Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(70)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/spdy/spdy_session.cc

Issue 1212613004: Build and send HPKP violation reports (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: remove unnecessary net::'s Created 5 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/http/transport_security_state.cc ('K') | « net/socket/ssl_client_socket_openssl.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/spdy/spdy_session.h" 5 #include "net/spdy/spdy_session.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 #include <map> 8 #include <map>
9 9
10 #include "base/basictypes.h" 10 #include "base/basictypes.h"
(...skipping 580 matching lines...) Expand 10 before | Expand all | Expand 10 after
591 ChannelIDService::GetDomainForHost(new_hostname) != 591 ChannelIDService::GetDomainForHost(new_hostname) !=
592 ChannelIDService::GetDomainForHost(old_hostname)) { 592 ChannelIDService::GetDomainForHost(old_hostname)) {
593 return false; 593 return false;
594 } 594 }
595 595
596 bool unused = false; 596 bool unused = false;
597 if (!ssl_info.cert->VerifyNameMatch(new_hostname, &unused)) 597 if (!ssl_info.cert->VerifyNameMatch(new_hostname, &unused))
598 return false; 598 return false;
599 599
600 std::string pinning_failure_log; 600 std::string pinning_failure_log;
601 // DISABLE_PIN_REPORTS is set here because this check can fail in
602 // normal operation without being indicative of a misconfiguration or
603 // attack.
604 //
605 // TODO(estark): replace 0 below with the port of the connection
606 // (though it won't actually be used since reports aren't getting
607 // sent).
601 if (!transport_security_state->CheckPublicKeyPins( 608 if (!transport_security_state->CheckPublicKeyPins(
602 new_hostname, 609 HostPortPair(new_hostname, 0), ssl_info.is_issued_by_known_root,
603 ssl_info.is_issued_by_known_root, 610 ssl_info.public_key_hashes, ssl_info.unverified_cert.get(),
604 ssl_info.public_key_hashes, 611 ssl_info.cert.get(), TransportSecurityState::DISABLE_PIN_REPORTS,
605 &pinning_failure_log)) { 612 &pinning_failure_log)) {
606 return false; 613 return false;
607 } 614 }
608 615
609 return true; 616 return true;
610 } 617 }
611 618
612 SpdySession::SpdySession( 619 SpdySession::SpdySession(
613 const SpdySessionKey& spdy_session_key, 620 const SpdySessionKey& spdy_session_key,
614 const base::WeakPtr<HttpServerProperties>& http_server_properties, 621 const base::WeakPtr<HttpServerProperties>& http_server_properties,
(...skipping 2646 matching lines...) Expand 10 before | Expand all | Expand 10 after
3261 if (!queue->empty()) { 3268 if (!queue->empty()) {
3262 SpdyStreamId stream_id = queue->front(); 3269 SpdyStreamId stream_id = queue->front();
3263 queue->pop_front(); 3270 queue->pop_front();
3264 return stream_id; 3271 return stream_id;
3265 } 3272 }
3266 } 3273 }
3267 return 0; 3274 return 0;
3268 } 3275 }
3269 3276
3270 } // namespace net 3277 } // namespace net
OLDNEW
« net/http/transport_security_state.cc ('K') | « net/socket/ssl_client_socket_openssl.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698