// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "net/cert/multi_threaded_cert_verifier.h" #include "base/check_op.h" #include "base/functional/bind.h" #include "base/functional/callback_helpers.h" #include "base/memory/raw_ptr.h" #include "base/memory/weak_ptr.h" #include "base/task/thread_pool.h" #include "base/threading/thread_restrictions.h" #include "net/base/net_errors.h" #include "net/base/trace_constants.h" #include "net/base/tracing.h" #include "net/cert/cert_verify_proc.h" #include "net/cert/cert_verify_result.h" #include "net/cert/x509_certificate.h" #include "net/log/net_log_event_type.h" #include "net/log/net_log_source_type.h" #include "net/log/net_log_with_source.h" namespace net { // Allows DoVerifyOnWorkerThread to wait on a base::WaitableEvent. // DoVerifyOnWorkerThread may wait on network operations done on a separate // sequence. For instance when using the NSS-based implementation of certificate // verification, the library requires a blocking callback for fetching OCSP and // AIA responses. class [[maybe_unused, nodiscard]] MultiThreadedCertVerifierScopedAllowBaseSyncPrimitives : public base::ScopedAllowBaseSyncPrimitives{ … }; namespace { // Used to pass the result of DoVerifyOnWorkerThread() to // MultiThreadedCertVerifier::InternalRequest::OnJobComplete(). struct ResultHelper { … }; int GetFlagsForConfig(const CertVerifier::Config& config) { … } // Runs the verification synchronously on a worker thread. std::unique_ptr<ResultHelper> DoVerifyOnWorkerThread( const scoped_refptr<CertVerifyProc>& verify_proc, const scoped_refptr<X509Certificate>& cert, const std::string& hostname, const std::string& ocsp_response, const std::string& sct_list, int flags, const NetLogWithSource& net_log) { … } } // namespace // Helper to allow callers to cancel pending CertVerifier::Verify requests. // Note that because the CertVerifyProc is blocking, it's not actually // possible to cancel the in-progress request; instead, this simply guarantees // that the provided callback will not be invoked if the Request is deleted. class MultiThreadedCertVerifier::InternalRequest : public CertVerifier::Request, public base::LinkNode<InternalRequest> { … }; MultiThreadedCertVerifier::InternalRequest::InternalRequest( CompletionOnceCallback callback, CertVerifyResult* caller_result) : … { … } MultiThreadedCertVerifier::InternalRequest::~InternalRequest() { … } void MultiThreadedCertVerifier::InternalRequest::Start( const scoped_refptr<CertVerifyProc>& verify_proc, const CertVerifier::Config& config, const CertVerifier::RequestParams& params, const NetLogWithSource& caller_net_log) { … } // static void MultiThreadedCertVerifier::InternalRequest::OnJobComplete( base::WeakPtr<InternalRequest> self, std::unique_ptr<ResultHelper> verify_result) { … } MultiThreadedCertVerifier::MultiThreadedCertVerifier( scoped_refptr<CertVerifyProc> verify_proc, scoped_refptr<CertVerifyProcFactory> verify_proc_factory) : … { … } MultiThreadedCertVerifier::~MultiThreadedCertVerifier() { … } int MultiThreadedCertVerifier::Verify(const RequestParams& params, CertVerifyResult* verify_result, CompletionOnceCallback callback, std::unique_ptr<Request>* out_req, const NetLogWithSource& net_log) { … } void MultiThreadedCertVerifier::UpdateVerifyProcData( scoped_refptr<CertNetFetcher> cert_net_fetcher, const net::CertVerifyProc::ImplParams& impl_params, const net::CertVerifyProc::InstanceParams& instance_params) { … } void MultiThreadedCertVerifier::SetConfig(const CertVerifier::Config& config) { … } void MultiThreadedCertVerifier::AddObserver(Observer* observer) { … } void MultiThreadedCertVerifier::RemoveObserver(Observer* observer) { … } void MultiThreadedCertVerifier::NotifyCertVerifierChanged() { … } } // namespace net
Codebase Browser
chromium