content/common/ssl_status_serialization.cc - Issue 2241213002: Distinguish between SCT invalidity reasons in UMA

Side by Side Diff: content/common/ssl_status_serialization.cc

Issue 2241213002: Distinguish between SCT invalidity reasons in UMA (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: A patchset that actually works Created 4 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« chrome/browser/ssl/chrome_expect_ct_reporter.cc ('K') | « chrome/browser/ui/website_settings/website_settings_unittest.cc ('k') | content/common/ssl_status_serialization_unittest.cc » ('j') | net/cert/ct_sct_to_string.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "content/common/ssl_status_serialization.h"	5 #include "content/common/ssl_status_serialization.h"

6	6

7 #include <stdint.h>	7 #include <stdint.h>

8	8

9 #include "base/logging.h"	9 #include "base/logging.h"

10 #include "base/numerics/safe_conversions.h"	10 #include "base/numerics/safe_conversions.h"

(...skipping 13 matching lines...) Expand all Loading...
24 return true;	24 return true;

25 }	25 }

26 return false;	26 return false;

27 }	27 }

28	28

29 // Checks that an integer \|sct_status\| is a valid net::ct::SCTVerifyStatus enum	29 // Checks that an integer \|sct_status\| is a valid net::ct::SCTVerifyStatus enum

30 // value. Returns true if valid, false otherwise.	30 // value. Returns true if valid, false otherwise.

31 bool CheckSCTStatus(uint32_t sct_status) {	31 bool CheckSCTStatus(uint32_t sct_status) {

32 switch (sct_status) {	32 switch (sct_status) {

33 case net::ct::SCT_STATUS_LOG_UNKNOWN:	33 case net::ct::SCT_STATUS_LOG_UNKNOWN:

34 case net::ct::SCT_STATUS_INVALID:	34 case net::ct::SCT_STATUS_INVALID_SIGNATURE:

35 case net::ct::SCT_STATUS_OK:	35 case net::ct::SCT_STATUS_OK:

	36 case net::ct::SCT_STATUS_INVALID_TIMESTAMP:

36 case net::ct::SCT_STATUS_MAX:	37 case net::ct::SCT_STATUS_MAX:
	eroman 2016/08/15 19:20:22 Why is MAX considered valid? From the definition: Why is MAX considered valid? From the definition: // The SCT is from a known log, and the signature is valid. SCT_STATUS_OK = 3, // Used to bound the enum values. SCT_STATUS_MAX, Meaning MAX is 4, which does not map to an actual status. I don't know the surrounding code, but my usual answer to this code pattern is to define things as: SCT_STATUS_LAST = SCT_STATUS_OK, Then you don't need to explicitly handle it in switch statements. Eran Messeri 2016/08/16 14:17:18 (1) MAX shouldn't be considered valid - I've moved Show quoted text On 2016/08/15 at 19:20:22, eroman wrote: > Why is MAX considered valid? > > From the definition: > > // The SCT is from a known log, and the signature is valid. > SCT_STATUS_OK = 3, > > // Used to bound the enum values. > SCT_STATUS_MAX, > > > Meaning MAX is 4, which does not map to an actual status. > > I don't know the surrounding code, but my usual answer to this code pattern is to define things as: > > SCT_STATUS_LAST = SCT_STATUS_OK, > > Then you don't need to explicitly handle it in switch statements. (1) MAX shouldn't be considered valid - I've moved it to the SCT_STATUS_NONE case. (2) The SCTVerifyStatus enum is used in a histogram, and the common pattern seems to be to have a _MAX value that is passed into the UMA_HISTOGRAM_ENUMERATION macro as the boundary value. I do not mind changing _MAX to _LAST as you suggested and passing SCT_STATUS_LAST + 1 to the histogram macro - just confirm you're happy with this deviation from the common approach (I also see a slight disadvantage with the _LAST approach is that it has to be changed in addition to the new values being added, whereas with the _MAX the only thing to be aware of is that new values should be added before it).
37 return true;	38 return true;

38 case net::ct::SCT_STATUS_NONE:	39 case net::ct::SCT_STATUS_NONE:

39 // SCT_STATUS_NONE should never happen, so it isn't valid to	40 // SCT_STATUS_NONE should never happen, so it isn't valid to

40 // receive a status of NONE in a serialized SSLStatus.	41 // receive a status of NONE in a serialized SSLStatus.

41 return false;	42 return false;

42 }	43 }

43 return false;	44 return false;

44 }	45 }

45	46

46 } // namespace	47 } // namespace

(...skipping 72 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
119 // Sanity check \|key_exchange_info\|: 0 or greater.	120 // Sanity check \|key_exchange_info\|: 0 or greater.

120 if (ssl_status->key_exchange_info < 0) {	121 if (ssl_status->key_exchange_info < 0) {

121 *ssl_status = SSLStatus();	122 *ssl_status = SSLStatus();

122 return false;	123 return false;

123 }	124 }

124	125

125 return true;	126 return true;

126 }	127 }

127	128

128 } // namespace content	129 } // namespace content

OLD	NEW