Add initial version of captive portal list checking.

chrome/browser/ssl/ssl_error_handler.h

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CHROME_BROWSER_SSL_SSL_ERROR_HANDLER_H_
 #define CHROME_BROWSER_SSL_SSL_ERROR_HANDLER_H_
 
 #include <string>
 
 #include "base/callback_forward.h"
 #include "base/macros.h"
 #include "base/memory/weak_ptr.h"
 #include "base/timer/timer.h"
 #include "chrome/browser/chrome_notification_types.h"
 #include "chrome/browser/profiles/profile.h"
 #include "chrome/browser/ssl/common_name_mismatch_handler.h"
 #include "chrome/browser/ssl/ssl_cert_reporter.h"
+#include "chrome/browser/ssl/ssl_error_assistant.pb.h"
 #include "components/ssl_errors/error_classification.h"
 #include "content/public/browser/notification_observer.h"
 #include "content/public/browser/notification_registrar.h"
 #include "content/public/browser/restore_type.h"
 #include "content/public/browser/web_contents_observer.h"
 #include "content/public/browser/web_contents_user_data.h"
 #include "net/ssl/ssl_info.h"
 #include "url/gurl.h"
 
 class CommonNameMismatchHandler;
 class Profile;
 
 namespace base {
 class Clock;
 class TimeDelta;
 }
 
 namespace content {
 class WebContents;
 }
 
 namespace network_time {
 class NetworkTimeTracker;
 }
 
-// This class is responsible for deciding what type of interstitial to show for
-// an SSL validation error. The display of the interstitial might be delayed by
-// a few seconds while trying to determine the cause of the error. During this
-// window, the class will: check for a clock error, wait for a name-mismatch
-// suggested URL, or wait for a captive portal result to arrive. If there is a
-// name mismatch error and a corresponding suggested URL result arrives in this
-// window, the user is redirected to the suggested URL.
-// Failing that, if a captive portal detected result arrives in the time window,
-// a captive portal error page is shown. If none of these potential error
-// causes match, an SSL interstitial is shown.
+// This class is responsible for deciding what type of interstitial to display
+// for an SSL validation error and actually display it. The display of the

[estark, 2017/02/03 07:24:07]

nit: display => displaying

[meacer, 2017/02/06 23:39:17]

Done.

+// interstitial might be delayed by a few seconds while trying to determine the
+// cause of the error. During this window, the class will:
+// - Check for a clock error
+// - Check for a known captive portal certificate SPKI
+// - Wait for a name-mismatch suggested URL
+// - or Wait for a captive portal result to arrive.
+// Based on the result of these checks, SSLErrorHandler will show a customized
+// interstitial, redirect to a different suggested URL, or, if all else fails,
+// show the normal SSL interstitial.
 //
 // This class should only be used on the UI thread because its implementation
 // uses captive_portal::CaptivePortalService which can only be accessed on the
 // UI thread.
 class SSLErrorHandler : public content::WebContentsUserData<SSLErrorHandler>,
                         public content::WebContentsObserver,
                         public content::NotificationObserver {
  public:
   typedef base::Callback<void(content::WebContents*)> TimerStartedCallback;
 
   // Events for UMA. Do not rename or remove values, add new values to the end.
   // Public for testing.
   enum UMAEvent {
     HANDLE_ALL = 0,
     SHOW_CAPTIVE_PORTAL_INTERSTITIAL_NONOVERRIDABLE,
     SHOW_CAPTIVE_PORTAL_INTERSTITIAL_OVERRIDABLE,
     SHOW_SSL_INTERSTITIAL_NONOVERRIDABLE,
     SHOW_SSL_INTERSTITIAL_OVERRIDABLE,
     WWW_MISMATCH_FOUND,
     WWW_MISMATCH_URL_AVAILABLE,
     WWW_MISMATCH_URL_NOT_AVAILABLE,
     SHOW_BAD_CLOCK,
+    CAPTIVE_PORTAL_CERT_FOUND,
     SSL_ERROR_HANDLER_EVENT_COUNT
   };
 
   // This delegate allows unit tests to provide their own Chrome specific
   // actions.
   class Delegate {
    public:
     virtual ~Delegate() {}
     virtual void CheckForCaptivePortal() = 0;
     virtual bool GetSuggestedUrl(const std::vector<std::string>& dns_names,
@@ skipping 16 matching lines @@
       content::WebContents* web_contents,
       int cert_error,
       const net::SSLInfo& ssl_info,
       const GURL& request_url,
       int options_mask,
       std::unique_ptr<SSLCertReporter> ssl_cert_reporter,
       const base::Callback<void(content::CertificateRequestResultType)>&
           callback);
 
   // Testing methods.
+  static void ResetConfigForTesting();
   static void SetInterstitialDelayForTesting(const base::TimeDelta& delay);
   // The callback pointer must remain valid for the duration of error handling.
   static void SetInterstitialTimerStartedCallbackForTesting(
       TimerStartedCallback* callback);
   static void SetClockForTesting(base::Clock* testing_clock);
   static void SetNetworkTimeTrackerForTesting(
       network_time::NetworkTimeTracker* tracker);
+  static void SetErrorAssistantProtoForTesting(
+      const chrome_browser_ssl::SSLErrorAssistantConfig& config_proto);
   static std::string GetHistogramNameForTesting();
+  static void SetErrorAssistantConfig(
+      std::unique_ptr<chrome_browser_ssl::SSLErrorAssistantConfig>
+          config_proto);
   bool IsTimerRunningForTesting() const;
 
  protected:
   SSLErrorHandler(
       std::unique_ptr<Delegate> delegate,
       content::WebContents* web_contents,
       Profile* profile,
       int cert_error,
       const net::SSLInfo& ssl_info,
       const GURL& request_url,
@@ skipping 51 matching lines @@
   base::OneShotTimer timer_;
 
   std::unique_ptr<CommonNameMismatchHandler> common_name_mismatch_handler_;
 
   base::WeakPtrFactory<SSLErrorHandler> weak_ptr_factory_;
 
   DISALLOW_COPY_AND_ASSIGN(SSLErrorHandler);
 };
 
 #endif  // CHROME_BROWSER_SSL_SSL_ERROR_HANDLER_H_