Chromium Code Reviews Chromium Code Reviews
Issue 2395323002:
Roll src/third_party/boringssl/src 0d81373f9..1991af690 (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" | 5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" |
| 6 | 6 |
| 7 #include <openssl/ssl.h> | 7 #include <openssl/ssl.h> |
| 8 | 8 |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| (...skipping 89 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 100 } | 100 } |
| 101 | 101 |
| 102 int ssl_version = | 102 int ssl_version = |
| 103 net::SSLConnectionStatusToVersion(security_info.connection_status); | 103 net::SSLConnectionStatusToVersion(security_info.connection_status); |
| 104 const char* protocol; | 104 const char* protocol; |
| 105 net::SSLVersionToString(&protocol, ssl_version); | 105 net::SSLVersionToString(&protocol, ssl_version); |
| 106 const char* key_exchange; | 106 const char* key_exchange; |
| 107 const char* cipher; | 107 const char* cipher; |
| 108 const char* mac; | 108 const char* mac; |
| 109 bool is_aead; | 109 bool is_aead; |
| 110 bool is_tls13; | |
| 110 uint16_t cipher_suite = | 111 uint16_t cipher_suite = |
| 111 net::SSLConnectionStatusToCipherSuite(security_info.connection_status); | 112 net::SSLConnectionStatusToCipherSuite(security_info.connection_status); |
| 112 net::SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, | 113 net::SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, |
| 113 cipher_suite); | 114 &is_tls13, cipher_suite); |
| 114 base::string16 protocol_name = base::ASCIIToUTF16(protocol); | 115 base::string16 protocol_name = base::ASCIIToUTF16(protocol); |
| 115 base::string16 key_exchange_name = base::ASCIIToUTF16(key_exchange); | |
| 116 const base::string16 cipher_name = | 116 const base::string16 cipher_name = |
| 117 (mac == NULL) ? base::ASCIIToUTF16(cipher) | 117 (mac == NULL) ? base::ASCIIToUTF16(cipher) |
| 118 : l10n_util::GetStringFUTF16(IDS_CIPHER_WITH_MAC, | 118 : l10n_util::GetStringFUTF16(IDS_CIPHER_WITH_MAC, |
| 119 base::ASCIIToUTF16(cipher), | 119 base::ASCIIToUTF16(cipher), |
| 120 base::ASCIIToUTF16(mac)); | 120 base::ASCIIToUTF16(mac)); |
| 121 | 121 |
| 122 // Include the key exchange group (previously known as curve) if specified. | 122 // Include the key exchange group (previously known as curve) if specified. |
| 123 // | 123 base::string16 key_exchange_name; |
| 124 // TODO(davidben): When TLS 1.3's new negotiation is implemented, omit the | 124 if (is_tls13) { |
| 125 // "key exchange" if empty and only display the group, which is the true key | 125 key_exchange_name = base::ASCIIToUTF16( |
| 126 // exchange. See https://crbug.com/639495. | 126 SSL_get_curve_name(security_info.key_exchange_group)); |
| 127 if (security_info.key_exchange_group != 0) { | 127 } else if (security_info.key_exchange_group != 0) { |
| 128 key_exchange_name = l10n_util::GetStringFUTF16( | 128 key_exchange_name = l10n_util::GetStringFUTF16( |
| 129 IDS_SSL_KEY_EXCHANGE_WITH_GROUP, key_exchange_name, | 129 IDS_SSL_KEY_EXCHANGE_WITH_GROUP, base::ASCIIToUTF16(key_exchange), |
| 130 base::ASCIIToUTF16( | 130 base::ASCIIToUTF16( |
| 131 SSL_get_curve_name(security_info.key_exchange_group))); | 131 SSL_get_curve_name(security_info.key_exchange_group))); |
| 132 } else { | |
|
felt
2016/10/10 21:31:28
Why do we need this else catch-all now?
davidben
2016/10/10 21:38:19
It's because line 115 (on LHS) is gone. base::ASCI
felt
2016/10/10 22:04:07
Oh, right.
| |
| 133 key_exchange_name = base::ASCIIToUTF16(key_exchange); | |
| 132 } | 134 } |
| 133 | 135 |
| 134 if (security_info.obsolete_ssl_status == net::OBSOLETE_SSL_NONE) { | 136 if (security_info.obsolete_ssl_status == net::OBSOLETE_SSL_NONE) { |
| 135 security_style_explanations->secure_explanations.push_back( | 137 security_style_explanations->secure_explanations.push_back( |
| 136 content::SecurityStyleExplanation( | 138 content::SecurityStyleExplanation( |
| 137 l10n_util::GetStringUTF8(IDS_STRONG_SSL_SUMMARY), | 139 l10n_util::GetStringUTF8(IDS_STRONG_SSL_SUMMARY), |
| 138 l10n_util::GetStringFUTF8(IDS_STRONG_SSL_DESCRIPTION, protocol_name, | 140 l10n_util::GetStringFUTF8(IDS_STRONG_SSL_DESCRIPTION, protocol_name, |
| 139 key_exchange_name, cipher_name))); | 141 key_exchange_name, cipher_name))); |
| 140 return; | 142 return; |
| 141 } | 143 } |
| (...skipping 251 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 393 !!(ssl.content_status & content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS); | 395 !!(ssl.content_status & content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS); |
| 394 state->displayed_password_field_on_http = | 396 state->displayed_password_field_on_http = |
| 395 !!(ssl.content_status & | 397 !!(ssl.content_status & |
| 396 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); | 398 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); |
| 397 state->displayed_credit_card_field_on_http = | 399 state->displayed_credit_card_field_on_http = |
| 398 !!(ssl.content_status & | 400 !!(ssl.content_status & |
| 399 content::SSLStatus::DISPLAYED_CREDIT_CARD_FIELD_ON_HTTP); | 401 content::SSLStatus::DISPLAYED_CREDIT_CARD_FIELD_ON_HTTP); |
| 400 | 402 |
| 401 CheckSafeBrowsingStatus(entry, web_contents_, state); | 403 CheckSafeBrowsingStatus(entry, web_contents_, state); |
| 402 } | 404 } |
| OLD | NEW |
