Fix certificate checker callback lifetime.
OpenSSL's SSL_CTX_set_verify() function allows us to set a callback
called after certificate validation but doesn't provide a way to pass
private data to this callback. CL:183832 was passing the pointer to the
CertificateChecker instance using a global pointer, nevertheless the
lifetime of this pointer was wrong since libcurl can trigger this
callback asynchronously when the SSL certificates are downloaded.
This patch converts the CertificateChecker into a singleton class and
uses the same trick previously used to pass the ServerToCheck value
using different callbacks.
Bug: 25818567
Test: Run an update on edison-userdebug; FEATURES=test emerge-link update_engine
Change-Id: I84cdb2f8c5ac86d1463634e73e867f213f7a2f5a
diff --git a/real_system_state.cc b/real_system_state.cc
index dd33701..3a90292 100644
--- a/real_system_state.cc
+++ b/real_system_state.cc
@@ -111,6 +111,16 @@
"features might not work properly.";
}
+ certificate_checker_.reset(
+ new CertificateChecker(prefs_.get(), &openssl_wrapper_));
+ certificate_checker_->Init();
+
+ // Initialize the UpdateAttempter before the UpdateManager.
+ update_attempter_.reset(
+ new UpdateAttempter(this, certificate_checker_.get(), &libcros_proxy_,
+ &debugd_proxy_));
+ update_attempter_->Init();
+
// Initialize the Update Manager using the default state factory.
chromeos_update_manager::State* um_state =
chromeos_update_manager::DefaultStateFactory(
@@ -134,9 +144,6 @@
return false;
}
- // Initialize the update attempter.
- update_attempter_.Init();
-
// All is well. Initialization successful.
return true;
}