diff options
| author | rsleevi@chromium.org <rsleevi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-11-02 00:58:13 +0000 |
|---|---|---|
| committer | rsleevi@chromium.org <rsleevi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-11-02 00:58:13 +0000 |
| commit | 261c0ae28dd6682b39005171689311cb26276703 (patch) | |
| tree | 3fed9fe76c8378e8fe2fc46dc1e618065038fffb /net/base/x509_certificate.cc | |
| parent | 13a8aa1a2529d531305885cca052b818841693d1 (diff) | |
| download | chromium_src-261c0ae28dd6682b39005171689311cb26276703.zip chromium_src-261c0ae28dd6682b39005171689311cb26276703.tar.gz chromium_src-261c0ae28dd6682b39005171689311cb26276703.tar.bz2 | |
Revert 107679 - Broke https for appspot.com - http://crbug.com/102507
Disallow wildcards from matching top-level registry controlled domains during cert validation.
BUG=100442
TEST=net_unittests:X509CertificateNameVerifyTest.*
Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=107075
Review URL: http://codereview.chromium.org/8362023
TBR=rsleevi@chromium.org
Review URL: http://codereview.chromium.org/8438024
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@108216 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/base/x509_certificate.cc')
| -rw-r--r-- | net/base/x509_certificate.cc | 32 |
1 files changed, 6 insertions, 26 deletions
diff --git a/net/base/x509_certificate.cc b/net/base/x509_certificate.cc index 9db4ff0..6624493 100644 --- a/net/base/x509_certificate.cc +++ b/net/base/x509_certificate.cc @@ -27,7 +27,6 @@ #include "net/base/net_errors.h" #include "net/base/net_util.h" #include "net/base/pem_tokenizer.h" -#include "net/base/registry_controlled_domain.h" namespace net { @@ -509,36 +508,17 @@ bool X509Certificate::VerifyHostname( // |reference_domain| is the remainder of |host| after the leading host // component is stripped off, but includes the leading dot e.g. // "www.f.com" -> ".f.com". - // If there is no meaningful domain part to |host| (e.g. it contains no - // dots) then |reference_domain| will be empty. + // If there is no meaningful domain part to |host| (e.g. it contains no dots) + // then |reference_domain| will be empty. base::StringPiece reference_host, reference_domain; SplitOnChar(reference_name, '.', &reference_host, &reference_domain); bool allow_wildcards = false; if (!reference_domain.empty()) { DCHECK(reference_domain.starts_with(".")); - - // Do not allow wildcards for registry controlled domains, so as to - // prevent accepting *.com or *.co.uk as valid presented names. Passing - // true for |allow_unknown_registries| so that top-level domains which are - // unknown (intranet domains, new TLDs/gTLDs not yet recognized) are - // treated as registry-controlled domains. Because the |reference_domain| - // must contain at least one name component that is not registry - // controlled, this ensures that all reference names have at least three - // domain components in order to permit wildcards. - size_t registry_length = - RegistryControlledDomainService::GetRegistryLength(reference_name, - true); - // As the |reference_name| was already canonicalized, this should never - // happen. - CHECK_NE(registry_length, std::string::npos); - - // Subtracting 1 to account for the leading dot in |reference_domain|. - bool is_registry_controlled = registry_length != 0 && - registry_length == (reference_domain.size() - 1); - - // Additionally, do not attempt wildcard matching for purely numeric - // hostnames. - allow_wildcards = !is_registry_controlled && + // We required at least 3 components (i.e. 2 dots) as a basic protection + // against too-broad wild-carding. + // Also we don't attempt wildcard matching on a purely numerical hostname. + allow_wildcards = reference_domain.rfind('.') != 0 && reference_name.find_first_not_of("0123456789.") != std::string::npos; } |