| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/extensions/install_verifier.h" | 5 #include "chrome/browser/extensions/install_verifier.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 105 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 116 // the "MAX" item below should always be the last element. | 116 // the "MAX" item below should always be the last element. |
| 117 | 117 |
| 118 INIT_RESULT_MAX | 118 INIT_RESULT_MAX |
| 119 }; | 119 }; |
| 120 | 120 |
| 121 void LogInitResultHistogram(InitResult result) { | 121 void LogInitResultHistogram(InitResult result) { |
| 122 UMA_HISTOGRAM_ENUMERATION("ExtensionInstallVerifier.InitResult", | 122 UMA_HISTOGRAM_ENUMERATION("ExtensionInstallVerifier.InitResult", |
| 123 result, INIT_RESULT_MAX); | 123 result, INIT_RESULT_MAX); |
| 124 } | 124 } |
| 125 | 125 |
| 126 bool FromStore(const Extension& extension) { |
| 127 bool updates_from_store = ManifestURL::UpdatesFromGallery(&extension); |
| 128 return extension.from_webstore() || updates_from_store; |
| 129 } |
| 130 |
| 131 bool CanUseExtensionApis(const Extension& extension) { |
| 132 return extension.is_extension() || extension.is_legacy_packaged_app(); |
| 133 } |
| 134 |
| 126 } // namespace | 135 } // namespace |
| 127 | 136 |
| 137 // static |
| 138 bool InstallVerifier::NeedsVerification(const Extension& extension) { |
| 139 return FromStore(extension) && CanUseExtensionApis(extension); |
| 140 } |
| 141 |
| 128 void InstallVerifier::Init() { | 142 void InstallVerifier::Init() { |
| 129 const base::DictionaryValue* pref = prefs_->GetInstallSignature(); | 143 const base::DictionaryValue* pref = prefs_->GetInstallSignature(); |
| 130 if (pref) { | 144 if (pref) { |
| 131 scoped_ptr<InstallSignature> signature_from_prefs = | 145 scoped_ptr<InstallSignature> signature_from_prefs = |
| 132 InstallSignature::FromValue(*pref); | 146 InstallSignature::FromValue(*pref); |
| 133 if (!signature_from_prefs.get()) { | 147 if (!signature_from_prefs.get()) { |
| 134 LogInitResultHistogram(INIT_UNPARSEABLE_PREF); | 148 LogInitResultHistogram(INIT_UNPARSEABLE_PREF); |
| 135 } else if (!InstallSigner::VerifySignature(*signature_from_prefs.get())) { | 149 } else if (!InstallSigner::VerifySignature(*signature_from_prefs.get())) { |
| 136 LogInitResultHistogram(INIT_INVALID_SIGNATURE); | 150 LogInitResultHistogram(INIT_INVALID_SIGNATURE); |
| 137 DVLOG(1) << "Init - ignoring invalid signature"; | 151 DVLOG(1) << "Init - ignoring invalid signature"; |
| (...skipping 83 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 221 | 235 |
| 222 operation_queue_.push(linked_ptr<PendingOperation>(operation)); | 236 operation_queue_.push(linked_ptr<PendingOperation>(operation)); |
| 223 if (operation_queue_.size() == 1) | 237 if (operation_queue_.size() == 1) |
| 224 BeginFetch(); | 238 BeginFetch(); |
| 225 } | 239 } |
| 226 | 240 |
| 227 std::string InstallVerifier::GetDebugPolicyProviderName() const { | 241 std::string InstallVerifier::GetDebugPolicyProviderName() const { |
| 228 return std::string("InstallVerifier"); | 242 return std::string("InstallVerifier"); |
| 229 } | 243 } |
| 230 | 244 |
| 231 static bool FromStore(const Extension* extension) { | |
| 232 bool updates_from_store = ManifestURL::UpdatesFromGallery(extension); | |
| 233 return extension->from_webstore() || updates_from_store; | |
| 234 } | |
| 235 | |
| 236 namespace { | 245 namespace { |
| 237 | 246 |
| 238 enum MustRemainDisabledOutcome { | 247 enum MustRemainDisabledOutcome { |
| 239 VERIFIED = 0, | 248 VERIFIED = 0, |
| 240 NOT_EXTENSION, | 249 NOT_EXTENSION, |
| 241 UNPACKED, | 250 UNPACKED, |
| 242 ENTERPRISE_POLICY_ALLOWED, | 251 ENTERPRISE_POLICY_ALLOWED, |
| 243 FORCED_NOT_VERIFIED, | 252 FORCED_NOT_VERIFIED, |
| 244 NOT_FROM_STORE, | 253 NOT_FROM_STORE, |
| 245 NO_SIGNATURE, | 254 NO_SIGNATURE, |
| 246 NOT_VERIFIED_BUT_NOT_ENFORCING, | 255 NOT_VERIFIED_BUT_NOT_ENFORCING, |
| 247 NOT_VERIFIED, | 256 NOT_VERIFIED, |
| 248 | 257 |
| 249 // This is used in histograms - do not remove or reorder entries above! Also | 258 // This is used in histograms - do not remove or reorder entries above! Also |
| 250 // the "MAX" item below should always be the last element. | 259 // the "MAX" item below should always be the last element. |
| 251 | 260 |
| 252 MUST_REMAIN_DISABLED_OUTCOME_MAX | 261 MUST_REMAIN_DISABLED_OUTCOME_MAX |
| 253 }; | 262 }; |
| 254 | 263 |
| 255 void MustRemainDisabledHistogram(MustRemainDisabledOutcome outcome) { | 264 void MustRemainDisabledHistogram(MustRemainDisabledOutcome outcome) { |
| 256 UMA_HISTOGRAM_ENUMERATION("ExtensionInstallVerifier.MustRemainDisabled", | 265 UMA_HISTOGRAM_ENUMERATION("ExtensionInstallVerifier.MustRemainDisabled", |
| 257 outcome, MUST_REMAIN_DISABLED_OUTCOME_MAX); | 266 outcome, MUST_REMAIN_DISABLED_OUTCOME_MAX); |
| 258 } | 267 } |
| 259 | 268 |
| 260 } // namespace | 269 } // namespace |
| 261 | 270 |
| 262 bool InstallVerifier::MustRemainDisabled(const Extension* extension, | 271 bool InstallVerifier::MustRemainDisabled(const Extension* extension, |
| 263 Extension::DisableReason* reason, | 272 Extension::DisableReason* reason, |
| 264 base::string16* error) const { | 273 base::string16* error) const { |
| 265 if (!extension->is_extension()) { | 274 CHECK(extension); |
| 275 if (!CanUseExtensionApis(*extension)) { |
| 266 MustRemainDisabledHistogram(NOT_EXTENSION); | 276 MustRemainDisabledHistogram(NOT_EXTENSION); |
| 267 return false; | 277 return false; |
| 268 } | 278 } |
| 269 if (Manifest::IsUnpackedLocation(extension->location())) { | 279 if (Manifest::IsUnpackedLocation(extension->location())) { |
| 270 MustRemainDisabledHistogram(UNPACKED); | 280 MustRemainDisabledHistogram(UNPACKED); |
| 271 return false; | 281 return false; |
| 272 } | 282 } |
| 273 if (AllowedByEnterprisePolicy(extension->id())) { | 283 if (AllowedByEnterprisePolicy(extension->id())) { |
| 274 MustRemainDisabledHistogram(ENTERPRISE_POLICY_ALLOWED); | 284 MustRemainDisabledHistogram(ENTERPRISE_POLICY_ALLOWED); |
| 275 return false; | 285 return false; |
| 276 } | 286 } |
| 277 | 287 |
| 278 bool verified = true; | 288 bool verified = true; |
| 279 MustRemainDisabledOutcome outcome = VERIFIED; | 289 MustRemainDisabledOutcome outcome = VERIFIED; |
| 280 if (ContainsKey(InstallSigner::GetForcedNotFromWebstore(), extension->id())) { | 290 if (ContainsKey(InstallSigner::GetForcedNotFromWebstore(), extension->id())) { |
| 281 verified = false; | 291 verified = false; |
| 282 outcome = FORCED_NOT_VERIFIED; | 292 outcome = FORCED_NOT_VERIFIED; |
| 283 } else if (!FromStore(extension)) { | 293 } else if (!FromStore(*extension)) { |
| 284 verified = false; | 294 verified = false; |
| 285 outcome = NOT_FROM_STORE; | 295 outcome = NOT_FROM_STORE; |
| 286 } else if (signature_.get() == NULL) { | 296 } else if (signature_.get() == NULL) { |
| 287 // If we don't have a signature yet, we'll temporarily consider every | 297 // If we don't have a signature yet, we'll temporarily consider every |
| 288 // extension from the webstore verified to avoid false positives on existing | 298 // extension from the webstore verified to avoid false positives on existing |
| 289 // profiles hitting this code for the first time, and rely on consumers of | 299 // profiles hitting this code for the first time, and rely on consumers of |
| 290 // this class to check NeedsBootstrap() and schedule a first check so we can | 300 // this class to check NeedsBootstrap() and schedule a first check so we can |
| 291 // get a signature. | 301 // get a signature. |
| 292 outcome = NO_SIGNATURE; | 302 outcome = NO_SIGNATURE; |
| 293 } else if (!IsVerified(extension->id())) { | 303 } else if (!IsVerified(extension->id())) { |
| (...skipping 171 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 465 if (!operation->callback.is_null()) | 475 if (!operation->callback.is_null()) |
| 466 operation->callback.Run(success); | 476 operation->callback.Run(success); |
| 467 } | 477 } |
| 468 | 478 |
| 469 if (!operation_queue_.empty()) | 479 if (!operation_queue_.empty()) |
| 470 BeginFetch(); | 480 BeginFetch(); |
| 471 } | 481 } |
| 472 | 482 |
| 473 | 483 |
| 474 } // namespace extensions | 484 } // namespace extensions |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 133273016:
Fix extension install verification for v1 packaged apps (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src