chrome/browser/ssl/ssl_error_classification.cc - Issue 1223233002: Common Name Mismatch Handler For WWW Subdomain Mismatch case

Side by Side Diff: chrome/browser/ssl/ssl_error_classification.cc

Issue 1223233002: Common Name Mismatch Handler For WWW Subdomain Mismatch case (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Documentation Changes Created 5 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright 2014 The Chromium Authors. All rights reserved.	1 // Copyright 2014 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include <vector>	5 #include <vector>

6	6

7 #include "chrome/browser/ssl/ssl_error_classification.h"	7 #include "chrome/browser/ssl/ssl_error_classification.h"

8	8

9 #include "base/build_time.h"	9 #include "base/build_time.h"

10 #include "base/metrics/field_trial.h"	10 #include "base/metrics/field_trial.h"

(...skipping 306 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
317 return 0;	317 return 0;

318 }	318 }

319	319

320 SSLErrorClassification::Tokens SSLErrorClassification::	320 SSLErrorClassification::Tokens SSLErrorClassification::

321 Tokenize(const std::string& name) {	321 Tokenize(const std::string& name) {

322 return base::SplitString(	322 return base::SplitString(

323 name, ".", base::KEEP_WHITESPACE, base::SPLIT_WANT_ALL);	323 name, ".", base::KEEP_WHITESPACE, base::SPLIT_WANT_ALL);

324 }	324 }

325	325

326 // We accept the inverse case for www for historical reasons.	326 // We accept the inverse case for www for historical reasons.

327 bool SSLErrorClassification::IsWWWSubDomainMatch() const {	327 bool SSLErrorClassification::GetWWWSubDomainMatch(

328 std::string host_name = request_url_.host();	328 const std::string& host_name,

	329 const std::vector<std::string>& dns_names,

	330 std::string* www_match_host_name) {

329 if (IsHostNameKnownTLD(host_name)) {	331 if (IsHostNameKnownTLD(host_name)) {

330 std::vector<std::string> dns_names;

331 cert_.GetDNSNames(&dns_names);

332 bool result = false;

333 // Need to account for all possible domains given in the SSL certificate.	332 // Need to account for all possible domains given in the SSL certificate.

334 for (size_t i = 0; i < dns_names.size(); ++i) {	333 for (size_t i = 0; i < dns_names.size(); ++i) {

335 if (dns_names[i].empty() \|\| dns_names[i].find('\0') != std::string::npos	334 if (dns_names[i].empty() \|\| dns_names[i].find('\0') != std::string::npos
	Ryan Sleevi 2015/08/14 00:40:17 DANGER: There is _zero_ guarantee that \|dns_names\| DANGER: There is _zero_ guarantee that \|dns_names\| are well-formed/canonical. That is, a cert could totally have the name "www....monkeypants!!@#example.com", which is in no way valid. This is independent of the CL, but reflects the danger in just blindly loading it. Bhanu Dev 2015/08/15 00:18:53 Acknowledged. I think we are not executing the dns Show quoted text On 2015/08/14 00:40:17, Ryan Sleevi (out until 8-24) wrote: > DANGER: There is _zero_ guarantee that \|dns_names\| are well-formed/canonical. > That is, a cert could totally have the name mailto:"www....monkeypants!!@#example.com", > which is in no way valid. > > This is independent of the CL, but reflects the danger in just blindly loading > it. Acknowledged. I think we are not executing the dns name or so, we just compare it with hostname.
336 \|\| dns_names[i].length() == host_name.length()	335 \|\| dns_names[i].length() == host_name.length()

337 \|\| !(IsHostNameKnownTLD(dns_names[i]))) {	336 \|\| !(IsHostNameKnownTLD(dns_names[i]))) {

338 result = result \|\| false;	337 continue;

339 } else if (dns_names[i].length() > host_name.length()) {	338 } else if (dns_names[i].length() > host_name.length()) {

340 result = result \|\|	339 if (net::StripWWW(base::ASCIIToUTF16(dns_names[i])) ==

341 net::StripWWW(base::ASCIIToUTF16(dns_names[i])) ==	340 base::ASCIIToUTF16(host_name)) {
	Ryan Sleevi 2015/08/14 00:40:17 Hrm, this is problematic from the original code - Hrm, this is problematic from the original code - converting to String16 only to ignore the result is just wasting bytes. I'll try to resolve this as part of https://crbug.com/488531 Bhanu Dev 2015/08/15 00:18:53 Done. Show quoted text On 2015/08/14 00:40:17, Ryan Sleevi (out until 8-24) wrote: > Hrm, this is problematic from the original code - converting to String16 only to > ignore the result is just wasting bytes. > > I'll try to resolve this as part of https://crbug.com/488531 Done.
342 base::ASCIIToUTF16(host_name);	341 www_match_host_name->assign(dns_names[i].data(), dns_names[i].size());

	342 return true;

	343 }

343 } else {	344 } else {

344 result = result \|\|	345 if (net::StripWWW(base::ASCIIToUTF16(host_name)) ==

345 net::StripWWW(base::ASCIIToUTF16(host_name)) ==	346 base::ASCIIToUTF16(dns_names[i])) {

346 base::ASCIIToUTF16(dns_names[i]);	347 www_match_host_name->assign(dns_names[i].data(), dns_names[i].size());

	348 return true;

	349 }

347 }	350 }

348 }	351 }

349 return result;

350 }	352 }

351 return false;	353 return false;

352 }	354 }

353	355

	356 bool SSLErrorClassification::IsWWWSubDomainMatch() const {

	357 const std::string& host_name = request_url_.host();

	358 std::vector<std::string> dns_names;

	359 cert_.GetDNSNames(&dns_names);

	360 std::string www_host;

	361 return GetWWWSubDomainMatch(host_name, dns_names, &www_host);

	362 }

	363

354 bool SSLErrorClassification::NameUnderAnyNames(	364 bool SSLErrorClassification::NameUnderAnyNames(

355 const Tokens& child,	365 const Tokens& child,

356 const std::vector<Tokens>& potential_parents) const {	366 const std::vector<Tokens>& potential_parents) const {

357 bool result = false;	367 bool result = false;

358 // Need to account for all the possible domains given in the SSL certificate.	368 // Need to account for all the possible domains given in the SSL certificate.

359 for (size_t i = 0; i < potential_parents.size(); ++i) {	369 for (size_t i = 0; i < potential_parents.size(); ++i) {

360 if (potential_parents[i].empty() \|\|	370 if (potential_parents[i].empty() \|\|

361 potential_parents[i].size() >= child.size()) {	371 potential_parents[i].size() >= child.size()) {

362 result = result \|\| false;	372 result = result \|\| false;

363 } else {	373 } else {

(...skipping 154 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
518 // sure we don't clear the captive protal flag, since the interstitial was	528 // sure we don't clear the captive protal flag, since the interstitial was

519 // potentially caused by the captive portal.	529 // potentially caused by the captive portal.

520 captive_portal_detected_ = captive_portal_detected_ \|\|	530 captive_portal_detected_ = captive_portal_detected_ \|\|

521 (results->result == captive_portal::RESULT_BEHIND_CAPTIVE_PORTAL);	531 (results->result == captive_portal::RESULT_BEHIND_CAPTIVE_PORTAL);

522 // Also keep track of non-HTTP portals and error cases.	532 // Also keep track of non-HTTP portals and error cases.

523 captive_portal_no_response_ = captive_portal_no_response_ \|\|	533 captive_portal_no_response_ = captive_portal_no_response_ \|\|

524 (results->result == captive_portal::RESULT_NO_RESPONSE);	534 (results->result == captive_portal::RESULT_NO_RESPONSE);

525 }	535 }

526 #endif	536 #endif

527 }	537 }

OLD	NEW