Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(470)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/http/transport_security_state.cc

Issue 2660793002: Add transport security state generator tests. (Closed)
Patch Set: export method for tests Created 3 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/http/transport_security_state.h ('k') | net/http/transport_security_state_static.h » ('j') | net/http/transport_security_state_static.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/http/transport_security_state.cc
diff --git a/net/http/transport_security_state.cc b/net/http/transport_security_state.cc
index 5f82c2897b51ec403963e9da6674c389f38aff73..a6540d0ce2030cc58faada0b1758314af1a862c4 100644
--- a/net/http/transport_security_state.cc
+++ b/net/http/transport_security_state.cc
@@ -47,6 +47,16 @@ const size_t kMaxHPKPReportCacheEntries = 50;
const int kTimeToRememberHPKPReportsMins = 60;
const size_t kReportCacheKeyLength = 16;
+const uint8_t* g_hsts_huffman_tree = kHSTSHuffmanTree;
+size_t g_hsts_huffman_tree_size = sizeof(kHSTSHuffmanTree);
+const uint8_t* g_preloaded_hsts_data = kPreloadedHSTSData;
+size_t g_preloaded_hsts_bits = kPreloadedHSTSBits;
+size_t g_hsts_root_position = kHSTSRootPosition;
+const char* const* g_expect_ct_report_uris = kExpectCTReportURIs;
+const char* const* g_expect_staple_report_uris = kExpectStapleReportURIs;
+const struct Pinset* g_hsts_pinsets = kPinsets;
+size_t g_hsts_pinsets_count = arraysize(kPinsets);
+
// Override for ShouldRequireCT() for unit tests. Possible values:
// -1: Unless a delegate says otherwise, do not require CT.
// 0: Use the default implementation (e.g. production)
@@ -434,9 +444,9 @@ struct PreloadResult {
bool DecodeHSTSPreloadRaw(const std::string& search_hostname,
bool* out_found,
PreloadResult* out) {
- HuffmanDecoder huffman(kHSTSHuffmanTree, sizeof(kHSTSHuffmanTree));
- BitReader reader(kPreloadedHSTSData, kPreloadedHSTSBits);
- size_t bit_offset = kHSTSRootPosition;
+ HuffmanDecoder huffman(g_hsts_huffman_tree, g_hsts_huffman_tree_size);
+ BitReader reader(g_preloaded_hsts_data, g_preloaded_hsts_bits);
+ size_t bit_offset = g_hsts_root_position;
static const char kEndOfString = 0;
static const char kEndOfTable = 127;
@@ -721,6 +731,39 @@ bool SerializeExpectStapleReport(const HostPortPair& host_port_pair,
} // namespace
+void SetTransportSecurityStateSource(
+ const uint8_t* hsts_huffman_tree,
+ const size_t hsts_huffman_tree_size,
+ const uint8_t* preloaded_hsts_data,
+ const size_t preloaded_hsts_bits,
+ const size_t hsts_root_position,
+ const char* const* expect_ct_report_uris,
+ const char* const* expect_staple_report_uris,
+ const struct Pinset hsts_pinsets[],
+ const size_t hsts_pinsets_count) {
+ g_hsts_huffman_tree = hsts_huffman_tree;
+ g_hsts_huffman_tree_size = hsts_huffman_tree_size;
+ g_preloaded_hsts_data = preloaded_hsts_data;
+ g_preloaded_hsts_bits = preloaded_hsts_bits;
+ g_hsts_root_position = hsts_root_position;
+ g_expect_ct_report_uris = expect_ct_report_uris;
+ g_expect_staple_report_uris = expect_staple_report_uris;
+ g_hsts_pinsets = hsts_pinsets;
+ g_hsts_pinsets_count = hsts_pinsets_count;
+}
+
+void SetDefaultTransportSecurityStateSource() {
+ g_hsts_huffman_tree = kHSTSHuffmanTree;
+ g_hsts_huffman_tree_size = sizeof(kHSTSHuffmanTree);
+ g_preloaded_hsts_data = kPreloadedHSTSData;
+ g_preloaded_hsts_bits = kPreloadedHSTSBits;
+ g_hsts_root_position = kHSTSRootPosition;
+ g_expect_ct_report_uris = kExpectCTReportURIs;
+ g_expect_staple_report_uris = kExpectStapleReportURIs;
+ g_hsts_pinsets = kPinsets;
+ g_hsts_pinsets_count = arraysize(kPinsets);
+}
+
TransportSecurityState::TransportSecurityState()
: enable_static_pins_(true),
enable_static_expect_ct_(true),
@@ -1105,7 +1148,7 @@ bool TransportSecurityState::GetStaticExpectCTState(
expect_ct_state->domain = host.substr(result.hostname_offset);
expect_ct_state->report_uri =
- GURL(kExpectCTReportURIs[result.expect_ct_report_uri_id]);
+ GURL(g_expect_ct_report_uris[result.expect_ct_report_uri_id]);
return true;
}
@@ -1128,7 +1171,7 @@ bool TransportSecurityState::GetStaticExpectStapleState(
expect_staple_state->include_subdomains =
result.expect_staple_include_subdomains;
expect_staple_state->report_uri =
- GURL(kExpectStapleReportURIs[result.expect_staple_report_uri_id]);
+ GURL(g_expect_staple_report_uris[result.expect_staple_report_uri_id]);
return true;
}
@@ -1432,9 +1475,9 @@ bool TransportSecurityState::GetStaticDomainState(const std::string& host,
pkp_state->include_subdomains = result.pkp_include_subdomains;
pkp_state->last_observed = base::GetBuildTime();
- if (result.pinset_id >= arraysize(kPinsets))
+ if (result.pinset_id >= g_hsts_pinsets_count)
return false;
- const Pinset *pinset = &kPinsets[result.pinset_id];
+ const Pinset* pinset = &g_hsts_pinsets[result.pinset_id];
if (pinset->report_uri != kNoReportURI)
pkp_state->report_uri = GURL(pinset->report_uri);
« no previous file with comments | « net/http/transport_security_state.h ('k') | net/http/transport_security_state_static.h » ('j') | net/http/transport_security_state_static.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698