Chromium Code Reviews| Index: chrome/browser/safe_browsing/download_protection_service.cc |
| =================================================================== |
| --- chrome/browser/safe_browsing/download_protection_service.cc (revision 108613) |
| +++ chrome/browser/safe_browsing/download_protection_service.cc (working copy) |
| @@ -116,13 +116,14 @@ |
| CheckClientDownloadRequest(const DownloadInfo& info, |
| const CheckDownloadCallback& callback, |
| DownloadProtectionService* service, |
| - SafeBrowsingService* sb_service) |
| + SafeBrowsingService* sb_service, |
| + SignatureUtil* signature_util) |
| : info_(info), |
| callback_(callback), |
| service_(service), |
| + signature_util_(signature_util), |
| sb_service_(sb_service), |
| - pingback_enabled_(service_->enabled()), |
| - is_signed_(false) { |
| + pingback_enabled_(service_->enabled()) { |
| DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| } |
| @@ -219,14 +220,16 @@ |
| void ExtractFileFeatures() { |
| DCHECK(BrowserThread::CurrentlyOn(BrowserThread::FILE)); |
| - if (safe_browsing::signature_util::IsSigned(info_.local_file)) { |
| + signature_util_->CheckSignature(info_.local_file, &signature_info_); |
| + bool is_signed; |
| + if (signature_info_.has_certificate_contents()) { |
| VLOG(2) << "Downloaded a signed binary: " << info_.local_file.value(); |
| - is_signed_ = true; |
| + is_signed = true; |
| } else { |
| VLOG(2) << "Downloaded an unsigned binary: " << info_.local_file.value(); |
| - is_signed_ = false; |
| + is_signed = false; |
|
noelutz
2011/11/04 04:41:11
nit: I guess you don't really need that boolean an
Brian Ryner
2011/11/04 22:20:30
I left it as a convenience, that way we only need
|
| } |
| - UMA_HISTOGRAM_BOOLEAN("SBClientDownload.SignedBinaryDownload", is_signed_); |
| + UMA_HISTOGRAM_BOOLEAN("SBClientDownload.SignedBinaryDownload", is_signed); |
| // TODO(noelutz): DownloadInfo should also contain the IP address of every |
| // URL in the redirect chain. We also should check whether the download |
| @@ -254,7 +257,7 @@ |
| sb_service_->MatchDownloadWhitelistUrl(info_.referrer_url)) { |
| reason = REASON_WHITELISTED_REFERRER; |
| } |
| - if (reason != REASON_MAX || is_signed_) { |
| + if (reason != REASON_MAX || signature_info_.has_certificate_contents()) { |
| UMA_HISTOGRAM_COUNTS("SBClientDownload.SignedOrWhitelistedDownload", 1); |
| } |
| } |
| @@ -304,6 +307,7 @@ |
| // TODO(noelutz): fill out the remote IP addresses. |
| } |
| request.set_user_initiated(info_.user_initiated); |
| + request.mutable_signature()->CopyFrom(signature_info_); |
| std::string request_data; |
| if (!request.SerializeToString(&request_data)) { |
| RecordStats(REASON_INVALID_REQUEST_PROTO); |
| @@ -347,12 +351,13 @@ |
| } |
| DownloadInfo info_; |
| + ClientDownloadRequest_SignatureInfo signature_info_; |
| CheckDownloadCallback callback_; |
| // Will be NULL if the request has been canceled. |
| DownloadProtectionService* service_; |
| + scoped_refptr<SignatureUtil> signature_util_; |
| scoped_refptr<SafeBrowsingService> sb_service_; |
| const bool pingback_enabled_; |
| - bool is_signed_; |
| scoped_ptr<content::URLFetcher> fetcher_; |
| DISALLOW_COPY_AND_ASSIGN(CheckClientDownloadRequest); |
| @@ -363,7 +368,8 @@ |
| net::URLRequestContextGetter* request_context_getter) |
| : sb_service_(sb_service), |
| request_context_getter_(request_context_getter), |
| - enabled_(false) {} |
| + enabled_(false), |
| + signature_util_(new SignatureUtil()) {} |
| DownloadProtectionService::~DownloadProtectionService() { |
| DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| @@ -385,7 +391,8 @@ |
| const DownloadProtectionService::DownloadInfo& info, |
| const CheckDownloadCallback& callback) { |
| scoped_refptr<CheckClientDownloadRequest> request( |
| - new CheckClientDownloadRequest(info, callback, this, sb_service_)); |
| + new CheckClientDownloadRequest(info, callback, this, |
| + sb_service_, signature_util_.get())); |
| download_requests_.insert(request); |
| request->Start(); |
| } |