OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/http/transport_security_persister.h" | 5 #include "net/http/transport_security_persister.h" |
6 | 6 |
7 #include "base/base64.h" | 7 #include "base/base64.h" |
8 #include "base/bind.h" | 8 #include "base/bind.h" |
9 #include "base/files/file_path.h" | 9 #include "base/files/file_path.h" |
10 #include "base/files/file_util.h" | 10 #include "base/files/file_util.h" |
(...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
70 const char kExpiry[] = "expiry"; | 70 const char kExpiry[] = "expiry"; |
71 const char kDynamicSPKIHashesExpiry[] = "dynamic_spki_hashes_expiry"; | 71 const char kDynamicSPKIHashesExpiry[] = "dynamic_spki_hashes_expiry"; |
72 const char kDynamicSPKIHashes[] = "dynamic_spki_hashes"; | 72 const char kDynamicSPKIHashes[] = "dynamic_spki_hashes"; |
73 const char kForceHTTPS[] = "force-https"; | 73 const char kForceHTTPS[] = "force-https"; |
74 const char kStrict[] = "strict"; | 74 const char kStrict[] = "strict"; |
75 const char kDefault[] = "default"; | 75 const char kDefault[] = "default"; |
76 const char kPinningOnly[] = "pinning-only"; | 76 const char kPinningOnly[] = "pinning-only"; |
77 const char kCreated[] = "created"; | 77 const char kCreated[] = "created"; |
78 const char kStsObserved[] = "sts_observed"; | 78 const char kStsObserved[] = "sts_observed"; |
79 const char kPkpObserved[] = "pkp_observed"; | 79 const char kPkpObserved[] = "pkp_observed"; |
| 80 const char kReportUri[] = "report-uri"; |
80 | 81 |
81 std::string LoadState(const base::FilePath& path) { | 82 std::string LoadState(const base::FilePath& path) { |
82 std::string result; | 83 std::string result; |
83 if (!base::ReadFileToString(path, &result)) { | 84 if (!base::ReadFileToString(path, &result)) { |
84 return ""; | 85 return ""; |
85 } | 86 } |
86 return result; | 87 return result; |
87 } | 88 } |
88 | 89 |
89 } // namespace | 90 } // namespace |
(...skipping 71 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
161 NOTREACHED() << "DomainState with unknown mode"; | 162 NOTREACHED() << "DomainState with unknown mode"; |
162 delete serialized; | 163 delete serialized; |
163 continue; | 164 continue; |
164 } | 165 } |
165 | 166 |
166 if (now < domain_state.pkp.expiry) { | 167 if (now < domain_state.pkp.expiry) { |
167 serialized->Set(kDynamicSPKIHashes, | 168 serialized->Set(kDynamicSPKIHashes, |
168 SPKIHashesToListValue(domain_state.pkp.spki_hashes)); | 169 SPKIHashesToListValue(domain_state.pkp.spki_hashes)); |
169 } | 170 } |
170 | 171 |
| 172 serialized->SetString(kReportUri, domain_state.pkp.report_uri); |
| 173 |
171 toplevel.Set(HashedDomainToExternalString(hostname), serialized); | 174 toplevel.Set(HashedDomainToExternalString(hostname), serialized); |
172 } | 175 } |
173 | 176 |
174 base::JSONWriter::WriteWithOptions( | 177 base::JSONWriter::WriteWithOptions( |
175 toplevel, base::JSONWriter::OPTIONS_PRETTY_PRINT, output); | 178 toplevel, base::JSONWriter::OPTIONS_PRETTY_PRINT, output); |
176 return true; | 179 return true; |
177 } | 180 } |
178 | 181 |
179 bool TransportSecurityPersister::LoadEntries(const std::string& serialized, | 182 bool TransportSecurityPersister::LoadEntries(const std::string& serialized, |
180 bool* dirty) { | 183 bool* dirty) { |
(...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
253 LOG(WARNING) << "Unknown TransportSecurityState mode string " | 256 LOG(WARNING) << "Unknown TransportSecurityState mode string " |
254 << mode_string << " found for entry " << i.key() | 257 << mode_string << " found for entry " << i.key() |
255 << "; skipping entry"; | 258 << "; skipping entry"; |
256 continue; | 259 continue; |
257 } | 260 } |
258 | 261 |
259 domain_state.sts.expiry = base::Time::FromDoubleT(expiry); | 262 domain_state.sts.expiry = base::Time::FromDoubleT(expiry); |
260 domain_state.pkp.expiry = | 263 domain_state.pkp.expiry = |
261 base::Time::FromDoubleT(dynamic_spki_hashes_expiry); | 264 base::Time::FromDoubleT(dynamic_spki_hashes_expiry); |
262 | 265 |
| 266 // Don't fail if this key is not present. |
| 267 parsed->GetString(kReportUri, &domain_state.pkp.report_uri); |
| 268 |
263 double sts_observed; | 269 double sts_observed; |
264 double pkp_observed; | 270 double pkp_observed; |
265 if (parsed->GetDouble(kStsObserved, &sts_observed)) { | 271 if (parsed->GetDouble(kStsObserved, &sts_observed)) { |
266 domain_state.sts.last_observed = base::Time::FromDoubleT(sts_observed); | 272 domain_state.sts.last_observed = base::Time::FromDoubleT(sts_observed); |
267 } else if (parsed->GetDouble(kCreated, &sts_observed)) { | 273 } else if (parsed->GetDouble(kCreated, &sts_observed)) { |
268 // kCreated is a legacy synonym for both kStsObserved and kPkpObserved. | 274 // kCreated is a legacy synonym for both kStsObserved and kPkpObserved. |
269 domain_state.sts.last_observed = base::Time::FromDoubleT(sts_observed); | 275 domain_state.sts.last_observed = base::Time::FromDoubleT(sts_observed); |
270 } else { | 276 } else { |
271 // We're migrating an old entry with no observation date. Make sure we | 277 // We're migrating an old entry with no observation date. Make sure we |
272 // write the new date back in a reasonable time frame. | 278 // write the new date back in a reasonable time frame. |
(...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
311 bool dirty = false; | 317 bool dirty = false; |
312 if (!LoadEntries(state, &dirty)) { | 318 if (!LoadEntries(state, &dirty)) { |
313 LOG(ERROR) << "Failed to deserialize state: " << state; | 319 LOG(ERROR) << "Failed to deserialize state: " << state; |
314 return; | 320 return; |
315 } | 321 } |
316 if (dirty) | 322 if (dirty) |
317 StateIsDirty(transport_security_state_); | 323 StateIsDirty(transport_security_state_); |
318 } | 324 } |
319 | 325 |
320 } // namespace net | 326 } // namespace net |
OLD | NEW |