OLD | NEW |
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/ssl/ssl_host_state.h" | 5 #include "chrome/browser/ssl/ssl_host_state.h" |
6 | 6 |
7 #include "base/logging.h" | 7 #include "base/logging.h" |
8 | 8 |
9 namespace { | 9 namespace { |
10 | 10 |
11 static const char kDot = '.'; | 11 static const char kDot = '.'; |
12 | 12 |
13 static bool IsIntranetHost(const std::string& host) { | 13 static bool IsIntranetHost(const std::string& host) { |
14 const size_t dot = host.find(kDot); | 14 const size_t dot = host.find(kDot); |
15 return dot == std::string::npos || dot == host.length() - 1; | 15 return dot == std::string::npos || dot == host.length() - 1; |
16 } | 16 } |
17 | 17 |
18 } // namespace | 18 } // namespace |
19 | 19 |
20 SSLHostState::SSLHostState() { | 20 SSLHostState::SSLHostState() { |
21 } | 21 } |
22 | 22 |
23 SSLHostState::~SSLHostState() { | 23 SSLHostState::~SSLHostState() { |
24 } | 24 } |
25 | 25 |
26 void SSLHostState::HostRanInsecureContent(const std::string& host, int pid) { | 26 void SSLHostState::MarkHostAsBroken(const std::string& host, int pid) { |
27 DCHECK(CalledOnValidThread()); | 27 DCHECK(CalledOnValidThread()); |
28 ran_insecure_content_hosts_.insert(BrokenHostEntry(host, pid)); | 28 |
| 29 broken_hosts_.insert(BrokenHostEntry(host, pid)); |
29 } | 30 } |
30 | 31 |
31 bool SSLHostState::DidHostRunInsecureContent(const std::string& host, | 32 bool SSLHostState::DidMarkHostAsBroken(const std::string& host, int pid) { |
32 int pid) const { | |
33 DCHECK(CalledOnValidThread()); | 33 DCHECK(CalledOnValidThread()); |
34 | 34 |
35 // CAs issue certificates for intranet hosts to everyone. Therefore, we | 35 // CAs issue certificate for intranet hosts to everyone. Therefore, we always |
36 // always treat intranet hosts as having run insecure content. | 36 // treat intranet hosts as broken. |
37 if (IsIntranetHost(host)) | 37 if (IsIntranetHost(host)) |
38 return true; | 38 return true; |
39 | 39 |
40 return !!ran_insecure_content_hosts_.count(BrokenHostEntry(host, pid)); | 40 return (broken_hosts_.find( |
| 41 BrokenHostEntry(host, pid)) != broken_hosts_.end()); |
41 } | 42 } |
42 | 43 |
43 void SSLHostState::DenyCertForHost(net::X509Certificate* cert, | 44 void SSLHostState::DenyCertForHost(net::X509Certificate* cert, |
44 const std::string& host) { | 45 const std::string& host) { |
45 DCHECK(CalledOnValidThread()); | 46 DCHECK(CalledOnValidThread()); |
46 | 47 |
47 cert_policy_for_host_[host].Deny(cert); | 48 cert_policy_for_host_[host].Deny(cert); |
48 } | 49 } |
49 | 50 |
50 void SSLHostState::AllowCertForHost(net::X509Certificate* cert, | 51 void SSLHostState::AllowCertForHost(net::X509Certificate* cert, |
51 const std::string& host) { | 52 const std::string& host) { |
52 DCHECK(CalledOnValidThread()); | 53 DCHECK(CalledOnValidThread()); |
53 | 54 |
54 cert_policy_for_host_[host].Allow(cert); | 55 cert_policy_for_host_[host].Allow(cert); |
55 } | 56 } |
56 | 57 |
57 net::X509Certificate::Policy::Judgment SSLHostState::QueryPolicy( | 58 net::X509Certificate::Policy::Judgment SSLHostState::QueryPolicy( |
58 net::X509Certificate* cert, const std::string& host) { | 59 net::X509Certificate* cert, const std::string& host) { |
59 DCHECK(CalledOnValidThread()); | 60 DCHECK(CalledOnValidThread()); |
60 | 61 |
61 return cert_policy_for_host_[host].Check(cert); | 62 return cert_policy_for_host_[host].Check(cert); |
62 } | 63 } |
OLD | NEW |