Break cyclic dependency between CertDatabase and NSSCertDatabase.

Before: - CertDatabase::ObserveNSSCertDatabase(NSSCertDatabase* source) and implementation referenced NSSCertDatabase - NSSCertDatabase() referenced CertDatabase::GetInstance() Now: - CertDatabase has no reference to NSSCertDatabase. - NSSCertDatabase references CertDatabase. BUG=NONE Review URL: https://codereview.chromium.org/370633003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@282594 0039d316-1c4b-4281-b951-d872f2087c98

Break cyclic dependency between CertDatabase and NSSCertDatabase.
Before: - CertDatabase::ObserveNSSCertDatabase(NSSCertDatabase* source) and implementation referenced NSSCertDatabase - NSSCertDatabase() referenced CertDatabase::GetInstance() Now: - CertDatabase has no reference to NSSCertDatabase. - NSSCertDatabase references CertDatabase. BUG=NONE Review URL: https://codereview.chromium.org/370633003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@282594 0039d316-1c4b-4281-b951-d872f2087c98
6dd13f73 · pneubeck@chromium.org · da618e25 · 6dd13f73 · 6dd13f73 · 6dd13f73
Commit 6dd13f73 authored Jul 11, 2014 by pneubeck@chromium.org
4 changed files
--- a/net/cert/cert_database.h
+++ b/net/cert/cert_database.h
@@ -16,8 +16,6 @@ template <class ObserverType> class ObserverListThreadSafe;

 namespace net {

-class NSSCertDatabase;
-
 // This class provides cross-platform functions to verify and add user
 // certificates, and to observe changes to the underlying certificate stores.

@@ -28,15 +26,17 @@ class NSSCertDatabase;
 class NET_EXPORT CertDatabase {
 public:
  // A CertDatabase::Observer will be notified on certificate database changes.
-  // The change could be either a new user certificate is added or trust on
-  // a certificate is changed.  Observers can register themselves
-  // via CertDatabase::AddObserver, and can un-register with
+  // The change could be either a user certificate is added/removed or trust on
+  // a certificate is changed. Observers can be registered via
+  // CertDatabase::AddObserver, and can un-register with
  // CertDatabase::RemoveObserver.
  class NET_EXPORT Observer {
   public:
    virtual ~Observer() {}

-    // Will be called when a new certificate is added.
+    // Will be called when a new certificate is added. If the imported cert can
+    // be determined, |cert| will be non-NULL, but if not, or if multiple
+    // certificates were imported, |cert| may be NULL.
    virtual void OnCertAdded(const X509Certificate* cert) {}

    // Will be called when a certificate is removed.
@@ -93,11 +93,12 @@ class NET_EXPORT CertDatabase {
  void OnAndroidKeyChainChanged();
 #endif

-#if defined(USE_NSS)
-  // Observe events from the |source| and forward them to observers of this
-  // CertDatabase.
-  void ObserveNSSCertDatabase(NSSCertDatabase* source);
-#endif
+  // Synthetically injects notifications to all observers. In general, this
+  // should only be called by the creator of the CertDatabase. Used to inject
+  // notifcations from other DB interfaces.
+  void NotifyObserversOfCertAdded(const X509Certificate* cert);
+  void NotifyObserversOfCertRemoved(const X509Certificate* cert);
+  void NotifyObserversOfCACertChanged(const X509Certificate* cert);

 private:
  friend struct DefaultSingletonTraits<CertDatabase>;
@@ -105,14 +106,9 @@ class NET_EXPORT CertDatabase {
  CertDatabase();
  ~CertDatabase();

-  // Broadcasts notifications to all registered observers.
-  void NotifyObserversOfCertAdded(const X509Certificate* cert);
-  void NotifyObserversOfCertRemoved(const X509Certificate* cert);
-  void NotifyObserversOfCACertChanged(const X509Certificate* cert);
-
  const scoped_refptr<ObserverListThreadSafe<Observer> > observer_list_;

-#if defined(USE_NSS) || (defined(OS_MACOSX) && !defined(OS_IOS))
+#if defined(OS_MACOSX) && !defined(OS_IOS)
  class Notifier;
  friend class Notifier;
  scoped_ptr<Notifier> notifier_;

--- a/net/cert/cert_database_nss.cc
+++ b/net/cert/cert_database_nss.cc
@@ -13,42 +13,13 @@
 #include "crypto/nss_util.h"
 #include "crypto/scoped_nss_types.h"
 #include "net/base/net_errors.h"
-#include "net/cert/nss_cert_database.h"
 #include "net/cert/x509_certificate.h"
 #include "net/cert/x509_util_nss.h"

 namespace net {

-// Helper that observes events from the NSSCertDatabase and forwards them to
-// the given CertDatabase.
-class CertDatabase::Notifier : public NSSCertDatabase::Observer {
- public:
-  explicit Notifier(CertDatabase* cert_db) : cert_db_(cert_db) {}
-
-  virtual ~Notifier() {}
-
-  // NSSCertDatabase::Observer implementation:
-  virtual void OnCertAdded(const X509Certificate* cert) OVERRIDE {
-    cert_db_->NotifyObserversOfCertAdded(cert);
-  }
-
-  virtual void OnCertRemoved(const X509Certificate* cert) OVERRIDE {
-    cert_db_->NotifyObserversOfCertRemoved(cert);
-  }
-
-  virtual void OnCACertChanged(const X509Certificate* cert) OVERRIDE {
-    cert_db_->NotifyObserversOfCACertChanged(cert);
-  }
-
- private:
-  CertDatabase* cert_db_;
-
-  DISALLOW_COPY_AND_ASSIGN(Notifier);
-};
-
 CertDatabase::CertDatabase()
-    : observer_list_(new ObserverListThreadSafe<Observer>),
-      notifier_(new Notifier(this)) {
+    : observer_list_(new ObserverListThreadSafe<Observer>) {
  crypto::EnsureNSSInit();
 }

@@ -104,8 +75,4 @@ int CertDatabase::AddUserCert(X509Certificate* cert_obj) {
  return OK;
 }

-void CertDatabase::ObserveNSSCertDatabase(NSSCertDatabase* source) {
-  source->AddObserver(this->notifier_.get());
-}
-
 }  // namespace net
--- a/net/cert/nss_cert_database.cc
+++ b/net/cert/nss_cert_database.cc
@@ -42,6 +42,34 @@ namespace net {

 namespace {

+// Helper that observes events from the NSSCertDatabase and forwards them to
+// the given CertDatabase.
+class CertNotificationForwarder : public NSSCertDatabase::Observer {
+ public:
+  explicit CertNotificationForwarder(CertDatabase* cert_db)
+      : cert_db_(cert_db) {}
+
+  virtual ~CertNotificationForwarder() {}
+
+  // NSSCertDatabase::Observer implementation:
+  virtual void OnCertAdded(const X509Certificate* cert) OVERRIDE {
+    cert_db_->NotifyObserversOfCertAdded(cert);
+  }
+
+  virtual void OnCertRemoved(const X509Certificate* cert) OVERRIDE {
+    cert_db_->NotifyObserversOfCertRemoved(cert);
+  }
+
+  virtual void OnCACertChanged(const X509Certificate* cert) OVERRIDE {
+    cert_db_->NotifyObserversOfCACertChanged(cert);
+  }
+
+ private:
+  CertDatabase* cert_db_;
+
+  DISALLOW_COPY_AND_ASSIGN(CertNotificationForwarder);
+};
+
 base::LazyInstance<NSSCertDatabase>::Leaky
    g_nss_cert_database = LAZY_INSTANCE_INITIALIZER;

@@ -69,7 +97,9 @@ NSSCertDatabase::NSSCertDatabase()
    : observer_list_(new ObserverListThreadSafe<Observer>),
      weak_factory_(this) {
  // This also makes sure that NSS has been initialized.
-  CertDatabase::GetInstance()->ObserveNSSCertDatabase(this);
+  CertDatabase* cert_db = CertDatabase::GetInstance();
+  cert_notification_forwarder_.reset(new CertNotificationForwarder(cert_db));
+  AddObserver(cert_notification_forwarder_.get());

  psm::EnsurePKCS12Init();
 }

--- a/net/cert/nss_cert_database.h
+++ b/net/cert/nss_cert_database.h
@@ -31,6 +31,8 @@ class CryptoModule;
 typedef std::vector<scoped_refptr<CryptoModule> > CryptoModuleList;

 // Provides functions to manipulate the NSS certificate stores.
+// Forwards notifications about certificate changes to the global CertDatabase
+// singleton.
 class NET_EXPORT NSSCertDatabase {
 public:

@@ -225,19 +227,6 @@ class NET_EXPORT NSSCertDatabase {
  // Check whether cert is stored in a hardware slot.
  bool IsHardwareBacked(const X509Certificate* cert) const;

-  // Registers |observer| to receive notifications of certificate changes.  The
-  // thread on which this is called is the thread on which |observer| will be
-  // called back with notifications.
-  // NOTE: CertDatabase::AddObserver should be preferred. Observers registered
-  // here will only receive notifications generated directly through the
-  // NSSCertDatabase, but not those from the CertDatabase. The CertDatabase
-  // observers will receive both.
-  void AddObserver(Observer* observer);
-
-  // Unregisters |observer| from receiving notifications.  This must be called
-  // on the same thread on which AddObserver() was called.
-  void RemoveObserver(Observer* observer);
-
  // Overrides task runner that's used for running slow tasks.
  void SetSlowTaskRunnerForTest(
      const scoped_refptr<base::TaskRunner>& task_runner);
@@ -261,6 +250,18 @@ class NET_EXPORT NSSCertDatabase {
 private:
  friend struct base::DefaultLazyInstanceTraits<NSSCertDatabase>;

+  // Registers |observer| to receive notifications of certificate changes.  The
+  // thread on which this is called is the thread on which |observer| will be
+  // called back with notifications.
+  // NOTE: Observers registered here will only receive notifications generated
+  // directly through the NSSCertDatabase, but not those from the CertDatabase.
+  // CertDatabase observers will receive all certificate notifications.
+  void AddObserver(Observer* observer);
+
+  // Unregisters |observer| from receiving notifications.  This must be called
+  // on the same thread on which AddObserver() was called.
+  void RemoveObserver(Observer* observer);
+
  // Notifies observers of the removal of |cert| and calls |callback| with
  // |success| as argument.
  void NotifyCertRemovalAndCallBack(scoped_refptr<X509Certificate> cert,
@@ -276,6 +277,9 @@ class NET_EXPORT NSSCertDatabase {
  // it may safely be used on the worker thread.
  static bool DeleteCertAndKeyImpl(scoped_refptr<X509Certificate> cert);

+  // A helper observer that forwards events from this database to CertDatabase.
+  scoped_ptr<Observer> cert_notification_forwarder_;
+
  // Task runner that should be used in tests if set.
  scoped_refptr<base::TaskRunner> slow_task_runner_for_test_;