| Index: net/socket/ssl_server_socket_nss.cc
|
| diff --git a/net/socket/ssl_server_socket_nss.cc b/net/socket/ssl_server_socket_nss.cc
|
| index 60de5c6959d18b57993ab04f8bdc82d93aef350d..84e63ace2bd19d74bb6cefab674f2f17a959cd39 100644
|
| --- a/net/socket/ssl_server_socket_nss.cc
|
| +++ b/net/socket/ssl_server_socket_nss.cc
|
| @@ -29,6 +29,7 @@
|
|
|
| #include <limits>
|
|
|
| +#include "base/lazy_instance.h"
|
| #include "base/memory/ref_counted.h"
|
| #include "crypto/rsa_private_key.h"
|
| #include "crypto/nss_util_internal.h"
|
| @@ -45,11 +46,42 @@ static const int kRecvBufferSize = 4096;
|
|
|
| namespace net {
|
|
|
| +namespace {
|
| +
|
| +bool g_nss_server_sockets_init = false;
|
| +
|
| +class NSSSSLServerInitSingleton {
|
| + public:
|
| + NSSSSLServerInitSingleton() {
|
| + EnsureNSSSSLInit();
|
| +
|
| + SSL_ConfigServerSessionIDCache(1024, 5, 5, NULL);
|
| + g_nss_server_sockets_init = true;
|
| + }
|
| +
|
| + ~NSSSSLServerInitSingleton() {
|
| + SSL_ShutdownServerSessionIDCache();
|
| + g_nss_server_sockets_init = false;
|
| + }
|
| +};
|
| +
|
| +static base::LazyInstance<NSSSSLServerInitSingleton>
|
| + g_nss_ssl_server_init_singleton = LAZY_INSTANCE_INITIALIZER;
|
| +
|
| +} // namespace
|
| +
|
| +void EnableSSLServerSockets() {
|
| + g_nss_ssl_server_init_singleton.Get();
|
| +}
|
| +
|
| SSLServerSocket* CreateSSLServerSocket(
|
| StreamSocket* socket,
|
| X509Certificate* cert,
|
| crypto::RSAPrivateKey* key,
|
| const SSLConfig& ssl_config) {
|
| + DCHECK(g_nss_server_sockets_init) << "EnableSSLServerSockets() has not been"
|
| + << "called yet!";
|
| +
|
| return new SSLServerSocketNSS(socket, cert, key, ssl_config);
|
| }
|
|
|
| @@ -335,12 +367,6 @@ int SSLServerSocketNSS::InitializeSSLOptions() {
|
| return ERR_UNEXPECTED;
|
| }
|
|
|
| - rv = SSL_ConfigServerSessionIDCache(1024, 5, 5, NULL);
|
| - if (rv != SECSuccess) {
|
| - LogFailedNSSFunction(net_log_, "SSL_ConfigureServerSessionIDCache", "");
|
| - return ERR_UNEXPECTED;
|
| - }
|
| -
|
| rv = SSL_AuthCertificateHook(nss_fd_, OwnAuthCertHandler, this);
|
| if (rv != SECSuccess) {
|
| LogFailedNSSFunction(net_log_, "SSL_AuthCertificateHook", "");
|
| @@ -771,6 +797,7 @@ int SSLServerSocketNSS::Init() {
|
| if (!NSS_IsInitialized())
|
| return ERR_UNEXPECTED;
|
|
|
| + EnableSSLServerSockets();
|
| return OK;
|
| }
|
|
|
|
|
Chromium Code Reviews
Issue 10543106:
Add an explicit function to init NSS for SSL server sockets (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src