Chromium Code Reviews Chromium Code Reviews
Issue 42553002:
Mostly integrate new malware IP blacklist with the csd client. When (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/safe_browsing/client_side_detection_host.h" | 5 #include "chrome/browser/safe_browsing/client_side_detection_host.h" |
| 6 | 6 |
| 7 #include <vector> | 7 #include <vector> |
| 8 | 8 |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/memory/ref_counted.h" | 10 #include "base/memory/ref_counted.h" |
| (...skipping 232 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 243 | 243 |
| 244 DISALLOW_COPY_AND_ASSIGN(ShouldClassifyUrlRequest); | 244 DISALLOW_COPY_AND_ASSIGN(ShouldClassifyUrlRequest); |
| 245 }; | 245 }; |
| 246 | 246 |
| 247 // static | 247 // static |
| 248 ClientSideDetectionHost* ClientSideDetectionHost::Create( | 248 ClientSideDetectionHost* ClientSideDetectionHost::Create( |
| 249 WebContents* tab) { | 249 WebContents* tab) { |
| 250 return new ClientSideDetectionHost(tab); | 250 return new ClientSideDetectionHost(tab); |
| 251 } | 251 } |
| 252 | 252 |
| 253 ClientSideDetectionHost::ClientSideDetectionHost() | |
| 254 : content::WebContentsObserver(), | |
| 255 weak_factory_(this) { } | |
| 256 | |
| 253 ClientSideDetectionHost::ClientSideDetectionHost(WebContents* tab) | 257 ClientSideDetectionHost::ClientSideDetectionHost(WebContents* tab) |
| 254 : content::WebContentsObserver(tab), | 258 : content::WebContentsObserver(tab), |
| 255 csd_service_(NULL), | 259 csd_service_(NULL), |
| 256 weak_factory_(this), | 260 weak_factory_(this), |
| 257 unsafe_unique_page_id_(-1), | 261 unsafe_unique_page_id_(-1), |
| 258 malware_killswitch_on_(false), | 262 malware_killswitch_on_(false), |
| 259 malware_report_enabled_(false) { | 263 malware_report_enabled_(false) { |
| 260 DCHECK(tab); | 264 DCHECK(tab); |
| 261 // Note: csd_service_ and sb_service will be NULL here in testing. | 265 // Note: csd_service_ and sb_service will be NULL here in testing. |
| 262 csd_service_ = g_browser_process->safe_browsing_detection_service(); | 266 csd_service_ = g_browser_process->safe_browsing_detection_service(); |
| 263 feature_extractor_.reset(new BrowserFeatureExtractor(tab, csd_service_)); | 267 feature_extractor_.reset(new BrowserFeatureExtractor(tab, this)); |
| 264 registrar_.Add(this, content::NOTIFICATION_RESOURCE_RESPONSE_STARTED, | 268 registrar_.Add(this, content::NOTIFICATION_RESOURCE_RESPONSE_STARTED, |
| 265 content::Source<WebContents>(tab)); | 269 content::Source<WebContents>(tab)); |
| 266 | 270 |
| 267 scoped_refptr<SafeBrowsingService> sb_service = | 271 scoped_refptr<SafeBrowsingService> sb_service = |
| 268 g_browser_process->safe_browsing_service(); | 272 g_browser_process->safe_browsing_service(); |
| 269 if (sb_service.get()) { | 273 if (sb_service.get()) { |
| 270 ui_manager_ = sb_service->ui_manager(); | 274 ui_manager_ = sb_service->ui_manager(); |
| 271 database_manager_ = sb_service->database_manager(); | 275 database_manager_ = sb_service->database_manager(); |
| 272 ui_manager_->AddObserver(this); | 276 ui_manager_->AddObserver(this); |
| 273 } | 277 } |
| (...skipping 80 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 354 web_contents()->GetController().GetActiveEntry()) { | 358 web_contents()->GetController().GetActiveEntry()) { |
| 355 unsafe_unique_page_id_ = | 359 unsafe_unique_page_id_ = |
| 356 web_contents()->GetController().GetActiveEntry()->GetUniqueID(); | 360 web_contents()->GetController().GetActiveEntry()->GetUniqueID(); |
| 357 // We also keep the resource around in order to be able to send the | 361 // We also keep the resource around in order to be able to send the |
| 358 // malicious URL to the server. | 362 // malicious URL to the server. |
| 359 unsafe_resource_.reset(new SafeBrowsingUIManager::UnsafeResource(resource)); | 363 unsafe_resource_.reset(new SafeBrowsingUIManager::UnsafeResource(resource)); |
| 360 unsafe_resource_->callback.Reset(); // Don't do anything stupid. | 364 unsafe_resource_->callback.Reset(); // Don't do anything stupid. |
| 361 } | 365 } |
| 362 } | 366 } |
| 363 | 367 |
| 368 bool ClientSideDetectionHost::IsBadIpAddress(const std::string& ip_address) { | |
| 369 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | |
| 370 return (database_manager_.get() && | |
| 371 database_manager_->MatchMalwareIP(ip_address)); | |
| 372 } | |
| 373 | |
| 364 void ClientSideDetectionHost::WebContentsDestroyed(WebContents* tab) { | 374 void ClientSideDetectionHost::WebContentsDestroyed(WebContents* tab) { |
| 365 DCHECK(tab); | 375 DCHECK(tab); |
| 366 // Tell any pending classification request that it is being canceled. | 376 // Tell any pending classification request that it is being canceled. |
| 367 if (classification_request_.get()) { | 377 if (classification_request_.get()) { |
| 368 classification_request_->Cancel(); | 378 classification_request_->Cancel(); |
| 369 } | 379 } |
| 370 // Cancel all pending feature extractions. | 380 // Cancel all pending feature extractions. |
| 371 feature_extractor_.reset(); | 381 feature_extractor_.reset(); |
| 372 } | 382 } |
| 373 | 383 |
| (...skipping 18 matching lines...) Expand all Loading... | |
| 392 verdict->ParseFromString(verdict_str) && | 402 verdict->ParseFromString(verdict_str) && |
| 393 verdict->IsInitialized()) { | 403 verdict->IsInitialized()) { |
| 394 // We do the malware IP matching and request sending if the feature | 404 // We do the malware IP matching and request sending if the feature |
| 395 // is enabled. | 405 // is enabled. |
| 396 if (malware_report_enabled_ && !MalwareKillSwitchIsOn()) { | 406 if (malware_report_enabled_ && !MalwareKillSwitchIsOn()) { |
| 397 scoped_ptr<ClientMalwareRequest> malware_verdict( | 407 scoped_ptr<ClientMalwareRequest> malware_verdict( |
| 398 new ClientMalwareRequest); | 408 new ClientMalwareRequest); |
| 399 // Start browser-side malware feature extraction. Once we're done it will | 409 // Start browser-side malware feature extraction. Once we're done it will |
| 400 // send the malware client verdict request. | 410 // send the malware client verdict request. |
| 401 malware_verdict->set_url(verdict->url()); | 411 malware_verdict->set_url(verdict->url()); |
| 412 // This function doesn't expect brose_info_ to stay around after this | |
|
mattm
2013/10/25 06:28:12
browse_info_
noé
2013/10/28 23:39:26
Done.
| |
| 413 // function returns. | |
| 402 feature_extractor_->ExtractMalwareFeatures( | 414 feature_extractor_->ExtractMalwareFeatures( |
| 403 browse_info_.get(), malware_verdict.get()); | 415 *browse_info_, |
| 404 MalwareFeatureExtractionDone(malware_verdict.Pass()); | 416 malware_verdict.release(), |
| 417 base::Bind(&ClientSideDetectionHost::MalwareFeatureExtractionDone, | |
| 418 weak_factory_.GetWeakPtr())); | |
| 405 } | 419 } |
| 406 | 420 |
| 407 // We only send phishing verdict to the server if the verdict is phishing or | 421 // We only send phishing verdict to the server if the verdict is phishing or |
| 408 // if a SafeBrowsing interstitial was already shown for this site. E.g., a | 422 // if a SafeBrowsing interstitial was already shown for this site. E.g., a |
| 409 // malware or phishing interstitial was shown but the user clicked | 423 // malware or phishing interstitial was shown but the user clicked |
| 410 // through. | 424 // through. |
| 411 if (verdict->is_phishing() || DidShowSBInterstitial()) { | 425 if (verdict->is_phishing() || DidShowSBInterstitial()) { |
| 412 if (DidShowSBInterstitial()) { | 426 if (DidShowSBInterstitial()) { |
| 413 browse_info_->unsafe_resource.reset(unsafe_resource_.release()); | 427 browse_info_->unsafe_resource.reset(unsafe_resource_.release()); |
| 414 } | 428 } |
| (...skipping 88 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 503 callback = base::Bind(&ClientSideDetectionHost::MaybeShowPhishingWarning, | 517 callback = base::Bind(&ClientSideDetectionHost::MaybeShowPhishingWarning, |
| 504 weak_factory_.GetWeakPtr()); | 518 weak_factory_.GetWeakPtr()); |
| 505 } | 519 } |
| 506 // Send ping even if the browser feature extraction failed. | 520 // Send ping even if the browser feature extraction failed. |
| 507 csd_service_->SendClientReportPhishingRequest( | 521 csd_service_->SendClientReportPhishingRequest( |
| 508 request, // The service takes ownership of the request object. | 522 request, // The service takes ownership of the request object. |
| 509 callback); | 523 callback); |
| 510 } | 524 } |
| 511 | 525 |
| 512 void ClientSideDetectionHost::MalwareFeatureExtractionDone( | 526 void ClientSideDetectionHost::MalwareFeatureExtractionDone( |
| 513 scoped_ptr<ClientMalwareRequest> request) { | 527 bool feature_extraction_success, |
| 514 if (!request) { | 528 ClientMalwareRequest* request) { |
| 515 DLOG(FATAL) << "Invalid request object in MalwareFeatureExtractionDone"; | |
| 516 return; | |
| 517 } | |
| 518 VLOG(2) << "Malware Feature extraction done for URL: " << request->url() | 529 VLOG(2) << "Malware Feature extraction done for URL: " << request->url() |
| 519 << ", with features count:" << request->feature_map_size(); | 530 << ", with features count:" << request->feature_map_size(); |
| 520 | 531 |
| 521 // Send ping if there is matching features. | 532 // Send ping if there is matching features. |
| 522 if (request->feature_map_size() > 0) { | 533 if (feature_extraction_success && request->feature_map_size() > 0) { |
| 523 VLOG(1) << "Start sending client malware request."; | 534 VLOG(1) << "Start sending client malware request."; |
| 524 ClientSideDetectionService::ClientReportMalwareRequestCallback callback; | 535 ClientSideDetectionService::ClientReportMalwareRequestCallback callback; |
| 525 callback = base::Bind(&ClientSideDetectionHost::MaybeShowMalwareWarning, | 536 callback = base::Bind(&ClientSideDetectionHost::MaybeShowMalwareWarning, |
| 526 weak_factory_.GetWeakPtr()); | 537 weak_factory_.GetWeakPtr()); |
| 527 csd_service_->SendClientReportMalwareRequest( | 538 csd_service_->SendClientReportMalwareRequest(request, callback); |
| 528 request.release(), // The service takes ownership of the request object | 539 } else { |
| 529 callback); | 540 delete request; |
| 530 } | 541 } |
| 531 } | 542 } |
| 532 | 543 |
| 533 void ClientSideDetectionHost::UpdateIPUrlMap(const std::string& ip, | 544 void ClientSideDetectionHost::UpdateIPUrlMap(const std::string& ip, |
| 534 const std::string& url) { | 545 const std::string& url) { |
| 535 if (ip.empty() || url.empty()) | 546 if (ip.empty() || url.empty()) |
| 536 return; | 547 return; |
| 537 | 548 |
| 538 IPUrlMap::iterator it = browse_info_->ips.find(ip); | 549 IPUrlMap::iterator it = browse_info_->ips.find(ip); |
| 539 if (it == browse_info_->ips.end()) { | 550 if (it == browse_info_->ips.end()) { |
| (...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 595 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 606 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 596 return malware_killswitch_on_; | 607 return malware_killswitch_on_; |
| 597 } | 608 } |
| 598 | 609 |
| 599 void ClientSideDetectionHost::SetMalwareKillSwitch(bool killswitch_on) { | 610 void ClientSideDetectionHost::SetMalwareKillSwitch(bool killswitch_on) { |
| 600 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 611 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 601 malware_killswitch_on_ = killswitch_on; | 612 malware_killswitch_on_ = killswitch_on; |
| 602 } | 613 } |
| 603 | 614 |
| 604 } // namespace safe_browsing | 615 } // namespace safe_browsing |
| OLD | NEW |
