Chromium Code Reviews| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/net/sqlite_origin_bound_cert_store.h" | 5 #include "chrome/browser/net/sqlite_origin_bound_cert_store.h" |
| 6 | 6 |
| 7 #include <list> | 7 #include <list> |
| 8 | 8 |
| 9 #include "base/basictypes.h" | 9 #include "base/basictypes.h" |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 158 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 169 db_.reset(); | 169 db_.reset(); |
| 170 return false; | 170 return false; |
| 171 } | 171 } |
| 172 | 172 |
| 173 db_->Preload(); | 173 db_->Preload(); |
| 174 | 174 |
| 175 // Slurp all the certs into the out-vector. | 175 // Slurp all the certs into the out-vector. |
| 176 sql::Statement smt(db_->GetUniqueStatement( | 176 sql::Statement smt(db_->GetUniqueStatement( |
| 177 "SELECT origin, private_key, cert, cert_type, expiration_time, " | 177 "SELECT origin, private_key, cert, cert_type, expiration_time, " |
| 178 "creation_time FROM origin_bound_certs")); | 178 "creation_time FROM origin_bound_certs")); |
| 179 if (!smt) { | 179 if (!smt.is_valid()) { |
| 180 NOTREACHED() << "select statement prep failed"; | |
| 181 db_.reset(); | 180 db_.reset(); |
| 182 return false; | 181 return false; |
| 183 } | 182 } |
| 184 | 183 |
| 185 while (smt.Step()) { | 184 while (smt.Step()) { |
| 186 std::string private_key_from_db, cert_from_db; | 185 std::string private_key_from_db, cert_from_db; |
| 187 smt.ColumnBlobAsString(1, &private_key_from_db); | 186 smt.ColumnBlobAsString(1, &private_key_from_db); |
| 188 smt.ColumnBlobAsString(2, &cert_from_db); | 187 smt.ColumnBlobAsString(2, &cert_from_db); |
| 189 scoped_ptr<net::DefaultOriginBoundCertStore::OriginBoundCert> cert( | 188 scoped_ptr<net::DefaultOriginBoundCertStore::OriginBoundCert> cert( |
| 190 new net::DefaultOriginBoundCertStore::OriginBoundCert( | 189 new net::DefaultOriginBoundCertStore::OriginBoundCert( |
| (...skipping 22 matching lines...) Expand all Loading... | |
| 213 } | 212 } |
| 214 | 213 |
| 215 int cur_version = meta_table_.GetVersionNumber(); | 214 int cur_version = meta_table_.GetVersionNumber(); |
| 216 if (cur_version == 1) { | 215 if (cur_version == 1) { |
| 217 sql::Transaction transaction(db_.get()); | 216 sql::Transaction transaction(db_.get()); |
| 218 if (!transaction.Begin()) | 217 if (!transaction.Begin()) |
| 219 return false; | 218 return false; |
| 220 if (!db_->Execute("ALTER TABLE origin_bound_certs ADD COLUMN cert_type " | 219 if (!db_->Execute("ALTER TABLE origin_bound_certs ADD COLUMN cert_type " |
| 221 "INTEGER")) { | 220 "INTEGER")) { |
| 222 LOG(WARNING) << "Unable to update origin bound cert database to " | 221 LOG(WARNING) << "Unable to update origin bound cert database to " |
| 223 << "version 2."; | 222 << "version 4."; |
|
Scott Hess - ex-Googler
2012/02/13 22:04:04
Nope, this stanza is upgrading to version 2, not v
Greg Billock
2012/02/13 22:48:59
I think you're right. I was reacting to wtc's comm
| |
| 224 return false; | 223 return false; |
| 225 } | 224 } |
| 226 // All certs in version 1 database are rsa_sign, which has a value of 1. | 225 // All certs in version 1 database are rsa_sign, which has a value of 1. |
| 227 if (!db_->Execute("UPDATE origin_bound_certs SET cert_type = 1")) { | 226 if (!db_->Execute("UPDATE origin_bound_certs SET cert_type = 1")) { |
| 228 LOG(WARNING) << "Unable to update origin bound cert database to " | 227 LOG(WARNING) << "Unable to update origin bound cert database to " |
| 229 << "version 2."; | 228 << "version 4."; |
| 230 return false; | 229 return false; |
| 231 } | 230 } |
| 232 ++cur_version; | 231 ++cur_version; |
| 233 meta_table_.SetVersionNumber(cur_version); | 232 meta_table_.SetVersionNumber(cur_version); |
| 234 meta_table_.SetCompatibleVersionNumber( | 233 meta_table_.SetCompatibleVersionNumber( |
| 235 std::min(cur_version, kCompatibleVersionNumber)); | 234 std::min(cur_version, kCompatibleVersionNumber)); |
| 236 transaction.Commit(); | 235 transaction.Commit(); |
| 237 } | 236 } |
| 238 | 237 |
| 239 if (cur_version <= 3) { | 238 if (cur_version <= 3) { |
| (...skipping 12 matching lines...) Expand all Loading... | |
| 252 | 251 |
| 253 if (!db_->Execute("ALTER TABLE origin_bound_certs ADD COLUMN " | 252 if (!db_->Execute("ALTER TABLE origin_bound_certs ADD COLUMN " |
| 254 "creation_time INTEGER")) { | 253 "creation_time INTEGER")) { |
| 255 LOG(WARNING) << "Unable to update origin bound cert database to " | 254 LOG(WARNING) << "Unable to update origin bound cert database to " |
| 256 << "version 4."; | 255 << "version 4."; |
| 257 return false; | 256 return false; |
| 258 } | 257 } |
| 259 | 258 |
| 260 sql::Statement smt(db_->GetUniqueStatement( | 259 sql::Statement smt(db_->GetUniqueStatement( |
| 261 "SELECT origin, cert FROM origin_bound_certs")); | 260 "SELECT origin, cert FROM origin_bound_certs")); |
| 262 sql::Statement update_expires_smt(db_->GetUniqueStatement( | 261 if (!smt.is_valid()) { |
|
Scott Hess - ex-Googler
2012/02/13 22:04:04
I think this would be reasonable to leave as !stmt
Greg Billock
2012/02/13 22:48:59
Done.
| |
| 263 "UPDATE origin_bound_certs SET expiration_time = ? WHERE origin = ?")); | |
| 264 sql::Statement update_creation_smt(db_->GetUniqueStatement( | |
| 265 "UPDATE origin_bound_certs SET creation_time = ? WHERE origin = ?")); | |
| 266 if (!smt || !update_expires_smt || !update_creation_smt) { | |
| 267 LOG(WARNING) << "Unable to update origin bound cert database to " | 262 LOG(WARNING) << "Unable to update origin bound cert database to " |
| 268 << "version 4."; | 263 << "version 4."; |
| 269 return false; | 264 return false; |
| 270 } | 265 } |
| 266 | |
| 267 sql::Statement update_expires_smt(db_->GetUniqueStatement( | |
| 268 "UPDATE origin_bound_certs SET expiration_time = ? WHERE origin = ?")); | |
| 269 if (!update_expires_smt.is_valid()) { | |
| 270 LOG(WARNING) << "Unable to update origin bound cert database to " | |
| 271 << "version 4."; | |
| 272 return false; | |
| 273 } | |
| 274 | |
| 275 sql::Statement update_creation_smt(db_->GetUniqueStatement( | |
| 276 "UPDATE origin_bound_certs SET creation_time = ? WHERE origin = ?")); | |
| 277 if (!update_creation_smt.is_valid()) { | |
| 278 LOG(WARNING) << "Unable to update origin bound cert database to " | |
| 279 << "version 4."; | |
| 280 return false; | |
| 281 } | |
| 282 | |
| 271 while (smt.Step()) { | 283 while (smt.Step()) { |
| 272 std::string origin = smt.ColumnString(0); | 284 std::string origin = smt.ColumnString(0); |
| 273 std::string cert_from_db; | 285 std::string cert_from_db; |
| 274 smt.ColumnBlobAsString(1, &cert_from_db); | 286 smt.ColumnBlobAsString(1, &cert_from_db); |
| 275 // Parse the cert and extract the real value and then update the DB. | 287 // Parse the cert and extract the real value and then update the DB. |
| 276 scoped_refptr<net::X509Certificate> cert( | 288 scoped_refptr<net::X509Certificate> cert( |
| 277 net::X509Certificate::CreateFromBytes( | 289 net::X509Certificate::CreateFromBytes( |
| 278 cert_from_db.data(), cert_from_db.size())); | 290 cert_from_db.data(), cert_from_db.size())); |
| 279 if (cert) { | 291 if (cert) { |
| 280 if (cur_version == 2) { | 292 if (cur_version == 2) { |
| (...skipping 94 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 375 num_pending_ = 0; | 387 num_pending_ = 0; |
| 376 } | 388 } |
| 377 | 389 |
| 378 // Maybe an old timer fired or we are already Close()'ed. | 390 // Maybe an old timer fired or we are already Close()'ed. |
| 379 if (!db_.get() || ops.empty()) | 391 if (!db_.get() || ops.empty()) |
| 380 return; | 392 return; |
| 381 | 393 |
| 382 sql::Statement add_smt(db_->GetCachedStatement(SQL_FROM_HERE, | 394 sql::Statement add_smt(db_->GetCachedStatement(SQL_FROM_HERE, |
| 383 "INSERT INTO origin_bound_certs (origin, private_key, cert, cert_type, " | 395 "INSERT INTO origin_bound_certs (origin, private_key, cert, cert_type, " |
| 384 "expiration_time) VALUES (?,?,?,?,?)")); | 396 "expiration_time) VALUES (?,?,?,?,?)")); |
| 385 if (!add_smt) { | 397 if (!add_smt.is_valid()) |
| 386 NOTREACHED(); | |
| 387 return; | 398 return; |
| 388 } | |
| 389 | 399 |
| 390 sql::Statement del_smt(db_->GetCachedStatement(SQL_FROM_HERE, | 400 sql::Statement del_smt(db_->GetCachedStatement(SQL_FROM_HERE, |
| 391 "DELETE FROM origin_bound_certs WHERE origin=?")); | 401 "DELETE FROM origin_bound_certs WHERE origin=?")); |
| 392 if (!del_smt) { | 402 if (!del_smt.is_valid()) |
| 393 NOTREACHED(); | |
| 394 return; | 403 return; |
| 395 } | |
| 396 | 404 |
| 397 sql::Transaction transaction(db_.get()); | 405 sql::Transaction transaction(db_.get()); |
| 398 if (!transaction.Begin()) { | 406 if (!transaction.Begin()) |
| 399 NOTREACHED(); | |
| 400 return; | 407 return; |
| 401 } | 408 |
| 402 for (PendingOperationsList::iterator it = ops.begin(); | 409 for (PendingOperationsList::iterator it = ops.begin(); |
| 403 it != ops.end(); ++it) { | 410 it != ops.end(); ++it) { |
| 404 // Free the certs as we commit them to the database. | 411 // Free the certs as we commit them to the database. |
| 405 scoped_ptr<PendingOperation> po(*it); | 412 scoped_ptr<PendingOperation> po(*it); |
| 406 switch (po->op()) { | 413 switch (po->op()) { |
| 407 case PendingOperation::CERT_ADD: { | 414 case PendingOperation::CERT_ADD: { |
| 408 add_smt.Reset(); | 415 add_smt.Reset(); |
| 409 add_smt.BindString(0, po->cert().origin()); | 416 add_smt.BindString(0, po->cert().origin()); |
| 410 const std::string& private_key = po->cert().private_key(); | 417 const std::string& private_key = po->cert().private_key(); |
| 411 add_smt.BindBlob(1, private_key.data(), private_key.size()); | 418 add_smt.BindBlob(1, private_key.data(), private_key.size()); |
| (...skipping 96 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 508 if (backend_.get()) | 515 if (backend_.get()) |
| 509 backend_->SetClearLocalStateOnExit(clear_local_state); | 516 backend_->SetClearLocalStateOnExit(clear_local_state); |
| 510 } | 517 } |
| 511 | 518 |
| 512 void SQLiteOriginBoundCertStore::Flush(const base::Closure& completion_task) { | 519 void SQLiteOriginBoundCertStore::Flush(const base::Closure& completion_task) { |
| 513 if (backend_.get()) | 520 if (backend_.get()) |
| 514 backend_->Flush(completion_task); | 521 backend_->Flush(completion_task); |
| 515 else if (!completion_task.is_null()) | 522 else if (!completion_task.is_null()) |
| 516 MessageLoop::current()->PostTask(FROM_HERE, completion_task); | 523 MessageLoop::current()->PostTask(FROM_HERE, completion_task); |
| 517 } | 524 } |
| OLD | NEW |