| Index: ios/web/net/cert_verifier_block_adapter.h
|
| diff --git a/ios/web/net/cert_verifier_block_adapter.h b/ios/web/net/cert_verifier_block_adapter.h
|
| index ee9829e68c4db76564129da3192602ef7b3d9b6c..6c78d9c22fa2c0a58c5afa23b49ce7fd11466cd7 100644
|
| --- a/ios/web/net/cert_verifier_block_adapter.h
|
| +++ b/ios/web/net/cert_verifier_block_adapter.h
|
| @@ -6,34 +6,39 @@
|
| #define IOS_WEB_NET_CERT_VERIFIER_BLOCK_ADAPTER_H_
|
|
|
| #include "base/memory/scoped_ptr.h"
|
| +#include "base/memory/scoped_vector.h"
|
| +#include "base/threading/thread_checker.h"
|
| #include "net/cert/cert_verifier.h"
|
| -#include "net/log/net_log.h"
|
| +#include "net/cert/cert_verify_result.h"
|
|
|
| namespace net {
|
|
|
| -class CertVerifyResult;
|
| class CRLSet;
|
| +class NetLog;
|
| class X509Certificate;
|
|
|
| -// Provides block-based interface for net::CertVerifier.
|
| +// Provides block-based interface for net::CertVerifier. This class can be
|
| +// created and used on any thread as long as it's the same thread where
|
| +// |CertVerifier| was created.
|
| class CertVerifierBlockAdapter {
|
| public:
|
| - CertVerifierBlockAdapter();
|
| - // Constructs adapter with given |CertVerifier| which can not be null.
|
| - CertVerifierBlockAdapter(scoped_ptr<CertVerifier> cert_verifier);
|
| + // Constructs adapter with given |CertVerifier| and |NetLog|, both can not be
|
| + // null. CertVerifierBlockAdapter does NOT take ownership over |cert_verifier|
|
| + // and |net_log|.
|
| + CertVerifierBlockAdapter(CertVerifier* cert_verifier, NetLog* net_log);
|
|
|
| // When the verifier is destroyed, all certificate verification requests are
|
| // canceled, and their completion handlers will not be called.
|
| ~CertVerifierBlockAdapter();
|
|
|
| - // Encapsulates verification parms. |cert| and |hostname| are mandatory, the
|
| + // Encapsulates verification params. |cert| and |hostname| are mandatory, the
|
| // other params are optional. If either of mandatory arguments is null or
|
| // empty then verification |CompletionHandler| will be called with
|
| - // ERR_INVALID_ARGUMENT status.
|
| + // ERR_INVALID_ARGUMENT status_result.
|
| struct Params {
|
| // Constructs Params from X509 cert and hostname, which are mandatory for
|
| // verification.
|
| - Params(scoped_refptr<net::X509Certificate> cert,
|
| + Params(const scoped_refptr<net::X509Certificate>& cert,
|
| const std::string& hostname);
|
| ~Params();
|
|
|
| @@ -47,28 +52,35 @@ class CertVerifierBlockAdapter {
|
| std::string ocsp_response;
|
|
|
| // Bitwise OR of CertVerifier::VerifyFlags.
|
| - CertVerifier::VerifyFlags flags;
|
| + int flags;
|
|
|
| // An optional CRLSet structure which can be used to avoid revocation checks
|
| // over the network.
|
| scoped_refptr<CRLSet> crl_set;
|
| };
|
|
|
| - // Type of verification completion block. On success CertVerifyResult is not
|
| - // null and status is OK, otherwise CertVerifyResult is null and status is a
|
| - // net error code.
|
| - typedef void (^CompletionHandler)(scoped_ptr<CertVerifyResult>, int status);
|
| + // Type of verification completion block. On success |status_result| is OK,
|
| + // otherwise |status_result| is a net error code and |cert_verify_result| is
|
| + // not a valid object.
|
| + typedef void (^CompletionHandler)(CertVerifyResult cert_verify_result,
|
| + int status_result);
|
|
|
| // Verifies certificate with given |params|. |completion_handler| must not be
|
| - // null and call be called either syncronously (in the same runloop) or
|
| - // asyncronously.
|
| + // null and call be called either synchronously (in the same runloop) or
|
| + // asynchronously.
|
| void Verify(const Params& params, CompletionHandler completion_handler);
|
|
|
| private:
|
| - // Underlying CertVerifier.
|
| - scoped_ptr<CertVerifier> cert_verifier_;
|
| - // Net Log required by CertVerifier.
|
| - BoundNetLog net_log_;
|
| + // Pending verification requests. Request must be alive until verification is
|
| + // completed, otherwise verification operation will be cancelled.
|
| + ScopedVector<CertVerifier::Request> pending_requests_;
|
| + // Underlying unowned CertVerifier.
|
| + CertVerifier* cert_verifier_;
|
| + // Unowned NetLog required by CertVerifier.
|
| + NetLog* net_log_;
|
| + // CertVerifierBlockAdapter should be used on the same thread where it was
|
| + // created.
|
| + base::ThreadChecker thread_checker_;
|
| };
|
|
|
| } // net
|
|
|
Chromium Code Reviews
Issue 1230033005:
WKWebView: Added cert verification API to web controller. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master