Chromium Code Reviews Chromium Code Reviews
Issue 1134283003:
Add HTTP certificate report URL with Finch gate (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/net/certificate_error_reporter.h" | 5 #include "chrome/browser/net/certificate_error_reporter.h" |
| 6 | 6 |
| 7 #include <set> | 7 #include <set> |
| 8 | 8 |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/metrics/field_trial.h" | |
| 10 #include "base/stl_util.h" | 11 #include "base/stl_util.h" |
| 11 #include "base/time/time.h" | 12 #include "base/time/time.h" |
| 12 #include "chrome/browser/net/cert_logger.pb.h" | 13 #include "chrome/browser/net/cert_logger.pb.h" |
| 13 | 14 |
| 14 #if defined(USE_OPENSSL) | 15 #if defined(USE_OPENSSL) |
| 15 #include "crypto/aead_openssl.h" | 16 #include "crypto/aead_openssl.h" |
| 16 #endif | 17 #endif |
| 17 | 18 |
| 18 #include "crypto/curve25519.h" | 19 #include "crypto/curve25519.h" |
| 19 #include "crypto/hkdf.h" | 20 #include "crypto/hkdf.h" |
| (...skipping 97 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 117 report->add_cert_error( | 118 report->add_cert_error( |
| 118 CertLoggerRequest::ERR_CERT_UNABLE_TO_CHECK_REVOCATION); | 119 CertLoggerRequest::ERR_CERT_UNABLE_TO_CHECK_REVOCATION); |
| 119 if (cert_status & net::CERT_STATUS_NO_REVOCATION_MECHANISM) | 120 if (cert_status & net::CERT_STATUS_NO_REVOCATION_MECHANISM) |
| 120 report->add_cert_error(CertLoggerRequest::ERR_CERT_NO_REVOCATION_MECHANISM); | 121 report->add_cert_error(CertLoggerRequest::ERR_CERT_NO_REVOCATION_MECHANISM); |
| 121 } | 122 } |
| 122 | 123 |
| 123 } // namespace | 124 } // namespace |
| 124 | 125 |
| 125 namespace chrome_browser_net { | 126 namespace chrome_browser_net { |
| 126 | 127 |
| 128 // Constants for the Finch trial that controls whether the | |
| 129 // CertificateErrorReporter supports HTTP uploads. | |
| 130 const char kHttpCertificateUploadExperiment[] = | |
|
felt
2015/05/13 20:24:12
are these in the shared namespace for the unit tes
estark
2015/05/13 20:25:45
Yes. Should I put a comment saying so?
felt
2015/05/13 21:03:34
No, just htinking that normally they would be in a
| |
| 131 "ReportCertificateErrorsOverHttp"; | |
| 132 const char kHttpCertificateUploadGroup[] = "UploadReportsOverHttp"; | |
| 133 | |
| 127 CertificateErrorReporter::CertificateErrorReporter( | 134 CertificateErrorReporter::CertificateErrorReporter( |
| 128 net::URLRequestContext* request_context, | 135 net::URLRequestContext* request_context, |
| 129 const GURL& upload_url, | 136 const GURL& upload_url, |
| 130 CookiesPreference cookies_preference) | 137 CookiesPreference cookies_preference) |
| 131 : CertificateErrorReporter(request_context, | 138 : CertificateErrorReporter(request_context, |
| 132 upload_url, | 139 upload_url, |
| 133 cookies_preference, | 140 cookies_preference, |
| 134 kServerPublicKey, | 141 kServerPublicKey, |
| 135 kServerPublicKeyVersion) { | 142 kServerPublicKeyVersion) { |
| 136 } | 143 } |
| (...skipping 75 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 212 context->CreateRequest(upload_url_, net::DEFAULT_PRIORITY, this); | 219 context->CreateRequest(upload_url_, net::DEFAULT_PRIORITY, this); |
| 213 if (cookies_preference_ != SEND_COOKIES) { | 220 if (cookies_preference_ != SEND_COOKIES) { |
| 214 request->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES | | 221 request->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES | |
| 215 net::LOAD_DO_NOT_SAVE_COOKIES); | 222 net::LOAD_DO_NOT_SAVE_COOKIES); |
| 216 } | 223 } |
| 217 return request.Pass(); | 224 return request.Pass(); |
| 218 } | 225 } |
| 219 | 226 |
| 220 bool CertificateErrorReporter::IsHttpUploadUrlSupported() { | 227 bool CertificateErrorReporter::IsHttpUploadUrlSupported() { |
| 221 #if defined(USE_OPENSSL) | 228 #if defined(USE_OPENSSL) |
| 222 return true; | 229 return base::FieldTrialList::FindFullName(kHttpCertificateUploadExperiment) == |
| 230 kHttpCertificateUploadGroup; | |
| 223 #else | 231 #else |
| 224 return false; | 232 return false; |
| 225 #endif | 233 #endif |
| 226 } | 234 } |
| 227 | 235 |
| 228 // Used only by tests. | 236 // Used only by tests. |
| 229 #if defined(USE_OPENSSL) | 237 #if defined(USE_OPENSSL) |
| 230 bool CertificateErrorReporter::DecryptCertificateErrorReport( | 238 bool CertificateErrorReporter::DecryptCertificateErrorReport( |
| 231 const uint8 server_private_key[32], | 239 const uint8 server_private_key[32], |
| 232 const EncryptedCertLoggerRequest& encrypted_report, | 240 const EncryptedCertLoggerRequest& encrypted_report, |
| (...skipping 74 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 307 } | 315 } |
| 308 | 316 |
| 309 void CertificateErrorReporter::RequestComplete(net::URLRequest* request) { | 317 void CertificateErrorReporter::RequestComplete(net::URLRequest* request) { |
| 310 std::set<net::URLRequest*>::iterator i = inflight_requests_.find(request); | 318 std::set<net::URLRequest*>::iterator i = inflight_requests_.find(request); |
| 311 DCHECK(i != inflight_requests_.end()); | 319 DCHECK(i != inflight_requests_.end()); |
| 312 scoped_ptr<net::URLRequest> url_request(*i); | 320 scoped_ptr<net::URLRequest> url_request(*i); |
| 313 inflight_requests_.erase(i); | 321 inflight_requests_.erase(i); |
| 314 } | 322 } |
| 315 | 323 |
| 316 } // namespace chrome_browser_net | 324 } // namespace chrome_browser_net |
| OLD | NEW |
