diff options
author | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2018-03-12 12:55:30 +0100 |
---|---|---|
committer | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2018-03-20 00:35:30 +0000 |
commit | 831d20bfb1bd677245c1fbdd5ded0fc757c44541 (patch) | |
tree | cee7be7e1339515100d0b525363682a87a91e50a /src/core/net/ssl_host_state_delegate_qt.cpp | |
parent | ff2cccda960027744e63392a6b6ef6ef8a4657ba (diff) |
Cleanup file locations
Move printing and network specific classes to subdirectories so we have
fewer files in the main dir.
Change-Id: I675b1b8b8fd1588061104cec181087f305b44f98
Reviewed-by: Kai Koehne <kai.koehne@qt.io>
Diffstat (limited to 'src/core/net/ssl_host_state_delegate_qt.cpp')
-rw-r--r-- | src/core/net/ssl_host_state_delegate_qt.cpp | 147 |
1 files changed, 147 insertions, 0 deletions
diff --git a/src/core/net/ssl_host_state_delegate_qt.cpp b/src/core/net/ssl_host_state_delegate_qt.cpp new file mode 100644 index 000000000..d8f73abda --- /dev/null +++ b/src/core/net/ssl_host_state_delegate_qt.cpp @@ -0,0 +1,147 @@ +/**************************************************************************** +** +** Copyright (C) 2016 The Qt Company Ltd. +** Contact: https://www.qt.io/licensing/ +** +** This file is part of the QtWebEngine module of the Qt Toolkit. +** +** $QT_BEGIN_LICENSE:LGPL$ +** Commercial License Usage +** Licensees holding valid commercial Qt licenses may use this file in +** accordance with the commercial license agreement provided with the +** Software or, alternatively, in accordance with the terms contained in +** a written agreement between you and The Qt Company. For licensing terms +** and conditions see https://www.qt.io/terms-conditions. For further +** information use the contact form at https://www.qt.io/contact-us. +** +** GNU Lesser General Public License Usage +** Alternatively, this file may be used under the terms of the GNU Lesser +** General Public License version 3 as published by the Free Software +** Foundation and appearing in the file LICENSE.LGPL3 included in the +** packaging of this file. Please review the following information to +** ensure the GNU Lesser General Public License version 3 requirements +** will be met: https://www.gnu.org/licenses/lgpl-3.0.html. +** +** GNU General Public License Usage +** Alternatively, this file may be used under the terms of the GNU +** General Public License version 2.0 or (at your option) the GNU General +** Public license version 3 or any later version approved by the KDE Free +** Qt Foundation. The licenses are as published by the Free Software +** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3 +** included in the packaging of this file. Please review the following +** information to ensure the GNU General Public License requirements will +** be met: https://www.gnu.org/licenses/gpl-2.0.html and +** https://www.gnu.org/licenses/gpl-3.0.html. +** +** $QT_END_LICENSE$ +** +****************************************************************************/ + +#include "base/callback.h" + +#include "ssl_host_state_delegate_qt.h" + +#include "type_conversion.h" + +namespace QtWebEngineCore { + +// Mirrors implementation in aw_ssl_host_state_delegate.cc + +CertPolicy::CertPolicy() +{ +} + +CertPolicy::~CertPolicy() +{ +} + +// For an allowance, we consider a given |cert| to be a match to a saved +// allowed cert if the |error| is an exact match to or subset of the errors +// in the saved CertStatus. +bool CertPolicy::Check(const net::X509Certificate &cert, net::CertStatus error) const +{ + net::SHA256HashValue fingerprint = cert.CalculateChainFingerprint256(); + auto allowed_iter = m_allowed.find(fingerprint); + if ((allowed_iter != m_allowed.end()) && (allowed_iter->second & error) && ((allowed_iter->second & error) == error)) + return true; + return false; +} + +void CertPolicy::Allow(const net::X509Certificate& cert, net::CertStatus error) +{ + net::SHA256HashValue fingerprint = cert.CalculateChainFingerprint256(); + m_allowed[fingerprint] |= error; +} + +SSLHostStateDelegateQt::SSLHostStateDelegateQt() +{ +} + +SSLHostStateDelegateQt::~SSLHostStateDelegateQt() +{ +} + +void SSLHostStateDelegateQt::AllowCert(const std::string &host, const net::X509Certificate &cert, net::CertStatus error) +{ + m_certPolicyforHost[host].Allow(cert, error); +} + +// Clear all allow preferences. +void SSLHostStateDelegateQt::Clear(const base::Callback<bool(const std::string&)>& host_filter) +{ + if (host_filter.is_null()) { + m_certPolicyforHost.clear(); + return; + } + + for (auto it = m_certPolicyforHost.begin(); it != m_certPolicyforHost.end();) { + auto next_it = std::next(it); + + if (host_filter.Run(it->first)) + m_certPolicyforHost.erase(it); + + it = next_it; + } +} + +// Queries whether |cert| is allowed for |host| and |error|. Returns true in +// |expired_previous_decision| if a previous user decision expired immediately +// prior to this query, otherwise false. +content::SSLHostStateDelegate::CertJudgment SSLHostStateDelegateQt::QueryPolicy( + const std::string &host, const net::X509Certificate &cert, + net::CertStatus error,bool *expired_previous_decision) +{ + return m_certPolicyforHost[host].Check(cert, error) ? SSLHostStateDelegate::ALLOWED : SSLHostStateDelegate::DENIED; +} + +// Records that a host has run insecure content. +void SSLHostStateDelegateQt::HostRanInsecureContent(const std::string &host, int pid, InsecureContentType content_type) +{ +} + +// Returns whether the specified host ran insecure content. +bool SSLHostStateDelegateQt::DidHostRunInsecureContent(const std::string &host, int pid, InsecureContentType content_type) const +{ + return false; +} + +// Revokes all SSL certificate error allow exceptions made by the user for +// |host|. +void SSLHostStateDelegateQt::RevokeUserAllowExceptions(const std::string &host) +{ + m_certPolicyforHost.erase(host); +} + +// Returns whether the user has allowed a certificate error exception for +// |host|. This does not mean that *all* certificate errors are allowed, just +// that there exists an exception. To see if a particular certificate and +// error combination exception is allowed, use QueryPolicy(). +bool SSLHostStateDelegateQt::HasAllowException(const std::string &host) const +{ + auto policy_iterator = m_certPolicyforHost.find(host); + return policy_iterator != m_certPolicyforHost.end() && + policy_iterator->second.HasAllowException(); +} + + +} // namespace QtWebEngineCore |