Have SSLErrorHandler decide which type of interstitial to display

chrome/browser/ssl/ssl_error_handler.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/ssl/ssl_error_handler.h"
 
 #include "base/callback_helpers.h"
 #include "base/metrics/field_trial.h"
 #include "base/metrics/histogram.h"
 #include "base/strings/stringprintf.h"
+#include "base/time/clock.h"
 #include "base/time/time.h"
 #include "chrome/browser/profiles/profile.h"
+#include "chrome/browser/ssl/bad_clock_blocking_page.h"
 #include "chrome/browser/ssl/ssl_blocking_page.h"
 #include "chrome/browser/ssl/ssl_cert_reporter.h"
 #include "chrome/browser/ssl/ssl_error_classification.h"
+#include "chrome/browser/ssl/ssl_error_info.h"
 #include "content/public/browser/notification_service.h"
 #include "content/public/browser/notification_source.h"
 #include "content/public/browser/render_frame_host.h"
 #include "content/public/browser/web_contents.h"
 #include "net/base/net_errors.h"
 
 #if defined(ENABLE_CAPTIVE_PORTAL_DETECTION)
 #include "chrome/browser/captive_portal/captive_portal_service.h"
 #include "chrome/browser/captive_portal/captive_portal_service_factory.h"
 #include "chrome/browser/captive_portal/captive_portal_tab_helper.h"
 #include "chrome/browser/ssl/captive_portal_blocking_page.h"
 #endif
 
 namespace {
 
 // The delay in milliseconds before displaying the SSL interstitial.
 // This can be changed in tests.
 // - If there is a name mismatch and a suggested URL available result arrives
 //   during this time, the user is redirected to the suggester URL.
 // - If a "captive portal detected" result arrives during this time,
 //   a captive portal interstitial is displayed.
 // - Otherwise, an SSL interstitial is displayed.
 int64 g_interstitial_delay_in_milliseconds = 2000;
 
 // Callback to call when the interstitial timer is started. Used for testing.
 SSLErrorHandler::TimerStartedCallback* g_timer_started_callback = nullptr;
 
+// The clock to use when deciding which error type to display. Used for testing.
+base::Clock* g_testing_clock = nullptr;
+
 // Events for UMA.
 enum SSLErrorHandlerEvent {
   HANDLE_ALL,
   SHOW_CAPTIVE_PORTAL_INTERSTITIAL_NONOVERRIDABLE,
   SHOW_CAPTIVE_PORTAL_INTERSTITIAL_OVERRIDABLE,
   SHOW_SSL_INTERSTITIAL_NONOVERRIDABLE,
   SHOW_SSL_INTERSTITIAL_OVERRIDABLE,
   WWW_MISMATCH_FOUND,
   WWW_MISMATCH_URL_AVAILABLE,
   WWW_MISMATCH_URL_NOT_AVAILABLE,
+  SHOW_BAD_CLOCK,
   SSL_ERROR_HANDLER_EVENT_COUNT
 };
 
 // Adds a message to console after navigation commits and then, deletes itself.
 // Also deletes itself if the navigation is stopped.
 class CommonNameMismatchRedirectObserver
     : public content::WebContentsObserver,
       public content::WebContentsUserData<CommonNameMismatchRedirectObserver> {
  public:
   static void AddToConsoleAfterNavigation(
@@ skipping 55 matching lines @@
   return base::FieldTrialList::FindFullName("CaptivePortalInterstitial") ==
          "Enabled";
 }
 #endif
 
 bool IsSSLCommonNameMismatchHandlingEnabled() {
   return base::FieldTrialList::FindFullName("SSLCommonNameMismatchHandling") ==
          "Enabled";
 }
 
+bool IsErrorDueToBadClock(const base::Time& now, int error) {
+  if (SSLErrorInfo::NetErrorToErrorType(error) !=
+      SSLErrorInfo::CERT_DATE_INVALID) {
+    return false;
+  }
+  if (g_testing_clock) {
+    SSLErrorClassification::SetBuildTimeForTesting(

[estark, 2015/09/01 13:28:28]

nit: I'm curious if you considered calling this from the test instead of calling
it here. The advantages I see of doing that are:
1. you can make both the Set*ForTesting clock methods private and
FRIEND_TEST_ALL_PREFIXES the test.
2. it's not obvious from the outset that calling
SSLErrorHandler::SetClockForTesting() also affects the build time that'll be
used. So maybe SetClockForTesting() should be renamed
SetClockAndBuildTimeForTesting() to make it more clear, or the test itself could
call SetBuildTimeForTesting() to make it more explicit.

[felt, 2015/09/01 15:49:41]

Moved into the test.

+        base::Time::NowFromSystemTime());
+  }
+  return SSLErrorClassification::IsUserClockInThePast(now) ||
+         SSLErrorClassification::IsUserClockInTheFuture(now);
+}
+
 }  // namespace
 
 DEFINE_WEB_CONTENTS_USER_DATA_KEY(SSLErrorHandler);
 DEFINE_WEB_CONTENTS_USER_DATA_KEY(CommonNameMismatchRedirectObserver);
 
 void SSLErrorHandler::HandleSSLError(
     content::WebContents* web_contents,
     int cert_error,
     const net::SSLInfo& ssl_info,
     const GURL& request_url,
@@ skipping 13 matching lines @@
   g_interstitial_delay_in_milliseconds = delay.InMilliseconds();
 }
 
 // static
 void SSLErrorHandler::SetInterstitialTimerStartedCallbackForTest(
     TimerStartedCallback* callback) {
   DCHECK(!callback || !callback->is_null());
   g_timer_started_callback = callback;
 }
 
+// static
+void SSLErrorHandler::SetClockForTest(base::Clock* testing_clock) {
+  g_testing_clock = testing_clock;
+}
+
 SSLErrorHandler::SSLErrorHandler(content::WebContents* web_contents,
                                  int cert_error,
                                  const net::SSLInfo& ssl_info,
                                  const GURL& request_url,
                                  int options_mask,
                                  scoped_ptr<SSLCertReporter> ssl_cert_reporter,
                                  const base::Callback<void(bool)>& callback)
     : content::WebContentsObserver(web_contents),
       web_contents_(web_contents),
       cert_error_(cert_error),
       ssl_info_(ssl_info),
       request_url_(request_url),
       options_mask_(options_mask),
       callback_(callback),
       profile_(Profile::FromBrowserContext(web_contents->GetBrowserContext())),
       ssl_cert_reporter_(ssl_cert_reporter.Pass()) {}
 
 SSLErrorHandler::~SSLErrorHandler() {
 }
 
 void SSLErrorHandler::StartHandlingError() {
   RecordUMA(HANDLE_ALL);
 
+  const base::Time now = g_testing_clock == nullptr
+                             ? base::Time::NowFromSystemTime()
+                             : g_testing_clock->Now();
+  if (IsErrorDueToBadClock(now, cert_error_)) {
+    ShowBadClockInterstitial(now);
+    return;  // |this| is deleted after showing the interstitial.
+  }
+
   std::vector<std::string> dns_names;
   ssl_info_.cert->GetDNSNames(&dns_names);
   DCHECK(!dns_names.empty());
   GURL suggested_url;
   if (IsSSLCommonNameMismatchHandlingEnabled() &&
       cert_error_ == net::ERR_CERT_COMMON_NAME_INVALID &&
       IsErrorOverridable() && GetSuggestedUrl(dns_names, &suggested_url)) {
     RecordUMA(WWW_MISMATCH_FOUND);
     net::CertStatus extra_cert_errors =
         ssl_info_.cert_status ^ net::CERT_STATUS_COMMON_NAME_INVALID;
@@ skipping 105 matching lines @@
 
   (new SSLBlockingPage(web_contents_, cert_error_, ssl_info_, request_url_,
                        options_mask_, base::Time::NowFromSystemTime(),
                        ssl_cert_reporter_.Pass(), callback_))
       ->Show();
   // Once an interstitial is displayed, no need to keep the handler around.
   // This is the equivalent of "delete this".
   web_contents_->RemoveUserData(UserDataKey());
 }
 
+void SSLErrorHandler::ShowBadClockInterstitial(const base::Time& now) {
+  RecordUMA(SHOW_BAD_CLOCK);
+  (new BadClockBlockingPage(web_contents_, cert_error_, ssl_info_, request_url_,
+                            now, callback_))
+      ->Show();
+  // Once an interstitial is displayed, no need to keep the handler around.
+  // This is the equivalent of "delete this".
+  web_contents_->RemoveUserData(UserDataKey());
+}
+
 void SSLErrorHandler::CommonNameMismatchHandlerCallback(
     const CommonNameMismatchHandler::SuggestedUrlCheckResult& result,
     const GURL& suggested_url) {
   timer_.Stop();
   if (result == CommonNameMismatchHandler::SuggestedUrlCheckResult::
                     SUGGESTED_URL_AVAILABLE) {
     RecordUMA(WWW_MISMATCH_URL_AVAILABLE);
     CommonNameMismatchRedirectObserver::AddToConsoleAfterNavigation(
         web_contents(), request_url_.host(), suggested_url.host());
     NavigateToSuggestedURL(suggested_url);
@@ skipping 40 matching lines @@
   if (!callback_.is_null()) {
     base::ResetAndReturn(&callback_).Run(false);
   }
   if (common_name_mismatch_handler_) {
     common_name_mismatch_handler_->Cancel();
     common_name_mismatch_handler_.reset();
   }
   // Deletes |this| and also destroys the timer.
   web_contents_->RemoveUserData(UserDataKey());
 }