| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/net/certificate_error_reporter.h" | 5 #include "chrome/browser/net/certificate_error_reporter.h" |
| 6 | 6 |
| 7 #include <set> | 7 #include <set> |
| 8 | 8 |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/metrics/field_trial.h" |
| 10 #include "chrome/browser/net/encrypted_cert_logger.pb.h" | 11 #include "chrome/browser/net/encrypted_cert_logger.pb.h" |
| 11 | 12 |
| 12 #if defined(USE_OPENSSL) | 13 #if defined(USE_OPENSSL) |
| 13 #include "crypto/aead_openssl.h" | 14 #include "crypto/aead_openssl.h" |
| 14 #endif | 15 #endif |
| 15 | 16 |
| 16 #include "crypto/curve25519.h" | 17 #include "crypto/curve25519.h" |
| 17 #include "crypto/hkdf.h" | 18 #include "crypto/hkdf.h" |
| 18 #include "crypto/random.h" | 19 #include "crypto/random.h" |
| 19 #include "net/base/elements_upload_data_stream.h" | 20 #include "net/base/elements_upload_data_stream.h" |
| (...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 77 chrome_browser_net::EncryptedCertLoggerRequest:: | 78 chrome_browser_net::EncryptedCertLoggerRequest:: |
| 78 AEAD_ECDH_AES_128_CTR_HMAC_SHA256); | 79 AEAD_ECDH_AES_128_CTR_HMAC_SHA256); |
| 79 return true; | 80 return true; |
| 80 } | 81 } |
| 81 #endif | 82 #endif |
| 82 | 83 |
| 83 } // namespace | 84 } // namespace |
| 84 | 85 |
| 85 namespace chrome_browser_net { | 86 namespace chrome_browser_net { |
| 86 | 87 |
| 88 // Constants for the Finch trial that controls whether the |
| 89 // CertificateErrorReporter supports HTTP uploads. |
| 90 const char kHttpCertificateUploadExperiment[] = |
| 91 "ReportCertificateErrorsOverHttp"; |
| 92 const char kHttpCertificateUploadGroup[] = "UploadReportsOverHttp"; |
| 93 |
| 87 CertificateErrorReporter::CertificateErrorReporter( | 94 CertificateErrorReporter::CertificateErrorReporter( |
| 88 net::URLRequestContext* request_context, | 95 net::URLRequestContext* request_context, |
| 89 const GURL& upload_url, | 96 const GURL& upload_url, |
| 90 CookiesPreference cookies_preference) | 97 CookiesPreference cookies_preference) |
| 91 : CertificateErrorReporter(request_context, | 98 : CertificateErrorReporter(request_context, |
| 92 upload_url, | 99 upload_url, |
| 93 cookies_preference, | 100 cookies_preference, |
| 94 kServerPublicKey, | 101 kServerPublicKey, |
| 95 kServerPublicKeyVersion) { | 102 kServerPublicKeyVersion) { |
| 96 } | 103 } |
| (...skipping 70 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 167 context->CreateRequest(upload_url_, net::DEFAULT_PRIORITY, this); | 174 context->CreateRequest(upload_url_, net::DEFAULT_PRIORITY, this); |
| 168 if (cookies_preference_ != SEND_COOKIES) { | 175 if (cookies_preference_ != SEND_COOKIES) { |
| 169 request->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES | | 176 request->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES | |
| 170 net::LOAD_DO_NOT_SAVE_COOKIES); | 177 net::LOAD_DO_NOT_SAVE_COOKIES); |
| 171 } | 178 } |
| 172 return request.Pass(); | 179 return request.Pass(); |
| 173 } | 180 } |
| 174 | 181 |
| 175 bool CertificateErrorReporter::IsHttpUploadUrlSupported() { | 182 bool CertificateErrorReporter::IsHttpUploadUrlSupported() { |
| 176 #if defined(USE_OPENSSL) | 183 #if defined(USE_OPENSSL) |
| 177 return true; | 184 return base::FieldTrialList::FindFullName(kHttpCertificateUploadExperiment) == |
| 185 kHttpCertificateUploadGroup; |
| 178 #else | 186 #else |
| 179 return false; | 187 return false; |
| 180 #endif | 188 #endif |
| 181 } | 189 } |
| 182 | 190 |
| 183 // Used only by tests. | 191 // Used only by tests. |
| 184 #if defined(USE_OPENSSL) | 192 #if defined(USE_OPENSSL) |
| 185 bool CertificateErrorReporter::DecryptCertificateErrorReport( | 193 bool CertificateErrorReporter::DecryptCertificateErrorReport( |
| 186 const uint8 server_private_key[32], | 194 const uint8 server_private_key[32], |
| 187 const EncryptedCertLoggerRequest& encrypted_report, | 195 const EncryptedCertLoggerRequest& encrypted_report, |
| (...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 232 } | 240 } |
| 233 | 241 |
| 234 void CertificateErrorReporter::RequestComplete(net::URLRequest* request) { | 242 void CertificateErrorReporter::RequestComplete(net::URLRequest* request) { |
| 235 std::set<net::URLRequest*>::iterator i = inflight_requests_.find(request); | 243 std::set<net::URLRequest*>::iterator i = inflight_requests_.find(request); |
| 236 DCHECK(i != inflight_requests_.end()); | 244 DCHECK(i != inflight_requests_.end()); |
| 237 scoped_ptr<net::URLRequest> url_request(*i); | 245 scoped_ptr<net::URLRequest> url_request(*i); |
| 238 inflight_requests_.erase(i); | 246 inflight_requests_.erase(i); |
| 239 } | 247 } |
| 240 | 248 |
| 241 } // namespace chrome_browser_net | 249 } // namespace chrome_browser_net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1134283003:
Add HTTP certificate report URL with Finch gate (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master