OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "extensions/browser/api/web_request/web_request_api_helpers.h" | 5 #include "extensions/browser/api/web_request/web_request_api_helpers.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 #include <stdint.h> | 8 #include <stdint.h> |
9 | 9 |
10 #include <algorithm> | 10 #include <algorithm> |
(...skipping 10 matching lines...) Expand all Loading... | |
21 #include "components/web_cache/browser/web_cache_manager.h" | 21 #include "components/web_cache/browser/web_cache_manager.h" |
22 #include "content/public/browser/browser_thread.h" | 22 #include "content/public/browser/browser_thread.h" |
23 #include "content/public/browser/render_process_host.h" | 23 #include "content/public/browser/render_process_host.h" |
24 #include "extensions/browser/api/web_request/web_request_api_constants.h" | 24 #include "extensions/browser/api/web_request/web_request_api_constants.h" |
25 #include "extensions/browser/extension_registry.h" | 25 #include "extensions/browser/extension_registry.h" |
26 #include "extensions/browser/extension_system.h" | 26 #include "extensions/browser/extension_system.h" |
27 #include "extensions/browser/extensions_browser_client.h" | 27 #include "extensions/browser/extensions_browser_client.h" |
28 #include "extensions/browser/runtime_data.h" | 28 #include "extensions/browser/runtime_data.h" |
29 #include "extensions/browser/warning_set.h" | 29 #include "extensions/browser/warning_set.h" |
30 #include "extensions/common/extension_messages.h" | 30 #include "extensions/common/extension_messages.h" |
31 #include "net/cert/x509_certificate.h" | |
31 #include "net/cookies/cookie_util.h" | 32 #include "net/cookies/cookie_util.h" |
32 #include "net/cookies/parsed_cookie.h" | 33 #include "net/cookies/parsed_cookie.h" |
33 #include "net/http/http_util.h" | 34 #include "net/http/http_util.h" |
34 #include "net/log/net_log.h" | 35 #include "net/log/net_log.h" |
35 #include "net/log/net_log_capture_mode.h" | 36 #include "net/log/net_log_capture_mode.h" |
36 #include "net/log/net_log_event_type.h" | 37 #include "net/log/net_log_event_type.h" |
37 #include "net/log/net_log_parameters_callback.h" | 38 #include "net/log/net_log_parameters_callback.h" |
38 #include "net/log/net_log_with_source.h" | 39 #include "net/log/net_log_with_source.h" |
40 #include "net/ssl/ssl_info.h" | |
39 #include "net/url_request/url_request.h" | 41 #include "net/url_request/url_request.h" |
40 #include "url/url_constants.h" | 42 #include "url/url_constants.h" |
41 | 43 |
42 // TODO(battre): move all static functions into an anonymous namespace at the | 44 // TODO(battre): move all static functions into an anonymous namespace at the |
43 // top of this file. | 45 // top of this file. |
44 | 46 |
45 using base::Time; | 47 using base::Time; |
46 using content::ResourceType; | 48 using content::ResourceType; |
47 using net::cookie_util::ParsedRequestCookie; | 49 using net::cookie_util::ParsedRequestCookie; |
48 using net::cookie_util::ParsedRequestCookies; | 50 using net::cookie_util::ParsedRequestCookies; |
(...skipping 1223 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1272 bool found = false; | 1274 bool found = false; |
1273 for (size_t i = 0; i < kResourceTypeStringsLength; ++i) { | 1275 for (size_t i = 0; i < kResourceTypeStringsLength; ++i) { |
1274 if (type_str == kResourceTypeStrings[i]) { | 1276 if (type_str == kResourceTypeStrings[i]) { |
1275 found = true; | 1277 found = true; |
1276 types->push_back(kResourceTypeValues[i]); | 1278 types->push_back(kResourceTypeValues[i]); |
1277 } | 1279 } |
1278 } | 1280 } |
1279 return found; | 1281 return found; |
1280 } | 1282 } |
1281 | 1283 |
1284 static base::DictionaryValue* ExtractDN(const net::CertPrincipal& dn) { | |
1285 base::DictionaryValue* dn_dict = new base::DictionaryValue(); | |
palmer
2017/01/21 01:16:30
Nit/Note: In unambiguous situations like this, you
| |
1286 if (!dn.common_name.empty()) { | |
1287 dn_dict->SetString(keys::kCommonNameKey, dn.common_name); | |
1288 } | |
1289 if (!dn.locality_name.empty()) { | |
1290 dn_dict->SetString(keys::kLocalityNameKey, dn.locality_name); | |
1291 } | |
1292 if (!dn.state_or_province_name.empty()) { | |
1293 dn_dict->SetString(keys::kStateOrProvinceNameKey, | |
1294 dn.state_or_province_name); | |
1295 } | |
1296 if (!dn.country_name.empty()) { | |
1297 dn_dict->SetString(keys::kCountryNameKey, dn.country_name); | |
1298 } | |
1299 if (dn.street_addresses.size() > 0) { | |
1300 base::ListValue* addrs = new base::ListValue(); | |
1301 addrs->AppendStrings(dn.street_addresses); | |
1302 dn_dict->Set(keys::kStreetAddressesKey, addrs); | |
1303 } | |
1304 if (dn.organization_names.size() > 0) { | |
1305 base::ListValue* names = new base::ListValue(); | |
1306 names->AppendStrings(dn.organization_names); | |
1307 dn_dict->Set(keys::kOrganizationNamesKey, names); | |
1308 } | |
1309 if (dn.organization_unit_names.size() > 0) { | |
1310 base::ListValue* names = new base::ListValue(); | |
1311 names->AppendStrings(dn.organization_unit_names); | |
1312 dn_dict->Set(keys::kOrganizationUnitNamesKey, names); | |
1313 } | |
1314 return dn_dict; | |
1315 } | |
1316 | |
1317 std::unique_ptr<base::DictionaryValue> ExtractCertificateInfo( | |
1318 scoped_refptr<net::X509Certificate> cert) { | |
1319 std::unique_ptr<base::DictionaryValue> info(new base::DictionaryValue); | |
1320 info->SetString(keys::kSerialNumberKey, | |
1321 base::HexEncode(cert->serial_number().data(), | |
1322 cert->serial_number().size())); | |
1323 info->Set("subject", ExtractDN(cert->subject())); | |
palmer
2017/01/21 01:16:29
Is it better to use your keys::kFooKey constants f
| |
1324 info->Set("issuer", ExtractDN(cert->issuer())); | |
1325 | |
1326 std::vector<std::string>* dns_names = new std::vector<std::string>; | |
1327 std::vector<std::string>* ip_addrs = new std::vector<std::string>; | |
palmer
2017/01/21 01:16:29
You leak these pointers — there's no "delete dns_n
| |
1328 cert->GetSubjectAltName(dns_names, ip_addrs); | |
1329 if (dns_names->size() > 0) { | |
1330 base::ListValue* names = new base::ListValue(); | |
1331 names->AppendStrings(*dns_names); | |
1332 info->Set("DNSNames", names); | |
1333 } | |
1334 if (ip_addrs->size() > 0) { | |
1335 base::ListValue* addrs = new base::ListValue(); | |
1336 addrs->AppendStrings(*ip_addrs); | |
1337 info->Set("IPAddresses", addrs); | |
1338 } | |
1339 | |
1340 info->SetBoolean("expired", cert->HasExpired()); | |
1341 info->SetDouble("notBefore", cert->valid_start().ToJsTime()); | |
1342 info->SetDouble("notAfter", cert->valid_expiry().ToJsTime()); | |
1343 | |
1344 std::string der_holder; | |
1345 if (!cert->GetDEREncoded(cert->os_cert_handle(), &der_holder)) | |
1346 return info; | |
1347 info->Set("raw", base::BinaryValue::CreateWithCopiedBuffer( | |
1348 der_holder.c_str(), der_holder.size())); | |
1349 | |
1350 return info; | |
1351 } | |
1352 | |
1353 base::ListValue* ExtractCertificateChain( | |
1354 scoped_refptr<net::X509Certificate> cert) { | |
1355 base::ListValue* chain = new base::ListValue(); | |
palmer
2017/01/21 01:16:29
auto here too, if you like.
| |
1356 if (cert) { | |
1357 chain->Append(ExtractCertificateInfo(cert)); | |
1358 const net::X509Certificate::OSCertHandles cert_handles = | |
1359 cert->GetIntermediateCertificates(); | |
1360 const net::X509Certificate::OSCertHandles empty_handle; | |
1361 for (size_t i = 0; i < cert_handles.size(); i++) { | |
1362 scoped_refptr<net::X509Certificate> interCert; | |
1363 interCert = | |
1364 net::X509Certificate::CreateFromHandle(cert_handles[i], empty_handle); | |
1365 chain->Append(ExtractCertificateInfo(interCert)); | |
1366 } | |
1367 } | |
1368 return chain; | |
1369 } | |
1370 | |
1371 static std::unordered_map<net::CertStatus, int> status_to_error_map = { | |
palmer
2017/01/21 01:16:29
This creates a static initializer, which we don't
| |
1372 {net::CERT_STATUS_REVOKED, net::ERR_CERT_REVOKED}, | |
1373 {net::CERT_STATUS_INVALID, net::ERR_CERT_INVALID}, | |
1374 {net::CERT_STATUS_PINNED_KEY_MISSING, | |
1375 net::ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN}, | |
1376 {net::CERT_STATUS_AUTHORITY_INVALID, net::ERR_CERT_AUTHORITY_INVALID}, | |
1377 {net::CERT_STATUS_COMMON_NAME_INVALID, net::ERR_CERT_COMMON_NAME_INVALID}, | |
1378 {net::CERT_STATUS_NAME_CONSTRAINT_VIOLATION, | |
1379 net::ERR_CERT_NAME_CONSTRAINT_VIOLATION}, | |
1380 {net::CERT_STATUS_WEAK_SIGNATURE_ALGORITHM, | |
1381 net::ERR_CERT_WEAK_SIGNATURE_ALGORITHM}, | |
1382 {net::CERT_STATUS_WEAK_KEY, net::ERR_CERT_WEAK_KEY}, | |
1383 {net::CERT_STATUS_DATE_INVALID, net::ERR_CERT_DATE_INVALID}, | |
1384 {net::CERT_STATUS_VALIDITY_TOO_LONG, net::ERR_CERT_VALIDITY_TOO_LONG}, | |
1385 {net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION, | |
1386 net::ERR_CERT_UNABLE_TO_CHECK_REVOCATION}, | |
1387 {net::CERT_STATUS_NO_REVOCATION_MECHANISM, | |
1388 net::ERR_CERT_NO_REVOCATION_MECHANISM}, | |
1389 {net::CERT_STATUS_CERTIFICATE_TRANSPARENCY_REQUIRED, | |
1390 net::ERR_CERTIFICATE_TRANSPARENCY_REQUIRED}, | |
1391 }; | |
1392 | |
1393 base::ListValue* ParseCertificateStatusErrors(net::CertStatus status) { | |
1394 base::ListValue* errors = new base::ListValue(); | |
1395 for (auto const& error : status_to_error_map) { | |
palmer
2017/01/21 01:16:29
I think the style guide calls for "const auto& err
| |
1396 if (status & error.first) | |
1397 errors->AppendString(net::ErrorToShortString(error.second)); | |
1398 } | |
1399 return errors; | |
1400 } | |
1401 | |
1282 } // namespace extension_web_request_api_helpers | 1402 } // namespace extension_web_request_api_helpers |
OLD | NEW |