// contain SB_THREAT_TYPE_SAFE.
std::vector<GURL> urls;
std::vector<SBThreatType> url_results;
+ std::vector<std::string> url_metadata;
std::vector<SBFullHash> full_hashes;
std::vector<SBThreatType> full_hash_results;
safe_browsing_util::ListType check_type; // See comment in constructor.
std::vector<SBThreatType> expected_threats;
std::vector<SBPrefix> prefix_hits;
- std::vector<SBFullHashResult> full_hits;
+ std::vector<SBFullHashResult> cache_hits;
// Vends weak pointers for TimeoutCallback(). If the response is
// received before the timeout fires, factory is destructed and
// Called when the result of checking a browse URL is known.
virtual void OnCheckBrowseUrlResult(const GURL& url,
- SBThreatType threat_type) {}
+ SBThreatType threat_type,
+ const std::string& metadata) {}
// Called when the result of checking a download URL is known.
virtual void OnCheckDownloadUrlResult(const std::vector<GURL>& url_chain,
SBThreatType threat_type) {}
- // Called when the result of checking a download binary hash is known.
- virtual void OnCheckDownloadHashResult(const std::string& hash,
- SBThreatType threat_type) {}
-
// Called when the result of checking a set of extensions is known.
virtual void OnCheckExtensionsResult(
const std::set<std::string>& threats) {}
virtual bool CheckDownloadUrl(const std::vector<GURL>& url_chain,
Client* client);
- // Check if the prefix for |full_hash| is in safebrowsing binhash add lists.
- // Result will be passed to callback in |client|.
- virtual bool CheckDownloadHash(const std::string& full_hash, Client* client);
-
// Check which prefixes in |extension_ids| are in the safebrowsing blacklist.
// Returns true if not, false if further checks need to be made in which case
// the result will be passed to |client|.
// Check if the CSD malware IP matching kill switch is turned on.
virtual bool IsMalwareKillSwitchOn();
+ // Check if the CSD whitelist kill switch is turned on.
+ virtual bool IsCsdWhitelistKillSwitchOn();
+
// Called on the IO thread to cancel a pending check if the result is no
// longer needed.
void CancelCheck(Client* client);
// Called on the IO thread when the SafeBrowsingProtocolManager has received
// the full hash results for prefix hits detected in the database.
- void HandleGetHashResults(
- SafeBrowsingCheck* check,
- const std::vector<SBFullHashResult>& full_hashes,
- bool can_cache);
-
- // Called on the IO thread to release memory.
- void PurgeMemory();
+ void HandleGetHashResults(SafeBrowsingCheck* check,
+ const std::vector<SBFullHashResult>& full_hashes,
+ const base::TimeDelta& cache_lifetime);
// Log the user perceived delay caused by SafeBrowsing. This delay is the time
// delta starting from when we would have started reading data from the
void StopOnIOThread(bool shutdown);
protected:
- virtual ~SafeBrowsingDatabaseManager();
+ ~SafeBrowsingDatabaseManager() override;
// protected for tests.
void NotifyDatabaseUpdateFinished(bool update_succeeded);
friend class SafeBrowsingServiceTest;
friend class SafeBrowsingServiceTestHelper;
friend class SafeBrowsingDatabaseManagerTest;
+ FRIEND_TEST_ALL_PREFIXES(SafeBrowsingDatabaseManagerTest,
+ GetUrlSeverestThreatType);
typedef std::set<SafeBrowsingCheck*> CurrentChecks;
typedef std::vector<SafeBrowsingCheck*> GetHashRequestors;
base::TimeTicks start; // When check was queued.
};
+ // Return the threat type of the severest entry in |full_hashes| which matches
+ // |hash|, or SAFE if none match.
+ static SBThreatType GetHashSeverestThreatType(
+ const SBFullHash& hash,
+ const std::vector<SBFullHashResult>& full_hashes);
+
+ // Given a URL, compare all the possible host + path full hashes to the set of
+ // provided full hashes. Returns the threat type of the severest matching
+ // result from |full_hashes|, or SAFE if none match.
+ static SBThreatType GetUrlSeverestThreatType(
+ const GURL& url,
+ const std::vector<SBFullHashResult>& full_hashes,
+ size_t* index);
+
// Called to stop operations on the io_thread. This may be called multiple
// times during the life of the DatabaseManager. Should be called on IO
// thread.
// db thread can call GetDatabase() directly.
bool MakeDatabaseAvailable();
- // Called on the IO thread to try to close the database, freeing the memory
- // associated with it. The database will be automatically reopened as needed.
- //
- // NOTE: Actual database closure is asynchronous, and until it happens, the IO
- // thread is not allowed to access it; may not actually trigger a close if one
- // is already pending or doing so would cause problems.
- void CloseDatabase();
-
// Should only be called on db thread as SafeBrowsingDatabase is not
// threadsafe.
SafeBrowsingDatabase* GetDatabase();
void DatabaseLoadComplete();
// Called on the database thread to add/remove chunks and host keys.
- // Callee will free the data when it's done.
- void AddDatabaseChunks(const std::string& list, SBChunkList* chunks,
+ void AddDatabaseChunks(const std::string& list,
+ scoped_ptr<ScopedVector<SBChunkData> > chunks,
AddChunksCallback callback);
- void DeleteDatabaseChunks(std::vector<SBChunkDelete>* chunk_deletes);
-
- static SBThreatType GetThreatTypeFromListname(const std::string& list_name);
+ void DeleteDatabaseChunks(
+ scoped_ptr<std::vector<SBChunkDelete> > chunk_deletes);
void NotifyClientBlockingComplete(Client* client, bool proceed);
// database is a synchronous operation.
void OnResetDatabase();
- // Store in-memory the GetHash response. Runs on the database thread.
- void CacheHashResults(const std::vector<SBPrefix>& prefixes,
- const std::vector<SBFullHashResult>& full_hashes);
-
// Internal worker function for processing full hashes.
void OnHandleGetHashResults(SafeBrowsingCheck* check,
const std::vector<SBFullHashResult>& full_hashes);
bool HandleOneCheck(SafeBrowsingCheck* check,
const std::vector<SBFullHashResult>& full_hashes);
- // Checks the download hash on safe_browsing_thread_.
- void CheckDownloadHashOnSBThread(SafeBrowsingCheck* check);
-
// Invoked by CheckDownloadUrl. It checks the download URL on
// safe_browsing_thread_.
void CheckDownloadUrlOnSBThread(SafeBrowsingCheck* check);
// Calls the Client's callback on IO thread after CheckDownloadUrl finishes.
void CheckDownloadUrlDone(SafeBrowsingCheck* check);
- // Calls the Client's callback on IO thread after CheckDownloadHash finishes.
- void CheckDownloadHashDone(SafeBrowsingCheck* check);
-
// Checks all extension ID hashes on safe_browsing_thread_.
void CheckExtensionIDsOnSBThread(SafeBrowsingCheck* check);
const base::Closure& task);
// SafeBrowsingProtocolManageDelegate override
- virtual void ResetDatabase() OVERRIDE;
- virtual void UpdateStarted() OVERRIDE;
- virtual void UpdateFinished(bool success) OVERRIDE;
- virtual void GetChunks(GetChunksCallback callback) OVERRIDE;
- virtual void AddChunks(const std::string& list, SBChunkList* chunks,
- AddChunksCallback callback) OVERRIDE;
- virtual void DeleteChunks(
- std::vector<SBChunkDelete>* delete_chunks) OVERRIDE;
+ void ResetDatabase() override;
+ void UpdateStarted() override;
+ void UpdateFinished(bool success) override;
+ void GetChunks(GetChunksCallback callback) override;
+ void AddChunks(const std::string& list,
+ scoped_ptr<ScopedVector<SBChunkData>> chunks,
+ AddChunksCallback callback) override;
+ void DeleteChunks(
+ scoped_ptr<std::vector<SBChunkDelete>> chunk_deletes) override;
scoped_refptr<SafeBrowsingService> sb_service_;
// Indicate if the csd malware IP blacklist should be enabled.
bool enable_ip_blacklist_;
+ // Indicate if the unwanted software blacklist should be enabled.
+ bool enable_unwanted_software_blacklist_;
+
// The SafeBrowsing thread that runs database operations.
//
// Note: Functions that run on this thread should run synchronously and return