It'll get replaced | 311 // If there's a cert we can't parse, just leave it. It'll get replaced |
369 // with a new one if we ever try to use it. | 312 // with a new one if we ever try to use it. |
370 LOG(WARNING) << "Error parsing cert for database upgrade for origin " | 313 LOG(WARNING) << "Error parsing cert for database upgrade for origin " |
371 << statement.ColumnString(0); | 314 << statement.ColumnString(0); |
372 } | 315 } |
373 } | 316 } |
374 | |
375 cur_version = 4; | |
376 meta_table_.SetVersionNumber(cur_version); | |
377 meta_table_.SetCompatibleVersionNumber( | |
378 std::min(cur_version, kCompatibleVersionNumber)); | |
379 transaction.Commit(); | |
380 } | 317 } |
381 | 318 |
319 if (cur_version < kCurrentVersionNumber) { | |
320 sql::Statement statement( | |
321 db_->GetUniqueStatement("DROP TABLE origin_bound_certs")); | |
322 if (!statement.Run()) { | |
323 LOG(WARNING) << "Error dropping old origin_bound_certs table"; | |
324 return false; | |
325 } | |
326 meta_table_.SetVersionNumber(kCurrentVersionNumber); | |
327 meta_table_.SetCompatibleVersionNumber(kCurrentVersionNumber); | |
Ryan Sleevi
2015/04/15 22:50:02
Just confirming - these are part of part of the tr
nharper
2015/04/25 02:59:19
That's my intention and that's my understanding of
| |
328 } | |
329 transaction.Commit(); | |
330 | |
382 // Put future migration cases here. | 331 // Put future migration cases here. |
383 | 332 |
384 // When the version is too old, we just try to continue anyway, there should | |
385 // not be a released product that makes a database too old for us to handle. | |
386 LOG_IF(WARNING, cur_version < kCurrentVersionNumber) | |
Ryan Sleevi
2015/04/15 22:50:02
Why is this deleted?
nharper
2015/04/25 02:59:19
This check never would have fired earlier - it was
| |
387 << "Server bound cert database version " << cur_version | |
388 << " is too old to handle."; | |
389 | |
390 return true; | 333 return true; |
391 } | 334 } |
392 | 335 |
393 void SQLiteChannelIDStore::Backend::DatabaseErrorCallback( | 336 void SQLiteChannelIDStore::Backend::DatabaseErrorCallback( |
394 int error, | 337 int error, |
395 sql::Statement* stmt) { | 338 sql::Statement* stmt) { |
396 DCHECK(background_task_runner_->RunsTasksOnCurrentThread()); | 339 DCHECK(background_task_runner_->RunsTasksOnCurrentThread()); |
397 | 340 |
398 if (!sql::IsErrorCatastrophic(error)) | 341 if (!sql::IsErrorCatastrophic(error)) |
399 return; | 342 return; |
(...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
486 pending_.swap(ops); | 429 pending_.swap(ops); |
487 num_pending_ = 0; | 430 num_pending_ = 0; |
488 } | 431 } |
489 | 432 |
490 // Maybe an old timer fired or we are already Close()'ed. | 433 // Maybe an old timer fired or we are already Close()'ed. |
491 if (!db_.get() || ops.empty()) | 434 if (!db_.get() || ops.empty()) |
492 return; | 435 return; |
493 | 436 |
494 sql::Statement add_statement(db_->GetCachedStatement( | 437 sql::Statement add_statement(db_->GetCachedStatement( |
495 SQL_FROM_HERE, | 438 SQL_FROM_HERE, |
496 "INSERT INTO origin_bound_certs (origin, private_key, cert, cert_type, " | 439 "INSERT INTO channel_id (host, private_key, public_key, " |
497 "expiration_time, creation_time) VALUES (?,?,?,?,?,?)")); | 440 "creation_time) VALUES (?,?,?,?)")); |
498 if (!add_statement.is_valid()) | 441 if (!add_statement.is_valid()) |
499 return; | 442 return; |
500 | 443 |
501 sql::Statement del_statement(db_->GetCachedStatement( | 444 sql::Statement del_statement(db_->GetCachedStatement( |
502 SQL_FROM_HERE, "DELETE FROM origin_bound_certs WHERE origin=?")); | 445 SQL_FROM_HERE, "DELETE FROM channel_id WHERE host=?")); |
503 if (!del_statement.is_valid()) | 446 if (!del_statement.is_valid()) |
504 return; | 447 return; |
505 | 448 |
506 sql::Transaction transaction(db_.get()); | 449 sql::Transaction transaction(db_.get()); |
507 if (!transaction.Begin()) | 450 if (!transaction.Begin()) |
508 return; | 451 return; |
509 | 452 |
510 for (PendingOperationsList::iterator it = ops.begin(); it != ops.end(); | 453 for (PendingOperationsList::iterator it = ops.begin(); it != ops.end(); |
511 ++it) { | 454 ++it) { |
512 // Free the certs as we commit them to the database. | 455 // Free the certs as we commit them to the database. |
513 scoped_ptr<PendingOperation> po(*it); | 456 scoped_ptr<PendingOperation> po(*it); |
514 switch (po->op()) { | 457 switch (po->op()) { |
515 case PendingOperation::CHANNEL_ID_ADD: { | 458 case PendingOperation::CHANNEL_ID_ADD: { |
516 add_statement.Reset(true); | 459 add_statement.Reset(true); |
517 add_statement.BindString(0, po->channel_id().server_identifier()); | 460 add_statement.BindString(0, po->channel_id().server_identifier()); |
518 const std::string& private_key = po->channel_id().private_key(); | 461 const std::string& private_key = po->channel_id().private_key(); |
519 add_statement.BindBlob( | 462 add_statement.BindBlob( |
520 1, private_key.data(), static_cast<int>(private_key.size())); | 463 1, private_key.data(), static_cast<int>(private_key.size())); |
521 const std::string& cert = po->channel_id().cert(); | 464 const std::string& public_key = po->channel_id().public_key(); |
522 add_statement.BindBlob(2, cert.data(), static_cast<int>(cert.size())); | 465 add_statement.BindBlob(2, public_key.data(), |
523 add_statement.BindInt(3, CLIENT_CERT_ECDSA_SIGN); | 466 static_cast<int>(public_key.size())); |
524 add_statement.BindInt64( | 467 add_statement.BindInt64( |
525 4, po->channel_id().expiration_time().ToInternalValue()); | 468 3, po->channel_id().creation_time().ToInternalValue()); |
526 add_statement.BindInt64( | |
527 5, po->channel_id().creation_time().ToInternalValue()); | |
528 if (!add_statement.Run()) | 469 if (!add_statement.Run()) |
529 NOTREACHED() << "Could not add a server bound cert to the DB."; | 470 NOTREACHED() << "Could not add a server bound cert to the DB."; |
530 break; | 471 break; |
531 } | 472 } |
532 case PendingOperation::CHANNEL_ID_DELETE: | 473 case PendingOperation::CHANNEL_ID_DELETE: |
533 del_statement.Reset(true); | 474 del_statement.Reset(true); |
534 del_statement.BindString(0, po->channel_id().server_identifier()); | 475 del_statement.BindString(0, po->channel_id().server_identifier()); |
535 if (!del_statement.Run()) | 476 if (!del_statement.Run()) |
536 NOTREACHED() << "Could not delete a server bound cert from the DB."; | 477 NOTREACHED() << "Could not delete a server bound cert from the DB."; |
537 break; | 478 break; |
(...skipping 23 matching lines...) Expand all Loading... | |
561 } | 502 } |
562 | 503 |
563 void SQLiteChannelIDStore::Backend::BackgroundDeleteAllInList( | 504 void SQLiteChannelIDStore::Backend::BackgroundDeleteAllInList( |
564 const std::list<std::string>& server_identifiers) { | 505 const std::list<std::string>& server_identifiers) { |
565 DCHECK(background_task_runner_->RunsTasksOnCurrentThread()); | 506 DCHECK(background_task_runner_->RunsTasksOnCurrentThread()); |
566 | 507 |
567 if (!db_.get()) | 508 if (!db_.get()) |
568 return; | 509 return; |
569 | 510 |
570 sql::Statement del_smt(db_->GetCachedStatement( | 511 sql::Statement del_smt(db_->GetCachedStatement( |
571 SQL_FROM_HERE, "DELETE FROM origin_bound_certs WHERE origin=?")); | 512 SQL_FROM_HERE, "DELETE FROM channel_id WHERE host=?")); |
572 if (!del_smt.is_valid()) { | 513 if (!del_smt.is_valid()) { |
573 LOG(WARNING) << "Unable to delete channel ids."; | 514 LOG(WARNING) << "Unable to delete channel ids."; |
574 return; | 515 return; |
575 } | 516 } |
576 | 517 |
577 sql::Transaction transaction(db_.get()); | 518 sql::Transaction transaction(db_.get()); |
578 if (!transaction.Begin()) { | 519 if (!transaction.Begin()) { |
579 LOG(WARNING) << "Unable to delete channel ids."; | 520 LOG(WARNING) << "Unable to delete channel ids."; |
580 return; | 521 return; |
581 } | 522 } |
(...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
627 backend_->SetForceKeepSessionState(); | 568 backend_->SetForceKeepSessionState(); |
628 } | 569 } |
629 | 570 |
630 SQLiteChannelIDStore::~SQLiteChannelIDStore() { | 571 SQLiteChannelIDStore::~SQLiteChannelIDStore() { |
631 backend_->Close(); | 572 backend_->Close(); |
632 // We release our reference to the Backend, though it will probably still have | 573 // We release our reference to the Backend, though it will probably still have |
633 // a reference if the background task runner has not run Close() yet. | 574 // a reference if the background task runner has not run Close() yet. |
634 } | 575 } |
635 | 576 |
636 } // namespace net | 577 } // namespace net |
OLD | NEW |