Attach a SecurityStyle to each request in ResourceLoader

content/common/ssl_status_serialization.cc

Index: content/common/ssl_status_serialization.cc
diff --git a/content/common/ssl_status_serialization.cc b/content/common/ssl_status_serialization.cc
index 364dba0538a4cdf6bdc17263e1fca8a663c74b69..a4fb0bc4c9d679edd6031c71013a9a7265ae61bc 100644
--- a/content/common/ssl_status_serialization.cc
+++ b/content/common/ssl_status_serialization.cc
@@ -7,24 +7,37 @@
 #include "base/logging.h"
 #include "base/pickle.h"
 
+namespace {
+
+// Checks that an integer |security_style| is a valid SecurityStyle enum
+// value. Returns true if valid, false otherwise.
+bool CheckSecurityStyle(int security_style) {
+  switch (security_style) {
+    case content::SECURITY_STYLE_UNKNOWN:
+    case content::SECURITY_STYLE_UNAUTHENTICATED:
+    case content::SECURITY_STYLE_AUTHENTICATION_BROKEN:
+    case content::SECURITY_STYLE_WARNING:
+    case content::SECURITY_STYLE_AUTHENTICATED:
+      break;
+  }
+  return true;

[davidben, 2015/07/24 22:21:52]

Doesn't this just always return true now? Probably you want return true on line
21 and return false on line 23. (Worth a unit test?)

[estark, 2015/07/25 00:38:00]

Ahhh, oops, done + unit test.

+}
+
+}  // namespace
+
 namespace content {
 
-std::string SerializeSecurityInfo(
-    int cert_id,
-    net::CertStatus cert_status,
-    int security_bits,
-    int ssl_connection_status,
-    const SignedCertificateTimestampIDStatusList&
-        signed_certificate_timestamp_ids) {
+std::string SerializeSecurityInfo(const SSLStatus& ssl_status) {
   base::Pickle pickle;
-  pickle.WriteInt(cert_id);
-  pickle.WriteUInt32(cert_status);
-  pickle.WriteInt(security_bits);
-  pickle.WriteInt(ssl_connection_status);
-  pickle.WriteInt(signed_certificate_timestamp_ids.size());
+  pickle.WriteInt(ssl_status.security_style);
+  pickle.WriteInt(ssl_status.cert_id);
+  pickle.WriteUInt32(ssl_status.cert_status);
+  pickle.WriteInt(ssl_status.security_bits);
+  pickle.WriteInt(ssl_status.connection_status);
+  pickle.WriteInt(ssl_status.signed_certificate_timestamp_ids.size());
   for (SignedCertificateTimestampIDStatusList::const_iterator iter =
-           signed_certificate_timestamp_ids.begin();
-       iter != signed_certificate_timestamp_ids.end(); ++iter) {
+           ssl_status.signed_certificate_timestamp_ids.begin();
+       iter != ssl_status.signed_certificate_timestamp_ids.end(); ++iter) {
     pickle.WriteInt(iter->id);
     pickle.WriteUInt16(iter->status);
   }
@@ -41,8 +54,9 @@ bool DeserializeSecurityInfo(const std::string& state, SSLStatus* ssl_status) {
 
   base::Pickle pickle(state.data(), static_cast<int>(state.size()));
   base::PickleIterator iter(pickle);
+  int security_style;
   int num_scts_to_read;
-  if (!iter.ReadInt(&ssl_status->cert_id) ||
+  if (!iter.ReadInt(&security_style) || !iter.ReadInt(&ssl_status->cert_id) ||
       !iter.ReadUInt32(&ssl_status->cert_status) ||
       !iter.ReadInt(&ssl_status->security_bits) ||
       !iter.ReadInt(&ssl_status->connection_status) ||
@@ -51,6 +65,13 @@ bool DeserializeSecurityInfo(const std::string& state, SSLStatus* ssl_status) {
     return false;
   }
 
+  if (!CheckSecurityStyle(security_style)) {
+    *ssl_status = SSLStatus();
+    return false;
+  }
+
+  ssl_status->security_style = static_cast<SecurityStyle>(security_style);
+
   // Sanity check |security_bits|: the only allowed negative value is -1.
   if (ssl_status->security_bits < -1) {
     *ssl_status = SSLStatus();