chrome/browser/safe_browsing/certificate_reporting_service.cc - chromium/src.git - Git at Google

 // Copyright 2016 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 #include "chrome/browser/safe_browsing/certificate_reporting_service.h"

 #include "base/bind.h"
 #include "base/bind_helpers.h"
 #include "base/metrics/histogram_functions.h"
 #include "base/metrics/histogram_macros.h"
 #include "base/time/clock.h"
 #include "chrome/browser/browser_process.h"
 #include "chrome/browser/profiles/profile.h"
 #include "chrome/browser/safe_browsing/safe_browsing_service.h"
 #include "chrome/browser/ssl/certificate_error_report.h"
 #include "components/prefs/pref_service.h"
 #include "components/safe_browsing/common/safe_browsing_prefs.h"
 #include "content/public/browser/browser_thread.h"
 #include "services/network/public/cpp/shared_url_loader_factory.h"

 namespace {

 // URL to upload invalid certificate chain reports. An HTTP URL is used because
 // a client seeing an invalid cert might not be able to make an HTTPS connection
 // to report it.
 const char kExtendedReportingUploadUrl[] =
     "http://safebrowsing.googleusercontent.com/safebrowsing/clientreport/"
     "chrome-certs";

 // Compare function that orders Reports in reverse chronological order (i.e.
 // oldest item is last).
 bool ReportCompareFunc(const CertificateReportingService::Report& item1,
                        const CertificateReportingService::Report& item2) {
   return item1.creation_time > item2.creation_time;
 }

 // Records an UMA histogram of the net errors when certificate reports
 // fail to send.
 void RecordUMAOnFailure(int net_error) {
   base::UmaHistogramSparse("SSL.CertificateErrorReportFailure", -net_error);
 }

 void RecordUMAEvent(CertificateReportingService::ReportOutcome outcome) {
   UMA_HISTOGRAM_ENUMERATION(
       CertificateReportingService::kReportEventHistogram, outcome,
       CertificateReportingService::ReportOutcome::EVENT_COUNT);
 }

 }  // namespace

 const char CertificateReportingService::kReportEventHistogram[] =
     "SSL.CertificateErrorReportEvent";

 CertificateReportingService::BoundedReportList::BoundedReportList(
     size_t max_size)
     : max_size_(max_size) {
   CHECK(max_size <= 20)
       << "Current implementation is not efficient for a large list.";
   DCHECK(thread_checker_.CalledOnValidThread());
 }

 CertificateReportingService::BoundedReportList::~BoundedReportList() {}

 void CertificateReportingService::BoundedReportList::Add(const Report& item) {
   DCHECK(thread_checker_.CalledOnValidThread());
   DCHECK(items_.size() <= max_size_);
   if (items_.size() == max_size_) {
     const Report& last = items_.back();
     if (item.creation_time <= last.creation_time) {
       // Report older than the oldest item in the queue, ignore.
       RecordUMAEvent(ReportOutcome::DROPPED_OR_IGNORED);
       return;
     }
     // Reached the maximum item count, remove the oldest item.
     items_.pop_back();
     RecordUMAEvent(ReportOutcome::DROPPED_OR_IGNORED);
   }
   items_.push_back(item);
   std::sort(items_.begin(), items_.end(), ReportCompareFunc);
 }

 void CertificateReportingService::BoundedReportList::Clear() {
   items_.clear();
 }

 const std::vector<CertificateReportingService::Report>&
 CertificateReportingService::BoundedReportList::items() const {
   DCHECK(thread_checker_.CalledOnValidThread());
   return items_;
 }

 CertificateReportingService::Reporter::Reporter(
     std::unique_ptr<CertificateErrorReporter> error_reporter,
     std::unique_ptr<BoundedReportList> retry_list,
     base::Clock* clock,
     base::TimeDelta report_ttl,
     bool retries_enabled)
     : error_reporter_(std::move(error_reporter)),
       retry_list_(std::move(retry_list)),
       clock_(clock),
       report_ttl_(report_ttl),
       retries_enabled_(retries_enabled),
       current_report_id_(0),
       weak_factory_(this) {}

 CertificateReportingService::Reporter::~Reporter() {}

 void CertificateReportingService::Reporter::Send(
     const std::string& serialized_report) {
   SendInternal(Report(current_report_id_++, clock_->Now(), serialized_report));
 }

 void CertificateReportingService::Reporter::SendPending() {
   if (!retries_enabled_) {
     return;
   }
   const base::Time now = clock_->Now();
   // Copy pending reports and clear the retry list.
   std::vector<Report> items = retry_list_->items();
   retry_list_->Clear();
   for (Report& report : items) {
     if (report.creation_time < now - report_ttl_) {
       // Report too old, ignore.
       RecordUMAEvent(ReportOutcome::DROPPED_OR_IGNORED);
       continue;
     }
     if (!report.is_retried) {
       // If this is the first retry, deserialize the report, set its retry bit
       // and serialize again.
       CertificateErrorReport error_report;
       CHECK(error_report.InitializeFromString(report.serialized_report));
       error_report.SetIsRetryUpload(true);
       CHECK(error_report.Serialize(&report.serialized_report));
     }
     report.is_retried = true;
     SendInternal(report);
   }
 }

 size_t
 CertificateReportingService::Reporter::inflight_report_count_for_testing()
     const {
   return inflight_reports_.size();
 }

 CertificateReportingService::BoundedReportList*
 CertificateReportingService::Reporter::GetQueueForTesting() const {
   return retry_list_.get();
 }

 void CertificateReportingService::Reporter::
     SetClosureWhenNoInflightReportsForTesting(const base::Closure& closure) {
   no_in_flight_reports_ = closure;
 }

 void CertificateReportingService::Reporter::SendInternal(
     const CertificateReportingService::Report& report) {
   inflight_reports_.insert(std::make_pair(report.report_id, report));
   RecordUMAEvent(ReportOutcome::SUBMITTED);
   error_reporter_->SendExtendedReportingReport(
       report.serialized_report,
       base::BindOnce(&CertificateReportingService::Reporter::SuccessCallback,
                      weak_factory_.GetWeakPtr(), report.report_id),
       base::BindOnce(&CertificateReportingService::Reporter::ErrorCallback,
                      weak_factory_.GetWeakPtr(), report.report_id));
 }

 void CertificateReportingService::Reporter::ErrorCallback(
     int report_id,
     int net_error,
     int http_response_code) {
   RecordUMAOnFailure(net_error);
   RecordUMAEvent(ReportOutcome::FAILED);
   if (retries_enabled_) {
     auto it = inflight_reports_.find(report_id);
     DCHECK(it != inflight_reports_.end());
     retry_list_->Add(it->second);
   }
   CHECK_GT(inflight_reports_.erase(report_id), 0u);
   if (inflight_reports_.empty() && no_in_flight_reports_)
     no_in_flight_reports_.Run();
 }

 void CertificateReportingService::Reporter::SuccessCallback(int report_id) {
   RecordUMAEvent(ReportOutcome::SUCCESSFUL);
   CHECK_GT(inflight_reports_.erase(report_id), 0u);
   if (inflight_reports_.empty() && no_in_flight_reports_)
     no_in_flight_reports_.Run();
 }

 CertificateReportingService::CertificateReportingService(
     safe_browsing::SafeBrowsingService* safe_browsing_service,
     scoped_refptr<network::SharedURLLoaderFactory> url_loader_factory,
     Profile* profile,
     uint8_t server_public_key[/* 32 */],
     uint32_t server_public_key_version,
     size_t max_queued_report_count,
     base::TimeDelta max_report_age,
     base::Clock* clock,
     const base::Callback<void()>& reset_callback)
     : pref_service_(*profile->GetPrefs()),
       url_loader_factory_(url_loader_factory),
       max_queued_report_count_(max_queued_report_count),
       max_report_age_(max_report_age),
       clock_(clock),
       reset_callback_(reset_callback),
       server_public_key_(server_public_key),
       server_public_key_version_(server_public_key_version) {
   DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
   DCHECK(clock_);

   // Subscribe to SafeBrowsing preference change notifications.
   safe_browsing_state_subscription_ =
       safe_browsing_service->RegisterStateCallback(
           base::Bind(&CertificateReportingService::OnPreferenceChanged,
                      base::Unretained(this)));

   Reset(true);
   reset_callback_.Run();
 }

 CertificateReportingService::~CertificateReportingService() {
   DCHECK(!reporter_);
 }

 void CertificateReportingService::Shutdown() {
   reporter_.reset();
 }

 void CertificateReportingService::Send(const std::string& serialized_report) {
   DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
   if (reporter_)
     reporter_->Send(serialized_report);
 }

 void CertificateReportingService::SendPending() {
   DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
   if (reporter_)
     reporter_->SendPending();
 }

 void CertificateReportingService::SetEnabled(bool enabled) {
   DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
   Reset(enabled);
   reset_callback_.Run();
 }

 CertificateReportingService::Reporter*
 CertificateReportingService::GetReporterForTesting() const {
   return reporter_.get();
 }

 // static
 GURL CertificateReportingService::GetReportingURLForTesting() {
   return GURL(kExtendedReportingUploadUrl);
 }

 void CertificateReportingService::Reset(bool enabled) {
   DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
   if (!enabled) {
     reporter_.reset();
     return;
   }
   std::unique_ptr<CertificateErrorReporter> error_reporter;
   if (server_public_key_) {
     error_reporter.reset(new CertificateErrorReporter(
         url_loader_factory_, GURL(kExtendedReportingUploadUrl),
         server_public_key_, server_public_key_version_));
   } else {
     error_reporter.reset(new CertificateErrorReporter(
         url_loader_factory_, GURL(kExtendedReportingUploadUrl)));
   }
   reporter_.reset(
       new Reporter(std::move(error_reporter),
                    std::unique_ptr<BoundedReportList>(
                        new BoundedReportList(max_queued_report_count_)),
                    clock_, max_report_age_, true /* retries_enabled */));
 }

 void CertificateReportingService::OnPreferenceChanged() {
   safe_browsing::SafeBrowsingService* safe_browsing_service_ =
       g_browser_process->safe_browsing_service();
   const bool enabled = safe_browsing_service_ &&
                        safe_browsing_service_->enabled_by_prefs() &&
                        safe_browsing::IsExtendedReportingEnabled(pref_service_);
   SetEnabled(enabled);
 }
	// Copyright 2016 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.
	#include "chrome/browser/safe_browsing/certificate_reporting_service.h"

	#include "base/bind.h"
	#include "base/bind_helpers.h"
	#include "base/metrics/histogram_functions.h"
	#include "base/metrics/histogram_macros.h"
	#include "base/time/clock.h"
	#include "chrome/browser/browser_process.h"
	#include "chrome/browser/profiles/profile.h"
	#include "chrome/browser/safe_browsing/safe_browsing_service.h"
	#include "chrome/browser/ssl/certificate_error_report.h"
	#include "components/prefs/pref_service.h"
	#include "components/safe_browsing/common/safe_browsing_prefs.h"
	#include "content/public/browser/browser_thread.h"
	#include "services/network/public/cpp/shared_url_loader_factory.h"

	namespace {

	// URL to upload invalid certificate chain reports. An HTTP URL is used because
	// a client seeing an invalid cert might not be able to make an HTTPS connection
	// to report it.
	const char kExtendedReportingUploadUrl[] =
	"http://safebrowsing.googleusercontent.com/safebrowsing/clientreport/"
	"chrome-certs";

	// Compare function that orders Reports in reverse chronological order (i.e.
	// oldest item is last).
	bool ReportCompareFunc(const CertificateReportingService::Report& item1,
	const CertificateReportingService::Report& item2) {
	return item1.creation_time > item2.creation_time;
	}

	// Records an UMA histogram of the net errors when certificate reports
	// fail to send.
	void RecordUMAOnFailure(int net_error) {
	base::UmaHistogramSparse("SSL.CertificateErrorReportFailure", -net_error);
	}

	void RecordUMAEvent(CertificateReportingService::ReportOutcome outcome) {
	UMA_HISTOGRAM_ENUMERATION(
	CertificateReportingService::kReportEventHistogram, outcome,
	CertificateReportingService::ReportOutcome::EVENT_COUNT);
	}

	} // namespace

	const char CertificateReportingService::kReportEventHistogram[] =
	"SSL.CertificateErrorReportEvent";

	CertificateReportingService::BoundedReportList::BoundedReportList(
	size_t max_size)
	: max_size_(max_size) {
	CHECK(max_size <= 20)
	<< "Current implementation is not efficient for a large list.";
	DCHECK(thread_checker_.CalledOnValidThread());
	}

	CertificateReportingService::BoundedReportList::~BoundedReportList() {}

	void CertificateReportingService::BoundedReportList::Add(const Report& item) {
	DCHECK(thread_checker_.CalledOnValidThread());
	DCHECK(items_.size() <= max_size_);
	if (items_.size() == max_size_) {
	const Report& last = items_.back();
	if (item.creation_time <= last.creation_time) {
	// Report older than the oldest item in the queue, ignore.
	RecordUMAEvent(ReportOutcome::DROPPED_OR_IGNORED);
	return;
	}
	// Reached the maximum item count, remove the oldest item.
	items_.pop_back();
	RecordUMAEvent(ReportOutcome::DROPPED_OR_IGNORED);
	}
	items_.push_back(item);
	std::sort(items_.begin(), items_.end(), ReportCompareFunc);
	}

	void CertificateReportingService::BoundedReportList::Clear() {
	items_.clear();
	}

	const std::vector<CertificateReportingService::Report>&
	CertificateReportingService::BoundedReportList::items() const {
	DCHECK(thread_checker_.CalledOnValidThread());
	return items_;
	}

	CertificateReportingService::Reporter::Reporter(
	std::unique_ptr<CertificateErrorReporter> error_reporter,
	std::unique_ptr<BoundedReportList> retry_list,
	base::Clock* clock,
	base::TimeDelta report_ttl,
	bool retries_enabled)
	: error_reporter_(std::move(error_reporter)),
	retry_list_(std::move(retry_list)),
	clock_(clock),
	report_ttl_(report_ttl),
	retries_enabled_(retries_enabled),
	current_report_id_(0),
	weak_factory_(this) {}

	CertificateReportingService::Reporter::~Reporter() {}

	void CertificateReportingService::Reporter::Send(
	const std::string& serialized_report) {
	SendInternal(Report(current_report_id_++, clock_->Now(), serialized_report));
	}

	void CertificateReportingService::Reporter::SendPending() {
	if (!retries_enabled_) {
	return;
	}
	const base::Time now = clock_->Now();
	// Copy pending reports and clear the retry list.
	std::vector<Report> items = retry_list_->items();
	retry_list_->Clear();
	for (Report& report : items) {
	if (report.creation_time < now - report_ttl_) {
	// Report too old, ignore.
	RecordUMAEvent(ReportOutcome::DROPPED_OR_IGNORED);
	continue;
	}
	if (!report.is_retried) {
	// If this is the first retry, deserialize the report, set its retry bit
	// and serialize again.
	CertificateErrorReport error_report;
	CHECK(error_report.InitializeFromString(report.serialized_report));
	error_report.SetIsRetryUpload(true);
	CHECK(error_report.Serialize(&report.serialized_report));
	}
	report.is_retried = true;
	SendInternal(report);
	}
	}

	size_t
	CertificateReportingService::Reporter::inflight_report_count_for_testing()
	const {
	return inflight_reports_.size();
	}

	CertificateReportingService::BoundedReportList*
	CertificateReportingService::Reporter::GetQueueForTesting() const {
	return retry_list_.get();
	}

	void CertificateReportingService::Reporter::
	SetClosureWhenNoInflightReportsForTesting(const base::Closure& closure) {
	no_in_flight_reports_ = closure;
	}

	void CertificateReportingService::Reporter::SendInternal(
	const CertificateReportingService::Report& report) {
	inflight_reports_.insert(std::make_pair(report.report_id, report));
	RecordUMAEvent(ReportOutcome::SUBMITTED);
	error_reporter_->SendExtendedReportingReport(
	report.serialized_report,
	base::BindOnce(&CertificateReportingService::Reporter::SuccessCallback,
	weak_factory_.GetWeakPtr(), report.report_id),
	base::BindOnce(&CertificateReportingService::Reporter::ErrorCallback,
	weak_factory_.GetWeakPtr(), report.report_id));
	}

	void CertificateReportingService::Reporter::ErrorCallback(
	int report_id,
	int net_error,
	int http_response_code) {
	RecordUMAOnFailure(net_error);
	RecordUMAEvent(ReportOutcome::FAILED);
	if (retries_enabled_) {
	auto it = inflight_reports_.find(report_id);
	DCHECK(it != inflight_reports_.end());
	retry_list_->Add(it->second);
	}
	CHECK_GT(inflight_reports_.erase(report_id), 0u);
	if (inflight_reports_.empty() && no_in_flight_reports_)
	no_in_flight_reports_.Run();
	}

	void CertificateReportingService::Reporter::SuccessCallback(int report_id) {
	RecordUMAEvent(ReportOutcome::SUCCESSFUL);
	CHECK_GT(inflight_reports_.erase(report_id), 0u);
	if (inflight_reports_.empty() && no_in_flight_reports_)
	no_in_flight_reports_.Run();
	}

	CertificateReportingService::CertificateReportingService(
	safe_browsing::SafeBrowsingService* safe_browsing_service,
	scoped_refptr<network::SharedURLLoaderFactory> url_loader_factory,
	Profile* profile,
	uint8_t server_public_key[/* 32 */],
	uint32_t server_public_key_version,
	size_t max_queued_report_count,
	base::TimeDelta max_report_age,
	base::Clock* clock,
	const base::Callback<void()>& reset_callback)
	: pref_service_(*profile->GetPrefs()),
	url_loader_factory_(url_loader_factory),
	max_queued_report_count_(max_queued_report_count),
	max_report_age_(max_report_age),
	clock_(clock),
	reset_callback_(reset_callback),
	server_public_key_(server_public_key),
	server_public_key_version_(server_public_key_version) {
	DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
	DCHECK(clock_);

	// Subscribe to SafeBrowsing preference change notifications.
	safe_browsing_state_subscription_ =
	safe_browsing_service->RegisterStateCallback(
	base::Bind(&CertificateReportingService::OnPreferenceChanged,
	base::Unretained(this)));

	Reset(true);
	reset_callback_.Run();
	}

	CertificateReportingService::~CertificateReportingService() {
	DCHECK(!reporter_);
	}

	void CertificateReportingService::Shutdown() {
	reporter_.reset();
	}

	void CertificateReportingService::Send(const std::string& serialized_report) {
	DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
	if (reporter_)
	reporter_->Send(serialized_report);
	}

	void CertificateReportingService::SendPending() {
	DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
	if (reporter_)
	reporter_->SendPending();
	}

	void CertificateReportingService::SetEnabled(bool enabled) {
	DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
	Reset(enabled);
	reset_callback_.Run();
	}

	CertificateReportingService::Reporter*
	CertificateReportingService::GetReporterForTesting() const {
	return reporter_.get();
	}

	// static
	GURL CertificateReportingService::GetReportingURLForTesting() {
	return GURL(kExtendedReportingUploadUrl);
	}

	void CertificateReportingService::Reset(bool enabled) {
	DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
	if (!enabled) {
	reporter_.reset();
	return;
	}
	std::unique_ptr<CertificateErrorReporter> error_reporter;
	if (server_public_key_) {
	error_reporter.reset(new CertificateErrorReporter(
	url_loader_factory_, GURL(kExtendedReportingUploadUrl),
	server_public_key_, server_public_key_version_));
	} else {
	error_reporter.reset(new CertificateErrorReporter(
	url_loader_factory_, GURL(kExtendedReportingUploadUrl)));
	}
	reporter_.reset(
	new Reporter(std::move(error_reporter),
	std::unique_ptr<BoundedReportList>(
	new BoundedReportList(max_queued_report_count_)),
	clock_, max_report_age_, true /* retries_enabled */));
	}

	void CertificateReportingService::OnPreferenceChanged() {
	safe_browsing::SafeBrowsingService* safe_browsing_service_ =
	g_browser_process->safe_browsing_service();
	const bool enabled = safe_browsing_service_ &&
	safe_browsing_service_->enabled_by_prefs() &&
	safe_browsing::IsExtendedReportingEnabled(pref_service_);
	SetEnabled(enabled);
	}