OLD | NEW |
---|---|
1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/ssl/ssl_host_state.h" | 5 #include "chrome/browser/ssl/ssl_host_state.h" |
6 | 6 |
7 #include "base/logging.h" | 7 #include "base/logging.h" |
8 | 8 |
9 namespace { | 9 namespace { |
10 | 10 |
11 static const char kDot = '.'; | 11 static const char kDot = '.'; |
12 | 12 |
13 static bool IsIntranetHost(const std::string& host) { | 13 static bool IsIntranetHost(const std::string& host) { |
14 const size_t dot = host.find(kDot); | 14 const size_t dot = host.find(kDot); |
15 return dot == std::string::npos || dot == host.length() - 1; | 15 return dot == std::string::npos || dot == host.length() - 1; |
16 } | 16 } |
17 | 17 |
18 } // namespace | 18 } // namespace |
19 | 19 |
20 SSLHostState::SSLHostState() { | 20 SSLHostState::SSLHostState() { |
21 } | 21 } |
22 | 22 |
23 SSLHostState::~SSLHostState() { | 23 SSLHostState::~SSLHostState() { |
24 } | 24 } |
25 | 25 |
26 void SSLHostState::MarkHostAsBroken(const std::string& host, int pid) { | 26 void SSLHostState::HostRanInsecureContent(const std::string& host, int pid) { |
27 DCHECK(CalledOnValidThread()); | |
28 ran_insecure_content_hosts_.insert(BrokenHostEntry(host, pid)); | |
29 } | |
30 | |
31 bool SSLHostState::DidHostRunInsecureContent(const std::string& host, | |
32 int pid) const { | |
27 DCHECK(CalledOnValidThread()); | 33 DCHECK(CalledOnValidThread()); |
28 | 34 |
29 broken_hosts_.insert(BrokenHostEntry(host, pid)); | 35 // CAs issue certificates for intranet hosts to everyone. Therefore, we |
30 } | 36 // always treat intranet hosts as having run insecure content. |
31 | |
32 bool SSLHostState::DidMarkHostAsBroken(const std::string& host, int pid) { | |
33 DCHECK(CalledOnValidThread()); | |
34 | |
35 // CAs issue certificate for intranet hosts to everyone. Therefore, we always | |
36 // treat intranet hosts as broken. | |
37 if (IsIntranetHost(host)) | 37 if (IsIntranetHost(host)) |
38 return true; | 38 return true; |
39 | 39 |
40 return (broken_hosts_.find( | 40 return !!ran_insecure_content_hosts_.count(BrokenHostEntry(host, pid)); |
abarth-chromium
2010/05/14 22:29:39
Any reason you changed this from find to count?
Peter Kasting
2010/05/14 22:33:11
Only that it's shorter (one line instead of two).
| |
41 BrokenHostEntry(host, pid)) != broken_hosts_.end()); | |
42 } | 41 } |
43 | 42 |
44 void SSLHostState::DenyCertForHost(net::X509Certificate* cert, | 43 void SSLHostState::DenyCertForHost(net::X509Certificate* cert, |
45 const std::string& host) { | 44 const std::string& host) { |
46 DCHECK(CalledOnValidThread()); | 45 DCHECK(CalledOnValidThread()); |
47 | 46 |
48 cert_policy_for_host_[host].Deny(cert); | 47 cert_policy_for_host_[host].Deny(cert); |
49 } | 48 } |
50 | 49 |
51 void SSLHostState::AllowCertForHost(net::X509Certificate* cert, | 50 void SSLHostState::AllowCertForHost(net::X509Certificate* cert, |
52 const std::string& host) { | 51 const std::string& host) { |
53 DCHECK(CalledOnValidThread()); | 52 DCHECK(CalledOnValidThread()); |
54 | 53 |
55 cert_policy_for_host_[host].Allow(cert); | 54 cert_policy_for_host_[host].Allow(cert); |
56 } | 55 } |
57 | 56 |
58 net::X509Certificate::Policy::Judgment SSLHostState::QueryPolicy( | 57 net::X509Certificate::Policy::Judgment SSLHostState::QueryPolicy( |
59 net::X509Certificate* cert, const std::string& host) { | 58 net::X509Certificate* cert, const std::string& host) { |
60 DCHECK(CalledOnValidThread()); | 59 DCHECK(CalledOnValidThread()); |
61 | 60 |
62 return cert_policy_for_host_[host].Check(cert); | 61 return cert_policy_for_host_[host].Check(cert); |
63 } | 62 } |
OLD | NEW |