| OLD | NEW |
|---|
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ssl/ssl_host_state.h" | 5 #include "chrome/browser/ssl/ssl_host_state.h" |
| 6 | 6 |
| 7 #include "base/logging.h" | 7 #include "base/logging.h" |
| 8 | 8 |
| 9 namespace { | 9 namespace { |
| 10 | 10 |
| 11 static const char kDot = '.'; | 11 static const char kDot = '.'; |
| 12 | 12 |
| 13 static bool IsIntranetHost(const std::string& host) { | 13 static bool IsIntranetHost(const std::string& host) { |
| 14 const size_t dot = host.find(kDot); | 14 const size_t dot = host.find(kDot); |
| 15 return dot == std::string::npos || dot == host.length() - 1; | 15 return dot == std::string::npos || dot == host.length() - 1; |
| 16 } | 16 } |
| 17 | 17 |
| 18 } // namespace | 18 } // namespace |
| 19 | 19 |
| 20 SSLHostState::SSLHostState() { | 20 SSLHostState::SSLHostState() { |
| 21 } | 21 } |
| 22 | 22 |
| 23 SSLHostState::~SSLHostState() { | 23 SSLHostState::~SSLHostState() { |
| 24 } | 24 } |
| 25 | 25 |
| 26 void SSLHostState::HostRanInsecureContent(const std::string& host, int pid) { | 26 void SSLHostState::MarkHostAsBroken(const std::string& host, int pid) { |
| 27 DCHECK(CalledOnValidThread()); | 27 DCHECK(CalledOnValidThread()); |
| 28 ran_insecure_content_hosts_.insert(BrokenHostEntry(host, pid)); | 28 |
| 29 broken_hosts_.insert(BrokenHostEntry(host, pid)); |
| 29 } | 30 } |
| 30 | 31 |
| 31 bool SSLHostState::DidHostRunInsecureContent(const std::string& host, | 32 bool SSLHostState::DidMarkHostAsBroken(const std::string& host, int pid) { |
| 32 int pid) const { | |
| 33 DCHECK(CalledOnValidThread()); | 33 DCHECK(CalledOnValidThread()); |
| 34 | 34 |
| 35 // CAs issue certificates for intranet hosts to everyone. Therefore, we | 35 // CAs issue certificate for intranet hosts to everyone. Therefore, we always |
| 36 // always treat intranet hosts as having run insecure content. | 36 // treat intranet hosts as broken. |
| 37 if (IsIntranetHost(host)) | 37 if (IsIntranetHost(host)) |
| 38 return true; | 38 return true; |
| 39 | 39 |
| 40 return !!ran_insecure_content_hosts_.count(BrokenHostEntry(host, pid)); | 40 return (broken_hosts_.find( |
| 41 BrokenHostEntry(host, pid)) != broken_hosts_.end()); |
| 41 } | 42 } |
| 42 | 43 |
| 43 void SSLHostState::DenyCertForHost(net::X509Certificate* cert, | 44 void SSLHostState::DenyCertForHost(net::X509Certificate* cert, |
| 44 const std::string& host) { | 45 const std::string& host) { |
| 45 DCHECK(CalledOnValidThread()); | 46 DCHECK(CalledOnValidThread()); |
| 46 | 47 |
| 47 cert_policy_for_host_[host].Deny(cert); | 48 cert_policy_for_host_[host].Deny(cert); |
| 48 } | 49 } |
| 49 | 50 |
| 50 void SSLHostState::AllowCertForHost(net::X509Certificate* cert, | 51 void SSLHostState::AllowCertForHost(net::X509Certificate* cert, |
| 51 const std::string& host) { | 52 const std::string& host) { |
| 52 DCHECK(CalledOnValidThread()); | 53 DCHECK(CalledOnValidThread()); |
| 53 | 54 |
| 54 cert_policy_for_host_[host].Allow(cert); | 55 cert_policy_for_host_[host].Allow(cert); |
| 55 } | 56 } |
| 56 | 57 |
| 57 net::X509Certificate::Policy::Judgment SSLHostState::QueryPolicy( | 58 net::X509Certificate::Policy::Judgment SSLHostState::QueryPolicy( |
| 58 net::X509Certificate* cert, const std::string& host) { | 59 net::X509Certificate* cert, const std::string& host) { |
| 59 DCHECK(CalledOnValidThread()); | 60 DCHECK(CalledOnValidThread()); |
| 60 | 61 |
| 61 return cert_policy_for_host_[host].Check(cert); | 62 return cert_policy_for_host_[host].Check(cert); |
| 62 } | 63 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2095006:
Revert 47347 - (Original patch reviewed at http://codereview.chromium.org/206... (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/