Chromium Code Reviews Chromium Code Reviews
Issue 135373002:
Added SSLHostInfo. Storing of server host info to our standard disk cache. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/socket/ssl_client_socket_pool.h" | 5 #include "net/socket/ssl_client_socket_pool.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
| 9 #include "base/metrics/field_trial.h" | 9 #include "base/metrics/field_trial.h" |
| 10 #include "base/metrics/histogram.h" | 10 #include "base/metrics/histogram.h" |
| 11 #include "base/metrics/sparse_histogram.h" | 11 #include "base/metrics/sparse_histogram.h" |
| 12 #include "base/values.h" | 12 #include "base/values.h" |
| 13 #include "net/base/host_port_pair.h" | 13 #include "net/base/host_port_pair.h" |
| 14 #include "net/base/net_errors.h" | 14 #include "net/base/net_errors.h" |
| 15 #include "net/http/http_proxy_client_socket.h" | 15 #include "net/http/http_proxy_client_socket.h" |
| 16 #include "net/http/http_proxy_client_socket_pool.h" | 16 #include "net/http/http_proxy_client_socket_pool.h" |
| 17 #include "net/socket/client_socket_factory.h" | 17 #include "net/socket/client_socket_factory.h" |
| 18 #include "net/socket/client_socket_handle.h" | 18 #include "net/socket/client_socket_handle.h" |
| 19 #include "net/socket/socks_client_socket_pool.h" | 19 #include "net/socket/socks_client_socket_pool.h" |
| 20 #include "net/socket/ssl_client_socket.h" | 20 #include "net/socket/ssl_client_socket.h" |
| 21 #include "net/socket/ssl_host_info.h" | |
| 21 #include "net/socket/transport_client_socket_pool.h" | 22 #include "net/socket/transport_client_socket_pool.h" |
| 22 #include "net/ssl/ssl_cert_request_info.h" | 23 #include "net/ssl/ssl_cert_request_info.h" |
| 23 #include "net/ssl/ssl_connection_status_flags.h" | 24 #include "net/ssl/ssl_connection_status_flags.h" |
| 24 #include "net/ssl/ssl_info.h" | 25 #include "net/ssl/ssl_info.h" |
| 25 | 26 |
| 26 namespace net { | 27 namespace net { |
| 27 | 28 |
| 28 SSLSocketParams::SSLSocketParams( | 29 SSLSocketParams::SSLSocketParams( |
| 29 const scoped_refptr<TransportSocketParams>& direct_params, | 30 const scoped_refptr<TransportSocketParams>& direct_params, |
| 30 const scoped_refptr<SOCKSSocketParams>& socks_proxy_params, | 31 const scoped_refptr<SOCKSSocketParams>& socks_proxy_params, |
| (...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 117 params_(params), | 118 params_(params), |
| 118 transport_pool_(transport_pool), | 119 transport_pool_(transport_pool), |
| 119 socks_pool_(socks_pool), | 120 socks_pool_(socks_pool), |
| 120 http_proxy_pool_(http_proxy_pool), | 121 http_proxy_pool_(http_proxy_pool), |
| 121 client_socket_factory_(client_socket_factory), | 122 client_socket_factory_(client_socket_factory), |
| 122 host_resolver_(host_resolver), | 123 host_resolver_(host_resolver), |
| 123 context_(context.cert_verifier, | 124 context_(context.cert_verifier, |
| 124 context.server_bound_cert_service, | 125 context.server_bound_cert_service, |
| 125 context.transport_security_state, | 126 context.transport_security_state, |
| 126 context.cert_transparency_verifier, | 127 context.cert_transparency_verifier, |
| 128 NULL, /* TODO(rtenneti): Fix SSLHostInfoFactory */ | |
|
wtc
2014/01/15 19:08:59
I think a ssl_host_info_factory member should be a
ramant (doing other things)
2014/01/18 00:21:56
It is already in https://codereview.chromium.org/1
ramant (doing other things)
2014/01/18 00:28:47
Passed context.ssl_host_info_factory and removed
| |
| 127 (params->privacy_mode() == kPrivacyModeEnabled | 129 (params->privacy_mode() == kPrivacyModeEnabled |
| 128 ? "pm/" + context.ssl_session_cache_shard | 130 ? "pm/" + context.ssl_session_cache_shard |
| 129 : context.ssl_session_cache_shard)), | 131 : context.ssl_session_cache_shard)), |
| 130 callback_(base::Bind(&SSLConnectJob::OnIOComplete, | 132 callback_(base::Bind(&SSLConnectJob::OnIOComplete, |
| 131 base::Unretained(this))) {} | 133 base::Unretained(this))) {} |
| 132 | 134 |
| 133 SSLConnectJob::~SSLConnectJob() {} | 135 SSLConnectJob::~SSLConnectJob() {} |
| 134 | 136 |
| 135 LoadState SSLConnectJob::GetLoadState() const { | 137 LoadState SSLConnectJob::GetLoadState() const { |
| 136 switch (next_state_) { | 138 switch (next_state_) { |
| (...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 213 break; | 215 break; |
| 214 } | 216 } |
| 215 } while (rv != ERR_IO_PENDING && next_state_ != STATE_NONE); | 217 } while (rv != ERR_IO_PENDING && next_state_ != STATE_NONE); |
| 216 | 218 |
| 217 return rv; | 219 return rv; |
| 218 } | 220 } |
| 219 | 221 |
| 220 int SSLConnectJob::DoTransportConnect() { | 222 int SSLConnectJob::DoTransportConnect() { |
| 221 DCHECK(transport_pool_); | 223 DCHECK(transport_pool_); |
| 222 | 224 |
| 225 if (context_.ssl_host_info_factory) { | |
| 226 ssl_host_info_.reset( | |
| 227 context_.ssl_host_info_factory->GetForHost( | |
| 228 params_->host_and_port().host(), | |
| 229 params_->ssl_config())); | |
| 230 } | |
| 231 | |
| 232 if (ssl_host_info_.get()) { | |
| 233 // This starts fetching the SSL host info from the disk cache for early | |
| 234 // certificate verification and the TLS cached information extension. | |
| 235 ssl_host_info_->Start(); | |
| 236 } | |
| 237 | |
| 223 next_state_ = STATE_TRANSPORT_CONNECT_COMPLETE; | 238 next_state_ = STATE_TRANSPORT_CONNECT_COMPLETE; |
| 224 transport_socket_handle_.reset(new ClientSocketHandle()); | 239 transport_socket_handle_.reset(new ClientSocketHandle()); |
| 225 scoped_refptr<TransportSocketParams> direct_params = | 240 scoped_refptr<TransportSocketParams> direct_params = |
| 226 params_->GetDirectConnectionParams(); | 241 params_->GetDirectConnectionParams(); |
| 227 return transport_socket_handle_->Init(group_name(), | 242 return transport_socket_handle_->Init(group_name(), |
| 228 direct_params, | 243 direct_params, |
| 229 priority(), | 244 priority(), |
| 230 callback_, | 245 callback_, |
| 231 transport_pool_, | 246 transport_pool_, |
| 232 net_log()); | 247 net_log()); |
| (...skipping 80 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 313 connect_timing_.dns_start = socket_connect_timing.dns_start; | 328 connect_timing_.dns_start = socket_connect_timing.dns_start; |
| 314 connect_timing_.dns_end = socket_connect_timing.dns_end; | 329 connect_timing_.dns_end = socket_connect_timing.dns_end; |
| 315 } | 330 } |
| 316 | 331 |
| 317 connect_timing_.ssl_start = base::TimeTicks::Now(); | 332 connect_timing_.ssl_start = base::TimeTicks::Now(); |
| 318 | 333 |
| 319 ssl_socket_ = client_socket_factory_->CreateSSLClientSocket( | 334 ssl_socket_ = client_socket_factory_->CreateSSLClientSocket( |
| 320 transport_socket_handle_.Pass(), | 335 transport_socket_handle_.Pass(), |
| 321 params_->host_and_port(), | 336 params_->host_and_port(), |
| 322 params_->ssl_config(), | 337 params_->ssl_config(), |
| 338 ssl_host_info_.release(), | |
| 323 context_); | 339 context_); |
| 324 return ssl_socket_->Connect(callback_); | 340 return ssl_socket_->Connect(callback_); |
| 325 } | 341 } |
| 326 | 342 |
| 327 int SSLConnectJob::DoSSLConnectComplete(int result) { | 343 int SSLConnectJob::DoSSLConnectComplete(int result) { |
| 328 connect_timing_.ssl_end = base::TimeTicks::Now(); | 344 connect_timing_.ssl_end = base::TimeTicks::Now(); |
| 329 | 345 |
| 330 SSLClientSocket::NextProtoStatus status = | 346 SSLClientSocket::NextProtoStatus status = |
| 331 SSLClientSocket::kNextProtoUnsupported; | 347 SSLClientSocket::kNextProtoUnsupported; |
| 332 std::string proto; | 348 std::string proto; |
| (...skipping 170 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 503 | 519 |
| 504 SSLClientSocketPool::SSLClientSocketPool( | 520 SSLClientSocketPool::SSLClientSocketPool( |
| 505 int max_sockets, | 521 int max_sockets, |
| 506 int max_sockets_per_group, | 522 int max_sockets_per_group, |
| 507 ClientSocketPoolHistograms* histograms, | 523 ClientSocketPoolHistograms* histograms, |
| 508 HostResolver* host_resolver, | 524 HostResolver* host_resolver, |
| 509 CertVerifier* cert_verifier, | 525 CertVerifier* cert_verifier, |
| 510 ServerBoundCertService* server_bound_cert_service, | 526 ServerBoundCertService* server_bound_cert_service, |
| 511 TransportSecurityState* transport_security_state, | 527 TransportSecurityState* transport_security_state, |
| 512 CTVerifier* cert_transparency_verifier, | 528 CTVerifier* cert_transparency_verifier, |
| 529 SSLHostInfoFactory* ssl_host_info_factory, | |
| 513 const std::string& ssl_session_cache_shard, | 530 const std::string& ssl_session_cache_shard, |
| 514 ClientSocketFactory* client_socket_factory, | 531 ClientSocketFactory* client_socket_factory, |
| 515 TransportClientSocketPool* transport_pool, | 532 TransportClientSocketPool* transport_pool, |
| 516 SOCKSClientSocketPool* socks_pool, | 533 SOCKSClientSocketPool* socks_pool, |
| 517 HttpProxyClientSocketPool* http_proxy_pool, | 534 HttpProxyClientSocketPool* http_proxy_pool, |
| 518 SSLConfigService* ssl_config_service, | 535 SSLConfigService* ssl_config_service, |
| 519 NetLog* net_log) | 536 NetLog* net_log) |
| 520 : transport_pool_(transport_pool), | 537 : transport_pool_(transport_pool), |
| 521 socks_pool_(socks_pool), | 538 socks_pool_(socks_pool), |
| 522 http_proxy_pool_(http_proxy_pool), | 539 http_proxy_pool_(http_proxy_pool), |
| 523 base_(this, max_sockets, max_sockets_per_group, histograms, | 540 base_(this, max_sockets, max_sockets_per_group, histograms, |
| 524 ClientSocketPool::unused_idle_socket_timeout(), | 541 ClientSocketPool::unused_idle_socket_timeout(), |
| 525 ClientSocketPool::used_idle_socket_timeout(), | 542 ClientSocketPool::used_idle_socket_timeout(), |
| 526 new SSLConnectJobFactory(transport_pool, | 543 new SSLConnectJobFactory(transport_pool, |
| 527 socks_pool, | 544 socks_pool, |
| 528 http_proxy_pool, | 545 http_proxy_pool, |
| 529 client_socket_factory, | 546 client_socket_factory, |
| 530 host_resolver, | 547 host_resolver, |
| 531 SSLClientSocketContext( | 548 SSLClientSocketContext( |
| 532 cert_verifier, | 549 cert_verifier, |
| 533 server_bound_cert_service, | 550 server_bound_cert_service, |
| 534 transport_security_state, | 551 transport_security_state, |
| 535 cert_transparency_verifier, | 552 cert_transparency_verifier, |
| 553 ssl_host_info_factory, | |
| 536 ssl_session_cache_shard), | 554 ssl_session_cache_shard), |
| 537 net_log)), | 555 net_log)), |
| 538 ssl_config_service_(ssl_config_service) { | 556 ssl_config_service_(ssl_config_service) { |
| 539 if (ssl_config_service_.get()) | 557 if (ssl_config_service_.get()) |
| 540 ssl_config_service_->AddObserver(this); | 558 ssl_config_service_->AddObserver(this); |
| 541 if (transport_pool_) | 559 if (transport_pool_) |
| 542 base_.AddLowerLayeredPool(transport_pool_); | 560 base_.AddLowerLayeredPool(transport_pool_); |
| 543 if (socks_pool_) | 561 if (socks_pool_) |
| 544 base_.AddLowerLayeredPool(socks_pool_); | 562 base_.AddLowerLayeredPool(socks_pool_); |
| 545 if (http_proxy_pool_) | 563 if (http_proxy_pool_) |
| (...skipping 131 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 677 if (base_.CloseOneIdleSocket()) | 695 if (base_.CloseOneIdleSocket()) |
| 678 return true; | 696 return true; |
| 679 return base_.CloseOneIdleConnectionInHigherLayeredPool(); | 697 return base_.CloseOneIdleConnectionInHigherLayeredPool(); |
| 680 } | 698 } |
| 681 | 699 |
| 682 void SSLClientSocketPool::OnSSLConfigChanged() { | 700 void SSLClientSocketPool::OnSSLConfigChanged() { |
| 683 FlushWithError(ERR_NETWORK_CHANGED); | 701 FlushWithError(ERR_NETWORK_CHANGED); |
| 684 } | 702 } |
| 685 | 703 |
| 686 } // namespace net | 704 } // namespace net |
| OLD | NEW |
