Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(122)

Unified Diff: components/certificate_transparency/log_dns_client.cc

Issue 2017563002: Add Certificate Transparency logs auditing (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Addressed review comments Created 4 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: components/certificate_transparency/log_dns_client.cc
diff --git a/components/certificate_transparency/log_dns_client.cc b/components/certificate_transparency/log_dns_client.cc
index fabbbac4698c36a0e36c9d5690f38ab9aa85587a..e60634b84672824bf1b9963adb114fb848743d9e 100644
--- a/components/certificate_transparency/log_dns_client.cc
+++ b/components/certificate_transparency/log_dns_client.cc
@@ -323,6 +323,30 @@ net::Error LogDnsClient::AuditProofQuery::RequestAuditProofNodes() {
proof_->nodes.size() >= net::ct::CalculateAuditPathLength(
proof_->leaf_index, proof_->tree_size)) {
return net::ERR_UNEXPECTED;
+ // The performance of this could be improved by sending all of the expected
+ // queries up front. Each response can contain a maximum of 7 audit path
+ // nodes,
+ // so for an audit proof of size 20, it could send 3 queries (for nodes 0-6,
+ // 7-13 and 14-19) immediately. Currently, it sends only the first and then,
+ // based on the number of nodes received, sends the next query. The
+ // complexity
+ // of the code would increase though, as it would need to detect gaps in the
+ // audit proof caused by the server not responding with the anticipated
+ // number
+ // of nodes. Ownership of the proof would need to change, as it would be
+ // shared
+ // between simultaneous DNS transactions.
+ /*
+ void LogDnsClient::QueryAuditProof(base::StringPiece domain_for_log,
+ uint64_t leaf_index,
+ uint64_t tree_size,
+ const AuditProofCallback& callback) {
+ if (domain_for_log.empty() || leaf_index >= tree_size) {
+ base::ThreadTaskRunnerHandle::Get()->PostTask(
+ FROM_HERE,
+ base::Bind(callback, net::Error::ERR_INVALID_ARGUMENT, nullptr));
+ return;
+ */
Ryan Sleevi 2016/12/22 21:33:20 Accidental paste?
Eran Messeri 2017/01/03 23:07:41 Fixed - bad merge.
}
std::string qname = base::StringPrintf(

Powered by Google App Engine
This is Rietveld 408576698