Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(844)

Side by Side Diff: chrome/browser/chromeos/policy/policy_cert_verifier.cc

Issue 24153012: Fix cyclic dependency between ProfilePolicyConnector and PrefService. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Addressed comments. Created 7 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/chromeos/policy/policy_cert_verifier.h" 5 #include "chrome/browser/chromeos/policy/policy_cert_verifier.h"
6 6
7 #include "base/logging.h" 7 #include "base/logging.h"
8 #include "base/memory/ref_counted.h"
9 #include "chrome/browser/browser_process.h" 8 #include "chrome/browser/browser_process.h"
10 #include "content/public/browser/browser_thread.h" 9 #include "content/public/browser/browser_thread.h"
11 #include "net/base/net_errors.h" 10 #include "net/base/net_errors.h"
12 #include "net/cert/cert_verify_proc.h" 11 #include "net/cert/cert_verify_proc.h"
13 #include "net/cert/multi_threaded_cert_verifier.h" 12 #include "net/cert/multi_threaded_cert_verifier.h"
14 13
15 namespace policy { 14 namespace policy {
16 15
17 namespace {
18
19 void MaybeSignalAnchorUse(int error,
20 const base::Closure& anchor_used_callback,
21 const net::CertVerifyResult& verify_result) {
22 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO));
23 if (error != net::OK || !verify_result.is_issued_by_additional_trust_anchor ||
24 anchor_used_callback.is_null()) {
25 return;
26 }
27 anchor_used_callback.Run();
28 }
29
30 void CompleteAndSignalAnchorUse(
31 const base::Closure& anchor_used_callback,
32 const net::CompletionCallback& completion_callback,
33 const net::CertVerifyResult* verify_result,
34 int error) {
35 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO));
36 MaybeSignalAnchorUse(error, anchor_used_callback, *verify_result);
37 if (!completion_callback.is_null())
38 completion_callback.Run(error);
39 }
40
41 } // namespace
42
43 PolicyCertVerifier::PolicyCertVerifier( 16 PolicyCertVerifier::PolicyCertVerifier(
44 const base::Closure& anchor_used_callback) 17 const base::Closure& anchor_used_callback)
45 : anchor_used_callback_(anchor_used_callback) { 18 : anchor_used_callback_(anchor_used_callback),
19 weak_ptr_factory_(this),
20 weak_ptr_(weak_ptr_factory_.GetWeakPtr()) {
46 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI)); 21 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI));
47 } 22 }
48 23
49 PolicyCertVerifier::~PolicyCertVerifier() { 24 PolicyCertVerifier::~PolicyCertVerifier() {
50 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO)); 25 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO));
26 DCHECK(!weak_ptr_factory_.HasWeakPtrs())
27 << "UnsetTrustAnchorUsedCallback must be called before d'tor. " << this;
51 } 28 }
52 29
53 void PolicyCertVerifier::InitializeOnIOThread() { 30 void PolicyCertVerifier::InitializeOnIOThread() {
54 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO)); 31 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO));
55 scoped_refptr<net::CertVerifyProc> verify_proc = 32 scoped_refptr<net::CertVerifyProc> verify_proc =
56 net::CertVerifyProc::CreateDefault(); 33 net::CertVerifyProc::CreateDefault();
57 if (!verify_proc->SupportsAdditionalTrustAnchors()) { 34 if (!verify_proc->SupportsAdditionalTrustAnchors()) {
58 LOG(WARNING) 35 LOG(WARNING)
59 << "Additional trust anchors not supported in the current platform!"; 36 << "Additional trust anchors not supported on the current platform!";
60 } 37 }
61 net::MultiThreadedCertVerifier* verifier = 38 net::MultiThreadedCertVerifier* verifier =
62 new net::MultiThreadedCertVerifier(verify_proc.get()); 39 new net::MultiThreadedCertVerifier(verify_proc.get());
63 verifier->SetCertTrustAnchorProvider(this); 40 verifier->SetCertTrustAnchorProvider(this);
64 delegate_.reset(verifier); 41 delegate_.reset(verifier);
65 } 42 }
66 43
44 void PolicyCertVerifier::UnsetTrustAnchorUsedCallback() {
45 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI));
46 anchor_used_callback_.Reset();
47 weak_ptr_factory_.InvalidateWeakPtrs();
48 }
49
67 void PolicyCertVerifier::SetTrustAnchors( 50 void PolicyCertVerifier::SetTrustAnchors(
68 const net::CertificateList& trust_anchors) { 51 const net::CertificateList& trust_anchors) {
69 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO)); 52 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO));
70 trust_anchors_ = trust_anchors; 53 trust_anchors_ = trust_anchors;
71 } 54 }
72 55
73 int PolicyCertVerifier::Verify( 56 int PolicyCertVerifier::Verify(
74 net::X509Certificate* cert, 57 net::X509Certificate* cert,
75 const std::string& hostname, 58 const std::string& hostname,
76 int flags, 59 int flags,
77 net::CRLSet* crl_set, 60 net::CRLSet* crl_set,
78 net::CertVerifyResult* verify_result, 61 net::CertVerifyResult* verify_result,
79 const net::CompletionCallback& completion_callback, 62 const net::CompletionCallback& completion_callback,
80 RequestHandle* out_req, 63 RequestHandle* out_req,
81 const net::BoundNetLog& net_log) { 64 const net::BoundNetLog& net_log) {
82 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO)); 65 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO));
83 DCHECK(delegate_); 66 DCHECK(delegate_);
84 net::CompletionCallback wrapped_callback = 67 net::CompletionCallback wrapped_callback =
85 base::Bind(&CompleteAndSignalAnchorUse, 68 base::Bind(&PolicyCertVerifier::CompleteAndSignalAnchorUse,
86 anchor_used_callback_,
87 completion_callback, 69 completion_callback,
88 verify_result); 70 verify_result,
71 weak_ptr_);
89 int error = delegate_->Verify(cert, hostname, flags, crl_set, verify_result, 72 int error = delegate_->Verify(cert, hostname, flags, crl_set, verify_result,
90 wrapped_callback, out_req, net_log); 73 wrapped_callback, out_req, net_log);
91 MaybeSignalAnchorUse(error, anchor_used_callback_, *verify_result); 74 MaybeSignalAnchorUse(error, *verify_result, weak_ptr_);
92 return error; 75 return error;
93 } 76 }
94 77
95 void PolicyCertVerifier::CancelRequest(RequestHandle req) { 78 void PolicyCertVerifier::CancelRequest(RequestHandle req) {
96 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO)); 79 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO));
97 delegate_->CancelRequest(req); 80 delegate_->CancelRequest(req);
98 } 81 }
99 82
100 const net::CertificateList& PolicyCertVerifier::GetAdditionalTrustAnchors() { 83 const net::CertificateList& PolicyCertVerifier::GetAdditionalTrustAnchors() {
101 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO)); 84 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO));
102 return trust_anchors_; 85 return trust_anchors_;
103 } 86 }
104 87
88 void PolicyCertVerifier::NotifyOnUI() {
89 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI));
90 if (!anchor_used_callback_.is_null())
91 anchor_used_callback_.Run();
92 }
93
94 // static
95 void PolicyCertVerifier::MaybeSignalAnchorUse(
96 int error,
97 const net::CertVerifyResult& verify_result,
98 const base::WeakPtr<PolicyCertVerifier>& weak_ptr) {
99 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO));
100 if (error != net::OK || !verify_result.is_issued_by_additional_trust_anchor)
101 return;
102
103 content::BrowserThread::PostTask(
104 content::BrowserThread::UI,
105 FROM_HERE,
106 base::Bind(&PolicyCertVerifier::NotifyOnUI, weak_ptr));
107 }
108
109 // static
110 void PolicyCertVerifier::CompleteAndSignalAnchorUse(
111 const net::CompletionCallback& completion_callback,
112 const net::CertVerifyResult* verify_result,
113 const base::WeakPtr<PolicyCertVerifier>& weak_ptr,
114 int error) {
115 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO));
116 MaybeSignalAnchorUse(error, *verify_result, weak_ptr);
117 if (!completion_callback.is_null())
118 completion_callback.Run(error);
119 }
120
105 } // namespace policy 121 } // namespace policy
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698