OLD | NEW |
---|---|
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_ | 5 #ifndef COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_ |
6 #define COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_ | 6 #define COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_ |
7 | 7 |
8 #include <string> | 8 #include <string> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
11 namespace base { | 11 namespace base { |
12 class Time; | 12 class Time; |
13 } | 13 } |
14 | 14 |
15 class GURL; | 15 class GURL; |
16 | 16 |
17 namespace net { | 17 namespace net { |
18 class X509Certificate; | 18 class X509Certificate; |
19 } | 19 } |
20 | 20 |
21 namespace network_time { | |
22 class NetworkTimeTracker; | |
23 } | |
24 | |
21 namespace ssl_errors { | 25 namespace ssl_errors { |
22 | 26 |
23 typedef std::vector<std::string> HostnameTokens; | 27 typedef std::vector<std::string> HostnameTokens; |
24 | 28 |
25 // Methods for identifying specific error causes. ------------------------------ | 29 // Methods for identifying specific error causes. ------------------------------ |
26 | 30 |
27 // Returns true if the system time is in the past. | 31 // What is known about the accuracy of system clock. Note that these do not |
28 bool IsUserClockInThePast(const base::Time& time_now); | 32 // represent a uniform level of certainty! The names are prefixed by the source |
33 // of the information. | |
34 enum ClockState { | |
35 // Not known whether system clock is close enough. | |
36 UNKNOWN, | |
estark
2016/03/10 20:10:08
The usual Chromium style would be to name these CL
mab
2016/03/11 04:18:41
Done.
| |
29 | 37 |
30 // Returns true if the system time is too far in the future or the user is | 38 // System clock is "close enough", per network time. |
31 // using a version of Chrome which is more than 1 year old. | 39 NETWORK_OK, |
32 bool IsUserClockInTheFuture(const base::Time& time_now); | 40 |
41 // System clock is behind the network time, i.e. in the past. | |
42 NETWORK_PAST, | |
43 | |
44 // System clock is ahead of the network time, i.e. in the future. | |
45 NETWORK_FUTURE, | |
46 | |
47 // System clock is behind the build time (which should be impossible, so it | |
48 // probably means the system clock is behind). | |
49 BUILD_PAST, | |
50 | |
51 // System clock is so far ahead of the build time that either this is a very | |
52 // old binary or the clock is ahead. (This is a slightly weaker indication | |
53 // than the other values of this enum.) | |
54 BUILD_FUTURE | |
estark
2016/03/10 20:10:08
nit: add trailing comma
mab
2016/03/11 04:18:41
Done.
| |
55 }; | |
56 | |
57 // Returns the current state of the clock. The states are documented with the | |
58 // |CLOCK_STATE| enum. A result from network time, if available, will always be | |
59 // preferred to a result from the build time. | |
60 ClockState GetClockState( | |
61 const base::Time& now_system, | |
62 const network_time::NetworkTimeTracker* network_time_tracker); | |
33 | 63 |
34 // Returns true if |hostname| is too broad for the scope of a wildcard | 64 // Returns true if |hostname| is too broad for the scope of a wildcard |
35 // certificate. E.g.: | 65 // certificate. E.g.: |
36 // a.b.example.com ~ *.example.com --> true | 66 // a.b.example.com ~ *.example.com --> true |
37 // b.example.com ~ *.example.com --> false | 67 // b.example.com ~ *.example.com --> false |
38 bool IsSubDomainOutsideWildcard(const GURL& request_url, | 68 bool IsSubDomainOutsideWildcard(const GURL& request_url, |
39 const net::X509Certificate& cert); | 69 const net::X509Certificate& cert); |
40 | 70 |
41 // Returns true if the certificate is a shared certificate. Note - This | 71 // Returns true if the certificate is a shared certificate. Note - This |
42 // function should be used with caution (only for UMA histogram) as an | 72 // function should be used with caution (only for UMA histogram) as an |
(...skipping 17 matching lines...) Expand all Loading... | |
60 // www.food.example.com ~ example.com -> false | 90 // www.food.example.com ~ example.com -> false |
61 // mail.example.com ~ example.com -> false | 91 // mail.example.com ~ example.com -> false |
62 bool GetWWWSubDomainMatch(const GURL& request_url, | 92 bool GetWWWSubDomainMatch(const GURL& request_url, |
63 const std::vector<std::string>& dns_names, | 93 const std::vector<std::string>& dns_names, |
64 std::string* www_match_host_name); | 94 std::string* www_match_host_name); |
65 | 95 |
66 // Method for recording results. ----------------------------------------------- | 96 // Method for recording results. ----------------------------------------------- |
67 | 97 |
68 void RecordUMAStatistics(bool overridable, | 98 void RecordUMAStatistics(bool overridable, |
69 const base::Time& current_time, | 99 const base::Time& current_time, |
100 const network_time::NetworkTimeTracker* network_time, | |
70 const GURL& request_url, | 101 const GURL& request_url, |
71 int cert_error, | 102 int cert_error, |
72 const net::X509Certificate& cert); | 103 const net::X509Certificate& cert); |
73 | 104 |
74 // Helper methods for classification. ------------------------------------------ | 105 // Helper methods for classification. ------------------------------------------ |
75 | 106 |
76 // Tokenize DNS names and hostnames. | 107 // Tokenize DNS names and hostnames. |
77 HostnameTokens Tokenize(const std::string& name); | 108 HostnameTokens Tokenize(const std::string& name); |
78 | 109 |
79 // Sets a clock for browser tests that check the build time. Used by | 110 // Sets a clock for browser tests that check the build time. Used by |
(...skipping 19 matching lines...) Expand all Loading... | |
99 // appspot.com. | 130 // appspot.com. |
100 bool AnyNamesUnderName(const std::vector<HostnameTokens>& potential_children, | 131 bool AnyNamesUnderName(const std::vector<HostnameTokens>& potential_children, |
101 const HostnameTokens& parent); | 132 const HostnameTokens& parent); |
102 | 133 |
103 // Exposed for teshting. | 134 // Exposed for teshting. |
104 size_t GetLevenshteinDistance(const std::string& str1, const std::string& str2); | 135 size_t GetLevenshteinDistance(const std::string& str1, const std::string& str2); |
105 | 136 |
106 } // namespace ssl_errors | 137 } // namespace ssl_errors |
107 | 138 |
108 #endif // COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_ | 139 #endif // COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_ |
OLD | NEW |