Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(127)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/http/transport_security_persister.cc

Issue 1249823002: Revert of Parse HPKP report-uri and persist in TransportSecurityPersister (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/http/http_util_unittest.cc ('k') | net/http/transport_security_persister_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/http/transport_security_persister.h" 5 #include "net/http/transport_security_persister.h"
6 6
7 #include "base/base64.h" 7 #include "base/base64.h"
8 #include "base/bind.h" 8 #include "base/bind.h"
9 #include "base/files/file_path.h" 9 #include "base/files/file_path.h"
10 #include "base/files/file_util.h" 10 #include "base/files/file_util.h"
(...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after
70 const char kExpiry[] = "expiry"; 70 const char kExpiry[] = "expiry";
71 const char kDynamicSPKIHashesExpiry[] = "dynamic_spki_hashes_expiry"; 71 const char kDynamicSPKIHashesExpiry[] = "dynamic_spki_hashes_expiry";
72 const char kDynamicSPKIHashes[] = "dynamic_spki_hashes"; 72 const char kDynamicSPKIHashes[] = "dynamic_spki_hashes";
73 const char kForceHTTPS[] = "force-https"; 73 const char kForceHTTPS[] = "force-https";
74 const char kStrict[] = "strict"; 74 const char kStrict[] = "strict";
75 const char kDefault[] = "default"; 75 const char kDefault[] = "default";
76 const char kPinningOnly[] = "pinning-only"; 76 const char kPinningOnly[] = "pinning-only";
77 const char kCreated[] = "created"; 77 const char kCreated[] = "created";
78 const char kStsObserved[] = "sts_observed"; 78 const char kStsObserved[] = "sts_observed";
79 const char kPkpObserved[] = "pkp_observed"; 79 const char kPkpObserved[] = "pkp_observed";
80 const char kReportUri[] = "report-uri";
81 80
82 std::string LoadState(const base::FilePath& path) { 81 std::string LoadState(const base::FilePath& path) {
83 std::string result; 82 std::string result;
84 if (!base::ReadFileToString(path, &result)) { 83 if (!base::ReadFileToString(path, &result)) {
85 return ""; 84 return "";
86 } 85 }
87 return result; 86 return result;
88 } 87 }
89 88
90 } // namespace 89 } // namespace
(...skipping 95 matching lines...) Expand 10 before | Expand all | Expand 10 after
186 185
187 serialized->SetBoolean(kPkpIncludeSubdomains, pkp_state.include_subdomains); 186 serialized->SetBoolean(kPkpIncludeSubdomains, pkp_state.include_subdomains);
188 serialized->SetDouble(kPkpObserved, pkp_state.last_observed.ToDoubleT()); 187 serialized->SetDouble(kPkpObserved, pkp_state.last_observed.ToDoubleT());
189 serialized->SetDouble(kDynamicSPKIHashesExpiry, 188 serialized->SetDouble(kDynamicSPKIHashesExpiry,
190 pkp_state.expiry.ToDoubleT()); 189 pkp_state.expiry.ToDoubleT());
191 190
192 if (now < pkp_state.expiry) { 191 if (now < pkp_state.expiry) {
193 serialized->Set(kDynamicSPKIHashes, 192 serialized->Set(kDynamicSPKIHashes,
194 SPKIHashesToListValue(pkp_state.spki_hashes)); 193 SPKIHashesToListValue(pkp_state.spki_hashes));
195 } 194 }
196
197 serialized->SetString(kReportUri, pkp_state.report_uri.spec());
198 } 195 }
199 196
200 base::JSONWriter::WriteWithOptions( 197 base::JSONWriter::WriteWithOptions(
201 toplevel, base::JSONWriter::OPTIONS_PRETTY_PRINT, output); 198 toplevel, base::JSONWriter::OPTIONS_PRETTY_PRINT, output);
202 return true; 199 return true;
203 } 200 }
204 201
205 bool TransportSecurityPersister::LoadEntries(const std::string& serialized, 202 bool TransportSecurityPersister::LoadEntries(const std::string& serialized,
206 bool* dirty) { 203 bool* dirty) {
207 DCHECK(foreground_runner_->RunsTasksOnCurrentThread()); 204 DCHECK(foreground_runner_->RunsTasksOnCurrentThread());
(...skipping 70 matching lines...) Expand 10 before | Expand all | Expand 10 after
278 } else { 275 } else {
279 LOG(WARNING) << "Unknown TransportSecurityState mode string " 276 LOG(WARNING) << "Unknown TransportSecurityState mode string "
280 << mode_string << " found for entry " << i.key() 277 << mode_string << " found for entry " << i.key()
281 << "; skipping entry"; 278 << "; skipping entry";
282 continue; 279 continue;
283 } 280 }
284 281
285 sts_state.expiry = base::Time::FromDoubleT(expiry); 282 sts_state.expiry = base::Time::FromDoubleT(expiry);
286 pkp_state.expiry = base::Time::FromDoubleT(dynamic_spki_hashes_expiry); 283 pkp_state.expiry = base::Time::FromDoubleT(dynamic_spki_hashes_expiry);
287 284
288 // Don't fail if this key is not present.
289 std::string report_uri_str;
290 parsed->GetString(kReportUri, &report_uri_str);
291 GURL report_uri(report_uri_str);
292 if (report_uri.is_valid())
293 pkp_state.report_uri = report_uri;
294
295 double sts_observed; 285 double sts_observed;
296 double pkp_observed; 286 double pkp_observed;
297 if (parsed->GetDouble(kStsObserved, &sts_observed)) { 287 if (parsed->GetDouble(kStsObserved, &sts_observed)) {
298 sts_state.last_observed = base::Time::FromDoubleT(sts_observed); 288 sts_state.last_observed = base::Time::FromDoubleT(sts_observed);
299 } else if (parsed->GetDouble(kCreated, &sts_observed)) { 289 } else if (parsed->GetDouble(kCreated, &sts_observed)) {
300 // kCreated is a legacy synonym for both kStsObserved and kPkpObserved. 290 // kCreated is a legacy synonym for both kStsObserved and kPkpObserved.
301 sts_state.last_observed = base::Time::FromDoubleT(sts_observed); 291 sts_state.last_observed = base::Time::FromDoubleT(sts_observed);
302 } else { 292 } else {
303 // We're migrating an old entry with no observation date. Make sure we 293 // We're migrating an old entry with no observation date. Make sure we
304 // write the new date back in a reasonable time frame. 294 // write the new date back in a reasonable time frame.
(...skipping 63 matching lines...) Expand 10 before | Expand all | Expand 10 after
368 bool dirty = false; 358 bool dirty = false;
369 if (!LoadEntries(state, &dirty)) { 359 if (!LoadEntries(state, &dirty)) {
370 LOG(ERROR) << "Failed to deserialize state: " << state; 360 LOG(ERROR) << "Failed to deserialize state: " << state;
371 return; 361 return;
372 } 362 }
373 if (dirty) 363 if (dirty)
374 StateIsDirty(transport_security_state_); 364 StateIsDirty(transport_security_state_);
375 } 365 }
376 366
377 } // namespace net 367 } // namespace net
OLDNEW
« no previous file with comments | « net/http/http_util_unittest.cc ('k') | net/http/transport_security_persister_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698