Set unique ssl_session_cache_shard for PrivetV3ContextGetter

Added URLRequestContextBuilder::set_ssl_session_cache_shard Contexts with custom verifiers need to set own shard to avoid poisoning other ssl session caches. BUG=524788, 458365 Review URL: https://codereview.chromium.org/1462583004 Cr-Commit-Position: refs/heads/master@{#360705}
author: vitalybuka <vitalybuka@chromium.org> 2015-11-19 17:26:37 -0800
committer: Commit bot <commit-bot@chromium.org> 2015-11-20 01:27:39 +0000
commit: 6f82745e6ac4f53321f835c47596684d631b3d23 (patch)
tree: c805d56c90f0dc1fbd9508f78020140d7c0c4b96
parent: a664ea923f135c74b9494acb36ee524e4c9f8448 (diff)
download: chromium_src-6f82745e6ac4f53321f835c47596684d631b3d23.zip
chromium_src-6f82745e6ac4f53321f835c47596684d631b3d23.tar.gz
chromium_src-6f82745e6ac4f53321f835c47596684d631b3d23.tar.bz2
4 files changed, 27 insertions, 0 deletions
diff --git a/chrome/browser/extensions/api/gcd_private/privet_v3_context_getter.cc b/chrome/browser/extensions/api/gcd_private/privet_v3_context_getter.cc
index 7d0bc96..ff75027 100644
--- a/chrome/browser/extensions/api/gcd_private/privet_v3_context_getter.cc
+++ b/chrome/browser/extensions/api/gcd_private/privet_v3_context_getter.cc
@@ -4,7 +4,9 @@
 
 #include "chrome/browser/extensions/api/gcd_private/privet_v3_context_getter.h"
 
+#include "base/atomicops.h"
 #include "base/command_line.h"
+#include "base/strings/string_number_conversions.h"
 #include "chrome/common/chrome_content_client.h"
 #include "chrome/common/chrome_switches.h"
 #include "net/base/net_errors.h"
@@ -16,6 +18,11 @@
 
 namespace extensions {
 
+namespace {
+// TODO(vitalybuka): crbug.com/458365 Move into URLRequestContextBuilder
+base::subtle::Atomic32 g_ssl_shard_counter = 0;
+}
+
 // Class verifies certificate by its fingerprint received using different
 // channel. It's the only know information about device with self-signed
 // certificate.
@@ -105,6 +112,10 @@ void PrivetV3ContextGetter::InitOnNetThread() {
   DCHECK(net_task_runner_->BelongsToCurrentThread());
   if (!context_) {
     net::URLRequestContextBuilder builder;
+    std::string shard_name = "privet_v3_context_getter/";
+    shard_name += base::IntToString(
+        base::subtle::Barrier_AtomicIncrement(&g_ssl_shard_counter, 1));
+    builder.set_ssl_session_cache_shard(shard_name);
     builder.set_proxy_service(net::ProxyService::CreateDirect());
     builder.SetSpdyAndQuicEnabled(false, false);
     builder.DisableHttpCache();
diff --git a/net/url_request/url_request_context_builder.cc b/net/url_request/url_request_context_builder.cc
index c753507..2abd95f 100644
--- a/net/url_request/url_request_context_builder.cc
+++ b/net/url_request/url_request_context_builder.cc
@@ -391,6 +391,8 @@ scoped_ptr<URLRequestContext> URLRequestContextBuilder::Build() {
   network_session_params.enable_quic = http_network_session_params_.enable_quic;
   network_session_params.quic_connection_options =
       http_network_session_params_.quic_connection_options;
+  network_session_params.ssl_session_cache_shard =
+      http_network_session_params_.ssl_session_cache_shard;
 
   storage->set_http_network_session(
       make_scoped_ptr(new HttpNetworkSession(network_session_params)));
diff --git a/net/url_request/url_request_context_builder.h b/net/url_request/url_request_context_builder.h
index 260eccb7..40712f7 100644
--- a/net/url_request/url_request_context_builder.h
+++ b/net/url_request/url_request_context_builder.h
@@ -88,6 +88,7 @@ class NET_EXPORT URLRequestContextBuilder {
     bool use_alternative_services;
     bool enable_quic;
     QuicTagVector quic_connection_options;
+    std::string ssl_session_cache_shard;
   };
 
   URLRequestContextBuilder();
@@ -192,6 +193,11 @@ class NET_EXPORT URLRequestContextBuilder {
         quic_connection_options;
   }
 
+  void set_ssl_session_cache_shard(const std::string& ssl_session_cache_shard) {
+    http_network_session_params_.ssl_session_cache_shard =
+        ssl_session_cache_shard;
+  }
+
   void set_throttling_enabled(bool throttling_enabled) {
     throttling_enabled_ = throttling_enabled;
   }
diff --git a/net/url_request/url_request_context_builder_unittest.cc b/net/url_request/url_request_context_builder_unittest.cc
index 8c280d3..e0703d7 100644
--- a/net/url_request/url_request_context_builder_unittest.cc
+++ b/net/url_request/url_request_context_builder_unittest.cc
@@ -111,6 +111,14 @@ TEST_F(URLRequestContextBuilderTest, ExtraHttpAuthHandlerFactory) {
                 "Bogus", HttpAuth::AUTH_SERVER, gurl, BoundNetLog(), &handler));
 }
 
+TEST_F(URLRequestContextBuilderTest, set_ssl_session_cache_shard) {
+  const char kTestShard[] = "test_shard";
+  builder_.set_ssl_session_cache_shard(kTestShard);
+  scoped_ptr<URLRequestContext> context(builder_.Build());
+  EXPECT_EQ(kTestShard,
+            context->GetNetworkSessionParams()->ssl_session_cache_shard);
+}
+
 }  // namespace
 
 }  // namespace net
author	vitalybuka <vitalybuka@chromium.org>	2015-11-19 17:26:37 -0800
committer	Commit bot <commit-bot@chromium.org>	2015-11-20 01:27:39 +0000
commit	6f82745e6ac4f53321f835c47596684d631b3d23 (patch)
tree	c805d56c90f0dc1fbd9508f78020140d7c0c4b96
parent	a664ea923f135c74b9494acb36ee524e4c9f8448 (diff)
download	chromium_src-6f82745e6ac4f53321f835c47596684d631b3d23.zip chromium_src-6f82745e6ac4f53321f835c47596684d631b3d23.tar.gz chromium_src-6f82745e6ac4f53321f835c47596684d631b3d23.tar.bz2