Chromium Code Reviews Chromium Code Reviews
Issue 610063002:
Fix UMA stat for expiration of certificate memory decisions (Closed)
Base URL: https://chromium.googlesource.com/chromium/src@master| Index: chrome/browser/ssl/chrome_ssl_host_state_delegate.cc |
| diff --git a/chrome/browser/ssl/chrome_ssl_host_state_delegate.cc b/chrome/browser/ssl/chrome_ssl_host_state_delegate.cc |
| index 3fcb7bc224e01ac092b3bf7196325bf861ec89f3..3bff5ed6f789039e7a7f7bca793d152d033d02c1 100644 |
| --- a/chrome/browser/ssl/chrome_ssl_host_state_delegate.cc |
| +++ b/chrome/browser/ssl/chrome_ssl_host_state_delegate.cc |
| @@ -9,6 +9,7 @@ |
| #include "base/base64.h" |
| #include "base/bind.h" |
| #include "base/command_line.h" |
| +#include "base/guid.h" |
| #include "base/logging.h" |
| #include "base/metrics/field_trial.h" |
| #include "base/strings/string_number_conversions.h" |
| @@ -46,6 +47,7 @@ const char kRememberCertificateErrorDecisionsFieldTrialLengthParam[] = "length"; |
| const char kSSLCertDecisionCertErrorMapKey[] = "cert_exceptions_map"; |
| const char kSSLCertDecisionExpirationTimeKey[] = "decision_expiration_time"; |
| const char kSSLCertDecisionVersionKey[] = "version"; |
| +const char kSSLCertDecisionGUIDKey[] = "guid"; |
| const int kDefaultSSLCertDecisionVersion = 1; |
| @@ -217,8 +219,20 @@ base::DictionaryValue* ChromeSSLHostStateDelegate::GetValidCertDecisionsDict( |
| // better to store the value as a string. |
| dict->SetString(kSSLCertDecisionExpirationTimeKey, |
| base::Int64ToString(expiration_time.ToInternalValue())); |
| + } else if (should_remember_ssl_decisions_ == |
| + FORGET_SSL_EXCEPTION_DECISIONS_AT_SESSION_END) { |
| + if (dict->HasKey(kSSLCertDecisionGUIDKey)) { |
| + std::string old_expiration_guid; |
| + success = dict->GetString(kSSLCertDecisionGUIDKey, &old_expiration_guid); |
| + if (old_expiration_guid.compare(current_expiration_guid_) != 0) { |
| + *expired_previous_decision = true; |
| + expired = true; |
| + } |
| + } |
| } |
| + dict->SetString(kSSLCertDecisionGUIDKey, current_expiration_guid_); |
| + |
| // Extract the map of certificate fingerprints to errors from the setting. |
| base::DictionaryValue* cert_error_dict = NULL; // Will be owned by dict |
| if (expired || |
| @@ -236,18 +250,19 @@ base::DictionaryValue* ChromeSSLHostStateDelegate::GetValidCertDecisionsDict( |
| // If |should_remember_ssl_decisions_| is |
| // FORGET_SSL_EXCEPTION_DECISIONS_AT_SESSION_END, that means that all invalid |
| -// certificate proceed decisions should be forgotten when the session ends. At |
| -// attempt is made in the destructor to remove the entries, but in the case that |
| -// things didn't shut down cleanly, on start, Clear is called to guarantee a |
| -// clean state. |
| +// certificate proceed decisions should be forgotten when the session ends. To |
| +// simulate that, Chrome keeps track of a guid to represent the current browser |
| +// session and stores it in decision entries. See the comment for |
| +// |current_expiration_guid_| for more information. |
| ChromeSSLHostStateDelegate::ChromeSSLHostStateDelegate(Profile* profile) |
| - : clock_(new base::DefaultClock()), profile_(profile) { |
| + : clock_(new base::DefaultClock()), |
| + profile_(profile), |
| + current_expiration_guid_(base::GenerateGUID()) { |
|
felt
2014/10/01 02:42:36
This comment is not actionable, it's just a note f
|
| int64 expiration_delta = GetExpirationDelta(); |
| if (expiration_delta == kForgetAtSessionEndSwitchValue) { |
| should_remember_ssl_decisions_ = |
| FORGET_SSL_EXCEPTION_DECISIONS_AT_SESSION_END; |
| expiration_delta = 0; |
| - Clear(); |
| } else { |
| should_remember_ssl_decisions_ = REMEMBER_SSL_EXCEPTION_DECISIONS_FOR_DELTA; |
| } |
| @@ -256,9 +271,6 @@ ChromeSSLHostStateDelegate::ChromeSSLHostStateDelegate(Profile* profile) |
| } |
| ChromeSSLHostStateDelegate::~ChromeSSLHostStateDelegate() { |
| - if (should_remember_ssl_decisions_ == |
| - FORGET_SSL_EXCEPTION_DECISIONS_AT_SESSION_END) |
| - Clear(); |
| } |
| void ChromeSSLHostStateDelegate::AllowCert(const std::string& host, |
