• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef CHROME_BROWSER_SSL_SSL_MANAGER_H_
6 #define CHROME_BROWSER_SSL_SSL_MANAGER_H_
7 #pragma once
8 
9 #include <string>
10 
11 #include "base/basictypes.h"
12 #include "base/memory/scoped_ptr.h"
13 #include "base/string16.h"
14 #include "chrome/browser/ssl/ssl_policy_backend.h"
15 #include "content/common/notification_observer.h"
16 #include "content/common/notification_registrar.h"
17 #include "googleurl/src/gurl.h"
18 #include "net/base/net_errors.h"
19 
20 class LoadFromMemoryCacheDetails;
21 class NavigationController;
22 class NavigationEntry;
23 class ProvisionalLoadDetails;
24 class ResourceDispatcherHost;
25 class ResourceRedirectDetails;
26 class ResourceRequestDetails;
27 class SSLPolicy;
28 
29 namespace net {
30 class URLRequest;
31 }  // namespace net
32 
33 // The SSLManager SSLManager controls the SSL UI elements in a TabContents.  It
34 // listens for various events that influence when these elements should or
35 // should not be displayed and adjusts them accordingly.
36 //
37 // There is one SSLManager per tab.
38 // The security state (secure/insecure) is stored in the navigation entry.
39 // Along with it are stored any SSL error code and the associated cert.
40 
41 class SSLManager : public NotificationObserver {
42  public:
43   // Entry point for SSLCertificateErrors.  This function begins the process
44   // of resolving a certificate error during an SSL connection.  SSLManager
45   // will adjust the security UI and either call |Cancel| or
46   // |ContinueDespiteLastError| on the net::URLRequest.
47   //
48   // Called on the IO thread.
49   static void OnSSLCertificateError(ResourceDispatcherHost* resource_dispatcher,
50                                     net::URLRequest* request,
51                                     int cert_error,
52                                     net::X509Certificate* cert);
53 
54   // Called when SSL state for a host or tab changes.  Broadcasts the
55   // SSL_INTERNAL_STATE_CHANGED notification.
56   static void NotifySSLInternalStateChanged();
57 
58   // Convenience methods for serializing/deserializing the security info.
59   static std::string SerializeSecurityInfo(int cert_id,
60                                            int cert_status,
61                                            int security_bits,
62                                            int connection_status);
63   static bool DeserializeSecurityInfo(const std::string& state,
64                                       int* cert_id,
65                                       int* cert_status,
66                                       int* security_bits,
67                                       int* connection_status);
68 
69   // Returns "<organization_name> [<country>]".
70   static string16 GetEVCertName(const net::X509Certificate& cert);
71 
72   // Construct an SSLManager for the specified tab.
73   // If |delegate| is NULL, SSLPolicy::GetDefaultPolicy() is used.
74   explicit SSLManager(NavigationController* controller);
75   ~SSLManager();
76 
policy()77   SSLPolicy* policy() { return policy_.get(); }
backend()78   SSLPolicyBackend* backend() { return &backend_; }
79 
80   // The navigation controller associated with this SSLManager.  The
81   // NavigationController is guaranteed to outlive the SSLManager.
controller()82   NavigationController* controller() { return controller_; }
83 
84   // This entry point is called directly (instead of via the notification
85   // service) because we need more precise control of the order in which folks
86   // are notified of this event.
87   void DidCommitProvisionalLoad(const NotificationDetails& details);
88 
89   // Insecure content entry point.
90   void DidRunInsecureContent(const std::string& security_origin);
91 
92   // Called to determine if there were any processed SSL errors from request.
93   bool ProcessedSSLErrorFromRequest() const;
94 
95   // Entry point for navigation.  This function begins the process of updating
96   // the security UI when the main frame navigates to a new URL.
97   //
98   // Called on the UI thread.
99   virtual void Observe(NotificationType type,
100                        const NotificationSource& source,
101                        const NotificationDetails& details);
102 
103  private:
104   // Entry points for notifications to which we subscribe. Note that
105   // DidCommitProvisionalLoad uses the abstract NotificationDetails type since
106   // the type we need is in NavigationController which would create a circular
107   // header file dependency.
108   void DidLoadFromMemoryCache(LoadFromMemoryCacheDetails* details);
109   void DidStartResourceResponse(ResourceRequestDetails* details);
110   void DidReceiveResourceRedirect(ResourceRedirectDetails* details);
111   void DidChangeSSLInternalState();
112 
113   // Update the NavigationEntry with our current state.
114   void UpdateEntry(NavigationEntry* entry);
115 
116   // The backend for the SSLPolicy to actuate its decisions.
117   SSLPolicyBackend backend_;
118 
119   // The SSLPolicy instance for this manager.
120   scoped_ptr<SSLPolicy> policy_;
121 
122   // The NavigationController that owns this SSLManager.  We are responsible
123   // for the security UI of this tab.
124   NavigationController* controller_;
125 
126   // Handles registering notifications with the NotificationService.
127   NotificationRegistrar registrar_;
128 
129   DISALLOW_COPY_AND_ASSIGN(SSLManager);
130 };
131 
132 #endif  // CHROME_BROWSER_SSL_SSL_MANAGER_H_
133