| Index: content/browser/ssl/ssl_policy.cc
|
| diff --git a/content/browser/ssl/ssl_policy.cc b/content/browser/ssl/ssl_policy.cc
|
| deleted file mode 100644
|
| index fa07378c0c2b7e3eabc11b8cbba2171362b69797..0000000000000000000000000000000000000000
|
| --- a/content/browser/ssl/ssl_policy.cc
|
| +++ /dev/null
|
| @@ -1,266 +0,0 @@
|
| -// Copyright (c) 2012 The Chromium Authors. All rights reserved.
|
| -// Use of this source code is governed by a BSD-style license that can be
|
| -// found in the LICENSE file.
|
| -
|
| -#include "content/browser/ssl/ssl_policy.h"
|
| -
|
| -#include "base/base_switches.h"
|
| -#include "base/bind.h"
|
| -#include "base/command_line.h"
|
| -#include "base/memory/singleton.h"
|
| -#include "base/metrics/histogram_macros.h"
|
| -#include "base/strings/string_piece.h"
|
| -#include "base/strings/string_util.h"
|
| -#include "content/browser/frame_host/navigation_entry_impl.h"
|
| -#include "content/browser/renderer_host/render_process_host_impl.h"
|
| -#include "content/browser/renderer_host/render_view_host_impl.h"
|
| -#include "content/browser/site_instance_impl.h"
|
| -#include "content/browser/ssl/ssl_error_handler.h"
|
| -#include "content/browser/web_contents/web_contents_impl.h"
|
| -#include "content/common/security_style_util.h"
|
| -#include "content/public/browser/content_browser_client.h"
|
| -#include "content/public/browser/ssl_status.h"
|
| -#include "content/public/browser/web_contents.h"
|
| -#include "content/public/common/resource_type.h"
|
| -#include "content/public/common/url_constants.h"
|
| -#include "net/ssl/ssl_info.h"
|
| -#include "url/gurl.h"
|
| -
|
| -namespace content {
|
| -
|
| -namespace {
|
| -
|
| -// Events for UMA. Do not reorder or change!
|
| -enum SSLGoodCertSeenEvent {
|
| - NO_PREVIOUS_EXCEPTION = 0,
|
| - HAD_PREVIOUS_EXCEPTION = 1,
|
| - SSL_GOOD_CERT_SEEN_EVENT_MAX = 2
|
| -};
|
| -
|
| -void OnAllowCertificate(SSLErrorHandler* handler,
|
| - const SSLPolicy* const policy,
|
| - CertificateRequestResultType decision) {
|
| - DCHECK(handler->ssl_info().is_valid());
|
| - switch (decision) {
|
| - case CERTIFICATE_REQUEST_RESULT_TYPE_CONTINUE:
|
| - // Note that we should not call SetMaxSecurityStyle here, because
|
| - // the active NavigationEntry has just been deleted (in
|
| - // HideInterstitialPage) and the new NavigationEntry will not be
|
| - // set until DidNavigate. This is ok, because the new
|
| - // NavigationEntry will have its max security style set within
|
| - // DidNavigate.
|
| - //
|
| - // While AllowCertForHost() executes synchronously on this thread,
|
| - // ContinueRequest() gets posted to a different thread. Calling
|
| - // AllowCertForHost() first ensures deterministic ordering.
|
| - policy->backend()->AllowCertForHost(*handler->ssl_info().cert.get(),
|
| - handler->request_url().host(),
|
| - handler->cert_error());
|
| - handler->ContinueRequest();
|
| - return;
|
| - case CERTIFICATE_REQUEST_RESULT_TYPE_DENY:
|
| - handler->DenyRequest();
|
| - return;
|
| - case CERTIFICATE_REQUEST_RESULT_TYPE_CANCEL:
|
| - handler->CancelRequest();
|
| - return;
|
| - }
|
| -}
|
| -
|
| -} // namespace
|
| -
|
| -SSLPolicy::SSLPolicy(SSLPolicyBackend* backend)
|
| - : backend_(backend) {
|
| - DCHECK(backend_);
|
| -}
|
| -
|
| -void SSLPolicy::OnCertError(std::unique_ptr<SSLErrorHandler> handler) {
|
| - bool expired_previous_decision = false;
|
| - // First we check if we know the policy for this error.
|
| - DCHECK(handler->ssl_info().is_valid());
|
| - SSLHostStateDelegate::CertJudgment judgment =
|
| - backend_->QueryPolicy(*handler->ssl_info().cert.get(),
|
| - handler->request_url().host(),
|
| - handler->cert_error(),
|
| - &expired_previous_decision);
|
| -
|
| - if (judgment == SSLHostStateDelegate::ALLOWED) {
|
| - handler->ContinueRequest();
|
| - return;
|
| - }
|
| -
|
| - // For all other hosts, which must be DENIED, a blocking page is shown to the
|
| - // user every time they come back to the page.
|
| - int options_mask = 0;
|
| - switch (handler->cert_error()) {
|
| - case net::ERR_CERT_COMMON_NAME_INVALID:
|
| - case net::ERR_CERT_DATE_INVALID:
|
| - case net::ERR_CERT_AUTHORITY_INVALID:
|
| - case net::ERR_CERT_WEAK_SIGNATURE_ALGORITHM:
|
| - case net::ERR_CERT_WEAK_KEY:
|
| - case net::ERR_CERT_NAME_CONSTRAINT_VIOLATION:
|
| - case net::ERR_CERT_VALIDITY_TOO_LONG:
|
| - case net::ERR_CERTIFICATE_TRANSPARENCY_REQUIRED:
|
| - if (!handler->fatal())
|
| - options_mask |= OVERRIDABLE;
|
| - else
|
| - options_mask |= STRICT_ENFORCEMENT;
|
| - if (expired_previous_decision)
|
| - options_mask |= EXPIRED_PREVIOUS_DECISION;
|
| - OnCertErrorInternal(std::move(handler), options_mask);
|
| - break;
|
| - case net::ERR_CERT_NO_REVOCATION_MECHANISM:
|
| - // Ignore this error.
|
| - handler->ContinueRequest();
|
| - break;
|
| - case net::ERR_CERT_UNABLE_TO_CHECK_REVOCATION:
|
| - // We ignore this error but will show a warning status in the location
|
| - // bar.
|
| - handler->ContinueRequest();
|
| - break;
|
| - case net::ERR_CERT_CONTAINS_ERRORS:
|
| - case net::ERR_CERT_REVOKED:
|
| - case net::ERR_CERT_INVALID:
|
| - case net::ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY:
|
| - case net::ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN:
|
| - if (handler->fatal())
|
| - options_mask |= STRICT_ENFORCEMENT;
|
| - if (expired_previous_decision)
|
| - options_mask |= EXPIRED_PREVIOUS_DECISION;
|
| - OnCertErrorInternal(std::move(handler), options_mask);
|
| - break;
|
| - default:
|
| - NOTREACHED();
|
| - handler->CancelRequest();
|
| - break;
|
| - }
|
| -}
|
| -
|
| -void SSLPolicy::DidRunInsecureContent(NavigationEntryImpl* entry,
|
| - const GURL& security_origin) {
|
| - if (!entry)
|
| - return;
|
| -
|
| - SiteInstance* site_instance = entry->site_instance();
|
| - if (!site_instance)
|
| - return;
|
| -
|
| - backend_->HostRanInsecureContent(security_origin.host(),
|
| - site_instance->GetProcess()->GetID());
|
| -}
|
| -
|
| -void SSLPolicy::DidRunContentWithCertErrors(NavigationEntryImpl* entry,
|
| - const GURL& security_origin) {
|
| - if (!entry)
|
| - return;
|
| -
|
| - SiteInstance* site_instance = entry->site_instance();
|
| - if (!site_instance)
|
| - return;
|
| -
|
| - backend_->HostRanContentWithCertErrors(security_origin.host(),
|
| - site_instance->GetProcess()->GetID());
|
| -}
|
| -
|
| -void SSLPolicy::OnRequestStarted(const GURL& url,
|
| - bool has_certificate,
|
| - net::CertStatus cert_status) {
|
| - if (has_certificate && url.SchemeIsCryptographic() &&
|
| - !net::IsCertStatusError(cert_status)) {
|
| - // If the scheme is https: or wss: *and* the security info for the
|
| - // cert has been set (i.e. the cert id is not 0) and the cert did
|
| - // not have any errors, revoke any previous decisions that
|
| - // have occurred. If the cert info has not been set, do nothing since it
|
| - // isn't known if the connection was actually a valid connection or if it
|
| - // had a cert error.
|
| - SSLGoodCertSeenEvent event = NO_PREVIOUS_EXCEPTION;
|
| - if (backend_->HasAllowException(url.host())) {
|
| - // If there's no certificate error, a good certificate has been seen, so
|
| - // clear out any exceptions that were made by the user for bad
|
| - // certificates. This intentionally does not apply to cached resources
|
| - // (see https://crbug.com/634553 for an explanation).
|
| - backend_->RevokeUserAllowExceptions(url.host());
|
| - event = HAD_PREVIOUS_EXCEPTION;
|
| - }
|
| - UMA_HISTOGRAM_ENUMERATION("interstitial.ssl.good_cert_seen", event,
|
| - SSL_GOOD_CERT_SEEN_EVENT_MAX);
|
| - }
|
| -}
|
| -
|
| -void SSLPolicy::UpdateEntry(NavigationEntryImpl* entry,
|
| - WebContents* web_contents) {
|
| - DCHECK(entry);
|
| -
|
| - WebContentsImpl* web_contents_impl =
|
| - static_cast<WebContentsImpl*>(web_contents);
|
| -
|
| - InitializeEntryIfNeeded(entry);
|
| -
|
| - if (entry->GetSSL().security_style == SECURITY_STYLE_UNAUTHENTICATED)
|
| - return;
|
| -
|
| - if (!web_contents_impl->DisplayedInsecureContent())
|
| - entry->GetSSL().content_status &= ~SSLStatus::DISPLAYED_INSECURE_CONTENT;
|
| -
|
| - if (web_contents_impl->DisplayedInsecureContent())
|
| - entry->GetSSL().content_status |= SSLStatus::DISPLAYED_INSECURE_CONTENT;
|
| -
|
| - if (!web_contents_impl->DisplayedContentWithCertErrors())
|
| - entry->GetSSL().content_status &=
|
| - ~SSLStatus::DISPLAYED_CONTENT_WITH_CERT_ERRORS;
|
| -
|
| - if (web_contents_impl->DisplayedContentWithCertErrors())
|
| - entry->GetSSL().content_status |=
|
| - SSLStatus::DISPLAYED_CONTENT_WITH_CERT_ERRORS;
|
| -
|
| - SiteInstance* site_instance = entry->site_instance();
|
| - // Note that |site_instance| can be NULL here because NavigationEntries don't
|
| - // necessarily have site instances. Without a process, the entry can't
|
| - // possibly have insecure content. See bug http://crbug.com/12423.
|
| - if (site_instance &&
|
| - backend_->DidHostRunInsecureContent(
|
| - entry->GetURL().host(), site_instance->GetProcess()->GetID())) {
|
| - entry->GetSSL().security_style =
|
| - SECURITY_STYLE_AUTHENTICATION_BROKEN;
|
| - entry->GetSSL().content_status |= SSLStatus::RAN_INSECURE_CONTENT;
|
| - }
|
| -
|
| - if (site_instance &&
|
| - backend_->DidHostRunContentWithCertErrors(
|
| - entry->GetURL().host(), site_instance->GetProcess()->GetID())) {
|
| - entry->GetSSL().security_style = SECURITY_STYLE_AUTHENTICATION_BROKEN;
|
| - entry->GetSSL().content_status |= SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS;
|
| - }
|
| -}
|
| -
|
| -////////////////////////////////////////////////////////////////////////////////
|
| -// Certificate Error Routines
|
| -
|
| -void SSLPolicy::OnCertErrorInternal(std::unique_ptr<SSLErrorHandler> handler,
|
| - int options_mask) {
|
| - bool overridable = (options_mask & OVERRIDABLE) != 0;
|
| - bool strict_enforcement = (options_mask & STRICT_ENFORCEMENT) != 0;
|
| - bool expired_previous_decision =
|
| - (options_mask & EXPIRED_PREVIOUS_DECISION) != 0;
|
| -
|
| - WebContents* web_contents = handler->web_contents();
|
| - int cert_error = handler->cert_error();
|
| - const net::SSLInfo& ssl_info = handler->ssl_info();
|
| - const GURL& request_url = handler->request_url();
|
| - ResourceType resource_type = handler->resource_type();
|
| - GetContentClient()->browser()->AllowCertificateError(
|
| - web_contents, cert_error, ssl_info, request_url, resource_type,
|
| - overridable, strict_enforcement, expired_previous_decision,
|
| - base::Bind(&OnAllowCertificate, base::Owned(handler.release()), this));
|
| -}
|
| -
|
| -void SSLPolicy::InitializeEntryIfNeeded(NavigationEntryImpl* entry) {
|
| - if (entry->GetSSL().security_style != SECURITY_STYLE_UNKNOWN)
|
| - return;
|
| -
|
| - entry->GetSSL().security_style = GetSecurityStyleForResource(
|
| - entry->GetURL(), !!entry->GetSSL().certificate,
|
| - entry->GetSSL().cert_status);
|
| -}
|
| -
|
| -} // namespace content
|
|
|
Chromium Code Reviews
Issue 2395663002:
Collapse SSLPolicy/SSLPolicyBackend into SSLManager (Closed)
