diff options
author | Henrik Boström <hbos@webrtc.org> | 2022-09-26 14:13:17 +0200 |
---|---|---|
committer | WebRTC LUCI CQ <webrtc-scoped@luci-project-accounts.iam.gserviceaccount.com> | 2022-09-26 13:55:40 +0000 |
commit | 69d23c93866bcb63b21bb7e5c9d88b717d051c23 (patch) | |
tree | 9c62b8b3ee31c167170be95a41dabb1d9c7d88ce /rtc_base | |
parent | 4c7d3f82f917961d35b89003d73384c623e4ebd3 (diff) | |
download | webrtc-69d23c93866bcb63b21bb7e5c9d88b717d051c23.tar.gz |
Add RTCCertificateStats cache to avoid rtc::SSLCertChain::GetStats.
Unlike the cache of the entire stats report which is time limited, this
certificate cache is valid for an unlimited amount of time, but is
cleared at ClearCachedStatsReport() which is already called on each
SLD/SRD call. Since certificates can only change by negotiation, this
cache is ensured to always be invalidated when certificates change.
Since ClearCachedStatsReport() can happen for other reasons than
certificates changing we may clear the cache more often then is
necessary, but arguably this is seldom enough that we don't have to
create a separate "ClearCertificateStats()" method. Keep it simple?
The cache specifically avoids rtc::SSLCertChain::GetStats which
trigger rtc::SSLCertificate::GetStats and rtc::Base64::EncodeFromArray.
Bug: webrtc:14458
Change-Id: I5f95a4a5eb51cc4462147270fdae7bb9fb7bc822
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/276602
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Commit-Queue: Henrik Boström <hbos@webrtc.org>
Cr-Commit-Position: refs/heads/main@{#38205}
Diffstat (limited to 'rtc_base')
-rw-r--r-- | rtc_base/ssl_certificate.cc | 6 | ||||
-rw-r--r-- | rtc_base/ssl_certificate.h | 2 |
2 files changed, 8 insertions, 0 deletions
diff --git a/rtc_base/ssl_certificate.cc b/rtc_base/ssl_certificate.cc index ddb1524f76..d1fd57fca5 100644 --- a/rtc_base/ssl_certificate.cc +++ b/rtc_base/ssl_certificate.cc @@ -44,6 +44,12 @@ SSLCertificateStats::SSLCertificateStats( SSLCertificateStats::~SSLCertificateStats() {} +std::unique_ptr<SSLCertificateStats> SSLCertificateStats::Copy() const { + return std::make_unique<SSLCertificateStats>( + std::string(fingerprint), std::string(fingerprint_algorithm), + std::string(base64_certificate), issuer ? issuer->Copy() : nullptr); +} + ////////////////////////////////////////////////////////////////////// // SSLCertificate ////////////////////////////////////////////////////////////////////// diff --git a/rtc_base/ssl_certificate.h b/rtc_base/ssl_certificate.h index 77fbba3e9e..2e198800c4 100644 --- a/rtc_base/ssl_certificate.h +++ b/rtc_base/ssl_certificate.h @@ -38,6 +38,8 @@ struct RTC_EXPORT SSLCertificateStats { std::string fingerprint_algorithm; std::string base64_certificate; std::unique_ptr<SSLCertificateStats> issuer; + + std::unique_ptr<SSLCertificateStats> Copy() const; }; // Abstract interface overridden by SSL library specific |