components/certificate_transparency/log_proof_fetcher.cc - Issue 1222953002: Certificate Transparency: Add STH Fetching capability.

Side by Side Diff: components/certificate_transparency/log_proof_fetcher.cc

Issue 1222953002: Certificate Transparency: Add STH Fetching capability. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Simplified tests, FetchState again an implementation detail Created 5 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« components/certificate_transparency/log_proof_fetcher.h ('K') | « components/certificate_transparency/log_proof_fetcher.h ('k') | components/certificate_transparency/log_proof_fetcher_unittest.cc » ('j') | components/certificate_transparency/log_proof_fetcher_unittest.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
(Empty)
	1 // Copyright 2015 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #include "components/certificate_transparency/log_proof_fetcher.h"

	6

	7 #include <iterator>

	8

	9 #include "base/logging.h"

	10 #include "base/memory/ref_counted.h"

	11 #include "base/stl_util.h"

	12 #include "base/strings/string_piece.h"
	mmenke 2015/08/04 19:54:29 I don't think you're using this? I don't think you're using this? Eran Messeri 2015/08/05 13:10:51 Done. Show quoted text On 2015/08/04 19:54:29, mmenke wrote: > I don't think you're using this? Done.
	13 #include "base/strings/stringprintf.h"
	mmenke 2015/08/04 19:54:29 Not being used Not being used Eran Messeri 2015/08/05 13:10:51 Done, trimmed a few other headers. Show quoted text On 2015/08/04 19:54:29, mmenke wrote: > Not being used Done, trimmed a few other headers.
	14 #include "base/values.h"

	15 #include "components/safe_json/safe_json_parser.h"

	16 #include "net/base/load_flags.h"

	17 #include "net/base/net_errors.h"

	18 #include "net/base/request_priority.h"

	19 #include "net/cert/ct_log_response_parser.h"

	20 #include "net/cert/ct_log_verifier.h"

	21 #include "net/cert/signed_tree_head.h"

	22 #include "net/http/http_status_code.h"

	23 #include "net/url_request/url_request_context.h"

	24 #include "url/gurl.h"

	25

	26 namespace certificate_transparency {

	27

	28 namespace {

	29

	30 // Shamelessly copied from domain_reliability/util.cc

	31 int GetNetErrorFromURLRequestStatus(const net::URLRequestStatus& status) {

	32 switch (status.status()) {

	33 case net::URLRequestStatus::SUCCESS:

	34 return net::OK;

	35 case net::URLRequestStatus::CANCELED:

	36 return net::ERR_ABORTED;

	37 case net::URLRequestStatus::FAILED:

	38 return status.error();

	39 default:

	40 NOTREACHED();

	41 return net::ERR_FAILED;

	42 }

	43 }

	44

	45 } // namespace

	46

	47 struct LogProofFetcher::FetchState {

	48 FetchState(const std::string& log_id,

	49 const SignedTreeHeadFetchedCallback& fetched_callback,

	50 const FetchFailedCallback& failed_callback);

	51 ~FetchState();

	52

	53 std::string log_id;

	54 SignedTreeHeadFetchedCallback fetched_callback;

	55 FetchFailedCallback failed_callback;

	56 scoped_refptr<net::IOBufferWithSize> response_buffer;
	mmenke 2015/08/04 19:54:29 Should include the IOBuffer header Should include the IOBuffer header Eran Messeri 2015/08/05 13:10:51 Done. Show quoted text On 2015/08/04 19:54:29, mmenke wrote: > Should include the IOBuffer header Done.
	57 std::string assembled_response;

	58 };

	59

	60 LogProofFetcher::FetchState::FetchState(

	61 const std::string& log_id,

	62 const SignedTreeHeadFetchedCallback& fetched_callback,

	63 const FetchFailedCallback& failed_callback)

	64 : log_id(log_id),

	65 fetched_callback(fetched_callback),

	66 failed_callback(failed_callback),

	67 response_buffer(new net::IOBufferWithSize(kMaxLogResponseSizeInBytes)) {}

	68

	69 LogProofFetcher::FetchState::~FetchState() {}

	70

	71 LogProofFetcher::LogProofFetcher(net::URLRequestContext* request_context)

	72 : request_context_(request_context), weak_factory_(this) {

	73 DCHECK(request_context);

	74 }

	75

	76 LogProofFetcher::~LogProofFetcher() {

	77 STLDeleteContainerPairPointers(inflight_requests_.begin(),

	78 inflight_requests_.end());

	79 }

	80

	81 void LogProofFetcher::FetchSignedTreeHead(

	82 const GURL& base_log_url,

	83 const std::string& log_id,

	84 const SignedTreeHeadFetchedCallback& fetched_callback,

	85 const FetchFailedCallback& failed_callback) {

	86 DCHECK(base_log_url.SchemeIsHTTPOrHTTPS());

	87 GURL fetch_url(base_log_url.Resolve("ct/v1/get-sth"));

	88 scoped_ptr<net::URLRequest> request =

	89 request_context_->CreateRequest(fetch_url, net::DEFAULT_PRIORITY, this);

	90 request->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES \|

	91 net::LOAD_DO_NOT_SAVE_COOKIES \|

	92 net::LOAD_DO_NOT_SEND_AUTH_DATA);

	93

	94 FetchState* fetch_state =

	95 new FetchState(log_id, fetched_callback, failed_callback);

	96 request->Start();

	97 inflight_requests_.insert(std::make_pair(request.release(), fetch_state));

	98 }

	99

	100 void LogProofFetcher::OnResponseStarted(net::URLRequest* request) {

	101 net::URLRequestStatus status(request->status());

	102 DCHECK(inflight_requests_.count(request));

	103 FetchState* fetch_state = inflight_requests_.find(request)->second;

	104

	105 if (!status.is_success() \|\| request->GetResponseCode() != net::HTTP_OK) {

	106 int net_error = net::OK;

	107 int http_response_code = request->GetResponseCode();

	108

	109 DVLOG(1) << "Fetching STH from " << request->original_url()

	110 << " failed. status:" << status.status()

	111 << " error:" << status.error()

	112 << " http response code: " << http_response_code;

	113 if (!status.is_success())

	114 net_error = GetNetErrorFromURLRequestStatus(status);

	115

	116 InvokeFailureCallback(request, net_error, http_response_code);

	117 return;

	118 }

	119

	120 StartNextRead(request, fetch_state);

	121 }

	122

	123 void LogProofFetcher::OnReadCompleted(net::URLRequest* request,

	124 int bytes_read) {

	125 DCHECK(inflight_requests_.count(request));

	126 FetchState* fetch_state = inflight_requests_.find(request)->second;

	127

	128 if (HandleReadResult(request, fetch_state, bytes_read))

	129 StartNextRead(request, fetch_state);

	130 }

	131

	132 bool LogProofFetcher::HandleReadResult(net::URLRequest* request,

	133 FetchState* fetch_state,

	134 int bytes_read) {

	135 // Start by checking for an error condition.

	136 // If there are errors, invoke the failure callback and clean up the

	137 // request.

	138 if (bytes_read == -1 \|\| !request->status().is_success()) {

	139 net::URLRequestStatus status(request->status());

	140 DVLOG(1) << "Read error: " << status.status() << " " << status.error();

	141 InvokeFailureCallback(request, GetNetErrorFromURLRequestStatus(status),

	142 net::OK);

	143

	144 return false;

	145 }

	146

	147 // Not an error, but no data available, so wait for OnReadCompleted

	148 // callback.

	149 if (request->status().is_io_pending())

	150 return false;

	151

	152 // Nothing more to read from the stream - finish handling the response.

	153 if (bytes_read == 0) {

	154 RequestComplete(request);

	155 return false;

	156 }

	157

	158 // We have data, collect it and indicate another read is needed.

	159 DVLOG(1) << "Have " << bytes_read << " bytes to assemble.";

	160 DCHECK_GE(bytes_read, 0);

	161 fetch_state->assembled_response.append(fetch_state->response_buffer->data(),

	162 bytes_read);

	163 if (fetch_state->assembled_response.size() > kMaxLogResponseSizeInBytes) {

	164 // Log response is too big, invoke the failure callback.

	165 InvokeFailureCallback(request, net::ERR_FILE_TOO_BIG, net::HTTP_OK);

	166 return false;

	167 }

	168

	169 return true;

	170 }

	171

	172 void LogProofFetcher::StartNextRead(net::URLRequest* request,

	173 FetchState* fetch_state) {

	174 bool continue_reading = true;

	175 while (continue_reading) {

	176 int read_bytes = 0;

	177 request->Read(fetch_state->response_buffer.get(),

	178 fetch_state->response_buffer->size(), &read_bytes);

	179 continue_reading = HandleReadResult(request, fetch_state, read_bytes);

	180 }

	181 }

	182

	183 void LogProofFetcher::RequestComplete(net::URLRequest* request) {

	184 DCHECK(inflight_requests_.count(request));

	185

	186 FetchState* fetch_state = inflight_requests_.find(request)->second;

	187

	188 // Get rid of the buffer as it really isn't necessary.

	189 fetch_state->response_buffer = nullptr;

	190 safe_json::SafeJsonParser::Parse(

	191 fetch_state->assembled_response,

	192 base::Bind(&LogProofFetcher::OnSTHJsonParseSuccess,

	193 weak_factory_.GetWeakPtr(), request),

	194 base::Bind(&LogProofFetcher::OnSTHJsonParseError,

	195 weak_factory_.GetWeakPtr(), request));

	196 }

	197

	198 void LogProofFetcher::CleanupRequest(net::URLRequest* request) {

	199 DVLOG(1) << "Cleaning up request to " << request->original_url();

	200 auto it = inflight_requests_.find(request);

	201 DCHECK(it != inflight_requests_.end());

	202 auto next_it = it;

	203 std::advance(next_it, 1);

	204

	205 // Delete FetchState and URLRequest, then the entry from inflight_requests_.

	206 STLDeleteContainerPairPointers(it, next_it);
	mmenke 2015/08/04 19:54:29 Any reason not to just do: STLDeleteContainerPair Any reason not to just do: STLDeleteContainerPairPointers(it, it->next()); Think it's clearer than "next_it" Eran Messeri 2015/08/05 13:10:51 Seems like bidirectional stl iterators don't have Show quoted text On 2015/08/04 19:54:29, mmenke wrote: > Any reason not to just do: > > STLDeleteContainerPairPointers(it, it->next()); > > Think it's clearer than "next_it" Seems like bidirectional stl iterators don't have a next() method? C++11 has std::next but one of the trybots failed compiling that code, std::advance works on all of them. Am I missing something obvious here? mmenke 2015/08/05 15:37:09 You're not, I am - I had thought that there was an Show quoted text On 2015/08/05 13:10:51, Eran wrote: > On 2015/08/04 19:54:29, mmenke wrote: > > Any reason not to just do: > > > > STLDeleteContainerPairPointers(it, it->next()); > > > > Think it's clearer than "next_it" > > Seems like bidirectional stl iterators don't have a next() method? > C++11 has std::next but one of the trybots failed compiling that code, > std::advance works on all of them. > Am I missing something obvious here? You're not, I am - I had thought that there was an old way to get the next value from all iterator classes without modifying them, but there isn't.
	207 inflight_requests_.erase(it);

	208 }

	209

	210 void LogProofFetcher::InvokeFailureCallback(net::URLRequest* request,

	211 int net_error,

	212 int http_response_code) {

	213 DCHECK(inflight_requests_.count(request));

	214 auto it = inflight_requests_.find(request);

	215 FetchState* fetch_state = it->second;

	216

	217 fetch_state->failed_callback.Run(fetch_state->log_id, net_error,

	218 http_response_code);

	219 CleanupRequest(request);

	220 }

	221

	222 void LogProofFetcher::OnSTHJsonParseSuccess(

	223 net::URLRequest* request,

	224 scoped_ptr<base::Value> parsed_json) {

	225 DCHECK(inflight_requests_.count(request));

	226

	227 FetchState* fetch_state = inflight_requests_.find(request)->second;

	228 net::ct::SignedTreeHead signed_tree_head;

	229 if (net::ct::FillSignedTreeHead(*parsed_json.get(), &signed_tree_head)) {

	230 fetch_state->fetched_callback.Run(fetch_state->log_id, signed_tree_head);

	231 } else {

	232 fetch_state->failed_callback.Run(fetch_state->log_id,

	233 net::ERR_CT_STH_INCOMPLETE, net::HTTP_OK);

	234 }

	235

	236 CleanupRequest(request);

	237 }

	238

	239 void LogProofFetcher::OnSTHJsonParseError(net::URLRequest* request,

	240 const std::string& error) {

	241 InvokeFailureCallback(request, net::ERR_CT_STH_PARSING_FAILED, net::HTTP_OK);

	242 }

	243

	244 } // namespace certificate_transparency

OLD	NEW