| Index: chrome/browser/ui/webui/interstitials/interstitial_ui.cc
|
| diff --git a/chrome/browser/ui/webui/interstitials/interstitial_ui.cc b/chrome/browser/ui/webui/interstitials/interstitial_ui.cc
|
| index 56487f09fad6a7f7b393082f9fe93c4d909dc365..2f0cbd5ecdbff954c1b7efe0145e8dd24221204a 100644
|
| --- a/chrome/browser/ui/webui/interstitials/interstitial_ui.cc
|
| +++ b/chrome/browser/ui/webui/interstitials/interstitial_ui.cc
|
| @@ -4,9 +4,10 @@
|
|
|
| #include "chrome/browser/ui/webui/interstitials/interstitial_ui.h"
|
|
|
| -#include "base/macros.h"
|
| +#include "base/atomic_sequence_num.h"
|
| #include "base/strings/string_number_conversions.h"
|
| #include "base/strings/string_util.h"
|
| +#include "base/time/time.h"
|
| #include "chrome/browser/browser_process.h"
|
| #include "chrome/browser/profiles/profile.h"
|
| #include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h"
|
| @@ -20,13 +21,15 @@
|
| #include "content/public/browser/interstitial_page_delegate.h"
|
| #include "content/public/browser/render_frame_host.h"
|
| #include "content/public/browser/render_process_host.h"
|
| +#include "content/public/browser/url_data_source.h"
|
| #include "content/public/browser/web_contents.h"
|
| #include "content/public/browser/web_ui.h"
|
| -#include "content/public/browser/web_ui_controller.h"
|
| #include "content/public/browser/web_ui_data_source.h"
|
| +#include "crypto/rsa_private_key.h"
|
| #include "net/base/net_errors.h"
|
| #include "net/base/url_util.h"
|
| #include "net/cert/x509_certificate.h"
|
| +#include "net/cert/x509_util.h"
|
| #include "net/ssl/ssl_info.h"
|
| #include "ui/base/resource/resource_bundle.h"
|
|
|
| @@ -36,6 +39,27 @@
|
|
|
| namespace {
|
|
|
| +// NSS requires that serial numbers be unique even for the same issuer;
|
| +// as all fake certificates will contain the same issuer name, it's
|
| +// necessary to ensure the serial number is unique, as otherwise
|
| +// NSS will fail to parse.
|
| +base::StaticAtomicSequenceNumber g_serial_number;
|
| +
|
| +scoped_refptr<net::X509Certificate> CreateFakeCert() {
|
| + std::unique_ptr<crypto::RSAPrivateKey> unused_key;
|
| + std::string cert_der;
|
| + if (!net::x509_util::CreateKeyAndSelfSignedCert(
|
| + "CN=Error", static_cast<uint32_t>(g_serial_number.GetNext()),
|
| + base::Time::Now() - base::TimeDelta::FromMinutes(5),
|
| + base::Time::Now() + base::TimeDelta::FromMinutes(5), &unused_key,
|
| + &cert_der)) {
|
| + return nullptr;
|
| + }
|
| +
|
| + return net::X509Certificate::CreateFromBytes(cert_der.data(),
|
| + cert_der.size());
|
| +}
|
| +
|
| // Implementation of chrome://interstitials demonstration pages. This code is
|
| // not used in displaying any real interstitials.
|
| class InterstitialHTMLSource : public content::URLDataSource {
|
| @@ -121,6 +145,7 @@ SSLBlockingPage* CreateSSLBlockingPage(content::WebContents* web_contents) {
|
| strict_enforcement = strict_enforcement_param == "1";
|
| }
|
| net::SSLInfo ssl_info;
|
| + ssl_info.cert = ssl_info.unverified_cert = CreateFakeCert();
|
| // This delegate doesn't create an interstitial.
|
| int options_mask = 0;
|
| if (overridable)
|
| @@ -168,6 +193,7 @@ BadClockBlockingPage* CreateBadClockBlockingPage(
|
| }
|
|
|
| net::SSLInfo ssl_info;
|
| + ssl_info.cert = ssl_info.unverified_cert = CreateFakeCert();
|
| // This delegate doesn't create an interstitial.
|
| int options_mask = 0;
|
| if (overridable)
|
| @@ -264,6 +290,7 @@ CaptivePortalBlockingPage* CreateCaptivePortalBlockingPage(
|
| wifi_ssid = wifi_ssid_param;
|
| }
|
| net::SSLInfo ssl_info;
|
| + ssl_info.cert = ssl_info.unverified_cert = CreateFakeCert();
|
| CaptivePortalBlockingPage* blocking_page =
|
| new CaptivePortalBlockingPageWithNetInfo(
|
| web_contents, request_url, landing_url, ssl_info,
|
|
|
Chromium Code Reviews
Issue 2090683004:
Unbreak chrome://interstitials/ssl (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master