Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(77)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: components/ssl_errors/error_classification.h

Issue 1772143002: Use network time for bad clock interstitial. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: estark review 9 Created 4 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« chrome/browser/ssl/bad_clock_blocking_page.cc ('K') | « components/ssl_errors/DEPS ('k') | components/ssl_errors/error_classification.cc » ('j') | components/ssl_errors/error_classification.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_ 5 #ifndef COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_
6 #define COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_ 6 #define COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_
7 7
8 #include <string> 8 #include <string>
9 #include <vector> 9 #include <vector>
10 10
11 namespace base { 11 namespace base {
12 class Time; 12 class Time;
13 } 13 }
14 14
15 class GURL; 15 class GURL;
16 16
17 namespace net { 17 namespace net {
18 class X509Certificate; 18 class X509Certificate;
19 } 19 }
20 20
21 namespace network_time {
22 class NetworkTimeTracker;
23 }
24
21 namespace ssl_errors { 25 namespace ssl_errors {
22 26
23 typedef std::vector<std::string> HostnameTokens; 27 typedef std::vector<std::string> HostnameTokens;
24 28
25 // Methods for identifying specific error causes. ------------------------------ 29 // Methods for identifying specific error causes. ------------------------------
26 30
27 // Returns true if the system time is in the past. 31 // What is known about the accuracy of system clock. Do not change or
28 bool IsUserClockInThePast(const base::Time& time_now); 32 // reorder; these values are used in an UMA histogram.
33 enum ClockState {
34 // Not known whether system clock is close enough.
35 CLOCK_STATE_UNKNOWN,
29 36
30 // Returns true if the system time is too far in the future or the user is 37 // System clock is "close enough", per network time.
31 // using a version of Chrome which is more than 1 year old. 38 CLOCK_STATE_OK,
32 bool IsUserClockInTheFuture(const base::Time& time_now); 39
40 // System clock is behind.
41 CLOCK_STATE_PAST,
42
43 // System clock is ahead.
44 CLOCK_STATE_FUTURE,
45
46 CLOCK_STATE_MAX,
47 };
48
49 // |CLOCK_STATE| enum. A result from network time, if available, will always be
estark 2016/03/16 00:51:36 Is something missing from this comment accidentall
mab 2016/03/17 00:38:09 Fixed, thanks.
50 // preferred to a result from the build time. Calling this function records UMA
51 // statistics: it's assumed that it's called in the course of handling an SSL
52 // error.
53 ClockState GetClockState(
54 const base::Time& now_system,
55 const network_time::NetworkTimeTracker* network_time_tracker);
33 56
34 // Returns true if |hostname| is too broad for the scope of a wildcard 57 // Returns true if |hostname| is too broad for the scope of a wildcard
35 // certificate. E.g.: 58 // certificate. E.g.:
36 // a.b.example.com ~ *.example.com --> true 59 // a.b.example.com ~ *.example.com --> true
37 // b.example.com ~ *.example.com --> false 60 // b.example.com ~ *.example.com --> false
38 bool IsSubDomainOutsideWildcard(const GURL& request_url, 61 bool IsSubDomainOutsideWildcard(const GURL& request_url,
39 const net::X509Certificate& cert); 62 const net::X509Certificate& cert);
40 63
41 // Returns true if the certificate is a shared certificate. Note - This 64 // Returns true if the certificate is a shared certificate. Note - This
42 // function should be used with caution (only for UMA histogram) as an 65 // function should be used with caution (only for UMA histogram) as an
(...skipping 21 matching lines...) Expand all
64 std::string* www_match_host_name); 87 std::string* www_match_host_name);
65 88
66 // Method for recording results. ----------------------------------------------- 89 // Method for recording results. -----------------------------------------------
67 90
68 void RecordUMAStatistics(bool overridable, 91 void RecordUMAStatistics(bool overridable,
69 const base::Time& current_time, 92 const base::Time& current_time,
70 const GURL& request_url, 93 const GURL& request_url,
71 int cert_error, 94 int cert_error,
72 const net::X509Certificate& cert); 95 const net::X509Certificate& cert);
73 96
97 // Specialization of |RecordUMAStatistics| to be used when the bad clock
98 // interstitial is shown. |cert_error| is required only for sanity-checking: it
99 // must always be |ssl_errors::ErrorInfo::CERT_DATE_INVALID|.
100 void RecordUMAStatisticsForClockInterstitial(bool overridable,
101 ssl_errors::ClockState clock_state,
102 int cert_error);
103
74 // Helper methods for classification. ------------------------------------------ 104 // Helper methods for classification. ------------------------------------------
75 105
76 // Tokenize DNS names and hostnames. 106 // Tokenize DNS names and hostnames.
77 HostnameTokens Tokenize(const std::string& name); 107 HostnameTokens Tokenize(const std::string& name);
78 108
79 // Sets a clock for browser tests that check the build time. Used by 109 // Sets a clock for browser tests that check the build time. Used by
80 // IsUserClockInThePast and IsUserClockInTheFuture. 110 // IsUserClockInThePast and IsUserClockInTheFuture.
81 void SetBuildTimeForTesting(const base::Time& testing_time); 111 void SetBuildTimeForTesting(const base::Time& testing_time);
82 112
83 // Returns true if the hostname has a known Top Level Domain. 113 // Returns true if the hostname has a known Top Level Domain.
(...skipping 15 matching lines...) Expand all
99 // appspot.com. 129 // appspot.com.
100 bool AnyNamesUnderName(const std::vector<HostnameTokens>& potential_children, 130 bool AnyNamesUnderName(const std::vector<HostnameTokens>& potential_children,
101 const HostnameTokens& parent); 131 const HostnameTokens& parent);
102 132
103 // Exposed for teshting. 133 // Exposed for teshting.
104 size_t GetLevenshteinDistance(const std::string& str1, const std::string& str2); 134 size_t GetLevenshteinDistance(const std::string& str1, const std::string& str2);
105 135
106 } // namespace ssl_errors 136 } // namespace ssl_errors
107 137
108 #endif // COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_ 138 #endif // COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_
OLDNEW
« chrome/browser/ssl/bad_clock_blocking_page.cc ('K') | « components/ssl_errors/DEPS ('k') | components/ssl_errors/error_classification.cc » ('j') | components/ssl_errors/error_classification.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698