Chromium Code Reviews Chromium Code Reviews
Issue 1313363003:
Expose OpenSSL's key_exchange_info in the content API (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/http_response_info.h" | 5 #include "net/http/http_response_info.h" |
| 6 | 6 |
| 7 #include "base/logging.h" | 7 #include "base/logging.h" |
| 8 #include "base/pickle.h" | 8 #include "base/pickle.h" |
| 9 #include "base/time/time.h" | 9 #include "base/time/time.h" |
| 10 #include "net/base/auth.h" | 10 #include "net/base/auth.h" |
| (...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 49 | 49 |
| 50 // This bit is set if the response info has a cert at the end. | 50 // This bit is set if the response info has a cert at the end. |
| 51 // Version 1 serialized only the end-entity certificate, while subsequent | 51 // Version 1 serialized only the end-entity certificate, while subsequent |
| 52 // versions include the available certificate chain. | 52 // versions include the available certificate chain. |
| 53 RESPONSE_INFO_HAS_CERT = 1 << 8, | 53 RESPONSE_INFO_HAS_CERT = 1 << 8, |
| 54 | 54 |
| 55 // This bit is set if the response info has a security-bits field (security | 55 // This bit is set if the response info has a security-bits field (security |
| 56 // strength, in bits, of the SSL connection) at the end. | 56 // strength, in bits, of the SSL connection) at the end. |
| 57 RESPONSE_INFO_HAS_SECURITY_BITS = 1 << 9, | 57 RESPONSE_INFO_HAS_SECURITY_BITS = 1 << 9, |
| 58 | 58 |
| 59 // This bit is set if the response has a key-exchange-info field at the end. | |
| 60 RESPONSE_INFO_HAS_KEY_EXCHANGE_INFO = 1 << 10, | |
|
Ryan Sleevi
2015/08/28 00:25:04
Renumbering these breaks the cache, since we seria
sigbjorn
2015/08/28 09:32:00
Done.
| |
| 61 | |
| 59 // This bit is set if the response info has a cert status at the end. | 62 // This bit is set if the response info has a cert status at the end. |
| 60 RESPONSE_INFO_HAS_CERT_STATUS = 1 << 10, | 63 RESPONSE_INFO_HAS_CERT_STATUS = 1 << 11, |
| 61 | 64 |
| 62 // This bit is set if the response info has vary header data. | 65 // This bit is set if the response info has vary header data. |
| 63 RESPONSE_INFO_HAS_VARY_DATA = 1 << 11, | 66 RESPONSE_INFO_HAS_VARY_DATA = 1 << 12, |
| 64 | 67 |
| 65 // This bit is set if the request was cancelled before completion. | 68 // This bit is set if the request was cancelled before completion. |
| 66 RESPONSE_INFO_TRUNCATED = 1 << 12, | 69 RESPONSE_INFO_TRUNCATED = 1 << 13, |
| 67 | 70 |
| 68 // This bit is set if the response was received via SPDY. | 71 // This bit is set if the response was received via SPDY. |
| 69 RESPONSE_INFO_WAS_SPDY = 1 << 13, | 72 RESPONSE_INFO_WAS_SPDY = 1 << 14, |
| 70 | 73 |
| 71 // This bit is set if the request has NPN negotiated. | 74 // This bit is set if the request has NPN negotiated. |
| 72 RESPONSE_INFO_WAS_NPN = 1 << 14, | 75 RESPONSE_INFO_WAS_NPN = 1 << 15, |
| 73 | 76 |
| 74 // This bit is set if the request was fetched via an explicit proxy. | 77 // This bit is set if the request was fetched via an explicit proxy. |
| 75 RESPONSE_INFO_WAS_PROXY = 1 << 15, | 78 RESPONSE_INFO_WAS_PROXY = 1 << 16, |
| 76 | 79 |
| 77 // This bit is set if the response info has an SSL connection status field. | 80 // This bit is set if the response info has an SSL connection status field. |
| 78 // This contains the ciphersuite used to fetch the resource as well as the | 81 // This contains the ciphersuite used to fetch the resource as well as the |
| 79 // protocol version, compression method and whether SSLv3 fallback was used. | 82 // protocol version, compression method and whether SSLv3 fallback was used. |
| 80 RESPONSE_INFO_HAS_SSL_CONNECTION_STATUS = 1 << 16, | 83 RESPONSE_INFO_HAS_SSL_CONNECTION_STATUS = 1 << 17, |
| 81 | 84 |
| 82 // This bit is set if the response info has protocol version. | 85 // This bit is set if the response info has protocol version. |
| 83 RESPONSE_INFO_HAS_NPN_NEGOTIATED_PROTOCOL = 1 << 17, | 86 RESPONSE_INFO_HAS_NPN_NEGOTIATED_PROTOCOL = 1 << 18, |
| 84 | 87 |
| 85 // This bit is set if the response info has connection info. | 88 // This bit is set if the response info has connection info. |
| 86 RESPONSE_INFO_HAS_CONNECTION_INFO = 1 << 18, | 89 RESPONSE_INFO_HAS_CONNECTION_INFO = 1 << 19, |
| 87 | 90 |
| 88 // This bit is set if the request has http authentication. | 91 // This bit is set if the request has http authentication. |
| 89 RESPONSE_INFO_USE_HTTP_AUTHENTICATION = 1 << 19, | 92 RESPONSE_INFO_USE_HTTP_AUTHENTICATION = 1 << 20, |
| 90 | 93 |
| 91 // This bit is set if ssl_info has SCTs. | 94 // This bit is set if ssl_info has SCTs. |
| 92 RESPONSE_INFO_HAS_SIGNED_CERTIFICATE_TIMESTAMPS = 1 << 20, | 95 RESPONSE_INFO_HAS_SIGNED_CERTIFICATE_TIMESTAMPS = 1 << 21, |
| 93 | 96 |
| 94 RESPONSE_INFO_UNUSED_SINCE_PREFETCH = 1 << 21, | 97 RESPONSE_INFO_UNUSED_SINCE_PREFETCH = 1 << 22, |
| 95 | 98 |
| 96 // TODO(darin): Add other bits to indicate alternate request methods. | 99 // TODO(darin): Add other bits to indicate alternate request methods. |
| 97 // For now, we don't support storing those. | 100 // For now, we don't support storing those. |
| 98 }; | 101 }; |
| 99 | 102 |
| 100 HttpResponseInfo::HttpResponseInfo() | 103 HttpResponseInfo::HttpResponseInfo() |
| 101 : was_cached(false), | 104 : was_cached(false), |
| 102 server_data_unavailable(false), | 105 server_data_unavailable(false), |
| 103 network_accessed(false), | 106 network_accessed(false), |
| 104 was_fetched_via_spdy(false), | 107 was_fetched_via_spdy(false), |
| (...skipping 99 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 204 if (!iter.ReadUInt32(&cert_status)) | 207 if (!iter.ReadUInt32(&cert_status)) |
| 205 return false; | 208 return false; |
| 206 ssl_info.cert_status = cert_status; | 209 ssl_info.cert_status = cert_status; |
| 207 } | 210 } |
| 208 if (flags & RESPONSE_INFO_HAS_SECURITY_BITS) { | 211 if (flags & RESPONSE_INFO_HAS_SECURITY_BITS) { |
| 209 int security_bits; | 212 int security_bits; |
| 210 if (!iter.ReadInt(&security_bits)) | 213 if (!iter.ReadInt(&security_bits)) |
| 211 return false; | 214 return false; |
| 212 ssl_info.security_bits = security_bits; | 215 ssl_info.security_bits = security_bits; |
| 213 } | 216 } |
| 217 if (flags & RESPONSE_INFO_HAS_KEY_EXCHANGE_INFO) { | |
| 218 int key_exchange_info; | |
| 219 if (!iter.ReadInt(&key_exchange_info)) | |
| 220 return false; | |
| 221 ssl_info.key_exchange_info = key_exchange_info; | |
| 222 } | |
| 214 | 223 |
| 215 if (flags & RESPONSE_INFO_HAS_SSL_CONNECTION_STATUS) { | 224 if (flags & RESPONSE_INFO_HAS_SSL_CONNECTION_STATUS) { |
| 216 int connection_status; | 225 int connection_status; |
| 217 if (!iter.ReadInt(&connection_status)) | 226 if (!iter.ReadInt(&connection_status)) |
| 218 return false; | 227 return false; |
| 219 ssl_info.connection_status = connection_status; | 228 ssl_info.connection_status = connection_status; |
| 220 } | 229 } |
| 221 | 230 |
| 222 if (flags & RESPONSE_INFO_HAS_SIGNED_CERTIFICATE_TIMESTAMPS) { | 231 if (flags & RESPONSE_INFO_HAS_SIGNED_CERTIFICATE_TIMESTAMPS) { |
| 223 int num_scts; | 232 int num_scts; |
| (...skipping 66 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 290 | 299 |
| 291 void HttpResponseInfo::Persist(base::Pickle* pickle, | 300 void HttpResponseInfo::Persist(base::Pickle* pickle, |
| 292 bool skip_transient_headers, | 301 bool skip_transient_headers, |
| 293 bool response_truncated) const { | 302 bool response_truncated) const { |
| 294 int flags = RESPONSE_INFO_VERSION; | 303 int flags = RESPONSE_INFO_VERSION; |
| 295 if (ssl_info.is_valid()) { | 304 if (ssl_info.is_valid()) { |
| 296 flags |= RESPONSE_INFO_HAS_CERT; | 305 flags |= RESPONSE_INFO_HAS_CERT; |
| 297 flags |= RESPONSE_INFO_HAS_CERT_STATUS; | 306 flags |= RESPONSE_INFO_HAS_CERT_STATUS; |
| 298 if (ssl_info.security_bits != -1) | 307 if (ssl_info.security_bits != -1) |
| 299 flags |= RESPONSE_INFO_HAS_SECURITY_BITS; | 308 flags |= RESPONSE_INFO_HAS_SECURITY_BITS; |
| 309 if (ssl_info.key_exchange_info != 0) | |
| 310 flags |= RESPONSE_INFO_HAS_KEY_EXCHANGE_INFO; | |
| 300 if (ssl_info.connection_status != 0) | 311 if (ssl_info.connection_status != 0) |
| 301 flags |= RESPONSE_INFO_HAS_SSL_CONNECTION_STATUS; | 312 flags |= RESPONSE_INFO_HAS_SSL_CONNECTION_STATUS; |
| 302 } | 313 } |
| 303 if (vary_data.is_valid()) | 314 if (vary_data.is_valid()) |
| 304 flags |= RESPONSE_INFO_HAS_VARY_DATA; | 315 flags |= RESPONSE_INFO_HAS_VARY_DATA; |
| 305 if (response_truncated) | 316 if (response_truncated) |
| 306 flags |= RESPONSE_INFO_TRUNCATED; | 317 flags |= RESPONSE_INFO_TRUNCATED; |
| 307 if (was_fetched_via_spdy) | 318 if (was_fetched_via_spdy) |
| 308 flags |= RESPONSE_INFO_WAS_SPDY; | 319 flags |= RESPONSE_INFO_WAS_SPDY; |
| 309 if (was_npn_negotiated) { | 320 if (was_npn_negotiated) { |
| (...skipping 27 matching lines...) Expand all Loading... | |
| 337 HttpResponseHeaders::PERSIST_SANS_SECURITY_STATE; | 348 HttpResponseHeaders::PERSIST_SANS_SECURITY_STATE; |
| 338 } | 349 } |
| 339 | 350 |
| 340 headers->Persist(pickle, persist_options); | 351 headers->Persist(pickle, persist_options); |
| 341 | 352 |
| 342 if (ssl_info.is_valid()) { | 353 if (ssl_info.is_valid()) { |
| 343 ssl_info.cert->Persist(pickle); | 354 ssl_info.cert->Persist(pickle); |
| 344 pickle->WriteUInt32(ssl_info.cert_status); | 355 pickle->WriteUInt32(ssl_info.cert_status); |
| 345 if (ssl_info.security_bits != -1) | 356 if (ssl_info.security_bits != -1) |
| 346 pickle->WriteInt(ssl_info.security_bits); | 357 pickle->WriteInt(ssl_info.security_bits); |
| 358 if (ssl_info.key_exchange_info != 0) | |
| 359 pickle->WriteInt(ssl_info.key_exchange_info); | |
| 347 if (ssl_info.connection_status != 0) | 360 if (ssl_info.connection_status != 0) |
| 348 pickle->WriteInt(ssl_info.connection_status); | 361 pickle->WriteInt(ssl_info.connection_status); |
| 349 if (!ssl_info.signed_certificate_timestamps.empty()) { | 362 if (!ssl_info.signed_certificate_timestamps.empty()) { |
| 350 pickle->WriteInt(ssl_info.signed_certificate_timestamps.size()); | 363 pickle->WriteInt(ssl_info.signed_certificate_timestamps.size()); |
| 351 for (SignedCertificateTimestampAndStatusList::const_iterator it = | 364 for (SignedCertificateTimestampAndStatusList::const_iterator it = |
| 352 ssl_info.signed_certificate_timestamps.begin(); it != | 365 ssl_info.signed_certificate_timestamps.begin(); it != |
| 353 ssl_info.signed_certificate_timestamps.end(); ++it) { | 366 ssl_info.signed_certificate_timestamps.end(); ++it) { |
| 354 it->sct->Persist(pickle); | 367 it->sct->Persist(pickle); |
| 355 pickle->WriteUInt16(static_cast<uint16>(it->status)); | 368 pickle->WriteUInt16(static_cast<uint16>(it->status)); |
| 356 } | 369 } |
| (...skipping 63 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 420 case CONNECTION_INFO_QUIC1_SPDY3: | 433 case CONNECTION_INFO_QUIC1_SPDY3: |
| 421 return "quic/1+spdy/3"; | 434 return "quic/1+spdy/3"; |
| 422 case NUM_OF_CONNECTION_INFOS: | 435 case NUM_OF_CONNECTION_INFOS: |
| 423 break; | 436 break; |
| 424 } | 437 } |
| 425 NOTREACHED(); | 438 NOTREACHED(); |
| 426 return ""; | 439 return ""; |
| 427 } | 440 } |
| 428 | 441 |
| 429 } // namespace net | 442 } // namespace net |
| OLD | NEW |
