chrome/browser/ui/website_settings/website_settings.cc - Issue 662883002: net: show UI warnings for SSLv3.

Side by Side Diff: chrome/browser/ui/website_settings/website_settings.cc

Issue 662883002: net: show UI warnings for SSLv3. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git/+/master

Patch Set: Remove comment. Created 6 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "chrome/browser/ui/website_settings/website_settings.h"	5 #include "chrome/browser/ui/website_settings/website_settings.h"

6	6

7 #include <string>	7 #include <string>

8 #include <vector>	8 #include <vector>

9	9

10 #include "base/bind.h"	10 #include "base/bind.h"

(...skipping 533 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
544 IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_INSECURE_CONTENT_ERROR :	544 IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_INSECURE_CONTENT_ERROR :

545 IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_INSECURE_CONTENT_WARNING)));	545 IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_INSECURE_CONTENT_WARNING)));

546 }	546 }

547 }	547 }

548	548

549 uint16 cipher_suite =	549 uint16 cipher_suite =

550 net::SSLConnectionStatusToCipherSuite(ssl.connection_status);	550 net::SSLConnectionStatusToCipherSuite(ssl.connection_status);

551 if (ssl.security_bits > 0 && cipher_suite) {	551 if (ssl.security_bits > 0 && cipher_suite) {

552 int ssl_version =	552 int ssl_version =

553 net::SSLConnectionStatusToVersion(ssl.connection_status);	553 net::SSLConnectionStatusToVersion(ssl.connection_status);

	554 const bool is_sslv3 = ssl_version == net::SSL_CONNECTION_VERSION_SSL3;
	msw 2014/10/20 18:27:39 nit: move this down to where it's used, or inline nit: move this down to where it's used, or inline it.
554 const char* ssl_version_str;	555 const char* ssl_version_str;

555 net::SSLVersionToString(&ssl_version_str, ssl_version);	556 net::SSLVersionToString(&ssl_version_str, ssl_version);

556 site_connection_details_ += ASCIIToUTF16("\n\n");	557 site_connection_details_ += ASCIIToUTF16("\n\n");

557 site_connection_details_ += l10n_util::GetStringFUTF16(	558 site_connection_details_ += l10n_util::GetStringFUTF16(

558 IDS_PAGE_INFO_SECURITY_TAB_SSL_VERSION,	559 IDS_PAGE_INFO_SECURITY_TAB_SSL_VERSION,

559 ASCIIToUTF16(ssl_version_str));	560 ASCIIToUTF16(ssl_version_str));

560	561

561 bool did_fallback = (ssl.connection_status &
msw 2014/10/20 18:27:39 q: do you actually intend to remove SSL_CONNECTION q: do you actually intend to remove SSL_CONNECTION_VERSION_FALLBACK as a trigger for SITE_CONNECTION_STATUS_MIXED_CONTENT? (I'm not a knowledgeable reviewer for this, but it caught my eye)
562 net::SSL_CONNECTION_VERSION_FALLBACK) != 0;
agl 2014/10/20 18:55:19 Yes, fallback to SSLv3 is getting removed in Chrom Yes, fallback to SSLv3 is getting removed in Chrome 39 (hopefully) thus we don't need it any longer. We are now warning about SSLv3 in general to prepare for removal in Chrome 40. msw 2014/10/20 19:14:06 Acknowledged. Show quoted text On 2014/10/20 18:55:19, agl wrote: > Yes, fallback to SSLv3 is getting removed in Chrome 39 (hopefully) thus we don't > need it any longer. We are now warning about SSLv3 in general to prepare for > removal in Chrome 40. Acknowledged.
563 bool no_renegotiation =	562 bool no_renegotiation =

564 (ssl.connection_status &	563 (ssl.connection_status &

565 net::SSL_CONNECTION_NO_RENEGOTIATION_EXTENSION) != 0;	564 net::SSL_CONNECTION_NO_RENEGOTIATION_EXTENSION) != 0;

566 const char key_exchange, cipher, *mac;	565 const char key_exchange, cipher, *mac;

567 bool is_aead;	566 bool is_aead;

568 net::SSLCipherSuiteToStrings(	567 net::SSLCipherSuiteToStrings(

569 &key_exchange, &cipher, &mac, &is_aead, cipher_suite);	568 &key_exchange, &cipher, &mac, &is_aead, cipher_suite);

570	569

571 site_connection_details_ += ASCIIToUTF16("\n\n");	570 site_connection_details_ += ASCIIToUTF16("\n\n");

572 if (is_aead) {	571 if (is_aead) {

573 site_connection_details_ += l10n_util::GetStringFUTF16(	572 site_connection_details_ += l10n_util::GetStringFUTF16(

574 IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTION_DETAILS_AEAD,	573 IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTION_DETAILS_AEAD,

575 ASCIIToUTF16(cipher), ASCIIToUTF16(key_exchange));	574 ASCIIToUTF16(cipher), ASCIIToUTF16(key_exchange));

576 } else {	575 } else {

577 site_connection_details_ += l10n_util::GetStringFUTF16(	576 site_connection_details_ += l10n_util::GetStringFUTF16(

578 IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTION_DETAILS,	577 IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTION_DETAILS,

579 ASCIIToUTF16(cipher), ASCIIToUTF16(mac), ASCIIToUTF16(key_exchange));	578 ASCIIToUTF16(cipher), ASCIIToUTF16(mac), ASCIIToUTF16(key_exchange));

580 }	579 }

581	580

582 if (did_fallback) {	581 if (is_sslv3 &&

583 // For now, only SSLv3 fallback will trigger a warning icon.	582 site_connection_status_ < SITE_CONNECTION_STATUS_MIXED_CONTENT) {

584 if (site_connection_status_ < SITE_CONNECTION_STATUS_MIXED_CONTENT)	583 site_connection_status_ = SITE_CONNECTION_STATUS_ENCRYPTED_ERROR;

585 site_connection_status_ = SITE_CONNECTION_STATUS_MIXED_CONTENT;

586 site_connection_details_ += ASCIIToUTF16("\n\n");

587 site_connection_details_ += l10n_util::GetStringUTF16(

588 IDS_PAGE_INFO_SECURITY_TAB_FALLBACK_MESSAGE);
msw 2014/10/20 18:27:39 The IDS and string asset should be removed if they The IDS and string asset should be removed if they're no longer used. agl 2014/10/20 18:55:19 I did plan on removing this message but, having sl Show quoted text On 2014/10/20 18:27:39, msw wrote: > The IDS and string asset should be removed if they're no longer used. I did plan on removing this message but, having slept on it, I've decided that it's still useful, so I've moved \|did_fallback\| down here and added it back in. msw 2014/10/20 19:14:06 Acknowledged. Show quoted text On 2014/10/20 18:55:19, agl wrote: > On 2014/10/20 18:27:39, msw wrote: > > The IDS and string asset should be removed if they're no longer used. > > I did plan on removing this message but, having slept on it, I've decided that > it's still useful, so I've moved \|did_fallback\| down here and added it back in. Acknowledged.
589 }	584 }

	585

590 if (no_renegotiation) {	586 if (no_renegotiation) {

591 site_connection_details_ += ASCIIToUTF16("\n\n");	587 site_connection_details_ += ASCIIToUTF16("\n\n");

592 site_connection_details_ += l10n_util::GetStringUTF16(	588 site_connection_details_ += l10n_util::GetStringUTF16(

593 IDS_PAGE_INFO_SECURITY_TAB_RENEGOTIATION_MESSAGE);	589 IDS_PAGE_INFO_SECURITY_TAB_RENEGOTIATION_MESSAGE);

594 }	590 }

595 }	591 }

596	592

597 // Check if a user decision has been made to allow or deny certificates with	593 // Check if a user decision has been made to allow or deny certificates with

598 // errors on this site.	594 // errors on this site.

599 ChromeSSLHostStateDelegate* delegate =	595 ChromeSSLHostStateDelegate* delegate =

(...skipping 162 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
762 if (visited_before_today) {	758 if (visited_before_today) {

763 first_visit_text = l10n_util::GetStringFUTF16(	759 first_visit_text = l10n_util::GetStringFUTF16(

764 IDS_PAGE_INFO_SECURITY_TAB_VISITED_BEFORE_TODAY,	760 IDS_PAGE_INFO_SECURITY_TAB_VISITED_BEFORE_TODAY,

765 base::TimeFormatShortDate(first_visit));	761 base::TimeFormatShortDate(first_visit));

766 } else {	762 } else {

767 first_visit_text = l10n_util::GetStringUTF16(	763 first_visit_text = l10n_util::GetStringUTF16(

768 IDS_PAGE_INFO_SECURITY_TAB_FIRST_VISITED_TODAY);	764 IDS_PAGE_INFO_SECURITY_TAB_FIRST_VISITED_TODAY);

769 }	765 }

770 ui_->SetFirstVisit(first_visit_text);	766 ui_->SetFirstVisit(first_visit_text);

771 }	767 }

OLD	NEW

« no previous file with comments | « chrome/browser/ui/toolbar/toolbar_model_impl.cc ('k') | no next file » | no next file with comments »