Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(104)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/http/transport_security_state.cc

Issue 2084783002: Cleanup HPKP error handling and weak DH key handling (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@require_ct_enforcer
Patch Set: Fix bad test Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/http/transport_security_state.h ('k') | net/quic/crypto/proof_verifier_chromium.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/http/transport_security_state.h" 5 #include "net/http/transport_security_state.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 #include <memory> 8 #include <memory>
9 #include <utility> 9 #include <utility>
10 10
(...skipping 1307 matching lines...) Expand 10 before | Expand all | Expand 10 after
1318 : upgrade_mode(MODE_DEFAULT), include_subdomains(false) { 1318 : upgrade_mode(MODE_DEFAULT), include_subdomains(false) {
1319 } 1319 }
1320 1320
1321 TransportSecurityState::STSState::~STSState() { 1321 TransportSecurityState::STSState::~STSState() {
1322 } 1322 }
1323 1323
1324 bool TransportSecurityState::STSState::ShouldUpgradeToSSL() const { 1324 bool TransportSecurityState::STSState::ShouldUpgradeToSSL() const {
1325 return upgrade_mode == MODE_FORCE_HTTPS; 1325 return upgrade_mode == MODE_FORCE_HTTPS;
1326 } 1326 }
1327 1327
1328 bool TransportSecurityState::STSState::ShouldSSLErrorsBeFatal() const {
1329 return true;
1330 }
1331
1332 TransportSecurityState::STSStateIterator::STSStateIterator( 1328 TransportSecurityState::STSStateIterator::STSStateIterator(
1333 const TransportSecurityState& state) 1329 const TransportSecurityState& state)
1334 : iterator_(state.enabled_sts_hosts_.begin()), 1330 : iterator_(state.enabled_sts_hosts_.begin()),
1335 end_(state.enabled_sts_hosts_.end()) { 1331 end_(state.enabled_sts_hosts_.end()) {
1336 } 1332 }
1337 1333
1338 TransportSecurityState::STSStateIterator::~STSStateIterator() { 1334 TransportSecurityState::STSStateIterator::~STSStateIterator() {
1339 } 1335 }
1340 1336
1341 TransportSecurityState::PKPState::PKPState() : include_subdomains(false) { 1337 TransportSecurityState::PKPState::PKPState() : include_subdomains(false) {
(...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after
1387 failure_log->append("Rejecting public key chain for domain " + domain + 1383 failure_log->append("Rejecting public key chain for domain " + domain +
1388 ". Validated chain: " + HashesToBase64String(hashes) + 1384 ". Validated chain: " + HashesToBase64String(hashes) +
1389 ", expected: " + HashesToBase64String(spki_hashes)); 1385 ", expected: " + HashesToBase64String(spki_hashes));
1390 return false; 1386 return false;
1391 } 1387 }
1392 1388
1393 bool TransportSecurityState::PKPState::HasPublicKeyPins() const { 1389 bool TransportSecurityState::PKPState::HasPublicKeyPins() const {
1394 return spki_hashes.size() > 0 || bad_spki_hashes.size() > 0; 1390 return spki_hashes.size() > 0 || bad_spki_hashes.size() > 0;
1395 } 1391 }
1396 1392
1397 bool TransportSecurityState::PKPState::ShouldSSLErrorsBeFatal() const {
1398 return true;
1399 }
1400
1401 TransportSecurityState::PKPStateIterator::PKPStateIterator( 1393 TransportSecurityState::PKPStateIterator::PKPStateIterator(
1402 const TransportSecurityState& state) 1394 const TransportSecurityState& state)
1403 : iterator_(state.enabled_pkp_hosts_.begin()), 1395 : iterator_(state.enabled_pkp_hosts_.begin()),
1404 end_(state.enabled_pkp_hosts_.end()) { 1396 end_(state.enabled_pkp_hosts_.end()) {
1405 } 1397 }
1406 1398
1407 TransportSecurityState::PKPStateIterator::~PKPStateIterator() { 1399 TransportSecurityState::PKPStateIterator::~PKPStateIterator() {
1408 } 1400 }
1409 1401
1410 } // namespace 1402 } // namespace
OLDNEW
« no previous file with comments | « net/http/transport_security_state.h ('k') | net/quic/crypto/proof_verifier_chromium.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698