Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(47)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/ui/browser.cc

Issue 1727133002: Expose TLS settings in the Security panel overview, and call out individual obsolete settings. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Respond to comments; simplify a lot of the strings; take out IsObsoleteTLSCipherSuite(). Created 4 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« chrome/app/generated_resources.grd ('K') | « chrome/app/generated_resources.grd ('k') | chrome/browser/ui/website_settings/website_settings.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/ui/browser.cc
diff --git a/chrome/browser/ui/browser.cc b/chrome/browser/ui/browser.cc
index 9512433473b7a625f4b34d7545c992ed58b4836f..d4bac85b5a6631b3c340a4f6e67a629a0015faa3 100644
--- a/chrome/browser/ui/browser.cc
+++ b/chrome/browser/ui/browser.cc
@@ -9,6 +9,7 @@
#include <algorithm>
#include <string>
#include <utility>
+#include <vector>
#include "base/base_paths.h"
#include "base/bind.h"
@@ -20,6 +21,7 @@
#include "base/process/process_info.h"
#include "base/profiler/scoped_tracker.h"
#include "base/single_thread_task_runner.h"
+#include "base/strings/string16.h"
#include "base/strings/string_number_conversions.h"
#include "base/strings/string_util.h"
#include "base/strings/stringprintf.h"
@@ -209,6 +211,8 @@
#include "net/base/filename_util.h"
#include "net/base/registry_controlled_domains/registry_controlled_domain.h"
#include "net/cookies/cookie_monster.h"
+#include "net/ssl/ssl_cipher_suite_names.h"
+#include "net/ssl/ssl_connection_status_flags.h"
#include "net/url_request/url_request_context.h"
#include "third_party/WebKit/public/web/WebWindowFeatures.h"
#include "ui/base/l10n/l10n_util.h"
@@ -1403,12 +1407,68 @@ content::SecurityStyle Browser::GetSecurityStyle(
}
}
- if (security_info.is_secure_protocol_and_ciphersuite) {
+ int ssl_version =
+ net::SSLConnectionStatusToVersion(security_info.connection_status);
+ const char* protocol;
+ net::SSLVersionToString(&protocol, ssl_version);
+
+ const char* key_exchange;
+ const char* cipher;
+ const char* mac;
+ bool is_aead;
+ uint16_t cipher_suite =
+ net::SSLConnectionStatusToCipherSuite(security_info.connection_status);
+ net::SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead,
+ cipher_suite);
+
+ base::string16 protocol_name = base::ASCIIToUTF16(protocol);
+ base::string16 key_exchange_name = base::ASCIIToUTF16(key_exchange);
+ const base::string16 cipher_name =
+ (mac == NULL) ? base::ASCIIToUTF16(cipher)
+ : l10n_util::GetStringFUTF16(IDS_CIPHER_WITH_MAC,
+ base::ASCIIToUTF16(cipher),
+ base::ASCIIToUTF16(mac));
+
+ if (security_info.obsolete_ssl_status == net::OBSOLETE_SSL_NONE) {
security_style_explanations->secure_explanations.push_back(
content::SecurityStyleExplanation(
- l10n_util::GetStringUTF8(IDS_SECURE_PROTOCOL_AND_CIPHERSUITE),
- l10n_util::GetStringUTF8(
- IDS_SECURE_PROTOCOL_AND_CIPHERSUITE_DESCRIPTION)));
+ l10n_util::GetStringUTF8(IDS_STRONG_SSL_SUMMARY),
+ l10n_util::GetStringFUTF8(IDS_STRONG_SSL_DESCRIPTION, protocol_name,
+ key_exchange_name, cipher_name)));
+ } else {
+ // We avoid trying to show TLS details when we couldn't even establish a TLS
+ // connection (e.g. for net errors). We check the cert_id to see if there
+ // was a connection.
+ if (security_info.cert_id != 0) {
+ std::vector<base::string16> description_replacements;
+ int status = security_info.obsolete_ssl_status;
+ int str_id;
+
+ str_id = (status & net::OBSOLETE_SSL_MASK_PROTOCOL)
+ ? IDS_SSL_AN_OBSOLETE_PROTOCOL
+ : IDS_SSL_A_STRONG_PROTOCOL;
+ description_replacements.push_back(l10n_util::GetStringUTF16(str_id));
+ description_replacements.push_back(protocol_name);
+
+ str_id = (status & net::OBSOLETE_SSL_MASK_KEY_EXCHANGE)
+ ? IDS_SSL_AN_OBSOLETE_KEY_EXCHANGE
+ : IDS_SSL_A_STRONG_KEY_EXCHANGE;
+ description_replacements.push_back(l10n_util::GetStringUTF16(str_id));
+ description_replacements.push_back(key_exchange_name);
+
+ str_id = (status & net::OBSOLETE_SSL_MASK_CIPHER)
+ ? IDS_SSL_AN_OBSOLETE_CIPHER
+ : IDS_SSL_A_STRONG_CIPHER;
+ description_replacements.push_back(l10n_util::GetStringUTF16(str_id));
+ description_replacements.push_back(cipher_name);
+
+ security_style_explanations->info_explanations.push_back(
+ content::SecurityStyleExplanation(
+ l10n_util::GetStringUTF8(IDS_OBSOLETE_SSL_SUMMARY),
+ base::UTF16ToUTF8(l10n_util::GetStringFUTF16(
+ IDS_OBSOLETE_SSL_DESCRIPTION, description_replacements,
+ nullptr))));
+ }
}
return security_style;
« chrome/app/generated_resources.grd ('K') | « chrome/app/generated_resources.grd ('k') | chrome/browser/ui/website_settings/website_settings.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698