diff options
| author | sebmarchand <sebmarchand@chromium.org> | 2014-10-31 13:25:52 -0700 |
|---|---|---|
| committer | Commit bot <commit-bot@chromium.org> | 2014-10-31 20:26:11 +0000 |
| commit | 153e1b83e8af5e6f9dbd3b79e5e0643ea8bcf72c (patch) | |
| tree | 497eadab89ca393fc9f2dafcb73f164afe958774 | |
| parent | ac6f24b46f8e67ac595530d1e7403bb2c0fad839 (diff) | |
| download | chromium_src-153e1b83e8af5e6f9dbd3b79e5e0643ea8bcf72c.zip chromium_src-153e1b83e8af5e6f9dbd3b79e5e0643ea8bcf72c.tar.gz chromium_src-153e1b83e8af5e6f9dbd3b79e5e0643ea8bcf72c.tar.bz2 | |
Change dont_embed_build_metadata default to 1 except for Official build and fix some unittests.
FieldTrialTest.DisableProbability was using Time::NowFromSystemTime - 1 year to generate a date before the build time. Instead use GetBuildTime - 1 year.
TransportSecurityState::IsBuildTimely is using GetBuildTime to determine if the build is older than 10 weeks. Disable this and return a default value if DONT_EMBED_BUILD_METADATA is defined (i.e. The build time is invalid) and we're not doing an official build.
CL based on https://codereview.chromium.org/685123005/ with some additional fixes for the unittests.
BUG=314403
Review URL: https://codereview.chromium.org/695523002
Cr-Commit-Position: refs/heads/master@{#302316}
| -rw-r--r-- | base/build_time.cc | 2 | ||||
| -rw-r--r-- | base/build_time.h | 3 | ||||
| -rw-r--r-- | base/metrics/field_trial_unittest.cc | 9 | ||||
| -rw-r--r-- | build/common.gypi | 17 | ||||
| -rw-r--r-- | chrome/browser/ssl/ssl_error_classification.cc | 8 | ||||
| -rw-r--r-- | net/http/transport_security_state.cc | 9 |
6 files changed, 38 insertions, 10 deletions
diff --git a/base/build_time.cc b/base/build_time.cc index 86503e2..b8b4296 100644 --- a/base/build_time.cc +++ b/base/build_time.cc @@ -16,7 +16,7 @@ Time GetBuildTime() { // // __DATE__ is exactly "Mmm DD YYYY". // __TIME__ is exactly "hh:mm:ss". -#if defined(DONT_EMBED_BUILD_METADATA) +#if defined(DONT_EMBED_BUILD_METADATA) && !defined(OFFICIAL_BUILD) const char kDateTime[] = "Sep 02 2008 08:00:00 PST"; #else const char kDateTime[] = __DATE__ " " __TIME__ " PST"; diff --git a/base/build_time.h b/base/build_time.h index 73c01b0..c7df479 100644 --- a/base/build_time.h +++ b/base/build_time.h @@ -18,6 +18,9 @@ namespace base { // // Also, since __TIME__ doesn't include a timezone, this value should only be // considered accurate to a day. +// +// NOTE: This function is disabled except for the official builds, by default +// the date returned is "Sep 02 2008 08:00:00 PST". Time BASE_EXPORT GetBuildTime(); } // namespace base diff --git a/base/metrics/field_trial_unittest.cc b/base/metrics/field_trial_unittest.cc index 80c729d..1ed3f89 100644 --- a/base/metrics/field_trial_unittest.cc +++ b/base/metrics/field_trial_unittest.cc @@ -4,6 +4,7 @@ #include "base/metrics/field_trial.h" +#include "base/build_time.h" #include "base/message_loop/message_loop.h" #include "base/rand_util.h" #include "base/run_loop.h" @@ -30,10 +31,10 @@ scoped_refptr<base::FieldTrial> CreateFieldTrial( base::FieldTrial::SESSION_RANDOMIZED, default_group_number); } -int GetLastYear() { - Time last_year_time = Time::NowFromSystemTime() - TimeDelta::FromDays(365); +int OneYearBeforeBuildTime() { + Time one_year_before_build_time = GetBuildTime() - TimeDelta::FromDays(365); Time::Exploded exploded; - last_year_time.LocalExplode(&exploded); + one_year_before_build_time.LocalExplode(&exploded); return exploded.year; } @@ -249,7 +250,7 @@ TEST_F(FieldTrialTest, DisableProbability) { // Create a field trail that has expired. int default_group_number = -1; FieldTrial* trial = FieldTrialList::FactoryGetFieldTrial( - name, 1000000000, default_group_name, GetLastYear(), 1, 1, + name, 1000000000, default_group_name, OneYearBeforeBuildTime(), 1, 1, FieldTrial::SESSION_RANDOMIZED, &default_group_number); trial->AppendGroup(loser, 999999999); // 99.9999999% chance of being chosen. diff --git a/build/common.gypi b/build/common.gypi index d7a664b..62d803d 100644 --- a/build/common.gypi +++ b/build/common.gypi @@ -308,11 +308,10 @@ # on compile-only bots). 'fastbuild%': 0, - # Set to 1 to not store any build metadata (this isn't working yet but - # this flag will help us to get there). See http://crbug.com/314403. - # TODO(sebmarchand): Update this comment once this flag guarantee that - # there's no build metadata in the build artifacts. - 'dont_embed_build_metadata%': 0, + # Set to 1 to not store any build metadata, e.g. ifdef out all __DATE__ + # and __TIME__. Set to 0 to reenable the use of these macros in the code + # base. See http://crbug.com/314403. + 'dont_embed_build_metadata%': 1, # Set to 1 to force Visual C++ to use legacy debug information format /Z7. # This is useful for parallel compilation tools which can't support /Zi. @@ -1499,6 +1498,14 @@ 'ozone_platform_test%': 0, 'conditions': [ + ['buildtype=="Official"', { + # Continue to embed build meta data in Official builds, basically the + # time it was built. + # TODO(maruel): This decision should be revisited because having an + # official deterministic build has high value too but MSVC toolset can't + # generate anything deterministic with WPO enabled AFAIK. + 'dont_embed_build_metadata%': 0, + }], # Enable the Syzygy optimization step for the official builds. ['OS=="win" and buildtype=="Official" and syzyasan!=1', { 'syzygy_optimize%': 1, diff --git a/chrome/browser/ssl/ssl_error_classification.cc b/chrome/browser/ssl/ssl_error_classification.cc index 12983f5..cddbfb0 100644 --- a/chrome/browser/ssl/ssl_error_classification.cc +++ b/chrome/browser/ssl/ssl_error_classification.cc @@ -353,18 +353,26 @@ float SSLErrorClassification::CalculateScoreEnvironments() const { } bool SSLErrorClassification::IsUserClockInThePast(const base::Time& time_now) { +#if defined(DONT_EMBED_BUILD_METADATA) && !defined(OFFICIAL_BUILD) + return false; +#else base::Time build_time = base::GetBuildTime(); if (time_now < build_time - base::TimeDelta::FromDays(2)) return true; return false; +#endif } bool SSLErrorClassification::IsUserClockInTheFuture( const base::Time& time_now) { +#if defined(DONT_EMBED_BUILD_METADATA) && !defined(OFFICIAL_BUILD) + return false; +#else base::Time build_time = base::GetBuildTime(); if (time_now > build_time + base::TimeDelta::FromDays(365)) return true; return false; +#endif } bool SSLErrorClassification::MaybeWindowsLacksSHA256Support() { diff --git a/net/http/transport_security_state.cc b/net/http/transport_security_state.cc index d0c0b33..907e6d8 100644 --- a/net/http/transport_security_state.cc +++ b/net/http/transport_security_state.cc @@ -721,9 +721,18 @@ void TransportSecurityState::ReportUMAOnPinFailure(const std::string& host) { // static bool TransportSecurityState::IsBuildTimely() { + // If the build metadata aren't embedded in the binary then we can't use the + // build time to determine if the build is timely, return true by default. If + // we're building an official build then keep using the build time, even if + // it's invalid it'd be a date in the past and this function will return + // false. +#if defined(DONT_EMBED_BUILD_METADATA) && !defined(OFFICIAL_BUILD) + return true; +#else const base::Time build_time = base::GetBuildTime(); // We consider built-in information to be timely for 10 weeks. return (base::Time::Now() - build_time).InDays() < 70 /* 10 weeks */; +#endif } bool TransportSecurityState::CheckPublicKeyPinsImpl( |