Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(89)

Side by Side Diff: net/http/transport_security_state.cc

Issue 54623005: net: allow invalid TransportSecurityState to process invalid DNS names. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Fix browser tests. Created 7 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/base/dns_util_unittest.cc ('k') | net/http/transport_security_state_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/http/transport_security_state.h" 5 #include "net/http/transport_security_state.h"
6 6
7 #if defined(USE_OPENSSL) 7 #if defined(USE_OPENSSL)
8 #include <openssl/ecdsa.h> 8 #include <openssl/ecdsa.h>
9 #include <openssl/ssl.h> 9 #include <openssl/ssl.h>
10 #else // !defined(USE_OPENSSL) 10 #else // !defined(USE_OPENSSL)
(...skipping 226 matching lines...) Expand 10 before | Expand all | Expand 10 after
237 // name is >255 bytes. However, search terms can have those properties. 237 // name is >255 bytes. However, search terms can have those properties.
238 return std::string(); 238 return std::string();
239 } 239 }
240 240
241 for (size_t i = 0; new_host[i]; i += new_host[i] + 1) { 241 for (size_t i = 0; new_host[i]; i += new_host[i] + 1) {
242 const unsigned label_length = static_cast<unsigned>(new_host[i]); 242 const unsigned label_length = static_cast<unsigned>(new_host[i]);
243 if (!label_length) 243 if (!label_length)
244 break; 244 break;
245 245
246 for (size_t j = 0; j < label_length; ++j) { 246 for (size_t j = 0; j < label_length; ++j) {
247 // RFC 3490, 4.1, step 3
248 if (!IsSTD3ASCIIValidCharacter(new_host[i + 1 + j]))
249 return std::string();
250
251 new_host[i + 1 + j] = tolower(new_host[i + 1 + j]); 247 new_host[i + 1 + j] = tolower(new_host[i + 1 + j]);
252 } 248 }
253
254 // step 3(b)
255 if (new_host[i + 1] == '-' ||
256 new_host[i + label_length] == '-') {
257 return std::string();
258 }
259 } 249 }
260 250
261 return new_host; 251 return new_host;
262 } 252 }
263 253
264 // |ReportUMAOnPinFailure| uses these to report which domain was associated 254 // |ReportUMAOnPinFailure| uses these to report which domain was associated
265 // with the public key pinning failure. 255 // with the public key pinning failure.
266 // 256 //
267 // DO NOT CHANGE THE ORDERING OF THESE NAMES OR REMOVE ANY OF THEM. Add new 257 // DO NOT CHANGE THE ORDERING OF THESE NAMES OR REMOVE ANY OF THEM. Add new
268 // domains at the END of the listing (but before DOMAIN_NUM_EVENTS). 258 // domains at the END of the listing (but before DOMAIN_NUM_EVENTS).
(...skipping 617 matching lines...) Expand 10 before | Expand all | Expand 10 after
886 return true; 876 return true;
887 } 877 }
888 878
889 bool TransportSecurityState::DomainState::HasPublicKeyPins() const { 879 bool TransportSecurityState::DomainState::HasPublicKeyPins() const {
890 return static_spki_hashes.size() > 0 || 880 return static_spki_hashes.size() > 0 ||
891 bad_static_spki_hashes.size() > 0 || 881 bad_static_spki_hashes.size() > 0 ||
892 dynamic_spki_hashes.size() > 0; 882 dynamic_spki_hashes.size() > 0;
893 } 883 }
894 884
895 } // namespace 885 } // namespace
OLDNEW
« no previous file with comments | « net/base/dns_util_unittest.cc ('k') | net/http/transport_security_state_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698