Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(279)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/ssl/ssl_policy.cc

Issue 441043005: Cleanup of SSLHostStateDelegate and related code (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Rebase on ToT Created 6 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/browser/ssl/chrome_ssl_host_state_delegate_test.cc ('k') | content/browser/ssl/ssl_policy_backend.h » ('j') | content/public/browser/ssl_host_state_delegate.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/browser/ssl/ssl_policy.h" 5 #include "content/browser/ssl/ssl_policy.h"
6 6
7 #include "base/base_switches.h" 7 #include "base/base_switches.h"
8 #include "base/bind.h" 8 #include "base/bind.h"
9 #include "base/command_line.h" 9 #include "base/command_line.h"
10 #include "base/memory/singleton.h" 10 #include "base/memory/singleton.h"
(...skipping 16 matching lines...) Expand all
27 namespace content { 27 namespace content {
28 28
29 SSLPolicy::SSLPolicy(SSLPolicyBackend* backend) 29 SSLPolicy::SSLPolicy(SSLPolicyBackend* backend)
30 : backend_(backend) { 30 : backend_(backend) {
31 DCHECK(backend_); 31 DCHECK(backend_);
32 } 32 }
33 33
34 void SSLPolicy::OnCertError(SSLCertErrorHandler* handler) { 34 void SSLPolicy::OnCertError(SSLCertErrorHandler* handler) {
35 bool expired_previous_decision; 35 bool expired_previous_decision;
36 // First we check if we know the policy for this error. 36 // First we check if we know the policy for this error.
37 DCHECK(handler->ssl_info().is_valid());
37 net::CertPolicy::Judgment judgment = 38 net::CertPolicy::Judgment judgment =
38 backend_->QueryPolicy(handler->ssl_info().cert.get(), 39 backend_->QueryPolicy(*handler->ssl_info().cert.get(),
39 handler->request_url().host(), 40 handler->request_url().host(),
40 handler->cert_error(), 41 handler->cert_error(),
41 &expired_previous_decision); 42 &expired_previous_decision);
42 43
43 if (judgment == net::CertPolicy::ALLOWED) { 44 if (judgment == net::CertPolicy::ALLOWED) {
44 handler->ContinueRequest(); 45 handler->ContinueRequest();
45 return; 46 return;
46 } 47 }
47 48
48 // The judgment is either DENIED or UNKNOWN. 49 // The judgment is either DENIED or UNKNOWN.
(...skipping 107 matching lines...) Expand 10 before | Expand all | Expand 10 after
156 entry->GetURL().host(), site_instance->GetProcess()->GetID())) { 157 entry->GetURL().host(), site_instance->GetProcess()->GetID())) {
157 entry->GetSSL().security_style = 158 entry->GetSSL().security_style =
158 SECURITY_STYLE_AUTHENTICATION_BROKEN; 159 SECURITY_STYLE_AUTHENTICATION_BROKEN;
159 entry->GetSSL().content_status |= SSLStatus::RAN_INSECURE_CONTENT; 160 entry->GetSSL().content_status |= SSLStatus::RAN_INSECURE_CONTENT;
160 return; 161 return;
161 } 162 }
162 } 163 }
163 164
164 void SSLPolicy::OnAllowCertificate(scoped_refptr<SSLCertErrorHandler> handler, 165 void SSLPolicy::OnAllowCertificate(scoped_refptr<SSLCertErrorHandler> handler,
165 bool allow) { 166 bool allow) {
167 DCHECK(handler->ssl_info().is_valid());
166 if (allow) { 168 if (allow) {
167 // Default behavior for accepting a certificate. 169 // Default behavior for accepting a certificate.
168 // Note that we should not call SetMaxSecurityStyle here, because the active 170 // Note that we should not call SetMaxSecurityStyle here, because the active
169 // NavigationEntry has just been deleted (in HideInterstitialPage) and the 171 // NavigationEntry has just been deleted (in HideInterstitialPage) and the
170 // new NavigationEntry will not be set until DidNavigate. This is ok, 172 // new NavigationEntry will not be set until DidNavigate. This is ok,
171 // because the new NavigationEntry will have its max security style set 173 // because the new NavigationEntry will have its max security style set
172 // within DidNavigate. 174 // within DidNavigate.
173 // 175 //
174 // While AllowCertForHost() executes synchronously on this thread, 176 // While AllowCertForHost() executes synchronously on this thread,
175 // ContinueRequest() gets posted to a different thread. Calling 177 // ContinueRequest() gets posted to a different thread. Calling
176 // AllowCertForHost() first ensures deterministic ordering. 178 // AllowCertForHost() first ensures deterministic ordering.
177 backend_->AllowCertForHost(handler->ssl_info().cert.get(), 179 backend_->AllowCertForHost(*handler->ssl_info().cert.get(),
178 handler->request_url().host(), 180 handler->request_url().host(),
179 handler->cert_error()); 181 handler->cert_error());
180 handler->ContinueRequest(); 182 handler->ContinueRequest();
181 } else { 183 } else {
182 // Default behavior for rejecting a certificate. 184 // Default behavior for rejecting a certificate.
183 // 185 //
184 // While DenyCertForHost() executes synchronously on this thread, 186 // While DenyCertForHost() executes synchronously on this thread,
185 // CancelRequest() gets posted to a different thread. Calling 187 // CancelRequest() gets posted to a different thread. Calling
186 // DenyCertForHost() first ensures deterministic ordering. 188 // DenyCertForHost() first ensures deterministic ordering.
187 backend_->DenyCertForHost(handler->ssl_info().cert.get(), 189 backend_->DenyCertForHost(*handler->ssl_info().cert.get(),
188 handler->request_url().host(), 190 handler->request_url().host(),
189 handler->cert_error()); 191 handler->cert_error());
190 handler->CancelRequest(); 192 handler->CancelRequest();
191 } 193 }
192 } 194 }
193 195
194 //////////////////////////////////////////////////////////////////////////////// 196 ////////////////////////////////////////////////////////////////////////////////
195 // Certificate Error Routines 197 // Certificate Error Routines
196 198
197 void SSLPolicy::OnCertErrorInternal(SSLCertErrorHandler* handler, 199 void SSLPolicy::OnCertErrorInternal(SSLCertErrorHandler* handler,
(...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after
238 SECURITY_STYLE_AUTHENTICATED : SECURITY_STYLE_UNAUTHENTICATED; 240 SECURITY_STYLE_AUTHENTICATED : SECURITY_STYLE_UNAUTHENTICATED;
239 } 241 }
240 242
241 void SSLPolicy::OriginRanInsecureContent(const std::string& origin, int pid) { 243 void SSLPolicy::OriginRanInsecureContent(const std::string& origin, int pid) {
242 GURL parsed_origin(origin); 244 GURL parsed_origin(origin);
243 if (parsed_origin.SchemeIsSecure()) 245 if (parsed_origin.SchemeIsSecure())
244 backend_->HostRanInsecureContent(parsed_origin.host(), pid); 246 backend_->HostRanInsecureContent(parsed_origin.host(), pid);
245 } 247 }
246 248
247 } // namespace content 249 } // namespace content
OLDNEW
« no previous file with comments | « chrome/browser/ssl/chrome_ssl_host_state_delegate_test.cc ('k') | content/browser/ssl/ssl_policy_backend.h » ('j') | content/public/browser/ssl_host_state_delegate.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698