net: remove DNS certificate checking code.

BUG=none
TEST=compiles

Review URL: http://codereview.chromium.org/8944001

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@114642 0039d316-1c4b-4281-b951-d872f2087c98

chrome/browser/chrome_browser_main.cc

@@ -53,8 +53,6 @@
 #include "chrome/browser/metrics/thread_watcher.h"
 #include "chrome/browser/metrics/tracking_synchronizer.h"
 #include "chrome/browser/nacl_host/nacl_process_host.h"
-#include "chrome/browser/net/chrome_dns_cert_provenance_checker.h"
-#include "chrome/browser/net/chrome_dns_cert_provenance_checker_factory.h"
 #include "chrome/browser/net/chrome_net_log.h"
 #include "chrome/browser/net/predictor.h"
 #include "chrome/browser/notifications/desktop_notification_service.h"
@@ -283,8 +281,6 @@ void InitializeNetworkOptions(const CommandLine& parsed_command_line) {
     net::SpdySessionPool::set_max_sessions_per_domain(value);
   }
 
-  SetDnsCertProvenanceCheckerFactory(CreateChromeDnsCertProvenanceChecker);
-
   if (parsed_command_line.HasSwitch(switches::kEnableWebSocketOverSpdy)) {
     // Enable WebSocket over SPDY.
     net::WebSocketJob::set_websocket_over_spdy_enabled(true);

chrome/browser/io_thread.cc

@@ -41,7 +41,6 @@
 #include "net/base/cert_verifier.h"
 #include "net/base/cookie_monster.h"
 #include "net/base/default_origin_bound_cert_store.h"
-#include "net/base/dnsrr_resolver.h"
 #include "net/base/host_cache.h"
 #include "net/base/host_resolver.h"
 #include "net/base/host_resolver_impl.h"
@@ -59,7 +58,6 @@
 #include "net/proxy/proxy_config_service.h"
 #include "net/proxy/proxy_script_fetcher_impl.h"
 #include "net/proxy/proxy_service.h"
-#include "net/socket/dns_cert_provenance_checker.h"
 
 #if defined(USE_NSS)
 #include "net/ocsp/nss_ocsp.h"
@@ -447,7 +445,6 @@ void IOThread::Init() {
   globals_->host_resolver.reset(
       CreateGlobalHostResolver(net_log_));
   globals_->cert_verifier.reset(new net::CertVerifier);
-  globals_->dnsrr_resolver.reset(new net::DnsRRResolver);
   globals_->transport_security_state.reset(new net::TransportSecurityState(""));
   globals_->ssl_config_service = GetSSLConfigService();
   globals_->http_auth_handler_factory.reset(CreateDefaultAuthHandlerFactory(
@@ -663,7 +660,6 @@ void IOThread::InitSystemRequestContextOnIOThread() {
       globals_->system_origin_bound_cert_service.get();
   system_params.transport_security_state =
       globals_->transport_security_state.get();
-  system_params.dns_cert_checker = NULL;
   system_params.ssl_host_info_factory = NULL;
   system_params.proxy_service = globals_->system_proxy_service.get();
   system_params.ssl_config_service = globals_->ssl_config_service.get();

chrome/browser/io_thread.h

@@ -29,7 +29,6 @@ class SystemURLRequestContextGetter;
 namespace net {
 class CertVerifier;
 class CookieStore;
-class DnsRRResolver;
 class FtpTransactionFactory;
 class HostResolver;
 class HttpAuthHandlerFactory;
@@ -74,7 +73,6 @@ class IOThread : public content::BrowserThreadDelegate {
     // used to enforce pinning for system requests and will only use built-in
     // pins.
     scoped_ptr<net::TransportSecurityState> transport_security_state;
-    scoped_ptr<net::DnsRRResolver> dnsrr_resolver;
     scoped_refptr<net::SSLConfigService> ssl_config_service;
     scoped_ptr<net::HttpAuthHandlerFactory> http_auth_handler_factory;
     scoped_ptr<net::HttpServerProperties> http_server_properties;

chrome/browser/profiles/off_the_record_profile_io_data.cc

@@ -168,7 +168,6 @@ void OffTheRecordProfileIOData::LazyInitializeInternal(
       io_thread_globals->cert_verifier.get());
   main_context->set_http_auth_handler_factory(
       io_thread_globals->http_auth_handler_factory.get());
-  main_context->set_dns_cert_checker(dns_cert_checker());
   main_context->set_fraudulent_certificate_reporter(
       fraudulent_certificate_reporter());
   main_context->set_proxy_service(proxy_service());
@@ -204,7 +203,6 @@ void OffTheRecordProfileIOData::LazyInitializeInternal(
                          main_context->cert_verifier(),
                          main_context->origin_bound_cert_service(),
                          main_context->transport_security_state(),
-                         main_context->dns_cert_checker(),
                          main_context->proxy_service(),
                          kIncognitoSSLCacheShard,
                          main_context->ssl_config_service(),

chrome/browser/profiles/profile_impl_io_data.cc

@@ -290,10 +290,8 @@ void ProfileImplIOData::LazyInitializeInternal(
   media_request_context_->set_http_auth_handler_factory(
       io_thread_globals->http_auth_handler_factory.get());
 
-  main_context->set_dns_cert_checker(dns_cert_checker());
   main_context->set_fraudulent_certificate_reporter(
       fraudulent_certificate_reporter());
-  media_request_context_->set_dns_cert_checker(dns_cert_checker());
   media_request_context_->set_fraudulent_certificate_reporter(
       fraudulent_certificate_reporter());
 
@@ -370,7 +368,6 @@ void ProfileImplIOData::LazyInitializeInternal(
       main_context->cert_verifier(),
       main_context->origin_bound_cert_service(),
       main_context->transport_security_state(),
-      main_context->dns_cert_checker(),
       main_context->proxy_service(),
       "", // pass empty ssl_session_cache_shard to share the SSL session cache
           // with everything that doesn't explicitly want a different one.

chrome/browser/profiles/profile_io_data.cc

@@ -26,7 +26,6 @@
 #include "chrome/browser/io_thread.h"
 #include "chrome/browser/media/media_internals.h"
 #include "chrome/browser/net/chrome_cookie_notification_details.h"
-#include "chrome/browser/net/chrome_dns_cert_provenance_checker_factory.h"
 #include "chrome/browser/net/chrome_fraudulent_certificate_reporter.h"
 #include "chrome/browser/net/chrome_net_log.h"
 #include "chrome/browser/net/chrome_network_delegate.h"
@@ -433,9 +432,6 @@ void ProfileIOData::LazyInitialize() const {
         profile_params_->profile,
         &enable_referrers_));
 
-  dns_cert_checker_.reset(
-      CreateDnsCertProvenanceChecker(io_thread_globals->dnsrr_resolver.get(),
-                                     main_request_context_));
   fraudulent_certificate_reporter_.reset(
       new chrome_browser_net::ChromeFraudulentCertificateReporter(
           main_request_context_));

chrome/browser/profiles/profile_io_data.h

@@ -44,7 +44,6 @@ class MediaStreamManager;
 
 namespace net {
 class CookieStore;
-class DnsCertProvenanceChecker;
 class FraudulentCertificateReporter;
 class HttpTransactionFactory;
 class OriginBoundCertService;
@@ -205,10 +204,6 @@ class ProfileIOData {
     return network_delegate_.get();
   }
 
-  net::DnsCertProvenanceChecker* dns_cert_checker() const {
-    return dns_cert_checker_.get();
-  }
-
   net::FraudulentCertificateReporter* fraudulent_certificate_reporter() const {
     return fraudulent_certificate_reporter_.get();
   }
@@ -283,7 +278,6 @@ class ProfileIOData {
       chrome_url_data_manager_backend_;
   mutable scoped_ptr<net::OriginBoundCertService> origin_bound_cert_service_;
   mutable scoped_ptr<net::NetworkDelegate> network_delegate_;
-  mutable scoped_ptr<net::DnsCertProvenanceChecker> dns_cert_checker_;
   mutable scoped_ptr<net::FraudulentCertificateReporter>
       fraudulent_certificate_reporter_;
   mutable scoped_ptr<net::ProxyService> proxy_service_;

chrome/chrome_browser.gypi

@@ -1594,10 +1594,6 @@
         'browser/net/browser_url_util.cc',
         'browser/net/browser_url_util.h',
         'browser/net/chrome_cookie_notification_details.h',
-        'browser/net/chrome_dns_cert_provenance_checker.cc',
-        'browser/net/chrome_dns_cert_provenance_checker.h',
-        'browser/net/chrome_dns_cert_provenance_checker_factory.cc',
-        'browser/net/chrome_dns_cert_provenance_checker_factory.h',
         'browser/net/chrome_fraudulent_certificate_reporter.cc',
         'browser/net/chrome_fraudulent_certificate_reporter.h',
         'browser/net/chrome_net_log.cc',

content/shell/shell_url_request_context_getter.cc

@@ -80,10 +80,9 @@ net::URLRequestContext* ShellURLRequestContextGetter::GetURLRequestContext() {
         url_request_context_->host_resolver(),
         url_request_context_->cert_verifier(),
         url_request_context_->origin_bound_cert_service(),
-        NULL, //tranport_security_state
-        NULL, //dns_cert_checker
+        NULL, // tranport_security_state
         url_request_context_->proxy_service(),
-        "" /* ssl_session_cache_shard */,
+        "", // ssl_session_cache_shard
         url_request_context_->ssl_config_service(),
         url_request_context_->http_auth_handler_factory(),
         NULL,  // network_delegate

jingle/notifier/base/proxy_resolving_client_socket.cc

@@ -52,7 +52,6 @@ ProxyResolvingClientSocket::ProxyResolvingClientSocket(
   session_params.origin_bound_cert_service = NULL;
   // transport_security_state is NULL because it's not thread safe.
   session_params.transport_security_state = NULL;
-  session_params.dns_cert_checker = request_context->dns_cert_checker();
   session_params.proxy_service = request_context->proxy_service();
   session_params.ssl_host_info_factory = NULL;
   session_params.ssl_config_service = request_context->ssl_config_service();