| Index: chrome/browser/net/chrome_fraudulent_certificate_reporter.cc
|
| diff --git a/chrome/browser/net/chrome_fraudulent_certificate_reporter.cc b/chrome/browser/net/chrome_fraudulent_certificate_reporter.cc
|
| index 0e3a1d658533a4678f51c441ac05704cf2651547..3be0191a084dbcb590115b6e5c5c6850905f23ea 100644
|
| --- a/chrome/browser/net/chrome_fraudulent_certificate_reporter.cc
|
| +++ b/chrome/browser/net/chrome_fraudulent_certificate_reporter.cc
|
| @@ -40,20 +40,32 @@ ChromeFraudulentCertificateReporter::~ChromeFraudulentCertificateReporter() {
|
| STLDeleteElements(&inflight_requests_);
|
| }
|
|
|
| -static std::string BuildReport(const std::string& hostname,
|
| - const net::SSLInfo& ssl_info) {
|
| +// Helper function for |BuildReport|.
|
| +static void AddCertChainToReport(const scoped_refptr<net::X509Certificate> cert,
|
| + std::string* chain_from_report) {
|
| + std::vector<std::string> pem_encoded_chain;
|
| + if (!cert || !cert->GetPEMEncodedChain(&pem_encoded_chain)) {
|
| + LOG(ERROR) << "Could not get PEM encoded chain.";
|
| + }
|
| + for (size_t i = 0; i < pem_encoded_chain.size(); ++i)
|
| + *chain_from_report += pem_encoded_chain[i];
|
| +}
|
| +
|
| +std::string ChromeFraudulentCertificateReporter::BuildReport(
|
| + ChromeFraudulentCertificateReporter::ReportType type,
|
| + const std::string& hostname,
|
| + const net::SSLInfo& ssl_info) {
|
| CertLoggerRequest request;
|
| base::Time now = base::Time::Now();
|
| request.set_time_usec(now.ToInternalValue());
|
| request.set_hostname(hostname);
|
|
|
| - std::vector<std::string> pem_encoded_chain;
|
| - if (!ssl_info.cert->GetPEMEncodedChain(&pem_encoded_chain)) {
|
| - LOG(ERROR) << "Could not get PEM encoded chain.";
|
| + AddCertChainToReport(ssl_info.cert, request.mutable_cert_chain());
|
| + if (type ==
|
| + ChromeFraudulentCertificateReporter::REPORT_TYPE_EXTENDED_REPORTING) {
|
| + AddCertChainToReport(ssl_info.unverified_server_cert,
|
| + request.mutable_unverified_server_cert_chain());
|
| }
|
| - std::string* cert_chain = request.mutable_cert_chain();
|
| - for (size_t i = 0; i < pem_encoded_chain.size(); ++i)
|
| - *cert_chain += pem_encoded_chain[i];
|
|
|
| request.add_pin(ssl_info.pinning_failure_log);
|
|
|
| @@ -83,7 +95,7 @@ void ChromeFraudulentCertificateReporter::SendReport(
|
| // TODO(estark): Temporarily, since there is no upload endpoint, just log
|
| // the information.
|
| LOG(ERROR) << "SSL report for " << hostname << ":\n"
|
| - << BuildReport(hostname, ssl_info) << "\n\n";
|
| + << BuildReport(type, hostname, ssl_info) << "\n\n";
|
| return;
|
| }
|
|
|
| @@ -93,7 +105,7 @@ void ChromeFraudulentCertificateReporter::SendReport(
|
| return;
|
| }
|
|
|
| - std::string report = BuildReport(hostname, ssl_info);
|
| + std::string report = BuildReport(type, hostname, ssl_info);
|
|
|
| scoped_ptr<net::URLRequest> url_request =
|
| CreateURLRequest(request_context_, pinning_violation_upload_url_);
|
|
|
Chromium Code Reviews
Issue 949633002:
Include both certificate chains in invalid cert reporting (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master