| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/socket/client_socket_pool_manager_impl.h" | 5 #include "net/socket/client_socket_pool_manager_impl.h" |
| 6 | 6 |
| 7 #include "base/logging.h" | 7 #include "base/logging.h" |
| 8 #include "base/values.h" | 8 #include "base/values.h" |
| 9 #include "net/http/http_network_session.h" | 9 #include "net/http/http_network_session.h" |
| 10 #include "net/http/http_proxy_client_socket_pool.h" | 10 #include "net/http/http_proxy_client_socket_pool.h" |
| (...skipping 24 matching lines...) Expand all Loading... |
| 35 } // namespace | 35 } // namespace |
| 36 | 36 |
| 37 ClientSocketPoolManagerImpl::ClientSocketPoolManagerImpl( | 37 ClientSocketPoolManagerImpl::ClientSocketPoolManagerImpl( |
| 38 NetLog* net_log, | 38 NetLog* net_log, |
| 39 ClientSocketFactory* socket_factory, | 39 ClientSocketFactory* socket_factory, |
| 40 HostResolver* host_resolver, | 40 HostResolver* host_resolver, |
| 41 CertVerifier* cert_verifier, | 41 CertVerifier* cert_verifier, |
| 42 ChannelIDService* channel_id_service, | 42 ChannelIDService* channel_id_service, |
| 43 TransportSecurityState* transport_security_state, | 43 TransportSecurityState* transport_security_state, |
| 44 CTVerifier* cert_transparency_verifier, | 44 CTVerifier* cert_transparency_verifier, |
| 45 CertPolicyEnforcer* cert_policy_enforcer, |
| 45 const std::string& ssl_session_cache_shard, | 46 const std::string& ssl_session_cache_shard, |
| 46 ProxyService* proxy_service, | 47 ProxyService* proxy_service, |
| 47 SSLConfigService* ssl_config_service, | 48 SSLConfigService* ssl_config_service, |
| 48 bool enable_ssl_connect_job_waiting, | 49 bool enable_ssl_connect_job_waiting, |
| 49 ProxyDelegate* proxy_delegate, | 50 ProxyDelegate* proxy_delegate, |
| 50 HttpNetworkSession::SocketPoolType pool_type) | 51 HttpNetworkSession::SocketPoolType pool_type) |
| 51 : net_log_(net_log), | 52 : net_log_(net_log), |
| 52 socket_factory_(socket_factory), | 53 socket_factory_(socket_factory), |
| 53 host_resolver_(host_resolver), | 54 host_resolver_(host_resolver), |
| 54 cert_verifier_(cert_verifier), | 55 cert_verifier_(cert_verifier), |
| 55 channel_id_service_(channel_id_service), | 56 channel_id_service_(channel_id_service), |
| 56 transport_security_state_(transport_security_state), | 57 transport_security_state_(transport_security_state), |
| 57 cert_transparency_verifier_(cert_transparency_verifier), | 58 cert_transparency_verifier_(cert_transparency_verifier), |
| 59 cert_policy_enforcer_(cert_policy_enforcer), |
| 58 ssl_session_cache_shard_(ssl_session_cache_shard), | 60 ssl_session_cache_shard_(ssl_session_cache_shard), |
| 59 proxy_service_(proxy_service), | 61 proxy_service_(proxy_service), |
| 60 ssl_config_service_(ssl_config_service), | 62 ssl_config_service_(ssl_config_service), |
| 61 enable_ssl_connect_job_waiting_(enable_ssl_connect_job_waiting), | 63 enable_ssl_connect_job_waiting_(enable_ssl_connect_job_waiting), |
| 62 pool_type_(pool_type), | 64 pool_type_(pool_type), |
| 63 transport_pool_histograms_("TCP"), | 65 transport_pool_histograms_("TCP"), |
| 64 transport_socket_pool_( | 66 transport_socket_pool_( |
| 65 pool_type == HttpNetworkSession::WEBSOCKET_SOCKET_POOL | 67 pool_type == HttpNetworkSession::WEBSOCKET_SOCKET_POOL |
| 66 ? new WebSocketTransportClientSocketPool( | 68 ? new WebSocketTransportClientSocketPool( |
| 67 max_sockets_per_pool(pool_type), | 69 max_sockets_per_pool(pool_type), |
| (...skipping 10 matching lines...) Expand all Loading... |
| 78 net_log)), | 80 net_log)), |
| 79 ssl_pool_histograms_("SSL2"), | 81 ssl_pool_histograms_("SSL2"), |
| 80 ssl_socket_pool_(new SSLClientSocketPool(max_sockets_per_pool(pool_type), | 82 ssl_socket_pool_(new SSLClientSocketPool(max_sockets_per_pool(pool_type), |
| 81 max_sockets_per_group(pool_type), | 83 max_sockets_per_group(pool_type), |
| 82 &ssl_pool_histograms_, | 84 &ssl_pool_histograms_, |
| 83 host_resolver, | 85 host_resolver, |
| 84 cert_verifier, | 86 cert_verifier, |
| 85 channel_id_service, | 87 channel_id_service, |
| 86 transport_security_state, | 88 transport_security_state, |
| 87 cert_transparency_verifier, | 89 cert_transparency_verifier, |
| 90 cert_policy_enforcer, |
| 88 ssl_session_cache_shard, | 91 ssl_session_cache_shard, |
| 89 socket_factory, | 92 socket_factory, |
| 90 transport_socket_pool_.get(), | 93 transport_socket_pool_.get(), |
| 91 NULL /* no socks proxy */, | 94 NULL /* no socks proxy */, |
| 92 NULL /* no http proxy */, | 95 NULL /* no http proxy */, |
| 93 ssl_config_service, | 96 ssl_config_service, |
| 94 enable_ssl_connect_job_waiting, | 97 enable_ssl_connect_job_waiting, |
| 95 net_log)), | 98 net_log)), |
| 96 transport_for_socks_pool_histograms_("TCPforSOCKS"), | 99 transport_for_socks_pool_histograms_("TCPforSOCKS"), |
| 97 socks_pool_histograms_("SOCK"), | 100 socks_pool_histograms_("SOCK"), |
| (...skipping 192 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 290 max_sockets_per_group(pool_type_), | 293 max_sockets_per_group(pool_type_), |
| 291 &transport_for_https_proxy_pool_histograms_, | 294 &transport_for_https_proxy_pool_histograms_, |
| 292 host_resolver_, | 295 host_resolver_, |
| 293 socket_factory_, | 296 socket_factory_, |
| 294 net_log_))); | 297 net_log_))); |
| 295 DCHECK(tcp_https_ret.second); | 298 DCHECK(tcp_https_ret.second); |
| 296 | 299 |
| 297 std::pair<SSLSocketPoolMap::iterator, bool> ssl_https_ret = | 300 std::pair<SSLSocketPoolMap::iterator, bool> ssl_https_ret = |
| 298 ssl_socket_pools_for_https_proxies_.insert(std::make_pair( | 301 ssl_socket_pools_for_https_proxies_.insert(std::make_pair( |
| 299 http_proxy, | 302 http_proxy, |
| 300 new SSLClientSocketPool(max_sockets_per_proxy_server(pool_type_), | 303 new SSLClientSocketPool( |
| 301 max_sockets_per_group(pool_type_), | 304 max_sockets_per_proxy_server(pool_type_), |
| 302 &ssl_for_https_proxy_pool_histograms_, | 305 max_sockets_per_group(pool_type_), |
| 303 host_resolver_, | 306 &ssl_for_https_proxy_pool_histograms_, host_resolver_, |
| 304 cert_verifier_, | 307 cert_verifier_, channel_id_service_, transport_security_state_, |
| 305 channel_id_service_, | 308 cert_transparency_verifier_, cert_policy_enforcer_, |
| 306 transport_security_state_, | 309 ssl_session_cache_shard_, socket_factory_, |
| 307 cert_transparency_verifier_, | 310 tcp_https_ret.first->second /* https proxy */, |
| 308 ssl_session_cache_shard_, | 311 NULL /* no socks proxy */, NULL /* no http proxy */, |
| 309 socket_factory_, | 312 ssl_config_service_.get(), enable_ssl_connect_job_waiting_, |
| 310 tcp_https_ret.first->second /* https proxy */, | 313 net_log_))); |
| 311 NULL /* no socks proxy */, | |
| 312 NULL /* no http proxy */, | |
| 313 ssl_config_service_.get(), | |
| 314 enable_ssl_connect_job_waiting_, | |
| 315 net_log_))); | |
| 316 DCHECK(tcp_https_ret.second); | 314 DCHECK(tcp_https_ret.second); |
| 317 | 315 |
| 318 std::pair<HTTPProxySocketPoolMap::iterator, bool> ret = | 316 std::pair<HTTPProxySocketPoolMap::iterator, bool> ret = |
| 319 http_proxy_socket_pools_.insert( | 317 http_proxy_socket_pools_.insert( |
| 320 std::make_pair( | 318 std::make_pair( |
| 321 http_proxy, | 319 http_proxy, |
| 322 new HttpProxyClientSocketPool( | 320 new HttpProxyClientSocketPool( |
| 323 max_sockets_per_proxy_server(pool_type_), | 321 max_sockets_per_proxy_server(pool_type_), |
| 324 max_sockets_per_group(pool_type_), | 322 max_sockets_per_group(pool_type_), |
| 325 &http_proxy_pool_histograms_, | 323 &http_proxy_pool_histograms_, |
| 326 host_resolver_, | 324 host_resolver_, |
| 327 tcp_http_ret.first->second, | 325 tcp_http_ret.first->second, |
| 328 ssl_https_ret.first->second, | 326 ssl_https_ret.first->second, |
| 329 proxy_delegate_, | 327 proxy_delegate_, |
| 330 net_log_))); | 328 net_log_))); |
| 331 | 329 |
| 332 return ret.first->second; | 330 return ret.first->second; |
| 333 } | 331 } |
| 334 | 332 |
| 335 SSLClientSocketPool* ClientSocketPoolManagerImpl::GetSocketPoolForSSLWithProxy( | 333 SSLClientSocketPool* ClientSocketPoolManagerImpl::GetSocketPoolForSSLWithProxy( |
| 336 const HostPortPair& proxy_server) { | 334 const HostPortPair& proxy_server) { |
| 337 SSLSocketPoolMap::const_iterator it = | 335 SSLSocketPoolMap::const_iterator it = |
| 338 ssl_socket_pools_for_proxies_.find(proxy_server); | 336 ssl_socket_pools_for_proxies_.find(proxy_server); |
| 339 if (it != ssl_socket_pools_for_proxies_.end()) | 337 if (it != ssl_socket_pools_for_proxies_.end()) |
| 340 return it->second; | 338 return it->second; |
| 341 | 339 |
| 342 SSLClientSocketPool* new_pool = new SSLClientSocketPool( | 340 SSLClientSocketPool* new_pool = new SSLClientSocketPool( |
| 343 max_sockets_per_proxy_server(pool_type_), | 341 max_sockets_per_proxy_server(pool_type_), |
| 344 max_sockets_per_group(pool_type_), | 342 max_sockets_per_group(pool_type_), &ssl_pool_histograms_, host_resolver_, |
| 345 &ssl_pool_histograms_, | 343 cert_verifier_, channel_id_service_, transport_security_state_, |
| 346 host_resolver_, | 344 cert_transparency_verifier_, cert_policy_enforcer_, |
| 347 cert_verifier_, | 345 ssl_session_cache_shard_, socket_factory_, |
| 348 channel_id_service_, | |
| 349 transport_security_state_, | |
| 350 cert_transparency_verifier_, | |
| 351 ssl_session_cache_shard_, | |
| 352 socket_factory_, | |
| 353 NULL, /* no tcp pool, we always go through a proxy */ | 346 NULL, /* no tcp pool, we always go through a proxy */ |
| 354 GetSocketPoolForSOCKSProxy(proxy_server), | 347 GetSocketPoolForSOCKSProxy(proxy_server), |
| 355 GetSocketPoolForHTTPProxy(proxy_server), | 348 GetSocketPoolForHTTPProxy(proxy_server), ssl_config_service_.get(), |
| 356 ssl_config_service_.get(), | 349 enable_ssl_connect_job_waiting_, net_log_); |
| 357 enable_ssl_connect_job_waiting_, | |
| 358 net_log_); | |
| 359 | 350 |
| 360 std::pair<SSLSocketPoolMap::iterator, bool> ret = | 351 std::pair<SSLSocketPoolMap::iterator, bool> ret = |
| 361 ssl_socket_pools_for_proxies_.insert(std::make_pair(proxy_server, | 352 ssl_socket_pools_for_proxies_.insert(std::make_pair(proxy_server, |
| 362 new_pool)); | 353 new_pool)); |
| 363 | 354 |
| 364 return ret.first->second; | 355 return ret.first->second; |
| 365 } | 356 } |
| 366 | 357 |
| 367 base::Value* ClientSocketPoolManagerImpl::SocketPoolInfoToValue() const { | 358 base::Value* ClientSocketPoolManagerImpl::SocketPoolInfoToValue() const { |
| 368 base::ListValue* list = new base::ListValue(); | 359 base::ListValue* list = new base::ListValue(); |
| (...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 406 // We should not flush the socket pools if we added trust to a | 397 // We should not flush the socket pools if we added trust to a |
| 407 // cert. | 398 // cert. |
| 408 // | 399 // |
| 409 // Since the OnCACertChanged method doesn't tell us what | 400 // Since the OnCACertChanged method doesn't tell us what |
| 410 // kind of change it is, we have to flush the socket | 401 // kind of change it is, we have to flush the socket |
| 411 // pools to be safe. | 402 // pools to be safe. |
| 412 FlushSocketPoolsWithError(ERR_NETWORK_CHANGED); | 403 FlushSocketPoolsWithError(ERR_NETWORK_CHANGED); |
| 413 } | 404 } |
| 414 | 405 |
| 415 } // namespace net | 406 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 422063004:
Certificate Transparency: Require SCTs for EV certificates. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master