Move sqlite_channel_id_store from chrome/browser/net to net/extras.

net/extras/sqlite/sqlite_channel_id_store.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "chrome/browser/net/sqlite_channel_id_store.h"
+#include "net/extras/sqlite/sqlite_channel_id_store.h"
 
 #include <list>
 #include <set>
+#include <string>
 
 #include "base/basictypes.h"
 #include "base/bind.h"
 #include "base/file_util.h"
 #include "base/files/file_path.h"
+#include "base/location.h"
 #include "base/logging.h"
 #include "base/memory/scoped_ptr.h"
+#include "base/memory/scoped_vector.h"
 #include "base/metrics/histogram.h"
+#include "base/sequenced_task_runner.h"
 #include "base/strings/string_util.h"
-#include "base/threading/thread.h"
-#include "base/threading/thread_restrictions.h"
 #include "net/cert/x509_certificate.h"
 #include "net/cookies/cookie_util.h"
 #include "net/ssl/ssl_client_cert_type.h"
 #include "sql/error_delegate_util.h"
 #include "sql/meta_table.h"
 #include "sql/statement.h"
 #include "sql/transaction.h"
-#include "third_party/sqlite/sqlite3.h"
 #include "url/gurl.h"
-#include "webkit/browser/quota/special_storage_policy.h"
+
+namespace {
+
+// Version number of the database.
+const int kCurrentVersionNumber = 4;
+const int kCompatibleVersionNumber = 1;
+
+// Initializes the certs table, returning true on success.
+bool InitTable(sql::Connection* db) {
+  // The table is named "origin_bound_certs" for backwards compatability before
+  // we renamed this class to SQLiteChannelIDStore.  Likewise, the primary
+  // key is "origin", but now can be other things like a plain domain.
+  if (!db->DoesTableExist("origin_bound_certs")) {
+    if (!db->Execute(
+            "CREATE TABLE origin_bound_certs ("
+            "origin TEXT NOT NULL UNIQUE PRIMARY KEY,"
+            "private_key BLOB NOT NULL,"
+            "cert BLOB NOT NULL,"
+            "cert_type INTEGER,"
+            "expiration_time INTEGER,"
+            "creation_time INTEGER)"))
+      return false;
+  }
+
+  return true;
+}
+
+}  // namespace
+
+namespace net {
 
 // This class is designed to be shared between any calling threads and the
 // background task runner. It batches operations and commits them on a timer.
 class SQLiteChannelIDStore::Backend
     : public base::RefCountedThreadSafe<SQLiteChannelIDStore::Backend> {
  public:
   Backend(
       const base::FilePath& path,
-      const scoped_refptr<base::SequencedTaskRunner>& background_task_runner,
-      quota::SpecialStoragePolicy* special_storage_policy)
+      const scoped_refptr<base::SequencedTaskRunner>& background_task_runner)
       : path_(path),
         num_pending_(0),
         force_keep_session_state_(false),
         background_task_runner_(background_task_runner),
-        special_storage_policy_(special_storage_policy),
         corruption_detected_(false) {}
 
   // Creates or loads the SQLite database.
   void Load(const LoadedCallback& loaded_callback);
 
   // Batch a channel ID addition.
-  void AddChannelID(
-      const net::DefaultChannelIDStore::ChannelID& channel_id);
+  void AddChannelID(const DefaultChannelIDStore::ChannelID& channel_id);
 
   // Batch a channel ID deletion.
-  void DeleteChannelID(
-      const net::DefaultChannelIDStore::ChannelID& channel_id);
+  void DeleteChannelID(const DefaultChannelIDStore::ChannelID& channel_id);
 
   // Commit any pending operations and close the database.  This must be called
   // before the object is destructed.
   void Close();
 
   void SetForceKeepSessionState();
 
  private:
-  void LoadOnDBThread(
-      ScopedVector<net::DefaultChannelIDStore::ChannelID>* channel_ids);
-
   friend class base::RefCountedThreadSafe<SQLiteChannelIDStore::Backend>;
 
   // You should call Close() before destructing this object.
   ~Backend() {
     DCHECK(!db_.get()) << "Close should have already been called.";
-    DCHECK(num_pending_ == 0 && pending_.empty());
+    DCHECK_EQ(0u, num_pending_);
+    DCHECK(pending_.empty());
   }
 
+  void LoadInBackground(
+      ScopedVector<DefaultChannelIDStore::ChannelID>* channel_ids);
+
   // Database upgrade statements.
   bool EnsureDatabaseVersion();
 
   class PendingOperation {
    public:
-    typedef enum {
-      CHANNEL_ID_ADD,
-      CHANNEL_ID_DELETE
-    } OperationType;
+    enum OperationType { CHANNEL_ID_ADD, CHANNEL_ID_DELETE };
 
-    PendingOperation(
-        OperationType op,
-        const net::DefaultChannelIDStore::ChannelID& channel_id)
+    PendingOperation(OperationType op,
+                     const DefaultChannelIDStore::ChannelID& channel_id)
         : op_(op), channel_id_(channel_id) {}
 
     OperationType op() const { return op_; }
-    const net::DefaultChannelIDStore::ChannelID& channel_id() const {
-        return channel_id_;
+    const DefaultChannelIDStore::ChannelID& channel_id() const {
+      return channel_id_;
     }
 
    private:
     OperationType op_;
-    net::DefaultChannelIDStore::ChannelID channel_id_;
+    DefaultChannelIDStore::ChannelID channel_id_;
   };
 
  private:
   // Batch a channel id operation (add or delete).
-  void BatchOperation(
-      PendingOperation::OperationType op,
-      const net::DefaultChannelIDStore::ChannelID& channel_id);
+  void BatchOperation(PendingOperation::OperationType op,
+                      const DefaultChannelIDStore::ChannelID& channel_id);
   // Commit our pending operations to the database.
   void Commit();
-  // Close() executed on the background thread.
+  // Close() executed on the background task runner.
   void InternalBackgroundClose();
 
   void DeleteCertificatesOnShutdown();
 
   void DatabaseErrorCallback(int error, sql::Statement* stmt);
   void KillDatabase();
 
-  base::FilePath path_;
+  const base::FilePath path_;
   scoped_ptr<sql::Connection> db_;
   sql::MetaTable meta_table_;
 
   typedef std::list<PendingOperation*> PendingOperationsList;
   PendingOperationsList pending_;
   PendingOperationsList::size_type num_pending_;
   // True if the persistent store should skip clear on exit rules.
   bool force_keep_session_state_;
   // Guard |pending_|, |num_pending_| and |force_keep_session_state_|.
   base::Lock lock_;
 
   // Cache of origins we have channel IDs stored for.
   std::set<std::string> channel_id_origins_;

[Ryan Sleevi, 2014/08/07 22:00:22]

With the backend deletion code removed, you ever actually use this anymore.

That is, it existed as a cache to prevent you from having to read in all the
channel IDs, but with the new code, you're calling Load(), and you always read
these in.

[mef, 2014/08/08 17:48:36]

Done.

 
   scoped_refptr<base::SequencedTaskRunner> background_task_runner_;
 
-  scoped_refptr<quota::SpecialStoragePolicy> special_storage_policy_;
-
   // Indicates if the kill-database callback has been scheduled.
   bool corruption_detected_;
 
   DISALLOW_COPY_AND_ASSIGN(Backend);
 };
 
-// Version number of the database.
-static const int kCurrentVersionNumber = 4;
-static const int kCompatibleVersionNumber = 1;
-
-namespace {
-
-// Initializes the certs table, returning true on success.
-bool InitTable(sql::Connection* db) {
-  // The table is named "origin_bound_certs" for backwards compatability before
-  // we renamed this class to SQLiteChannelIDStore.  Likewise, the primary
-  // key is "origin", but now can be other things like a plain domain.
-  if (!db->DoesTableExist("origin_bound_certs")) {
-    if (!db->Execute("CREATE TABLE origin_bound_certs ("
-                     "origin TEXT NOT NULL UNIQUE PRIMARY KEY,"
-                     "private_key BLOB NOT NULL,"
-                     "cert BLOB NOT NULL,"
-                     "cert_type INTEGER,"
-                     "expiration_time INTEGER,"
-                     "creation_time INTEGER)"))
-      return false;
-  }
-
-  return true;
-}
-
-}  // namespace
-
 void SQLiteChannelIDStore::Backend::Load(
     const LoadedCallback& loaded_callback) {
   // This function should be called only once per instance.
   DCHECK(!db_.get());
-  scoped_ptr<ScopedVector<net::DefaultChannelIDStore::ChannelID> >
-      channel_ids(new ScopedVector<net::DefaultChannelIDStore::ChannelID>());
-  ScopedVector<net::DefaultChannelIDStore::ChannelID>* channel_ids_ptr =
+  scoped_ptr<ScopedVector<DefaultChannelIDStore::ChannelID> > channel_ids(
+      new ScopedVector<DefaultChannelIDStore::ChannelID>());
+  ScopedVector<DefaultChannelIDStore::ChannelID>* channel_ids_ptr =
       channel_ids.get();
 
   background_task_runner_->PostTaskAndReply(
       FROM_HERE,
-      base::Bind(&Backend::LoadOnDBThread, this, channel_ids_ptr),
+      base::Bind(&Backend::LoadInBackground, this, channel_ids_ptr),
       base::Bind(loaded_callback, base::Passed(&channel_ids)));
 }
 
-void SQLiteChannelIDStore::Backend::LoadOnDBThread(
-    ScopedVector<net::DefaultChannelIDStore::ChannelID>* channel_ids) {
+void SQLiteChannelIDStore::Backend::LoadInBackground(
+    ScopedVector<DefaultChannelIDStore::ChannelID>* channel_ids) {
   DCHECK(background_task_runner_->RunsTasksOnCurrentThread());
 
   // This method should be called only once per instance.
   DCHECK(!db_.get());
 
   base::TimeTicks start = base::TimeTicks::Now();
 
   // Ensure the parent directory for storing certs is created before reading
   // from it.
   const base::FilePath dir = path_.DirName();
   if (!base::PathExists(dir) && !base::CreateDirectory(dir))
     return;
 
   int64 db_size = 0;
   if (base::GetFileSize(path_, &db_size))
-    UMA_HISTOGRAM_COUNTS("DomainBoundCerts.DBSizeInKB", db_size / 1024 );
+    UMA_HISTOGRAM_COUNTS("DomainBoundCerts.DBSizeInKB", db_size / 1024);
 
   db_.reset(new sql::Connection);
   db_->set_histogram_tag("DomainBoundCerts");
 
   // Unretained to avoid a ref loop with db_.
   db_->set_error_callback(
       base::Bind(&SQLiteChannelIDStore::Backend::DatabaseErrorCallback,
                  base::Unretained(this)));
 
   if (!db_->Open(path_)) {
@@ skipping 21 matching lines @@
       "creation_time FROM origin_bound_certs"));
   if (!smt.is_valid()) {
     if (corruption_detected_)
       KillDatabase();
     meta_table_.Reset();
     db_.reset();
     return;
   }
 
   while (smt.Step()) {
-    net::SSLClientCertType type =
-        static_cast<net::SSLClientCertType>(smt.ColumnInt(3));
-    if (type != net::CLIENT_CERT_ECDSA_SIGN)
+    SSLClientCertType type = static_cast<SSLClientCertType>(smt.ColumnInt(3));
+    if (type != CLIENT_CERT_ECDSA_SIGN)
       continue;
     std::string private_key_from_db, cert_from_db;
     smt.ColumnBlobAsString(1, &private_key_from_db);
     smt.ColumnBlobAsString(2, &cert_from_db);
-    scoped_ptr<net::DefaultChannelIDStore::ChannelID> channel_id(
-        new net::DefaultChannelIDStore::ChannelID(
+    scoped_ptr<DefaultChannelIDStore::ChannelID> channel_id(
+        new DefaultChannelIDStore::ChannelID(
             smt.ColumnString(0),  // origin
             base::Time::FromInternalValue(smt.ColumnInt64(5)),
             base::Time::FromInternalValue(smt.ColumnInt64(4)),
             private_key_from_db,
             cert_from_db));
     channel_id_origins_.insert(channel_id->server_identifier());
     channel_ids->push_back(channel_id.release());
   }
 
-  UMA_HISTOGRAM_COUNTS_10000("DomainBoundCerts.DBLoadedCount",
-                             channel_ids->size());
+  UMA_HISTOGRAM_COUNTS_10000(
+      "DomainBoundCerts.DBLoadedCount",
+      static_cast<base::HistogramBase::Sample>(channel_ids->size()));
   base::TimeDelta load_time = base::TimeTicks::Now() - start;
   UMA_HISTOGRAM_CUSTOM_TIMES("DomainBoundCerts.DBLoadTime",
                              load_time,
                              base::TimeDelta::FromMilliseconds(1),
                              base::TimeDelta::FromMinutes(1),
                              50);
   DVLOG(1) << "loaded " << channel_ids->size() << " in "
            << load_time.InMilliseconds() << " ms";
 }
 
 bool SQLiteChannelIDStore::Backend::EnsureDatabaseVersion() {
   // Version check.
   if (!meta_table_.Init(
-      db_.get(), kCurrentVersionNumber, kCompatibleVersionNumber)) {
+          db_.get(), kCurrentVersionNumber, kCompatibleVersionNumber)) {
     return false;
   }
 
   if (meta_table_.GetCompatibleVersionNumber() > kCurrentVersionNumber) {
     LOG(WARNING) << "Server bound cert database is too new.";
     return false;
   }
 
   int cur_version = meta_table_.GetVersionNumber();
   if (cur_version == 1) {
     sql::Transaction transaction(db_.get());
     if (!transaction.Begin())
       return false;
-    if (!db_->Execute("ALTER TABLE origin_bound_certs ADD COLUMN cert_type "
-                      "INTEGER")) {
+    if (!db_->Execute(
+            "ALTER TABLE origin_bound_certs ADD COLUMN cert_type "
+            "INTEGER")) {
       LOG(WARNING) << "Unable to update server bound cert database to "
                    << "version 2.";
       return false;
     }
     // All certs in version 1 database are rsa_sign, which are unsupported.
     // Just discard them all.
     if (!db_->Execute("DELETE from origin_bound_certs")) {
       LOG(WARNING) << "Unable to update server bound cert database to "
                    << "version 2.";
       return false;
     }
     ++cur_version;
     meta_table_.SetVersionNumber(cur_version);
     meta_table_.SetCompatibleVersionNumber(
         std::min(cur_version, kCompatibleVersionNumber));
     transaction.Commit();
   }
 
   if (cur_version <= 3) {
     sql::Transaction transaction(db_.get());
     if (!transaction.Begin())
       return false;
 
     if (cur_version == 2) {
-      if (!db_->Execute("ALTER TABLE origin_bound_certs ADD COLUMN "
-                        "expiration_time INTEGER")) {
+      if (!db_->Execute(
+              "ALTER TABLE origin_bound_certs ADD COLUMN "
+              "expiration_time INTEGER")) {
         LOG(WARNING) << "Unable to update server bound cert database to "
                      << "version 4.";
         return false;
       }
     }
 
-    if (!db_->Execute("ALTER TABLE origin_bound_certs ADD COLUMN "
-                      "creation_time INTEGER")) {
+    if (!db_->Execute(
+            "ALTER TABLE origin_bound_certs ADD COLUMN "
+            "creation_time INTEGER")) {
       LOG(WARNING) << "Unable to update server bound cert database to "
                    << "version 4.";
       return false;
     }
 
-    sql::Statement smt(db_->GetUniqueStatement(
-        "SELECT origin, cert FROM origin_bound_certs"));
-    sql::Statement update_expires_smt(db_->GetUniqueStatement(
+    sql::Statement statement(
+        db_->GetUniqueStatement("SELECT origin, cert FROM origin_bound_certs"));
+    sql::Statement update_expires_statement(db_->GetUniqueStatement(
         "UPDATE origin_bound_certs SET expiration_time = ? WHERE origin = ?"));
-    sql::Statement update_creation_smt(db_->GetUniqueStatement(
+    sql::Statement update_creation_statement(db_->GetUniqueStatement(
         "UPDATE origin_bound_certs SET creation_time = ? WHERE origin = ?"));
-    if (!smt.is_valid() ||
-        !update_expires_smt.is_valid() ||
-        !update_creation_smt.is_valid()) {
+    if (!statement.is_valid() || !update_expires_statement.is_valid() ||
+        !update_creation_statement.is_valid()) {
       LOG(WARNING) << "Unable to update server bound cert database to "
                    << "version 4.";
       return false;
     }
 
-    while (smt.Step()) {
-      std::string origin = smt.ColumnString(0);
+    while (statement.Step()) {
+      std::string origin = statement.ColumnString(0);
       std::string cert_from_db;
-      smt.ColumnBlobAsString(1, &cert_from_db);
+      statement.ColumnBlobAsString(1, &cert_from_db);
       // Parse the cert and extract the real value and then update the DB.
-      scoped_refptr<net::X509Certificate> cert(
-          net::X509Certificate::CreateFromBytes(
-              cert_from_db.data(), cert_from_db.size()));
+      scoped_refptr<X509Certificate> cert(X509Certificate::CreateFromBytes(
+          cert_from_db.data(), static_cast<int>(cert_from_db.size())));
       if (cert.get()) {
         if (cur_version == 2) {
-          update_expires_smt.Reset(true);
-          update_expires_smt.BindInt64(0,
-                                       cert->valid_expiry().ToInternalValue());
-          update_expires_smt.BindString(1, origin);
-          if (!update_expires_smt.Run()) {
+          update_expires_statement.Reset(true);
+          update_expires_statement.BindInt64(
+              0, cert->valid_expiry().ToInternalValue());
+          update_expires_statement.BindString(1, origin);
+          if (!update_expires_statement.Run()) {
             LOG(WARNING) << "Unable to update server bound cert database to "
                          << "version 4.";
             return false;
           }
         }
 
-        update_creation_smt.Reset(true);
-        update_creation_smt.BindInt64(0, cert->valid_start().ToInternalValue());
-        update_creation_smt.BindString(1, origin);
-        if (!update_creation_smt.Run()) {
+        update_creation_statement.Reset(true);
+        update_creation_statement.BindInt64(
+            0, cert->valid_start().ToInternalValue());
+        update_creation_statement.BindString(1, origin);
+        if (!update_creation_statement.Run()) {
           LOG(WARNING) << "Unable to update server bound cert database to "
                        << "version 4.";
           return false;
         }
       } else {
         // If there's a cert we can't parse, just leave it.  It'll get replaced
         // with a new one if we ever try to use it.
         LOG(WARNING) << "Error parsing cert for database upgrade for origin "
-                     << smt.ColumnString(0);
+                     << statement.ColumnString(0);
       }
     }
 
     cur_version = 4;
     meta_table_.SetVersionNumber(cur_version);
     meta_table_.SetCompatibleVersionNumber(
         std::min(cur_version, kCompatibleVersionNumber));
     transaction.Commit();
   }
 
   // Put future migration cases here.
 
   // When the version is too old, we just try to continue anyway, there should
   // not be a released product that makes a database too old for us to handle.
-  LOG_IF(WARNING, cur_version < kCurrentVersionNumber) <<
-      "Server bound cert database version " << cur_version <<
-      " is too old to handle.";
+  LOG_IF(WARNING, cur_version < kCurrentVersionNumber)
+      << "Server bound cert database version " << cur_version
+      << " is too old to handle.";
 
   return true;
 }
 
 void SQLiteChannelIDStore::Backend::DatabaseErrorCallback(
     int error,
     sql::Statement* stmt) {
   DCHECK(background_task_runner_->RunsTasksOnCurrentThread());
 
   if (!sql::IsErrorCatastrophic(error))
@@ skipping 20 matching lines @@
     // This Backend will now be in-memory only. In a future run the database
     // will be recreated. Hopefully things go better then!
     bool success = db_->RazeAndClose();
     UMA_HISTOGRAM_BOOLEAN("DomainBoundCerts.KillDatabaseResult", success);
     meta_table_.Reset();
     db_.reset();
   }
 }
 
 void SQLiteChannelIDStore::Backend::AddChannelID(
-    const net::DefaultChannelIDStore::ChannelID& channel_id) {
+    const DefaultChannelIDStore::ChannelID& channel_id) {
   BatchOperation(PendingOperation::CHANNEL_ID_ADD, channel_id);
 }
 
 void SQLiteChannelIDStore::Backend::DeleteChannelID(
-    const net::DefaultChannelIDStore::ChannelID& channel_id) {
+    const DefaultChannelIDStore::ChannelID& channel_id) {
   BatchOperation(PendingOperation::CHANNEL_ID_DELETE, channel_id);
 }
 
 void SQLiteChannelIDStore::Backend::BatchOperation(
     PendingOperation::OperationType op,
-    const net::DefaultChannelIDStore::ChannelID& channel_id) {
+    const DefaultChannelIDStore::ChannelID& channel_id) {
   // Commit every 30 seconds.
   static const int kCommitIntervalMs = 30 * 1000;
   // Commit right away if we have more than 512 outstanding operations.
   static const size_t kCommitAfterBatchSize = 512;
 
   // We do a full copy of the cert here, and hopefully just here.
   scoped_ptr<PendingOperation> po(new PendingOperation(op, channel_id));
 
   PendingOperationsList::size_type num_pending;
   {
@@ skipping 22 matching lines @@
   {
     base::AutoLock locked(lock_);
     pending_.swap(ops);
     num_pending_ = 0;
   }
 
   // Maybe an old timer fired or we are already Close()'ed.
   if (!db_.get() || ops.empty())
     return;
 
-  sql::Statement add_smt(db_->GetCachedStatement(SQL_FROM_HERE,
+  sql::Statement add_statement(db_->GetCachedStatement(
+      SQL_FROM_HERE,
       "INSERT INTO origin_bound_certs (origin, private_key, cert, cert_type, "
       "expiration_time, creation_time) VALUES (?,?,?,?,?,?)"));
-  if (!add_smt.is_valid())
+  if (!add_statement.is_valid())
     return;
 
-  sql::Statement del_smt(db_->GetCachedStatement(SQL_FROM_HERE,
-                             "DELETE FROM origin_bound_certs WHERE origin=?"));
-  if (!del_smt.is_valid())
+  sql::Statement del_statement(db_->GetCachedStatement(
+      SQL_FROM_HERE, "DELETE FROM origin_bound_certs WHERE origin=?"));
+  if (!del_statement.is_valid())
     return;
 
   sql::Transaction transaction(db_.get());
   if (!transaction.Begin())
     return;
 
-  for (PendingOperationsList::iterator it = ops.begin();
-       it != ops.end(); ++it) {
+  for (PendingOperationsList::iterator it = ops.begin(); it != ops.end();
+       ++it) {
     // Free the certs as we commit them to the database.
     scoped_ptr<PendingOperation> po(*it);
     switch (po->op()) {
       case PendingOperation::CHANNEL_ID_ADD: {
         channel_id_origins_.insert(po->channel_id().server_identifier());
-        add_smt.Reset(true);
-        add_smt.BindString(0, po->channel_id().server_identifier());
+        add_statement.Reset(true);
+        add_statement.BindString(0, po->channel_id().server_identifier());
         const std::string& private_key = po->channel_id().private_key();
-        add_smt.BindBlob(1, private_key.data(), private_key.size());
+        add_statement.BindBlob(
+            1, private_key.data(), static_cast<int>(private_key.size()));
         const std::string& cert = po->channel_id().cert();
-        add_smt.BindBlob(2, cert.data(), cert.size());
-        add_smt.BindInt(3, net::CLIENT_CERT_ECDSA_SIGN);
-        add_smt.BindInt64(4,
-                          po->channel_id().expiration_time().ToInternalValue());
-        add_smt.BindInt64(5,
-                          po->channel_id().creation_time().ToInternalValue());
-        if (!add_smt.Run())
+        add_statement.BindBlob(2, cert.data(), static_cast<int>(cert.size()));
+        add_statement.BindInt(3, CLIENT_CERT_ECDSA_SIGN);
+        add_statement.BindInt64(
+            4, po->channel_id().expiration_time().ToInternalValue());
+        add_statement.BindInt64(
+            5, po->channel_id().creation_time().ToInternalValue());
+        if (!add_statement.Run())
           NOTREACHED() << "Could not add a server bound cert to the DB.";
         break;
       }
       case PendingOperation::CHANNEL_ID_DELETE:
         channel_id_origins_.erase(po->channel_id().server_identifier());
-        del_smt.Reset(true);
-        del_smt.BindString(0, po->channel_id().server_identifier());
-        if (!del_smt.Run())
+        del_statement.Reset(true);
+        del_statement.BindString(0, po->channel_id().server_identifier());
+        if (!del_statement.Run())
           NOTREACHED() << "Could not delete a server bound cert from the DB.";
         break;
 
       default:
         NOTREACHED();
         break;
     }
   }
   transaction.Commit();
 }
 
-// Fire off a close message to the background thread. We could still have a
+// Fire off a close message to the background task runner. We could still have a
 // pending commit timer that will be holding a reference on us, but if/when
 // this fires we will already have been cleaned up and it will be ignored.
 void SQLiteChannelIDStore::Backend::Close() {
-  // Must close the backend on the background thread.
+  // Must close the backend on the background task runner.
   background_task_runner_->PostTask(
       FROM_HERE, base::Bind(&Backend::InternalBackgroundClose, this));
 }
 
 void SQLiteChannelIDStore::Backend::InternalBackgroundClose() {
   DCHECK(background_task_runner_->RunsTasksOnCurrentThread());
   // Commit any pending operations
   Commit();
 
-  if (!force_keep_session_state_ &&
-      special_storage_policy_.get() &&
-      special_storage_policy_->HasSessionOnlyOrigins()) {
-    DeleteCertificatesOnShutdown();
-  }
-
   db_.reset();
 }
 
-void SQLiteChannelIDStore::Backend::DeleteCertificatesOnShutdown() {
-  DCHECK(background_task_runner_->RunsTasksOnCurrentThread());
-
-  if (!db_.get())
-    return;
-
-  if (channel_id_origins_.empty())
-    return;
-
-  if (!special_storage_policy_.get())
-    return;
-
-  sql::Statement del_smt(db_->GetCachedStatement(
-      SQL_FROM_HERE, "DELETE FROM origin_bound_certs WHERE origin=?"));
-  if (!del_smt.is_valid()) {
-    LOG(WARNING) << "Unable to delete certificates on shutdown.";
-    return;
-  }
-
-  sql::Transaction transaction(db_.get());
-  if (!transaction.Begin()) {
-    LOG(WARNING) << "Unable to delete certificates on shutdown.";
-    return;
-  }
-
-  for (std::set<std::string>::iterator it = channel_id_origins_.begin();
-       it != channel_id_origins_.end(); ++it) {
-    const GURL url(net::cookie_util::CookieOriginToURL(*it, true));
-    if (!url.is_valid() || !special_storage_policy_->IsStorageSessionOnly(url))
-      continue;
-    del_smt.Reset(true);
-    del_smt.BindString(0, *it);
-    if (!del_smt.Run())
-      NOTREACHED() << "Could not delete a certificate from the DB.";
-  }
-
-  if (!transaction.Commit())
-    LOG(WARNING) << "Unable to delete certificates on shutdown.";
-}
-
 void SQLiteChannelIDStore::Backend::SetForceKeepSessionState() {
   base::AutoLock locked(lock_);
   force_keep_session_state_ = true;
 }
 
 SQLiteChannelIDStore::SQLiteChannelIDStore(
     const base::FilePath& path,
-    const scoped_refptr<base::SequencedTaskRunner>& background_task_runner,
-    quota::SpecialStoragePolicy* special_storage_policy)
-    : backend_(new Backend(path,
-                           background_task_runner,
-                           special_storage_policy)) {}
+    const scoped_refptr<base::SequencedTaskRunner>& background_task_runner)
+    : backend_(new Backend(path, background_task_runner)) {
+}
 
-void SQLiteChannelIDStore::Load(
-    const LoadedCallback& loaded_callback) {
+void SQLiteChannelIDStore::Load(const LoadedCallback& loaded_callback) {
   backend_->Load(loaded_callback);
 }
 
 void SQLiteChannelIDStore::AddChannelID(
-    const net::DefaultChannelIDStore::ChannelID& channel_id) {
+    const DefaultChannelIDStore::ChannelID& channel_id) {
   backend_->AddChannelID(channel_id);
 }
 
 void SQLiteChannelIDStore::DeleteChannelID(
-    const net::DefaultChannelIDStore::ChannelID& channel_id) {
+    const DefaultChannelIDStore::ChannelID& channel_id) {
   backend_->DeleteChannelID(channel_id);
 }
 
 void SQLiteChannelIDStore::SetForceKeepSessionState() {
   backend_->SetForceKeepSessionState();
 }
 
 SQLiteChannelIDStore::~SQLiteChannelIDStore() {
   backend_->Close();
   // We release our reference to the Backend, though it will probably still have
-  // a reference if the background thread has not run Close() yet.
+  // a reference if the background task runner has not run Close() yet.
 }
+
+}  // namespace net