Generates the DTLS identity in browser process and returns it to render process.

content/browser/renderer_host/media/webrtc_identity_service_host.cc

Index: content/browser/renderer_host/media/webrtc_identity_service_host.cc
diff --git a/content/browser/renderer_host/media/webrtc_identity_service_host.cc b/content/browser/renderer_host/media/webrtc_identity_service_host.cc
new file mode 100644
index 0000000000000000000000000000000000000000..f308a08a75b40e8f8a8e9128f5c35faf4a18dcdd
--- /dev/null
+++ b/content/browser/renderer_host/media/webrtc_identity_service_host.cc
@@ -0,0 +1,89 @@
+// Copyright (c) 2013 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "content/browser/renderer_host/media/webrtc_identity_service_host.h"
+
+#include "base/bind.h"
+#include "content/common/media/webrtc_identity_messages.h"
+#include "content/public/browser/render_process_host.h"
+#include "net/base/net_errors.h"
+
+namespace content {
+
+WebRTCIdentityServiceHost::WebRTCIdentityServiceHost(
+    WebRTCIdentityStore* identity_store)
+    : pending_request_id_(-1), identity_store_(identity_store) {}

[Ami GONE FROM CHROMIUM, 2013/06/27 20:05:18]

This assumes -1 is not a valid request_id.  Should the IPC say so?

[jiayl, 2013/06/27 21:08:37]

Removed.

+
+WebRTCIdentityServiceHost::~WebRTCIdentityServiceHost() {
+  if (cancel_callback_.is_null())
+    return;
+  cancel_callback_.Run();
+}
+
+bool WebRTCIdentityServiceHost::OnMessageReceived(const IPC::Message& message,
+                                                  bool* message_was_ok) {
+  bool handled = true;
+  IPC_BEGIN_MESSAGE_MAP_EX(WebRTCIdentityServiceHost, message, *message_was_ok)
+    IPC_MESSAGE_HANDLER(WebRTCIdentityMsg_RequestIdentity, OnRequestIdentity)
+    IPC_MESSAGE_HANDLER(WebRTCIdentityMsg_CancelRequest, OnCancelRequest)
+    IPC_MESSAGE_UNHANDLED(handled = false)
+  IPC_END_MESSAGE_MAP_EX()
+  return handled;
+}
+
+void WebRTCIdentityServiceHost::OnRequestIdentity(
+    int request_id,
+    const GURL& origin,
+    const std::string& identity_name,
+    const std::string& common_name) {
+  if (!cancel_callback_.is_null()) {

[Ami GONE FROM CHROMIUM, 2013/06/27 20:05:18]

|| pending_request_id_ != -1
?

(put another way,
CHECK((pending_request_id_ == -1) == cancel_callback_.is_null());
)

+    DLOG(WARNING)
+        << "The request is rejected because there is already a pending request";
+    SendErrorMessage(request_id, net::ERR_INSUFFICIENT_RESOURCES);
+    return;
+  }
+  bool success = identity_store_->RequestIdentity(
+      origin,
+      identity_name,
+      common_name,
+      base::Bind(&WebRTCIdentityServiceHost::OnComplete,
+                 base::Unretained(this),
+                 request_id),
+      &cancel_callback_);
+  if (success) {
+    pending_request_id_ = request_id;
+  } else {
+    SendErrorMessage(request_id, net::ERR_UNEXPECTED);
+  }
+}
+
+void WebRTCIdentityServiceHost::OnCancelRequest(int request_id) {
+  if (request_id != pending_request_id_ || cancel_callback_.is_null())
+    return;
+  cancel_callback_.Run();
+  cancel_callback_.Reset();

[Ami GONE FROM CHROMIUM, 2013/06/27 20:05:18]

base::ResetAndRun(&cancel_callback_);
?

[jiayl, 2013/06/27 21:08:37]

Done.

+  pending_request_id_ = -1;
+}
+
+void WebRTCIdentityServiceHost::OnComplete(int request_id,
+                                           int error,
+                                           const std::string& certificate,
+                                           const std::string& private_key) {
+  DCHECK_EQ(request_id, pending_request_id_);

[Ami GONE FROM CHROMIUM, 2013/06/27 20:05:18]

Why does pending_request_id_ exist?
If it's to safeguard against this very DCHECK condition, then it should probably
be a CHECK or have explicit error handling even in non-debug builds.
If it's not for that then I think you can drop it and simply use the is_null()
status of cancel_callback_ to know whether a request is pending.

[jiayl, 2013/06/27 21:08:37]

Done.

+
+  pending_request_id_ = -1;
+  cancel_callback_.Reset();
+  if (error == net::OK) {
+    Send(new WebRTCIdentityHostMsg_IdentityReady(
+        request_id, certificate, private_key));
+  } else {
+    SendErrorMessage(request_id, error);
+  }
+}
+
+void WebRTCIdentityServiceHost::SendErrorMessage(int request_id, int error) {
+  Send(new WebRTCIdentityHostMsg_RequestFailed(request_id, error));
+}
+
+}  // namespace content