diff options
| author | wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-08-23 06:46:35 +0000 |
|---|---|---|
| committer | wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-08-23 06:46:35 +0000 |
| commit | 29dd9be9e0669dcb42835828ac4e7e7ae981816a (patch) | |
| tree | 5dc2f103e625860777d7b0c139fdad5eb30e0264 /net/base | |
| parent | 630d986401e1ea3125bf7cc61f3b03e89efcd29b (diff) | |
| download | chromium_src-29dd9be9e0669dcb42835828ac4e7e7ae981816a.zip chromium_src-29dd9be9e0669dcb42835828ac4e7e7ae981816a.tar.gz chromium_src-29dd9be9e0669dcb42835828ac4e7e7ae981816a.tar.bz2 | |
Add the CertVerifier::set_max_cache_entries() method.
This allows the CertVerifierTest.FullCache test to use a small cache
size and finish faster.
R=rvargas@chromium.org
BUG=88135
TEST=net_unittests --gtest_filter=CertVerifierTest.FullCache should not
take a long time to finish.
Review URL: http://codereview.chromium.org/7671036
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@97825 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/base')
| -rw-r--r-- | net/base/cert_verifier.cc | 20 | ||||
| -rw-r--r-- | net/base/cert_verifier.h | 7 | ||||
| -rw-r--r-- | net/base/cert_verifier_unittest.cc | 7 |
3 files changed, 22 insertions, 12 deletions
diff --git a/net/base/cert_verifier.cc b/net/base/cert_verifier.cc index 9282162..db630dd 100644 --- a/net/base/cert_verifier.cc +++ b/net/base/cert_verifier.cc @@ -59,13 +59,13 @@ namespace net { // On a cache hit, CertVerifier::Verify() returns synchronously without // posting a task to a worker thread. -// The number of CachedCertVerifyResult objects that we'll cache. -static const unsigned kMaxCacheEntries = 256; +namespace { -// The number of seconds for which we'll cache a cache entry. -static const unsigned kTTLSecs = 1800; // 30 minutes. +// The default value of max_cache_entries_. +const unsigned kMaxCacheEntries = 256; -namespace { +// The number of seconds for which we'll cache a cache entry. +const unsigned kTTLSecs = 1800; // 30 minutes. class DefaultTimeService : public CertVerifier::TimeService { public: @@ -283,6 +283,7 @@ class CertVerifierJob { CertVerifier::CertVerifier() : time_service_(new DefaultTimeService), + max_cache_entries_(kMaxCacheEntries), requests_(0), cache_hits_(0), inflight_joins_(0) { @@ -291,6 +292,7 @@ CertVerifier::CertVerifier() CertVerifier::CertVerifier(TimeService* time_service) : time_service_(time_service), + max_cache_entries_(kMaxCacheEntries), requests_(0), cache_hits_(0), inflight_joins_(0) { @@ -403,9 +405,9 @@ void CertVerifier::HandleResult(X509Certificate* cert, const RequestParams key = {cert->fingerprint(), hostname, flags}; - DCHECK_GE(kMaxCacheEntries, 1u); - DCHECK_LE(cache_.size(), kMaxCacheEntries); - if (cache_.size() == kMaxCacheEntries) { + DCHECK_GE(max_cache_entries_, 1u); + DCHECK_LE(cache_.size(), max_cache_entries_); + if (cache_.size() == max_cache_entries_) { // Need to remove an element of the cache. std::map<RequestParams, CachedCertVerifyResult>::iterator i, cur; for (i = cache_.begin(); i != cache_.end(); ) { @@ -414,7 +416,7 @@ void CertVerifier::HandleResult(X509Certificate* cert, cache_.erase(cur); } } - if (cache_.size() == kMaxCacheEntries) { + if (cache_.size() == max_cache_entries_) { // If we didn't clear out any expired entries, we just remove the first // element. Crummy but simple. cache_.erase(cache_.begin()); diff --git a/net/base/cert_verifier.h b/net/base/cert_verifier.h index 9a05510..feeb459 100644 --- a/net/base/cert_verifier.h +++ b/net/base/cert_verifier.h @@ -114,6 +114,8 @@ class NET_EXPORT CertVerifier : NON_EXPORTED_BASE(public base::NonThreadSafe), size_t GetCacheSize() const; + void set_max_cache_entries(size_t max) { max_cache_entries_ = max; } + uint64 requests() const { return requests_; } uint64 cache_hits() const { return cache_hits_; } uint64 inflight_joins() const { return inflight_joins_; } @@ -161,7 +163,7 @@ class NET_EXPORT CertVerifier : NON_EXPORTED_BASE(public base::NonThreadSafe), virtual void OnCertTrustChanged(const X509Certificate* cert); // cache_ maps from a request to a cached result. The cached result may - // have expired and the size of |cache_| must be <= kMaxCacheEntries. + // have expired and the size of |cache_| must be <= max_cache_entries_. std::map<RequestParams, CachedCertVerifyResult> cache_; // inflight_ maps from a request to an active verification which is taking @@ -170,6 +172,9 @@ class NET_EXPORT CertVerifier : NON_EXPORTED_BASE(public base::NonThreadSafe), scoped_ptr<TimeService> time_service_; + // The number of CachedCertVerifyResult objects that we'll cache. + size_t max_cache_entries_; + uint64 requests_; uint64 cache_hits_; uint64 inflight_joins_; diff --git a/net/base/cert_verifier_unittest.cc b/net/base/cert_verifier_unittest.cc index 537dcff..1e15bd7 100644 --- a/net/base/cert_verifier_unittest.cc +++ b/net/base/cert_verifier_unittest.cc @@ -172,6 +172,11 @@ TEST_F(CertVerifierTest, FullCache) { time_service->set_current_time(current_time); CertVerifier verifier(time_service); + // Reduce the maximum cache size in this test so that we can fill up the + // cache quickly. + const unsigned kCacheSize = 5; + verifier.set_max_cache_entries(kCacheSize); + FilePath certs_dir = GetTestCertsDirectory(); scoped_refptr<X509Certificate> test_cert( ImportCertFromFile(certs_dir, "ok_cert.pem")); @@ -192,8 +197,6 @@ TEST_F(CertVerifierTest, FullCache) { ASSERT_EQ(0u, verifier.cache_hits()); ASSERT_EQ(0u, verifier.inflight_joins()); - const unsigned kCacheSize = 256; - for (unsigned i = 0; i < kCacheSize; i++) { std::string hostname = base::StringPrintf("www%d.example.com", i + 1); error = verifier.Verify(test_cert, hostname, 0, &verify_result, |