diff options
| author | mattm@chromium.org <mattm@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-03-20 22:42:29 +0000 |
|---|---|---|
| committer | mattm@chromium.org <mattm@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-03-20 22:42:29 +0000 |
| commit | 9c4eff26e509149d2133268af7744a5cdb079dd1 (patch) | |
| tree | 37f5ddc3dee1ed87d40a9e8ff6dce25778cfb1e0 /chrome | |
| parent | 4a210ecd52feb4f61969f329c5bd10b5746c6e2b (diff) | |
| download | chromium_src-9c4eff26e509149d2133268af7744a5cdb079dd1.zip chromium_src-9c4eff26e509149d2133268af7744a5cdb079dd1.tar.gz chromium_src-9c4eff26e509149d2133268af7744a5cdb079dd1.tar.bz2 | |
Change Origin bound certs -> Domain bound certs.
BUG=115348
TEST=unit tests, manually checked 'Origin Bound Certs' contents after browsing
TBR=jam@chromium.org,willchan@chromium.org
Review URL: https://chromiumcodereview.appspot.com/9617039
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@127817 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome')
26 files changed, 271 insertions, 262 deletions
diff --git a/chrome/app/policy/policy_templates.json b/chrome/app/policy/policy_templates.json index 657e0fa..fc4d10e 100644 --- a/chrome/app/policy/policy_templates.json +++ b/chrome/app/policy/policy_templates.json @@ -2221,10 +2221,10 @@ 'future': True, 'example_value': True, 'id': 114, - 'caption': '''Enable TLS origin-bound certificates extension''', - 'desc': '''Specifies whether the TLS origin-bound certificates extension should be enabled. + 'caption': '''Enable TLS domain-bound certificates extension''', + 'desc': '''Specifies whether the TLS domain-bound certificates extension should be enabled. - This setting is used to enable the TLS origin-bound certificates extension for testing. This experimental setting will be removed in the future.''', + This setting is used to enable the TLS domain-bound certificates extension for testing. This experimental setting will be removed in the future.''', }, { 'name': 'EnableMemoryInfo', diff --git a/chrome/browser/browsing_data_remover.cc b/chrome/browser/browsing_data_remover.cc index baaf258..cc9b69c 100644 --- a/chrome/browser/browsing_data_remover.cc +++ b/chrome/browser/browsing_data_remover.cc @@ -104,7 +104,7 @@ BrowsingDataRemover::BrowsingDataRemover(Profile* profile, waiting_for_clear_cookies_count_(0), waiting_for_clear_history_(false), waiting_for_clear_networking_history_(false), - waiting_for_clear_origin_bound_certs_(false), + waiting_for_clear_server_bound_certs_(false), waiting_for_clear_plugin_data_(false), waiting_for_clear_quota_managed_data_(false), remove_mask_(0), @@ -129,7 +129,7 @@ BrowsingDataRemover::BrowsingDataRemover(Profile* profile, waiting_for_clear_cookies_count_(0), waiting_for_clear_history_(false), waiting_for_clear_networking_history_(false), - waiting_for_clear_origin_bound_certs_(false), + waiting_for_clear_server_bound_certs_(false), waiting_for_clear_plugin_data_(false), waiting_for_clear_quota_managed_data_(false), remove_mask_(0), @@ -288,16 +288,16 @@ void BrowsingDataRemover::RemoveImpl(int remove_mask, #endif } - if (remove_mask & REMOVE_ORIGIN_BOUND_CERTS) { + if (remove_mask & REMOVE_SERVER_BOUND_CERTS) { content::RecordAction( - UserMetricsAction("ClearBrowsingData_OriginBoundCerts")); + UserMetricsAction("ClearBrowsingData_ServerBoundCerts")); // Since we are running on the UI thread don't call GetURLRequestContext(). net::URLRequestContextGetter* rq_context = profile_->GetRequestContext(); if (rq_context) { - waiting_for_clear_origin_bound_certs_ = true; + waiting_for_clear_server_bound_certs_ = true; BrowserThread::PostTask( BrowserThread::IO, FROM_HERE, - base::Bind(&BrowsingDataRemover::ClearOriginBoundCertsOnIOThread, + base::Bind(&BrowsingDataRemover::ClearServerBoundCertsOnIOThread, base::Unretained(this), base::Unretained(rq_context))); } } @@ -692,21 +692,21 @@ void BrowsingDataRemover::ClearCookiesOnIOThread( base::Unretained(this))); } -void BrowsingDataRemover::ClearOriginBoundCertsOnIOThread( +void BrowsingDataRemover::ClearServerBoundCertsOnIOThread( net::URLRequestContextGetter* rq_context) { DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); - net::OriginBoundCertService* origin_bound_cert_service = - rq_context->GetURLRequestContext()->origin_bound_cert_service(); - origin_bound_cert_service->GetCertStore()->DeleteAllCreatedBetween( + net::ServerBoundCertService* server_bound_cert_service = + rq_context->GetURLRequestContext()->server_bound_cert_service(); + server_bound_cert_service->GetCertStore()->DeleteAllCreatedBetween( delete_begin_, delete_end_); BrowserThread::PostTask( BrowserThread::UI, FROM_HERE, - base::Bind(&BrowsingDataRemover::OnClearedOriginBoundCerts, + base::Bind(&BrowsingDataRemover::OnClearedServerBoundCerts, base::Unretained(this))); } -void BrowsingDataRemover::OnClearedOriginBoundCerts() { +void BrowsingDataRemover::OnClearedServerBoundCerts() { DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); - waiting_for_clear_origin_bound_certs_ = false; + waiting_for_clear_server_bound_certs_ = false; NotifyAndDeleteIfDone(); } diff --git a/chrome/browser/browsing_data_remover.h b/chrome/browser/browsing_data_remover.h index d474624..c34db65 100644 --- a/chrome/browser/browsing_data_remover.h +++ b/chrome/browser/browsing_data_remover.h @@ -72,14 +72,14 @@ class BrowsingDataRemover : public content::NotificationObserver, REMOVE_PLUGIN_DATA = 1 << 9, REMOVE_PASSWORDS = 1 << 10, REMOVE_WEBSQL = 1 << 11, - REMOVE_ORIGIN_BOUND_CERTS = 1 << 12, + REMOVE_SERVER_BOUND_CERTS = 1 << 12, // "Site data" includes cookies, appcache, file systems, indexedDBs, local // storage, webSQL, and plugin data. REMOVE_SITE_DATA = REMOVE_APPCACHE | REMOVE_COOKIES | REMOVE_FILE_SYSTEMS | REMOVE_INDEXEDDB | REMOVE_LOCAL_STORAGE | REMOVE_PLUGIN_DATA | REMOVE_WEBSQL | - REMOVE_ORIGIN_BOUND_CERTS + REMOVE_SERVER_BOUND_CERTS }; // When BrowsingDataRemover successfully removes data, a notification of type @@ -235,13 +235,13 @@ class BrowsingDataRemover : public content::NotificationObserver, // Invoked on the IO thread to delete cookies. void ClearCookiesOnIOThread(net::URLRequestContextGetter* rq_context); - // Invoked on the IO thread to delete origin bound certs. - void ClearOriginBoundCertsOnIOThread( + // Invoked on the IO thread to delete server bound certs. + void ClearServerBoundCertsOnIOThread( net::URLRequestContextGetter* rq_context); - // Callback when origin bound certs have been deleted. Invokes + // Callback when server bound certs have been deleted. Invokes // NotifyAndDeleteIfDone. - void OnClearedOriginBoundCerts(); + void OnClearedServerBoundCerts(); // Calculate the begin time for the deletion range specified by |time_period|. base::Time CalculateBeginDeleteTime(TimePeriod time_period); @@ -252,7 +252,7 @@ class BrowsingDataRemover : public content::NotificationObserver, !waiting_for_clear_cookies_count_&& !waiting_for_clear_history_ && !waiting_for_clear_networking_history_ && - !waiting_for_clear_origin_bound_certs_ && + !waiting_for_clear_server_bound_certs_ && !waiting_for_clear_plugin_data_ && !waiting_for_clear_quota_managed_data_; } @@ -300,7 +300,7 @@ class BrowsingDataRemover : public content::NotificationObserver, int waiting_for_clear_cookies_count_; bool waiting_for_clear_history_; bool waiting_for_clear_networking_history_; - bool waiting_for_clear_origin_bound_certs_; + bool waiting_for_clear_server_bound_certs_; bool waiting_for_clear_plugin_data_; bool waiting_for_clear_quota_managed_data_; diff --git a/chrome/browser/browsing_data_remover_unittest.cc b/chrome/browser/browsing_data_remover_unittest.cc index 65269cc..f9f6495 100644 --- a/chrome/browser/browsing_data_remover_unittest.cc +++ b/chrome/browser/browsing_data_remover_unittest.cc @@ -196,49 +196,49 @@ class RemoveSafeBrowsingCookieTester : public RemoveCookieTester { }; #endif -class RemoveOriginBoundCertTester : public BrowsingDataRemoverTester { +class RemoveServerBoundCertTester : public BrowsingDataRemoverTester { public: - explicit RemoveOriginBoundCertTester(TestingProfile* profile) { + explicit RemoveServerBoundCertTester(TestingProfile* profile) { profile->CreateRequestContext(); - ob_cert_service_ = profile->GetRequestContext()->GetURLRequestContext()-> - origin_bound_cert_service(); + server_bound_cert_service_ = profile->GetRequestContext()-> + GetURLRequestContext()->server_bound_cert_service(); } - int OriginBoundCertCount() { - return ob_cert_service_->cert_count(); + int ServerBoundCertCount() { + return server_bound_cert_service_->cert_count(); } - // Add an origin bound cert for |origin| with specific creation and expiry + // Add a server bound cert for |server| with specific creation and expiry // times. The cert and key data will be filled with dummy values. - void AddOriginBoundCertWithTimes(const std::string& origin, + void AddServerBoundCertWithTimes(const std::string& server_identifier, base::Time creation_time, base::Time expiration_time) { - GetCertStore()->SetOriginBoundCert(origin, net::CLIENT_CERT_RSA_SIGN, - creation_time, expiration_time, - "a", "b"); + GetCertStore()->SetServerBoundCert(server_identifier, + net::CLIENT_CERT_RSA_SIGN, creation_time, + expiration_time, "a", "b"); } - // Add an origin bound cert for |origin|, with the current time as the + // Add a server bound cert for |server|, with the current time as the // creation time. The cert and key data will be filled with dummy values. - void AddOriginBoundCert(const std::string& origin) { + void AddServerBoundCert(const std::string& server_identifier) { base::Time now = base::Time::Now(); - AddOriginBoundCertWithTimes(origin, + AddServerBoundCertWithTimes(server_identifier, now, now + base::TimeDelta::FromDays(1)); } - net::OriginBoundCertStore* GetCertStore() { - return ob_cert_service_->GetCertStore(); + net::ServerBoundCertStore* GetCertStore() { + return server_bound_cert_service_->GetCertStore(); } private: - net::OriginBoundCertService* ob_cert_service_; + net::ServerBoundCertService* server_bound_cert_service_; net::SSLClientCertType type_; std::string key_; std::string cert_; - DISALLOW_COPY_AND_ASSIGN(RemoveOriginBoundCertTester); + DISALLOW_COPY_AND_ASSIGN(RemoveServerBoundCertTester); }; class RemoveHistoryTester : public BrowsingDataRemoverTester { @@ -511,39 +511,39 @@ TEST_F(BrowsingDataRemoverTest, RemoveSafeBrowsingCookieLastHour) { } #endif -TEST_F(BrowsingDataRemoverTest, RemoveOriginBoundCertForever) { - scoped_ptr<RemoveOriginBoundCertTester> tester( - new RemoveOriginBoundCertTester(GetProfile())); +TEST_F(BrowsingDataRemoverTest, RemoveServerBoundCertForever) { + scoped_ptr<RemoveServerBoundCertTester> tester( + new RemoveServerBoundCertTester(GetProfile())); - tester->AddOriginBoundCert(kTestkOrigin1); - EXPECT_EQ(1, tester->OriginBoundCertCount()); + tester->AddServerBoundCert(kTestkOrigin1); + EXPECT_EQ(1, tester->ServerBoundCertCount()); BlockUntilBrowsingDataRemoved(BrowsingDataRemover::EVERYTHING, - BrowsingDataRemover::REMOVE_ORIGIN_BOUND_CERTS, tester.get()); + BrowsingDataRemover::REMOVE_SERVER_BOUND_CERTS, tester.get()); - EXPECT_EQ(BrowsingDataRemover::REMOVE_ORIGIN_BOUND_CERTS, GetRemovalMask()); - EXPECT_EQ(0, tester->OriginBoundCertCount()); + EXPECT_EQ(BrowsingDataRemover::REMOVE_SERVER_BOUND_CERTS, GetRemovalMask()); + EXPECT_EQ(0, tester->ServerBoundCertCount()); } -TEST_F(BrowsingDataRemoverTest, RemoveOriginBoundCertLastHour) { - scoped_ptr<RemoveOriginBoundCertTester> tester( - new RemoveOriginBoundCertTester(GetProfile())); +TEST_F(BrowsingDataRemoverTest, RemoveServerBoundCertLastHour) { + scoped_ptr<RemoveServerBoundCertTester> tester( + new RemoveServerBoundCertTester(GetProfile())); base::Time now = base::Time::Now(); - tester->AddOriginBoundCert(kTestkOrigin1); - tester->AddOriginBoundCertWithTimes(kTestkOrigin2, + tester->AddServerBoundCert(kTestkOrigin1); + tester->AddServerBoundCertWithTimes(kTestkOrigin2, now - base::TimeDelta::FromHours(2), now); - EXPECT_EQ(2, tester->OriginBoundCertCount()); + EXPECT_EQ(2, tester->ServerBoundCertCount()); BlockUntilBrowsingDataRemoved(BrowsingDataRemover::LAST_HOUR, - BrowsingDataRemover::REMOVE_ORIGIN_BOUND_CERTS, tester.get()); + BrowsingDataRemover::REMOVE_SERVER_BOUND_CERTS, tester.get()); - EXPECT_EQ(BrowsingDataRemover::REMOVE_ORIGIN_BOUND_CERTS, GetRemovalMask()); - EXPECT_EQ(1, tester->OriginBoundCertCount()); - std::vector<net::OriginBoundCertStore::OriginBoundCert> certs; - tester->GetCertStore()->GetAllOriginBoundCerts(&certs); - EXPECT_EQ(kTestkOrigin2, certs[0].origin()); + EXPECT_EQ(BrowsingDataRemover::REMOVE_SERVER_BOUND_CERTS, GetRemovalMask()); + EXPECT_EQ(1, tester->ServerBoundCertCount()); + std::vector<net::ServerBoundCertStore::ServerBoundCert> certs; + tester->GetCertStore()->GetAllServerBoundCerts(&certs); + EXPECT_EQ(kTestkOrigin2, certs[0].server_identifier()); } TEST_F(BrowsingDataRemoverTest, RemoveHistoryForever) { diff --git a/chrome/browser/extensions/api/browsing_data/browsing_data_api.cc b/chrome/browser/extensions/api/browsing_data/browsing_data_api.cc index 6dd4d7b..b3f47c3 100644 --- a/chrome/browser/extensions/api/browsing_data/browsing_data_api.cc +++ b/chrome/browser/extensions/api/browsing_data/browsing_data_api.cc @@ -34,7 +34,7 @@ const char kFormDataKey[] = "formData"; const char kHistoryKey[] = "history"; const char kIndexedDBKey[] = "indexedDB"; const char kLocalStorageKey[] = "localStorage"; -const char kOriginBoundCertsKey[] = "originBoundCerts"; +const char kServerBoundCertsKey[] = "serverBoundCerts"; const char kPasswordsKey[] = "passwords"; const char kPluginDataKey[] = "pluginData"; const char kWebSQLKey[] = "webSQL"; @@ -89,8 +89,8 @@ int ParseRemovalMask(base::DictionaryValue* value) { extension_browsing_data_api_constants::kLocalStorageKey)) GetRemovalMask |= BrowsingDataRemover::REMOVE_LOCAL_STORAGE; if (RemoveType(value, - extension_browsing_data_api_constants::kOriginBoundCertsKey)) - GetRemovalMask |= BrowsingDataRemover::REMOVE_ORIGIN_BOUND_CERTS; + extension_browsing_data_api_constants::kServerBoundCertsKey)) + GetRemovalMask |= BrowsingDataRemover::REMOVE_SERVER_BOUND_CERTS; if (RemoveType(value, extension_browsing_data_api_constants::kPasswordsKey)) GetRemovalMask |= BrowsingDataRemover::REMOVE_PASSWORDS; if (RemoveType(value, extension_browsing_data_api_constants::kPluginDataKey)) @@ -224,8 +224,8 @@ int RemoveLocalStorageFunction::GetRemovalMask() const { return BrowsingDataRemover::REMOVE_LOCAL_STORAGE; } -int RemoveOriginBoundCertsFunction::GetRemovalMask() const { - return BrowsingDataRemover::REMOVE_ORIGIN_BOUND_CERTS; +int RemoveServerBoundCertsFunction::GetRemovalMask() const { + return BrowsingDataRemover::REMOVE_SERVER_BOUND_CERTS; } int RemovePluginDataFunction::GetRemovalMask() const { diff --git a/chrome/browser/extensions/api/browsing_data/browsing_data_api.h b/chrome/browser/extensions/api/browsing_data/browsing_data_api.h index feaf1a7..eddc9a2 100644 --- a/chrome/browser/extensions/api/browsing_data/browsing_data_api.h +++ b/chrome/browser/extensions/api/browsing_data/browsing_data_api.h @@ -195,16 +195,16 @@ class RemoveLocalStorageFunction : public BrowsingDataExtensionFunction { DECLARE_EXTENSION_FUNCTION_NAME("browsingData.removeLocalStorage") }; -class RemoveOriginBoundCertsFunction : public BrowsingDataExtensionFunction { +class RemoveServerBoundCertsFunction : public BrowsingDataExtensionFunction { public: - RemoveOriginBoundCertsFunction() {} - virtual ~RemoveOriginBoundCertsFunction() {} + RemoveServerBoundCertsFunction() {} + virtual ~RemoveServerBoundCertsFunction() {} protected: // BrowsingDataTypeExtensionFunction interface method. virtual int GetRemovalMask() const OVERRIDE; - DECLARE_EXTENSION_FUNCTION_NAME("browsingData.removeOriginBoundCertificates") + DECLARE_EXTENSION_FUNCTION_NAME("browsingData.removeServerBoundCertificates") }; class RemovePluginDataFunction : public BrowsingDataExtensionFunction { diff --git a/chrome/browser/extensions/api/browsing_data/browsing_data_test.cc b/chrome/browser/extensions/api/browsing_data/browsing_data_test.cc index c33c438..cd1259d 100644 --- a/chrome/browser/extensions/api/browsing_data/browsing_data_test.cc +++ b/chrome/browser/extensions/api/browsing_data/browsing_data_test.cc @@ -28,7 +28,7 @@ const char kRemoveEverythingArguments[] = "[{\"since\": 1000}, {" "\"appcache\": true, \"cache\": true, \"cookies\": true, " "\"downloads\": true, \"fileSystems\": true, \"formData\": true, " "\"history\": true, \"indexedDB\": true, \"localStorage\": true, " - "\"originBoundCerts\": true, \"passwords\": true, \"pluginData\": true, " + "\"serverBoundCerts\": true, \"passwords\": true, \"pluginData\": true, " "\"webSQL\": true" "}]"; @@ -131,7 +131,7 @@ IN_PROC_BROWSER_TEST_F(ExtensionBrowsingDataTest, RemoveBrowsingDataMask) { RunRemoveBrowsingDataFunctionAndCompareMask( "localStorage", BrowsingDataRemover::REMOVE_LOCAL_STORAGE); RunRemoveBrowsingDataFunctionAndCompareMask( - "originBoundCerts", BrowsingDataRemover::REMOVE_ORIGIN_BOUND_CERTS); + "serverBoundCerts", BrowsingDataRemover::REMOVE_SERVER_BOUND_CERTS); RunRemoveBrowsingDataFunctionAndCompareMask( "passwords", BrowsingDataRemover::REMOVE_PASSWORDS); // We can't remove plugin data inside a test profile. diff --git a/chrome/browser/extensions/extension_function_registry.cc b/chrome/browser/extensions/extension_function_registry.cc index 99d525c..ffcbe04 100644 --- a/chrome/browser/extensions/extension_function_registry.cc +++ b/chrome/browser/extensions/extension_function_registry.cc @@ -141,7 +141,7 @@ void ExtensionFunctionRegistry::ResetFunctions() { RegisterFunction<RemoveHistoryFunction>(); RegisterFunction<RemoveIndexedDBFunction>(); RegisterFunction<RemoveLocalStorageFunction>(); - RegisterFunction<RemoveOriginBoundCertsFunction>(); + RegisterFunction<RemoveServerBoundCertsFunction>(); RegisterFunction<RemovePluginDataFunction>(); RegisterFunction<RemovePasswordsFunction>(); RegisterFunction<RemoveWebSQLFunction>(); diff --git a/chrome/browser/io_thread.cc b/chrome/browser/io_thread.cc index c4d0da5..9d5dd5f 100644 --- a/chrome/browser/io_thread.cc +++ b/chrome/browser/io_thread.cc @@ -212,8 +212,8 @@ ConstructProxyScriptFetcherContext(IOThread::Globals* globals, context->set_ftp_transaction_factory( globals->proxy_script_fetcher_ftp_transaction_factory.get()); context->set_cookie_store(globals->system_cookie_store.get()); - context->set_origin_bound_cert_service( - globals->system_origin_bound_cert_service.get()); + context->set_server_bound_cert_service( + globals->system_server_bound_cert_service.get()); context->set_network_delegate(globals->system_network_delegate.get()); // TODO(rtenneti): We should probably use HttpServerPropertiesManager for the // system URLRequestContext too. There's no reason this should be tied to a @@ -239,8 +239,8 @@ ConstructSystemRequestContext(IOThread::Globals* globals, context->set_ftp_transaction_factory( globals->system_ftp_transaction_factory.get()); context->set_cookie_store(globals->system_cookie_store.get()); - context->set_origin_bound_cert_service( - globals->system_origin_bound_cert_service.get()); + context->set_server_bound_cert_service( + globals->system_server_bound_cert_service.get()); return context; } @@ -404,15 +404,15 @@ void IOThread::Init() { net::ProxyService::CreateDirectWithNetLog(net_log_)); // In-memory cookie store. globals_->system_cookie_store = new net::CookieMonster(NULL, NULL); - // In-memory origin-bound cert store. - globals_->system_origin_bound_cert_service.reset( - new net::OriginBoundCertService( - new net::DefaultOriginBoundCertStore(NULL))); + // In-memory server bound cert store. + globals_->system_server_bound_cert_service.reset( + new net::ServerBoundCertService( + new net::DefaultServerBoundCertStore(NULL))); net::HttpNetworkSession::Params session_params; session_params.host_resolver = globals_->host_resolver.get(); session_params.cert_verifier = globals_->cert_verifier.get(); - session_params.origin_bound_cert_service = - globals_->system_origin_bound_cert_service.get(); + session_params.server_bound_cert_service = + globals_->system_server_bound_cert_service.get(); session_params.transport_security_state = globals_->transport_security_state.get(); session_params.proxy_service = @@ -586,8 +586,8 @@ void IOThread::InitSystemRequestContextOnIOThread() { net::HttpNetworkSession::Params system_params; system_params.host_resolver = globals_->host_resolver.get(); system_params.cert_verifier = globals_->cert_verifier.get(); - system_params.origin_bound_cert_service = - globals_->system_origin_bound_cert_service.get(); + system_params.server_bound_cert_service = + globals_->system_server_bound_cert_service.get(); system_params.transport_security_state = globals_->transport_security_state.get(); system_params.ssl_host_info_factory = NULL; diff --git a/chrome/browser/io_thread.h b/chrome/browser/io_thread.h index 3e3bbdd..d651faa 100644 --- a/chrome/browser/io_thread.h +++ b/chrome/browser/io_thread.h @@ -35,7 +35,7 @@ class HttpAuthHandlerFactory; class HttpServerProperties; class HttpTransactionFactory; class NetworkDelegate; -class OriginBoundCertService; +class ServerBoundCertService; class ProxyConfigService; class ProxyService; class SdchManager; @@ -93,10 +93,10 @@ class IOThread : public content::BrowserThreadDelegate { scoped_ptr<net::HttpTransactionFactory> system_http_transaction_factory; scoped_ptr<net::FtpTransactionFactory> system_ftp_transaction_factory; scoped_refptr<net::URLRequestContext> system_request_context; - // |system_cookie_store| and |system_origin_bound_cert_service| are shared + // |system_cookie_store| and |system_server_bound_cert_service| are shared // between |proxy_script_fetcher_context| and |system_request_context|. scoped_refptr<net::CookieStore> system_cookie_store; - scoped_ptr<net::OriginBoundCertService> system_origin_bound_cert_service; + scoped_ptr<net::ServerBoundCertService> system_server_bound_cert_service; scoped_refptr<ExtensionEventRouterForwarder> extension_event_router_forwarder; }; diff --git a/chrome/browser/net/sqlite_origin_bound_cert_store.cc b/chrome/browser/net/sqlite_origin_bound_cert_store.cc index 24e9f54..f5350e5 100644 --- a/chrome/browser/net/sqlite_origin_bound_cert_store.cc +++ b/chrome/browser/net/sqlite_origin_bound_cert_store.cc @@ -27,8 +27,8 @@ using content::BrowserThread; // This class is designed to be shared between any calling threads and the // database thread. It batches operations and commits them on a timer. -class SQLiteOriginBoundCertStore::Backend - : public base::RefCountedThreadSafe<SQLiteOriginBoundCertStore::Backend> { +class SQLiteServerBoundCertStore::Backend + : public base::RefCountedThreadSafe<SQLiteServerBoundCertStore::Backend> { public: explicit Backend(const FilePath& path) : path_(path), @@ -39,15 +39,15 @@ class SQLiteOriginBoundCertStore::Backend // Creates or load the SQLite database. bool Load( - std::vector<net::DefaultOriginBoundCertStore::OriginBoundCert*>* certs); + std::vector<net::DefaultServerBoundCertStore::ServerBoundCert*>* certs); - // Batch an origin bound cert addition. - void AddOriginBoundCert( - const net::DefaultOriginBoundCertStore::OriginBoundCert& cert); + // Batch a server bound cert addition. + void AddServerBoundCert( + const net::DefaultServerBoundCertStore::ServerBoundCert& cert); - // Batch an origin bound cert deletion. - void DeleteOriginBoundCert( - const net::DefaultOriginBoundCertStore::OriginBoundCert& cert); + // Batch a server bound cert deletion. + void DeleteServerBoundCert( + const net::DefaultServerBoundCertStore::ServerBoundCert& cert); // Commit pending operations as soon as possible. void Flush(const base::Closure& completion_task); @@ -59,7 +59,7 @@ class SQLiteOriginBoundCertStore::Backend void SetClearLocalStateOnExit(bool clear_local_state); private: - friend class base::RefCountedThreadSafe<SQLiteOriginBoundCertStore::Backend>; + friend class base::RefCountedThreadSafe<SQLiteServerBoundCertStore::Backend>; // You should call Close() before destructing this object. ~Backend() { @@ -79,24 +79,24 @@ class SQLiteOriginBoundCertStore::Backend PendingOperation( OperationType op, - const net::DefaultOriginBoundCertStore::OriginBoundCert& cert) + const net::DefaultServerBoundCertStore::ServerBoundCert& cert) : op_(op), cert_(cert) {} OperationType op() const { return op_; } - const net::DefaultOriginBoundCertStore::OriginBoundCert& cert() const { + const net::DefaultServerBoundCertStore::ServerBoundCert& cert() const { return cert_; } private: OperationType op_; - net::DefaultOriginBoundCertStore::OriginBoundCert cert_; + net::DefaultServerBoundCertStore::ServerBoundCert cert_; }; private: - // Batch an origin bound cert operation (add or delete) + // Batch a server bound cert operation (add or delete) void BatchOperation( PendingOperation::OperationType op, - const net::DefaultOriginBoundCertStore::OriginBoundCert& cert); + const net::DefaultServerBoundCertStore::ServerBoundCert& cert); // Commit our pending operations to the database. void Commit(); // Close() executed on the background thread. @@ -125,6 +125,9 @@ namespace { // Initializes the certs table, returning true on success. bool InitTable(sql::Connection* db) { + // The table is named "origin_bound_certs" for backwards compatability before + // we renamed this class to SQLiteServerBoundCertStore. Likewise, the primary + // key is "origin", but now can be other things like a plain domain. if (!db->DoesTableExist("origin_bound_certs")) { if (!db->Execute("CREATE TABLE origin_bound_certs (" "origin TEXT NOT NULL UNIQUE PRIMARY KEY," @@ -141,8 +144,8 @@ bool InitTable(sql::Connection* db) { } // namespace -bool SQLiteOriginBoundCertStore::Backend::Load( - std::vector<net::DefaultOriginBoundCertStore::OriginBoundCert*>* certs) { +bool SQLiteServerBoundCertStore::Backend::Load( + std::vector<net::DefaultServerBoundCertStore::ServerBoundCert*>* certs) { // This function should be called only once per instance. DCHECK(!db_.get()); @@ -185,8 +188,8 @@ bool SQLiteOriginBoundCertStore::Backend::Load( std::string private_key_from_db, cert_from_db; smt.ColumnBlobAsString(1, &private_key_from_db); smt.ColumnBlobAsString(2, &cert_from_db); - scoped_ptr<net::DefaultOriginBoundCertStore::OriginBoundCert> cert( - new net::DefaultOriginBoundCertStore::OriginBoundCert( + scoped_ptr<net::DefaultServerBoundCertStore::ServerBoundCert> cert( + new net::DefaultServerBoundCertStore::ServerBoundCert( smt.ColumnString(0), // origin static_cast<net::SSLClientCertType>(smt.ColumnInt(3)), base::Time::FromInternalValue(smt.ColumnInt64(5)), @@ -199,7 +202,7 @@ bool SQLiteOriginBoundCertStore::Backend::Load( return true; } -bool SQLiteOriginBoundCertStore::Backend::EnsureDatabaseVersion() { +bool SQLiteServerBoundCertStore::Backend::EnsureDatabaseVersion() { // Version check. if (!meta_table_.Init( db_.get(), kCurrentVersionNumber, kCompatibleVersionNumber)) { @@ -207,7 +210,7 @@ bool SQLiteOriginBoundCertStore::Backend::EnsureDatabaseVersion() { } if (meta_table_.GetCompatibleVersionNumber() > kCurrentVersionNumber) { - LOG(WARNING) << "Origin bound cert database is too new."; + LOG(WARNING) << "Server bound cert database is too new."; return false; } @@ -218,13 +221,13 @@ bool SQLiteOriginBoundCertStore::Backend::EnsureDatabaseVersion() { return false; if (!db_->Execute("ALTER TABLE origin_bound_certs ADD COLUMN cert_type " "INTEGER")) { - LOG(WARNING) << "Unable to update origin bound cert database to " + LOG(WARNING) << "Unable to update server bound cert database to " << "version 2."; return false; } // All certs in version 1 database are rsa_sign, which has a value of 1. if (!db_->Execute("UPDATE origin_bound_certs SET cert_type = 1")) { - LOG(WARNING) << "Unable to update origin bound cert database to " + LOG(WARNING) << "Unable to update server bound cert database to " << "version 2."; return false; } @@ -243,7 +246,7 @@ bool SQLiteOriginBoundCertStore::Backend::EnsureDatabaseVersion() { if (cur_version == 2) { if (!db_->Execute("ALTER TABLE origin_bound_certs ADD COLUMN " "expiration_time INTEGER")) { - LOG(WARNING) << "Unable to update origin bound cert database to " + LOG(WARNING) << "Unable to update server bound cert database to " << "version 4."; return false; } @@ -251,7 +254,7 @@ bool SQLiteOriginBoundCertStore::Backend::EnsureDatabaseVersion() { if (!db_->Execute("ALTER TABLE origin_bound_certs ADD COLUMN " "creation_time INTEGER")) { - LOG(WARNING) << "Unable to update origin bound cert database to " + LOG(WARNING) << "Unable to update server bound cert database to " << "version 4."; return false; } @@ -265,7 +268,7 @@ bool SQLiteOriginBoundCertStore::Backend::EnsureDatabaseVersion() { if (!smt.is_valid() || !update_expires_smt.is_valid() || !update_creation_smt.is_valid()) { - LOG(WARNING) << "Unable to update origin bound cert database to " + LOG(WARNING) << "Unable to update server bound cert database to " << "version 4."; return false; } @@ -285,7 +288,7 @@ bool SQLiteOriginBoundCertStore::Backend::EnsureDatabaseVersion() { cert->valid_expiry().ToInternalValue()); update_expires_smt.BindString(1, origin); if (!update_expires_smt.Run()) { - LOG(WARNING) << "Unable to update origin bound cert database to " + LOG(WARNING) << "Unable to update server bound cert database to " << "version 4."; return false; } @@ -295,7 +298,7 @@ bool SQLiteOriginBoundCertStore::Backend::EnsureDatabaseVersion() { update_creation_smt.BindInt64(0, cert->valid_start().ToInternalValue()); update_creation_smt.BindString(1, origin); if (!update_creation_smt.Run()) { - LOG(WARNING) << "Unable to update origin bound cert database to " + LOG(WARNING) << "Unable to update server bound cert database to " << "version 4."; return false; } @@ -319,25 +322,25 @@ bool SQLiteOriginBoundCertStore::Backend::EnsureDatabaseVersion() { // When the version is too old, we just try to continue anyway, there should // not be a released product that makes a database too old for us to handle. LOG_IF(WARNING, cur_version < kCurrentVersionNumber) << - "Origin bound cert database version " << cur_version << + "Server bound cert database version " << cur_version << " is too old to handle."; return true; } -void SQLiteOriginBoundCertStore::Backend::AddOriginBoundCert( - const net::DefaultOriginBoundCertStore::OriginBoundCert& cert) { +void SQLiteServerBoundCertStore::Backend::AddServerBoundCert( + const net::DefaultServerBoundCertStore::ServerBoundCert& cert) { BatchOperation(PendingOperation::CERT_ADD, cert); } -void SQLiteOriginBoundCertStore::Backend::DeleteOriginBoundCert( - const net::DefaultOriginBoundCertStore::OriginBoundCert& cert) { +void SQLiteServerBoundCertStore::Backend::DeleteServerBoundCert( + const net::DefaultServerBoundCertStore::ServerBoundCert& cert) { BatchOperation(PendingOperation::CERT_DELETE, cert); } -void SQLiteOriginBoundCertStore::Backend::BatchOperation( +void SQLiteServerBoundCertStore::Backend::BatchOperation( PendingOperation::OperationType op, - const net::DefaultOriginBoundCertStore::OriginBoundCert& cert) { + const net::DefaultServerBoundCertStore::ServerBoundCert& cert) { // Commit every 30 seconds. static const int kCommitIntervalMs = 30 * 1000; // Commit right away if we have more than 512 outstanding operations. @@ -368,7 +371,7 @@ void SQLiteOriginBoundCertStore::Backend::BatchOperation( } } -void SQLiteOriginBoundCertStore::Backend::Commit() { +void SQLiteServerBoundCertStore::Backend::Commit() { DCHECK(BrowserThread::CurrentlyOn(BrowserThread::DB)); PendingOperationsList ops; @@ -404,7 +407,7 @@ void SQLiteOriginBoundCertStore::Backend::Commit() { switch (po->op()) { case PendingOperation::CERT_ADD: { add_smt.Reset(); - add_smt.BindString(0, po->cert().origin()); + add_smt.BindString(0, po->cert().server_identifier()); const std::string& private_key = po->cert().private_key(); add_smt.BindBlob(1, private_key.data(), private_key.size()); const std::string& cert = po->cert().cert(); @@ -413,14 +416,14 @@ void SQLiteOriginBoundCertStore::Backend::Commit() { add_smt.BindInt64(4, po->cert().expiration_time().ToInternalValue()); add_smt.BindInt64(5, po->cert().creation_time().ToInternalValue()); if (!add_smt.Run()) - NOTREACHED() << "Could not add an origin bound cert to the DB."; + NOTREACHED() << "Could not add a server bound cert to the DB."; break; } case PendingOperation::CERT_DELETE: del_smt.Reset(); - del_smt.BindString(0, po->cert().origin()); + del_smt.BindString(0, po->cert().server_identifier()); if (!del_smt.Run()) - NOTREACHED() << "Could not delete an origin bound cert from the DB."; + NOTREACHED() << "Could not delete a server bound cert from the DB."; break; default: @@ -431,7 +434,7 @@ void SQLiteOriginBoundCertStore::Backend::Commit() { transaction.Commit(); } -void SQLiteOriginBoundCertStore::Backend::Flush( +void SQLiteServerBoundCertStore::Backend::Flush( const base::Closure& completion_task) { DCHECK(!BrowserThread::CurrentlyOn(BrowserThread::DB)); BrowserThread::PostTask( @@ -447,7 +450,7 @@ void SQLiteOriginBoundCertStore::Backend::Flush( // Fire off a close message to the background thread. We could still have a // pending commit timer that will be holding a reference on us, but if/when // this fires we will already have been cleaned up and it will be ignored. -void SQLiteOriginBoundCertStore::Backend::Close() { +void SQLiteServerBoundCertStore::Backend::Close() { DCHECK(!BrowserThread::CurrentlyOn(BrowserThread::DB)); // Must close the backend on the background thread. BrowserThread::PostTask( @@ -455,7 +458,7 @@ void SQLiteOriginBoundCertStore::Backend::Close() { base::Bind(&Backend::InternalBackgroundClose, this)); } -void SQLiteOriginBoundCertStore::Backend::InternalBackgroundClose() { +void SQLiteServerBoundCertStore::Backend::InternalBackgroundClose() { DCHECK(BrowserThread::CurrentlyOn(BrowserThread::DB)); // Commit any pending operations Commit(); @@ -466,17 +469,17 @@ void SQLiteOriginBoundCertStore::Backend::InternalBackgroundClose() { file_util::Delete(path_, false); } -void SQLiteOriginBoundCertStore::Backend::SetClearLocalStateOnExit( +void SQLiteServerBoundCertStore::Backend::SetClearLocalStateOnExit( bool clear_local_state) { base::AutoLock locked(lock_); clear_local_state_on_exit_ = clear_local_state; } -SQLiteOriginBoundCertStore::SQLiteOriginBoundCertStore(const FilePath& path) +SQLiteServerBoundCertStore::SQLiteServerBoundCertStore(const FilePath& path) : backend_(new Backend(path)) { } -SQLiteOriginBoundCertStore::~SQLiteOriginBoundCertStore() { +SQLiteServerBoundCertStore::~SQLiteServerBoundCertStore() { if (backend_.get()) { backend_->Close(); // Release our reference, it will probably still have a reference if the @@ -485,30 +488,30 @@ SQLiteOriginBoundCertStore::~SQLiteOriginBoundCertStore() { } } -bool SQLiteOriginBoundCertStore::Load( - std::vector<net::DefaultOriginBoundCertStore::OriginBoundCert*>* certs) { +bool SQLiteServerBoundCertStore::Load( + std::vector<net::DefaultServerBoundCertStore::ServerBoundCert*>* certs) { return backend_->Load(certs); } -void SQLiteOriginBoundCertStore::AddOriginBoundCert( - const net::DefaultOriginBoundCertStore::OriginBoundCert& cert) { +void SQLiteServerBoundCertStore::AddServerBoundCert( + const net::DefaultServerBoundCertStore::ServerBoundCert& cert) { if (backend_.get()) - backend_->AddOriginBoundCert(cert); + backend_->AddServerBoundCert(cert); } -void SQLiteOriginBoundCertStore::DeleteOriginBoundCert( - const net::DefaultOriginBoundCertStore::OriginBoundCert& cert) { +void SQLiteServerBoundCertStore::DeleteServerBoundCert( + const net::DefaultServerBoundCertStore::ServerBoundCert& cert) { if (backend_.get()) - backend_->DeleteOriginBoundCert(cert); + backend_->DeleteServerBoundCert(cert); } -void SQLiteOriginBoundCertStore::SetClearLocalStateOnExit( +void SQLiteServerBoundCertStore::SetClearLocalStateOnExit( bool clear_local_state) { if (backend_.get()) backend_->SetClearLocalStateOnExit(clear_local_state); } -void SQLiteOriginBoundCertStore::Flush(const base::Closure& completion_task) { +void SQLiteServerBoundCertStore::Flush(const base::Closure& completion_task) { if (backend_.get()) backend_->Flush(completion_task); else if (!completion_task.is_null()) diff --git a/chrome/browser/net/sqlite_origin_bound_cert_store.h b/chrome/browser/net/sqlite_origin_bound_cert_store.h index 8ade51e..b013462 100644 --- a/chrome/browser/net/sqlite_origin_bound_cert_store.h +++ b/chrome/browser/net/sqlite_origin_bound_cert_store.h @@ -1,4 +1,4 @@ -// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Copyright (c) 2012 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -13,24 +13,24 @@ class FilePath; -// Implements the net::DefaultOriginBoundCertStore::PersistentStore interface +// Implements the net::DefaultServerBoundCertStore::PersistentStore interface // in terms of a SQLite database. For documentation about the actual member // functions consult the documentation of the parent class -// |net::DefaultOriginBoundCertStore::PersistentCertStore|. -class SQLiteOriginBoundCertStore - : public net::DefaultOriginBoundCertStore::PersistentStore { +// |net::DefaultServerBoundCertStore::PersistentCertStore|. +class SQLiteServerBoundCertStore + : public net::DefaultServerBoundCertStore::PersistentStore { public: - explicit SQLiteOriginBoundCertStore(const FilePath& path); - virtual ~SQLiteOriginBoundCertStore(); + explicit SQLiteServerBoundCertStore(const FilePath& path); + virtual ~SQLiteServerBoundCertStore(); - // net::DefaultOriginBoundCertStore::PersistentStore implementation. + // net::DefaultServerBoundCertStore::PersistentStore implementation. virtual bool Load( - std::vector<net::DefaultOriginBoundCertStore::OriginBoundCert*>* certs) + std::vector<net::DefaultServerBoundCertStore::ServerBoundCert*>* certs) OVERRIDE; - virtual void AddOriginBoundCert( - const net::DefaultOriginBoundCertStore::OriginBoundCert& cert) OVERRIDE; - virtual void DeleteOriginBoundCert( - const net::DefaultOriginBoundCertStore::OriginBoundCert& cert) OVERRIDE; + virtual void AddServerBoundCert( + const net::DefaultServerBoundCertStore::ServerBoundCert& cert) OVERRIDE; + virtual void DeleteServerBoundCert( + const net::DefaultServerBoundCertStore::ServerBoundCert& cert) OVERRIDE; virtual void SetClearLocalStateOnExit(bool clear_local_state) OVERRIDE; virtual void Flush(const base::Closure& completion_task) OVERRIDE; @@ -39,7 +39,7 @@ class SQLiteOriginBoundCertStore scoped_refptr<Backend> backend_; - DISALLOW_COPY_AND_ASSIGN(SQLiteOriginBoundCertStore); + DISALLOW_COPY_AND_ASSIGN(SQLiteServerBoundCertStore); }; #endif // CHROME_BROWSER_NET_SQLITE_ORIGIN_BOUND_CERT_STORE_H_ diff --git a/chrome/browser/net/sqlite_origin_bound_cert_store_unittest.cc b/chrome/browser/net/sqlite_origin_bound_cert_store_unittest.cc index 208bef1..7391c55 100644 --- a/chrome/browser/net/sqlite_origin_bound_cert_store_unittest.cc +++ b/chrome/browser/net/sqlite_origin_bound_cert_store_unittest.cc @@ -19,9 +19,9 @@ using content::BrowserThread; -class SQLiteOriginBoundCertStoreTest : public testing::Test { +class SQLiteServerBoundCertStoreTest : public testing::Test { public: - SQLiteOriginBoundCertStoreTest() + SQLiteServerBoundCertStoreTest() : db_thread_(BrowserThread::DB) { } @@ -60,15 +60,15 @@ class SQLiteOriginBoundCertStoreTest : public testing::Test { virtual void SetUp() { db_thread_.Start(); ASSERT_TRUE(temp_dir_.CreateUniqueTempDir()); - store_ = new SQLiteOriginBoundCertStore( + store_ = new SQLiteServerBoundCertStore( temp_dir_.path().Append(chrome::kOBCertFilename)); - ScopedVector<net::DefaultOriginBoundCertStore::OriginBoundCert> certs; + ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; ASSERT_TRUE(store_->Load(&certs.get())); ASSERT_EQ(0u, certs.size()); // Make sure the store gets written at least once. - store_->AddOriginBoundCert( - net::DefaultOriginBoundCertStore::OriginBoundCert( - "https://encrypted.google.com:8443", + store_->AddServerBoundCert( + net::DefaultServerBoundCertStore::ServerBoundCert( + "google.com", net::CLIENT_CERT_RSA_SIGN, base::Time::FromInternalValue(1), base::Time::FromInternalValue(2), @@ -77,10 +77,10 @@ class SQLiteOriginBoundCertStoreTest : public testing::Test { content::TestBrowserThread db_thread_; ScopedTempDir temp_dir_; - scoped_refptr<SQLiteOriginBoundCertStore> store_; + scoped_refptr<SQLiteServerBoundCertStore> store_; }; -TEST_F(SQLiteOriginBoundCertStoreTest, KeepOnDestruction) { +TEST_F(SQLiteServerBoundCertStoreTest, KeepOnDestruction) { store_->SetClearLocalStateOnExit(false); store_ = NULL; // Make sure we wait until the destructor has run. @@ -95,7 +95,7 @@ TEST_F(SQLiteOriginBoundCertStoreTest, KeepOnDestruction) { temp_dir_.path().Append(chrome::kOBCertFilename), false)); } -TEST_F(SQLiteOriginBoundCertStoreTest, RemoveOnDestruction) { +TEST_F(SQLiteServerBoundCertStoreTest, RemoveOnDestruction) { store_->SetClearLocalStateOnExit(true); // Replace the store effectively destroying the current one and forcing it // to write it's data to disk. Then we can see if after loading it again it @@ -112,16 +112,16 @@ TEST_F(SQLiteOriginBoundCertStoreTest, RemoveOnDestruction) { } // Test if data is stored as expected in the SQLite database. -TEST_F(SQLiteOriginBoundCertStoreTest, TestPersistence) { - store_->AddOriginBoundCert( - net::DefaultOriginBoundCertStore::OriginBoundCert( - "https://www.google.com/", +TEST_F(SQLiteServerBoundCertStoreTest, TestPersistence) { + store_->AddServerBoundCert( + net::DefaultServerBoundCertStore::ServerBoundCert( + "foo.com", net::CLIENT_CERT_ECDSA_SIGN, base::Time::FromInternalValue(3), base::Time::FromInternalValue(4), "c", "d")); - ScopedVector<net::DefaultOriginBoundCertStore::OriginBoundCert> certs; + ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; // Replace the store effectively destroying the current one and forcing it // to write it's data to disk. Then we can see if after loading it again it // is still there. @@ -131,14 +131,14 @@ TEST_F(SQLiteOriginBoundCertStoreTest, TestPersistence) { BrowserThread::GetMessageLoopProxyForThread(BrowserThread::DB))); // Make sure we wait until the destructor has run. ASSERT_TRUE(helper->Run()); - store_ = new SQLiteOriginBoundCertStore( + store_ = new SQLiteServerBoundCertStore( temp_dir_.path().Append(chrome::kOBCertFilename)); // Reload and test for persistence ASSERT_TRUE(store_->Load(&certs.get())); ASSERT_EQ(2U, certs.size()); - net::DefaultOriginBoundCertStore::OriginBoundCert* ec_cert; - net::DefaultOriginBoundCertStore::OriginBoundCert* rsa_cert; + net::DefaultServerBoundCertStore::ServerBoundCert* ec_cert; + net::DefaultServerBoundCertStore::ServerBoundCert* rsa_cert; if (net::CLIENT_CERT_RSA_SIGN == certs[0]->type()) { rsa_cert = certs[0]; ec_cert = certs[1]; @@ -146,13 +146,13 @@ TEST_F(SQLiteOriginBoundCertStoreTest, TestPersistence) { rsa_cert = certs[1]; ec_cert = certs[0]; } - ASSERT_STREQ("https://encrypted.google.com:8443", rsa_cert->origin().c_str()); + ASSERT_STREQ("google.com", rsa_cert->server_identifier().c_str()); ASSERT_EQ(net::CLIENT_CERT_RSA_SIGN, rsa_cert->type()); ASSERT_STREQ("a", rsa_cert->private_key().c_str()); ASSERT_STREQ("b", rsa_cert->cert().c_str()); ASSERT_EQ(1, rsa_cert->creation_time().ToInternalValue()); ASSERT_EQ(2, rsa_cert->expiration_time().ToInternalValue()); - ASSERT_STREQ("https://www.google.com/", ec_cert->origin().c_str()); + ASSERT_STREQ("foo.com", ec_cert->server_identifier().c_str()); ASSERT_EQ(net::CLIENT_CERT_ECDSA_SIGN, ec_cert->type()); ASSERT_STREQ("c", ec_cert->private_key().c_str()); ASSERT_STREQ("d", ec_cert->cert().c_str()); @@ -160,13 +160,13 @@ TEST_F(SQLiteOriginBoundCertStoreTest, TestPersistence) { ASSERT_EQ(4, ec_cert->expiration_time().ToInternalValue()); // Now delete the cert and check persistence again. - store_->DeleteOriginBoundCert(*certs[0]); - store_->DeleteOriginBoundCert(*certs[1]); + store_->DeleteServerBoundCert(*certs[0]); + store_->DeleteServerBoundCert(*certs[1]); store_ = NULL; // Make sure we wait until the destructor has run. ASSERT_TRUE(helper->Run()); certs.reset(); - store_ = new SQLiteOriginBoundCertStore( + store_ = new SQLiteServerBoundCertStore( temp_dir_.path().Append(chrome::kOBCertFilename)); // Reload and check if the cert has been removed. @@ -174,7 +174,7 @@ TEST_F(SQLiteOriginBoundCertStoreTest, TestPersistence) { ASSERT_EQ(0U, certs.size()); } -TEST_F(SQLiteOriginBoundCertStoreTest, TestUpgradeV1) { +TEST_F(SQLiteServerBoundCertStoreTest, TestUpgradeV1) { // Reset the store. We'll be using a different database for this test. store_ = NULL; @@ -200,14 +200,14 @@ TEST_F(SQLiteOriginBoundCertStoreTest, TestUpgradeV1) { sql::Statement add_smt(db.GetUniqueStatement( "INSERT INTO origin_bound_certs (origin, private_key, cert) " "VALUES (?,?,?)")); - add_smt.BindString(0, "https://www.google.com:443"); + add_smt.BindString(0, "google.com"); add_smt.BindBlob(1, key_data.data(), key_data.size()); add_smt.BindBlob(2, cert_data.data(), cert_data.size()); ASSERT_TRUE(add_smt.Run()); ASSERT_TRUE(db.Execute( "INSERT INTO \"origin_bound_certs\" VALUES(" - "'https://foo.com',X'AA',X'BB');" + "'foo.com',X'AA',X'BB');" )); } @@ -217,21 +217,21 @@ TEST_F(SQLiteOriginBoundCertStoreTest, TestUpgradeV1) { for (int i = 0; i < 2; ++i) { SCOPED_TRACE(i); - ScopedVector<net::DefaultOriginBoundCertStore::OriginBoundCert> certs; - store_ = new SQLiteOriginBoundCertStore(v1_db_path); + ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; + store_ = new SQLiteServerBoundCertStore(v1_db_path); // Load the database and ensure the certs can be read and are marked as RSA. ASSERT_TRUE(store_->Load(&certs.get())); ASSERT_EQ(2U, certs.size()); - ASSERT_STREQ("https://www.google.com:443", certs[0]->origin().c_str()); + ASSERT_STREQ("google.com", certs[0]->server_identifier().c_str()); ASSERT_EQ(net::CLIENT_CERT_RSA_SIGN, certs[0]->type()); ASSERT_EQ(GetTestCertExpirationTime(), certs[0]->expiration_time()); ASSERT_EQ(key_data, certs[0]->private_key()); ASSERT_EQ(cert_data, certs[0]->cert()); - ASSERT_STREQ("https://foo.com", certs[1]->origin().c_str()); + ASSERT_STREQ("foo.com", certs[1]->server_identifier().c_str()); ASSERT_EQ(net::CLIENT_CERT_RSA_SIGN, certs[1]->type()); // Undecodable cert, expiration time will be uninitialized. ASSERT_EQ(base::Time(), certs[1]->expiration_time()); @@ -258,7 +258,7 @@ TEST_F(SQLiteOriginBoundCertStoreTest, TestUpgradeV1) { } } -TEST_F(SQLiteOriginBoundCertStoreTest, TestUpgradeV2) { +TEST_F(SQLiteServerBoundCertStoreTest, TestUpgradeV2) { // Reset the store. We'll be using a different database for this test. store_ = NULL; @@ -287,7 +287,7 @@ TEST_F(SQLiteOriginBoundCertStoreTest, TestUpgradeV2) { sql::Statement add_smt(db.GetUniqueStatement( "INSERT INTO origin_bound_certs (origin, private_key, cert, cert_type) " "VALUES (?,?,?,?)")); - add_smt.BindString(0, "https://www.google.com:443"); + add_smt.BindString(0, "google.com"); add_smt.BindBlob(1, key_data.data(), key_data.size()); add_smt.BindBlob(2, cert_data.data(), cert_data.size()); add_smt.BindInt64(3, 1); @@ -295,7 +295,7 @@ TEST_F(SQLiteOriginBoundCertStoreTest, TestUpgradeV2) { ASSERT_TRUE(db.Execute( "INSERT INTO \"origin_bound_certs\" VALUES(" - "'https://foo.com',X'AA',X'BB',64);" + "'foo.com',X'AA',X'BB',64);" )); } @@ -305,21 +305,21 @@ TEST_F(SQLiteOriginBoundCertStoreTest, TestUpgradeV2) { for (int i = 0; i < 2; ++i) { SCOPED_TRACE(i); - ScopedVector<net::DefaultOriginBoundCertStore::OriginBoundCert> certs; - store_ = new SQLiteOriginBoundCertStore(v2_db_path); + ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; + store_ = new SQLiteServerBoundCertStore(v2_db_path); // Load the database and ensure the certs can be read and are marked as RSA. ASSERT_TRUE(store_->Load(&certs.get())); ASSERT_EQ(2U, certs.size()); - ASSERT_STREQ("https://www.google.com:443", certs[0]->origin().c_str()); + ASSERT_STREQ("google.com", certs[0]->server_identifier().c_str()); ASSERT_EQ(net::CLIENT_CERT_RSA_SIGN, certs[0]->type()); ASSERT_EQ(GetTestCertExpirationTime(), certs[0]->expiration_time()); ASSERT_EQ(key_data, certs[0]->private_key()); ASSERT_EQ(cert_data, certs[0]->cert()); - ASSERT_STREQ("https://foo.com", certs[1]->origin().c_str()); + ASSERT_STREQ("foo.com", certs[1]->server_identifier().c_str()); ASSERT_EQ(net::CLIENT_CERT_ECDSA_SIGN, certs[1]->type()); // Undecodable cert, expiration time will be uninitialized. ASSERT_EQ(base::Time(), certs[1]->expiration_time()); @@ -346,7 +346,7 @@ TEST_F(SQLiteOriginBoundCertStoreTest, TestUpgradeV2) { } } -TEST_F(SQLiteOriginBoundCertStoreTest, TestUpgradeV3) { +TEST_F(SQLiteServerBoundCertStoreTest, TestUpgradeV3) { // Reset the store. We'll be using a different database for this test. store_ = NULL; @@ -376,7 +376,7 @@ TEST_F(SQLiteOriginBoundCertStoreTest, TestUpgradeV3) { sql::Statement add_smt(db.GetUniqueStatement( "INSERT INTO origin_bound_certs (origin, private_key, cert, cert_type, " "expiration_time) VALUES (?,?,?,?,?)")); - add_smt.BindString(0, "https://www.google.com:443"); + add_smt.BindString(0, "google.com"); add_smt.BindBlob(1, key_data.data(), key_data.size()); add_smt.BindBlob(2, cert_data.data(), cert_data.size()); add_smt.BindInt64(3, 1); @@ -385,7 +385,7 @@ TEST_F(SQLiteOriginBoundCertStoreTest, TestUpgradeV3) { ASSERT_TRUE(db.Execute( "INSERT INTO \"origin_bound_certs\" VALUES(" - "'https://foo.com',X'AA',X'BB',64,2000);" + "'foo.com',X'AA',X'BB',64,2000);" )); } @@ -395,14 +395,14 @@ TEST_F(SQLiteOriginBoundCertStoreTest, TestUpgradeV3) { for (int i = 0; i < 2; ++i) { SCOPED_TRACE(i); - ScopedVector<net::DefaultOriginBoundCertStore::OriginBoundCert> certs; - store_ = new SQLiteOriginBoundCertStore(v3_db_path); + ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; + store_ = new SQLiteServerBoundCertStore(v3_db_path); // Load the database and ensure the certs can be read and are marked as RSA. ASSERT_TRUE(store_->Load(&certs.get())); ASSERT_EQ(2U, certs.size()); - ASSERT_STREQ("https://www.google.com:443", certs[0]->origin().c_str()); + ASSERT_STREQ("google.com", certs[0]->server_identifier().c_str()); ASSERT_EQ(net::CLIENT_CERT_RSA_SIGN, certs[0]->type()); ASSERT_EQ(1000, certs[0]->expiration_time().ToInternalValue()); ASSERT_EQ(GetTestCertCreationTime(), @@ -410,7 +410,7 @@ TEST_F(SQLiteOriginBoundCertStoreTest, TestUpgradeV3) { ASSERT_EQ(key_data, certs[0]->private_key()); ASSERT_EQ(cert_data, certs[0]->cert()); - ASSERT_STREQ("https://foo.com", certs[1]->origin().c_str()); + ASSERT_STREQ("foo.com", certs[1]->server_identifier().c_str()); ASSERT_EQ(net::CLIENT_CERT_ECDSA_SIGN, certs[1]->type()); ASSERT_EQ(2000, certs[1]->expiration_time().ToInternalValue()); // Undecodable cert, creation time will be uninitialized. @@ -439,7 +439,7 @@ TEST_F(SQLiteOriginBoundCertStoreTest, TestUpgradeV3) { } // Test that we can force the database to be written by calling Flush(). -TEST_F(SQLiteOriginBoundCertStoreTest, TestFlush) { +TEST_F(SQLiteServerBoundCertStoreTest, TestFlush) { // File timestamps don't work well on all platforms, so we'll determine // whether the DB file has been modified by checking its size. FilePath path = temp_dir_.path().Append(chrome::kOBCertFilename); @@ -449,12 +449,12 @@ TEST_F(SQLiteOriginBoundCertStoreTest, TestFlush) { // Write some certs, so the DB will have to expand by several KB. for (char c = 'a'; c < 'z'; ++c) { - std::string origin(1, c); + std::string server_identifier(1, c); std::string private_key(1000, c); std::string cert(1000, c); - store_->AddOriginBoundCert( - net::DefaultOriginBoundCertStore::OriginBoundCert( - origin, + store_->AddServerBoundCert( + net::DefaultServerBoundCertStore::ServerBoundCert( + server_identifier, net::CLIENT_CERT_RSA_SIGN, base::Time(), base::Time(), @@ -493,7 +493,7 @@ class CallbackCounter : public base::RefCountedThreadSafe<CallbackCounter> { }; // Test that we can get a completion callback after a Flush(). -TEST_F(SQLiteOriginBoundCertStoreTest, TestFlushCompletionCallback) { +TEST_F(SQLiteServerBoundCertStoreTest, TestFlushCompletionCallback) { scoped_refptr<CallbackCounter> counter(new CallbackCounter()); // Callback shouldn't be invoked until we call Flush(). diff --git a/chrome/browser/net/ssl_config_service_manager_pref.cc b/chrome/browser/net/ssl_config_service_manager_pref.cc index 883d7cb..7386d49 100644 --- a/chrome/browser/net/ssl_config_service_manager_pref.cc +++ b/chrome/browser/net/ssl_config_service_manager_pref.cc @@ -139,7 +139,7 @@ class SSLConfigServiceManagerPref BooleanPrefMember rev_checking_enabled_; BooleanPrefMember ssl3_enabled_; BooleanPrefMember tls1_enabled_; - BooleanPrefMember origin_bound_certs_enabled_; + BooleanPrefMember domain_bound_certs_enabled_; BooleanPrefMember ssl_record_splitting_disabled_; // The cached list of disabled SSL cipher suites. @@ -159,7 +159,7 @@ SSLConfigServiceManagerPref::SSLConfigServiceManagerPref( local_state, this); ssl3_enabled_.Init(prefs::kSSL3Enabled, local_state, this); tls1_enabled_.Init(prefs::kTLS1Enabled, local_state, this); - origin_bound_certs_enabled_.Init(prefs::kEnableOriginBoundCerts, + domain_bound_certs_enabled_.Init(prefs::kEnableOriginBoundCerts, local_state, this); ssl_record_splitting_disabled_.Init(prefs::kDisableSSLRecordSplitting, local_state, this); @@ -182,7 +182,7 @@ void SSLConfigServiceManagerPref::RegisterPrefs(PrefService* prefs) { prefs->RegisterBooleanPref(prefs::kTLS1Enabled, default_config.tls1_enabled); prefs->RegisterBooleanPref(prefs::kEnableOriginBoundCerts, - default_config.origin_bound_certs_enabled); + default_config.domain_bound_certs_enabled); prefs->RegisterBooleanPref(prefs::kDisableSSLRecordSplitting, !default_config.false_start_enabled); prefs->RegisterListPref(prefs::kCipherSuiteBlacklist); @@ -230,7 +230,7 @@ void SSLConfigServiceManagerPref::GetSSLConfigFromPrefs( config->ssl3_enabled = ssl3_enabled_.GetValue(); config->tls1_enabled = tls1_enabled_.GetValue(); config->disabled_cipher_suites = disabled_cipher_suites_; - config->origin_bound_certs_enabled = origin_bound_certs_enabled_.GetValue(); + config->domain_bound_certs_enabled = domain_bound_certs_enabled_.GetValue(); // disabling False Start also happens to disable record splitting. config->false_start_enabled = !ssl_record_splitting_disabled_.GetValue(); SSLConfigServicePref::SetSSLConfigFlags(config); diff --git a/chrome/browser/profiles/off_the_record_profile_io_data.cc b/chrome/browser/profiles/off_the_record_profile_io_data.cc index c21cb73..8950182 100644 --- a/chrome/browser/profiles/off_the_record_profile_io_data.cc +++ b/chrome/browser/profiles/off_the_record_profile_io_data.cc @@ -194,12 +194,12 @@ void OffTheRecordProfileIOData::LazyInitializeInternal( http_server_properties_.reset(new net::HttpServerPropertiesImpl); main_context->set_http_server_properties(http_server_properties_.get()); - // For incognito, we use a non-persistent origin bound cert store. - net::OriginBoundCertService* origin_bound_cert_service = - new net::OriginBoundCertService( - new net::DefaultOriginBoundCertStore(NULL)); - set_origin_bound_cert_service(origin_bound_cert_service); - main_context->set_origin_bound_cert_service(origin_bound_cert_service); + // For incognito, we use a non-persistent server bound cert store. + net::ServerBoundCertService* server_bound_cert_service = + new net::ServerBoundCertService( + new net::DefaultServerBoundCertStore(NULL)); + set_server_bound_cert_service(server_bound_cert_service); + main_context->set_server_bound_cert_service(server_bound_cert_service); main_context->set_cookie_store( new net::CookieMonster(NULL, profile_params->cookie_monster_delegate)); @@ -219,7 +219,7 @@ void OffTheRecordProfileIOData::LazyInitializeInternal( net::HttpCache* cache = new net::HttpCache(main_context->host_resolver(), main_context->cert_verifier(), - main_context->origin_bound_cert_service(), + main_context->server_bound_cert_service(), main_context->transport_security_state(), main_context->proxy_service(), GetSSLSessionCacheShard(), diff --git a/chrome/browser/profiles/profile_impl.cc b/chrome/browser/profiles/profile_impl.cc index 980264d..1a9e0a6 100644 --- a/chrome/browser/profiles/profile_impl.cc +++ b/chrome/browser/profiles/profile_impl.cc @@ -357,9 +357,9 @@ void ProfileImpl::DoFinalInit(bool is_new_profile) { FilePath cookie_path = GetPath(); cookie_path = cookie_path.Append(chrome::kCookieFilename); - FilePath origin_bound_cert_path = GetPath(); - origin_bound_cert_path = - origin_bound_cert_path.Append(chrome::kOBCertFilename); + FilePath server_bound_cert_path = GetPath(); + server_bound_cert_path = + server_bound_cert_path.Append(chrome::kOBCertFilename); FilePath cache_path = base_cache_path_; int cache_max_size; GetCacheParameters(false, &cache_path, &cache_max_size); @@ -389,7 +389,7 @@ void ProfileImpl::DoFinalInit(bool is_new_profile) { // Make sure we initialize the ProfileIOData after everything else has been // initialized that we might be reading from the IO thread. - io_data_.Init(cookie_path, origin_bound_cert_path, cache_path, + io_data_.Init(cookie_path, server_bound_cert_path, cache_path, cache_max_size, media_cache_path, media_cache_max_size, extensions_cookie_path, app_path, predictor_, g_browser_process->local_state(), diff --git a/chrome/browser/profiles/profile_impl_io_data.cc b/chrome/browser/profiles/profile_impl_io_data.cc index d16a193..9385308 100644 --- a/chrome/browser/profiles/profile_impl_io_data.cc +++ b/chrome/browser/profiles/profile_impl_io_data.cc @@ -82,7 +82,7 @@ ProfileImplIOData::Handle::~Handle() { void ProfileImplIOData::Handle::Init( const FilePath& cookie_path, - const FilePath& origin_bound_cert_path, + const FilePath& server_bound_cert_path, const FilePath& cache_path, int cache_max_size, const FilePath& media_cache_path, @@ -100,7 +100,7 @@ void ProfileImplIOData::Handle::Init( LazyParams* lazy_params = new LazyParams; lazy_params->cookie_path = cookie_path; - lazy_params->origin_bound_cert_path = origin_bound_cert_path; + lazy_params->server_bound_cert_path = server_bound_cert_path; lazy_params->cache_path = cache_path; lazy_params->cache_max_size = cache_max_size; lazy_params->media_cache_path = media_cache_path; @@ -319,14 +319,14 @@ void ProfileImplIOData::LazyInitializeInternal( media_request_context_->set_proxy_service(proxy_service()); scoped_refptr<net::CookieStore> cookie_store = NULL; - net::OriginBoundCertService* origin_bound_cert_service = NULL; + net::ServerBoundCertService* server_bound_cert_service = NULL; if (record_mode || playback_mode) { // Don't use existing cookies and use an in-memory store. cookie_store = new net::CookieMonster( NULL, profile_params->cookie_monster_delegate); - // Don't use existing origin-bound certs and use an in-memory store. - origin_bound_cert_service = new net::OriginBoundCertService( - new net::DefaultOriginBoundCertStore(NULL)); + // Don't use existing server-bound certs and use an in-memory store. + server_bound_cert_service = new net::ServerBoundCertService( + new net::DefaultServerBoundCertStore(NULL)); } // setup cookie store @@ -360,22 +360,22 @@ void ProfileImplIOData::LazyInitializeInternal( media_request_context_->set_cookie_store(cookie_store); extensions_context->set_cookie_store(extensions_cookie_store); - // Setup origin bound cert service. - if (!origin_bound_cert_service) { - DCHECK(!lazy_params_->origin_bound_cert_path.empty()); + // Setup server bound cert service. + if (!server_bound_cert_service) { + DCHECK(!lazy_params_->server_bound_cert_path.empty()); - scoped_refptr<SQLiteOriginBoundCertStore> origin_bound_cert_db = - new SQLiteOriginBoundCertStore(lazy_params_->origin_bound_cert_path); - origin_bound_cert_db->SetClearLocalStateOnExit( + scoped_refptr<SQLiteServerBoundCertStore> server_bound_cert_db = + new SQLiteServerBoundCertStore(lazy_params_->server_bound_cert_path); + server_bound_cert_db->SetClearLocalStateOnExit( profile_params->clear_local_state_on_exit); - origin_bound_cert_service = new net::OriginBoundCertService( - new net::DefaultOriginBoundCertStore(origin_bound_cert_db.get())); + server_bound_cert_service = new net::ServerBoundCertService( + new net::DefaultServerBoundCertStore(server_bound_cert_db.get())); } - set_origin_bound_cert_service(origin_bound_cert_service); - main_context->set_origin_bound_cert_service(origin_bound_cert_service); - media_request_context_->set_origin_bound_cert_service( - origin_bound_cert_service); + set_server_bound_cert_service(server_bound_cert_service); + main_context->set_server_bound_cert_service(server_bound_cert_service); + media_request_context_->set_server_bound_cert_service( + server_bound_cert_service); net::HttpCache::DefaultBackend* main_backend = new net::HttpCache::DefaultBackend( @@ -386,7 +386,7 @@ void ProfileImplIOData::LazyInitializeInternal( net::HttpCache* main_cache = new net::HttpCache( main_context->host_resolver(), main_context->cert_verifier(), - main_context->origin_bound_cert_service(), + main_context->server_bound_cert_service(), main_context->transport_security_state(), main_context->proxy_service(), "", // pass empty ssl_session_cache_shard to share the SSL session cache diff --git a/chrome/browser/profiles/profile_impl_io_data.h b/chrome/browser/profiles/profile_impl_io_data.h index 9b1aa7f..6a78e5f 100644 --- a/chrome/browser/profiles/profile_impl_io_data.h +++ b/chrome/browser/profiles/profile_impl_io_data.h @@ -1,4 +1,4 @@ -// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Copyright (c) 2012 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -36,7 +36,7 @@ class ProfileImplIOData : public ProfileIOData { // Init() must be called before ~Handle(). It records all the necessary // parameters needed to construct a ChromeURLRequestContextGetter. void Init(const FilePath& cookie_path, - const FilePath& origin_bound_cert_path, + const FilePath& server_bound_cert_path, const FilePath& cache_path, int cache_max_size, const FilePath& media_cache_path, @@ -111,7 +111,7 @@ class ProfileImplIOData : public ProfileIOData { // All of these parameters are intended to be read on the IO thread. FilePath cookie_path; - FilePath origin_bound_cert_path; + FilePath server_bound_cert_path; FilePath cache_path; int cache_max_size; FilePath media_cache_path; diff --git a/chrome/browser/profiles/profile_io_data.cc b/chrome/browser/profiles/profile_io_data.cc index 1e416a0..3224f13 100644 --- a/chrome/browser/profiles/profile_io_data.cc +++ b/chrome/browser/profiles/profile_io_data.cc @@ -565,7 +565,7 @@ void ProfileIOData::ShutdownOnUIThread() { delete this; } -void ProfileIOData::set_origin_bound_cert_service( - net::OriginBoundCertService* origin_bound_cert_service) const { - origin_bound_cert_service_.reset(origin_bound_cert_service); +void ProfileIOData::set_server_bound_cert_service( + net::ServerBoundCertService* server_bound_cert_service) const { + server_bound_cert_service_.reset(server_bound_cert_service); } diff --git a/chrome/browser/profiles/profile_io_data.h b/chrome/browser/profiles/profile_io_data.h index 006419b..c8e2c55 100644 --- a/chrome/browser/profiles/profile_io_data.h +++ b/chrome/browser/profiles/profile_io_data.h @@ -33,7 +33,7 @@ namespace net { class CookieStore; class FraudulentCertificateReporter; class HttpTransactionFactory; -class OriginBoundCertService; +class ServerBoundCertService; class ProxyConfigService; class ProxyService; class SSLConfigService; @@ -178,12 +178,12 @@ class ProfileIOData { return chrome_url_data_manager_backend_.get(); } - // An OriginBoundCertService object is created by a derived class of + // A ServerBoundCertService object is created by a derived class of // ProfileIOData, and the derived class calls this method to set the - // origin_bound_cert_service_ member and transfers ownership to the base + // server_bound_cert_service_ member and transfers ownership to the base // class. - void set_origin_bound_cert_service( - net::OriginBoundCertService* origin_bound_cert_service) const; + void set_server_bound_cert_service( + net::ServerBoundCertService* server_bound_cert_service) const; net::NetworkDelegate* network_delegate() const { return network_delegate_.get(); @@ -273,7 +273,7 @@ class ProfileIOData { // Pointed to by URLRequestContext. mutable scoped_ptr<ChromeURLDataManagerBackend> chrome_url_data_manager_backend_; - mutable scoped_ptr<net::OriginBoundCertService> origin_bound_cert_service_; + mutable scoped_ptr<net::ServerBoundCertService> server_bound_cert_service_; mutable scoped_ptr<net::NetworkDelegate> network_delegate_; mutable scoped_ptr<net::FraudulentCertificateReporter> fraudulent_certificate_reporter_; diff --git a/chrome/common/extensions/api/browsingData.json b/chrome/common/extensions/api/browsingData.json index 8848f6e..7ba52cc 100644 --- a/chrome/common/extensions/api/browsingData.json +++ b/chrome/common/extensions/api/browsingData.json @@ -79,10 +79,10 @@ "optional": true, "description": "Should websites' local storage data be cleared?" }, - "originBoundCertificates": { + "serverBoundCertificates": { "type": "boolean", "optional": true, - "description": "Should origin-bound certificates be removed?" + "description": "Should server-bound certificates be removed?" }, "pluginData": { "type": "boolean", diff --git a/chrome/common/extensions/docs/browsingData.html b/chrome/common/extensions/docs/browsingData.html index 27a3c6a..51ae013 100644 --- a/chrome/common/extensions/docs/browsingData.html +++ b/chrome/common/extensions/docs/browsingData.html @@ -627,7 +627,7 @@ chrome.browsingData.removeCookies({ </div><div> <div> <dt> - <var>originBoundCertificates</var> + <var>serverBoundCertificates</var> <em> <!-- TYPE --> <div style="display:inline"> @@ -642,7 +642,7 @@ chrome.browsingData.removeCookies({ </div> </em> </dt> - <dd>Should origin-bound certificates be removed?</dd> + <dd>Should server-bound certificates be removed?</dd> <!-- OBJECT PROPERTIES --> <!-- OBJECT METHODS --> <!-- OBJECT EVENT FIELDS --> diff --git a/chrome/common/extensions/docs/examples/api/browsingData/basic.zip b/chrome/common/extensions/docs/examples/api/browsingData/basic.zip Binary files differindex 98d0f365..d508afc 100644 --- a/chrome/common/extensions/docs/examples/api/browsingData/basic.zip +++ b/chrome/common/extensions/docs/examples/api/browsingData/basic.zip diff --git a/chrome/common/extensions/docs/examples/api/browsingData/basic/popup.js b/chrome/common/extensions/docs/examples/api/browsingData/basic/popup.js index a86d6ac..1b46ea9 100644 --- a/chrome/common/extensions/docs/examples/api/browsingData/basic/popup.js +++ b/chrome/common/extensions/docs/examples/api/browsingData/basic/popup.js @@ -119,7 +119,7 @@ PopupController.prototype = { "history": true, "indexedDB": true, "localStorage": true, - "originBoundCertificates": true, + "serverBoundCertificates": true, "pluginData": true, "passwords": true, "webSQL": true diff --git a/chrome/common/extensions/docs/samples.json b/chrome/common/extensions/docs/samples.json index ed13eba..4edf90b 100644 --- a/chrome/common/extensions/docs/samples.json +++ b/chrome/common/extensions/docs/samples.json @@ -18,6 +18,10 @@ "chrome.bookmarks.removeTree": "bookmarks.html#method-removeTree", "chrome.bookmarks.search": "bookmarks.html#method-search", "chrome.bookmarks.update": "bookmarks.html#method-update", + "chrome.browserAction.getBadgeBackgroundColor": "browserAction.html#method-getBadgeBackgroundColor", + "chrome.browserAction.getBadgeText": "browserAction.html#method-getBadgeText", + "chrome.browserAction.getPopup": "browserAction.html#method-getPopup", + "chrome.browserAction.getTitle": "browserAction.html#method-getTitle", "chrome.browserAction.onClicked": "browserAction.html#event-onClicked", "chrome.browserAction.setBadgeBackgroundColor": "browserAction.html#method-setBadgeBackgroundColor", "chrome.browserAction.setBadgeText": "browserAction.html#method-setBadgeText", @@ -142,6 +146,8 @@ "chrome.omnibox.onInputEntered": "omnibox.html#event-onInputEntered", "chrome.omnibox.onInputStarted": "omnibox.html#event-onInputStarted", "chrome.omnibox.setDefaultSuggestion": "omnibox.html#method-setDefaultSuggestion", + "chrome.pageAction.getPopup": "pageAction.html#method-getPopup", + "chrome.pageAction.getTitle": "pageAction.html#method-getTitle", "chrome.pageAction.hide": "pageAction.html#method-hide", "chrome.pageAction.onClicked": "pageAction.html#event-onClicked", "chrome.pageAction.setIcon": "pageAction.html#method-setIcon", @@ -524,7 +530,7 @@ "popup.html", "popup.js" ], - "source_hash": "d03a62493eb36bf3da3472f15df777137e159171", + "source_hash": "6e227746c25a1b9765dbd27e3eb0e7403dee2c65", "zip_path": "examples\/api\/browsingData\/basic.zip" }, { diff --git a/chrome/tools/chromeactions.txt b/chrome/tools/chromeactions.txt index 3fb362f..7a66678 100644 --- a/chrome/tools/chromeactions.txt +++ b/chrome/tools/chromeactions.txt @@ -183,7 +183,7 @@ 0xea9b835bf0310f85 ClearBrowsingData_Downloads 0xe3c9686626019346 ClearBrowsingData_History 0x86678d0ede469c46 ClearBrowsingData_LSOData -0x82601d6a3aca0eb1 ClearBrowsingData_OriginBoundCerts +0x82601d6a3aca0eb1 ClearBrowsingData_ServerBoundCerts 0x511e8366cdda3890 ClearBrowsingData_Passwords 0x6d69a061f7adf595 ClearBrowsingData_ShowDlg 0x9fd631c62234969a ClearSelection |