| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CHROME_BROWSER_SAFE_BROWSING_SAFE_BROWSING_DATABASE_H_ | 5 #ifndef CHROME_BROWSER_SAFE_BROWSING_SAFE_BROWSING_DATABASE_H_ |
| 6 #define CHROME_BROWSER_SAFE_BROWSING_SAFE_BROWSING_DATABASE_H_ | 6 #define CHROME_BROWSER_SAFE_BROWSING_SAFE_BROWSING_DATABASE_H_ |
| 7 | 7 |
| 8 #include <map> | 8 #include <map> |
| 9 #include <set> | 9 #include <set> |
| 10 #include <string> | 10 #include <string> |
| (...skipping 352 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 363 // lookups in the whitelist should be considered matches for safety. | 363 // lookups in the whitelist should be considered matches for safety. |
| 364 typedef std::pair<std::vector<SBFullHash>, bool> SBWhitelist; | 364 typedef std::pair<std::vector<SBFullHash>, bool> SBWhitelist; |
| 365 | 365 |
| 366 // This map holds a csd malware IP blacklist which maps a prefix mask | 366 // This map holds a csd malware IP blacklist which maps a prefix mask |
| 367 // to a set of hashed blacklisted IP prefixes. Each IP prefix is a hashed | 367 // to a set of hashed blacklisted IP prefixes. Each IP prefix is a hashed |
| 368 // IPv6 IP prefix using SHA-1. | 368 // IPv6 IP prefix using SHA-1. |
| 369 typedef std::map<std::string, base::hash_set<std::string> > IPBlacklist; | 369 typedef std::map<std::string, base::hash_set<std::string> > IPBlacklist; |
| 370 | 370 |
| 371 bool PrefixSetContainsUrl( | 371 bool PrefixSetContainsUrl( |
| 372 const GURL& url, | 372 const GURL& url, |
| 373 scoped_ptr<safe_browsing::PrefixSet>* prefix_set_getter, | 373 scoped_ptr<const safe_browsing::PrefixSet>* prefix_set_getter, |
| 374 std::vector<SBPrefix>* prefix_hits, | 374 std::vector<SBPrefix>* prefix_hits, |
| 375 std::vector<SBFullHashResult>* cache_hits); | 375 std::vector<SBFullHashResult>* cache_hits); |
| 376 | 376 |
| 377 // Exposed for testing of PrefixSetContainsUrlHashes() on the | 377 // Exposed for testing of PrefixSetContainsUrlHashes() on the |
| 378 // PrefixSet backing kMalwareList. | 378 // PrefixSet backing kMalwareList. |
| 379 bool ContainsBrowseUrlHashesForTesting( | 379 bool ContainsBrowseUrlHashesForTesting( |
| 380 const std::vector<SBFullHash>& full_hashes, | 380 const std::vector<SBFullHash>& full_hashes, |
| 381 std::vector<SBPrefix>* prefix_hits, | 381 std::vector<SBPrefix>* prefix_hits, |
| 382 std::vector<SBFullHashResult>* cache_hits); | 382 std::vector<SBFullHashResult>* cache_hits); |
| 383 | 383 |
| 384 bool PrefixSetContainsUrlHashes( | 384 bool PrefixSetContainsUrlHashes( |
| 385 const std::vector<SBFullHash>& full_hashes, | 385 const std::vector<SBFullHash>& full_hashes, |
| 386 scoped_ptr<safe_browsing::PrefixSet>* prefix_set_getter, | 386 scoped_ptr<const safe_browsing::PrefixSet>* prefix_set_getter, |
| 387 std::vector<SBPrefix>* prefix_hits, | 387 std::vector<SBPrefix>* prefix_hits, |
| 388 std::vector<SBFullHashResult>* cache_hits); | 388 std::vector<SBFullHashResult>* cache_hits); |
| 389 | 389 |
| 390 // Returns true if the whitelist is disabled or if any of the given hashes | 390 // Returns true if the whitelist is disabled or if any of the given hashes |
| 391 // matches the whitelist. | 391 // matches the whitelist. |
| 392 bool ContainsWhitelistedHashes(const SBWhitelist& whitelist, | 392 bool ContainsWhitelistedHashes(const SBWhitelist& whitelist, |
| 393 const std::vector<SBFullHash>& hashes); | 393 const std::vector<SBFullHash>& hashes); |
| 394 | 394 |
| 395 // Return the browse_store_, download_store_, download_whitelist_store or | 395 // Return the browse_store_, download_store_, download_whitelist_store or |
| 396 // csd_whitelist_store_ based on list_id. | 396 // csd_whitelist_store_ based on list_id. |
| 397 SafeBrowsingStore* GetStore(int list_id); | 397 SafeBrowsingStore* GetStore(int list_id); |
| 398 | 398 |
| 399 // Deletes the files on disk. | 399 // Deletes the files on disk. |
| 400 bool Delete(); | 400 bool Delete(); |
| 401 | 401 |
| 402 // Load the prefix set in "|db_filename| Prefix Set" off disk, if available, | 402 // Load the prefix set in "|db_filename| Prefix Set" off disk, if available, |
| 403 // and stores it in |prefix_set|. |read_failure_type| provides a | 403 // and stores it in |prefix_set|. |read_failure_type| provides a |
| 404 // caller-specific error code to be used on failure. | 404 // caller-specific error code to be used on failure. |
| 405 void LoadPrefixSet(const base::FilePath& db_filename, | 405 void LoadPrefixSet(const base::FilePath& db_filename, |
| 406 scoped_ptr<safe_browsing::PrefixSet>* prefix_set, | 406 scoped_ptr<const safe_browsing::PrefixSet>* prefix_set, |
| 407 FailureType read_failure_type); | 407 FailureType read_failure_type); |
| 408 | 408 |
| 409 // Writes the current prefix set "|db_filename| Prefix Set" on disk. | 409 // Writes the current prefix set "|db_filename| Prefix Set" on disk. |
| 410 // |write_failure_type| provides a caller-specific error code to be used on | 410 // |write_failure_type| provides a caller-specific error code to be used on |
| 411 // failure. | 411 // failure. |
| 412 void WritePrefixSet(const base::FilePath& db_filename, | 412 void WritePrefixSet(const base::FilePath& db_filename, |
| 413 safe_browsing::PrefixSet* prefix_set, | 413 const safe_browsing::PrefixSet* prefix_set, |
| 414 FailureType write_failure_type); | 414 FailureType write_failure_type); |
| 415 | 415 |
| 416 // Loads the given full-length hashes to the given whitelist. If the number | 416 // Loads the given full-length hashes to the given whitelist. If the number |
| 417 // of hashes is too large or if the kill switch URL is on the whitelist | 417 // of hashes is too large or if the kill switch URL is on the whitelist |
| 418 // we will whitelist everything. | 418 // we will whitelist everything. |
| 419 void LoadWhitelist(const std::vector<SBAddFullHash>& full_hashes, | 419 void LoadWhitelist(const std::vector<SBAddFullHash>& full_hashes, |
| 420 SBWhitelist* whitelist); | 420 SBWhitelist* whitelist); |
| 421 | 421 |
| 422 // Call this method if an error occured with the given whitelist. This will | 422 // Call this method if an error occured with the given whitelist. This will |
| 423 // result in all lookups to the whitelist to return true. | 423 // result in all lookups to the whitelist to return true. |
| (...skipping 21 matching lines...) Expand all Loading... |
| 445 const SBChunkData& chunk); | 445 const SBChunkData& chunk); |
| 446 | 446 |
| 447 // Returns the size in bytes of the store after the update. | 447 // Returns the size in bytes of the store after the update. |
| 448 int64 UpdateHashPrefixStore(const base::FilePath& store_filename, | 448 int64 UpdateHashPrefixStore(const base::FilePath& store_filename, |
| 449 SafeBrowsingStore* store, | 449 SafeBrowsingStore* store, |
| 450 FailureType failure_type); | 450 FailureType failure_type); |
| 451 | 451 |
| 452 // Updates a PrefixStore store for URLs (|url_store|) which is backed on disk | 452 // Updates a PrefixStore store for URLs (|url_store|) which is backed on disk |
| 453 // by a "|db_filename| Prefix Set" file. Specific failure types are provided | 453 // by a "|db_filename| Prefix Set" file. Specific failure types are provided |
| 454 // to highlight the specific store who made the initial request on failure. | 454 // to highlight the specific store who made the initial request on failure. |
| 455 void UpdatePrefixSetUrlStore(const base::FilePath& db_filename, | 455 void UpdatePrefixSetUrlStore( |
| 456 SafeBrowsingStore* url_store, | 456 const base::FilePath& db_filename, |
| 457 scoped_ptr<safe_browsing::PrefixSet>* prefix_set, | 457 SafeBrowsingStore* url_store, |
| 458 FailureType finish_failure_type, | 458 scoped_ptr<const safe_browsing::PrefixSet>* prefix_set, |
| 459 FailureType write_failure_type); | 459 FailureType finish_failure_type, |
| 460 FailureType write_failure_type); |
| 460 | 461 |
| 461 void UpdateUrlStore(SafeBrowsingStore* url_store, | 462 void UpdateUrlStore(SafeBrowsingStore* url_store, |
| 462 scoped_ptr<safe_browsing::PrefixSet>* prefix_set, | 463 scoped_ptr<const safe_browsing::PrefixSet>* prefix_set, |
| 463 FailureType failure_type); | 464 FailureType failure_type); |
| 464 | 465 |
| 465 void UpdateSideEffectFreeWhitelistStore(); | 466 void UpdateSideEffectFreeWhitelistStore(); |
| 466 void UpdateWhitelistStore(const base::FilePath& store_filename, | 467 void UpdateWhitelistStore(const base::FilePath& store_filename, |
| 467 SafeBrowsingStore* store, | 468 SafeBrowsingStore* store, |
| 468 SBWhitelist* whitelist); | 469 SBWhitelist* whitelist); |
| 469 void UpdateIpBlacklistStore(); | 470 void UpdateIpBlacklistStore(); |
| 470 | 471 |
| 471 // Used to verify that various calls are made from the thread the | 472 // Used to verify that various calls are made from the thread the |
| 472 // object was created on. | 473 // object was created on. |
| (...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 522 | 523 |
| 523 // Set if corruption is detected during the course of an update. | 524 // Set if corruption is detected during the course of an update. |
| 524 // Causes the update functions to fail with no side effects, until | 525 // Causes the update functions to fail with no side effects, until |
| 525 // the next call to |UpdateStarted()|. | 526 // the next call to |UpdateStarted()|. |
| 526 bool corruption_detected_; | 527 bool corruption_detected_; |
| 527 | 528 |
| 528 // Set to true if any chunks are added or deleted during an update. | 529 // Set to true if any chunks are added or deleted during an update. |
| 529 // Used to optimize away database update. | 530 // Used to optimize away database update. |
| 530 bool change_detected_; | 531 bool change_detected_; |
| 531 | 532 |
| 532 // Used to check if a prefix was in the browse database. | 533 // PrefixSets to speed up lookups for particularly large lists. The PrefixSet |
| 533 scoped_ptr<safe_browsing::PrefixSet> browse_prefix_set_; | 534 // themselves are never modified, instead a new one is swapped in on update |
| 534 | 535 // while holding |lookup_lock_|. Any thread other than this class' main thread |
| 535 // Used to check if a prefix was in the side-effect free whitelist database. | 536 // (which handles updates) must hold |lookup_lock_| before reading from these |
| 536 scoped_ptr<safe_browsing::PrefixSet> side_effect_free_whitelist_prefix_set_; | 537 // sets. |
| 537 | 538 // TODO(gab): Enforce this by design. |
| 538 // Used to check if a prexfix was in the unwanted software database. | 539 scoped_ptr<const safe_browsing::PrefixSet> browse_prefix_set_; |
| 539 scoped_ptr<safe_browsing::PrefixSet> unwanted_software_prefix_set_; | 540 scoped_ptr<const safe_browsing::PrefixSet> |
| 541 side_effect_free_whitelist_prefix_set_; |
| 542 scoped_ptr<const safe_browsing::PrefixSet> unwanted_software_prefix_set_; |
| 540 | 543 |
| 541 // Used to schedule resetting the database because of corruption. | 544 // Used to schedule resetting the database because of corruption. |
| 542 base::WeakPtrFactory<SafeBrowsingDatabaseNew> reset_factory_; | 545 base::WeakPtrFactory<SafeBrowsingDatabaseNew> reset_factory_; |
| 543 }; | 546 }; |
| 544 | 547 |
| 545 #endif // CHROME_BROWSER_SAFE_BROWSING_SAFE_BROWSING_DATABASE_H_ | 548 #endif // CHROME_BROWSER_SAFE_BROWSING_SAFE_BROWSING_DATABASE_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 781613002:
Make SafeBrowsingDatabase's PrefixSets only updatable by swapping a new one in. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@a2_threadchecks