| Index: chrome/browser/safe_browsing/safe_browsing_database.h
|
| diff --git a/chrome/browser/safe_browsing/safe_browsing_database.h b/chrome/browser/safe_browsing/safe_browsing_database.h
|
| index eeb83e021d9c25ec33b444968fc92d1349afa11b..3a885e889c3c5cfc837c728b043c9316bfc6c210 100644
|
| --- a/chrome/browser/safe_browsing/safe_browsing_database.h
|
| +++ b/chrome/browser/safe_browsing/safe_browsing_database.h
|
| @@ -37,22 +37,24 @@ class SafeBrowsingDatabaseFactory {
|
| virtual ~SafeBrowsingDatabaseFactory() { }
|
| virtual SafeBrowsingDatabase* CreateSafeBrowsingDatabase(
|
| bool enable_download_protection,
|
| - bool enable_client_side_whitelist) = 0;
|
| + bool enable_client_side_whitelist,
|
| + bool enable_download_whitelist) = 0;
|
| private:
|
| DISALLOW_COPY_AND_ASSIGN(SafeBrowsingDatabaseFactory);
|
| };
|
|
|
|
|
| // Encapsulates on-disk databases that for safebrowsing. There are
|
| -// three databases: browse, download and client-side detection (csd)
|
| -// whitelist databases. The browse database contains information
|
| -// about phishing and malware urls. The download database contains
|
| +// four databases: browse, download, download whitelist and
|
| +// client-side detection (csd) whitelist databases. The browse database contains
|
| +// information about phishing and malware urls. The download database contains
|
| // URLs for bad binaries (e.g: those containing virus) and hash of
|
| -// these downloaded contents. The csd whitelist database contains URLs
|
| -// that will never be considered as phishing by the client-side
|
| -// phishing detection. These on-disk databases are shared among all
|
| -// profiles, as it doesn't contain user-specific data. This object is
|
| -// not thread-safe, i.e. all its methods should be used on the same
|
| +// these downloaded contents. The download whitelist contains whitelisted
|
| +// download hosting sites as well as whitelisted binary signing certificates
|
| +// etc. The csd whitelist database contains URLs that will never be considered
|
| +// as phishing by the client-side phishing detection. These on-disk databases
|
| +// are shared among all profiles, as it doesn't contain user-specific data. This
|
| +// object is not thread-safe, i.e. all its methods should be used on the same
|
| // thread that it was created on.
|
| class SafeBrowsingDatabase {
|
| public:
|
| @@ -62,8 +64,11 @@ class SafeBrowsingDatabase {
|
| // feature.
|
| // |enable_client_side_whitelist| is used to control the csd whitelist
|
| // database feature.
|
| + // |enable_download_whitelist| is used to control the download whitelist
|
| + // database feature.
|
| static SafeBrowsingDatabase* Create(bool enable_download_protection,
|
| - bool enable_client_side_whitelist);
|
| + bool enable_client_side_whitelist,
|
| + bool enable_download_whitelist);
|
|
|
| // Makes the passed |factory| the factory used to instantiate
|
| // a SafeBrowsingDatabase. This is used for tests.
|
| @@ -106,6 +111,16 @@ class SafeBrowsingDatabase {
|
| // This function should only be called from the IO thread.
|
| virtual bool ContainsCsdWhitelistedUrl(const GURL& url) = 0;
|
|
|
| + // The download whitelist is used for two purposes: a white-domain list of
|
| + // sites that are considered to host only harmless binaries as well as a
|
| + // whitelist of arbitrary strings such as hashed certificate authorities that
|
| + // are considered to be trusted. The two methods below let you lookup
|
| + // the whitelist either for a URL or an arbitrary string. These methods will
|
| + // return false if no match is found and true otherwise.
|
| + // This function could ONLY be accessed from the IO thread.
|
| + virtual bool ContainsDownloadWhitelistedUrl(const GURL& url) = 0;
|
| + virtual bool ContainsDownloadWhitelistedString(const std::string& str) = 0;
|
| +
|
| // A database transaction should look like:
|
| //
|
| // std::vector<SBListChunkRanges> lists;
|
| @@ -154,6 +169,10 @@ class SafeBrowsingDatabase {
|
| static FilePath CsdWhitelistDBFilename(
|
| const FilePath& csd_whitelist_base_filename);
|
|
|
| + // Filename for download whitelist databsae.
|
| + static FilePath DownloadWhitelistDBFilename(
|
| + const FilePath& download_whitelist_base_filename);
|
| +
|
| // Enumerate failures for histogramming purposes. DO NOT CHANGE THE
|
| // ORDERING OF THESE VALUES.
|
| enum FailureType {
|
| @@ -169,9 +188,8 @@ class SafeBrowsingDatabase {
|
| FAILURE_DATABASE_STORE_DELETE,
|
| FAILURE_DOWNLOAD_DATABASE_UPDATE_BEGIN,
|
| FAILURE_DOWNLOAD_DATABASE_UPDATE_FINISH,
|
| - FAILURE_CSD_WHITELIST_DATABASE_UPDATE_BEGIN,
|
| - FAILURE_CSD_WHITELIST_DATABASE_UPDATE_FINISH,
|
| -
|
| + FAILURE_WHITELIST_DATABASE_UPDATE_BEGIN,
|
| + FAILURE_WHITELIST_DATABASE_UPDATE_FINISH,
|
| // Memory space for histograms is determined by the max. ALWAYS
|
| // ADD NEW VALUES BEFORE THIS ONE.
|
| FAILURE_DATABASE_MAX
|
| @@ -188,14 +206,15 @@ class SafeBrowsingDatabase {
|
|
|
| class SafeBrowsingDatabaseNew : public SafeBrowsingDatabase {
|
| public:
|
| - // Create a database with a browse store, download store and
|
| - // csd_whitelist_store. Takes ownership of browse_store, download_store and
|
| - // csd_whitelist_store. When |download_store| is NULL, the database
|
| - // will ignore any operations related download (url hashes and
|
| - // binary hashes). Same for the |csd_whitelist_store|.
|
| + // Create a database with a browse, download, download whitelist and
|
| + // csd whitelist store objects. Takes ownership of all the store objects.
|
| + // When |download_store| is NULL, the database will ignore any operations
|
| + // related download (url hashes and binary hashes). The same is true for
|
| + // the |csd_whitelist_store| and |download_whitelist_store|.
|
| SafeBrowsingDatabaseNew(SafeBrowsingStore* browse_store,
|
| SafeBrowsingStore* download_store,
|
| - SafeBrowsingStore* csd_whitelist_store);
|
| + SafeBrowsingStore* csd_whitelist_store,
|
| + SafeBrowsingStore* download_whitelist_store);
|
|
|
| // Create a database with a browse store. This is a legacy interface that
|
| // useds Sqlite.
|
| @@ -215,6 +234,8 @@ class SafeBrowsingDatabaseNew : public SafeBrowsingDatabase {
|
| std::vector<SBPrefix>* prefix_hits);
|
| virtual bool ContainsDownloadHashPrefix(const SBPrefix& prefix);
|
| virtual bool ContainsCsdWhitelistedUrl(const GURL& url);
|
| + virtual bool ContainsDownloadWhitelistedUrl(const GURL& url);
|
| + virtual bool ContainsDownloadWhitelistedString(const std::string& str);
|
| virtual bool UpdateStarted(std::vector<SBListChunkRanges>* lists);
|
| virtual void InsertChunks(const std::string& list_name,
|
| const SBChunkList& chunks);
|
| @@ -227,8 +248,18 @@ class SafeBrowsingDatabaseNew : public SafeBrowsingDatabase {
|
| friend class SafeBrowsingDatabaseTest;
|
| FRIEND_TEST(SafeBrowsingDatabaseTest, HashCaching);
|
|
|
| - // Return the browse_store_, download_store_ or csd_whitelist_store_
|
| - // based on list_id.
|
| + // A SafeBrowsing whitelist contains a list of whitelisted full-hashes (stored
|
| + // in a sorted vector) as well as a boolean flag indicating whether all
|
| + // lookups in the whitelist should be considered matches for safety.
|
| + typedef std::pair<std::vector<SBFullHash>, bool> SBWhitelist;
|
| +
|
| + // Returns true if the whitelist is disabled or if any of the given hashes
|
| + // matches the whitelist.
|
| + bool ContainsWhitelistedHashes(const SBWhitelist& whitelist,
|
| + const std::vector<SBFullHash>& hashes);
|
| +
|
| + // Return the browse_store_, download_store_, download_whitelist_store or
|
| + // csd_whitelist_store_ based on list_id.
|
| SafeBrowsingStore* GetStore(int list_id);
|
|
|
| // Deletes the files on disk.
|
| @@ -240,14 +271,15 @@ class SafeBrowsingDatabaseNew : public SafeBrowsingDatabase {
|
| // Writes the current bloom filter to disk.
|
| void WriteBloomFilter();
|
|
|
| - // Loads the given full-length hashes to the csd whitelist. If the number
|
| + // Loads the given full-length hashes to the given whitelist. If the number
|
| // of hashes is too large or if the kill switch URL is on the whitelist
|
| - // we will whitelist all URLs.
|
| - void LoadCsdWhitelist(const std::vector<SBAddFullHash>& full_hashes);
|
| + // we will whitelist everything.
|
| + void LoadWhitelist(const std::vector<SBAddFullHash>& full_hashes,
|
| + SBWhitelist* whitelist);
|
|
|
| - // Call this method if an error occured with the csd whitelist. This will
|
| - // result in all calls to ContainsCsdWhitelistedUrl() to returning true.
|
| - void CsdWhitelistAllUrls();
|
| + // Call this method if an error occured with the given whitelist. This will
|
| + // result in all lookups to the whitelist to return true.
|
| + void WhitelistEverything(SBWhitelist* whitelist);
|
|
|
| // Helpers for handling database corruption.
|
| // |OnHandleCorruptDatabase()| runs |ResetDatabase()| and sets
|
| @@ -267,7 +299,9 @@ class SafeBrowsingDatabaseNew : public SafeBrowsingDatabase {
|
|
|
| void UpdateDownloadStore();
|
| void UpdateBrowseStore();
|
| - void UpdateCsdWhitelistStore();
|
| + void UpdateWhitelistStore(const FilePath& store_filename,
|
| + SafeBrowsingStore* store,
|
| + SBWhitelist* whitelist);
|
|
|
| // Helper function to compare addprefixes in download_store_ with |prefixes|.
|
| // The |list_bit| indicates which list (download url or download hash)
|
| @@ -302,15 +336,13 @@ class SafeBrowsingDatabaseNew : public SafeBrowsingDatabase {
|
| FilePath csd_whitelist_filename_;
|
| scoped_ptr<SafeBrowsingStore> csd_whitelist_store_;
|
|
|
| - // All the client-side phishing detection whitelist entries are loaded in
|
| - // a sorted vector.
|
| - std::vector<SBFullHash> csd_whitelist_;
|
| + // For the download whitelist chunks and full-length hashes. This list only
|
| + // contains 256 bit hashes.
|
| + FilePath download_whitelist_filename_;
|
| + scoped_ptr<SafeBrowsingStore> download_whitelist_store_;
|
|
|
| - // If true, ContainsCsdWhitelistedUrl will always return true for all URLs.
|
| - // This is set to true if the csd whitelist is too large to be stored in
|
| - // memory, if the kill switch URL is on the csd whitelist or if there was
|
| - // an error during the most recent update.
|
| - bool csd_whitelist_all_urls_;
|
| + SBWhitelist csd_whitelist_;
|
| + SBWhitelist download_whitelist_;
|
|
|
| // Bloom filter generated from the add-prefixes in |browse_store_|.
|
| // Only browse_store_ requires the BloomFilter for fast query.
|
|
|
Chromium Code Reviews
Issue 7863006:
Add a whitelist for the new binary download protection. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src