OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/base/net_util.h" | 5 #include "net/base/net_util.h" |
6 | 6 |
7 #include <errno.h> | 7 #include <errno.h> |
8 #include <string.h> | 8 #include <string.h> |
9 | 9 |
10 #include <algorithm> | 10 #include <algorithm> |
(...skipping 89 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
100 113, // auth | 100 113, // auth |
101 115, // sftp | 101 115, // sftp |
102 117, // uucp-path | 102 117, // uucp-path |
103 119, // nntp | 103 119, // nntp |
104 123, // NTP | 104 123, // NTP |
105 135, // loc-srv /epmap | 105 135, // loc-srv /epmap |
106 139, // netbios | 106 139, // netbios |
107 143, // imap2 | 107 143, // imap2 |
108 179, // BGP | 108 179, // BGP |
109 389, // ldap | 109 389, // ldap |
110 443, // https / wss (see https://crbug.com/436451) | |
111 465, // smtp+ssl | 110 465, // smtp+ssl |
112 512, // print / exec | 111 512, // print / exec |
113 513, // login | 112 513, // login |
114 514, // shell | 113 514, // shell |
115 515, // printer | 114 515, // printer |
116 526, // tempo | 115 526, // tempo |
117 530, // courier | 116 530, // courier |
118 531, // chat | 117 531, // chat |
119 532, // netnews | 118 532, // netnews |
120 540, // uucp | 119 540, // uucp |
(...skipping 17 matching lines...) Expand all Loading... |
138 // third_party/WebKit/Source/platform/weborigin/KURL.cpp, | 137 // third_party/WebKit/Source/platform/weborigin/KURL.cpp, |
139 // KURL::port()) | 138 // KURL::port()) |
140 }; | 139 }; |
141 | 140 |
142 // FTP overrides the following restricted ports. | 141 // FTP overrides the following restricted ports. |
143 static const int kAllowedFtpPorts[] = { | 142 static const int kAllowedFtpPorts[] = { |
144 21, // ftp data | 143 21, // ftp data |
145 22, // ssh | 144 22, // ssh |
146 }; | 145 }; |
147 | 146 |
148 // HTTPS and WSS override the following restricted port. | |
149 static const int kAllowedHttpsOrWssPorts[] = { | |
150 443, // https / wss | |
151 }; | |
152 | |
153 bool IPNumberPrefixCheck(const IPAddressNumber& ip_number, | 147 bool IPNumberPrefixCheck(const IPAddressNumber& ip_number, |
154 const unsigned char* ip_prefix, | 148 const unsigned char* ip_prefix, |
155 size_t prefix_length_in_bits) { | 149 size_t prefix_length_in_bits) { |
156 // Compare all the bytes that fall entirely within the prefix. | 150 // Compare all the bytes that fall entirely within the prefix. |
157 int num_entire_bytes_in_prefix = prefix_length_in_bits / 8; | 151 int num_entire_bytes_in_prefix = prefix_length_in_bits / 8; |
158 for (int i = 0; i < num_entire_bytes_in_prefix; ++i) { | 152 for (int i = 0; i < num_entire_bytes_in_prefix; ++i) { |
159 if (ip_number[i] != ip_prefix[i]) | 153 if (ip_number[i] != ip_prefix[i]) |
160 return false; | 154 return false; |
161 } | 155 } |
162 | 156 |
(...skipping 156 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
319 int array_size = arraysize(kAllowedFtpPorts); | 313 int array_size = arraysize(kAllowedFtpPorts); |
320 for (int i = 0; i < array_size; i++) { | 314 for (int i = 0; i < array_size; i++) { |
321 if (kAllowedFtpPorts[i] == port) { | 315 if (kAllowedFtpPorts[i] == port) { |
322 return true; | 316 return true; |
323 } | 317 } |
324 } | 318 } |
325 // Port not explicitly allowed by FTP, so return the default restrictions. | 319 // Port not explicitly allowed by FTP, so return the default restrictions. |
326 return IsPortAllowedByDefault(port); | 320 return IsPortAllowedByDefault(port); |
327 } | 321 } |
328 | 322 |
329 bool IsPortAllowedByHttpsOrWss(int port) { | |
330 int array_size = arraysize(kAllowedHttpsOrWssPorts); | |
331 for (int i = 0; i < array_size; i++) { | |
332 if (kAllowedHttpsOrWssPorts[i] == port) { | |
333 return true; | |
334 } | |
335 } | |
336 // Port not explicitly allowed by HTTPS or WSS, so return the default | |
337 // restrictions. | |
338 return IsPortAllowedByDefault(port); | |
339 } | |
340 | |
341 bool IsEffectivePortAllowedByScheme(const GURL& url) { | |
342 int port = url.EffectiveIntPort(); | |
343 if (url.SchemeIs("ftp")) { | |
344 return IsPortAllowedByFtp(port); | |
345 } else if (url.SchemeIs("https") || url.SchemeIs("wss")) { | |
346 return IsPortAllowedByHttpsOrWss(port); | |
347 } else { | |
348 return IsPortAllowedByDefault(port); | |
349 } | |
350 } | |
351 | |
352 bool IsPortAllowedByOverride(int port) { | 323 bool IsPortAllowedByOverride(int port) { |
353 if (g_explicitly_allowed_ports.Get().empty()) | 324 if (g_explicitly_allowed_ports.Get().empty()) |
354 return false; | 325 return false; |
355 | 326 |
356 return g_explicitly_allowed_ports.Get().count(port) > 0; | 327 return g_explicitly_allowed_ports.Get().count(port) > 0; |
357 } | 328 } |
358 | 329 |
359 int SetNonBlocking(int fd) { | 330 int SetNonBlocking(int fd) { |
360 #if defined(OS_WIN) | 331 #if defined(OS_WIN) |
361 unsigned long no_block = 1; | 332 unsigned long no_block = 1; |
(...skipping 723 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1085 | 1056 |
1086 unsigned MaskPrefixLength(const IPAddressNumber& mask) { | 1057 unsigned MaskPrefixLength(const IPAddressNumber& mask) { |
1087 IPAddressNumber all_ones(mask.size(), 0xFF); | 1058 IPAddressNumber all_ones(mask.size(), 0xFF); |
1088 return CommonPrefixLength(mask, all_ones); | 1059 return CommonPrefixLength(mask, all_ones); |
1089 } | 1060 } |
1090 | 1061 |
1091 ScopedWifiOptions::~ScopedWifiOptions() { | 1062 ScopedWifiOptions::~ScopedWifiOptions() { |
1092 } | 1063 } |
1093 | 1064 |
1094 } // namespace net | 1065 } // namespace net |
OLD | NEW |