OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/http/transport_security_persister.h" | 5 #include "net/http/transport_security_persister.h" |
6 | 6 |
7 #include "base/base64.h" | 7 #include "base/base64.h" |
8 #include "base/bind.h" | 8 #include "base/bind.h" |
9 #include "base/files/file_path.h" | 9 #include "base/files/file_path.h" |
10 #include "base/files/file_util.h" | 10 #include "base/files/file_util.h" |
(...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
70 const char kExpiry[] = "expiry"; | 70 const char kExpiry[] = "expiry"; |
71 const char kDynamicSPKIHashesExpiry[] = "dynamic_spki_hashes_expiry"; | 71 const char kDynamicSPKIHashesExpiry[] = "dynamic_spki_hashes_expiry"; |
72 const char kDynamicSPKIHashes[] = "dynamic_spki_hashes"; | 72 const char kDynamicSPKIHashes[] = "dynamic_spki_hashes"; |
73 const char kForceHTTPS[] = "force-https"; | 73 const char kForceHTTPS[] = "force-https"; |
74 const char kStrict[] = "strict"; | 74 const char kStrict[] = "strict"; |
75 const char kDefault[] = "default"; | 75 const char kDefault[] = "default"; |
76 const char kPinningOnly[] = "pinning-only"; | 76 const char kPinningOnly[] = "pinning-only"; |
77 const char kCreated[] = "created"; | 77 const char kCreated[] = "created"; |
78 const char kStsObserved[] = "sts_observed"; | 78 const char kStsObserved[] = "sts_observed"; |
79 const char kPkpObserved[] = "pkp_observed"; | 79 const char kPkpObserved[] = "pkp_observed"; |
| 80 const char kReportUri[] = "report-uri"; |
80 | 81 |
81 std::string LoadState(const base::FilePath& path) { | 82 std::string LoadState(const base::FilePath& path) { |
82 std::string result; | 83 std::string result; |
83 if (!base::ReadFileToString(path, &result)) { | 84 if (!base::ReadFileToString(path, &result)) { |
84 return ""; | 85 return ""; |
85 } | 86 } |
86 return result; | 87 return result; |
87 } | 88 } |
88 | 89 |
89 } // namespace | 90 } // namespace |
(...skipping 95 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
185 | 186 |
186 serialized->SetBoolean(kPkpIncludeSubdomains, pkp_state.include_subdomains); | 187 serialized->SetBoolean(kPkpIncludeSubdomains, pkp_state.include_subdomains); |
187 serialized->SetDouble(kPkpObserved, pkp_state.last_observed.ToDoubleT()); | 188 serialized->SetDouble(kPkpObserved, pkp_state.last_observed.ToDoubleT()); |
188 serialized->SetDouble(kDynamicSPKIHashesExpiry, | 189 serialized->SetDouble(kDynamicSPKIHashesExpiry, |
189 pkp_state.expiry.ToDoubleT()); | 190 pkp_state.expiry.ToDoubleT()); |
190 | 191 |
191 if (now < pkp_state.expiry) { | 192 if (now < pkp_state.expiry) { |
192 serialized->Set(kDynamicSPKIHashes, | 193 serialized->Set(kDynamicSPKIHashes, |
193 SPKIHashesToListValue(pkp_state.spki_hashes)); | 194 SPKIHashesToListValue(pkp_state.spki_hashes)); |
194 } | 195 } |
| 196 |
| 197 serialized->SetString(kReportUri, pkp_state.report_uri.spec()); |
195 } | 198 } |
196 | 199 |
197 base::JSONWriter::WriteWithOptions( | 200 base::JSONWriter::WriteWithOptions( |
198 toplevel, base::JSONWriter::OPTIONS_PRETTY_PRINT, output); | 201 toplevel, base::JSONWriter::OPTIONS_PRETTY_PRINT, output); |
199 return true; | 202 return true; |
200 } | 203 } |
201 | 204 |
202 bool TransportSecurityPersister::LoadEntries(const std::string& serialized, | 205 bool TransportSecurityPersister::LoadEntries(const std::string& serialized, |
203 bool* dirty) { | 206 bool* dirty) { |
204 DCHECK(foreground_runner_->RunsTasksOnCurrentThread()); | 207 DCHECK(foreground_runner_->RunsTasksOnCurrentThread()); |
(...skipping 70 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
275 } else { | 278 } else { |
276 LOG(WARNING) << "Unknown TransportSecurityState mode string " | 279 LOG(WARNING) << "Unknown TransportSecurityState mode string " |
277 << mode_string << " found for entry " << i.key() | 280 << mode_string << " found for entry " << i.key() |
278 << "; skipping entry"; | 281 << "; skipping entry"; |
279 continue; | 282 continue; |
280 } | 283 } |
281 | 284 |
282 sts_state.expiry = base::Time::FromDoubleT(expiry); | 285 sts_state.expiry = base::Time::FromDoubleT(expiry); |
283 pkp_state.expiry = base::Time::FromDoubleT(dynamic_spki_hashes_expiry); | 286 pkp_state.expiry = base::Time::FromDoubleT(dynamic_spki_hashes_expiry); |
284 | 287 |
| 288 // Don't fail if this key is not present. |
| 289 std::string report_uri_str; |
| 290 parsed->GetString(kReportUri, &report_uri_str); |
| 291 GURL report_uri(report_uri_str); |
| 292 if (report_uri.is_valid()) |
| 293 pkp_state.report_uri = report_uri; |
| 294 |
285 double sts_observed; | 295 double sts_observed; |
286 double pkp_observed; | 296 double pkp_observed; |
287 if (parsed->GetDouble(kStsObserved, &sts_observed)) { | 297 if (parsed->GetDouble(kStsObserved, &sts_observed)) { |
288 sts_state.last_observed = base::Time::FromDoubleT(sts_observed); | 298 sts_state.last_observed = base::Time::FromDoubleT(sts_observed); |
289 } else if (parsed->GetDouble(kCreated, &sts_observed)) { | 299 } else if (parsed->GetDouble(kCreated, &sts_observed)) { |
290 // kCreated is a legacy synonym for both kStsObserved and kPkpObserved. | 300 // kCreated is a legacy synonym for both kStsObserved and kPkpObserved. |
291 sts_state.last_observed = base::Time::FromDoubleT(sts_observed); | 301 sts_state.last_observed = base::Time::FromDoubleT(sts_observed); |
292 } else { | 302 } else { |
293 // We're migrating an old entry with no observation date. Make sure we | 303 // We're migrating an old entry with no observation date. Make sure we |
294 // write the new date back in a reasonable time frame. | 304 // write the new date back in a reasonable time frame. |
(...skipping 63 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
358 bool dirty = false; | 368 bool dirty = false; |
359 if (!LoadEntries(state, &dirty)) { | 369 if (!LoadEntries(state, &dirty)) { |
360 LOG(ERROR) << "Failed to deserialize state: " << state; | 370 LOG(ERROR) << "Failed to deserialize state: " << state; |
361 return; | 371 return; |
362 } | 372 } |
363 if (dirty) | 373 if (dirty) |
364 StateIsDirty(transport_security_state_); | 374 StateIsDirty(transport_security_state_); |
365 } | 375 } |
366 | 376 |
367 } // namespace net | 377 } // namespace net |
OLD | NEW |