OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/spdy/spdy_session.h" | 5 #include "net/spdy/spdy_session.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <limits> | 8 #include <limits> |
9 #include <map> | 9 #include <map> |
10 #include <utility> | 10 #include <utility> |
(...skipping 645 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
656 | 656 |
657 std::string pinning_failure_log; | 657 std::string pinning_failure_log; |
658 // DISABLE_PIN_REPORTS is set here because this check can fail in | 658 // DISABLE_PIN_REPORTS is set here because this check can fail in |
659 // normal operation without being indicative of a misconfiguration or | 659 // normal operation without being indicative of a misconfiguration or |
660 // attack. Port is left at 0 as it is never used. | 660 // attack. Port is left at 0 as it is never used. |
661 if (!transport_security_state->CheckPublicKeyPins( | 661 if (!transport_security_state->CheckPublicKeyPins( |
662 HostPortPair(new_hostname, 0), ssl_info.is_issued_by_known_root, | 662 HostPortPair(new_hostname, 0), ssl_info.is_issued_by_known_root, |
663 ssl_info.public_key_hashes, ssl_info.unverified_cert.get(), | 663 ssl_info.public_key_hashes, ssl_info.unverified_cert.get(), |
664 ssl_info.cert.get(), TransportSecurityState::DISABLE_PIN_REPORTS, | 664 ssl_info.cert.get(), TransportSecurityState::DISABLE_PIN_REPORTS, |
665 &pinning_failure_log)) { | 665 &pinning_failure_log)) { |
666 return false; | 666 if (ssl_info.is_issued_by_known_root) |
estark
2016/06/08 17:09:28
optional nit: we might as well bypass CheckPublicK
dadrian
2016/06/08 17:38:51
Done.
| |
667 return false; | |
667 } | 668 } |
668 | 669 |
669 return true; | 670 return true; |
670 } | 671 } |
671 | 672 |
672 SpdySession::SpdySession( | 673 SpdySession::SpdySession( |
673 const SpdySessionKey& spdy_session_key, | 674 const SpdySessionKey& spdy_session_key, |
674 const base::WeakPtr<HttpServerProperties>& http_server_properties, | 675 const base::WeakPtr<HttpServerProperties>& http_server_properties, |
675 TransportSecurityState* transport_security_state, | 676 TransportSecurityState* transport_security_state, |
676 bool verify_domain_authentication, | 677 bool verify_domain_authentication, |
(...skipping 2712 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
3389 if (!queue->empty()) { | 3390 if (!queue->empty()) { |
3390 SpdyStreamId stream_id = queue->front(); | 3391 SpdyStreamId stream_id = queue->front(); |
3391 queue->pop_front(); | 3392 queue->pop_front(); |
3392 return stream_id; | 3393 return stream_id; |
3393 } | 3394 } |
3394 } | 3395 } |
3395 return 0; | 3396 return 0; |
3396 } | 3397 } |
3397 | 3398 |
3398 } // namespace net | 3399 } // namespace net |
OLD | NEW |