net/socket/client_socket_pool_manager_impl.cc - Issue 76443006: Certificate Transparency: Threading the CT verifier into the SSL client socket.

Side by Side Diff: net/socket/client_socket_pool_manager_impl.cc

Issue 76443006: Certificate Transparency: Threading the CT verifier into the SSL client socket. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Reverted changes to cert_status_flags, added error code Created 7 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "net/socket/client_socket_pool_manager_impl.h"	5 #include "net/socket/client_socket_pool_manager_impl.h"

6	6

7 #include "base/logging.h"	7 #include "base/logging.h"

8 #include "base/values.h"	8 #include "base/values.h"

9 #include "net/http/http_network_session.h"	9 #include "net/http/http_network_session.h"

10 #include "net/http/http_proxy_client_socket_pool.h"	10 #include "net/http/http_proxy_client_socket_pool.h"

(...skipping 22 matching lines...) Expand all Loading...
33	33

34 } // namespace	34 } // namespace

35	35

36 ClientSocketPoolManagerImpl::ClientSocketPoolManagerImpl(	36 ClientSocketPoolManagerImpl::ClientSocketPoolManagerImpl(

37 NetLog* net_log,	37 NetLog* net_log,

38 ClientSocketFactory* socket_factory,	38 ClientSocketFactory* socket_factory,

39 HostResolver* host_resolver,	39 HostResolver* host_resolver,

40 CertVerifier* cert_verifier,	40 CertVerifier* cert_verifier,

41 ServerBoundCertService* server_bound_cert_service,	41 ServerBoundCertService* server_bound_cert_service,

42 TransportSecurityState* transport_security_state,	42 TransportSecurityState* transport_security_state,

	43 CTVerifier* cert_transparency_verifier,

43 const std::string& ssl_session_cache_shard,	44 const std::string& ssl_session_cache_shard,

44 ProxyService* proxy_service,	45 ProxyService* proxy_service,

45 SSLConfigService* ssl_config_service,	46 SSLConfigService* ssl_config_service,

46 HttpNetworkSession::SocketPoolType pool_type)	47 HttpNetworkSession::SocketPoolType pool_type)

47 : net_log_(net_log),	48 : net_log_(net_log),

48 socket_factory_(socket_factory),	49 socket_factory_(socket_factory),

49 host_resolver_(host_resolver),	50 host_resolver_(host_resolver),

50 cert_verifier_(cert_verifier),	51 cert_verifier_(cert_verifier),

51 server_bound_cert_service_(server_bound_cert_service),	52 server_bound_cert_service_(server_bound_cert_service),

52 transport_security_state_(transport_security_state),	53 transport_security_state_(transport_security_state),

	54 cert_transparency_verifier_(cert_transparency_verifier),

53 ssl_session_cache_shard_(ssl_session_cache_shard),	55 ssl_session_cache_shard_(ssl_session_cache_shard),

54 proxy_service_(proxy_service),	56 proxy_service_(proxy_service),

55 ssl_config_service_(ssl_config_service),	57 ssl_config_service_(ssl_config_service),

56 pool_type_(pool_type),	58 pool_type_(pool_type),

57 transport_pool_histograms_("TCP"),	59 transport_pool_histograms_("TCP"),

58 transport_socket_pool_(new TransportClientSocketPool(	60 transport_socket_pool_(new TransportClientSocketPool(

59 max_sockets_per_pool(pool_type), max_sockets_per_group(pool_type),	61 max_sockets_per_pool(pool_type), max_sockets_per_group(pool_type),

60 &transport_pool_histograms_,	62 &transport_pool_histograms_,

61 host_resolver,	63 host_resolver,

62 socket_factory_,	64 socket_factory_,

63 net_log)),	65 net_log)),

64 ssl_pool_histograms_("SSL2"),	66 ssl_pool_histograms_("SSL2"),

65 ssl_socket_pool_(new SSLClientSocketPool(	67 ssl_socket_pool_(new SSLClientSocketPool(

66 max_sockets_per_pool(pool_type), max_sockets_per_group(pool_type),	68 max_sockets_per_pool(pool_type), max_sockets_per_group(pool_type),

67 &ssl_pool_histograms_,	69 &ssl_pool_histograms_,

68 host_resolver,	70 host_resolver,

69 cert_verifier,	71 cert_verifier,

70 server_bound_cert_service,	72 server_bound_cert_service,

71 transport_security_state,	73 transport_security_state,

	74 cert_transparency_verifier,

72 ssl_session_cache_shard,	75 ssl_session_cache_shard,

73 socket_factory,	76 socket_factory,

74 transport_socket_pool_.get(),	77 transport_socket_pool_.get(),

75 NULL /* no socks proxy */,	78 NULL /* no socks proxy */,

76 NULL /* no http proxy */,	79 NULL /* no http proxy */,

77 ssl_config_service,	80 ssl_config_service,

78 net_log)),	81 net_log)),

79 transport_for_socks_pool_histograms_("TCPforSOCKS"),	82 transport_for_socks_pool_histograms_("TCPforSOCKS"),

80 socks_pool_histograms_("SOCK"),	83 socks_pool_histograms_("SOCK"),

81 transport_for_http_proxy_pool_histograms_("TCPforHTTPProxy"),	84 transport_for_http_proxy_pool_histograms_("TCPforHTTPProxy"),

(...skipping 197 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
279 std::pair<SSLSocketPoolMap::iterator, bool> ssl_https_ret =	282 std::pair<SSLSocketPoolMap::iterator, bool> ssl_https_ret =

280 ssl_socket_pools_for_https_proxies_.insert(std::make_pair(	283 ssl_socket_pools_for_https_proxies_.insert(std::make_pair(

281 http_proxy,	284 http_proxy,

282 new SSLClientSocketPool(max_sockets_per_proxy_server(pool_type_),	285 new SSLClientSocketPool(max_sockets_per_proxy_server(pool_type_),

283 max_sockets_per_group(pool_type_),	286 max_sockets_per_group(pool_type_),

284 &ssl_for_https_proxy_pool_histograms_,	287 &ssl_for_https_proxy_pool_histograms_,

285 host_resolver_,	288 host_resolver_,

286 cert_verifier_,	289 cert_verifier_,

287 server_bound_cert_service_,	290 server_bound_cert_service_,

288 transport_security_state_,	291 transport_security_state_,

	292 cert_transparency_verifier_,

289 ssl_session_cache_shard_,	293 ssl_session_cache_shard_,

290 socket_factory_,	294 socket_factory_,

291 tcp_https_ret.first->second /* https proxy */,	295 tcp_https_ret.first->second /* https proxy */,

292 NULL /* no socks proxy */,	296 NULL /* no socks proxy */,

293 NULL /* no http proxy */,	297 NULL /* no http proxy */,

294 ssl_config_service_.get(),	298 ssl_config_service_.get(),

295 net_log_)));	299 net_log_)));

296 DCHECK(tcp_https_ret.second);	300 DCHECK(tcp_https_ret.second);

297	301

298 std::pair<HTTPProxySocketPoolMap::iterator, bool> ret =	302 std::pair<HTTPProxySocketPoolMap::iterator, bool> ret =

(...skipping 20 matching lines...) Expand all Loading...
319 return it->second;	323 return it->second;

320	324

321 SSLClientSocketPool* new_pool = new SSLClientSocketPool(	325 SSLClientSocketPool* new_pool = new SSLClientSocketPool(

322 max_sockets_per_proxy_server(pool_type_),	326 max_sockets_per_proxy_server(pool_type_),

323 max_sockets_per_group(pool_type_),	327 max_sockets_per_group(pool_type_),

324 &ssl_pool_histograms_,	328 &ssl_pool_histograms_,

325 host_resolver_,	329 host_resolver_,

326 cert_verifier_,	330 cert_verifier_,

327 server_bound_cert_service_,	331 server_bound_cert_service_,

328 transport_security_state_,	332 transport_security_state_,

	333 cert_transparency_verifier_,

329 ssl_session_cache_shard_,	334 ssl_session_cache_shard_,

330 socket_factory_,	335 socket_factory_,

331 NULL, /* no tcp pool, we always go through a proxy */	336 NULL, /* no tcp pool, we always go through a proxy */

332 GetSocketPoolForSOCKSProxy(proxy_server),	337 GetSocketPoolForSOCKSProxy(proxy_server),

333 GetSocketPoolForHTTPProxy(proxy_server),	338 GetSocketPoolForHTTPProxy(proxy_server),

334 ssl_config_service_.get(),	339 ssl_config_service_.get(),

335 net_log_);	340 net_log_);

336	341

337 std::pair<SSLSocketPoolMap::iterator, bool> ret =	342 std::pair<SSLSocketPoolMap::iterator, bool> ret =

338 ssl_socket_pools_for_proxies_.insert(std::make_pair(proxy_server,	343 ssl_socket_pools_for_proxies_.insert(std::make_pair(proxy_server,

(...skipping 44 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
383 // We should not flush the socket pools if we added trust to a	388 // We should not flush the socket pools if we added trust to a

384 // cert.	389 // cert.

385 //	390 //

386 // Since the OnCACertChanged method doesn't tell us what	391 // Since the OnCACertChanged method doesn't tell us what

387 // kind of change it is, we have to flush the socket	392 // kind of change it is, we have to flush the socket

388 // pools to be safe.	393 // pools to be safe.

389 FlushSocketPoolsWithError(ERR_NETWORK_CHANGED);	394 FlushSocketPoolsWithError(ERR_NETWORK_CHANGED);

390 }	395 }

391	396

392 } // namespace net	397 } // namespace net

OLD	NEW

« net/cert/ct_known_logs.cc ('K') | « net/socket/client_socket_pool_manager_impl.h ('k') | net/socket/ssl_client_socket.h » ('j') | no next file with comments »