Chromium Code Reviews Chromium Code Reviews
Issue 985993003:
Certificate Transparency: Add UMA for whitelist status (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/cert_policy_enforcer.h" | 5 #include "net/cert/cert_policy_enforcer.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/build_time.h" | 10 #include "base/build_time.h" |
| (...skipping 108 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 119 case CT_ENOUGH_SCTS: | 119 case CT_ENOUGH_SCTS: |
| 120 return "ENOUGH_SCTS"; | 120 return "ENOUGH_SCTS"; |
| 121 break; | 121 break; |
| 122 case CT_COMPLIANCE_MAX: | 122 case CT_COMPLIANCE_MAX: |
| 123 break; | 123 break; |
| 124 } | 124 } |
| 125 | 125 |
| 126 return "unknown"; | 126 return "unknown"; |
| 127 } | 127 } |
| 128 | 128 |
| 129 void LogCTComplianceStatusToUMA(CTComplianceStatus status) { | 129 void LogCTComplianceStatusToUMA(CTComplianceStatus status, |
| 130 bool is_whitelist_valid) { | |
| 130 UMA_HISTOGRAM_ENUMERATION("Net.SSL_EVCertificateCTCompliance", status, | 131 UMA_HISTOGRAM_ENUMERATION("Net.SSL_EVCertificateCTCompliance", status, |
| 131 CT_COMPLIANCE_MAX); | 132 CT_COMPLIANCE_MAX); |
| 133 if (status == CT_NOT_COMPLIANT) | |
| 134 UMA_HISTOGRAM_BOOLEAN("Net.SSL_EVWhitelistValidityForNonCompliantCert", | |
| 135 is_whitelist_valid); | |
| 132 } | 136 } |
| 133 | 137 |
| 134 struct ComplianceDetails { | 138 struct ComplianceDetails { |
| 135 ComplianceDetails() | 139 ComplianceDetails() |
| 136 : ct_presence_required(false), | 140 : ct_presence_required(false), |
| 137 build_timely(false), | 141 build_timely(false), |
| 138 status(CT_NOT_COMPLIANT) {} | 142 status(CT_NOT_COMPLIANT) {} |
| 139 | 143 |
| 140 // Whether enforcement of the policy was required or not. | 144 // Whether enforcement of the policy was required or not. |
| 141 bool ct_presence_required; | 145 bool ct_presence_required; |
| (...skipping 95 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 237 | 241 |
| 238 net_log.AddEvent(NetLog::TYPE_EV_CERT_CT_COMPLIANCE_CHECKED, | 242 net_log.AddEvent(NetLog::TYPE_EV_CERT_CT_COMPLIANCE_CHECKED, |
| 239 net_log_callback); | 243 net_log_callback); |
| 240 | 244 |
| 241 if (!details.ct_presence_required) | 245 if (!details.ct_presence_required) |
| 242 return true; | 246 return true; |
| 243 | 247 |
| 244 if (!details.build_timely) | 248 if (!details.build_timely) |
| 245 return false; | 249 return false; |
| 246 | 250 |
| 247 LogCTComplianceStatusToUMA(details.status); | 251 LogCTComplianceStatusToUMA(details.status, |
| 252 ev_whitelist ? ev_whitelist->IsValid() : false); | |
|
jwd
2015/03/09 15:26:41
I'm concerned about combining the two false condit
Ryan Sleevi
2015/03/09 21:44:43
+1
Eran Messeri
2015/03/10 21:16:35
Done - tracking all three states.
| |
| 248 | 253 |
| 249 if (details.status == CT_IN_WHITELIST || details.status == CT_ENOUGH_SCTS) | 254 if (details.status == CT_IN_WHITELIST || details.status == CT_ENOUGH_SCTS) |
| 250 return true; | 255 return true; |
| 251 | 256 |
| 252 return false; | 257 return false; |
| 253 } | 258 } |
| 254 | 259 |
| 255 } // namespace net | 260 } // namespace net |
| OLD | NEW |
