OLD | NEW |
---|---|
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_ | 5 #ifndef COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_ |
6 #define COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_ | 6 #define COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_ |
7 | 7 |
8 #include <string> | 8 #include <string> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
11 namespace base { | 11 namespace base { |
12 class Time; | 12 class Time; |
13 } | 13 } |
14 | 14 |
15 class GURL; | 15 class GURL; |
16 | 16 |
17 namespace net { | 17 namespace net { |
18 class X509Certificate; | 18 class X509Certificate; |
19 } | 19 } |
20 | 20 |
21 namespace network_time { | |
22 class NetworkTimeTracker; | |
23 } | |
24 | |
21 namespace ssl_errors { | 25 namespace ssl_errors { |
22 | 26 |
23 typedef std::vector<std::string> HostnameTokens; | 27 typedef std::vector<std::string> HostnameTokens; |
24 | 28 |
25 // Methods for identifying specific error causes. ------------------------------ | 29 // Methods for identifying specific error causes. ------------------------------ |
26 | 30 |
27 // Returns true if the system time is in the past. | 31 // What is known about the accuracy of system clock. Do not change or |
28 bool IsUserClockInThePast(const base::Time& time_now); | 32 // reorder; these values are used in an UMA histogram. |
33 enum ClockState { | |
34 // Not known whether system clock is close enough. | |
35 CLOCK_STATE_UNKNOWN, | |
29 | 36 |
30 // Returns true if the system time is too far in the future or the user is | 37 // System clock is "close enough", per network time. |
31 // using a version of Chrome which is more than 1 year old. | 38 CLOCK_STATE_OK, |
32 bool IsUserClockInTheFuture(const base::Time& time_now); | 39 |
40 // System clock is behind. | |
41 CLOCK_STATE_PAST, | |
42 | |
43 // System clock is ahead. | |
44 CLOCK_STATE_FUTURE, | |
45 | |
46 CLOCK_STATE_MAX, | |
47 }; | |
48 | |
49 // |CLOCK_STATE| enum. A result from network time, if available, will always be | |
estark
2016/03/16 00:51:36
Is something missing from this comment accidentall
mab
2016/03/17 00:38:09
Fixed, thanks.
| |
50 // preferred to a result from the build time. Calling this function records UMA | |
51 // statistics: it's assumed that it's called in the course of handling an SSL | |
52 // error. | |
53 ClockState GetClockState( | |
54 const base::Time& now_system, | |
55 const network_time::NetworkTimeTracker* network_time_tracker); | |
33 | 56 |
34 // Returns true if |hostname| is too broad for the scope of a wildcard | 57 // Returns true if |hostname| is too broad for the scope of a wildcard |
35 // certificate. E.g.: | 58 // certificate. E.g.: |
36 // a.b.example.com ~ *.example.com --> true | 59 // a.b.example.com ~ *.example.com --> true |
37 // b.example.com ~ *.example.com --> false | 60 // b.example.com ~ *.example.com --> false |
38 bool IsSubDomainOutsideWildcard(const GURL& request_url, | 61 bool IsSubDomainOutsideWildcard(const GURL& request_url, |
39 const net::X509Certificate& cert); | 62 const net::X509Certificate& cert); |
40 | 63 |
41 // Returns true if the certificate is a shared certificate. Note - This | 64 // Returns true if the certificate is a shared certificate. Note - This |
42 // function should be used with caution (only for UMA histogram) as an | 65 // function should be used with caution (only for UMA histogram) as an |
(...skipping 21 matching lines...) Expand all Loading... | |
64 std::string* www_match_host_name); | 87 std::string* www_match_host_name); |
65 | 88 |
66 // Method for recording results. ----------------------------------------------- | 89 // Method for recording results. ----------------------------------------------- |
67 | 90 |
68 void RecordUMAStatistics(bool overridable, | 91 void RecordUMAStatistics(bool overridable, |
69 const base::Time& current_time, | 92 const base::Time& current_time, |
70 const GURL& request_url, | 93 const GURL& request_url, |
71 int cert_error, | 94 int cert_error, |
72 const net::X509Certificate& cert); | 95 const net::X509Certificate& cert); |
73 | 96 |
97 // Specialization of |RecordUMAStatistics| to be used when the bad clock | |
98 // interstitial is shown. |cert_error| is required only for sanity-checking: it | |
99 // must always be |ssl_errors::ErrorInfo::CERT_DATE_INVALID|. | |
100 void RecordUMAStatisticsForClockInterstitial(bool overridable, | |
101 ssl_errors::ClockState clock_state, | |
102 int cert_error); | |
103 | |
74 // Helper methods for classification. ------------------------------------------ | 104 // Helper methods for classification. ------------------------------------------ |
75 | 105 |
76 // Tokenize DNS names and hostnames. | 106 // Tokenize DNS names and hostnames. |
77 HostnameTokens Tokenize(const std::string& name); | 107 HostnameTokens Tokenize(const std::string& name); |
78 | 108 |
79 // Sets a clock for browser tests that check the build time. Used by | 109 // Sets a clock for browser tests that check the build time. Used by |
80 // IsUserClockInThePast and IsUserClockInTheFuture. | 110 // IsUserClockInThePast and IsUserClockInTheFuture. |
81 void SetBuildTimeForTesting(const base::Time& testing_time); | 111 void SetBuildTimeForTesting(const base::Time& testing_time); |
82 | 112 |
83 // Returns true if the hostname has a known Top Level Domain. | 113 // Returns true if the hostname has a known Top Level Domain. |
(...skipping 15 matching lines...) Expand all Loading... | |
99 // appspot.com. | 129 // appspot.com. |
100 bool AnyNamesUnderName(const std::vector<HostnameTokens>& potential_children, | 130 bool AnyNamesUnderName(const std::vector<HostnameTokens>& potential_children, |
101 const HostnameTokens& parent); | 131 const HostnameTokens& parent); |
102 | 132 |
103 // Exposed for teshting. | 133 // Exposed for teshting. |
104 size_t GetLevenshteinDistance(const std::string& str1, const std::string& str2); | 134 size_t GetLevenshteinDistance(const std::string& str1, const std::string& str2); |
105 | 135 |
106 } // namespace ssl_errors | 136 } // namespace ssl_errors |
107 | 137 |
108 #endif // COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_ | 138 #endif // COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_ |
OLD | NEW |