OLD | NEW |
---|---|
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/net/certificate_error_reporter.h" | 5 #include "chrome/browser/net/certificate_error_reporter.h" |
6 | 6 |
7 #include <set> | 7 #include <set> |
8 | 8 |
9 #include "base/logging.h" | 9 #include "base/logging.h" |
10 #include "base/stl_util.h" | 10 #include "base/stl_util.h" |
11 #include "base/time/time.h" | 11 #include "base/time/time.h" |
12 #include "chrome/browser/net/cert_logger.pb.h" | 12 #include "chrome/browser/net/cert_logger.pb.h" |
13 #include "net/base/elements_upload_data_stream.h" | 13 #include "net/base/elements_upload_data_stream.h" |
14 #include "net/base/load_flags.h" | 14 #include "net/base/load_flags.h" |
15 #include "net/base/request_priority.h" | 15 #include "net/base/request_priority.h" |
16 #include "net/base/upload_bytes_element_reader.h" | 16 #include "net/base/upload_bytes_element_reader.h" |
17 #include "net/cert/x509_certificate.h" | 17 #include "net/cert/x509_certificate.h" |
18 #include "net/ssl/ssl_info.h" | 18 #include "net/ssl/ssl_info.h" |
19 #include "net/url_request/url_request_context.h" | 19 #include "net/url_request/url_request_context.h" |
20 | 20 |
21 namespace chrome_browser_net { | 21 namespace chrome_browser_net { |
22 | 22 |
23 // URL to upload invalid certificate chain reports | |
24 // TODO(estark): Fill this in with the real URL when live. | |
25 const char kExtendedReportingUploadUrl[] = "http://example.test"; | |
mattm
2015/03/24 21:56:39
Should this just go in ping_manager.cc?
estark
2015/03/24 23:06:06
Done.
| |
26 | |
23 CertificateErrorReporter::CertificateErrorReporter( | 27 CertificateErrorReporter::CertificateErrorReporter( |
24 net::URLRequestContext* request_context, | 28 net::URLRequestContext* request_context, |
25 const GURL& upload_url) | 29 const GURL& upload_url) |
26 : request_context_(request_context), upload_url_(upload_url) { | 30 : request_context_(request_context), upload_url_(upload_url) { |
27 DCHECK(!upload_url.is_empty()); | 31 DCHECK(!upload_url.is_empty()); |
28 } | 32 } |
29 | 33 |
30 CertificateErrorReporter::~CertificateErrorReporter() { | 34 CertificateErrorReporter::~CertificateErrorReporter() { |
31 STLDeleteElements(&inflight_requests_); | 35 STLDeleteElements(&inflight_requests_); |
32 } | 36 } |
33 | 37 |
34 void CertificateErrorReporter::SendReport(ReportType type, | 38 void CertificateErrorReporter::SendReport(ReportType type, |
35 const std::string& hostname, | 39 const std::string& hostname, |
36 const net::SSLInfo& ssl_info) { | 40 const net::SSLInfo& ssl_info) { |
37 CertLoggerRequest request; | 41 CertLoggerRequest request; |
38 std::string out; | 42 std::string out; |
39 | 43 |
40 BuildReport(hostname, ssl_info, &request); | 44 BuildReport(hostname, ssl_info, &request); |
41 | 45 |
42 switch (type) { | 46 switch (type) { |
43 case REPORT_TYPE_PINNING_VIOLATION: | 47 case REPORT_TYPE_PINNING_VIOLATION: |
44 SendCertLoggerRequest(request); | 48 SendCertLoggerRequest(type, request); |
45 break; | 49 break; |
46 case REPORT_TYPE_EXTENDED_REPORTING: | 50 case REPORT_TYPE_EXTENDED_REPORTING: |
47 // TODO(estark): Double-check that the user is opted in. | 51 // TODO(estark): Double-check that the user is opted in. |
48 // TODO(estark): Temporarily, since this is no upload endpoint, just | 52 // TODO(estark): Temporarily, since this is no upload endpoint, just |
49 // log the information. | 53 // log the information. |
50 request.SerializeToString(&out); | 54 DVLOG(1) << "Would send certificate report for " << hostname; |
51 DVLOG(3) << "SSL report for " << hostname << ":\n" << out << "\n\n"; | |
52 break; | 55 break; |
53 default: | 56 default: |
54 NOTREACHED(); | 57 NOTREACHED(); |
55 } | 58 } |
56 } | 59 } |
57 | 60 |
58 void CertificateErrorReporter::OnResponseStarted(net::URLRequest* request) { | 61 void CertificateErrorReporter::OnResponseStarted(net::URLRequest* request) { |
59 const net::URLRequestStatus& status(request->status()); | 62 const net::URLRequestStatus& status(request->status()); |
60 if (!status.is_success()) { | 63 if (!status.is_success()) { |
61 LOG(WARNING) << "Certificate upload failed" | 64 LOG(WARNING) << "Certificate upload failed" |
62 << " status:" << status.status() | 65 << " status:" << status.status() |
63 << " error:" << status.error(); | 66 << " error:" << status.error(); |
64 } else if (request->GetResponseCode() != 200) { | 67 } else if (request->GetResponseCode() != 200) { |
65 LOG(WARNING) << "Certificate upload HTTP status: " | 68 LOG(WARNING) << "Certificate upload HTTP status: " |
66 << request->GetResponseCode(); | 69 << request->GetResponseCode(); |
67 } | 70 } |
68 RequestComplete(request); | 71 RequestComplete(request); |
69 } | 72 } |
70 | 73 |
71 void CertificateErrorReporter::OnReadCompleted(net::URLRequest* request, | 74 void CertificateErrorReporter::OnReadCompleted(net::URLRequest* request, |
72 int bytes_read) { | 75 int bytes_read) { |
73 } | 76 } |
74 | 77 |
75 scoped_ptr<net::URLRequest> CertificateErrorReporter::CreateURLRequest( | 78 scoped_ptr<net::URLRequest> CertificateErrorReporter::CreateURLRequest( |
76 net::URLRequestContext* context) { | 79 net::URLRequestContext* context, |
80 CookiesPreference cookies_preference) { | |
77 scoped_ptr<net::URLRequest> request = | 81 scoped_ptr<net::URLRequest> request = |
78 context->CreateRequest(upload_url_, net::DEFAULT_PRIORITY, this, NULL); | 82 context->CreateRequest(upload_url_, net::DEFAULT_PRIORITY, this, NULL); |
79 request->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES | | 83 if (cookies_preference != SEND_COOKIES) { |
80 net::LOAD_DO_NOT_SAVE_COOKIES); | 84 request->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES | |
85 net::LOAD_DO_NOT_SAVE_COOKIES); | |
86 } | |
81 return request.Pass(); | 87 return request.Pass(); |
82 } | 88 } |
83 | 89 |
84 void CertificateErrorReporter::SendCertLoggerRequest( | 90 void CertificateErrorReporter::SendCertLoggerRequest( |
91 ReportType type, | |
85 const CertLoggerRequest& request) { | 92 const CertLoggerRequest& request) { |
86 std::string serialized_request; | 93 std::string serialized_request; |
87 request.SerializeToString(&serialized_request); | 94 request.SerializeToString(&serialized_request); |
88 | 95 |
89 scoped_ptr<net::URLRequest> url_request = CreateURLRequest(request_context_); | 96 scoped_ptr<net::URLRequest> url_request = |
97 CreateURLRequest(request_context_, type == REPORT_TYPE_EXTENDED_REPORTING | |
98 ? SEND_COOKIES | |
99 : DO_NOT_SEND_COOKIES); | |
mattm
2015/03/24 21:56:39
Feels like this would make sense to be controlled
estark
2015/03/24 23:06:06
Done.
| |
90 url_request->set_method("POST"); | 100 url_request->set_method("POST"); |
91 | 101 |
92 scoped_ptr<net::UploadElementReader> reader( | 102 scoped_ptr<net::UploadElementReader> reader( |
93 net::UploadOwnedBytesElementReader::CreateWithString(serialized_request)); | 103 net::UploadOwnedBytesElementReader::CreateWithString(serialized_request)); |
94 url_request->set_upload( | 104 url_request->set_upload( |
95 net::ElementsUploadDataStream::CreateWithReader(reader.Pass(), 0)); | 105 net::ElementsUploadDataStream::CreateWithReader(reader.Pass(), 0)); |
96 | 106 |
97 net::HttpRequestHeaders headers; | 107 net::HttpRequestHeaders headers; |
98 headers.SetHeader(net::HttpRequestHeaders::kContentType, | 108 headers.SetHeader(net::HttpRequestHeaders::kContentType, |
99 "x-application/chrome-fraudulent-cert-report"); | 109 "x-application/chrome-fraudulent-cert-report"); |
(...skipping 23 matching lines...) Expand all Loading... | |
123 } | 133 } |
124 | 134 |
125 void CertificateErrorReporter::RequestComplete(net::URLRequest* request) { | 135 void CertificateErrorReporter::RequestComplete(net::URLRequest* request) { |
126 std::set<net::URLRequest*>::iterator i = inflight_requests_.find(request); | 136 std::set<net::URLRequest*>::iterator i = inflight_requests_.find(request); |
127 DCHECK(i != inflight_requests_.end()); | 137 DCHECK(i != inflight_requests_.end()); |
128 scoped_ptr<net::URLRequest> url_request(*i); | 138 scoped_ptr<net::URLRequest> url_request(*i); |
129 inflight_requests_.erase(i); | 139 inflight_requests_.erase(i); |
130 } | 140 } |
131 | 141 |
132 } // namespace chrome_browser_net | 142 } // namespace chrome_browser_net |
OLD | NEW |