Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(774)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/safe_browsing/download_protection_service.cc

Issue 8572037: Whitelist executables that are trusted in the SafeBrowsing download protection. (Closed) Base URL: http://git.chromium.org/git/chromium.git@trunk
Patch Set: Address Matt's comments Created 9 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/browser/safe_browsing/download_protection_service.h ('k') | chrome/browser/safe_browsing/download_protection_service_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/safe_browsing/download_protection_service.h" 5 #include "chrome/browser/safe_browsing/download_protection_service.h"
6 6
7 #include "base/bind.h" 7 #include "base/bind.h"
8 #include "base/format_macros.h" 8 #include "base/format_macros.h"
9 #include "base/memory/scoped_ptr.h" 9 #include "base/memory/scoped_ptr.h"
10 #include "base/metrics/histogram.h" 10 #include "base/metrics/histogram.h"
(...skipping 466 matching lines...) Expand 10 before | Expand all | Expand 10 after
477 const GURL& url = info_.download_url_chain[i]; 477 const GURL& url = info_.download_url_chain[i];
478 if (url.is_valid() && sb_service_->MatchDownloadWhitelistUrl(url)) { 478 if (url.is_valid() && sb_service_->MatchDownloadWhitelistUrl(url)) {
479 reason = REASON_WHITELISTED_URL; 479 reason = REASON_WHITELISTED_URL;
480 break; 480 break;
481 } 481 }
482 } 482 }
483 if (info_.referrer_url.is_valid() && reason == REASON_MAX && 483 if (info_.referrer_url.is_valid() && reason == REASON_MAX &&
484 sb_service_->MatchDownloadWhitelistUrl(info_.referrer_url)) { 484 sb_service_->MatchDownloadWhitelistUrl(info_.referrer_url)) {
485 reason = REASON_WHITELISTED_REFERRER; 485 reason = REASON_WHITELISTED_REFERRER;
486 } 486 }
487 if (reason != REASON_MAX || 487 if (reason != REASON_MAX || signature_info_.trusted()) {
488 signature_info_.certificate_chain_size() > 0) {
489 UMA_HISTOGRAM_COUNTS("SBClientDownload.SignedOrWhitelistedDownload", 1); 488 UMA_HISTOGRAM_COUNTS("SBClientDownload.SignedOrWhitelistedDownload", 1);
490 } 489 }
491 } 490 }
491 if (reason == REASON_MAX && signature_info_.trusted()) {
492 // TODO(noelutz): implement a certificate whitelist and only whitelist
493 // binaries whose certificate match the whitelist.
494 reason = REASON_TRUSTED_EXECUTABLE;
495 }
492 if (reason != REASON_MAX) { 496 if (reason != REASON_MAX) {
493 RecordImprovedProtectionStats(reason); 497 RecordImprovedProtectionStats(reason);
494 CheckDigestList(); 498 CheckDigestList();
495 } else if (!pingback_enabled_) { 499 } else if (!pingback_enabled_) {
496 RecordImprovedProtectionStats(REASON_PING_DISABLED); 500 RecordImprovedProtectionStats(REASON_PING_DISABLED);
497 CheckDigestList(); 501 CheckDigestList();
498 } else { 502 } else {
499 // TODO(noelutz): check signature and CA against whitelist.
500
501 // The URLFetcher is owned by the UI thread, so post a message to 503 // The URLFetcher is owned by the UI thread, so post a message to
502 // start the pingback. 504 // start the pingback.
503 BrowserThread::PostTask( 505 BrowserThread::PostTask(
504 BrowserThread::UI, 506 BrowserThread::UI,
505 FROM_HERE, 507 FROM_HERE,
506 base::Bind(&CheckClientDownloadRequest::SendRequest, this)); 508 base::Bind(&CheckClientDownloadRequest::SendRequest, this));
507 } 509 }
508 } 510 }
509 511
510 void SendRequest() { 512 void SendRequest() {
(...skipping 139 matching lines...) Expand 10 before | Expand all | Expand 10 after
650 652
651 void DownloadProtectionService::RequestFinished( 653 void DownloadProtectionService::RequestFinished(
652 CheckClientDownloadRequest* request) { 654 CheckClientDownloadRequest* request) {
653 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); 655 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
654 std::set<scoped_refptr<CheckClientDownloadRequest> >::iterator it = 656 std::set<scoped_refptr<CheckClientDownloadRequest> >::iterator it =
655 download_requests_.find(request); 657 download_requests_.find(request);
656 DCHECK(it != download_requests_.end()); 658 DCHECK(it != download_requests_.end());
657 download_requests_.erase(*it); 659 download_requests_.erase(*it);
658 } 660 }
659 } // namespace safe_browsing 661 } // namespace safe_browsing
OLDNEW
« no previous file with comments | « chrome/browser/safe_browsing/download_protection_service.h ('k') | chrome/browser/safe_browsing/download_protection_service_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698