OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/cert/x509_certificate.h" | 5 #include "net/cert/x509_certificate.h" |
6 | 6 |
7 #include <stdlib.h> | 7 #include <stdlib.h> |
8 | 8 |
9 #include <algorithm> | 9 #include <algorithm> |
10 #include <map> | 10 #include <map> |
(...skipping 510 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
521 // the input name was absolute (included trailing .), normalize it as if it | 521 // the input name was absolute (included trailing .), normalize it as if it |
522 // was relative. | 522 // was relative. |
523 if (!reference_name.empty() && *reference_name.rbegin() == '.') | 523 if (!reference_name.empty() && *reference_name.rbegin() == '.') |
524 reference_name.resize(reference_name.size() - 1); | 524 reference_name.resize(reference_name.size() - 1); |
525 if (reference_name.empty()) | 525 if (reference_name.empty()) |
526 return false; | 526 return false; |
527 | 527 |
528 // Allow fallback to Common name matching? | 528 // Allow fallback to Common name matching? |
529 const bool common_name_fallback = cert_san_dns_names.empty() && | 529 const bool common_name_fallback = cert_san_dns_names.empty() && |
530 cert_san_ip_addrs.empty(); | 530 cert_san_ip_addrs.empty(); |
| 531 UMA_HISTOGRAM_BOOLEAN("Net.CertCommonNameFallback", common_name_fallback); |
531 | 532 |
532 // Fully handle all cases where |hostname| contains an IP address. | 533 // Fully handle all cases where |hostname| contains an IP address. |
533 if (host_info.IsIPAddress()) { | 534 if (host_info.IsIPAddress()) { |
534 if (common_name_fallback && | 535 if (common_name_fallback && |
535 host_info.family == url_canon::CanonHostInfo::IPV4) { | 536 host_info.family == url_canon::CanonHostInfo::IPV4) { |
536 // Fallback to Common name matching. As this is deprecated and only | 537 // Fallback to Common name matching. As this is deprecated and only |
537 // supported for compatibility refuse it for IPv6 addresses. | 538 // supported for compatibility refuse it for IPv6 addresses. |
538 return reference_name == cert_common_name; | 539 return reference_name == cert_common_name; |
539 } | 540 } |
540 base::StringPiece ip_addr_string( | 541 base::StringPiece ip_addr_string( |
(...skipping 184 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
725 RemoveFromCache(cert_handle_); | 726 RemoveFromCache(cert_handle_); |
726 FreeOSCertHandle(cert_handle_); | 727 FreeOSCertHandle(cert_handle_); |
727 } | 728 } |
728 for (size_t i = 0; i < intermediate_ca_certs_.size(); ++i) { | 729 for (size_t i = 0; i < intermediate_ca_certs_.size(); ++i) { |
729 RemoveFromCache(intermediate_ca_certs_[i]); | 730 RemoveFromCache(intermediate_ca_certs_[i]); |
730 FreeOSCertHandle(intermediate_ca_certs_[i]); | 731 FreeOSCertHandle(intermediate_ca_certs_[i]); |
731 } | 732 } |
732 } | 733 } |
733 | 734 |
734 } // namespace net | 735 } // namespace net |
OLD | NEW |