| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/ssl_errors/error_info.h" | 5 #include "chrome/browser/ssl/ssl_error_info.h" |
| 6 | 6 |
| 7 #include "base/i18n/message_formatter.h" | 7 #include "base/i18n/message_formatter.h" |
| 8 #include "base/strings/utf_string_conversions.h" | 8 #include "base/strings/utf_string_conversions.h" |
| 9 #include "grit/components_strings.h" | 9 #include "chrome/grit/chromium_strings.h" |
| 10 #include "chrome/grit/generated_resources.h" |
| 11 #include "content/public/browser/cert_store.h" |
| 10 #include "net/base/escape.h" | 12 #include "net/base/escape.h" |
| 11 #include "net/base/net_errors.h" | 13 #include "net/base/net_errors.h" |
| 12 #include "net/cert/cert_status_flags.h" | 14 #include "net/cert/cert_status_flags.h" |
| 13 #include "net/ssl/ssl_info.h" | 15 #include "net/ssl/ssl_info.h" |
| 14 #include "ui/base/l10n/l10n_util.h" | 16 #include "ui/base/l10n/l10n_util.h" |
| 15 #include "url/gurl.h" | 17 #include "url/gurl.h" |
| 16 | 18 |
| 17 using base::UTF8ToUTF16; | 19 using base::UTF8ToUTF16; |
| 18 | 20 |
| 19 namespace ssl_errors { | 21 SSLErrorInfo::SSLErrorInfo(const base::string16& details, |
| 20 | 22 const base::string16& short_description) |
| 21 ErrorInfo::ErrorInfo(const base::string16& details, | 23 : details_(details), |
| 22 const base::string16& short_description) | 24 short_description_(short_description) { |
| 23 : details_(details), short_description_(short_description) {} | 25 } |
| 24 | 26 |
| 25 // static | 27 // static |
| 26 ErrorInfo ErrorInfo::CreateError(ErrorType error_type, | 28 SSLErrorInfo SSLErrorInfo::CreateError(ErrorType error_type, |
| 27 net::X509Certificate* cert, | 29 net::X509Certificate* cert, |
| 28 const GURL& request_url) { | 30 const GURL& request_url) { |
| 29 base::string16 details, short_description; | 31 base::string16 details, short_description; |
| 30 switch (error_type) { | 32 switch (error_type) { |
| 31 case CERT_COMMON_NAME_INVALID: { | 33 case CERT_COMMON_NAME_INVALID: { |
| 32 // If the certificate contains multiple DNS names, we choose the most | 34 // If the certificate contains multiple DNS names, we choose the most |
| 33 // representative one -- either the DNS name that's also in the subject | 35 // representative one -- either the DNS name that's also in the subject |
| 34 // field, or the first one. If this heuristic turns out to be | 36 // field, or the first one. If this heuristic turns out to be |
| 35 // inadequate, we can consider choosing the DNS name that is the | 37 // inadequate, we can consider choosing the DNS name that is the |
| 36 // "closest match" to the host name in the request URL, or listing all | 38 // "closest match" to the host name in the request URL, or listing all |
| 37 // the DNS names with an HTML <ul>. | 39 // the DNS names with an HTML <ul>. |
| 38 std::vector<std::string> dns_names; | 40 std::vector<std::string> dns_names; |
| 39 cert->GetDNSNames(&dns_names); | 41 cert->GetDNSNames(&dns_names); |
| 40 DCHECK(!dns_names.empty()); | 42 DCHECK(!dns_names.empty()); |
| 41 size_t i = 0; | 43 size_t i = 0; |
| 42 for (; i < dns_names.size(); ++i) { | 44 for (; i < dns_names.size(); ++i) { |
| 43 if (dns_names[i] == cert->subject().common_name) | 45 if (dns_names[i] == cert->subject().common_name) |
| 44 break; | 46 break; |
| 45 } | 47 } |
| 46 if (i == dns_names.size()) | 48 if (i == dns_names.size()) |
| 47 i = 0; | 49 i = 0; |
| 48 details = l10n_util::GetStringFUTF16( | 50 details = |
| 49 IDS_CERT_ERROR_COMMON_NAME_INVALID_DETAILS, | 51 l10n_util::GetStringFUTF16(IDS_CERT_ERROR_COMMON_NAME_INVALID_DETAILS, |
| 50 UTF8ToUTF16(request_url.host()), | 52 UTF8ToUTF16(request_url.host()), |
| 51 net::EscapeForHTML(UTF8ToUTF16(dns_names[i]))); | 53 net::EscapeForHTML( |
| 54 UTF8ToUTF16(dns_names[i]))); |
| 52 short_description = l10n_util::GetStringUTF16( | 55 short_description = l10n_util::GetStringUTF16( |
| 53 IDS_CERT_ERROR_COMMON_NAME_INVALID_DESCRIPTION); | 56 IDS_CERT_ERROR_COMMON_NAME_INVALID_DESCRIPTION); |
| 54 break; | 57 break; |
| 55 } | 58 } |
| 56 case CERT_DATE_INVALID: | 59 case CERT_DATE_INVALID: |
| 57 if (cert->HasExpired()) { | 60 if (cert->HasExpired()) { |
| 58 // Make sure to round up to the smallest integer value not less than | 61 // Make sure to round up to the smallest integer value not less than |
| 59 // the expiration value (https://crbug.com/476758). | 62 // the expiration value (https://crbug.com/476758). |
| 60 int expiration_value = | 63 int expiration_value = |
| 61 (base::Time::Now() - cert->valid_expiry()).InDays() + 1; | 64 (base::Time::Now() - cert->valid_expiry()).InDays() + 1; |
| (...skipping 15 matching lines...) Expand all Loading... |
| 77 // occurred. Both are probably rare cases. To avoid giving the wrong | 80 // occurred. Both are probably rare cases. To avoid giving the wrong |
| 78 // date, remove the information. | 81 // date, remove the information. |
| 79 details = l10n_util::GetStringFUTF16( | 82 details = l10n_util::GetStringFUTF16( |
| 80 IDS_CERT_ERROR_NOT_VALID_AT_THIS_TIME_DETAILS, | 83 IDS_CERT_ERROR_NOT_VALID_AT_THIS_TIME_DETAILS, |
| 81 UTF8ToUTF16(request_url.host())); | 84 UTF8ToUTF16(request_url.host())); |
| 82 short_description = l10n_util::GetStringUTF16( | 85 short_description = l10n_util::GetStringUTF16( |
| 83 IDS_CERT_ERROR_NOT_VALID_AT_THIS_TIME_DESCRIPTION); | 86 IDS_CERT_ERROR_NOT_VALID_AT_THIS_TIME_DESCRIPTION); |
| 84 } | 87 } |
| 85 break; | 88 break; |
| 86 case CERT_AUTHORITY_INVALID: | 89 case CERT_AUTHORITY_INVALID: |
| 87 details = | 90 details = l10n_util::GetStringFUTF16( |
| 88 l10n_util::GetStringFUTF16(IDS_CERT_ERROR_AUTHORITY_INVALID_DETAILS, | 91 IDS_CERT_ERROR_AUTHORITY_INVALID_DETAILS, |
| 89 UTF8ToUTF16(request_url.host())); | 92 UTF8ToUTF16(request_url.host())); |
| 90 short_description = l10n_util::GetStringUTF16( | 93 short_description = l10n_util::GetStringUTF16( |
| 91 IDS_CERT_ERROR_AUTHORITY_INVALID_DESCRIPTION); | 94 IDS_CERT_ERROR_AUTHORITY_INVALID_DESCRIPTION); |
| 92 break; | 95 break; |
| 93 case CERT_CONTAINS_ERRORS: | 96 case CERT_CONTAINS_ERRORS: |
| 94 details = | 97 details = l10n_util::GetStringFUTF16( |
| 95 l10n_util::GetStringFUTF16(IDS_CERT_ERROR_CONTAINS_ERRORS_DETAILS, | 98 IDS_CERT_ERROR_CONTAINS_ERRORS_DETAILS, |
| 96 UTF8ToUTF16(request_url.host())); | 99 UTF8ToUTF16(request_url.host())); |
| 97 short_description = | 100 short_description = |
| 98 l10n_util::GetStringUTF16(IDS_CERT_ERROR_CONTAINS_ERRORS_DESCRIPTION); | 101 l10n_util::GetStringUTF16(IDS_CERT_ERROR_CONTAINS_ERRORS_DESCRIPTION); |
| 99 break; | 102 break; |
| 100 case CERT_NO_REVOCATION_MECHANISM: | 103 case CERT_NO_REVOCATION_MECHANISM: |
| 101 details = l10n_util::GetStringUTF16( | 104 details = l10n_util::GetStringUTF16( |
| 102 IDS_CERT_ERROR_NO_REVOCATION_MECHANISM_DETAILS); | 105 IDS_CERT_ERROR_NO_REVOCATION_MECHANISM_DETAILS); |
| 103 short_description = l10n_util::GetStringUTF16( | 106 short_description = l10n_util::GetStringUTF16( |
| 104 IDS_CERT_ERROR_NO_REVOCATION_MECHANISM_DESCRIPTION); | 107 IDS_CERT_ERROR_NO_REVOCATION_MECHANISM_DESCRIPTION); |
| 105 break; | 108 break; |
| 106 case CERT_REVOKED: | 109 case CERT_REVOKED: |
| 107 details = l10n_util::GetStringFUTF16(IDS_CERT_ERROR_REVOKED_CERT_DETAILS, | 110 details = l10n_util::GetStringFUTF16(IDS_CERT_ERROR_REVOKED_CERT_DETAILS, |
| 108 UTF8ToUTF16(request_url.host())); | 111 UTF8ToUTF16(request_url.host())); |
| 109 short_description = | 112 short_description = |
| 110 l10n_util::GetStringUTF16(IDS_CERT_ERROR_REVOKED_CERT_DESCRIPTION); | 113 l10n_util::GetStringUTF16(IDS_CERT_ERROR_REVOKED_CERT_DESCRIPTION); |
| 111 break; | 114 break; |
| 112 case CERT_INVALID: | 115 case CERT_INVALID: |
| 113 details = l10n_util::GetStringFUTF16(IDS_CERT_ERROR_INVALID_CERT_DETAILS, | 116 details = l10n_util::GetStringFUTF16( |
| 114 UTF8ToUTF16(request_url.host())); | 117 IDS_CERT_ERROR_INVALID_CERT_DETAILS, |
| 118 UTF8ToUTF16(request_url.host())); |
| 115 short_description = | 119 short_description = |
| 116 l10n_util::GetStringUTF16(IDS_CERT_ERROR_INVALID_CERT_DESCRIPTION); | 120 l10n_util::GetStringUTF16(IDS_CERT_ERROR_INVALID_CERT_DESCRIPTION); |
| 117 break; | 121 break; |
| 118 case CERT_WEAK_SIGNATURE_ALGORITHM: | 122 case CERT_WEAK_SIGNATURE_ALGORITHM: |
| 119 details = l10n_util::GetStringFUTF16( | 123 details = l10n_util::GetStringFUTF16( |
| 120 IDS_CERT_ERROR_WEAK_SIGNATURE_ALGORITHM_DETAILS, | 124 IDS_CERT_ERROR_WEAK_SIGNATURE_ALGORITHM_DETAILS, |
| 121 UTF8ToUTF16(request_url.host())); | 125 UTF8ToUTF16(request_url.host())); |
| 122 short_description = l10n_util::GetStringUTF16( | 126 short_description = l10n_util::GetStringUTF16( |
| 123 IDS_CERT_ERROR_WEAK_SIGNATURE_ALGORITHM_DESCRIPTION); | 127 IDS_CERT_ERROR_WEAK_SIGNATURE_ALGORITHM_DESCRIPTION); |
| 124 break; | 128 break; |
| 125 case CERT_WEAK_KEY: | 129 case CERT_WEAK_KEY: |
| 126 details = l10n_util::GetStringFUTF16(IDS_CERT_ERROR_WEAK_KEY_DETAILS, | 130 details = l10n_util::GetStringFUTF16( |
| 127 UTF8ToUTF16(request_url.host())); | 131 IDS_CERT_ERROR_WEAK_KEY_DETAILS, UTF8ToUTF16(request_url.host())); |
| 128 short_description = | 132 short_description = l10n_util::GetStringUTF16( |
| 129 l10n_util::GetStringUTF16(IDS_CERT_ERROR_WEAK_KEY_DESCRIPTION); | 133 IDS_CERT_ERROR_WEAK_KEY_DESCRIPTION); |
| 130 break; | 134 break; |
| 131 case CERT_WEAK_KEY_DH: | 135 case CERT_WEAK_KEY_DH: |
| 132 details = l10n_util::GetStringFUTF16(IDS_CERT_ERROR_WEAK_KEY_DETAILS, | 136 details = l10n_util::GetStringFUTF16( |
| 133 UTF8ToUTF16(request_url.host())); | 137 IDS_CERT_ERROR_WEAK_KEY_DETAILS, UTF8ToUTF16(request_url.host())); |
| 134 short_description = | 138 short_description = l10n_util::GetStringUTF16( |
| 135 l10n_util::GetStringUTF16(IDS_CERT_ERROR_WEAK_KEY_DESCRIPTION); | 139 IDS_CERT_ERROR_WEAK_KEY_DESCRIPTION); |
| 136 case CERT_NAME_CONSTRAINT_VIOLATION: | 140 case CERT_NAME_CONSTRAINT_VIOLATION: |
| 137 details = l10n_util::GetStringFUTF16( | 141 details = l10n_util::GetStringFUTF16( |
| 138 IDS_CERT_ERROR_NAME_CONSTRAINT_VIOLATION_DETAILS, | 142 IDS_CERT_ERROR_NAME_CONSTRAINT_VIOLATION_DETAILS, |
| 139 UTF8ToUTF16(request_url.host())); | 143 UTF8ToUTF16(request_url.host())); |
| 140 short_description = l10n_util::GetStringUTF16( | 144 short_description = l10n_util::GetStringUTF16( |
| 141 IDS_CERT_ERROR_NAME_CONSTRAINT_VIOLATION_DESCRIPTION); | 145 IDS_CERT_ERROR_NAME_CONSTRAINT_VIOLATION_DESCRIPTION); |
| 142 break; | 146 break; |
| 143 case CERT_VALIDITY_TOO_LONG: | 147 case CERT_VALIDITY_TOO_LONG: |
| 144 details = | 148 details = |
| 145 l10n_util::GetStringFUTF16(IDS_CERT_ERROR_VALIDITY_TOO_LONG_DETAILS, | 149 l10n_util::GetStringFUTF16(IDS_CERT_ERROR_VALIDITY_TOO_LONG_DETAILS, |
| 146 UTF8ToUTF16(request_url.host())); | 150 UTF8ToUTF16(request_url.host())); |
| 147 short_description = l10n_util::GetStringUTF16( | 151 short_description = l10n_util::GetStringUTF16( |
| 148 IDS_CERT_ERROR_VALIDITY_TOO_LONG_DESCRIPTION); | 152 IDS_CERT_ERROR_VALIDITY_TOO_LONG_DESCRIPTION); |
| 149 break; | 153 break; |
| 150 case CERT_PINNED_KEY_MISSING: | 154 case CERT_PINNED_KEY_MISSING: |
| 151 details = l10n_util::GetStringUTF16( | 155 details = l10n_util::GetStringUTF16( |
| 152 IDS_CERT_ERROR_SUMMARY_PINNING_FAILURE_DETAILS); | 156 IDS_ERRORPAGES_SUMMARY_PINNING_FAILURE); |
| 153 short_description = l10n_util::GetStringUTF16( | 157 short_description = l10n_util::GetStringUTF16( |
| 154 IDS_CERT_ERROR_SUMMARY_PINNING_FAILURE_DESCRIPTION); | 158 IDS_ERRORPAGES_DETAILS_PINNING_FAILURE); |
| 155 break; | 159 break; |
| 156 case CERT_UNABLE_TO_CHECK_REVOCATION: | 160 case CERT_UNABLE_TO_CHECK_REVOCATION: |
| 157 details = l10n_util::GetStringUTF16( | 161 details = l10n_util::GetStringUTF16( |
| 158 IDS_CERT_ERROR_UNABLE_TO_CHECK_REVOCATION_DETAILS); | 162 IDS_CERT_ERROR_UNABLE_TO_CHECK_REVOCATION_DETAILS); |
| 159 short_description = l10n_util::GetStringUTF16( | 163 short_description = l10n_util::GetStringUTF16( |
| 160 IDS_CERT_ERROR_UNABLE_TO_CHECK_REVOCATION_DESCRIPTION); | 164 IDS_CERT_ERROR_UNABLE_TO_CHECK_REVOCATION_DESCRIPTION); |
| 161 break; | 165 break; |
| 162 case UNKNOWN: | 166 case UNKNOWN: |
| 163 details = l10n_util::GetStringUTF16(IDS_CERT_ERROR_UNKNOWN_ERROR_DETAILS); | 167 details = l10n_util::GetStringUTF16(IDS_CERT_ERROR_UNKNOWN_ERROR_DETAILS); |
| 164 short_description = | 168 short_description = |
| 165 l10n_util::GetStringUTF16(IDS_CERT_ERROR_UNKNOWN_ERROR_DESCRIPTION); | 169 l10n_util::GetStringUTF16(IDS_CERT_ERROR_UNKNOWN_ERROR_DESCRIPTION); |
| 166 break; | 170 break; |
| 167 default: | 171 default: |
| 168 NOTREACHED(); | 172 NOTREACHED(); |
| 169 } | 173 } |
| 170 return ErrorInfo(details, short_description); | 174 return SSLErrorInfo(details, short_description); |
| 171 } | 175 } |
| 172 | 176 |
| 173 ErrorInfo::~ErrorInfo() {} | 177 SSLErrorInfo::~SSLErrorInfo() { |
| 178 } |
| 174 | 179 |
| 175 // static | 180 // static |
| 176 ErrorInfo::ErrorType ErrorInfo::NetErrorToErrorType(int net_error) { | 181 SSLErrorInfo::ErrorType SSLErrorInfo::NetErrorToErrorType(int net_error) { |
| 177 switch (net_error) { | 182 switch (net_error) { |
| 178 case net::ERR_CERT_COMMON_NAME_INVALID: | 183 case net::ERR_CERT_COMMON_NAME_INVALID: |
| 179 return CERT_COMMON_NAME_INVALID; | 184 return CERT_COMMON_NAME_INVALID; |
| 180 case net::ERR_CERT_DATE_INVALID: | 185 case net::ERR_CERT_DATE_INVALID: |
| 181 return CERT_DATE_INVALID; | 186 return CERT_DATE_INVALID; |
| 182 case net::ERR_CERT_AUTHORITY_INVALID: | 187 case net::ERR_CERT_AUTHORITY_INVALID: |
| 183 return CERT_AUTHORITY_INVALID; | 188 return CERT_AUTHORITY_INVALID; |
| 184 case net::ERR_CERT_CONTAINS_ERRORS: | 189 case net::ERR_CERT_CONTAINS_ERRORS: |
| 185 return CERT_CONTAINS_ERRORS; | 190 return CERT_CONTAINS_ERRORS; |
| 186 case net::ERR_CERT_NO_REVOCATION_MECHANISM: | 191 case net::ERR_CERT_NO_REVOCATION_MECHANISM: |
| (...skipping 12 matching lines...) Expand all Loading... |
| 199 return CERT_NAME_CONSTRAINT_VIOLATION; | 204 return CERT_NAME_CONSTRAINT_VIOLATION; |
| 200 case net::ERR_CERT_VALIDITY_TOO_LONG: | 205 case net::ERR_CERT_VALIDITY_TOO_LONG: |
| 201 return CERT_VALIDITY_TOO_LONG; | 206 return CERT_VALIDITY_TOO_LONG; |
| 202 case net::ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY: | 207 case net::ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY: |
| 203 return CERT_WEAK_KEY_DH; | 208 return CERT_WEAK_KEY_DH; |
| 204 case net::ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN: | 209 case net::ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN: |
| 205 return CERT_PINNED_KEY_MISSING; | 210 return CERT_PINNED_KEY_MISSING; |
| 206 default: | 211 default: |
| 207 NOTREACHED(); | 212 NOTREACHED(); |
| 208 return UNKNOWN; | 213 return UNKNOWN; |
| 209 } | 214 } |
| 210 } | 215 } |
| 211 | 216 |
| 212 // static | 217 // static |
| 213 void ErrorInfo::GetErrorsForCertStatus( | 218 void SSLErrorInfo::GetErrorsForCertStatus(int cert_id, |
| 214 const scoped_refptr<net::X509Certificate>& cert, | 219 net::CertStatus cert_status, |
| 215 net::CertStatus cert_status, | 220 const GURL& url, |
| 216 const GURL& url, | 221 std::vector<SSLErrorInfo>* errors) { |
| 217 std::vector<ErrorInfo>* errors) { | |
| 218 const net::CertStatus kErrorFlags[] = { | 222 const net::CertStatus kErrorFlags[] = { |
| 219 net::CERT_STATUS_COMMON_NAME_INVALID, | 223 net::CERT_STATUS_COMMON_NAME_INVALID, |
| 220 net::CERT_STATUS_DATE_INVALID, | 224 net::CERT_STATUS_DATE_INVALID, |
| 221 net::CERT_STATUS_AUTHORITY_INVALID, | 225 net::CERT_STATUS_AUTHORITY_INVALID, |
| 222 net::CERT_STATUS_NO_REVOCATION_MECHANISM, | 226 net::CERT_STATUS_NO_REVOCATION_MECHANISM, |
| 223 net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION, | 227 net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION, |
| 224 net::CERT_STATUS_REVOKED, | 228 net::CERT_STATUS_REVOKED, |
| 225 net::CERT_STATUS_INVALID, | 229 net::CERT_STATUS_INVALID, |
| 226 net::CERT_STATUS_WEAK_SIGNATURE_ALGORITHM, | 230 net::CERT_STATUS_WEAK_SIGNATURE_ALGORITHM, |
| 227 net::CERT_STATUS_WEAK_KEY, | 231 net::CERT_STATUS_WEAK_KEY, |
| 228 net::CERT_STATUS_NAME_CONSTRAINT_VIOLATION, | 232 net::CERT_STATUS_NAME_CONSTRAINT_VIOLATION, |
| 229 net::CERT_STATUS_VALIDITY_TOO_LONG, | 233 net::CERT_STATUS_VALIDITY_TOO_LONG, |
| 230 }; | 234 }; |
| 231 | 235 |
| 232 const ErrorType kErrorTypes[] = { | 236 const ErrorType kErrorTypes[] = { |
| 233 CERT_COMMON_NAME_INVALID, | 237 CERT_COMMON_NAME_INVALID, |
| 234 CERT_DATE_INVALID, | 238 CERT_DATE_INVALID, |
| 235 CERT_AUTHORITY_INVALID, | 239 CERT_AUTHORITY_INVALID, |
| 236 CERT_NO_REVOCATION_MECHANISM, | 240 CERT_NO_REVOCATION_MECHANISM, |
| 237 CERT_UNABLE_TO_CHECK_REVOCATION, | 241 CERT_UNABLE_TO_CHECK_REVOCATION, |
| 238 CERT_REVOKED, | 242 CERT_REVOKED, |
| 239 CERT_INVALID, | 243 CERT_INVALID, |
| 240 CERT_WEAK_SIGNATURE_ALGORITHM, | 244 CERT_WEAK_SIGNATURE_ALGORITHM, |
| 241 CERT_WEAK_KEY, | 245 CERT_WEAK_KEY, |
| 242 CERT_NAME_CONSTRAINT_VIOLATION, | 246 CERT_NAME_CONSTRAINT_VIOLATION, |
| 243 CERT_VALIDITY_TOO_LONG, | 247 CERT_VALIDITY_TOO_LONG, |
| 244 }; | 248 }; |
| 245 DCHECK(arraysize(kErrorFlags) == arraysize(kErrorTypes)); | 249 DCHECK(arraysize(kErrorFlags) == arraysize(kErrorTypes)); |
| 246 | 250 |
| 251 scoped_refptr<net::X509Certificate> cert = NULL; |
| 247 for (size_t i = 0; i < arraysize(kErrorFlags); ++i) { | 252 for (size_t i = 0; i < arraysize(kErrorFlags); ++i) { |
| 248 if ((cert_status & kErrorFlags[i]) && errors) { | 253 if (cert_status & kErrorFlags[i]) { |
| 249 errors->push_back( | 254 if (!cert.get()) { |
| 250 ErrorInfo::CreateError(kErrorTypes[i], cert.get(), url)); | 255 bool r = content::CertStore::GetInstance()->RetrieveCert( |
| 256 cert_id, &cert); |
| 257 DCHECK(r); |
| 258 } |
| 259 if (errors) { |
| 260 errors->push_back( |
| 261 SSLErrorInfo::CreateError(kErrorTypes[i], cert.get(), url)); |
| 262 } |
| 251 } | 263 } |
| 252 } | 264 } |
| 253 } | 265 } |
| 254 | |
| 255 } // namespace ssl_errors | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1351773002:
Revert "Create a component for SSL error handling" (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master