Set SSL info when an HTTP auth dialog is triggered by direct navigation.

content/browser/loader/resource_loader.cc

Index: content/browser/loader/resource_loader.cc
diff --git a/content/browser/loader/resource_loader.cc b/content/browser/loader/resource_loader.cc
index 7bb55f1a32dfba4d2aa0f8a02a9e595f2620dd39..0635ba249e988de4a7054a0fe21391800488369e 100644
--- a/content/browser/loader/resource_loader.cc
+++ b/content/browser/loader/resource_loader.cc
@@ -77,6 +77,42 @@ void PopulateResourceResponse(ResourceRequestInfoImpl* info,
     request->GetLoadTimingInfo(&response->head.load_timing);
 }
 
+// Stores the SignedCertificateTimestamps held in |sct_list| in the
+// SignedCertificateTimestampStore singleton, associated with |process_id|.
+// On return, |sct_ids| contains the assigned ID and verification status of
+// each SignedCertificateTimestamp.
+void StoreSignedCertificateTimestamps(
+    const net::SignedCertificateTimestampAndStatusList& sct_list,
+    int process_id,
+    SignedCertificateTimestampIDStatusList* sct_ids) {
+  SignedCertificateTimestampStore* sct_store(
+      SignedCertificateTimestampStore::GetInstance());
+
+  for (net::SignedCertificateTimestampAndStatusList::const_iterator iter =
+           sct_list.begin();
+       iter != sct_list.end(); ++iter) {
+    const int sct_id(sct_store->Store(iter->sct.get(), process_id));
+    sct_ids->push_back(
+        SignedCertificateTimestampIDAndStatus(sct_id, iter->status));
+  }
+}
+
+std::string StoreAndSerializeSecurityInfo(const net::SSLInfo& ssl_info,
+                                          int process_id) {
+  DCHECK(ssl_info.cert.get());
+  int cert_id =
+      CertStore::GetInstance()->StoreCert(ssl_info.cert.get(), process_id);
+
+  SignedCertificateTimestampIDStatusList signed_certificate_timestamp_ids;
+  StoreSignedCertificateTimestamps(ssl_info.signed_certificate_timestamps,
+                                   process_id,
+                                   &signed_certificate_timestamp_ids);
+
+  return SerializeSecurityInfo(
+      cert_id, ssl_info.cert_status, ssl_info.security_bits,
+      ssl_info.connection_status, signed_certificate_timestamp_ids);
+}
+
 }  // namespace
 
 ResourceLoader::ResourceLoader(scoped_ptr<net::URLRequest> request,
@@ -287,9 +323,27 @@ void ResourceLoader::OnAuthRequired(net::URLRequest* unused,
     return;
   }
 
+  // Update the SSL state before showing the auth prompt.
+  const net::SSLInfo& ssl_info = request_->response_info().ssl_info;
+  if (ssl_info.cert.get()) {
+    bool is_main_frame = (request_->load_flags() & net::LOAD_MAIN_FRAME) != 0;
+    ResourceRequestInfoImpl* info = GetRequestInfo();
+    int render_process_id;
+    int render_frame_id;
+    if (!info->GetAssociatedRenderFrame(&render_process_id, &render_frame_id))

[Charlie Reis, 2015/03/18 17:46:38]

Random question: Why does this method return a boolean?  Looks like there's only
one implementation of it and it can't return false.

(No need to fix in this CL, but that might be a useful cleanup.)

+      CHECK(0);

[Charlie Reis, 2015/03/18 17:46:38]

nit: CHECK(false) is more common.

[palmer, 2015/09/29 00:03:33]

Done in https://codereview.chromium.org/1368863002.

+    std::string security_info =
+        StoreAndSerializeSecurityInfo(ssl_info, info->GetChildID());
+    SSLManager::OnAuthDialog(render_process_id, render_frame_id, security_info,
+                             is_main_frame);
+  } else {
+    // We should not have any SSL state.
+    DCHECK(!ssl_info.cert_status && ssl_info.security_bits == -1 &&
+           !ssl_info.connection_status);
+  }
+
   // Create a login dialog on the UI thread to get authentication data, or pull
   // from cache and continue on the IO thread.
-
   DCHECK(!login_delegate_.get())
       << "OnAuthRequired called with login_delegate pending";
   login_delegate_ = delegate_->CreateLoginDelegate(this, auth_info);
@@ -323,7 +377,7 @@ void ResourceLoader::OnSSLCertificateError(net::URLRequest* request,
   int render_process_id;
   int render_frame_id;
   if (!info->GetAssociatedRenderFrame(&render_process_id, &render_frame_id))
-    NOTREACHED();
+    CHECK(0);
 
   SSLManager::OnSSLCertificateError(
       weak_ptr_factory_.GetWeakPtr(),
@@ -611,21 +665,6 @@ void ResourceLoader::CancelRequestInternal(int error, bool from_renderer) {
   }
 }
 
-void ResourceLoader::StoreSignedCertificateTimestamps(
-    const net::SignedCertificateTimestampAndStatusList& sct_list,
-    int process_id,
-    SignedCertificateTimestampIDStatusList* sct_ids) {
-  SignedCertificateTimestampStore* sct_store(
-      SignedCertificateTimestampStore::GetInstance());
-
-  for (net::SignedCertificateTimestampAndStatusList::const_iterator iter =
-       sct_list.begin(); iter != sct_list.end(); ++iter) {
-    const int sct_id(sct_store->Store(iter->sct.get(), process_id));
-    sct_ids->push_back(
-        SignedCertificateTimestampIDAndStatus(sct_id, iter->status));
-  }
-}
-
 void ResourceLoader::CompleteResponseStarted() {
   // TODO(vadimt): Remove ScopedTracker below once crbug.com/423948 is fixed.
   tracked_objects::ScopedTracker tracking_profile1(
@@ -648,21 +687,9 @@ void ResourceLoader::CompleteResponseStarted() {
         FROM_HERE_WITH_EXPLICIT_FUNCTION(
             "423948 ResourceLoader::CompleteResponseStarted3"));
 
-    int cert_id = CertStore::GetInstance()->StoreCert(
-        request_->ssl_info().cert.get(), info->GetChildID());
-
-    SignedCertificateTimestampIDStatusList signed_certificate_timestamp_ids;
-    StoreSignedCertificateTimestamps(
-        request_->ssl_info().signed_certificate_timestamps,
-        info->GetChildID(),
-        &signed_certificate_timestamp_ids);
-
-    response->head.security_info = SerializeSecurityInfo(
-        cert_id,
-        request_->ssl_info().cert_status,
-        request_->ssl_info().security_bits,
-        request_->ssl_info().connection_status,
-        signed_certificate_timestamp_ids);
+    response->head.security_info =
+        StoreAndSerializeSecurityInfo(request_->ssl_info(), info->GetChildID());
+
   } else {
     // We should not have any SSL state.
     DCHECK(!request_->ssl_info().cert_status &&
@@ -793,18 +820,8 @@ void ResourceLoader::ResponseCompleted() {
 
   std::string security_info;
   const net::SSLInfo& ssl_info = request_->ssl_info();
-  if (ssl_info.cert.get() != NULL) {
-    int cert_id = CertStore::GetInstance()->StoreCert(ssl_info.cert.get(),
-                                                      info->GetChildID());
-    SignedCertificateTimestampIDStatusList signed_certificate_timestamp_ids;
-    StoreSignedCertificateTimestamps(ssl_info.signed_certificate_timestamps,
-                                     info->GetChildID(),
-                                     &signed_certificate_timestamp_ids);
-
-    security_info = SerializeSecurityInfo(
-        cert_id, ssl_info.cert_status, ssl_info.security_bits,
-        ssl_info.connection_status, signed_certificate_timestamp_ids);
-  }
+  if (ssl_info.cert.get() != NULL)
+    security_info = StoreAndSerializeSecurityInfo(ssl_info, info->GetChildID());
 
   bool defer = false;
   {