Chromium Code Reviews Chromium Code Reviews
Issue 2620203003:
Add initial version of captive portal list checking. (Closed)
| Index: chrome/browser/ssl/ssl_error_handler.cc |
| diff --git a/chrome/browser/ssl/ssl_error_handler.cc b/chrome/browser/ssl/ssl_error_handler.cc |
| index b0b42914bdf560d67102b4dfd1229114f7761938..71ce93742bd30c1eaf33c3725b74e2b5fb2c5916 100644 |
| --- a/chrome/browser/ssl/ssl_error_handler.cc |
| +++ b/chrome/browser/ssl/ssl_error_handler.cc |
| @@ -5,10 +5,12 @@ |
| #include "chrome/browser/ssl/ssl_error_handler.h" |
| #include <stdint.h> |
| +#include <unordered_set> |
| #include <utility> |
| #include "base/callback_helpers.h" |
| #include "base/feature_list.h" |
| +#include "base/files/file_util.h" |
| #include "base/lazy_instance.h" |
| #include "base/macros.h" |
| #include "base/metrics/histogram_macros.h" |
| @@ -21,7 +23,9 @@ |
| #include "chrome/browser/ssl/bad_clock_blocking_page.h" |
| #include "chrome/browser/ssl/ssl_blocking_page.h" |
| #include "chrome/browser/ssl/ssl_cert_reporter.h" |
| +#include "chrome/browser/ssl/tls_error_assistant.pb.h" |
| #include "chrome/common/features.h" |
| +#include "chrome/grit/browser_resources.h" |
| #include "components/network_time/network_time_tracker.h" |
| #include "components/ssl_errors/error_classification.h" |
| #include "components/ssl_errors/error_info.h" |
| @@ -31,6 +35,7 @@ |
| #include "content/public/browser/render_frame_host.h" |
| #include "content/public/browser/web_contents.h" |
| #include "net/base/net_errors.h" |
| +#include "ui/base/resource/resource_bundle.h" |
| #if BUILDFLAG(ENABLE_CAPTIVE_PORTAL_DETECTION) |
| #include "chrome/browser/captive_portal/captive_portal_service.h" |
| @@ -58,19 +63,7 @@ const base::Feature kSSLCommonNameMismatchHandling{ |
| // - Otherwise, an SSL interstitial is displayed. |
| const int64_t kInterstitialDelayInMilliseconds = 3000; |
| -// Events for UMA. |
| -enum SSLErrorHandlerEvent { |
| - HANDLE_ALL, |
| - SHOW_CAPTIVE_PORTAL_INTERSTITIAL_NONOVERRIDABLE, |
| - SHOW_CAPTIVE_PORTAL_INTERSTITIAL_OVERRIDABLE, |
| - SHOW_SSL_INTERSTITIAL_NONOVERRIDABLE, |
| - SHOW_SSL_INTERSTITIAL_OVERRIDABLE, |
| - WWW_MISMATCH_FOUND, |
| - WWW_MISMATCH_URL_AVAILABLE, |
| - WWW_MISMATCH_URL_NOT_AVAILABLE, |
| - SHOW_BAD_CLOCK, |
| - SSL_ERROR_HANDLER_EVENT_COUNT |
| -}; |
| +const char kHistogram[] = "interstitial.ssl_error_handler"; |
| // Adds a message to console after navigation commits and then, deletes itself. |
| // Also deletes itself if the navigation is stopped. |
| @@ -129,9 +122,9 @@ class CommonNameMismatchRedirectObserver |
| DISALLOW_COPY_AND_ASSIGN(CommonNameMismatchRedirectObserver); |
| }; |
| -void RecordUMA(SSLErrorHandlerEvent event) { |
| - UMA_HISTOGRAM_ENUMERATION("interstitial.ssl_error_handler", event, |
| - SSL_ERROR_HANDLER_EVENT_COUNT); |
| +void RecordUMA(SSLErrorHandler::UMAEvent event) { |
| + UMA_HISTOGRAM_ENUMERATION(kHistogram, event, |
| + SSLErrorHandler::SSL_ERROR_HANDLER_EVENT_COUNT); |
| } |
| #if BUILDFLAG(ENABLE_CAPTIVE_PORTAL_DETECTION) |
| @@ -144,6 +137,23 @@ bool IsSSLCommonNameMismatchHandlingEnabled() { |
| return base::FeatureList::IsEnabled(kSSLCommonNameMismatchHandling); |
| } |
| +// Reads the TLS error assistant configuration from the resource bundle. |
| +void ReadErrorAssistantProtoFromResourceBundle(std::string* binary_pb) { |
| + ui::ResourceBundle& bundle = ui::ResourceBundle::GetSharedInstance(); |
| + bundle.GetRawDataResource(IDR_TLS_ERROR_ASSISTANT_PB).CopyToString(binary_pb); |
|
estark
2017/01/20 23:31:18
Could you explain more why it's okay to load it on
meacer
2017/01/31 00:22:47
I couldn't find an authoritative answer to this, b
|
| +} |
| + |
| +std::unique_ptr<std::unordered_set<std::string>> LoadCaptivePortalCertHashes( |
| + const chrome_browser_ssl::TLSErrorAssistantConfig& proto) { |
| + std::unique_ptr<std::unordered_set<std::string>> hashes( |
| + new std::unordered_set<std::string>()); |
| + for (const chrome_browser_ssl::CaptivePortalCert& cert : |
| + proto.captive_portal_cert()) { |
| + hashes.get()->insert(cert.sha256_hash()); |
| + } |
| + return hashes; |
| +} |
| + |
| // Configuration for SSLErrorHandler. |
| class ConfigSingleton : public base::NonThreadSafe { |
| public: |
| @@ -154,12 +164,20 @@ class ConfigSingleton : public base::NonThreadSafe { |
| base::Clock* clock() const; |
| network_time::NetworkTimeTracker* network_time_tracker() const; |
| + // Returns true if any of the SHA256 hashes in |ssl_info| is of a captive |
| + // portal certificate. The set of captive portal hashes is loaded on first |
| + // use. |
| + bool IsKnownCaptivePortalCert(const net::SSLInfo& ssl_info); |
| + |
| + // Testing methods: |
| void SetInterstitialDelayForTesting(const base::TimeDelta& delay); |
| void SetTimerStartedCallbackForTesting( |
| SSLErrorHandler::TimerStartedCallback* callback); |
| void SetClockForTesting(base::Clock* clock); |
| void SetNetworkTimeTrackerForTesting( |
| network_time::NetworkTimeTracker* tracker); |
| + void SetErrorAssistantProtoForTesting( |
| + const chrome_browser_ssl::TLSErrorAssistantConfig& error_assistant_proto); |
| private: |
| base::TimeDelta interstitial_delay_; |
| @@ -173,6 +191,11 @@ class ConfigSingleton : public base::NonThreadSafe { |
| base::Clock* testing_clock_ = nullptr; |
| network_time::NetworkTimeTracker* network_time_tracker_ = nullptr; |
| + |
| + // SPKI hashes belonging to certs treated as captive portals. Populated the |
|
estark
2017/01/20 23:31:18
nit: "Populated" => "Null until" (to be clear that
meacer
2017/01/31 00:22:47
Done.
|
| + // first time IsKnownCaptivePortalCert() or SetErrorAssistantProtoForTesting() |
| + // is called. |
| + std::unique_ptr<std::unordered_set<std::string>> captive_portal_spki_hashes_; |
| }; |
| ConfigSingleton::ConfigSingleton() |
| @@ -219,6 +242,32 @@ void ConfigSingleton::SetNetworkTimeTrackerForTesting( |
| network_time_tracker_ = tracker; |
| } |
| +void ConfigSingleton::SetErrorAssistantProtoForTesting( |
| + const chrome_browser_ssl::TLSErrorAssistantConfig& error_assistant_proto) { |
| + DCHECK(!captive_portal_spki_hashes_); |
| + captive_portal_spki_hashes_ = |
| + LoadCaptivePortalCertHashes(error_assistant_proto); |
| +} |
| + |
| +bool ConfigSingleton::IsKnownCaptivePortalCert(const net::SSLInfo& ssl_info) { |
| + if (!captive_portal_spki_hashes_) { |
| + std::string binary_proto; |
| + ReadErrorAssistantProtoFromResourceBundle(&binary_proto); |
| + chrome_browser_ssl::TLSErrorAssistantConfig proto; |
| + proto.ParseFromString(binary_proto); |
| + captive_portal_spki_hashes_ = LoadCaptivePortalCertHashes(proto); |
| + } |
| + |
| + for (const net::HashValue& hash_value : ssl_info.public_key_hashes) { |
| + if (hash_value.tag == net::HASH_VALUE_SHA256 && |
| + captive_portal_spki_hashes_->find(hash_value.ToString()) != |
| + captive_portal_spki_hashes_->end()) { |
| + return true; |
| + } |
| + } |
| + return false; |
| +} |
| + |
| static base::LazyInstance<ConfigSingleton>::Leaky g_config = |
| LAZY_INSTANCE_INITIALIZER; |
| @@ -267,6 +316,17 @@ void SSLErrorHandler::SetNetworkTimeTrackerForTesting( |
| g_config.Pointer()->SetNetworkTimeTrackerForTesting(tracker); |
| } |
| +// static |
| +void SSLErrorHandler::SetErrorAssistantProtoForTesting( |
| + const chrome_browser_ssl::TLSErrorAssistantConfig& config_proto) { |
| + g_config.Pointer()->SetErrorAssistantProtoForTesting(config_proto); |
| +} |
| + |
| +// static |
| +std::string SSLErrorHandler::GetHistogramNameForTesting() { |
| + return kHistogram; |
| +} |
| + |
| SSLErrorHandler::SSLErrorHandler( |
| content::WebContents* web_contents, |
| int cert_error, |
| @@ -298,6 +358,14 @@ void SSLErrorHandler::StartHandlingError() { |
| return; |
| } |
| + if (cert_error_ == net::ERR_CERT_COMMON_NAME_INVALID && |
| + g_config.Pointer()->IsKnownCaptivePortalCert(ssl_info_)) { |
| + RecordUMA(CAPTIVE_PORTAL_CERT_FOUND); |
| + ShowCaptivePortalInterstitial( |
| + GURL(captive_portal::CaptivePortalDetector::kDefaultURL)); |
| + return; |
| + } |
| + |
| std::vector<std::string> dns_names; |
| ssl_info_.cert->GetDNSNames(&dns_names); |
| DCHECK(!dns_names.empty()); |
