Chromium Code Reviews Chromium Code Reviews
Issue 1779383002:
MacViews: Remove constrained window dependencies for certificate viewer. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #import "chrome/browser/ui/cocoa/certificate_viewer_mac.h" | 5 #import "chrome/browser/ui/cocoa/certificate_viewer_mac.h" |
| 6 | 6 |
| 7 #include <Security/Security.h> | 7 #include <Security/Security.h> |
| 8 #include <SecurityInterface/SFCertificatePanel.h> | 8 #include <SecurityInterface/SFCertificatePanel.h> |
|
tapted
2016/03/21 02:47:13
These includes shouldn't be needed
Patti Lor
2016/05/03 00:05:00
Done.
| |
| 9 #include <vector> | |
| 10 | 9 |
| 11 #include "base/mac/foundation_util.h" | 10 #include "base/mac/foundation_util.h" |
| 12 #include "base/mac/scoped_cftyperef.h" | 11 #include "base/mac/scoped_cftyperef.h" |
|
tapted
2016/03/21 02:47:13
nor this
Patti Lor
2016/05/03 00:05:00
Done.
| |
| 13 #include "base/macros.h" | 12 #include "base/macros.h" |
|
tapted
2016/03/21 02:47:12
or this - but there should probable be a base/logg
Patti Lor
2016/05/03 00:05:00
Done.
| |
| 14 #include "chrome/browser/certificate_viewer.h" | 13 #include "chrome/browser/certificate_viewer.h" |
| 15 #import "chrome/browser/ui/cocoa/constrained_window/constrained_window_mac.h" | |
| 16 #import "chrome/browser/ui/cocoa/constrained_window/constrained_window_sheet.h" | 14 #import "chrome/browser/ui/cocoa/constrained_window/constrained_window_sheet.h" |
| 17 #import "chrome/browser/ui/cocoa/constrained_window/constrained_window_sheet_con troller.h" | 15 #import "chrome/browser/ui/cocoa/constrained_window/constrained_window_sheet_con troller.h" |
| 18 #include "net/cert/x509_certificate.h" | 16 #include "net/cert/x509_certificate.h" |
| 19 #include "net/cert/x509_util_mac.h" | 17 #include "net/cert/x509_util_mac.h" |
|
tapted
2016/03/21 02:47:13
the net/cert includes probably aren't needed eithe
Patti Lor
2016/05/03 00:05:00
Done.
| |
| 20 #import "ui/base/cocoa/window_size_constants.h" | 18 #import "ui/base/cocoa/window_size_constants.h" |
|
tapted
2016/03/21 02:47:13
this seems unused too, (but that seems to have alw
Patti Lor
2016/05/03 00:05:00
Done.
| |
| 21 | 19 |
| 22 class SSLCertificateViewerCocoaBridge; | |
| 23 | |
| 24 @interface SFCertificatePanel (SystemPrivate) | |
| 25 // A system-private interface that dismisses a panel whose sheet was started by | |
| 26 // -beginSheetForWindow: | |
| 27 // modalDelegate: | |
| 28 // didEndSelector: | |
| 29 // contextInfo: | |
| 30 // certificates: | |
| 31 // showGroup: | |
| 32 // as though the user clicked the button identified by returnCode. Verified | |
| 33 // present in 10.8. | |
| 34 - (void)_dismissWithCode:(NSInteger)code; | |
| 35 @end | |
| 36 | |
| 37 @interface SSLCertificateViewerCocoa () | |
| 38 - (void)onConstrainedWindowClosed; | |
| 39 @end | |
| 40 | 20 |
| 41 class SSLCertificateViewerCocoaBridge : public ConstrainedWindowMacDelegate { | 21 class SSLCertificateViewerCocoaBridge : public ConstrainedWindowMacDelegate { |
| 42 public: | 22 public: |
| 43 explicit SSLCertificateViewerCocoaBridge(SSLCertificateViewerCocoa * | 23 explicit SSLCertificateViewerCocoaBridge(SSLCertificateViewerCocoa * |
| 44 controller) | 24 controller) |
| 45 : controller_(controller) { | 25 : controller_(controller) { |
| 46 } | 26 } |
| 47 | 27 |
| 48 virtual ~SSLCertificateViewerCocoaBridge() {} | 28 virtual ~SSLCertificateViewerCocoaBridge() {} |
| 49 | 29 |
| 50 // ConstrainedWindowMacDelegate implementation: | 30 // ConstrainedWindowMacDelegate implementation: |
| 51 void OnConstrainedWindowClosed(ConstrainedWindowMac* window) override { | 31 void OnConstrainedWindowClosed(ConstrainedWindowMac* window) override { |
| 52 // |onConstrainedWindowClosed| will delete the sheet which might be still | 32 // |onConstrainedWindowClosed| will delete the sheet which might be still |
| 53 // in use higher up the call stack. Wait for the next cycle of the event | 33 // in use higher up the call stack. Wait for the next cycle of the event |
| 54 // loop to call this function. | 34 // loop to call this function. |
| 55 [controller_ performSelector:@selector(onConstrainedWindowClosed) | 35 [controller_ performSelector:@selector(onConstrainedWindowClosed) |
| 56 withObject:nil | 36 withObject:nil |
| 57 afterDelay:0]; | 37 afterDelay:0]; |
| 58 } | 38 } |
| 59 | 39 |
| 60 private: | 40 private: |
| 61 SSLCertificateViewerCocoa* controller_; // weak | 41 SSLCertificateViewerCocoa* controller_; // weak |
| 62 | 42 |
| 63 DISALLOW_COPY_AND_ASSIGN(SSLCertificateViewerCocoaBridge); | 43 DISALLOW_COPY_AND_ASSIGN(SSLCertificateViewerCocoaBridge); |
| 64 }; | 44 }; |
| 65 | 45 |
| 66 void ShowCertificateViewer(content::WebContents* web_contents, | |
| 67 gfx::NativeWindow parent, | |
| 68 net::X509Certificate* cert) { | |
| 69 // SSLCertificateViewerCocoa will manage its own lifetime and will release | |
| 70 // itself when the dialog is closed. | |
| 71 // See -[SSLCertificateViewerCocoa onConstrainedWindowClosed]. | |
| 72 SSLCertificateViewerCocoa* viewer = | |
| 73 [[SSLCertificateViewerCocoa alloc] initWithCertificate:cert]; | |
| 74 [viewer displayForWebContents:web_contents]; | |
| 75 } | |
| 76 | |
| 77 @implementation SSLCertificateViewerCocoa | 46 @implementation SSLCertificateViewerCocoa |
| 78 | 47 |
| 79 - (id)initWithCertificate:(net::X509Certificate*)certificate { | |
| 80 if ((self = [super init])) { | |
| 81 base::ScopedCFTypeRef<CFArrayRef> cert_chain( | |
| 82 certificate->CreateOSCertChainForCert()); | |
| 83 NSArray* certificates = base::mac::CFToNSCast(cert_chain.get()); | |
| 84 certificates_.reset([certificates retain]); | |
| 85 } | |
| 86 return self; | |
| 87 } | |
| 88 | |
| 89 - (void)sheetDidEnd:(NSWindow*)parent | 48 - (void)sheetDidEnd:(NSWindow*)parent |
| 90 returnCode:(NSInteger)returnCode | 49 returnCode:(NSInteger)returnCode |
| 91 context:(void*)context { | 50 context:(void*)context { |
| 92 if (!closePending_) | 51 if (!closePending_) |
| 93 constrainedWindow_->CloseWebContentsModalDialog(); | 52 constrainedWindow_->CloseWebContentsModalDialog(); |
| 94 } | 53 } |
| 95 | 54 |
| 96 - (void)displayForWebContents:(content::WebContents*)webContents { | 55 - (void)displayForWebContents:(content::WebContents*)webContents { |
| 97 // Explicitly disable revocation checking, regardless of user preferences | 56 [super displayForWebContents:webContents]; |
| 98 // or system settings. The behaviour of SFCertificatePanel is to call | |
| 99 // SecTrustEvaluate on the certificate(s) supplied, effectively | |
| 100 // duplicating the behaviour of net::X509Certificate::Verify(). However, | |
| 101 // this call stalls the UI if revocation checking is enabled in the | |
| 102 // Keychain preferences or if the cert may be an EV cert. By disabling | |
| 103 // revocation checking, the stall is limited to the time taken for path | |
| 104 // building and verification, which should be minimized due to the path | |
| 105 // being provided in |certificates|. This does not affect normal | |
| 106 // revocation checking from happening, which is controlled by | |
| 107 // net::X509Certificate::Verify() and user preferences, but will prevent | |
| 108 // the certificate viewer UI from displaying which certificate is revoked. | |
| 109 // This is acceptable, as certificate revocation will still be shown in | |
| 110 // the page info bubble if a certificate in the chain is actually revoked. | |
| 111 base::ScopedCFTypeRef<CFMutableArrayRef> policies( | |
| 112 CFArrayCreateMutable(kCFAllocatorDefault, 0, &kCFTypeArrayCallBacks)); | |
| 113 if (!policies.get()) { | |
| 114 NOTREACHED(); | |
| 115 return; | |
| 116 } | |
| 117 // Add a basic X.509 policy, in order to match the behaviour of | |
| 118 // SFCertificatePanel when no policies are specified. | |
| 119 SecPolicyRef basic_policy = NULL; | |
| 120 OSStatus status = net::x509_util::CreateBasicX509Policy(&basic_policy); | |
| 121 if (status != noErr) { | |
| 122 NOTREACHED(); | |
| 123 return; | |
| 124 } | |
| 125 CFArrayAppendValue(policies, basic_policy); | |
| 126 CFRelease(basic_policy); | |
| 127 | |
| 128 status = net::x509_util::CreateRevocationPolicies(false, false, policies); | |
| 129 if (status != noErr) { | |
| 130 NOTREACHED(); | |
| 131 return; | |
| 132 } | |
| 133 | |
| 134 panel_.reset([[SFCertificatePanel alloc] init]); | |
| 135 [panel_ setPolicies:(id) policies.get()]; | |
| 136 | 57 |
| 137 constrainedWindow_ = | 58 constrainedWindow_ = |
| 138 CreateAndShowWebModalDialogMac(observer_.get(), webContents, self); | 59 CreateAndShowWebModalDialogMac(observer_.get(), webContents, self); |
| 139 } | 60 } |
| 140 | 61 |
| 141 - (NSWindow*)overlayWindow { | 62 - (NSWindow*)overlayWindow { |
| 142 return overlayWindow_; | 63 return overlayWindow_; |
| 143 } | 64 } |
| 144 | 65 |
| 145 - (void)showSheetForWindow:(NSWindow*)window { | 66 - (void)showSheetForWindow:(NSWindow*)window { |
| (...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 197 return panel_; | 118 return panel_; |
| 198 } | 119 } |
| 199 | 120 |
| 200 - (void)onConstrainedWindowClosed { | 121 - (void)onConstrainedWindowClosed { |
| 201 panel_.reset(); | 122 panel_.reset(); |
| 202 constrainedWindow_.reset(); | 123 constrainedWindow_.reset(); |
| 203 [self release]; | 124 [self release]; |
| 204 } | 125 } |
| 205 | 126 |
| 206 @end | 127 @end |
| 128 | |
| 129 void ShowCertificateViewer(content::WebContents* web_contents, | |
| 130 gfx::NativeWindow parent, | |
| 131 net::X509Certificate* cert) { | |
| 132 SSLCertificateViewerCocoa* viewer = | |
| 133 [[SSLCertificateViewerCocoa alloc] initWithCertificate:cert]; | |
| 134 [viewer displayForWebContents:web_contents]; | |
| 135 } | |
| OLD | NEW |
