OLD | NEW |
---|---|
(Empty) | |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include <vector> | |
6 | |
7 #include "base/files/file_util.h" | |
8 #include "base/memory/ptr_util.h" | |
9 #include "base/path_service.h" | |
10 #include "base/strings/string_util.h" | |
11 #include "chromeos/printing/ppd_cache.h" | |
12 #include "crypto/sha2.h" | |
13 #include "net/base/io_buffer.h" | |
14 #include "net/filter/filter.h" | |
15 #include "net/filter/gzip_header.h" | |
16 | |
17 using base::File; | |
18 using base::FilePath; | |
19 using base::Optional; | |
20 using net::Filter; | |
21 using std::string; | |
22 using std::unique_ptr; | |
23 using std::vector; | |
24 | |
25 namespace chromeos { | |
26 namespace printing { | |
27 namespace { | |
28 | |
29 // Return the ASCII character representing the given nibble, in hex. | |
30 char HexifyNibble(int nibble) { | |
31 DCHECK(nibble >= 0 && nibble <= 0xf); | |
32 if (nibble <= 9) { | |
33 return '0' + nibble; | |
34 } | |
35 return 'a' + (nibble - 10); | |
36 } | |
37 | |
38 // Return a ascii-hex version of the data in data, interpreted as a list of | |
skau
2016/10/14 22:10:16
data in |data|
| |
39 // bytes. Leading zeros are not removed. For example, a 3-byte string | |
40 // containing the bytes {0x0a, 0x3f, 0xff} would be converted to the 6-byte | |
41 // string "0a3fff" | |
42 string Hexify(const string& data) { | |
43 string ret; | |
44 // Each nibble gets a char, so 2 output bytes per input raw byte. | |
45 ret.resize(data.size() * 2); | |
46 int out_idx = 0; | |
47 for (char c : data) { | |
48 ret[out_idx++] = HexifyNibble((c >> 4) & 0xf); | |
49 ret[out_idx++] = HexifyNibble(c & 0xf); | |
50 } | |
51 DCHECK_EQ(static_cast<size_t>(out_idx), ret.size()); | |
52 return ret; | |
53 } | |
54 | |
55 // Return true if it looks like contents is already gzipped, false otherwise. | |
56 bool IsGZipped(const string& contents) { | |
57 const char* ignored; | |
58 net::GZipHeader header; | |
59 return header.ReadMore(contents.data(), contents.size(), &ignored) == | |
60 net::GZipHeader::COMPLETE_HEADER; | |
61 } | |
62 | |
63 class PpdCacheImpl : public PpdCache { | |
64 public: | |
65 explicit PpdCacheImpl(const FilePath& cache_base_dir, | |
66 const PpdCache::Options& options) | |
67 : cache_base_dir_(cache_base_dir) {} | |
68 ~PpdCacheImpl() override {} | |
69 | |
70 // Public API functions. | |
71 Optional<FilePath> Find( | |
72 const Printer::PpdReference& reference) const override { | |
73 Optional<FilePath> ret; | |
74 | |
75 // We can't know here if we have a gzipped or un-gzipped version, so just | |
76 // look for both. | |
77 FilePath contents_path_base = GetCachePathBase(reference); | |
78 for (const string& extension : {".ppd", ".ppd.gz"}) { | |
79 FilePath contents_path = contents_path_base.AddExtension(extension); | |
80 if (base::PathExists(contents_path)) { | |
81 ret = contents_path; | |
82 break; | |
83 } | |
84 } | |
85 return ret; | |
86 } | |
87 | |
88 Optional<FilePath> Store(const Printer::PpdReference& reference, | |
89 const string& ppd_contents) override { | |
90 Optional<FilePath> ret; | |
91 FilePath contents_path; | |
92 contents_path = GetCachePathBase(reference).AddExtension(".ppd"); | |
93 if (IsGZipped(ppd_contents)) { | |
94 contents_path = contents_path.AddExtension(".gz"); | |
95 } | |
96 if (base::WriteFile(contents_path, ppd_contents.data(), | |
97 ppd_contents.size()) == | |
98 static_cast<int>(ppd_contents.size())) { | |
99 ret = contents_path; | |
100 } else { | |
101 LOG(ERROR) << "Failed to write " << contents_path.LossyDisplayName(); | |
102 // Try to clean up the file, as it may have partial contents. Note | |
skau
2016/10/14 22:10:16
leading spaces
| |
103 // that DeleteFile(nonexistant file) should return true, so failure here | |
104 // means something is exceptionally hosed. | |
105 if (!base::DeleteFile(contents_path, false)) { | |
106 LOG(ERROR) << "Failed to cleanup partially-written file " | |
107 << contents_path.LossyDisplayName(); | |
108 return ret; | |
109 } | |
110 } | |
111 return ret; | |
112 } | |
113 | |
114 private: | |
115 // Get the file path at which we expect to find a PPD if it's cached. | |
116 // | |
117 // This is, ultimately, just a hash function. It's extremely infrequently | |
118 // used (called once when trying to look up information on a printer or store | |
119 // a PPD), and should be stable, as changing the function will make previously | |
120 // cached entries unfindable, causing resolve logic to be reinvoked | |
121 // unnecessarily. | |
122 // | |
123 // There's also a faint possibility that a bad actor might try to do something | |
124 // nefarious by intentionally causing a cache collision that makes the wrong | |
125 // PPD be used for a printer. There's no obvious attack vector, but | |
126 // there's also no real cost to being paranoid here, so we use SHA-256 as the | |
127 // underlying hash function, and inject fixed field prefixes to prevent | |
128 // field-substitution spoofing. This also buys us hash function stability at | |
129 // the same time. | |
130 // | |
131 // Also, care should be taken to preserve the existing hash values if new | |
132 // fields are added to PpdReference -- that is, if a new field F is added | |
133 // to PpdReference, a PpdReference with a default F value should hash to | |
134 // the same thing as a PpdReference that predates the addition of F to the | |
135 // structure. | |
136 // | |
137 // Note this function expects that the caller will append ".ppd", or ".ppd.gz" | |
138 // to the output as needed. | |
139 FilePath GetCachePathBase(const Printer::PpdReference& ref) const { | |
skau
2016/10/14 22:10:16
If user_supplied_url and effective_manufacturer is
| |
140 vector<string> pieces; | |
141 if (!ref.user_supplied_ppd_url.empty()) { | |
142 pieces.push_back("user_supplied_ppd_url:"); | |
143 pieces.push_back(ref.user_supplied_ppd_url); | |
144 } | |
145 if (!ref.effective_manufacturer.empty()) { | |
146 pieces.push_back("manufacturer:"); | |
147 pieces.push_back(ref.effective_manufacturer); | |
148 } | |
149 if (!ref.effective_model.empty()) { | |
150 pieces.push_back("model:"); | |
151 pieces.push_back(ref.effective_model); | |
152 } | |
153 // The separator here is not needed, but makes debug output more readable. | |
154 string full_key = base::JoinString(pieces, "|"); | |
155 string ascii_hash = Hexify(crypto::SHA256HashString(full_key)); | |
skau
2016/10/14 22:10:16
Would HexEncode do what you want here? https://cs
| |
156 VLOG(3) << "PPD Cache key is " << full_key << " which hashes to " | |
157 << ascii_hash; | |
158 | |
159 return cache_base_dir_.Append(ascii_hash); | |
160 } | |
161 | |
162 const FilePath cache_base_dir_; | |
163 }; | |
164 | |
165 } // namespace | |
166 | |
167 // static | |
168 unique_ptr<PpdCache> PpdCache::Create(const FilePath& cache_base_dir, | |
169 const PpdCache::Options& options) { | |
170 return ::base::MakeUnique<PpdCacheImpl>(cache_base_dir, options); | |
171 } | |
172 | |
173 } // namespace printing | |
174 } // namespace chromeos | |
OLD | NEW |