| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/transport_security_state.h" | 5 #include "net/http/transport_security_state.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 #include <string> | 8 #include <string> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| (...skipping 1344 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1355 ASSERT_FALSE(report.empty()); | 1355 ASSERT_FALSE(report.empty()); |
| 1356 ASSERT_NO_FATAL_FAILURE(CheckHPKPReport(report, subdomain_host_port_pair, | 1356 ASSERT_NO_FATAL_FAILURE(CheckHPKPReport(report, subdomain_host_port_pair, |
| 1357 true, kHost, cert1.get(), cert2.get(), | 1357 true, kHost, cert1.get(), cert2.get(), |
| 1358 good_hashes)); | 1358 good_hashes)); |
| 1359 } | 1359 } |
| 1360 | 1360 |
| 1361 // Tests that a histogram entry is recorded when TransportSecurityState | 1361 // Tests that a histogram entry is recorded when TransportSecurityState |
| 1362 // fails to send an HPKP violation report. | 1362 // fails to send an HPKP violation report. |
| 1363 TEST_F(TransportSecurityStateTest, UMAOnHPKPReportingFailure) { | 1363 TEST_F(TransportSecurityStateTest, UMAOnHPKPReportingFailure) { |
| 1364 base::HistogramTester histograms; | 1364 base::HistogramTester histograms; |
| 1365 const std::string histogram_name = "Net.PublicKeyPinReportSendingFailure"; | 1365 const std::string histogram_name = "Net.PublicKeyPinReportSendingFailure2"; |
| 1366 HostPortPair host_port_pair(kHost, kPort); | 1366 HostPortPair host_port_pair(kHost, kPort); |
| 1367 GURL report_uri(kReportUri); | 1367 GURL report_uri(kReportUri); |
| 1368 // Two dummy certs to use as the server-sent and validated chains. The | 1368 // Two dummy certs to use as the server-sent and validated chains. The |
| 1369 // contents don't matter. | 1369 // contents don't matter. |
| 1370 scoped_refptr<X509Certificate> cert1 = | 1370 scoped_refptr<X509Certificate> cert1 = |
| 1371 ImportCertFromFile(GetTestCertsDirectory(), "test_mail_google_com.pem"); | 1371 ImportCertFromFile(GetTestCertsDirectory(), "test_mail_google_com.pem"); |
| 1372 scoped_refptr<X509Certificate> cert2 = | 1372 scoped_refptr<X509Certificate> cert2 = |
| 1373 ImportCertFromFile(GetTestCertsDirectory(), "expired_cert.pem"); | 1373 ImportCertFromFile(GetTestCertsDirectory(), "expired_cert.pem"); |
| 1374 ASSERT_TRUE(cert1); | 1374 ASSERT_TRUE(cert1); |
| 1375 ASSERT_TRUE(cert2); | 1375 ASSERT_TRUE(cert2); |
| (...skipping 18 matching lines...) Expand all Loading... |
| 1394 | 1394 |
| 1395 std::string failure_log; | 1395 std::string failure_log; |
| 1396 EXPECT_EQ(TransportSecurityState::PKPStatus::VIOLATED, | 1396 EXPECT_EQ(TransportSecurityState::PKPStatus::VIOLATED, |
| 1397 state.CheckPublicKeyPins( | 1397 state.CheckPublicKeyPins( |
| 1398 host_port_pair, true, bad_hashes, cert1.get(), cert2.get(), | 1398 host_port_pair, true, bad_hashes, cert1.get(), cert2.get(), |
| 1399 TransportSecurityState::ENABLE_PIN_REPORTS, &failure_log)); | 1399 TransportSecurityState::ENABLE_PIN_REPORTS, &failure_log)); |
| 1400 | 1400 |
| 1401 // Check that the UMA histogram was updated when the report failed to | 1401 // Check that the UMA histogram was updated when the report failed to |
| 1402 // send. | 1402 // send. |
| 1403 histograms.ExpectTotalCount(histogram_name, 1); | 1403 histograms.ExpectTotalCount(histogram_name, 1); |
| 1404 histograms.ExpectBucketCount(histogram_name, mock_report_sender.net_error(), | 1404 histograms.ExpectBucketCount(histogram_name, -mock_report_sender.net_error(), |
| 1405 1); | 1405 1); |
| 1406 } | 1406 } |
| 1407 | 1407 |
| 1408 TEST_F(TransportSecurityStateTest, HPKPReportOnly) { | 1408 TEST_F(TransportSecurityStateTest, HPKPReportOnly) { |
| 1409 HostPortPair host_port_pair(kHost, kPort); | 1409 HostPortPair host_port_pair(kHost, kPort); |
| 1410 GURL report_uri(kReportUri); | 1410 GURL report_uri(kReportUri); |
| 1411 // Two dummy certs to use as the server-sent and validated chains. The | 1411 // Two dummy certs to use as the server-sent and validated chains. The |
| 1412 // contents don't matter. | 1412 // contents don't matter. |
| 1413 scoped_refptr<X509Certificate> cert1 = | 1413 scoped_refptr<X509Certificate> cert1 = |
| 1414 ImportCertFromFile(GetTestCertsDirectory(), "test_mail_google_com.pem"); | 1414 ImportCertFromFile(GetTestCertsDirectory(), "test_mail_google_com.pem"); |
| (...skipping 614 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2029 base::FieldTrialList::CreateFieldTrial("EnforceCTForProblematicRoots", | 2029 base::FieldTrialList::CreateFieldTrial("EnforceCTForProblematicRoots", |
| 2030 "disabled"); | 2030 "disabled"); |
| 2031 | 2031 |
| 2032 EXPECT_FALSE( | 2032 EXPECT_FALSE( |
| 2033 state.ShouldRequireCT("www.example.com", before_cert.get(), hashes)); | 2033 state.ShouldRequireCT("www.example.com", before_cert.get(), hashes)); |
| 2034 EXPECT_FALSE( | 2034 EXPECT_FALSE( |
| 2035 state.ShouldRequireCT("www.example.com", after_cert.get(), hashes)); | 2035 state.ShouldRequireCT("www.example.com", after_cert.get(), hashes)); |
| 2036 } | 2036 } |
| 2037 | 2037 |
| 2038 } // namespace net | 2038 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2120683002:
Fix up certificate error reporting histograms (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master