diff options
| -rw-r--r-- | chrome/browser/dom_ui/options/advanced_options_handler.cc | 55 | ||||
| -rw-r--r-- | chrome/browser/dom_ui/options/advanced_options_handler.h | 10 | ||||
| -rw-r--r-- | chrome/browser/resources/options/advanced_options.html | 8 | ||||
| -rw-r--r-- | chrome/browser/resources/options/advanced_options.js | 18 | ||||
| -rw-r--r-- | chrome/browser/views/options/advanced_contents_view.cc | 38 | ||||
| -rw-r--r-- | net/base/ssl_config_service_win.cc | 21 | ||||
| -rw-r--r-- | net/base/ssl_config_service_win.h | 4 | ||||
| -rw-r--r-- | net/base/ssl_config_service_win_unittest.cc | 28 |
8 files changed, 163 insertions, 19 deletions
diff --git a/chrome/browser/dom_ui/options/advanced_options_handler.cc b/chrome/browser/dom_ui/options/advanced_options_handler.cc index 256691b3..e43503b 100644 --- a/chrome/browser/dom_ui/options/advanced_options_handler.cc +++ b/chrome/browser/dom_ui/options/advanced_options_handler.cc @@ -228,6 +228,12 @@ void AdvancedOptionsHandler::RegisterMessages() { dom_ui_->RegisterMessageCallback("useSSL2CheckboxAction", NewCallback(this, &AdvancedOptionsHandler::HandleUseSSL2Checkbox)); + dom_ui_->RegisterMessageCallback("useSSL3CheckboxAction", + NewCallback(this, + &AdvancedOptionsHandler::HandleUseSSL3Checkbox)); + dom_ui_->RegisterMessageCallback("useTLS1CheckboxAction", + NewCallback(this, + &AdvancedOptionsHandler::HandleUseTLS1Checkbox)); dom_ui_->RegisterMessageCallback("showGearsSettings", NewCallback(this, &AdvancedOptionsHandler::HandleShowGearsSettings)); @@ -300,20 +306,39 @@ void AdvancedOptionsHandler::HandleMetricsReportingCheckbox( void AdvancedOptionsHandler::HandleCheckRevocationCheckbox( const ListValue* args) { std::string checked_str = WideToUTF8(ExtractStringValue(args)); + bool enabled = (checked_str == "true"); std::string metric = - (checked_str == "true" ? "Options_CheckCertRevocation_Enable" - : "Options_CheckCertRevocation_Disable"); + (enabled ? "Options_CheckCertRevocation_Enable" + : "Options_CheckCertRevocation_Disable"); UserMetricsRecordAction(UserMetricsAction(metric.c_str())); - net::SSLConfigServiceWin::SetRevCheckingEnabled(checked_str == "true"); + net::SSLConfigServiceWin::SetRevCheckingEnabled(enabled); } void AdvancedOptionsHandler::HandleUseSSL2Checkbox(const ListValue* args) { std::string checked_str = WideToUTF8(ExtractStringValue(args)); + bool enabled = (checked_str == "true"); + std::string metric = + (enabled ? "Options_SSL2_Enable" : "Options_SSL2_Disable"); + UserMetricsRecordAction(UserMetricsAction(metric.c_str())); + net::SSLConfigServiceWin::SetSSL2Enabled(enabled); +} + +void AdvancedOptionsHandler::HandleUseSSL3Checkbox(const ListValue* args) { + std::string checked_str = WideToUTF8(ExtractStringValue(args)); + bool enabled = (checked_str == "true"); std::string metric = - (checked_str == "true" ? "Options_SSL2_Enable" - : "Options_SSL2_Disable"); + (enabled ? "Options_SSL3_Enable" : "Options_SSL3_Disable"); UserMetricsRecordAction(UserMetricsAction(metric.c_str())); - net::SSLConfigServiceWin::SetSSL2Enabled(checked_str == "true"); + net::SSLConfigServiceWin::SetSSL3Enabled(enabled); +} + +void AdvancedOptionsHandler::HandleUseTLS1Checkbox(const ListValue* args) { + std::string checked_str = WideToUTF8(ExtractStringValue(args)); + bool enabled = (checked_str == "true"); + std::string metric = + (enabled ? "Options_TLS1_Enable" : "Options_TLS1_Disable"); + UserMetricsRecordAction(UserMetricsAction(metric.c_str())); + net::SSLConfigServiceWin::SetTLS1Enabled(enabled); } void AdvancedOptionsHandler::HandleShowGearsSettings(const ListValue* args) { @@ -393,19 +418,29 @@ void AdvancedOptionsHandler::SetupProxySettingsSection() { #if defined(OS_WIN) void AdvancedOptionsHandler::SetupSSLConfigSettings() { bool checkRevocationSetting = false; - bool useSSLSetting = false; + bool useSSL2Setting = false; + bool useSSL3Setting = false; + bool useTLS1Setting = false; net::SSLConfig config; if (net::SSLConfigServiceWin::GetSSLConfigNow(&config)) { checkRevocationSetting = config.rev_checking_enabled; - useSSLSetting = config.ssl2_enabled; + useSSL2Setting = config.ssl2_enabled; + useSSL3Setting = config.ssl3_enabled; + useTLS1Setting = config.tls1_enabled; } FundamentalValue checkRevocationValue(checkRevocationSetting); dom_ui_->CallJavascriptFunction( L"options.AdvancedOptions.SetCheckRevocationCheckboxState", checkRevocationValue); - FundamentalValue useSSLValue(useSSLSetting); + FundamentalValue useSSL2Value(useSSL2Setting); + dom_ui_->CallJavascriptFunction( + L"options.AdvancedOptions.SetUseSSL2CheckboxStatechecked", useSSL2Value); + FundamentalValue useSSL3Value(useSSL3Setting); + dom_ui_->CallJavascriptFunction( + L"options.AdvancedOptions.SetUseSSL3CheckboxStatechecked", useSSL3Value); + FundamentalValue useTLS1Value(useTLS1Setting); dom_ui_->CallJavascriptFunction( - L"options.AdvancedOptions.SetUseSSL2CheckboxStatechecked", useSSLValue); + L"options.AdvancedOptions.SetUseTLS1CheckboxStatechecked", useTLS1Value); } #endif diff --git a/chrome/browser/dom_ui/options/advanced_options_handler.h b/chrome/browser/dom_ui/options/advanced_options_handler.h index a46942f..656e6d7 100644 --- a/chrome/browser/dom_ui/options/advanced_options_handler.h +++ b/chrome/browser/dom_ui/options/advanced_options_handler.h @@ -62,6 +62,14 @@ class AdvancedOptionsHandler // manual handling on Windows. void HandleUseSSL2Checkbox(const ListValue* args); + // Callback for the "Use SSL3" checkbox. This is needed so we can support + // manual handling on Windows. + void HandleUseSSL3Checkbox(const ListValue* args); + + // Callback for the "Use TLS1" checkbox. This is needed so we can support + // manual handling on Windows. + void HandleUseTLS1Checkbox(const ListValue* args); + // Callback for the "Show Gears Settings" button. void HandleShowGearsSettings(const ListValue* args); #endif @@ -109,4 +117,4 @@ class AdvancedOptionsHandler DISALLOW_COPY_AND_ASSIGN(AdvancedOptionsHandler); }; -#endif // CHROME_BROWSER_DOM_UI_ADVANCED_OPTIONS_HANDLER_H_ +#endif // CHROME_BROWSER_DOM_UI_OPTIONS_ADVANCED_OPTIONS_HANDLER_H_ diff --git a/chrome/browser/resources/options/advanced_options.html b/chrome/browser/resources/options/advanced_options.html index 13d1ea7..28f3640e 100644 --- a/chrome/browser/resources/options/advanced_options.html +++ b/chrome/browser/resources/options/advanced_options.html @@ -119,6 +119,14 @@ <input id="sslUseSSL2" type="checkbox"> <span i18n-content="sslUseSSL2"></span> </label> + <label class="checkbox"> + <input id="sslUseSSL3" type="checkbox"> + <span i18n-content="sslUseSSL3"></span> + </label> + <label class="checkbox"> + <input id="sslUseTLS1" type="checkbox"> + <span i18n-content="sslUseTLS1"></span> + </label> </if> <if expr="not pp_ifdef('chromeos') and (os == 'linux2' or os.find('bsd') != -1)"> <!-- Configure these options for Linux/BSD as preference keys --> diff --git a/chrome/browser/resources/options/advanced_options.js b/chrome/browser/resources/options/advanced_options.js index 58e9fde..4b6e914 100644 --- a/chrome/browser/resources/options/advanced_options.js +++ b/chrome/browser/resources/options/advanced_options.js @@ -108,6 +108,14 @@ var OptionsPage = options.OptionsPage; chrome.send('useSSL2CheckboxAction', [String($('sslUseSSL2').checked)]); }; + $('sslUseSSL3').onclick = function(event) { + chrome.send('useSSL3CheckboxAction', + [String($('sslUseSSL3').checked)]); + }; + $('sslUseTLS1').onclick = function(event) { + chrome.send('useTLS1CheckboxAction', + [String($('sslUseTLS1').checked)]); + }; $('gearSettingsConfigureGearsButton').onclick = function(event) { chrome.send('showGearsSettings'); }; @@ -166,6 +174,16 @@ var OptionsPage = options.OptionsPage; $('sslUseSSL2').checked = checked; }; + // Set the checked state for the sslUseSSL3 checkbox. + AdvancedOptions.SetUseSSL3CheckboxState = function(checked) { + $('sslUseSSL3').checked = checked; + }; + + // Set the checked state for the sslUseTLS1 checkbox. + AdvancedOptions.SetUseTLS1CheckboxState = function(checked) { + $('sslUseTLS1').checked = checked; + }; + // Export return { AdvancedOptions: AdvancedOptions diff --git a/chrome/browser/views/options/advanced_contents_view.cc b/chrome/browser/views/options/advanced_contents_view.cc index f99531e..7816fc5 100644 --- a/chrome/browser/views/options/advanced_contents_view.cc +++ b/chrome/browser/views/options/advanced_contents_view.cc @@ -77,10 +77,6 @@ const int kFileIconVerticalSpacing = 3; const int kFileIconHorizontalSpacing = 3; const int kFileIconTextFieldSpacing = 3; -} - -namespace { - //////////////////////////////////////////////////////////////////////////////// // FileDisplayArea @@ -793,6 +789,8 @@ class SecuritySection : public AdvancedSection, // Controls for this section: views::Label* ssl_info_label_; views::Checkbox* enable_ssl2_checkbox_; + views::Checkbox* enable_ssl3_checkbox_; + views::Checkbox* enable_tls1_checkbox_; views::Checkbox* check_for_cert_revocation_checkbox_; views::Label* manage_certificates_label_; views::NativeButton* manage_certificates_button_; @@ -803,6 +801,8 @@ class SecuritySection : public AdvancedSection, SecuritySection::SecuritySection(Profile* profile) : ssl_info_label_(NULL), enable_ssl2_checkbox_(NULL), + enable_ssl3_checkbox_(NULL), + enable_tls1_checkbox_(NULL), check_for_cert_revocation_checkbox_(NULL), manage_certificates_label_(NULL), manage_certificates_button_(NULL), @@ -820,6 +820,22 @@ void SecuritySection::ButtonPressed( UserMetricsRecordAction(UserMetricsAction("Options_SSL2_Disable"), NULL); } net::SSLConfigServiceWin::SetSSL2Enabled(enabled); + } else if (sender == enable_ssl3_checkbox_) { + bool enabled = enable_ssl3_checkbox_->checked(); + if (enabled) { + UserMetricsRecordAction(UserMetricsAction("Options_SSL3_Enable"), NULL); + } else { + UserMetricsRecordAction(UserMetricsAction("Options_SSL3_Disable"), NULL); + } + net::SSLConfigServiceWin::SetSSL3Enabled(enabled); + } else if (sender == enable_tls1_checkbox_) { + bool enabled = enable_tls1_checkbox_->checked(); + if (enabled) { + UserMetricsRecordAction(UserMetricsAction("Options_TLS1_Enable"), NULL); + } else { + UserMetricsRecordAction(UserMetricsAction("Options_TLS1_Disable"), NULL); + } + net::SSLConfigServiceWin::SetTLS1Enabled(enabled); } else if (sender == check_for_cert_revocation_checkbox_) { bool enabled = check_for_cert_revocation_checkbox_->checked(); if (enabled) { @@ -847,6 +863,12 @@ void SecuritySection::InitControlLayout() { enable_ssl2_checkbox_ = new views::Checkbox( l10n_util::GetString(IDS_OPTIONS_SSL_USESSL2)); enable_ssl2_checkbox_->set_listener(this); + enable_ssl3_checkbox_ = new views::Checkbox( + l10n_util::GetString(IDS_OPTIONS_SSL_USESSL3)); + enable_ssl3_checkbox_->set_listener(this); + enable_tls1_checkbox_ = new views::Checkbox( + l10n_util::GetString(IDS_OPTIONS_SSL_USETLS1)); + enable_tls1_checkbox_->set_listener(this); check_for_cert_revocation_checkbox_ = new views::Checkbox( l10n_util::GetString(IDS_OPTIONS_SSL_CHECKREVOCATION)); check_for_cert_revocation_checkbox_->set_listener(this); @@ -878,6 +900,10 @@ void SecuritySection::InitControlLayout() { true); AddWrappingCheckboxRow(layout, enable_ssl2_checkbox_, indented_column_set_id, true); + AddWrappingCheckboxRow(layout, enable_ssl3_checkbox_, + indented_column_set_id, true); + AddWrappingCheckboxRow(layout, enable_tls1_checkbox_, + indented_column_set_id, true); AddWrappingCheckboxRow(layout, check_for_cert_revocation_checkbox_, indented_column_set_id, false); } @@ -889,10 +915,14 @@ void SecuritySection::NotifyPrefChanged(const std::string* pref_name) { net::SSLConfig config; if (net::SSLConfigServiceWin::GetSSLConfigNow(&config)) { enable_ssl2_checkbox_->SetChecked(config.ssl2_enabled); + enable_ssl3_checkbox_->SetChecked(config.ssl3_enabled); + enable_tls1_checkbox_->SetChecked(config.tls1_enabled); check_for_cert_revocation_checkbox_->SetChecked( config.rev_checking_enabled); } else { enable_ssl2_checkbox_->SetEnabled(false); + enable_ssl3_checkbox_->SetEnabled(false); + enable_tls1_checkbox_->SetEnabled(false); check_for_cert_revocation_checkbox_->SetEnabled(false); } } diff --git a/net/base/ssl_config_service_win.cc b/net/base/ssl_config_service_win.cc index 4b289dd..82f44bf 100644 --- a/net/base/ssl_config_service_win.cc +++ b/net/base/ssl_config_service_win.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -92,15 +92,30 @@ void SSLConfigServiceWin::SetRevCheckingEnabled(bool enabled) { // static void SSLConfigServiceWin::SetSSL2Enabled(bool enabled) { + SetSSLVersionEnabled(SSL2, enabled); +} + +// static +void SSLConfigServiceWin::SetSSL3Enabled(bool enabled) { + SetSSLVersionEnabled(SSL3, enabled); +} + +// static +void SSLConfigServiceWin::SetTLS1Enabled(bool enabled) { + SetSSLVersionEnabled(TLS1, enabled); +} + +// static +void SSLConfigServiceWin::SetSSLVersionEnabled(int version, bool enabled) { RegKey internet_settings(HKEY_CURRENT_USER, kInternetSettingsSubKeyName, KEY_READ | KEY_WRITE); DWORD value; if (!internet_settings.ReadValueDW(kProtocolsValueName, &value)) value = PROTOCOLS_DEFAULT; if (enabled) - value |= SSL2; + value |= version; else - value &= ~SSL2; + value &= ~version; internet_settings.WriteValue(kProtocolsValueName, value); // TODO(mattm): We should call UpdateConfig after updating settings, but these // methods are static. diff --git a/net/base/ssl_config_service_win.h b/net/base/ssl_config_service_win.h index 2b37f84..e5eb862 100644 --- a/net/base/ssl_config_service_win.h +++ b/net/base/ssl_config_service_win.h @@ -30,6 +30,8 @@ class SSLConfigServiceWin : public SSLConfigService { // Setters. Can be called on any thread. static void SetRevCheckingEnabled(bool enabled); static void SetSSL2Enabled(bool enabled); + static void SetSSL3Enabled(bool enabled); + static void SetTLS1Enabled(bool enabled); // Get the (cached) SSL configuration settings that are fresh within 10 // seconds. This is cheaper than GetSSLConfigNow and is suitable when @@ -45,6 +47,8 @@ class SSLConfigServiceWin : public SSLConfigService { private: virtual ~SSLConfigServiceWin() {} + static void SetSSLVersionEnabled(int version, bool enabled); + void UpdateConfig(base::TimeTicks now); // We store the IE SSL config and the time that we fetched it. diff --git a/net/base/ssl_config_service_win_unittest.cc b/net/base/ssl_config_service_win_unittest.cc index 736f93c..1db4cef 100644 --- a/net/base/ssl_config_service_win_unittest.cc +++ b/net/base/ssl_config_service_win_unittest.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -81,6 +81,32 @@ TEST(SSLConfigServiceWinTest, SetTest) { EXPECT_FALSE(config.ssl2_enabled); net::SSLConfigServiceWin::SetSSL2Enabled(config_save.ssl2_enabled); + + // Test SetSSL3Enabled. + net::SSLConfigServiceWin::SetSSL3Enabled(true); + rv = net::SSLConfigServiceWin::GetSSLConfigNow(&config); + EXPECT_TRUE(rv); + EXPECT_TRUE(config.ssl3_enabled); + + net::SSLConfigServiceWin::SetSSL3Enabled(false); + rv = net::SSLConfigServiceWin::GetSSLConfigNow(&config); + EXPECT_TRUE(rv); + EXPECT_FALSE(config.ssl3_enabled); + + net::SSLConfigServiceWin::SetSSL3Enabled(config_save.ssl3_enabled); + + // Test SetTLS1Enabled. + net::SSLConfigServiceWin::SetTLS1Enabled(true); + rv = net::SSLConfigServiceWin::GetSSLConfigNow(&config); + EXPECT_TRUE(rv); + EXPECT_TRUE(config.tls1_enabled); + + net::SSLConfigServiceWin::SetTLS1Enabled(false); + rv = net::SSLConfigServiceWin::GetSSLConfigNow(&config); + EXPECT_TRUE(rv); + EXPECT_FALSE(config.tls1_enabled); + + net::SSLConfigServiceWin::SetTLS1Enabled(config_save.tls1_enabled); } TEST(SSLConfigServiceWinTest, GetTest) { |