OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/ssl/ssl_host_state.h" | 5 #include "content/browser/ssl/ssl_host_state.h" |
6 | 6 |
7 #include "base/logging.h" | 7 #include "base/logging.h" |
8 #include "base/lazy_instance.h" | 8 #include "base/lazy_instance.h" |
| 9 #include "base/pickle.h" |
9 #include "content/public/browser/browser_context.h" | 10 #include "content/public/browser/browser_context.h" |
| 11 #include "content/public/browser/ssl_host_state_decisions.h" |
| 12 #include "net/http/http_transaction_factory.h" |
| 13 #include "net/url_request/url_request_context.h" |
| 14 #include "net/url_request/url_request_context_getter.h" |
| 15 #include "url/gurl.h" |
10 | 16 |
11 const char kKeyName[] = "content_ssl_host_state"; | 17 const char kKeyName[] = "content_ssl_host_state"; |
12 | 18 |
13 namespace content { | 19 namespace content { |
14 | 20 |
15 SSLHostState* SSLHostState::GetFor(BrowserContext* context) { | 21 SSLHostState* SSLHostState::GetFor(BrowserContext* context) { |
16 SSLHostState* rv = static_cast<SSLHostState*>(context->GetUserData(kKeyName)); | 22 SSLHostState* rv = static_cast<SSLHostState*>(context->GetUserData(kKeyName)); |
17 if (!rv) { | 23 if (!rv) { |
18 rv = new SSLHostState(); | 24 rv = new SSLHostState(); |
| 25 rv->browser_context_ = context; |
| 26 rv->decisions_ = context->GetSSLHostStateDecisions(); |
| 27 // All non-testing contexts need to implement a certificate decision storage |
| 28 // strategy of some sort. |
| 29 DCHECK(rv->decisions_); |
19 context->SetUserData(kKeyName, rv); | 30 context->SetUserData(kKeyName, rv); |
20 } | 31 } |
21 return rv; | 32 return rv; |
22 } | 33 } |
23 | 34 |
24 SSLHostState::SSLHostState() { | 35 SSLHostState::SSLHostState() { |
25 } | 36 } |
26 | 37 |
27 SSLHostState::~SSLHostState() { | 38 SSLHostState::~SSLHostState() { |
28 } | 39 } |
29 | 40 |
30 void SSLHostState::HostRanInsecureContent(const std::string& host, int pid) { | 41 void SSLHostState::HostRanInsecureContent(const std::string& host, int pid) { |
31 DCHECK(CalledOnValidThread()); | 42 DCHECK(CalledOnValidThread()); |
32 ran_insecure_content_hosts_.insert(BrokenHostEntry(host, pid)); | 43 ran_insecure_content_hosts_.insert(BrokenHostEntry(host, pid)); |
33 } | 44 } |
34 | 45 |
35 bool SSLHostState::DidHostRunInsecureContent(const std::string& host, | 46 bool SSLHostState::DidHostRunInsecureContent(const std::string& host, |
36 int pid) const { | 47 int pid) const { |
37 DCHECK(CalledOnValidThread()); | 48 DCHECK(CalledOnValidThread()); |
38 return !!ran_insecure_content_hosts_.count(BrokenHostEntry(host, pid)); | 49 return !!ran_insecure_content_hosts_.count(BrokenHostEntry(host, pid)); |
39 } | 50 } |
40 | 51 |
41 void SSLHostState::DenyCertForHost(net::X509Certificate* cert, | 52 void SSLHostState::DenyCertForHost(net::X509Certificate* cert, |
42 const std::string& host, | 53 const GURL& url, |
43 net::CertStatus error) { | 54 net::CertStatus error) { |
44 DCHECK(CalledOnValidThread()); | 55 DCHECK(CalledOnValidThread()); |
45 | 56 |
46 cert_policy_for_host_[host].Deny(cert, error); | 57 decisions_->DenyCert(url, cert, error); |
47 } | 58 } |
48 | 59 |
49 void SSLHostState::AllowCertForHost(net::X509Certificate* cert, | 60 void SSLHostState::AllowCertForHost(net::X509Certificate* cert, |
50 const std::string& host, | 61 const GURL& url, |
51 net::CertStatus error) { | 62 net::CertStatus error) { |
52 DCHECK(CalledOnValidThread()); | 63 DCHECK(CalledOnValidThread()); |
53 | 64 |
54 cert_policy_for_host_[host].Allow(cert, error); | 65 decisions_->AllowCert(url, cert, error); |
| 66 } |
| 67 |
| 68 void SSLHostState::RevokeAllowAndDenyPreferences(const GURL& url) { |
| 69 DCHECK(CalledOnValidThread()); |
| 70 |
| 71 // TODO(jww): This will revoke all of the decisions in the browser context. |
| 72 // Howere, the networking stack actually keeps track of its own list of |
| 73 // exceptions per-HttpNetworkTransaction in the SSLConfig structure (see the |
| 74 // allowed_bad_certs Vector in net/ssl/ssl_config.h). This dual-tracking of |
| 75 // exceptions introduces a problem where the browser context can revoke a |
| 76 // certificate, but if a transaction reuses a cached version of the SSLConfig, |
| 77 // it may bypass the intestitial layer. |
| 78 // |
| 79 // Overtime, the cached versions should expire and it should converge on |
| 80 // showing the interstitial, but it should be temporary. We probably need to |
| 81 // introduce into the networking stack a way revoke SSLConfig's |
| 82 // allowed_bad_certs lists. |
| 83 decisions_->RevokeAllowAndDenyPreferences(url); |
| 84 } |
| 85 |
| 86 bool SSLHostState::HasAllowedOrDeniedCert(const GURL& url) { |
| 87 DCHECK(CalledOnValidThread()); |
| 88 |
| 89 return decisions_->HasAllowedOrDeniedCert(url); |
55 } | 90 } |
56 | 91 |
57 void SSLHostState::Clear() { | 92 void SSLHostState::Clear() { |
58 DCHECK(CalledOnValidThread()); | 93 decisions_->Clear(); |
59 | |
60 cert_policy_for_host_.clear(); | |
61 } | 94 } |
62 | 95 |
63 net::CertPolicy::Judgment SSLHostState::QueryPolicy(net::X509Certificate* cert, | 96 net::CertPolicy::Judgment SSLHostState::QueryPolicy(net::X509Certificate* cert, |
64 const std::string& host, | 97 const GURL& url, |
65 net::CertStatus error) { | 98 net::CertStatus error) { |
66 DCHECK(CalledOnValidThread()); | 99 DCHECK(CalledOnValidThread()); |
67 | 100 |
68 return cert_policy_for_host_[host].Check(cert, error); | 101 return decisions_->QueryPolicy(url, cert, error); |
69 } | 102 } |
70 | 103 |
71 } // namespace content | 104 } // namespace content |
OLD | NEW |