diff options
| author | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-11-17 16:04:56 +0000 |
|---|---|---|
| committer | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-11-17 16:04:56 +0000 |
| commit | 4f9e5c83742590bd3d5549f0251b8ec60ff2e0c2 (patch) | |
| tree | c3d7999df3137a1601162dc553e657446329addf /net | |
| parent | f9dfa2a0c3d67b0cd83e2633a02549556aacd7b8 (diff) | |
| download | chromium_src-4f9e5c83742590bd3d5549f0251b8ec60ff2e0c2.zip chromium_src-4f9e5c83742590bd3d5549f0251b8ec60ff2e0c2.tar.gz chromium_src-4f9e5c83742590bd3d5549f0251b8ec60ff2e0c2.tar.bz2 | |
net: make pinning enforcement timeout after ten weeks.
Some users fall off the update train. We don't want to build up a non-trival
population of people who have pins that we might want to change.
BUG=103283
TEST=Check that https://pinningtest.appspot.com fails in official builds.
http://codereview.chromium.org/8467031/
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@110491 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net')
| -rw-r--r-- | net/url_request/url_request_http_job.cc | 30 |
1 files changed, 20 insertions, 10 deletions
diff --git a/net/url_request/url_request_http_job.cc b/net/url_request/url_request_http_job.cc index bebe42c..396047a 100644 --- a/net/url_request/url_request_http_job.cc +++ b/net/url_request/url_request_http_job.cc @@ -4,8 +4,9 @@ #include "net/url_request/url_request_http_job.h" -#include "base/bind.h" #include "base/base_switches.h" +#include "base/bind.h" +#include "base/build_time.h" #include "base/command_line.h" #include "base/compiler_specific.h" #include "base/file_util.h" @@ -660,7 +661,8 @@ void URLRequestHttpJob::OnStartCompleted(int result) { // Clear the IO_PENDING status SetStatus(URLRequestStatus()); -#if defined(OFFICIAL_BUILD) && !defined(OS_ANDROID) +// TODO(agl): reenable guards once the builders have checked the code within. +//#if defined(OFFICIAL_BUILD) && !defined(OS_ANDROID) // Take care of any mandates for public key pinning. // // Pinning is only enabled for official builds to make sure that others don't @@ -685,20 +687,28 @@ void URLRequestHttpJob::OnStartCompleted(int result) { &domain_state, host, sni_available)) { if (!domain_state.IsChainOfPublicKeysPermitted( ssl_info.public_key_hashes)) { - result = ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN; - UMA_HISTOGRAM_BOOLEAN("Net.PublicKeyPinSuccess", false); - TransportSecurityState::ReportUMAOnPinFailure(host); - FraudulentCertificateReporter* reporter = - context_->fraudulent_certificate_reporter(); - if (reporter != NULL) - reporter->SendReport(host, ssl_info, sni_available); + const base::Time build_time = base::GetBuildTime(); + // Pins are not enforced if the build is sufficiently old. Chrome + // users should get updates every six weeks or so, but it's possible + // that some users will stop getting updates for some reason. We + // don't want those users building up as a pool of people with bad + // pins. + if ((base::Time::Now() - build_time).InDays() < 70 /* 10 weeks */) { + result = ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN; + UMA_HISTOGRAM_BOOLEAN("Net.PublicKeyPinSuccess", false); + TransportSecurityState::ReportUMAOnPinFailure(host); + FraudulentCertificateReporter* reporter = + context_->fraudulent_certificate_reporter(); + if (reporter != NULL) + reporter->SendReport(host, ssl_info, sni_available); + } } else { UMA_HISTOGRAM_BOOLEAN("Net.PublicKeyPinSuccess", true); } } } } -#endif +//#endif if (result == OK) { scoped_refptr<HttpResponseHeaders> headers = GetResponseHeaders(); |