| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/transport_security_state.h" | 5 #include "net/http/transport_security_state.h" |
| 6 | 6 |
| 7 #if defined(USE_OPENSSL) | 7 #if defined(USE_OPENSSL) |
| 8 #include <openssl/ecdsa.h> | 8 #include <openssl/ecdsa.h> |
| 9 #include <openssl/ssl.h> | 9 #include <openssl/ssl.h> |
| 10 #else // !defined(USE_OPENSSL) | 10 #else // !defined(USE_OPENSSL) |
| (...skipping 226 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 237 // name is >255 bytes. However, search terms can have those properties. | 237 // name is >255 bytes. However, search terms can have those properties. |
| 238 return std::string(); | 238 return std::string(); |
| 239 } | 239 } |
| 240 | 240 |
| 241 for (size_t i = 0; new_host[i]; i += new_host[i] + 1) { | 241 for (size_t i = 0; new_host[i]; i += new_host[i] + 1) { |
| 242 const unsigned label_length = static_cast<unsigned>(new_host[i]); | 242 const unsigned label_length = static_cast<unsigned>(new_host[i]); |
| 243 if (!label_length) | 243 if (!label_length) |
| 244 break; | 244 break; |
| 245 | 245 |
| 246 for (size_t j = 0; j < label_length; ++j) { | 246 for (size_t j = 0; j < label_length; ++j) { |
| 247 // RFC 3490, 4.1, step 3 | |
| 248 if (!IsSTD3ASCIIValidCharacter(new_host[i + 1 + j])) | |
| 249 return std::string(); | |
| 250 | |
| 251 new_host[i + 1 + j] = tolower(new_host[i + 1 + j]); | 247 new_host[i + 1 + j] = tolower(new_host[i + 1 + j]); |
| 252 } | 248 } |
| 253 | |
| 254 // step 3(b) | |
| 255 if (new_host[i + 1] == '-' || | |
| 256 new_host[i + label_length] == '-') { | |
| 257 return std::string(); | |
| 258 } | |
| 259 } | 249 } |
| 260 | 250 |
| 261 return new_host; | 251 return new_host; |
| 262 } | 252 } |
| 263 | 253 |
| 264 // |ReportUMAOnPinFailure| uses these to report which domain was associated | 254 // |ReportUMAOnPinFailure| uses these to report which domain was associated |
| 265 // with the public key pinning failure. | 255 // with the public key pinning failure. |
| 266 // | 256 // |
| 267 // DO NOT CHANGE THE ORDERING OF THESE NAMES OR REMOVE ANY OF THEM. Add new | 257 // DO NOT CHANGE THE ORDERING OF THESE NAMES OR REMOVE ANY OF THEM. Add new |
| 268 // domains at the END of the listing (but before DOMAIN_NUM_EVENTS). | 258 // domains at the END of the listing (but before DOMAIN_NUM_EVENTS). |
| (...skipping 617 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 886 return true; | 876 return true; |
| 887 } | 877 } |
| 888 | 878 |
| 889 bool TransportSecurityState::DomainState::HasPublicKeyPins() const { | 879 bool TransportSecurityState::DomainState::HasPublicKeyPins() const { |
| 890 return static_spki_hashes.size() > 0 || | 880 return static_spki_hashes.size() > 0 || |
| 891 bad_static_spki_hashes.size() > 0 || | 881 bad_static_spki_hashes.size() > 0 || |
| 892 dynamic_spki_hashes.size() > 0; | 882 dynamic_spki_hashes.size() > 0; |
| 893 } | 883 } |
| 894 | 884 |
| 895 } // namespace | 885 } // namespace |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 54623005:
net: allow invalid TransportSecurityState to process invalid DNS names. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src