net/tools/transport_security_state_generator/transport_security_state_generator.cc - Issue 2906633003: Add a build flag to configure bundling of HSTS preload list

Unified Diff: net/tools/transport_security_state_generator/transport_security_state_generator.cc

Issue 2906633003: Add a build flag to configure bundling of HSTS preload list (Closed)

Patch Set: change flag to INCLUDE_TRANSPORT_SECURITY_STATE_PRELOAD_LIST Created 3 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

« net/tools/transport_security_state_generator/pinsets.h ('K') | « net/tools/transport_security_state_generator/pinsets.cc ('k') | net/url_request/url_request_unittest.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: net/tools/transport_security_state_generator/transport_security_state_generator.cc

diff --git a/net/tools/transport_security_state_generator/transport_security_state_generator.cc b/net/tools/transport_security_state_generator/transport_security_state_generator.cc

index 40e8f1d3c42a4eafe154710680bab21075525097..cadad15890c72558ce639e5e28b00a5980c73713 100644

--- a/net/tools/transport_security_state_generator/transport_security_state_generator.cc

+++ b/net/tools/transport_security_state_generator/transport_security_state_generator.cc

@@ -26,10 +26,17 @@ using net::transport_security_state::PreloadedStateGenerator;

namespace {

+// If true, the entire preload list will be included. Otherwise, only include

+// the first entry to allow the generator to generate a valid file.

Ryan Sleevi 2017/06/29 20:47:41 This seems a bit suboptimal - that is, wouldn't it

xunjieli 2017/06/30 19:12:18 Done. The Huffman tree decoding code expects at le

+static const char kIncludeTransportSecurityStatePreloadListSwitch[] =

+ "include-transport-security-state-preload-list";

// Print the command line help.

void PrintHelp() {

std::cout << "transport_security_state_generator <json-file> <pins-file>"

- << " <template-file> <output-file> [--v=1]" << std::endl;

+ << " <template-file> <output-file> [--v=1] "

+ "[--exclude-hsts-preload-list=false]"

+ << std::endl;

}

// Checks if there are pins with the same name or the same hash.

@@ -278,6 +285,16 @@ int main(int argc, char* argv[]) {

return 1;

}

+ std::string include_transport_security_state_preload_list_string =

+ command_line.GetSwitchValueASCII(

+ kIncludeTransportSecurityStatePreloadListSwitch);

+ if (include_transport_security_state_preload_list_string == "true") {

+ // Keep only one entry enough to make trie generation pass.

+ entries.erase(++entries.begin(), entries.end());

+ std::set<std::string> required_pinsets = {entries[0]->pinset};

+ pinsets.FilterPinsets(required_pinsets);

+ }

std::string output;

PreloadedStateGenerator generator;

output = generator.Generate(preload_template, entries, pinsets);