Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(87)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/android/policy/policy_auditor.cc

Issue 2400673003: Remove SSLStatus::security_style member and content::SecurityStyle (Closed)
Patch Set: rebase fix Created 4 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/DEPS ('k') | chrome/browser/ssl/bad_clock_blocking_page.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/android/policy/policy_auditor.cc
diff --git a/chrome/browser/android/policy/policy_auditor.cc b/chrome/browser/android/policy/policy_auditor.cc
index dda42e595a4b4ffd6c15a14fd9e204548934cd71..fbfce5b304d289318f4bcb32dcae3b929d9846fa 100644
--- a/chrome/browser/android/policy/policy_auditor.cc
+++ b/chrome/browser/android/policy/policy_auditor.cc
@@ -39,30 +39,23 @@ int GetCertificateFailure(JNIEnv* env,
return NONE;
const content::SSLStatus& ssl = entry->GetSSL();
- switch (ssl.security_style) {
- case content::SECURITY_STYLE_WARNING:
- case content::SECURITY_STYLE_UNKNOWN:
- case content::SECURITY_STYLE_UNAUTHENTICATED:
- return NONE;
-
- case content::SECURITY_STYLE_AUTHENTICATION_BROKEN:
- case content::SECURITY_STYLE_AUTHENTICATED: {
- if (net::IsCertStatusError(ssl.cert_status)) {
- if (ssl.cert_status & net::CERT_STATUS_AUTHORITY_INVALID)
- return CERTIFICATE_FAIL_UNTRUSTED;
- if (ssl.cert_status & net::CERT_STATUS_REVOKED)
- return CERTIFICATE_FAIL_REVOKED;
- // No mapping for CERTIFICATE_FAIL_NOT_YET_VALID.
- if (ssl.cert_status & net::CERT_STATUS_DATE_INVALID)
- return CERTIFICATE_FAIL_EXPIRED;
- if (ssl.cert_status & net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION)
- return CERTIFICATE_FAIL_UNABLE_TO_CHECK_REVOCATION_STATUS;
- return CERTIFICATE_FAIL_UNSPECIFIED;
- }
- if (ssl.content_status &
- content::SSLStatus::DISPLAYED_INSECURE_CONTENT) {
- return CERTIFICATE_FAIL_UNSPECIFIED;
- }
+ if (ssl.certificate && entry->GetURL().SchemeIsCryptographic()) {
+ if (net::IsCertStatusError(ssl.cert_status)) {
+ if (ssl.cert_status & net::CERT_STATUS_AUTHORITY_INVALID)
+ return CERTIFICATE_FAIL_UNTRUSTED;
+ if (ssl.cert_status & net::CERT_STATUS_REVOKED)
+ return CERTIFICATE_FAIL_REVOKED;
+ // No mapping for CERTIFICATE_FAIL_NOT_YET_VALID.
+ if (ssl.cert_status & net::CERT_STATUS_DATE_INVALID)
+ return CERTIFICATE_FAIL_EXPIRED;
+ if (ssl.cert_status & net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION)
+ return CERTIFICATE_FAIL_UNABLE_TO_CHECK_REVOCATION_STATUS;
+ return CERTIFICATE_FAIL_UNSPECIFIED;
meacer 2016/10/10 23:43:17 nit: maybe it's me, but this code looks prone to g
estark 2016/10/11 01:16:27 Yeah, I like curly braces too. Done.
+ }
+ if (ssl.content_status & content::SSLStatus::DISPLAYED_INSECURE_CONTENT ||
+ ssl.content_status &
+ content::SSLStatus::DISPLAYED_CONTENT_WITH_CERT_ERRORS) {
+ return CERTIFICATE_FAIL_UNSPECIFIED;
}
}
return NONE;
« no previous file with comments | « chrome/browser/DEPS ('k') | chrome/browser/ssl/bad_clock_blocking_page.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698