net/http/http_response_info.cc - Issue 2016143002: Expose when PKP is bypassed in SSLInfo.

Side by Side Diff: net/http/http_response_info.cc

Issue 2016143002: Expose when PKP is bypassed in SSLInfo. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Add pkp_bypassed to SSLInfo Created 4 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "net/http/http_response_info.h"	5 #include "net/http/http_response_info.h"

6	6

7 #include "base/logging.h"	7 #include "base/logging.h"

8 #include "base/pickle.h"	8 #include "base/pickle.h"

9 #include "base/time/time.h"	9 #include "base/time/time.h"

10 #include "net/base/auth.h"	10 #include "net/base/auth.h"

(...skipping 78 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
89 RESPONSE_INFO_USE_HTTP_AUTHENTICATION = 1 << 19,	89 RESPONSE_INFO_USE_HTTP_AUTHENTICATION = 1 << 19,

90	90

91 // This bit is set if ssl_info has SCTs.	91 // This bit is set if ssl_info has SCTs.

92 RESPONSE_INFO_HAS_SIGNED_CERTIFICATE_TIMESTAMPS = 1 << 20,	92 RESPONSE_INFO_HAS_SIGNED_CERTIFICATE_TIMESTAMPS = 1 << 20,

93	93

94 RESPONSE_INFO_UNUSED_SINCE_PREFETCH = 1 << 21,	94 RESPONSE_INFO_UNUSED_SINCE_PREFETCH = 1 << 21,

95	95

96 // This bit is set if the response has a key-exchange-info field at the end.	96 // This bit is set if the response has a key-exchange-info field at the end.

97 RESPONSE_INFO_HAS_KEY_EXCHANGE_INFO = 1 << 22,	97 RESPONSE_INFO_HAS_KEY_EXCHANGE_INFO = 1 << 22,

98	98

	99 // This bit is set if ssl_info recorded that PKP was bypassed due to a local

	100 // trust anchor
	estark 2016/06/07 04:10:43 nit: period at the end nit: period at the end dadrian 2016/06/07 17:48:22 Done. Show quoted text On 2016/06/07 04:10:43, estark wrote: > nit: period at the end Done.
	101 RESPONSE_INFO_PKP_BYPASSED = 1 << 23,

	102

99 // TODO(darin): Add other bits to indicate alternate request methods.	103 // TODO(darin): Add other bits to indicate alternate request methods.

100 // For now, we don't support storing those.	104 // For now, we don't support storing those.

101 };	105 };

102	106

103 HttpResponseInfo::HttpResponseInfo()	107 HttpResponseInfo::HttpResponseInfo()

104 : was_cached(false),	108 : was_cached(false),

105 server_data_unavailable(false),	109 server_data_unavailable(false),

106 network_accessed(false),	110 network_accessed(false),

107 was_fetched_via_spdy(false),	111 was_fetched_via_spdy(false),

108 was_npn_negotiated(false),	112 was_npn_negotiated(false),

(...skipping 180 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
289 was_npn_negotiated = (flags & RESPONSE_INFO_WAS_NPN) != 0;	293 was_npn_negotiated = (flags & RESPONSE_INFO_WAS_NPN) != 0;

290	294

291 was_fetched_via_proxy = (flags & RESPONSE_INFO_WAS_PROXY) != 0;	295 was_fetched_via_proxy = (flags & RESPONSE_INFO_WAS_PROXY) != 0;

292	296

293 *response_truncated = (flags & RESPONSE_INFO_TRUNCATED) != 0;	297 *response_truncated = (flags & RESPONSE_INFO_TRUNCATED) != 0;

294	298

295 did_use_http_auth = (flags & RESPONSE_INFO_USE_HTTP_AUTHENTICATION) != 0;	299 did_use_http_auth = (flags & RESPONSE_INFO_USE_HTTP_AUTHENTICATION) != 0;

296	300

297 unused_since_prefetch = (flags & RESPONSE_INFO_UNUSED_SINCE_PREFETCH) != 0;	301 unused_since_prefetch = (flags & RESPONSE_INFO_UNUSED_SINCE_PREFETCH) != 0;

298	302

	303 ssl_info.pkp_bypassed = (flags & RESPONSE_INFO_PKP_BYPASSED);
	estark 2016/06/07 04:10:43 nit: != 0 (for consistency with the lines above, p nit: != 0 (for consistency with the lines above, plus I think some compiler will complain without this... maybe?) dadrian 2016/06/07 17:48:22 Wow, I totally missed the `!= 0` on the other line Show quoted text On 2016/06/07 04:10:43, estark wrote: > nit: != 0 > (for consistency with the lines above, plus I think some compiler will complain > without this... maybe?) Wow, I totally missed the `!= 0` on the other lines. Done.
	304

299 return true;	305 return true;

300 }	306 }

301	307

302 void HttpResponseInfo::Persist(base::Pickle* pickle,	308 void HttpResponseInfo::Persist(base::Pickle* pickle,

303 bool skip_transient_headers,	309 bool skip_transient_headers,

304 bool response_truncated) const {	310 bool response_truncated) const {

305 int flags = RESPONSE_INFO_VERSION;	311 int flags = RESPONSE_INFO_VERSION;

306 if (ssl_info.is_valid()) {	312 if (ssl_info.is_valid()) {

307 flags \|= RESPONSE_INFO_HAS_CERT;	313 flags \|= RESPONSE_INFO_HAS_CERT;

308 flags \|= RESPONSE_INFO_HAS_CERT_STATUS;	314 flags \|= RESPONSE_INFO_HAS_CERT_STATUS;

(...skipping 17 matching lines...) Expand all Loading...
326 if (was_fetched_via_proxy)	332 if (was_fetched_via_proxy)

327 flags \|= RESPONSE_INFO_WAS_PROXY;	333 flags \|= RESPONSE_INFO_WAS_PROXY;

328 if (connection_info != CONNECTION_INFO_UNKNOWN)	334 if (connection_info != CONNECTION_INFO_UNKNOWN)

329 flags \|= RESPONSE_INFO_HAS_CONNECTION_INFO;	335 flags \|= RESPONSE_INFO_HAS_CONNECTION_INFO;

330 if (did_use_http_auth)	336 if (did_use_http_auth)

331 flags \|= RESPONSE_INFO_USE_HTTP_AUTHENTICATION;	337 flags \|= RESPONSE_INFO_USE_HTTP_AUTHENTICATION;

332 if (unused_since_prefetch)	338 if (unused_since_prefetch)

333 flags \|= RESPONSE_INFO_UNUSED_SINCE_PREFETCH;	339 flags \|= RESPONSE_INFO_UNUSED_SINCE_PREFETCH;

334 if (!ssl_info.signed_certificate_timestamps.empty())	340 if (!ssl_info.signed_certificate_timestamps.empty())

335 flags \|= RESPONSE_INFO_HAS_SIGNED_CERTIFICATE_TIMESTAMPS;	341 flags \|= RESPONSE_INFO_HAS_SIGNED_CERTIFICATE_TIMESTAMPS;

	342 if (ssl_info.pkp_bypassed)

	343 flags \|= RESPONSE_INFO_PKP_BYPASSED;

336	344

337 pickle->WriteInt(flags);	345 pickle->WriteInt(flags);

338 pickle->WriteInt64(request_time.ToInternalValue());	346 pickle->WriteInt64(request_time.ToInternalValue());

339 pickle->WriteInt64(response_time.ToInternalValue());	347 pickle->WriteInt64(response_time.ToInternalValue());

340	348

341 HttpResponseHeaders::PersistOptions persist_options =	349 HttpResponseHeaders::PersistOptions persist_options =

342 HttpResponseHeaders::PERSIST_RAW;	350 HttpResponseHeaders::PERSIST_RAW;

343	351

344 if (skip_transient_headers) {	352 if (skip_transient_headers) {

345 persist_options = HttpResponseHeaders::PERSIST_SANS_COOKIES \|	353 persist_options = HttpResponseHeaders::PERSIST_SANS_COOKIES \|

(...skipping 83 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
429 case CONNECTION_INFO_QUIC1_SPDY3:	437 case CONNECTION_INFO_QUIC1_SPDY3:

430 return "quic/1+spdy/3";	438 return "quic/1+spdy/3";

431 case NUM_OF_CONNECTION_INFOS:	439 case NUM_OF_CONNECTION_INFOS:

432 break;	440 break;

433 }	441 }

434 NOTREACHED();	442 NOTREACHED();

435 return "";	443 return "";

436 }	444 }

437	445

438 } // namespace net	446 } // namespace net

OLD	NEW

« no previous file with comments | « net/cert/cert_verify_result.cc ('k') | net/http/http_response_info_unittest.cc » ('j') | net/http/http_response_info_unittest.cc » ('J')