Add support for walking and modifying the CachingCertVerifier

net/cert/caching_cert_verifier.cc

Index: net/cert/caching_cert_verifier.cc
diff --git a/net/cert/caching_cert_verifier.cc b/net/cert/caching_cert_verifier.cc
index 733d87867c350d50096bc8b4451b1c2246e378dd..2fc6cbad2910b87de7b44a5dd0346932ea385c9d 100644
--- a/net/cert/caching_cert_verifier.cc
+++ b/net/cert/caching_cert_verifier.cc
@@ -20,6 +20,61 @@ const unsigned kTTLSecs = 1800;  // 30 minutes.
 
 }  // namespace
 
+CachingCertVerifier::Iterator::Iterator(const CachingCertVerifier& verifier)
+    : iter_(nullptr) {
+  using Iter = CachingCertVerifier::CertVerificationCache::Iterator;
+  iter_ = reinterpret_cast<void*>(new Iter(verifier.cache_));
+}
+
+CachingCertVerifier::Iterator::~Iterator() {
+  using Iter = CachingCertVerifier::CertVerificationCache::Iterator;
+  Iter* it = reinterpret_cast<Iter*>(iter_);
+  delete it;
+}
+
+bool CachingCertVerifier::Iterator::HasNext() const {
+  using Iter = CachingCertVerifier::CertVerificationCache::Iterator;
+  const Iter* it = reinterpret_cast<const Iter*>(iter_);
+  return it->HasNext();
+}
+
+void CachingCertVerifier::Iterator::Advance() {
+  using Iter = CachingCertVerifier::CertVerificationCache::Iterator;
+  Iter* it = reinterpret_cast<Iter*>(iter_);
+  it->Advance();
+}
+
+const CertVerifier::RequestParams& CachingCertVerifier::Iterator::params()
+    const {
+  using Iter = CachingCertVerifier::CertVerificationCache::Iterator;
+  const Iter* it = reinterpret_cast<const Iter*>(iter_);
+  return it->key();
+}
+
+int CachingCertVerifier::Iterator::error() const {
+  using Iter = CachingCertVerifier::CertVerificationCache::Iterator;
+  const Iter* it = reinterpret_cast<const Iter*>(iter_);
+  return it->value().error;
+}
+
+const CertVerifyResult& CachingCertVerifier::Iterator::verify_result() const {
+  using Iter = CachingCertVerifier::CertVerificationCache::Iterator;
+  const Iter* it = reinterpret_cast<const Iter*>(iter_);
+  return it->value().result;
+}
+
+base::Time CachingCertVerifier::Iterator::verification_time() const {
+  using Iter = CachingCertVerifier::CertVerificationCache::Iterator;
+  const Iter* it = reinterpret_cast<const Iter*>(iter_);
+  return it->expiration().verification_time;
+}
+
+base::Time CachingCertVerifier::Iterator::expiration_time() const {
+  using Iter = CachingCertVerifier::CertVerificationCache::Iterator;
+  const Iter* it = reinterpret_cast<const Iter*>(iter_);
+  return it->expiration().expiration_time;
+}
+
 CachingCertVerifier::CachingCertVerifier(std::unique_ptr<CertVerifier> verifier)
     : verifier_(std::move(verifier)),
       trust_anchor_provider_(nullptr),
@@ -86,6 +141,25 @@ bool CachingCertVerifier::SupportsOCSPStapling() {
   return verifier_->SupportsOCSPStapling();
 }
 
+bool CachingCertVerifier::AddEntry(const RequestParams& params,
+                                   int error,
+                                   const CertVerifyResult& verify_result,
+                                   base::Time verification_time) {
+  // If the cache is full, don't bother.
+  if (cache_.size() == cache_.max_entries())
+    return false;
+
+  // If there is an existing entry, don't bother updating it.
+  const CertVerificationCache::value_type* entry =
+      cache_.Get(params, CacheValidityPeriod(base::Time::Now()));
+  if (entry)
+    return false;
+
+  // Otherwise, go and add it.
+  AddResultToCache(params, verification_time, verify_result, error);
+  return true;
+}
+
 CachingCertVerifier::CachedResult::CachedResult() : error(ERR_FAILED) {}
 
 CachingCertVerifier::CachedResult::~CachedResult() {}