OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/profiles/profile_io_data.h" | 5 #include "chrome/browser/profiles/profile_io_data.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 | 8 |
9 #include "base/basictypes.h" | 9 #include "base/basictypes.h" |
10 #include "base/bind.h" | 10 #include "base/bind.h" |
(...skipping 99 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
110 | 110 |
111 #if defined(OS_ANDROID) | 111 #if defined(OS_ANDROID) |
112 #include "chrome/browser/net/spdyproxy/data_reduction_proxy_chrome_settings.h" | 112 #include "chrome/browser/net/spdyproxy/data_reduction_proxy_chrome_settings.h" |
113 #include "chrome/browser/net/spdyproxy/data_reduction_proxy_chrome_settings_fact
ory.h" | 113 #include "chrome/browser/net/spdyproxy/data_reduction_proxy_chrome_settings_fact
ory.h" |
114 #include "components/data_reduction_proxy/core/common/data_reduction_proxy_switc
hes.h" | 114 #include "components/data_reduction_proxy/core/common/data_reduction_proxy_switc
hes.h" |
115 #endif // defined(OS_ANDROID) | 115 #endif // defined(OS_ANDROID) |
116 | 116 |
117 #if defined(OS_CHROMEOS) | 117 #if defined(OS_CHROMEOS) |
118 #include "chrome/browser/chromeos/fileapi/external_file_protocol_handler.h" | 118 #include "chrome/browser/chromeos/fileapi/external_file_protocol_handler.h" |
119 #include "chrome/browser/chromeos/login/startup_utils.h" | 119 #include "chrome/browser/chromeos/login/startup_utils.h" |
| 120 #include "chrome/browser/chromeos/net/cert_profile_filter.h" |
120 #include "chrome/browser/chromeos/net/cert_verify_proc_chromeos.h" | 121 #include "chrome/browser/chromeos/net/cert_verify_proc_chromeos.h" |
121 #include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h" | |
122 #include "chrome/browser/chromeos/policy/policy_cert_service.h" | 122 #include "chrome/browser/chromeos/policy/policy_cert_service.h" |
123 #include "chrome/browser/chromeos/policy/policy_cert_service_factory.h" | 123 #include "chrome/browser/chromeos/policy/policy_cert_service_factory.h" |
124 #include "chrome/browser/chromeos/policy/policy_cert_verifier.h" | 124 #include "chrome/browser/chromeos/policy/policy_cert_verifier.h" |
125 #include "chrome/browser/chromeos/profiles/profile_helper.h" | 125 #include "chrome/browser/chromeos/profiles/profile_helper.h" |
126 #include "chrome/browser/chromeos/settings/cros_settings.h" | 126 #include "chrome/browser/chromeos/settings/cros_settings.h" |
127 #include "chrome/browser/net/nss_context.h" | |
128 #include "chromeos/dbus/cryptohome_client.h" | |
129 #include "chromeos/dbus/dbus_thread_manager.h" | |
130 #include "chromeos/settings/cros_settings_names.h" | 127 #include "chromeos/settings/cros_settings_names.h" |
131 #include "components/user_manager/user.h" | 128 #include "components/user_manager/user.h" |
132 #include "components/user_manager/user_manager.h" | 129 #include "components/user_manager/user_manager.h" |
133 #include "crypto/nss_util.h" | 130 #include "crypto/nss_util.h" |
134 #include "crypto/nss_util_internal.h" | 131 #include "crypto/nss_util_internal.h" |
135 #include "net/cert/cert_verifier.h" | 132 #include "net/cert/cert_verifier.h" |
136 #include "net/cert/multi_threaded_cert_verifier.h" | 133 #include "net/cert/multi_threaded_cert_verifier.h" |
137 #include "net/ssl/client_cert_store_chromeos.h" | 134 #include "net/ssl/client_cert_store_chromeos.h" |
138 #endif // defined(OS_CHROMEOS) | 135 #endif // defined(OS_CHROMEOS) |
139 | 136 |
140 #if defined(USE_NSS) | 137 #if defined(USE_NSS) |
| 138 #include "chrome/browser/net/cert_database_service_factory.h" |
141 #include "chrome/browser/ui/crypto_module_delegate_nss.h" | 139 #include "chrome/browser/ui/crypto_module_delegate_nss.h" |
| 140 #include "components/cert_database/public/cert_database_service.h" |
| 141 #include "components/cert_database/public/cert_database_service_io_part.h" |
142 #include "net/ssl/client_cert_store_nss.h" | 142 #include "net/ssl/client_cert_store_nss.h" |
143 #endif | 143 #endif |
144 | 144 |
145 #if defined(OS_WIN) | 145 #if defined(OS_WIN) |
146 #include "net/ssl/client_cert_store_win.h" | 146 #include "net/ssl/client_cert_store_win.h" |
147 #endif | 147 #endif |
148 | 148 |
149 #if defined(OS_MACOSX) | 149 #if defined(OS_MACOSX) |
150 #include "net/ssl/client_cert_store_mac.h" | 150 #include "net/ssl/client_cert_store_mac.h" |
151 #endif | 151 #endif |
(...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
220 request, network_delegate, path, | 220 request, network_delegate, path, |
221 content::BrowserThread::GetBlockingPool()-> | 221 content::BrowserThread::GetBlockingPool()-> |
222 GetTaskRunnerWithShutdownBehavior( | 222 GetTaskRunnerWithShutdownBehavior( |
223 base::SequencedWorkerPool::SKIP_ON_SHUTDOWN)); | 223 base::SequencedWorkerPool::SKIP_ON_SHUTDOWN)); |
224 | 224 |
225 return NULL; | 225 return NULL; |
226 } | 226 } |
227 }; | 227 }; |
228 #endif // defined(DEBUG_DEVTOOLS) | 228 #endif // defined(DEBUG_DEVTOOLS) |
229 | 229 |
230 #if defined(OS_CHROMEOS) | |
231 // The following four functions are responsible for initializing NSS for each | |
232 // profile on ChromeOS, which has a separate NSS database and TPM slot | |
233 // per-profile. | |
234 // | |
235 // Initialization basically follows these steps: | |
236 // 1) Get some info from user_manager::UserManager about the User for this | |
237 // profile. | |
238 // 2) Tell nss_util to initialize the software slot for this profile. | |
239 // 3) Wait for the TPM module to be loaded by nss_util if it isn't already. | |
240 // 4) Ask CryptohomeClient which TPM slot id corresponds to this profile. | |
241 // 5) Tell nss_util to use that slot id on the TPM module. | |
242 // | |
243 // Some of these steps must happen on the UI thread, others must happen on the | |
244 // IO thread: | |
245 // UI thread IO Thread | |
246 // | |
247 // ProfileIOData::InitializeOnUIThread | |
248 // | | |
249 // ProfileHelper::Get()->GetUserByProfile() | |
250 // \---------------------------------------v | |
251 // StartNSSInitOnIOThread | |
252 // | | |
253 // crypto::InitializeNSSForChromeOSUser | |
254 // | | |
255 // crypto::IsTPMTokenReady | |
256 // | | |
257 // StartTPMSlotInitializationOnIOThread | |
258 // v---------------------------------------/ | |
259 // GetTPMInfoForUserOnUIThread | |
260 // | | |
261 // CryptohomeClient::Pkcs11GetTpmTokenInfoForUser | |
262 // | | |
263 // DidGetTPMInfoForUserOnUIThread | |
264 // \---------------------------------------v | |
265 // crypto::InitializeTPMForChromeOSUser | |
266 | |
267 void DidGetTPMInfoForUserOnUIThread(const std::string& username_hash, | |
268 chromeos::DBusMethodCallStatus call_status, | |
269 const std::string& label, | |
270 const std::string& user_pin, | |
271 int slot_id) { | |
272 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | |
273 if (call_status == chromeos::DBUS_METHOD_CALL_FAILURE) { | |
274 NOTREACHED() << "dbus error getting TPM info for " << username_hash; | |
275 return; | |
276 } | |
277 DVLOG(1) << "Got TPM slot for " << username_hash << ": " << slot_id; | |
278 BrowserThread::PostTask( | |
279 BrowserThread::IO, | |
280 FROM_HERE, | |
281 base::Bind( | |
282 &crypto::InitializeTPMForChromeOSUser, username_hash, slot_id)); | |
283 } | |
284 | |
285 void GetTPMInfoForUserOnUIThread(const std::string& username, | |
286 const std::string& username_hash) { | |
287 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | |
288 DVLOG(1) << "Getting TPM info from cryptohome for " | |
289 << " " << username << " " << username_hash; | |
290 chromeos::DBusThreadManager::Get() | |
291 ->GetCryptohomeClient() | |
292 ->Pkcs11GetTpmTokenInfoForUser( | |
293 username, | |
294 base::Bind(&DidGetTPMInfoForUserOnUIThread, username_hash)); | |
295 } | |
296 | |
297 void StartTPMSlotInitializationOnIOThread(const std::string& username, | |
298 const std::string& username_hash) { | |
299 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | |
300 | |
301 BrowserThread::PostTask( | |
302 BrowserThread::UI, | |
303 FROM_HERE, | |
304 base::Bind(&GetTPMInfoForUserOnUIThread, username, username_hash)); | |
305 } | |
306 | |
307 void StartNSSInitOnIOThread(const std::string& username, | |
308 const std::string& username_hash, | |
309 const base::FilePath& path) { | |
310 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | |
311 DVLOG(1) << "Starting NSS init for " << username | |
312 << " hash:" << username_hash; | |
313 | |
314 // Make sure NSS is initialized for the user. | |
315 crypto::InitializeNSSForChromeOSUser(username_hash, path); | |
316 | |
317 // Check if it's OK to initialize TPM for the user before continuing. This | |
318 // may not be the case if the TPM slot initialization was previously | |
319 // requested for the same user. | |
320 if (!crypto::ShouldInitializeTPMForChromeOSUser(username_hash)) | |
321 return; | |
322 | |
323 crypto::WillInitializeTPMForChromeOSUser(username_hash); | |
324 | |
325 if (crypto::IsTPMTokenEnabledForNSS()) { | |
326 if (crypto::IsTPMTokenReady(base::Bind( | |
327 &StartTPMSlotInitializationOnIOThread, username, username_hash))) { | |
328 StartTPMSlotInitializationOnIOThread(username, username_hash); | |
329 } else { | |
330 DVLOG(1) << "Waiting for tpm ready ..."; | |
331 } | |
332 } else { | |
333 crypto::InitializePrivateSoftwareSlotForChromeOSUser(username_hash); | |
334 } | |
335 } | |
336 #endif // defined(OS_CHROMEOS) | |
337 | |
338 #if defined(USE_NSS) | 230 #if defined(USE_NSS) |
339 void InitializeAndPassKeygenHandler( | 231 void InitializeAndPassKeygenHandler( |
340 scoped_ptr<net::KeygenHandler> keygen_handler, | 232 scoped_ptr<net::KeygenHandler> keygen_handler, |
341 const base::Callback<void(scoped_ptr<net::KeygenHandler>)>& callback, | 233 const base::Callback<void(scoped_ptr<net::KeygenHandler>)>& callback, |
342 scoped_ptr<ChromeNSSCryptoModuleDelegate> delegate) { | 234 scoped_ptr<ChromeNSSCryptoModuleDelegate> delegate) { |
343 if (delegate) { | 235 if (delegate) { |
344 keygen_handler->set_crypto_module_delegate( | 236 keygen_handler->set_crypto_module_delegate( |
345 delegate.PassAs<crypto::NSSCryptoModuleDelegate>()); | 237 delegate.PassAs<crypto::NSSCryptoModuleDelegate>()); |
346 } | 238 } |
347 callback.Run(keygen_handler.Pass()); | 239 callback.Run(keygen_handler.Pass()); |
(...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
397 | 289 |
398 params->proxy_config_service | 290 params->proxy_config_service |
399 .reset(ProxyServiceFactory::CreateProxyConfigService( | 291 .reset(ProxyServiceFactory::CreateProxyConfigService( |
400 profile->GetProxyConfigTracker())); | 292 profile->GetProxyConfigTracker())); |
401 #if defined(ENABLE_MANAGED_USERS) | 293 #if defined(ENABLE_MANAGED_USERS) |
402 SupervisedUserService* supervised_user_service = | 294 SupervisedUserService* supervised_user_service = |
403 SupervisedUserServiceFactory::GetForProfile(profile); | 295 SupervisedUserServiceFactory::GetForProfile(profile); |
404 params->supervised_user_url_filter = | 296 params->supervised_user_url_filter = |
405 supervised_user_service->GetURLFilterForIOThread(); | 297 supervised_user_service->GetURLFilterForIOThread(); |
406 #endif | 298 #endif |
| 299 |
407 #if defined(OS_CHROMEOS) | 300 #if defined(OS_CHROMEOS) |
408 user_manager::UserManager* user_manager = user_manager::UserManager::Get(); | 301 user_manager::UserManager* user_manager = user_manager::UserManager::Get(); |
409 if (user_manager) { | 302 if (user_manager) { |
410 user_manager::User* user = | 303 user_manager::User* user = |
411 chromeos::ProfileHelper::Get()->GetUserByProfile(profile); | 304 chromeos::ProfileHelper::Get()->GetUserByProfile(profile); |
412 // No need to initialize NSS for users with empty username hash: | |
413 // Getters for a user's NSS slots always return NULL slot if the user's | |
414 // username hash is empty, even when the NSS is not initialized for the | |
415 // user. | |
416 if (user && !user->username_hash().empty()) { | 305 if (user && !user->username_hash().empty()) { |
417 params->username_hash = user->username_hash(); | 306 params->username_hash = user->username_hash(); |
418 DCHECK(!params->username_hash.empty()); | 307 DCHECK(!params->username_hash.empty()); |
419 BrowserThread::PostTask(BrowserThread::IO, | |
420 FROM_HERE, | |
421 base::Bind(&StartNSSInitOnIOThread, | |
422 user->email(), | |
423 user->username_hash(), | |
424 profile->GetPath())); | |
425 | |
426 // Use the device-wide system key slot only if the user is of the same | |
427 // domain as the device is registered to. | |
428 policy::BrowserPolicyConnectorChromeOS* connector = | |
429 g_browser_process->platform_part() | |
430 ->browser_policy_connector_chromeos(); | |
431 params->use_system_key_slot = | |
432 connector->GetUserAffiliation(user->email()) == | |
433 policy::USER_AFFILIATION_MANAGED; | |
434 } | 308 } |
435 } | 309 } |
436 #endif | 310 #endif |
437 | 311 |
438 params->profile = profile; | 312 params->profile = profile; |
439 params->prerender_tracker = g_browser_process->prerender_tracker(); | 313 params->prerender_tracker = g_browser_process->prerender_tracker(); |
440 profile_params_.reset(params.release()); | 314 profile_params_.reset(params.release()); |
441 | 315 |
442 ChromeNetworkDelegate::InitializePrefsOnUIThread( | 316 ChromeNetworkDelegate::InitializePrefsOnUIThread( |
443 &enable_referrers_, | 317 &enable_referrers_, |
(...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
491 local_state_pref_service); | 365 local_state_pref_service); |
492 quick_check_enabled_.MoveToThread(io_message_loop_proxy); | 366 quick_check_enabled_.MoveToThread(io_message_loop_proxy); |
493 | 367 |
494 media_device_id_salt_ = new MediaDeviceIDSalt(pref_service, IsOffTheRecord()); | 368 media_device_id_salt_ = new MediaDeviceIDSalt(pref_service, IsOffTheRecord()); |
495 | 369 |
496 network_prediction_options_.Init(prefs::kNetworkPredictionOptions, | 370 network_prediction_options_.Init(prefs::kNetworkPredictionOptions, |
497 pref_service); | 371 pref_service); |
498 | 372 |
499 network_prediction_options_.MoveToThread(io_message_loop_proxy); | 373 network_prediction_options_.MoveToThread(io_message_loop_proxy); |
500 | 374 |
| 375 #if defined(USE_NSS) |
| 376 cert_database::CertDatabaseService* service = |
| 377 cert_database::CertDatabaseServiceFactory::GetForBrowserContext(profile); |
| 378 if (service) |
| 379 cert_db_io_ = service->GetIOPart(); |
| 380 #endif |
| 381 |
501 #if defined(OS_CHROMEOS) | 382 #if defined(OS_CHROMEOS) |
502 scoped_ptr<policy::PolicyCertVerifier> verifier = | 383 scoped_ptr<policy::PolicyCertVerifier> verifier = |
503 policy::PolicyCertServiceFactory::CreateForProfile(profile); | 384 policy::PolicyCertServiceFactory::CreateForProfile(profile); |
504 policy_cert_verifier_ = verifier.get(); | 385 policy_cert_verifier_ = verifier.get(); |
505 cert_verifier_ = verifier.Pass(); | 386 cert_verifier_ = verifier.Pass(); |
506 #endif | 387 #endif |
507 // The URLBlacklistManager has to be created on the UI thread to register | 388 // The URLBlacklistManager has to be created on the UI thread to register |
508 // observers of |pref_service|, and it also has to clean up on | 389 // observers of |pref_service|, and it also has to clean up on |
509 // ShutdownOnUIThread to release these observers on the right thread. | 390 // ShutdownOnUIThread to release these observers on the right thread. |
510 // Don't pass it in |profile_params_| to make sure it is correctly cleaned up, | 391 // Don't pass it in |profile_params_| to make sure it is correctly cleaned up, |
(...skipping 69 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
580 job_factory_ = job_factory.Pass(); | 461 job_factory_ = job_factory.Pass(); |
581 set_job_factory(job_factory_.get()); | 462 set_job_factory(job_factory_.get()); |
582 } | 463 } |
583 | 464 |
584 ProfileIOData::AppRequestContext::~AppRequestContext() { | 465 ProfileIOData::AppRequestContext::~AppRequestContext() { |
585 AssertNoURLRequests(); | 466 AssertNoURLRequests(); |
586 } | 467 } |
587 | 468 |
588 ProfileIOData::ProfileParams::ProfileParams() | 469 ProfileIOData::ProfileParams::ProfileParams() |
589 : io_thread(NULL), | 470 : io_thread(NULL), |
590 #if defined(OS_CHROMEOS) | |
591 use_system_key_slot(false), | |
592 #endif | |
593 profile(NULL) { | 471 profile(NULL) { |
594 } | 472 } |
595 | 473 |
596 ProfileIOData::ProfileParams::~ProfileParams() {} | 474 ProfileIOData::ProfileParams::~ProfileParams() {} |
597 | 475 |
598 ProfileIOData::ProfileIOData(Profile::ProfileType profile_type) | 476 ProfileIOData::ProfileIOData(Profile::ProfileType profile_type) |
599 : initialized_(false), | 477 : initialized_(false), |
600 #if defined(OS_CHROMEOS) | 478 #if defined(OS_CHROMEOS) |
601 policy_cert_verifier_(NULL), | 479 policy_cert_verifier_(NULL), |
602 use_system_key_slot_(false), | |
603 #endif | 480 #endif |
604 resource_context_(new ResourceContext(this)), | 481 resource_context_(new ResourceContext(this)), |
605 initialized_on_UI_thread_(false), | 482 initialized_on_UI_thread_(false), |
606 profile_type_(profile_type) { | 483 profile_type_(profile_type) { |
607 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 484 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
608 } | 485 } |
609 | 486 |
610 ProfileIOData::~ProfileIOData() { | 487 ProfileIOData::~ProfileIOData() { |
611 if (BrowserThread::IsMessageLoopValid(BrowserThread::IO)) | 488 if (BrowserThread::IsMessageLoopValid(BrowserThread::IO)) |
612 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 489 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); |
(...skipping 297 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
910 DCHECK(io_data_->initialized_); | 787 DCHECK(io_data_->initialized_); |
911 return request_context_; | 788 return request_context_; |
912 } | 789 } |
913 | 790 |
914 scoped_ptr<net::ClientCertStore> | 791 scoped_ptr<net::ClientCertStore> |
915 ProfileIOData::ResourceContext::CreateClientCertStore() { | 792 ProfileIOData::ResourceContext::CreateClientCertStore() { |
916 if (!io_data_->client_cert_store_factory_.is_null()) | 793 if (!io_data_->client_cert_store_factory_.is_null()) |
917 return io_data_->client_cert_store_factory_.Run(); | 794 return io_data_->client_cert_store_factory_.Run(); |
918 #if defined(OS_CHROMEOS) | 795 #if defined(OS_CHROMEOS) |
919 return scoped_ptr<net::ClientCertStore>(new net::ClientCertStoreChromeOS( | 796 return scoped_ptr<net::ClientCertStore>(new net::ClientCertStoreChromeOS( |
920 io_data_->use_system_key_slot(), | 797 chromeos::CreateProfileFilterFactoryAcceptAllSlots(io_data_->cert_db_io_), |
921 io_data_->username_hash(), | |
922 base::Bind(&CreateCryptoModuleBlockingPasswordDelegate, | 798 base::Bind(&CreateCryptoModuleBlockingPasswordDelegate, |
923 chrome::kCryptoModulePasswordClientAuth))); | 799 chrome::kCryptoModulePasswordClientAuth))); |
924 #elif defined(USE_NSS) | 800 #elif defined(USE_NSS) |
925 return scoped_ptr<net::ClientCertStore>(new net::ClientCertStoreNSS( | 801 return scoped_ptr<net::ClientCertStore>(new net::ClientCertStoreNSS( |
926 base::Bind(&CreateCryptoModuleBlockingPasswordDelegate, | 802 base::Bind(&CreateCryptoModuleBlockingPasswordDelegate, |
927 chrome::kCryptoModulePasswordClientAuth))); | 803 chrome::kCryptoModulePasswordClientAuth))); |
928 #elif defined(OS_WIN) | 804 #elif defined(OS_WIN) |
929 return scoped_ptr<net::ClientCertStore>(new net::ClientCertStoreWin()); | 805 return scoped_ptr<net::ClientCertStore>(new net::ClientCertStoreWin()); |
930 #elif defined(OS_MACOSX) | 806 #elif defined(OS_MACOSX) |
931 return scoped_ptr<net::ClientCertStore>(new net::ClientCertStoreMac()); | 807 return scoped_ptr<net::ClientCertStore>(new net::ClientCertStoreMac()); |
(...skipping 15 matching lines...) Expand all Loading... |
947 DCHECK(!callback.is_null()); | 823 DCHECK(!callback.is_null()); |
948 #if defined(USE_NSS) | 824 #if defined(USE_NSS) |
949 scoped_ptr<net::KeygenHandler> keygen_handler( | 825 scoped_ptr<net::KeygenHandler> keygen_handler( |
950 new net::KeygenHandler(key_size_in_bits, challenge_string, url)); | 826 new net::KeygenHandler(key_size_in_bits, challenge_string, url)); |
951 | 827 |
952 base::Callback<void(scoped_ptr<ChromeNSSCryptoModuleDelegate>)> | 828 base::Callback<void(scoped_ptr<ChromeNSSCryptoModuleDelegate>)> |
953 got_delegate_callback = base::Bind(&InitializeAndPassKeygenHandler, | 829 got_delegate_callback = base::Bind(&InitializeAndPassKeygenHandler, |
954 base::Passed(&keygen_handler), | 830 base::Passed(&keygen_handler), |
955 callback); | 831 callback); |
956 | 832 |
957 ChromeNSSCryptoModuleDelegate::CreateForResourceContext( | 833 // If |cert_db_io_| is not available, we're shutting down already. Return the |
| 834 // KeygenHandler without ChromeNSSCryptoModuleDelegate. |
| 835 if (!io_data_->cert_db_io_) { |
| 836 got_delegate_callback.Run(scoped_ptr<ChromeNSSCryptoModuleDelegate>()); |
| 837 return; |
| 838 } |
| 839 |
| 840 ChromeNSSCryptoModuleDelegate::CreateForCertDatabase( |
958 chrome::kCryptoModulePasswordKeygen, | 841 chrome::kCryptoModulePasswordKeygen, |
959 net::HostPortPair::FromURL(url), | 842 net::HostPortPair::FromURL(url), |
960 this, | 843 io_data_->cert_db_io_.get(), |
961 got_delegate_callback); | 844 got_delegate_callback); |
962 #else | 845 #else |
963 callback.Run(make_scoped_ptr( | 846 callback.Run(make_scoped_ptr( |
964 new net::KeygenHandler(key_size_in_bits, challenge_string, url))); | 847 new net::KeygenHandler(key_size_in_bits, challenge_string, url))); |
965 #endif | 848 #endif |
966 } | 849 } |
967 | 850 |
968 ResourceContext::SaltCallback | 851 ResourceContext::SaltCallback |
969 ProfileIOData::ResourceContext::GetMediaDeviceIDSalt() { | 852 ProfileIOData::ResourceContext::GetMediaDeviceIDSalt() { |
970 return io_data_->GetMediaDeviceIDSalt(); | 853 return io_data_->GetMediaDeviceIDSalt(); |
(...skipping 96 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1067 if (profile_params_->resource_prefetch_predictor_observer_) { | 950 if (profile_params_->resource_prefetch_predictor_observer_) { |
1068 resource_prefetch_predictor_observer_.reset( | 951 resource_prefetch_predictor_observer_.reset( |
1069 profile_params_->resource_prefetch_predictor_observer_.release()); | 952 profile_params_->resource_prefetch_predictor_observer_.release()); |
1070 } | 953 } |
1071 | 954 |
1072 #if defined(ENABLE_MANAGED_USERS) | 955 #if defined(ENABLE_MANAGED_USERS) |
1073 supervised_user_url_filter_ = profile_params_->supervised_user_url_filter; | 956 supervised_user_url_filter_ = profile_params_->supervised_user_url_filter; |
1074 #endif | 957 #endif |
1075 | 958 |
1076 #if defined(OS_CHROMEOS) | 959 #if defined(OS_CHROMEOS) |
1077 username_hash_ = profile_params_->username_hash; | |
1078 use_system_key_slot_ = profile_params_->use_system_key_slot; | |
1079 if (use_system_key_slot_) | |
1080 EnableNSSSystemKeySlotForResourceContext(resource_context_.get()); | |
1081 | |
1082 crypto::ScopedPK11Slot public_slot = | 960 crypto::ScopedPK11Slot public_slot = |
1083 crypto::GetPublicSlotForChromeOSUser(username_hash_); | 961 crypto::GetPublicSlotForChromeOSUser(profile_params_->username_hash); |
1084 // The private slot won't be ready by this point. It shouldn't be necessary | 962 // The private slot won't be ready by this point. It shouldn't be necessary |
1085 // for cert trust purposes anyway. | 963 // for cert trust purposes anyway. |
1086 scoped_refptr<net::CertVerifyProc> verify_proc( | 964 scoped_refptr<net::CertVerifyProc> verify_proc( |
1087 new chromeos::CertVerifyProcChromeOS(public_slot.Pass())); | 965 new chromeos::CertVerifyProcChromeOS(public_slot.Pass())); |
1088 if (policy_cert_verifier_) { | 966 if (policy_cert_verifier_) { |
1089 DCHECK_EQ(policy_cert_verifier_, cert_verifier_.get()); | 967 DCHECK_EQ(policy_cert_verifier_, cert_verifier_.get()); |
1090 policy_cert_verifier_->InitializeOnIOThread(verify_proc); | 968 policy_cert_verifier_->InitializeOnIOThread(verify_proc); |
1091 } else { | 969 } else { |
1092 cert_verifier_.reset(new net::MultiThreadedCertVerifier(verify_proc.get())); | 970 cert_verifier_.reset(new net::MultiThreadedCertVerifier(verify_proc.get())); |
1093 } | 971 } |
(...skipping 193 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1287 void ProfileIOData::SetCookieSettingsForTesting( | 1165 void ProfileIOData::SetCookieSettingsForTesting( |
1288 CookieSettings* cookie_settings) { | 1166 CookieSettings* cookie_settings) { |
1289 DCHECK(!cookie_settings_.get()); | 1167 DCHECK(!cookie_settings_.get()); |
1290 cookie_settings_ = cookie_settings; | 1168 cookie_settings_ = cookie_settings; |
1291 } | 1169 } |
1292 | 1170 |
1293 void ProfileIOData::set_signin_names_for_testing( | 1171 void ProfileIOData::set_signin_names_for_testing( |
1294 SigninNamesOnIOThread* signin_names) { | 1172 SigninNamesOnIOThread* signin_names) { |
1295 signin_names_.reset(signin_names); | 1173 signin_names_.reset(signin_names); |
1296 } | 1174 } |
OLD | NEW |