| Index: content/browser/ssl/ssl_host_state.cc
|
| diff --git a/content/browser/ssl/ssl_host_state.cc b/content/browser/ssl/ssl_host_state.cc
|
| index 06c600205fa8b1277b5252e91cbbf56580320c21..d58d942371fd41a252aa60425922ba720b6ca9c4 100644
|
| --- a/content/browser/ssl/ssl_host_state.cc
|
| +++ b/content/browser/ssl/ssl_host_state.cc
|
| @@ -6,7 +6,13 @@
|
|
|
| #include "base/logging.h"
|
| #include "base/lazy_instance.h"
|
| +#include "base/pickle.h"
|
| #include "content/public/browser/browser_context.h"
|
| +#include "content/public/browser/ssl_host_state_decisions.h"
|
| +#include "net/http/http_transaction_factory.h"
|
| +#include "net/url_request/url_request_context.h"
|
| +#include "net/url_request/url_request_context_getter.h"
|
| +#include "url/gurl.h"
|
|
|
| const char kKeyName[] = "content_ssl_host_state";
|
|
|
| @@ -16,6 +22,11 @@ SSLHostState* SSLHostState::GetFor(BrowserContext* context) {
|
| SSLHostState* rv = static_cast<SSLHostState*>(context->GetUserData(kKeyName));
|
| if (!rv) {
|
| rv = new SSLHostState();
|
| + rv->browser_context_ = context;
|
| + rv->decisions_ = context->GetSSLHostStateDecisions();
|
| + // All non-testing contexts need to implement a certificate decision storage
|
| + // strategy of some sort.
|
| + DCHECK(rv->decisions_);
|
| context->SetUserData(kKeyName, rv);
|
| }
|
| return rv;
|
| @@ -39,33 +50,55 @@ bool SSLHostState::DidHostRunInsecureContent(const std::string& host,
|
| }
|
|
|
| void SSLHostState::DenyCertForHost(net::X509Certificate* cert,
|
| - const std::string& host,
|
| + const GURL& url,
|
| net::CertStatus error) {
|
| DCHECK(CalledOnValidThread());
|
|
|
| - cert_policy_for_host_[host].Deny(cert, error);
|
| + decisions_->DenyCert(url, cert, error);
|
| }
|
|
|
| void SSLHostState::AllowCertForHost(net::X509Certificate* cert,
|
| - const std::string& host,
|
| + const GURL& url,
|
| net::CertStatus error) {
|
| DCHECK(CalledOnValidThread());
|
|
|
| - cert_policy_for_host_[host].Allow(cert, error);
|
| + decisions_->AllowCert(url, cert, error);
|
| }
|
|
|
| -void SSLHostState::Clear() {
|
| +void SSLHostState::RevokeAllowAndDenyPreferences(const GURL& url) {
|
| + DCHECK(CalledOnValidThread());
|
| +
|
| + // TODO(jww): This will revoke all of the decisions in the browser context.
|
| + // Howere, the networking stack actually keeps track of its own list of
|
| + // exceptions per-HttpNetworkTransaction in the SSLConfig structure (see the
|
| + // allowed_bad_certs Vector in net/ssl/ssl_config.h). This dual-tracking of
|
| + // exceptions introduces a problem where the browser context can revoke a
|
| + // certificate, but if a transaction reuses a cached version of the SSLConfig,
|
| + // it may bypass the intestitial layer.
|
| + //
|
| + // Overtime, the cached versions should expire and it should converge on
|
| + // showing the interstitial, but it should be temporary. We probably need to
|
| + // introduce into the networking stack a way revoke SSLConfig's
|
| + // allowed_bad_certs lists.
|
| + decisions_->RevokeAllowAndDenyPreferences(url);
|
| +}
|
| +
|
| +bool SSLHostState::HasAllowedOrDeniedCert(const GURL& url) {
|
| DCHECK(CalledOnValidThread());
|
|
|
| - cert_policy_for_host_.clear();
|
| + return decisions_->HasAllowedOrDeniedCert(url);
|
| +}
|
| +
|
| +void SSLHostState::Clear() {
|
| + decisions_->Clear();
|
| }
|
|
|
| net::CertPolicy::Judgment SSLHostState::QueryPolicy(net::X509Certificate* cert,
|
| - const std::string& host,
|
| + const GURL& url,
|
| net::CertStatus error) {
|
| DCHECK(CalledOnValidThread());
|
|
|
| - return cert_policy_for_host_[host].Check(cert, error);
|
| + return decisions_->QueryPolicy(url, cert, error);
|
| }
|
|
|
| } // namespace content
|
|
|
Chromium Code Reviews
Issue 369703002:
Remember user decisions on invalid certificates behind a flag (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src