summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authoragl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2010-10-18 13:28:28 +0000
committeragl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2010-10-18 13:28:28 +0000
commit8281f7022c819a13d5d1741d2c1ff73aa4e994a9 (patch)
tree7fcb40be8d7a09b8a55800250a14d496fce5646c
parent46aeaa8e2c32a014c9d4641ceb6e75954f0bb3a0 (diff)
downloadchromium_src-8281f7022c819a13d5d1741d2c1ff73aa4e994a9.zip
chromium_src-8281f7022c819a13d5d1741d2c1ff73aa4e994a9.tar.gz
chromium_src-8281f7022c819a13d5d1741d2c1ff73aa4e994a9.tar.bz2
net: clean up SSLHostInfo construction.
Create an SSLHostInfoFactory interface and plumb it from the HttpCache to the SSLConnectJob. Also, move the SSLHostInfo reference from the ssl_config to being passed to the SSLClientSocket. BUG=none TEST=net_unittests Review URL: http://codereview.chromium.org/3747003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@62918 0039d316-1c4b-4281-b951-d872f2087c98
-rw-r--r--chrome/browser/net/connection_tester.cc4
-rw-r--r--chrome/service/net/service_url_request_context.cc1
-rw-r--r--chrome/test/plugin/plugin_test.cpp1
-rw-r--r--chrome_frame/metrics_service.cc1
-rw-r--r--chrome_frame/test/test_server_test.cc3
-rw-r--r--jingle/notifier/base/chrome_async_socket.cc3
-rw-r--r--jingle/notifier/base/xmpp_client_socket_factory.cc5
-rw-r--r--jingle/notifier/base/xmpp_client_socket_factory.h6
-rw-r--r--net/base/ssl_config_service.h6
-rw-r--r--net/base/ssl_host_info.cc13
-rw-r--r--net/base/ssl_host_info.h16
-rw-r--r--net/http/disk_cache_based_ssl_host_info.cc3
-rw-r--r--net/http/http_cache.cc23
-rw-r--r--net/http/http_cache.h5
-rw-r--r--net/http/http_cache_transaction.cc10
-rw-r--r--net/http/http_network_layer.cc11
-rw-r--r--net/http/http_network_layer.h5
-rw-r--r--net/http/http_network_layer_unittest.cc3
-rw-r--r--net/http/http_network_session.cc2
-rw-r--r--net/http/http_network_session.h2
-rw-r--r--net/http/http_network_transaction.cc4
-rw-r--r--net/http/http_network_transaction.h2
-rw-r--r--net/http/http_network_transaction_unittest.cc7
-rw-r--r--net/http/http_proxy_client_socket_pool_unittest.cc2
-rw-r--r--net/http/http_response_body_drainer_unittest.cc1
-rw-r--r--net/net.gyp2
-rw-r--r--net/proxy/proxy_script_fetcher_impl_unittest.cc2
-rw-r--r--net/socket/client_socket_factory.cc22
-rw-r--r--net/socket/client_socket_factory.h11
-rw-r--r--net/socket/client_socket_pool_base_unittest.cc4
-rw-r--r--net/socket/client_socket_pool_manager.cc5
-rw-r--r--net/socket/client_socket_pool_manager.h5
-rw-r--r--net/socket/socket_test_util.cc12
-rw-r--r--net/socket/socket_test_util.h8
-rw-r--r--net/socket/ssl_client_socket_mac_factory.cc4
-rw-r--r--net/socket/ssl_client_socket_mac_factory.h5
-rw-r--r--net/socket/ssl_client_socket_nss.cc20
-rw-r--r--net/socket/ssl_client_socket_nss.h8
-rw-r--r--net/socket/ssl_client_socket_nss_factory.cc7
-rw-r--r--net/socket/ssl_client_socket_nss_factory.h5
-rw-r--r--net/socket/ssl_client_socket_pool.cc22
-rw-r--r--net/socket/ssl_client_socket_pool.h11
-rw-r--r--net/socket/ssl_client_socket_pool_unittest.cc2
-rw-r--r--net/socket/ssl_client_socket_unittest.cc30
-rw-r--r--net/socket/tcp_client_socket_pool_unittest.cc4
-rw-r--r--net/socket_stream/socket_stream.cc4
-rw-r--r--net/spdy/spdy_test_util.h3
-rw-r--r--net/tools/fetch/fetch_client.cc1
-rw-r--r--net/url_request/url_request_unittest.h3
-rw-r--r--remoting/jingle_glue/ssl_socket_adapter.cc3
50 files changed, 244 insertions, 98 deletions
diff --git a/chrome/browser/net/connection_tester.cc b/chrome/browser/net/connection_tester.cc
index f8c7911..889494d 100644
--- a/chrome/browser/net/connection_tester.cc
+++ b/chrome/browser/net/connection_tester.cc
@@ -65,8 +65,8 @@ class ExperimentURLRequestContext : public URLRequestContext {
host_resolver_);
http_transaction_factory_ = new net::HttpCache(
net::HttpNetworkLayer::CreateFactory(host_resolver_, dnsrr_resolver_,
- proxy_service_, ssl_config_service_, http_auth_handler_factory_,
- NULL, NULL),
+ NULL /* ssl_host_info_factory */, proxy_service_,
+ ssl_config_service_, http_auth_handler_factory_, NULL, NULL),
net::HttpCache::DefaultBackend::InMemory(0));
// In-memory cookie store.
cookie_store_ = new net::CookieMonster(NULL, NULL);
diff --git a/chrome/service/net/service_url_request_context.cc b/chrome/service/net/service_url_request_context.cc
index cdfe6ec..bd39292 100644
--- a/chrome/service/net/service_url_request_context.cc
+++ b/chrome/service/net/service_url_request_context.cc
@@ -43,6 +43,7 @@ ServiceURLRequestContext::ServiceURLRequestContext() {
http_transaction_factory_ = new net::HttpCache(
net::HttpNetworkLayer::CreateFactory(host_resolver_,
dnsrr_resolver_,
+ NULL /* ssl_host_info_factory */,
proxy_service_,
ssl_config_service_,
http_auth_handler_factory_,
diff --git a/chrome/test/plugin/plugin_test.cpp b/chrome/test/plugin/plugin_test.cpp
index 56d41aa..160af12 100644
--- a/chrome/test/plugin/plugin_test.cpp
+++ b/chrome/test/plugin/plugin_test.cpp
@@ -235,6 +235,7 @@ class PluginInstallerDownloadTest
http_transaction_factory_ = new net::HttpCache(
net::HttpNetworkLayer::CreateFactory(host_resolver_,
NULL /* dnsrr_resolver */,
+ NULL /* ssl_host_info_factory */,
proxy_service_,
ssl_config_service_,
http_auth_handler_factory_,
diff --git a/chrome_frame/metrics_service.cc b/chrome_frame/metrics_service.cc
index 4e46708..6d51898 100644
--- a/chrome_frame/metrics_service.cc
+++ b/chrome_frame/metrics_service.cc
@@ -177,6 +177,7 @@ class ChromeFrameUploadRequestContext : public URLRequestContext {
http_transaction_factory_ = new net::HttpCache(
net::HttpNetworkLayer::CreateFactory(host_resolver_,
NULL /* dnsrr_resovler */,
+ NULL /* ssl_host_info */,
proxy_service_,
ssl_config_service_,
http_auth_handler_factory_,
diff --git a/chrome_frame/test/test_server_test.cc b/chrome_frame/test/test_server_test.cc
index 3d391f6..edef592 100644
--- a/chrome_frame/test/test_server_test.cc
+++ b/chrome_frame/test/test_server_test.cc
@@ -70,7 +70,8 @@ class URLRequestTestContext : public URLRequestContext {
host_resolver_);
http_transaction_factory_ = new net::HttpCache(
net::HttpNetworkLayer::CreateFactory(
- host_resolver_, NULL /* dnsrr_resolver */, proxy_service_,
+ host_resolver_, NULL /* dnsrr_resolver */,
+ NULL /* ssl_host_info_factory */, proxy_service_,
ssl_config_service_, http_auth_handler_factory_, NULL, NULL),
net::HttpCache::DefaultBackend::InMemory(0));
// In-memory cookie store.
diff --git a/jingle/notifier/base/chrome_async_socket.cc b/jingle/notifier/base/chrome_async_socket.cc
index b3ac52a..4858bab 100644
--- a/jingle/notifier/base/chrome_async_socket.cc
+++ b/jingle/notifier/base/chrome_async_socket.cc
@@ -435,7 +435,8 @@ bool ChromeAsyncSocket::StartTls(const std::string& domain_name) {
DCHECK(transport_socket_.get());
transport_socket_.reset(
client_socket_factory_->CreateSSLClientSocket(
- transport_socket_.release(), domain_name, ssl_config_));
+ transport_socket_.release(), domain_name, ssl_config_,
+ NULL /* ssl_host_info */));
int status = transport_socket_->Connect(&ssl_connect_callback_);
if (status != net::ERR_IO_PENDING) {
MessageLoop* message_loop = MessageLoop::current();
diff --git a/jingle/notifier/base/xmpp_client_socket_factory.cc b/jingle/notifier/base/xmpp_client_socket_factory.cc
index c0ced61..78cb1bc 100644
--- a/jingle/notifier/base/xmpp_client_socket_factory.cc
+++ b/jingle/notifier/base/xmpp_client_socket_factory.cc
@@ -33,9 +33,10 @@ net::ClientSocket* XmppClientSocketFactory::CreateTCPClientSocket(
net::SSLClientSocket* XmppClientSocketFactory::CreateSSLClientSocket(
net::ClientSocketHandle* transport_socket,
const std::string& hostname,
- const net::SSLConfig& ssl_config) {
+ const net::SSLConfig& ssl_config,
+ net::SSLHostInfo* ssl_host_info) {
return client_socket_factory_->CreateSSLClientSocket(
- transport_socket, hostname, ssl_config);
+ transport_socket, hostname, ssl_config, ssl_host_info);
}
} // namespace
diff --git a/jingle/notifier/base/xmpp_client_socket_factory.h b/jingle/notifier/base/xmpp_client_socket_factory.h
index 73b2d8d..eb94555 100644
--- a/jingle/notifier/base/xmpp_client_socket_factory.h
+++ b/jingle/notifier/base/xmpp_client_socket_factory.h
@@ -9,6 +9,10 @@
#include "net/socket/client_socket_factory.h"
+namespace net {
+class SSLHostInfo;
+}
+
namespace notifier {
class XmppClientSocketFactory : public net::ClientSocketFactory {
@@ -26,7 +30,7 @@ class XmppClientSocketFactory : public net::ClientSocketFactory {
const net::NetLog::Source& source);
virtual net::SSLClientSocket* CreateSSLClientSocket(
net::ClientSocketHandle* transport_socket, const std::string& hostname,
- const net::SSLConfig& ssl_config);
+ const net::SSLConfig& ssl_config, net::SSLHostInfo* ssl_host_info);
private:
net::ClientSocketFactory* const client_socket_factory_;
diff --git a/net/base/ssl_config_service.h b/net/base/ssl_config_service.h
index b1d1de4..dc48a36 100644
--- a/net/base/ssl_config_service.h
+++ b/net/base/ssl_config_service.h
@@ -77,12 +77,6 @@ struct SSLConfig {
std::string next_protos;
scoped_refptr<X509Certificate> client_cert;
-
- // ssl_host_info contains an optional context that is needed for Snap Start.
- // If provided, the SSL socket will assume that the application protocol is
- // client-speaks-first. Also needs SSLConfigService::EnableSnapStart to
- // have been called.
- scoped_refptr<SSLHostInfo> ssl_host_info;
};
// The interface for retrieving the SSL configuration. This interface
diff --git a/net/base/ssl_host_info.cc b/net/base/ssl_host_info.cc
new file mode 100644
index 0000000..4b6c0e2
--- /dev/null
+++ b/net/base/ssl_host_info.cc
@@ -0,0 +1,13 @@
+// Copyright (c) 2010 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "net/base/ssl_host_info.h"
+
+namespace net {
+
+SSLHostInfo::~SSLHostInfo() {}
+
+SSLHostInfoFactory::~SSLHostInfoFactory() {}
+
+} // namespace net
diff --git a/net/base/ssl_host_info.h b/net/base/ssl_host_info.h
index 77c40fb..ae9ac6a 100644
--- a/net/base/ssl_host_info.h
+++ b/net/base/ssl_host_info.h
@@ -15,9 +15,10 @@ namespace net {
// This information may be stored on disk so does not include keys or session
// information etc. Primarily it's intended for caching the server's
// certificates.
-class SSLHostInfo :
- public base::RefCountedThreadSafe<SSLHostInfo> {
+class SSLHostInfo {
public:
+ virtual ~SSLHostInfo();
+
// Start will commence the lookup. This must be called before any other
// methods. By opportunistically calling this early, it may be possible to
// overlap this object's lookup and reduce latency.
@@ -45,10 +46,15 @@ class SSLHostInfo :
// this object and the store operation will still complete. This can only be
// called once WaitForDataReady has returned OK or called its callback.
virtual void Set(const std::string& new_data) = 0;
+};
+
+class SSLHostInfoFactory {
+ public:
+ virtual ~SSLHostInfoFactory();
- protected:
- friend class base::RefCountedThreadSafe<SSLHostInfo>;
- virtual ~SSLHostInfo() { }
+ // GetForHost returns a fresh, allocated SSLHostInfo for the given hostname
+ // or NULL on failure.
+ virtual SSLHostInfo* GetForHost(const std::string& hostname) = 0;
};
} // namespace net
diff --git a/net/http/disk_cache_based_ssl_host_info.cc b/net/http/disk_cache_based_ssl_host_info.cc
index 61ee450..f2de223 100644
--- a/net/http/disk_cache_based_ssl_host_info.cc
+++ b/net/http/disk_cache_based_ssl_host_info.cc
@@ -34,7 +34,8 @@ void DiskCacheBasedSSLHostInfo::Start() {
DiskCacheBasedSSLHostInfo::~DiskCacheBasedSSLHostInfo() {
DCHECK(!user_callback_);
- DCHECK(!entry_);
+ if (entry_)
+ entry_->Close();
callback_->Cancel();
}
diff --git a/net/http/http_cache.cc b/net/http/http_cache.cc
index 867d003..8098ebd 100644
--- a/net/http/http_cache.cc
+++ b/net/http/http_cache.cc
@@ -24,7 +24,9 @@
#include "net/base/io_buffer.h"
#include "net/base/load_flags.h"
#include "net/base/net_errors.h"
+#include "net/base/ssl_host_info.h"
#include "net/disk_cache/disk_cache.h"
+#include "net/http/disk_cache_based_ssl_host_info.h"
#include "net/http/http_cache_transaction.h"
#include "net/http/http_network_layer.h"
#include "net/http/http_network_session.h"
@@ -242,6 +244,22 @@ void HttpCache::MetadataWriter::OnIOComplete(int result) {
//-----------------------------------------------------------------------------
+class HttpCache::SSLHostInfoFactoryAdaptor : public SSLHostInfoFactory {
+ public:
+ SSLHostInfoFactoryAdaptor(HttpCache* http_cache)
+ : http_cache_(http_cache) {
+ }
+
+ SSLHostInfo* GetForHost(const std::string& hostname) {
+ return new DiskCacheBasedSSLHostInfo(hostname, http_cache_);
+ }
+
+ private:
+ HttpCache* const http_cache_;
+};
+
+//-----------------------------------------------------------------------------
+
HttpCache::HttpCache(HostResolver* host_resolver,
DnsRRResolver* dnsrr_resolver,
ProxyService* proxy_service,
@@ -253,8 +271,11 @@ HttpCache::HttpCache(HostResolver* host_resolver,
: backend_factory_(backend_factory),
building_backend_(false),
mode_(NORMAL),
+ ssl_host_info_factory_(new SSLHostInfoFactoryAdaptor(
+ ALLOW_THIS_IN_INITIALIZER_LIST(this))),
network_layer_(HttpNetworkLayer::CreateFactory(host_resolver,
- dnsrr_resolver, proxy_service, ssl_config_service,
+ dnsrr_resolver, ssl_host_info_factory_.get(),
+ proxy_service, ssl_config_service,
http_auth_handler_factory, network_delegate, net_log)),
ALLOW_THIS_IN_INITIALIZER_LIST(task_factory_(this)),
enable_range_support_(true) {
diff --git a/net/http/http_cache.h b/net/http/http_cache.h
index 775d035..1406cd0 100644
--- a/net/http/http_cache.h
+++ b/net/http/http_cache.h
@@ -116,7 +116,7 @@ class HttpCache : public HttpTransactionFactory,
};
// The disk cache is initialized lazily (by CreateTransaction) in this case.
- // The HttpCache takes ownership of the |backend_factory|.
+ // The HttpCache takes ownership of the |backend_factory|.
HttpCache(HostResolver* host_resolver,
DnsRRResolver* dnsrr_resolver,
ProxyService* proxy_service,
@@ -200,6 +200,7 @@ class HttpCache : public HttpTransactionFactory,
class BackendCallback;
class MetadataWriter;
+ class SSLHostInfoFactoryAdaptor;
class Transaction;
class WorkItem;
friend class Transaction;
@@ -353,6 +354,8 @@ class HttpCache : public HttpTransactionFactory,
Mode mode_;
+ scoped_ptr<SSLHostInfoFactoryAdaptor> ssl_host_info_factory_;
+
scoped_ptr<HttpTransactionFactory> network_layer_;
scoped_ptr<disk_cache::Backend> disk_cache_;
diff --git a/net/http/http_cache_transaction.cc b/net/http/http_cache_transaction.cc
index 6550703..58288f4 100644
--- a/net/http/http_cache_transaction.cc
+++ b/net/http/http_cache_transaction.cc
@@ -625,16 +625,6 @@ int HttpCache::Transaction::DoSendRequest() {
return rv;
next_state_ = STATE_SEND_REQUEST_COMPLETE;
- if (request_->url.SchemeIs("https") &&
- SSLConfigService::snap_start_enabled()) {
- // TODO(agl): in order to support AlternateProtocol there should probably
- // be an object hanging off the HttpNetworkSession which constructs these.
- // Note: when this test is removed, don't forget to remove the #include of
- // ssl_config_service.h
- scoped_refptr<DiskCacheBasedSSLHostInfo> hostinfo =
- new DiskCacheBasedSSLHostInfo(request_->url.host(), cache_);
- network_trans_->SetSSLHostInfo(hostinfo.get());
- }
rv = network_trans_->Start(request_, &io_callback_, net_log_);
return rv;
}
diff --git a/net/http/http_network_layer.cc b/net/http/http_network_layer.cc
index 0f53d4c..5322e85 100644
--- a/net/http/http_network_layer.cc
+++ b/net/http/http_network_layer.cc
@@ -22,6 +22,7 @@ namespace net {
HttpTransactionFactory* HttpNetworkLayer::CreateFactory(
HostResolver* host_resolver,
DnsRRResolver* dnsrr_resolver,
+ SSLHostInfoFactory* ssl_host_info_factory,
ProxyService* proxy_service,
SSLConfigService* ssl_config_service,
HttpAuthHandlerFactory* http_auth_handler_factory,
@@ -30,7 +31,8 @@ HttpTransactionFactory* HttpNetworkLayer::CreateFactory(
DCHECK(proxy_service);
return new HttpNetworkLayer(ClientSocketFactory::GetDefaultFactory(),
- host_resolver, dnsrr_resolver, proxy_service,
+ host_resolver, dnsrr_resolver,
+ ssl_host_info_factory, proxy_service,
ssl_config_service, http_auth_handler_factory,
network_delegate,
net_log);
@@ -49,6 +51,7 @@ HttpNetworkLayer::HttpNetworkLayer(
ClientSocketFactory* socket_factory,
HostResolver* host_resolver,
DnsRRResolver* dnsrr_resolver,
+ SSLHostInfoFactory* ssl_host_info_factory,
ProxyService* proxy_service,
SSLConfigService* ssl_config_service,
HttpAuthHandlerFactory* http_auth_handler_factory,
@@ -57,6 +60,7 @@ HttpNetworkLayer::HttpNetworkLayer(
: socket_factory_(socket_factory),
host_resolver_(host_resolver),
dnsrr_resolver_(dnsrr_resolver),
+ ssl_host_info_factory_(ssl_host_info_factory),
proxy_service_(proxy_service),
ssl_config_service_(ssl_config_service),
session_(NULL),
@@ -73,6 +77,7 @@ HttpNetworkLayer::HttpNetworkLayer(
ClientSocketFactory* socket_factory,
HostResolver* host_resolver,
DnsRRResolver* dnsrr_resolver,
+ SSLHostInfoFactory* ssl_host_info_factory,
ProxyService* proxy_service,
SSLConfigService* ssl_config_service,
SpdySessionPool* spdy_session_pool,
@@ -82,6 +87,7 @@ HttpNetworkLayer::HttpNetworkLayer(
: socket_factory_(socket_factory),
host_resolver_(host_resolver),
dnsrr_resolver_(dnsrr_resolver),
+ ssl_host_info_factory_(ssl_host_info_factory),
proxy_service_(proxy_service),
ssl_config_service_(ssl_config_service),
session_(NULL),
@@ -97,6 +103,7 @@ HttpNetworkLayer::HttpNetworkLayer(
HttpNetworkLayer::HttpNetworkLayer(HttpNetworkSession* session)
: socket_factory_(ClientSocketFactory::GetDefaultFactory()),
dnsrr_resolver_(NULL),
+ ssl_host_info_factory_(NULL),
ssl_config_service_(NULL),
session_(session),
spdy_session_pool_(NULL),
@@ -137,6 +144,7 @@ HttpNetworkSession* HttpNetworkLayer::GetSession() {
session_ = new HttpNetworkSession(
host_resolver_,
dnsrr_resolver_,
+ ssl_host_info_factory_,
proxy_service_,
socket_factory_,
ssl_config_service_,
@@ -147,6 +155,7 @@ HttpNetworkSession* HttpNetworkLayer::GetSession() {
// These were just temps for lazy-initializing HttpNetworkSession.
host_resolver_ = NULL;
dnsrr_resolver_ = NULL;
+ ssl_host_info_factory_ = NULL;
proxy_service_ = NULL;
socket_factory_ = NULL;
http_auth_handler_factory_ = NULL;
diff --git a/net/http/http_network_layer.h b/net/http/http_network_layer.h
index 7872fdd..63ae3f2 100644
--- a/net/http/http_network_layer.h
+++ b/net/http/http_network_layer.h
@@ -25,6 +25,7 @@ class NetLog;
class ProxyService;
class SpdySessionPool;
class SSLConfigService;
+class SSLHostInfoFactory;
class HttpNetworkLayer : public HttpTransactionFactory, public NonThreadSafe {
public:
@@ -33,6 +34,7 @@ class HttpNetworkLayer : public HttpTransactionFactory, public NonThreadSafe {
HttpNetworkLayer(ClientSocketFactory* socket_factory,
HostResolver* host_resolver,
DnsRRResolver* dnsrr_resolver,
+ SSLHostInfoFactory* ssl_host_info_factory,
ProxyService* proxy_service,
SSLConfigService* ssl_config_service,
HttpAuthHandlerFactory* http_auth_handler_factory,
@@ -44,6 +46,7 @@ class HttpNetworkLayer : public HttpTransactionFactory, public NonThreadSafe {
ClientSocketFactory* socket_factory,
HostResolver* host_resolver,
DnsRRResolver* dnsrr_resolver,
+ SSLHostInfoFactory* ssl_host_info_factory,
ProxyService* proxy_service,
SSLConfigService* ssl_config_service,
SpdySessionPool* spdy_session_pool,
@@ -59,6 +62,7 @@ class HttpNetworkLayer : public HttpTransactionFactory, public NonThreadSafe {
static HttpTransactionFactory* CreateFactory(
HostResolver* host_resolver,
DnsRRResolver* dnsrr_resolver,
+ SSLHostInfoFactory* ssl_host_info_factory,
ProxyService* proxy_service,
SSLConfigService* ssl_config_service,
HttpAuthHandlerFactory* http_auth_handler_factory,
@@ -96,6 +100,7 @@ class HttpNetworkLayer : public HttpTransactionFactory, public NonThreadSafe {
// creating |session_|.
HostResolver* host_resolver_;
DnsRRResolver* dnsrr_resolver_;
+ SSLHostInfoFactory* ssl_host_info_factory_;
scoped_refptr<ProxyService> proxy_service_;
// The SSL config service being used for the session.
diff --git a/net/http/http_network_layer_unittest.cc b/net/http/http_network_layer_unittest.cc
index 378962e..dadda13 100644
--- a/net/http/http_network_layer_unittest.cc
+++ b/net/http/http_network_layer_unittest.cc
@@ -25,6 +25,7 @@ TEST_F(HttpNetworkLayerTest, CreateAndDestroy) {
NULL,
&host_resolver,
NULL /* dnsrr_resolver */,
+ NULL /* ssl_host_info_factory */,
net::ProxyService::CreateDirect(),
new net::SSLConfigServiceDefaults,
NULL,
@@ -43,6 +44,7 @@ TEST_F(HttpNetworkLayerTest, Suspend) {
NULL,
&host_resolver,
NULL /* dnsrr_resolver */,
+ NULL /* ssl_host_info_factory */,
net::ProxyService::CreateDirect(),
new net::SSLConfigServiceDefaults,
NULL,
@@ -90,6 +92,7 @@ TEST_F(HttpNetworkLayerTest, GET) {
&mock_socket_factory,
&host_resolver,
NULL /* dnsrr_resolver */,
+ NULL /* ssl_host_info_factory */,
net::ProxyService::CreateDirect(),
new net::SSLConfigServiceDefaults,
NULL,
diff --git a/net/http/http_network_session.cc b/net/http/http_network_session.cc
index 410d9e6..d96f901 100644
--- a/net/http/http_network_session.cc
+++ b/net/http/http_network_session.cc
@@ -21,6 +21,7 @@ namespace net {
HttpNetworkSession::HttpNetworkSession(
HostResolver* host_resolver,
DnsRRResolver* dnsrr_resolver,
+ SSLHostInfoFactory* ssl_host_info_factory,
ProxyService* proxy_service,
ClientSocketFactory* client_socket_factory,
SSLConfigService* ssl_config_service,
@@ -37,6 +38,7 @@ HttpNetworkSession::HttpNetworkSession(
client_socket_factory,
host_resolver,
dnsrr_resolver,
+ ssl_host_info_factory,
proxy_service,
ssl_config_service),
spdy_session_pool_(spdy_session_pool),
diff --git a/net/http/http_network_session.h b/net/http/http_network_session.h
index bf5e98b..53ae36a 100644
--- a/net/http/http_network_session.h
+++ b/net/http/http_network_session.h
@@ -38,6 +38,7 @@ class HttpResponseBodyDrainer;
class SpdySessionPool;
class SOCKSClientSocketPool;
class SSLClientSocketPool;
+class SSLHostInfoFactory;
class TCPClientSocketPool;
// This class holds session objects used by HttpNetworkTransaction objects.
@@ -47,6 +48,7 @@ class HttpNetworkSession : public base::RefCounted<HttpNetworkSession>,
HttpNetworkSession(
HostResolver* host_resolver,
DnsRRResolver* dnsrr_resolver,
+ SSLHostInfoFactory* ssl_host_info_factory,
ProxyService* proxy_service,
ClientSocketFactory* client_socket_factory,
SSLConfigService* ssl_config_service,
diff --git a/net/http/http_network_transaction.cc b/net/http/http_network_transaction.cc
index 7d43117..fc1def9 100644
--- a/net/http/http_network_transaction.cc
+++ b/net/http/http_network_transaction.cc
@@ -416,10 +416,6 @@ uint64 HttpNetworkTransaction::GetUploadProgress() const {
return stream_->GetUploadProgress();
}
-void HttpNetworkTransaction::SetSSLHostInfo(SSLHostInfo* host_info) {
- ssl_config_.ssl_host_info = host_info;
-}
-
void HttpNetworkTransaction::OnStreamReady(HttpStream* stream) {
DCHECK_EQ(STATE_CREATE_STREAM_COMPLETE, next_state_);
DCHECK(stream_request_.get());
diff --git a/net/http/http_network_transaction.h b/net/http/http_network_transaction.h
index a8d371d..ce0c5bd 100644
--- a/net/http/http_network_transaction.h
+++ b/net/http/http_network_transaction.h
@@ -29,7 +29,6 @@ class HttpNetworkSession;
class HttpStream;
class HttpStreamRequest;
class IOBuffer;
-class SSLHostInfo;
struct HttpRequestInfo;
class HttpNetworkTransaction : public HttpTransaction,
@@ -56,7 +55,6 @@ class HttpNetworkTransaction : public HttpTransaction,
virtual const HttpResponseInfo* GetResponseInfo() const;
virtual LoadState GetLoadState() const;
virtual uint64 GetUploadProgress() const;
- virtual void SetSSLHostInfo(SSLHostInfo* host_info);
// StreamRequest::Delegate methods:
virtual void OnStreamReady(HttpStream* stream);
diff --git a/net/http/http_network_transaction_unittest.cc b/net/http/http_network_transaction_unittest.cc
index a128b3d..2066264 100644
--- a/net/http/http_network_transaction_unittest.cc
+++ b/net/http/http_network_transaction_unittest.cc
@@ -99,6 +99,7 @@ struct SessionDependencies {
HttpNetworkSession* CreateSession(SessionDependencies* session_deps) {
return new HttpNetworkSession(session_deps->host_resolver.get(),
NULL /* dnsrr_resolver */,
+ NULL /* ssl_host_info_factory */,
session_deps->proxy_service,
&session_deps->socket_factory,
session_deps->ssl_config_service,
@@ -296,7 +297,7 @@ template<>
CaptureGroupNameSSLSocketPool::CaptureGroupNameSocketPool(
HttpNetworkSession* session)
: SSLClientSocketPool(0, 0, NULL, session->host_resolver(), NULL, NULL,
- NULL, NULL, NULL, NULL, NULL) {}
+ NULL, NULL, NULL, NULL, NULL, NULL) {}
//-----------------------------------------------------------------------------
@@ -6424,8 +6425,8 @@ TEST_F(HttpNetworkTransactionTest,
SSLConfig ssl_config;
session->ssl_config_service()->GetSSLConfig(&ssl_config);
ClientSocket* socket = connection->release_socket();
- socket = session->socket_factory()->CreateSSLClientSocket(socket, "" ,
- ssl_config);
+ socket = session->socket_factory()->CreateSSLClientSocket(
+ socket, "" , ssl_config, NULL /* ssl_host_info */);
connection->set_socket(socket);
EXPECT_EQ(ERR_IO_PENDING, socket->Connect(&callback));
EXPECT_EQ(OK, callback.WaitForResult());
diff --git a/net/http/http_proxy_client_socket_pool_unittest.cc b/net/http/http_proxy_client_socket_pool_unittest.cc
index 71485e9..e1ca2fe 100644
--- a/net/http/http_proxy_client_socket_pool_unittest.cc
+++ b/net/http/http_proxy_client_socket_pool_unittest.cc
@@ -66,6 +66,7 @@ class HttpProxyClientSocketPoolTest : public TestWithHttpParam {
&ssl_histograms_,
host_resolver_.get(),
NULL /* dnsrr_resolver */,
+ NULL /* ssl_host_info_factory */,
&socket_factory_,
&tcp_socket_pool_,
NULL,
@@ -76,6 +77,7 @@ class HttpProxyClientSocketPoolTest : public TestWithHttpParam {
HttpAuthHandlerFactory::CreateDefault(host_resolver_.get())),
session_(new HttpNetworkSession(host_resolver_.get(),
NULL /* dnsrr_resolver */,
+ NULL /* ssl_host_info_factory */,
ProxyService::CreateDirect(),
&socket_factory_,
new SSLConfigServiceDefaults,
diff --git a/net/http/http_response_body_drainer_unittest.cc b/net/http/http_response_body_drainer_unittest.cc
index 119d8f7..d57952d 100644
--- a/net/http/http_response_body_drainer_unittest.cc
+++ b/net/http/http_response_body_drainer_unittest.cc
@@ -177,6 +177,7 @@ class HttpResponseBodyDrainerTest : public testing::Test {
: session_(new HttpNetworkSession(
NULL,
NULL,
+ NULL /* ssl_host_info_factory */,
ProxyService::CreateDirect(),
NULL,
new SSLConfigServiceDefaults,
diff --git a/net/net.gyp b/net/net.gyp
index 699f093..f6a1344 100644
--- a/net/net.gyp
+++ b/net/net.gyp
@@ -173,6 +173,8 @@
'base/ssl_config_service_win.cc',
'base/ssl_config_service_win.h',
'base/ssl_false_start_blacklist.cc',
+ 'base/ssl_host_info.cc',
+ 'base/ssl_host_info.h',
'base/ssl_info.cc',
'base/ssl_info.h',
'base/static_cookie_policy.cc',
diff --git a/net/proxy/proxy_script_fetcher_impl_unittest.cc b/net/proxy/proxy_script_fetcher_impl_unittest.cc
index 2634f99..f84be57 100644
--- a/net/proxy/proxy_script_fetcher_impl_unittest.cc
+++ b/net/proxy/proxy_script_fetcher_impl_unittest.cc
@@ -41,7 +41,7 @@ class RequestContext : public URLRequestContext {
ssl_config_service_ = new net::SSLConfigServiceDefaults;
http_transaction_factory_ = new net::HttpCache(
- net::HttpNetworkLayer::CreateFactory(host_resolver_, NULL,
+ net::HttpNetworkLayer::CreateFactory(host_resolver_, NULL, NULL,
proxy_service_, ssl_config_service_, NULL, NULL, NULL),
net::HttpCache::DefaultBackend::InMemory(0));
}
diff --git a/net/socket/client_socket_factory.cc b/net/socket/client_socket_factory.cc
index d0793cb..a31af007 100644
--- a/net/socket/client_socket_factory.cc
+++ b/net/socket/client_socket_factory.cc
@@ -6,6 +6,7 @@
#include "base/singleton.h"
#include "build/build_config.h"
+#include "net/base/ssl_host_info.h"
#include "net/socket/client_socket_handle.h"
#if defined(OS_WIN)
#include "net/socket/ssl_client_socket_win.h"
@@ -26,13 +27,16 @@ namespace {
SSLClientSocket* DefaultSSLClientSocketFactory(
ClientSocketHandle* transport_socket,
const std::string& hostname,
- const SSLConfig& ssl_config) {
+ const SSLConfig& ssl_config,
+ SSLHostInfo* ssl_host_info) {
+ scoped_ptr<SSLHostInfo> shi(ssl_host_info);
#if defined(OS_WIN)
return new SSLClientSocketWin(transport_socket, hostname, ssl_config);
#elif defined(USE_OPENSSL)
return new SSLClientSocketOpenSSL(transport_socket, hostname, ssl_config);
#elif defined(USE_NSS)
- return new SSLClientSocketNSS(transport_socket, hostname, ssl_config);
+ return new SSLClientSocketNSS(transport_socket, hostname, ssl_config,
+ shi.release());
#elif defined(OS_MACOSX)
// TODO(wtc): SSLClientSocketNSS can't do SSL client authentication using
// Mac OS X CDSA/CSSM yet (http://crbug.com/45369), so fall back on
@@ -40,7 +44,8 @@ SSLClientSocket* DefaultSSLClientSocketFactory(
if (ssl_config.send_client_cert)
return new SSLClientSocketMac(transport_socket, hostname, ssl_config);
- return new SSLClientSocketNSS(transport_socket, hostname, ssl_config);
+ return new SSLClientSocketNSS(transport_socket, hostname, ssl_config,
+ shi.release());
#else
NOTIMPLEMENTED();
return NULL;
@@ -61,8 +66,9 @@ class DefaultClientSocketFactory : public ClientSocketFactory {
virtual SSLClientSocket* CreateSSLClientSocket(
ClientSocketHandle* transport_socket,
const std::string& hostname,
- const SSLConfig& ssl_config) {
- return g_ssl_factory(transport_socket, hostname, ssl_config);
+ const SSLConfig& ssl_config,
+ SSLHostInfo* ssl_host_info) {
+ return g_ssl_factory(transport_socket, hostname, ssl_config, ssl_host_info);
}
};
@@ -83,10 +89,12 @@ void ClientSocketFactory::SetSSLClientSocketFactory(
SSLClientSocket* ClientSocketFactory::CreateSSLClientSocket(
ClientSocket* transport_socket,
const std::string& hostname,
- const SSLConfig& ssl_config) {
+ const SSLConfig& ssl_config,
+ SSLHostInfo* ssl_host_info) {
ClientSocketHandle* socket_handle = new ClientSocketHandle();
socket_handle->set_socket(transport_socket);
- return CreateSSLClientSocket(socket_handle, hostname, ssl_config);
+ return CreateSSLClientSocket(socket_handle, hostname, ssl_config,
+ ssl_host_info);
}
} // namespace net
diff --git a/net/socket/client_socket_factory.h b/net/socket/client_socket_factory.h
index 97fb361..ad2cc54 100644
--- a/net/socket/client_socket_factory.h
+++ b/net/socket/client_socket_factory.h
@@ -17,12 +17,14 @@ class ClientSocket;
class ClientSocketHandle;
class SSLClientSocket;
struct SSLConfig;
+class SSLHostInfo;
// Callback function to create new SSLClientSocket objects.
typedef SSLClientSocket* (*SSLClientSocketFactory)(
ClientSocketHandle* transport_socket,
const std::string& hostname,
- const SSLConfig& ssl_config);
+ const SSLConfig& ssl_config,
+ SSLHostInfo* ssl_host_info);
// An interface used to instantiate ClientSocket objects. Used to facilitate
// testing code with mock socket implementations.
@@ -40,13 +42,14 @@ class ClientSocketFactory {
virtual SSLClientSocket* CreateSSLClientSocket(
ClientSocketHandle* transport_socket,
const std::string& hostname,
- const SSLConfig& ssl_config) = 0;
-
+ const SSLConfig& ssl_config,
+ SSLHostInfo* ssl_host_info) = 0;
// Deprecated function (http://crbug.com/37810) that takes a ClientSocket.
virtual SSLClientSocket* CreateSSLClientSocket(ClientSocket* transport_socket,
const std::string& hostname,
- const SSLConfig& ssl_config);
+ const SSLConfig& ssl_config,
+ SSLHostInfo* ssl_host_info);
// Returns the default ClientSocketFactory.
static ClientSocketFactory* GetDefaultFactory();
diff --git a/net/socket/client_socket_pool_base_unittest.cc b/net/socket/client_socket_pool_base_unittest.cc
index 0f06160..1f99b3d 100644
--- a/net/socket/client_socket_pool_base_unittest.cc
+++ b/net/socket/client_socket_pool_base_unittest.cc
@@ -106,8 +106,10 @@ class MockClientSocketFactory : public ClientSocketFactory {
virtual SSLClientSocket* CreateSSLClientSocket(
ClientSocketHandle* transport_socket,
const std::string& hostname,
- const SSLConfig& ssl_config) {
+ const SSLConfig& ssl_config,
+ SSLHostInfo* ssl_host_info) {
NOTIMPLEMENTED();
+ delete ssl_host_info;
return NULL;
}
diff --git a/net/socket/client_socket_pool_manager.cc b/net/socket/client_socket_pool_manager.cc
index 0fca83d..512360b 100644
--- a/net/socket/client_socket_pool_manager.cc
+++ b/net/socket/client_socket_pool_manager.cc
@@ -56,12 +56,14 @@ ClientSocketPoolManager::ClientSocketPoolManager(
ClientSocketFactory* socket_factory,
HostResolver* host_resolver,
DnsRRResolver* dnsrr_resolver,
+ SSLHostInfoFactory* ssl_host_info_factory,
ProxyService* proxy_service,
SSLConfigService* ssl_config_service)
: net_log_(net_log),
socket_factory_(socket_factory),
host_resolver_(host_resolver),
dnsrr_resolver_(dnsrr_resolver),
+ ssl_host_info_factory_(ssl_host_info_factory),
proxy_service_(proxy_service),
ssl_config_service_(ssl_config_service),
tcp_pool_histograms_("TCP"),
@@ -77,6 +79,7 @@ ClientSocketPoolManager::ClientSocketPoolManager(
&ssl_pool_histograms_,
host_resolver,
dnsrr_resolver,
+ ssl_host_info_factory,
socket_factory,
tcp_socket_pool_.get(),
NULL /* no socks proxy */,
@@ -225,6 +228,7 @@ HttpProxyClientSocketPool* ClientSocketPoolManager::GetSocketPoolForHTTPProxy(
&ssl_for_https_proxy_pool_histograms_,
host_resolver_,
dnsrr_resolver_,
+ ssl_host_info_factory_,
socket_factory_,
tcp_https_ret.first->second /* https proxy */,
NULL /* no socks proxy */,
@@ -259,6 +263,7 @@ SSLClientSocketPool* ClientSocketPoolManager::GetSocketPoolForSSLWithProxy(
&ssl_pool_histograms_,
host_resolver_,
dnsrr_resolver_,
+ ssl_host_info_factory_,
socket_factory_,
NULL, /* no tcp pool, we always go through a proxy */
GetSocketPoolForSOCKSProxy(proxy_server),
diff --git a/net/socket/client_socket_pool_manager.h b/net/socket/client_socket_pool_manager.h
index c455956..c6d8f6f 100644
--- a/net/socket/client_socket_pool_manager.h
+++ b/net/socket/client_socket_pool_manager.h
@@ -34,6 +34,7 @@ class ProxyService;
class SOCKSClientSocketPool;
class SSLClientSocketPool;
class SSLConfigService;
+class SSLHostInfoFactory;
class TCPClientSocketPool;
namespace internal {
@@ -60,6 +61,7 @@ class ClientSocketPoolManager : public NonThreadSafe {
ClientSocketFactory* socket_factory,
HostResolver* host_resolver,
DnsRRResolver* dnsrr_resolver,
+ SSLHostInfoFactory* ssl_host_info_factory,
ProxyService* proxy_service,
SSLConfigService* ssl_config_service);
~ClientSocketPoolManager();
@@ -102,7 +104,8 @@ class ClientSocketPoolManager : public NonThreadSafe {
NetLog* const net_log_;
ClientSocketFactory* const socket_factory_;
HostResolver* const host_resolver_;
- DnsRRResolver* dnsrr_resolver_;
+ DnsRRResolver* const dnsrr_resolver_;
+ SSLHostInfoFactory* const ssl_host_info_factory_;
const scoped_refptr<ProxyService> proxy_service_;
const scoped_refptr<SSLConfigService> ssl_config_service_;
diff --git a/net/socket/socket_test_util.cc b/net/socket/socket_test_util.cc
index 6f03706..72126f1 100644
--- a/net/socket/socket_test_util.cc
+++ b/net/socket/socket_test_util.cc
@@ -466,6 +466,7 @@ MockSSLClientSocket::MockSSLClientSocket(
net::ClientSocketHandle* transport_socket,
const std::string& hostname,
const net::SSLConfig& ssl_config,
+ SSLHostInfo* ssl_host_info,
net::SSLSocketDataProvider* data)
: MockClientSocket(transport_socket->socket()->NetLog().net_log()),
transport_(transport_socket),
@@ -473,6 +474,7 @@ MockSSLClientSocket::MockSSLClientSocket(
is_npn_state_set_(false),
new_npn_value_(false) {
DCHECK(data_);
+ delete ssl_host_info; // we take ownership but don't use it.
}
MockSSLClientSocket::~MockSSLClientSocket() {
@@ -976,10 +978,11 @@ ClientSocket* MockClientSocketFactory::CreateTCPClientSocket(
SSLClientSocket* MockClientSocketFactory::CreateSSLClientSocket(
ClientSocketHandle* transport_socket,
const std::string& hostname,
- const SSLConfig& ssl_config) {
+ const SSLConfig& ssl_config,
+ SSLHostInfo* ssl_host_info) {
MockSSLClientSocket* socket =
new MockSSLClientSocket(transport_socket, hostname, ssl_config,
- mock_ssl_data_.GetNext());
+ ssl_host_info, mock_ssl_data_.GetNext());
ssl_client_sockets_.push_back(socket);
return socket;
}
@@ -1020,10 +1023,11 @@ ClientSocket* DeterministicMockClientSocketFactory::CreateTCPClientSocket(
SSLClientSocket* DeterministicMockClientSocketFactory::CreateSSLClientSocket(
ClientSocketHandle* transport_socket,
const std::string& hostname,
- const SSLConfig& ssl_config) {
+ const SSLConfig& ssl_config,
+ SSLHostInfo* ssl_host_info) {
MockSSLClientSocket* socket =
new MockSSLClientSocket(transport_socket, hostname, ssl_config,
- mock_ssl_data_.GetNext());
+ ssl_host_info, mock_ssl_data_.GetNext());
ssl_client_sockets_.push_back(socket);
return socket;
}
diff --git a/net/socket/socket_test_util.h b/net/socket/socket_test_util.h
index eb54b84..445f3c7 100644
--- a/net/socket/socket_test_util.h
+++ b/net/socket/socket_test_util.h
@@ -48,6 +48,7 @@ enum {
class ClientSocket;
class MockClientSocket;
class SSLClientSocket;
+class SSLHostInfo;
struct MockConnect {
// Asynchronous connection success.
@@ -533,7 +534,8 @@ class MockClientSocketFactory : public ClientSocketFactory {
virtual SSLClientSocket* CreateSSLClientSocket(
ClientSocketHandle* transport_socket,
const std::string& hostname,
- const SSLConfig& ssl_config);
+ const SSLConfig& ssl_config,
+ SSLHostInfo* ssl_host_info);
SocketDataProviderArray<SocketDataProvider>& mock_data() {
return mock_data_;
}
@@ -688,6 +690,7 @@ class MockSSLClientSocket : public MockClientSocket {
net::ClientSocketHandle* transport_socket,
const std::string& hostname,
const net::SSLConfig& ssl_config,
+ SSLHostInfo* ssl_host_info,
net::SSLSocketDataProvider* socket);
~MockSSLClientSocket();
@@ -868,7 +871,8 @@ class DeterministicMockClientSocketFactory : public ClientSocketFactory {
virtual SSLClientSocket* CreateSSLClientSocket(
ClientSocketHandle* transport_socket,
const std::string& hostname,
- const SSLConfig& ssl_config);
+ const SSLConfig& ssl_config,
+ SSLHostInfo* ssl_host_info);
SocketDataProviderArray<DeterministicSocketData>& mock_data() {
return mock_data_;
diff --git a/net/socket/ssl_client_socket_mac_factory.cc b/net/socket/ssl_client_socket_mac_factory.cc
index ec41345..bc26261 100644
--- a/net/socket/ssl_client_socket_mac_factory.cc
+++ b/net/socket/ssl_client_socket_mac_factory.cc
@@ -11,7 +11,9 @@ namespace net {
SSLClientSocket* SSLClientSocketMacFactory(
ClientSocketHandle* transport_socket,
const std::string& hostname,
- const SSLConfig& ssl_config) {
+ const SSLConfig& ssl_config,
+ SSLHostInfo* ssl_host_info) {
+ delete ssl_host_info;
return new SSLClientSocketMac(transport_socket, hostname, ssl_config);
}
diff --git a/net/socket/ssl_client_socket_mac_factory.h b/net/socket/ssl_client_socket_mac_factory.h
index 2c793c2..ca97b00 100644
--- a/net/socket/ssl_client_socket_mac_factory.h
+++ b/net/socket/ssl_client_socket_mac_factory.h
@@ -10,11 +10,14 @@
namespace net {
+class SSLHostInfo;
+
// Creates SSLClientSocketMac objects.
SSLClientSocket* SSLClientSocketMacFactory(
ClientSocketHandle* transport_socket,
const std::string& hostname,
- const SSLConfig& ssl_config);
+ const SSLConfig& ssl_config,
+ SSLHostInfo* ssl_host_info);
} // namespace net
diff --git a/net/socket/ssl_client_socket_nss.cc b/net/socket/ssl_client_socket_nss.cc
index 39a2774..95458fa 100644
--- a/net/socket/ssl_client_socket_nss.cc
+++ b/net/socket/ssl_client_socket_nss.cc
@@ -400,7 +400,8 @@ HCERTSTORE SSLClientSocketNSS::cert_store_ = NULL;
SSLClientSocketNSS::SSLClientSocketNSS(ClientSocketHandle* transport_socket,
const std::string& hostname,
- const SSLConfig& ssl_config)
+ const SSLConfig& ssl_config,
+ SSLHostInfo* ssl_host_info)
: ALLOW_THIS_IN_INITIALIZER_LIST(buffer_send_callback_(
this, &SSLClientSocketNSS::BufferSendComplete)),
ALLOW_THIS_IN_INITIALIZER_LIST(buffer_recv_callback_(
@@ -431,7 +432,8 @@ SSLClientSocketNSS::SSLClientSocketNSS(ClientSocketHandle* transport_socket,
nss_bufs_(NULL),
net_log_(transport_socket->socket()->NetLog()),
predicted_npn_status_(kNextProtoUnsupported),
- predicted_npn_proto_used_(false) {
+ predicted_npn_proto_used_(false),
+ ssl_host_info_(ssl_host_info) {
EnterFunction("");
}
@@ -467,9 +469,9 @@ static const uint8 kSnapStartInfoVersion = 0;
// SaveSnapStartInfo serialises the information needed to perform a Snap Start
// with this server in the future (if any) and tells
-// |ssl_config_.ssl_host_info| to preserve it.
+// |ssl_host_info_| to preserve it.
void SSLClientSocketNSS::SaveSnapStartInfo() {
- if (!ssl_config_.ssl_host_info.get())
+ if (!ssl_host_info_.get())
return;
SECStatus rv;
@@ -592,7 +594,7 @@ void SSLClientSocketNSS::SaveSnapStartInfo() {
DCHECK_EQ(j, len);
LOG(ERROR) << "Setting Snap Start info " << hostname_ << " " << len;
- ssl_config_.ssl_host_info->Set(std::string(
+ ssl_host_info_->Set(std::string(
reinterpret_cast<const char *>(&data[0]), len));
CERT_DestroyCertList(cert_list);
@@ -736,7 +738,7 @@ int SSLClientSocketNSS::Connect(CompletionCallback* callback) {
return rv;
}
- if (ssl_config_.snap_start_enabled && ssl_config_.ssl_host_info.get()) {
+ if (ssl_config_.snap_start_enabled && ssl_host_info_.get()) {
GotoState(STATE_SNAP_START_LOAD_INFO);
} else {
GotoState(STATE_HANDSHAKE);
@@ -1969,12 +1971,12 @@ void SSLClientSocketNSS::HandshakeCallback(PRFileDesc* socket,
int SSLClientSocketNSS::DoSnapStartLoadInfo() {
EnterFunction("");
- int rv = ssl_config_.ssl_host_info->WaitForDataReady(&handshake_io_callback_);
+ int rv = ssl_host_info_->WaitForDataReady(&handshake_io_callback_);
if (rv == OK) {
LOG(ERROR) << "SSL host info size " << hostname_ << " "
- << ssl_config_.ssl_host_info->data().size();
- if (LoadSnapStartInfo(ssl_config_.ssl_host_info->data())) {
+ << ssl_host_info_->data().size();
+ if (LoadSnapStartInfo(ssl_host_info_->data())) {
pseudo_connected_ = true;
GotoState(STATE_SNAP_START_WAIT_FOR_WRITE);
if (user_connect_callback_)
diff --git a/net/socket/ssl_client_socket_nss.h b/net/socket/ssl_client_socket_nss.h
index db567c4..8518084 100644
--- a/net/socket/ssl_client_socket_nss.h
+++ b/net/socket/ssl_client_socket_nss.h
@@ -30,6 +30,7 @@ namespace net {
class BoundNetLog;
class CertVerifier;
class ClientSocketHandle;
+class SSLHostInfo;
class X509Certificate;
// An SSL client socket implemented with Mozilla NSS.
@@ -41,7 +42,8 @@ class SSLClientSocketNSS : public SSLClientSocket {
// settings.
SSLClientSocketNSS(ClientSocketHandle* transport_socket,
const std::string& hostname,
- const SSLConfig& ssl_config);
+ const SSLConfig& ssl_config,
+ SSLHostInfo* ssl_host_info);
~SSLClientSocketNSS();
// SSLClientSocket methods:
@@ -213,12 +215,14 @@ class SSLClientSocketNSS : public SSLClientSocket {
// When performing Snap Start we need to predict the NPN protocol which the
// server is going to speak before we actually perform the handshake. Thus
- // the last NPN protocol used is serialised in |ssl_config.ssl_host_info|
+ // the last NPN protocol used is serialised in |ssl_host_info_|
// and kept in these fields:
SSLClientSocket::NextProtoStatus predicted_npn_status_;
std::string predicted_npn_proto_;
bool predicted_npn_proto_used_;
+ scoped_ptr<SSLHostInfo> ssl_host_info_;
+
#if defined(OS_WIN)
// A CryptoAPI in-memory certificate store. We use it for two purposes:
// 1. Import server certificates into this store so that we can verify and
diff --git a/net/socket/ssl_client_socket_nss_factory.cc b/net/socket/ssl_client_socket_nss_factory.cc
index 30de930..b5488d9 100644
--- a/net/socket/ssl_client_socket_nss_factory.cc
+++ b/net/socket/ssl_client_socket_nss_factory.cc
@@ -20,7 +20,9 @@ namespace net {
SSLClientSocket* SSLClientSocketNSSFactory(
ClientSocketHandle* transport_socket,
const std::string& hostname,
- const SSLConfig& ssl_config) {
+ const SSLConfig& ssl_config,
+ SSLHostInfo* ssl_host_info) {
+ scoped_ptr<SSLHostInfo> shi(ssl_host_info);
// TODO(wtc): SSLClientSocketNSS can't do SSL client authentication using
// CryptoAPI yet (http://crbug.com/37560), so we fall back on
// SSLClientSocketWin.
@@ -29,7 +31,8 @@ SSLClientSocket* SSLClientSocketNSSFactory(
return new SSLClientSocketWin(transport_socket, hostname, ssl_config);
#endif
- return new SSLClientSocketNSS(transport_socket, hostname, ssl_config);
+ return new SSLClientSocketNSS(transport_socket, hostname, ssl_config,
+ shi.release());
}
} // namespace net
diff --git a/net/socket/ssl_client_socket_nss_factory.h b/net/socket/ssl_client_socket_nss_factory.h
index f977109..d454bb9 100644
--- a/net/socket/ssl_client_socket_nss_factory.h
+++ b/net/socket/ssl_client_socket_nss_factory.h
@@ -10,11 +10,14 @@
namespace net {
+class SSLHostInfo;
+
// Creates SSLClientSocketNSS objects.
SSLClientSocket* SSLClientSocketNSSFactory(
ClientSocketHandle* transport_socket,
const std::string& hostname,
- const SSLConfig& ssl_config);
+ const SSLConfig& ssl_config,
+ SSLHostInfo* ssl_host_info);
} // namespace net
diff --git a/net/socket/ssl_client_socket_pool.cc b/net/socket/ssl_client_socket_pool.cc
index a338a7f..048ff4b 100644
--- a/net/socket/ssl_client_socket_pool.cc
+++ b/net/socket/ssl_client_socket_pool.cc
@@ -8,6 +8,7 @@
#include "base/values.h"
#include "net/base/net_errors.h"
#include "net/base/ssl_cert_request_info.h"
+#include "net/base/ssl_host_info.h"
#include "net/http/http_proxy_client_socket.h"
#include "net/http/http_proxy_client_socket_pool.h"
#include "net/socket/client_socket_factory.h"
@@ -76,6 +77,7 @@ SSLConnectJob::SSLConnectJob(
ClientSocketFactory* client_socket_factory,
HostResolver* host_resolver,
DnsRRResolver* dnsrr_resolver,
+ SSLHostInfoFactory* ssl_host_info_factory,
Delegate* delegate,
NetLog* net_log)
: ConnectJob(group_name, timeout_duration, delegate,
@@ -87,6 +89,7 @@ SSLConnectJob::SSLConnectJob(
client_socket_factory_(client_socket_factory),
resolver_(host_resolver),
dnsrr_resolver_(dnsrr_resolver),
+ ssl_host_info_factory_(ssl_host_info_factory),
ALLOW_THIS_IN_INITIALIZER_LIST(
callback_(this, &SSLConnectJob::OnIOComplete)) {}
@@ -188,10 +191,14 @@ int SSLConnectJob::DoLoop(int result) {
int SSLConnectJob::DoTCPConnect() {
DCHECK(tcp_pool_);
- if (params_->ssl_config().ssl_host_info.get()) {
+ if (ssl_host_info_factory_ && SSLConfigService::snap_start_enabled()) {
+ ssl_host_info_.reset(
+ ssl_host_info_factory_->GetForHost(params_->hostname()));
+ }
+ if (ssl_host_info_.get()) {
// This starts fetching the SSL host info from the disk cache for Snap
// Start.
- params_->ssl_config().ssl_host_info->Start();
+ ssl_host_info_->Start();
}
next_state_ = STATE_TCP_CONNECT_COMPLETE;
@@ -277,7 +284,7 @@ int SSLConnectJob::DoSSLConnect() {
ssl_socket_.reset(client_socket_factory_->CreateSSLClientSocket(
transport_socket_handle_.release(), params_->hostname(),
- params_->ssl_config()));
+ params_->ssl_config(), ssl_host_info_.release()));
return ssl_socket_->Connect(&callback_);
}
@@ -348,7 +355,8 @@ ConnectJob* SSLClientSocketPool::SSLConnectJobFactory::NewConnectJob(
return new SSLConnectJob(group_name, request.params(), ConnectionTimeout(),
tcp_pool_, socks_pool_, http_proxy_pool_,
client_socket_factory_, host_resolver_,
- dnsrr_resolver_, delegate, net_log_);
+ dnsrr_resolver_, ssl_host_info_factory_, delegate,
+ net_log_);
}
SSLClientSocketPool::SSLConnectJobFactory::SSLConnectJobFactory(
@@ -358,6 +366,7 @@ SSLClientSocketPool::SSLConnectJobFactory::SSLConnectJobFactory(
ClientSocketFactory* client_socket_factory,
HostResolver* host_resolver,
DnsRRResolver* dnsrr_resolver,
+ SSLHostInfoFactory* ssl_host_info_factory,
NetLog* net_log)
: tcp_pool_(tcp_pool),
socks_pool_(socks_pool),
@@ -365,6 +374,7 @@ SSLClientSocketPool::SSLConnectJobFactory::SSLConnectJobFactory(
client_socket_factory_(client_socket_factory),
host_resolver_(host_resolver),
dnsrr_resolver_(dnsrr_resolver),
+ ssl_host_info_factory_(ssl_host_info_factory),
net_log_(net_log) {
base::TimeDelta max_transport_timeout = base::TimeDelta();
base::TimeDelta pool_timeout;
@@ -390,6 +400,7 @@ SSLClientSocketPool::SSLClientSocketPool(
ClientSocketPoolHistograms* histograms,
HostResolver* host_resolver,
DnsRRResolver* dnsrr_resolver,
+ SSLHostInfoFactory* ssl_host_info_factory,
ClientSocketFactory* client_socket_factory,
TCPClientSocketPool* tcp_pool,
SOCKSClientSocketPool* socks_pool,
@@ -405,7 +416,8 @@ SSLClientSocketPool::SSLClientSocketPool(
base::TimeDelta::FromSeconds(kUsedIdleSocketTimeout),
new SSLConnectJobFactory(tcp_pool, socks_pool, http_proxy_pool,
client_socket_factory, host_resolver,
- dnsrr_resolver, net_log)),
+ dnsrr_resolver, ssl_host_info_factory,
+ net_log)),
ssl_config_service_(ssl_config_service) {
if (ssl_config_service_)
ssl_config_service_->AddObserver(this);
diff --git a/net/socket/ssl_client_socket_pool.h b/net/socket/ssl_client_socket_pool.h
index 935a0d7..1711722 100644
--- a/net/socket/ssl_client_socket_pool.h
+++ b/net/socket/ssl_client_socket_pool.h
@@ -30,6 +30,7 @@ class HttpProxySocketParams;
class SOCKSClientSocketPool;
class SOCKSSocketParams;
class SSLClientSocket;
+class SSLHostInfoFactory;
class TCPClientSocketPool;
class TCPSocketParams;
struct RRResponse;
@@ -93,6 +94,7 @@ class SSLConnectJob : public ConnectJob {
ClientSocketFactory* client_socket_factory,
HostResolver* host_resolver,
DnsRRResolver* dnsrr_resolver,
+ SSLHostInfoFactory* ssl_host_info_factory,
Delegate* delegate,
NetLog* net_log);
virtual ~SSLConnectJob();
@@ -140,12 +142,14 @@ class SSLConnectJob : public ConnectJob {
HttpProxyClientSocketPool* const http_proxy_pool_;
ClientSocketFactory* const client_socket_factory_;
HostResolver* const resolver_;
- DnsRRResolver* dnsrr_resolver_;
+ DnsRRResolver* const dnsrr_resolver_;
+ SSLHostInfoFactory* const ssl_host_info_factory_;
State next_state_;
CompletionCallbackImpl<SSLConnectJob> callback_;
scoped_ptr<ClientSocketHandle> transport_socket_handle_;
scoped_ptr<SSLClientSocket> ssl_socket_;
+ scoped_ptr<SSLHostInfo> ssl_host_info_;
// The time the DoSSLConnect() method was called.
base::TimeTicks ssl_connect_start_time_;
@@ -166,6 +170,7 @@ class SSLClientSocketPool : public ClientSocketPool,
ClientSocketPoolHistograms* histograms,
HostResolver* host_resolver,
DnsRRResolver* dnsrr_resolver,
+ SSLHostInfoFactory* ssl_host_info_factory,
ClientSocketFactory* client_socket_factory,
TCPClientSocketPool* tcp_pool,
SOCKSClientSocketPool* socks_pool,
@@ -238,6 +243,7 @@ class SSLClientSocketPool : public ClientSocketPool,
ClientSocketFactory* client_socket_factory,
HostResolver* host_resolver,
DnsRRResolver* dnsrr_resolver,
+ SSLHostInfoFactory* ssl_host_info_factory,
NetLog* net_log);
virtual ~SSLConnectJobFactory() {}
@@ -256,7 +262,8 @@ class SSLClientSocketPool : public ClientSocketPool,
HttpProxyClientSocketPool* const http_proxy_pool_;
ClientSocketFactory* const client_socket_factory_;
HostResolver* const host_resolver_;
- DnsRRResolver* dnsrr_resolver_;
+ DnsRRResolver* const dnsrr_resolver_;
+ SSLHostInfoFactory* const ssl_host_info_factory_;
base::TimeDelta timeout_;
NetLog* net_log_;
diff --git a/net/socket/ssl_client_socket_pool_unittest.cc b/net/socket/ssl_client_socket_pool_unittest.cc
index 755bd44..3ee9394 100644
--- a/net/socket/ssl_client_socket_pool_unittest.cc
+++ b/net/socket/ssl_client_socket_pool_unittest.cc
@@ -40,6 +40,7 @@ class SSLClientSocketPoolTest : public testing::Test {
host_resolver_.get())),
session_(new HttpNetworkSession(host_resolver_.get(),
NULL /* dnsrr_resolver */,
+ NULL /* ssl_host_info_factory */,
ProxyService::CreateDirect(),
&socket_factory_,
new SSLConfigServiceDefaults,
@@ -96,6 +97,7 @@ class SSLClientSocketPoolTest : public testing::Test {
ssl_histograms_.get(),
NULL,
NULL /* dnsrr_resolver */,
+ NULL /* ssl_host_info_factory */,
&socket_factory_,
tcp_pool ? &tcp_socket_pool_ : NULL,
socks_pool ? &socks_socket_pool_ : NULL,
diff --git a/net/socket/ssl_client_socket_unittest.cc b/net/socket/ssl_client_socket_unittest.cc
index b367a80..bfcbe81 100644
--- a/net/socket/ssl_client_socket_unittest.cc
+++ b/net/socket/ssl_client_socket_unittest.cc
@@ -67,7 +67,8 @@ TEST_F(SSLClientSocketTest, Connect) {
scoped_ptr<net::SSLClientSocket> sock(
socket_factory_->CreateSSLClientSocket(transport,
- test_server.host_port_pair().host(), kDefaultSSLConfig));
+ test_server.host_port_pair().host(), kDefaultSSLConfig,
+ NULL /* ssl_host_info */));
EXPECT_FALSE(sock->IsConnected());
@@ -110,7 +111,8 @@ TEST_F(SSLClientSocketTest, ConnectExpired) {
scoped_ptr<net::SSLClientSocket> sock(
socket_factory_->CreateSSLClientSocket(transport,
- test_server.host_port_pair().host(), kDefaultSSLConfig));
+ test_server.host_port_pair().host(), kDefaultSSLConfig,
+ NULL /* ssl_host_info */));
EXPECT_FALSE(sock->IsConnected());
@@ -152,7 +154,8 @@ TEST_F(SSLClientSocketTest, ConnectMismatched) {
scoped_ptr<net::SSLClientSocket> sock(
socket_factory_->CreateSSLClientSocket(transport,
- test_server.host_port_pair().host(), kDefaultSSLConfig));
+ test_server.host_port_pair().host(), kDefaultSSLConfig,
+ NULL /* ssl_host_info */));
EXPECT_FALSE(sock->IsConnected());
@@ -197,7 +200,8 @@ TEST_F(SSLClientSocketTest, FLAKY_ConnectClientAuthCertRequested) {
scoped_ptr<net::SSLClientSocket> sock(
socket_factory_->CreateSSLClientSocket(transport,
- test_server.host_port_pair().host(), kDefaultSSLConfig));
+ test_server.host_port_pair().host(), kDefaultSSLConfig,
+ NULL /* ssl_host_info */));
EXPECT_FALSE(sock->IsConnected());
@@ -247,7 +251,8 @@ TEST_F(SSLClientSocketTest, ConnectClientAuthSendNullCert) {
scoped_ptr<net::SSLClientSocket> sock(
socket_factory_->CreateSSLClientSocket(transport,
- test_server.host_port_pair().host(), ssl_config));
+ test_server.host_port_pair().host(), ssl_config,
+ NULL /* ssl_host_info */));
EXPECT_FALSE(sock->IsConnected());
@@ -297,7 +302,8 @@ TEST_F(SSLClientSocketTest, Read) {
socket_factory_->CreateSSLClientSocket(
transport,
test_server.host_port_pair().host(),
- kDefaultSSLConfig));
+ kDefaultSSLConfig,
+ NULL /* ssl_host_info */));
rv = sock->Connect(&callback);
if (rv != net::OK) {
@@ -357,7 +363,8 @@ TEST_F(SSLClientSocketTest, Read_FullDuplex) {
socket_factory_->CreateSSLClientSocket(
transport,
test_server.host_port_pair().host(),
- kDefaultSSLConfig));
+ kDefaultSSLConfig,
+ NULL /* ssl_host_info */));
rv = sock->Connect(&callback);
if (rv != net::OK) {
@@ -414,7 +421,8 @@ TEST_F(SSLClientSocketTest, Read_SmallChunks) {
scoped_ptr<net::SSLClientSocket> sock(
socket_factory_->CreateSSLClientSocket(transport,
- test_server.host_port_pair().host(), kDefaultSSLConfig));
+ test_server.host_port_pair().host(), kDefaultSSLConfig,
+ NULL /* ssl_host_info */));
rv = sock->Connect(&callback);
if (rv != net::OK) {
@@ -467,7 +475,8 @@ TEST_F(SSLClientSocketTest, Read_Interrupted) {
scoped_ptr<net::SSLClientSocket> sock(
socket_factory_->CreateSSLClientSocket(transport,
- test_server.host_port_pair().host(), kDefaultSSLConfig));
+ test_server.host_port_pair().host(), kDefaultSSLConfig,
+ NULL /* ssl_host_info */));
rv = sock->Connect(&callback);
if (rv != net::OK) {
@@ -540,7 +549,8 @@ TEST_F(SSLClientSocketTest, PrematureApplicationData) {
scoped_ptr<net::SSLClientSocket> sock(
socket_factory_->CreateSSLClientSocket(
- transport, test_server.host_port_pair().host(), kDefaultSSLConfig));
+ transport, test_server.host_port_pair().host(), kDefaultSSLConfig,
+ NULL /* ssl_host_info */));
rv = sock->Connect(&callback);
EXPECT_EQ(net::ERR_SSL_PROTOCOL_ERROR, rv);
diff --git a/net/socket/tcp_client_socket_pool_unittest.cc b/net/socket/tcp_client_socket_pool_unittest.cc
index c550232..32ac9f8 100644
--- a/net/socket/tcp_client_socket_pool_unittest.cc
+++ b/net/socket/tcp_client_socket_pool_unittest.cc
@@ -245,8 +245,10 @@ class MockClientSocketFactory : public ClientSocketFactory {
virtual SSLClientSocket* CreateSSLClientSocket(
ClientSocketHandle* transport_socket,
const std::string& hostname,
- const SSLConfig& ssl_config) {
+ const SSLConfig& ssl_config,
+ SSLHostInfo* ssl_host_info) {
NOTIMPLEMENTED();
+ delete ssl_host_info;
return NULL;
}
diff --git a/net/socket_stream/socket_stream.cc b/net/socket_stream/socket_stream.cc
index aa91962..7c3c5e9 100644
--- a/net/socket_stream/socket_stream.cc
+++ b/net/socket_stream/socket_stream.cc
@@ -793,8 +793,10 @@ int SocketStream::DoSOCKSConnectComplete(int result) {
int SocketStream::DoSSLConnect() {
DCHECK(factory_);
+ // TODO(agl): look into plumbing SSLHostInfo here.
socket_.reset(factory_->CreateSSLClientSocket(
- socket_.release(), url_.HostNoBrackets(), ssl_config_));
+ socket_.release(), url_.HostNoBrackets(), ssl_config_,
+ NULL /* ssl_host_info */));
next_state_ = STATE_SSL_CONNECT_COMPLETE;
metrics_->OnSSLConnection();
return socket_->Connect(&io_callback_);
diff --git a/net/spdy/spdy_test_util.h b/net/spdy/spdy_test_util.h
index 8c3a1e5..e3e85c8 100644
--- a/net/spdy/spdy_test_util.h
+++ b/net/spdy/spdy_test_util.h
@@ -354,6 +354,7 @@ class SpdySessionDependencies {
SpdySessionDependencies* session_deps) {
return new HttpNetworkSession(session_deps->host_resolver.get(),
NULL /* dnsrr_resolver */,
+ NULL /* ssl_host_info_factory */,
session_deps->proxy_service,
session_deps->socket_factory.get(),
session_deps->ssl_config_service,
@@ -366,6 +367,7 @@ class SpdySessionDependencies {
SpdySessionDependencies* session_deps) {
return new HttpNetworkSession(session_deps->host_resolver.get(),
NULL /* dnsrr_resolver */,
+ NULL /* ssl_host_info_factory */,
session_deps->proxy_service,
session_deps->
deterministic_socket_factory.get(),
@@ -389,6 +391,7 @@ class SpdyURLRequestContext : public URLRequestContext {
new HttpNetworkLayer(&socket_factory_,
host_resolver_,
NULL /* dnsrr_resolver */,
+ NULL /* ssl_host_info_factory */,
proxy_service_,
ssl_config_service_,
new SpdySessionPool(NULL),
diff --git a/net/tools/fetch/fetch_client.cc b/net/tools/fetch/fetch_client.cc
index b976ce2..42949c8 100644
--- a/net/tools/fetch/fetch_client.cc
+++ b/net/tools/fetch/fetch_client.cc
@@ -155,6 +155,7 @@ int main(int argc, char**argv) {
net::ClientSocketFactory::GetDefaultFactory(),
host_resolver.get(),
NULL /* dnsrr_resolver */,
+ NULL /* ssl_host_info_factory */,
proxy_service,
ssl_config_service,
http_auth_handler_factory.get(),
diff --git a/net/url_request/url_request_unittest.h b/net/url_request/url_request_unittest.h
index 99aeda5..2a3ae41 100644
--- a/net/url_request/url_request_unittest.h
+++ b/net/url_request/url_request_unittest.h
@@ -161,7 +161,8 @@ class TestURLRequestContext : public URLRequestContext {
host_resolver_);
http_transaction_factory_ = new net::HttpCache(
net::HttpNetworkLayer::CreateFactory(host_resolver_,
- NULL,
+ NULL /* dnsrr_resolver */,
+ NULL /* ssl_host_info_factory */,
proxy_service_,
ssl_config_service_,
http_auth_handler_factory_,
diff --git a/remoting/jingle_glue/ssl_socket_adapter.cc b/remoting/jingle_glue/ssl_socket_adapter.cc
index 6eca04b..3f49325 100644
--- a/remoting/jingle_glue/ssl_socket_adapter.cc
+++ b/remoting/jingle_glue/ssl_socket_adapter.cc
@@ -67,7 +67,8 @@ int SSLSocketAdapter::BeginSSL() {
transport_socket_->set_addr(talk_base::SocketAddress(hostname_, 0));
ssl_socket_.reset(
net::ClientSocketFactory::GetDefaultFactory()->CreateSSLClientSocket(
- transport_socket_, hostname_.c_str(), ssl_config));
+ transport_socket_, hostname_.c_str(), ssl_config,
+ NULL /* ssl_host_info */));
int result = ssl_socket_->Connect(&connected_callback_);