| Index: chrome/browser/chromeos/net/client_cert_filter_chromeos.cc
|
| diff --git a/chrome/browser/chromeos/net/client_cert_filter_chromeos.cc b/chrome/browser/chromeos/net/client_cert_filter_chromeos.cc
|
| index 1ff3a786138bd9f7011319eea968f24908b6c16c..4097564c674d59c01d638b5f250b4c0f40439301 100644
|
| --- a/chrome/browser/chromeos/net/client_cert_filter_chromeos.cc
|
| +++ b/chrome/browser/chromeos/net/client_cert_filter_chromeos.cc
|
| @@ -5,18 +5,15 @@
|
| #include "chrome/browser/chromeos/net/client_cert_filter_chromeos.h"
|
|
|
| #include "base/bind.h"
|
| -#include "crypto/nss_util_internal.h"
|
| +#include "components/cert_database/public/cert_database_service_io_part.h"
|
| +#include "net/cert/nss_cert_database.h"
|
| #include "net/cert/x509_certificate.h"
|
|
|
| namespace chromeos {
|
|
|
| ClientCertFilterChromeOS::ClientCertFilterChromeOS(
|
| - bool use_system_slot,
|
| - const std::string& username_hash)
|
| - : init_called_(false),
|
| - use_system_slot_(use_system_slot),
|
| - username_hash_(username_hash),
|
| - weak_ptr_factory_(this) {
|
| + const base::WeakPtr<cert_database::CertDatabaseServiceIOPart>& cert_db_io)
|
| + : init_called_(false), cert_db_io_(cert_db_io), weak_ptr_factory_(this) {
|
| }
|
|
|
| ClientCertFilterChromeOS::~ClientCertFilterChromeOS() {
|
| @@ -27,18 +24,23 @@ bool ClientCertFilterChromeOS::Init(const base::Closure& callback) {
|
| init_called_ = true;
|
|
|
| init_callback_ = callback;
|
| - if (use_system_slot_) {
|
| - system_slot_ = crypto::GetSystemNSSKeySlot(
|
| - base::Bind(&ClientCertFilterChromeOS::GotSystemSlot,
|
| - weak_ptr_factory_.GetWeakPtr())).Pass();
|
| +
|
| + if (!cert_db_io_) {
|
| + LOG(WARNING) << "Certificate database already shutdown.";
|
| + // Do not call back if we initialized synchronously.
|
| + return true;
|
| + }
|
| +
|
| + net::NSSCertDatabase* cert_db = cert_db_io_->GetNSSCertDatabase(
|
| + base::Bind(&ClientCertFilterChromeOS::GotNSSCertDatabase,
|
| + weak_ptr_factory_.GetWeakPtr()));
|
| + if (cert_db) {
|
| + InitNSSProfileFilter(cert_db);
|
| + // Do not call back if we initialized synchronously.
|
| + return true;
|
| }
|
| - private_slot_ =
|
| - crypto::GetPrivateSlotForChromeOSUser(
|
| - username_hash_, base::Bind(&ClientCertFilterChromeOS::GotPrivateSlot,
|
| - weak_ptr_factory_.GetWeakPtr())).Pass();
|
|
|
| - // Do not call back if we initialized synchronously.
|
| - return InitIfSlotsAvailable();
|
| + return false;
|
| }
|
|
|
| bool ClientCertFilterChromeOS::IsCertAllowed(
|
| @@ -46,31 +48,24 @@ bool ClientCertFilterChromeOS::IsCertAllowed(
|
| return nss_profile_filter_.IsCertAllowed(cert->os_cert_handle());
|
| }
|
|
|
| -void ClientCertFilterChromeOS::GotSystemSlot(
|
| - crypto::ScopedPK11Slot system_slot) {
|
| - system_slot_ = system_slot.Pass();
|
| - if (InitIfSlotsAvailable() && !init_callback_.is_null()) {
|
| +void ClientCertFilterChromeOS::GotNSSCertDatabase(
|
| + net::NSSCertDatabase* nss_cert_db) {
|
| + InitNSSProfileFilter(nss_cert_db);
|
| + if (!init_callback_.is_null()) {
|
| init_callback_.Run();
|
| - init_callback_.Reset();
|
| + init_callback_.reset();
|
| }
|
| }
|
|
|
| -void ClientCertFilterChromeOS::GotPrivateSlot(
|
| - crypto::ScopedPK11Slot private_slot) {
|
| - private_slot_ = private_slot.Pass();
|
| - if (InitIfSlotsAvailable() && !init_callback_.is_null()) {
|
| - init_callback_.Run();
|
| - init_callback_.Reset();
|
| +void ClientCertFilterChromeOS::InitNSSProfileFilter(
|
| + net::NSSCertDatabase* nss_cert_db) {
|
| + if (!nss_cert_db) {
|
| + LOG(WARNING) << "No NSSCertDatabase available.";
|
| + return;
|
| }
|
| -}
|
| -
|
| -bool ClientCertFilterChromeOS::InitIfSlotsAvailable() {
|
| - if ((use_system_slot_ && !system_slot_) || !private_slot_)
|
| - return false;
|
| - nss_profile_filter_.Init(crypto::GetPublicSlotForChromeOSUser(username_hash_),
|
| - private_slot_.Pass(),
|
| - system_slot_.Pass());
|
| - return true;
|
| + nss_profile_filter_.Init(nss_cert_db->GetPublicSlot(),
|
| + nss_cert_db->GetPrivateSlot(),
|
| + nss_cert_db->GetSystemSlot());
|
| }
|
|
|
| } // namespace chromeos
|
|
|
Chromium Code Reviews
Issue 419013003:
Replace c/b/nss_context by a KeyedService. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src