SSL-related cleanup in BrowserFrame and SslCertLookupTable

Steve Block · Steve Block · commit bf52c0ea1048 · 2011-10-05T13:32:32.000+01:00
- Fix a comment in BrowserFrame.certificate()
- Simplify SslCertLookupTable by not storing 'deny' decisions.
  We only need to store 'allow' decisions, as we don't re-use 'deny' decisions.

No change in behaviour.

Bug: 5409251
Change-Id: I447cd1966fbb6c2dea8088b2e4c4e2de22405cb9
diff --git a/core/java/android/webkit/BrowserFrame.java b/core/java/android/webkit/BrowserFrame.java
@@ -471,8 +471,6 @@ private void loadFinished(String url, int loadType, boolean isMainFrame) {
 
     /**
      * We have received an SSL certificate for the main top-level page.
-     *
-     * !!!Called from the network thread!!!
      */
     void certificate(SslCertificate certificate) {
         if (mIsMainFrame) {
@@ -1186,12 +1184,11 @@ private void reportSslCertError(final int handle, final int certError, byte cert
         SslErrorHandler handler = new SslErrorHandler() {
             @Override
             public void proceed() {
-                SslCertLookupTable.getInstance().setIsAllowed(sslError, true);
+                SslCertLookupTable.getInstance().setIsAllowed(sslError);
                 nativeSslCertErrorProceed(handle);
             }
             @Override
             public void cancel() {
-                SslCertLookupTable.getInstance().setIsAllowed(sslError, false);
                 nativeSslCertErrorCancel(handle, certError);
             }
         };
diff --git a/core/java/android/webkit/SslCertLookupTable.java b/core/java/android/webkit/SslCertLookupTable.java
@@ -25,7 +25,8 @@
 /**
  * Stores the user's decision of whether to allow or deny an invalid certificate.
  *
- * This class is not threadsafe. It is used only on the WebCore thread.
+ * This class is not threadsafe. It is used only on the WebCore thread. Also, it
+ * is used only by the Chromium HTTP stack.
  */
 final class SslCertLookupTable {
     private static SslCertLookupTable sTable;
@@ -42,11 +43,11 @@ private SslCertLookupTable() {
         table = new Bundle();
     }
 
-    public void setIsAllowed(SslError sslError, boolean allow) {
+    public void setIsAllowed(SslError sslError) {
         // TODO: We should key on just the host. See http://b/5409251.
         String errorString = sslErrorToString(sslError);
         if (errorString != null) {
-            table.putBoolean(errorString, allow);
+            table.putBoolean(errorString, true);
         }
     }
 

Original file line number	Diff line number	Diff line change
`@@ -25,7 +25,8 @@`
`25`	`25`	`/**`
`26`	`26`	`* Stores the user's decision of whether to allow or deny an invalid certificate.`
`27`	`27`	`*`
`28`		`- * This class is not threadsafe. It is used only on the WebCore thread.`
	`28`	`+ * This class is not threadsafe. It is used only on the WebCore thread. Also, it`
	`29`	`+ * is used only by the Chromium HTTP stack.`
`29`	`30`	`*/`
`30`	`31`	`final class SslCertLookupTable {`
`31`	`32`	`private static SslCertLookupTable sTable;`
`@@ -42,11 +43,11 @@ private SslCertLookupTable() {`
`42`	`43`	`table = new Bundle();`
`43`	`44`	`}`
`44`	`45`
`45`		`- public void setIsAllowed(SslError sslError, boolean allow) {`
	`46`	`+ public void setIsAllowed(SslError sslError) {`
`46`	`47`	`// TODO: We should key on just the host. See http://b/5409251.`
`47`	`48`	`String errorString = sslErrorToString(sslError);`
`48`	`49`	`if (errorString != null) {`
`49`		`- table.putBoolean(errorString, allow);`
	`50`	`+ table.putBoolean(errorString, true);`
`50`	`51`	`}`
`51`	`52`	`}`
`52`	`53`