Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(715)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/safe_browsing/safe_browsing_database.cc

Issue 14999008: Add a killswitch for CSD malware IP match and report feature. Use a new killswitch whitelist URL wh… (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: fix the bug of 'and' -> && Created 7 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/browser/safe_browsing/safe_browsing_database.h ('k') | chrome/browser/safe_browsing/safe_browsing_database_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/safe_browsing/safe_browsing_database.h" 5 #include "chrome/browser/safe_browsing/safe_browsing_database.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 #include <iterator> 8 #include <iterator>
9 9
10 #include "base/bind.h" 10 #include "base/bind.h"
(...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after
63 // Maximum number of entries we allow in any of the whitelists. 63 // Maximum number of entries we allow in any of the whitelists.
64 // If a whitelist on disk contains more entries then all lookups to 64 // If a whitelist on disk contains more entries then all lookups to
65 // the whitelist will be considered a match. 65 // the whitelist will be considered a match.
66 const size_t kMaxWhitelistSize = 5000; 66 const size_t kMaxWhitelistSize = 5000;
67 67
68 // If the hash of this exact expression is on a whitelist then all 68 // If the hash of this exact expression is on a whitelist then all
69 // lookups to this whitelist will be considered a match. 69 // lookups to this whitelist will be considered a match.
70 const char kWhitelistKillSwitchUrl[] = 70 const char kWhitelistKillSwitchUrl[] =
71 "sb-ssl.google.com/safebrowsing/csd/killswitch"; // Don't change this! 71 "sb-ssl.google.com/safebrowsing/csd/killswitch"; // Don't change this!
72 72
73 // If the hash of this exact expression is on a whitelist then the
74 // malware IP blacklisting feature will be disabled in csd.
75 // Don't change this!
76 const char kMalwareIPKillSwitchUrl[] =
77 "sb-ssl.google.com/safebrowsing/csd/killswitch_malware";
78
73 // To save space, the incoming |chunk_id| and |list_id| are combined 79 // To save space, the incoming |chunk_id| and |list_id| are combined
74 // into an |encoded_chunk_id| for storage by shifting the |list_id| 80 // into an |encoded_chunk_id| for storage by shifting the |list_id|
75 // into the low-order bits. These functions decode that information. 81 // into the low-order bits. These functions decode that information.
76 // TODO(lzheng): It was reasonable when database is saved in sqlite, but 82 // TODO(lzheng): It was reasonable when database is saved in sqlite, but
77 // there should be better ways to save chunk_id and list_id after we use 83 // there should be better ways to save chunk_id and list_id after we use
78 // SafeBrowsingStoreFile. 84 // SafeBrowsingStoreFile.
79 int GetListIdBit(const int encoded_chunk_id) { 85 int GetListIdBit(const int encoded_chunk_id) {
80 return encoded_chunk_id & 1; 86 return encoded_chunk_id & 1;
81 } 87 }
82 int DecodeChunkId(int encoded_chunk_id) { 88 int DecodeChunkId(int encoded_chunk_id) {
(...skipping 1518 matching lines...) Expand 10 before | Expand all | Expand 10 after
1601 if (std::binary_search(new_whitelist.begin(), new_whitelist.end(), 1607 if (std::binary_search(new_whitelist.begin(), new_whitelist.end(),
1602 kill_switch)) { 1608 kill_switch)) {
1603 // The kill switch is whitelisted hence we whitelist all URLs. 1609 // The kill switch is whitelisted hence we whitelist all URLs.
1604 WhitelistEverything(whitelist); 1610 WhitelistEverything(whitelist);
1605 } else { 1611 } else {
1606 base::AutoLock locked(lookup_lock_); 1612 base::AutoLock locked(lookup_lock_);
1607 whitelist->second = false; 1613 whitelist->second = false;
1608 whitelist->first.swap(new_whitelist); 1614 whitelist->first.swap(new_whitelist);
1609 } 1615 }
1610 } 1616 }
1617
1618 bool SafeBrowsingDatabaseNew::MalwareIPMatchKillSwitchOn() {
1619 SBFullHash malware_kill_switch;
1620 crypto::SHA256HashString(kMalwareIPKillSwitchUrl, &malware_kill_switch,
1621 sizeof(malware_kill_switch));
1622 std::vector<SBFullHash> full_hashes;
1623 full_hashes.push_back(malware_kill_switch);
1624 return ContainsWhitelistedHashes(csd_whitelist_, full_hashes);
1625 };
OLDNEW
« no previous file with comments | « chrome/browser/safe_browsing/safe_browsing_database.h ('k') | chrome/browser/safe_browsing/safe_browsing_database_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698