Add a killswitch for CSD malware IP match and report feature. Use a new killswitch whitelist URL wh…

chrome/browser/safe_browsing/safe_browsing_database.h

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CHROME_BROWSER_SAFE_BROWSING_SAFE_BROWSING_DATABASE_H_
 #define CHROME_BROWSER_SAFE_BROWSING_SAFE_BROWSING_DATABASE_H_
 
 #include <set>
 #include <vector>
 
@@ skipping 146 matching lines @@
       const std::vector<SBChunkDelete>& chunk_deletes) = 0;
   virtual void UpdateFinished(bool update_succeeded) = 0;
 
   // Store the results of a GetHash response. In the case of empty results, we
   // cache the prefixes until the next update so that we don't have to issue
   // further GetHash requests we know will be empty.
   virtual void CacheHashResults(
       const std::vector<SBPrefix>& prefixes,
       const std::vector<SBFullHashResult>& full_hits) = 0;
 
+uuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
+

[mattm, 2013/05/13 20:39:25]

aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

[kewang, 2013/05/14 08:21:41]

yes, this should be place to declare the virtural GetMalwareKillSwitch().

   // The name of the bloom-filter file for the given database file.
   // NOTE(shess): OBSOLETE.  Present for deleting stale files.
   static base::FilePath BloomFilterForFilename(
       const base::FilePath& db_filename);
 
   // The name of the prefix set file for the given database file.
   static base::FilePath PrefixSetForFilename(const base::FilePath& db_filename);
 
   // Filename for malware and phishing URL database.
   static base::FilePath BrowseDBFilename(
@@ skipping 94 matching lines @@
   virtual bool UpdateStarted(std::vector<SBListChunkRanges>* lists) OVERRIDE;
   virtual void InsertChunks(const std::string& list_name,
                             const SBChunkList& chunks) OVERRIDE;
   virtual void DeleteChunks(
       const std::vector<SBChunkDelete>& chunk_deletes) OVERRIDE;
   virtual void UpdateFinished(bool update_succeeded) OVERRIDE;
   virtual void CacheHashResults(
       const std::vector<SBPrefix>& prefixes,
       const std::vector<SBFullHashResult>& full_hits) OVERRIDE;
 
+  // Returns the value of malware_kill_switch_;
+  virtual bool GetMalwareKillSwitch() const {

[mattm, 2013/05/13 20:39:25]

name the function and the variable more precisely, so that it is not confused
with other SB malware checking

[kewang, 2013/05/14 08:21:41]

Done.

+    return malware_kill_switch_;

[mattm, 2013/05/13 20:39:25]

If you are wrapping the setting of this member with lookup_lock_, it should be
used here too.

[kewang, 2013/05/14 08:21:41]

Done.

[kewang, 2013/05/14 08:21:41]

Done.

+  } OVERRIDE;

[mattm, 2013/05/13 20:39:25]

OVERRIDE goes before the {}.
Wait, this isn't actually an override, was it supposed to be declared up there
at the uuuuuuuuuuuuuu?

+
  private:
   friend class SafeBrowsingDatabaseTest;
   FRIEND_TEST_ALL_PREFIXES(SafeBrowsingDatabaseTest, HashCaching);
 
   // A SafeBrowsing whitelist contains a list of whitelisted full-hashes (stored
   // in a sorted vector) as well as a boolean flag indicating whether all
   // lookups in the whitelist should be considered matches for safety.
   typedef std::pair<std::vector<SBFullHash>, bool> SBWhitelist;
 
   // Returns true if the whitelist is disabled or if any of the given hashes
@@ skipping 51 matching lines @@
                             SafeBrowsingStore* store,
                             SBWhitelist* whitelist);
 
   // Used to verify that various calls are made from the thread the
   // object was created on.
   base::MessageLoop* creation_loop_;
 
   // Lock for protecting access to variables that may be used on the
   // IO thread.  This includes |prefix_set_|, |full_browse_hashes_|,
   // |pending_browse_hashes_|, |prefix_miss_cache_|, |csd_whitelist_|,
-  // and |csd_whitelist_all_urls_|.
+  // and |malware_kill_switch_|.
   base::Lock lookup_lock_;
 
   // Underlying persistent store for chunk data.
   // For browsing related (phishing and malware URLs) chunks and prefixes.
   base::FilePath browse_filename_;
   scoped_ptr<SafeBrowsingStore> browse_store_;
 
   // For download related (download URL and binary hash) chunks and prefixes.
   base::FilePath download_filename_;
   scoped_ptr<SafeBrowsingStore> download_store_;
 
   // For the client-side phishing detection whitelist chunks and full-length
   // hashes.  This list only contains 256 bit hashes.
   base::FilePath csd_whitelist_filename_;
   scoped_ptr<SafeBrowsingStore> csd_whitelist_store_;
 
   // For the download whitelist chunks and full-length hashes.  This list only
   // contains 256 bit hashes.
   base::FilePath download_whitelist_filename_;
   scoped_ptr<SafeBrowsingStore> download_whitelist_store_;
 
   // For extension IDs.
   base::FilePath extension_blacklist_filename_;
   scoped_ptr<SafeBrowsingStore> extension_blacklist_store_;
 
   SBWhitelist csd_whitelist_;
   SBWhitelist download_whitelist_;
   SBWhitelist extension_blacklist_;
+  bool malware_kill_switch_;
 
   // Cached browse store related full-hash items, ordered by prefix for
   // efficient scanning.
   // |full_browse_hashes_| are items from |browse_store_|,
   // |pending_browse_hashes_| are items from |CacheHashResults()|, which
   // will be pushed to the store on the next update.
   std::vector<SBAddFullHash> full_browse_hashes_;
   std::vector<SBAddFullHash> pending_browse_hashes_;
 
   // Cache of prefixes that returned empty results (no full hash
@@ skipping 12 matching lines @@
   // Set to true if any chunks are added or deleted during an update.
   // Used to optimize away database update.
   bool change_detected_;
 
   // Used to check if a prefix was in the database.
   base::FilePath prefix_set_filename_;
   scoped_ptr<safe_browsing::PrefixSet> prefix_set_;
 };
 
 #endif  // CHROME_BROWSER_SAFE_BROWSING_SAFE_BROWSING_DATABASE_H_