mirror of
				https://bitbucket.org/chromiumembedded/cef
				synced 2025-06-05 21:39:12 +02:00 
			
		
		
		
	
		
			
				
	
	
		
			66 lines
		
	
	
		
			2.0 KiB
		
	
	
	
		
			C++
		
	
	
	
	
	
			
		
		
	
	
			66 lines
		
	
	
		
			2.0 KiB
		
	
	
	
		
			C++
		
	
	
	
	
	
| // Copyright 2017 The Chromium Embedded Framework Authors. All rights
 | |
| // reserved. Use of this source code is governed by a BSD-style license that can
 | |
| // be found in the LICENSE file.
 | |
| 
 | |
| #include "include/cef_file_util.h"
 | |
| 
 | |
| #include "libcef/browser/context.h"
 | |
| #include "libcef/browser/thread_util.h"
 | |
| 
 | |
| #include "base/files/file_util.h"
 | |
| #include "base/logging.h"
 | |
| #include "base/task_scheduler/post_task.h"
 | |
| #include "base/threading/thread_restrictions.h"
 | |
| #include "net/cert/crl_set.h"
 | |
| #include "net/cert/crl_set_storage.h"
 | |
| #include "net/ssl/ssl_config_service.h"
 | |
| 
 | |
| namespace {
 | |
| 
 | |
| // Based on chrome/browser/net/crl_set_fetcher.cc.
 | |
| 
 | |
| void SetCRLSetIfNewer(scoped_refptr<net::CRLSet> crl_set) {
 | |
|   CEF_REQUIRE_IOT();
 | |
| 
 | |
|   scoped_refptr<net::CRLSet> old_crl_set(net::SSLConfigService::GetCRLSet());
 | |
|   if (old_crl_set.get() && old_crl_set->sequence() > crl_set->sequence()) {
 | |
|     LOG(WARNING) << "Refusing to downgrade CRL set from #"
 | |
|                  << old_crl_set->sequence() << "to #" << crl_set->sequence();
 | |
|   } else {
 | |
|     net::SSLConfigService::SetCRLSet(crl_set);
 | |
|     VLOG(1) << "Installed CRL set #" << crl_set->sequence();
 | |
|   }
 | |
| }
 | |
| 
 | |
| void LoadFromDisk(const base::FilePath& path) {
 | |
|   base::ThreadRestrictions::AssertIOAllowed();
 | |
| 
 | |
|   std::string crl_set_bytes;
 | |
|   if (!base::ReadFileToString(path, &crl_set_bytes)) {
 | |
|     LOG(WARNING) << "Failed to read CRL set from " << path.MaybeAsASCII();
 | |
|     return;
 | |
|   }
 | |
| 
 | |
|   scoped_refptr<net::CRLSet> crl_set;
 | |
|   if (!net::CRLSetStorage::Parse(crl_set_bytes, &crl_set)) {
 | |
|     LOG(WARNING) << "Failed to parse CRL set from " << path.MaybeAsASCII();
 | |
|     return;
 | |
|   }
 | |
| 
 | |
|   VLOG(1) << "Loaded " << crl_set_bytes.size() << " bytes of CRL set from disk";
 | |
|   CEF_POST_TASK(CEF_IOT, base::BindOnce(&SetCRLSetIfNewer, crl_set));
 | |
| }
 | |
| 
 | |
| }  // namespace
 | |
| 
 | |
| void CefLoadCRLSetsFile(const CefString& path) {
 | |
|   if (!CONTEXT_STATE_VALID()) {
 | |
|     NOTREACHED() << "context not valid";
 | |
|     return;
 | |
|   }
 | |
| 
 | |
|   base::PostTaskWithTraits(FROM_HERE,
 | |
|                            {base::TaskPriority::BACKGROUND, base::MayBlock()},
 | |
|                            base::BindOnce(&LoadFromDisk, path));
 | |
| }
 |