OLD | NEW |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "components/certificate_transparency/single_tree_tracker.h" | 5 #include "components/certificate_transparency/single_tree_tracker.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <iterator> | 8 #include <iterator> |
9 #include <list> | 9 #include <list> |
10 #include <utility> | 10 #include <utility> |
(...skipping 200 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
211 // tree size in the proof). | 211 // tree size in the proof). |
212 // To avoid having to re-fetch the inclusion proof if a newer STH is provided | 212 // To avoid having to re-fetch the inclusion proof if a newer STH is provided |
213 // to the SingleTreeTracker, the size of the original tree for which the | 213 // to the SingleTreeTracker, the size of the original tree for which the |
214 // inclusion proof was requested is stored in |proof| and the root hash | 214 // inclusion proof was requested is stored in |proof| and the root hash |
215 // in |root_hash|. | 215 // in |root_hash|. |
216 std::string root_hash; | 216 std::string root_hash; |
217 | 217 |
218 explicit EntryAuditState(AuditState state) : state(state) {} | 218 explicit EntryAuditState(AuditState state) : state(state) {} |
219 }; | 219 }; |
220 | 220 |
| 221 class SingleTreeTracker::NetworkObserver |
| 222 : public net::NetworkChangeNotifier::NetworkChangeObserver { |
| 223 public: |
| 224 explicit NetworkObserver(SingleTreeTracker* parent) : parent_(parent) { |
| 225 net::NetworkChangeNotifier::AddNetworkChangeObserver(this); |
| 226 } |
| 227 |
| 228 ~NetworkObserver() override { |
| 229 net::NetworkChangeNotifier::RemoveNetworkChangeObserver(this); |
| 230 } |
| 231 |
| 232 // net::NetworkChangeNotifier::NetworkChangeObserver implementation. |
| 233 void OnNetworkChanged( |
| 234 net::NetworkChangeNotifier::ConnectionType type) override { |
| 235 parent_->ResetPendingQueue(); |
| 236 } |
| 237 |
| 238 private: |
| 239 SingleTreeTracker* parent_; |
| 240 }; |
| 241 |
221 // Orders entries by the SCT timestamp. In case of tie, which is very unlikely | 242 // Orders entries by the SCT timestamp. In case of tie, which is very unlikely |
222 // as it requires two SCTs issued from a log at exactly the same time, order | 243 // as it requires two SCTs issued from a log at exactly the same time, order |
223 // by leaf hash. | 244 // by leaf hash. |
224 bool SingleTreeTracker::OrderByTimestamp::operator()( | 245 bool SingleTreeTracker::OrderByTimestamp::operator()( |
225 const EntryToAudit& lhs, | 246 const EntryToAudit& lhs, |
226 const EntryToAudit& rhs) const { | 247 const EntryToAudit& rhs) const { |
227 if (lhs.sct_timestamp != rhs.sct_timestamp) | 248 if (lhs.sct_timestamp != rhs.sct_timestamp) |
228 return lhs.sct_timestamp < rhs.sct_timestamp; | 249 return lhs.sct_timestamp < rhs.sct_timestamp; |
229 | 250 |
230 return net::SHA256HashValueLessThan()(lhs.leaf_hash, rhs.leaf_hash); | 251 return net::SHA256HashValueLessThan()(lhs.leaf_hash, rhs.leaf_hash); |
231 } | 252 } |
232 | 253 |
233 SingleTreeTracker::SingleTreeTracker( | 254 SingleTreeTracker::SingleTreeTracker( |
234 scoped_refptr<const net::CTLogVerifier> ct_log, | 255 scoped_refptr<const net::CTLogVerifier> ct_log, |
235 LogDnsClient* dns_client, | 256 LogDnsClient* dns_client, |
236 net::NetLog* net_log) | 257 net::NetLog* net_log) |
237 : ct_log_(std::move(ct_log)), | 258 : ct_log_(std::move(ct_log)), |
238 checked_entries_(kCheckedEntriesCacheSize), | 259 checked_entries_(kCheckedEntriesCacheSize), |
239 dns_client_(dns_client), | 260 dns_client_(dns_client), |
240 net_log_(net::NetLogWithSource::Make( | 261 net_log_(net::NetLogWithSource::Make( |
241 net_log, | 262 net_log, |
242 net::NetLogSourceType::CT_TREE_STATE_TRACKER)), | 263 net::NetLogSourceType::CT_TREE_STATE_TRACKER)), |
| 264 network_observer_(new NetworkObserver(this)), |
243 weak_factory_(this) { | 265 weak_factory_(this) { |
244 memory_pressure_listener_.reset(new base::MemoryPressureListener(base::Bind( | 266 memory_pressure_listener_.reset(new base::MemoryPressureListener(base::Bind( |
245 &SingleTreeTracker::OnMemoryPressure, base::Unretained(this)))); | 267 &SingleTreeTracker::OnMemoryPressure, base::Unretained(this)))); |
246 } | 268 } |
247 | 269 |
248 SingleTreeTracker::~SingleTreeTracker() {} | 270 SingleTreeTracker::~SingleTreeTracker() = default; |
249 | 271 |
250 void SingleTreeTracker::OnSCTVerified(net::X509Certificate* cert, | 272 void SingleTreeTracker::OnSCTVerified(net::X509Certificate* cert, |
251 const SignedCertificateTimestamp* sct) { | 273 const SignedCertificateTimestamp* sct) { |
252 DCHECK_EQ(ct_log_->key_id(), sct->log_id); | 274 DCHECK_EQ(ct_log_->key_id(), sct->log_id); |
253 | 275 |
254 EntryToAudit entry(sct->timestamp); | 276 EntryToAudit entry(sct->timestamp); |
255 if (!GetLogEntryLeafHash(cert, sct, &entry.leaf_hash)) | 277 if (!GetLogEntryLeafHash(cert, sct, &entry.leaf_hash)) |
256 return; | 278 return; |
257 | 279 |
258 // Avoid queueing multiple instances of the same entry. | 280 // Avoid queueing multiple instances of the same entry. |
(...skipping 82 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
341 DCHECK_EQ(curr_entry->second.state, PENDING_NEWER_STH); | 363 DCHECK_EQ(curr_entry->second.state, PENDING_NEWER_STH); |
342 curr_entry->second.state = PENDING_INCLUSION_PROOF_REQUEST; | 364 curr_entry->second.state = PENDING_INCLUSION_PROOF_REQUEST; |
343 } | 365 } |
344 | 366 |
345 if (auditable_entries_begin == auditable_entries_end) | 367 if (auditable_entries_begin == auditable_entries_end) |
346 return; | 368 return; |
347 | 369 |
348 ProcessPendingEntries(); | 370 ProcessPendingEntries(); |
349 } | 371 } |
350 | 372 |
| 373 void SingleTreeTracker::ResetPendingQueue() { |
| 374 pending_entries_.clear(); |
| 375 } |
| 376 |
351 SingleTreeTracker::SCTInclusionStatus | 377 SingleTreeTracker::SCTInclusionStatus |
352 SingleTreeTracker::GetLogEntryInclusionStatus( | 378 SingleTreeTracker::GetLogEntryInclusionStatus( |
353 net::X509Certificate* cert, | 379 net::X509Certificate* cert, |
354 const SignedCertificateTimestamp* sct) { | 380 const SignedCertificateTimestamp* sct) { |
355 EntryToAudit entry(sct->timestamp); | 381 EntryToAudit entry(sct->timestamp); |
356 if (!GetLogEntryLeafHash(cert, sct, &entry.leaf_hash)) | 382 if (!GetLogEntryLeafHash(cert, sct, &entry.leaf_hash)) |
357 return SCT_NOT_OBSERVED; | 383 return SCT_NOT_OBSERVED; |
358 return GetAuditedEntryInclusionStatus(entry); | 384 return GetAuditedEntryInclusionStatus(entry); |
359 } | 385 } |
360 | 386 |
(...skipping 123 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
484 bool success) { | 510 bool success) { |
485 net::NetLogParametersCallback net_log_callback = | 511 net::NetLogParametersCallback net_log_callback = |
486 base::Bind(&NetLogEntryAuditingEventCallback, &entry.leaf_hash, | 512 base::Bind(&NetLogEntryAuditingEventCallback, &entry.leaf_hash, |
487 ct_log_->key_id(), success); | 513 ct_log_->key_id(), success); |
488 | 514 |
489 net_log_.AddEvent(net::NetLogEventType::CT_LOG_ENTRY_AUDITED, | 515 net_log_.AddEvent(net::NetLogEventType::CT_LOG_ENTRY_AUDITED, |
490 net_log_callback); | 516 net_log_callback); |
491 } | 517 } |
492 | 518 |
493 } // namespace certificate_transparency | 519 } // namespace certificate_transparency |
OLD | NEW |