From 3f28d2b87361896633174a088ccdf02720c1f8f8 Mon Sep 17 00:00:00 2001
From: "wtc@chromium.org"
 <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>
Date: Fri, 30 Jan 2009 22:45:49 +0000
Subject: Measure how often our users see MD2 intermediate CA certificates. 
 Our UMA results contain a small number of MD2 certificates.  We'd like to
 know if they are end entity or intermediate CA certificates.

R=jar
Review URL: http://codereview.chromium.org/19522

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@8990 0039d316-1c4b-4281-b951-d872f2087c98
---
 net/base/connection_type_histograms.h | 2 ++
 net/base/ssl_client_socket_win.cc     | 5 +++++
 2 files changed, 7 insertions(+)

(limited to 'net')

diff --git a/net/base/connection_type_histograms.h b/net/base/connection_type_histograms.h
index 9290933..bea070c 100644
--- a/net/base/connection_type_histograms.h
+++ b/net/base/connection_type_histograms.h
@@ -25,6 +25,8 @@ enum ConnectionType {
                            // the certificate chain (excluding root)
   CONNECTION_SSL_MD5_CA = 5,  // An SSL connection with an MD5 CA certificate
                               // in the certificate chain (excluding root)
+  CONNECTION_SSL_MD2_CA = 6,  // An SSL connection with an MD2 CA certificate
+                              // in the certificate chain (excluding root)
   NUM_OF_CONNECTION_TYPES
 };
 
diff --git a/net/base/ssl_client_socket_win.cc b/net/base/ssl_client_socket_win.cc
index 1f4c314..f946f72 100644
--- a/net/base/ssl_client_socket_win.cc
+++ b/net/base/ssl_client_socket_win.cc
@@ -1035,6 +1035,7 @@ void SSLClientSocketWin::LogConnectionTypeMetrics(
   bool has_md2 = false;
   bool has_md4 = false;
   bool has_md5_ca = false;
+  bool has_md2_ca = false;
 
   // Each chain starts with the end entity certificate (i = 0) and ends with
   // the root CA certificate (i = num_elements - 1).  Do not inspect the
@@ -1051,6 +1052,8 @@ void SSLClientSocketWin::LogConnectionTypeMetrics(
     } else if (strcmp(algorithm, szOID_RSA_MD2RSA) == 0) {
       // md2WithRSAEncryption: 1.2.840.113549.1.1.2
       has_md2 = true;
+      if (i != 0)
+        has_md2_ca = true;
     } else if (strcmp(algorithm, szOID_RSA_MD4RSA) == 0) {
       // md4WithRSAEncryption: 1.2.840.113549.1.1.3
       has_md4 = true;
@@ -1065,6 +1068,8 @@ void SSLClientSocketWin::LogConnectionTypeMetrics(
     UpdateConnectionTypeHistograms(CONNECTION_SSL_MD4);
   if (has_md5_ca)
     UpdateConnectionTypeHistograms(CONNECTION_SSL_MD5_CA);
+  if (has_md2_ca)
+    UpdateConnectionTypeHistograms(CONNECTION_SSL_MD2_CA);
 }
 
 // Set server_cert_status_ and return OK or a network error.
-- 
cgit v1.1