net/cert/multi_threaded_cert_verifier.h - Issue 1115903002: Refactor the API for CertVerifier::Verify() and the implementation of MultiThreadedCertVerifier::Ver

Side by Side Diff: net/cert/multi_threaded_cert_verifier.h

Issue 1115903002: Refactor the API for CertVerifier::Verify() and the implementation of MultiThreadedCertVerifier::Ver (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: more chromeos stuff Created 5 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #ifndef NET_CERT_MULTI_THREADED_CERT_VERIFIER_H_	5 #ifndef NET_CERT_MULTI_THREADED_CERT_VERIFIER_H_

6 #define NET_CERT_MULTI_THREADED_CERT_VERIFIER_H_	6 #define NET_CERT_MULTI_THREADED_CERT_VERIFIER_H_

7	7

8 #include <map>	8 #include <set>

9 #include <string>	9 #include <string>

10 #include <vector>	10 #include <vector>

11	11

12 #include "base/basictypes.h"	12 #include "base/basictypes.h"

13 #include "base/gtest_prod_util.h"	13 #include "base/gtest_prod_util.h"

14 #include "base/memory/ref_counted.h"	14 #include "base/memory/ref_counted.h"

15 #include "base/threading/non_thread_safe.h"	15 #include "base/threading/non_thread_safe.h"

16 #include "net/base/completion_callback.h"	16 #include "net/base/completion_callback.h"

17 #include "net/base/expiring_cache.h"	17 #include "net/base/expiring_cache.h"

18 #include "net/base/hash_value.h"	18 #include "net/base/hash_value.h"

(...skipping 35 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
54 CertTrustAnchorProvider* trust_anchor_provider);	54 CertTrustAnchorProvider* trust_anchor_provider);

55	55

56 // CertVerifier implementation	56 // CertVerifier implementation

57 int Verify(X509Certificate* cert,	57 int Verify(X509Certificate* cert,

58 const std::string& hostname,	58 const std::string& hostname,

59 const std::string& ocsp_response,	59 const std::string& ocsp_response,

60 int flags,	60 int flags,

61 CRLSet* crl_set,	61 CRLSet* crl_set,

62 CertVerifyResult* verify_result,	62 CertVerifyResult* verify_result,

63 const CompletionCallback& callback,	63 const CompletionCallback& callback,

64 CertVerifier::RequestHandle* out_req,	64 scoped_ptr<Request>* out_req,

65 const BoundNetLog& net_log) override;	65 const BoundNetLog& net_log) override;

66	66

67 void CancelRequest(CertVerifier::RequestHandle req) override;

68

69 bool SupportsOCSPStapling() override;	67 bool SupportsOCSPStapling() override;

70	68

71 private:	69 private:

72 friend class CertVerifierWorker; // Calls HandleResult.	70 struct JobToRequestParamsComparator;

73 friend class CertVerifierRequest;	71 friend class CertVerifierRequest;

74 friend class CertVerifierJob;	72 friend class CertVerifierJob;

75 friend class MultiThreadedCertVerifierTest;	73 friend class MultiThreadedCertVerifierTest;

76 FRIEND_TEST_ALL_PREFIXES(MultiThreadedCertVerifierTest, CacheHit);	74 FRIEND_TEST_ALL_PREFIXES(MultiThreadedCertVerifierTest, CacheHit);

77 FRIEND_TEST_ALL_PREFIXES(MultiThreadedCertVerifierTest, DifferentCACerts);	75 FRIEND_TEST_ALL_PREFIXES(MultiThreadedCertVerifierTest, DifferentCACerts);

78 FRIEND_TEST_ALL_PREFIXES(MultiThreadedCertVerifierTest, InflightJoin);	76 FRIEND_TEST_ALL_PREFIXES(MultiThreadedCertVerifierTest, InflightJoin);

79 FRIEND_TEST_ALL_PREFIXES(MultiThreadedCertVerifierTest, CancelRequest);	77 FRIEND_TEST_ALL_PREFIXES(MultiThreadedCertVerifierTest, CancelRequest);

80 FRIEND_TEST_ALL_PREFIXES(MultiThreadedCertVerifierTest,	78 FRIEND_TEST_ALL_PREFIXES(MultiThreadedCertVerifierTest,

81 RequestParamsComparators);	79 RequestParamsComparators);

82 FRIEND_TEST_ALL_PREFIXES(MultiThreadedCertVerifierTest,	80 FRIEND_TEST_ALL_PREFIXES(MultiThreadedCertVerifierTest,

(...skipping 40 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
123 base::Time verification_time;	121 base::Time verification_time;

124 base::Time expiration_time;	122 base::Time expiration_time;

125 };	123 };

126	124

127 struct CacheExpirationFunctor {	125 struct CacheExpirationFunctor {

128 // Returns true iff \|now\| is within the validity period of \|expiration\|.	126 // Returns true iff \|now\| is within the validity period of \|expiration\|.

129 bool operator()(const CacheValidityPeriod& now,	127 bool operator()(const CacheValidityPeriod& now,

130 const CacheValidityPeriod& expiration) const;	128 const CacheValidityPeriod& expiration) const;

131 };	129 };

132	130

	131 using JobSet = std::set<CertVerifierJob*>;

	132

133 typedef ExpiringCache<RequestParams, CachedResult, CacheValidityPeriod,	133 typedef ExpiringCache<RequestParams, CachedResult, CacheValidityPeriod,

134 CacheExpirationFunctor> CertVerifierCache;	134 CacheExpirationFunctor> CertVerifierCache;

135	135

136 void HandleResult(X509Certificate* cert,	136 void SaveResultToCache(const RequestParams& key, const CachedResult& result);

137 const std::string& hostname,

138 const std::string& ocsp_response,

139 int flags,

140 const CertificateList& additional_trust_anchors,

141 int error,

142 const CertVerifyResult& verify_result);

143	137

144 // CertDatabase::Observer methods:	138 // CertDatabase::Observer methods:

145 void OnCACertChanged(const X509Certificate* cert) override;	139 void OnCACertChanged(const X509Certificate* cert) override;

146	140

	141 CertVerifierJob* FindJob(const RequestParams& key);

	142 scoped_ptr<CertVerifierJob> RemoveJob(CertVerifierJob* job);

	143

147 // For unit testing.	144 // For unit testing.

148 void ClearCache() { cache_.Clear(); }	145 void ClearCache() { cache_.Clear(); }

149 size_t GetCacheSize() const { return cache_.size(); }	146 size_t GetCacheSize() const { return cache_.size(); }

150 uint64 cache_hits() const { return cache_hits_; }	147 uint64 cache_hits() const { return cache_hits_; }

151 uint64 requests() const { return requests_; }	148 uint64 requests() const { return requests_; }

152 uint64 inflight_joins() const { return inflight_joins_; }	149 uint64 inflight_joins() const { return inflight_joins_; }

153	150

154 // cache_ maps from a request to a cached result.	151 // cache_ maps from a request to a cached result.

155 CertVerifierCache cache_;	152 CertVerifierCache cache_;

156	153

157 // inflight_ maps from a request to an active verification which is taking	154 // inflight_ holds the jobs for which an active verification is taking place.

158 // place.	155 JobSet inflight_;

159 std::map<RequestParams, CertVerifierJob*> inflight_;

160

161 // A non-owning pointer to the first job for histogramming.

162 CertVerifierJob* first_job_;

163	156

164 uint64 requests_;	157 uint64 requests_;

165 uint64 cache_hits_;	158 uint64 cache_hits_;

166 uint64 inflight_joins_;	159 uint64 inflight_joins_;

167	160

168 scoped_refptr<CertVerifyProc> verify_proc_;	161 scoped_refptr<CertVerifyProc> verify_proc_;

169	162

170 CertTrustAnchorProvider* trust_anchor_provider_;	163 CertTrustAnchorProvider* trust_anchor_provider_;

171	164

172 DISALLOW_COPY_AND_ASSIGN(MultiThreadedCertVerifier);	165 DISALLOW_COPY_AND_ASSIGN(MultiThreadedCertVerifier);

173 };	166 };

174	167

175 } // namespace net	168 } // namespace net

176	169

177 #endif // NET_CERT_MULTI_THREADED_CERT_VERIFIER_H_	170 #endif // NET_CERT_MULTI_THREADED_CERT_VERIFIER_H_

OLD	NEW

« no previous file with comments | « net/cert/mock_cert_verifier.cc ('k') | net/cert/multi_threaded_cert_verifier.cc » ('j') | net/cert/multi_threaded_cert_verifier.cc » ('J')