OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/profiles/profile_io_data.h" | 5 #include "chrome/browser/profiles/profile_io_data.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 | 8 |
9 #include "base/basictypes.h" | 9 #include "base/basictypes.h" |
10 #include "base/bind.h" | 10 #include "base/bind.h" |
(...skipping 99 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
110 | 110 |
111 #if defined(OS_ANDROID) | 111 #if defined(OS_ANDROID) |
112 #include "chrome/browser/net/spdyproxy/data_reduction_proxy_chrome_settings.h" | 112 #include "chrome/browser/net/spdyproxy/data_reduction_proxy_chrome_settings.h" |
113 #include "chrome/browser/net/spdyproxy/data_reduction_proxy_chrome_settings_fact
ory.h" | 113 #include "chrome/browser/net/spdyproxy/data_reduction_proxy_chrome_settings_fact
ory.h" |
114 #include "components/data_reduction_proxy/common/data_reduction_proxy_switches.h
" | 114 #include "components/data_reduction_proxy/common/data_reduction_proxy_switches.h
" |
115 #endif // defined(OS_ANDROID) | 115 #endif // defined(OS_ANDROID) |
116 | 116 |
117 #if defined(OS_CHROMEOS) | 117 #if defined(OS_CHROMEOS) |
118 #include "chrome/browser/chromeos/fileapi/external_file_protocol_handler.h" | 118 #include "chrome/browser/chromeos/fileapi/external_file_protocol_handler.h" |
119 #include "chrome/browser/chromeos/login/startup_utils.h" | 119 #include "chrome/browser/chromeos/login/startup_utils.h" |
| 120 #include "chrome/browser/chromeos/net/cert_profile_filter.h" |
120 #include "chrome/browser/chromeos/net/cert_verify_proc_chromeos.h" | 121 #include "chrome/browser/chromeos/net/cert_verify_proc_chromeos.h" |
121 #include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h" | |
122 #include "chrome/browser/chromeos/policy/policy_cert_service.h" | 122 #include "chrome/browser/chromeos/policy/policy_cert_service.h" |
123 #include "chrome/browser/chromeos/policy/policy_cert_service_factory.h" | 123 #include "chrome/browser/chromeos/policy/policy_cert_service_factory.h" |
124 #include "chrome/browser/chromeos/policy/policy_cert_verifier.h" | 124 #include "chrome/browser/chromeos/policy/policy_cert_verifier.h" |
125 #include "chrome/browser/chromeos/profiles/profile_helper.h" | 125 #include "chrome/browser/chromeos/profiles/profile_helper.h" |
126 #include "chrome/browser/chromeos/settings/cros_settings.h" | 126 #include "chrome/browser/chromeos/settings/cros_settings.h" |
127 #include "chrome/browser/net/nss_context.h" | |
128 #include "chromeos/dbus/cryptohome_client.h" | |
129 #include "chromeos/dbus/dbus_thread_manager.h" | |
130 #include "chromeos/settings/cros_settings_names.h" | 127 #include "chromeos/settings/cros_settings_names.h" |
131 #include "components/user_manager/user.h" | 128 #include "components/user_manager/user.h" |
132 #include "components/user_manager/user_manager.h" | 129 #include "components/user_manager/user_manager.h" |
133 #include "crypto/nss_util.h" | 130 #include "crypto/nss_util.h" |
134 #include "crypto/nss_util_internal.h" | 131 #include "crypto/nss_util_internal.h" |
135 #include "net/cert/cert_verifier.h" | 132 #include "net/cert/cert_verifier.h" |
136 #include "net/cert/multi_threaded_cert_verifier.h" | 133 #include "net/cert/multi_threaded_cert_verifier.h" |
137 #include "net/ssl/client_cert_store_chromeos.h" | 134 #include "net/ssl/client_cert_store_chromeos.h" |
138 #endif // defined(OS_CHROMEOS) | 135 #endif // defined(OS_CHROMEOS) |
139 | 136 |
140 #if defined(USE_NSS) | 137 #if defined(USE_NSS) |
| 138 #include "chrome/browser/net/cert_database_service_factory.h" |
141 #include "chrome/browser/ui/crypto_module_delegate_nss.h" | 139 #include "chrome/browser/ui/crypto_module_delegate_nss.h" |
| 140 #include "components/cert_database/public/cert_database_service.h" |
| 141 #include "components/cert_database/public/cert_database_service_io_part.h" |
142 #include "net/ssl/client_cert_store_nss.h" | 142 #include "net/ssl/client_cert_store_nss.h" |
143 #endif | 143 #endif |
144 | 144 |
145 #if defined(OS_WIN) | 145 #if defined(OS_WIN) |
146 #include "net/ssl/client_cert_store_win.h" | 146 #include "net/ssl/client_cert_store_win.h" |
147 #endif | 147 #endif |
148 | 148 |
149 #if defined(OS_MACOSX) | 149 #if defined(OS_MACOSX) |
150 #include "net/ssl/client_cert_store_mac.h" | 150 #include "net/ssl/client_cert_store_mac.h" |
151 #endif | 151 #endif |
(...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
220 request, network_delegate, path, | 220 request, network_delegate, path, |
221 content::BrowserThread::GetBlockingPool()-> | 221 content::BrowserThread::GetBlockingPool()-> |
222 GetTaskRunnerWithShutdownBehavior( | 222 GetTaskRunnerWithShutdownBehavior( |
223 base::SequencedWorkerPool::SKIP_ON_SHUTDOWN)); | 223 base::SequencedWorkerPool::SKIP_ON_SHUTDOWN)); |
224 | 224 |
225 return NULL; | 225 return NULL; |
226 } | 226 } |
227 }; | 227 }; |
228 #endif // defined(DEBUG_DEVTOOLS) | 228 #endif // defined(DEBUG_DEVTOOLS) |
229 | 229 |
230 #if defined(OS_CHROMEOS) | |
231 // The following four functions are responsible for initializing NSS for each | |
232 // profile on ChromeOS, which has a separate NSS database and TPM slot | |
233 // per-profile. | |
234 // | |
235 // Initialization basically follows these steps: | |
236 // 1) Get some info from user_manager::UserManager about the User for this | |
237 // profile. | |
238 // 2) Tell nss_util to initialize the software slot for this profile. | |
239 // 3) Wait for the TPM module to be loaded by nss_util if it isn't already. | |
240 // 4) Ask CryptohomeClient which TPM slot id corresponds to this profile. | |
241 // 5) Tell nss_util to use that slot id on the TPM module. | |
242 // | |
243 // Some of these steps must happen on the UI thread, others must happen on the | |
244 // IO thread: | |
245 // UI thread IO Thread | |
246 // | |
247 // ProfileIOData::InitializeOnUIThread | |
248 // | | |
249 // ProfileHelper::Get()->GetUserByProfile() | |
250 // \---------------------------------------v | |
251 // StartNSSInitOnIOThread | |
252 // | | |
253 // crypto::InitializeNSSForChromeOSUser | |
254 // | | |
255 // crypto::IsTPMTokenReady | |
256 // | | |
257 // StartTPMSlotInitializationOnIOThread | |
258 // v---------------------------------------/ | |
259 // GetTPMInfoForUserOnUIThread | |
260 // | | |
261 // CryptohomeClient::Pkcs11GetTpmTokenInfoForUser | |
262 // | | |
263 // DidGetTPMInfoForUserOnUIThread | |
264 // \---------------------------------------v | |
265 // crypto::InitializeTPMForChromeOSUser | |
266 | |
267 void DidGetTPMInfoForUserOnUIThread(const std::string& username_hash, | |
268 chromeos::DBusMethodCallStatus call_status, | |
269 const std::string& label, | |
270 const std::string& user_pin, | |
271 int slot_id) { | |
272 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | |
273 if (call_status == chromeos::DBUS_METHOD_CALL_FAILURE) { | |
274 NOTREACHED() << "dbus error getting TPM info for " << username_hash; | |
275 return; | |
276 } | |
277 DVLOG(1) << "Got TPM slot for " << username_hash << ": " << slot_id; | |
278 BrowserThread::PostTask( | |
279 BrowserThread::IO, | |
280 FROM_HERE, | |
281 base::Bind( | |
282 &crypto::InitializeTPMForChromeOSUser, username_hash, slot_id)); | |
283 } | |
284 | |
285 void GetTPMInfoForUserOnUIThread(const std::string& username, | |
286 const std::string& username_hash) { | |
287 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | |
288 DVLOG(1) << "Getting TPM info from cryptohome for " | |
289 << " " << username << " " << username_hash; | |
290 chromeos::DBusThreadManager::Get() | |
291 ->GetCryptohomeClient() | |
292 ->Pkcs11GetTpmTokenInfoForUser( | |
293 username, | |
294 base::Bind(&DidGetTPMInfoForUserOnUIThread, username_hash)); | |
295 } | |
296 | |
297 void StartTPMSlotInitializationOnIOThread(const std::string& username, | |
298 const std::string& username_hash) { | |
299 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | |
300 | |
301 BrowserThread::PostTask( | |
302 BrowserThread::UI, | |
303 FROM_HERE, | |
304 base::Bind(&GetTPMInfoForUserOnUIThread, username, username_hash)); | |
305 } | |
306 | |
307 void StartNSSInitOnIOThread(const std::string& username, | |
308 const std::string& username_hash, | |
309 const base::FilePath& path) { | |
310 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | |
311 DVLOG(1) << "Starting NSS init for " << username | |
312 << " hash:" << username_hash; | |
313 | |
314 // Make sure NSS is initialized for the user. | |
315 crypto::InitializeNSSForChromeOSUser(username_hash, path); | |
316 | |
317 // Check if it's OK to initialize TPM for the user before continuing. This | |
318 // may not be the case if the TPM slot initialization was previously | |
319 // requested for the same user. | |
320 if (!crypto::ShouldInitializeTPMForChromeOSUser(username_hash)) | |
321 return; | |
322 | |
323 crypto::WillInitializeTPMForChromeOSUser(username_hash); | |
324 | |
325 if (crypto::IsTPMTokenEnabledForNSS()) { | |
326 if (crypto::IsTPMTokenReady(base::Bind( | |
327 &StartTPMSlotInitializationOnIOThread, username, username_hash))) { | |
328 StartTPMSlotInitializationOnIOThread(username, username_hash); | |
329 } else { | |
330 DVLOG(1) << "Waiting for tpm ready ..."; | |
331 } | |
332 } else { | |
333 crypto::InitializePrivateSoftwareSlotForChromeOSUser(username_hash); | |
334 } | |
335 } | |
336 #endif // defined(OS_CHROMEOS) | |
337 | |
338 #if defined(USE_NSS) | 230 #if defined(USE_NSS) |
339 void InitializeAndPassKeygenHandler( | 231 void InitializeAndPassKeygenHandler( |
340 scoped_ptr<net::KeygenHandler> keygen_handler, | 232 scoped_ptr<net::KeygenHandler> keygen_handler, |
341 const base::Callback<void(scoped_ptr<net::KeygenHandler>)>& callback, | 233 const base::Callback<void(scoped_ptr<net::KeygenHandler>)>& callback, |
342 scoped_ptr<ChromeNSSCryptoModuleDelegate> delegate) { | 234 scoped_ptr<ChromeNSSCryptoModuleDelegate> delegate) { |
343 if (delegate) { | 235 if (delegate) { |
344 keygen_handler->set_crypto_module_delegate( | 236 keygen_handler->set_crypto_module_delegate( |
345 delegate.PassAs<crypto::NSSCryptoModuleDelegate>()); | 237 delegate.PassAs<crypto::NSSCryptoModuleDelegate>()); |
346 } | 238 } |
347 callback.Run(keygen_handler.Pass()); | 239 callback.Run(keygen_handler.Pass()); |
(...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
397 | 289 |
398 params->proxy_config_service | 290 params->proxy_config_service |
399 .reset(ProxyServiceFactory::CreateProxyConfigService( | 291 .reset(ProxyServiceFactory::CreateProxyConfigService( |
400 profile->GetProxyConfigTracker())); | 292 profile->GetProxyConfigTracker())); |
401 #if defined(ENABLE_MANAGED_USERS) | 293 #if defined(ENABLE_MANAGED_USERS) |
402 SupervisedUserService* supervised_user_service = | 294 SupervisedUserService* supervised_user_service = |
403 SupervisedUserServiceFactory::GetForProfile(profile); | 295 SupervisedUserServiceFactory::GetForProfile(profile); |
404 params->supervised_user_url_filter = | 296 params->supervised_user_url_filter = |
405 supervised_user_service->GetURLFilterForIOThread(); | 297 supervised_user_service->GetURLFilterForIOThread(); |
406 #endif | 298 #endif |
| 299 |
407 #if defined(OS_CHROMEOS) | 300 #if defined(OS_CHROMEOS) |
408 user_manager::UserManager* user_manager = user_manager::UserManager::Get(); | 301 user_manager::UserManager* user_manager = user_manager::UserManager::Get(); |
409 if (user_manager) { | 302 if (user_manager) { |
410 user_manager::User* user = | 303 user_manager::User* user = |
411 chromeos::ProfileHelper::Get()->GetUserByProfile(profile); | 304 chromeos::ProfileHelper::Get()->GetUserByProfile(profile); |
412 // No need to initialize NSS for users with empty username hash: | |
413 // Getters for a user's NSS slots always return NULL slot if the user's | |
414 // username hash is empty, even when the NSS is not initialized for the | |
415 // user. | |
416 if (user && !user->username_hash().empty()) { | 305 if (user && !user->username_hash().empty()) { |
417 params->username_hash = user->username_hash(); | 306 params->username_hash = user->username_hash(); |
418 DCHECK(!params->username_hash.empty()); | 307 DCHECK(!params->username_hash.empty()); |
419 BrowserThread::PostTask(BrowserThread::IO, | |
420 FROM_HERE, | |
421 base::Bind(&StartNSSInitOnIOThread, | |
422 user->email(), | |
423 user->username_hash(), | |
424 profile->GetPath())); | |
425 | |
426 // Use the device-wide system key slot only if the user is of the same | |
427 // domain as the device is registered to. | |
428 policy::BrowserPolicyConnectorChromeOS* connector = | |
429 g_browser_process->platform_part() | |
430 ->browser_policy_connector_chromeos(); | |
431 params->use_system_key_slot = | |
432 connector->GetUserAffiliation(user->email()) == | |
433 policy::USER_AFFILIATION_MANAGED; | |
434 } | 308 } |
435 } | 309 } |
436 #endif | 310 #endif |
437 | 311 |
438 params->profile = profile; | 312 params->profile = profile; |
439 params->prerender_tracker = g_browser_process->prerender_tracker(); | 313 params->prerender_tracker = g_browser_process->prerender_tracker(); |
440 profile_params_.reset(params.release()); | 314 profile_params_.reset(params.release()); |
441 | 315 |
442 ChromeNetworkDelegate::InitializePrefsOnUIThread( | 316 ChromeNetworkDelegate::InitializePrefsOnUIThread( |
443 &enable_referrers_, | 317 &enable_referrers_, |
(...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
491 local_state_pref_service); | 365 local_state_pref_service); |
492 quick_check_enabled_.MoveToThread(io_message_loop_proxy); | 366 quick_check_enabled_.MoveToThread(io_message_loop_proxy); |
493 | 367 |
494 media_device_id_salt_ = new MediaDeviceIDSalt(pref_service, IsOffTheRecord()); | 368 media_device_id_salt_ = new MediaDeviceIDSalt(pref_service, IsOffTheRecord()); |
495 | 369 |
496 network_prediction_options_.Init(prefs::kNetworkPredictionOptions, | 370 network_prediction_options_.Init(prefs::kNetworkPredictionOptions, |
497 pref_service); | 371 pref_service); |
498 | 372 |
499 network_prediction_options_.MoveToThread(io_message_loop_proxy); | 373 network_prediction_options_.MoveToThread(io_message_loop_proxy); |
500 | 374 |
| 375 #if defined(USE_NSS) |
| 376 cert_database::CertDatabaseService* service = |
| 377 cert_database::CertDatabaseServiceFactory::GetForBrowserContext(profile); |
| 378 if (service) |
| 379 cert_db_io_ = service->GetIOPart(); |
| 380 #endif |
| 381 |
501 #if defined(OS_CHROMEOS) | 382 #if defined(OS_CHROMEOS) |
502 scoped_ptr<policy::PolicyCertVerifier> verifier = | 383 scoped_ptr<policy::PolicyCertVerifier> verifier = |
503 policy::PolicyCertServiceFactory::CreateForProfile(profile); | 384 policy::PolicyCertServiceFactory::CreateForProfile(profile); |
504 policy_cert_verifier_ = verifier.get(); | 385 policy_cert_verifier_ = verifier.get(); |
505 cert_verifier_ = verifier.Pass(); | 386 cert_verifier_ = verifier.Pass(); |
506 #endif | 387 #endif |
507 // The URLBlacklistManager has to be created on the UI thread to register | 388 // The URLBlacklistManager has to be created on the UI thread to register |
508 // observers of |pref_service|, and it also has to clean up on | 389 // observers of |pref_service|, and it also has to clean up on |
509 // ShutdownOnUIThread to release these observers on the right thread. | 390 // ShutdownOnUIThread to release these observers on the right thread. |
510 // Don't pass it in |profile_params_| to make sure it is correctly cleaned up, | 391 // Don't pass it in |profile_params_| to make sure it is correctly cleaned up, |
(...skipping 69 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
580 job_factory_ = job_factory.Pass(); | 461 job_factory_ = job_factory.Pass(); |
581 set_job_factory(job_factory_.get()); | 462 set_job_factory(job_factory_.get()); |
582 } | 463 } |
583 | 464 |
584 ProfileIOData::AppRequestContext::~AppRequestContext() { | 465 ProfileIOData::AppRequestContext::~AppRequestContext() { |
585 AssertNoURLRequests(); | 466 AssertNoURLRequests(); |
586 } | 467 } |
587 | 468 |
588 ProfileIOData::ProfileParams::ProfileParams() | 469 ProfileIOData::ProfileParams::ProfileParams() |
589 : io_thread(NULL), | 470 : io_thread(NULL), |
590 #if defined(OS_CHROMEOS) | |
591 use_system_key_slot(false), | |
592 #endif | |
593 profile(NULL) { | 471 profile(NULL) { |
594 } | 472 } |
595 | 473 |
596 ProfileIOData::ProfileParams::~ProfileParams() {} | 474 ProfileIOData::ProfileParams::~ProfileParams() {} |
597 | 475 |
598 ProfileIOData::ProfileIOData(Profile::ProfileType profile_type) | 476 ProfileIOData::ProfileIOData(Profile::ProfileType profile_type) |
599 : initialized_(false), | 477 : initialized_(false), |
600 #if defined(OS_CHROMEOS) | 478 #if defined(OS_CHROMEOS) |
601 policy_cert_verifier_(NULL), | 479 policy_cert_verifier_(NULL), |
602 use_system_key_slot_(false), | |
603 #endif | 480 #endif |
604 resource_context_(new ResourceContext(this)), | 481 resource_context_(new ResourceContext(this)), |
605 initialized_on_UI_thread_(false), | 482 initialized_on_UI_thread_(false), |
606 profile_type_(profile_type) { | 483 profile_type_(profile_type) { |
607 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 484 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
608 } | 485 } |
609 | 486 |
610 ProfileIOData::~ProfileIOData() { | 487 ProfileIOData::~ProfileIOData() { |
611 if (BrowserThread::IsMessageLoopValid(BrowserThread::IO)) | 488 if (BrowserThread::IsMessageLoopValid(BrowserThread::IO)) |
612 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 489 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); |
(...skipping 299 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
912 DCHECK(io_data_->initialized_); | 789 DCHECK(io_data_->initialized_); |
913 return request_context_; | 790 return request_context_; |
914 } | 791 } |
915 | 792 |
916 scoped_ptr<net::ClientCertStore> | 793 scoped_ptr<net::ClientCertStore> |
917 ProfileIOData::ResourceContext::CreateClientCertStore() { | 794 ProfileIOData::ResourceContext::CreateClientCertStore() { |
918 if (!io_data_->client_cert_store_factory_.is_null()) | 795 if (!io_data_->client_cert_store_factory_.is_null()) |
919 return io_data_->client_cert_store_factory_.Run(); | 796 return io_data_->client_cert_store_factory_.Run(); |
920 #if defined(OS_CHROMEOS) | 797 #if defined(OS_CHROMEOS) |
921 return scoped_ptr<net::ClientCertStore>(new net::ClientCertStoreChromeOS( | 798 return scoped_ptr<net::ClientCertStore>(new net::ClientCertStoreChromeOS( |
922 io_data_->use_system_key_slot(), | 799 chromeos::CreateProfileFilterFactory(io_data_->cert_db_io_), |
923 io_data_->username_hash(), | |
924 base::Bind(&CreateCryptoModuleBlockingPasswordDelegate, | 800 base::Bind(&CreateCryptoModuleBlockingPasswordDelegate, |
925 chrome::kCryptoModulePasswordClientAuth))); | 801 chrome::kCryptoModulePasswordClientAuth))); |
926 #elif defined(USE_NSS) | 802 #elif defined(USE_NSS) |
927 return scoped_ptr<net::ClientCertStore>(new net::ClientCertStoreNSS( | 803 return scoped_ptr<net::ClientCertStore>(new net::ClientCertStoreNSS( |
928 base::Bind(&CreateCryptoModuleBlockingPasswordDelegate, | 804 base::Bind(&CreateCryptoModuleBlockingPasswordDelegate, |
929 chrome::kCryptoModulePasswordClientAuth))); | 805 chrome::kCryptoModulePasswordClientAuth))); |
930 #elif defined(OS_WIN) | 806 #elif defined(OS_WIN) |
931 return scoped_ptr<net::ClientCertStore>(new net::ClientCertStoreWin()); | 807 return scoped_ptr<net::ClientCertStore>(new net::ClientCertStoreWin()); |
932 #elif defined(OS_MACOSX) | 808 #elif defined(OS_MACOSX) |
933 return scoped_ptr<net::ClientCertStore>(new net::ClientCertStoreMac()); | 809 return scoped_ptr<net::ClientCertStore>(new net::ClientCertStoreMac()); |
(...skipping 15 matching lines...) Expand all Loading... |
949 DCHECK(!callback.is_null()); | 825 DCHECK(!callback.is_null()); |
950 #if defined(USE_NSS) | 826 #if defined(USE_NSS) |
951 scoped_ptr<net::KeygenHandler> keygen_handler( | 827 scoped_ptr<net::KeygenHandler> keygen_handler( |
952 new net::KeygenHandler(key_size_in_bits, challenge_string, url)); | 828 new net::KeygenHandler(key_size_in_bits, challenge_string, url)); |
953 | 829 |
954 base::Callback<void(scoped_ptr<ChromeNSSCryptoModuleDelegate>)> | 830 base::Callback<void(scoped_ptr<ChromeNSSCryptoModuleDelegate>)> |
955 got_delegate_callback = base::Bind(&InitializeAndPassKeygenHandler, | 831 got_delegate_callback = base::Bind(&InitializeAndPassKeygenHandler, |
956 base::Passed(&keygen_handler), | 832 base::Passed(&keygen_handler), |
957 callback); | 833 callback); |
958 | 834 |
| 835 // If |cert_db_io_| is not available, we're shutting down already. Return the |
| 836 // KeygenHandler without ChromeNSSCryptoModuleDelegate. |
| 837 if (!io_data_->cert_db_io_) { |
| 838 got_delegate_callback.Run(scoped_ptr<ChromeNSSCryptoModuleDelegate>()); |
| 839 return; |
| 840 } |
| 841 |
959 ChromeNSSCryptoModuleDelegate::CreateForResourceContext( | 842 ChromeNSSCryptoModuleDelegate::CreateForResourceContext( |
960 chrome::kCryptoModulePasswordKeygen, | 843 chrome::kCryptoModulePasswordKeygen, |
961 net::HostPortPair::FromURL(url), | 844 net::HostPortPair::FromURL(url), |
962 this, | 845 io_data_->cert_db_io_.get(), |
963 got_delegate_callback); | 846 got_delegate_callback); |
964 #else | 847 #else |
965 callback.Run(make_scoped_ptr( | 848 callback.Run(make_scoped_ptr( |
966 new net::KeygenHandler(key_size_in_bits, challenge_string, url))); | 849 new net::KeygenHandler(key_size_in_bits, challenge_string, url))); |
967 #endif | 850 #endif |
968 } | 851 } |
969 | 852 |
970 ResourceContext::SaltCallback | 853 ResourceContext::SaltCallback |
971 ProfileIOData::ResourceContext::GetMediaDeviceIDSalt() { | 854 ProfileIOData::ResourceContext::GetMediaDeviceIDSalt() { |
972 return io_data_->GetMediaDeviceIDSalt(); | 855 return io_data_->GetMediaDeviceIDSalt(); |
(...skipping 98 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1071 if (profile_params_->resource_prefetch_predictor_observer_) { | 954 if (profile_params_->resource_prefetch_predictor_observer_) { |
1072 resource_prefetch_predictor_observer_.reset( | 955 resource_prefetch_predictor_observer_.reset( |
1073 profile_params_->resource_prefetch_predictor_observer_.release()); | 956 profile_params_->resource_prefetch_predictor_observer_.release()); |
1074 } | 957 } |
1075 | 958 |
1076 #if defined(ENABLE_MANAGED_USERS) | 959 #if defined(ENABLE_MANAGED_USERS) |
1077 supervised_user_url_filter_ = profile_params_->supervised_user_url_filter; | 960 supervised_user_url_filter_ = profile_params_->supervised_user_url_filter; |
1078 #endif | 961 #endif |
1079 | 962 |
1080 #if defined(OS_CHROMEOS) | 963 #if defined(OS_CHROMEOS) |
1081 username_hash_ = profile_params_->username_hash; | |
1082 use_system_key_slot_ = profile_params_->use_system_key_slot; | |
1083 if (use_system_key_slot_) | |
1084 EnableNSSSystemKeySlotForResourceContext(resource_context_.get()); | |
1085 | |
1086 crypto::ScopedPK11Slot public_slot = | 964 crypto::ScopedPK11Slot public_slot = |
1087 crypto::GetPublicSlotForChromeOSUser(username_hash_); | 965 crypto::GetPublicSlotForChromeOSUser(profile_params_->username_hash); |
1088 // The private slot won't be ready by this point. It shouldn't be necessary | 966 // The private slot won't be ready by this point. It shouldn't be necessary |
1089 // for cert trust purposes anyway. | 967 // for cert trust purposes anyway. |
1090 scoped_refptr<net::CertVerifyProc> verify_proc( | 968 scoped_refptr<net::CertVerifyProc> verify_proc( |
1091 new chromeos::CertVerifyProcChromeOS(public_slot.Pass())); | 969 new chromeos::CertVerifyProcChromeOS(public_slot.Pass())); |
1092 if (policy_cert_verifier_) { | 970 if (policy_cert_verifier_) { |
1093 DCHECK_EQ(policy_cert_verifier_, cert_verifier_.get()); | 971 DCHECK_EQ(policy_cert_verifier_, cert_verifier_.get()); |
1094 policy_cert_verifier_->InitializeOnIOThread(verify_proc); | 972 policy_cert_verifier_->InitializeOnIOThread(verify_proc); |
1095 } else { | 973 } else { |
1096 cert_verifier_.reset(new net::MultiThreadedCertVerifier(verify_proc.get())); | 974 cert_verifier_.reset(new net::MultiThreadedCertVerifier(verify_proc.get())); |
1097 } | 975 } |
(...skipping 195 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1293 void ProfileIOData::SetCookieSettingsForTesting( | 1171 void ProfileIOData::SetCookieSettingsForTesting( |
1294 CookieSettings* cookie_settings) { | 1172 CookieSettings* cookie_settings) { |
1295 DCHECK(!cookie_settings_.get()); | 1173 DCHECK(!cookie_settings_.get()); |
1296 cookie_settings_ = cookie_settings; | 1174 cookie_settings_ = cookie_settings; |
1297 } | 1175 } |
1298 | 1176 |
1299 void ProfileIOData::set_signin_names_for_testing( | 1177 void ProfileIOData::set_signin_names_for_testing( |
1300 SigninNamesOnIOThread* signin_names) { | 1178 SigninNamesOnIOThread* signin_names) { |
1301 signin_names_.reset(signin_names); | 1179 signin_names_.reset(signin_names); |
1302 } | 1180 } |
OLD | NEW |