OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/base/default_origin_bound_cert_store.h" | 5 #include "net/base/default_origin_bound_cert_store.h" |
6 | 6 |
7 #include "base/bind.h" | 7 #include "base/bind.h" |
8 #include "base/message_loop.h" | 8 #include "base/message_loop.h" |
9 | 9 |
10 namespace net { | 10 namespace net { |
11 | 11 |
12 // static | 12 // static |
13 const size_t DefaultOriginBoundCertStore::kMaxCerts = 3300; | 13 const size_t DefaultServerBoundCertStore::kMaxCerts = 3300; |
14 | 14 |
15 DefaultOriginBoundCertStore::DefaultOriginBoundCertStore( | 15 DefaultServerBoundCertStore::DefaultServerBoundCertStore( |
16 PersistentStore* store) | 16 PersistentStore* store) |
17 : initialized_(false), | 17 : initialized_(false), |
18 store_(store) {} | 18 store_(store) {} |
19 | 19 |
20 void DefaultOriginBoundCertStore::FlushStore( | 20 void DefaultServerBoundCertStore::FlushStore( |
21 const base::Closure& completion_task) { | 21 const base::Closure& completion_task) { |
22 base::AutoLock autolock(lock_); | 22 base::AutoLock autolock(lock_); |
23 | 23 |
24 if (initialized_ && store_) | 24 if (initialized_ && store_) |
25 store_->Flush(completion_task); | 25 store_->Flush(completion_task); |
26 else if (!completion_task.is_null()) | 26 else if (!completion_task.is_null()) |
27 MessageLoop::current()->PostTask(FROM_HERE, completion_task); | 27 MessageLoop::current()->PostTask(FROM_HERE, completion_task); |
28 } | 28 } |
29 | 29 |
30 bool DefaultOriginBoundCertStore::GetOriginBoundCert( | 30 bool DefaultServerBoundCertStore::GetServerBoundCert( |
31 const std::string& origin, | 31 const std::string& server_identifier, |
32 SSLClientCertType* type, | 32 SSLClientCertType* type, |
33 base::Time* creation_time, | 33 base::Time* creation_time, |
34 base::Time* expiration_time, | 34 base::Time* expiration_time, |
35 std::string* private_key_result, | 35 std::string* private_key_result, |
36 std::string* cert_result) { | 36 std::string* cert_result) { |
37 base::AutoLock autolock(lock_); | 37 base::AutoLock autolock(lock_); |
38 InitIfNecessary(); | 38 InitIfNecessary(); |
39 | 39 |
40 OriginBoundCertMap::iterator it = origin_bound_certs_.find(origin); | 40 ServerBoundCertMap::iterator it = server_bound_certs_.find(server_identifier); |
41 | 41 |
42 if (it == origin_bound_certs_.end()) | 42 if (it == server_bound_certs_.end()) |
43 return false; | 43 return false; |
44 | 44 |
45 OriginBoundCert* cert = it->second; | 45 ServerBoundCert* cert = it->second; |
46 *type = cert->type(); | 46 *type = cert->type(); |
47 *creation_time = cert->creation_time(); | 47 *creation_time = cert->creation_time(); |
48 *expiration_time = cert->expiration_time(); | 48 *expiration_time = cert->expiration_time(); |
49 *private_key_result = cert->private_key(); | 49 *private_key_result = cert->private_key(); |
50 *cert_result = cert->cert(); | 50 *cert_result = cert->cert(); |
51 | 51 |
52 return true; | 52 return true; |
53 } | 53 } |
54 | 54 |
55 void DefaultOriginBoundCertStore::SetOriginBoundCert( | 55 void DefaultServerBoundCertStore::SetServerBoundCert( |
56 const std::string& origin, | 56 const std::string& server_identifier, |
57 SSLClientCertType type, | 57 SSLClientCertType type, |
58 base::Time creation_time, | 58 base::Time creation_time, |
59 base::Time expiration_time, | 59 base::Time expiration_time, |
60 const std::string& private_key, | 60 const std::string& private_key, |
61 const std::string& cert) { | 61 const std::string& cert) { |
62 base::AutoLock autolock(lock_); | 62 base::AutoLock autolock(lock_); |
63 InitIfNecessary(); | 63 InitIfNecessary(); |
64 | 64 |
65 InternalDeleteOriginBoundCert(origin); | 65 InternalDeleteServerBoundCert(server_identifier); |
66 InternalInsertOriginBoundCert( | 66 InternalInsertServerBoundCert( |
67 origin, | 67 server_identifier, |
68 new OriginBoundCert( | 68 new ServerBoundCert( |
69 origin, type, creation_time, expiration_time, private_key, cert)); | 69 server_identifier, type, creation_time, expiration_time, private_key, |
| 70 cert)); |
70 } | 71 } |
71 | 72 |
72 void DefaultOriginBoundCertStore::DeleteOriginBoundCert( | 73 void DefaultServerBoundCertStore::DeleteServerBoundCert( |
73 const std::string& origin) { | 74 const std::string& server_identifier) { |
74 base::AutoLock autolock(lock_); | 75 base::AutoLock autolock(lock_); |
75 InitIfNecessary(); | 76 InitIfNecessary(); |
76 InternalDeleteOriginBoundCert(origin); | 77 InternalDeleteServerBoundCert(server_identifier); |
77 } | 78 } |
78 | 79 |
79 void DefaultOriginBoundCertStore::DeleteAllCreatedBetween( | 80 void DefaultServerBoundCertStore::DeleteAllCreatedBetween( |
80 base::Time delete_begin, | 81 base::Time delete_begin, |
81 base::Time delete_end) { | 82 base::Time delete_end) { |
82 base::AutoLock autolock(lock_); | 83 base::AutoLock autolock(lock_); |
83 InitIfNecessary(); | 84 InitIfNecessary(); |
84 for (OriginBoundCertMap::iterator it = origin_bound_certs_.begin(); | 85 for (ServerBoundCertMap::iterator it = server_bound_certs_.begin(); |
85 it != origin_bound_certs_.end();) { | 86 it != server_bound_certs_.end();) { |
86 OriginBoundCertMap::iterator cur = it; | 87 ServerBoundCertMap::iterator cur = it; |
87 ++it; | 88 ++it; |
88 OriginBoundCert* cert = cur->second; | 89 ServerBoundCert* cert = cur->second; |
89 if ((delete_begin.is_null() || cert->creation_time() >= delete_begin) && | 90 if ((delete_begin.is_null() || cert->creation_time() >= delete_begin) && |
90 (delete_end.is_null() || cert->creation_time() < delete_end)) { | 91 (delete_end.is_null() || cert->creation_time() < delete_end)) { |
91 if (store_) | 92 if (store_) |
92 store_->DeleteOriginBoundCert(*cert); | 93 store_->DeleteServerBoundCert(*cert); |
93 delete cert; | 94 delete cert; |
94 origin_bound_certs_.erase(cur); | 95 server_bound_certs_.erase(cur); |
95 } | 96 } |
96 } | 97 } |
97 } | 98 } |
98 | 99 |
99 void DefaultOriginBoundCertStore::DeleteAll() { | 100 void DefaultServerBoundCertStore::DeleteAll() { |
100 DeleteAllCreatedBetween(base::Time(), base::Time()); | 101 DeleteAllCreatedBetween(base::Time(), base::Time()); |
101 } | 102 } |
102 | 103 |
103 void DefaultOriginBoundCertStore::GetAllOriginBoundCerts( | 104 void DefaultServerBoundCertStore::GetAllServerBoundCerts( |
104 std::vector<OriginBoundCert>* origin_bound_certs) { | 105 std::vector<ServerBoundCert>* server_bound_certs) { |
105 base::AutoLock autolock(lock_); | 106 base::AutoLock autolock(lock_); |
106 InitIfNecessary(); | 107 InitIfNecessary(); |
107 for (OriginBoundCertMap::iterator it = origin_bound_certs_.begin(); | 108 for (ServerBoundCertMap::iterator it = server_bound_certs_.begin(); |
108 it != origin_bound_certs_.end(); ++it) { | 109 it != server_bound_certs_.end(); ++it) { |
109 origin_bound_certs->push_back(*it->second); | 110 server_bound_certs->push_back(*it->second); |
110 } | 111 } |
111 } | 112 } |
112 | 113 |
113 int DefaultOriginBoundCertStore::GetCertCount() { | 114 int DefaultServerBoundCertStore::GetCertCount() { |
114 base::AutoLock autolock(lock_); | 115 base::AutoLock autolock(lock_); |
115 InitIfNecessary(); | 116 InitIfNecessary(); |
116 | 117 |
117 return origin_bound_certs_.size(); | 118 return server_bound_certs_.size(); |
118 } | 119 } |
119 | 120 |
120 DefaultOriginBoundCertStore::~DefaultOriginBoundCertStore() { | 121 DefaultServerBoundCertStore::~DefaultServerBoundCertStore() { |
121 DeleteAllInMemory(); | 122 DeleteAllInMemory(); |
122 } | 123 } |
123 | 124 |
124 void DefaultOriginBoundCertStore::DeleteAllInMemory() { | 125 void DefaultServerBoundCertStore::DeleteAllInMemory() { |
125 base::AutoLock autolock(lock_); | 126 base::AutoLock autolock(lock_); |
126 | 127 |
127 for (OriginBoundCertMap::iterator it = origin_bound_certs_.begin(); | 128 for (ServerBoundCertMap::iterator it = server_bound_certs_.begin(); |
128 it != origin_bound_certs_.end(); ++it) { | 129 it != server_bound_certs_.end(); ++it) { |
129 delete it->second; | 130 delete it->second; |
130 } | 131 } |
131 origin_bound_certs_.clear(); | 132 server_bound_certs_.clear(); |
132 } | 133 } |
133 | 134 |
134 void DefaultOriginBoundCertStore::InitStore() { | 135 void DefaultServerBoundCertStore::InitStore() { |
135 lock_.AssertAcquired(); | 136 lock_.AssertAcquired(); |
136 | 137 |
137 DCHECK(store_) << "Store must exist to initialize"; | 138 DCHECK(store_) << "Store must exist to initialize"; |
138 | 139 |
139 // Initialize the store and sync in any saved persistent certs. | 140 // Initialize the store and sync in any saved persistent certs. |
140 std::vector<OriginBoundCert*> certs; | 141 std::vector<ServerBoundCert*> certs; |
141 // Reserve space for the maximum amount of certs a database should have. | 142 // Reserve space for the maximum amount of certs a database should have. |
142 // This prevents multiple vector growth / copies as we append certs. | 143 // This prevents multiple vector growth / copies as we append certs. |
143 certs.reserve(kMaxCerts); | 144 certs.reserve(kMaxCerts); |
144 store_->Load(&certs); | 145 store_->Load(&certs); |
145 | 146 |
146 for (std::vector<OriginBoundCert*>::const_iterator it = certs.begin(); | 147 for (std::vector<ServerBoundCert*>::const_iterator it = certs.begin(); |
147 it != certs.end(); ++it) { | 148 it != certs.end(); ++it) { |
148 origin_bound_certs_[(*it)->origin()] = *it; | 149 server_bound_certs_[(*it)->server_identifier()] = *it; |
149 } | 150 } |
150 } | 151 } |
151 | 152 |
152 void DefaultOriginBoundCertStore::InternalDeleteOriginBoundCert( | 153 void DefaultServerBoundCertStore::InternalDeleteServerBoundCert( |
153 const std::string& origin) { | 154 const std::string& server_identifier) { |
154 lock_.AssertAcquired(); | 155 lock_.AssertAcquired(); |
155 | 156 |
156 OriginBoundCertMap::iterator it = origin_bound_certs_.find(origin); | 157 ServerBoundCertMap::iterator it = server_bound_certs_.find(server_identifier); |
157 if (it == origin_bound_certs_.end()) | 158 if (it == server_bound_certs_.end()) |
158 return; // There is nothing to delete. | 159 return; // There is nothing to delete. |
159 | 160 |
160 OriginBoundCert* cert = it->second; | 161 ServerBoundCert* cert = it->second; |
161 if (store_) | 162 if (store_) |
162 store_->DeleteOriginBoundCert(*cert); | 163 store_->DeleteServerBoundCert(*cert); |
163 origin_bound_certs_.erase(it); | 164 server_bound_certs_.erase(it); |
164 delete cert; | 165 delete cert; |
165 } | 166 } |
166 | 167 |
167 void DefaultOriginBoundCertStore::InternalInsertOriginBoundCert( | 168 void DefaultServerBoundCertStore::InternalInsertServerBoundCert( |
168 const std::string& origin, | 169 const std::string& server_identifier, |
169 OriginBoundCert* cert) { | 170 ServerBoundCert* cert) { |
170 lock_.AssertAcquired(); | 171 lock_.AssertAcquired(); |
171 | 172 |
172 if (store_) | 173 if (store_) |
173 store_->AddOriginBoundCert(*cert); | 174 store_->AddServerBoundCert(*cert); |
174 origin_bound_certs_[origin] = cert; | 175 server_bound_certs_[server_identifier] = cert; |
175 } | 176 } |
176 | 177 |
177 DefaultOriginBoundCertStore::PersistentStore::PersistentStore() {} | 178 DefaultServerBoundCertStore::PersistentStore::PersistentStore() {} |
178 | 179 |
179 } // namespace net | 180 } // namespace net |
OLD | NEW |