Adding DiskBasedCertCache to HttpCache (+UMA).

net/http/http_cache_transaction.cc

Index: net/http/http_cache_transaction.cc
diff --git a/net/http/http_cache_transaction.cc b/net/http/http_cache_transaction.cc
index bf791118be88b704966c7d3a886d5fcc4c924f63..4b944c88935c08f0526e99d714c0a8dff44fcf00 100644
--- a/net/http/http_cache_transaction.cc
+++ b/net/http/http_cache_transaction.cc
@@ -46,6 +46,26 @@ using base::TimeDelta;
 using base::TimeTicks;
 
 namespace {
+// used with DiskBasedCertCached objects. TODO(brandonsalmon) start
+// storing cache keys so that this doesn't need to be done.

[Ryan Sleevi, 2014/06/26 19:56:02]

This comment can use some style guide love.

Complete sentences, TODO on a new line

+std::string GetCacheKeyToCert(
+       const net::X509Certificate::OSCertHandle cert_handle) {
+  net::SHA1HashValue fingerprint =
+      net::X509Certificate::CalculateFingerprint(cert_handle);
+
+  return "cert:" +
+         base::HexEncode(fingerprint.data, arraysize(fingerprint.data));
+}
+
+void OnCertReadIOComplete(net::X509Certificate::OSCertHandle cert_handle) {
+  bool success = (cert_handle != NULL);
+  UMA_HISTOGRAM_BOOLEAN("DiskBasedCertCache.ReadSuccess", success);
+}
+
+void OnCertWriteIOComplete(const std::string& key) {
+  bool success = (key!=std::string());
+  UMA_HISTOGRAM_BOOLEAN("DiskBasedCertCache.WriteSuccess", success);
+}
 
 // From http://tools.ietf.org/html/draft-ietf-httpbis-p6-cache-21#section-6
 //      a "non-error response" is one with a 2xx (Successful) or 3xx
@@ -190,9 +210,7 @@ static bool HeaderMatches(const HttpRequestHeaders& headers,
 
 //-----------------------------------------------------------------------------
 
-HttpCache::Transaction::Transaction(
-    RequestPriority priority,
-    HttpCache* cache)
+HttpCache::Transaction::Transaction(RequestPriority priority, HttpCache* cache)
     : next_state_(STATE_NONE),
       request_(NULL),
       priority_(priority),
@@ -218,8 +236,10 @@ HttpCache::Transaction::Transaction(
       effective_load_flags_(0),
       write_len_(0),
       weak_factory_(this),
-      io_callback_(base::Bind(&Transaction::OnIOComplete,
-                              weak_factory_.GetWeakPtr())),
+      io_callback_(
+          base::Bind(&Transaction::OnIOComplete, weak_factory_.GetWeakPtr())),
+      cert_read_io_callback_(base::Bind(&OnCertReadIOComplete)),
+      cert_write_io_callback_(base::Bind(&OnCertWriteIOComplete)),
       transaction_pattern_(PATTERN_UNDEFINED),
       total_received_bytes_(0),
       websocket_handshake_stream_base_create_helper_(NULL) {
@@ -1495,6 +1515,12 @@ int HttpCache::Transaction::DoCacheReadResponseComplete(int result) {
     return OnCacheReadError(result, true);
   }
 
+  if(response_.ssl_info.is_valid()) {
+    std::string key = GetCacheKeyToCert(
+        response_.ssl_info.cert->os_cert_handle());
+    cache_->CertCache()->Get(key, cert_read_io_callback_);

[Ryan Sleevi, 2014/06/26 19:56:02]

BUG? You're not checking the intermediates (from the cache)

+  }
+
   // Some resources may have slipped in as truncated when they're not.
   int current_size = entry_->disk_entry->GetDataSize(kResponseContentIndex);
   if (response_.headers->GetContentLength() == current_size)
@@ -2327,6 +2353,11 @@ int HttpCache::Transaction::WriteResponseInfoToEntry(bool truncated) {
     return OK;
   }
 
+  if (response_.ssl_info.is_valid()) {
+    cache_->CertCache()->Set(response_.ssl_info.cert->os_cert_handle(),
+                     cert_write_io_callback_);

[Ryan Sleevi, 2014/06/26 19:56:02]

STYLE: Indent style
BUG: Same as above, not checking intermediates.

+  }
+
   // When writing headers, we normally only write the non-transient
   // headers; when in record mode, record everything.
   bool skip_transient_headers = (cache_->mode() != RECORD);