@@ -442,19 +442,17 @@ SSLObservatory.prototype = {
442442
443443 if ( ! this . myGetBoolPref ( "use_whitelist" ) ) {
444444 this . log ( WARN , "Not using whitelist to filter cert chains." ) ;
445- }
446- else if ( this . isChainWhitelisted ( chain_hash ) ) {
447- this . log ( INFO , "This cert chain is whitelisted. Not submitting." ) ;
445+ } else if ( this . isChainWhitelisted ( chain_hash ) ) {
446+ this . log ( INFO , "This cert chain is whitelisted. Not submitting. " ) ;
448447 return ;
449- }
450- else {
451- this . log ( INFO , "Cert chain is NOT whitelisted. Proceeding with submission." ) ;
448+ } else {
449+ this . log ( INFO , "Cert chain is NOT whitelisted. Proceeding with submission" ) ;
452450 }
453451
454452 if ( channel . URI . port == - 1 ) {
455- this . submitChainArray ( chainArray , fps , new String ( channel . URI . host ) , channel , host_ip , warning , false ) ;
453+ this . submitChainArray ( chainArray , fps , new String ( channel . URI . host ) , channel , host_ip , warning , false , chain_hash ) ;
456454 } else {
457- this . submitChainArray ( chainArray , fps , channel . URI . host + ":" + channel . URI . port , channel , host_ip , warning , false ) ;
455+ this . submitChainArray ( chainArray , fps , channel . URI . host + ":" + channel . URI . port , channel , host_ip , warning , false , chain_hash ) ;
458456 }
459457 } ,
460458
@@ -531,9 +529,7 @@ SSLObservatory.prototype = {
531529
532530 loadCertWhitelist : function ( ) {
533531 var loc = "chrome://https-everywhere/content/code/X509ChainWhitelist.json" ;
534- var file =
535- CC [ "@mozilla.org/file/local;1" ]
536- . createInstance ( CI . nsILocalFile ) ;
532+ var file = CC [ "@mozilla.org/file/local;1" ] . createInstance ( CI . nsILocalFile ) ;
537533 file . initWithPath ( this . HTTPSEverywhere . rw . chromeToPath ( loc ) ) ;
538534 var data = this . HTTPSEverywhere . rw . read ( file ) ;
539535 this . whitelist = JSON . parse ( data ) ;
@@ -542,13 +538,12 @@ SSLObservatory.prototype = {
542538
543539 saveCertWhitelist : function ( ) {
544540 var loc = "chrome://https-everywhere/content/code/X509ChainWhitelist.json" ;
545- var file =
546- CC [ "@mozilla.org/file/local;1" ]
547- . createInstance ( CI . nsILocalFile ) ;
541+ var file = CC [ "@mozilla.org/file/local;1" ] . createInstance ( CI . nsILocalFile ) ;
548542 var path = this . HTTPSEverywhere . rw . chromeToPath ( loc ) ;
549543 this . log ( NOTE , "SAVING cert whitelist to " + path ) ;
550544 file . initWithPath ( path ) ;
551- var data = this . HTTPSEverywhere . rw . write ( file , JSON . stringify ( this . whitelist ) ) ;
545+ var store = JSON . stringify ( this . whitelist , null , " " ) ;
546+ var data = this . HTTPSEverywhere . rw . write ( file , store ) ;
552547 } ,
553548
554549
@@ -561,12 +556,10 @@ SSLObservatory.prototype = {
561556 var next = now + ( 1 + 2 * Math . random ( ) ) * 3600 * 24 ; // 1-3 days from now
562557 if ( update_due == 0 ) {
563558 // first run
564- this . prefs . setIntPref ( due_pref , next ) ;
565- return null ;
566- }
567- if ( now <= update_due ) {
568- return null ;
559+ this . prefs . setIntPref ( due_pref , next ) ;
560+ return ;
569561 }
562+ if ( now < update_due ) return ;
570563
571564 // Updating the certlist might yet fail. But that's okay, we can
572565 // always live with a slightly older one.
@@ -615,9 +608,11 @@ SSLObservatory.prototype = {
615608 isChainWhitelisted : function ( chainhash ) {
616609 if ( this . whitelist == null ) {
617610 this . log ( WARN , "Could not find whitelist of popular certificate chains, so ignoring whitelist" ) ;
618- return false ;
611+ return null ;
619612 }
613+
620614 if ( this . whitelist [ chainhash ] != null ) {
615+ this . log ( NOTE , "whitelist entry for " + chainhash ) ;
621616 return true ;
622617 }
623618 return false ;
@@ -742,7 +737,7 @@ SSLObservatory.prototype = {
742737 return true ;
743738 } ,
744739
745- submitChainArray : function ( certArray , fps , domain , channel , host_ip , warning , resubmitting ) {
740+ submitChainArray : function ( certArray , fps , domain , channel , host_ip , warning , resubmitting , chain_hash ) {
746741 var base64Certs = [ ] ;
747742 // Put all this chain data in one object so that it can be modified by
748743 // subroutines if required
@@ -759,7 +754,7 @@ SSLObservatory.prototype = {
759754 if ( Object . keys ( this . delayed_submissions ) . length < MAX_DELAYED )
760755 if ( ! ( c . fps [ 0 ] in this . delayed_submissions ) ) {
761756 this . log ( WARN , "Planning to retry submission..." ) ;
762- let retry = function ( ) { this . submitChainArray ( certArray , fps , domain , channel , host_ip , warning , true ) ; } ;
757+ let retry = function ( ) { this . submitChainArray ( certArray , fps , domain , channel , host_ip , warning , true , chain_hash ) ; } ;
763758 this . delayed_submissions [ c . fps [ 0 ] ] = retry ;
764759 }
765760 return ;
@@ -829,7 +824,7 @@ SSLObservatory.prototype = {
829824 that . log ( DBUG , "Popping one off of outstanding requests, current num is: " + that . current_outstanding_requests ) ;
830825
831826 if ( req . status == 200 ) {
832- that . log ( INFO , "Successful cert submission" ) ;
827+ that . log ( NOTE , "Successful cert submission for " + domain + " " + chain_hash ) ;
833828 if ( ! that . prefs . getBoolPref ( "extensions.https_everywhere._observatory.cache_submitted" ) )
834829 if ( c . fps [ 0 ] in that . already_submitted )
835830 delete that . already_submitted [ c . fps [ 0 ] ] ;
@@ -856,7 +851,7 @@ SSLObservatory.prototype = {
856851 if ( c . fps [ 0 ] in that . already_submitted )
857852 delete that . already_submitted [ c . fps [ 0 ] ] ;
858853 try {
859- that . log ( WARN , "Cert submission failure " + req . status + ": " + req . responseText ) ;
854+ that . log ( WARN , "Cert submission failure " + req . status + " for " + domain + ": " + req . responseText ) ;
860855 } catch ( e ) {
861856 that . log ( WARN , "Cert submission failure and exception: " + e ) ;
862857 }
@@ -865,7 +860,7 @@ SSLObservatory.prototype = {
865860 if ( Object . keys ( that . delayed_submissions ) . length < MAX_DELAYED )
866861 if ( ! ( c . fps [ 0 ] in that . delayed_submissions ) ) {
867862 that . log ( WARN , "Planning to retry submission..." ) ;
868- let retry = function ( ) { that . submitChainArray ( certArray , fps , domain , channel , host_ip , warning , true ) ; } ;
863+ let retry = function ( ) { that . submitChainArray ( certArray , fps , domain , channel , host_ip , warning , true , chain_hash ) ; } ;
869864 that . delayed_submissions [ c . fps [ 0 ] ] = retry ;
870865 }
871866
0 commit comments