summaryrefslogtreecommitdiffstats
path: root/net/http
diff options
context:
space:
mode:
Diffstat (limited to 'net/http')
-rw-r--r--net/http/disk_cache_based_ssl_host_info.cc4
-rw-r--r--net/http/http_cache.cc5
-rw-r--r--net/http/http_cache.h2
-rw-r--r--net/http/http_network_layer.cc11
-rw-r--r--net/http/http_network_layer.h16
-rw-r--r--net/http/http_network_layer_unittest.cc7
-rw-r--r--net/http/http_network_session.cc3
-rw-r--r--net/http/http_network_session.h4
-rw-r--r--net/http/http_network_transaction_unittest.cc10
-rw-r--r--net/http/http_proxy_client_socket_pool_unittest.cc4
-rw-r--r--net/http/http_response_body_drainer_unittest.cc1
-rw-r--r--net/http/http_stream_factory_unittest.cc7
12 files changed, 62 insertions, 12 deletions
diff --git a/net/http/disk_cache_based_ssl_host_info.cc b/net/http/disk_cache_based_ssl_host_info.cc
index 2b83f56..1b1dfaf 100644
--- a/net/http/disk_cache_based_ssl_host_info.cc
+++ b/net/http/disk_cache_based_ssl_host_info.cc
@@ -9,6 +9,7 @@
#include "net/base/io_buffer.h"
#include "net/base/net_errors.h"
#include "net/http/http_cache.h"
+#include "net/http/http_network_session.h"
namespace net {
@@ -16,7 +17,8 @@ DiskCacheBasedSSLHostInfo::DiskCacheBasedSSLHostInfo(
const std::string& hostname,
const SSLConfig& ssl_config,
HttpCache* http_cache)
- : SSLHostInfo(hostname, ssl_config),
+ : SSLHostInfo(hostname, ssl_config,
+ http_cache->network_layer()->GetSession()->cert_verifier()),
weak_ptr_factory_(ALLOW_THIS_IN_INITIALIZER_LIST(this)),
callback_(new CallbackImpl(weak_ptr_factory_.GetWeakPtr(),
&DiskCacheBasedSSLHostInfo::DoLoop)),
diff --git a/net/http/http_cache.cc b/net/http/http_cache.cc
index ea4e48b..51cc55f 100644
--- a/net/http/http_cache.cc
+++ b/net/http/http_cache.cc
@@ -263,7 +263,7 @@ void HttpCache::MetadataWriter::OnIOComplete(int result) {
class HttpCache::SSLHostInfoFactoryAdaptor : public SSLHostInfoFactory {
public:
- SSLHostInfoFactoryAdaptor(HttpCache* http_cache)
+ explicit SSLHostInfoFactoryAdaptor(HttpCache* http_cache)
: http_cache_(http_cache) {
}
@@ -279,6 +279,7 @@ class HttpCache::SSLHostInfoFactoryAdaptor : public SSLHostInfoFactory {
//-----------------------------------------------------------------------------
HttpCache::HttpCache(HostResolver* host_resolver,
+ CertVerifier* cert_verifier,
DnsRRResolver* dnsrr_resolver,
DnsCertProvenanceChecker* dns_cert_checker_,
ProxyService* proxy_service,
@@ -293,7 +294,7 @@ HttpCache::HttpCache(HostResolver* host_resolver,
ssl_host_info_factory_(new SSLHostInfoFactoryAdaptor(
ALLOW_THIS_IN_INITIALIZER_LIST(this))),
network_layer_(HttpNetworkLayer::CreateFactory(host_resolver,
- dnsrr_resolver, dns_cert_checker_,
+ cert_verifier, dnsrr_resolver, dns_cert_checker_,
ssl_host_info_factory_.get(),
proxy_service, ssl_config_service,
http_auth_handler_factory, network_delegate, net_log)),
diff --git a/net/http/http_cache.h b/net/http/http_cache.h
index 4b7d736..5c812da 100644
--- a/net/http/http_cache.h
+++ b/net/http/http_cache.h
@@ -41,6 +41,7 @@ class Entry;
namespace net {
+class CertVerifier;
class DnsCertProvenanceChecker;
class DnsRRResolver;
class HostResolver;
@@ -117,6 +118,7 @@ class HttpCache : public HttpTransactionFactory,
// The disk cache is initialized lazily (by CreateTransaction) in this case.
// The HttpCache takes ownership of the |backend_factory|.
HttpCache(HostResolver* host_resolver,
+ CertVerifier* cert_verifier,
DnsRRResolver* dnsrr_resolver,
DnsCertProvenanceChecker* dns_cert_checker,
ProxyService* proxy_service,
diff --git a/net/http/http_network_layer.cc b/net/http/http_network_layer.cc
index 3da23c2..3d3c5dd 100644
--- a/net/http/http_network_layer.cc
+++ b/net/http/http_network_layer.cc
@@ -21,6 +21,7 @@ namespace net {
// static
HttpTransactionFactory* HttpNetworkLayer::CreateFactory(
HostResolver* host_resolver,
+ CertVerifier* cert_verifier,
DnsRRResolver* dnsrr_resolver,
DnsCertProvenanceChecker* dns_cert_checker,
SSLHostInfoFactory* ssl_host_info_factory,
@@ -32,7 +33,7 @@ HttpTransactionFactory* HttpNetworkLayer::CreateFactory(
DCHECK(proxy_service);
return new HttpNetworkLayer(ClientSocketFactory::GetDefaultFactory(),
- host_resolver, dnsrr_resolver,
+ host_resolver, cert_verifier, dnsrr_resolver,
dns_cert_checker,
ssl_host_info_factory, proxy_service,
ssl_config_service, http_auth_handler_factory,
@@ -52,6 +53,7 @@ HttpTransactionFactory* HttpNetworkLayer::CreateFactory(
HttpNetworkLayer::HttpNetworkLayer(
ClientSocketFactory* socket_factory,
HostResolver* host_resolver,
+ CertVerifier* cert_verifier,
DnsRRResolver* dnsrr_resolver,
DnsCertProvenanceChecker* dns_cert_checker,
SSLHostInfoFactory* ssl_host_info_factory,
@@ -62,6 +64,7 @@ HttpNetworkLayer::HttpNetworkLayer(
NetLog* net_log)
: socket_factory_(socket_factory),
host_resolver_(host_resolver),
+ cert_verifier_(cert_verifier),
dnsrr_resolver_(dnsrr_resolver),
dns_cert_checker_(dns_cert_checker),
ssl_host_info_factory_(ssl_host_info_factory),
@@ -80,6 +83,7 @@ HttpNetworkLayer::HttpNetworkLayer(
HttpNetworkLayer::HttpNetworkLayer(
ClientSocketFactory* socket_factory,
HostResolver* host_resolver,
+ CertVerifier* cert_verifier,
DnsRRResolver* dnsrr_resolver,
DnsCertProvenanceChecker* dns_cert_checker,
SSLHostInfoFactory* ssl_host_info_factory,
@@ -91,6 +95,7 @@ HttpNetworkLayer::HttpNetworkLayer(
NetLog* net_log)
: socket_factory_(socket_factory),
host_resolver_(host_resolver),
+ cert_verifier_(cert_verifier),
dnsrr_resolver_(dnsrr_resolver),
dns_cert_checker_(dns_cert_checker),
ssl_host_info_factory_(ssl_host_info_factory),
@@ -108,6 +113,8 @@ HttpNetworkLayer::HttpNetworkLayer(
HttpNetworkLayer::HttpNetworkLayer(HttpNetworkSession* session)
: socket_factory_(ClientSocketFactory::GetDefaultFactory()),
+ host_resolver_(NULL),
+ cert_verifier_(NULL),
dnsrr_resolver_(NULL),
dns_cert_checker_(NULL),
ssl_host_info_factory_(NULL),
@@ -150,6 +157,7 @@ HttpNetworkSession* HttpNetworkLayer::GetSession() {
spdy_session_pool_.reset(new SpdySessionPool(ssl_config_service_));
session_ = new HttpNetworkSession(
host_resolver_,
+ cert_verifier_,
dnsrr_resolver_,
dns_cert_checker_,
ssl_host_info_factory_,
@@ -162,6 +170,7 @@ HttpNetworkSession* HttpNetworkLayer::GetSession() {
net_log_);
// These were just temps for lazy-initializing HttpNetworkSession.
host_resolver_ = NULL;
+ cert_verifier_ = NULL;
dnsrr_resolver_ = NULL;
dns_cert_checker_ = NULL;
ssl_host_info_factory_ = NULL;
diff --git a/net/http/http_network_layer.h b/net/http/http_network_layer.h
index 7781efb..91e1a86 100644
--- a/net/http/http_network_layer.h
+++ b/net/http/http_network_layer.h
@@ -15,6 +15,7 @@
namespace net {
+class CertVerifier;
class ClientSocketFactory;
class DnsCertProvenanceChecker;
class DnsRRResolver;
@@ -30,10 +31,12 @@ class SSLHostInfoFactory;
class HttpNetworkLayer : public HttpTransactionFactory, public NonThreadSafe {
public:
- // |socket_factory|, |proxy_service| and |host_resolver| must remain valid for
- // the lifetime of HttpNetworkLayer.
+ // |socket_factory|, |proxy_service|, |host_resolver|, etc. must remain
+ // valid for the lifetime of HttpNetworkLayer.
+ // TODO(wtc): we only need the next constructor.
HttpNetworkLayer(ClientSocketFactory* socket_factory,
HostResolver* host_resolver,
+ CertVerifier* cert_verifier,
DnsRRResolver* dnsrr_resolver,
DnsCertProvenanceChecker* dns_cert_checker,
SSLHostInfoFactory* ssl_host_info_factory,
@@ -42,11 +45,10 @@ class HttpNetworkLayer : public HttpTransactionFactory, public NonThreadSafe {
HttpAuthHandlerFactory* http_auth_handler_factory,
HttpNetworkDelegate* network_delegate,
NetLog* net_log);
- // Construct a HttpNetworkLayer with an existing HttpNetworkSession which
- // contains a valid ProxyService.
HttpNetworkLayer(
ClientSocketFactory* socket_factory,
HostResolver* host_resolver,
+ CertVerifier* cert_verifier,
DnsRRResolver* dnsrr_resolver,
DnsCertProvenanceChecker* dns_cert_checker,
SSLHostInfoFactory* ssl_host_info_factory,
@@ -57,6 +59,8 @@ class HttpNetworkLayer : public HttpTransactionFactory, public NonThreadSafe {
HttpNetworkDelegate* network_delegate,
NetLog* net_log);
+ // Construct a HttpNetworkLayer with an existing HttpNetworkSession which
+ // contains a valid ProxyService.
explicit HttpNetworkLayer(HttpNetworkSession* session);
~HttpNetworkLayer();
@@ -64,6 +68,7 @@ class HttpNetworkLayer : public HttpTransactionFactory, public NonThreadSafe {
// and allows other implementations to be substituted.
static HttpTransactionFactory* CreateFactory(
HostResolver* host_resolver,
+ CertVerifier* cert_verifier,
DnsRRResolver* dnsrr_resolver,
DnsCertProvenanceChecker* dns_cert_checker,
SSLHostInfoFactory* ssl_host_info_factory,
@@ -100,9 +105,10 @@ class HttpNetworkLayer : public HttpTransactionFactory, public NonThreadSafe {
// The factory we will use to create network sockets.
ClientSocketFactory* socket_factory_;
- // The host resolver and proxy service that will be used when lazily
+ // The host resolver, proxy service, etc. that will be used when lazily
// creating |session_|.
HostResolver* host_resolver_;
+ CertVerifier* cert_verifier_;
DnsRRResolver* dnsrr_resolver_;
DnsCertProvenanceChecker* dns_cert_checker_;
SSLHostInfoFactory* ssl_host_info_factory_;
diff --git a/net/http/http_network_layer_unittest.cc b/net/http/http_network_layer_unittest.cc
index 3ed54bf..2720c10 100644
--- a/net/http/http_network_layer_unittest.cc
+++ b/net/http/http_network_layer_unittest.cc
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
+#include "net/base/cert_verifier.h"
#include "net/base/mock_host_resolver.h"
#include "net/base/net_log.h"
#include "net/base/ssl_config_service_defaults.h"
@@ -21,9 +22,11 @@ class HttpNetworkLayerTest : public PlatformTest {
TEST_F(HttpNetworkLayerTest, CreateAndDestroy) {
MockHostResolver host_resolver;
+ net::CertVerifier cert_verifier;
net::HttpNetworkLayer factory(
NULL,
&host_resolver,
+ &cert_verifier,
NULL /* dnsrr_resolver */,
NULL /* dns_cert_checker */,
NULL /* ssl_host_info_factory */,
@@ -41,9 +44,11 @@ TEST_F(HttpNetworkLayerTest, CreateAndDestroy) {
TEST_F(HttpNetworkLayerTest, Suspend) {
MockHostResolver host_resolver;
+ net::CertVerifier cert_verifier;
net::HttpNetworkLayer factory(
NULL,
&host_resolver,
+ &cert_verifier,
NULL /* dnsrr_resolver */,
NULL /* dns_cert_checker */,
NULL /* ssl_host_info_factory */,
@@ -90,9 +95,11 @@ TEST_F(HttpNetworkLayerTest, GET) {
mock_socket_factory.AddSocketDataProvider(&data);
MockHostResolver host_resolver;
+ net::CertVerifier cert_verifier;
net::HttpNetworkLayer factory(
&mock_socket_factory,
&host_resolver,
+ &cert_verifier,
NULL /* dnsrr_resolver */,
NULL /* dns_cert_checker */,
NULL /* ssl_host_info_factory */,
diff --git a/net/http/http_network_session.cc b/net/http/http_network_session.cc
index 1e77b49..e3de475 100644
--- a/net/http/http_network_session.cc
+++ b/net/http/http_network_session.cc
@@ -20,6 +20,7 @@ namespace net {
// TODO(mbelshe): Move the socket factories into HttpStreamFactory.
HttpNetworkSession::HttpNetworkSession(
HostResolver* host_resolver,
+ CertVerifier* cert_verifier,
DnsRRResolver* dnsrr_resolver,
DnsCertProvenanceChecker* dns_cert_checker,
SSLHostInfoFactory* ssl_host_info_factory,
@@ -32,6 +33,7 @@ HttpNetworkSession::HttpNetworkSession(
NetLog* net_log)
: socket_factory_(client_socket_factory),
host_resolver_(host_resolver),
+ cert_verifier_(cert_verifier),
dnsrr_resolver_(dnsrr_resolver),
dns_cert_checker_(dns_cert_checker),
proxy_service_(proxy_service),
@@ -39,6 +41,7 @@ HttpNetworkSession::HttpNetworkSession(
socket_pool_manager_(net_log,
client_socket_factory,
host_resolver,
+ cert_verifier,
dnsrr_resolver,
dns_cert_checker,
ssl_host_info_factory,
diff --git a/net/http/http_network_session.h b/net/http/http_network_session.h
index 43424d2..2c923b6 100644
--- a/net/http/http_network_session.h
+++ b/net/http/http_network_session.h
@@ -28,6 +28,7 @@ class Value;
namespace net {
+class CertVerifier;
class ClientSocketFactory;
class DnsCertProvenanceChecker;
class DnsRRResolver;
@@ -48,6 +49,7 @@ class HttpNetworkSession : public base::RefCounted<HttpNetworkSession>,
public:
HttpNetworkSession(
HostResolver* host_resolver,
+ CertVerifier* cert_verifier,
DnsRRResolver* dnsrr_resolver,
DnsCertProvenanceChecker* dns_cert_checker,
SSLHostInfoFactory* ssl_host_info_factory,
@@ -109,6 +111,7 @@ class HttpNetworkSession : public base::RefCounted<HttpNetworkSession>,
// SSL sockets come from the socket_factory().
ClientSocketFactory* socket_factory() { return socket_factory_; }
HostResolver* host_resolver() { return host_resolver_; }
+ CertVerifier* cert_verifier() { return cert_verifier_; }
DnsRRResolver* dnsrr_resolver() { return dnsrr_resolver_; }
DnsCertProvenanceChecker* dns_cert_checker() {
return dns_cert_checker_;
@@ -152,6 +155,7 @@ class HttpNetworkSession : public base::RefCounted<HttpNetworkSession>,
SSLClientAuthCache ssl_client_auth_cache_;
HttpAlternateProtocols alternate_protocols_;
HostResolver* const host_resolver_;
+ CertVerifier* cert_verifier_;
DnsRRResolver* dnsrr_resolver_;
DnsCertProvenanceChecker* dns_cert_checker_;
scoped_refptr<ProxyService> proxy_service_;
diff --git a/net/http/http_network_transaction_unittest.cc b/net/http/http_network_transaction_unittest.cc
index 95a8599..79047e1 100644
--- a/net/http/http_network_transaction_unittest.cc
+++ b/net/http/http_network_transaction_unittest.cc
@@ -74,6 +74,7 @@ struct SessionDependencies {
// Default set of dependencies -- "null" proxy service.
SessionDependencies()
: host_resolver(new MockHostResolver),
+ cert_verifier(new CertVerifier),
proxy_service(ProxyService::CreateDirect()),
ssl_config_service(new SSLConfigServiceDefaults),
http_auth_handler_factory(
@@ -83,6 +84,7 @@ struct SessionDependencies {
// Custom proxy service dependency.
explicit SessionDependencies(ProxyService* proxy_service)
: host_resolver(new MockHostResolver),
+ cert_verifier(new CertVerifier),
proxy_service(proxy_service),
ssl_config_service(new SSLConfigServiceDefaults),
http_auth_handler_factory(
@@ -90,6 +92,7 @@ struct SessionDependencies {
net_log(NULL) {}
scoped_ptr<MockHostResolverBase> host_resolver;
+ scoped_ptr<CertVerifier> cert_verifier;
scoped_refptr<ProxyService> proxy_service;
scoped_refptr<SSLConfigService> ssl_config_service;
MockClientSocketFactory socket_factory;
@@ -99,6 +102,7 @@ struct SessionDependencies {
HttpNetworkSession* CreateSession(SessionDependencies* session_deps) {
return new HttpNetworkSession(session_deps->host_resolver.get(),
+ session_deps->cert_verifier.get(),
NULL /* dnsrr_resolver */,
NULL /* dns_cert_checker */,
NULL /* ssl_host_info_factory */,
@@ -310,7 +314,8 @@ CaptureGroupNameHttpProxySocketPool::CaptureGroupNameSocketPool(
template<>
CaptureGroupNameSSLSocketPool::CaptureGroupNameSocketPool(
HttpNetworkSession* session)
- : SSLClientSocketPool(0, 0, NULL, session->host_resolver(), NULL, NULL,
+ : SSLClientSocketPool(0, 0, NULL, session->host_resolver(),
+ session->cert_verifier(), NULL, NULL,
NULL, NULL, NULL, NULL, NULL, NULL, NULL) {}
//-----------------------------------------------------------------------------
@@ -6679,7 +6684,8 @@ TEST_F(HttpNetworkTransactionTest,
session->ssl_config_service()->GetSSLConfig(&ssl_config);
ClientSocket* socket = connection->release_socket();
socket = session->socket_factory()->CreateSSLClientSocket(
- socket, HostPortPair("" , 443), ssl_config, NULL /* ssl_host_info */);
+ socket, HostPortPair("" , 443), ssl_config, NULL /* ssl_host_info */,
+ session->cert_verifier());
connection->set_socket(socket);
EXPECT_EQ(ERR_IO_PENDING, socket->Connect(&callback));
EXPECT_EQ(OK, callback.WaitForResult());
diff --git a/net/http/http_proxy_client_socket_pool_unittest.cc b/net/http/http_proxy_client_socket_pool_unittest.cc
index 56fae19..478a312 100644
--- a/net/http/http_proxy_client_socket_pool_unittest.cc
+++ b/net/http/http_proxy_client_socket_pool_unittest.cc
@@ -62,9 +62,11 @@ class HttpProxyClientSocketPoolTest : public TestWithHttpParam {
ssl_histograms_("MockSSL"),
ssl_config_service_(new SSLConfigServiceDefaults),
host_resolver_(new MockHostResolver),
+ cert_verifier_(new CertVerifier),
ssl_socket_pool_(kMaxSockets, kMaxSocketsPerGroup,
&ssl_histograms_,
host_resolver_.get(),
+ cert_verifier_.get(),
NULL /* dnsrr_resolver */,
NULL /* dns_cert_checker */,
NULL /* ssl_host_info_factory */,
@@ -77,6 +79,7 @@ class HttpProxyClientSocketPoolTest : public TestWithHttpParam {
http_auth_handler_factory_(
HttpAuthHandlerFactory::CreateDefault(host_resolver_.get())),
session_(new HttpNetworkSession(host_resolver_.get(),
+ cert_verifier_.get(),
NULL /* dnsrr_resolver */,
NULL /* dns_cert_checker */,
NULL /* ssl_host_info_factory */,
@@ -192,6 +195,7 @@ class HttpProxyClientSocketPoolTest : public TestWithHttpParam {
ClientSocketPoolHistograms ssl_histograms_;
scoped_refptr<SSLConfigService> ssl_config_service_;
scoped_ptr<HostResolver> host_resolver_;
+ scoped_ptr<CertVerifier> cert_verifier_;
SSLClientSocketPool ssl_socket_pool_;
scoped_ptr<HttpAuthHandlerFactory> http_auth_handler_factory_;
diff --git a/net/http/http_response_body_drainer_unittest.cc b/net/http/http_response_body_drainer_unittest.cc
index 75f099a..76304f8 100644
--- a/net/http/http_response_body_drainer_unittest.cc
+++ b/net/http/http_response_body_drainer_unittest.cc
@@ -178,6 +178,7 @@ class HttpResponseBodyDrainerTest : public testing::Test {
NULL /* host_resolver */,
NULL /* dnsrr_resolver */,
NULL /* dns_cert_checker */,
+ NULL,
NULL /* ssl_host_info_factory */,
ProxyService::CreateDirect(),
NULL,
diff --git a/net/http/http_stream_factory_unittest.cc b/net/http/http_stream_factory_unittest.cc
index 63fce33..646f79c 100644
--- a/net/http/http_stream_factory_unittest.cc
+++ b/net/http/http_stream_factory_unittest.cc
@@ -7,6 +7,7 @@
#include <string>
#include "base/basictypes.h"
+#include "net/base/cert_verifier.h"
#include "net/base/mock_host_resolver.h"
#include "net/base/net_log.h"
#include "net/base/ssl_config_service_defaults.h"
@@ -27,6 +28,7 @@ struct SessionDependencies {
// Custom proxy service dependency.
explicit SessionDependencies(ProxyService* proxy_service)
: host_resolver(new MockHostResolver),
+ cert_verifier(new CertVerifier),
proxy_service(proxy_service),
ssl_config_service(new SSLConfigServiceDefaults),
http_auth_handler_factory(
@@ -34,6 +36,7 @@ struct SessionDependencies {
net_log(NULL) {}
scoped_ptr<MockHostResolverBase> host_resolver;
+ scoped_ptr<CertVerifier> cert_verifier;
scoped_refptr<ProxyService> proxy_service;
scoped_refptr<SSLConfigService> ssl_config_service;
MockClientSocketFactory socket_factory;
@@ -43,6 +46,7 @@ struct SessionDependencies {
HttpNetworkSession* CreateSession(SessionDependencies* session_deps) {
return new HttpNetworkSession(session_deps->host_resolver.get(),
+ session_deps->cert_verifier.get(),
NULL /* dnsrr_resolver */,
NULL /* dns_cert_checker */,
NULL /* ssl_host_info_factory */,
@@ -170,7 +174,8 @@ CapturePreconnectsHttpProxySocketPool::CapturePreconnectsSocketPool(
template<>
CapturePreconnectsSSLSocketPool::CapturePreconnectsSocketPool(
HttpNetworkSession* session)
- : SSLClientSocketPool(0, 0, NULL, session->host_resolver(), NULL, NULL,
+ : SSLClientSocketPool(0, 0, NULL, session->host_resolver(),
+ session->cert_verifier(), NULL, NULL,
NULL, NULL, NULL, NULL, NULL, NULL, NULL) {}
TEST(HttpStreamFactoryTest, PreconnectDirect) {