Remove "--hsts-hosts" so we don't have to maintain it during upcoming changes...

Remove "--hsts-hosts" so we don't have to maintain it during upcoming changes to the TransportSecurityState data structures and JSON format. The "--hsts-hosts" feature is likely unused, is redundant with net-internals, and is dangerous since it fails silently. Also it exposes the internal JSON format to the user. BUG=156152 R=rsleevi,palmer Review URL: https://chromiumcodereview.appspot.com/15711007 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@202957 0039d316-1c4b-4281-b951-d872f2087c98

Remove "--hsts-hosts" so we don't have to maintain it during upcoming changes...
Remove "--hsts-hosts" so we don't have to maintain it during upcoming changes to the TransportSecurityState data structures and JSON format. The "--hsts-hosts" feature is likely unused, is redundant with net-internals, and is dangerous since it fails silently. Also it exposes the internal JSON format to the user. BUG=156152 R=rsleevi,palmer Review URL: https://chromiumcodereview.appspot.com/15711007 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@202957 0039d316-1c4b-4281-b951-d872f2087c98
150ad40f · unsafe@trevp.net · 5a496e5c · 150ad40f · 150ad40f · 150ad40f
Commit 150ad40f authored May 29, 2013 by unsafe@trevp.net
8 changed files
--- a/chrome/browser/net/transport_security_persister.cc
+++ b/chrome/browser/net/transport_security_persister.cc
@@ -204,25 +204,16 @@ bool TransportSecurityPersister::SerializeData(std::string* output) {
  return true;
 }

-bool TransportSecurityPersister::DeserializeFromCommandLine(
-    const std::string& serialized) {
-  // Purposefully ignore |dirty| because we do not want to persist entries
-  // deserialized in this way.
-  bool dirty;
-  return Deserialize(serialized, true, &dirty, transport_security_state_);
-}
-
 bool TransportSecurityPersister::LoadEntries(const std::string& serialized,
                                             bool* dirty) {
  DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));

  transport_security_state_->ClearDynamicData();
-  return Deserialize(serialized, false, dirty, transport_security_state_);
+  return Deserialize(serialized, dirty, transport_security_state_);
 }

 // static
 bool TransportSecurityPersister::Deserialize(const std::string& serialized,
-                                             bool forced,
                                             bool* dirty,
                                             TransportSecurityState* state) {
  scoped_ptr<Value> value(base::JSONReader::Read(serialized));
@@ -307,10 +298,7 @@ bool TransportSecurityPersister::Deserialize(const std::string& serialized,
      continue;
    }

-    if (forced)
-      state->AddOrUpdateForcedHosts(hashed, domain_state);
-    else
-      state->AddOrUpdateEnabledHosts(hashed, domain_state);
+    state->AddOrUpdateEnabledHosts(hashed, domain_state);
  }

  *dirty = dirtied;

--- a/chrome/browser/net/transport_security_persister.h
+++ b/chrome/browser/net/transport_security_persister.h
@@ -85,11 +85,6 @@ class TransportSecurityPersister
  // serialized state on disk.
  virtual bool SerializeData(std::string* data) OVERRIDE;

-  // Parses an array of JSON-encoded TransportSecurityState::DomainState
-  // entries. For use in loading entries defined on the command line
-  // (switches::kHstsHosts).
-  bool DeserializeFromCommandLine(const std::string& serialized);
-
  // Clears any existing non-static entries, and then re-populates
  // |transport_security_state_|.
  //
@@ -101,14 +96,11 @@ class TransportSecurityPersister
  class Loader;

  // Populates |state| from the JSON string |serialized|. Returns true if
-  // all entries were parsed and deserialized correctly. If |forced| is
-  // true, updates |state|'s map of "forced" DomainState entries; normally,
-  // leave this false.
+  // all entries were parsed and deserialized correctly.
  //
  // Sets |*dirty| to true if the new state differs from the persisted
  // state; false otherwise.
  static bool Deserialize(const std::string& serialized,
-                          bool forced,
                          bool* dirty,
                          net::TransportSecurityState* state);


--- a/chrome/browser/net/transport_security_persister_unittest.cc
+++ b/chrome/browser/net/transport_security_persister_unittest.cc
@@ -210,25 +210,3 @@ TEST_F(TransportSecurityPersisterTest, PublicKeyHashes) {
  EXPECT_EQ(0, memcmp(domain_state.dynamic_spki_hashes[0].data(), sha1.data(),
                      sha1.size()));
 }
-
-TEST_F(TransportSecurityPersisterTest, ForcePreloads) {
-  // The static state for docs.google.com, defined in
-  // net/http/transport_security_state_static.h, has pins and mode strict.
-  // This new policy overrides that with no pins and a weaker mode. We apply
-  // this new policy with |DeserializeFromCommandLine| and expect that the
-  // new policy is in effect, overriding the static policy.
-  std::string preload("{"
-                      "\"4AGT3lHihuMSd5rUj7B4u6At0jlSH3HFePovjPR+oLE=\": {"
-                      "\"created\": 0.0,"
-                      "\"expiry\": 2000000000.0,"
-                      "\"include_subdomains\": false,"
-                      "\"mode\": \"pinning-only\""
-                      "}}");
-
-  EXPECT_TRUE(persister_->DeserializeFromCommandLine(preload));
-
-  TransportSecurityState::DomainState domain_state;
-  EXPECT_TRUE(state_.GetDomainState("docs.google.com", true, &domain_state));
-  EXPECT_FALSE(domain_state.HasPublicKeyPins());
-  EXPECT_FALSE(domain_state.ShouldUpgradeToSSL());
-}
--- a/chrome/browser/profiles/profile_io_data.cc
+++ b/chrome/browser/profiles/profile_io_data.cc
@@ -688,9 +688,6 @@ void ProfileIOData::Init(content::ProtocolHandlerMap* protocol_handlers) const {
      new TransportSecurityPersister(transport_security_state_.get(),
                                     profile_params_->path,
                                     is_incognito()));
-  const std::string& serialized =
-      command_line.GetSwitchValueASCII(switches::kHstsHosts);
-  transport_security_persister_.get()->DeserializeFromCommandLine(serialized);

  // Take ownership over these parameters.
  cookie_settings_ = profile_params_->cookie_settings;

--- a/chrome/common/chrome_switches.cc
+++ b/chrome/common/chrome_switches.cc
@@ -817,12 +817,6 @@ const char kHostResolverParallelism[]       = "host-resolver-parallelism";
 // to disable host resolver retry attempts.
 const char kHostResolverRetryAttempts[]     = "host-resolver-retry-attempts";

-// Takes the JSON-formatted HSTS specification and loads it as if it were a
-// preloaded HSTS entry. Takes precedence over both website-specified rules and
-// built-in rules. The JSON format is the same as that persisted in
-// <profile_dir>/Default/TransportSecurity
-const char kHstsHosts[]                     = "hsts-hosts";
-
 // Causes net::URLFetchers to ignore requests for SSL client certificates,
 // causing them to attempt an unauthenticated SSL/TLS session. This is intended
 // for use when testing various service URLs (eg: kPromoServerURL, kInstantURL,

--- a/chrome/common/chrome_switches.h
+++ b/chrome/common/chrome_switches.h
@@ -225,7 +225,6 @@ extern const char kHomePage[];
 extern const char kHostRules[];
 extern const char kHostResolverParallelism[];
 extern const char kHostResolverRetryAttempts[];
-extern const char kHstsHosts[];
 extern const char kIgnoreUrlFetcherCertRequests[];
 extern const char kIncognito[];
 extern const char kInstallFromWebstore[];

--- a/net/http/transport_security_state.cc
+++ b/net/http/transport_security_state.cc
@@ -756,12 +756,6 @@ bool TransportSecurityState::GetStaticDomainState(
    std::string host_sub_chunk(&canonicalized_host[i],
                               canonicalized_host.size() - i);
    out->domain = DNSDomainToString(host_sub_chunk);
-    std::string hashed_host(HashHost(host_sub_chunk));
-    if (forced_hosts_.find(hashed_host) != forced_hosts_.end()) {
-      *out = forced_hosts_[hashed_host];
-      out->domain = DNSDomainToString(host_sub_chunk);
-      return true;
-    }
    bool ret;
    if (is_build_timely &&
        HasPreload(kPreloadedSTS, kNumPreloadedSTS, canonicalized_host, i, out,
@@ -784,11 +778,6 @@ void TransportSecurityState::AddOrUpdateEnabledHosts(
  enabled_hosts_[hashed_host] = state;
 }

-void TransportSecurityState::AddOrUpdateForcedHosts(
-    const std::string& hashed_host, const DomainState& state) {
-  forced_hosts_[hashed_host] = state;
-}
-
 TransportSecurityState::DomainState::DomainState()
    : upgrade_mode(MODE_FORCE_HTTPS),
      created(base::Time::Now()),

--- a/net/http/transport_security_state.h
+++ b/net/http/transport_security_state.h
@@ -179,14 +179,6 @@ class NET_EXPORT TransportSecurityState
  void AddOrUpdateEnabledHosts(const std::string& hashed_host,
                               const DomainState& state);

-  // Inserts |state| into |forced_hosts_| under the key |hashed_host|.
-  // |hashed_host| is already in the internal representation
-  // HashHost(CanonicalizeHost(host)).
-  // Note: This is only used for serializing/deserializing the
-  // TransportSecurityState.
-  void AddOrUpdateForcedHosts(const std::string& hashed_host,
-                              const DomainState& state);
-
  // Deletes all dynamic data (e.g. HSTS or HPKP data) created since a given
  // time.
  //
@@ -310,10 +302,6 @@ class NET_EXPORT TransportSecurityState
  // The set of hosts that have enabled TransportSecurity.
  DomainStateMap enabled_hosts_;

-  // Extra entries, provided by the user at run-time, to treat as if they
-  // were static.
-  DomainStateMap forced_hosts_;
-
  Delegate* delegate_;

  DISALLOW_COPY_AND_ASSIGN(TransportSecurityState);