net/ssl/ssl_client_session_cache.cc - Issue 2541093003: Instrument SSL sockets using MemoryDumpProvider

Side by Side Diff: net/ssl/ssl_client_session_cache.cc

Issue 2541093003: Instrument SSL sockets using MemoryDumpProvider (Closed)

Patch Set: rebased Created 4 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

« net/socket/ssl_client_socket_unittest.cc ('K') | « net/ssl/ssl_client_session_cache.h ('k') | net/ssl/ssl_client_session_cache_unittest.cc » ('j') | net/ssl/ssl_client_session_cache_unittest.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright 2015 The Chromium Authors. All rights reserved.	1 // Copyright 2015 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "net/ssl/ssl_client_session_cache.h"	5 #include "net/ssl/ssl_client_session_cache.h"

6	6

	7 #include <openssl/ssl.h>
	davidben 2016/12/06 01:02:07 Already included below. Already included below. xunjieli 2016/12/06 18:36:08 Done. Show quoted text On 2016/12/06 01:02:07, davidben wrote: > Already included below. Done.
	8 #include <openssl/x509.h>
	davidben 2016/12/06 01:02:07 #include "third_party/boringssl/src/include/openss #include "third_party/boringssl/src/include/openssl/x509.h" xunjieli 2016/12/06 18:36:08 Done. Show quoted text On 2016/12/06 01:02:07, davidben wrote: > #include "third_party/boringssl/src/include/openssl/x509.h" Done.
7 #include <utility>	9 #include <utility>

8	10

9 #include "base/memory/memory_coordinator_client_registry.h"	11 #include "base/memory/memory_coordinator_client_registry.h"

	12 #include "base/strings/stringprintf.h"

10 #include "base/time/clock.h"	13 #include "base/time/clock.h"

11 #include "base/time/default_clock.h"	14 #include "base/time/default_clock.h"

	15 #include "base/trace_event/process_memory_dump.h"

	16 #include "net/cert/x509_util_openssl.h"

12 #include "third_party/boringssl/src/include/openssl/ssl.h"	17 #include "third_party/boringssl/src/include/openssl/ssl.h"

13	18

14 namespace net {	19 namespace net {

15	20

16 SSLClientSessionCache::SSLClientSessionCache(const Config& config)	21 SSLClientSessionCache::SSLClientSessionCache(const Config& config)

17 : clock_(new base::DefaultClock),	22 : clock_(new base::DefaultClock),

18 config_(config),	23 config_(config),

19 cache_(config.max_entries),	24 cache_(config.max_entries),

20 lookups_since_flush_(0) {	25 lookups_since_flush_(0) {

21 memory_pressure_listener_.reset(new base::MemoryPressureListener(base::Bind(	26 memory_pressure_listener_.reset(new base::MemoryPressureListener(base::Bind(

(...skipping 53 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
75 std::unique_ptr<base::Clock> clock) {	80 std::unique_ptr<base::Clock> clock) {

76 clock_ = std::move(clock);	81 clock_ = std::move(clock);

77 }	82 }

78	83

79 bool SSLClientSessionCache::IsExpired(SSL_SESSION* session, time_t now) {	84 bool SSLClientSessionCache::IsExpired(SSL_SESSION* session, time_t now) {

80 return now < SSL_SESSION_get_time(session) \|\|	85 return now < SSL_SESSION_get_time(session) \|\|

81 now >=	86 now >=

82 SSL_SESSION_get_time(session) + SSL_SESSION_get_timeout(session);	87 SSL_SESSION_get_time(session) + SSL_SESSION_get_timeout(session);

83 }	88 }

84	89

	90 void SSLClientSessionCache::DumpMemoryStats(

	91 base::trace_event::ProcessMemoryDump* pmd) {

	92 std::string absolute_name = "net/ssl_session_cache";

	93 base::trace_event::MemoryAllocatorDump* cache_dump =

	94 pmd->GetAllocatorDump(absolute_name);

	95 // This method can be reached from different URLRequestContexts. Since this is

	96 // a singleton, only log memory stats once.
	davidben 2016/12/06 01:02:07 Could you link to https://crbug.com/458365? That's Could you link to https://crbug.com/458365? That's the bug to fix this ridiculous singleton. xunjieli 2016/12/06 18:36:08 Done. Show quoted text On 2016/12/06 01:02:07, davidben wrote: > Could you link to https://crbug.com/458365 That's the bug to fix this > ridiculous singleton. Done.
	97 if (cache_dump)

	98 return;
	davidben 2016/12/06 01:02:07 How does this interact with multiple threads? (I'm How does this interact with multiple threads? (I'm not familiar with this API.) The SSLClientSessionCache is shared between all URLRequestContexts, regardless of which thread they're on. xunjieli 2016/12/06 18:36:08 Right, this came up in the design doc discussion a Show quoted text On 2016/12/06 01:02:07, davidben wrote: > How does this interact with multiple threads? (I'm not familiar with this API.) > The SSLClientSessionCache is shared between all URLRequestContexts, regardless > of which thread they're on. Right, this came up in the design doc discussion as well. I think we are going to depend on \|lock_\| for now and change this once 458365 is fixed. I tested this locally. I don't see any weird issue.
	99 cache_dump = pmd->CreateAllocatorDump(absolute_name);

	100 base::AutoLock lock(lock_);

	101 auto iter = cache_.begin();

	102 while (iter != cache_.end()) {
	davidben 2016/12/06 01:02:07 Does this work? for (const auto& pair : cache_) Does this work? for (const auto& pair : cache_) { xunjieli 2016/12/06 18:36:08 Done. Yep it works. Copied from SSLClientSessionCa Show quoted text On 2016/12/06 01:02:07, davidben wrote: > Does this work? > > for (const auto& pair : cache_) { Done. Yep it works. Copied from SSLClientSessionCache::FlushExpiredSessions(). I will change this to const auto& pair.
	103 auto entry = iter->second.get();

	104 auto cert_chain = entry->x509_chain;

	105 size_t cert_count = sk_X509_num(cert_chain);

	106 base::trace_event::MemoryAllocatorDump* entry_dump =

	107 pmd->CreateAllocatorDump(

	108 base::StringPrintf("%s/entry_%p", absolute_name.c_str(), entry));

	109 int cert_size = 0;

	110 for (size_t i = 0; i < cert_count; ++i) {

	111 X509* cert = sk_X509_value(cert_chain, i);

	112 cert_size += i2d_X509(cert, nullptr);

	113 }

	114 entry_dump->AddScalar("cert_size",
	davidben 2016/12/06 01:02:07 Same comment as on ssl_client_socket_impl.cc Same comment as on ssl_client_socket_impl.cc xunjieli 2016/12/06 18:36:08 Done. Show quoted text On 2016/12/06 01:02:07, davidben wrote: > Same comment as on ssl_client_socket_impl.cc Done.
	115 base::trace_event::MemoryAllocatorDump::kUnitsBytes,

	116 cert_size);

	117 entry_dump->AddScalar("cert_count",

	118 base::trace_event::MemoryAllocatorDump::kUnitsObjects,

	119 cert_count);

	120 entry_dump->AddScalar(base::trace_event::MemoryAllocatorDump::kNameSize,

	121 base::trace_event::MemoryAllocatorDump::kUnitsBytes,

	122 cert_size);

	123

	124 ++iter;

	125 }

	126 }

	127

85 void SSLClientSessionCache::FlushExpiredSessions() {	128 void SSLClientSessionCache::FlushExpiredSessions() {

86 time_t now = clock_->Now().ToTimeT();	129 time_t now = clock_->Now().ToTimeT();

87 auto iter = cache_.begin();	130 auto iter = cache_.begin();

88 while (iter != cache_.end()) {	131 while (iter != cache_.end()) {

89 if (IsExpired(iter->second.get(), now)) {	132 if (IsExpired(iter->second.get(), now)) {

90 iter = cache_.Erase(iter);	133 iter = cache_.Erase(iter);

91 } else {	134 } else {

92 ++iter;	135 ++iter;

93 }	136 }

94 }	137 }

(...skipping 25 matching lines...) Expand all Loading...
120 break;	163 break;

121 case base::MemoryState::SUSPENDED:	164 case base::MemoryState::SUSPENDED:

122 // Note: Not supported at present. Fall through.	165 // Note: Not supported at present. Fall through.

123 case base::MemoryState::UNKNOWN:	166 case base::MemoryState::UNKNOWN:

124 NOTREACHED();	167 NOTREACHED();

125 break;	168 break;

126 }	169 }

127 }	170 }

128	171

129 } // namespace net	172 } // namespace net

OLD	NEW