1// Copyright (c) 2010 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#include "chrome/browser/ssl/ssl_add_cert_handler.h"
6
7#include "content/browser/browser_thread.h"
8#include "content/browser/renderer_host/render_view_host_delegate.h"
9#include "content/browser/renderer_host/render_view_host_notification_task.h"
10#include "content/browser/renderer_host/resource_dispatcher_host.h"
11#include "content/browser/renderer_host/resource_dispatcher_host_request_info.h"
12#include "net/base/cert_database.h"
13#include "net/base/net_errors.h"
14#include "net/base/x509_certificate.h"
15#include "net/url_request/url_request.h"
16
17SSLAddCertHandler::SSLAddCertHandler(net::URLRequest* request,
18                                     net::X509Certificate* cert,
19                                     int render_process_host_id,
20                                     int render_view_id)
21    : cert_(cert),
22      render_process_host_id_(render_process_host_id),
23      render_view_id_(render_view_id) {
24  ResourceDispatcherHostRequestInfo* info =
25      ResourceDispatcherHost::InfoForRequest(request);
26  network_request_id_ = info->request_id();
27  // Stay alive until the process completes and Finished() is called.
28  AddRef();
29  // Delay adding the certificate until the next mainloop iteration.
30  BrowserThread::PostTask(
31      BrowserThread::IO, FROM_HERE,
32      NewRunnableMethod(this, &SSLAddCertHandler::Run));
33}
34
35SSLAddCertHandler::~SSLAddCertHandler() {}
36
37void SSLAddCertHandler::Run() {
38  int cert_error;
39  {
40    net::CertDatabase db;
41    cert_error = db.CheckUserCert(cert_);
42  }
43  if (cert_error != net::OK) {
44    CallRenderViewHostSSLDelegate(
45        render_process_host_id_, render_view_id_,
46        &RenderViewHostDelegate::SSL::OnVerifyClientCertificateError,
47        scoped_refptr<SSLAddCertHandler>(this), cert_error);
48    Finished(false);
49    return;
50  }
51  // TODO(davidben): Move the existing certificate dialog elsewhere, make
52  // AskToAddCert send a message to the RenderViewHostDelegate, and ask when we
53  // cannot completely verify the certificate for whatever reason.
54
55  // AskToAddCert();
56  Finished(true);
57}
58
59#if !defined(OS_MACOSX)
60void SSLAddCertHandler::AskToAddCert() {
61  // TODO(snej): Someone should add Windows and GTK implementations with UI.
62  Finished(true);
63}
64#endif
65
66void SSLAddCertHandler::Finished(bool add_cert) {
67  if (add_cert) {
68    net::CertDatabase db;
69    int cert_error = db.AddUserCert(cert_);
70    if (cert_error != net::OK) {
71      CallRenderViewHostSSLDelegate(
72          render_process_host_id_, render_view_id_,
73          &RenderViewHostDelegate::SSL::OnAddClientCertificateError,
74          scoped_refptr<SSLAddCertHandler>(this), cert_error);
75    } else {
76      CallRenderViewHostSSLDelegate(
77          render_process_host_id_, render_view_id_,
78          &RenderViewHostDelegate::SSL::OnAddClientCertificateSuccess,
79          scoped_refptr<SSLAddCertHandler>(this));
80    }
81  }
82  // Inform the RVH that we're finished
83  CallRenderViewHostSSLDelegate(
84      render_process_host_id_, render_view_id_,
85      &RenderViewHostDelegate::SSL::OnAddClientCertificateFinished,
86      scoped_refptr<SSLAddCertHandler>(this));
87
88  Release();
89}
90