Chromium Code Reviews Chromium Code Reviews
Issue 381073002:
Move sqlite_channel_id_store from chrome/browser/net to net/extras. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/net/sqlite_channel_id_store.h" | 5 #include "net/extras/sqlite/sqlite_channel_id_store.h" |
| 6 | 6 |
| 7 #include <list> | 7 #include <list> |
| 8 #include <set> | 8 #include <set> |
| 9 #include <string> | |
| 9 | 10 |
| 10 #include "base/basictypes.h" | 11 #include "base/basictypes.h" |
| 11 #include "base/bind.h" | 12 #include "base/bind.h" |
| 12 #include "base/file_util.h" | 13 #include "base/file_util.h" |
| 13 #include "base/files/file_path.h" | 14 #include "base/files/file_path.h" |
| 15 #include "base/location.h" | |
| 14 #include "base/logging.h" | 16 #include "base/logging.h" |
| 15 #include "base/memory/scoped_ptr.h" | 17 #include "base/memory/scoped_ptr.h" |
| 18 #include "base/memory/scoped_vector.h" | |
| 16 #include "base/metrics/histogram.h" | 19 #include "base/metrics/histogram.h" |
| 20 #include "base/sequenced_task_runner.h" | |
| 17 #include "base/strings/string_util.h" | 21 #include "base/strings/string_util.h" |
| 18 #include "base/threading/thread.h" | |
| 19 #include "base/threading/thread_restrictions.h" | |
| 20 #include "net/cert/x509_certificate.h" | 22 #include "net/cert/x509_certificate.h" |
| 21 #include "net/cookies/cookie_util.h" | 23 #include "net/cookies/cookie_util.h" |
| 22 #include "net/ssl/ssl_client_cert_type.h" | 24 #include "net/ssl/ssl_client_cert_type.h" |
| 23 #include "sql/error_delegate_util.h" | 25 #include "sql/error_delegate_util.h" |
| 24 #include "sql/meta_table.h" | 26 #include "sql/meta_table.h" |
| 25 #include "sql/statement.h" | 27 #include "sql/statement.h" |
| 26 #include "sql/transaction.h" | 28 #include "sql/transaction.h" |
| 27 #include "third_party/sqlite/sqlite3.h" | |
| 28 #include "url/gurl.h" | 29 #include "url/gurl.h" |
| 29 #include "webkit/browser/quota/special_storage_policy.h" | 30 |
| 31 namespace { | |
| 32 | |
| 33 // Version number of the database. | |
| 34 const int kCurrentVersionNumber = 4; | |
| 35 const int kCompatibleVersionNumber = 1; | |
| 36 | |
| 37 // Initializes the certs table, returning true on success. | |
| 38 bool InitTable(sql::Connection* db) { | |
| 39 // The table is named "origin_bound_certs" for backwards compatability before | |
| 40 // we renamed this class to SQLiteChannelIDStore. Likewise, the primary | |
| 41 // key is "origin", but now can be other things like a plain domain. | |
| 42 if (!db->DoesTableExist("origin_bound_certs")) { | |
| 43 if (!db->Execute( | |
| 44 "CREATE TABLE origin_bound_certs (" | |
| 45 "origin TEXT NOT NULL UNIQUE PRIMARY KEY," | |
| 46 "private_key BLOB NOT NULL," | |
| 47 "cert BLOB NOT NULL," | |
| 48 "cert_type INTEGER," | |
| 49 "expiration_time INTEGER," | |
| 50 "creation_time INTEGER)")) | |
| 51 return false; | |
| 52 } | |
| 53 | |
| 54 return true; | |
| 55 } | |
| 56 | |
| 57 } // namespace | |
| 58 | |
| 59 namespace net { | |
| 30 | 60 |
| 31 // This class is designed to be shared between any calling threads and the | 61 // This class is designed to be shared between any calling threads and the |
| 32 // background task runner. It batches operations and commits them on a timer. | 62 // background task runner. It batches operations and commits them on a timer. |
| 33 class SQLiteChannelIDStore::Backend | 63 class SQLiteChannelIDStore::Backend |
| 34 : public base::RefCountedThreadSafe<SQLiteChannelIDStore::Backend> { | 64 : public base::RefCountedThreadSafe<SQLiteChannelIDStore::Backend> { |
| 35 public: | 65 public: |
| 36 Backend( | 66 Backend( |
| 37 const base::FilePath& path, | 67 const base::FilePath& path, |
| 38 const scoped_refptr<base::SequencedTaskRunner>& background_task_runner, | 68 const scoped_refptr<base::SequencedTaskRunner>& background_task_runner) |
| 39 quota::SpecialStoragePolicy* special_storage_policy) | |
| 40 : path_(path), | 69 : path_(path), |
| 41 num_pending_(0), | 70 num_pending_(0), |
| 42 force_keep_session_state_(false), | 71 force_keep_session_state_(false), |
| 43 background_task_runner_(background_task_runner), | 72 background_task_runner_(background_task_runner), |
| 44 special_storage_policy_(special_storage_policy), | |
| 45 corruption_detected_(false) {} | 73 corruption_detected_(false) {} |
| 46 | 74 |
| 47 // Creates or loads the SQLite database. | 75 // Creates or loads the SQLite database. |
| 48 void Load(const LoadedCallback& loaded_callback); | 76 void Load(const LoadedCallback& loaded_callback); |
| 49 | 77 |
| 50 // Batch a channel ID addition. | 78 // Batch a channel ID addition. |
| 51 void AddChannelID( | 79 void AddChannelID(const DefaultChannelIDStore::ChannelID& channel_id); |
| 52 const net::DefaultChannelIDStore::ChannelID& channel_id); | |
| 53 | 80 |
| 54 // Batch a channel ID deletion. | 81 // Batch a channel ID deletion. |
| 55 void DeleteChannelID( | 82 void DeleteChannelID(const DefaultChannelIDStore::ChannelID& channel_id); |
| 56 const net::DefaultChannelIDStore::ChannelID& channel_id); | |
| 57 | 83 |
| 58 // Commit any pending operations and close the database. This must be called | 84 // Commit any pending operations and close the database. This must be called |
| 59 // before the object is destructed. | 85 // before the object is destructed. |
| 60 void Close(); | 86 void Close(); |
| 61 | 87 |
| 62 void SetForceKeepSessionState(); | 88 void SetForceKeepSessionState(); |
| 63 | 89 |
| 64 private: | 90 private: |
| 65 void LoadOnDBThread( | |
| 66 ScopedVector<net::DefaultChannelIDStore::ChannelID>* channel_ids); | |
| 67 | |
| 68 friend class base::RefCountedThreadSafe<SQLiteChannelIDStore::Backend>; | |
| 69 | |
| 70 // You should call Close() before destructing this object. | 91 // You should call Close() before destructing this object. |
| 71 ~Backend() { | 92 ~Backend() { |
| 72 DCHECK(!db_.get()) << "Close should have already been called."; | 93 DCHECK(!db_.get()) << "Close should have already been called."; |
| 73 DCHECK(num_pending_ == 0 && pending_.empty()); | 94 DCHECK(num_pending_ == 0); |
|
Ryan Sleevi
2014/08/06 22:39:58
DCHECK_EQ(0u, num_pending_) ?
mef
2014/08/07 17:40:58
Done.
| |
| 95 DCHECK(pending_.empty()); | |
| 74 } | 96 } |
| 75 | 97 |
| 98 void LoadInBackground( | |
| 99 ScopedVector<DefaultChannelIDStore::ChannelID>* channel_ids); | |
| 100 | |
| 101 friend class base::RefCountedThreadSafe<SQLiteChannelIDStore::Backend>; | |
|
Ryan Sleevi
2014/08/06 22:39:58
STYLE *nit*: "as in life, put your friends first"
mef
2014/08/07 17:40:58
Done.
| |
| 102 | |
| 76 // Database upgrade statements. | 103 // Database upgrade statements. |
| 77 bool EnsureDatabaseVersion(); | 104 bool EnsureDatabaseVersion(); |
| 78 | 105 |
| 79 class PendingOperation { | 106 class PendingOperation { |
| 80 public: | 107 public: |
| 81 typedef enum { | 108 enum OperationType { CHANNEL_ID_ADD, CHANNEL_ID_DELETE }; |
| 82 CHANNEL_ID_ADD, | |
| 83 CHANNEL_ID_DELETE | |
| 84 } OperationType; | |
| 85 | 109 |
| 86 PendingOperation( | 110 PendingOperation(OperationType op, |
| 87 OperationType op, | 111 const DefaultChannelIDStore::ChannelID& channel_id) |
| 88 const net::DefaultChannelIDStore::ChannelID& channel_id) | |
| 89 : op_(op), channel_id_(channel_id) {} | 112 : op_(op), channel_id_(channel_id) {} |
| 90 | 113 |
| 91 OperationType op() const { return op_; } | 114 OperationType op() const { return op_; } |
| 92 const net::DefaultChannelIDStore::ChannelID& channel_id() const { | 115 const DefaultChannelIDStore::ChannelID& channel_id() const { |
| 93 return channel_id_; | 116 return channel_id_; |
| 94 } | 117 } |
| 95 | 118 |
| 96 private: | 119 private: |
| 97 OperationType op_; | 120 OperationType op_; |
| 98 net::DefaultChannelIDStore::ChannelID channel_id_; | 121 DefaultChannelIDStore::ChannelID channel_id_; |
| 99 }; | 122 }; |
| 100 | 123 |
| 101 private: | 124 private: |
| 102 // Batch a channel id operation (add or delete). | 125 // Batch a channel id operation (add or delete). |
| 103 void BatchOperation( | 126 void BatchOperation(PendingOperation::OperationType op, |
| 104 PendingOperation::OperationType op, | 127 const DefaultChannelIDStore::ChannelID& channel_id); |
| 105 const net::DefaultChannelIDStore::ChannelID& channel_id); | |
| 106 // Commit our pending operations to the database. | 128 // Commit our pending operations to the database. |
| 107 void Commit(); | 129 void Commit(); |
| 108 // Close() executed on the background thread. | 130 // Close() executed on the background task runner. |
| 109 void InternalBackgroundClose(); | 131 void InternalBackgroundClose(); |
| 110 | 132 |
| 111 void DeleteCertificatesOnShutdown(); | 133 void DeleteCertificatesOnShutdown(); |
| 112 | 134 |
| 113 void DatabaseErrorCallback(int error, sql::Statement* stmt); | 135 void DatabaseErrorCallback(int error, sql::Statement* stmt); |
| 114 void KillDatabase(); | 136 void KillDatabase(); |
| 115 | 137 |
| 116 base::FilePath path_; | 138 const base::FilePath path_; |
| 117 scoped_ptr<sql::Connection> db_; | 139 scoped_ptr<sql::Connection> db_; |
| 118 sql::MetaTable meta_table_; | 140 sql::MetaTable meta_table_; |
| 119 | 141 |
| 120 typedef std::list<PendingOperation*> PendingOperationsList; | 142 typedef std::list<PendingOperation*> PendingOperationsList; |
| 121 PendingOperationsList pending_; | 143 PendingOperationsList pending_; |
| 122 PendingOperationsList::size_type num_pending_; | 144 PendingOperationsList::size_type num_pending_; |
| 123 // True if the persistent store should skip clear on exit rules. | 145 // True if the persistent store should skip clear on exit rules. |
| 124 bool force_keep_session_state_; | 146 bool force_keep_session_state_; |
| 125 // Guard |pending_|, |num_pending_| and |force_keep_session_state_|. | 147 // Guard |pending_|, |num_pending_| and |force_keep_session_state_|. |
| 126 base::Lock lock_; | 148 base::Lock lock_; |
| 127 | 149 |
| 128 // Cache of origins we have channel IDs stored for. | 150 // Cache of origins we have channel IDs stored for. |
| 129 std::set<std::string> channel_id_origins_; | 151 std::set<std::string> channel_id_origins_; |
| 130 | 152 |
| 131 scoped_refptr<base::SequencedTaskRunner> background_task_runner_; | 153 scoped_refptr<base::SequencedTaskRunner> background_task_runner_; |
| 132 | 154 |
| 133 scoped_refptr<quota::SpecialStoragePolicy> special_storage_policy_; | |
| 134 | |
| 135 // Indicates if the kill-database callback has been scheduled. | 155 // Indicates if the kill-database callback has been scheduled. |
| 136 bool corruption_detected_; | 156 bool corruption_detected_; |
| 137 | 157 |
| 138 DISALLOW_COPY_AND_ASSIGN(Backend); | 158 DISALLOW_COPY_AND_ASSIGN(Backend); |
| 139 }; | 159 }; |
| 140 | 160 |
| 141 // Version number of the database. | |
| 142 static const int kCurrentVersionNumber = 4; | |
| 143 static const int kCompatibleVersionNumber = 1; | |
| 144 | |
| 145 namespace { | |
| 146 | |
| 147 // Initializes the certs table, returning true on success. | |
| 148 bool InitTable(sql::Connection* db) { | |
| 149 // The table is named "origin_bound_certs" for backwards compatability before | |
| 150 // we renamed this class to SQLiteChannelIDStore. Likewise, the primary | |
| 151 // key is "origin", but now can be other things like a plain domain. | |
| 152 if (!db->DoesTableExist("origin_bound_certs")) { | |
| 153 if (!db->Execute("CREATE TABLE origin_bound_certs (" | |
| 154 "origin TEXT NOT NULL UNIQUE PRIMARY KEY," | |
| 155 "private_key BLOB NOT NULL," | |
| 156 "cert BLOB NOT NULL," | |
| 157 "cert_type INTEGER," | |
| 158 "expiration_time INTEGER," | |
| 159 "creation_time INTEGER)")) | |
| 160 return false; | |
| 161 } | |
| 162 | |
| 163 return true; | |
| 164 } | |
| 165 | |
| 166 } // namespace | |
| 167 | |
| 168 void SQLiteChannelIDStore::Backend::Load( | 161 void SQLiteChannelIDStore::Backend::Load( |
| 169 const LoadedCallback& loaded_callback) { | 162 const LoadedCallback& loaded_callback) { |
| 170 // This function should be called only once per instance. | 163 // This function should be called only once per instance. |
| 171 DCHECK(!db_.get()); | 164 DCHECK(!db_.get()); |
| 172 scoped_ptr<ScopedVector<net::DefaultChannelIDStore::ChannelID> > | 165 scoped_ptr<ScopedVector<DefaultChannelIDStore::ChannelID> > channel_ids( |
| 173 channel_ids(new ScopedVector<net::DefaultChannelIDStore::ChannelID>()); | 166 new ScopedVector<DefaultChannelIDStore::ChannelID>()); |
| 174 ScopedVector<net::DefaultChannelIDStore::ChannelID>* channel_ids_ptr = | 167 ScopedVector<DefaultChannelIDStore::ChannelID>* channel_ids_ptr = |
| 175 channel_ids.get(); | 168 channel_ids.get(); |
| 176 | 169 |
| 177 background_task_runner_->PostTaskAndReply( | 170 background_task_runner_->PostTaskAndReply( |
| 178 FROM_HERE, | 171 FROM_HERE, |
| 179 base::Bind(&Backend::LoadOnDBThread, this, channel_ids_ptr), | 172 base::Bind(&Backend::LoadInBackground, this, channel_ids_ptr), |
| 180 base::Bind(loaded_callback, base::Passed(&channel_ids))); | 173 base::Bind(loaded_callback, base::Passed(&channel_ids))); |
| 181 } | 174 } |
| 182 | 175 |
| 183 void SQLiteChannelIDStore::Backend::LoadOnDBThread( | 176 void SQLiteChannelIDStore::Backend::LoadInBackground( |
| 184 ScopedVector<net::DefaultChannelIDStore::ChannelID>* channel_ids) { | 177 ScopedVector<DefaultChannelIDStore::ChannelID>* channel_ids) { |
| 185 DCHECK(background_task_runner_->RunsTasksOnCurrentThread()); | 178 DCHECK(background_task_runner_->RunsTasksOnCurrentThread()); |
| 186 | 179 |
| 187 // This method should be called only once per instance. | 180 // This method should be called only once per instance. |
| 188 DCHECK(!db_.get()); | 181 DCHECK(!db_.get()); |
| 189 | 182 |
| 190 base::TimeTicks start = base::TimeTicks::Now(); | 183 base::TimeTicks start = base::TimeTicks::Now(); |
| 191 | 184 |
| 192 // Ensure the parent directory for storing certs is created before reading | 185 // Ensure the parent directory for storing certs is created before reading |
| 193 // from it. | 186 // from it. |
| 194 const base::FilePath dir = path_.DirName(); | 187 const base::FilePath dir = path_.DirName(); |
| 195 if (!base::PathExists(dir) && !base::CreateDirectory(dir)) | 188 if (!base::PathExists(dir) && !base::CreateDirectory(dir)) |
| 196 return; | 189 return; |
| 197 | 190 |
| 198 int64 db_size = 0; | 191 int64 db_size = 0; |
| 199 if (base::GetFileSize(path_, &db_size)) | 192 if (base::GetFileSize(path_, &db_size)) |
| 200 UMA_HISTOGRAM_COUNTS("DomainBoundCerts.DBSizeInKB", db_size / 1024 ); | 193 UMA_HISTOGRAM_COUNTS("DomainBoundCerts.DBSizeInKB", db_size / 1024); |
| 201 | 194 |
| 202 db_.reset(new sql::Connection); | 195 db_.reset(new sql::Connection); |
| 203 db_->set_histogram_tag("DomainBoundCerts"); | 196 db_->set_histogram_tag("DomainBoundCerts"); |
| 204 | 197 |
| 205 // Unretained to avoid a ref loop with db_. | 198 // Unretained to avoid a ref loop with db_. |
| 206 db_->set_error_callback( | 199 db_->set_error_callback( |
| 207 base::Bind(&SQLiteChannelIDStore::Backend::DatabaseErrorCallback, | 200 base::Bind(&SQLiteChannelIDStore::Backend::DatabaseErrorCallback, |
| 208 base::Unretained(this))); | 201 base::Unretained(this))); |
| 209 | 202 |
| 210 if (!db_->Open(path_)) { | 203 if (!db_->Open(path_)) { |
| (...skipping 21 matching lines...) Expand all Loading... | |
| 232 "creation_time FROM origin_bound_certs")); | 225 "creation_time FROM origin_bound_certs")); |
| 233 if (!smt.is_valid()) { | 226 if (!smt.is_valid()) { |
| 234 if (corruption_detected_) | 227 if (corruption_detected_) |
| 235 KillDatabase(); | 228 KillDatabase(); |
| 236 meta_table_.Reset(); | 229 meta_table_.Reset(); |
| 237 db_.reset(); | 230 db_.reset(); |
| 238 return; | 231 return; |
| 239 } | 232 } |
| 240 | 233 |
| 241 while (smt.Step()) { | 234 while (smt.Step()) { |
| 242 net::SSLClientCertType type = | 235 SSLClientCertType type = static_cast<SSLClientCertType>(smt.ColumnInt(3)); |
| 243 static_cast<net::SSLClientCertType>(smt.ColumnInt(3)); | 236 if (type != CLIENT_CERT_ECDSA_SIGN) |
| 244 if (type != net::CLIENT_CERT_ECDSA_SIGN) | |
| 245 continue; | 237 continue; |
| 246 std::string private_key_from_db, cert_from_db; | 238 std::string private_key_from_db, cert_from_db; |
| 247 smt.ColumnBlobAsString(1, &private_key_from_db); | 239 smt.ColumnBlobAsString(1, &private_key_from_db); |
| 248 smt.ColumnBlobAsString(2, &cert_from_db); | 240 smt.ColumnBlobAsString(2, &cert_from_db); |
| 249 scoped_ptr<net::DefaultChannelIDStore::ChannelID> channel_id( | 241 scoped_ptr<DefaultChannelIDStore::ChannelID> channel_id( |
| 250 new net::DefaultChannelIDStore::ChannelID( | 242 new DefaultChannelIDStore::ChannelID( |
| 251 smt.ColumnString(0), // origin | 243 smt.ColumnString(0), // origin |
| 252 base::Time::FromInternalValue(smt.ColumnInt64(5)), | 244 base::Time::FromInternalValue(smt.ColumnInt64(5)), |
| 253 base::Time::FromInternalValue(smt.ColumnInt64(4)), | 245 base::Time::FromInternalValue(smt.ColumnInt64(4)), |
| 254 private_key_from_db, | 246 private_key_from_db, |
| 255 cert_from_db)); | 247 cert_from_db)); |
| 256 channel_id_origins_.insert(channel_id->server_identifier()); | 248 channel_id_origins_.insert(channel_id->server_identifier()); |
| 257 channel_ids->push_back(channel_id.release()); | 249 channel_ids->push_back(channel_id.release()); |
| 258 } | 250 } |
| 259 | 251 |
| 260 UMA_HISTOGRAM_COUNTS_10000("DomainBoundCerts.DBLoadedCount", | 252 UMA_HISTOGRAM_COUNTS_10000( |
| 261 channel_ids->size()); | 253 "DomainBoundCerts.DBLoadedCount", |
| 254 static_cast<base::HistogramBase::Sample>(channel_ids->size())); | |
| 262 base::TimeDelta load_time = base::TimeTicks::Now() - start; | 255 base::TimeDelta load_time = base::TimeTicks::Now() - start; |
| 263 UMA_HISTOGRAM_CUSTOM_TIMES("DomainBoundCerts.DBLoadTime", | 256 UMA_HISTOGRAM_CUSTOM_TIMES("DomainBoundCerts.DBLoadTime", |
| 264 load_time, | 257 load_time, |
| 265 base::TimeDelta::FromMilliseconds(1), | 258 base::TimeDelta::FromMilliseconds(1), |
| 266 base::TimeDelta::FromMinutes(1), | 259 base::TimeDelta::FromMinutes(1), |
| 267 50); | 260 50); |
| 268 DVLOG(1) << "loaded " << channel_ids->size() << " in " | 261 DVLOG(1) << "loaded " << channel_ids->size() << " in " |
| 269 << load_time.InMilliseconds() << " ms"; | 262 << load_time.InMilliseconds() << " ms"; |
| 270 } | 263 } |
| 271 | 264 |
| 272 bool SQLiteChannelIDStore::Backend::EnsureDatabaseVersion() { | 265 bool SQLiteChannelIDStore::Backend::EnsureDatabaseVersion() { |
| 273 // Version check. | 266 // Version check. |
| 274 if (!meta_table_.Init( | 267 if (!meta_table_.Init( |
| 275 db_.get(), kCurrentVersionNumber, kCompatibleVersionNumber)) { | 268 db_.get(), kCurrentVersionNumber, kCompatibleVersionNumber)) { |
| 276 return false; | 269 return false; |
| 277 } | 270 } |
| 278 | 271 |
| 279 if (meta_table_.GetCompatibleVersionNumber() > kCurrentVersionNumber) { | 272 if (meta_table_.GetCompatibleVersionNumber() > kCurrentVersionNumber) { |
| 280 LOG(WARNING) << "Server bound cert database is too new."; | 273 LOG(WARNING) << "Server bound cert database is too new."; |
| 281 return false; | 274 return false; |
| 282 } | 275 } |
| 283 | 276 |
| 284 int cur_version = meta_table_.GetVersionNumber(); | 277 int cur_version = meta_table_.GetVersionNumber(); |
| 285 if (cur_version == 1) { | 278 if (cur_version == 1) { |
| 286 sql::Transaction transaction(db_.get()); | 279 sql::Transaction transaction(db_.get()); |
| 287 if (!transaction.Begin()) | 280 if (!transaction.Begin()) |
| 288 return false; | 281 return false; |
| 289 if (!db_->Execute("ALTER TABLE origin_bound_certs ADD COLUMN cert_type " | 282 if (!db_->Execute( |
| 290 "INTEGER")) { | 283 "ALTER TABLE origin_bound_certs ADD COLUMN cert_type " |
| 284 "INTEGER")) { | |
| 291 LOG(WARNING) << "Unable to update server bound cert database to " | 285 LOG(WARNING) << "Unable to update server bound cert database to " |
| 292 << "version 2."; | 286 << "version 2."; |
| 293 return false; | 287 return false; |
| 294 } | 288 } |
| 295 // All certs in version 1 database are rsa_sign, which are unsupported. | 289 // All certs in version 1 database are rsa_sign, which are unsupported. |
| 296 // Just discard them all. | 290 // Just discard them all. |
| 297 if (!db_->Execute("DELETE from origin_bound_certs")) { | 291 if (!db_->Execute("DELETE from origin_bound_certs")) { |
| 298 LOG(WARNING) << "Unable to update server bound cert database to " | 292 LOG(WARNING) << "Unable to update server bound cert database to " |
| 299 << "version 2."; | 293 << "version 2."; |
| 300 return false; | 294 return false; |
| 301 } | 295 } |
| 302 ++cur_version; | 296 ++cur_version; |
| 303 meta_table_.SetVersionNumber(cur_version); | 297 meta_table_.SetVersionNumber(cur_version); |
| 304 meta_table_.SetCompatibleVersionNumber( | 298 meta_table_.SetCompatibleVersionNumber( |
| 305 std::min(cur_version, kCompatibleVersionNumber)); | 299 std::min(cur_version, kCompatibleVersionNumber)); |
| 306 transaction.Commit(); | 300 transaction.Commit(); |
| 307 } | 301 } |
| 308 | 302 |
| 309 if (cur_version <= 3) { | 303 if (cur_version <= 3) { |
| 310 sql::Transaction transaction(db_.get()); | 304 sql::Transaction transaction(db_.get()); |
| 311 if (!transaction.Begin()) | 305 if (!transaction.Begin()) |
| 312 return false; | 306 return false; |
| 313 | 307 |
| 314 if (cur_version == 2) { | 308 if (cur_version == 2) { |
| 315 if (!db_->Execute("ALTER TABLE origin_bound_certs ADD COLUMN " | 309 if (!db_->Execute( |
| 316 "expiration_time INTEGER")) { | 310 "ALTER TABLE origin_bound_certs ADD COLUMN " |
| 311 "expiration_time INTEGER")) { | |
| 317 LOG(WARNING) << "Unable to update server bound cert database to " | 312 LOG(WARNING) << "Unable to update server bound cert database to " |
| 318 << "version 4."; | 313 << "version 4."; |
| 319 return false; | 314 return false; |
| 320 } | 315 } |
| 321 } | 316 } |
| 322 | 317 |
| 323 if (!db_->Execute("ALTER TABLE origin_bound_certs ADD COLUMN " | 318 if (!db_->Execute( |
| 324 "creation_time INTEGER")) { | 319 "ALTER TABLE origin_bound_certs ADD COLUMN " |
| 320 "creation_time INTEGER")) { | |
| 325 LOG(WARNING) << "Unable to update server bound cert database to " | 321 LOG(WARNING) << "Unable to update server bound cert database to " |
| 326 << "version 4."; | 322 << "version 4."; |
| 327 return false; | 323 return false; |
| 328 } | 324 } |
| 329 | 325 |
| 330 sql::Statement smt(db_->GetUniqueStatement( | 326 sql::Statement statement( |
| 331 "SELECT origin, cert FROM origin_bound_certs")); | 327 db_->GetUniqueStatement("SELECT origin, cert FROM origin_bound_certs")); |
| 332 sql::Statement update_expires_smt(db_->GetUniqueStatement( | 328 sql::Statement update_expires_statement(db_->GetUniqueStatement( |
| 333 "UPDATE origin_bound_certs SET expiration_time = ? WHERE origin = ?")); | 329 "UPDATE origin_bound_certs SET expiration_time = ? WHERE origin = ?")); |
| 334 sql::Statement update_creation_smt(db_->GetUniqueStatement( | 330 sql::Statement update_creation_statement(db_->GetUniqueStatement( |
| 335 "UPDATE origin_bound_certs SET creation_time = ? WHERE origin = ?")); | 331 "UPDATE origin_bound_certs SET creation_time = ? WHERE origin = ?")); |
| 336 if (!smt.is_valid() || | 332 if (!statement.is_valid() || !update_expires_statement.is_valid() || |
| 337 !update_expires_smt.is_valid() || | 333 !update_creation_statement.is_valid()) { |
| 338 !update_creation_smt.is_valid()) { | |
| 339 LOG(WARNING) << "Unable to update server bound cert database to " | 334 LOG(WARNING) << "Unable to update server bound cert database to " |
| 340 << "version 4."; | 335 << "version 4."; |
| 341 return false; | 336 return false; |
| 342 } | 337 } |
| 343 | 338 |
| 344 while (smt.Step()) { | 339 while (statement.Step()) { |
| 345 std::string origin = smt.ColumnString(0); | 340 std::string origin = statement.ColumnString(0); |
| 346 std::string cert_from_db; | 341 std::string cert_from_db; |
| 347 smt.ColumnBlobAsString(1, &cert_from_db); | 342 statement.ColumnBlobAsString(1, &cert_from_db); |
| 348 // Parse the cert and extract the real value and then update the DB. | 343 // Parse the cert and extract the real value and then update the DB. |
| 349 scoped_refptr<net::X509Certificate> cert( | 344 scoped_refptr<X509Certificate> cert(X509Certificate::CreateFromBytes( |
| 350 net::X509Certificate::CreateFromBytes( | 345 cert_from_db.data(), static_cast<int>(cert_from_db.size()))); |
| 351 cert_from_db.data(), cert_from_db.size())); | |
| 352 if (cert.get()) { | 346 if (cert.get()) { |
| 353 if (cur_version == 2) { | 347 if (cur_version == 2) { |
| 354 update_expires_smt.Reset(true); | 348 update_expires_statement.Reset(true); |
| 355 update_expires_smt.BindInt64(0, | 349 update_expires_statement.BindInt64( |
| 356 cert->valid_expiry().ToInternalValue()); | 350 0, cert->valid_expiry().ToInternalValue()); |
| 357 update_expires_smt.BindString(1, origin); | 351 update_expires_statement.BindString(1, origin); |
| 358 if (!update_expires_smt.Run()) { | 352 if (!update_expires_statement.Run()) { |
| 359 LOG(WARNING) << "Unable to update server bound cert database to " | 353 LOG(WARNING) << "Unable to update server bound cert database to " |
| 360 << "version 4."; | 354 << "version 4."; |
| 361 return false; | 355 return false; |
| 362 } | 356 } |
| 363 } | 357 } |
| 364 | 358 |
| 365 update_creation_smt.Reset(true); | 359 update_creation_statement.Reset(true); |
| 366 update_creation_smt.BindInt64(0, cert->valid_start().ToInternalValue()); | 360 update_creation_statement.BindInt64( |
| 367 update_creation_smt.BindString(1, origin); | 361 0, cert->valid_start().ToInternalValue()); |
| 368 if (!update_creation_smt.Run()) { | 362 update_creation_statement.BindString(1, origin); |
| 363 if (!update_creation_statement.Run()) { | |
| 369 LOG(WARNING) << "Unable to update server bound cert database to " | 364 LOG(WARNING) << "Unable to update server bound cert database to " |
| 370 << "version 4."; | 365 << "version 4."; |
| 371 return false; | 366 return false; |
| 372 } | 367 } |
| 373 } else { | 368 } else { |
| 374 // If there's a cert we can't parse, just leave it. It'll get replaced | 369 // If there's a cert we can't parse, just leave it. It'll get replaced |
| 375 // with a new one if we ever try to use it. | 370 // with a new one if we ever try to use it. |
| 376 LOG(WARNING) << "Error parsing cert for database upgrade for origin " | 371 LOG(WARNING) << "Error parsing cert for database upgrade for origin " |
| 377 << smt.ColumnString(0); | 372 << statement.ColumnString(0); |
| 378 } | 373 } |
| 379 } | 374 } |
| 380 | 375 |
| 381 cur_version = 4; | 376 cur_version = 4; |
| 382 meta_table_.SetVersionNumber(cur_version); | 377 meta_table_.SetVersionNumber(cur_version); |
| 383 meta_table_.SetCompatibleVersionNumber( | 378 meta_table_.SetCompatibleVersionNumber( |
| 384 std::min(cur_version, kCompatibleVersionNumber)); | 379 std::min(cur_version, kCompatibleVersionNumber)); |
| 385 transaction.Commit(); | 380 transaction.Commit(); |
| 386 } | 381 } |
| 387 | 382 |
| 388 // Put future migration cases here. | 383 // Put future migration cases here. |
| 389 | 384 |
| 390 // When the version is too old, we just try to continue anyway, there should | 385 // When the version is too old, we just try to continue anyway, there should |
| 391 // not be a released product that makes a database too old for us to handle. | 386 // not be a released product that makes a database too old for us to handle. |
| 392 LOG_IF(WARNING, cur_version < kCurrentVersionNumber) << | 387 LOG_IF(WARNING, cur_version < kCurrentVersionNumber) |
| 393 "Server bound cert database version " << cur_version << | 388 << "Server bound cert database version " << cur_version |
| 394 " is too old to handle."; | 389 << " is too old to handle."; |
| 395 | 390 |
| 396 return true; | 391 return true; |
| 397 } | 392 } |
| 398 | 393 |
| 399 void SQLiteChannelIDStore::Backend::DatabaseErrorCallback( | 394 void SQLiteChannelIDStore::Backend::DatabaseErrorCallback( |
| 400 int error, | 395 int error, |
| 401 sql::Statement* stmt) { | 396 sql::Statement* stmt) { |
| 402 DCHECK(background_task_runner_->RunsTasksOnCurrentThread()); | 397 DCHECK(background_task_runner_->RunsTasksOnCurrentThread()); |
| 403 | 398 |
| 404 if (!sql::IsErrorCatastrophic(error)) | 399 if (!sql::IsErrorCatastrophic(error)) |
| (...skipping 20 matching lines...) Expand all Loading... | |
| 425 // This Backend will now be in-memory only. In a future run the database | 420 // This Backend will now be in-memory only. In a future run the database |
| 426 // will be recreated. Hopefully things go better then! | 421 // will be recreated. Hopefully things go better then! |
| 427 bool success = db_->RazeAndClose(); | 422 bool success = db_->RazeAndClose(); |
| 428 UMA_HISTOGRAM_BOOLEAN("DomainBoundCerts.KillDatabaseResult", success); | 423 UMA_HISTOGRAM_BOOLEAN("DomainBoundCerts.KillDatabaseResult", success); |
| 429 meta_table_.Reset(); | 424 meta_table_.Reset(); |
| 430 db_.reset(); | 425 db_.reset(); |
| 431 } | 426 } |
| 432 } | 427 } |
| 433 | 428 |
| 434 void SQLiteChannelIDStore::Backend::AddChannelID( | 429 void SQLiteChannelIDStore::Backend::AddChannelID( |
| 435 const net::DefaultChannelIDStore::ChannelID& channel_id) { | 430 const DefaultChannelIDStore::ChannelID& channel_id) { |
| 436 BatchOperation(PendingOperation::CHANNEL_ID_ADD, channel_id); | 431 BatchOperation(PendingOperation::CHANNEL_ID_ADD, channel_id); |
| 437 } | 432 } |
| 438 | 433 |
| 439 void SQLiteChannelIDStore::Backend::DeleteChannelID( | 434 void SQLiteChannelIDStore::Backend::DeleteChannelID( |
| 440 const net::DefaultChannelIDStore::ChannelID& channel_id) { | 435 const DefaultChannelIDStore::ChannelID& channel_id) { |
| 441 BatchOperation(PendingOperation::CHANNEL_ID_DELETE, channel_id); | 436 BatchOperation(PendingOperation::CHANNEL_ID_DELETE, channel_id); |
| 442 } | 437 } |
| 443 | 438 |
| 444 void SQLiteChannelIDStore::Backend::BatchOperation( | 439 void SQLiteChannelIDStore::Backend::BatchOperation( |
| 445 PendingOperation::OperationType op, | 440 PendingOperation::OperationType op, |
| 446 const net::DefaultChannelIDStore::ChannelID& channel_id) { | 441 const DefaultChannelIDStore::ChannelID& channel_id) { |
| 447 // Commit every 30 seconds. | 442 // Commit every 30 seconds. |
| 448 static const int kCommitIntervalMs = 30 * 1000; | 443 static const int kCommitIntervalMs = 30 * 1000; |
| 449 // Commit right away if we have more than 512 outstanding operations. | 444 // Commit right away if we have more than 512 outstanding operations. |
| 450 static const size_t kCommitAfterBatchSize = 512; | 445 static const size_t kCommitAfterBatchSize = 512; |
| 451 | 446 |
| 452 // We do a full copy of the cert here, and hopefully just here. | 447 // We do a full copy of the cert here, and hopefully just here. |
| 453 scoped_ptr<PendingOperation> po(new PendingOperation(op, channel_id)); | 448 scoped_ptr<PendingOperation> po(new PendingOperation(op, channel_id)); |
| 454 | 449 |
| 455 PendingOperationsList::size_type num_pending; | 450 PendingOperationsList::size_type num_pending; |
| 456 { | 451 { |
| (...skipping 22 matching lines...) Expand all Loading... | |
| 479 { | 474 { |
| 480 base::AutoLock locked(lock_); | 475 base::AutoLock locked(lock_); |
| 481 pending_.swap(ops); | 476 pending_.swap(ops); |
| 482 num_pending_ = 0; | 477 num_pending_ = 0; |
| 483 } | 478 } |
| 484 | 479 |
| 485 // Maybe an old timer fired or we are already Close()'ed. | 480 // Maybe an old timer fired or we are already Close()'ed. |
| 486 if (!db_.get() || ops.empty()) | 481 if (!db_.get() || ops.empty()) |
| 487 return; | 482 return; |
| 488 | 483 |
| 489 sql::Statement add_smt(db_->GetCachedStatement(SQL_FROM_HERE, | 484 sql::Statement add_statement(db_->GetCachedStatement( |
| 485 SQL_FROM_HERE, | |
| 490 "INSERT INTO origin_bound_certs (origin, private_key, cert, cert_type, " | 486 "INSERT INTO origin_bound_certs (origin, private_key, cert, cert_type, " |
| 491 "expiration_time, creation_time) VALUES (?,?,?,?,?,?)")); | 487 "expiration_time, creation_time) VALUES (?,?,?,?,?,?)")); |
| 492 if (!add_smt.is_valid()) | 488 if (!add_statement.is_valid()) |
| 493 return; | 489 return; |
| 494 | 490 |
| 495 sql::Statement del_smt(db_->GetCachedStatement(SQL_FROM_HERE, | 491 sql::Statement del_statement(db_->GetCachedStatement( |
| 496 "DELETE FROM origin_bound_certs WHERE origin=?")); | 492 SQL_FROM_HERE, "DELETE FROM origin_bound_certs WHERE origin=?")); |
| 497 if (!del_smt.is_valid()) | 493 if (!del_statement.is_valid()) |
| 498 return; | 494 return; |
| 499 | 495 |
| 500 sql::Transaction transaction(db_.get()); | 496 sql::Transaction transaction(db_.get()); |
| 501 if (!transaction.Begin()) | 497 if (!transaction.Begin()) |
| 502 return; | 498 return; |
| 503 | 499 |
| 504 for (PendingOperationsList::iterator it = ops.begin(); | 500 for (PendingOperationsList::iterator it = ops.begin(); it != ops.end(); |
| 505 it != ops.end(); ++it) { | 501 ++it) { |
| 506 // Free the certs as we commit them to the database. | 502 // Free the certs as we commit them to the database. |
| 507 scoped_ptr<PendingOperation> po(*it); | 503 scoped_ptr<PendingOperation> po(*it); |
| 508 switch (po->op()) { | 504 switch (po->op()) { |
| 509 case PendingOperation::CHANNEL_ID_ADD: { | 505 case PendingOperation::CHANNEL_ID_ADD: { |
| 510 channel_id_origins_.insert(po->channel_id().server_identifier()); | 506 channel_id_origins_.insert(po->channel_id().server_identifier()); |
| 511 add_smt.Reset(true); | 507 add_statement.Reset(true); |
| 512 add_smt.BindString(0, po->channel_id().server_identifier()); | 508 add_statement.BindString(0, po->channel_id().server_identifier()); |
| 513 const std::string& private_key = po->channel_id().private_key(); | 509 const std::string& private_key = po->channel_id().private_key(); |
| 514 add_smt.BindBlob(1, private_key.data(), private_key.size()); | 510 add_statement.BindBlob( |
| 511 1, private_key.data(), static_cast<int>(private_key.size())); | |
| 515 const std::string& cert = po->channel_id().cert(); | 512 const std::string& cert = po->channel_id().cert(); |
| 516 add_smt.BindBlob(2, cert.data(), cert.size()); | 513 add_statement.BindBlob(2, cert.data(), static_cast<int>(cert.size())); |
| 517 add_smt.BindInt(3, net::CLIENT_CERT_ECDSA_SIGN); | 514 add_statement.BindInt(3, CLIENT_CERT_ECDSA_SIGN); |
| 518 add_smt.BindInt64(4, | 515 add_statement.BindInt64( |
| 519 po->channel_id().expiration_time().ToInternalValue()); | 516 4, po->channel_id().expiration_time().ToInternalValue()); |
| 520 add_smt.BindInt64(5, | 517 add_statement.BindInt64( |
| 521 po->channel_id().creation_time().ToInternalValue()); | 518 5, po->channel_id().creation_time().ToInternalValue()); |
| 522 if (!add_smt.Run()) | 519 if (!add_statement.Run()) |
| 523 NOTREACHED() << "Could not add a server bound cert to the DB."; | 520 NOTREACHED() << "Could not add a server bound cert to the DB."; |
| 524 break; | 521 break; |
| 525 } | 522 } |
| 526 case PendingOperation::CHANNEL_ID_DELETE: | 523 case PendingOperation::CHANNEL_ID_DELETE: |
| 527 channel_id_origins_.erase(po->channel_id().server_identifier()); | 524 channel_id_origins_.erase(po->channel_id().server_identifier()); |
| 528 del_smt.Reset(true); | 525 del_statement.Reset(true); |
| 529 del_smt.BindString(0, po->channel_id().server_identifier()); | 526 del_statement.BindString(0, po->channel_id().server_identifier()); |
| 530 if (!del_smt.Run()) | 527 if (!del_statement.Run()) |
| 531 NOTREACHED() << "Could not delete a server bound cert from the DB."; | 528 NOTREACHED() << "Could not delete a server bound cert from the DB."; |
| 532 break; | 529 break; |
| 533 | 530 |
| 534 default: | 531 default: |
| 535 NOTREACHED(); | 532 NOTREACHED(); |
| 536 break; | 533 break; |
| 537 } | 534 } |
| 538 } | 535 } |
| 539 transaction.Commit(); | 536 transaction.Commit(); |
| 540 } | 537 } |
| 541 | 538 |
| 542 // Fire off a close message to the background thread. We could still have a | 539 // Fire off a close message to the background task runner. We could still have a |
| 543 // pending commit timer that will be holding a reference on us, but if/when | 540 // pending commit timer that will be holding a reference on us, but if/when |
| 544 // this fires we will already have been cleaned up and it will be ignored. | 541 // this fires we will already have been cleaned up and it will be ignored. |
| 545 void SQLiteChannelIDStore::Backend::Close() { | 542 void SQLiteChannelIDStore::Backend::Close() { |
| 546 // Must close the backend on the background thread. | 543 // Must close the backend on the background task runner. |
| 547 background_task_runner_->PostTask( | 544 background_task_runner_->PostTask( |
| 548 FROM_HERE, base::Bind(&Backend::InternalBackgroundClose, this)); | 545 FROM_HERE, base::Bind(&Backend::InternalBackgroundClose, this)); |
| 549 } | 546 } |
| 550 | 547 |
| 551 void SQLiteChannelIDStore::Backend::InternalBackgroundClose() { | 548 void SQLiteChannelIDStore::Backend::InternalBackgroundClose() { |
| 552 DCHECK(background_task_runner_->RunsTasksOnCurrentThread()); | 549 DCHECK(background_task_runner_->RunsTasksOnCurrentThread()); |
| 553 // Commit any pending operations | 550 // Commit any pending operations |
| 554 Commit(); | 551 Commit(); |
| 555 | 552 |
| 556 if (!force_keep_session_state_ && | |
| 557 special_storage_policy_.get() && | |
| 558 special_storage_policy_->HasSessionOnlyOrigins()) { | |
| 559 DeleteCertificatesOnShutdown(); | |
| 560 } | |
| 561 | |
| 562 db_.reset(); | 553 db_.reset(); |
| 563 } | 554 } |
| 564 | 555 |
| 565 void SQLiteChannelIDStore::Backend::DeleteCertificatesOnShutdown() { | |
| 566 DCHECK(background_task_runner_->RunsTasksOnCurrentThread()); | |
| 567 | |
| 568 if (!db_.get()) | |
| 569 return; | |
| 570 | |
| 571 if (channel_id_origins_.empty()) | |
| 572 return; | |
| 573 | |
| 574 if (!special_storage_policy_.get()) | |
| 575 return; | |
| 576 | |
| 577 sql::Statement del_smt(db_->GetCachedStatement( | |
| 578 SQL_FROM_HERE, "DELETE FROM origin_bound_certs WHERE origin=?")); | |
| 579 if (!del_smt.is_valid()) { | |
| 580 LOG(WARNING) << "Unable to delete certificates on shutdown."; | |
| 581 return; | |
| 582 } | |
| 583 | |
| 584 sql::Transaction transaction(db_.get()); | |
| 585 if (!transaction.Begin()) { | |
| 586 LOG(WARNING) << "Unable to delete certificates on shutdown."; | |
| 587 return; | |
| 588 } | |
| 589 | |
| 590 for (std::set<std::string>::iterator it = channel_id_origins_.begin(); | |
| 591 it != channel_id_origins_.end(); ++it) { | |
| 592 const GURL url(net::cookie_util::CookieOriginToURL(*it, true)); | |
| 593 if (!url.is_valid() || !special_storage_policy_->IsStorageSessionOnly(url)) | |
| 594 continue; | |
| 595 del_smt.Reset(true); | |
| 596 del_smt.BindString(0, *it); | |
| 597 if (!del_smt.Run()) | |
| 598 NOTREACHED() << "Could not delete a certificate from the DB."; | |
| 599 } | |
| 600 | |
| 601 if (!transaction.Commit()) | |
| 602 LOG(WARNING) << "Unable to delete certificates on shutdown."; | |
| 603 } | |
| 604 | |
| 605 void SQLiteChannelIDStore::Backend::SetForceKeepSessionState() { | 556 void SQLiteChannelIDStore::Backend::SetForceKeepSessionState() { |
| 606 base::AutoLock locked(lock_); | 557 base::AutoLock locked(lock_); |
| 607 force_keep_session_state_ = true; | 558 force_keep_session_state_ = true; |
| 608 } | 559 } |
| 609 | 560 |
| 610 SQLiteChannelIDStore::SQLiteChannelIDStore( | 561 SQLiteChannelIDStore::SQLiteChannelIDStore( |
| 611 const base::FilePath& path, | 562 const base::FilePath& path, |
| 612 const scoped_refptr<base::SequencedTaskRunner>& background_task_runner, | 563 const scoped_refptr<base::SequencedTaskRunner>& background_task_runner) |
| 613 quota::SpecialStoragePolicy* special_storage_policy) | 564 : backend_(new Backend(path, background_task_runner)) { |
| 614 : backend_(new Backend(path, | 565 } |
| 615 background_task_runner, | |
| 616 special_storage_policy)) {} | |
| 617 | 566 |
| 618 void SQLiteChannelIDStore::Load( | 567 void SQLiteChannelIDStore::Load(const LoadedCallback& loaded_callback) { |
| 619 const LoadedCallback& loaded_callback) { | |
| 620 backend_->Load(loaded_callback); | 568 backend_->Load(loaded_callback); |
| 621 } | 569 } |
| 622 | 570 |
| 623 void SQLiteChannelIDStore::AddChannelID( | 571 void SQLiteChannelIDStore::AddChannelID( |
| 624 const net::DefaultChannelIDStore::ChannelID& channel_id) { | 572 const DefaultChannelIDStore::ChannelID& channel_id) { |
| 625 backend_->AddChannelID(channel_id); | 573 backend_->AddChannelID(channel_id); |
| 626 } | 574 } |
| 627 | 575 |
| 628 void SQLiteChannelIDStore::DeleteChannelID( | 576 void SQLiteChannelIDStore::DeleteChannelID( |
| 629 const net::DefaultChannelIDStore::ChannelID& channel_id) { | 577 const DefaultChannelIDStore::ChannelID& channel_id) { |
| 630 backend_->DeleteChannelID(channel_id); | 578 backend_->DeleteChannelID(channel_id); |
| 631 } | 579 } |
| 632 | 580 |
| 633 void SQLiteChannelIDStore::SetForceKeepSessionState() { | 581 void SQLiteChannelIDStore::SetForceKeepSessionState() { |
| 634 backend_->SetForceKeepSessionState(); | 582 backend_->SetForceKeepSessionState(); |
| 635 } | 583 } |
| 636 | 584 |
| 637 SQLiteChannelIDStore::~SQLiteChannelIDStore() { | 585 SQLiteChannelIDStore::~SQLiteChannelIDStore() { |
| 638 backend_->Close(); | 586 backend_->Close(); |
| 639 // We release our reference to the Backend, though it will probably still have | 587 // We release our reference to the Backend, though it will probably still have |
| 640 // a reference if the background thread has not run Close() yet. | 588 // a reference if the background task runner has not run Close() yet. |
| 641 } | 589 } |
| 590 | |
| 591 } // namespace net | |
| OLD | NEW |
