From a84396ed6fbc374b1d6096ab96794798dc450008 Mon Sep 17 00:00:00 2001 From: "cevans@chromium.org" <cevans@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> Date: Thu, 28 Apr 2011 20:26:58 +0000 Subject: Keep track of whether we're getting any certificate pin failures. Review URL: http://codereview.chromium.org/6893087 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@83389 0039d316-1c4b-4281-b951-d872f2087c98 --- net/url_request/url_request_http_job.cc | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) (limited to 'net/url_request') diff --git a/net/url_request/url_request_http_job.cc b/net/url_request/url_request_http_job.cc index f013edc..b7f8d4c 100644 --- a/net/url_request/url_request_http_job.cc +++ b/net/url_request/url_request_http_job.cc @@ -660,15 +660,20 @@ void URLRequestHttpJob::OnStartCompleted(int result) { const SSLInfo& ssl_info = transaction_->GetResponseInfo()->ssl_info; if (result == OK && ssl_info.is_valid() && + ssl_info.is_issued_by_known_root && context_->transport_security_state()) { TransportSecurityState::DomainState domain_state; if (context_->transport_security_state()->HasPinsForHost( &domain_state, request_->url().host(), - context_->IsSNIAvailable()) && - ssl_info.is_issued_by_known_root && - !domain_state.IsChainOfPublicKeysPermitted(ssl_info.public_key_hashes)){ - result = ERR_CERT_INVALID; + context_->IsSNIAvailable())) { + if (!domain_state.IsChainOfPublicKeysPermitted( + ssl_info.public_key_hashes)) { + result = ERR_CERT_INVALID; + UMA_HISTOGRAM_BOOLEAN("Net.CertificatePinSuccess", false); + } else { + UMA_HISTOGRAM_BOOLEAN("Net.CertificatePinSuccess", true); + } } } -- cgit v1.1