Index: chrome/browser/ui/browser.cc |
diff --git a/chrome/browser/ui/browser.cc b/chrome/browser/ui/browser.cc |
index b9d1732cd8684228650c2df23a39ddfc535cf2d2..d62b5690ef5bcc14cbd9fe2442d9a6e5f563bc35 100644 |
--- a/chrome/browser/ui/browser.cc |
+++ b/chrome/browser/ui/browser.cc |
@@ -9,6 +9,7 @@ |
#include <algorithm> |
#include <string> |
#include <utility> |
+#include <vector> |
#include "base/base_paths.h" |
#include "base/bind.h" |
@@ -20,10 +21,12 @@ |
#include "base/process/process_info.h" |
#include "base/profiler/scoped_tracker.h" |
#include "base/single_thread_task_runner.h" |
+#include "base/strings/string16.h" |
#include "base/strings/string_number_conversions.h" |
#include "base/strings/string_util.h" |
#include "base/strings/stringprintf.h" |
#include "base/strings/utf_string_conversions.h" |
+#include "base/strings/utf_string_conversions.h" |
davidben
2016/04/11 16:47:01
Duplicate include
lgarron
2016/04/12 02:25:08
*shakes fist at C++ and shakes hand with `goimport
|
#include "base/thread_task_runner_handle.h" |
#include "base/threading/thread.h" |
#include "base/threading/thread_restrictions.h" |
@@ -209,6 +212,8 @@ |
#include "net/base/filename_util.h" |
#include "net/base/registry_controlled_domains/registry_controlled_domain.h" |
#include "net/cookies/cookie_monster.h" |
+#include "net/ssl/ssl_cipher_suite_names.h" |
+#include "net/ssl/ssl_connection_status_flags.h" |
#include "net/url_request/url_request_context.h" |
#include "third_party/WebKit/public/web/WebWindowFeatures.h" |
#include "ui/base/l10n/l10n_util.h" |
@@ -1402,12 +1407,97 @@ content::SecurityStyle Browser::GetSecurityStyle( |
} |
} |
- if (security_info.is_secure_protocol_and_ciphersuite) { |
+ int ssl_version = |
+ net::SSLConnectionStatusToVersion(security_info.connection_status); |
+ const char* protocol; |
+ net::SSLVersionToString(&protocol, ssl_version); |
+ |
+ const char* key_exchange; |
+ const char* cipher; |
+ const char* mac; |
+ bool is_aead; |
+ uint16_t cipher_suite = |
+ net::SSLConnectionStatusToCipherSuite(security_info.connection_status); |
+ net::SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, |
+ cipher_suite); |
+ |
+ base::string16 protocol_name = base::ASCIIToUTF16(protocol); |
+ base::string16 key_exchange_name = base::ASCIIToUTF16(key_exchange); |
+ const base::string16 cipher_suite_name = |
+ (mac == NULL) ? base::ASCIIToUTF16(cipher) |
+ : l10n_util::GetStringFUTF16(IDS_CIPHERSUITE_WITH_MAC, |
+ base::ASCIIToUTF16(cipher), |
+ base::ASCIIToUTF16(mac)); |
+ |
+ if (security_info.obsolete_ssl_status == net::OBSOLETE_SSL_NONE) { |
security_style_explanations->secure_explanations.push_back( |
content::SecurityStyleExplanation( |
l10n_util::GetStringUTF8(IDS_SECURE_PROTOCOL_AND_CIPHERSUITE), |
- l10n_util::GetStringUTF8( |
- IDS_SECURE_PROTOCOL_AND_CIPHERSUITE_DESCRIPTION))); |
+ l10n_util::GetStringFUTF8( |
+ IDS_SECURE_PROTOCOL_AND_CIPHERSUITE_DESCRIPTION, protocol_name, |
+ key_exchange_name, cipher_suite_name))); |
+ } else if (security_info.cert_id != 0) { |
+ std::vector<base::string16> summary_replacements; |
+ std::vector<base::string16> description_replacements; |
+ |
+ if (security_info.obsolete_ssl_status & net::OBSOLETE_SSL_MASK_PROTOCOL) { |
+ description_replacements.push_back( |
+ l10n_util::GetStringUTF16(IDS_SSL_AN_OBSOLETE)); |
+ summary_replacements.push_back( |
+ l10n_util::GetStringUTF16(IDS_SSL_PROTOCOL)); |
+ } else { |
+ description_replacements.push_back( |
+ l10n_util::GetStringUTF16(IDS_SSL_A_MODERN)); |
+ } |
+ description_replacements.push_back(protocol_name); |
+ |
+ if (security_info.obsolete_ssl_status & |
+ net::OBSOLETE_SSL_MASK_KEY_EXCHANGE) { |
+ description_replacements.push_back( |
+ l10n_util::GetStringUTF16(IDS_SSL_AN_OBSOLETE)); |
+ summary_replacements.push_back( |
+ l10n_util::GetStringUTF16(IDS_SSL_KEY_EXCHANGE)); |
+ } else { |
+ description_replacements.push_back( |
+ l10n_util::GetStringUTF16(IDS_SSL_A_MODERN)); |
+ } |
+ description_replacements.push_back(key_exchange_name); |
+ |
+ if (security_info.obsolete_ssl_status & |
+ net::OBSOLETE_SSL_MASK_CIPHER_SUITE) { |
+ description_replacements.push_back( |
+ l10n_util::GetStringUTF16(IDS_SSL_AN_OBSOLETE)); |
+ summary_replacements.push_back( |
+ l10n_util::GetStringUTF16(IDS_SSL_CIPHER_SUITE)); |
+ } else { |
+ description_replacements.push_back( |
+ l10n_util::GetStringUTF16(IDS_SSL_A_MODERN)); |
+ } |
+ description_replacements.push_back(cipher_suite_name); |
+ |
+ int summary_message_id; |
+ switch (summary_replacements.size()) { |
+ case 1: |
+ summary_message_id = IDS_SINGLE_OBSOLETE_TLS_SETTING; |
+ break; |
+ case 2: |
+ summary_message_id = IDS_TWO_OBSOLETE_TLS_SETTINGS; |
+ break; |
+ case 3: |
+ summary_message_id = IDS_THREE_OBSOLETE_TLS_SETTINGS; |
+ break; |
+ default: |
+ summary_message_id = 0; |
+ NOTREACHED(); |
+ } |
+ |
+ security_style_explanations->info_explanations.push_back( |
+ content::SecurityStyleExplanation( |
+ base::UTF16ToUTF8(l10n_util::GetStringFUTF16( |
+ summary_message_id, summary_replacements, nullptr)), |
+ base::UTF16ToUTF8(l10n_util::GetStringFUTF16( |
+ IDS_OBSOLETE_SSL_DESCRIPTION, description_replacements, |
+ nullptr)))); |
} |
return security_style; |