| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ssl/ssl_error_info.h" | 5 #include "components/ssl_errors/error_info.h" |
| 6 | 6 |
| 7 #include "base/i18n/message_formatter.h" | 7 #include "base/i18n/message_formatter.h" |
| 8 #include "base/strings/utf_string_conversions.h" | 8 #include "base/strings/utf_string_conversions.h" |
| 9 #include "chrome/grit/chromium_strings.h" | 9 #include "grit/components_strings.h" |
| 10 #include "chrome/grit/generated_resources.h" | |
| 11 #include "content/public/browser/cert_store.h" | |
| 12 #include "net/base/escape.h" | 10 #include "net/base/escape.h" |
| 13 #include "net/base/net_errors.h" | 11 #include "net/base/net_errors.h" |
| 14 #include "net/cert/cert_status_flags.h" | 12 #include "net/cert/cert_status_flags.h" |
| 15 #include "net/ssl/ssl_info.h" | 13 #include "net/ssl/ssl_info.h" |
| 16 #include "ui/base/l10n/l10n_util.h" | 14 #include "ui/base/l10n/l10n_util.h" |
| 17 #include "url/gurl.h" | 15 #include "url/gurl.h" |
| 18 | 16 |
| 19 using base::UTF8ToUTF16; | 17 using base::UTF8ToUTF16; |
| 20 | 18 |
| 21 SSLErrorInfo::SSLErrorInfo(const base::string16& details, | 19 namespace ssl_errors { |
| 22 const base::string16& short_description) | 20 |
| 23 : details_(details), | 21 ErrorInfo::ErrorInfo(const base::string16& details, |
| 24 short_description_(short_description) { | 22 const base::string16& short_description) |
| 25 } | 23 : details_(details), short_description_(short_description) {} |
| 26 | 24 |
| 27 // static | 25 // static |
| 28 SSLErrorInfo SSLErrorInfo::CreateError(ErrorType error_type, | 26 ErrorInfo ErrorInfo::CreateError(ErrorType error_type, |
| 29 net::X509Certificate* cert, | 27 net::X509Certificate* cert, |
| 30 const GURL& request_url) { | 28 const GURL& request_url) { |
| 31 base::string16 details, short_description; | 29 base::string16 details, short_description; |
| 32 switch (error_type) { | 30 switch (error_type) { |
| 33 case CERT_COMMON_NAME_INVALID: { | 31 case CERT_COMMON_NAME_INVALID: { |
| 34 // If the certificate contains multiple DNS names, we choose the most | 32 // If the certificate contains multiple DNS names, we choose the most |
| 35 // representative one -- either the DNS name that's also in the subject | 33 // representative one -- either the DNS name that's also in the subject |
| 36 // field, or the first one. If this heuristic turns out to be | 34 // field, or the first one. If this heuristic turns out to be |
| 37 // inadequate, we can consider choosing the DNS name that is the | 35 // inadequate, we can consider choosing the DNS name that is the |
| 38 // "closest match" to the host name in the request URL, or listing all | 36 // "closest match" to the host name in the request URL, or listing all |
| 39 // the DNS names with an HTML <ul>. | 37 // the DNS names with an HTML <ul>. |
| 40 std::vector<std::string> dns_names; | 38 std::vector<std::string> dns_names; |
| 41 cert->GetDNSNames(&dns_names); | 39 cert->GetDNSNames(&dns_names); |
| 42 DCHECK(!dns_names.empty()); | 40 DCHECK(!dns_names.empty()); |
| 43 size_t i = 0; | 41 size_t i = 0; |
| 44 for (; i < dns_names.size(); ++i) { | 42 for (; i < dns_names.size(); ++i) { |
| 45 if (dns_names[i] == cert->subject().common_name) | 43 if (dns_names[i] == cert->subject().common_name) |
| 46 break; | 44 break; |
| 47 } | 45 } |
| 48 if (i == dns_names.size()) | 46 if (i == dns_names.size()) |
| 49 i = 0; | 47 i = 0; |
| 50 details = | 48 details = l10n_util::GetStringFUTF16( |
| 51 l10n_util::GetStringFUTF16(IDS_CERT_ERROR_COMMON_NAME_INVALID_DETAILS, | 49 IDS_CERT_ERROR_COMMON_NAME_INVALID_DETAILS, |
| 52 UTF8ToUTF16(request_url.host()), | 50 UTF8ToUTF16(request_url.host()), |
| 53 net::EscapeForHTML( | 51 net::EscapeForHTML(UTF8ToUTF16(dns_names[i]))); |
| 54 UTF8ToUTF16(dns_names[i]))); | |
| 55 short_description = l10n_util::GetStringUTF16( | 52 short_description = l10n_util::GetStringUTF16( |
| 56 IDS_CERT_ERROR_COMMON_NAME_INVALID_DESCRIPTION); | 53 IDS_CERT_ERROR_COMMON_NAME_INVALID_DESCRIPTION); |
| 57 break; | 54 break; |
| 58 } | 55 } |
| 59 case CERT_DATE_INVALID: | 56 case CERT_DATE_INVALID: |
| 60 if (cert->HasExpired()) { | 57 if (cert->HasExpired()) { |
| 61 // Make sure to round up to the smallest integer value not less than | 58 // Make sure to round up to the smallest integer value not less than |
| 62 // the expiration value (https://crbug.com/476758). | 59 // the expiration value (https://crbug.com/476758). |
| 63 int expiration_value = | 60 int expiration_value = |
| 64 (base::Time::Now() - cert->valid_expiry()).InDays() + 1; | 61 (base::Time::Now() - cert->valid_expiry()).InDays() + 1; |
| (...skipping 15 matching lines...) Expand all Loading... |
| 80 // occurred. Both are probably rare cases. To avoid giving the wrong | 77 // occurred. Both are probably rare cases. To avoid giving the wrong |
| 81 // date, remove the information. | 78 // date, remove the information. |
| 82 details = l10n_util::GetStringFUTF16( | 79 details = l10n_util::GetStringFUTF16( |
| 83 IDS_CERT_ERROR_NOT_VALID_AT_THIS_TIME_DETAILS, | 80 IDS_CERT_ERROR_NOT_VALID_AT_THIS_TIME_DETAILS, |
| 84 UTF8ToUTF16(request_url.host())); | 81 UTF8ToUTF16(request_url.host())); |
| 85 short_description = l10n_util::GetStringUTF16( | 82 short_description = l10n_util::GetStringUTF16( |
| 86 IDS_CERT_ERROR_NOT_VALID_AT_THIS_TIME_DESCRIPTION); | 83 IDS_CERT_ERROR_NOT_VALID_AT_THIS_TIME_DESCRIPTION); |
| 87 } | 84 } |
| 88 break; | 85 break; |
| 89 case CERT_AUTHORITY_INVALID: | 86 case CERT_AUTHORITY_INVALID: |
| 90 details = l10n_util::GetStringFUTF16( | 87 details = |
| 91 IDS_CERT_ERROR_AUTHORITY_INVALID_DETAILS, | 88 l10n_util::GetStringFUTF16(IDS_CERT_ERROR_AUTHORITY_INVALID_DETAILS, |
| 92 UTF8ToUTF16(request_url.host())); | 89 UTF8ToUTF16(request_url.host())); |
| 93 short_description = l10n_util::GetStringUTF16( | 90 short_description = l10n_util::GetStringUTF16( |
| 94 IDS_CERT_ERROR_AUTHORITY_INVALID_DESCRIPTION); | 91 IDS_CERT_ERROR_AUTHORITY_INVALID_DESCRIPTION); |
| 95 break; | 92 break; |
| 96 case CERT_CONTAINS_ERRORS: | 93 case CERT_CONTAINS_ERRORS: |
| 97 details = l10n_util::GetStringFUTF16( | 94 details = |
| 98 IDS_CERT_ERROR_CONTAINS_ERRORS_DETAILS, | 95 l10n_util::GetStringFUTF16(IDS_CERT_ERROR_CONTAINS_ERRORS_DETAILS, |
| 99 UTF8ToUTF16(request_url.host())); | 96 UTF8ToUTF16(request_url.host())); |
| 100 short_description = | 97 short_description = |
| 101 l10n_util::GetStringUTF16(IDS_CERT_ERROR_CONTAINS_ERRORS_DESCRIPTION); | 98 l10n_util::GetStringUTF16(IDS_CERT_ERROR_CONTAINS_ERRORS_DESCRIPTION); |
| 102 break; | 99 break; |
| 103 case CERT_NO_REVOCATION_MECHANISM: | 100 case CERT_NO_REVOCATION_MECHANISM: |
| 104 details = l10n_util::GetStringUTF16( | 101 details = l10n_util::GetStringUTF16( |
| 105 IDS_CERT_ERROR_NO_REVOCATION_MECHANISM_DETAILS); | 102 IDS_CERT_ERROR_NO_REVOCATION_MECHANISM_DETAILS); |
| 106 short_description = l10n_util::GetStringUTF16( | 103 short_description = l10n_util::GetStringUTF16( |
| 107 IDS_CERT_ERROR_NO_REVOCATION_MECHANISM_DESCRIPTION); | 104 IDS_CERT_ERROR_NO_REVOCATION_MECHANISM_DESCRIPTION); |
| 108 break; | 105 break; |
| 109 case CERT_REVOKED: | 106 case CERT_REVOKED: |
| 110 details = l10n_util::GetStringFUTF16(IDS_CERT_ERROR_REVOKED_CERT_DETAILS, | 107 details = l10n_util::GetStringFUTF16(IDS_CERT_ERROR_REVOKED_CERT_DETAILS, |
| 111 UTF8ToUTF16(request_url.host())); | 108 UTF8ToUTF16(request_url.host())); |
| 112 short_description = | 109 short_description = |
| 113 l10n_util::GetStringUTF16(IDS_CERT_ERROR_REVOKED_CERT_DESCRIPTION); | 110 l10n_util::GetStringUTF16(IDS_CERT_ERROR_REVOKED_CERT_DESCRIPTION); |
| 114 break; | 111 break; |
| 115 case CERT_INVALID: | 112 case CERT_INVALID: |
| 116 details = l10n_util::GetStringFUTF16( | 113 details = l10n_util::GetStringFUTF16(IDS_CERT_ERROR_INVALID_CERT_DETAILS, |
| 117 IDS_CERT_ERROR_INVALID_CERT_DETAILS, | 114 UTF8ToUTF16(request_url.host())); |
| 118 UTF8ToUTF16(request_url.host())); | |
| 119 short_description = | 115 short_description = |
| 120 l10n_util::GetStringUTF16(IDS_CERT_ERROR_INVALID_CERT_DESCRIPTION); | 116 l10n_util::GetStringUTF16(IDS_CERT_ERROR_INVALID_CERT_DESCRIPTION); |
| 121 break; | 117 break; |
| 122 case CERT_WEAK_SIGNATURE_ALGORITHM: | 118 case CERT_WEAK_SIGNATURE_ALGORITHM: |
| 123 details = l10n_util::GetStringFUTF16( | 119 details = l10n_util::GetStringFUTF16( |
| 124 IDS_CERT_ERROR_WEAK_SIGNATURE_ALGORITHM_DETAILS, | 120 IDS_CERT_ERROR_WEAK_SIGNATURE_ALGORITHM_DETAILS, |
| 125 UTF8ToUTF16(request_url.host())); | 121 UTF8ToUTF16(request_url.host())); |
| 126 short_description = l10n_util::GetStringUTF16( | 122 short_description = l10n_util::GetStringUTF16( |
| 127 IDS_CERT_ERROR_WEAK_SIGNATURE_ALGORITHM_DESCRIPTION); | 123 IDS_CERT_ERROR_WEAK_SIGNATURE_ALGORITHM_DESCRIPTION); |
| 128 break; | 124 break; |
| 129 case CERT_WEAK_KEY: | 125 case CERT_WEAK_KEY: |
| 130 details = l10n_util::GetStringFUTF16( | 126 details = l10n_util::GetStringFUTF16(IDS_CERT_ERROR_WEAK_KEY_DETAILS, |
| 131 IDS_CERT_ERROR_WEAK_KEY_DETAILS, UTF8ToUTF16(request_url.host())); | 127 UTF8ToUTF16(request_url.host())); |
| 132 short_description = l10n_util::GetStringUTF16( | 128 short_description = |
| 133 IDS_CERT_ERROR_WEAK_KEY_DESCRIPTION); | 129 l10n_util::GetStringUTF16(IDS_CERT_ERROR_WEAK_KEY_DESCRIPTION); |
| 134 break; | 130 break; |
| 135 case CERT_WEAK_KEY_DH: | 131 case CERT_WEAK_KEY_DH: |
| 136 details = l10n_util::GetStringFUTF16( | 132 details = l10n_util::GetStringFUTF16(IDS_CERT_ERROR_WEAK_KEY_DETAILS, |
| 137 IDS_CERT_ERROR_WEAK_KEY_DETAILS, UTF8ToUTF16(request_url.host())); | 133 UTF8ToUTF16(request_url.host())); |
| 138 short_description = l10n_util::GetStringUTF16( | 134 short_description = |
| 139 IDS_CERT_ERROR_WEAK_KEY_DESCRIPTION); | 135 l10n_util::GetStringUTF16(IDS_CERT_ERROR_WEAK_KEY_DESCRIPTION); |
| 140 case CERT_NAME_CONSTRAINT_VIOLATION: | 136 case CERT_NAME_CONSTRAINT_VIOLATION: |
| 141 details = l10n_util::GetStringFUTF16( | 137 details = l10n_util::GetStringFUTF16( |
| 142 IDS_CERT_ERROR_NAME_CONSTRAINT_VIOLATION_DETAILS, | 138 IDS_CERT_ERROR_NAME_CONSTRAINT_VIOLATION_DETAILS, |
| 143 UTF8ToUTF16(request_url.host())); | 139 UTF8ToUTF16(request_url.host())); |
| 144 short_description = l10n_util::GetStringUTF16( | 140 short_description = l10n_util::GetStringUTF16( |
| 145 IDS_CERT_ERROR_NAME_CONSTRAINT_VIOLATION_DESCRIPTION); | 141 IDS_CERT_ERROR_NAME_CONSTRAINT_VIOLATION_DESCRIPTION); |
| 146 break; | 142 break; |
| 147 case CERT_VALIDITY_TOO_LONG: | 143 case CERT_VALIDITY_TOO_LONG: |
| 148 details = | 144 details = |
| 149 l10n_util::GetStringFUTF16(IDS_CERT_ERROR_VALIDITY_TOO_LONG_DETAILS, | 145 l10n_util::GetStringFUTF16(IDS_CERT_ERROR_VALIDITY_TOO_LONG_DETAILS, |
| 150 UTF8ToUTF16(request_url.host())); | 146 UTF8ToUTF16(request_url.host())); |
| 151 short_description = l10n_util::GetStringUTF16( | 147 short_description = l10n_util::GetStringUTF16( |
| 152 IDS_CERT_ERROR_VALIDITY_TOO_LONG_DESCRIPTION); | 148 IDS_CERT_ERROR_VALIDITY_TOO_LONG_DESCRIPTION); |
| 153 break; | 149 break; |
| 154 case CERT_PINNED_KEY_MISSING: | 150 case CERT_PINNED_KEY_MISSING: |
| 155 details = l10n_util::GetStringUTF16( | 151 details = l10n_util::GetStringUTF16( |
| 156 IDS_ERRORPAGES_SUMMARY_PINNING_FAILURE); | 152 IDS_CERT_ERROR_SUMMARY_PINNING_FAILURE_DETAILS); |
| 157 short_description = l10n_util::GetStringUTF16( | 153 short_description = l10n_util::GetStringUTF16( |
| 158 IDS_ERRORPAGES_DETAILS_PINNING_FAILURE); | 154 IDS_CERT_ERROR_SUMMARY_PINNING_FAILURE_DESCRIPTION); |
| 159 break; | 155 break; |
| 160 case CERT_UNABLE_TO_CHECK_REVOCATION: | 156 case CERT_UNABLE_TO_CHECK_REVOCATION: |
| 161 details = l10n_util::GetStringUTF16( | 157 details = l10n_util::GetStringUTF16( |
| 162 IDS_CERT_ERROR_UNABLE_TO_CHECK_REVOCATION_DETAILS); | 158 IDS_CERT_ERROR_UNABLE_TO_CHECK_REVOCATION_DETAILS); |
| 163 short_description = l10n_util::GetStringUTF16( | 159 short_description = l10n_util::GetStringUTF16( |
| 164 IDS_CERT_ERROR_UNABLE_TO_CHECK_REVOCATION_DESCRIPTION); | 160 IDS_CERT_ERROR_UNABLE_TO_CHECK_REVOCATION_DESCRIPTION); |
| 165 break; | 161 break; |
| 166 case UNKNOWN: | 162 case UNKNOWN: |
| 167 details = l10n_util::GetStringUTF16(IDS_CERT_ERROR_UNKNOWN_ERROR_DETAILS); | 163 details = l10n_util::GetStringUTF16(IDS_CERT_ERROR_UNKNOWN_ERROR_DETAILS); |
| 168 short_description = | 164 short_description = |
| 169 l10n_util::GetStringUTF16(IDS_CERT_ERROR_UNKNOWN_ERROR_DESCRIPTION); | 165 l10n_util::GetStringUTF16(IDS_CERT_ERROR_UNKNOWN_ERROR_DESCRIPTION); |
| 170 break; | 166 break; |
| 171 default: | 167 default: |
| 172 NOTREACHED(); | 168 NOTREACHED(); |
| 173 } | 169 } |
| 174 return SSLErrorInfo(details, short_description); | 170 return ErrorInfo(details, short_description); |
| 175 } | 171 } |
| 176 | 172 |
| 177 SSLErrorInfo::~SSLErrorInfo() { | 173 ErrorInfo::~ErrorInfo() {} |
| 178 } | |
| 179 | 174 |
| 180 // static | 175 // static |
| 181 SSLErrorInfo::ErrorType SSLErrorInfo::NetErrorToErrorType(int net_error) { | 176 ErrorInfo::ErrorType ErrorInfo::NetErrorToErrorType(int net_error) { |
| 182 switch (net_error) { | 177 switch (net_error) { |
| 183 case net::ERR_CERT_COMMON_NAME_INVALID: | 178 case net::ERR_CERT_COMMON_NAME_INVALID: |
| 184 return CERT_COMMON_NAME_INVALID; | 179 return CERT_COMMON_NAME_INVALID; |
| 185 case net::ERR_CERT_DATE_INVALID: | 180 case net::ERR_CERT_DATE_INVALID: |
| 186 return CERT_DATE_INVALID; | 181 return CERT_DATE_INVALID; |
| 187 case net::ERR_CERT_AUTHORITY_INVALID: | 182 case net::ERR_CERT_AUTHORITY_INVALID: |
| 188 return CERT_AUTHORITY_INVALID; | 183 return CERT_AUTHORITY_INVALID; |
| 189 case net::ERR_CERT_CONTAINS_ERRORS: | 184 case net::ERR_CERT_CONTAINS_ERRORS: |
| 190 return CERT_CONTAINS_ERRORS; | 185 return CERT_CONTAINS_ERRORS; |
| 191 case net::ERR_CERT_NO_REVOCATION_MECHANISM: | 186 case net::ERR_CERT_NO_REVOCATION_MECHANISM: |
| (...skipping 12 matching lines...) Expand all Loading... |
| 204 return CERT_NAME_CONSTRAINT_VIOLATION; | 199 return CERT_NAME_CONSTRAINT_VIOLATION; |
| 205 case net::ERR_CERT_VALIDITY_TOO_LONG: | 200 case net::ERR_CERT_VALIDITY_TOO_LONG: |
| 206 return CERT_VALIDITY_TOO_LONG; | 201 return CERT_VALIDITY_TOO_LONG; |
| 207 case net::ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY: | 202 case net::ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY: |
| 208 return CERT_WEAK_KEY_DH; | 203 return CERT_WEAK_KEY_DH; |
| 209 case net::ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN: | 204 case net::ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN: |
| 210 return CERT_PINNED_KEY_MISSING; | 205 return CERT_PINNED_KEY_MISSING; |
| 211 default: | 206 default: |
| 212 NOTREACHED(); | 207 NOTREACHED(); |
| 213 return UNKNOWN; | 208 return UNKNOWN; |
| 214 } | 209 } |
| 215 } | 210 } |
| 216 | 211 |
| 217 // static | 212 // static |
| 218 void SSLErrorInfo::GetErrorsForCertStatus(int cert_id, | 213 void ErrorInfo::GetErrorsForCertStatus( |
| 219 net::CertStatus cert_status, | 214 const scoped_refptr<net::X509Certificate>& cert, |
| 220 const GURL& url, | 215 net::CertStatus cert_status, |
| 221 std::vector<SSLErrorInfo>* errors) { | 216 const GURL& url, |
| 217 std::vector<ErrorInfo>* errors) { |
| 222 const net::CertStatus kErrorFlags[] = { | 218 const net::CertStatus kErrorFlags[] = { |
| 223 net::CERT_STATUS_COMMON_NAME_INVALID, | 219 net::CERT_STATUS_COMMON_NAME_INVALID, |
| 224 net::CERT_STATUS_DATE_INVALID, | 220 net::CERT_STATUS_DATE_INVALID, |
| 225 net::CERT_STATUS_AUTHORITY_INVALID, | 221 net::CERT_STATUS_AUTHORITY_INVALID, |
| 226 net::CERT_STATUS_NO_REVOCATION_MECHANISM, | 222 net::CERT_STATUS_NO_REVOCATION_MECHANISM, |
| 227 net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION, | 223 net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION, |
| 228 net::CERT_STATUS_REVOKED, | 224 net::CERT_STATUS_REVOKED, |
| 229 net::CERT_STATUS_INVALID, | 225 net::CERT_STATUS_INVALID, |
| 230 net::CERT_STATUS_WEAK_SIGNATURE_ALGORITHM, | 226 net::CERT_STATUS_WEAK_SIGNATURE_ALGORITHM, |
| 231 net::CERT_STATUS_WEAK_KEY, | 227 net::CERT_STATUS_WEAK_KEY, |
| 232 net::CERT_STATUS_NAME_CONSTRAINT_VIOLATION, | 228 net::CERT_STATUS_NAME_CONSTRAINT_VIOLATION, |
| 233 net::CERT_STATUS_VALIDITY_TOO_LONG, | 229 net::CERT_STATUS_VALIDITY_TOO_LONG, |
| 234 }; | 230 }; |
| 235 | 231 |
| 236 const ErrorType kErrorTypes[] = { | 232 const ErrorType kErrorTypes[] = { |
| 237 CERT_COMMON_NAME_INVALID, | 233 CERT_COMMON_NAME_INVALID, |
| 238 CERT_DATE_INVALID, | 234 CERT_DATE_INVALID, |
| 239 CERT_AUTHORITY_INVALID, | 235 CERT_AUTHORITY_INVALID, |
| 240 CERT_NO_REVOCATION_MECHANISM, | 236 CERT_NO_REVOCATION_MECHANISM, |
| 241 CERT_UNABLE_TO_CHECK_REVOCATION, | 237 CERT_UNABLE_TO_CHECK_REVOCATION, |
| 242 CERT_REVOKED, | 238 CERT_REVOKED, |
| 243 CERT_INVALID, | 239 CERT_INVALID, |
| 244 CERT_WEAK_SIGNATURE_ALGORITHM, | 240 CERT_WEAK_SIGNATURE_ALGORITHM, |
| 245 CERT_WEAK_KEY, | 241 CERT_WEAK_KEY, |
| 246 CERT_NAME_CONSTRAINT_VIOLATION, | 242 CERT_NAME_CONSTRAINT_VIOLATION, |
| 247 CERT_VALIDITY_TOO_LONG, | 243 CERT_VALIDITY_TOO_LONG, |
| 248 }; | 244 }; |
| 249 DCHECK(arraysize(kErrorFlags) == arraysize(kErrorTypes)); | 245 DCHECK(arraysize(kErrorFlags) == arraysize(kErrorTypes)); |
| 250 | 246 |
| 251 scoped_refptr<net::X509Certificate> cert = NULL; | |
| 252 for (size_t i = 0; i < arraysize(kErrorFlags); ++i) { | 247 for (size_t i = 0; i < arraysize(kErrorFlags); ++i) { |
| 253 if (cert_status & kErrorFlags[i]) { | 248 if ((cert_status & kErrorFlags[i]) && errors) { |
| 254 if (!cert.get()) { | 249 errors->push_back( |
| 255 bool r = content::CertStore::GetInstance()->RetrieveCert( | 250 ErrorInfo::CreateError(kErrorTypes[i], cert.get(), url)); |
| 256 cert_id, &cert); | |
| 257 DCHECK(r); | |
| 258 } | |
| 259 if (errors) { | |
| 260 errors->push_back( | |
| 261 SSLErrorInfo::CreateError(kErrorTypes[i], cert.get(), url)); | |
| 262 } | |
| 263 } | 251 } |
| 264 } | 252 } |
| 265 } | 253 } |
| 254 |
| 255 } // namespace ssl_errors |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1341923002:
Create a component for SSL error handling (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master