diff options
| author | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-12-16 18:03:56 +0000 |
|---|---|---|
| committer | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-12-16 18:03:56 +0000 |
| commit | 6c506914943b8abaaaf59300ef9e26bb77980461 (patch) | |
| tree | 6c8109564a90d07682b4414a32d700e2367568a0 /net/socket | |
| parent | dbe613d39653a38ee57cbb0f5e0cc4e92af5325a (diff) | |
| download | chromium_src-6c506914943b8abaaaf59300ef9e26bb77980461.zip chromium_src-6c506914943b8abaaaf59300ef9e26bb77980461.tar.gz chromium_src-6c506914943b8abaaaf59300ef9e26bb77980461.tar.bz2 | |
net: enable SSLHostInfo by default.
This triggers the infrastruture of Snap Start without enabling Snap
Start itself. This is a good thing because, by caching the certificates
on disk (which we need to do for Snap Start), we can start certificate
verification concurrently with the DNS, TCP and TLS round trips.
The savings when the OCSP memory cache is stale are decent (several
hundred milliseconds) and there's a histogram to measure it.
BUG=none
TEST=net_unittests
http://codereview.chromium.org/5705007/
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@69420 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/socket')
| -rw-r--r-- | net/socket/ssl_client_socket_nss.cc | 8 | ||||
| -rw-r--r-- | net/socket/ssl_client_socket_pool.cc | 2 |
2 files changed, 6 insertions, 4 deletions
diff --git a/net/socket/ssl_client_socket_nss.cc b/net/socket/ssl_client_socket_nss.cc index 05cad27..f02084e 100644 --- a/net/socket/ssl_client_socket_nss.cc +++ b/net/socket/ssl_client_socket_nss.cc @@ -481,6 +481,11 @@ void SSLClientSocketNSS::SaveSnapStartInfo() { if (!ssl_host_info_.get()) return; + // If the SSLHostInfo hasn't managed to load from disk yet then we can't save + // anything. + if (ssl_host_info_->WaitForDataReady(NULL) != OK) + return; + SECStatus rv; SSLSnapStartResult snap_start_type; rv = SSL_GetSnapStartResult(nss_fd_, &snap_start_type); @@ -490,8 +495,6 @@ void SSLClientSocketNSS::SaveSnapStartInfo() { } net_log_.AddEvent(NetLog::TYPE_SSL_SNAP_START, new NetLogIntegerParameter("type", snap_start_type)); - LOG(ERROR) << "Snap Start: " << snap_start_type << " " - << host_and_port_.ToString(); if (snap_start_type == SSL_SNAP_START_FULL || snap_start_type == SSL_SNAP_START_RESUME) { // If we did a successful Snap Start then our information was correct and @@ -530,7 +533,6 @@ void SSLClientSocketNSS::SaveSnapStartInfo() { certs[i]->derCert.len)); } - LOG(ERROR) << "Setting Snap Start info " << host_and_port_.ToString(); ssl_host_info_->Persist(); } diff --git a/net/socket/ssl_client_socket_pool.cc b/net/socket/ssl_client_socket_pool.cc index deaf4f3..12c06ed 100644 --- a/net/socket/ssl_client_socket_pool.cc +++ b/net/socket/ssl_client_socket_pool.cc @@ -196,7 +196,7 @@ int SSLConnectJob::DoLoop(int result) { int SSLConnectJob::DoTCPConnect() { DCHECK(tcp_pool_); - if (ssl_host_info_factory_ && SSLConfigService::snap_start_enabled()) { + if (ssl_host_info_factory_) { ssl_host_info_.reset( ssl_host_info_factory_->GetForHost(params_->host_and_port().host(), params_->ssl_config())); |