Merge changes If97c4d76,I1cd975b1

Steve Block · Android (Google) Code Review · commit a3b06ff93313 · 2011-09-27T10:52:50.000-07:00
* changes:
  Always update the WebView's SSL certificate, regardless of whether a WebViewClient has been set
  Remove superfluous synchronized modifier on SslCertLookupTable.getInstance()
diff --git a/core/java/android/webkit/BrowserFrame.java b/core/java/android/webkit/BrowserFrame.java
@@ -1159,51 +1159,49 @@ public boolean suppressDialog() {
     }
 
     /**
-     * Called by JNI when the native HTTPS stack gets an invalid cert chain.
+     * Called by JNI when the Chromium HTTP stack gets an invalid certificate chain.
      *
      * We delegate the request to CallbackProxy, and route its response to
      * {@link #nativeSslCertErrorProceed(int)} or
      * {@link #nativeSslCertErrorCancel(int, int)}.
      */
-    private void reportSslCertError(
-            final int handle, final int cert_error, byte cert_der[], String url) {
-        final SslError ssl_error;
+    private void reportSslCertError(final int handle, final int certError, byte certDER[],
+            String url) {
+        final SslError sslError;
         try {
-            X509Certificate cert = new X509CertImpl(cert_der);
+            X509Certificate cert = new X509CertImpl(certDER);
             SslCertificate sslCert = new SslCertificate(cert);
             if (JniUtil.useChromiumHttpStack()) {
-                ssl_error = SslError.SslErrorFromChromiumErrorCode(cert_error, sslCert,
+                sslError = SslError.SslErrorFromChromiumErrorCode(certError, sslCert,
                         new URL(url).getHost());
             } else {
-                ssl_error = new SslError(cert_error, cert, url);
+                sslError = new SslError(certError, cert, url);
             }
         } catch (IOException e) {
             // Can't get the certificate, not much to do.
             Log.e(LOGTAG, "Can't get the certificate from WebKit, canceling");
-            nativeSslCertErrorCancel(handle, cert_error);
+            nativeSslCertErrorCancel(handle, certError);
             return;
         }
 
-        SslErrorHandler handler = new SslErrorHandler() {
+        if (SslCertLookupTable.getInstance().isAllowed(sslError)) {
+            nativeSslCertErrorProceed(handle);
+            return;
+        }
 
+        SslErrorHandler handler = new SslErrorHandler() {
             @Override
             public void proceed() {
-                SslCertLookupTable.getInstance().Allow(ssl_error);
+                SslCertLookupTable.getInstance().setIsAllowed(sslError, true);
                 nativeSslCertErrorProceed(handle);
             }
-
             @Override
             public void cancel() {
-                SslCertLookupTable.getInstance().Deny(ssl_error);
-                nativeSslCertErrorCancel(handle, cert_error);
+                SslCertLookupTable.getInstance().setIsAllowed(sslError, false);
+                nativeSslCertErrorCancel(handle, certError);
             }
         };
-
-        if (SslCertLookupTable.getInstance().IsAllowed(ssl_error)) {
-            nativeSslCertErrorProceed(handle);
-        } else {
-            mCallbackProxy.onReceivedSslError(handler, ssl_error);
-        }
+        mCallbackProxy.onReceivedSslError(handler, sslError);
     }
 
     /**
@@ -1416,7 +1414,7 @@ public void stopLoading() {
     private native void nativeAuthenticationCancel(int handle);
 
     private native void nativeSslCertErrorProceed(int handle);
-    private native void nativeSslCertErrorCancel(int handle, int cert_error);
+    private native void nativeSslCertErrorCancel(int handle, int certError);
 
     native void nativeSslClientCert(int handle,
                                     byte[] pkcs8EncodedPrivateKey,
diff --git a/core/java/android/webkit/CallbackProxy.java b/core/java/android/webkit/CallbackProxy.java
@@ -165,8 +165,6 @@ public void setWebViewClient(WebViewClient client) {
     /**
      * Get the WebViewClient.
      * @return the current WebViewClient instance.
-     *
-     *@hide pending API council approval.
      */
     public WebViewClient getWebViewClient() {
        return mWebViewClient;
@@ -1013,10 +1011,6 @@ public void onReceivedHttpAuthRequest(HttpAuthHandler handler,
         sendMessage(msg);
     }
 
-    /**
-     * @hide - hide this because it contains a parameter of type SslError.
-     * SslError is located in a hidden package.
-     */
     public void onReceivedSslError(SslErrorHandler handler, SslError error) {
         // Do an unsynchronized quick check to avoid posting if no callback has
         // been set.
@@ -1031,9 +1025,7 @@ public void onReceivedSslError(SslErrorHandler handler, SslError error) {
         msg.obj = map;
         sendMessage(msg);
     }
-    /**
-     * @hide
-     */
+
     public void onReceivedClientCertRequest(ClientCertRequestHandler handler, String host_and_port) {
         // Do an unsynchronized quick check to avoid posting if no callback has
         // been set.
@@ -1048,17 +1040,8 @@ public void onReceivedClientCertRequest(ClientCertRequestHandler handler, String
         msg.obj = map;
         sendMessage(msg);
     }
-    /**
-     * @hide - hide this because it contains a parameter of type SslCertificate,
-     * which is located in a hidden package.
-     */
 
     public void onReceivedCertificate(SslCertificate certificate) {
-        // Do an unsynchronized quick check to avoid posting if no callback has
-        // been set.
-        if (mWebViewClient == null) {
-            return;
-        }
         // here, certificate can be null (if the site is not secure)
         sendMessage(obtainMessage(RECEIVED_CERTIFICATE, certificate));
     }
diff --git a/core/java/android/webkit/SslCertLookupTable.java b/core/java/android/webkit/SslCertLookupTable.java
@@ -20,14 +20,15 @@
 import android.net.http.SslError;
 
 /**
- * A simple class to store the wrong certificates that user is aware but
- * chose to proceed.
+ * Stores the user's decision of whether to allow or deny an invalid certificate.
+ *
+ * This class is not threadsafe. It is used only on the WebCore thread.
  */
 final class SslCertLookupTable {
     private static SslCertLookupTable sTable;
     private final Bundle table;
 
-    public static synchronized SslCertLookupTable getInstance() {
+    public static SslCertLookupTable getInstance() {
         if (sTable == null) {
             sTable = new SslCertLookupTable();
         }
@@ -38,15 +39,11 @@ private SslCertLookupTable() {
         table = new Bundle();
     }
 
-    public void Allow(SslError ssl_error) {
-        table.putBoolean(ssl_error.toString(), true);
-    }
-
-    public void Deny(SslError ssl_error) {
-        table.putBoolean(ssl_error.toString(), false);
+    public void setIsAllowed(SslError sslError, boolean allow) {
+        table.putBoolean(sslError.toString(), allow);
     }
 
-    public boolean IsAllowed(SslError ssl_error) {
-        return table.getBoolean(ssl_error.toString());
+    public boolean isAllowed(SslError sslError) {
+        return table.getBoolean(sslError.toString());
     }
 }
