OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_ | 5 #ifndef COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_ |
6 #define COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_ | 6 #define COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_ |
7 | 7 |
8 #include <string> | 8 #include <string> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
(...skipping 10 matching lines...) Expand all Loading... |
21 namespace network_time { | 21 namespace network_time { |
22 class NetworkTimeTracker; | 22 class NetworkTimeTracker; |
23 } | 23 } |
24 | 24 |
25 namespace ssl_errors { | 25 namespace ssl_errors { |
26 | 26 |
27 typedef std::vector<std::string> HostnameTokens; | 27 typedef std::vector<std::string> HostnameTokens; |
28 | 28 |
29 // Methods for identifying specific error causes. ------------------------------ | 29 // Methods for identifying specific error causes. ------------------------------ |
30 | 30 |
| 31 // These values are written to logs. New enum values can be added, but existing |
| 32 // enums must never be renumbered or deleted and reused. |
| 33 enum SSLInterstitialCause { |
| 34 CLOCK_PAST = 0, |
| 35 CLOCK_FUTURE = 1, |
| 36 WWW_SUBDOMAIN_MATCH = 2, // Deprecated in M59. |
| 37 SUBDOMAIN_MATCH = 3, // Deprecated in M59. |
| 38 SUBDOMAIN_INVERSE_MATCH = 4, // Deprecated in M59. |
| 39 SUBDOMAIN_OUTSIDE_WILDCARD = 5, // Deprecated in M59. |
| 40 HOST_NAME_NOT_KNOWN_TLD = 6, |
| 41 LIKELY_MULTI_TENANT_HOSTING = 7, // Deprecated in M59. |
| 42 LOCALHOST = 8, |
| 43 PRIVATE_URL = 9, |
| 44 AUTHORITY_ERROR_CAPTIVE_PORTAL = 10, // Deprecated in M47. |
| 45 SELF_SIGNED = 11, |
| 46 EXPIRED_RECENTLY = 12, |
| 47 LIKELY_SAME_DOMAIN = 13, // Deprecated in M59. |
| 48 NO_SUBJECT_ALT_NAME = 14, |
| 49 WWW_SUBDOMAIN_MATCH2 = 15, |
| 50 SUBDOMAIN_MATCH2 = 16, |
| 51 SUBDOMAIN_INVERSE_MATCH2 = 17, |
| 52 SUBDOMAIN_OUTSIDE_WILDCARD2 = 18, |
| 53 LIKELY_MULTI_TENANT_HOSTING2 = 19, |
| 54 LIKELY_SAME_DOMAIN2 = 20, |
| 55 SSL_INTERSTITIAL_CAUSE_MAX |
| 56 }; |
| 57 |
31 // What is known about the accuracy of system clock. Do not change or | 58 // What is known about the accuracy of system clock. Do not change or |
32 // reorder; these values are used in an UMA histogram. | 59 // reorder; these values are used in an UMA histogram. |
33 enum ClockState { | 60 enum ClockState { |
34 // Not known whether system clock is close enough. | 61 // Not known whether system clock is close enough. |
35 CLOCK_STATE_UNKNOWN, | 62 CLOCK_STATE_UNKNOWN, |
36 | 63 |
37 // System clock is "close enough", per network time. | 64 // System clock is "close enough", per network time. |
38 CLOCK_STATE_OK, | 65 CLOCK_STATE_OK, |
39 | 66 |
40 // System clock is behind. | 67 // System clock is behind. |
(...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
103 // fields. | 130 // fields. |
104 bool IsCertLikelyFromMultiTenantHosting(const GURL& request_url, | 131 bool IsCertLikelyFromMultiTenantHosting(const GURL& request_url, |
105 const net::X509Certificate& cert); | 132 const net::X509Certificate& cert); |
106 | 133 |
107 // Returns true if the hostname in |request_url_| has the same domain | 134 // Returns true if the hostname in |request_url_| has the same domain |
108 // (effective TLD + 1 label) as at least one of the subject | 135 // (effective TLD + 1 label) as at least one of the subject |
109 // alternative names in |cert_|. | 136 // alternative names in |cert_|. |
110 bool IsCertLikelyFromSameDomain(const GURL& request_url, | 137 bool IsCertLikelyFromSameDomain(const GURL& request_url, |
111 const net::X509Certificate& cert); | 138 const net::X509Certificate& cert); |
112 | 139 |
113 // Returns true if the site's hostname differs from one of the DNS | 140 // Returns true if the site's hostname differs from one of the DNS names in |
114 // names in the certificate (CN or SANs) only by the presence or | 141 // |dns_names| only by the presence or absence of the single-label prefix "www". |
115 // absence of the single-label prefix "www". E.g.: (The first domain | 142 // The matching name from the certificate is returned in |www_match_host_name|. |
116 // is hostname and the second domain is a DNS name in the certificate) | |
117 // www.example.com ~ example.com -> true | |
118 // example.com ~ www.example.com -> true | |
119 // www.food.example.com ~ example.com -> false | |
120 // mail.example.com ~ example.com -> false | |
121 bool GetWWWSubDomainMatch(const GURL& request_url, | 143 bool GetWWWSubDomainMatch(const GURL& request_url, |
122 const std::vector<std::string>& dns_names, | 144 const std::vector<std::string>& dns_names, |
123 std::string* www_match_host_name); | 145 std::string* www_match_host_name); |
124 | 146 |
125 // Method for recording results. ----------------------------------------------- | 147 // Method for recording results. ----------------------------------------------- |
126 | 148 |
127 void RecordUMAStatistics(bool overridable, | 149 void RecordUMAStatistics(bool overridable, |
128 const base::Time& current_time, | 150 const base::Time& current_time, |
129 const GURL& request_url, | 151 const GURL& request_url, |
130 int cert_error, | 152 int cert_error, |
(...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
165 // appspot.com. | 187 // appspot.com. |
166 bool AnyNamesUnderName(const std::vector<HostnameTokens>& potential_children, | 188 bool AnyNamesUnderName(const std::vector<HostnameTokens>& potential_children, |
167 const HostnameTokens& parent); | 189 const HostnameTokens& parent); |
168 | 190 |
169 // Exposed for teshting. | 191 // Exposed for teshting. |
170 size_t GetLevenshteinDistance(const std::string& str1, const std::string& str2); | 192 size_t GetLevenshteinDistance(const std::string& str1, const std::string& str2); |
171 | 193 |
172 } // namespace ssl_errors | 194 } // namespace ssl_errors |
173 | 195 |
174 #endif // COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_ | 196 #endif // COMPONENTS_SSL_ERRORS_ERROR_CLASSIFICATION_H_ |
OLD | NEW |