| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <vector> | 5 #include <vector> |
| 6 | 6 |
| 7 #include "chrome/browser/ssl/ssl_error_classification.h" | 7 #include "chrome/browser/ssl/ssl_error_classification.h" |
| 8 | 8 |
| 9 #include "base/build_time.h" | 9 #include "base/build_time.h" |
| 10 #include "base/metrics/field_trial.h" | 10 #include "base/metrics/field_trial.h" |
| (...skipping 306 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 317 return 0; | 317 return 0; |
| 318 } | 318 } |
| 319 | 319 |
| 320 SSLErrorClassification::Tokens SSLErrorClassification:: | 320 SSLErrorClassification::Tokens SSLErrorClassification:: |
| 321 Tokenize(const std::string& name) { | 321 Tokenize(const std::string& name) { |
| 322 return base::SplitString( | 322 return base::SplitString( |
| 323 name, ".", base::KEEP_WHITESPACE, base::SPLIT_WANT_ALL); | 323 name, ".", base::KEEP_WHITESPACE, base::SPLIT_WANT_ALL); |
| 324 } | 324 } |
| 325 | 325 |
| 326 // We accept the inverse case for www for historical reasons. | 326 // We accept the inverse case for www for historical reasons. |
| 327 bool SSLErrorClassification::IsWWWSubDomainMatch() const { | 327 bool SSLErrorClassification::GetWWWSubDomainMatch( |
| 328 std::string host_name = request_url_.host(); | 328 const std::string& host_name, |
| 329 const std::vector<std::string>& dns_names, |
| 330 std::string* www_match_host_name) { |
| 329 if (IsHostNameKnownTLD(host_name)) { | 331 if (IsHostNameKnownTLD(host_name)) { |
| 330 std::vector<std::string> dns_names; | |
| 331 cert_.GetDNSNames(&dns_names); | |
| 332 bool result = false; | |
| 333 // Need to account for all possible domains given in the SSL certificate. | 332 // Need to account for all possible domains given in the SSL certificate. |
| 334 for (size_t i = 0; i < dns_names.size(); ++i) { | 333 for (size_t i = 0; i < dns_names.size(); ++i) { |
| 335 if (dns_names[i].empty() || dns_names[i].find('\0') != std::string::npos | 334 if (dns_names[i].empty() || |
| 336 || dns_names[i].length() == host_name.length() | 335 dns_names[i].find('\0') != std::string::npos || |
| 337 || !(IsHostNameKnownTLD(dns_names[i]))) { | 336 dns_names[i].length() == host_name.length() || |
| 338 result = result || false; | 337 !IsHostNameKnownTLD(dns_names[i])) { |
| 338 continue; |
| 339 } else if (dns_names[i].length() > host_name.length()) { | 339 } else if (dns_names[i].length() > host_name.length()) { |
| 340 result = result || | 340 if (net::StripWWW(base::ASCIIToUTF16(dns_names[i])) == |
| 341 net::StripWWW(base::ASCIIToUTF16(dns_names[i])) == | 341 base::ASCIIToUTF16(host_name)) { |
| 342 base::ASCIIToUTF16(host_name); | 342 *www_match_host_name = dns_names[i]; |
| 343 return true; |
| 344 } |
| 343 } else { | 345 } else { |
| 344 result = result || | 346 if (net::StripWWW(base::ASCIIToUTF16(host_name)) == |
| 345 net::StripWWW(base::ASCIIToUTF16(host_name)) == | 347 base::ASCIIToUTF16(dns_names[i])) { |
| 346 base::ASCIIToUTF16(dns_names[i]); | 348 *www_match_host_name = dns_names[i]; |
| 349 return true; |
| 350 } |
| 347 } | 351 } |
| 348 } | 352 } |
| 349 return result; | |
| 350 } | 353 } |
| 351 return false; | 354 return false; |
| 352 } | 355 } |
| 353 | 356 |
| 357 bool SSLErrorClassification::IsWWWSubDomainMatch() const { |
| 358 const std::string& host_name = request_url_.host(); |
| 359 std::vector<std::string> dns_names; |
| 360 cert_.GetDNSNames(&dns_names); |
| 361 std::string www_host; |
| 362 return GetWWWSubDomainMatch(host_name, dns_names, &www_host); |
| 363 } |
| 364 |
| 354 bool SSLErrorClassification::NameUnderAnyNames( | 365 bool SSLErrorClassification::NameUnderAnyNames( |
| 355 const Tokens& child, | 366 const Tokens& child, |
| 356 const std::vector<Tokens>& potential_parents) const { | 367 const std::vector<Tokens>& potential_parents) const { |
| 357 bool result = false; | 368 bool result = false; |
| 358 // Need to account for all the possible domains given in the SSL certificate. | 369 // Need to account for all the possible domains given in the SSL certificate. |
| 359 for (size_t i = 0; i < potential_parents.size(); ++i) { | 370 for (size_t i = 0; i < potential_parents.size(); ++i) { |
| 360 if (potential_parents[i].empty() || | 371 if (potential_parents[i].empty() || |
| 361 potential_parents[i].size() >= child.size()) { | 372 potential_parents[i].size() >= child.size()) { |
| 362 result = result || false; | 373 result = result || false; |
| 363 } else { | 374 } else { |
| (...skipping 154 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 518 // sure we don't clear the captive protal flag, since the interstitial was | 529 // sure we don't clear the captive protal flag, since the interstitial was |
| 519 // potentially caused by the captive portal. | 530 // potentially caused by the captive portal. |
| 520 captive_portal_detected_ = captive_portal_detected_ || | 531 captive_portal_detected_ = captive_portal_detected_ || |
| 521 (results->result == captive_portal::RESULT_BEHIND_CAPTIVE_PORTAL); | 532 (results->result == captive_portal::RESULT_BEHIND_CAPTIVE_PORTAL); |
| 522 // Also keep track of non-HTTP portals and error cases. | 533 // Also keep track of non-HTTP portals and error cases. |
| 523 captive_portal_no_response_ = captive_portal_no_response_ || | 534 captive_portal_no_response_ = captive_portal_no_response_ || |
| 524 (results->result == captive_portal::RESULT_NO_RESPONSE); | 535 (results->result == captive_portal::RESULT_NO_RESPONSE); |
| 525 } | 536 } |
| 526 #endif | 537 #endif |
| 527 } | 538 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1223233002:
Common Name Mismatch Handler For WWW Subdomain Mismatch case (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master