Add a new method of ClientSocketFactory for clearing the cache used for SSL session resumption.

Review URL: http://codereview.chromium.org/6580006

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@76052 0039d316-1c4b-4281-b951-d872f2087c98

8 files changed, 43 insertions, 0 deletions

diff --git a/jingle/notifier/base/xmpp_client_socket_factory.cc b/jingle/notifier/base/xmpp_client_socket_factory.cc
index 5b390c2f..8515f80 100644
--- a/jingle/notifier/base/xmpp_client_socket_factory.cc
+++ b/jingle/notifier/base/xmpp_client_socket_factory.cc
@@ -42,4 +42,8 @@ net::SSLClientSocket* XmppClientSocketFactory::CreateSSLClientSocket(
       cert_verifier, dns_cert_checker);
 }
 
+void XmppClientSocketFactory::ClearSSLSessionCache() {
+  client_socket_factory_->ClearSSLSessionCache();
+}
+
 }  // namespace
diff --git a/jingle/notifier/base/xmpp_client_socket_factory.h b/jingle/notifier/base/xmpp_client_socket_factory.h
index db11b90..48c683d 100644
--- a/jingle/notifier/base/xmpp_client_socket_factory.h
+++ b/jingle/notifier/base/xmpp_client_socket_factory.h
@@ -35,6 +35,7 @@ class XmppClientSocketFactory : public net::ClientSocketFactory {
       const net::HostPortPair& host_and_port, const net::SSLConfig& ssl_config,
       net::SSLHostInfo* ssl_host_info, net::CertVerifier* cert_verifier,
       net::DnsCertProvenanceChecker* dns_cert_checker);
+  virtual void ClearSSLSessionCache();
 
  private:
   net::ClientSocketFactory* const client_socket_factory_;
diff --git a/net/socket/client_socket_factory.cc b/net/socket/client_socket_factory.cc
index dfbe1f2..2eb90e5 100644
--- a/net/socket/client_socket_factory.cc
+++ b/net/socket/client_socket_factory.cc
@@ -72,6 +72,25 @@ class DefaultClientSocketFactory : public ClientSocketFactory {
     return NULL;
 #endif
   }
+
+  // TODO(rch): This is only implemented for the NSS SSL library, which is the
+  /// default for Windows, Mac and Linux, but we should implement it everywhere.
+  void ClearSSLSessionCache() {
+#if defined(OS_WIN)
+    if (!g_use_system_ssl)
+      SSLClientSocketNSS::ClearSessionCache();
+#elif defined(USE_OPENSSL)
+    // no-op
+#elif defined(USE_NSS)
+    SSLClientSocketNSS::ClearSessionCache();
+#elif defined(OS_MACOSX)
+    if (!g_use_system_ssl)
+      SSLClientSocketNSS::ClearSessionCache();
+#else
+    NOTIMPLEMENTED();
+#endif
+  }
+
 };
 
 static base::LazyInstance<DefaultClientSocketFactory>
diff --git a/net/socket/client_socket_factory.h b/net/socket/client_socket_factory.h
index b750a0d..df43cdd 100644
--- a/net/socket/client_socket_factory.h
+++ b/net/socket/client_socket_factory.h
@@ -52,6 +52,9 @@ class ClientSocketFactory {
       SSLHostInfo* ssl_host_info,
       CertVerifier* cert_verifier);
 
+  // Clears cache used for SSL session resumption.
+  virtual void ClearSSLSessionCache() = 0;
+
   // Returns the default ClientSocketFactory.
   static ClientSocketFactory* GetDefaultFactory();
 
diff --git a/net/socket/client_socket_pool_base_unittest.cc b/net/socket/client_socket_pool_base_unittest.cc
index 803966b..168f430 100644
--- a/net/socket/client_socket_pool_base_unittest.cc
+++ b/net/socket/client_socket_pool_base_unittest.cc
@@ -117,6 +117,10 @@ class MockClientSocketFactory : public ClientSocketFactory {
     return NULL;
   }
 
+  virtual void ClearSSLSessionCache() {
+    NOTIMPLEMENTED();
+  }
+
   void WaitForSignal(TestConnectJob* job) { waiting_jobs_.push_back(job); }
   void SignalJobs();
 
diff --git a/net/socket/socket_test_util.cc b/net/socket/socket_test_util.cc
index dc89546..7e298b5 100644
--- a/net/socket/socket_test_util.cc
+++ b/net/socket/socket_test_util.cc
@@ -604,6 +604,9 @@ SSLClientSocket* MockClientSocketFactory::CreateSSLClientSocket(
   return socket;
 }
 
+void MockClientSocketFactory::ClearSSLSessionCache() {
+}
+
 MockClientSocket::MockClientSocket(net::NetLog* net_log)
     : ALLOW_THIS_IN_INITIALIZER_LIST(method_factory_(this)),
       connected_(false),
@@ -1304,6 +1307,9 @@ SSLClientSocket* DeterministicMockClientSocketFactory::CreateSSLClientSocket(
   return socket;
 }
 
+void DeterministicMockClientSocketFactory::ClearSSLSessionCache() {
+}
+
 MockSOCKSClientSocketPool::MockSOCKSClientSocketPool(
     int max_sockets,
     int max_sockets_per_group,
diff --git a/net/socket/socket_test_util.h b/net/socket/socket_test_util.h
index 4a15f37..0929dce 100644
--- a/net/socket/socket_test_util.h
+++ b/net/socket/socket_test_util.h
@@ -546,6 +546,7 @@ class MockClientSocketFactory : public ClientSocketFactory {
       SSLHostInfo* ssl_host_info,
       CertVerifier* cert_verifier,
       DnsCertProvenanceChecker* dns_cert_checker);
+  virtual void ClearSSLSessionCache();
 
  private:
   SocketDataProviderArray<SocketDataProvider> mock_data_;
@@ -900,6 +901,7 @@ class DeterministicMockClientSocketFactory : public ClientSocketFactory {
       SSLHostInfo* ssl_host_info,
       CertVerifier* cert_verifier,
       DnsCertProvenanceChecker* dns_cert_checker);
+  virtual void ClearSSLSessionCache();
 
  private:
   SocketDataProviderArray<DeterministicSocketData> mock_data_;
diff --git a/net/socket/tcp_client_socket_pool_unittest.cc b/net/socket/tcp_client_socket_pool_unittest.cc
index bd1b8bd..307bd12 100644
--- a/net/socket/tcp_client_socket_pool_unittest.cc
+++ b/net/socket/tcp_client_socket_pool_unittest.cc
@@ -259,6 +259,10 @@ class MockClientSocketFactory : public ClientSocketFactory {
     return NULL;
   }
 
+  virtual void ClearSSLSessionCache() {
+    NOTIMPLEMENTED();
+  }
+
   int allocation_count() const { return allocation_count_; }
 
   // Set the default ClientSocketType.