diff options
| author | mattm@chromium.org <mattm@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-08-19 21:48:42 +0000 |
|---|---|---|
| committer | mattm@chromium.org <mattm@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-08-19 21:48:42 +0000 |
| commit | db36938cb26cf265a5fd93690a8e783d01406958 (patch) | |
| tree | 7261d389592cdfbbb3063f223455518db12d3bda /net | |
| parent | 0d1872ebba9b790f3a33bcaecc11258ea924b397 (diff) | |
| download | chromium_src-db36938cb26cf265a5fd93690a8e783d01406958.zip chromium_src-db36938cb26cf265a5fd93690a8e783d01406958.tar.gz chromium_src-db36938cb26cf265a5fd93690a8e783d01406958.tar.bz2 | |
Pref-backed SSLConfigService for Linux.
Makes SSLConfigService into a ref-counted interface, and makes Profile own an SSLConfigServiceFactory which is used to create the SSLConfigService and pass it through the URLRequestContext on down to where it is actually used.
R=eroman,wtc
BUG=11507,19290
Review URL: http://codereview.chromium.org/165003
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@23757 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net')
20 files changed, 238 insertions, 113 deletions
diff --git a/net/base/ssl_config_service.h b/net/base/ssl_config_service.h index 5354b3e..7bfd08b 100644 --- a/net/base/ssl_config_service.h +++ b/net/base/ssl_config_service.h @@ -7,7 +7,7 @@ #include <vector> -#include "base/time.h" +#include "base/ref_counted.h" #include "net/base/x509_certificate.h" namespace net { @@ -60,45 +60,16 @@ struct SSLConfig { scoped_refptr<X509Certificate> client_cert; }; -// This class is responsible for getting and setting the SSL configuration. -// -// We think the SSL configuration settings should apply to all applications -// used by the user. We consider IE's Internet Options as the de facto -// system-wide network configuration settings, so we just use the values -// from IE's Internet Settings registry key. -class SSLConfigService { +// The interface for retrieving the system SSL configuration. This interface +// does not cover setting the SSL configuration, as on some systems, the +// SSLConfigService objects may not have direct access to the configuration, or +// live longer than the configuration preferences. +class SSLConfigService : public base::RefCountedThreadSafe<SSLConfigService> { public: - SSLConfigService(); - explicit SSLConfigService(base::TimeTicks now); // Used for testing. - ~SSLConfigService() { } - - // Get the current SSL configuration settings. Can be called on any - // thread. - static bool GetSSLConfigNow(SSLConfig* config); - - // Setters. Can be called on any thread. - static void SetRevCheckingEnabled(bool enabled); - static void SetSSL2Enabled(bool enabled); - - // Get the (cached) SSL configuration settings that are fresh within 10 - // seconds. This is cheaper than GetSSLConfigNow and is suitable when - // we don't need the absolutely current configuration settings. This - // method is not thread-safe, so it must be called on the same thread. - void GetSSLConfig(SSLConfig* config) { - GetSSLConfigAt(config, base::TimeTicks::Now()); - } - - // Used for testing. - void GetSSLConfigAt(SSLConfig* config, base::TimeTicks now); - - private: - void UpdateConfig(base::TimeTicks now); - - // We store the IE SSL config and the time that we fetched it. - SSLConfig config_info_; - base::TimeTicks config_time_; + virtual ~SSLConfigService() {} - DISALLOW_EVIL_CONSTRUCTORS(SSLConfigService); + // May not be thread-safe, should only be called on the IO thread. + virtual void GetSSLConfig(SSLConfig* config) = 0; }; } // namespace net diff --git a/net/base/ssl_config_service_defaults.h b/net/base/ssl_config_service_defaults.h new file mode 100644 index 0000000..9360020 --- /dev/null +++ b/net/base/ssl_config_service_defaults.h @@ -0,0 +1,34 @@ +// Copyright (c) 2009 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef NET_BASE_SSL_CONFIG_SERVICE_DEFAULTS_H_ +#define NET_BASE_SSL_CONFIG_SERVICE_DEFAULTS_H_ + +#include "net/base/ssl_config_service.h" + +namespace net { + +// This SSLConfigService always returns the default SSLConfig settings. It is +// mainly useful for unittests, or for platforms that do not have a native +// implementation of SSLConfigService yet. +class SSLConfigServiceDefaults : public SSLConfigService { + public: + SSLConfigServiceDefaults() {} + virtual ~SSLConfigServiceDefaults() {} + + // Store default SSL config settings in |config|. + virtual void GetSSLConfig(SSLConfig* config) { + *config = default_config_; + } + + private: + // Default value of prefs. + const SSLConfig default_config_; + + DISALLOW_COPY_AND_ASSIGN(SSLConfigServiceDefaults); +}; + +} // namespace net + +#endif // NET_BASE_SSL_CONFIG_SERVICE_DEFAULTS_H_ diff --git a/net/base/ssl_config_service.cc b/net/base/ssl_config_service_win.cc index 46421b0..dcb9b89 100644 --- a/net/base/ssl_config_service.cc +++ b/net/base/ssl_config_service_win.cc @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "net/base/ssl_config_service.h" +#include "net/base/ssl_config_service_win.h" #include "base/registry.h" @@ -40,22 +40,24 @@ enum { PROTOCOLS_DEFAULT = SSL3 | TLS1 }; -SSLConfigService::SSLConfigService() { - UpdateConfig(TimeTicks::Now()); +SSLConfigServiceWin::SSLConfigServiceWin() : ever_updated_(false) { + // We defer retrieving the settings until the first call to GetSSLConfig, to + // avoid a blocking call on the UI thread. } -SSLConfigService::SSLConfigService(TimeTicks now) { +SSLConfigServiceWin::SSLConfigServiceWin(TimeTicks now) : ever_updated_(false) { UpdateConfig(now); } -void SSLConfigService::GetSSLConfigAt(SSLConfig* config, TimeTicks now) { - if (now - config_time_ > TimeDelta::FromSeconds(kConfigUpdateInterval)) +void SSLConfigServiceWin::GetSSLConfigAt(SSLConfig* config, TimeTicks now) { + if (!ever_updated_ || + now - config_time_ > TimeDelta::FromSeconds(kConfigUpdateInterval)) UpdateConfig(now); *config = config_info_; } // static -bool SSLConfigService::GetSSLConfigNow(SSLConfig* config) { +bool SSLConfigServiceWin::GetSSLConfigNow(SSLConfig* config) { RegKey internet_settings; if (!internet_settings.Open(HKEY_CURRENT_USER, kInternetSettingsSubKeyName, KEY_READ)) @@ -78,15 +80,17 @@ bool SSLConfigService::GetSSLConfigNow(SSLConfig* config) { } // static -void SSLConfigService::SetRevCheckingEnabled(bool enabled) { +void SSLConfigServiceWin::SetRevCheckingEnabled(bool enabled) { DWORD value = enabled; RegKey internet_settings(HKEY_CURRENT_USER, kInternetSettingsSubKeyName, KEY_WRITE); internet_settings.WriteValue(kRevocationValueName, value); + // TODO(mattm): We should call UpdateConfig after updating settings, but these + // methods are static. } // static -void SSLConfigService::SetSSL2Enabled(bool enabled) { +void SSLConfigServiceWin::SetSSL2Enabled(bool enabled) { RegKey internet_settings(HKEY_CURRENT_USER, kInternetSettingsSubKeyName, KEY_READ | KEY_WRITE); DWORD value; @@ -97,11 +101,14 @@ void SSLConfigService::SetSSL2Enabled(bool enabled) { else value &= ~SSL2; internet_settings.WriteValue(kProtocolsValueName, value); + // TODO(mattm): We should call UpdateConfig after updating settings, but these + // methods are static. } -void SSLConfigService::UpdateConfig(TimeTicks now) { +void SSLConfigServiceWin::UpdateConfig(TimeTicks now) { GetSSLConfigNow(&config_info_); config_time_ = now; + ever_updated_ = true; } } // namespace net diff --git a/net/base/ssl_config_service_win.h b/net/base/ssl_config_service_win.h new file mode 100644 index 0000000..ef3346e --- /dev/null +++ b/net/base/ssl_config_service_win.h @@ -0,0 +1,60 @@ +// Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef NET_BASE_SSL_CONFIG_SERVICE_WIN_H_ +#define NET_BASE_SSL_CONFIG_SERVICE_WIN_H_ + +#include <set> + +#include "base/time.h" +#include "net/base/ssl_config_service.h" + +namespace net { + +// This class is responsible for getting and setting the SSL configuration on +// Windows. +// +// We think the SSL configuration settings should apply to all applications +// used by the user. We consider IE's Internet Options as the de facto +// system-wide network configuration settings, so we just use the values +// from IE's Internet Settings registry key. +class SSLConfigServiceWin : public SSLConfigService { + public: + SSLConfigServiceWin(); + explicit SSLConfigServiceWin(base::TimeTicks now); // Used for testing. + virtual ~SSLConfigServiceWin() {} + + // Get the current SSL configuration settings. Can be called on any + // thread. + static bool GetSSLConfigNow(SSLConfig* config); + + // Setters. Can be called on any thread. + static void SetRevCheckingEnabled(bool enabled); + static void SetSSL2Enabled(bool enabled); + + // Get the (cached) SSL configuration settings that are fresh within 10 + // seconds. This is cheaper than GetSSLConfigNow and is suitable when + // we don't need the absolutely current configuration settings. This + // method is not thread-safe, so it must be called on the same thread. + void GetSSLConfig(SSLConfig* config) { + GetSSLConfigAt(config, base::TimeTicks::Now()); + } + + // Used for testing. + void GetSSLConfigAt(SSLConfig* config, base::TimeTicks now); + + private: + void UpdateConfig(base::TimeTicks now); + + // We store the IE SSL config and the time that we fetched it. + SSLConfig config_info_; + base::TimeTicks config_time_; + bool ever_updated_; + + DISALLOW_EVIL_CONSTRUCTORS(SSLConfigServiceWin); +}; + +} // namespace net + +#endif // NET_BASE_SSL_CONFIG_SERVICE_WIN_H_ diff --git a/net/base/ssl_config_service_unittest.cc b/net/base/ssl_config_service_win_unittest.cc index 8f61fe0..4cf508e 100644 --- a/net/base/ssl_config_service_unittest.cc +++ b/net/base/ssl_config_service_win_unittest.cc @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "net/base/ssl_config_service.h" +#include "net/base/ssl_config_service_win.h" #include "testing/gtest/include/gtest/gtest.h" using base::TimeDelta; @@ -10,12 +10,12 @@ using base::TimeTicks; namespace { -class SSLConfigServiceTest : public testing::Test { +class SSLConfigServiceWinTest : public testing::Test { }; } // namespace -TEST(SSLConfigServiceTest, GetNowTest) { +TEST(SSLConfigServiceWinTest, GetNowTest) { // Verify that the constructor sets the correct default values. net::SSLConfig config; EXPECT_EQ(false, config.rev_checking_enabled); @@ -23,64 +23,67 @@ TEST(SSLConfigServiceTest, GetNowTest) { EXPECT_EQ(true, config.ssl3_enabled); EXPECT_EQ(true, config.tls1_enabled); - bool rv = net::SSLConfigService::GetSSLConfigNow(&config); + bool rv = net::SSLConfigServiceWin::GetSSLConfigNow(&config); EXPECT_TRUE(rv); } -TEST(SSLConfigServiceTest, SetTest) { +TEST(SSLConfigServiceWinTest, SetTest) { // Save the current settings so we can restore them after the tests. net::SSLConfig config_save; - bool rv = net::SSLConfigService::GetSSLConfigNow(&config_save); + bool rv = net::SSLConfigServiceWin::GetSSLConfigNow(&config_save); EXPECT_TRUE(rv); net::SSLConfig config; // Test SetRevCheckingEnabled. - net::SSLConfigService::SetRevCheckingEnabled(true); - rv = net::SSLConfigService::GetSSLConfigNow(&config); + net::SSLConfigServiceWin::SetRevCheckingEnabled(true); + rv = net::SSLConfigServiceWin::GetSSLConfigNow(&config); EXPECT_TRUE(rv); EXPECT_TRUE(config.rev_checking_enabled); - net::SSLConfigService::SetRevCheckingEnabled(false); - rv = net::SSLConfigService::GetSSLConfigNow(&config); + net::SSLConfigServiceWin::SetRevCheckingEnabled(false); + rv = net::SSLConfigServiceWin::GetSSLConfigNow(&config); EXPECT_TRUE(rv); EXPECT_FALSE(config.rev_checking_enabled); - net::SSLConfigService::SetRevCheckingEnabled( + net::SSLConfigServiceWin::SetRevCheckingEnabled( config_save.rev_checking_enabled); // Test SetSSL2Enabled. - net::SSLConfigService::SetSSL2Enabled(true); - rv = net::SSLConfigService::GetSSLConfigNow(&config); + net::SSLConfigServiceWin::SetSSL2Enabled(true); + rv = net::SSLConfigServiceWin::GetSSLConfigNow(&config); EXPECT_TRUE(rv); EXPECT_TRUE(config.ssl2_enabled); - net::SSLConfigService::SetSSL2Enabled(false); - rv = net::SSLConfigService::GetSSLConfigNow(&config); + net::SSLConfigServiceWin::SetSSL2Enabled(false); + rv = net::SSLConfigServiceWin::GetSSLConfigNow(&config); EXPECT_TRUE(rv); EXPECT_FALSE(config.ssl2_enabled); - net::SSLConfigService::SetSSL2Enabled(config_save.ssl2_enabled); + net::SSLConfigServiceWin::SetSSL2Enabled(config_save.ssl2_enabled); } -TEST(SSLConfigServiceTest, GetTest) { +TEST(SSLConfigServiceWinTest, GetTest) { TimeTicks now = TimeTicks::Now(); TimeTicks now_1 = now + TimeDelta::FromSeconds(1); TimeTicks now_11 = now + TimeDelta::FromSeconds(11); net::SSLConfig config, config_1, config_11; - net::SSLConfigService config_service(now); - config_service.GetSSLConfigAt(&config, now); + scoped_refptr<net::SSLConfigServiceWin> config_service( + new net::SSLConfigServiceWin(now)); + config_service->GetSSLConfigAt(&config, now); // Flip rev_checking_enabled. - net::SSLConfigService::SetRevCheckingEnabled(!config.rev_checking_enabled); + net::SSLConfigServiceWin::SetRevCheckingEnabled( + !config.rev_checking_enabled); - config_service.GetSSLConfigAt(&config_1, now_1); + config_service->GetSSLConfigAt(&config_1, now_1); EXPECT_EQ(config.rev_checking_enabled, config_1.rev_checking_enabled); - config_service.GetSSLConfigAt(&config_11, now_11); + config_service->GetSSLConfigAt(&config_11, now_11); EXPECT_EQ(!config.rev_checking_enabled, config_11.rev_checking_enabled); // Restore the original value. - net::SSLConfigService::SetRevCheckingEnabled(config.rev_checking_enabled); + net::SSLConfigServiceWin::SetRevCheckingEnabled( + config.rev_checking_enabled); } diff --git a/net/http/http_cache.cc b/net/http/http_cache.cc index 4d9802a..1299111 100644 --- a/net/http/http_cache.cc +++ b/net/http/http_cache.cc @@ -1505,13 +1505,14 @@ int HttpCache::Transaction::DoPartialCacheReadCompleted(int result) { HttpCache::HttpCache(HostResolver* host_resolver, ProxyService* proxy_service, + SSLConfigService* ssl_config_service, const std::wstring& cache_dir, int cache_size) : disk_cache_dir_(cache_dir), mode_(NORMAL), type_(DISK_CACHE), network_layer_(HttpNetworkLayer::CreateFactory( - host_resolver, proxy_service)), + host_resolver, proxy_service, ssl_config_service)), ALLOW_THIS_IN_INITIALIZER_LIST(task_factory_(this)), in_memory_cache_(false), deleted_(false), @@ -1533,11 +1534,12 @@ HttpCache::HttpCache(HttpNetworkSession* session, HttpCache::HttpCache(HostResolver* host_resolver, ProxyService* proxy_service, + SSLConfigService* ssl_config_service, int cache_size) : mode_(NORMAL), type_(MEMORY_CACHE), network_layer_(HttpNetworkLayer::CreateFactory( - host_resolver, proxy_service)), + host_resolver, proxy_service, ssl_config_service)), ALLOW_THIS_IN_INITIALIZER_LIST(task_factory_(this)), in_memory_cache_(true), deleted_(false), diff --git a/net/http/http_cache.h b/net/http/http_cache.h index 1a76180..19c4331 100644 --- a/net/http/http_cache.h +++ b/net/http/http_cache.h @@ -36,6 +36,7 @@ class HttpNetworkSession; class HttpRequestInfo; class HttpResponseInfo; class ProxyService; +class SSLConfigService; class HttpCache : public HttpTransactionFactory { public: @@ -60,6 +61,7 @@ class HttpCache : public HttpTransactionFactory { // |cache_size| is zero, a default value will be calculated automatically. HttpCache(HostResolver* host_resolver, ProxyService* proxy_service, + SSLConfigService* ssl_config_service, const std::wstring& cache_dir, int cache_size); @@ -77,6 +79,7 @@ class HttpCache : public HttpTransactionFactory { // value will be calculated automatically. HttpCache(HostResolver* host_resolver, ProxyService* proxy_service, + SSLConfigService* ssl_config_service, int cache_size); // Initialize the cache from its component parts, which is useful for diff --git a/net/http/http_network_layer.cc b/net/http/http_network_layer.cc index 7f5c142..87969ba 100644 --- a/net/http/http_network_layer.cc +++ b/net/http/http_network_layer.cc @@ -16,11 +16,12 @@ namespace net { // static HttpTransactionFactory* HttpNetworkLayer::CreateFactory( HostResolver* host_resolver, - ProxyService* proxy_service) { + ProxyService* proxy_service, + SSLConfigService* ssl_config_service) { DCHECK(proxy_service); return new HttpNetworkLayer(ClientSocketFactory::GetDefaultFactory(), - host_resolver, proxy_service); + host_resolver, proxy_service, ssl_config_service); } // static @@ -35,17 +36,21 @@ HttpTransactionFactory* HttpNetworkLayer::CreateFactory( HttpNetworkLayer::HttpNetworkLayer(ClientSocketFactory* socket_factory, HostResolver* host_resolver, - ProxyService* proxy_service) + ProxyService* proxy_service, + SSLConfigService* ssl_config_service) : socket_factory_(socket_factory), host_resolver_(host_resolver), proxy_service_(proxy_service), + ssl_config_service_(ssl_config_service), session_(NULL), suspended_(false) { DCHECK(proxy_service_); + DCHECK(ssl_config_service_.get()); } HttpNetworkLayer::HttpNetworkLayer(HttpNetworkSession* session) : socket_factory_(ClientSocketFactory::GetDefaultFactory()), + ssl_config_service_(NULL), session_(session), suspended_(false) { DCHECK(session_.get()); @@ -76,7 +81,7 @@ HttpNetworkSession* HttpNetworkLayer::GetSession() { if (!session_) { DCHECK(proxy_service_); session_ = new HttpNetworkSession(host_resolver_, proxy_service_, - socket_factory_); + socket_factory_, ssl_config_service_); // These were just temps for lazy-initializing HttpNetworkSession. host_resolver_ = NULL; proxy_service_ = NULL; diff --git a/net/http/http_network_layer.h b/net/http/http_network_layer.h index bd3cb68..c920ce1 100644 --- a/net/http/http_network_layer.h +++ b/net/http/http_network_layer.h @@ -16,13 +16,15 @@ class HostResolver; class HttpNetworkSession; class ProxyInfo; class ProxyService; +class SSLConfigService; class HttpNetworkLayer : public HttpTransactionFactory { public: // |socket_factory|, |proxy_service| and |host_resolver| must remain valid // for the lifetime of HttpNetworkLayer. HttpNetworkLayer(ClientSocketFactory* socket_factory, - HostResolver* host_resolver, ProxyService* proxy_service); + HostResolver* host_resolver, ProxyService* proxy_service, + SSLConfigService* ssl_config_service); // Construct a HttpNetworkLayer with an existing HttpNetworkSession which // contains a valid ProxyService. explicit HttpNetworkLayer(HttpNetworkSession* session); @@ -30,8 +32,10 @@ class HttpNetworkLayer : public HttpTransactionFactory { // This function hides the details of how a network layer gets instantiated // and allows other implementations to be substituted. - static HttpTransactionFactory* CreateFactory(HostResolver* host_resolver, - ProxyService* proxy_service); + static HttpTransactionFactory* CreateFactory( + HostResolver* host_resolver, + ProxyService* proxy_service, + SSLConfigService* ssl_config_service); // Create a transaction factory that instantiate a network layer over an // existing network session. Network session contains some valuable // information (e.g. authentication data) that we want to share across @@ -56,6 +60,9 @@ class HttpNetworkLayer : public HttpTransactionFactory { scoped_refptr<HostResolver> host_resolver_; scoped_refptr<ProxyService> proxy_service_; + // The SSL config service being used for the session. + scoped_refptr<SSLConfigService> ssl_config_service_; + scoped_refptr<HttpNetworkSession> session_; bool suspended_; }; diff --git a/net/http/http_network_layer_unittest.cc b/net/http/http_network_layer_unittest.cc index 0d32335..73d83ec 100644 --- a/net/http/http_network_layer_unittest.cc +++ b/net/http/http_network_layer_unittest.cc @@ -3,6 +3,7 @@ // found in the LICENSE file. #include "net/base/mock_host_resolver.h" +#include "net/base/ssl_config_service_defaults.h" #include "net/http/http_network_layer.h" #include "net/http/http_transaction_unittest.h" #include "net/proxy/proxy_service.h" @@ -15,14 +16,16 @@ class HttpNetworkLayerTest : public PlatformTest { TEST_F(HttpNetworkLayerTest, CreateAndDestroy) { net::HttpNetworkLayer factory( - NULL, new net::MockHostResolver, net::ProxyService::CreateNull()); + NULL, new net::MockHostResolver, net::ProxyService::CreateNull(), + new net::SSLConfigServiceDefaults); scoped_ptr<net::HttpTransaction> trans(factory.CreateTransaction()); } TEST_F(HttpNetworkLayerTest, Suspend) { net::HttpNetworkLayer factory( - NULL, new net::MockHostResolver, net::ProxyService::CreateNull()); + NULL, new net::MockHostResolver, net::ProxyService::CreateNull(), + new net::SSLConfigServiceDefaults); scoped_ptr<net::HttpTransaction> trans(factory.CreateTransaction()); trans.reset(); @@ -54,7 +57,8 @@ TEST_F(HttpNetworkLayerTest, GET) { mock_socket_factory.AddMockSocket(&data); net::HttpNetworkLayer factory(&mock_socket_factory, new net::MockHostResolver, - net::ProxyService::CreateNull()); + net::ProxyService::CreateNull(), + new net::SSLConfigServiceDefaults); TestCompletionCallback callback; diff --git a/net/http/http_network_session.cc b/net/http/http_network_session.cc index b7d32c2..8525e51 100644 --- a/net/http/http_network_session.cc +++ b/net/http/http_network_session.cc @@ -17,13 +17,16 @@ int HttpNetworkSession::max_sockets_per_group_ = 6; HttpNetworkSession::HttpNetworkSession( HostResolver* host_resolver, ProxyService* proxy_service, - ClientSocketFactory* client_socket_factory) + ClientSocketFactory* client_socket_factory, + SSLConfigService* ssl_config_service) : tcp_socket_pool_(new TCPClientSocketPool( max_sockets_, max_sockets_per_group_, host_resolver, client_socket_factory)), host_resolver_(host_resolver), - proxy_service_(proxy_service) { + proxy_service_(proxy_service), + ssl_config_service_(ssl_config_service) { DCHECK(proxy_service); + DCHECK(ssl_config_service); } // static diff --git a/net/http/http_network_session.h b/net/http/http_network_session.h index b6327c6..94555ef 100644 --- a/net/http/http_network_session.h +++ b/net/http/http_network_session.h @@ -21,7 +21,8 @@ class ClientSocketFactory; class HttpNetworkSession : public base::RefCounted<HttpNetworkSession> { public: HttpNetworkSession(HostResolver* host_resolver, ProxyService* proxy_service, - ClientSocketFactory* client_socket_factory); + ClientSocketFactory* client_socket_factory, + SSLConfigService* ssl_config_service); HttpAuthCache* auth_cache() { return &auth_cache_; } SSLClientAuthCache* ssl_client_auth_cache() { @@ -31,9 +32,7 @@ class HttpNetworkSession : public base::RefCounted<HttpNetworkSession> { TCPClientSocketPool* tcp_socket_pool() { return tcp_socket_pool_; } HostResolver* host_resolver() { return host_resolver_; } ProxyService* proxy_service() { return proxy_service_; } -#if defined(OS_WIN) - SSLConfigService* ssl_config_service() { return &ssl_config_service_; } -#endif + SSLConfigService* ssl_config_service() { return ssl_config_service_; } static void set_max_sockets_per_group(int socket_count); @@ -53,10 +52,7 @@ class HttpNetworkSession : public base::RefCounted<HttpNetworkSession> { scoped_refptr<TCPClientSocketPool> tcp_socket_pool_; scoped_refptr<HostResolver> host_resolver_; scoped_refptr<ProxyService> proxy_service_; -#if defined(OS_WIN) - // TODO(port): Port the SSLConfigService class to Linux and Mac OS X. - SSLConfigService ssl_config_service_; -#endif + scoped_refptr<SSLConfigService> ssl_config_service_; }; } // namespace net diff --git a/net/http/http_network_transaction.cc b/net/http/http_network_transaction.cc index 7d2e6da..79be223 100644 --- a/net/http/http_network_transaction.cc +++ b/net/http/http_network_transaction.cc @@ -155,10 +155,7 @@ HttpNetworkTransaction::HttpNetworkTransaction(HttpNetworkSession* session, response_body_read_(0), read_buf_len_(0), next_state_(STATE_NONE) { -#if defined(OS_WIN) - // TODO(port): Port the SSLConfigService class to Linux and Mac OS X. session->ssl_config_service()->GetSSLConfig(&ssl_config_); -#endif } int HttpNetworkTransaction::Start(const HttpRequestInfo* request_info, diff --git a/net/http/http_network_transaction_unittest.cc b/net/http/http_network_transaction_unittest.cc index 164450e..d19df2c 100644 --- a/net/http/http_network_transaction_unittest.cc +++ b/net/http/http_network_transaction_unittest.cc @@ -7,6 +7,7 @@ #include "base/compiler_specific.h" #include "net/base/completion_callback.h" #include "net/base/mock_host_resolver.h" +#include "net/base/ssl_config_service_defaults.h" #include "net/base/ssl_info.h" #include "net/base/test_completion_callback.h" #include "net/base/upload_data.h" @@ -35,15 +36,20 @@ ProxyService* CreateNullProxyService() { class SessionDependencies { public: // Default set of dependencies -- "null" proxy service. - SessionDependencies() : host_resolver(new MockHostResolver), - proxy_service(CreateNullProxyService()) {} + SessionDependencies() + : host_resolver(new MockHostResolver), + proxy_service(CreateNullProxyService()), + ssl_config_service(new SSLConfigServiceDefaults) {} // Custom proxy service dependency. explicit SessionDependencies(ProxyService* proxy_service) - : host_resolver(new MockHostResolver), proxy_service(proxy_service) {} + : host_resolver(new MockHostResolver), + proxy_service(proxy_service), + ssl_config_service(new SSLConfigServiceDefaults) {} scoped_refptr<MockHostResolverBase> host_resolver; scoped_refptr<ProxyService> proxy_service; + scoped_refptr<SSLConfigService> ssl_config_service; MockClientSocketFactory socket_factory; }; @@ -57,7 +63,8 @@ ProxyService* CreateFixedProxyService(const std::string& proxy) { HttpNetworkSession* CreateSession(SessionDependencies* session_deps) { return new HttpNetworkSession(session_deps->host_resolver, session_deps->proxy_service, - &session_deps->socket_factory); + &session_deps->socket_factory, + session_deps->ssl_config_service); } class HttpNetworkTransactionTest : public PlatformTest { diff --git a/net/net.gyp b/net/net.gyp index 0680f4c..b373722 100644 --- a/net/net.gyp +++ b/net/net.gyp @@ -121,8 +121,10 @@ 'base/ssl_cert_request_info.h', 'base/ssl_client_auth_cache.cc', 'base/ssl_client_auth_cache.h', - 'base/ssl_config_service.cc', 'base/ssl_config_service.h', + 'base/ssl_config_service_defaults.h', + 'base/ssl_config_service_win.cc', + 'base/ssl_config_service_win.h', 'base/ssl_info.h', 'base/telnet_server.cc', 'base/telnet_server.h', @@ -390,7 +392,6 @@ }, { # else: OS != "win" 'sources!': [ - 'base/ssl_config_service.cc', 'base/wininet_util.cc', 'base/winsock_init.cc', 'proxy/proxy_resolver_winhttp.cc', @@ -471,7 +472,7 @@ 'base/run_all_unittests.cc', 'base/sdch_filter_unittest.cc', 'base/ssl_client_auth_cache_unittest.cc', - 'base/ssl_config_service_unittest.cc', + 'base/ssl_config_service_win_unittest.cc', 'base/telnet_server_unittest.cc', 'base/test_completion_callback_unittest.cc', 'base/wininet_util_unittest.cc', @@ -543,15 +544,11 @@ ], 'sources!': [ 'base/sdch_filter_unittest.cc', - 'base/ssl_config_service_unittest.cc', ], }, ], [ 'OS == "mac"', { 'sources/': [ ['exclude', '_(linux|win)_unittest\\.cc$'] ], - 'sources!': [ - 'base/ssl_config_service_unittest.cc', - ], }, ], # This is needed to trigger the dll copy step on windows. diff --git a/net/proxy/proxy_script_fetcher_unittest.cc b/net/proxy/proxy_script_fetcher_unittest.cc index d421438..e56e4a8 100644 --- a/net/proxy/proxy_script_fetcher_unittest.cc +++ b/net/proxy/proxy_script_fetcher_unittest.cc @@ -8,6 +8,7 @@ #include "base/compiler_specific.h" #include "base/path_service.h" #include "net/base/net_util.h" +#include "net/base/ssl_config_service_defaults.h" #include "net/disk_cache/disk_cache.h" #include "net/http/http_cache.h" #include "net/url_request/url_request_unittest.h" @@ -32,10 +33,11 @@ class RequestContext : public URLRequestContext { net::ProxyConfig no_proxy; host_resolver_ = net::CreateSystemHostResolver(); proxy_service_ = net::ProxyService::CreateFixed(no_proxy); + ssl_config_service_ = new net::SSLConfigServiceDefaults; http_transaction_factory_ = new net::HttpCache(net::HttpNetworkLayer::CreateFactory( - host_resolver_, proxy_service_), + host_resolver_, proxy_service_, ssl_config_service_), disk_cache::CreateInMemoryCacheBackend(0)); } ~RequestContext() { diff --git a/net/tools/fetch/fetch_client.cc b/net/tools/fetch/fetch_client.cc index 0031ff4..f8b89df 100644 --- a/net/tools/fetch/fetch_client.cc +++ b/net/tools/fetch/fetch_client.cc @@ -2,6 +2,8 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. +#include "build/build_config.h" + #include "base/at_exit.h" #include "base/command_line.h" #include "base/message_loop.h" @@ -12,6 +14,11 @@ #include "net/base/host_resolver.h" #include "net/base/io_buffer.h" #include "net/base/net_errors.h" +#if defined(OS_WIN) +#include "net/base/ssl_config_service_win.h" +#else +#include "net/base/ssl_config_service_defaults.h" +#endif #include "net/http/http_cache.h" #include "net/http/http_network_layer.h" #include "net/http/http_request_info.h" @@ -132,13 +139,21 @@ int main(int argc, char**argv) { net::CreateSystemHostResolver()); scoped_refptr<net::ProxyService> proxy_service(net::ProxyService::CreateNull()); +#if defined(OS_WIN) + scoped_refptr<net::SSLConfigService> ssl_config_service( + new net::SSLConfigServiceWin); +#else + scoped_refptr<net::SSLConfigService> ssl_config_service( + new net::SSLConfigServiceDefaults); +#endif net::HttpTransactionFactory* factory = NULL; if (use_cache) { - factory = new net::HttpCache(host_resolver, proxy_service, 0); + factory = new net::HttpCache(host_resolver, proxy_service, + ssl_config_service, 0); } else { factory = new net::HttpNetworkLayer( net::ClientSocketFactory::GetDefaultFactory(), host_resolver, - proxy_service); + proxy_service, ssl_config_service); } { diff --git a/net/url_request/url_request_context.h b/net/url_request/url_request_context.h index aac651a..72b02ec 100644 --- a/net/url_request/url_request_context.h +++ b/net/url_request/url_request_context.h @@ -15,6 +15,7 @@ #include "net/base/cookie_policy.h" #include "net/base/cookie_store.h" #include "net/base/host_resolver.h" +#include "net/base/ssl_config_service.h" #include "net/ftp/ftp_auth_cache.h" #include "net/proxy/proxy_service.h" @@ -45,6 +46,11 @@ class URLRequestContext : return proxy_service_; } + // Get the ssl config service for this context. + net::SSLConfigService* ssl_config_service() const { + return ssl_config_service_; + } + // Gets the http transaction factory for this context. net::HttpTransactionFactory* http_transaction_factory() { return http_transaction_factory_; @@ -108,6 +114,7 @@ class URLRequestContext : // subclasses. scoped_refptr<net::HostResolver> host_resolver_; scoped_refptr<net::ProxyService> proxy_service_; + scoped_refptr<net::SSLConfigService> ssl_config_service_; net::HttpTransactionFactory* http_transaction_factory_; net::FtpTransactionFactory* ftp_transaction_factory_; net::CookieStore* cookie_store_; diff --git a/net/url_request/url_request_unittest.cc b/net/url_request/url_request_unittest.cc index 93c29f2..d68175b 100644 --- a/net/url_request/url_request_unittest.cc +++ b/net/url_request/url_request_unittest.cc @@ -50,9 +50,11 @@ class URLRequestTestContext : public URLRequestContext { host_resolver_ = net::CreateSystemHostResolver(); proxy_service_ = net::ProxyService::CreateNull(); ftp_transaction_factory_ = new net::FtpNetworkLayer(host_resolver_); + ssl_config_service_ = new net::SSLConfigServiceDefaults; http_transaction_factory_ = new net::HttpCache( - net::HttpNetworkLayer::CreateFactory(host_resolver_, proxy_service_), + net::HttpNetworkLayer::CreateFactory(host_resolver_, proxy_service_, + ssl_config_service_), disk_cache::CreateInMemoryCacheBackend(0)); // In-memory cookie store. cookie_store_ = new net::CookieMonster(); diff --git a/net/url_request/url_request_unittest.h b/net/url_request/url_request_unittest.h index 22e9b99..e058957 100644 --- a/net/url_request/url_request_unittest.h +++ b/net/url_request/url_request_unittest.h @@ -24,6 +24,7 @@ #include "net/base/host_resolver.h" #include "net/base/io_buffer.h" #include "net/base/net_errors.h" +#include "net/base/ssl_config_service_defaults.h" #include "net/http/http_network_layer.h" #include "net/socket/ssl_test_util.h" #include "net/url_request/url_request.h" @@ -45,9 +46,10 @@ class TestURLRequestContext : public URLRequestContext { TestURLRequestContext() { host_resolver_ = net::CreateSystemHostResolver(); proxy_service_ = net::ProxyService::CreateNull(); + ssl_config_service_ = new net::SSLConfigServiceDefaults; http_transaction_factory_ = net::HttpNetworkLayer::CreateFactory(host_resolver_, - proxy_service_); + proxy_service_, ssl_config_service_); } explicit TestURLRequestContext(const std::string& proxy) { @@ -55,9 +57,10 @@ class TestURLRequestContext : public URLRequestContext { net::ProxyConfig proxy_config; proxy_config.proxy_rules.ParseFromString(proxy); proxy_service_ = net::ProxyService::CreateFixed(proxy_config); + ssl_config_service_ = new net::SSLConfigServiceDefaults; http_transaction_factory_ = net::HttpNetworkLayer::CreateFactory(host_resolver_, - proxy_service_); + proxy_service_, ssl_config_service_); } virtual ~TestURLRequestContext() { |