OLD | NEW |
---|---|
(Empty) | |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "components/certificate_transparency/log_proof_fetcher.h" | |
6 | |
7 #include <iterator> | |
8 | |
9 #include "base/logging.h" | |
10 #include "base/memory/ref_counted.h" | |
11 #include "base/stl_util.h" | |
12 #include "base/strings/string_piece.h" | |
mmenke
2015/08/04 19:54:29
I don't think you're using this?
Eran Messeri
2015/08/05 13:10:51
Done.
| |
13 #include "base/strings/stringprintf.h" | |
mmenke
2015/08/04 19:54:29
Not being used
Eran Messeri
2015/08/05 13:10:51
Done, trimmed a few other headers.
| |
14 #include "base/values.h" | |
15 #include "components/safe_json/safe_json_parser.h" | |
16 #include "net/base/load_flags.h" | |
17 #include "net/base/net_errors.h" | |
18 #include "net/base/request_priority.h" | |
19 #include "net/cert/ct_log_response_parser.h" | |
20 #include "net/cert/ct_log_verifier.h" | |
21 #include "net/cert/signed_tree_head.h" | |
22 #include "net/http/http_status_code.h" | |
23 #include "net/url_request/url_request_context.h" | |
24 #include "url/gurl.h" | |
25 | |
26 namespace certificate_transparency { | |
27 | |
28 namespace { | |
29 | |
30 // Shamelessly copied from domain_reliability/util.cc | |
31 int GetNetErrorFromURLRequestStatus(const net::URLRequestStatus& status) { | |
32 switch (status.status()) { | |
33 case net::URLRequestStatus::SUCCESS: | |
34 return net::OK; | |
35 case net::URLRequestStatus::CANCELED: | |
36 return net::ERR_ABORTED; | |
37 case net::URLRequestStatus::FAILED: | |
38 return status.error(); | |
39 default: | |
40 NOTREACHED(); | |
41 return net::ERR_FAILED; | |
42 } | |
43 } | |
44 | |
45 } // namespace | |
46 | |
47 struct LogProofFetcher::FetchState { | |
48 FetchState(const std::string& log_id, | |
49 const SignedTreeHeadFetchedCallback& fetched_callback, | |
50 const FetchFailedCallback& failed_callback); | |
51 ~FetchState(); | |
52 | |
53 std::string log_id; | |
54 SignedTreeHeadFetchedCallback fetched_callback; | |
55 FetchFailedCallback failed_callback; | |
56 scoped_refptr<net::IOBufferWithSize> response_buffer; | |
mmenke
2015/08/04 19:54:29
Should include the IOBuffer header
Eran Messeri
2015/08/05 13:10:51
Done.
| |
57 std::string assembled_response; | |
58 }; | |
59 | |
60 LogProofFetcher::FetchState::FetchState( | |
61 const std::string& log_id, | |
62 const SignedTreeHeadFetchedCallback& fetched_callback, | |
63 const FetchFailedCallback& failed_callback) | |
64 : log_id(log_id), | |
65 fetched_callback(fetched_callback), | |
66 failed_callback(failed_callback), | |
67 response_buffer(new net::IOBufferWithSize(kMaxLogResponseSizeInBytes)) {} | |
68 | |
69 LogProofFetcher::FetchState::~FetchState() {} | |
70 | |
71 LogProofFetcher::LogProofFetcher(net::URLRequestContext* request_context) | |
72 : request_context_(request_context), weak_factory_(this) { | |
73 DCHECK(request_context); | |
74 } | |
75 | |
76 LogProofFetcher::~LogProofFetcher() { | |
77 STLDeleteContainerPairPointers(inflight_requests_.begin(), | |
78 inflight_requests_.end()); | |
79 } | |
80 | |
81 void LogProofFetcher::FetchSignedTreeHead( | |
82 const GURL& base_log_url, | |
83 const std::string& log_id, | |
84 const SignedTreeHeadFetchedCallback& fetched_callback, | |
85 const FetchFailedCallback& failed_callback) { | |
86 DCHECK(base_log_url.SchemeIsHTTPOrHTTPS()); | |
87 GURL fetch_url(base_log_url.Resolve("ct/v1/get-sth")); | |
88 scoped_ptr<net::URLRequest> request = | |
89 request_context_->CreateRequest(fetch_url, net::DEFAULT_PRIORITY, this); | |
90 request->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES | | |
91 net::LOAD_DO_NOT_SAVE_COOKIES | | |
92 net::LOAD_DO_NOT_SEND_AUTH_DATA); | |
93 | |
94 FetchState* fetch_state = | |
95 new FetchState(log_id, fetched_callback, failed_callback); | |
96 request->Start(); | |
97 inflight_requests_.insert(std::make_pair(request.release(), fetch_state)); | |
98 } | |
99 | |
100 void LogProofFetcher::OnResponseStarted(net::URLRequest* request) { | |
101 net::URLRequestStatus status(request->status()); | |
102 DCHECK(inflight_requests_.count(request)); | |
103 FetchState* fetch_state = inflight_requests_.find(request)->second; | |
104 | |
105 if (!status.is_success() || request->GetResponseCode() != net::HTTP_OK) { | |
106 int net_error = net::OK; | |
107 int http_response_code = request->GetResponseCode(); | |
108 | |
109 DVLOG(1) << "Fetching STH from " << request->original_url() | |
110 << " failed. status:" << status.status() | |
111 << " error:" << status.error() | |
112 << " http response code: " << http_response_code; | |
113 if (!status.is_success()) | |
114 net_error = GetNetErrorFromURLRequestStatus(status); | |
115 | |
116 InvokeFailureCallback(request, net_error, http_response_code); | |
117 return; | |
118 } | |
119 | |
120 StartNextRead(request, fetch_state); | |
121 } | |
122 | |
123 void LogProofFetcher::OnReadCompleted(net::URLRequest* request, | |
124 int bytes_read) { | |
125 DCHECK(inflight_requests_.count(request)); | |
126 FetchState* fetch_state = inflight_requests_.find(request)->second; | |
127 | |
128 if (HandleReadResult(request, fetch_state, bytes_read)) | |
129 StartNextRead(request, fetch_state); | |
130 } | |
131 | |
132 bool LogProofFetcher::HandleReadResult(net::URLRequest* request, | |
133 FetchState* fetch_state, | |
134 int bytes_read) { | |
135 // Start by checking for an error condition. | |
136 // If there are errors, invoke the failure callback and clean up the | |
137 // request. | |
138 if (bytes_read == -1 || !request->status().is_success()) { | |
139 net::URLRequestStatus status(request->status()); | |
140 DVLOG(1) << "Read error: " << status.status() << " " << status.error(); | |
141 InvokeFailureCallback(request, GetNetErrorFromURLRequestStatus(status), | |
142 net::OK); | |
143 | |
144 return false; | |
145 } | |
146 | |
147 // Not an error, but no data available, so wait for OnReadCompleted | |
148 // callback. | |
149 if (request->status().is_io_pending()) | |
150 return false; | |
151 | |
152 // Nothing more to read from the stream - finish handling the response. | |
153 if (bytes_read == 0) { | |
154 RequestComplete(request); | |
155 return false; | |
156 } | |
157 | |
158 // We have data, collect it and indicate another read is needed. | |
159 DVLOG(1) << "Have " << bytes_read << " bytes to assemble."; | |
160 DCHECK_GE(bytes_read, 0); | |
161 fetch_state->assembled_response.append(fetch_state->response_buffer->data(), | |
162 bytes_read); | |
163 if (fetch_state->assembled_response.size() > kMaxLogResponseSizeInBytes) { | |
164 // Log response is too big, invoke the failure callback. | |
165 InvokeFailureCallback(request, net::ERR_FILE_TOO_BIG, net::HTTP_OK); | |
166 return false; | |
167 } | |
168 | |
169 return true; | |
170 } | |
171 | |
172 void LogProofFetcher::StartNextRead(net::URLRequest* request, | |
173 FetchState* fetch_state) { | |
174 bool continue_reading = true; | |
175 while (continue_reading) { | |
176 int read_bytes = 0; | |
177 request->Read(fetch_state->response_buffer.get(), | |
178 fetch_state->response_buffer->size(), &read_bytes); | |
179 continue_reading = HandleReadResult(request, fetch_state, read_bytes); | |
180 } | |
181 } | |
182 | |
183 void LogProofFetcher::RequestComplete(net::URLRequest* request) { | |
184 DCHECK(inflight_requests_.count(request)); | |
185 | |
186 FetchState* fetch_state = inflight_requests_.find(request)->second; | |
187 | |
188 // Get rid of the buffer as it really isn't necessary. | |
189 fetch_state->response_buffer = nullptr; | |
190 safe_json::SafeJsonParser::Parse( | |
191 fetch_state->assembled_response, | |
192 base::Bind(&LogProofFetcher::OnSTHJsonParseSuccess, | |
193 weak_factory_.GetWeakPtr(), request), | |
194 base::Bind(&LogProofFetcher::OnSTHJsonParseError, | |
195 weak_factory_.GetWeakPtr(), request)); | |
196 } | |
197 | |
198 void LogProofFetcher::CleanupRequest(net::URLRequest* request) { | |
199 DVLOG(1) << "Cleaning up request to " << request->original_url(); | |
200 auto it = inflight_requests_.find(request); | |
201 DCHECK(it != inflight_requests_.end()); | |
202 auto next_it = it; | |
203 std::advance(next_it, 1); | |
204 | |
205 // Delete FetchState and URLRequest, then the entry from inflight_requests_. | |
206 STLDeleteContainerPairPointers(it, next_it); | |
mmenke
2015/08/04 19:54:29
Any reason not to just do:
STLDeleteContainerPair
Eran Messeri
2015/08/05 13:10:51
Seems like bidirectional stl iterators don't have
mmenke
2015/08/05 15:37:09
You're not, I am - I had thought that there was an
| |
207 inflight_requests_.erase(it); | |
208 } | |
209 | |
210 void LogProofFetcher::InvokeFailureCallback(net::URLRequest* request, | |
211 int net_error, | |
212 int http_response_code) { | |
213 DCHECK(inflight_requests_.count(request)); | |
214 auto it = inflight_requests_.find(request); | |
215 FetchState* fetch_state = it->second; | |
216 | |
217 fetch_state->failed_callback.Run(fetch_state->log_id, net_error, | |
218 http_response_code); | |
219 CleanupRequest(request); | |
220 } | |
221 | |
222 void LogProofFetcher::OnSTHJsonParseSuccess( | |
223 net::URLRequest* request, | |
224 scoped_ptr<base::Value> parsed_json) { | |
225 DCHECK(inflight_requests_.count(request)); | |
226 | |
227 FetchState* fetch_state = inflight_requests_.find(request)->second; | |
228 net::ct::SignedTreeHead signed_tree_head; | |
229 if (net::ct::FillSignedTreeHead(*parsed_json.get(), &signed_tree_head)) { | |
230 fetch_state->fetched_callback.Run(fetch_state->log_id, signed_tree_head); | |
231 } else { | |
232 fetch_state->failed_callback.Run(fetch_state->log_id, | |
233 net::ERR_CT_STH_INCOMPLETE, net::HTTP_OK); | |
234 } | |
235 | |
236 CleanupRequest(request); | |
237 } | |
238 | |
239 void LogProofFetcher::OnSTHJsonParseError(net::URLRequest* request, | |
240 const std::string& error) { | |
241 InvokeFailureCallback(request, net::ERR_CT_STH_PARSING_FAILED, net::HTTP_OK); | |
242 } | |
243 | |
244 } // namespace certificate_transparency | |
OLD | NEW |