OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/http/transport_security_state.h" | 5 #include "net/http/transport_security_state.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <utility> | 8 #include <utility> |
9 | 9 |
10 #include "base/base64.h" | 10 #include "base/base64.h" |
(...skipping 991 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1002 } | 1002 } |
1003 | 1003 |
1004 DCHECK(result.domain_id != DOMAIN_NOT_PINNED); | 1004 DCHECK(result.domain_id != DOMAIN_NOT_PINNED); |
1005 | 1005 |
1006 UMA_HISTOGRAM_SPARSE_SLOWLY( | 1006 UMA_HISTOGRAM_SPARSE_SLOWLY( |
1007 "Net.PublicKeyPinFailureDomain", result.domain_id); | 1007 "Net.PublicKeyPinFailureDomain", result.domain_id); |
1008 } | 1008 } |
1009 | 1009 |
1010 // static | 1010 // static |
1011 bool TransportSecurityState::IsBuildTimely() { | 1011 bool TransportSecurityState::IsBuildTimely() { |
1012 // If the build metadata aren't embedded in the binary then we can't use the | |
1013 // build time to determine if the build is timely, return true by default. If | |
1014 // we're building an official build then keep using the build time, even if | |
1015 // it's invalid it'd be a date in the past and this function will return | |
1016 // false. | |
1017 #if defined(DONT_EMBED_BUILD_METADATA) && !defined(OFFICIAL_BUILD) | |
1018 return true; | |
1019 #else | |
1020 const base::Time build_time = base::GetBuildTime(); | 1012 const base::Time build_time = base::GetBuildTime(); |
1021 // We consider built-in information to be timely for 10 weeks. | 1013 // We consider built-in information to be timely for 10 weeks. |
1022 return (base::Time::Now() - build_time).InDays() < 70 /* 10 weeks */; | 1014 return (base::Time::Now() - build_time).InDays() < 70 /* 10 weeks */; |
1023 #endif | |
1024 } | 1015 } |
1025 | 1016 |
1026 bool TransportSecurityState::CheckPublicKeyPinsImpl( | 1017 bool TransportSecurityState::CheckPublicKeyPinsImpl( |
1027 const HostPortPair& host_port_pair, | 1018 const HostPortPair& host_port_pair, |
1028 const HashValueVector& hashes, | 1019 const HashValueVector& hashes, |
1029 const X509Certificate* served_certificate_chain, | 1020 const X509Certificate* served_certificate_chain, |
1030 const X509Certificate* validated_certificate_chain, | 1021 const X509Certificate* validated_certificate_chain, |
1031 const PublicKeyPinReportStatus report_status, | 1022 const PublicKeyPinReportStatus report_status, |
1032 std::string* failure_log) { | 1023 std::string* failure_log) { |
1033 PKPState pkp_state; | 1024 PKPState pkp_state; |
(...skipping 284 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1318 TransportSecurityState::PKPStateIterator::PKPStateIterator( | 1309 TransportSecurityState::PKPStateIterator::PKPStateIterator( |
1319 const TransportSecurityState& state) | 1310 const TransportSecurityState& state) |
1320 : iterator_(state.enabled_pkp_hosts_.begin()), | 1311 : iterator_(state.enabled_pkp_hosts_.begin()), |
1321 end_(state.enabled_pkp_hosts_.end()) { | 1312 end_(state.enabled_pkp_hosts_.end()) { |
1322 } | 1313 } |
1323 | 1314 |
1324 TransportSecurityState::PKPStateIterator::~PKPStateIterator() { | 1315 TransportSecurityState::PKPStateIterator::~PKPStateIterator() { |
1325 } | 1316 } |
1326 | 1317 |
1327 } // namespace | 1318 } // namespace |
OLD | NEW |