| Index: net/cert/nss_cert_database.cc
|
| diff --git a/net/cert/nss_cert_database.cc b/net/cert/nss_cert_database.cc
|
| index 935b271bd47b479aa46338de540737efe2ba33af..234a22d0bbf39fc578eba4fa3535aafe3fd7e972 100644
|
| --- a/net/cert/nss_cert_database.cc
|
| +++ b/net/cert/nss_cert_database.cc
|
| @@ -10,10 +10,14 @@
|
| #include <pk11pub.h>
|
| #include <secmod.h>
|
|
|
| +#include "base/bind.h"
|
| +#include "base/callback.h"
|
| #include "base/lazy_instance.h"
|
| #include "base/logging.h"
|
| #include "base/memory/scoped_ptr.h"
|
| #include "base/observer_list_threadsafe.h"
|
| +#include "base/task_runner.h"
|
| +#include "base/threading/worker_pool.h"
|
| #include "crypto/nss_util.h"
|
| #include "crypto/nss_util_internal.h"
|
| #include "crypto/scoped_nss_types.h"
|
| @@ -42,7 +46,6 @@ base::LazyInstance<NSSCertDatabase>::Leaky
|
|
|
| } // namespace
|
|
|
| -
|
| NSSCertDatabase::ImportCertFailure::ImportCertFailure(
|
| const scoped_refptr<X509Certificate>& cert,
|
| int err)
|
| @@ -71,7 +74,7 @@ NSSCertDatabase::NSSCertDatabase()
|
|
|
| NSSCertDatabase::~NSSCertDatabase() {}
|
|
|
| -void NSSCertDatabase::ListCerts(CertificateList* certs) {
|
| +void NSSCertDatabase::ListCertsSync(CertificateList* certs) {
|
| certs->clear();
|
|
|
| CERTCertList* cert_list = PK11_ListCerts(PK11CertListUnique, NULL);
|
| @@ -85,6 +88,26 @@ void NSSCertDatabase::ListCerts(CertificateList* certs) {
|
| CERT_DestroyCertList(cert_list);
|
| }
|
|
|
| +void NSSCertDatabase::ListCerts(
|
| + const base::Callback<void(scoped_ptr<CertificateList> certs)>& callback) {
|
| + scoped_ptr<CertificateList> certs(new CertificateList());
|
| + CertificateList* raw_certs = certs.get();
|
| +
|
| + scoped_ptr<NSSDatabaseFilter::CertNotAllowedPredicate> predicate;
|
| +
|
| + scoped_refptr<NSSDatabaseFilter> database_filter = GetDatabaseFilter();
|
| + if (database_filter)
|
| + predicate.reset(new NSSDatabaseFilter::CertNotAllowedPredicate(
|
| + database_filter));
|
| +
|
| + GetSlowTaskRunner()->PostTaskAndReply(
|
| + FROM_HERE,
|
| + base::Bind(&NSSCertDatabase::ListAndFilterCerts,
|
| + base::Passed(&predicate),
|
| + base::Unretained(raw_certs)),
|
| + base::Bind(callback, base::Passed(&certs)));
|
| +}
|
| +
|
| crypto::ScopedPK11Slot NSSCertDatabase::GetPublicSlot() const {
|
| return crypto::ScopedPK11Slot(crypto::GetPublicNSSKeySlot());
|
| }
|
| @@ -103,8 +126,8 @@ CryptoModule* NSSCertDatabase::GetPrivateModule() const {
|
| return CryptoModule::CreateFromHandle(slot.get());
|
| }
|
|
|
| -void NSSCertDatabase::ListModules(CryptoModuleList* modules,
|
| - bool need_rw) const {
|
| +void NSSCertDatabase::ListModulesSync(CryptoModuleList* modules,
|
| + bool need_rw) const {
|
| modules->clear();
|
|
|
| // The wincx arg is unused since we don't call PK11_SetIsLoggedInFunc.
|
| @@ -350,6 +373,39 @@ void NSSCertDatabase::RemoveObserver(Observer* observer) {
|
| observer_list_->RemoveObserver(observer);
|
| }
|
|
|
| +void NSSCertDatabase::SetSlowTaskRunnerForTest(
|
| + const scoped_refptr<base::TaskRunner>& task_runner) {
|
| + slow_task_runner_for_test_ = task_runner;
|
| +}
|
| +
|
| +// static
|
| +void NSSCertDatabase::ListAndFilterCerts(
|
| + scoped_ptr<NSSDatabaseFilter::CertNotAllowedPredicate> predicate,
|
| + CertificateList* certs) {
|
| + CHECK(certs);
|
| + certs->clear();
|
| +
|
| + CERTCertList* cert_list = PK11_ListCerts(PK11CertListUnique, NULL);
|
| + CERTCertListNode* node;
|
| + for (node = CERT_LIST_HEAD(cert_list);
|
| + !CERT_LIST_END(node, cert_list);
|
| + node = CERT_LIST_NEXT(node)) {
|
| + certs->push_back(X509Certificate::CreateFromHandle(
|
| + node->cert, X509Certificate::OSCertHandles()));
|
| + }
|
| + CERT_DestroyCertList(cert_list);
|
| +
|
| + // No certificate filter was set.
|
| + if (!predicate)
|
| + return;
|
| +
|
| + size_t pre_size = certs->size();
|
| + certs->erase(std::remove_if(certs->begin(), certs->end(), *predicate),
|
| + certs->end());
|
| + DVLOG(1) << "filtered " << pre_size - certs->size() << " of " << pre_size
|
| + << " certs";
|
| +}
|
| +
|
| void NSSCertDatabase::NotifyObserversOfCertAdded(const X509Certificate* cert) {
|
| observer_list_->Notify(&Observer::OnCertAdded, make_scoped_refptr(cert));
|
| }
|
| @@ -365,4 +421,14 @@ void NSSCertDatabase::NotifyObserversOfCACertChanged(
|
| &Observer::OnCACertChanged, make_scoped_refptr(cert));
|
| }
|
|
|
| +scoped_refptr<NSSDatabaseFilter> NSSCertDatabase::GetDatabaseFilter() const {
|
| + return NULL;
|
| +}
|
| +
|
| +scoped_refptr<base::TaskRunner> NSSCertDatabase::GetSlowTaskRunner() const {
|
| + if (slow_task_runner_for_test_)
|
| + return slow_task_runner_for_test_;
|
| + return base::WorkerPool::GetTaskRunner(true /*task is slow*/);
|
| +}
|
| +
|
| } // namespace net
|
|
|
Chromium Code Reviews
Issue 144423007:
Make NSSCertDatabase::ListCerts work async on a worker thread. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src