| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/ssl/ssl_host_state.h" | 5 #include "content/browser/ssl/ssl_host_state.h" |
| 6 | 6 |
| 7 #include "base/logging.h" | 7 #include "base/logging.h" |
| 8 #include "base/lazy_instance.h" | 8 #include "base/lazy_instance.h" |
| 9 #include "base/pickle.h" |
| 9 #include "content/public/browser/browser_context.h" | 10 #include "content/public/browser/browser_context.h" |
| 11 #include "content/public/browser/ssl_host_state_decisions.h" |
| 12 #include "net/http/http_transaction_factory.h" |
| 13 #include "net/url_request/url_request_context.h" |
| 14 #include "net/url_request/url_request_context_getter.h" |
| 15 #include "url/gurl.h" |
| 10 | 16 |
| 11 const char kKeyName[] = "content_ssl_host_state"; | 17 const char kKeyName[] = "content_ssl_host_state"; |
| 12 | 18 |
| 13 namespace content { | 19 namespace content { |
| 14 | 20 |
| 15 SSLHostState* SSLHostState::GetFor(BrowserContext* context) { | 21 SSLHostState* SSLHostState::GetFor(BrowserContext* context) { |
| 16 SSLHostState* rv = static_cast<SSLHostState*>(context->GetUserData(kKeyName)); | 22 SSLHostState* rv = static_cast<SSLHostState*>(context->GetUserData(kKeyName)); |
| 17 if (!rv) { | 23 if (!rv) { |
| 18 rv = new SSLHostState(); | 24 rv = new SSLHostState(); |
| 19 context->SetUserData(kKeyName, rv); | 25 rv->decisions_ = context->GetSSLHostStateDecisions(); |
| 26 // |context| may be NULL, implementing the default storage strategy. |
| 27 if (context) |
| 28 context->SetUserData(kKeyName, rv); |
| 20 } | 29 } |
| 21 return rv; | 30 return rv; |
| 22 } | 31 } |
| 23 | 32 |
| 24 SSLHostState::SSLHostState() { | 33 SSLHostState::SSLHostState() { |
| 25 } | 34 } |
| 26 | 35 |
| 27 SSLHostState::~SSLHostState() { | 36 SSLHostState::~SSLHostState() { |
| 28 } | 37 } |
| 29 | 38 |
| 30 void SSLHostState::HostRanInsecureContent(const std::string& host, int pid) { | 39 void SSLHostState::HostRanInsecureContent(const std::string& host, int pid) { |
| 31 DCHECK(CalledOnValidThread()); | 40 DCHECK(CalledOnValidThread()); |
| 32 ran_insecure_content_hosts_.insert(BrokenHostEntry(host, pid)); | 41 ran_insecure_content_hosts_.insert(BrokenHostEntry(host, pid)); |
| 33 } | 42 } |
| 34 | 43 |
| 35 bool SSLHostState::DidHostRunInsecureContent(const std::string& host, | 44 bool SSLHostState::DidHostRunInsecureContent(const std::string& host, |
| 36 int pid) const { | 45 int pid) const { |
| 37 DCHECK(CalledOnValidThread()); | 46 DCHECK(CalledOnValidThread()); |
| 38 return !!ran_insecure_content_hosts_.count(BrokenHostEntry(host, pid)); | 47 return !!ran_insecure_content_hosts_.count(BrokenHostEntry(host, pid)); |
| 39 } | 48 } |
| 40 | 49 |
| 41 void SSLHostState::DenyCertForHost(net::X509Certificate* cert, | 50 void SSLHostState::DenyCertForHost(net::X509Certificate* cert, |
| 42 const std::string& host, | 51 const GURL& url, |
| 43 net::CertStatus error) { | 52 net::CertStatus error) { |
| 44 DCHECK(CalledOnValidThread()); | 53 DCHECK(CalledOnValidThread()); |
| 45 | 54 |
| 46 cert_policy_for_host_[host].Deny(cert, error); | 55 if (!decisions_) |
| 56 return; |
| 57 |
| 58 decisions_->DenyCert(url, cert, error); |
| 47 } | 59 } |
| 48 | 60 |
| 49 void SSLHostState::AllowCertForHost(net::X509Certificate* cert, | 61 void SSLHostState::AllowCertForHost(net::X509Certificate* cert, |
| 50 const std::string& host, | 62 const GURL& url, |
| 51 net::CertStatus error) { | 63 net::CertStatus error) { |
| 52 DCHECK(CalledOnValidThread()); | 64 DCHECK(CalledOnValidThread()); |
| 53 | 65 |
| 54 cert_policy_for_host_[host].Allow(cert, error); | 66 if (!decisions_) |
| 67 return; |
| 68 |
| 69 decisions_->AllowCert(url, cert, error); |
| 70 } |
| 71 |
| 72 void SSLHostState::RevokeAllowAndDenyPreferences(const GURL& url) { |
| 73 DCHECK(CalledOnValidThread()); |
| 74 |
| 75 if (!decisions_) |
| 76 return; |
| 77 |
| 78 // TODO(jww): This will revoke all of the decisions in the browser context. |
| 79 // However, the networking stack actually keeps track of its own list of |
| 80 // exceptions per-HttpNetworkTransaction in the SSLConfig structure (see the |
| 81 // allowed_bad_certs Vector in net/ssl/ssl_config.h). This dual-tracking of |
| 82 // exceptions introduces a problem where the browser context can revoke a |
| 83 // certificate, but if a transaction reuses a cached version of the SSLConfig |
| 84 // (probably from a pooled socket), it may bypass the intestitial layer. |
| 85 // |
| 86 // Over time, the cached versions should expire and it should converge on |
| 87 // showing the interstitial. We probably need to |
| 88 // introduce into the networking stack a way revoke SSLConfig's |
| 89 // allowed_bad_certs lists per socket. |
| 90 decisions_->RevokeAllowAndDenyPreferences(url); |
| 91 } |
| 92 |
| 93 bool SSLHostState::HasAllowedOrDeniedCert(const GURL& url) { |
| 94 DCHECK(CalledOnValidThread()); |
| 95 |
| 96 if (!decisions_) |
| 97 return false; |
| 98 |
| 99 return decisions_->HasAllowedOrDeniedCert(url); |
| 55 } | 100 } |
| 56 | 101 |
| 57 void SSLHostState::Clear() { | 102 void SSLHostState::Clear() { |
| 58 DCHECK(CalledOnValidThread()); | 103 if (!decisions_) |
| 104 return; |
| 59 | 105 |
| 60 cert_policy_for_host_.clear(); | 106 decisions_->Clear(); |
| 61 } | 107 } |
| 62 | 108 |
| 63 net::CertPolicy::Judgment SSLHostState::QueryPolicy(net::X509Certificate* cert, | 109 net::CertPolicy::Judgment SSLHostState::QueryPolicy(net::X509Certificate* cert, |
| 64 const std::string& host, | 110 const GURL& url, |
| 65 net::CertStatus error) { | 111 net::CertStatus error) { |
| 66 DCHECK(CalledOnValidThread()); | 112 DCHECK(CalledOnValidThread()); |
| 67 | 113 |
| 68 return cert_policy_for_host_[host].Check(cert, error); | 114 if (!decisions_) |
| 115 return net::CertPolicy::Judgment::UNKNOWN; |
| 116 |
| 117 return decisions_->QueryPolicy(url, cert, error); |
| 69 } | 118 } |
| 70 | 119 |
| 71 } // namespace content | 120 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 369703002:
Remember user decisions on invalid certificates behind a flag (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src