Chromium Code Reviews Chromium Code Reviews
Issue 14125003:
Do not roll back to SSL 3.0 for Google properties. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_HTTP_TRANSPORT_SECURITY_STATE_H_ | 5 #ifndef NET_HTTP_TRANSPORT_SECURITY_STATE_H_ |
| 6 #define NET_HTTP_TRANSPORT_SECURITY_STATE_H_ | 6 #define NET_HTTP_TRANSPORT_SECURITY_STATE_H_ |
| 7 | 7 |
| 8 #include <map> | 8 #include <map> |
| 9 #include <string> | 9 #include <string> |
| 10 #include <utility> | 10 #include <utility> |
| 11 #include <vector> | 11 #include <vector> |
| 12 | 12 |
| 13 #include "base/basictypes.h" | 13 #include "base/basictypes.h" |
| 14 #include "base/gtest_prod_util.h" | 14 #include "base/gtest_prod_util.h" |
| 15 #include "base/threading/non_thread_safe.h" | 15 #include "base/threading/non_thread_safe.h" |
| 16 #include "base/time.h" | 16 #include "base/time.h" |
| 17 #include "net/base/net_export.h" | 17 #include "net/base/net_export.h" |
| 18 #include "net/cert/x509_cert_types.h" | 18 #include "net/cert/x509_cert_types.h" |
| 19 #include "net/cert/x509_certificate.h" | 19 #include "net/cert/x509_certificate.h" |
| 20 #include "net/ssl/ssl_connection_status_flags.h" | |
| 20 | 21 |
| 21 namespace net { | 22 namespace net { |
| 22 | 23 |
| 23 class SSLInfo; | 24 class SSLInfo; |
| 24 | 25 |
| 25 // Tracks which hosts have enabled strict transport security and/or public | 26 // Tracks which hosts have enabled strict transport security and/or public |
| 26 // key pins. | 27 // key pins. |
| 27 // | 28 // |
| 28 // This object manages the in-memory store. Register a Delegate with | 29 // This object manages the in-memory store. Register a Delegate with |
| 29 // |SetDelegate| to persist the state to disk. | 30 // |SetDelegate| to persist the state to disk. |
| (...skipping 98 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 128 HashValueVector dynamic_spki_hashes; | 129 HashValueVector dynamic_spki_hashes; |
| 129 | 130 |
| 130 // The absolute time (UTC) when the |dynamic_spki_hashes| expire. | 131 // The absolute time (UTC) when the |dynamic_spki_hashes| expire. |
| 131 base::Time dynamic_spki_hashes_expiry; | 132 base::Time dynamic_spki_hashes_expiry; |
| 132 | 133 |
| 133 // Optional; hashes of static known-bad SubjectPublicKeyInfos which | 134 // Optional; hashes of static known-bad SubjectPublicKeyInfos which |
| 134 // MUST NOT intersect with the set of SPKIs in the TLS server's | 135 // MUST NOT intersect with the set of SPKIs in the TLS server's |
| 135 // certificate chain. | 136 // certificate chain. |
| 136 HashValueVector bad_static_spki_hashes; | 137 HashValueVector bad_static_spki_hashes; |
| 137 | 138 |
| 139 // The minimum SSL version that servers serving this domain expect. This | |
| 140 // version can be specified as part of HSTS preloading, or it will be | |
| 141 // extracted from succesfull handshakes. The default value is SSLv3. | |
| 142 // Chrome must not roll back to an older version, even if the connection | |
| 143 // handhsake failed. That is, if the server indicates support of TLS 1.1, | |
| 144 // but the connection fails, then we do not attempt to connect to the | |
| 145 // server using TLS 1.0, but allow the connection to fail. | |
| 146 | |
| 147 // The default value is SSL_CONNECTION_VERSION_3. | |
| 148 // TODO(thaidn): define a HSTS extension for this. | |
| 149 SSL_CONNECTION_VERSION ssl_version_min; | |
| 150 | |
| 138 // The following members are not valid when stored in |enabled_hosts_|: | 151 // The following members are not valid when stored in |enabled_hosts_|: |
| 139 | 152 |
| 140 // The domain which matched during a search for this DomainState entry. | 153 // The domain which matched during a search for this DomainState entry. |
| 141 // Updated by |GetDomainState| and |GetStaticDomainState|. | 154 // Updated by |GetDomainState| and |GetStaticDomainState|. |
| 142 std::string domain; | 155 std::string domain; |
| 143 }; | 156 }; |
| 144 | 157 |
| 145 class NET_EXPORT Iterator { | 158 class NET_EXPORT Iterator { |
| 146 public: | 159 public: |
| 147 explicit Iterator(const TransportSecurityState& state); | 160 explicit Iterator(const TransportSecurityState& state); |
| (...skipping 116 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 264 // to the caller with |GetStaticDomainState|. | 277 // to the caller with |GetStaticDomainState|. |
| 265 static void ReportUMAOnPinFailure(const std::string& host); | 278 static void ReportUMAOnPinFailure(const std::string& host); |
| 266 | 279 |
| 267 // IsBuildTimely returns true if the current build is new enough ensure that | 280 // IsBuildTimely returns true if the current build is new enough ensure that |
| 268 // built in security information (i.e. HSTS preloading and pinning | 281 // built in security information (i.e. HSTS preloading and pinning |
| 269 // information) is timely. | 282 // information) is timely. |
| 270 static bool IsBuildTimely(); | 283 static bool IsBuildTimely(); |
| 271 | 284 |
| 272 private: | 285 private: |
| 273 friend class TransportSecurityStateTest; | 286 friend class TransportSecurityStateTest; |
| 287 friend class SSLClientSocketNSS; | |
|
thaidn_google
2013/04/11 01:31:52
This is ugly. Should I make |EnableHost| public?
| |
| 274 | 288 |
| 275 typedef std::map<std::string, DomainState> DomainStateMap; | 289 typedef std::map<std::string, DomainState> DomainStateMap; |
| 276 | 290 |
| 277 // If a Delegate is present, notify it that the internal state has | 291 // If a Delegate is present, notify it that the internal state has |
| 278 // changed. | 292 // changed. |
| 279 void DirtyNotify(); | 293 void DirtyNotify(); |
| 280 | 294 |
| 281 // Enable TransportSecurity for |host|. |state| supercedes any previous | 295 // Enable TransportSecurity for |host|. |state| supercedes any previous |
| 282 // state for the |host|, including static entries. | 296 // state for the |host|, including static entries. |
| 283 // | 297 // |
| (...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 316 DomainStateMap forced_hosts_; | 330 DomainStateMap forced_hosts_; |
| 317 | 331 |
| 318 Delegate* delegate_; | 332 Delegate* delegate_; |
| 319 | 333 |
| 320 DISALLOW_COPY_AND_ASSIGN(TransportSecurityState); | 334 DISALLOW_COPY_AND_ASSIGN(TransportSecurityState); |
| 321 }; | 335 }; |
| 322 | 336 |
| 323 } // namespace net | 337 } // namespace net |
| 324 | 338 |
| 325 #endif // NET_HTTP_TRANSPORT_SECURITY_STATE_H_ | 339 #endif // NET_HTTP_TRANSPORT_SECURITY_STATE_H_ |
| OLD | NEW |
