Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(473)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/ssl/ssl_error_handler.cc

Issue 1772143002: Use network time for bad clock interstitial. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: estark review 1 Created 4 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/browser/ssl/ssl_browser_tests.cc ('k') | components/BUILD.gn » ('j') | components/security_interstitials/core/bad_clock_ui.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/ssl/ssl_error_handler.h" 5 #include "chrome/browser/ssl/ssl_error_handler.h"
6 6
7 #include <stdint.h> 7 #include <stdint.h>
8 #include <utility> 8 #include <utility>
9 9
10 #include "base/callback_helpers.h" 10 #include "base/callback_helpers.h"
11 #include "base/macros.h" 11 #include "base/macros.h"
12 #include "base/metrics/field_trial.h" 12 #include "base/metrics/field_trial.h"
13 #include "base/metrics/histogram.h" 13 #include "base/metrics/histogram.h"
14 #include "base/strings/stringprintf.h" 14 #include "base/strings/stringprintf.h"
15 #include "base/time/clock.h" 15 #include "base/time/clock.h"
16 #include "base/time/time.h" 16 #include "base/time/time.h"
17 #include "chrome/browser/browser_process.h"
17 #include "chrome/browser/profiles/profile.h" 18 #include "chrome/browser/profiles/profile.h"
18 #include "chrome/browser/ssl/bad_clock_blocking_page.h" 19 #include "chrome/browser/ssl/bad_clock_blocking_page.h"
19 #include "chrome/browser/ssl/ssl_blocking_page.h" 20 #include "chrome/browser/ssl/ssl_blocking_page.h"
20 #include "chrome/browser/ssl/ssl_cert_reporter.h" 21 #include "chrome/browser/ssl/ssl_cert_reporter.h"
21 #include "components/ssl_errors/error_classification.h" 22 #include "components/ssl_errors/error_classification.h"
22 #include "components/ssl_errors/error_info.h" 23 #include "components/ssl_errors/error_info.h"
23 #include "content/public/browser/notification_service.h" 24 #include "content/public/browser/notification_service.h"
24 #include "content/public/browser/notification_source.h" 25 #include "content/public/browser/notification_source.h"
25 #include "content/public/browser/render_frame_host.h" 26 #include "content/public/browser/render_frame_host.h"
26 #include "content/public/browser/web_contents.h" 27 #include "content/public/browser/web_contents.h"
27 #include "net/base/net_errors.h" 28 #include "net/base/net_errors.h"
28 29
29 #if defined(ENABLE_CAPTIVE_PORTAL_DETECTION) 30 #if defined(ENABLE_CAPTIVE_PORTAL_DETECTION)
30 #include "chrome/browser/captive_portal/captive_portal_service.h" 31 #include "chrome/browser/captive_portal/captive_portal_service.h"
31 #include "chrome/browser/captive_portal/captive_portal_service_factory.h" 32 #include "chrome/browser/captive_portal/captive_portal_service_factory.h"
32 #include "chrome/browser/captive_portal/captive_portal_tab_helper.h" 33 #include "chrome/browser/captive_portal/captive_portal_tab_helper.h"
33 #include "chrome/browser/ssl/captive_portal_blocking_page.h" 34 #include "chrome/browser/ssl/captive_portal_blocking_page.h"
34 #endif 35 #endif
35 36
37 namespace network_time {
38 class NetworkTimeTracker;
39 }
40
36 namespace { 41 namespace {
37 42
38 // The delay in milliseconds before displaying the SSL interstitial. 43 // The delay in milliseconds before displaying the SSL interstitial.
39 // This can be changed in tests. 44 // This can be changed in tests.
40 // - If there is a name mismatch and a suggested URL available result arrives 45 // - If there is a name mismatch and a suggested URL available result arrives
41 // during this time, the user is redirected to the suggester URL. 46 // during this time, the user is redirected to the suggester URL.
42 // - If a "captive portal detected" result arrives during this time, 47 // - If a "captive portal detected" result arrives during this time,
43 // a captive portal interstitial is displayed. 48 // a captive portal interstitial is displayed.
44 // - Otherwise, an SSL interstitial is displayed. 49 // - Otherwise, an SSL interstitial is displayed.
45 int64_t g_interstitial_delay_in_milliseconds = 2000; 50 int64_t g_interstitial_delay_in_milliseconds = 2000;
(...skipping 88 matching lines...) Expand 10 before | Expand all | Expand 10 after
134 bool IsSSLCommonNameMismatchHandlingEnabled() { 139 bool IsSSLCommonNameMismatchHandlingEnabled() {
135 return base::FieldTrialList::FindFullName("SSLCommonNameMismatchHandling") == 140 return base::FieldTrialList::FindFullName("SSLCommonNameMismatchHandling") ==
136 "Enabled"; 141 "Enabled";
137 } 142 }
138 143
139 bool IsErrorDueToBadClock(const base::Time& now, int error) { 144 bool IsErrorDueToBadClock(const base::Time& now, int error) {
140 if (ssl_errors::ErrorInfo::NetErrorToErrorType(error) != 145 if (ssl_errors::ErrorInfo::NetErrorToErrorType(error) !=
141 ssl_errors::ErrorInfo::CERT_DATE_INVALID) { 146 ssl_errors::ErrorInfo::CERT_DATE_INVALID) {
142 return false; 147 return false;
143 } 148 }
144 return ssl_errors::IsUserClockInThePast(now) || 149 switch (ssl_errors::GetClockState(
145 ssl_errors::IsUserClockInTheFuture(now); 150 now, g_browser_process->network_time_tracker())) {
151 case ssl_errors::NETWORK_FUTURE:
152 case ssl_errors::NETWORK_PAST:
153 case ssl_errors::BUILD_FUTURE:
154 case ssl_errors::BUILD_PAST:
155 return true;
156 default:
157 return false;
158 }
146 } 159 }
147 160
148 } // namespace 161 } // namespace
149 162
150 DEFINE_WEB_CONTENTS_USER_DATA_KEY(SSLErrorHandler); 163 DEFINE_WEB_CONTENTS_USER_DATA_KEY(SSLErrorHandler);
151 DEFINE_WEB_CONTENTS_USER_DATA_KEY(CommonNameMismatchRedirectObserver); 164 DEFINE_WEB_CONTENTS_USER_DATA_KEY(CommonNameMismatchRedirectObserver);
152 165
153 void SSLErrorHandler::HandleSSLError( 166 void SSLErrorHandler::HandleSSLError(
154 content::WebContents* web_contents, 167 content::WebContents* web_contents,
155 int cert_error, 168 int cert_error,
(...skipping 247 matching lines...) Expand 10 before | Expand all | Expand 10 after
403 if (!callback_.is_null()) { 416 if (!callback_.is_null()) {
404 base::ResetAndReturn(&callback_).Run(false); 417 base::ResetAndReturn(&callback_).Run(false);
405 } 418 }
406 if (common_name_mismatch_handler_) { 419 if (common_name_mismatch_handler_) {
407 common_name_mismatch_handler_->Cancel(); 420 common_name_mismatch_handler_->Cancel();
408 common_name_mismatch_handler_.reset(); 421 common_name_mismatch_handler_.reset();
409 } 422 }
410 // Deletes |this| and also destroys the timer. 423 // Deletes |this| and also destroys the timer.
411 web_contents_->RemoveUserData(UserDataKey()); 424 web_contents_->RemoveUserData(UserDataKey());
412 } 425 }
OLDNEW
« no previous file with comments | « chrome/browser/ssl/ssl_browser_tests.cc ('k') | components/BUILD.gn » ('j') | components/security_interstitials/core/bad_clock_ui.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698