diff options
Diffstat (limited to 'content/browser/ssl')
| -rw-r--r-- | content/browser/ssl/ssl_cert_error_handler.cc | 16 | ||||
| -rw-r--r-- | content/browser/ssl/ssl_cert_error_handler.h | 10 | ||||
| -rw-r--r-- | content/browser/ssl/ssl_manager.cc | 14 | ||||
| -rw-r--r-- | content/browser/ssl/ssl_manager.h | 5 | ||||
| -rw-r--r-- | content/browser/ssl/ssl_policy.cc | 2 |
5 files changed, 25 insertions, 22 deletions
diff --git a/content/browser/ssl/ssl_cert_error_handler.cc b/content/browser/ssl/ssl_cert_error_handler.cc index c668b41..6af1497 100644 --- a/content/browser/ssl/ssl_cert_error_handler.cc +++ b/content/browser/ssl/ssl_cert_error_handler.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2009 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -6,22 +6,20 @@ #include "content/browser/renderer_host/resource_dispatcher_host.h" #include "content/browser/ssl/ssl_policy.h" +#include "net/base/cert_status_flags.h" #include "net/base/x509_certificate.h" SSLCertErrorHandler::SSLCertErrorHandler( ResourceDispatcherHost* rdh, net::URLRequest* request, ResourceType::Type resource_type, - int cert_error, - net::X509Certificate* cert) + const net::SSLInfo& ssl_info, + bool is_hsts_host) : SSLErrorHandler(rdh, request, resource_type), - cert_error_(cert_error) { + ssl_info_(ssl_info), + cert_error_(net::MapCertStatusToNetError(ssl_info.cert_status)), + is_hsts_host_(is_hsts_host) { DCHECK(request == resource_dispatcher_host_->GetURLRequest(request_id_)); - - // We cannot use the request->ssl_info(), it's not been initialized yet, so - // we have to set the fields manually. - ssl_info_.cert = cert; - ssl_info_.SetCertError(cert_error); } SSLCertErrorHandler* SSLCertErrorHandler::AsSSLCertErrorHandler() { diff --git a/content/browser/ssl/ssl_cert_error_handler.h b/content/browser/ssl/ssl_cert_error_handler.h index 6dcbe0f..62b1a1e 100644 --- a/content/browser/ssl/ssl_cert_error_handler.h +++ b/content/browser/ssl/ssl_cert_error_handler.h @@ -1,4 +1,4 @@ -// Copyright (c) 2009 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -24,14 +24,15 @@ class SSLCertErrorHandler : public SSLErrorHandler { SSLCertErrorHandler(ResourceDispatcherHost* rdh, net::URLRequest* request, ResourceType::Type resource_type, - int cert_error, - net::X509Certificate* cert); + const net::SSLInfo& ssl_info, + bool is_hsts_host); virtual SSLCertErrorHandler* AsSSLCertErrorHandler(); // These accessors are available on either thread const net::SSLInfo& ssl_info() const { return ssl_info_; } int cert_error() const { return cert_error_; } + bool is_hsts_host() const { return is_hsts_host_; } protected: // SSLErrorHandler methods @@ -42,8 +43,9 @@ class SSLCertErrorHandler : public SSLErrorHandler { virtual ~SSLCertErrorHandler(); // These read-only members may be accessed on any thread. - net::SSLInfo ssl_info_; + const net::SSLInfo ssl_info_; const int cert_error_; // The error we represent. + const bool is_hsts_host_; // true if the error is from an HSTS host. DISALLOW_COPY_AND_ASSIGN(SSLCertErrorHandler); }; diff --git a/content/browser/ssl/ssl_manager.cc b/content/browser/ssl/ssl_manager.cc index 6ae6fb9..83b4d66 100644 --- a/content/browser/ssl/ssl_manager.cc +++ b/content/browser/ssl/ssl_manager.cc @@ -24,10 +24,12 @@ // static void SSLManager::OnSSLCertificateError(ResourceDispatcherHost* rdh, net::URLRequest* request, - int cert_error, - net::X509Certificate* cert) { - DVLOG(1) << "OnSSLCertificateError() cert_error: " << cert_error - << " url: " << request->url().spec(); + const net::SSLInfo& ssl_info, + bool is_hsts_host) { + DVLOG(1) << "OnSSLCertificateError() cert_error: " + << net::MapCertStatusToNetError(ssl_info.cert_status) + << " url: " << request->url().spec() + << " cert_status: " << std::hex << ssl_info.cert_status; ResourceDispatcherHostRequestInfo* info = ResourceDispatcherHost::InfoForRequest(request); @@ -39,8 +41,8 @@ void SSLManager::OnSSLCertificateError(ResourceDispatcherHost* rdh, NewRunnableMethod(new SSLCertErrorHandler(rdh, request, info->resource_type(), - cert_error, - cert), + ssl_info, + is_hsts_host), &SSLCertErrorHandler::Dispatch)); } diff --git a/content/browser/ssl/ssl_manager.h b/content/browser/ssl/ssl_manager.h index 24892bf..abb9522 100644 --- a/content/browser/ssl/ssl_manager.h +++ b/content/browser/ssl/ssl_manager.h @@ -28,6 +28,7 @@ class ResourceRequestDetails; class SSLPolicy; namespace net { +class SSLInfo; class URLRequest; } // namespace net @@ -49,8 +50,8 @@ class SSLManager : public NotificationObserver { // Called on the IO thread. static void OnSSLCertificateError(ResourceDispatcherHost* resource_dispatcher, net::URLRequest* request, - int cert_error, - net::X509Certificate* cert); + const net::SSLInfo& ssl_info, + bool is_hsts_host); // Called when SSL state for a host or tab changes. Broadcasts the // SSL_INTERNAL_STATE_CHANGED notification. diff --git a/content/browser/ssl/ssl_policy.cc b/content/browser/ssl/ssl_policy.cc index 1d9f3f6..256c27f 100644 --- a/content/browser/ssl/ssl_policy.cc +++ b/content/browser/ssl/ssl_policy.cc @@ -58,7 +58,7 @@ void SSLPolicy::OnCertError(SSLCertErrorHandler* handler) { case net::ERR_CERT_DATE_INVALID: case net::ERR_CERT_AUTHORITY_INVALID: case net::ERR_CERT_WEAK_SIGNATURE_ALGORITHM: - OnCertErrorInternal(handler, true); + OnCertErrorInternal(handler, !handler->is_hsts_host()); break; case net::ERR_CERT_NO_REVOCATION_MECHANISM: // Ignore this error. |