OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/http/transport_security_state.h" | 5 #include "net/http/transport_security_state.h" |
6 | 6 |
7 #if defined(USE_OPENSSL) | 7 #if defined(USE_OPENSSL) |
8 #include <openssl/ecdsa.h> | 8 #include <openssl/ecdsa.h> |
9 #include <openssl/ssl.h> | 9 #include <openssl/ssl.h> |
10 #else // !defined(USE_OPENSSL) | 10 #else // !defined(USE_OPENSSL) |
(...skipping 226 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
237 // name is >255 bytes. However, search terms can have those properties. | 237 // name is >255 bytes. However, search terms can have those properties. |
238 return std::string(); | 238 return std::string(); |
239 } | 239 } |
240 | 240 |
241 for (size_t i = 0; new_host[i]; i += new_host[i] + 1) { | 241 for (size_t i = 0; new_host[i]; i += new_host[i] + 1) { |
242 const unsigned label_length = static_cast<unsigned>(new_host[i]); | 242 const unsigned label_length = static_cast<unsigned>(new_host[i]); |
243 if (!label_length) | 243 if (!label_length) |
244 break; | 244 break; |
245 | 245 |
246 for (size_t j = 0; j < label_length; ++j) { | 246 for (size_t j = 0; j < label_length; ++j) { |
247 // RFC 3490, 4.1, step 3 | |
248 if (!IsSTD3ASCIIValidCharacter(new_host[i + 1 + j])) | |
249 return std::string(); | |
250 | |
251 new_host[i + 1 + j] = tolower(new_host[i + 1 + j]); | 247 new_host[i + 1 + j] = tolower(new_host[i + 1 + j]); |
252 } | 248 } |
253 | |
254 // step 3(b) | |
255 if (new_host[i + 1] == '-' || | |
256 new_host[i + label_length] == '-') { | |
257 return std::string(); | |
258 } | |
259 } | 249 } |
260 | 250 |
261 return new_host; | 251 return new_host; |
262 } | 252 } |
263 | 253 |
264 // |ReportUMAOnPinFailure| uses these to report which domain was associated | 254 // |ReportUMAOnPinFailure| uses these to report which domain was associated |
265 // with the public key pinning failure. | 255 // with the public key pinning failure. |
266 // | 256 // |
267 // DO NOT CHANGE THE ORDERING OF THESE NAMES OR REMOVE ANY OF THEM. Add new | 257 // DO NOT CHANGE THE ORDERING OF THESE NAMES OR REMOVE ANY OF THEM. Add new |
268 // domains at the END of the listing (but before DOMAIN_NUM_EVENTS). | 258 // domains at the END of the listing (but before DOMAIN_NUM_EVENTS). |
(...skipping 617 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
886 return true; | 876 return true; |
887 } | 877 } |
888 | 878 |
889 bool TransportSecurityState::DomainState::HasPublicKeyPins() const { | 879 bool TransportSecurityState::DomainState::HasPublicKeyPins() const { |
890 return static_spki_hashes.size() > 0 || | 880 return static_spki_hashes.size() > 0 || |
891 bad_static_spki_hashes.size() > 0 || | 881 bad_static_spki_hashes.size() > 0 || |
892 dynamic_spki_hashes.size() > 0; | 882 dynamic_spki_hashes.size() > 0; |
893 } | 883 } |
894 | 884 |
895 } // namespace | 885 } // namespace |
OLD | NEW |