| Index: net/extras/sqlite/sqlite_channel_id_store.cc
|
| diff --git a/chrome/browser/net/sqlite_channel_id_store.cc b/net/extras/sqlite/sqlite_channel_id_store.cc
|
| similarity index 66%
|
| rename from chrome/browser/net/sqlite_channel_id_store.cc
|
| rename to net/extras/sqlite/sqlite_channel_id_store.cc
|
| index 066316780aa5a09236f9b2f4a709e4b43dc201cd..d7edf9c170dd39710a5a46f45e71b2c6cd6e8fd3 100644
|
| --- a/chrome/browser/net/sqlite_channel_id_store.cc
|
| +++ b/net/extras/sqlite/sqlite_channel_id_store.cc
|
| @@ -2,21 +2,21 @@
|
| // Use of this source code is governed by a BSD-style license that can be
|
| // found in the LICENSE file.
|
|
|
| -#include "chrome/browser/net/sqlite_channel_id_store.h"
|
| +#include "net/extras/sqlite/sqlite_channel_id_store.h"
|
|
|
| -#include <list>
|
| #include <set>
|
|
|
| #include "base/basictypes.h"
|
| #include "base/bind.h"
|
| #include "base/files/file_path.h"
|
| #include "base/files/file_util.h"
|
| +#include "base/location.h"
|
| #include "base/logging.h"
|
| #include "base/memory/scoped_ptr.h"
|
| +#include "base/memory/scoped_vector.h"
|
| #include "base/metrics/histogram.h"
|
| +#include "base/sequenced_task_runner.h"
|
| #include "base/strings/string_util.h"
|
| -#include "base/threading/thread.h"
|
| -#include "base/threading/thread_restrictions.h"
|
| #include "net/cert/x509_certificate.h"
|
| #include "net/cookies/cookie_util.h"
|
| #include "net/ssl/ssl_client_cert_type.h"
|
| @@ -24,9 +24,38 @@
|
| #include "sql/meta_table.h"
|
| #include "sql/statement.h"
|
| #include "sql/transaction.h"
|
| -#include "third_party/sqlite/sqlite3.h"
|
| #include "url/gurl.h"
|
| -#include "webkit/browser/quota/special_storage_policy.h"
|
| +
|
| +namespace {
|
| +
|
| +// Version number of the database.
|
| +const int kCurrentVersionNumber = 4;
|
| +const int kCompatibleVersionNumber = 1;
|
| +
|
| +// Initializes the certs table, returning true on success.
|
| +bool InitTable(sql::Connection* db) {
|
| + // The table is named "origin_bound_certs" for backwards compatability before
|
| + // we renamed this class to SQLiteChannelIDStore. Likewise, the primary
|
| + // key is "origin", but now can be other things like a plain domain.
|
| + if (!db->DoesTableExist("origin_bound_certs")) {
|
| + if (!db->Execute(
|
| + "CREATE TABLE origin_bound_certs ("
|
| + "origin TEXT NOT NULL UNIQUE PRIMARY KEY,"
|
| + "private_key BLOB NOT NULL,"
|
| + "cert BLOB NOT NULL,"
|
| + "cert_type INTEGER,"
|
| + "expiration_time INTEGER,"
|
| + "creation_time INTEGER)")) {
|
| + return false;
|
| + }
|
| + }
|
| +
|
| + return true;
|
| +}
|
| +
|
| +} // namespace
|
| +
|
| +namespace net {
|
|
|
| // This class is designed to be shared between any calling threads and the
|
| // background task runner. It batches operations and commits them on a timer.
|
| @@ -35,25 +64,24 @@ class SQLiteChannelIDStore::Backend
|
| public:
|
| Backend(
|
| const base::FilePath& path,
|
| - const scoped_refptr<base::SequencedTaskRunner>& background_task_runner,
|
| - storage::SpecialStoragePolicy* special_storage_policy)
|
| + const scoped_refptr<base::SequencedTaskRunner>& background_task_runner)
|
| : path_(path),
|
| num_pending_(0),
|
| force_keep_session_state_(false),
|
| background_task_runner_(background_task_runner),
|
| - special_storage_policy_(special_storage_policy),
|
| corruption_detected_(false) {}
|
|
|
| // Creates or loads the SQLite database.
|
| void Load(const LoadedCallback& loaded_callback);
|
|
|
| // Batch a channel ID addition.
|
| - void AddChannelID(
|
| - const net::DefaultChannelIDStore::ChannelID& channel_id);
|
| + void AddChannelID(const DefaultChannelIDStore::ChannelID& channel_id);
|
|
|
| // Batch a channel ID deletion.
|
| - void DeleteChannelID(
|
| - const net::DefaultChannelIDStore::ChannelID& channel_id);
|
| + void DeleteChannelID(const DefaultChannelIDStore::ChannelID& channel_id);
|
| +
|
| + // Post background delete of all channel ids for |server_identifiers|.
|
| + void DeleteAllInList(const std::list<std::string>& server_identifiers);
|
|
|
| // Commit any pending operations and close the database. This must be called
|
| // before the object is destructed.
|
| @@ -62,58 +90,55 @@ class SQLiteChannelIDStore::Backend
|
| void SetForceKeepSessionState();
|
|
|
| private:
|
| - void LoadOnDBThread(
|
| - ScopedVector<net::DefaultChannelIDStore::ChannelID>* channel_ids);
|
| -
|
| friend class base::RefCountedThreadSafe<SQLiteChannelIDStore::Backend>;
|
|
|
| // You should call Close() before destructing this object.
|
| - ~Backend() {
|
| + virtual ~Backend() {
|
| DCHECK(!db_.get()) << "Close should have already been called.";
|
| - DCHECK(num_pending_ == 0 && pending_.empty());
|
| + DCHECK_EQ(0u, num_pending_);
|
| + DCHECK(pending_.empty());
|
| }
|
|
|
| + void LoadInBackground(
|
| + ScopedVector<DefaultChannelIDStore::ChannelID>* channel_ids);
|
| +
|
| // Database upgrade statements.
|
| bool EnsureDatabaseVersion();
|
|
|
| class PendingOperation {
|
| public:
|
| - typedef enum {
|
| - CHANNEL_ID_ADD,
|
| - CHANNEL_ID_DELETE
|
| - } OperationType;
|
| -
|
| - PendingOperation(
|
| - OperationType op,
|
| - const net::DefaultChannelIDStore::ChannelID& channel_id)
|
| + enum OperationType { CHANNEL_ID_ADD, CHANNEL_ID_DELETE };
|
| +
|
| + PendingOperation(OperationType op,
|
| + const DefaultChannelIDStore::ChannelID& channel_id)
|
| : op_(op), channel_id_(channel_id) {}
|
|
|
| OperationType op() const { return op_; }
|
| - const net::DefaultChannelIDStore::ChannelID& channel_id() const {
|
| - return channel_id_;
|
| + const DefaultChannelIDStore::ChannelID& channel_id() const {
|
| + return channel_id_;
|
| }
|
|
|
| private:
|
| OperationType op_;
|
| - net::DefaultChannelIDStore::ChannelID channel_id_;
|
| + DefaultChannelIDStore::ChannelID channel_id_;
|
| };
|
|
|
| private:
|
| // Batch a channel id operation (add or delete).
|
| - void BatchOperation(
|
| - PendingOperation::OperationType op,
|
| - const net::DefaultChannelIDStore::ChannelID& channel_id);
|
| + void BatchOperation(PendingOperation::OperationType op,
|
| + const DefaultChannelIDStore::ChannelID& channel_id);
|
| // Commit our pending operations to the database.
|
| void Commit();
|
| - // Close() executed on the background thread.
|
| + // Close() executed on the background task runner.
|
| void InternalBackgroundClose();
|
|
|
| - void DeleteCertificatesOnShutdown();
|
| + void BackgroundDeleteAllInList(
|
| + const std::list<std::string>& server_identifiers);
|
|
|
| void DatabaseErrorCallback(int error, sql::Statement* stmt);
|
| void KillDatabase();
|
|
|
| - base::FilePath path_;
|
| + const base::FilePath path_;
|
| scoped_ptr<sql::Connection> db_;
|
| sql::MetaTable meta_table_;
|
|
|
| @@ -125,63 +150,31 @@ class SQLiteChannelIDStore::Backend
|
| // Guard |pending_|, |num_pending_| and |force_keep_session_state_|.
|
| base::Lock lock_;
|
|
|
| - // Cache of origins we have channel IDs stored for.
|
| - std::set<std::string> channel_id_origins_;
|
| -
|
| scoped_refptr<base::SequencedTaskRunner> background_task_runner_;
|
|
|
| - scoped_refptr<storage::SpecialStoragePolicy> special_storage_policy_;
|
| -
|
| // Indicates if the kill-database callback has been scheduled.
|
| bool corruption_detected_;
|
|
|
| DISALLOW_COPY_AND_ASSIGN(Backend);
|
| };
|
|
|
| -// Version number of the database.
|
| -static const int kCurrentVersionNumber = 4;
|
| -static const int kCompatibleVersionNumber = 1;
|
| -
|
| -namespace {
|
| -
|
| -// Initializes the certs table, returning true on success.
|
| -bool InitTable(sql::Connection* db) {
|
| - // The table is named "origin_bound_certs" for backwards compatability before
|
| - // we renamed this class to SQLiteChannelIDStore. Likewise, the primary
|
| - // key is "origin", but now can be other things like a plain domain.
|
| - if (!db->DoesTableExist("origin_bound_certs")) {
|
| - if (!db->Execute("CREATE TABLE origin_bound_certs ("
|
| - "origin TEXT NOT NULL UNIQUE PRIMARY KEY,"
|
| - "private_key BLOB NOT NULL,"
|
| - "cert BLOB NOT NULL,"
|
| - "cert_type INTEGER,"
|
| - "expiration_time INTEGER,"
|
| - "creation_time INTEGER)"))
|
| - return false;
|
| - }
|
| -
|
| - return true;
|
| -}
|
| -
|
| -} // namespace
|
| -
|
| void SQLiteChannelIDStore::Backend::Load(
|
| const LoadedCallback& loaded_callback) {
|
| // This function should be called only once per instance.
|
| DCHECK(!db_.get());
|
| - scoped_ptr<ScopedVector<net::DefaultChannelIDStore::ChannelID> >
|
| - channel_ids(new ScopedVector<net::DefaultChannelIDStore::ChannelID>());
|
| - ScopedVector<net::DefaultChannelIDStore::ChannelID>* channel_ids_ptr =
|
| + scoped_ptr<ScopedVector<DefaultChannelIDStore::ChannelID> > channel_ids(
|
| + new ScopedVector<DefaultChannelIDStore::ChannelID>());
|
| + ScopedVector<DefaultChannelIDStore::ChannelID>* channel_ids_ptr =
|
| channel_ids.get();
|
|
|
| background_task_runner_->PostTaskAndReply(
|
| FROM_HERE,
|
| - base::Bind(&Backend::LoadOnDBThread, this, channel_ids_ptr),
|
| + base::Bind(&Backend::LoadInBackground, this, channel_ids_ptr),
|
| base::Bind(loaded_callback, base::Passed(&channel_ids)));
|
| }
|
|
|
| -void SQLiteChannelIDStore::Backend::LoadOnDBThread(
|
| - ScopedVector<net::DefaultChannelIDStore::ChannelID>* channel_ids) {
|
| +void SQLiteChannelIDStore::Backend::LoadInBackground(
|
| + ScopedVector<DefaultChannelIDStore::ChannelID>* channel_ids) {
|
| DCHECK(background_task_runner_->RunsTasksOnCurrentThread());
|
|
|
| // This method should be called only once per instance.
|
| @@ -197,7 +190,7 @@ void SQLiteChannelIDStore::Backend::LoadOnDBThread(
|
|
|
| int64 db_size = 0;
|
| if (base::GetFileSize(path_, &db_size))
|
| - UMA_HISTOGRAM_COUNTS("DomainBoundCerts.DBSizeInKB", db_size / 1024 );
|
| + UMA_HISTOGRAM_COUNTS("DomainBoundCerts.DBSizeInKB", db_size / 1024);
|
|
|
| db_.reset(new sql::Connection);
|
| db_->set_histogram_tag("DomainBoundCerts");
|
| @@ -239,26 +232,25 @@ void SQLiteChannelIDStore::Backend::LoadOnDBThread(
|
| }
|
|
|
| while (smt.Step()) {
|
| - net::SSLClientCertType type =
|
| - static_cast<net::SSLClientCertType>(smt.ColumnInt(3));
|
| - if (type != net::CLIENT_CERT_ECDSA_SIGN)
|
| + SSLClientCertType type = static_cast<SSLClientCertType>(smt.ColumnInt(3));
|
| + if (type != CLIENT_CERT_ECDSA_SIGN)
|
| continue;
|
| std::string private_key_from_db, cert_from_db;
|
| smt.ColumnBlobAsString(1, &private_key_from_db);
|
| smt.ColumnBlobAsString(2, &cert_from_db);
|
| - scoped_ptr<net::DefaultChannelIDStore::ChannelID> channel_id(
|
| - new net::DefaultChannelIDStore::ChannelID(
|
| + scoped_ptr<DefaultChannelIDStore::ChannelID> channel_id(
|
| + new DefaultChannelIDStore::ChannelID(
|
| smt.ColumnString(0), // origin
|
| base::Time::FromInternalValue(smt.ColumnInt64(5)),
|
| base::Time::FromInternalValue(smt.ColumnInt64(4)),
|
| private_key_from_db,
|
| cert_from_db));
|
| - channel_id_origins_.insert(channel_id->server_identifier());
|
| channel_ids->push_back(channel_id.release());
|
| }
|
|
|
| - UMA_HISTOGRAM_COUNTS_10000("DomainBoundCerts.DBLoadedCount",
|
| - channel_ids->size());
|
| + UMA_HISTOGRAM_COUNTS_10000(
|
| + "DomainBoundCerts.DBLoadedCount",
|
| + static_cast<base::HistogramBase::Sample>(channel_ids->size()));
|
| base::TimeDelta load_time = base::TimeTicks::Now() - start;
|
| UMA_HISTOGRAM_CUSTOM_TIMES("DomainBoundCerts.DBLoadTime",
|
| load_time,
|
| @@ -272,7 +264,7 @@ void SQLiteChannelIDStore::Backend::LoadOnDBThread(
|
| bool SQLiteChannelIDStore::Backend::EnsureDatabaseVersion() {
|
| // Version check.
|
| if (!meta_table_.Init(
|
| - db_.get(), kCurrentVersionNumber, kCompatibleVersionNumber)) {
|
| + db_.get(), kCurrentVersionNumber, kCompatibleVersionNumber)) {
|
| return false;
|
| }
|
|
|
| @@ -286,8 +278,9 @@ bool SQLiteChannelIDStore::Backend::EnsureDatabaseVersion() {
|
| sql::Transaction transaction(db_.get());
|
| if (!transaction.Begin())
|
| return false;
|
| - if (!db_->Execute("ALTER TABLE origin_bound_certs ADD COLUMN cert_type "
|
| - "INTEGER")) {
|
| + if (!db_->Execute(
|
| + "ALTER TABLE origin_bound_certs ADD COLUMN cert_type "
|
| + "INTEGER")) {
|
| LOG(WARNING) << "Unable to update server bound cert database to "
|
| << "version 2.";
|
| return false;
|
| @@ -312,60 +305,61 @@ bool SQLiteChannelIDStore::Backend::EnsureDatabaseVersion() {
|
| return false;
|
|
|
| if (cur_version == 2) {
|
| - if (!db_->Execute("ALTER TABLE origin_bound_certs ADD COLUMN "
|
| - "expiration_time INTEGER")) {
|
| + if (!db_->Execute(
|
| + "ALTER TABLE origin_bound_certs ADD COLUMN "
|
| + "expiration_time INTEGER")) {
|
| LOG(WARNING) << "Unable to update server bound cert database to "
|
| << "version 4.";
|
| return false;
|
| }
|
| }
|
|
|
| - if (!db_->Execute("ALTER TABLE origin_bound_certs ADD COLUMN "
|
| - "creation_time INTEGER")) {
|
| + if (!db_->Execute(
|
| + "ALTER TABLE origin_bound_certs ADD COLUMN "
|
| + "creation_time INTEGER")) {
|
| LOG(WARNING) << "Unable to update server bound cert database to "
|
| << "version 4.";
|
| return false;
|
| }
|
|
|
| - sql::Statement smt(db_->GetUniqueStatement(
|
| - "SELECT origin, cert FROM origin_bound_certs"));
|
| - sql::Statement update_expires_smt(db_->GetUniqueStatement(
|
| + sql::Statement statement(
|
| + db_->GetUniqueStatement("SELECT origin, cert FROM origin_bound_certs"));
|
| + sql::Statement update_expires_statement(db_->GetUniqueStatement(
|
| "UPDATE origin_bound_certs SET expiration_time = ? WHERE origin = ?"));
|
| - sql::Statement update_creation_smt(db_->GetUniqueStatement(
|
| + sql::Statement update_creation_statement(db_->GetUniqueStatement(
|
| "UPDATE origin_bound_certs SET creation_time = ? WHERE origin = ?"));
|
| - if (!smt.is_valid() ||
|
| - !update_expires_smt.is_valid() ||
|
| - !update_creation_smt.is_valid()) {
|
| + if (!statement.is_valid() || !update_expires_statement.is_valid() ||
|
| + !update_creation_statement.is_valid()) {
|
| LOG(WARNING) << "Unable to update server bound cert database to "
|
| << "version 4.";
|
| return false;
|
| }
|
|
|
| - while (smt.Step()) {
|
| - std::string origin = smt.ColumnString(0);
|
| + while (statement.Step()) {
|
| + std::string origin = statement.ColumnString(0);
|
| std::string cert_from_db;
|
| - smt.ColumnBlobAsString(1, &cert_from_db);
|
| + statement.ColumnBlobAsString(1, &cert_from_db);
|
| // Parse the cert and extract the real value and then update the DB.
|
| - scoped_refptr<net::X509Certificate> cert(
|
| - net::X509Certificate::CreateFromBytes(
|
| - cert_from_db.data(), cert_from_db.size()));
|
| + scoped_refptr<X509Certificate> cert(X509Certificate::CreateFromBytes(
|
| + cert_from_db.data(), static_cast<int>(cert_from_db.size())));
|
| if (cert.get()) {
|
| if (cur_version == 2) {
|
| - update_expires_smt.Reset(true);
|
| - update_expires_smt.BindInt64(0,
|
| - cert->valid_expiry().ToInternalValue());
|
| - update_expires_smt.BindString(1, origin);
|
| - if (!update_expires_smt.Run()) {
|
| + update_expires_statement.Reset(true);
|
| + update_expires_statement.BindInt64(
|
| + 0, cert->valid_expiry().ToInternalValue());
|
| + update_expires_statement.BindString(1, origin);
|
| + if (!update_expires_statement.Run()) {
|
| LOG(WARNING) << "Unable to update server bound cert database to "
|
| << "version 4.";
|
| return false;
|
| }
|
| }
|
|
|
| - update_creation_smt.Reset(true);
|
| - update_creation_smt.BindInt64(0, cert->valid_start().ToInternalValue());
|
| - update_creation_smt.BindString(1, origin);
|
| - if (!update_creation_smt.Run()) {
|
| + update_creation_statement.Reset(true);
|
| + update_creation_statement.BindInt64(
|
| + 0, cert->valid_start().ToInternalValue());
|
| + update_creation_statement.BindString(1, origin);
|
| + if (!update_creation_statement.Run()) {
|
| LOG(WARNING) << "Unable to update server bound cert database to "
|
| << "version 4.";
|
| return false;
|
| @@ -374,7 +368,7 @@ bool SQLiteChannelIDStore::Backend::EnsureDatabaseVersion() {
|
| // If there's a cert we can't parse, just leave it. It'll get replaced
|
| // with a new one if we ever try to use it.
|
| LOG(WARNING) << "Error parsing cert for database upgrade for origin "
|
| - << smt.ColumnString(0);
|
| + << statement.ColumnString(0);
|
| }
|
| }
|
|
|
| @@ -389,9 +383,9 @@ bool SQLiteChannelIDStore::Backend::EnsureDatabaseVersion() {
|
|
|
| // When the version is too old, we just try to continue anyway, there should
|
| // not be a released product that makes a database too old for us to handle.
|
| - LOG_IF(WARNING, cur_version < kCurrentVersionNumber) <<
|
| - "Server bound cert database version " << cur_version <<
|
| - " is too old to handle.";
|
| + LOG_IF(WARNING, cur_version < kCurrentVersionNumber)
|
| + << "Server bound cert database version " << cur_version
|
| + << " is too old to handle.";
|
|
|
| return true;
|
| }
|
| @@ -432,18 +426,29 @@ void SQLiteChannelIDStore::Backend::KillDatabase() {
|
| }
|
|
|
| void SQLiteChannelIDStore::Backend::AddChannelID(
|
| - const net::DefaultChannelIDStore::ChannelID& channel_id) {
|
| + const DefaultChannelIDStore::ChannelID& channel_id) {
|
| BatchOperation(PendingOperation::CHANNEL_ID_ADD, channel_id);
|
| }
|
|
|
| void SQLiteChannelIDStore::Backend::DeleteChannelID(
|
| - const net::DefaultChannelIDStore::ChannelID& channel_id) {
|
| + const DefaultChannelIDStore::ChannelID& channel_id) {
|
| BatchOperation(PendingOperation::CHANNEL_ID_DELETE, channel_id);
|
| }
|
|
|
| +void SQLiteChannelIDStore::Backend::DeleteAllInList(
|
| + const std::list<std::string>& server_identifiers) {
|
| + if (server_identifiers.empty())
|
| + return;
|
| + // Perform deletion on background task runner.
|
| + background_task_runner_->PostTask(
|
| + FROM_HERE,
|
| + base::Bind(
|
| + &Backend::BackgroundDeleteAllInList, this, server_identifiers));
|
| +}
|
| +
|
| void SQLiteChannelIDStore::Backend::BatchOperation(
|
| PendingOperation::OperationType op,
|
| - const net::DefaultChannelIDStore::ChannelID& channel_id) {
|
| + const DefaultChannelIDStore::ChannelID& channel_id) {
|
| // Commit every 30 seconds.
|
| static const int kCommitIntervalMs = 30 * 1000;
|
| // Commit right away if we have more than 512 outstanding operations.
|
| @@ -486,48 +491,48 @@ void SQLiteChannelIDStore::Backend::Commit() {
|
| if (!db_.get() || ops.empty())
|
| return;
|
|
|
| - sql::Statement add_smt(db_->GetCachedStatement(SQL_FROM_HERE,
|
| + sql::Statement add_statement(db_->GetCachedStatement(
|
| + SQL_FROM_HERE,
|
| "INSERT INTO origin_bound_certs (origin, private_key, cert, cert_type, "
|
| "expiration_time, creation_time) VALUES (?,?,?,?,?,?)"));
|
| - if (!add_smt.is_valid())
|
| + if (!add_statement.is_valid())
|
| return;
|
|
|
| - sql::Statement del_smt(db_->GetCachedStatement(SQL_FROM_HERE,
|
| - "DELETE FROM origin_bound_certs WHERE origin=?"));
|
| - if (!del_smt.is_valid())
|
| + sql::Statement del_statement(db_->GetCachedStatement(
|
| + SQL_FROM_HERE, "DELETE FROM origin_bound_certs WHERE origin=?"));
|
| + if (!del_statement.is_valid())
|
| return;
|
|
|
| sql::Transaction transaction(db_.get());
|
| if (!transaction.Begin())
|
| return;
|
|
|
| - for (PendingOperationsList::iterator it = ops.begin();
|
| - it != ops.end(); ++it) {
|
| + for (PendingOperationsList::iterator it = ops.begin(); it != ops.end();
|
| + ++it) {
|
| // Free the certs as we commit them to the database.
|
| scoped_ptr<PendingOperation> po(*it);
|
| switch (po->op()) {
|
| case PendingOperation::CHANNEL_ID_ADD: {
|
| - channel_id_origins_.insert(po->channel_id().server_identifier());
|
| - add_smt.Reset(true);
|
| - add_smt.BindString(0, po->channel_id().server_identifier());
|
| + add_statement.Reset(true);
|
| + add_statement.BindString(0, po->channel_id().server_identifier());
|
| const std::string& private_key = po->channel_id().private_key();
|
| - add_smt.BindBlob(1, private_key.data(), private_key.size());
|
| + add_statement.BindBlob(
|
| + 1, private_key.data(), static_cast<int>(private_key.size()));
|
| const std::string& cert = po->channel_id().cert();
|
| - add_smt.BindBlob(2, cert.data(), cert.size());
|
| - add_smt.BindInt(3, net::CLIENT_CERT_ECDSA_SIGN);
|
| - add_smt.BindInt64(4,
|
| - po->channel_id().expiration_time().ToInternalValue());
|
| - add_smt.BindInt64(5,
|
| - po->channel_id().creation_time().ToInternalValue());
|
| - if (!add_smt.Run())
|
| + add_statement.BindBlob(2, cert.data(), static_cast<int>(cert.size()));
|
| + add_statement.BindInt(3, CLIENT_CERT_ECDSA_SIGN);
|
| + add_statement.BindInt64(
|
| + 4, po->channel_id().expiration_time().ToInternalValue());
|
| + add_statement.BindInt64(
|
| + 5, po->channel_id().creation_time().ToInternalValue());
|
| + if (!add_statement.Run())
|
| NOTREACHED() << "Could not add a server bound cert to the DB.";
|
| break;
|
| }
|
| case PendingOperation::CHANNEL_ID_DELETE:
|
| - channel_id_origins_.erase(po->channel_id().server_identifier());
|
| - del_smt.Reset(true);
|
| - del_smt.BindString(0, po->channel_id().server_identifier());
|
| - if (!del_smt.Run())
|
| + del_statement.Reset(true);
|
| + del_statement.BindString(0, po->channel_id().server_identifier());
|
| + if (!del_statement.Run())
|
| NOTREACHED() << "Could not delete a server bound cert from the DB.";
|
| break;
|
|
|
| @@ -539,11 +544,11 @@ void SQLiteChannelIDStore::Backend::Commit() {
|
| transaction.Commit();
|
| }
|
|
|
| -// Fire off a close message to the background thread. We could still have a
|
| +// Fire off a close message to the background task runner. We could still have a
|
| // pending commit timer that will be holding a reference on us, but if/when
|
| // this fires we will already have been cleaned up and it will be ignored.
|
| void SQLiteChannelIDStore::Backend::Close() {
|
| - // Must close the backend on the background thread.
|
| + // Must close the backend on the background task runner.
|
| background_task_runner_->PostTask(
|
| FROM_HERE, base::Bind(&Backend::InternalBackgroundClose, this));
|
| }
|
| @@ -552,54 +557,40 @@ void SQLiteChannelIDStore::Backend::InternalBackgroundClose() {
|
| DCHECK(background_task_runner_->RunsTasksOnCurrentThread());
|
| // Commit any pending operations
|
| Commit();
|
| -
|
| - if (!force_keep_session_state_ &&
|
| - special_storage_policy_.get() &&
|
| - special_storage_policy_->HasSessionOnlyOrigins()) {
|
| - DeleteCertificatesOnShutdown();
|
| - }
|
| -
|
| db_.reset();
|
| }
|
|
|
| -void SQLiteChannelIDStore::Backend::DeleteCertificatesOnShutdown() {
|
| +void SQLiteChannelIDStore::Backend::BackgroundDeleteAllInList(
|
| + const std::list<std::string>& server_identifiers) {
|
| DCHECK(background_task_runner_->RunsTasksOnCurrentThread());
|
|
|
| if (!db_.get())
|
| return;
|
|
|
| - if (channel_id_origins_.empty())
|
| - return;
|
| -
|
| - if (!special_storage_policy_.get())
|
| - return;
|
| -
|
| sql::Statement del_smt(db_->GetCachedStatement(
|
| SQL_FROM_HERE, "DELETE FROM origin_bound_certs WHERE origin=?"));
|
| if (!del_smt.is_valid()) {
|
| - LOG(WARNING) << "Unable to delete certificates on shutdown.";
|
| + LOG(WARNING) << "Unable to delete channel ids.";
|
| return;
|
| }
|
|
|
| sql::Transaction transaction(db_.get());
|
| if (!transaction.Begin()) {
|
| - LOG(WARNING) << "Unable to delete certificates on shutdown.";
|
| + LOG(WARNING) << "Unable to delete channel ids.";
|
| return;
|
| }
|
|
|
| - for (std::set<std::string>::iterator it = channel_id_origins_.begin();
|
| - it != channel_id_origins_.end(); ++it) {
|
| - const GURL url(net::cookie_util::CookieOriginToURL(*it, true));
|
| - if (!url.is_valid() || !special_storage_policy_->IsStorageSessionOnly(url))
|
| - continue;
|
| + for (std::list<std::string>::const_iterator it = server_identifiers.begin();
|
| + it != server_identifiers.end();
|
| + ++it) {
|
| del_smt.Reset(true);
|
| del_smt.BindString(0, *it);
|
| if (!del_smt.Run())
|
| - NOTREACHED() << "Could not delete a certificate from the DB.";
|
| + NOTREACHED() << "Could not delete a channel id from the DB.";
|
| }
|
|
|
| if (!transaction.Commit())
|
| - LOG(WARNING) << "Unable to delete certificates on shutdown.";
|
| + LOG(WARNING) << "Unable to delete channel ids.";
|
| }
|
|
|
| void SQLiteChannelIDStore::Backend::SetForceKeepSessionState() {
|
| @@ -609,27 +600,29 @@ void SQLiteChannelIDStore::Backend::SetForceKeepSessionState() {
|
|
|
| SQLiteChannelIDStore::SQLiteChannelIDStore(
|
| const base::FilePath& path,
|
| - const scoped_refptr<base::SequencedTaskRunner>& background_task_runner,
|
| - storage::SpecialStoragePolicy* special_storage_policy)
|
| - : backend_(
|
| - new Backend(path, background_task_runner, special_storage_policy)) {
|
| + const scoped_refptr<base::SequencedTaskRunner>& background_task_runner)
|
| + : backend_(new Backend(path, background_task_runner)) {
|
| }
|
|
|
| -void SQLiteChannelIDStore::Load(
|
| - const LoadedCallback& loaded_callback) {
|
| +void SQLiteChannelIDStore::Load(const LoadedCallback& loaded_callback) {
|
| backend_->Load(loaded_callback);
|
| }
|
|
|
| void SQLiteChannelIDStore::AddChannelID(
|
| - const net::DefaultChannelIDStore::ChannelID& channel_id) {
|
| + const DefaultChannelIDStore::ChannelID& channel_id) {
|
| backend_->AddChannelID(channel_id);
|
| }
|
|
|
| void SQLiteChannelIDStore::DeleteChannelID(
|
| - const net::DefaultChannelIDStore::ChannelID& channel_id) {
|
| + const DefaultChannelIDStore::ChannelID& channel_id) {
|
| backend_->DeleteChannelID(channel_id);
|
| }
|
|
|
| +void SQLiteChannelIDStore::DeleteAllInList(
|
| + const std::list<std::string>& server_identifiers) {
|
| + backend_->DeleteAllInList(server_identifiers);
|
| +}
|
| +
|
| void SQLiteChannelIDStore::SetForceKeepSessionState() {
|
| backend_->SetForceKeepSessionState();
|
| }
|
| @@ -637,5 +630,7 @@ void SQLiteChannelIDStore::SetForceKeepSessionState() {
|
| SQLiteChannelIDStore::~SQLiteChannelIDStore() {
|
| backend_->Close();
|
| // We release our reference to the Backend, though it will probably still have
|
| - // a reference if the background thread has not run Close() yet.
|
| + // a reference if the background task runner has not run Close() yet.
|
| }
|
| +
|
| +} // namespace net
|
|
|
Chromium Code Reviews
Issue 381073002:
Move sqlite_channel_id_store from chrome/browser/net to net/extras. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master