diff options
| author | wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-02-03 16:51:15 +0000 |
|---|---|---|
| committer | wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-02-03 16:51:15 +0000 |
| commit | dedb594391d9ec31a6eac1eccbdd754ac2ce5ed7 (patch) | |
| tree | cac5603ceb1a8dd526624c428d6ffd6eafaf3de5 /net/base/cert_verifier.cc | |
| parent | 7f969d6b73d925d306032565179d6b2109646ee0 (diff) | |
| download | chromium_src-dedb594391d9ec31a6eac1eccbdd754ac2ce5ed7.zip chromium_src-dedb594391d9ec31a6eac1eccbdd754ac2ce5ed7.tar.gz chromium_src-dedb594391d9ec31a6eac1eccbdd754ac2ce5ed7.tar.bz2 | |
Move certificate verification off the IO thread.
Move the MapNetErrorToCertStatus and MapCertStatusToNetError
functions to cert_status_flags.h so they can be shared with
Mac and Linux code.
Move the certificate verification function to the
X509Certificate class. Right now X509Certificate::Verify is
only implemented on Windows.
R=eroman
BUG=3592
Review URL: http://codereview.chromium.org/14915
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@9084 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/base/cert_verifier.cc')
| -rw-r--r-- | net/base/cert_verifier.cc | 23 |
1 files changed, 11 insertions, 12 deletions
diff --git a/net/base/cert_verifier.cc b/net/base/cert_verifier.cc index 8163690..567ea38 100644 --- a/net/base/cert_verifier.cc +++ b/net/base/cert_verifier.cc @@ -6,6 +6,7 @@ #include "base/message_loop.h" #include "base/worker_pool.h" +#include "net/base/cert_verify_result.h" #include "net/base/net_errors.h" #include "net/base/x509_certificate.h" @@ -18,17 +19,16 @@ class CertVerifier::Request : X509Certificate* cert, const std::string& hostname, bool rev_checking_enabled, - int* cert_status, + CertVerifyResult* verify_result, CompletionCallback* callback) : cert_(cert), hostname_(hostname), rev_checking_enabled_(rev_checking_enabled), verifier_(verifier), - cert_status_(cert_status), + verify_result_(verify_result), callback_(callback), origin_loop_(MessageLoop::current()), - error_(OK), - result_(0) { + error_(OK) { } ~Request() {} @@ -55,13 +55,12 @@ class CertVerifier::Request : void DoCallback() { // Running on the origin thread. - DCHECK(error_ || result_); // We may have been cancelled! if (!verifier_) return; - *cert_status_ = result_; + *verify_result_ = result_; // Drop the verifier's reference to us. Do this before running the // callback since the callback might result in the verifier being @@ -86,7 +85,7 @@ class CertVerifier::Request : // Only used on the origin thread (where Verify was called). CertVerifier* verifier_; - int* cert_status_; + CertVerifyResult* verify_result_; CompletionCallback* callback_; // Used to post ourselves onto the origin thread. @@ -95,7 +94,7 @@ class CertVerifier::Request : // Assigned on the worker thread, read on the origin thread. int error_; - int result_; + CertVerifyResult result_; }; //----------------------------------------------------------------------------- @@ -111,20 +110,20 @@ CertVerifier::~CertVerifier() { int CertVerifier::Verify(X509Certificate* cert, const std::string& hostname, bool rev_checking_enabled, - int* cert_status, + CertVerifyResult* verify_result, CompletionCallback* callback) { DCHECK(!request_) << "verifier already in use"; // Do a synchronous verification. if (!callback) { - int result; + CertVerifyResult result; int rv = cert->Verify(hostname, rev_checking_enabled, &result); - *cert_status = result; + *verify_result = result; return rv; } request_ = new Request(this, cert, hostname, rev_checking_enabled, - cert_status, callback); + verify_result, callback); // Dispatch to worker thread... if (!WorkerPool::PostTask(FROM_HERE, |