transport_security_state.h revision 3f50c38dc070f4bb515c1b64450dae14f316474e
1// Copyright (c) 2010 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef NET_BASE_TRANSPORT_SECURITY_STATE_H_ 6#define NET_BASE_TRANSPORT_SECURITY_STATE_H_ 7#pragma once 8 9#include <map> 10#include <string> 11 12#include "base/basictypes.h" 13#include "base/gtest_prod_util.h" 14#include "base/ref_counted.h" 15#include "base/time.h" 16 17namespace net { 18 19// TransportSecurityState 20// 21// Tracks which hosts have enabled *-Transport-Security. This object manages 22// the in-memory store. A separate object must register itself with this object 23// in order to persist the state to disk. 24class TransportSecurityState : 25 public base::RefCountedThreadSafe<TransportSecurityState> { 26 public: 27 TransportSecurityState(); 28 29 // A DomainState is the information that we persist about a given domain. 30 struct DomainState { 31 enum Mode { 32 // Strict mode implies: 33 // * We generate internal redirects from HTTP -> HTTPS. 34 // * Certificate issues are fatal. 35 MODE_STRICT = 0, 36 // Opportunistic mode implies: 37 // * We'll request HTTP URLs over HTTPS 38 // * Certificate issues are ignored. 39 MODE_OPPORTUNISTIC = 1, 40 // SPDY_ONLY (aka X-Bodge-Transport-Security) is a hopefully temporary 41 // measure. It implies: 42 // * We'll request HTTP URLs over HTTPS iff we have SPDY support. 43 // * Certificate issues are fatal. 44 MODE_SPDY_ONLY = 2, 45 }; 46 47 DomainState() 48 : mode(MODE_STRICT), 49 created(base::Time::Now()), 50 include_subdomains(false) { } 51 52 Mode mode; 53 base::Time created; // when this host entry was first created 54 base::Time expiry; // the absolute time (UTC) when this record expires 55 bool include_subdomains; // subdomains included? 56 }; 57 58 // Enable TransportSecurity for |host|. 59 void EnableHost(const std::string& host, const DomainState& state); 60 61 // Returns true if |host| has TransportSecurity enabled. If that case, 62 // *result is filled out. 63 bool IsEnabledForHost(DomainState* result, const std::string& host); 64 65 // Deletes all records created since a given time. 66 void DeleteSince(const base::Time& time); 67 68 // Returns |true| if |value| parses as a valid *-Transport-Security 69 // header value. The values of max-age and and includeSubDomains are 70 // returned in |max_age| and |include_subdomains|, respectively. The out 71 // parameters are not modified if the function returns |false|. 72 static bool ParseHeader(const std::string& value, 73 int* max_age, 74 bool* include_subdomains); 75 76 class Delegate { 77 public: 78 // This function may not block and may be called with internal locks held. 79 // Thus it must not reenter the TransportSecurityState object. 80 virtual void StateIsDirty(TransportSecurityState* state) = 0; 81 82 protected: 83 virtual ~Delegate() {} 84 }; 85 86 void SetDelegate(Delegate*); 87 88 bool Serialise(std::string* output); 89 bool Deserialise(const std::string& state, bool* dirty); 90 91 // The maximum number of seconds for which we'll cache an HSTS request. 92 static const long int kMaxHSTSAgeSecs; 93 94 private: 95 friend class base::RefCountedThreadSafe<TransportSecurityState>; 96 FRIEND_TEST_ALL_PREFIXES(TransportSecurityStateTest, IsPreloaded); 97 98 ~TransportSecurityState(); 99 100 // If we have a callback configured, call it to let our serialiser know that 101 // our state is dirty. 102 void DirtyNotify(); 103 104 static std::string CanonicaliseHost(const std::string& host); 105 static bool IsPreloadedSTS(const std::string& canonicalised_host, 106 bool* out_include_subdomains); 107 108 // The set of hosts that have enabled TransportSecurity. The keys here 109 // are SHA256(DNSForm(domain)) where DNSForm converts from dotted form 110 // ('www.google.com') to the form used in DNS: "\x03www\x06google\x03com" 111 std::map<std::string, DomainState> enabled_hosts_; 112 113 // Our delegate who gets notified when we are dirtied, or NULL. 114 Delegate* delegate_; 115 116 DISALLOW_COPY_AND_ASSIGN(TransportSecurityState); 117}; 118 119} // namespace net 120 121#endif // NET_BASE_TRANSPORT_SECURITY_STATE_H_ 122