| Index: chrome/browser/io_thread.cc
|
| diff --git a/chrome/browser/io_thread.cc b/chrome/browser/io_thread.cc
|
| index cd55393e46928721bd87a1c147a7ef2452f55e8e..164d67835200de072e48020ab8604bf29a6217c9 100644
|
| --- a/chrome/browser/io_thread.cc
|
| +++ b/chrome/browser/io_thread.cc
|
| @@ -42,6 +42,7 @@
|
| #include "chrome/common/chrome_content_client.h"
|
| #include "chrome/common/chrome_switches.h"
|
| #include "chrome/common/pref_names.h"
|
| +#include "components/certificate_transparency/tree_state_tracker.h"
|
| #include "components/data_reduction_proxy/core/browser/data_reduction_proxy_prefs.h"
|
| #include "components/data_reduction_proxy/core/common/data_reduction_proxy_params.h"
|
| #include "components/data_usage/core/data_use_aggregator.h"
|
| @@ -69,10 +70,13 @@
|
| #include "net/cert/ct_known_logs.h"
|
| #include "net/cert/ct_known_logs_static.h"
|
| #include "net/cert/ct_log_verifier.h"
|
| +#include "net/cert/ct_observer.h"
|
| #include "net/cert/ct_policy_enforcer.h"
|
| #include "net/cert/ct_verifier.h"
|
| #include "net/cert/multi_log_ct_verifier.h"
|
| #include "net/cert/multi_threaded_cert_verifier.h"
|
| +#include "net/cert/sth_observer.h"
|
| +#include "net/cert/sth_reporter.h"
|
| #include "net/cookies/cookie_store.h"
|
| #include "net/dns/host_cache.h"
|
| #include "net/dns/host_resolver.h"
|
| @@ -429,6 +433,7 @@ IOThread::IOThread(
|
| globals_(NULL),
|
| is_spdy_allowed_by_policy_(true),
|
| is_quic_allowed_by_policy_(true),
|
| + sth_reporter_(nullptr),
|
| creation_time_(base::TimeTicks::Now()),
|
| weak_factory_(this) {
|
| scoped_refptr<base::SingleThreadTaskRunner> io_thread_proxy =
|
| @@ -521,6 +526,7 @@ IOThread::~IOThread() {
|
| BrowserThread::SetDelegate(BrowserThread::IO, NULL);
|
|
|
| pref_proxy_config_tracker_->DetachFromPrefService();
|
| + DCHECK(sth_observers_.empty());
|
| DCHECK(!globals_);
|
| }
|
|
|
| @@ -869,8 +875,18 @@ void IOThread::CleanUp() {
|
|
|
| system_url_request_context_getter_ = NULL;
|
|
|
| - // Release objects that the net::URLRequestContext could have been pointing
|
| - // to.
|
| + // Since the cert_transparency_observer will be deleted first, unlink
|
| + // it from the cert_transparency_verifier by nullifying the observer.
|
| + globals()->cert_transparency_verifier->SetObserver(nullptr);
|
| +
|
| + if (sth_reporter_) {
|
| + for (auto observer : sth_observers_) {
|
| + sth_reporter_->UnregisterObserver(observer);
|
| + }
|
| + // Make sure no registration happens after CleanUp
|
| + sth_reporter_ = nullptr;
|
| + }
|
| + sth_observers_.clear();
|
|
|
| // Shutdown the HistogramWatcher on the IO thread.
|
| net::NetworkChangeNotifier::ShutdownHistogramWatcher();
|
| @@ -1214,6 +1230,15 @@ void IOThread::InitSystemRequestContextOnIOThread() {
|
|
|
| globals_->system_request_context.reset(
|
| ConstructSystemRequestContext(globals_, params_, net_log_));
|
| +
|
| + globals_->cert_transparency_observer.reset(
|
| + new certificate_transparency::TreeStateTracker(globals_->ct_logs));
|
| + RegisterSTHObserver(globals_->cert_transparency_observer.get());
|
| + // The |cert_transparency_verifier| is the same one held by
|
| + // the |proxy_script_fetcher_context| and |system_request_context|,
|
| + // so no need to set the observer in their cert_transparency_verifiers.
|
| + globals_->cert_transparency_verifier->SetObserver(
|
| + globals_->cert_transparency_observer.get());
|
| }
|
|
|
| void IOThread::UpdateDnsClientEnabled() {
|
| @@ -1387,6 +1412,36 @@ bool IOThread::NetworkSessionConfigurator::ShouldEnableQuicPortSelection(
|
| return false; // Default to disabling port selection on all channels.
|
| }
|
|
|
| +void IOThread::RegisterSTHReporter(net::ct::STHReporter* reporter) {
|
| + DCHECK(globals());
|
| + // A sanity check to make sure the observer was created by now.
|
| + DCHECK(globals()->cert_transparency_observer.get());
|
| +
|
| + sth_reporter_ = reporter;
|
| + // Register all observers that were created before the reporter was.
|
| + for (auto observer : sth_observers_) {
|
| + sth_reporter_->RegisterObserver(observer);
|
| + }
|
| +}
|
| +
|
| +void IOThread::RegisterSTHObserver(net::ct::STHObserver* observer) {
|
| + sth_observers_.insert(observer);
|
| + // If a reporter was set, also register this observer with it.
|
| + // Otherwise it will be registered in RegisterSTHReporter with all
|
| + // other pending observers.
|
| + if (sth_reporter_) {
|
| + sth_reporter_->RegisterObserver(observer);
|
| + }
|
| +}
|
| +
|
| +void IOThread::UnregisterSTHObserver(net::ct::STHObserver* observer) {
|
| + DCHECK_NE(sth_observers_.count(observer), 0u);
|
| + sth_observers_.erase(observer);
|
| + if (sth_reporter_) {
|
| + sth_reporter_->UnregisterObserver(observer);
|
| + }
|
| +}
|
| +
|
| // static
|
| net::QuicTagVector
|
| IOThread::NetworkSessionConfigurator::GetQuicConnectionOptions(
|
|
|
Chromium Code Reviews
Issue 1845113003:
Certificate Transparency: Start tracking logs' state (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master