| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/transport_security_state.h" | 5 #include "net/http/transport_security_state.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 #include <utility> |
| 8 | 9 |
| 9 #include "base/base64.h" | 10 #include "base/base64.h" |
| 10 #include "base/build_time.h" | 11 #include "base/build_time.h" |
| 11 #include "base/json/json_writer.h" | 12 #include "base/json/json_writer.h" |
| 12 #include "base/logging.h" | 13 #include "base/logging.h" |
| 13 #include "base/memory/scoped_ptr.h" | 14 #include "base/memory/scoped_ptr.h" |
| 14 #include "base/metrics/histogram_macros.h" | 15 #include "base/metrics/histogram_macros.h" |
| 15 #include "base/metrics/sparse_histogram.h" | 16 #include "base/metrics/sparse_histogram.h" |
| 16 #include "base/sha1.h" | 17 #include "base/sha1.h" |
| 17 #include "base/strings/string_number_conversions.h" | 18 #include "base/strings/string_number_conversions.h" |
| (...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 51 const net::X509Certificate* cert_chain) { | 52 const net::X509Certificate* cert_chain) { |
| 52 if (!cert_chain) | 53 if (!cert_chain) |
| 53 return make_scoped_ptr(new base::ListValue()); | 54 return make_scoped_ptr(new base::ListValue()); |
| 54 | 55 |
| 55 scoped_ptr<base::ListValue> result(new base::ListValue()); | 56 scoped_ptr<base::ListValue> result(new base::ListValue()); |
| 56 std::vector<std::string> pem_encoded_chain; | 57 std::vector<std::string> pem_encoded_chain; |
| 57 cert_chain->GetPEMEncodedChain(&pem_encoded_chain); | 58 cert_chain->GetPEMEncodedChain(&pem_encoded_chain); |
| 58 for (const std::string& cert : pem_encoded_chain) | 59 for (const std::string& cert : pem_encoded_chain) |
| 59 result->Append(make_scoped_ptr(new base::StringValue(cert))); | 60 result->Append(make_scoped_ptr(new base::StringValue(cert))); |
| 60 | 61 |
| 61 return result.Pass(); | 62 return result; |
| 62 } | 63 } |
| 63 | 64 |
| 64 bool HashReportForCache(const base::DictionaryValue& report, | 65 bool HashReportForCache(const base::DictionaryValue& report, |
| 65 const GURL& report_uri, | 66 const GURL& report_uri, |
| 66 std::string* cache_key) { | 67 std::string* cache_key) { |
| 67 char hashed[crypto::kSHA256Length]; | 68 char hashed[crypto::kSHA256Length]; |
| 68 std::string to_hash; | 69 std::string to_hash; |
| 69 if (!base::JSONWriter::Write(report, &to_hash)) | 70 if (!base::JSONWriter::Write(report, &to_hash)) |
| 70 return false; | 71 return false; |
| 71 to_hash += "," + report_uri.spec(); | 72 to_hash += "," + report_uri.spec(); |
| (...skipping 17 matching lines...) Expand all Loading... |
| 89 base::Time now = base::Time::Now(); | 90 base::Time now = base::Time::Now(); |
| 90 report.SetString("hostname", host_port_pair.host()); | 91 report.SetString("hostname", host_port_pair.host()); |
| 91 report.SetInteger("port", host_port_pair.port()); | 92 report.SetInteger("port", host_port_pair.port()); |
| 92 report.SetBoolean("include-subdomains", pkp_state.include_subdomains); | 93 report.SetBoolean("include-subdomains", pkp_state.include_subdomains); |
| 93 report.SetString("noted-hostname", pkp_state.domain); | 94 report.SetString("noted-hostname", pkp_state.domain); |
| 94 | 95 |
| 95 scoped_ptr<base::ListValue> served_certificate_chain_list = | 96 scoped_ptr<base::ListValue> served_certificate_chain_list = |
| 96 GetPEMEncodedChainAsList(served_certificate_chain); | 97 GetPEMEncodedChainAsList(served_certificate_chain); |
| 97 scoped_ptr<base::ListValue> validated_certificate_chain_list = | 98 scoped_ptr<base::ListValue> validated_certificate_chain_list = |
| 98 GetPEMEncodedChainAsList(validated_certificate_chain); | 99 GetPEMEncodedChainAsList(validated_certificate_chain); |
| 99 report.Set("served-certificate-chain", served_certificate_chain_list.Pass()); | 100 report.Set("served-certificate-chain", |
| 101 std::move(served_certificate_chain_list)); |
| 100 report.Set("validated-certificate-chain", | 102 report.Set("validated-certificate-chain", |
| 101 validated_certificate_chain_list.Pass()); | 103 std::move(validated_certificate_chain_list)); |
| 102 | 104 |
| 103 scoped_ptr<base::ListValue> known_pin_list(new base::ListValue()); | 105 scoped_ptr<base::ListValue> known_pin_list(new base::ListValue()); |
| 104 for (const auto& hash_value : pkp_state.spki_hashes) { | 106 for (const auto& hash_value : pkp_state.spki_hashes) { |
| 105 std::string known_pin; | 107 std::string known_pin; |
| 106 | 108 |
| 107 switch (hash_value.tag) { | 109 switch (hash_value.tag) { |
| 108 case HASH_VALUE_SHA1: | 110 case HASH_VALUE_SHA1: |
| 109 known_pin += "pin-sha1="; | 111 known_pin += "pin-sha1="; |
| 110 break; | 112 break; |
| 111 case HASH_VALUE_SHA256: | 113 case HASH_VALUE_SHA256: |
| 112 known_pin += "pin-sha256="; | 114 known_pin += "pin-sha256="; |
| 113 break; | 115 break; |
| 114 } | 116 } |
| 115 | 117 |
| 116 std::string base64_value; | 118 std::string base64_value; |
| 117 base::Base64Encode( | 119 base::Base64Encode( |
| 118 base::StringPiece(reinterpret_cast<const char*>(hash_value.data()), | 120 base::StringPiece(reinterpret_cast<const char*>(hash_value.data()), |
| 119 hash_value.size()), | 121 hash_value.size()), |
| 120 &base64_value); | 122 &base64_value); |
| 121 known_pin += "\"" + base64_value + "\""; | 123 known_pin += "\"" + base64_value + "\""; |
| 122 | 124 |
| 123 known_pin_list->Append( | 125 known_pin_list->Append( |
| 124 scoped_ptr<base::Value>(new base::StringValue(known_pin))); | 126 scoped_ptr<base::Value>(new base::StringValue(known_pin))); |
| 125 } | 127 } |
| 126 | 128 |
| 127 report.Set("known-pins", known_pin_list.Pass()); | 129 report.Set("known-pins", std::move(known_pin_list)); |
| 128 | 130 |
| 129 // For the sent reports cache, do not include the effective expiration | 131 // For the sent reports cache, do not include the effective expiration |
| 130 // date. The expiration date will likely change every time the user | 132 // date. The expiration date will likely change every time the user |
| 131 // visits the site, so it would prevent reports from being effectively | 133 // visits the site, so it would prevent reports from being effectively |
| 132 // deduplicated. | 134 // deduplicated. |
| 133 if (!HashReportForCache(report, pkp_state.report_uri, cache_key)) { | 135 if (!HashReportForCache(report, pkp_state.report_uri, cache_key)) { |
| 134 LOG(ERROR) << "Failed to compute cache key for HPKP violation report."; | 136 LOG(ERROR) << "Failed to compute cache key for HPKP violation report."; |
| 135 return false; | 137 return false; |
| 136 } | 138 } |
| 137 | 139 |
| (...skipping 1159 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1297 TransportSecurityState::PKPStateIterator::PKPStateIterator( | 1299 TransportSecurityState::PKPStateIterator::PKPStateIterator( |
| 1298 const TransportSecurityState& state) | 1300 const TransportSecurityState& state) |
| 1299 : iterator_(state.enabled_pkp_hosts_.begin()), | 1301 : iterator_(state.enabled_pkp_hosts_.begin()), |
| 1300 end_(state.enabled_pkp_hosts_.end()) { | 1302 end_(state.enabled_pkp_hosts_.end()) { |
| 1301 } | 1303 } |
| 1302 | 1304 |
| 1303 TransportSecurityState::PKPStateIterator::~PKPStateIterator() { | 1305 TransportSecurityState::PKPStateIterator::~PKPStateIterator() { |
| 1304 } | 1306 } |
| 1305 | 1307 |
| 1306 } // namespace | 1308 } // namespace |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1545233002:
Convert Pass()→std::move() in //net (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master