Common Name Mismatch Handler For WWW Subdomain Mismatch case

chrome/browser/ssl/ssl_error_classification.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include <vector>
 
 #include "chrome/browser/ssl/ssl_error_classification.h"
 
 #include "base/build_time.h"
 #include "base/metrics/field_trial.h"
@@ skipping 306 matching lines @@
   return 0;
 }
 
 SSLErrorClassification::Tokens SSLErrorClassification::
 Tokenize(const std::string& name) {
   return base::SplitString(
       name, ".", base::KEEP_WHITESPACE, base::SPLIT_WANT_ALL);
 }
 
 // We accept the inverse case for www for historical reasons.
-bool SSLErrorClassification::IsWWWSubDomainMatch() const {
-  std::string host_name = request_url_.host();
+bool SSLErrorClassification::GetWWWSubDomainMatch(
+    const std::string& host_name,
+    const std::vector<std::string>& dns_names,
+    std::string* www_match_host_name) {
   if (IsHostNameKnownTLD(host_name)) {
-    std::vector<std::string> dns_names;
-    cert_.GetDNSNames(&dns_names);
-    bool result = false;
     // Need to account for all possible domains given in the SSL certificate.
     for (size_t i = 0; i < dns_names.size(); ++i) {
-      if (dns_names[i].empty() || dns_names[i].find('\0') != std::string::npos
-          || dns_names[i].length() == host_name.length()
-          || !(IsHostNameKnownTLD(dns_names[i]))) {
-        result = result || false;
+      if (dns_names[i].empty() ||
+          dns_names[i].find('\0') != std::string::npos ||
+          dns_names[i].length() == host_name.length() ||
+          !(IsHostNameKnownTLD(dns_names[i]))) {

[davidben, 2015/08/18 20:19:05]

Nit: Unnecessary parens around IsHostNameKnownTLD.

[Bhanu Dev, 2015/08/18 21:34:31]

Done.

+        continue;
       } else if (dns_names[i].length() > host_name.length()) {
-        result = result ||
-            net::StripWWW(base::ASCIIToUTF16(dns_names[i])) ==
-            base::ASCIIToUTF16(host_name);
+        if (net::StripWWW(base::ASCIIToUTF16(dns_names[i])) ==
+            base::ASCIIToUTF16(host_name)) {
+          *www_match_host_name = dns_names[i];
+          return true;
+        }
       } else {
-        result = result ||
-            net::StripWWW(base::ASCIIToUTF16(host_name)) ==
-            base::ASCIIToUTF16(dns_names[i]);
+        if (net::StripWWW(base::ASCIIToUTF16(host_name)) ==
+            base::ASCIIToUTF16(dns_names[i])) {
+          *www_match_host_name = dns_names[i];
+          return true;
+        }
       }
     }
-    return result;
   }
   return false;
 }
 
+bool SSLErrorClassification::IsWWWSubDomainMatch() const {
+  const std::string& host_name = request_url_.host();
+  std::vector<std::string> dns_names;
+  cert_.GetDNSNames(&dns_names);
+  std::string www_host;
+  return GetWWWSubDomainMatch(host_name, dns_names, &www_host);
+}
+
 bool SSLErrorClassification::NameUnderAnyNames(
     const Tokens& child,
     const std::vector<Tokens>& potential_parents) const {
   bool result = false;
   // Need to account for all the possible domains given in the SSL certificate.
   for (size_t i = 0; i < potential_parents.size(); ++i) {
     if (potential_parents[i].empty() ||
         potential_parents[i].size() >= child.size()) {
       result = result || false;
     } else {
@@ skipping 154 matching lines @@
     // sure we don't clear the captive protal flag, since the interstitial was
     // potentially caused by the captive portal.
     captive_portal_detected_ = captive_portal_detected_ ||
         (results->result == captive_portal::RESULT_BEHIND_CAPTIVE_PORTAL);
     // Also keep track of non-HTTP portals and error cases.
     captive_portal_no_response_ = captive_portal_no_response_ ||
         (results->result == captive_portal::RESULT_NO_RESPONSE);
   }
 #endif
 }