| Index: components/certificate_transparency/log_dns_client.cc
|
| diff --git a/components/certificate_transparency/log_dns_client.cc b/components/certificate_transparency/log_dns_client.cc
|
| index fabbbac4698c36a0e36c9d5690f38ab9aa85587a..e60634b84672824bf1b9963adb114fb848743d9e 100644
|
| --- a/components/certificate_transparency/log_dns_client.cc
|
| +++ b/components/certificate_transparency/log_dns_client.cc
|
| @@ -323,6 +323,30 @@ net::Error LogDnsClient::AuditProofQuery::RequestAuditProofNodes() {
|
| proof_->nodes.size() >= net::ct::CalculateAuditPathLength(
|
| proof_->leaf_index, proof_->tree_size)) {
|
| return net::ERR_UNEXPECTED;
|
| + // The performance of this could be improved by sending all of the expected
|
| + // queries up front. Each response can contain a maximum of 7 audit path
|
| + // nodes,
|
| + // so for an audit proof of size 20, it could send 3 queries (for nodes 0-6,
|
| + // 7-13 and 14-19) immediately. Currently, it sends only the first and then,
|
| + // based on the number of nodes received, sends the next query. The
|
| + // complexity
|
| + // of the code would increase though, as it would need to detect gaps in the
|
| + // audit proof caused by the server not responding with the anticipated
|
| + // number
|
| + // of nodes. Ownership of the proof would need to change, as it would be
|
| + // shared
|
| + // between simultaneous DNS transactions.
|
| + /*
|
| + void LogDnsClient::QueryAuditProof(base::StringPiece domain_for_log,
|
| + uint64_t leaf_index,
|
| + uint64_t tree_size,
|
| + const AuditProofCallback& callback) {
|
| + if (domain_for_log.empty() || leaf_index >= tree_size) {
|
| + base::ThreadTaskRunnerHandle::Get()->PostTask(
|
| + FROM_HERE,
|
| + base::Bind(callback, net::Error::ERR_INVALID_ARGUMENT, nullptr));
|
| + return;
|
| + */
|
| }
|
|
|
| std::string qname = base::StringPrintf(
|
|
|
Chromium Code Reviews
Issue 2017563002:
Add Certificate Transparency logs auditing (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master