Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(113)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: components/ssl_errors/error_classification.h

Issue 1772143002: Use network time for bad clock interstitial. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: pass "gn check out/Default" Created 4 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « components/ssl_errors/DEPS ('k') | components/ssl_errors/error_classification.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_ 5 #ifndef COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_
6 #define COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_ 6 #define COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_
7 7
8 #include <string> 8 #include <string>
9 #include <vector> 9 #include <vector>
10 10
11 namespace base { 11 namespace base {
12 class Time; 12 class Time;
13 } 13 }
14 14
15 class GURL; 15 class GURL;
16 16
17 namespace net { 17 namespace net {
18 class X509Certificate; 18 class X509Certificate;
19 } 19 }
20 20
21 namespace network_time {
22 class NetworkTimeTracker;
23 }
24
21 namespace ssl_errors { 25 namespace ssl_errors {
22 26
23 typedef std::vector<std::string> HostnameTokens; 27 typedef std::vector<std::string> HostnameTokens;
24 28
25 // Methods for identifying specific error causes. ------------------------------ 29 // Methods for identifying specific error causes. ------------------------------
26 30
27 // Returns true if the system time is in the past. 31 // What is known about the accuracy of system clock. Do not change or
28 bool IsUserClockInThePast(const base::Time& time_now); 32 // reorder; these values are used in an UMA histogram.
33 enum ClockState {
34 // Not known whether system clock is close enough.
35 CLOCK_STATE_UNKNOWN,
29 36
30 // Returns true if the system time is too far in the future or the user is 37 // System clock is "close enough", per network time.
31 // using a version of Chrome which is more than 1 year old. 38 CLOCK_STATE_OK,
32 bool IsUserClockInTheFuture(const base::Time& time_now); 39
40 // System clock is behind.
41 CLOCK_STATE_PAST,
42
43 // System clock is ahead.
44 CLOCK_STATE_FUTURE,
45
46 CLOCK_STATE_MAX,
47 };
48
49 // Compares |now_system| to the build time and to the current network time, and
50 // returns an inference about the state of the system clock. A result from
51 // network time, if available, will always be preferred to a result from the
52 // build time. Calling this function records UMA statistics: it's assumed that
53 // it's called in the course of handling an SSL error.
54 ClockState GetClockState(
55 const base::Time& now_system,
56 const network_time::NetworkTimeTracker* network_time_tracker);
33 57
34 // Returns true if |hostname| is too broad for the scope of a wildcard 58 // Returns true if |hostname| is too broad for the scope of a wildcard
35 // certificate. E.g.: 59 // certificate. E.g.:
36 // a.b.example.com ~ *.example.com --> true 60 // a.b.example.com ~ *.example.com --> true
37 // b.example.com ~ *.example.com --> false 61 // b.example.com ~ *.example.com --> false
38 bool IsSubDomainOutsideWildcard(const GURL& request_url, 62 bool IsSubDomainOutsideWildcard(const GURL& request_url,
39 const net::X509Certificate& cert); 63 const net::X509Certificate& cert);
40 64
41 // Returns true if the certificate is a shared certificate. Note - This 65 // Returns true if the certificate is a shared certificate. Note - This
42 // function should be used with caution (only for UMA histogram) as an 66 // function should be used with caution (only for UMA histogram) as an
(...skipping 21 matching lines...) Expand all
64 std::string* www_match_host_name); 88 std::string* www_match_host_name);
65 89
66 // Method for recording results. ----------------------------------------------- 90 // Method for recording results. -----------------------------------------------
67 91
68 void RecordUMAStatistics(bool overridable, 92 void RecordUMAStatistics(bool overridable,
69 const base::Time& current_time, 93 const base::Time& current_time,
70 const GURL& request_url, 94 const GURL& request_url,
71 int cert_error, 95 int cert_error,
72 const net::X509Certificate& cert); 96 const net::X509Certificate& cert);
73 97
98 // Specialization of |RecordUMAStatistics| to be used when the bad clock
99 // interstitial is shown. |cert_error| is required only for sanity-checking: it
100 // must always be |ssl_errors::ErrorInfo::CERT_DATE_INVALID|.
101 void RecordUMAStatisticsForClockInterstitial(bool overridable,
102 ssl_errors::ClockState clock_state,
103 int cert_error);
104
74 // Helper methods for classification. ------------------------------------------ 105 // Helper methods for classification. ------------------------------------------
75 106
76 // Tokenize DNS names and hostnames. 107 // Tokenize DNS names and hostnames.
77 HostnameTokens Tokenize(const std::string& name); 108 HostnameTokens Tokenize(const std::string& name);
78 109
79 // Sets a clock for browser tests that check the build time. Used by 110 // Sets a clock for browser tests that check the build time. Used by
80 // IsUserClockInThePast and IsUserClockInTheFuture. 111 // IsUserClockInThePast and IsUserClockInTheFuture.
81 void SetBuildTimeForTesting(const base::Time& testing_time); 112 void SetBuildTimeForTesting(const base::Time& testing_time);
82 113
83 // Returns true if the hostname has a known Top Level Domain. 114 // Returns true if the hostname has a known Top Level Domain.
(...skipping 15 matching lines...) Expand all
99 // appspot.com. 130 // appspot.com.
100 bool AnyNamesUnderName(const std::vector<HostnameTokens>& potential_children, 131 bool AnyNamesUnderName(const std::vector<HostnameTokens>& potential_children,
101 const HostnameTokens& parent); 132 const HostnameTokens& parent);
102 133
103 // Exposed for teshting. 134 // Exposed for teshting.
104 size_t GetLevenshteinDistance(const std::string& str1, const std::string& str2); 135 size_t GetLevenshteinDistance(const std::string& str1, const std::string& str2);
105 136
106 } // namespace ssl_errors 137 } // namespace ssl_errors
107 138
108 #endif // COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_ 139 #endif // COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_
OLDNEW
« no previous file with comments | « components/ssl_errors/DEPS ('k') | components/ssl_errors/error_classification.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698