Implements new, more robust design for communicating between SSLConnectJobs.

net/socket/ssl_session_cache_openssl.cc

Index: net/socket/ssl_session_cache_openssl.cc
diff --git a/net/socket/ssl_session_cache_openssl.cc b/net/socket/ssl_session_cache_openssl.cc
index d16bb8d6325ec6b105da7219d4e9ea9e5f6f4828..79b3976aa23fe7de6f34ad969855854817e7d5dc 100644
--- a/net/socket/ssl_session_cache_openssl.cc
+++ b/net/socket/ssl_session_cache_openssl.cc
@@ -236,6 +236,35 @@ class SSLSessionCacheOpenSSLImpl {
     return SSL_set_session(ssl, session) == 1;
   }
 
+  bool SSLSessionIsInCache(const std::string& cache_key) const {
+    base::AutoLock locked(lock_);
+    KeyIndex::const_iterator it = key_index_.find(cache_key);
+    if (it == key_index_.end())
+      return false;
+    return true;
+  }
+
+  void NotifyOnSessionAdded(SSL* ssl, const base::Closure& cb) {
+    // Add this SSL* to the SSLtoCallbackMap.
+    std::pair<const base::Closure&, int> temp(cb, 0);
+    ssl_to_callback_map_.insert(SSLtoCallbackMap::value_type(ssl, temp));

[Ryan Sleevi, 2014/06/26 01:47:16]

Note: You can just use

ssl_to_callback_map_[ssl] = temp; here

[mshelley, 2014/07/01 02:35:23]

So I tried that initially, but received "cannot use default assignment operator"
error -- I assume because I'm mapping to a pair? 
On 2014/06/26 01:47:16, Ryan Sleevi wrote:

+  }
+
+  // Determines if the session for |ssl| is in the cache, and calls the
+  // appropriate callback if that is the case.
+  void CheckIfSessionAdded(SSL* ssl) {
+    SSLtoCallbackMap::iterator it = ssl_to_callback_map_.find(ssl);
+    if (it == ssl_to_callback_map_.end())
+      return;  // this shouldn't actually happen ever

[Ryan Sleevi, 2014/06/26 01:47:16]

So then add a NOTREACHED() here.

Why shouldn't it happen? Is that actually part of your SSLSessionCacheOpenSSL
*contract* (eg: it MUST never happen), or is it just an implementation detail of
the Pool?

[mshelley, 2014/07/01 02:35:23]

Oops -- honestly I put that statement/comment in while I was mocking out these
functions and forgot to delete it. The way things are implemented now this
actually can happen. 

On 2014/06/26 01:47:16, Ryan Sleevi wrote:

+
+    // Increment the session's completion count.
+    it->second.second++;
+    if (it->second.second == 2) {
+      // The session has been MarkedAsGood and Added, so it can be used.
+      it->second.first.Run();
+    }
+  }
+
   void MarkSSLSessionAsGood(SSL* ssl) {
     SSL_SESSION* session = SSL_get_session(ssl);
     if (!session)
@@ -244,6 +273,8 @@ class SSLSessionCacheOpenSSLImpl {
     // Mark the session as good, allowing it to be used for future connections.
     SSL_SESSION_set_ex_data(
         session, GetSSLSessionExIndex(), reinterpret_cast<void*>(1));
+
+    CheckIfSessionAdded(ssl);
   }
 
   // Flush all entries from the cache.
@@ -265,6 +296,9 @@ class SSLSessionCacheOpenSSLImpl {
   typedef base::hash_map<std::string, MRUSessionList::iterator> KeyIndex;
   // Type for a dictionary from SessionId values to key index nodes.
   typedef base::hash_map<SessionId, KeyIndex::iterator> SessionIdIndex;
+  // Type for a map from SSL* to associated callbacks
+  typedef std::map<SSL*, std::pair<const base::Closure&, int> >

[wtc, 2014/06/27 00:36:50]

What is the "int" in the std::pair?

[mshelley, 2014/07/01 02:35:23]

The int is used to determine whether or not the session has completed. In order
for a connection to technically be complete, it must have passed through
MarkSSLSessionAsGood as well as NewSessionCallbackStatic; each time this happens
I increment the int so that I can see when both methods have been called. 

On 2014/06/27 00:36:50, wtc wrote:

+      SSLtoCallbackMap;

[wtc, 2014/06/27 00:36:50]

Nit: the "to" in "SSLtoCallbackMap" should be capitalized: SSLToCallbackMap.

[mshelley, 2014/07/01 02:35:23]

Done.

 
   // Return the key associated with a given session, or the empty string if
   // none exist. This shall only be used for debugging.
@@ -343,6 +377,7 @@ class SSLSessionCacheOpenSSLImpl {
   // should not decrement its reference count after completion.
   static int NewSessionCallbackStatic(SSL* ssl, SSL_SESSION* session) {
     GetCache(ssl->ctx)->OnSessionAdded(ssl, session);
+    GetCache(ssl->ctx)->CheckIfSessionAdded(ssl);
     return 1;
   }
 
@@ -469,12 +504,14 @@ class SSLSessionCacheOpenSSLImpl {
 
   // method to get the index which can later be used with SSL_CTX_get_ex_data()
   // or SSL_CTX_set_ex_data().
-  base::Lock lock_;  // Protects access to containers below.
+  mutable base::Lock lock_;  // Protects access to containers below.
 
   MRUSessionList ordering_;
   KeyIndex key_index_;
   SessionIdIndex id_index_;
 
+  SSLtoCallbackMap ssl_to_callback_map_;

[wtc, 2014/06/27 00:36:50]

Is this member protected by |lock_|?

[mshelley, 2014/07/01 02:35:23]

No it is not...sorry didn't notice the comment above. I'll move this. 

On 2014/06/27 00:36:50, wtc wrote:

+
   size_t expiration_check_;
 };
 
@@ -499,6 +536,16 @@ bool SSLSessionCacheOpenSSL::SetSSLSessionWithKey(
   return impl_->SetSSLSessionWithKey(ssl, cache_key);
 }
 
+bool SSLSessionCacheOpenSSL::SSLSessionIsInCache(
+    const std::string& cache_key) const {
+  return impl_->SSLSessionIsInCache(cache_key);
+}
+
+void SSLSessionCacheOpenSSL::NotifyOnSessionAdded(SSL* ssl,
+                                                  const base::Closure& cb) {
+  impl_->NotifyOnSessionAdded(ssl, cb);
+}
+
 void SSLSessionCacheOpenSSL::MarkSSLSessionAsGood(SSL* ssl) {
   return impl_->MarkSSLSessionAsGood(ssl);
 }