ChromeOS: only use CertVerifyProcChromeOS if multiprofiles is allowed.

BUG=218627 Review URL: https://codereview.chromium.org/150203007 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@250994 0039d316-1c4b-4281-b951-d872f2087c98

ChromeOS: only use CertVerifyProcChromeOS if multiprofiles is allowed.
BUG=218627 Review URL: https://codereview.chromium.org/150203007 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@250994 0039d316-1c4b-4281-b951-d872f2087c98
e456c74e · mattm@chromium.org · 417a6f12 · e456c74e · e456c74e
Commit e456c74e authored Feb 13, 2014 by mattm@chromium.org
Hide whitespace changes
Inline Side-by-side

Showing with 20 additions and 12 deletions

chrome/browser/io_thread.cc chrome/browser/io_thread.cc +10 -6

chrome/browser/profiles/profile_io_data.cc chrome/browser/profiles/profile_io_data.cc +10 -6

No files found.
--- a/chrome/browser/io_thread.cc
+++ b/chrome/browser/io_thread.cc
@@ -107,6 +107,7 @@
 #endif
 #if defined(OS_CHROMEOS)
+#include "chrome/browser/chromeos/login/user_manager.h"
 #include "chrome/browser/chromeos/net/cert_verify_proc_chromeos.h"
 #endif
@@ -552,13 +553,16 @@ void IOThread::InitAsync() {
  globals_->host_resolver = CreateGlobalHostResolver(net_log_);
  UpdateDnsClientEnabled();
 #if defined(OS_CHROMEOS)
-  // Creates a CertVerifyProc that doesn't allow any profile-provided certs.
+  if (chromeos::UserManager::IsMultipleProfilesAllowed()) {
-  globals_->cert_verifier.reset(new net::MultiThreadedCertVerifier(
+    // Creates a CertVerifyProc that doesn't allow any profile-provided certs.
-      new chromeos::CertVerifyProcChromeOS()));
+    globals_->cert_verifier.reset(new net::MultiThreadedCertVerifier(
-#else
+        new chromeos::CertVerifyProcChromeOS()));
-  globals_->cert_verifier.reset(
+  } else  // NOLINT Fallthrough to normal verifier if multiprofiles not allowed.
-      new net::MultiThreadedCertVerifier(net::CertVerifyProc::CreateDefault()));
 #endif
+  {
+    globals_->cert_verifier.reset(new net::MultiThreadedCertVerifier(
+        net::CertVerifyProc::CreateDefault()));
+  }
  globals_->transport_security_state.reset(new net::TransportSecurityState());
 #if !defined(USE_OPENSSL)
  // For now, Certificate Transparency is only implemented for platforms

--- a/chrome/browser/profiles/profile_io_data.cc
+++ b/chrome/browser/profiles/profile_io_data.cc
@@ -970,12 +970,16 @@ void ProfileIOData::Init(content::ProtocolHandlerMap* protocol_handlers) const {
 #if defined(OS_CHROMEOS)
  username_hash_ = profile_params_->username_hash;
-  crypto::ScopedPK11Slot public_slot =
+  scoped_refptr<net::CertVerifyProc> verify_proc;
-      crypto::GetPublicSlotForChromeOSUser(username_hash_);
+  if (chromeos::UserManager::IsMultipleProfilesAllowed()) {
-  // The private slot won't be ready by this point. It shouldn't be necessary
+    crypto::ScopedPK11Slot public_slot =
-  // for cert trust purposes anyway.
+        crypto::GetPublicSlotForChromeOSUser(username_hash_);
-  scoped_refptr<net::CertVerifyProc> verify_proc =
+    // The private slot won't be ready by this point. It shouldn't be necessary
-      new chromeos::CertVerifyProcChromeOS(public_slot.Pass());
+    // for cert trust purposes anyway.
+    verify_proc = new chromeos::CertVerifyProcChromeOS(public_slot.Pass());
+  } else {
+    verify_proc = net::CertVerifyProc::CreateDefault();
+  }
  if (cert_verifier_) {
    cert_verifier_->InitializeOnIOThread(verify_proc);
    main_request_context_->set_cert_verifier(cert_verifier_.get());