Revert 206265 "Call crypto::InitializeTPMToken on the IO thread"

> BUG=244455 > For chrome/browser/ui/webui/options/certificate_manager_browsertest.cc > TBR=xiyuan@chromium.org > Review URL: https://chromiumcodereview.appspot.com/15649018 BUG=250807 TBR=pneubeck@chromium.org,rsleevi@chromium.org Review URL: https://codereview.chromium.org/17500002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@207453 0039d316-1c4b-4281-b951-d872f2087c98
author: stevenjb@chromium.org <stevenjb@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2013-06-20 16:44:37 +0000
committer: stevenjb@chromium.org <stevenjb@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2013-06-20 16:44:37 +0000
commit: 9742d84b6f772140e648cf6720097328f8b827da (patch)
tree: 87589cff85d985bb50560193add9730b46e18097 /chromeos
parent: e5ba40787f4b159c46410cb77e281dd842865d16 (diff)
download: chromium_src-9742d84b6f772140e648cf6720097328f8b827da.zip
chromium_src-9742d84b6f772140e648cf6720097328f8b827da.tar.gz
chromium_src-9742d84b6f772140e648cf6720097328f8b827da.tar.bz2
3 files changed, 29 insertions, 88 deletions
diff --git a/chromeos/network/cert_loader.cc b/chromeos/network/cert_loader.cc
index add72b0..f75f8bb 100644
--- a/chromeos/network/cert_loader.cc
+++ b/chromeos/network/cert_loader.cc
@@ -7,9 +7,7 @@
 #include <algorithm>
 
 #include "base/chromeos/chromeos_version.h"
-#include "base/message_loop/message_loop_proxy.h"
 #include "base/observer_list.h"
-#include "base/sequenced_task_runner.h"
 #include "base/strings/string_number_conversions.h"
 #include "base/task_runner_util.h"
 #include "base/threading/worker_pool.h"
@@ -48,16 +46,6 @@ void LoadNSSCertificates(net::CertificateList* cert_list) {
     net::NSSCertDatabase::GetInstance()->ListCerts(cert_list);
 }
 
-void CallOpenPersistentNSSDB() {
-  // Called from crypto_task_runner_.
-  VLOG(1) << "CallOpenPersistentNSSDB";
-
-  // Ensure we've opened the user's key/certificate database.
-  crypto::OpenPersistentNSSDB();
-  if (base::chromeos::IsRunningOnChromeOS())
-    crypto::EnableTPMTokenForNSS();
-}
-
 }  // namespace
 
 CertLoader::CertLoader()
@@ -70,18 +58,10 @@ CertLoader::CertLoader()
           base::TimeDelta::FromMilliseconds(kInitialRequestDelayMs)),
       initialize_token_factory_(this),
       update_certificates_factory_(this) {
-}
-
-void CertLoader::Init() {
   net::CertDatabase::GetInstance()->AddObserver(this);
   if (LoginState::IsInitialized())
     LoginState::Get()->AddObserver(this);
-}
-
-void CertLoader::SetCryptoTaskRunner(
-    const scoped_refptr<base::SequencedTaskRunner>& crypto_task_runner) {
-  crypto_task_runner_ = crypto_task_runner;
-  MaybeRequestCertificates();
+  RequestCertificates();
 }
 
 CertLoader::~CertLoader() {
@@ -106,42 +86,36 @@ bool CertLoader::IsHardwareBacked() const {
   return !tpm_token_name_.empty();
 }
 
-void CertLoader::MaybeRequestCertificates() {
+void CertLoader::RequestCertificates() {
   CHECK(thread_checker_.CalledOnValidThread());
-  if (certificates_requested_ || !crypto_task_runner_.get())
-    return;
-
   const bool logged_in = LoginState::IsInitialized() ?
       LoginState::Get()->IsUserLoggedIn() : false;
   VLOG(1) << "RequestCertificates: " << logged_in;
-  if (!logged_in)
+  if (certificates_requested_ || !logged_in)
     return;
 
   certificates_requested_ = true;
 
-  // This is the entry point to the TPM token initialization process,
-  // which we should do at most once.
-  DCHECK_EQ(tpm_token_state_, TPM_STATE_UNKNOWN);
+  // Ensure we've opened the user's key/certificate database.
+  crypto::OpenPersistentNSSDB();
+  if (base::chromeos::IsRunningOnChromeOS())
+    crypto::EnableTPMTokenForNSS();
+
+  // This is the entry point to the TPM token initialization process, which we
+  // should do at most once.
+  DCHECK(!initialize_token_factory_.HasWeakPtrs());
   InitializeTokenAndLoadCertificates();
 }
 
 void CertLoader::InitializeTokenAndLoadCertificates() {
   CHECK(thread_checker_.CalledOnValidThread());
-  VLOG(1) << "InitializeTokenAndLoadCertificates: " << tpm_token_state_;
+  VLOG(1) << "InitializeTokenAndLoadCertificates";
 
   switch (tpm_token_state_) {
     case TPM_STATE_UNKNOWN: {
-      crypto_task_runner_->PostTaskAndReply(
-          FROM_HERE,
-          base::Bind(&CallOpenPersistentNSSDB),
-          base::Bind(&CertLoader::OnPersistentNSSDBOpened,
-                     initialize_token_factory_.GetWeakPtr()));
-      return;
-    }
-    case TPM_DB_OPENED: {
       DBusThreadManager::Get()->GetCryptohomeClient()->TpmIsEnabled(
-          base::Bind(&CertLoader::OnTpmIsEnabled,
-                     initialize_token_factory_.GetWeakPtr()));
+      base::Bind(&CertLoader::OnTpmIsEnabled,
+                 initialize_token_factory_.GetWeakPtr()));
       return;
     }
     case TPM_DISABLED: {
@@ -164,20 +138,10 @@ void CertLoader::InitializeTokenAndLoadCertificates() {
       return;
     }
     case TPM_TOKEN_INFO_RECEIVED: {
-      if (base::chromeos::IsRunningOnChromeOS()) {
-        base::PostTaskAndReplyWithResult(
-            crypto_task_runner_.get(),
-            FROM_HERE,
-            base::Bind(&crypto::InitializeTPMToken,
-                       tpm_token_name_, tpm_user_pin_),
-            base::Bind(&CertLoader::OnTPMTokenInitialized,
-                       initialize_token_factory_.GetWeakPtr()));
-        return;
-      }
-      tpm_token_state_ = TPM_TOKEN_INITIALIZED;
-      // FALL_THROUGH_INTENDED
+      InitializeNSSForTPMToken();
+      return;
     }
-    case TPM_TOKEN_INITIALIZED: {
+    case TPM_TOKEN_NSS_INITIALIZED: {
       StartLoadCertificates();
       return;
     }
@@ -185,7 +149,6 @@ void CertLoader::InitializeTokenAndLoadCertificates() {
 }
 
 void CertLoader::RetryTokenInitializationLater() {
-  CHECK(thread_checker_.CalledOnValidThread());
   LOG(WARNING) << "Re-Requesting Certificates later.";
   base::MessageLoop::current()->PostDelayedTask(
       FROM_HERE,
@@ -195,12 +158,6 @@ void CertLoader::RetryTokenInitializationLater() {
   tpm_request_delay_ = GetNextRequestDelayMs(tpm_request_delay_);
 }
 
-void CertLoader::OnPersistentNSSDBOpened() {
-  VLOG(1) << "PersistentNSSDBOpened";
-  tpm_token_state_ = TPM_DB_OPENED;
-  InitializeTokenAndLoadCertificates();
-}
-
 // For background see this discussion on dev-tech-crypto.lists.mozilla.org:
 // http://web.archiveorange.com/archive/v/6JJW7E40sypfZGtbkzxX
 //
@@ -277,19 +234,21 @@ void CertLoader::OnPkcs11GetTpmTokenInfo(DBusMethodCallStatus call_status,
   InitializeTokenAndLoadCertificates();
 }
 
-void CertLoader::OnTPMTokenInitialized(bool success) {
-  VLOG(1) << "OnTPMTokenInitialized: " << success;
-  if (!success) {
+void CertLoader::InitializeNSSForTPMToken() {
+  VLOG(1) << "InitializeNSSForTPMToken";
+
+  if (base::chromeos::IsRunningOnChromeOS() &&
+      !crypto::InitializeTPMToken(tpm_token_name_, tpm_user_pin_)) {
     RetryTokenInitializationLater();
     return;
   }
-  tpm_token_state_ = TPM_TOKEN_INITIALIZED;
+
+  tpm_token_state_ = TPM_TOKEN_NSS_INITIALIZED;
   InitializeTokenAndLoadCertificates();
 }
 
 void CertLoader::StartLoadCertificates() {
-  CHECK(thread_checker_.CalledOnValidThread());
-  VLOG(1) << "StartLoadCertificates: " << certificates_update_running_;
+  VLOG(1) << "StartLoadCertificates";
 
   if (certificates_update_running_) {
     certificates_update_required_ = true;
@@ -344,7 +303,7 @@ void CertLoader::OnCertRemoved(const net::X509Certificate* cert) {
 
 void CertLoader::LoggedInStateChanged(LoginState::LoggedInState state) {
   VLOG(1) << "LoggedInStateChanged: " << state;
-  MaybeRequestCertificates();
+  RequestCertificates();
 }
 
 }  // namespace chromeos
diff --git a/chromeos/network/cert_loader.h b/chromeos/network/cert_loader.h
index 5996076..a57d29a 100644
--- a/chromeos/network/cert_loader.h
+++ b/chromeos/network/cert_loader.h
@@ -19,10 +19,6 @@
 #include "net/cert/cert_database.h"
 #include "net/cert/x509_certificate.h"
 
-namespace base {
-class SequencedTaskRunner;
-}
-
 namespace crypto {
 class SymmetricKey;
 }
@@ -56,13 +52,6 @@ class CHROMEOS_EXPORT CertLoader : public net::CertDatabase::Observer,
 
   virtual ~CertLoader();
 
-  // |crypto_task_runner| is the task runner that any synchronous crypto calls
-  // should be made from. e.g. in Chrome this is the IO thread. Must be called
-  // after the thread is started. Certificate loading will not happen unless
-  // this is set.
-  void SetCryptoTaskRunner(
-      const scoped_refptr<base::SequencedTaskRunner>& crypto_task_runner);
-
   void AddObserver(CertLoader::Observer* observer);
   void RemoveObserver(CertLoader::Observer* observer);
 
@@ -89,14 +78,12 @@ class CHROMEOS_EXPORT CertLoader : public net::CertDatabase::Observer,
   friend class NetworkHandler;
   CertLoader();
 
-  void Init();
-  void MaybeRequestCertificates();
+  void RequestCertificates();
 
   // This is the cyclic chain of callbacks to initialize the TPM token and to
   // kick off the update of the certificate list.
   void InitializeTokenAndLoadCertificates();
   void RetryTokenInitializationLater();
-  void OnPersistentNSSDBOpened();
   void OnTpmIsEnabled(DBusMethodCallStatus call_status,
                       bool tpm_is_enabled);
   void OnPkcs11IsTpmTokenReady(DBusMethodCallStatus call_status,
@@ -104,7 +91,7 @@ class CHROMEOS_EXPORT CertLoader : public net::CertDatabase::Observer,
   void OnPkcs11GetTpmTokenInfo(DBusMethodCallStatus call_status,
                                const std::string& token_name,
                                const std::string& user_pin);
-  void OnTPMTokenInitialized(bool success);
+  void InitializeNSSForTPMToken();
 
   // These calls handle the updating of the certificate list after the TPM token
   // was initialized.
@@ -132,12 +119,11 @@ class CHROMEOS_EXPORT CertLoader : public net::CertDatabase::Observer,
   // be left.
   enum TPMTokenState {
     TPM_STATE_UNKNOWN,
-    TPM_DB_OPENED,
     TPM_DISABLED,
     TPM_ENABLED,
     TPM_TOKEN_READY,
     TPM_TOKEN_INFO_RECEIVED,
-    TPM_TOKEN_INITIALIZED,
+    TPM_TOKEN_NSS_INITIALIZED,
   };
   TPMTokenState tpm_token_state_;
 
@@ -155,9 +141,6 @@ class CHROMEOS_EXPORT CertLoader : public net::CertDatabase::Observer,
 
   base::ThreadChecker thread_checker_;
 
-  // TaskRunner for crypto calls.
-  scoped_refptr<base::SequencedTaskRunner> crypto_task_runner_;
-
   // This factory should be used only for callbacks during TPMToken
   // initialization.
   base::WeakPtrFactory<CertLoader> initialize_token_factory_;
diff --git a/chromeos/network/network_handler.cc b/chromeos/network/network_handler.cc
index 26fee58..5bc9a0a 100644
--- a/chromeos/network/network_handler.cc
+++ b/chromeos/network/network_handler.cc
@@ -40,7 +40,6 @@ NetworkHandler::~NetworkHandler() {
 }
 
 void NetworkHandler::Init() {
-  cert_loader_->Init();
   network_state_handler_->InitShillPropertyHandler();
   network_configuration_handler_->Init(network_state_handler_.get());
   managed_network_configuration_handler_->Init(
author	stevenjb@chromium.org <stevenjb@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2013-06-20 16:44:37 +0000
committer	stevenjb@chromium.org <stevenjb@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2013-06-20 16:44:37 +0000
commit	9742d84b6f772140e648cf6720097328f8b827da (patch)
tree	87589cff85d985bb50560193add9730b46e18097 /chromeos
parent	e5ba40787f4b159c46410cb77e281dd842865d16 (diff)
download	chromium_src-9742d84b6f772140e648cf6720097328f8b827da.zip chromium_src-9742d84b6f772140e648cf6720097328f8b827da.tar.gz chromium_src-9742d84b6f772140e648cf6720097328f8b827da.tar.bz2