OLD | NEW |
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CHROME_BROWSER_SAFE_BROWSING_PROTOCOL_MANAGER_H_ | 5 #ifndef CHROME_BROWSER_SAFE_BROWSING_PROTOCOL_MANAGER_H_ |
6 #define CHROME_BROWSER_SAFE_BROWSING_PROTOCOL_MANAGER_H_ | 6 #define CHROME_BROWSER_SAFE_BROWSING_PROTOCOL_MANAGER_H_ |
7 | 7 |
8 // A class that implements Chrome's interface with the SafeBrowsing protocol. | 8 // A class that implements Chrome's interface with the SafeBrowsing protocol. |
9 // The SafeBrowsingProtocolManager handles formatting and making requests of, | 9 // The SafeBrowsingProtocolManager handles formatting and making requests of, |
10 // and handling responses from, Google's SafeBrowsing servers. This class uses | 10 // and handling responses from, Google's SafeBrowsing servers. This class uses |
(...skipping 28 matching lines...) Expand all Loading... |
39 size_t operator()(const URLFetcher* fetcher) const { | 39 size_t operator()(const URLFetcher* fetcher) const { |
40 return reinterpret_cast<size_t>(fetcher); | 40 return reinterpret_cast<size_t>(fetcher); |
41 } | 41 } |
42 }; | 42 }; |
43 } | 43 } |
44 #endif | 44 #endif |
45 | 45 |
46 class SafeBrowsingProtocolManager : public URLFetcher::Delegate { | 46 class SafeBrowsingProtocolManager : public URLFetcher::Delegate { |
47 FRIEND_TEST_ALL_PREFIXES(SafeBrowsingProtocolManagerTest, TestBackOffTimes); | 47 FRIEND_TEST_ALL_PREFIXES(SafeBrowsingProtocolManagerTest, TestBackOffTimes); |
48 FRIEND_TEST_ALL_PREFIXES(SafeBrowsingProtocolManagerTest, TestChunkStrings); | 48 FRIEND_TEST_ALL_PREFIXES(SafeBrowsingProtocolManagerTest, TestChunkStrings); |
| 49 FRIEND_TEST_ALL_PREFIXES(SafeBrowsingProtocolManagerTest, TestGetHashUrl); |
49 FRIEND_TEST_ALL_PREFIXES(SafeBrowsingProtocolManagerTest, | 50 FRIEND_TEST_ALL_PREFIXES(SafeBrowsingProtocolManagerTest, |
50 TestGetHashBackOffTimes); | 51 TestGetHashBackOffTimes); |
| 52 FRIEND_TEST_ALL_PREFIXES(SafeBrowsingProtocolManagerTest, TestMacKeyUrl); |
| 53 FRIEND_TEST_ALL_PREFIXES(SafeBrowsingProtocolManagerTest, |
| 54 TestMalwareReportUrl); |
| 55 FRIEND_TEST_ALL_PREFIXES(SafeBrowsingProtocolManagerTest, TestNextChunkUrl); |
| 56 FRIEND_TEST_ALL_PREFIXES(SafeBrowsingProtocolManagerTest, TestUpdateUrl); |
51 | 57 |
52 public: | 58 public: |
53 // Constructs a SafeBrowsingProtocolManager for |sb_service| that issues | 59 // Constructs a SafeBrowsingProtocolManager for |sb_service| that issues |
54 // network requests using |request_context_getter|. | 60 // network requests using |request_context_getter|. When |disable_auto_update| |
| 61 // is true, protocol manager won't schedule next update until |
| 62 // ForceScheduleNextUpdate is called. |
55 SafeBrowsingProtocolManager(SafeBrowsingService* sb_service, | 63 SafeBrowsingProtocolManager(SafeBrowsingService* sb_service, |
56 const std::string& client_name, | 64 const std::string& client_name, |
57 const std::string& client_key, | 65 const std::string& client_key, |
58 const std::string& wrapped_key, | 66 const std::string& wrapped_key, |
59 URLRequestContextGetter* request_context_getter); | 67 URLRequestContextGetter* request_context_getter, |
| 68 const std::string& info_url_prefix, |
| 69 const std::string& mackey_url_prefix, |
| 70 bool disable_auto_update); |
60 ~SafeBrowsingProtocolManager(); | 71 ~SafeBrowsingProtocolManager(); |
61 | 72 |
62 // Set up the update schedule and internal state for making periodic requests | 73 // Sets up the update schedule and internal state for making periodic requests |
63 // of the SafeBrowsing service. | 74 // of the SafeBrowsing service. |
64 void Initialize(); | 75 void Initialize(); |
65 | 76 |
66 // URLFetcher::Delegate interface. | 77 // URLFetcher::Delegate interface. |
67 virtual void OnURLFetchComplete(const URLFetcher* source, | 78 virtual void OnURLFetchComplete(const URLFetcher* source, |
68 const GURL& url, | 79 const GURL& url, |
69 const URLRequestStatus& status, | 80 const URLRequestStatus& status, |
70 int response_code, | 81 int response_code, |
71 const ResponseCookies& cookies, | 82 const ResponseCookies& cookies, |
72 const std::string& data); | 83 const std::string& data); |
73 | 84 |
74 // API used by the SafeBrowsingService for issuing queries. When the results | 85 // API used by the SafeBrowsingService for issuing queries. When the results |
75 // are available, SafeBrowsingService::HandleGetHashResults is called. | 86 // are available, SafeBrowsingService::HandleGetHashResults is called. |
76 void GetFullHash(SafeBrowsingService::SafeBrowsingCheck* check, | 87 void GetFullHash(SafeBrowsingService::SafeBrowsingCheck* check, |
77 const std::vector<SBPrefix>& prefixes); | 88 const std::vector<SBPrefix>& prefixes); |
78 | 89 |
| 90 // Forces the start of next update after |next_update_msec| in msec. |
| 91 void ForceScheduleNextUpdate(int next_update_msec); |
| 92 |
| 93 bool is_initial_request() const { return initial_request_; } |
| 94 |
79 // Scheduled update callback. | 95 // Scheduled update callback. |
80 void GetNextUpdate(); | 96 void GetNextUpdate(); |
81 | 97 |
82 // Called by the SafeBrowsingService when our request for a list of all chunks | 98 // Called by the SafeBrowsingService when our request for a list of all chunks |
83 // for each list is done. If database_error is true, that means the protocol | 99 // for each list is done. If database_error is true, that means the protocol |
84 // manager shouldn't fetch updates since they can't be written to disk. It | 100 // manager shouldn't fetch updates since they can't be written to disk. It |
85 // should try again later to open the database. | 101 // should try again later to open the database. |
86 void OnGetChunksComplete(const std::vector<SBListChunkRanges>& list, | 102 void OnGetChunksComplete(const std::vector<SBListChunkRanges>& list, |
87 bool database_error); | 103 bool database_error); |
88 | 104 |
89 // Called after the chunks that were parsed were inserted in the database. | 105 // Called after the chunks that were parsed were inserted in the database. |
90 void OnChunkInserted(); | 106 void OnChunkInserted(); |
91 | 107 |
92 // The last time we received an update. | 108 // The last time we received an update. |
93 base::Time last_update() const { return last_update_; } | 109 base::Time last_update() const { return last_update_; } |
94 | 110 |
95 // Report a malware resource to the SafeBrowsing service. | 111 // Reports a malware resource to the SafeBrowsing service. |
96 void ReportMalware(const GURL& malware_url, | 112 void ReportMalware(const GURL& malware_url, |
97 const GURL& page_url, | 113 const GURL& page_url, |
98 const GURL& referrer_url); | 114 const GURL& referrer_url); |
99 | 115 |
| 116 // Setter for additional_query_. To make sure the additional_query_ won't |
| 117 // be changed in the middle of an update, caller (e.g.: SafeBrowsingService) |
| 118 // should call this after callbacks triggered in UpdateFinished() or before |
| 119 // IssueUpdateRequest(). |
| 120 void set_additional_query(const std::string& query) { |
| 121 additional_query_ = query; |
| 122 } |
| 123 const std::string& additional_query() const { |
| 124 return additional_query_; |
| 125 } |
| 126 |
100 private: | 127 private: |
101 // Internal API for fetching information from the SafeBrowsing servers. The | 128 // Internal API for fetching information from the SafeBrowsing servers. The |
102 // GetHash requests are higher priority since they can block user requests | 129 // GetHash requests are higher priority since they can block user requests |
103 // so are handled separately. | 130 // so are handled separately. |
104 enum SafeBrowsingRequestType { | 131 enum SafeBrowsingRequestType { |
105 NO_REQUEST = 0, // No requests in progress | 132 NO_REQUEST = 0, // No requests in progress |
106 UPDATE_REQUEST, // Request for redirect URLs | 133 UPDATE_REQUEST, // Request for redirect URLs |
107 CHUNK_REQUEST, // Request for a specific chunk | 134 CHUNK_REQUEST, // Request for a specific chunk |
108 GETKEY_REQUEST // Update the client's MAC key | 135 GETKEY_REQUEST // Update the client's MAC key |
109 }; | 136 }; |
110 | 137 |
| 138 // Composes a URL using |prefix|, |method| (e.g.: gethash, download, |
| 139 // newkey, report), |client_name| and |version|. When not empty, |
| 140 // |additional_query| is appended to the URL. |
| 141 static std::string ComposeUrl(const std::string& prefix, |
| 142 const std::string& method, |
| 143 const std::string& client_name, |
| 144 const std::string& version, |
| 145 const std::string& additional_query); |
| 146 |
| 147 // Generates Update URL for querying about the latest set of chunk updates. |
| 148 // Append "wrkey=xxx" to the URL when |use_mac| is true. |
| 149 GURL UpdateUrl(bool use_mac) const; |
| 150 // Generates GetHash request URL for retrieving full hashes. |
| 151 // Append "wrkey=xxx" to the URL when |use_mac| is true. |
| 152 GURL GetHashUrl(bool use_mac) const; |
| 153 // Generates new MAC client key request URL. |
| 154 GURL MacKeyUrl() const; |
| 155 // Generates URL for reporting malware pages. |
| 156 GURL MalwareReportUrl(const GURL& malware_url, const GURL& page_url, |
| 157 const GURL& referrer_url) const; |
| 158 // Composes a ChunkUrl based on input string. |
| 159 GURL NextChunkUrl(const std::string& input) const; |
| 160 |
111 // Returns the time (in milliseconds) for the next update request. If | 161 // Returns the time (in milliseconds) for the next update request. If |
112 // 'back_off' is true, the time returned will increment an error count and | 162 // 'back_off' is true, the time returned will increment an error count and |
113 // return the appriate next time (see ScheduleNextUpdate below). | 163 // return the appriate next time (see ScheduleNextUpdate below). |
114 int GetNextUpdateTime(bool back_off); | 164 int GetNextUpdateTime(bool back_off); |
115 | 165 |
116 // Worker function for calculating GetHash and Update backoff times (in | 166 // Worker function for calculating GetHash and Update backoff times (in |
117 // seconds). 'Multiplier' is doubled for each consecutive error between the | 167 // seconds). 'Multiplier' is doubled for each consecutive error between the |
118 // 2nd and 5th, and 'error_count' is incremented with each call. | 168 // 2nd and 5th, and 'error_count' is incremented with each call. |
119 int GetNextBackOffTime(int* error_count, int* multiplier); | 169 int GetNextBackOffTime(int* error_count, int* multiplier); |
120 | 170 |
121 // Manage our update with the next allowable update time. If 'back_off_' is | 171 // Manages our update with the next allowable update time. If 'back_off_' is |
122 // true, we must decrease the frequency of requests of the SafeBrowsing | 172 // true, we must decrease the frequency of requests of the SafeBrowsing |
123 // service according to section 5 of the protocol specification. | 173 // service according to section 5 of the protocol specification. |
| 174 // When disable_auto_update_ is set, ScheduleNextUpdate will do nothing. |
| 175 // ForceScheduleNextUpdate has to be called to trigger the update. |
124 void ScheduleNextUpdate(bool back_off); | 176 void ScheduleNextUpdate(bool back_off); |
125 | 177 |
126 // Send a request for a list of chunks we should download to the SafeBrowsing | 178 // Sends a request for a list of chunks we should download to the SafeBrowsing |
127 // servers. In order to format this request, we need to send all the chunk | 179 // servers. In order to format this request, we need to send all the chunk |
128 // numbers for each list that we have to the server. Getting the chunk numbers | 180 // numbers for each list that we have to the server. Getting the chunk numbers |
129 // requires a database query (run on the database thread), and the request | 181 // requires a database query (run on the database thread), and the request |
130 // is sent upon completion of that query in OnGetChunksComplete. | 182 // is sent upon completion of that query in OnGetChunksComplete. |
131 void IssueUpdateRequest(); | 183 void IssueUpdateRequest(); |
132 | 184 |
133 // Send a request for a chunk to the SafeBrowsing servers. | 185 // Sends a request for a chunk to the SafeBrowsing servers. |
134 void IssueChunkRequest(); | 186 void IssueChunkRequest(); |
135 | 187 |
136 // Get a key from the SafeBrowsing servers for use with MAC. This should only | 188 // Gets a key from the SafeBrowsing servers for use with MAC. This should only |
137 // be called once per client unless the server directly tells us to update. | 189 // be called once per client unless the server directly tells us to update. |
138 void IssueKeyRequest(); | 190 void IssueKeyRequest(); |
139 | 191 |
140 // Format a string returned from the database into: | 192 // Formats a string returned from the database into: |
141 // "list_name;a:<add_chunk_ranges>:s:<sub_chunk_ranges>:mac\n" | 193 // "list_name;a:<add_chunk_ranges>:s:<sub_chunk_ranges>:mac\n" |
142 static std::string FormatList(const SBListChunkRanges& list, bool use_mac); | 194 static std::string FormatList(const SBListChunkRanges& list, bool use_mac); |
143 | 195 |
144 // Run the protocol parser on received data and update the SafeBrowsingService | 196 // Runs the protocol parser on received data and update the |
145 // with the new content. Returns 'true' on successful parse, 'false' on error. | 197 // SafeBrowsingService with the new content. Returns 'true' on successful |
| 198 // parse, 'false' on error. |
146 bool HandleServiceResponse(const GURL& url, const char* data, int length); | 199 bool HandleServiceResponse(const GURL& url, const char* data, int length); |
147 | 200 |
148 // If the SafeBrowsing service wants us to re-key, we clear our key state and | 201 // If the SafeBrowsing service wants us to re-key, we clear our key state and |
149 // issue the request. | 202 // issue the request. |
150 void HandleReKey(); | 203 void HandleReKey(); |
151 | 204 |
152 // Update internal state for each GetHash response error, assuming that the | 205 // Updates internal state for each GetHash response error, assuming that the |
153 // current time is |now|. | 206 // current time is |now|. |
154 void HandleGetHashError(const base::Time& now); | 207 void HandleGetHashError(const base::Time& now); |
155 | 208 |
156 // Helper function for update completion. | 209 // Helper function for update completion. |
157 void UpdateFinished(bool success); | 210 void UpdateFinished(bool success); |
158 | 211 |
159 // A callback that runs if we timeout waiting for a response to an update | 212 // A callback that runs if we timeout waiting for a response to an update |
160 // request. We use this to properly set our update state. | 213 // request. We use this to properly set our update state. |
161 void UpdateResponseTimeout(); | 214 void UpdateResponseTimeout(); |
162 | 215 |
(...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
225 | 278 |
226 // While in GetHash backoff, we can't make another GetHash until this time. | 279 // While in GetHash backoff, we can't make another GetHash until this time. |
227 base::Time next_gethash_time_; | 280 base::Time next_gethash_time_; |
228 | 281 |
229 // Current product version sent in each request. | 282 // Current product version sent in each request. |
230 std::string version_; | 283 std::string version_; |
231 | 284 |
232 // Used for measuring chunk request latency. | 285 // Used for measuring chunk request latency. |
233 base::Time chunk_request_start_; | 286 base::Time chunk_request_start_; |
234 | 287 |
235 // Track the size of each update (in bytes). | 288 // Tracks the size of each update (in bytes). |
236 int update_size_; | 289 int update_size_; |
237 | 290 |
238 // Track outstanding malware report fetchers for clean up. | 291 // Track outstanding malware report fetchers for clean up. |
239 std::set<const URLFetcher*> malware_reports_; | 292 std::set<const URLFetcher*> malware_reports_; |
240 | 293 |
241 // The safe browsing client name sent in each request. | 294 // The safe browsing client name sent in each request. |
242 std::string client_name_; | 295 std::string client_name_; |
243 | 296 |
| 297 // A string that is appended to the end of URLs for download, gethash, |
| 298 // newkey, malware report and chunk update requests. |
| 299 std::string additional_query_; |
| 300 |
244 // The context we use to issue network requests. | 301 // The context we use to issue network requests. |
245 scoped_refptr<URLRequestContextGetter> request_context_getter_; | 302 scoped_refptr<URLRequestContextGetter> request_context_getter_; |
246 | 303 |
| 304 // URL prefix where browser fetches safebrowsing chunk updates, hashes, and |
| 305 // reports malware. |
| 306 std::string info_url_prefix_; |
| 307 |
| 308 // URL prefix where browser fetches MAC client key. |
| 309 std::string mackey_url_prefix_; |
| 310 |
| 311 // When true, protocol manager will not start an update unless |
| 312 // ForceScheduleNextUpdate() is called. This is set for testing purpose. |
| 313 bool disable_auto_update_; |
| 314 |
247 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingProtocolManager); | 315 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingProtocolManager); |
248 }; | 316 }; |
249 | 317 |
250 #endif // CHROME_BROWSER_SAFE_BROWSING_PROTOCOL_MANAGER_H_ | 318 #endif // CHROME_BROWSER_SAFE_BROWSING_PROTOCOL_MANAGER_H_ |
OLD | NEW |