From a84396ed6fbc374b1d6096ab96794798dc450008 Mon Sep 17 00:00:00 2001
From: "cevans@chromium.org"
 <cevans@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>
Date: Thu, 28 Apr 2011 20:26:58 +0000
Subject: Keep track of whether we're getting any certificate pin failures.
 Review URL: http://codereview.chromium.org/6893087

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@83389 0039d316-1c4b-4281-b951-d872f2087c98
---
 net/url_request/url_request_http_job.cc | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

(limited to 'net/url_request')

diff --git a/net/url_request/url_request_http_job.cc b/net/url_request/url_request_http_job.cc
index f013edc..b7f8d4c 100644
--- a/net/url_request/url_request_http_job.cc
+++ b/net/url_request/url_request_http_job.cc
@@ -660,15 +660,20 @@ void URLRequestHttpJob::OnStartCompleted(int result) {
   const SSLInfo& ssl_info = transaction_->GetResponseInfo()->ssl_info;
   if (result == OK &&
       ssl_info.is_valid() &&
+      ssl_info.is_issued_by_known_root &&
       context_->transport_security_state()) {
     TransportSecurityState::DomainState domain_state;
     if (context_->transport_security_state()->HasPinsForHost(
             &domain_state,
             request_->url().host(),
-            context_->IsSNIAvailable()) &&
-        ssl_info.is_issued_by_known_root &&
-        !domain_state.IsChainOfPublicKeysPermitted(ssl_info.public_key_hashes)){
-      result = ERR_CERT_INVALID;
+            context_->IsSNIAvailable())) {
+      if (!domain_state.IsChainOfPublicKeysPermitted(
+              ssl_info.public_key_hashes)) {
+        result = ERR_CERT_INVALID;
+        UMA_HISTOGRAM_BOOLEAN("Net.CertificatePinSuccess", false);
+      } else {
+        UMA_HISTOGRAM_BOOLEAN("Net.CertificatePinSuccess", true);
+      }
     }
   }
 
-- 
cgit v1.1