Chromium Code Reviews Chromium Code Reviews
Issue 1355413003:
Move error classification into the ssl_errors component (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_ | |
| 6 #define COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_ | |
| 7 | |
| 8 #include <string> | |
| 9 #include <vector> | |
| 10 | |
| 11 #include "base/gtest_prod_util.h" | |
| 12 #include "base/time/time.h" | |
| 13 #include "net/cert/x509_certificate.h" | |
| 14 #include "url/gurl.h" | |
| 15 | |
| 16 namespace ssl_errors { | |
| 17 | |
| 18 typedef std::vector<std::string> UrlTokens; | |
|
estark
2015/10/02 22:17:21
Not quite sure yet what this will contain but pres
felt
2015/10/05 18:23:07
It can hold either. I was struggling to come up wi
| |
| 19 | |
| 20 // Methods for identifying specific error causes. ------------------------------ | |
| 21 | |
| 22 // Returns true if the system time is in the past. | |
| 23 bool IsUserClockInThePast(const base::Time& time_now); | |
| 24 | |
| 25 // Returns true if the system time is too far in the future or the user is | |
| 26 // using a version of Chrome which is more than 1 year old. | |
| 27 bool IsUserClockInTheFuture(const base::Time& time_now); | |
| 28 | |
| 29 // Returns true if |hostname| is too broad for the scope of a wildcard | |
| 30 // certificate. E.g.: | |
| 31 // a.b.example.com ~ *.example.com --> true | |
| 32 // b.example.com ~ *.example.com --> false | |
| 33 bool IsSubDomainOutsideWildcard(const GURL& request_url, | |
| 34 const net::X509Certificate& cert); | |
| 35 | |
| 36 // Returns true if the certificate is a shared certificate. Note - This | |
| 37 // function should be used with caution (only for UMA histogram) as an | |
| 38 // attacker could easily get a certificate with more than 5 names in the SAN | |
| 39 // fields. | |
| 40 bool IsCertLikelyFromMultiTenantHosting(const GURL& request_url, | |
| 41 const net::X509Certificate& cert); | |
| 42 | |
| 43 // Returns true if the hostname in |request_url_| has the same domain | |
| 44 // (effective TLD + 1 label) as at least one of the subject | |
| 45 // alternative names in |cert_|. | |
| 46 bool IsCertLikelyFromSameDomain(const GURL& request_url, | |
| 47 const net::X509Certificate& cert); | |
| 48 | |
| 49 // Returns true if the site's hostname differs from one of the DNS | |
| 50 // names in the certificate (CN or SANs) only by the presence or | |
| 51 // absence of the single-label prefix "www". E.g.: (The first domain | |
| 52 // is hostname and the second domain is a DNS name in the certificate) | |
| 53 // www.example.com ~ example.com -> true | |
| 54 // example.com ~ www.example.com -> true | |
| 55 // www.food.example.com ~ example.com -> false | |
| 56 // mail.example.com ~ example.com -> false | |
| 57 bool IsWWWSubDomainMatch(const GURL& request_url, | |
| 58 const net::X509Certificate& cert); | |
| 59 | |
| 60 // Provides the output of IsWWWSubDomainMatch() as well as the matching name. | |
| 61 bool GetWWWSubDomainMatch(const GURL& request_url, | |
| 62 const std::vector<std::string>& dns_names, | |
| 63 std::string* www_match_host_name); | |
| 64 | |
| 65 // Method for recording results. ----------------------------------------------- | |
| 66 | |
| 67 void RecordUMAStatistics(bool overridable, | |
| 68 const base::Time& current_time, | |
| 69 const GURL& request_url, | |
| 70 int cert_error, | |
| 71 const net::X509Certificate& cert); | |
| 72 | |
| 73 // Helper methods for classification. ------------------------------------------ | |
| 74 | |
| 75 // Tokenize DNS names and hostnames. | |
| 76 UrlTokens Tokenize(const std::string& name); | |
|
estark
2015/10/02 22:17:21
This doesn't look like it's unit-tested so it shou
felt
2015/10/05 18:23:07
Hmmm, it seems weird to expose UrlTokens but not T
estark
2015/10/06 02:35:41
Ah, yeah, that makes sense. So maybe we can get ri
| |
| 77 | |
| 78 // Sets a clock for browser tests that check the build time. Used by | |
| 79 // IsUserClockInThePast and IsUserClockInTheFuture. | |
| 80 void SetBuildTimeForTesting(const base::Time& testing_time); | |
| 81 | |
| 82 // Returns true if the hostname has a known Top Level Domain. | |
| 83 bool IsHostNameKnownTLD(const std::string& host_name); | |
| 84 | |
| 85 // Returns true if any one of the following conditions hold: | |
| 86 // 1.|hostname| is an IP Address in an IANA-reserved range. | |
| 87 // 2.|hostname| is a not-yet-assigned by ICANN gTLD. | |
| 88 // 3.|hostname| is a dotless domain. | |
| 89 bool IsHostnameNonUniqueOrDotless(const std::string& hostname); | |
|
estark
2015/10/02 22:17:22
Suggestion for (possibly future?) cleanup: this fu
felt
2015/10/05 18:23:07
Follow-up CL
| |
| 90 | |
| 91 // Returns true if |child| is a subdomain of any of the |potential_parents|. | |
| 92 bool NameUnderAnyNames(const UrlTokens& child, | |
| 93 const std::vector<UrlTokens>& potential_parents); | |
| 94 | |
| 95 // Returns true if any of the |potential_children| is a subdomain of the | |
| 96 // |parent|. The inverse case should be treated carefully as this is most | |
| 97 // likely a MITM attack. We don't want foo.appspot.com to be able to MITM for | |
| 98 // appspot.com. | |
| 99 bool AnyNamesUnderName(const std::vector<UrlTokens>& potential_children, | |
| 100 const UrlTokens& parent); | |
| 101 | |
| 102 } // namespace ssl_errors | |
| 103 | |
| 104 #endif // COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_ | |
| OLD | NEW |
