net: Implement DNS certificate provenance check uploads.

BUG=none
TEST=none

http://codereview.chromium.org/4830001

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@67275 0039d316-1c4b-4281-b951-d872f2087c98

3 files changed, 47 insertions, 5 deletions

diff --git a/net/socket/dns_cert_provenance_checker.cc b/net/socket/dns_cert_provenance_checker.cc
index 97265f1..27c4982 100644
--- a/net/socket/dns_cert_provenance_checker.cc
+++ b/net/socket/dns_cert_provenance_checker.cc
@@ -13,6 +13,7 @@
 #include <pk11pub.h>
 #include <sechash.h>
 
+#include <set>
 #include <string>
 
 #include "base/basictypes.h"
@@ -21,6 +22,7 @@
 #include "base/non_thread_safe.h"
 #include "base/pickle.h"
 #include "base/scoped_ptr.h"
+#include "base/singleton.h"
 #include "net/base/completion_callback.h"
 #include "net/base/dns_util.h"
 #include "net/base/dnsrr_resolver.h"
@@ -43,6 +45,40 @@ const uint8 kServerPublicKey[] = {
   0x6c, 0x2e, 0xfb, 0x32, 0x42, 0x27, 0xe4, 0x23, 0xea, 0xcd, 0x81, 0x62, 0xc1,
 };
 
+const unsigned kMaxUploadsPerSession = 10;
+
+// DnsCertLimits is a singleton class which keeps track of which hosts we have
+// uploaded reports for in this session. Since some users will be behind MITM
+// proxies, they would otherwise upload for every host and we don't wish to
+// spam the upload server.
+class DnsCertLimits {
+ public:
+  DnsCertLimits() { }
+
+  // HaveReachedMaxUploads returns true iff we have uploaded the maximum number
+  // of DNS certificate reports for this session.
+  bool HaveReachedMaxUploads() {
+    return uploaded_hostnames_.size() >= kMaxUploadsPerSession;
+  }
+
+  // HaveReachedMaxUploads returns true iff we have already uploaded a report
+  // about the given hostname in this session.
+  bool HaveUploadedForHostname(const std::string& hostname) {
+    return uploaded_hostnames_.count(hostname) > 0;
+  }
+
+  void DidUpload(const std::string& hostname) {
+    uploaded_hostnames_.insert(hostname);
+  }
+
+ private:
+  friend struct DefaultSingletonTraits<DnsCertLimits>;
+
+  std::set<std::string> uploaded_hostnames_;
+
+  DISALLOW_COPY_AND_ASSIGN(DnsCertLimits);
+};
+
 // DnsCertProvenanceCheck performs the DNS lookup of the certificate. This
 // class is self-deleting.
 class DnsCertProvenanceCheck : public NonThreadSafe {
@@ -69,6 +105,12 @@ class DnsCertProvenanceCheck : public NonThreadSafe {
     if (der_certs_.empty())
       return;
 
+    DnsCertLimits* const limits = Singleton<DnsCertLimits>::get();
+    if (limits->HaveReachedMaxUploads() ||
+        limits->HaveUploadedForHostname(hostname_)) {
+      return;
+    }
+
     uint8 fingerprint[SHA1_LENGTH];
     SECStatus rv = HASH_HashBuf(
         HASH_AlgSHA1, fingerprint, (uint8*) der_certs_[0].data(),
@@ -104,6 +146,7 @@ class DnsCertProvenanceCheck : public NonThreadSafe {
       LOG(ERROR) << "FAILED"
                  << " hostname:" << hostname_
                  << " domain:" << domain_;
+      Singleton<DnsCertLimits>::get()->DidUpload(hostname_);
       delegate_->OnDnsCertLookupFailed(hostname_, der_certs_);
     } else if (status == OK) {
       LOG(ERROR) << "GOOD"
@@ -116,7 +159,6 @@ class DnsCertProvenanceCheck : public NonThreadSafe {
     delete this;
   }
 
-
   const std::string hostname_;
   std::string domain_;
   DnsRRResolver* dnsrr_resolver_;
diff --git a/net/socket/dns_cert_provenance_checker.h b/net/socket/dns_cert_provenance_checker.h
index 8fef60f..810e272 100644
--- a/net/socket/dns_cert_provenance_checker.h
+++ b/net/socket/dns_cert_provenance_checker.h
@@ -27,6 +27,8 @@ class DnsCertProvenanceChecker {
         const std::vector<std::string>& der_certs) = 0;
   };
 
+  virtual void Shutdown() = 0;
+
   virtual ~DnsCertProvenanceChecker();
 
   // DoAsyncVerification starts an asynchronous check for the given certificate
diff --git a/net/url_request/url_request.h b/net/url_request/url_request.h
index 01f5984..66c0aa9 100644
--- a/net/url_request/url_request.h
+++ b/net/url_request/url_request.h
@@ -302,7 +302,7 @@ class URLRequest : public NonThreadSafe {
   // expected modification time is provided (non-zero), it will be used to
   // check if the underlying file has been changed or not. The granularity of
   // the time comparison is 1 second since time_t precision is used in WebKit.
-  void AppendBytesToUpload(const char* bytes, int bytes_len);
+  void AppendBytesToUpload(const char* bytes, int bytes_len);  // takes a copy
   void AppendFileRangeToUpload(const FilePath& file_path,
                                uint64 offset, uint64 length,
                                const base::Time& expected_modification_time);
@@ -431,9 +431,7 @@ class URLRequest : public NonThreadSafe {
   // and the response has not yet been called).
   bool is_pending() const { return is_pending_; }
 
-  // Returns the error status of the request.  This value is 0 if there is no
-  // error.  Otherwise, it is a value defined by the operating system (e.g., an
-  // error code returned by GetLastError() on windows).
+  // Returns the error status of the request.
   const URLRequestStatus& status() const { return status_; }
 
   // This method is called to start the request.  The delegate will receive