Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(269)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/url_request/url_request_http_job.cc

Issue 8467031: net: make pinning enforcement timeout after ten weeks. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: ... Created 9 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/url_request/url_request_http_job.h" 5 #include "net/url_request/url_request_http_job.h"
6 6
7 #include "base/base_switches.h"
7 #include "base/bind.h" 8 #include "base/bind.h"
8 #include "base/base_switches.h" 9 #include "base/build_time.h"
9 #include "base/command_line.h" 10 #include "base/command_line.h"
10 #include "base/compiler_specific.h" 11 #include "base/compiler_specific.h"
11 #include "base/file_util.h" 12 #include "base/file_util.h"
12 #include "base/file_version_info.h" 13 #include "base/file_version_info.h"
13 #include "base/message_loop.h" 14 #include "base/message_loop.h"
14 #include "base/metrics/field_trial.h" 15 #include "base/metrics/field_trial.h"
15 #include "base/metrics/histogram.h" 16 #include "base/metrics/histogram.h"
16 #include "base/rand_util.h" 17 #include "base/rand_util.h"
17 #include "base/string_util.h" 18 #include "base/string_util.h"
18 #include "base/time.h" 19 #include "base/time.h"
(...skipping 659 matching lines...) Expand 10 before | Expand all | Expand 10 after
678 context_->transport_security_state()) { 679 context_->transport_security_state()) {
679 TransportSecurityState::DomainState domain_state; 680 TransportSecurityState::DomainState domain_state;
680 bool sni_available = SSLConfigService::IsSNIAvailable( 681 bool sni_available = SSLConfigService::IsSNIAvailable(
681 context_->ssl_config_service()); 682 context_->ssl_config_service());
682 std::string host = request_->url().host(); 683 std::string host = request_->url().host();
683 684
684 if (context_->transport_security_state()->HasPinsForHost( 685 if (context_->transport_security_state()->HasPinsForHost(
685 &domain_state, host, sni_available)) { 686 &domain_state, host, sni_available)) {
686 if (!domain_state.IsChainOfPublicKeysPermitted( 687 if (!domain_state.IsChainOfPublicKeysPermitted(
687 ssl_info.public_key_hashes)) { 688 ssl_info.public_key_hashes)) {
688 result = ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN; 689 const base::Time build_time = base::GetBuildTime();
689 UMA_HISTOGRAM_BOOLEAN("Net.PublicKeyPinSuccess", false); 690 if ((base::Time::Now() - build_time).InDays() < 70 /* 10 weeks */) {
wtc 2011/11/15 02:49:31 Please add a comment to explain the purpose of thi
690 TransportSecurityState::ReportUMAOnPinFailure(host); 691 result = ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN;
691 FraudulentCertificateReporter* reporter = 692 UMA_HISTOGRAM_BOOLEAN("Net.PublicKeyPinSuccess", false);
692 context_->fraudulent_certificate_reporter(); 693 TransportSecurityState::ReportUMAOnPinFailure(host);
693 if (reporter != NULL) 694 FraudulentCertificateReporter* reporter =
694 reporter->SendReport(host, ssl_info, sni_available); 695 context_->fraudulent_certificate_reporter();
696 if (reporter != NULL)
697 reporter->SendReport(host, ssl_info, sni_available);
698 }
695 } else { 699 } else {
696 UMA_HISTOGRAM_BOOLEAN("Net.PublicKeyPinSuccess", true); 700 UMA_HISTOGRAM_BOOLEAN("Net.PublicKeyPinSuccess", true);
697 } 701 }
698 } 702 }
699 } 703 }
700 } 704 }
701 #endif 705 #endif
702 706
703 if (result == OK) { 707 if (result == OK) {
704 scoped_refptr<HttpResponseHeaders> headers = GetResponseHeaders(); 708 scoped_refptr<HttpResponseHeaders> headers = GetResponseHeaders();
(...skipping 725 matching lines...) Expand 10 before | Expand all | Expand 10 after
1430 return override_response_headers_.get() ? 1434 return override_response_headers_.get() ?
1431 override_response_headers_ : 1435 override_response_headers_ :
1432 transaction_->GetResponseInfo()->headers; 1436 transaction_->GetResponseInfo()->headers;
1433 } 1437 }
1434 1438
1435 void URLRequestHttpJob::NotifyURLRequestDestroyed() { 1439 void URLRequestHttpJob::NotifyURLRequestDestroyed() {
1436 awaiting_callback_ = false; 1440 awaiting_callback_ = false;
1437 } 1441 }
1438 1442
1439 } // namespace net 1443 } // namespace net
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698