OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/cert/cert_database.h" | 5 #include "net/cert/cert_database.h" |
6 | 6 |
7 #include <cert.h> | 7 #include <cert.h> |
8 #include <pk11pub.h> | 8 #include <pk11pub.h> |
9 #include <secmod.h> | 9 #include <secmod.h> |
10 | 10 |
11 #include "base/logging.h" | 11 #include "base/logging.h" |
12 #include "base/observer_list_threadsafe.h" | 12 #include "base/observer_list_threadsafe.h" |
13 #include "crypto/nss_util.h" | 13 #include "crypto/nss_util.h" |
14 #include "crypto/scoped_nss_types.h" | 14 #include "crypto/scoped_nss_types.h" |
15 #include "net/base/net_errors.h" | 15 #include "net/base/net_errors.h" |
16 #include "net/cert/nss_cert_database.h" | 16 #include "net/cert/nss_cert_database.h" |
17 #include "net/cert/x509_certificate.h" | 17 #include "net/cert/x509_certificate.h" |
18 #include "net/cert/x509_util_nss.h" | 18 #include "net/cert/x509_util_nss.h" |
19 | 19 |
20 namespace net { | 20 namespace net { |
21 | 21 |
22 // Helper that observes events from the NSSCertDatabase and forwards them to | 22 // Helper that observes events from a CertDatabaseSource and forwards them to |
23 // the given CertDatabase. | 23 // the given CertDatabase. |
24 class CertDatabase::Notifier : public NSSCertDatabase::Observer { | 24 class CertDatabase::Notifier : public CertDatabaseSource::Observer { |
25 public: | 25 public: |
26 explicit Notifier(CertDatabase* cert_db) : cert_db_(cert_db) { | 26 Notifier(CertDatabase* cert_db) : cert_db_(cert_db) {} |
27 NSSCertDatabase::GetInstance()->AddObserver(this); | |
28 } | |
29 | 27 |
30 virtual ~Notifier() { | 28 virtual ~Notifier() {} |
31 NSSCertDatabase::GetInstance()->RemoveObserver(this); | |
32 } | |
33 | 29 |
34 // NSSCertDatabase::Observer implementation: | 30 // CertDatabaseSource::Observer implementation: |
35 virtual void OnCertAdded(const X509Certificate* cert) OVERRIDE { | 31 virtual void OnCertAdded(const X509Certificate* cert) OVERRIDE { |
36 cert_db_->NotifyObserversOfCertAdded(cert); | 32 cert_db_->NotifyObserversOfCertAdded(cert); |
37 } | 33 } |
38 | 34 |
39 virtual void OnCertRemoved(const X509Certificate* cert) OVERRIDE { | 35 virtual void OnCertRemoved(const X509Certificate* cert) OVERRIDE { |
40 cert_db_->NotifyObserversOfCertRemoved(cert); | 36 cert_db_->NotifyObserversOfCertRemoved(cert); |
41 } | 37 } |
42 | 38 |
43 virtual void OnCACertChanged(const X509Certificate* cert) OVERRIDE { | 39 virtual void OnCACertChanged(const X509Certificate* cert) OVERRIDE { |
44 cert_db_->NotifyObserversOfCACertChanged(cert); | 40 cert_db_->NotifyObserversOfCACertChanged(cert); |
45 } | 41 } |
46 | 42 |
47 private: | 43 private: |
48 CertDatabase* cert_db_; | 44 CertDatabase* cert_db_; |
49 | 45 |
50 DISALLOW_COPY_AND_ASSIGN(Notifier); | 46 DISALLOW_COPY_AND_ASSIGN(Notifier); |
51 }; | 47 }; |
52 | 48 |
53 CertDatabase::CertDatabase() | 49 CertDatabase::CertDatabase() |
54 : observer_list_(new ObserverListThreadSafe<Observer>) { | 50 : observer_list_(new ObserverListThreadSafe<Observer>), |
55 // Observe NSSCertDatabase events and forward them to observers of | 51 notifier_(new Notifier(this)) { |
56 // CertDatabase. This also makes sure that NSS has been initialized. | 52 crypto::EnsureNSSInit(); |
57 notifier_.reset(new Notifier(this)); | |
58 } | 53 } |
59 | 54 |
60 CertDatabase::~CertDatabase() {} | 55 CertDatabase::~CertDatabase() {} |
61 | 56 |
62 int CertDatabase::CheckUserCert(X509Certificate* cert_obj) { | 57 int CertDatabase::CheckUserCert(X509Certificate* cert_obj) { |
63 if (!cert_obj) | 58 if (!cert_obj) |
64 return ERR_CERT_INVALID; | 59 return ERR_CERT_INVALID; |
65 if (cert_obj->HasExpired()) | 60 if (cert_obj->HasExpired()) |
66 return ERR_CERT_DATE_INVALID; | 61 return ERR_CERT_DATE_INVALID; |
67 | 62 |
(...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
102 | 97 |
103 if (rv != SECSuccess) { | 98 if (rv != SECSuccess) { |
104 LOG(ERROR) << "Couldn't import user certificate. " << PORT_GetError(); | 99 LOG(ERROR) << "Couldn't import user certificate. " << PORT_GetError(); |
105 return ERR_ADD_USER_CERT_FAILED; | 100 return ERR_ADD_USER_CERT_FAILED; |
106 } | 101 } |
107 | 102 |
108 NotifyObserversOfCertAdded(cert_obj); | 103 NotifyObserversOfCertAdded(cert_obj); |
109 return OK; | 104 return OK; |
110 } | 105 } |
111 | 106 |
| 107 void CertDatabase::AddSource(CertDatabaseSource* source) { |
| 108 source->AddObserver(this->notifier_.get()); |
| 109 } |
| 110 |
112 } // namespace net | 111 } // namespace net |
OLD | NEW |