OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/extensions/install_verifier.h" | 5 #include "chrome/browser/extensions/install_verifier.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <string> | 8 #include <string> |
9 #include <utility> | 9 #include <utility> |
10 | 10 |
(...skipping 253 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
264 } | 264 } |
265 | 265 |
266 base::Time InstallVerifier::SignatureTimestamp() { | 266 base::Time InstallVerifier::SignatureTimestamp() { |
267 if (signature_.get()) | 267 if (signature_.get()) |
268 return signature_->timestamp; | 268 return signature_->timestamp; |
269 else | 269 else |
270 return base::Time(); | 270 return base::Time(); |
271 } | 271 } |
272 | 272 |
273 bool InstallVerifier::IsKnownId(const std::string& id) const { | 273 bool InstallVerifier::IsKnownId(const std::string& id) const { |
274 return signature_.get() && (ContainsKey(signature_->ids, id) || | 274 return signature_.get() && (base::ContainsKey(signature_->ids, id) || |
275 ContainsKey(signature_->invalid_ids, id)); | 275 base::ContainsKey(signature_->invalid_ids, id)); |
276 } | 276 } |
277 | 277 |
278 bool InstallVerifier::IsInvalid(const std::string& id) const { | 278 bool InstallVerifier::IsInvalid(const std::string& id) const { |
279 return ((signature_.get() && ContainsKey(signature_->invalid_ids, id))); | 279 return ((signature_.get() && base::ContainsKey(signature_->invalid_ids, id))); |
280 } | 280 } |
281 | 281 |
282 void InstallVerifier::VerifyExtension(const std::string& extension_id) { | 282 void InstallVerifier::VerifyExtension(const std::string& extension_id) { |
283 ExtensionIdSet ids; | 283 ExtensionIdSet ids; |
284 ids.insert(extension_id); | 284 ids.insert(extension_id); |
285 AddMany(ids, ADD_SINGLE); | 285 AddMany(ids, ADD_SINGLE); |
286 } | 286 } |
287 | 287 |
288 void InstallVerifier::AddMany(const ExtensionIdSet& ids, OperationType type) { | 288 void InstallVerifier::AddMany(const ExtensionIdSet& ids, OperationType type) { |
289 if (!ShouldFetchSignature()) { | 289 if (!ShouldFetchSignature()) { |
(...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
321 ids.insert(id); | 321 ids.insert(id); |
322 RemoveMany(ids); | 322 RemoveMany(ids); |
323 } | 323 } |
324 | 324 |
325 void InstallVerifier::RemoveMany(const ExtensionIdSet& ids) { | 325 void InstallVerifier::RemoveMany(const ExtensionIdSet& ids) { |
326 if (!signature_.get() || !ShouldFetchSignature()) | 326 if (!signature_.get() || !ShouldFetchSignature()) |
327 return; | 327 return; |
328 | 328 |
329 bool found_any = false; | 329 bool found_any = false; |
330 for (ExtensionIdSet::const_iterator i = ids.begin(); i != ids.end(); ++i) { | 330 for (ExtensionIdSet::const_iterator i = ids.begin(); i != ids.end(); ++i) { |
331 if (ContainsKey(signature_->ids, *i) || | 331 if (base::ContainsKey(signature_->ids, *i) || |
332 ContainsKey(signature_->invalid_ids, *i)) { | 332 base::ContainsKey(signature_->invalid_ids, *i)) { |
333 found_any = true; | 333 found_any = true; |
334 break; | 334 break; |
335 } | 335 } |
336 } | 336 } |
337 if (!found_any) | 337 if (!found_any) |
338 return; | 338 return; |
339 | 339 |
340 InstallVerifier::PendingOperation* operation = | 340 InstallVerifier::PendingOperation* operation = |
341 new InstallVerifier::PendingOperation(InstallVerifier::REMOVE); | 341 new InstallVerifier::PendingOperation(InstallVerifier::REMOVE); |
342 operation->ids = ids; | 342 operation->ids = ids; |
(...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
399 MustRemainDisabledHistogram(COMPONENT); | 399 MustRemainDisabledHistogram(COMPONENT); |
400 return false; | 400 return false; |
401 } | 401 } |
402 if (AllowedByEnterprisePolicy(extension->id())) { | 402 if (AllowedByEnterprisePolicy(extension->id())) { |
403 MustRemainDisabledHistogram(ENTERPRISE_POLICY_ALLOWED); | 403 MustRemainDisabledHistogram(ENTERPRISE_POLICY_ALLOWED); |
404 return false; | 404 return false; |
405 } | 405 } |
406 | 406 |
407 bool verified = true; | 407 bool verified = true; |
408 MustRemainDisabledOutcome outcome = VERIFIED; | 408 MustRemainDisabledOutcome outcome = VERIFIED; |
409 if (ContainsKey(InstallSigner::GetForcedNotFromWebstore(), extension->id())) { | 409 if (base::ContainsKey(InstallSigner::GetForcedNotFromWebstore(), |
| 410 extension->id())) { |
410 verified = false; | 411 verified = false; |
411 outcome = FORCED_NOT_VERIFIED; | 412 outcome = FORCED_NOT_VERIFIED; |
412 } else if (!IsFromStore(*extension)) { | 413 } else if (!IsFromStore(*extension)) { |
413 verified = false; | 414 verified = false; |
414 outcome = NOT_FROM_STORE; | 415 outcome = NOT_FROM_STORE; |
415 } else if (signature_.get() == NULL && | 416 } else if (signature_.get() == NULL && |
416 (!bootstrap_check_complete_ || GetStatus() < ENFORCE_STRICT)) { | 417 (!bootstrap_check_complete_ || GetStatus() < ENFORCE_STRICT)) { |
417 // If we don't have a signature yet, we'll temporarily consider every | 418 // If we don't have a signature yet, we'll temporarily consider every |
418 // extension from the webstore verified to avoid false positives on existing | 419 // extension from the webstore verified to avoid false positives on existing |
419 // profiles hitting this code for the first time. The InstallVerifier | 420 // profiles hitting this code for the first time. The InstallVerifier |
420 // will bootstrap itself once the ExtensionsSystem is ready. | 421 // will bootstrap itself once the ExtensionsSystem is ready. |
421 outcome = NO_SIGNATURE; | 422 outcome = NO_SIGNATURE; |
422 } else if (!IsVerified(extension->id())) { | 423 } else if (!IsVerified(extension->id())) { |
423 if (signature_.get() && | 424 if (signature_.get() && |
424 !ContainsKey(signature_->invalid_ids, extension->id())) { | 425 !base::ContainsKey(signature_->invalid_ids, extension->id())) { |
425 outcome = NOT_VERIFIED_BUT_UNKNOWN_ID; | 426 outcome = NOT_VERIFIED_BUT_UNKNOWN_ID; |
426 } else { | 427 } else { |
427 verified = false; | 428 verified = false; |
428 outcome = NOT_VERIFIED; | 429 outcome = NOT_VERIFIED; |
429 } | 430 } |
430 } | 431 } |
431 if (!verified && !ShouldEnforce()) { | 432 if (!verified && !ShouldEnforce()) { |
432 verified = true; | 433 verified = true; |
433 outcome = NOT_VERIFIED_BUT_NOT_ENFORCING; | 434 outcome = NOT_VERIFIED_BUT_NOT_ENFORCING; |
434 } | 435 } |
(...skipping 106 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
541 ExtensionIdSet::iterator found = leftovers.find(*i); | 542 ExtensionIdSet::iterator found = leftovers.find(*i); |
542 if (found != leftovers.end()) | 543 if (found != leftovers.end()) |
543 leftovers.erase(found); | 544 leftovers.erase(found); |
544 } | 545 } |
545 if (!leftovers.empty()) { | 546 if (!leftovers.empty()) { |
546 RemoveMany(leftovers); | 547 RemoveMany(leftovers); |
547 } | 548 } |
548 } | 549 } |
549 | 550 |
550 bool InstallVerifier::IsVerified(const std::string& id) const { | 551 bool InstallVerifier::IsVerified(const std::string& id) const { |
551 return ((signature_.get() && ContainsKey(signature_->ids, id)) || | 552 return ((signature_.get() && base::ContainsKey(signature_->ids, id)) || |
552 ContainsKey(provisional_, id)); | 553 base::ContainsKey(provisional_, id)); |
553 } | 554 } |
554 | 555 |
555 void InstallVerifier::BeginFetch() { | 556 void InstallVerifier::BeginFetch() { |
556 DCHECK(ShouldFetchSignature()); | 557 DCHECK(ShouldFetchSignature()); |
557 | 558 |
558 // TODO(asargent) - It would be possible to coalesce all operations in the | 559 // TODO(asargent) - It would be possible to coalesce all operations in the |
559 // queue into one fetch - we'd probably just need to change the queue to | 560 // queue into one fetch - we'd probably just need to change the queue to |
560 // hold (set of ids, list of operation type) pairs. | 561 // hold (set of ids, list of operation type) pairs. |
561 CHECK(!operation_queue_.empty()); | 562 CHECK(!operation_queue_.empty()); |
562 const PendingOperation& operation = *operation_queue_.front(); | 563 const PendingOperation& operation = *operation_queue_.front(); |
563 | 564 |
564 ExtensionIdSet ids_to_sign; | 565 ExtensionIdSet ids_to_sign; |
565 if (signature_.get()) { | 566 if (signature_.get()) { |
566 ids_to_sign.insert(signature_->ids.begin(), signature_->ids.end()); | 567 ids_to_sign.insert(signature_->ids.begin(), signature_->ids.end()); |
567 } | 568 } |
568 if (operation.type == InstallVerifier::REMOVE) { | 569 if (operation.type == InstallVerifier::REMOVE) { |
569 for (ExtensionIdSet::const_iterator i = operation.ids.begin(); | 570 for (ExtensionIdSet::const_iterator i = operation.ids.begin(); |
570 i != operation.ids.end(); ++i) { | 571 i != operation.ids.end(); ++i) { |
571 if (ContainsKey(ids_to_sign, *i)) | 572 if (base::ContainsKey(ids_to_sign, *i)) |
572 ids_to_sign.erase(*i); | 573 ids_to_sign.erase(*i); |
573 } | 574 } |
574 } else { // All other operation types are some form of "ADD". | 575 } else { // All other operation types are some form of "ADD". |
575 ids_to_sign.insert(operation.ids.begin(), operation.ids.end()); | 576 ids_to_sign.insert(operation.ids.begin(), operation.ids.end()); |
576 } | 577 } |
577 | 578 |
578 signer_.reset(new InstallSigner( | 579 signer_.reset(new InstallSigner( |
579 content::BrowserContext::GetDefaultStoragePartition(context_)-> | 580 content::BrowserContext::GetDefaultStoragePartition(context_)-> |
580 GetURLRequestContext(), | 581 GetURLRequestContext(), |
581 ids_to_sign)); | 582 ids_to_sign)); |
(...skipping 88 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
670 ScopedInstallVerifierBypassForTest::~ScopedInstallVerifierBypassForTest() { | 671 ScopedInstallVerifierBypassForTest::~ScopedInstallVerifierBypassForTest() { |
671 g_bypass_for_test = old_value_; | 672 g_bypass_for_test = old_value_; |
672 } | 673 } |
673 | 674 |
674 // static | 675 // static |
675 bool ScopedInstallVerifierBypassForTest::ShouldBypass() { | 676 bool ScopedInstallVerifierBypassForTest::ShouldBypass() { |
676 return g_bypass_for_test; | 677 return g_bypass_for_test; |
677 } | 678 } |
678 | 679 |
679 } // namespace extensions | 680 } // namespace extensions |
OLD | NEW |