Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(490)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: web_page_replay_go/src/webpagereplay/legacyformatconvertor.go

Issue 2992253002: [wpr-go] Use a dummy cert if no cert is recorded (Closed)
Patch Set: Created 3 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « web_page_replay_go/src/webpagereplay/certs.go ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2017 The Chromium Authors. All rights reserved. 1 // Copyright 2017 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 package webpagereplay 5 package webpagereplay
6 6
7 // Converts an old archive format to the new format. This file is 7 // Converts an old archive format to the new format. This file is
8 // temporary until crbug.com/730036 is fixed) and is used in 8 // temporary until crbug.com/730036 is fixed) and is used in
9 // tools/perf/convert_legacy_wpr_archive. 9 // tools/perf/convert_legacy_wpr_archive.
10 10
11 import ( 11 import (
12 "bytes" 12 "bytes"
13 "crypto"
14 "crypto/rand"
15 "crypto/tls" 13 "crypto/tls"
16 "crypto/x509" 14 "crypto/x509"
17 "encoding/base64" 15 "encoding/base64"
18 "encoding/json" 16 "encoding/json"
19 "fmt" 17 "fmt"
20 "io"
21 "io/ioutil" 18 "io/ioutil"
22 "net" 19 "net"
23 "net/http" 20 "net/http"
24 "net/url" 21 "net/url"
25 "os" 22 "os"
26 "strconv" 23 "strconv"
27 24
28 "github.com/codegangsta/cli" 25 "github.com/codegangsta/cli"
29 ) 26 )
30 27
(...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after
68 }, 65 },
69 cli.IntFlag{ 66 cli.IntFlag{
70 Name: "http_port", 67 Name: "http_port",
71 Value: -1, 68 Value: -1,
72 Usage: "Python WPR's http port.", 69 Usage: "Python WPR's http port.",
73 Destination: &cfg.httpPort, 70 Destination: &cfg.httpPort,
74 }, 71 },
75 } 72 }
76 } 73 }
77 74
78 // Mints a dummy server cert to be used when the real server is not reachable.
79 // This is used in the transition from the python wpr format to the new wprgo fo rmat where servers
80 // from the old recordings (especially CDNs) have since become unreachable. crbu g.com/730036
81 func mintDummyCertificate(serverName string, rootCert *x509.Certificate, rootKey crypto.PrivateKey) ([]byte, string, error) {
82 template := rootCert
83 if ip := net.ParseIP(serverName); ip != nil {
84 template.IPAddresses = []net.IP{ip}
85 } else {
86 template.DNSNames = []string{serverName}
87 }
88 var buf [20]byte
89 if _, err := io.ReadFull(rand.Reader, buf[:]); err != nil {
90 return nil, "", fmt.Errorf("create cert failed: %v", err)
91 }
92 template.SerialNumber.SetBytes(buf[:])
93 template.Issuer = template.Subject
94 derBytes, err := x509.CreateCertificate(rand.Reader, template, template, template.PublicKey, rootKey)
95 if err != nil {
96 return nil, "", fmt.Errorf("create cert failed: %v", err)
97 }
98 return derBytes, "", err
99 }
100
101 func (r *ConvertorConfig) recordServerCert(scheme string, serverName string, arc hive *WritableArchive) error { 75 func (r *ConvertorConfig) recordServerCert(scheme string, serverName string, arc hive *WritableArchive) error {
102 if scheme != "https" { 76 if scheme != "https" {
103 return nil 77 return nil
104 } 78 }
105 derBytes, negotiatedProtocol, err := archive.Archive.FindHostTlsConfig(s erverName) 79 derBytes, negotiatedProtocol, err := archive.Archive.FindHostTlsConfig(s erverName)
106 if err == nil && derBytes != nil { 80 if err == nil && derBytes != nil {
107 return err 81 return err
108 } 82 }
109 derBytes, negotiatedProtocol, err = MintServerCert(serverName, r.x509Cer t, r.tlsCert.PrivateKey) 83 derBytes, negotiatedProtocol, err = MintServerCert(serverName, r.x509Cer t, r.tlsCert.PrivateKey)
110 if err != nil { 84 if err != nil {
111 » » derBytes, negotiatedProtocol, err = mintDummyCertificate(serverN ame, r.x509Cert, r.tlsCert.PrivateKey) 85 » » derBytes, negotiatedProtocol, err = MintDummyCertificate(serverN ame, r.x509Cert, r.tlsCert.PrivateKey)
112 if err != nil { 86 if err != nil {
113 return err 87 return err
114 } 88 }
115 } 89 }
116 archive.RecordTlsConfig(serverName, derBytes, negotiatedProtocol) 90 archive.RecordTlsConfig(serverName, derBytes, negotiatedProtocol)
117 return nil 91 return nil
118 } 92 }
119 93
120 func (r *ConvertorConfig) Convert(c *cli.Context) { 94 func (r *ConvertorConfig) Convert(c *cli.Context) {
121 if r.httpPort == -1 || r.httpsPort == -1 { 95 if r.httpPort == -1 || r.httpsPort == -1 {
(...skipping 97 matching lines...) Expand 10 before | Expand all | Expand 10 after
219 // If cert fails to record, it usually because the host 193 // If cert fails to record, it usually because the host
220 // is no longer reachable. Do not error out here. 194 // is no longer reachable. Do not error out here.
221 fmt.Printf("failed recording cert: %v", err) 195 fmt.Printf("failed recording cert: %v", err)
222 } 196 }
223 } 197 }
224 198
225 if err := archive.Close(); err != nil { 199 if err := archive.Close(); err != nil {
226 fmt.Printf("Error flushing archive: %v", err) 200 fmt.Printf("Error flushing archive: %v", err)
227 } 201 }
228 } 202 }
OLDNEW
« no previous file with comments | « web_page_replay_go/src/webpagereplay/certs.go ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698