Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(697)

Issue 2620203003: Add initial version of captive portal list checking. (Closed)

Created:
3 years, 11 months ago by meacer
Modified:
3 years, 10 months ago
CC:
chromium-reviews
Target Ref:
refs/pending/heads/master
Project:
chromium
Visibility:
Public.

Description

Add initial version of captive portal list checking. This CL adds captive portal certificate list checking feature. When an SSL error occurs, the feature checks the certificate chain's SPKI hashes to a list of hashes that are known to be served by captive portals. The list is embedded as a resource and currently only contains a single hash (the hash of the leaf cert of captive-portal.badssl.com). Follow up CLs will introduce a component updater component to dynamically update the list of known captive portal SPKI hashes. BUG=640835 CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:closure_compilation Review-Url: https://codereview.chromium.org/2620203003 Cr-Commit-Position: refs/heads/master@{#448796} Committed: https://chromium.googlesource.com/chromium/src/+/b0785808c1a3d64ec590bf17d41db45c7b0d8b16

Patch Set 1 #

Total comments: 29

Patch Set 2 : estark comments #

Total comments: 20

Patch Set 3 : Add more tests #

Patch Set 4 : Fix build #

Patch Set 5 : More tests and rebase #

Total comments: 20

Patch Set 6 : rsleevi comments #

Total comments: 19

Patch Set 7 : estark and rsleevi comments #

Total comments: 8

Patch Set 8 : bauerb comments #

Total comments: 2

Patch Set 9 : Fix Android tests #

Unified diffs Side-by-side diffs Delta from patch set Stats (+651 lines, -25 lines) Patch
M chrome/browser/BUILD.gn View 1 2 3 4 5 6 7 1 chunk +1 line, -0 lines 0 comments Download
M chrome/browser/browser_resources.grd View 1 2 3 4 1 chunk +3 lines, -0 lines 0 comments Download
M chrome/browser/resources/ssl/ssl_error_assistant/ssl_error_assistant.asciipb View 1 2 3 4 5 1 chunk +5 lines, -8 lines 0 comments Download
M chrome/browser/ssl/ssl_browser_tests.cc View 1 2 3 4 5 6 7 8 chunks +320 lines, -0 lines 0 comments Download
M chrome/browser/ssl/ssl_error_assistant.proto View 1 2 1 chunk +2 lines, -0 lines 0 comments Download
M chrome/browser/ssl/ssl_error_handler.h View 1 2 3 4 5 6 5 chunks +19 lines, -10 lines 0 comments Download
M chrome/browser/ssl/ssl_error_handler.cc View 1 2 3 4 5 6 7 13 chunks +120 lines, -2 lines 0 comments Download
M chrome/browser/ssl/ssl_error_handler_unittest.cc View 1 2 3 4 5 6 7 8 7 chunks +177 lines, -4 lines 0 comments Download
M chrome/test/BUILD.gn View 1 2 3 4 5 6 7 2 chunks +4 lines, -1 line 0 comments Download

Messages

Total messages: 43 (17 generated)
meacer
estark: This isn't yet ready for landing, but sending you to get early feedback. In ...
3 years, 11 months ago (2017-01-11 01:53:03 UTC) #2
estark
Looks pretty reasonable to me! My main questions (about which I rambled inline) are: 1. ...
3 years, 11 months ago (2017-01-12 18:54:44 UTC) #3
meacer
Responding to some comments with no code changes. https://codereview.chromium.org/2620203003/diff/1/chrome/browser/browser_resources.grd File chrome/browser/browser_resources.grd (right): https://codereview.chromium.org/2620203003/diff/1/chrome/browser/browser_resources.grd#newcode629 chrome/browser/browser_resources.grd:629: <if ...
3 years, 11 months ago (2017-01-12 23:54:03 UTC) #4
estark
https://codereview.chromium.org/2620203003/diff/1/chrome/browser/browser_resources.grd File chrome/browser/browser_resources.grd (right): https://codereview.chromium.org/2620203003/diff/1/chrome/browser/browser_resources.grd#newcode629 chrome/browser/browser_resources.grd:629: <if expr="not is_android and not is_ios"> On 2017/01/12 23:54:02, ...
3 years, 11 months ago (2017-01-13 23:40:24 UTC) #5
meacer
The more I read about it, the more I feel it's okay to load the ...
3 years, 11 months ago (2017-01-20 21:30:00 UTC) #7
estark
lgtm with a few comments/nits. Are you planning to add the Finch flag in this ...
3 years, 11 months ago (2017-01-20 23:31:18 UTC) #8
estark
Oh, forgot to mention, before you land can you update the CL description with some ...
3 years, 11 months ago (2017-01-21 01:33:27 UTC) #9
meacer
On 2017/01/21 01:33:27, estark wrote: > Oh, forgot to mention, before you land can you ...
3 years, 11 months ago (2017-01-21 02:04:09 UTC) #10
meacer
PTAL? https://codereview.chromium.org/2620203003/diff/20001/chrome/browser/ssl/ssl_browser_tests.cc File chrome/browser/ssl/ssl_browser_tests.cc (right): https://codereview.chromium.org/2620203003/diff/20001/chrome/browser/ssl/ssl_browser_tests.cc#newcode237 chrome/browser/ssl/ssl_browser_tests.cc:237: // Returns true if the timer has been ...
3 years, 10 months ago (2017-01-31 00:22:47 UTC) #14
meacer
Added some more tests and rebased. rsleevi: Can you also please take a second look? ...
3 years, 10 months ago (2017-02-01 21:43:45 UTC) #16
Ryan Sleevi
A quick scan, but I mostly skipped the tests this round https://codereview.chromium.org/2620203003/diff/100001/chrome/browser/resources/ssl/ssl_error_assistant/ssl_error_assistant.asciipb File chrome/browser/resources/ssl/ssl_error_assistant/ssl_error_assistant.asciipb (right): ...
3 years, 10 months ago (2017-02-01 22:06:06 UTC) #17
meacer
https://codereview.chromium.org/2620203003/diff/100001/chrome/browser/resources/ssl/ssl_error_assistant/ssl_error_assistant.asciipb File chrome/browser/resources/ssl/ssl_error_assistant/ssl_error_assistant.asciipb (right): https://codereview.chromium.org/2620203003/diff/100001/chrome/browser/resources/ssl/ssl_error_assistant/ssl_error_assistant.asciipb#newcode16 chrome/browser/resources/ssl/ssl_error_assistant/ssl_error_assistant.asciipb:16: sha256_hash: "sha256/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=" On 2017/02/01 22:06:06, Ryan Sleevi wrote: > ...
3 years, 10 months ago (2017-02-02 01:56:06 UTC) #18
Ryan Sleevi
LGTM (and largely deferring to estark's review, although I did review all the files) https://codereview.chromium.org/2620203003/diff/120001/chrome/browser/ssl/ssl_browser_tests.cc ...
3 years, 10 months ago (2017-02-02 02:24:37 UTC) #19
estark
Sorry to be so slow! lgtm https://codereview.chromium.org/2620203003/diff/120001/chrome/browser/ssl/ssl_browser_tests.cc File chrome/browser/ssl/ssl_browser_tests.cc (right): https://codereview.chromium.org/2620203003/diff/120001/chrome/browser/ssl/ssl_browser_tests.cc#newcode3927 chrome/browser/ssl/ssl_browser_tests.cc:3927: IN_PROC_BROWSER_TEST_F(SSLUITest, CaptivePortalCertificateList_Disabled) { ...
3 years, 10 months ago (2017-02-03 07:24:07 UTC) #20
meacer
https://codereview.chromium.org/2620203003/diff/120001/chrome/browser/ssl/ssl_browser_tests.cc File chrome/browser/ssl/ssl_browser_tests.cc (right): https://codereview.chromium.org/2620203003/diff/120001/chrome/browser/ssl/ssl_browser_tests.cc#newcode345 chrome/browser/ssl/ssl_browser_tests.cc:345: SSLErrorHandler::ResetConfigForTesting(); On 2017/02/02 02:24:36, Ryan Sleevi wrote: > I ...
3 years, 10 months ago (2017-02-06 23:39:18 UTC) #21
meacer
estark: You might want to take a look at the new tests in ssl_browser_tests.cc since ...
3 years, 10 months ago (2017-02-07 01:45:23 UTC) #22
meacer
bauerb: PTAL at browser_resources.grd? Thanks.
3 years, 10 months ago (2017-02-07 02:35:00 UTC) #24
Bernhard Bauer
LGTM w/ nits: https://codereview.chromium.org/2620203003/diff/140001/chrome/browser/ssl/ssl_browser_tests.cc File chrome/browser/ssl/ssl_browser_tests.cc (right): https://codereview.chromium.org/2620203003/diff/140001/chrome/browser/ssl/ssl_browser_tests.cc#newcode117 chrome/browser/ssl/ssl_browser_tests.cc:117: #if BUILDFLAG(ENABLE_CAPTIVE_PORTAL_DETECTION) Nit: Move this before ...
3 years, 10 months ago (2017-02-07 10:53:03 UTC) #25
meacer
https://codereview.chromium.org/2620203003/diff/140001/chrome/browser/ssl/ssl_browser_tests.cc File chrome/browser/ssl/ssl_browser_tests.cc (right): https://codereview.chromium.org/2620203003/diff/140001/chrome/browser/ssl/ssl_browser_tests.cc#newcode117 chrome/browser/ssl/ssl_browser_tests.cc:117: #if BUILDFLAG(ENABLE_CAPTIVE_PORTAL_DETECTION) On 2017/02/07 10:53:03, Bernhard Bauer wrote: > ...
3 years, 10 months ago (2017-02-07 20:22:50 UTC) #26
estark
latest ssl_browser_tests.cc lgtm https://codereview.chromium.org/2620203003/diff/160001/chrome/browser/ssl/ssl_browser_tests.cc File chrome/browser/ssl/ssl_browser_tests.cc (right): https://codereview.chromium.org/2620203003/diff/160001/chrome/browser/ssl/ssl_browser_tests.cc#newcode4068 chrome/browser/ssl/ssl_browser_tests.cc:4068: mock_cert_verifier()->AddResultForCert(cert, verify_result, net_result); Ohh, I was ...
3 years, 10 months ago (2017-02-07 21:07:58 UTC) #27
meacer
https://codereview.chromium.org/2620203003/diff/160001/chrome/browser/ssl/ssl_browser_tests.cc File chrome/browser/ssl/ssl_browser_tests.cc (right): https://codereview.chromium.org/2620203003/diff/160001/chrome/browser/ssl/ssl_browser_tests.cc#newcode4068 chrome/browser/ssl/ssl_browser_tests.cc:4068: mock_cert_verifier()->AddResultForCert(cert, verify_result, net_result); On 2017/02/07 21:07:58, estark wrote: > ...
3 years, 10 months ago (2017-02-07 21:20:17 UTC) #28
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.org/2620203003/160001
3 years, 10 months ago (2017-02-07 21:21:23 UTC) #31
commit-bot: I haz the power
Try jobs failed on following builders: linux_android_rel_ng on master.tryserver.chromium.android (JOB_FAILED, https://build.chromium.org/p/tryserver.chromium.android/builders/linux_android_rel_ng/builds/227625)
3 years, 10 months ago (2017-02-07 22:16:43 UTC) #33
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.org/2620203003/180001
3 years, 10 months ago (2017-02-07 22:28:59 UTC) #36
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.org/2620203003/180001
3 years, 10 months ago (2017-02-07 22:34:15 UTC) #40
commit-bot: I haz the power
3 years, 10 months ago (2017-02-07 23:47:29 UTC) #43
Message was sent while issue was closed.
Committed patchset #9 (id:180001) as
https://chromium.googlesource.com/chromium/src/+/b0785808c1a3d64ec590bf17d41d...

Powered by Google App Engine
This is Rietveld 408576698