| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/safe_browsing/download_protection_service.h" | 5 #include "chrome/browser/safe_browsing/download_protection_service.h" |
| 6 | 6 |
| 7 #include <map> | 7 #include <map> |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/base_paths.h" | 10 #include "base/base_paths.h" |
| (...skipping 155 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 166 for (int i = 0; i < request.resources_size(); ++i) { | 166 for (int i = 0; i < request.resources_size(); ++i) { |
| 167 if (request.resources(i).url() == url && | 167 if (request.resources(i).url() == url && |
| 168 request.resources(i).type() == type && | 168 request.resources(i).type() == type && |
| 169 (referrer.empty() || request.resources(i).referrer() == referrer)) { | 169 (referrer.empty() || request.resources(i).referrer() == referrer)) { |
| 170 return true; | 170 return true; |
| 171 } | 171 } |
| 172 } | 172 } |
| 173 return false; | 173 return false; |
| 174 } | 174 } |
| 175 | 175 |
| 176 // At this point we only set the server IP for the download itself. |
| 177 bool RequestContainsServerIp(const ClientDownloadRequest& request, |
| 178 const std::string& remote_address) { |
| 179 for (int i = 0; i < request.resources_size(); ++i) { |
| 180 // We want the last DOWNLOAD_URL in the chain. |
| 181 if (request.resources(i).type() == ClientDownloadRequest::DOWNLOAD_URL && |
| 182 (i + 1 == request.resources_size() || |
| 183 request.resources(i + 1).type() != |
| 184 ClientDownloadRequest::DOWNLOAD_URL)) { |
| 185 return remote_address == request.resources(i).remote_ip(); |
| 186 } |
| 187 } |
| 188 return false; |
| 189 } |
| 190 |
| 176 // Flushes any pending tasks in the message loops of all threads. | 191 // Flushes any pending tasks in the message loops of all threads. |
| 177 void FlushThreadMessageLoops() { | 192 void FlushThreadMessageLoops() { |
| 178 FlushMessageLoop(BrowserThread::FILE); | 193 FlushMessageLoop(BrowserThread::FILE); |
| 179 FlushMessageLoop(BrowserThread::IO); | 194 FlushMessageLoop(BrowserThread::IO); |
| 180 msg_loop_.RunAllPending(); | 195 msg_loop_.RunAllPending(); |
| 181 } | 196 } |
| 182 | 197 |
| 183 // Proxy for private method. | 198 // Proxy for private method. |
| 184 static void GetCertificateWhitelistStrings( | 199 static void GetCertificateWhitelistStrings( |
| 185 const net::X509Certificate& certificate, | 200 const net::X509Certificate& certificate, |
| (...skipping 213 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 399 TestURLFetcherFactory factory; | 414 TestURLFetcherFactory factory; |
| 400 | 415 |
| 401 DownloadProtectionService::DownloadInfo info; | 416 DownloadProtectionService::DownloadInfo info; |
| 402 info.local_file = FilePath(FILE_PATH_LITERAL("bla.tmp")); | 417 info.local_file = FilePath(FILE_PATH_LITERAL("bla.tmp")); |
| 403 info.target_file = FilePath(FILE_PATH_LITERAL("bla.exe")); | 418 info.target_file = FilePath(FILE_PATH_LITERAL("bla.exe")); |
| 404 info.download_url_chain.push_back(GURL("http://www.google.com/")); | 419 info.download_url_chain.push_back(GURL("http://www.google.com/")); |
| 405 info.download_url_chain.push_back(GURL("http://www.google.com/bla.exe")); | 420 info.download_url_chain.push_back(GURL("http://www.google.com/bla.exe")); |
| 406 info.referrer_url = GURL("http://www.google.com/"); | 421 info.referrer_url = GURL("http://www.google.com/"); |
| 407 info.sha256_hash = "hash"; | 422 info.sha256_hash = "hash"; |
| 408 info.total_bytes = 100; | 423 info.total_bytes = 100; |
| 409 info.user_initiated = false; | 424 info.user_initiated = true; |
| 425 info.remote_address = "10.11.12.13"; |
| 410 | 426 |
| 411 EXPECT_CALL(*sb_service_, MatchDownloadWhitelistUrl(_)) | 427 EXPECT_CALL(*sb_service_, MatchDownloadWhitelistUrl(_)) |
| 412 .WillRepeatedly(Return(false)); | 428 .WillRepeatedly(Return(false)); |
| 413 EXPECT_CALL(*signature_util_, CheckSignature(info.local_file, _)) | 429 EXPECT_CALL(*signature_util_, CheckSignature(info.local_file, _)) |
| 414 .WillOnce(SetCertificateContents("dummy cert data")); | 430 .WillOnce(SetCertificateContents("dummy cert data")); |
| 415 #if !defined(OS_WIN) | 431 #if !defined(OS_WIN) |
| 416 // If we're not on windows we won't be sending any request but instead | 432 // If we're not on windows we won't be sending any request but instead |
| 417 // we'll be looking up the download hash. | 433 // we'll be looking up the download hash. |
| 418 EXPECT_CALL(*sb_service_, | 434 EXPECT_CALL(*sb_service_, |
| 419 CheckDownloadHash(info.sha256_hash, NotNull())) | 435 CheckDownloadHash(info.sha256_hash, NotNull())) |
| (...skipping 11 matching lines...) Expand all Loading... |
| 431 #if !defined(OS_WIN) | 447 #if !defined(OS_WIN) |
| 432 EXPECT_EQ(NULL, fetcher); | 448 EXPECT_EQ(NULL, fetcher); |
| 433 #else | 449 #else |
| 434 ASSERT_TRUE(fetcher); | 450 ASSERT_TRUE(fetcher); |
| 435 ClientDownloadRequest request; | 451 ClientDownloadRequest request; |
| 436 EXPECT_TRUE(request.ParseFromString(fetcher->upload_data())); | 452 EXPECT_TRUE(request.ParseFromString(fetcher->upload_data())); |
| 437 EXPECT_EQ("http://www.google.com/bla.exe", request.url()); | 453 EXPECT_EQ("http://www.google.com/bla.exe", request.url()); |
| 438 EXPECT_EQ(info.sha256_hash, request.digests().sha256()); | 454 EXPECT_EQ(info.sha256_hash, request.digests().sha256()); |
| 439 EXPECT_EQ(info.total_bytes, request.length()); | 455 EXPECT_EQ(info.total_bytes, request.length()); |
| 440 EXPECT_EQ(info.user_initiated, request.user_initiated()); | 456 EXPECT_EQ(info.user_initiated, request.user_initiated()); |
| 457 EXPECT_TRUE(RequestContainsServerIp(request, info.remote_address)); |
| 441 EXPECT_EQ(2, request.resources_size()); | 458 EXPECT_EQ(2, request.resources_size()); |
| 442 EXPECT_TRUE(RequestContainsResource(request, | 459 EXPECT_TRUE(RequestContainsResource(request, |
| 443 ClientDownloadRequest::DOWNLOAD_REDIRECT, | 460 ClientDownloadRequest::DOWNLOAD_REDIRECT, |
| 444 "http://www.google.com/", "")); | 461 "http://www.google.com/", "")); |
| 445 EXPECT_TRUE(RequestContainsResource(request, | 462 EXPECT_TRUE(RequestContainsResource(request, |
| 446 ClientDownloadRequest::DOWNLOAD_URL, | 463 ClientDownloadRequest::DOWNLOAD_URL, |
| 447 "http://www.google.com/bla.exe", | 464 "http://www.google.com/bla.exe", |
| 448 info.referrer_url.spec())); | 465 info.referrer_url.spec())); |
| 449 EXPECT_TRUE(request.has_signature()); | 466 EXPECT_TRUE(request.has_signature()); |
| 450 ASSERT_EQ(1, request.signature().certificate_chain_size()); | 467 ASSERT_EQ(1, request.signature().certificate_chain_size()); |
| (...skipping 400 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 851 | 868 |
| 852 cert = net::X509Certificate::CreateSelfSigned( | 869 cert = net::X509Certificate::CreateSelfSigned( |
| 853 private_key.get(), "C=US", 1, base::TimeDelta::FromDays(1)); | 870 private_key.get(), "C=US", 1, base::TimeDelta::FromDays(1)); |
| 854 ASSERT_TRUE(cert.get()); | 871 ASSERT_TRUE(cert.get()); |
| 855 whitelist_strings.clear(); | 872 whitelist_strings.clear(); |
| 856 GetCertificateWhitelistStrings(*cert, *issuer_cert, &whitelist_strings); | 873 GetCertificateWhitelistStrings(*cert, *issuer_cert, &whitelist_strings); |
| 857 EXPECT_THAT(whitelist_strings, ElementsAre()); | 874 EXPECT_THAT(whitelist_strings, ElementsAre()); |
| 858 } | 875 } |
| 859 #endif | 876 #endif |
| 860 } // namespace safe_browsing | 877 } // namespace safe_browsing |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 8790006:
Add download server IP address to the SafeBrowsing download protection ping. (Closed)
Base URL: http://git.chromium.org/git/chromium.git@trunk