| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/x509_certificate.h" | 5 #include "net/cert/x509_certificate.h" |
| 6 | 6 |
| 7 #include <limits.h> | 7 #include <limits.h> |
| 8 #include <stdlib.h> | 8 #include <stdlib.h> |
| 9 | 9 |
| 10 #include <algorithm> | |
| 11 #include <map> | 10 #include <map> |
| 12 #include <memory> | 11 #include <memory> |
| 13 #include <string> | 12 #include <string> |
| 14 #include <vector> | 13 #include <vector> |
| 15 | 14 |
| 16 #include "base/base64.h" | 15 #include "base/base64.h" |
| 17 #include "base/lazy_instance.h" | 16 #include "base/lazy_instance.h" |
| 18 #include "base/logging.h" | 17 #include "base/logging.h" |
| 19 #include "base/macros.h" | 18 #include "base/macros.h" |
| 20 #include "base/memory/singleton.h" | 19 #include "base/memory/singleton.h" |
| 21 #include "base/metrics/histogram_macros.h" | 20 #include "base/metrics/histogram_macros.h" |
| 22 #include "base/pickle.h" | 21 #include "base/pickle.h" |
| 23 #include "base/profiler/scoped_tracker.h" | 22 #include "base/profiler/scoped_tracker.h" |
| 23 #include "base/stl_util.h" |
| 24 #include "base/strings/string_piece.h" | 24 #include "base/strings/string_piece.h" |
| 25 #include "base/strings/string_util.h" | 25 #include "base/strings/string_util.h" |
| 26 #include "base/synchronization/lock.h" | 26 #include "base/synchronization/lock.h" |
| 27 #include "base/time/time.h" | 27 #include "base/time/time.h" |
| 28 #include "base/trace_event/trace_event.h" | 28 #include "base/trace_event/trace_event.h" |
| 29 #include "crypto/secure_hash.h" | 29 #include "crypto/secure_hash.h" |
| 30 #include "net/base/registry_controlled_domains/registry_controlled_domain.h" | 30 #include "net/base/registry_controlled_domains/registry_controlled_domain.h" |
| 31 #include "net/base/url_util.h" | 31 #include "net/base/url_util.h" |
| 32 #include "net/cert/pem_tokenizer.h" | 32 #include "net/cert/pem_tokenizer.h" |
| 33 #include "url/url_canon.h" | 33 #include "url/url_canon.h" |
| (...skipping 499 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 533 if (allow_common_name_fallback && cert_san_dns_names.empty() && | 533 if (allow_common_name_fallback && cert_san_dns_names.empty() && |
| 534 cert_san_ip_addrs.empty() && | 534 cert_san_ip_addrs.empty() && |
| 535 host_info.family == url::CanonHostInfo::IPV4) { | 535 host_info.family == url::CanonHostInfo::IPV4) { |
| 536 // Fallback to Common name matching. As this is deprecated and only | 536 // Fallback to Common name matching. As this is deprecated and only |
| 537 // supported for compatibility refuse it for IPv6 addresses. | 537 // supported for compatibility refuse it for IPv6 addresses. |
| 538 return reference_name == cert_common_name; | 538 return reference_name == cert_common_name; |
| 539 } | 539 } |
| 540 base::StringPiece ip_addr_string( | 540 base::StringPiece ip_addr_string( |
| 541 reinterpret_cast<const char*>(host_info.address), | 541 reinterpret_cast<const char*>(host_info.address), |
| 542 host_info.AddressLength()); | 542 host_info.AddressLength()); |
| 543 return std::find(cert_san_ip_addrs.begin(), cert_san_ip_addrs.end(), | 543 return base::ContainsValue(cert_san_ip_addrs, ip_addr_string); |
| 544 ip_addr_string) != cert_san_ip_addrs.end(); | |
| 545 } | 544 } |
| 546 | 545 |
| 547 // |reference_domain| is the remainder of |host| after the leading host | 546 // |reference_domain| is the remainder of |host| after the leading host |
| 548 // component is stripped off, but includes the leading dot e.g. | 547 // component is stripped off, but includes the leading dot e.g. |
| 549 // "www.f.com" -> ".f.com". | 548 // "www.f.com" -> ".f.com". |
| 550 // If there is no meaningful domain part to |host| (e.g. it contains no dots) | 549 // If there is no meaningful domain part to |host| (e.g. it contains no dots) |
| 551 // then |reference_domain| will be empty. | 550 // then |reference_domain| will be empty. |
| 552 base::StringPiece reference_host, reference_domain; | 551 base::StringPiece reference_host, reference_domain; |
| 553 SplitOnChar(reference_name, '.', &reference_host, &reference_domain); | 552 SplitOnChar(reference_name, '.', &reference_host, &reference_domain); |
| 554 bool allow_wildcards = false; | 553 bool allow_wildcards = false; |
| (...skipping 177 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 732 RemoveFromCache(cert_handle_); | 731 RemoveFromCache(cert_handle_); |
| 733 FreeOSCertHandle(cert_handle_); | 732 FreeOSCertHandle(cert_handle_); |
| 734 } | 733 } |
| 735 for (size_t i = 0; i < intermediate_ca_certs_.size(); ++i) { | 734 for (size_t i = 0; i < intermediate_ca_certs_.size(); ++i) { |
| 736 RemoveFromCache(intermediate_ca_certs_[i]); | 735 RemoveFromCache(intermediate_ca_certs_[i]); |
| 737 FreeOSCertHandle(intermediate_ca_certs_[i]); | 736 FreeOSCertHandle(intermediate_ca_certs_[i]); |
| 738 } | 737 } |
| 739 } | 738 } |
| 740 | 739 |
| 741 } // namespace net | 740 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2943703002:
Use ContainsValue() instead of std::find() in net/ (Closed)
