OLD | NEW |
---|---|
(Empty) | |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "components/certificate_transparency/log_proof_fetcher.h" | |
6 | |
7 #include <iterator> | |
8 #include <utility> | |
9 | |
10 #include "base/logging.h" | |
11 #include "base/memory/ref_counted.h" | |
12 #include "base/stl_util.h" | |
13 #include "base/strings/string_piece.h" | |
14 #include "base/strings/stringprintf.h" | |
15 #include "base/values.h" | |
16 #include "components/safe_json/safe_json_parser.h" | |
17 #include "net/base/load_flags.h" | |
18 #include "net/base/net_errors.h" | |
19 #include "net/base/request_priority.h" | |
20 #include "net/cert/ct_log_response_parser.h" | |
21 #include "net/cert/ct_log_verifier.h" | |
22 #include "net/cert/signed_tree_head.h" | |
23 #include "net/http/http_status_code.h" | |
24 #include "net/url_request/url_request_context.h" | |
25 #include "url/gurl.h" | |
26 | |
27 static const size_t kMaxLogResponseSizeInBytes = 600; | |
28 | |
29 namespace certificate_transparency { | |
30 | |
31 namespace { | |
32 | |
33 // Shamelessly copied from domain_reliability/util.cc | |
34 int GetNetErrorFromURLRequestStatus(const net::URLRequestStatus& status) { | |
35 switch (status.status()) { | |
36 case net::URLRequestStatus::SUCCESS: | |
37 return net::OK; | |
38 case net::URLRequestStatus::CANCELED: | |
39 return net::ERR_ABORTED; | |
40 case net::URLRequestStatus::FAILED: | |
41 return status.error(); | |
42 default: | |
43 NOTREACHED(); | |
44 return net::ERR_FAILED; | |
45 } | |
46 } | |
47 | |
48 } // namespace | |
49 | |
50 LogProofFetcher::FetchState::FetchState( | |
51 const std::string& id, | |
52 const SignedTreeHeadFetchedCallback& fetched_callback, | |
53 const FetchFailedCallback& failed_callback) | |
54 : log_id(id), | |
55 fetched_callback(fetched_callback), | |
56 failed_callback(failed_callback), | |
57 response_buffer(new net::IOBufferWithSize(kMaxLogResponseSizeInBytes)) {} | |
58 | |
59 LogProofFetcher::FetchState::~FetchState() {} | |
60 | |
61 LogProofFetcher::LogProofFetcher(net::URLRequestContext* request_context) | |
62 : request_context_(request_context), weak_factory_(this) { | |
63 DCHECK(request_context); | |
64 } | |
65 | |
66 LogProofFetcher::~LogProofFetcher() { | |
67 STLDeleteContainerPairPointers(inflight_requests_.begin(), | |
68 inflight_requests_.end()); | |
69 } | |
70 | |
71 void LogProofFetcher::FetchSignedTreeHead( | |
72 const GURL& base_log_url, | |
73 const std::string& log_id, | |
74 const SignedTreeHeadFetchedCallback& fetched_callback, | |
75 const FetchFailedCallback& failed_callback) { | |
76 DCHECK(base_log_url.SchemeIsHTTPOrHTTPS()); | |
77 GURL fetch_url(base_log_url.Resolve("ct/v1/get-sth")); | |
78 scoped_ptr<net::URLRequest> request = | |
79 request_context_->CreateRequest(fetch_url, net::DEFAULT_PRIORITY, this); | |
80 request->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES | | |
81 net::LOAD_DO_NOT_SAVE_COOKIES | | |
82 net::LOAD_DO_NOT_SEND_AUTH_DATA); | |
83 | |
84 FetchState* fetch_state = | |
85 new FetchState(log_id, fetched_callback, failed_callback); | |
86 request->Start(); | |
87 inflight_requests_.insert(std::make_pair(request.release(), fetch_state)); | |
88 } | |
89 | |
90 void LogProofFetcher::OnResponseStarted(net::URLRequest* request) { | |
91 net::URLRequestStatus status(request->status()); | |
92 DCHECK(inflight_requests_.count(request)); | |
93 FetchState* fetch_state = inflight_requests_.find(request)->second; | |
94 | |
95 if (!status.is_success() || request->GetResponseCode() != net::HTTP_OK) { | |
96 int net_error = net::OK; | |
97 int http_response_code = request->GetResponseCode(); | |
98 | |
99 DVLOG(1) << "Fetching STH from " << request->original_url() | |
100 << " failed. status:" << status.status() | |
101 << " error:" << status.error() | |
102 << " http response code: " << http_response_code; | |
103 if (!status.is_success()) | |
104 net_error = GetNetErrorFromURLRequestStatus(status); | |
105 | |
106 fetch_state->failed_callback.Run(fetch_state->log_id, net_error, | |
107 http_response_code); | |
108 CleanupRequest(request); | |
mmenke
2015/08/03 18:18:54
Optional: There are 4 places where you call faile
Eran Messeri
2015/08/04 16:15:42
Done - I have a failure handling method (there's o
| |
109 return; | |
110 } | |
111 | |
112 StartNextRead(request, fetch_state); | |
113 } | |
114 | |
115 void LogProofFetcher::OnReadCompleted(net::URLRequest* request, | |
116 int bytes_read) { | |
117 DCHECK(inflight_requests_.count(request)); | |
118 FetchState* fetch_state = inflight_requests_.find(request)->second; | |
119 | |
120 if (HandleReadResult(request, fetch_state, bytes_read)) | |
121 StartNextRead(request, fetch_state); | |
122 } | |
123 | |
124 bool LogProofFetcher::HandleReadResult(net::URLRequest* request, | |
125 FetchState* fetch_state, | |
126 int bytes_read) { | |
127 // Start by checking for an error condition. | |
128 // If there are errors, invoke the failure callback and clean up the | |
129 // request. | |
130 if (bytes_read == -1 || !request->status().is_success()) { | |
131 net::URLRequestStatus status(request->status()); | |
132 DVLOG(1) << "Read error: " << status.status() << " " << status.error(); | |
133 int net_error = GetNetErrorFromURLRequestStatus(status); | |
134 fetch_state->failed_callback.Run(fetch_state->log_id, net_error, 0); | |
mmenke
2015/08/03 18:18:54
0 -> net::OK
Eran Messeri
2015/08/04 16:15:42
Done.
| |
135 CleanupRequest(request); | |
136 return false; | |
137 } | |
138 | |
139 // Not an error, but no data available, so wait for OnReadCompleted | |
140 // callback. | |
141 if (request->status().is_io_pending()) | |
142 return false; | |
143 | |
144 // Nothing more to read from the stream - finish handling the response. | |
145 if (bytes_read == 0) { | |
146 RequestComplete(request); | |
147 return false; | |
148 } | |
149 | |
150 // We have data, collect it and indicate another read is needed. | |
151 DVLOG(1) << "Have " << bytes_read << " bytes to assemble."; | |
152 DCHECK_GE(bytes_read, 0); | |
153 fetch_state->assembled_response.append(fetch_state->response_buffer->data(), | |
154 bytes_read); | |
155 if (fetch_state->assembled_response.size() > kMaxLogResponseSizeInBytes) { | |
156 // Log response is too big, invoke the failure callback. | |
157 fetch_state->failed_callback.Run(fetch_state->log_id, net::ERR_FILE_TOO_BIG, | |
158 net::HTTP_OK); | |
159 CleanupRequest(request); | |
160 return false; | |
161 } | |
162 | |
163 return true; | |
164 } | |
165 | |
166 void LogProofFetcher::StartNextRead(net::URLRequest* request, | |
167 FetchState* fetch_state) { | |
168 bool continue_reading = true; | |
169 while (continue_reading) { | |
170 int read_bytes = 0; | |
171 request->Read(fetch_state->response_buffer.get(), | |
172 fetch_state->response_buffer->size(), &read_bytes); | |
173 continue_reading = HandleReadResult(request, fetch_state, read_bytes); | |
174 } | |
175 } | |
176 | |
177 void LogProofFetcher::RequestComplete(net::URLRequest* request) { | |
178 DCHECK(inflight_requests_.count(request)); | |
179 | |
180 FetchState* fetch_state = inflight_requests_.find(request)->second; | |
181 | |
182 // Get rid of the buffer as it really isn't necessary. | |
183 fetch_state->response_buffer = nullptr; | |
184 safe_json::SafeJsonParser::Parse( | |
185 fetch_state->assembled_response, | |
186 base::Bind(&LogProofFetcher::OnSTHJsonParseSuccess, | |
187 weak_factory_.GetWeakPtr(), request), | |
188 base::Bind(&LogProofFetcher::OnSTHJsonParseError, | |
189 weak_factory_.GetWeakPtr(), request)); | |
190 } | |
191 | |
192 void LogProofFetcher::CleanupRequest(net::URLRequest* request) { | |
193 DVLOG(1) << "Cleaning up request to " << request->original_url(); | |
194 auto it = inflight_requests_.find(request); | |
195 DCHECK(it != inflight_requests_.end()); | |
196 | |
197 // Delete FetchState and URLRequest, then the entry from inflight_requests_. | |
198 STLDeleteContainerPairPointers(it, std::next(it)); | |
199 inflight_requests_.erase(it); | |
200 } | |
201 | |
202 void LogProofFetcher::OnSTHJsonParseSuccess( | |
203 net::URLRequest* request, | |
204 scoped_ptr<base::Value> parsed_json) { | |
205 DCHECK(inflight_requests_.count(request)); | |
206 | |
207 FetchState* fetch_state = inflight_requests_.find(request)->second; | |
208 net::ct::SignedTreeHead signed_tree_head; | |
209 if (net::ct::FillSignedTreeHead(*parsed_json.get(), &signed_tree_head)) { | |
210 fetch_state->fetched_callback.Run(fetch_state->log_id, signed_tree_head); | |
211 } else { | |
212 fetch_state->failed_callback.Run(fetch_state->log_id, | |
213 net::ERR_CT_STH_INCOMPLETE, net::HTTP_OK); | |
214 } | |
215 | |
216 CleanupRequest(request); | |
217 } | |
218 | |
219 void LogProofFetcher::OnSTHJsonParseError(net::URLRequest* request, | |
220 const std::string& error) { | |
221 DCHECK(inflight_requests_.count(request)); | |
222 FetchState* fetch_state = inflight_requests_.find(request)->second; | |
223 | |
224 fetch_state->failed_callback.Run( | |
225 fetch_state->log_id, net::ERR_CT_STH_PARSING_FAILED, net::HTTP_OK); | |
226 CleanupRequest(request); | |
227 } | |
228 | |
229 } // namespace certificate_transparency | |
OLD | NEW |