| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/extensions/install_verifier.h" | 5 #include "chrome/browser/extensions/install_verifier.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 110 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 121 // the "MAX" item below should always be the last element. | 121 // the "MAX" item below should always be the last element. |
| 122 | 122 |
| 123 INIT_RESULT_MAX | 123 INIT_RESULT_MAX |
| 124 }; | 124 }; |
| 125 | 125 |
| 126 void LogInitResultHistogram(InitResult result) { | 126 void LogInitResultHistogram(InitResult result) { |
| 127 UMA_HISTOGRAM_ENUMERATION("ExtensionInstallVerifier.InitResult", | 127 UMA_HISTOGRAM_ENUMERATION("ExtensionInstallVerifier.InitResult", |
| 128 result, INIT_RESULT_MAX); | 128 result, INIT_RESULT_MAX); |
| 129 } | 129 } |
| 130 | 130 |
| 131 bool FromStore(const Extension& extension) { | |
| 132 if (extension.from_webstore() || ManifestURL::UpdatesFromGallery(&extension)) | |
| 133 return true; | |
| 134 | |
| 135 // If an extension has no update url, our autoupdate code will ask the | |
| 136 // webstore about it (to aid in migrating to the webstore from self-hosting | |
| 137 // or sideloading based installs). So we want to do verification checks on | |
| 138 // such extensions too so that we don't accidentally disable old installs of | |
| 139 // extensions that did migrate to the webstore. | |
| 140 return (ManifestURL::GetUpdateURL(&extension).is_empty() && | |
| 141 Manifest::IsAutoUpdateableLocation(extension.location())); | |
| 142 } | |
| 143 | |
| 144 bool CanUseExtensionApis(const Extension& extension) { | 131 bool CanUseExtensionApis(const Extension& extension) { |
| 145 return extension.is_extension() || extension.is_legacy_packaged_app(); | 132 return extension.is_extension() || extension.is_legacy_packaged_app(); |
| 146 } | 133 } |
| 147 | 134 |
| 148 enum VerifyAllSuccess { | 135 enum VerifyAllSuccess { |
| 149 VERIFY_ALL_BOOTSTRAP_SUCCESS = 0, | 136 VERIFY_ALL_BOOTSTRAP_SUCCESS = 0, |
| 150 VERIFY_ALL_BOOTSTRAP_FAILURE, | 137 VERIFY_ALL_BOOTSTRAP_FAILURE, |
| 151 VERIFY_ALL_NON_BOOTSTRAP_SUCCESS, | 138 VERIFY_ALL_NON_BOOTSTRAP_SUCCESS, |
| 152 VERIFY_ALL_NON_BOOTSTRAP_FAILURE, | 139 VERIFY_ALL_NON_BOOTSTRAP_FAILURE, |
| 153 | 140 |
| (...skipping 81 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 235 AddMany(GetExtensionsToVerify(), ADD_ALL); | 222 AddMany(GetExtensionsToVerify(), ADD_ALL); |
| 236 } | 223 } |
| 237 | 224 |
| 238 base::Time InstallVerifier::SignatureTimestamp() { | 225 base::Time InstallVerifier::SignatureTimestamp() { |
| 239 if (signature_.get()) | 226 if (signature_.get()) |
| 240 return signature_->timestamp; | 227 return signature_->timestamp; |
| 241 else | 228 else |
| 242 return base::Time(); | 229 return base::Time(); |
| 243 } | 230 } |
| 244 | 231 |
| 245 bool InstallVerifier::IsKnownId(const std::string& id) { | 232 bool InstallVerifier::IsKnownId(const std::string& id) const { |
| 246 return signature_.get() && (ContainsKey(signature_->ids, id) || | 233 return signature_.get() && (ContainsKey(signature_->ids, id) || |
| 247 ContainsKey(signature_->invalid_ids, id)); | 234 ContainsKey(signature_->invalid_ids, id)); |
| 248 } | 235 } |
| 249 | 236 |
| 237 bool InstallVerifier::IsVerified(const std::string& id) const { |
| 238 return ((signature_.get() && ContainsKey(signature_->ids, id)) || |
| 239 ContainsKey(provisional_, id)); |
| 240 } |
| 241 |
| 242 bool InstallVerifier::IsInvalid(const std::string& id) const { |
| 243 return ((signature_.get() && ContainsKey(signature_->invalid_ids, id))); |
| 244 } |
| 245 |
| 250 void InstallVerifier::VerifyExtension(const std::string& extension_id) { | 246 void InstallVerifier::VerifyExtension(const std::string& extension_id) { |
| 251 ExtensionIdSet ids; | 247 ExtensionIdSet ids; |
| 252 ids.insert(extension_id); | 248 ids.insert(extension_id); |
| 253 AddMany(ids, ADD_SINGLE); | 249 AddMany(ids, ADD_SINGLE); |
| 254 } | 250 } |
| 255 | 251 |
| 256 void InstallVerifier::AddMany(const ExtensionIdSet& ids, OperationType type) { | 252 void InstallVerifier::AddMany(const ExtensionIdSet& ids, OperationType type) { |
| 257 if (!ShouldFetchSignature()) { | 253 if (!ShouldFetchSignature()) { |
| 258 OnVerificationComplete(true, type); // considered successful. | 254 OnVerificationComplete(true, type); // considered successful. |
| 259 return; | 255 return; |
| (...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 307 | 303 |
| 308 InstallVerifier::PendingOperation* operation = | 304 InstallVerifier::PendingOperation* operation = |
| 309 new InstallVerifier::PendingOperation(InstallVerifier::REMOVE); | 305 new InstallVerifier::PendingOperation(InstallVerifier::REMOVE); |
| 310 operation->ids = ids; | 306 operation->ids = ids; |
| 311 | 307 |
| 312 operation_queue_.push(linked_ptr<PendingOperation>(operation)); | 308 operation_queue_.push(linked_ptr<PendingOperation>(operation)); |
| 313 if (operation_queue_.size() == 1) | 309 if (operation_queue_.size() == 1) |
| 314 BeginFetch(); | 310 BeginFetch(); |
| 315 } | 311 } |
| 316 | 312 |
| 313 bool InstallVerifier::AllowedByEnterprisePolicy(const std::string& id) const { |
| 314 PrefService* pref_service = prefs_->pref_service(); |
| 315 if (pref_service->IsManagedPreference(pref_names::kInstallAllowList)) { |
| 316 const base::ListValue* whitelist = |
| 317 pref_service->GetList(pref_names::kInstallAllowList); |
| 318 base::StringValue id_value(id); |
| 319 if (whitelist && whitelist->Find(id_value) != whitelist->end()) |
| 320 return true; |
| 321 } |
| 322 if (pref_service->IsManagedPreference(pref_names::kInstallForceList)) { |
| 323 const base::DictionaryValue* forcelist = |
| 324 pref_service->GetDictionary(pref_names::kInstallForceList); |
| 325 if (forcelist && forcelist->HasKey(id)) |
| 326 return true; |
| 327 } |
| 328 return false; |
| 329 } |
| 330 |
| 331 // static |
| 332 bool InstallVerifier::FromStore(const Extension& extension) { |
| 333 if (extension.from_webstore() || ManifestURL::UpdatesFromGallery(&extension)) |
| 334 return true; |
| 335 |
| 336 // If an extension has no update url, our autoupdate code will ask the |
| 337 // webstore about it (to aid in migrating to the webstore from self-hosting |
| 338 // or sideloading based installs). So we want to do verification checks on |
| 339 // such extensions too so that we don't accidentally disable old installs of |
| 340 // extensions that did migrate to the webstore. |
| 341 return (ManifestURL::GetUpdateURL(&extension).is_empty() && |
| 342 Manifest::IsAutoUpdateableLocation(extension.location())); |
| 343 } |
| 344 |
| 317 std::string InstallVerifier::GetDebugPolicyProviderName() const { | 345 std::string InstallVerifier::GetDebugPolicyProviderName() const { |
| 318 return std::string("InstallVerifier"); | 346 return std::string("InstallVerifier"); |
| 319 } | 347 } |
| 320 | 348 |
| 321 namespace { | 349 namespace { |
| 322 | 350 |
| 323 enum MustRemainDisabledOutcome { | 351 enum MustRemainDisabledOutcome { |
| 324 VERIFIED = 0, | 352 VERIFIED = 0, |
| 325 NOT_EXTENSION, | 353 NOT_EXTENSION, |
| 326 UNPACKED, | 354 UNPACKED, |
| (...skipping 176 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 503 i != all_ids.end(); ++i) { | 531 i != all_ids.end(); ++i) { |
| 504 ExtensionIdSet::iterator found = leftovers.find(*i); | 532 ExtensionIdSet::iterator found = leftovers.find(*i); |
| 505 if (found != leftovers.end()) | 533 if (found != leftovers.end()) |
| 506 leftovers.erase(found); | 534 leftovers.erase(found); |
| 507 } | 535 } |
| 508 if (!leftovers.empty()) { | 536 if (!leftovers.empty()) { |
| 509 RemoveMany(leftovers); | 537 RemoveMany(leftovers); |
| 510 } | 538 } |
| 511 } | 539 } |
| 512 | 540 |
| 513 bool InstallVerifier::AllowedByEnterprisePolicy(const std::string& id) const { | |
| 514 PrefService* pref_service = prefs_->pref_service(); | |
| 515 if (pref_service->IsManagedPreference(pref_names::kInstallAllowList)) { | |
| 516 const base::ListValue* whitelist = | |
| 517 pref_service->GetList(pref_names::kInstallAllowList); | |
| 518 base::StringValue id_value(id); | |
| 519 if (whitelist && whitelist->Find(id_value) != whitelist->end()) | |
| 520 return true; | |
| 521 } | |
| 522 if (pref_service->IsManagedPreference(pref_names::kInstallForceList)) { | |
| 523 const base::DictionaryValue* forcelist = | |
| 524 pref_service->GetDictionary(pref_names::kInstallForceList); | |
| 525 if (forcelist && forcelist->HasKey(id)) | |
| 526 return true; | |
| 527 } | |
| 528 return false; | |
| 529 } | |
| 530 | |
| 531 bool InstallVerifier::IsVerified(const std::string& id) const { | |
| 532 return ((signature_.get() && ContainsKey(signature_->ids, id)) || | |
| 533 ContainsKey(provisional_, id)); | |
| 534 } | |
| 535 | |
| 536 void InstallVerifier::BeginFetch() { | 541 void InstallVerifier::BeginFetch() { |
| 537 DCHECK(ShouldFetchSignature()); | 542 DCHECK(ShouldFetchSignature()); |
| 538 | 543 |
| 539 // TODO(asargent) - It would be possible to coalesce all operations in the | 544 // TODO(asargent) - It would be possible to coalesce all operations in the |
| 540 // queue into one fetch - we'd probably just need to change the queue to | 545 // queue into one fetch - we'd probably just need to change the queue to |
| 541 // hold (set of ids, list of operation type) pairs. | 546 // hold (set of ids, list of operation type) pairs. |
| 542 CHECK(!operation_queue_.empty()); | 547 CHECK(!operation_queue_.empty()); |
| 543 const PendingOperation& operation = *operation_queue_.front(); | 548 const PendingOperation& operation = *operation_queue_.front(); |
| 544 | 549 |
| 545 ExtensionIdSet ids_to_sign; | 550 ExtensionIdSet ids_to_sign; |
| (...skipping 89 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 635 } | 640 } |
| 636 | 641 |
| 637 OnVerificationComplete(success, operation->type); | 642 OnVerificationComplete(success, operation->type); |
| 638 } | 643 } |
| 639 | 644 |
| 640 if (!operation_queue_.empty()) | 645 if (!operation_queue_.empty()) |
| 641 BeginFetch(); | 646 BeginFetch(); |
| 642 } | 647 } |
| 643 | 648 |
| 644 } // namespace extensions | 649 } // namespace extensions |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 464463003:
Adding logging of offstore extensions state to user metrics. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src