OLD | NEW |
---|---|
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "components/certificate_transparency/log_proof_fetcher.h" | 5 #include "components/certificate_transparency/log_proof_fetcher.h" |
6 | 6 |
7 #include <iterator> | 7 #include <iterator> |
8 | 8 |
9 #include "base/callback_helpers.h" | |
10 #include "base/format_macros.h" | |
9 #include "base/logging.h" | 11 #include "base/logging.h" |
10 #include "base/memory/ref_counted.h" | 12 #include "base/memory/ref_counted.h" |
13 #include "base/numerics/safe_conversions.h" | |
11 #include "base/stl_util.h" | 14 #include "base/stl_util.h" |
15 #include "base/strings/stringprintf.h" | |
12 #include "base/values.h" | 16 #include "base/values.h" |
13 #include "components/safe_json/safe_json_parser.h" | 17 #include "components/safe_json/safe_json_parser.h" |
14 #include "net/base/io_buffer.h" | 18 #include "net/base/io_buffer.h" |
15 #include "net/base/load_flags.h" | 19 #include "net/base/load_flags.h" |
16 #include "net/base/net_errors.h" | 20 #include "net/base/net_errors.h" |
17 #include "net/base/request_priority.h" | 21 #include "net/base/request_priority.h" |
18 #include "net/cert/ct_log_response_parser.h" | 22 #include "net/cert/ct_log_response_parser.h" |
19 #include "net/cert/signed_tree_head.h" | 23 #include "net/cert/signed_tree_head.h" |
20 #include "net/http/http_status_code.h" | 24 #include "net/http/http_status_code.h" |
25 #include "net/url_request/url_request.h" | |
21 #include "net/url_request/url_request_context.h" | 26 #include "net/url_request/url_request_context.h" |
22 #include "url/gurl.h" | 27 #include "url/gurl.h" |
23 | 28 |
24 namespace certificate_transparency { | 29 namespace certificate_transparency { |
25 | 30 |
26 namespace { | 31 namespace { |
27 | 32 |
28 // Shamelessly copied from domain_reliability/util.cc | 33 // Shamelessly copied from domain_reliability/util.cc |
29 int GetNetErrorFromURLRequestStatus(const net::URLRequestStatus& status) { | 34 int GetNetErrorFromURLRequestStatus(const net::URLRequestStatus& status) { |
30 switch (status.status()) { | 35 if (status.is_success()) |
31 case net::URLRequestStatus::SUCCESS: | 36 return net::OK; |
32 return net::OK; | 37 |
33 case net::URLRequestStatus::CANCELED: | 38 return status.error(); |
34 return net::ERR_ABORTED; | |
35 case net::URLRequestStatus::FAILED: | |
36 return status.error(); | |
37 default: | |
38 NOTREACHED(); | |
39 return net::ERR_FAILED; | |
40 } | |
41 } | 39 } |
42 | 40 |
43 } // namespace | 41 } // namespace |
44 | 42 |
45 struct LogProofFetcher::FetchState { | 43 // Class for issuing a particular request from a CT log and assembling the |
46 FetchState(const std::string& log_id, | 44 // response. |
47 const SignedTreeHeadFetchedCallback& fetched_callback, | 45 // Creates the URLRequest instance for fetching the URL from the log |
48 const FetchFailedCallback& failed_callback); | 46 // (supplied as |request_url| in the c'tor) and implements the |
49 ~FetchState(); | 47 // URLRequest::Delegate interface for assembling the response. |
50 | 48 class LogProofFetcher::LogFetcher : public net::URLRequest::Delegate { |
51 std::string log_id; | 49 public: |
52 SignedTreeHeadFetchedCallback fetched_callback; | 50 using FailureCallback = base::Callback<void(int, int)>; |
53 FetchFailedCallback failed_callback; | 51 |
54 scoped_refptr<net::IOBufferWithSize> response_buffer; | 52 LogFetcher(net::URLRequestContext* request_context, |
55 std::string assembled_response; | 53 const GURL& request_url, |
54 const base::Closure& success_callback, | |
55 const FailureCallback& failure_callback); | |
56 ~LogFetcher() override {} | |
57 | |
58 // net::URLRequest::Delegate | |
59 void OnResponseStarted(net::URLRequest* request) override; | |
60 void OnReadCompleted(net::URLRequest* request, int bytes_read) override; | |
61 | |
62 const std::string& assembled_response() const { return assembled_response_; } | |
63 | |
64 private: | |
65 // Handles the final result of a URLRequest::Read call on the request. | |
66 // Returns true if another read should be started, false if the read | |
67 // failed completely or we have to wait for OnResponseStarted to | |
68 // be called. | |
69 bool HandleReadResult(int bytes_read); | |
70 | |
71 // Calls URLRequest::Read on |request| repeatedly, until HandleReadResult | |
72 // indicates it should no longer be called. Usually this would be when there | |
73 // is pending IO that requires waiting for OnResponseStarted to be called. | |
74 void StartNextReadLoop(); | |
75 | |
76 // Invokes the success callback. After this method is called, the LogFetcher | |
77 // is deleted and no longer safe to call. | |
78 void RequestComplete(); | |
79 | |
80 // Invokes the failure callback with the supplied error information. | |
81 // After this method the LogFetcher is deleted and no longer safe to call. | |
82 void InvokeFailureCallback(int net_error, int http_response_code); | |
83 | |
84 scoped_ptr<net::URLRequest> url_request_; | |
85 const GURL request_url_; | |
86 base::Closure success_callback_; | |
87 FailureCallback failure_callback_; | |
88 scoped_refptr<net::IOBufferWithSize> response_buffer_; | |
89 std::string assembled_response_; | |
90 | |
91 DISALLOW_COPY_AND_ASSIGN(LogFetcher); | |
56 }; | 92 }; |
57 | 93 |
58 LogProofFetcher::FetchState::FetchState( | 94 LogProofFetcher::LogFetcher::LogFetcher(net::URLRequestContext* request_context, |
95 const GURL& request_url, | |
96 const base::Closure& success_callback, | |
97 const FailureCallback& failure_callback) | |
98 : request_url_(request_url), | |
99 success_callback_(success_callback), | |
100 failure_callback_(failure_callback) { | |
101 DCHECK(request_url_.SchemeIsHTTPOrHTTPS()); | |
102 url_request_ = | |
103 request_context->CreateRequest(request_url_, net::DEFAULT_PRIORITY, this); | |
104 // This request should not send any cookies or otherwise identifying data, | |
105 // as CT logs are expected to be publicly-accessible and connections to them | |
106 // stateless. | |
107 url_request_->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES | | |
108 net::LOAD_DO_NOT_SAVE_COOKIES | | |
109 net::LOAD_DO_NOT_SEND_AUTH_DATA); | |
110 | |
111 url_request_->Start(); | |
112 } | |
113 | |
114 void LogProofFetcher::LogFetcher::OnResponseStarted(net::URLRequest* request) { | |
115 DCHECK_EQ(url_request_.get(), request); | |
116 int net_error = GetNetErrorFromURLRequestStatus(request->status()); | |
Ryan Sleevi
2016/01/23 00:34:23
if status.is_success() is false, will status.error
Eran Messeri
2016/01/25 17:07:38
Done - implemented two separate checks as you sugg
| |
117 | |
118 if (net_error != net::OK || request->GetResponseCode() != net::HTTP_OK) { | |
119 int http_response_code = request->GetResponseCode(); | |
120 | |
121 InvokeFailureCallback(net_error, http_response_code); | |
122 return; | |
123 } | |
124 | |
125 // Lazily initialize |response_buffer_| to avoid consuming memory until an | |
126 // actual response has been received. | |
127 if (!response_buffer_) | |
Ryan Sleevi
2016/01/23 00:34:23
braces
Eran Messeri
2016/01/25 17:07:38
Done.
| |
128 response_buffer_ = | |
129 new net::IOBufferWithSize(LogProofFetcher::kMaxLogResponseSizeInBytes); | |
130 | |
131 StartNextReadLoop(); | |
132 } | |
133 | |
134 void LogProofFetcher::LogFetcher::OnReadCompleted(net::URLRequest* request, | |
135 int bytes_read) { | |
136 DCHECK_EQ(url_request_.get(), request); | |
137 | |
138 if (HandleReadResult(bytes_read)) | |
139 StartNextReadLoop(); | |
140 } | |
141 | |
142 bool LogProofFetcher::LogFetcher::HandleReadResult(int bytes_read) { | |
143 // Start by checking for an error condition. | |
144 // If there are errors, invoke the failure callback and clean up the | |
145 // request. | |
146 if (bytes_read < 0 || !url_request_->status().is_success()) { | |
Ryan Sleevi
2016/01/23 00:34:23
This order of conditions, while likely irrelevant
Eran Messeri
2016/01/25 17:07:37
Swapped ordering.
| |
147 InvokeFailureCallback( | |
148 GetNetErrorFromURLRequestStatus(url_request_->status()), net::OK); | |
Ryan Sleevi
2016/01/23 00:34:23
This is the other case where GetNetError() resulte
Eran Messeri
2016/01/25 17:07:38
Fair point. I've checked (in this if clause) if re
| |
149 | |
150 return false; | |
151 } | |
152 | |
153 // Not an error, but no data available, so wait for OnReadCompleted | |
154 // callback. | |
155 if (url_request_->status().is_io_pending()) | |
156 return false; | |
157 | |
158 // Nothing more to read from the stream - finish handling the response. | |
159 if (bytes_read == 0) { | |
160 RequestComplete(); | |
161 return false; | |
162 } | |
163 | |
164 // We have data, collect it and indicate another read is needed. | |
165 DCHECK_GE(bytes_read, 0); | |
166 // |bytes_read| is non-negative at this point, casting to size_t should be | |
167 // safe. | |
168 if (base::checked_cast<size_t>(bytes_read) > | |
169 LogProofFetcher::kMaxLogResponseSizeInBytes || | |
170 LogProofFetcher::kMaxLogResponseSizeInBytes < | |
171 (assembled_response_.size() + bytes_read)) { | |
172 // Log response is too big, invoke the failure callback. | |
173 InvokeFailureCallback(net::ERR_FILE_TOO_BIG, net::HTTP_OK); | |
174 return false; | |
175 } | |
176 | |
177 assembled_response_.append(response_buffer_->data(), bytes_read); | |
178 return true; | |
179 } | |
180 | |
181 void LogProofFetcher::LogFetcher::StartNextReadLoop() { | |
182 bool continue_reading = true; | |
183 while (continue_reading) { | |
184 int read_bytes = 0; | |
185 url_request_->Read(response_buffer_.get(), response_buffer_->size(), | |
186 &read_bytes); | |
187 continue_reading = HandleReadResult(read_bytes); | |
188 } | |
189 } | |
190 | |
191 void LogProofFetcher::LogFetcher::RequestComplete() { | |
192 // Get rid of the buffer as it really isn't necessary. | |
193 response_buffer_ = nullptr; | |
194 base::ResetAndReturn(&success_callback_).Run(); | |
195 // NOTE: |this| not valid after invoking the callback as the LogFetcher | |
196 // instance will be delected by the callback. | |
Ryan Sleevi
2016/01/23 00:34:23
typo: deleted
grammar: |this| is not valid
grammar
Eran Messeri
2016/01/25 17:07:38
Done.
| |
197 } | |
198 | |
199 void LogProofFetcher::LogFetcher::InvokeFailureCallback( | |
200 int net_error, | |
201 int http_response_code) { | |
202 base::ResetAndReturn(&failure_callback_).Run(net_error, http_response_code); | |
203 // NOTE: |this| not valid after this callback as the LogFetcher instance | |
Ryan Sleevi
2016/01/23 00:34:22
grammar: |this| is not valid
grammar: s/callback a
Eran Messeri
2016/01/25 17:07:38
Done.
| |
204 // invoking the callback will be deleted by the callback. | |
205 } | |
206 | |
207 // Interface for handling the response from a CT log for particular | |
208 // requests. | |
Ryan Sleevi
2016/01/23 00:34:23
grammar: Is the plurality agreement correct? Isn't
Eran Messeri
2016/01/25 17:07:38
Good point, fixed to be explicitly singular.
| |
209 // All log responses are JSON and should be parsed; however the response | |
210 // to each request should be parsed and validated diffenetly. | |
Ryan Sleevi
2016/01/23 00:34:23
typo: differently.
Eran Messeri
2016/01/25 17:07:37
Done.
| |
211 // | |
212 // LogProofFetcher instances are owned by the LogProofFetcher and are | |
Ryan Sleevi
2016/01/23 00:34:22
This comment seems confusingly worded.
Is this a
Eran Messeri
2016/01/25 17:07:37
(1) Yes, there's a typo.
(2) I've changed the docu
| |
213 // deleted by the |done_callback| when it is invoked. | |
214 class LogProofFetcher::LogResponseHandler { | |
215 public: | |
216 using DoneCallback = base::Callback<void(LogProofFetcher::LogResponseHandler*, | |
217 const base::Closure&)>; | |
Ryan Sleevi
2016/01/23 00:34:23
DESIGN: While this is a .cc file, and so I'm not g
Eran Messeri
2016/01/25 17:07:38
I've dropped the LogResponseHandler* from the Done
| |
218 | |
219 // |log_id| will be passed to the callback to indicate which log | |
220 // this failure pretains to. | |
Ryan Sleevi
2016/01/23 00:34:23
Which callback? failure_callback?
Eran Messeri
2016/01/25 17:07:37
Done.
| |
221 // All requests could fail so the |failure_callback| is shared to all | |
222 // request types. | |
Ryan Sleevi
2016/01/23 00:34:23
I have trouble parsing this, such that I'm not sur
Eran Messeri
2016/01/25 17:07:38
This was meant to be a documentation of a design d
| |
223 LogResponseHandler( | |
224 const std::string& log_id, | |
225 const LogProofFetcher::FetchFailedCallback& failure_callback); | |
226 virtual ~LogResponseHandler(); | |
227 | |
228 // Starts the actual fetching from the URL, storing |done_callback| for | |
229 // invocation when fetching and parsing of the request finished. | |
Ryan Sleevi
2016/01/23 00:34:23
It sounds like it's safe to delete this object in
Eran Messeri
2016/01/25 17:07:37
Done.
| |
230 void StartFetch(net::URLRequestContext* request_context, | |
231 const GURL& request_url, | |
232 const DoneCallback& done_callback); | |
233 | |
234 // Handle successful fetch by the LogFetcher (by parsing the JSON and | |
235 // handing the parsed JSON to HandleParsedJson, which is request-specific). | |
236 void HandleFetchCompletion(); | |
237 | |
238 // Handle network failure to complete the request to the log, by invoking | |
239 // the |done_callback_|. | |
240 virtual void HandleNetFailure(int net_error, int http_response_code); | |
241 | |
242 protected: | |
243 // Handle successful parsing of JSON by invoking HandleParsedJson, then | |
244 // invoking the |done_callback_| with the returned Closure. | |
245 void OnJsonParseSuccess(scoped_ptr<base::Value> parsed_json); | |
246 // Handle failure to parse the JSON by invoking HandleJsonParseFailure, then | |
Ryan Sleevi
2016/01/23 00:34:23
newline between 245 and 246
Eran Messeri
2016/01/25 17:07:37
Done.
| |
247 // invoking the |done_callback_| with the returned Closure. | |
248 void OnJsonParseError(const std::string& error); | |
249 | |
250 // Handle respones JSON that parsed successfully, usually by | |
251 // returning the success callback bound to parsed values as a Closure. | |
252 virtual base::Closure HandleParsedJson(const base::Value& parsed_json) = 0; | |
253 | |
254 // Handle failure to parse response JSON, usually by returning the failure | |
255 // callback bound to a request-specific net error code. | |
256 virtual base::Closure HandleJsonParseFailure( | |
257 const std::string& json_error) = 0; | |
258 | |
259 const std::string log_id_; | |
260 LogProofFetcher::FetchFailedCallback failure_callback_; | |
261 scoped_ptr<LogFetcher> fetcher_; | |
262 DoneCallback done_callback_; | |
263 | |
264 base::WeakPtrFactory<LogProofFetcher::LogResponseHandler> weak_factory_; | |
265 }; | |
266 | |
267 LogProofFetcher::LogResponseHandler::LogResponseHandler( | |
59 const std::string& log_id, | 268 const std::string& log_id, |
60 const SignedTreeHeadFetchedCallback& fetched_callback, | 269 const LogProofFetcher::FetchFailedCallback& failure_callback) |
61 const FetchFailedCallback& failed_callback) | 270 : log_id_(log_id), |
62 : log_id(log_id), | 271 failure_callback_(failure_callback), |
63 fetched_callback(fetched_callback), | 272 fetcher_(nullptr), |
64 failed_callback(failed_callback), | 273 weak_factory_(this) { |
65 response_buffer(new net::IOBufferWithSize(kMaxLogResponseSizeInBytes)) {} | 274 DCHECK(!failure_callback_.is_null()); |
66 | 275 } |
67 LogProofFetcher::FetchState::~FetchState() {} | 276 |
277 LogProofFetcher::LogResponseHandler::~LogResponseHandler() {} | |
278 | |
279 void LogProofFetcher::LogResponseHandler::StartFetch( | |
280 net::URLRequestContext* request_context, | |
281 const GURL& request_url, | |
282 const DoneCallback& done_callback) { | |
283 base::Closure success_callback = | |
284 base::Bind(&LogProofFetcher::LogResponseHandler::HandleFetchCompletion, | |
285 weak_factory_.GetWeakPtr()); | |
286 LogFetcher::FailureCallback failure_callback = | |
Ryan Sleevi
2016/01/23 00:34:22
I'm not used to see temporaries here like this. Th
Eran Messeri
2016/01/25 17:07:38
Done.
| |
287 base::Bind(&LogProofFetcher::LogResponseHandler::HandleNetFailure, | |
288 weak_factory_.GetWeakPtr()); | |
289 | |
290 done_callback_ = done_callback; | |
291 fetcher_.reset(new LogFetcher(request_context, request_url, success_callback, | |
292 failure_callback)); | |
293 } | |
294 | |
295 void LogProofFetcher::LogResponseHandler::HandleFetchCompletion() { | |
296 safe_json::SafeJsonParser::Parse( | |
297 fetcher_->assembled_response(), | |
298 base::Bind(&LogProofFetcher::LogResponseHandler::OnJsonParseSuccess, | |
299 weak_factory_.GetWeakPtr()), | |
300 base::Bind(&LogProofFetcher::LogResponseHandler::OnJsonParseError, | |
301 weak_factory_.GetWeakPtr())); | |
302 | |
303 // the assembled_response string is copied into the SafeJsonParser so it | |
Ryan Sleevi
2016/01/23 00:34:23
grammar: s/the/The/
Eran Messeri
2016/01/25 17:07:38
Done.
| |
304 // is safe to get rid of the object that owns it. | |
305 fetcher_.reset(); | |
306 } | |
307 | |
308 void LogProofFetcher::LogResponseHandler::HandleNetFailure( | |
309 int net_error, | |
310 int http_response_code) { | |
311 fetcher_.reset(); | |
312 LogProofFetcher::FetchFailedCallback failure_callback = | |
313 base::ResetAndReturn(&failure_callback_); | |
314 | |
315 base::Closure bound_failure = | |
316 base::Bind(failure_callback, log_id_, net_error, http_response_code); | |
Ryan Sleevi
2016/01/23 00:34:23
same remark re: temporaries as arguments (bound_fa
Eran Messeri
2016/01/25 17:07:38
Done.
| |
317 base::ResetAndReturn(&done_callback_).Run(this, bound_failure); | |
318 // NOTE: |this| is not valid after the |done_callback_| was invoked. | |
Ryan Sleevi
2016/01/23 00:34:22
grammar: tense agreement (is vs was)
|this| is no
Eran Messeri
2016/01/25 17:07:38
Done.
| |
319 } | |
320 | |
321 void LogProofFetcher::LogResponseHandler::OnJsonParseSuccess( | |
322 scoped_ptr<base::Value> parsed_json) { | |
323 base::Closure bound_success_callback = HandleParsedJson(*parsed_json); | |
Ryan Sleevi
2016/01/23 00:34:23
same remark re: temporary
Eran Messeri
2016/01/25 17:07:37
Done.
| |
324 base::ResetAndReturn(&done_callback_).Run(this, bound_success_callback); | |
325 // NOTE: |this| is not valid after the |done_callback_| was invoked. | |
Ryan Sleevi
2016/01/23 00:34:23
same nit
Eran Messeri
2016/01/25 17:07:37
Done.
| |
326 } | |
327 | |
328 void LogProofFetcher::LogResponseHandler::OnJsonParseError( | |
329 const std::string& error) { | |
330 base::Closure bound_failure_callback = HandleJsonParseFailure(error); | |
331 base::ResetAndReturn(&done_callback_).Run(this, bound_failure_callback); | |
332 // NOTE: |this| is not valid after the |done_callback_| was invoked. | |
Ryan Sleevi
2016/01/23 00:34:23
Same remarks to both
Eran Messeri
2016/01/25 17:07:38
Done.
| |
333 } | |
334 | |
335 class LogProofFetcher::GetSTHLogResponseHandler | |
336 : public LogProofFetcher::LogResponseHandler { | |
337 public: | |
338 GetSTHLogResponseHandler( | |
339 const std::string& log_id, | |
340 const LogProofFetcher::SignedTreeHeadFetchedCallback& sth_fetch_callback, | |
341 const LogProofFetcher::FetchFailedCallback& failure_callback) | |
342 : LogResponseHandler(log_id, failure_callback), | |
343 sth_fetched_(sth_fetch_callback) {} | |
344 | |
345 // Fill a net::ct::SignedTreeHead instance from the parsed JSON and, if | |
346 // successful, invoke the success callback with this STH. | |
Ryan Sleevi
2016/01/23 00:34:23
I originally had a grammar nit about "this STH" vs
Eran Messeri
2016/01/25 17:07:38
Done.
| |
347 // Otherwise, invoke the failure callback. | |
348 base::Closure HandleParsedJson(const base::Value& parsed_json) override { | |
349 net::ct::SignedTreeHead signed_tree_head; | |
350 if (!net::ct::FillSignedTreeHead(parsed_json, &signed_tree_head)) { | |
351 LogProofFetcher::FetchFailedCallback failure_callback = | |
352 base::ResetAndReturn(&failure_callback_); | |
Ryan Sleevi
2016/01/23 00:34:22
Unnecessary temporaries (similarly throughout)
Eran Messeri
2016/01/25 17:07:37
Done throughout.
| |
353 return base::Bind(failure_callback, log_id_, net::ERR_CT_STH_INCOMPLETE, | |
354 net::HTTP_OK); | |
355 } | |
356 | |
357 LogProofFetcher::SignedTreeHeadFetchedCallback sth_fetched = | |
358 base::ResetAndReturn(&sth_fetched_); | |
359 return base::Bind(sth_fetched, log_id_, signed_tree_head); | |
360 } | |
361 | |
362 // Invoke the error callback indicating that STH parsing failed. | |
363 base::Closure HandleJsonParseFailure(const std::string& json_error) override { | |
364 LogProofFetcher::FetchFailedCallback failure_callback = | |
365 base::ResetAndReturn(&failure_callback_); | |
366 return base::Bind(failure_callback, log_id_, net::ERR_CT_STH_PARSING_FAILED, | |
367 net::HTTP_OK); | |
368 } | |
369 | |
370 private: | |
371 LogProofFetcher::SignedTreeHeadFetchedCallback sth_fetched_; | |
372 }; | |
373 | |
374 class LogProofFetcher::GetConsistencyProofLogResponseHandler | |
375 : public LogProofFetcher::LogResponseHandler { | |
376 public: | |
377 GetConsistencyProofLogResponseHandler( | |
378 const std::string& log_id, | |
379 const LogProofFetcher::ConsistencyProofFetchedCallback& | |
380 proof_fetch_callback, | |
381 const LogProofFetcher::FetchFailedCallback& failure_callback) | |
382 : LogResponseHandler(log_id, failure_callback), | |
383 proof_fetched_(proof_fetch_callback) {} | |
384 | |
385 // Fill a vector of strings with nodes from the received consistency proof | |
386 // and, if successful, invoke the success callback with this vector. | |
387 // Otherwise, invoke the failure callback indicating proof parsing has failed. | |
Ryan Sleevi
2016/01/23 00:34:23
Similar comment-level remarks.
Eran Messeri
2016/01/25 17:07:38
Done.
| |
388 base::Closure HandleParsedJson(const base::Value& parsed_json) override { | |
389 std::vector<std::string> consistency_proof; | |
390 if (!net::ct::FillConsistencyProof(parsed_json, &consistency_proof)) { | |
391 LogProofFetcher::FetchFailedCallback failure_callback = | |
392 base::ResetAndReturn(&failure_callback_); | |
393 return base::Bind(failure_callback, log_id_, | |
394 net::ERR_CT_CONSISTENCY_PROOF_PARSING_FAILED, | |
395 net::HTTP_OK); | |
396 } | |
397 | |
398 LogProofFetcher::ConsistencyProofFetchedCallback fetched_callback = | |
399 base::ResetAndReturn(&proof_fetched_); | |
400 return base::Bind(fetched_callback, log_id_, consistency_proof); | |
401 } | |
402 | |
403 // Invoke the error callback indicating proof fetching failed. | |
404 base::Closure HandleJsonParseFailure(const std::string& json_error) override { | |
405 LogProofFetcher::FetchFailedCallback failure_callback = | |
406 base::ResetAndReturn(&failure_callback_); | |
407 return base::Bind(failure_callback, log_id_, | |
408 net::ERR_CT_CONSISTENCY_PROOF_PARSING_FAILED, | |
409 net::HTTP_OK); | |
410 } | |
411 | |
412 private: | |
413 LogProofFetcher::ConsistencyProofFetchedCallback proof_fetched_; | |
414 }; | |
68 | 415 |
69 LogProofFetcher::LogProofFetcher(net::URLRequestContext* request_context) | 416 LogProofFetcher::LogProofFetcher(net::URLRequestContext* request_context) |
70 : request_context_(request_context), weak_factory_(this) { | 417 : request_context_(request_context), weak_factory_(this) { |
71 DCHECK(request_context); | 418 DCHECK(request_context); |
72 } | 419 } |
73 | 420 |
74 LogProofFetcher::~LogProofFetcher() { | 421 LogProofFetcher::~LogProofFetcher() { |
75 STLDeleteContainerPairPointers(inflight_requests_.begin(), | 422 STLDeleteContainerPointers(inflight_fetches_.begin(), |
76 inflight_requests_.end()); | 423 inflight_fetches_.end()); |
77 } | 424 } |
78 | 425 |
79 void LogProofFetcher::FetchSignedTreeHead( | 426 void LogProofFetcher::FetchSignedTreeHead( |
80 const GURL& base_log_url, | 427 const GURL& base_log_url, |
81 const std::string& log_id, | 428 const std::string& log_id, |
82 const SignedTreeHeadFetchedCallback& fetched_callback, | 429 const SignedTreeHeadFetchedCallback& fetched_callback, |
83 const FetchFailedCallback& failed_callback) { | 430 const FetchFailedCallback& failed_callback) { |
84 DCHECK(base_log_url.SchemeIsHTTPOrHTTPS()); | 431 GURL request_url = base_log_url.Resolve("ct/v1/get-sth"); |
85 GURL fetch_url(base_log_url.Resolve("ct/v1/get-sth")); | 432 StartFetch(request_url, new GetSTHLogResponseHandler(log_id, fetched_callback, |
86 scoped_ptr<net::URLRequest> request = | 433 failed_callback)); |
87 request_context_->CreateRequest(fetch_url, net::DEFAULT_PRIORITY, this); | 434 } |
88 request->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES | | 435 |
89 net::LOAD_DO_NOT_SAVE_COOKIES | | 436 void LogProofFetcher::FetchConsistencyProof( |
90 net::LOAD_DO_NOT_SEND_AUTH_DATA); | 437 const GURL& base_log_url, |
91 | 438 const std::string& log_id, |
92 FetchState* fetch_state = | 439 uint64_t old_tree_size, |
93 new FetchState(log_id, fetched_callback, failed_callback); | 440 uint64_t new_tree_size, |
94 request->Start(); | 441 const ConsistencyProofFetchedCallback& fetched_callback, |
95 inflight_requests_.insert(std::make_pair(request.release(), fetch_state)); | 442 const FetchFailedCallback& failed_callback) { |
96 } | 443 GURL request_url = base_log_url.Resolve(base::StringPrintf( |
97 | 444 "ct/v1/get-sth-consistency?first=%" PRIu64 "&second=%" PRIu64, |
98 void LogProofFetcher::OnResponseStarted(net::URLRequest* request) { | 445 old_tree_size, new_tree_size)); |
99 net::URLRequestStatus status(request->status()); | 446 StartFetch(request_url, new GetConsistencyProofLogResponseHandler( |
100 DCHECK(inflight_requests_.count(request)); | 447 log_id, fetched_callback, failed_callback)); |
101 FetchState* fetch_state = inflight_requests_.find(request)->second; | 448 } |
102 | 449 |
103 if (!status.is_success() || request->GetResponseCode() != net::HTTP_OK) { | 450 void LogProofFetcher::StartFetch(const GURL& request_url, |
104 int net_error = net::OK; | 451 LogResponseHandler* log_request) { |
105 int http_response_code = request->GetResponseCode(); | 452 LogResponseHandler::DoneCallback done_callback = |
106 | 453 base::Bind(&LogProofFetcher::OnFetchDone, weak_factory_.GetWeakPtr()); |
107 DVLOG(1) << "Fetching STH from " << request->original_url() | 454 |
108 << " failed. status:" << status.status() | 455 log_request->StartFetch(request_context_, request_url, done_callback); |
109 << " error:" << status.error() | 456 inflight_fetches_.insert(log_request); |
110 << " http response code: " << http_response_code; | 457 } |
111 if (!status.is_success()) | 458 |
112 net_error = GetNetErrorFromURLRequestStatus(status); | 459 void LogProofFetcher::OnFetchDone(LogResponseHandler* log_handler, |
113 | 460 const base::Closure& requestor_callback) { |
114 InvokeFailureCallback(request, net_error, http_response_code); | 461 auto it = inflight_fetches_.find(log_handler); |
115 return; | 462 DCHECK(it != inflight_fetches_.end()); |
116 } | 463 |
117 | 464 delete *it; |
118 StartNextRead(request, fetch_state); | 465 inflight_fetches_.erase(it); |
119 } | 466 requestor_callback.Run(); |
120 | |
121 void LogProofFetcher::OnReadCompleted(net::URLRequest* request, | |
122 int bytes_read) { | |
123 DCHECK(inflight_requests_.count(request)); | |
124 FetchState* fetch_state = inflight_requests_.find(request)->second; | |
125 | |
126 if (HandleReadResult(request, fetch_state, bytes_read)) | |
127 StartNextRead(request, fetch_state); | |
128 } | |
129 | |
130 bool LogProofFetcher::HandleReadResult(net::URLRequest* request, | |
131 FetchState* fetch_state, | |
132 int bytes_read) { | |
133 // Start by checking for an error condition. | |
134 // If there are errors, invoke the failure callback and clean up the | |
135 // request. | |
136 if (bytes_read == -1 || !request->status().is_success()) { | |
137 net::URLRequestStatus status(request->status()); | |
138 DVLOG(1) << "Read error: " << status.status() << " " << status.error(); | |
139 InvokeFailureCallback(request, GetNetErrorFromURLRequestStatus(status), | |
140 net::OK); | |
141 | |
142 return false; | |
143 } | |
144 | |
145 // Not an error, but no data available, so wait for OnReadCompleted | |
146 // callback. | |
147 if (request->status().is_io_pending()) | |
148 return false; | |
149 | |
150 // Nothing more to read from the stream - finish handling the response. | |
151 if (bytes_read == 0) { | |
152 RequestComplete(request); | |
153 return false; | |
154 } | |
155 | |
156 // We have data, collect it and indicate another read is needed. | |
157 DVLOG(1) << "Have " << bytes_read << " bytes to assemble."; | |
158 DCHECK_GE(bytes_read, 0); | |
159 fetch_state->assembled_response.append(fetch_state->response_buffer->data(), | |
160 bytes_read); | |
161 if (fetch_state->assembled_response.size() > kMaxLogResponseSizeInBytes) { | |
162 // Log response is too big, invoke the failure callback. | |
163 InvokeFailureCallback(request, net::ERR_FILE_TOO_BIG, net::HTTP_OK); | |
164 return false; | |
165 } | |
166 | |
167 return true; | |
168 } | |
169 | |
170 void LogProofFetcher::StartNextRead(net::URLRequest* request, | |
171 FetchState* fetch_state) { | |
172 bool continue_reading = true; | |
173 while (continue_reading) { | |
174 int read_bytes = 0; | |
175 request->Read(fetch_state->response_buffer.get(), | |
176 fetch_state->response_buffer->size(), &read_bytes); | |
177 continue_reading = HandleReadResult(request, fetch_state, read_bytes); | |
178 } | |
179 } | |
180 | |
181 void LogProofFetcher::RequestComplete(net::URLRequest* request) { | |
182 DCHECK(inflight_requests_.count(request)); | |
183 | |
184 FetchState* fetch_state = inflight_requests_.find(request)->second; | |
185 | |
186 // Get rid of the buffer as it really isn't necessary. | |
187 fetch_state->response_buffer = nullptr; | |
188 safe_json::SafeJsonParser::Parse( | |
189 fetch_state->assembled_response, | |
190 base::Bind(&LogProofFetcher::OnSTHJsonParseSuccess, | |
191 weak_factory_.GetWeakPtr(), request), | |
192 base::Bind(&LogProofFetcher::OnSTHJsonParseError, | |
193 weak_factory_.GetWeakPtr(), request)); | |
194 } | |
195 | |
196 void LogProofFetcher::CleanupRequest(net::URLRequest* request) { | |
197 DVLOG(1) << "Cleaning up request to " << request->original_url(); | |
198 auto it = inflight_requests_.find(request); | |
199 DCHECK(it != inflight_requests_.end()); | |
200 auto next_it = it; | |
201 std::advance(next_it, 1); | |
202 | |
203 // Delete FetchState and URLRequest, then the entry from inflight_requests_. | |
204 STLDeleteContainerPairPointers(it, next_it); | |
205 inflight_requests_.erase(it); | |
206 } | |
207 | |
208 void LogProofFetcher::InvokeFailureCallback(net::URLRequest* request, | |
209 int net_error, | |
210 int http_response_code) { | |
211 DCHECK(inflight_requests_.count(request)); | |
212 auto it = inflight_requests_.find(request); | |
213 FetchState* fetch_state = it->second; | |
214 | |
215 fetch_state->failed_callback.Run(fetch_state->log_id, net_error, | |
216 http_response_code); | |
217 CleanupRequest(request); | |
218 } | |
219 | |
220 void LogProofFetcher::OnSTHJsonParseSuccess( | |
221 net::URLRequest* request, | |
222 scoped_ptr<base::Value> parsed_json) { | |
223 DCHECK(inflight_requests_.count(request)); | |
224 | |
225 FetchState* fetch_state = inflight_requests_.find(request)->second; | |
226 net::ct::SignedTreeHead signed_tree_head; | |
227 if (net::ct::FillSignedTreeHead(*parsed_json.get(), &signed_tree_head)) { | |
228 fetch_state->fetched_callback.Run(fetch_state->log_id, signed_tree_head); | |
229 } else { | |
230 fetch_state->failed_callback.Run(fetch_state->log_id, | |
231 net::ERR_CT_STH_INCOMPLETE, net::HTTP_OK); | |
232 } | |
233 | |
234 CleanupRequest(request); | |
235 } | |
236 | |
237 void LogProofFetcher::OnSTHJsonParseError(net::URLRequest* request, | |
238 const std::string& error) { | |
239 InvokeFailureCallback(request, net::ERR_CT_STH_PARSING_FAILED, net::HTTP_OK); | |
240 } | 467 } |
241 | 468 |
242 } // namespace certificate_transparency | 469 } // namespace certificate_transparency |
OLD | NEW |