| OLD | NEW |
|---|
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef COMPONENTS_CERTIFICATE_TRANSPARENCY_LOG_DNS_CLIENT_H_ | 5 #ifndef COMPONENTS_CERTIFICATE_TRANSPARENCY_LOG_DNS_CLIENT_H_ |
| 6 #define COMPONENTS_CERTIFICATE_TRANSPARENCY_LOG_DNS_CLIENT_H_ | 6 #define COMPONENTS_CERTIFICATE_TRANSPARENCY_LOG_DNS_CLIENT_H_ |
| 7 | 7 |
| 8 #include <stdint.h> | 8 #include <stdint.h> |
| 9 | 9 |
| 10 #include <list> | 10 #include <list> |
| 11 #include <string> | 11 #include <string> |
| 12 | 12 |
| 13 #include "base/callback.h" | 13 #include "base/callback.h" |
| 14 #include "base/macros.h" | 14 #include "base/macros.h" |
| 15 #include "base/strings/string_piece.h" | 15 #include "base/strings/string_piece.h" |
| 16 #include "net/base/network_change_notifier.h" |
| 16 #include "net/log/net_log.h" | 17 #include "net/log/net_log.h" |
| 17 | 18 |
| 18 namespace net { | 19 namespace net { |
| 19 class DnsClient; | 20 class DnsClient; |
| 20 class DnsResponse; | 21 class DnsResponse; |
| 21 class DnsTransaction; | 22 class DnsTransaction; |
| 22 namespace ct { | 23 namespace ct { |
| 23 struct MerkleAuditProof; | 24 struct MerkleAuditProof; |
| 24 } // namespace ct | 25 } // namespace ct |
| 25 } // namespace net | 26 } // namespace net |
| 26 | 27 |
| 27 namespace certificate_transparency { | 28 namespace certificate_transparency { |
| 28 | 29 |
| 29 // Queries Certificate Transparency (CT) log servers via DNS. | 30 // Queries Certificate Transparency (CT) log servers via DNS. |
| 30 // All queries are performed asynchronously. | 31 // All queries are performed asynchronously. |
| 31 // For more information, see | 32 // For more information, see |
| 32 // https://github.com/google/certificate-transparency-rfcs/blob/master/dns/draft
-ct-over-dns.md. | 33 // https://github.com/google/certificate-transparency-rfcs/blob/master/dns/draft
-ct-over-dns.md. |
| 33 class LogDnsClient { | 34 // It must be created and deleted on the same thread. It is not thread-safe. |
| 35 class LogDnsClient : public net::NetworkChangeNotifier::DNSObserver { |
| 34 public: | 36 public: |
| 35 // Invoked when a leaf index query completes. | 37 // Invoked when a leaf index query completes. |
| 36 // If an error occured, |net_error| will be a net::Error code, otherwise it | 38 // If an error occured, |net_error| will be a net::Error code, otherwise it |
| 37 // will be net::OK and |leaf_index| will be the leaf index that was received. | 39 // will be net::OK and |leaf_index| will be the leaf index that was received. |
| 38 using LeafIndexCallback = | 40 using LeafIndexCallback = |
| 39 base::Callback<void(int net_error, uint64_t leaf_index)>; | 41 base::Callback<void(int net_error, uint64_t leaf_index)>; |
| 40 // Invoked when an audit proof query completes. | 42 // Invoked when an audit proof query completes. |
| 41 // If an error occurred, |net_error| will be a net::Error code, otherwise it | 43 // If an error occurred, |net_error| will be a net::Error code, otherwise it |
| 42 // will be net::OK and |proof| will be the audit proof that was received. | 44 // will be net::OK and |proof| will be the audit proof that was received. |
| 43 // The log ID of |proof| will not be set, as that is not known by this class, | 45 // The log ID of |proof| will not be set, as that is not known by this class, |
| 44 // but the leaf index will be set. | 46 // but the leaf index will be set. |
| 45 using AuditProofCallback = | 47 using AuditProofCallback = |
| 46 base::Callback<void(int net_error, | 48 base::Callback<void(int net_error, |
| 47 std::unique_ptr<net::ct::MerkleAuditProof> proof)>; | 49 std::unique_ptr<net::ct::MerkleAuditProof> proof)>; |
| 48 | 50 |
| 49 // Creates a log client that will take ownership of |dns_client| and use it | 51 // Creates a log client that will take ownership of |dns_client| and use it |
| 50 // to perform DNS queries. Queries will be logged to |net_log|. | 52 // to perform DNS queries. Queries will be logged to |net_log|. |
| 53 // The |dns_client| does not need to be configured first - this will be done |
| 54 // automatically as needed. |
| 51 LogDnsClient(std::unique_ptr<net::DnsClient> dns_client, | 55 LogDnsClient(std::unique_ptr<net::DnsClient> dns_client, |
| 52 const net::BoundNetLog& net_log); | 56 const net::BoundNetLog& net_log); |
| 53 virtual ~LogDnsClient(); | 57 // Must be deleted on the same thread that it was created on. |
| 58 ~LogDnsClient() override; |
| 59 |
| 60 // Called by NetworkChangeNotifier when the DNS config changes. |
| 61 // The DnsClient's config will be updated in response. |
| 62 void OnDNSChanged() override; |
| 63 |
| 64 // Called by NetworkChangeNotifier when the DNS config is first read. |
| 65 // The DnsClient's config will be updated in response. |
| 66 void OnInitialDNSConfigRead() override; |
| 54 | 67 |
| 55 // Queries a CT log to discover the index of the leaf with |leaf_hash|. | 68 // Queries a CT log to discover the index of the leaf with |leaf_hash|. |
| 56 // The log is identified by |domain_for_log|, which is the DNS name used as a | 69 // The log is identified by |domain_for_log|, which is the DNS name used as a |
| 57 // suffix for all queries. | 70 // suffix for all queries. |
| 58 // The |leaf_hash| is the SHA-256 hash of a Merkle tree leaf in that log. | 71 // The |leaf_hash| is the SHA-256 hash of a Merkle tree leaf in that log. |
| 59 // The |callback| is invoked when the query is complete, or an error occurs. | 72 // The |callback| is invoked when the query is complete, or an error occurs. |
| 60 void QueryLeafIndex(base::StringPiece domain_for_log, | 73 void QueryLeafIndex(base::StringPiece domain_for_log, |
| 61 base::StringPiece leaf_hash, | 74 base::StringPiece leaf_hash, |
| 62 const LeafIndexCallback& callback); | 75 const LeafIndexCallback& callback); |
| 63 | 76 |
| (...skipping 24 matching lines...) Expand all Loading... |
| 88 const AuditProofCallback& callback); | 101 const AuditProofCallback& callback); |
| 89 | 102 |
| 90 void QueryAuditProofNodesComplete( | 103 void QueryAuditProofNodesComplete( |
| 91 std::unique_ptr<net::ct::MerkleAuditProof> proof, | 104 std::unique_ptr<net::ct::MerkleAuditProof> proof, |
| 92 base::StringPiece domain_for_log, | 105 base::StringPiece domain_for_log, |
| 93 uint64_t tree_size, | 106 uint64_t tree_size, |
| 94 net::DnsTransaction* transaction, | 107 net::DnsTransaction* transaction, |
| 95 int net_error, | 108 int net_error, |
| 96 const net::DnsResponse* response); | 109 const net::DnsResponse* response); |
| 97 | 110 |
| 111 // Updates the |dns_client_| config using NetworkChangeNotifier. |
| 112 void UpdateDnsConfig(); |
| 113 |
| 98 // A DNS query that is in flight. | 114 // A DNS query that is in flight. |
| 99 template <typename CallbackType> | 115 template <typename CallbackType> |
| 100 struct Query { | 116 struct Query { |
| 101 std::unique_ptr<net::DnsTransaction> transaction; | 117 std::unique_ptr<net::DnsTransaction> transaction; |
| 102 CallbackType callback; | 118 CallbackType callback; |
| 103 }; | 119 }; |
| 104 | 120 |
| 105 // Used to perform DNS queries. | 121 // Used to perform DNS queries. |
| 106 std::unique_ptr<net::DnsClient> dns_client_; | 122 std::unique_ptr<net::DnsClient> dns_client_; |
| 107 // Passed to the DNS client for logging. | 123 // Passed to the DNS client for logging. |
| 108 net::BoundNetLog net_log_; | 124 net::BoundNetLog net_log_; |
| 109 // Leaf index queries that haven't completed yet. | 125 // Leaf index queries that haven't completed yet. |
| 110 std::list<Query<LeafIndexCallback>> leaf_index_queries_; | 126 std::list<Query<LeafIndexCallback>> leaf_index_queries_; |
| 111 // Audit proof queries that haven't completed yet. | 127 // Audit proof queries that haven't completed yet. |
| 112 std::list<Query<AuditProofCallback>> audit_proof_queries_; | 128 std::list<Query<AuditProofCallback>> audit_proof_queries_; |
| 113 // Creates weak_ptrs to this, for callback purposes. | 129 // Creates weak_ptrs to this, for callback purposes. |
| 114 base::WeakPtrFactory<LogDnsClient> weak_ptr_factory_; | 130 base::WeakPtrFactory<LogDnsClient> weak_ptr_factory_; |
| 115 | 131 |
| 116 DISALLOW_COPY_AND_ASSIGN(LogDnsClient); | 132 DISALLOW_COPY_AND_ASSIGN(LogDnsClient); |
| 117 }; | 133 }; |
| 118 | 134 |
| 119 } // namespace certificate_transparency | 135 } // namespace certificate_transparency |
| 120 #endif // COMPONENTS_CERTIFICATE_TRANSPARENCY_LOG_DNS_CLIENT_H_ | 136 #endif // COMPONENTS_CERTIFICATE_TRANSPARENCY_LOG_DNS_CLIENT_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2152143003:
Automatically update LogDnsClient's DNS config (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master