| Index: chromeos/network/client_cert_store_chromeos.cc
|
| diff --git a/net/ssl/client_cert_store_chromeos.cc b/chromeos/network/client_cert_store_chromeos.cc
|
| similarity index 32%
|
| rename from net/ssl/client_cert_store_chromeos.cc
|
| rename to chromeos/network/client_cert_store_chromeos.cc
|
| index 6dacd4569207e6591bb5bba057388d44e3d802ce..14422da3de4c7bc2144fe1b48d691f686dfbe806 100644
|
| --- a/net/ssl/client_cert_store_chromeos.cc
|
| +++ b/chromeos/network/client_cert_store_chromeos.cc
|
| @@ -2,86 +2,54 @@
|
| // Use of this source code is governed by a BSD-style license that can be
|
| // found in the LICENSE file.
|
|
|
| -#include "net/ssl/client_cert_store_chromeos.h"
|
| +#include "chromeos/network/client_cert_store_chromeos.h"
|
|
|
| #include <cert.h>
|
|
|
| #include "base/bind.h"
|
| -#include "crypto/nss_crypto_module_delegate.h"
|
| -#include "crypto/nss_util_internal.h"
|
| +#include "base/logging.h"
|
| +#include "components/cert_database/public/cert_database_service_io_part.h"
|
| +#include "net/cert/nss_cert_database.h"
|
| +#include "net/cert/x509_certificate.h"
|
|
|
| -namespace net {
|
| -
|
| -namespace {
|
| -
|
| -typedef base::Callback<void(crypto::ScopedPK11Slot system_slot,
|
| - crypto::ScopedPK11Slot private_slot)>
|
| - GetSystemAndPrivateSlotCallback;
|
| -
|
| -// Gets the private slot for the user with the username hash |username_hash| and
|
| -// calls |callback| with both |system_slot| and the obtained private slot.
|
| -void GetPrivateSlotAndCallBack(const std::string& username_hash,
|
| - const GetSystemAndPrivateSlotCallback& callback,
|
| - crypto::ScopedPK11Slot system_slot) {
|
| - base::Callback<void(crypto::ScopedPK11Slot)> wrapped_callback =
|
| - base::Bind(callback, base::Passed(&system_slot));
|
| -
|
| - crypto::ScopedPK11Slot slot(
|
| - crypto::GetPrivateSlotForChromeOSUser(username_hash, wrapped_callback));
|
| - if (slot)
|
| - wrapped_callback.Run(slot.Pass());
|
| -}
|
| -
|
| -// Gets the system slot, then the private slot for the user with the username
|
| -// hash |username_hash|, and finally calls |callback| with both slots.
|
| -void GetSystemAndPrivateSlot(const std::string& username_hash,
|
| - const GetSystemAndPrivateSlotCallback& callback) {
|
| - crypto::ScopedPK11Slot system_slot(crypto::GetSystemNSSKeySlot(
|
| - base::Bind(&GetPrivateSlotAndCallBack, username_hash, callback)));
|
| - if (system_slot)
|
| - GetPrivateSlotAndCallBack(username_hash, callback, system_slot.Pass());
|
| -}
|
| -
|
| -} // namespace
|
| +namespace chromeos {
|
|
|
| ClientCertStoreChromeOS::ClientCertStoreChromeOS(
|
| - bool use_system_slot,
|
| - const std::string& username_hash,
|
| + const base::WeakPtr<CertDatabaseServiceIOPart>& cert_db_io,
|
| const PasswordDelegateFactory& password_delegate_factory)
|
| - : ClientCertStoreNSS(password_delegate_factory),
|
| - use_system_slot_(use_system_slot),
|
| - username_hash_(username_hash) {
|
| + : ClientCertStoreNSS(password_delegate_factory), cert_db_io_(cert_db_io) {
|
| }
|
|
|
| -ClientCertStoreChromeOS::~ClientCertStoreChromeOS() {}
|
| +ClientCertStoreChromeOS::~ClientCertStoreChromeOS() {
|
| +}
|
|
|
| void ClientCertStoreChromeOS::GetClientCerts(
|
| - const SSLCertRequestInfo& cert_request_info,
|
| - CertificateList* selected_certs,
|
| + const net::SSLCertRequestInfo& cert_request_info,
|
| + net::CertificateList* selected_certs,
|
| const base::Closure& callback) {
|
| - GetSystemAndPrivateSlotCallback bound_callback =
|
| - base::Bind(&ClientCertStoreChromeOS::DidGetSystemAndPrivateSlot,
|
| + if (!cert_db_io_) {
|
| + LOG(ERROR) << "Cert database shutdown.";
|
| + return;
|
| + }
|
| + base::Callback<void(net::NSSCertDatabase*)> nss_db_callback =
|
| + base::Bind(&ClientCertStoreChromeOS::DidGetNSSCertDatabase,
|
| // Caller is responsible for keeping the ClientCertStore alive
|
| // until the callback is run.
|
| base::Unretained(this),
|
| &cert_request_info,
|
| selected_certs,
|
| callback);
|
| -
|
| - if (use_system_slot_) {
|
| - GetSystemAndPrivateSlot(username_hash_, bound_callback);
|
| - } else {
|
| - // Skip getting the system slot.
|
| - GetPrivateSlotAndCallBack(
|
| - username_hash_, bound_callback, crypto::ScopedPK11Slot());
|
| - }
|
| + net::NSSCertDatabase* cert_db =
|
| + cert_db_io_->GetNSSCertDatabase(nss_db_callback);
|
| + if (cert_db)
|
| + nss_db_callback.Run(cert_db);
|
| }
|
|
|
| void ClientCertStoreChromeOS::GetClientCertsImpl(
|
| CERTCertList* cert_list,
|
| - const SSLCertRequestInfo& request,
|
| + const net::SSLCertRequestInfo& request,
|
| bool query_nssdb,
|
| - CertificateList* selected_certs) {
|
| + net::CertificateList* selected_certs) {
|
| ClientCertStoreNSS::GetClientCertsImpl(
|
| cert_list, request, query_nssdb, selected_certs);
|
|
|
| @@ -90,23 +58,22 @@ void ClientCertStoreChromeOS::GetClientCertsImpl(
|
| std::remove_if(
|
| selected_certs->begin(),
|
| selected_certs->end(),
|
| - NSSProfileFilterChromeOS::CertNotAllowedForProfilePredicate(
|
| + net::NSSProfileFilterChromeOS::CertNotAllowedForProfilePredicate(
|
| profile_filter_)),
|
| selected_certs->end());
|
| DVLOG(1) << "filtered " << pre_size - selected_certs->size() << " of "
|
| << pre_size << " certs";
|
| }
|
|
|
| -void ClientCertStoreChromeOS::DidGetSystemAndPrivateSlot(
|
| - const SSLCertRequestInfo* request,
|
| - CertificateList* selected_certs,
|
| +void ClientCertStoreChromeOS::DidGetNSSCertDatabase(
|
| + const net::SSLCertRequestInfo* request,
|
| + net::CertificateList* selected_certs,
|
| const base::Closure& callback,
|
| - crypto::ScopedPK11Slot system_slot,
|
| - crypto::ScopedPK11Slot private_slot) {
|
| - profile_filter_.Init(crypto::GetPublicSlotForChromeOSUser(username_hash_),
|
| - private_slot.Pass(),
|
| - system_slot.Pass());
|
| + net::NSSCertDatabase* nss_cert_db) {
|
| + profile_filter_.Init(nss_cert_db->GetPublicSlot(),
|
| + nss_cert_db->GetPrivateSlot(),
|
| + nss_cert_db->GetSystemSlot());
|
| ClientCertStoreNSS::GetClientCerts(*request, selected_certs, callback);
|
| }
|
|
|
| -} // namespace net
|
| +} // namespace chromeos
|
|
|
Chromium Code Reviews
Issue 419013003:
Replace c/b/nss_context by a KeyedService. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src