Convert SignedCertificateClass to be ref_counted, and add an SCTStore in which to store them. Add S…

content/browser/loader/resource_loader.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/browser/loader/resource_loader.h"
 
 #include "base/command_line.h"
 #include "base/message_loop/message_loop.h"
 #include "base/metrics/histogram.h"
 #include "base/time/time.h"
 #include "content/browser/child_process_security_policy_impl.h"
 #include "content/browser/loader/cross_site_resource_handler.h"
 #include "content/browser/loader/resource_loader_delegate.h"
 #include "content/browser/loader/resource_request_info_impl.h"
 #include "content/browser/ssl/ssl_client_auth_handler.h"
 #include "content/browser/ssl/ssl_manager.h"
 #include "content/common/ssl_status_serialization.h"
 #include "content/public/browser/cert_store.h"
 #include "content/public/browser/resource_context.h"
 #include "content/public/browser/resource_dispatcher_host_login_delegate.h"
+#include "content/public/browser/sct_store.h"
 #include "content/public/common/content_client.h"
 #include "content/public/common/content_switches.h"
 #include "content/public/common/process_type.h"
 #include "content/public/common/resource_response.h"
 #include "net/base/io_buffer.h"
 #include "net/base/load_flags.h"
 #include "net/http/http_response_headers.h"
 #include "net/ssl/client_cert_store.h"
 #include "net/url_request/url_request_status.h"
 #include "webkit/browser/appcache/appcache_interceptor.h"
@@ skipping 436 matching lines @@
 
 void ResourceLoader::CompleteResponseStarted() {
   ResourceRequestInfoImpl* info = GetRequestInfo();
 
   scoped_refptr<ResourceResponse> response(new ResourceResponse());
   PopulateResourceResponse(request_.get(), response.get());
 
   if (request_->ssl_info().cert.get()) {
     int cert_id = CertStore::GetInstance()->StoreCert(
         request_->ssl_info().cert.get(), info->GetChildID());
-    // XXX(rsleevi): Wire up sending the SCT to the child
-    int signed_certificate_timestamp_id = 0;
+    content::SCTIdStatusList signed_certificate_timestamp_ids;
+    SignedCertificateTimestampStore* sct_store(
+        SignedCertificateTimestampStore::GetInstance());
+
+    for (net::SCTStatusList::const_iterator iter =
+         request_->ssl_info().scts.begin();
+         iter != request_->ssl_info().scts.end(); ++iter) {
+      const int sct_id(sct_store->StoreSignedCertificateTimestamp(
+          iter->first, info->GetChildID()));
+      signed_certificate_timestamp_ids.push_back(
+          std::make_pair(sct_id, iter->second));
+    }
     response->head.security_info = SerializeSecurityInfo(
         cert_id,
         request_->ssl_info().cert_status,
         request_->ssl_info().security_bits,
         request_->ssl_info().connection_status,
-        signed_certificate_timestamp_id);
+        signed_certificate_timestamp_ids);
   } else {
     // We should not have any SSL state.
     DCHECK(!request_->ssl_info().cert_status &&
            request_->ssl_info().security_bits == -1 &&
            !request_->ssl_info().connection_status);
   }
 
   delegate_->DidReceiveResponse(this);
 
   bool defer = false;
@@ skipping 83 matching lines @@
 void ResourceLoader::ResponseCompleted() {
   VLOG(1) << "ResponseCompleted: " << request_->url().spec();
   RecordHistograms();
   ResourceRequestInfoImpl* info = GetRequestInfo();
 
   std::string security_info;
   const net::SSLInfo& ssl_info = request_->ssl_info();
   if (ssl_info.cert.get() != NULL) {
     int cert_id = CertStore::GetInstance()->StoreCert(ssl_info.cert.get(),
                                                       info->GetChildID());
-    // XXX(rsleevi): Wire up the SCTStore
-    int sct_id = 0;
+    content::SCTIdStatusList signed_certificate_timestamp_ids;
+    SignedCertificateTimestampStore* sct_store(
+        SignedCertificateTimestampStore::GetInstance());
+
+    for (net::SCTStatusList::const_iterator iter =
+         request_->ssl_info().scts.begin();
+         iter != request_->ssl_info().scts.end(); ++iter) {
+      const int sct_id(sct_store->StoreSignedCertificateTimestamp(
+          iter->first, info->GetChildID()));
+      signed_certificate_timestamp_ids.push_back(
+          std::make_pair(sct_id, iter->second));
+    }
     security_info = SerializeSecurityInfo(
         cert_id, ssl_info.cert_status, ssl_info.security_bits,
-        ssl_info.connection_status, sct_id);
+        ssl_info.connection_status, signed_certificate_timestamp_ids);
   }
 
   if (handler_->OnResponseCompleted(info->GetRequestID(), request_->status(),
                                     security_info)) {
     // This will result in our destruction.
     CallDidFinishLoading();
   } else {
     // The handler is not ready to die yet.  We will call DidFinishLoading when
     // we resume.
     deferred_stage_ = DEFERRED_FINISH;
@@ skipping 31 matching lines @@
       case net::URLRequestStatus::FAILED:
         status = STATUS_UNDEFINED;
         break;
     }
 
     UMA_HISTOGRAM_ENUMERATION("Net.Prefetch.Pattern", status, STATUS_MAX);
   }
 }
 
 }  // namespace content