diff options
| author | ukai@chromium.org <ukai@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-07-31 07:51:32 +0000 |
|---|---|---|
| committer | ukai@chromium.org <ukai@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-07-31 07:51:32 +0000 |
| commit | 2a0c0a575bdca50635c7a64d8d7f8f0b2a5bfdc9 (patch) | |
| tree | 692fbdae4da2ff5732614a1877a04481154788ee | |
| parent | f4e3d50372bef0dfbdec0ce42ac7e920aafd830c (diff) | |
| download | chromium_src-2a0c0a575bdca50635c7a64d8d7f8f0b2a5bfdc9.zip chromium_src-2a0c0a575bdca50635c7a64d8d7f8f0b2a5bfdc9.tar.gz chromium_src-2a0c0a575bdca50635c7a64d8d7f8f0b2a5bfdc9.tar.bz2 | |
Integrate OCSP handlers in SSLClientSocketNSS.
It depends on http://codereview.chromium.org/126046
BUG=none
TEST=none
Review URL: http://codereview.chromium.org/155912
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@22147 0039d316-1c4b-4281-b951-d872f2087c98
| -rw-r--r-- | chrome/browser/profile.cc | 13 | ||||
| -rw-r--r-- | net/socket/ssl_client_socket_nss.cc | 7 |
2 files changed, 18 insertions, 2 deletions
diff --git a/chrome/browser/profile.cc b/chrome/browser/profile.cc index 5d39188..dcfe530 100644 --- a/chrome/browser/profile.cc +++ b/chrome/browser/profile.cc @@ -48,6 +48,7 @@ #include "net/base/force_tls_state.h" #if defined(OS_LINUX) +#include "net/ocsp/nss_ocsp.h" #include "chrome/browser/gtk/gtk_theme_provider.h" #endif @@ -650,8 +651,14 @@ ProfileImpl::~ProfileImpl() { spellchecker_->Release(); } - if (default_request_context_ == request_context_) + if (default_request_context_ == request_context_) { +#if defined(OS_LINUX) + // We use default_request_context_ for OCSP. + // Release URLRequestContext used in OCSP handlers. + net::SetURLRequestContextForOCSP(NULL); +#endif default_request_context_ = NULL; + } CleanupRequestContext(request_context_); CleanupRequestContext(media_request_context_); @@ -795,6 +802,10 @@ URLRequestContext* ProfileImpl::GetRequestContext() { NotificationService::current()->Notify( NotificationType::DEFAULT_REQUEST_CONTEXT_AVAILABLE, NotificationService::AllSources(), NotificationService::NoDetails()); +#if defined(OS_LINUX) + // TODO(ukai): find a better way to set the URLRequestContext for OCSP. + net::SetURLRequestContextForOCSP(default_request_context_); +#endif } DCHECK(request_context_->cookie_store()); diff --git a/net/socket/ssl_client_socket_nss.cc b/net/socket/ssl_client_socket_nss.cc index acdcf73..96a8c6d 100644 --- a/net/socket/ssl_client_socket_nss.cc +++ b/net/socket/ssl_client_socket_nss.cc @@ -70,6 +70,7 @@ #include "net/base/io_buffer.h" #include "net/base/net_errors.h" #include "net/base/ssl_info.h" +#include "net/ocsp/nss_ocsp.h" static const int kRecvBufferSize = 4096; @@ -214,8 +215,12 @@ SSLClientSocketNSS::~SSLClientSocketNSS() { int SSLClientSocketNSS::Init() { EnterFunction(""); - // Call NSS_NoDB_Init() in a threadsafe way. + // Initialize NSS in a threadsafe way. base::EnsureNSSInit(); + // We must call EnsureOCSPInit() here, on the IO thread, to get the IO loop + // by MessageLoopForIO::current(). + // X509Certificate::Verify() runs on a worker thread of CertVerifier. + EnsureOCSPInit(); LeaveFunction(""); return OK; |