| OLD | NEW |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/net/crl_set_fetcher.h" | 5 #include "chrome/browser/net/crl_set_fetcher.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/files/file_util.h" | 8 #include "base/files/file_util.h" |
| 9 #include "base/numerics/safe_conversions.h" | 9 #include "base/numerics/safe_conversions.h" |
| 10 #include "base/rand_util.h" | 10 #include "base/rand_util.h" |
| (...skipping 18 matching lines...) Expand all Loading... |
| 29 void CRLSetFetcher::SetCRLSetFilePath(const base::FilePath& path) { | 29 void CRLSetFetcher::SetCRLSetFilePath(const base::FilePath& path) { |
| 30 crl_path_ = path.Append(chrome::kCRLSetFilename); | 30 crl_path_ = path.Append(chrome::kCRLSetFilename); |
| 31 } | 31 } |
| 32 | 32 |
| 33 base::FilePath CRLSetFetcher::GetCRLSetFilePath() const { | 33 base::FilePath CRLSetFetcher::GetCRLSetFilePath() const { |
| 34 return crl_path_; | 34 return crl_path_; |
| 35 } | 35 } |
| 36 | 36 |
| 37 void CRLSetFetcher::StartInitialLoad(ComponentUpdateService* cus, | 37 void CRLSetFetcher::StartInitialLoad(ComponentUpdateService* cus, |
| 38 const base::FilePath& path) { | 38 const base::FilePath& path) { |
| 39 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 39 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
| 40 if (path.empty()) | 40 if (path.empty()) |
| 41 return; | 41 return; |
| 42 SetCRLSetFilePath(path); | 42 SetCRLSetFilePath(path); |
| 43 cus_ = cus; | 43 cus_ = cus; |
| 44 | 44 |
| 45 if (!BrowserThread::PostTask( | 45 if (!BrowserThread::PostTask( |
| 46 BrowserThread::FILE, FROM_HERE, | 46 BrowserThread::FILE, FROM_HERE, |
| 47 base::Bind(&CRLSetFetcher::DoInitialLoadFromDisk, this))) { | 47 base::Bind(&CRLSetFetcher::DoInitialLoadFromDisk, this))) { |
| 48 NOTREACHED(); | 48 NOTREACHED(); |
| 49 } | 49 } |
| 50 } | 50 } |
| 51 | 51 |
| 52 void CRLSetFetcher::DeleteFromDisk(const base::FilePath& path) { | 52 void CRLSetFetcher::DeleteFromDisk(const base::FilePath& path) { |
| 53 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 53 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
| 54 | 54 |
| 55 if (path.empty()) | 55 if (path.empty()) |
| 56 return; | 56 return; |
| 57 SetCRLSetFilePath(path); | 57 SetCRLSetFilePath(path); |
| 58 if (!BrowserThread::PostTask( | 58 if (!BrowserThread::PostTask( |
| 59 BrowserThread::FILE, FROM_HERE, | 59 BrowserThread::FILE, FROM_HERE, |
| 60 base::Bind(&CRLSetFetcher::DoDeleteFromDisk, this))) { | 60 base::Bind(&CRLSetFetcher::DoDeleteFromDisk, this))) { |
| 61 NOTREACHED(); | 61 NOTREACHED(); |
| 62 } | 62 } |
| 63 } | 63 } |
| 64 | 64 |
| 65 void CRLSetFetcher::DoInitialLoadFromDisk() { | 65 void CRLSetFetcher::DoInitialLoadFromDisk() { |
| 66 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::FILE)); | 66 DCHECK_CURRENTLY_ON(BrowserThread::FILE); |
| 67 | 67 |
| 68 LoadFromDisk(GetCRLSetFilePath(), &crl_set_); | 68 LoadFromDisk(GetCRLSetFilePath(), &crl_set_); |
| 69 | 69 |
| 70 uint32 sequence_of_loaded_crl = 0; | 70 uint32 sequence_of_loaded_crl = 0; |
| 71 if (crl_set_.get()) | 71 if (crl_set_.get()) |
| 72 sequence_of_loaded_crl = crl_set_->sequence(); | 72 sequence_of_loaded_crl = crl_set_->sequence(); |
| 73 | 73 |
| 74 // Get updates, advertising the sequence number of the CRL set that we just | 74 // Get updates, advertising the sequence number of the CRL set that we just |
| 75 // loaded, if any. | 75 // loaded, if any. |
| 76 if (!BrowserThread::PostTask( | 76 if (!BrowserThread::PostTask( |
| 77 BrowserThread::UI, FROM_HERE, | 77 BrowserThread::UI, FROM_HERE, |
| 78 base::Bind( | 78 base::Bind( |
| 79 &CRLSetFetcher::RegisterComponent, | 79 &CRLSetFetcher::RegisterComponent, |
| 80 this, | 80 this, |
| 81 sequence_of_loaded_crl))) { | 81 sequence_of_loaded_crl))) { |
| 82 NOTREACHED(); | 82 NOTREACHED(); |
| 83 } | 83 } |
| 84 } | 84 } |
| 85 | 85 |
| 86 void CRLSetFetcher::LoadFromDisk(base::FilePath path, | 86 void CRLSetFetcher::LoadFromDisk(base::FilePath path, |
| 87 scoped_refptr<net::CRLSet>* out_crl_set) { | 87 scoped_refptr<net::CRLSet>* out_crl_set) { |
| 88 TRACE_EVENT0("CRLSetFetcher", "LoadFromDisk"); | 88 TRACE_EVENT0("CRLSetFetcher", "LoadFromDisk"); |
| 89 | 89 |
| 90 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::FILE)); | 90 DCHECK_CURRENTLY_ON(BrowserThread::FILE); |
| 91 | 91 |
| 92 std::string crl_set_bytes; | 92 std::string crl_set_bytes; |
| 93 { | 93 { |
| 94 TRACE_EVENT0("CRLSetFetcher", "ReadFileToString"); | 94 TRACE_EVENT0("CRLSetFetcher", "ReadFileToString"); |
| 95 if (!base::ReadFileToString(path, &crl_set_bytes)) | 95 if (!base::ReadFileToString(path, &crl_set_bytes)) |
| 96 return; | 96 return; |
| 97 } | 97 } |
| 98 | 98 |
| 99 if (!net::CRLSetStorage::Parse(crl_set_bytes, out_crl_set)) { | 99 if (!net::CRLSetStorage::Parse(crl_set_bytes, out_crl_set)) { |
| 100 LOG(WARNING) << "Failed to parse CRL set from " << path.MaybeAsASCII(); | 100 LOG(WARNING) << "Failed to parse CRL set from " << path.MaybeAsASCII(); |
| 101 return; | 101 return; |
| 102 } | 102 } |
| 103 | 103 |
| 104 VLOG(1) << "Loaded " << crl_set_bytes.size() << " bytes of CRL set from disk"; | 104 VLOG(1) << "Loaded " << crl_set_bytes.size() << " bytes of CRL set from disk"; |
| 105 | 105 |
| 106 if (!BrowserThread::PostTask( | 106 if (!BrowserThread::PostTask( |
| 107 BrowserThread::IO, FROM_HERE, | 107 BrowserThread::IO, FROM_HERE, |
| 108 base::Bind( | 108 base::Bind( |
| 109 &CRLSetFetcher::SetCRLSetIfNewer, this, *out_crl_set))) { | 109 &CRLSetFetcher::SetCRLSetIfNewer, this, *out_crl_set))) { |
| 110 NOTREACHED(); | 110 NOTREACHED(); |
| 111 } | 111 } |
| 112 } | 112 } |
| 113 | 113 |
| 114 void CRLSetFetcher::SetCRLSetIfNewer( | 114 void CRLSetFetcher::SetCRLSetIfNewer( |
| 115 scoped_refptr<net::CRLSet> crl_set) { | 115 scoped_refptr<net::CRLSet> crl_set) { |
| 116 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 116 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
| 117 | 117 |
| 118 scoped_refptr<net::CRLSet> old_crl_set(net::SSLConfigService::GetCRLSet()); | 118 scoped_refptr<net::CRLSet> old_crl_set(net::SSLConfigService::GetCRLSet()); |
| 119 if (old_crl_set.get() && old_crl_set->sequence() > crl_set->sequence()) { | 119 if (old_crl_set.get() && old_crl_set->sequence() > crl_set->sequence()) { |
| 120 LOG(WARNING) << "Refusing to downgrade CRL set from #" | 120 LOG(WARNING) << "Refusing to downgrade CRL set from #" |
| 121 << old_crl_set->sequence() | 121 << old_crl_set->sequence() |
| 122 << "to #" | 122 << "to #" |
| 123 << crl_set->sequence(); | 123 << crl_set->sequence(); |
| 124 } else { | 124 } else { |
| 125 net::SSLConfigService::SetCRLSet(crl_set); | 125 net::SSLConfigService::SetCRLSet(crl_set); |
| 126 VLOG(1) << "Installed CRL set #" << crl_set->sequence(); | 126 VLOG(1) << "Installed CRL set #" << crl_set->sequence(); |
| 127 } | 127 } |
| 128 } | 128 } |
| 129 | 129 |
| 130 // kPublicKeySHA256 is the SHA256 hash of the SubjectPublicKeyInfo of the key | 130 // kPublicKeySHA256 is the SHA256 hash of the SubjectPublicKeyInfo of the key |
| 131 // that's used to sign generated CRL sets. | 131 // that's used to sign generated CRL sets. |
| 132 static const uint8 kPublicKeySHA256[32] = { | 132 static const uint8 kPublicKeySHA256[32] = { |
| 133 0x75, 0xda, 0xf8, 0xcb, 0x77, 0x68, 0x40, 0x33, | 133 0x75, 0xda, 0xf8, 0xcb, 0x77, 0x68, 0x40, 0x33, |
| 134 0x65, 0x4c, 0x97, 0xe5, 0xc5, 0x1b, 0xcd, 0x81, | 134 0x65, 0x4c, 0x97, 0xe5, 0xc5, 0x1b, 0xcd, 0x81, |
| 135 0x7b, 0x1e, 0xeb, 0x11, 0x2c, 0xe1, 0xa4, 0x33, | 135 0x7b, 0x1e, 0xeb, 0x11, 0x2c, 0xe1, 0xa4, 0x33, |
| 136 0x8c, 0xf5, 0x72, 0x5e, 0xed, 0xb8, 0x43, 0x97, | 136 0x8c, 0xf5, 0x72, 0x5e, 0xed, 0xb8, 0x43, 0x97, |
| 137 }; | 137 }; |
| 138 | 138 |
| 139 void CRLSetFetcher::RegisterComponent(uint32 sequence_of_loaded_crl) { | 139 void CRLSetFetcher::RegisterComponent(uint32 sequence_of_loaded_crl) { |
| 140 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 140 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
| 141 | 141 |
| 142 update_client::CrxComponent component; | 142 update_client::CrxComponent component; |
| 143 component.pk_hash.assign(kPublicKeySHA256, | 143 component.pk_hash.assign(kPublicKeySHA256, |
| 144 kPublicKeySHA256 + sizeof(kPublicKeySHA256)); | 144 kPublicKeySHA256 + sizeof(kPublicKeySHA256)); |
| 145 component.installer = this; | 145 component.installer = this; |
| 146 component.name = "CRLSet"; | 146 component.name = "CRLSet"; |
| 147 component.version = Version(base::UintToString(sequence_of_loaded_crl)); | 147 component.version = Version(base::UintToString(sequence_of_loaded_crl)); |
| 148 component.allow_background_download = false; | 148 component.allow_background_download = false; |
| 149 if (!component.version.IsValid()) { | 149 if (!component.version.IsValid()) { |
| 150 NOTREACHED(); | 150 NOTREACHED(); |
| 151 component.version = Version("0"); | 151 component.version = Version("0"); |
| 152 } | 152 } |
| 153 | 153 |
| 154 if (cus_->RegisterComponent(component) != | 154 if (cus_->RegisterComponent(component) != |
| 155 ComponentUpdateService::Status::kOk) { | 155 ComponentUpdateService::Status::kOk) { |
| 156 NOTREACHED() << "RegisterComponent returned error"; | 156 NOTREACHED() << "RegisterComponent returned error"; |
| 157 } | 157 } |
| 158 } | 158 } |
| 159 | 159 |
| 160 void CRLSetFetcher::DoDeleteFromDisk() { | 160 void CRLSetFetcher::DoDeleteFromDisk() { |
| 161 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::FILE)); | 161 DCHECK_CURRENTLY_ON(BrowserThread::FILE); |
| 162 | 162 |
| 163 DeleteFile(GetCRLSetFilePath(), false /* not recursive */); | 163 DeleteFile(GetCRLSetFilePath(), false /* not recursive */); |
| 164 } | 164 } |
| 165 | 165 |
| 166 void CRLSetFetcher::OnUpdateError(int error) { | 166 void CRLSetFetcher::OnUpdateError(int error) { |
| 167 LOG(WARNING) << "CRLSetFetcher got error " << error | 167 LOG(WARNING) << "CRLSetFetcher got error " << error |
| 168 << " from component installer"; | 168 << " from component installer"; |
| 169 } | 169 } |
| 170 | 170 |
| 171 bool CRLSetFetcher::Install(const base::DictionaryValue& manifest, | 171 bool CRLSetFetcher::Install(const base::DictionaryValue& manifest, |
| (...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 239 bool CRLSetFetcher::GetInstalledFile( | 239 bool CRLSetFetcher::GetInstalledFile( |
| 240 const std::string& file, base::FilePath* installed_file) { | 240 const std::string& file, base::FilePath* installed_file) { |
| 241 return false; | 241 return false; |
| 242 } | 242 } |
| 243 | 243 |
| 244 bool CRLSetFetcher::Uninstall() { | 244 bool CRLSetFetcher::Uninstall() { |
| 245 return false; | 245 return false; |
| 246 } | 246 } |
| 247 | 247 |
| 248 CRLSetFetcher::~CRLSetFetcher() {} | 248 CRLSetFetcher::~CRLSetFetcher() {} |
| OLD | NEW |