Keep track of whether we're getting any certificate pin failures.

Review URL: http://codereview.chromium.org/6893087

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@83389 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 9 insertions, 4 deletions

diff --git a/net/url_request/url_request_http_job.cc b/net/url_request/url_request_http_job.cc
index f013edc..b7f8d4c 100644
--- a/net/url_request/url_request_http_job.cc
+++ b/net/url_request/url_request_http_job.cc
@@ -660,15 +660,20 @@ void URLRequestHttpJob::OnStartCompleted(int result) {
   const SSLInfo& ssl_info = transaction_->GetResponseInfo()->ssl_info;
   if (result == OK &&
       ssl_info.is_valid() &&
+      ssl_info.is_issued_by_known_root &&
       context_->transport_security_state()) {
     TransportSecurityState::DomainState domain_state;
     if (context_->transport_security_state()->HasPinsForHost(
             &domain_state,
             request_->url().host(),
-            context_->IsSNIAvailable()) &&
-        ssl_info.is_issued_by_known_root &&
-        !domain_state.IsChainOfPublicKeysPermitted(ssl_info.public_key_hashes)){
-      result = ERR_CERT_INVALID;
+            context_->IsSNIAvailable())) {
+      if (!domain_state.IsChainOfPublicKeysPermitted(
+              ssl_info.public_key_hashes)) {
+        result = ERR_CERT_INVALID;
+        UMA_HISTOGRAM_BOOLEAN("Net.CertificatePinSuccess", false);
+      } else {
+        UMA_HISTOGRAM_BOOLEAN("Net.CertificatePinSuccess", true);
+      }
     }
   }