Chromium Code Reviews Chromium Code Reviews
Issue 662883002:
net: show UI warnings for SSLv3. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git/+/master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ui/website_settings/website_settings.h" | 5 #include "chrome/browser/ui/website_settings/website_settings.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 #include <vector> | 8 #include <vector> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 540 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 551 if (ssl.security_bits > 0 && cipher_suite) { | 551 if (ssl.security_bits > 0 && cipher_suite) { |
| 552 int ssl_version = | 552 int ssl_version = |
| 553 net::SSLConnectionStatusToVersion(ssl.connection_status); | 553 net::SSLConnectionStatusToVersion(ssl.connection_status); |
| 554 const char* ssl_version_str; | 554 const char* ssl_version_str; |
| 555 net::SSLVersionToString(&ssl_version_str, ssl_version); | 555 net::SSLVersionToString(&ssl_version_str, ssl_version); |
| 556 site_connection_details_ += ASCIIToUTF16("\n\n"); | 556 site_connection_details_ += ASCIIToUTF16("\n\n"); |
| 557 site_connection_details_ += l10n_util::GetStringFUTF16( | 557 site_connection_details_ += l10n_util::GetStringFUTF16( |
| 558 IDS_PAGE_INFO_SECURITY_TAB_SSL_VERSION, | 558 IDS_PAGE_INFO_SECURITY_TAB_SSL_VERSION, |
| 559 ASCIIToUTF16(ssl_version_str)); | 559 ASCIIToUTF16(ssl_version_str)); |
| 560 | 560 |
| 561 bool did_fallback = (ssl.connection_status & | |
| 562 net::SSL_CONNECTION_VERSION_FALLBACK) != 0; | |
| 563 bool no_renegotiation = | 561 bool no_renegotiation = |
| 564 (ssl.connection_status & | 562 (ssl.connection_status & |
| 565 net::SSL_CONNECTION_NO_RENEGOTIATION_EXTENSION) != 0; | 563 net::SSL_CONNECTION_NO_RENEGOTIATION_EXTENSION) != 0; |
| 566 const char *key_exchange, *cipher, *mac; | 564 const char *key_exchange, *cipher, *mac; |
| 567 bool is_aead; | 565 bool is_aead; |
| 568 net::SSLCipherSuiteToStrings( | 566 net::SSLCipherSuiteToStrings( |
| 569 &key_exchange, &cipher, &mac, &is_aead, cipher_suite); | 567 &key_exchange, &cipher, &mac, &is_aead, cipher_suite); |
| 570 | 568 |
| 571 site_connection_details_ += ASCIIToUTF16("\n\n"); | 569 site_connection_details_ += ASCIIToUTF16("\n\n"); |
| 572 if (is_aead) { | 570 if (is_aead) { |
| 573 site_connection_details_ += l10n_util::GetStringFUTF16( | 571 site_connection_details_ += l10n_util::GetStringFUTF16( |
| 574 IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTION_DETAILS_AEAD, | 572 IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTION_DETAILS_AEAD, |
| 575 ASCIIToUTF16(cipher), ASCIIToUTF16(key_exchange)); | 573 ASCIIToUTF16(cipher), ASCIIToUTF16(key_exchange)); |
| 576 } else { | 574 } else { |
| 577 site_connection_details_ += l10n_util::GetStringFUTF16( | 575 site_connection_details_ += l10n_util::GetStringFUTF16( |
| 578 IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTION_DETAILS, | 576 IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTION_DETAILS, |
| 579 ASCIIToUTF16(cipher), ASCIIToUTF16(mac), ASCIIToUTF16(key_exchange)); | 577 ASCIIToUTF16(cipher), ASCIIToUTF16(mac), ASCIIToUTF16(key_exchange)); |
| 580 } | 578 } |
| 581 | 579 |
| 580 if (ssl_version == net::SSL_CONNECTION_VERSION_SSL3 && | |
| 581 site_connection_status_ < SITE_CONNECTION_STATUS_MIXED_CONTENT) { | |
| 582 site_connection_status_ = SITE_CONNECTION_STATUS_ENCRYPTED_ERROR; | |
| 583 } | |
| 584 | |
| 585 const bool did_fallback = | |
| 586 (ssl.connection_status & net::SSL_CONNECTION_VERSION_FALLBACK) != 0; | |
|
msw
2014/10/20 19:14:06
optional nit: inline into the if statement.
agl
2014/10/20 21:30:35
Ack.
I think the naming the value helps a little.
| |
| 582 if (did_fallback) { | 587 if (did_fallback) { |
| 583 // For now, only SSLv3 fallback will trigger a warning icon. | |
| 584 if (site_connection_status_ < SITE_CONNECTION_STATUS_MIXED_CONTENT) | |
| 585 site_connection_status_ = SITE_CONNECTION_STATUS_MIXED_CONTENT; | |
| 586 site_connection_details_ += ASCIIToUTF16("\n\n"); | 588 site_connection_details_ += ASCIIToUTF16("\n\n"); |
| 587 site_connection_details_ += l10n_util::GetStringUTF16( | 589 site_connection_details_ += l10n_util::GetStringUTF16( |
| 588 IDS_PAGE_INFO_SECURITY_TAB_FALLBACK_MESSAGE); | 590 IDS_PAGE_INFO_SECURITY_TAB_FALLBACK_MESSAGE); |
| 589 } | 591 } |
| 592 | |
| 590 if (no_renegotiation) { | 593 if (no_renegotiation) { |
| 591 site_connection_details_ += ASCIIToUTF16("\n\n"); | 594 site_connection_details_ += ASCIIToUTF16("\n\n"); |
| 592 site_connection_details_ += l10n_util::GetStringUTF16( | 595 site_connection_details_ += l10n_util::GetStringUTF16( |
| 593 IDS_PAGE_INFO_SECURITY_TAB_RENEGOTIATION_MESSAGE); | 596 IDS_PAGE_INFO_SECURITY_TAB_RENEGOTIATION_MESSAGE); |
| 594 } | 597 } |
| 595 } | 598 } |
| 596 | 599 |
| 597 // Check if a user decision has been made to allow or deny certificates with | 600 // Check if a user decision has been made to allow or deny certificates with |
| 598 // errors on this site. | 601 // errors on this site. |
| 599 ChromeSSLHostStateDelegate* delegate = | 602 ChromeSSLHostStateDelegate* delegate = |
| (...skipping 162 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 762 if (visited_before_today) { | 765 if (visited_before_today) { |
| 763 first_visit_text = l10n_util::GetStringFUTF16( | 766 first_visit_text = l10n_util::GetStringFUTF16( |
| 764 IDS_PAGE_INFO_SECURITY_TAB_VISITED_BEFORE_TODAY, | 767 IDS_PAGE_INFO_SECURITY_TAB_VISITED_BEFORE_TODAY, |
| 765 base::TimeFormatShortDate(first_visit)); | 768 base::TimeFormatShortDate(first_visit)); |
| 766 } else { | 769 } else { |
| 767 first_visit_text = l10n_util::GetStringUTF16( | 770 first_visit_text = l10n_util::GetStringUTF16( |
| 768 IDS_PAGE_INFO_SECURITY_TAB_FIRST_VISITED_TODAY); | 771 IDS_PAGE_INFO_SECURITY_TAB_FIRST_VISITED_TODAY); |
| 769 } | 772 } |
| 770 ui_->SetFirstVisit(first_visit_text); | 773 ui_->SetFirstVisit(first_visit_text); |
| 771 } | 774 } |
| OLD | NEW |
