1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "content/browser/ssl/ssl_host_state.h"
7 #include "base/logging.h"
8 #include "base/lazy_instance.h"
9 #include "content/public/browser/browser_context.h"
10 #include "content/public/browser/ssl_host_state_delegate.h"
11 #include "net/http/http_transaction_factory.h"
12 #include "net/url_request/url_request_context.h"
13 #include "net/url_request/url_request_context_getter.h"
15 const char kKeyName
[] = "content_ssl_host_state";
19 SSLHostState
* SSLHostState::GetFor(BrowserContext
* context
) {
20 SSLHostState
* rv
= static_cast<SSLHostState
*>(context
->GetUserData(kKeyName
));
22 rv
= new SSLHostState();
23 rv
->delegate_
= context
->GetSSLHostStateDelegate();
24 // |context| may be NULL, implementing the default storage strategy.
26 context
->SetUserData(kKeyName
, rv
);
31 SSLHostState::SSLHostState() {
34 SSLHostState::~SSLHostState() {
37 void SSLHostState::HostRanInsecureContent(const std::string
& host
, int pid
) {
38 DCHECK(CalledOnValidThread());
39 ran_insecure_content_hosts_
.insert(BrokenHostEntry(host
, pid
));
42 bool SSLHostState::DidHostRunInsecureContent(const std::string
& host
,
44 DCHECK(CalledOnValidThread());
45 return !!ran_insecure_content_hosts_
.count(BrokenHostEntry(host
, pid
));
48 void SSLHostState::DenyCertForHost(net::X509Certificate
* cert
,
49 const std::string
& host
,
50 net::CertStatus error
) {
51 DCHECK(CalledOnValidThread());
56 delegate_
->DenyCert(host
, cert
, error
);
59 void SSLHostState::AllowCertForHost(net::X509Certificate
* cert
,
60 const std::string
& host
,
61 net::CertStatus error
) {
62 DCHECK(CalledOnValidThread());
67 delegate_
->AllowCert(host
, cert
, error
);
70 void SSLHostState::RevokeAllowAndDenyPreferences(const std::string
& host
) {
71 DCHECK(CalledOnValidThread());
76 // TODO(jww): This will revoke all of the decisions in the browser context.
77 // However, the networking stack actually keeps track of its own list of
78 // exceptions per-HttpNetworkTransaction in the SSLConfig structure (see the
79 // allowed_bad_certs Vector in net/ssl/ssl_config.h). This dual-tracking of
80 // exceptions introduces a problem where the browser context can revoke a
81 // certificate, but if a transaction reuses a cached version of the SSLConfig
82 // (probably from a pooled socket), it may bypass the intestitial layer.
84 // Over time, the cached versions should expire and it should converge on
85 // showing the interstitial. We probably need to
86 // introduce into the networking stack a way revoke SSLConfig's
87 // allowed_bad_certs lists per socket.
88 delegate_
->RevokeAllowAndDenyPreferences(host
);
91 bool SSLHostState::HasAllowedOrDeniedCert(const std::string
& host
) {
92 DCHECK(CalledOnValidThread());
97 return delegate_
->HasAllowedOrDeniedCert(host
);
100 void SSLHostState::Clear() {
107 net::CertPolicy::Judgment
SSLHostState::QueryPolicy(net::X509Certificate
* cert
,
108 const std::string
& host
,
109 net::CertStatus error
) {
110 DCHECK(CalledOnValidThread());
113 return net::CertPolicy::Judgment::UNKNOWN
;
115 return delegate_
->QueryPolicy(host
, cert
, error
);
118 } // namespace content