summaryrefslogtreecommitdiffstats
path: root/net/socket/ssl_host_info.cc
Commit message (Collapse)AuthorAgeFilesLines
* net: fix matching ".google.com" at the end of a string.agl@chromium.org2011-05-091-1/+2
| | | | | | | | | BUG=none TEST=none http://codereview.chromium.org/6975002/ git-svn-id: svn://svn.chromium.org/chrome/trunk/src@84630 0039d316-1c4b-4281-b951-d872f2087c98
* net: break out SSLHostInfo verification time for Google.agl@chromium.org2011-05-091-1/+6
| | | | | | | | | | | | | The SSL host info verification time is the amount of time that a verification took, as opposed to SSLCertVerificationTime, which is the amount of time that we blocked on verification. BUG=none TEST=none http://codereview.chromium.org/6929044/ git-svn-id: svn://svn.chromium.org/chrome/trunk/src@84613 0039d316-1c4b-4281-b951-d872f2087c98
* Revert r61181.agl@chromium.org2011-04-121-23/+11
| | | | | | | | | | This reverts r61181 although, due to the age of that revision, the revert was mostly done manually. This is the start of ripping out Snap Start support. BUG=none TEST=none git-svn-id: svn://svn.chromium.org/chrome/trunk/src@81288 0039d316-1c4b-4281-b951-d872f2087c98
* Change other usages of .size() to .empty() when applicable.erg@google.com2011-03-041-1/+1
| | | | | | | | | BUG=carnitas TEST=compiles Review URL: http://codereview.chromium.org/6609008 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@76962 0039d316-1c4b-4281-b951-d872f2087c98
* net: disable DNS lookup tests.agl@chromium.org2011-01-311-38/+1
| | | | | | | | | | | | | These tests have yielded useful data and I'll probably tweak them for the future. However, I want a CL which disables them so that I can merge it into the release branch for M10. BUG=none TEST=net_unittests Review URL: http://codereview.chromium.org/6287023 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@73189 0039d316-1c4b-4281-b951-d872f2087c98
* net: measure theoretical delay of waiting for DNS cert information.agl@chromium.org2011-01-141-1/+21
| | | | | | | | | | | | | This patch adds a histogram to measure what the delay would have been, had we waited for information from DNS in order to make a certificate verification decision. BUG=none TEST=none http://codereview.chromium.org/6329001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@71445 0039d316-1c4b-4281-b951-d872f2087c98
* Revert r71331 - it should never have been committed.agl@chromium.org2011-01-131-21/+1
| | | | git-svn-id: svn://svn.chromium.org/chrome/trunk/src@71350 0039d316-1c4b-4281-b951-d872f2087c98
* ...agl@chromium.org2011-01-131-1/+21
| | | | git-svn-id: svn://svn.chromium.org/chrome/trunk/src@71331 0039d316-1c4b-4281-b951-d872f2087c98
* net: fix leak in SSLHostInfo's DNS request.agl@chromium.org2011-01-071-0/+1
| | | | | | | | | | I'm too used to callbacks which delete themselves and forgot to delete it myself in r70631. BUG=68820 TEST=valgrind git-svn-id: svn://svn.chromium.org/chrome/trunk/src@70737 0039d316-1c4b-4281-b951-d872f2087c98
* net: perform a non-A DNS lookup for HTTPS hosts.agl@chromium.org2011-01-061-2/+33
| | | | | | | | | | | | | | | | | | | Since SSLHostInfo is enabled by default now, this will cause a DNS lookup for a random RR type (13172) for each HTTPS host. (Although many of these lookups will hit the in-process cache. Also, this won't do anything on non-Linux machines because I haven't gotten the DNS lookup code working on them yet.) At some point in the future we'll probably want to do these lookups in order to get information for certificate validation. This change just exists so that we can measure how long these lookups take. BUG=none TEST=none http://codereview.chromium.org/6041004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@70631 0039d316-1c4b-4281-b951-d872f2087c98
* net: enable SSLHostInfo by default.agl@chromium.org2010-12-161-4/+4
| | | | | | Reland of r69420, was reverted in r69426. git-svn-id: svn://svn.chromium.org/chrome/trunk/src@69473 0039d316-1c4b-4281-b951-d872f2087c98
* Cache certificate verification results in memory.wtc@google.com2010-12-161-5/+5
| | | | | | | | | R=agl BUG=63357 TEST=none Review URL: http://codereview.chromium.org/5386001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@69414 0039d316-1c4b-4281-b951-d872f2087c98
* net: fix verification merge savings calculations.agl@chromium.org2010-12-151-0/+2
| | | | | | | | | | | | | | | | | Previously we miscalculated the amount of time saved by merging certificate verification. We should have been counting the time from the start of the verification till the time when we needed it because the verification may have completed. In the case that the verification has already completed, only count the amount of time that it took. BUG=none TEST=none http://codereview.chromium.org/5777005 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@69265 0039d316-1c4b-4281-b951-d872f2087c98
* net: Switch SSLHostInfo to using Pickle.agl@chromium.org2010-12-151-51/+72
| | | | | | | BUG=none TEST=none git-svn-id: svn://svn.chromium.org/chrome/trunk/src@69262 0039d316-1c4b-4281-b951-d872f2087c98
* net: assorted changes needed for Snap Start tests.agl@chromium.org2010-11-101-4/+5
| | | | | | | | | | | | | | | | | | | | In IsAllowedBadCert, the pointer compare doesn't always work. Creating a certificate by X509Certificate::CreateFromBytes and putting it in the allowed bad list doesn't match the same certificate from a server. InvalidateSessionIfBadCertificate: I'm sure that there's history here that I don't know, so please review carefully. In order to test resumption against a server with a test certificate we need to avoid destroying the session. ClearSessionCache, AdoptSocket: only for testing BUG=none TEST=none http://codereview.chromium.org/4558004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@65713 0039d316-1c4b-4281-b951-d872f2087c98
* net: Make Snap Start check cert verification and add metricsagl@chromium.org2010-11-031-0/+7
| | | | | | | | | | | | | | | | This CL causes Snap Start to only trigger if the certificate verification has completed by the time we are ready to send out the handshake message. It also adds a couple of NetLog entries and histograms around the Snap Start code. BUG=none TEST=none http://codereview.chromium.org/4408001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@64986 0039d316-1c4b-4281-b951-d872f2087c98
* net: merge certificate validation with SSLHostInfo'sagl@chromium.org2010-10-281-9/+26
| | | | | | | | | | | | | | | | Now that SSLHostInfo is doing an opportunistic certificate validation based on the predicted certificates we can skip a second validation if we find that the prediction was correct. (This is behind --enable-snap-start because the SSLHostInfo's aren't created otherwise.) BUG=none TEST=net_unittests http://codereview.chromium.org/4147003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@64258 0039d316-1c4b-4281-b951-d872f2087c98
* net: always save certs and trigger verify in SSLHostInfo.agl@chromium.org2010-10-261-1/+47
| | | | | | | | | | | | | | | | | | | | | (This is still behind --enable-snap-start because the SSLHostInfo's don't get created without it.) Have ssl_client_socket_nss always save certificates to the SSLHostInfo and have the SSLHostInfo kick off a validation as soon as possible if it has the certificates. For now the validation just primes the OCSP cache and isn't tied into anything else. In future patches, the SSL socket will compare the actual certificates against the predicted certificates and avoid a second validation if they match. BUG=none TEST=none http://codereview.chromium.org/3968003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@63887 0039d316-1c4b-4281-b951-d872f2087c98
* FBTF: More dtor deinlining. (Can almost see the end!)erg@google.com2010-10-221-0/+7
| | | | | | | | | BUG=none TEST=compiles Review URL: http://codereview.chromium.org/3962004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@63527 0039d316-1c4b-4281-b951-d872f2087c98
* net: move SSL host info serialisation into SSLHostInfoagl@chromium.org2010-10-201-0/+100
This is a prelude to SSLHostInfo being able to kick off certificate validation based on predicted certificates. In order for that to happen, SSLHostInfo has to be able to parse the contents of the saved data, therefore the serialisation/deserialisation is moved into SSLHostInfo and we use a protocol buffer to clean things up. TEST=net_unittests BUG=none Review URL: http://codereview.chromium.org/3915001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@63221 0039d316-1c4b-4281-b951-d872f2087c98
generated by cgit v1.1 at 2025-02-12 07:25:42 +0000