| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/transport_security_state.h" | 5 #include "net/http/transport_security_state.h" |
| 6 | 6 |
| 7 #if defined(USE_OPENSSL) | 7 #if defined(USE_OPENSSL) |
| 8 #include <openssl/ecdsa.h> | 8 #include <openssl/ecdsa.h> |
| 9 #include <openssl/ssl.h> | 9 #include <openssl/ssl.h> |
| 10 #else // !defined(USE_OPENSSL) | 10 #else // !defined(USE_OPENSSL) |
| (...skipping 703 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 714 } | 714 } |
| 715 | 715 |
| 716 DCHECK(result.domain_id != DOMAIN_NOT_PINNED); | 716 DCHECK(result.domain_id != DOMAIN_NOT_PINNED); |
| 717 | 717 |
| 718 UMA_HISTOGRAM_ENUMERATION( | 718 UMA_HISTOGRAM_ENUMERATION( |
| 719 "Net.PublicKeyPinFailureDomain", result.domain_id, DOMAIN_NUM_EVENTS); | 719 "Net.PublicKeyPinFailureDomain", result.domain_id, DOMAIN_NUM_EVENTS); |
| 720 } | 720 } |
| 721 | 721 |
| 722 // static | 722 // static |
| 723 bool TransportSecurityState::IsBuildTimely() { | 723 bool TransportSecurityState::IsBuildTimely() { |
| 724 // If the build metadata aren't embedded in the binary then we can't use the |
| 725 // build time to determine if the build is timely, return true by default. If |
| 726 // we're building an official build then keep using the build time, even if |
| 727 // it's invalid it'd be a date in the past and this function will return |
| 728 // false. |
| 729 #if defined(DONT_EMBED_BUILD_METADATA) && !defined(OFFICIAL_BUILD) |
| 730 return true; |
| 731 #else |
| 724 const base::Time build_time = base::GetBuildTime(); | 732 const base::Time build_time = base::GetBuildTime(); |
| 725 // We consider built-in information to be timely for 10 weeks. | 733 // We consider built-in information to be timely for 10 weeks. |
| 726 return (base::Time::Now() - build_time).InDays() < 70 /* 10 weeks */; | 734 return (base::Time::Now() - build_time).InDays() < 70 /* 10 weeks */; |
| 735 #endif |
| 727 } | 736 } |
| 728 | 737 |
| 729 bool TransportSecurityState::CheckPublicKeyPinsImpl( | 738 bool TransportSecurityState::CheckPublicKeyPinsImpl( |
| 730 const std::string& host, | 739 const std::string& host, |
| 731 const HashValueVector& hashes, | 740 const HashValueVector& hashes, |
| 732 std::string* failure_log) { | 741 std::string* failure_log) { |
| 733 DomainState dynamic_state; | 742 DomainState dynamic_state; |
| 734 if (GetDynamicDomainState(host, &dynamic_state)) | 743 if (GetDynamicDomainState(host, &dynamic_state)) |
| 735 return dynamic_state.CheckPublicKeyPins(hashes, failure_log); | 744 return dynamic_state.CheckPublicKeyPins(hashes, failure_log); |
| 736 | 745 |
| (...skipping 162 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 899 return pkp.spki_hashes.size() > 0 || pkp.bad_spki_hashes.size() > 0; | 908 return pkp.spki_hashes.size() > 0 || pkp.bad_spki_hashes.size() > 0; |
| 900 } | 909 } |
| 901 | 910 |
| 902 TransportSecurityState::DomainState::PKPState::PKPState() { | 911 TransportSecurityState::DomainState::PKPState::PKPState() { |
| 903 } | 912 } |
| 904 | 913 |
| 905 TransportSecurityState::DomainState::PKPState::~PKPState() { | 914 TransportSecurityState::DomainState::PKPState::~PKPState() { |
| 906 } | 915 } |
| 907 | 916 |
| 908 } // namespace | 917 } // namespace |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 695523002:
Change dont_embed_build_metadata default to 1 except for Official build and fix some unittests. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master