Make NSSCertDatabase::ListCerts work async on a worker thread.

chromeos/cert_loader.h

 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CHROMEOS_CERT_LOADER_H_
 #define CHROMEOS_CERT_LOADER_H_
 
 #include <string>
 #include <vector>
 
 #include "base/basictypes.h"
 #include "base/compiler_specific.h"
 #include "base/memory/ref_counted.h"
 #include "base/memory/weak_ptr.h"
 #include "base/observer_list.h"
 #include "base/threading/thread_checker.h"
 #include "chromeos/chromeos_export.h"
 #include "net/cert/cert_database.h"
 
-namespace base {
-class TaskRunner;
-}
-
 namespace net {
 class NSSCertDatabase;
 class X509Certificate;
 typedef std::vector<scoped_refptr<X509Certificate> > CertificateList;
 }
 
 namespace chromeos {
 
 // This class is responsible for loading certificates once the TPM is
 // initialized. It is expected to be constructed on the UI thread and public
@@ skipping 23 matching lines @@
 
   // Gets the global instance. Initialize() must be called first.
   static CertLoader* Get();
 
   // Returns true if the global instance has been initialized.
   static bool IsInitialized();
 
   static std::string GetPkcs11IdForCert(const net::X509Certificate& cert);
 
   // Starts the CertLoader with the NSS cert database.
-  // The CertLoader will _not_ take the ownership of the database.
+  // The CertLoader will _not_ take the ownership of the database, but it
+  // expexts it to stay alive at least until the shutdown of the main thread.

[mattm, 2014/01/30 04:34:37]

expects

[mattm, 2014/01/30 04:34:37]

This doesn't seem true, or maybe just confusingly worded? The database is owned
by the ResourceContext, I would expect that to get destroyed while the IOThread
is still alive, let alone the main thread.

[tbarzic, 2014/02/03 23:42:05]

Not worded precisely enough. It should be:
"it expects it to stay alive at least until the shutdown _starts_ on the main
thread."(i.e. before we start tearing down profiles)

[tbarzic, 2014/02/03 23:42:05]

Done.

   void StartWithNSSDB(net::NSSCertDatabase* database);
 
-  // Sets the task runner that any slow calls will be made from, e.g. calls
-  // to the NSS database. If not set, uses base::WorkerPool.
-  void SetSlowTaskRunnerForTest(
-      const scoped_refptr<base::TaskRunner>& task_runner);
-
   void AddObserver(CertLoader::Observer* observer);
   void RemoveObserver(CertLoader::Observer* observer);
 
   int TPMTokenSlotID() const;
   bool IsHardwareBacked() const;
 
   // Whether the certificate is hardware backed. Returns false if the CertLoader
   // was not yet started (both |CertificatesLoading()| and
   // |certificates_loaded()| are false).
   bool IsCertificateHardwareBacked(const net::X509Certificate* cert) const;
@@ skipping 12 matching lines @@
 
  private:
   CertLoader();
   virtual ~CertLoader();
 
   // Trigger a certificate load. If a certificate loading task is already in
   // progress, will start a reload once the current task is finished.
   void LoadCertificates();
 
   // Called if a certificate load task is finished.
-  void UpdateCertificates(net::CertificateList* cert_list);
+  void UpdateCertificates(scoped_ptr<net::CertificateList> cert_list);
 
   void NotifyCertificatesLoaded(bool initial_load);
 
   // net::CertDatabase::Observer
   virtual void OnCACertChanged(const net::X509Certificate* cert) OVERRIDE;
   virtual void OnCertAdded(const net::X509Certificate* cert) OVERRIDE;
   virtual void OnCertRemoved(const net::X509Certificate* cert) OVERRIDE;
 
   ObserverList<Observer> observers_;
 
   // Flags describing current CertLoader state.
   bool certificates_loaded_;
   bool certificates_update_required_;
   bool certificates_update_running_;
 
   // The user-specific NSS certificate database from which the certificates
   // should be loaded.
   net::NSSCertDatabase* database_;
 
   // Set during tests if |IsHardwareBacked()| should always return true.
   bool force_hardware_backed_for_test_;
 
   // Cached Certificates loaded from the database.
   net::CertificateList cert_list_;
 
   base::ThreadChecker thread_checker_;
 
-  // TaskRunner that, if set, replaces base::WorkerPool. Should only be set in
-  // tests.
-  scoped_refptr<base::TaskRunner> slow_task_runner_for_test_;
-
   base::WeakPtrFactory<CertLoader> weak_factory_;
 
   DISALLOW_COPY_AND_ASSIGN(CertLoader);
 };
 
 }  // namespace chromeos
 
 #endif  // CHROMEOS_CERT_LOADER_H_