Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(274)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: web_page_replay_go/src/webpagereplay/legacyformatconvertor.go

Issue 2992253002: [wpr-go] Use a dummy cert if no cert is recorded (Closed)
Patch Set: Created 3 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « web_page_replay_go/src/webpagereplay/certs.go ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: web_page_replay_go/src/webpagereplay/legacyformatconvertor.go
diff --git a/web_page_replay_go/src/webpagereplay/legacyformatconvertor.go b/web_page_replay_go/src/webpagereplay/legacyformatconvertor.go
index 5fe4fca959ed46ecbb9f6d6c443948a7731770c7..61f5b27a8d68a41bbaad8d30badd24ca5991bd33 100644
--- a/web_page_replay_go/src/webpagereplay/legacyformatconvertor.go
+++ b/web_page_replay_go/src/webpagereplay/legacyformatconvertor.go
@@ -10,14 +10,11 @@ package webpagereplay
import (
"bytes"
- "crypto"
- "crypto/rand"
"crypto/tls"
"crypto/x509"
"encoding/base64"
"encoding/json"
"fmt"
- "io"
"io/ioutil"
"net"
"net/http"
@@ -75,29 +72,6 @@ func (cfg *ConvertorConfig) Flags() []cli.Flag {
}
}
-// Mints a dummy server cert to be used when the real server is not reachable.
-// This is used in the transition from the python wpr format to the new wprgo format where servers
-// from the old recordings (especially CDNs) have since become unreachable. crbug.com/730036
-func mintDummyCertificate(serverName string, rootCert *x509.Certificate, rootKey crypto.PrivateKey) ([]byte, string, error) {
- template := rootCert
- if ip := net.ParseIP(serverName); ip != nil {
- template.IPAddresses = []net.IP{ip}
- } else {
- template.DNSNames = []string{serverName}
- }
- var buf [20]byte
- if _, err := io.ReadFull(rand.Reader, buf[:]); err != nil {
- return nil, "", fmt.Errorf("create cert failed: %v", err)
- }
- template.SerialNumber.SetBytes(buf[:])
- template.Issuer = template.Subject
- derBytes, err := x509.CreateCertificate(rand.Reader, template, template, template.PublicKey, rootKey)
- if err != nil {
- return nil, "", fmt.Errorf("create cert failed: %v", err)
- }
- return derBytes, "", err
-}
-
func (r *ConvertorConfig) recordServerCert(scheme string, serverName string, archive *WritableArchive) error {
if scheme != "https" {
return nil
@@ -108,7 +82,7 @@ func (r *ConvertorConfig) recordServerCert(scheme string, serverName string, arc
}
derBytes, negotiatedProtocol, err = MintServerCert(serverName, r.x509Cert, r.tlsCert.PrivateKey)
if err != nil {
- derBytes, negotiatedProtocol, err = mintDummyCertificate(serverName, r.x509Cert, r.tlsCert.PrivateKey)
+ derBytes, negotiatedProtocol, err = MintDummyCertificate(serverName, r.x509Cert, r.tlsCert.PrivateKey)
if err != nil {
return err
}
« no previous file with comments | « web_page_replay_go/src/webpagereplay/certs.go ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698