// Copyright (c) 2012 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "net/base/sdch_manager.h" #include "base/base64.h" #include "base/logging.h" #include "base/metrics/histogram.h" #include "base/strings/string_number_conversions.h" #include "base/strings/string_util.h" #include "base/time/default_clock.h" #include "base/values.h" #include "crypto/sha2.h" #include "net/base/sdch_observer.h" #include "net/url_request/url_request_http_job.h" namespace { void StripTrailingDot(GURL* gurl) { std::string host(gurl->host()); if (host.empty()) return; if (*host.rbegin() != '.') return; host.resize(host.size() - 1); GURL::Replacements replacements; replacements.SetHostStr(host); *gurl = gurl->ReplaceComponents(replacements); return; } } // namespace namespace net { // static bool SdchManager::g_sdch_enabled_ = true; // static bool SdchManager::g_secure_scheme_supported_ = true; SdchManager::DictionarySet::DictionarySet() {} SdchManager::DictionarySet::~DictionarySet() {} std::string SdchManager::DictionarySet::GetDictionaryClientHashList() const { std::string result; bool first = true; for (const auto& entry: dictionaries_) { if (!first) result.append(","); result.append(entry.second->data.client_hash()); first = false; } return result; } bool SdchManager::DictionarySet::Empty() const { return dictionaries_.empty(); } const std::string* SdchManager::DictionarySet::GetDictionaryText( const std::string& server_hash) const { auto it = dictionaries_.find(server_hash); if (it == dictionaries_.end()) return nullptr; return &it->second->data.text(); } void SdchManager::DictionarySet::AddDictionary( const std::string& server_hash, const scoped_refptr>& dictionary) { DCHECK(dictionaries_.end() == dictionaries_.find(server_hash)); dictionaries_[server_hash] = dictionary; } SdchManager::SdchManager() : factory_(this) { DCHECK(thread_checker_.CalledOnValidThread()); } SdchManager::~SdchManager() { DCHECK(thread_checker_.CalledOnValidThread()); while (!dictionaries_.empty()) { auto it = dictionaries_.begin(); dictionaries_.erase(it->first); } #if defined(OS_CHROMEOS) // For debugging http://crbug.com/454198; remove when resolved. // Explicitly confirm that we can't notify any observers anymore. CHECK(!observers_.might_have_observers()); #endif } void SdchManager::ClearData() { blacklisted_domains_.clear(); allow_latency_experiment_.clear(); dictionaries_.clear(); FOR_EACH_OBSERVER(SdchObserver, observers_, OnClearDictionaries()); } // static void SdchManager::SdchErrorRecovery(SdchProblemCode problem) { UMA_HISTOGRAM_ENUMERATION("Sdch3.ProblemCodes_5", problem, SDCH_MAX_PROBLEM_CODE); } // static void SdchManager::EnableSdchSupport(bool enabled) { g_sdch_enabled_ = enabled; } // static void SdchManager::EnableSecureSchemeSupport(bool enabled) { g_secure_scheme_supported_ = enabled; } void SdchManager::BlacklistDomain(const GURL& url, SdchProblemCode blacklist_reason) { SetAllowLatencyExperiment(url, false); BlacklistInfo* blacklist_info = &blacklisted_domains_[base::StringToLowerASCII(url.host())]; if (blacklist_info->count > 0) return; // Domain is already blacklisted. if (blacklist_info->exponential_count > (INT_MAX - 1) / 2) { blacklist_info->exponential_count = INT_MAX; } else { blacklist_info->exponential_count = blacklist_info->exponential_count * 2 + 1; } blacklist_info->count = blacklist_info->exponential_count; blacklist_info->reason = blacklist_reason; } void SdchManager::BlacklistDomainForever(const GURL& url, SdchProblemCode blacklist_reason) { SetAllowLatencyExperiment(url, false); BlacklistInfo* blacklist_info = &blacklisted_domains_[base::StringToLowerASCII(url.host())]; blacklist_info->count = INT_MAX; blacklist_info->exponential_count = INT_MAX; blacklist_info->reason = blacklist_reason; } void SdchManager::ClearBlacklistings() { blacklisted_domains_.clear(); } void SdchManager::ClearDomainBlacklisting(const std::string& domain) { BlacklistInfo* blacklist_info = &blacklisted_domains_[ base::StringToLowerASCII(domain)]; blacklist_info->count = 0; blacklist_info->reason = SDCH_OK; } int SdchManager::BlackListDomainCount(const std::string& domain) { std::string domain_lower(base::StringToLowerASCII(domain)); if (blacklisted_domains_.end() == blacklisted_domains_.find(domain_lower)) return 0; return blacklisted_domains_[domain_lower].count; } int SdchManager::BlacklistDomainExponential(const std::string& domain) { std::string domain_lower(base::StringToLowerASCII(domain)); if (blacklisted_domains_.end() == blacklisted_domains_.find(domain_lower)) return 0; return blacklisted_domains_[domain_lower].exponential_count; } SdchProblemCode SdchManager::IsInSupportedDomain(const GURL& url) { DCHECK(thread_checker_.CalledOnValidThread()); if (!g_sdch_enabled_ ) return SDCH_DISABLED; if (!secure_scheme_supported() && url.SchemeIsCryptographic()) return SDCH_SECURE_SCHEME_NOT_SUPPORTED; if (blacklisted_domains_.empty()) return SDCH_OK; DomainBlacklistInfo::iterator it = blacklisted_domains_.find(base::StringToLowerASCII(url.host())); if (blacklisted_domains_.end() == it || it->second.count == 0) return SDCH_OK; UMA_HISTOGRAM_ENUMERATION("Sdch3.BlacklistReason", it->second.reason, SDCH_MAX_PROBLEM_CODE); int count = it->second.count - 1; if (count > 0) { it->second.count = count; } else { it->second.count = 0; it->second.reason = SDCH_OK; } return SDCH_DOMAIN_BLACKLIST_INCLUDES_TARGET; } SdchProblemCode SdchManager::OnGetDictionary(const GURL& request_url, const GURL& dictionary_url) { DCHECK(thread_checker_.CalledOnValidThread()); SdchProblemCode rv = CanFetchDictionary(request_url, dictionary_url); if (rv != SDCH_OK) return rv; FOR_EACH_OBSERVER(SdchObserver, observers_, OnGetDictionary(request_url, dictionary_url)); return SDCH_OK; } void SdchManager::OnDictionaryUsed(const std::string& server_hash) { FOR_EACH_OBSERVER(SdchObserver, observers_, OnDictionaryUsed(server_hash)); } SdchProblemCode SdchManager::CanFetchDictionary( const GURL& referring_url, const GURL& dictionary_url) const { DCHECK(thread_checker_.CalledOnValidThread()); /* The user agent may retrieve a dictionary from the dictionary URL if all of the following are true: 1 The dictionary URL host name matches the referrer URL host name and scheme. 2 The dictionary URL host name domain matches the parent domain of the referrer URL host name 3 The parent domain of the referrer URL host name is not a top level domain */ // Item (1) above implies item (2). Spec should be updated. // I take "host name match" to be "is identical to" if (referring_url.host() != dictionary_url.host() || referring_url.scheme() != dictionary_url.scheme()) return SDCH_DICTIONARY_LOAD_ATTEMPT_FROM_DIFFERENT_HOST; if (!secure_scheme_supported() && referring_url.SchemeIsCryptographic()) return SDCH_DICTIONARY_SELECTED_FOR_SSL; // TODO(jar): Remove this failsafe conservative hack which is more restrictive // than current SDCH spec when needed, and justified by security audit. if (!referring_url.SchemeIsHTTPOrHTTPS()) return SDCH_DICTIONARY_SELECTED_FROM_NON_HTTP; return SDCH_OK; } scoped_ptr SdchManager::GetDictionarySet(const GURL& target_url) { if (IsInSupportedDomain(target_url) != SDCH_OK) return NULL; int count = 0; scoped_ptr result(new DictionarySet); for (const auto& entry: dictionaries_) { if (!secure_scheme_supported() && target_url.SchemeIsCryptographic()) continue; if (entry.second->data.CanUse(target_url) != SDCH_OK) continue; if (entry.second->data.Expired()) continue; ++count; result->AddDictionary(entry.first, entry.second); } if (count == 0) return NULL; UMA_HISTOGRAM_COUNTS("Sdch3.Advertisement_Count", count); UMA_HISTOGRAM_BOOLEAN("Sdch3.AdvertisedWithSecureScheme", target_url.SchemeIsSecure()); return result.Pass(); } scoped_ptr SdchManager::GetDictionarySetByHash( const GURL& target_url, const std::string& server_hash, SdchProblemCode* problem_code) { scoped_ptr result; *problem_code = SDCH_DICTIONARY_HASH_NOT_FOUND; const auto& it = dictionaries_.find(server_hash); if (it == dictionaries_.end()) return result.Pass(); if (!SdchManager::secure_scheme_supported() && target_url.SchemeIsCryptographic()) { *problem_code = SDCH_DICTIONARY_FOUND_HAS_WRONG_SCHEME; return result.Pass(); } *problem_code = it->second->data.CanUse(target_url); if (*problem_code != SDCH_OK) return result.Pass(); result.reset(new DictionarySet); result->AddDictionary(it->first, it->second); return result.Pass(); } // static void SdchManager::GenerateHash(const std::string& dictionary_text, std::string* client_hash, std::string* server_hash) { char binary_hash[32]; crypto::SHA256HashString(dictionary_text, binary_hash, sizeof(binary_hash)); std::string first_48_bits(&binary_hash[0], 6); std::string second_48_bits(&binary_hash[6], 6); UrlSafeBase64Encode(first_48_bits, client_hash); UrlSafeBase64Encode(second_48_bits, server_hash); DCHECK_EQ(server_hash->length(), 8u); DCHECK_EQ(client_hash->length(), 8u); } // Methods for supporting latency experiments. bool SdchManager::AllowLatencyExperiment(const GURL& url) const { DCHECK(thread_checker_.CalledOnValidThread()); return allow_latency_experiment_.end() != allow_latency_experiment_.find(url.host()); } void SdchManager::SetAllowLatencyExperiment(const GURL& url, bool enable) { DCHECK(thread_checker_.CalledOnValidThread()); if (enable) { allow_latency_experiment_.insert(url.host()); return; } ExperimentSet::iterator it = allow_latency_experiment_.find(url.host()); if (allow_latency_experiment_.end() == it) return; // It was already erased, or never allowed. SdchErrorRecovery(SDCH_LATENCY_TEST_DISALLOWED); allow_latency_experiment_.erase(it); } void SdchManager::AddObserver(SdchObserver* observer) { observers_.AddObserver(observer); } void SdchManager::RemoveObserver(SdchObserver* observer) { observers_.RemoveObserver(observer); } SdchProblemCode SdchManager::AddSdchDictionary( const std::string& dictionary_text, const GURL& dictionary_url, std::string* server_hash_p) { DCHECK(thread_checker_.CalledOnValidThread()); std::string client_hash; std::string server_hash; GenerateHash(dictionary_text, &client_hash, &server_hash); if (dictionaries_.find(server_hash) != dictionaries_.end()) return SDCH_DICTIONARY_ALREADY_LOADED; // Already loaded. std::string domain, path; std::set ports; base::Time expiration(base::Time::Now() + base::TimeDelta::FromDays(30)); if (dictionary_text.empty()) return SDCH_DICTIONARY_HAS_NO_TEXT; // Missing header. size_t header_end = dictionary_text.find("\n\n"); if (std::string::npos == header_end) return SDCH_DICTIONARY_HAS_NO_HEADER; // Missing header. size_t line_start = 0; // Start of line being parsed. while (1) { size_t line_end = dictionary_text.find('\n', line_start); DCHECK(std::string::npos != line_end); DCHECK_LE(line_end, header_end); size_t colon_index = dictionary_text.find(':', line_start); if (std::string::npos == colon_index) return SDCH_DICTIONARY_HEADER_LINE_MISSING_COLON; // Illegal line missing // a colon. if (colon_index > line_end) break; size_t value_start = dictionary_text.find_first_not_of(" \t", colon_index + 1); if (std::string::npos != value_start) { if (value_start >= line_end) break; std::string name(dictionary_text, line_start, colon_index - line_start); std::string value(dictionary_text, value_start, line_end - value_start); name = base::StringToLowerASCII(name); if (name == "domain") { domain = value; } else if (name == "path") { path = value; } else if (name == "format-version") { if (value != "1.0") return SDCH_DICTIONARY_UNSUPPORTED_VERSION; } else if (name == "max-age") { int64 seconds; base::StringToInt64(value, &seconds); expiration = base::Time::Now() + base::TimeDelta::FromSeconds(seconds); } else if (name == "port") { int port; base::StringToInt(value, &port); if (port >= 0) ports.insert(port); } } if (line_end >= header_end) break; line_start = line_end + 1; } // Narrow fix for http://crbug.com/389451. GURL dictionary_url_normalized(dictionary_url); StripTrailingDot(&dictionary_url_normalized); SdchProblemCode rv = IsInSupportedDomain(dictionary_url_normalized); if (rv != SDCH_OK) return rv; rv = SdchDictionary::CanSet(domain, path, ports, dictionary_url_normalized); if (rv != SDCH_OK) return rv; UMA_HISTOGRAM_COUNTS("Sdch3.Dictionary size loaded", dictionary_text.size()); DVLOG(1) << "Loaded dictionary with client hash " << client_hash << " and server hash " << server_hash; SdchDictionary dictionary(dictionary_text, header_end + 2, client_hash, server_hash, dictionary_url_normalized, domain, path, expiration, ports); dictionaries_[server_hash] = new base::RefCountedData(dictionary); if (server_hash_p) *server_hash_p = server_hash; FOR_EACH_OBSERVER(SdchObserver, observers_, OnDictionaryAdded(dictionary_url, server_hash)); return SDCH_OK; } SdchProblemCode SdchManager::RemoveSdchDictionary( const std::string& server_hash) { if (dictionaries_.find(server_hash) == dictionaries_.end()) return SDCH_DICTIONARY_HASH_NOT_FOUND; dictionaries_.erase(server_hash); FOR_EACH_OBSERVER(SdchObserver, observers_, OnDictionaryRemoved(server_hash)); return SDCH_OK; } // static scoped_ptr SdchManager::CreateEmptyDictionarySetForTesting() { return scoped_ptr(new DictionarySet).Pass(); } // For investigation of http://crbug.com/454198; remove when resolved. base::WeakPtr SdchManager::GetWeakPtr() { return factory_.GetWeakPtr(); } // static void SdchManager::UrlSafeBase64Encode(const std::string& input, std::string* output) { // Since this is only done during a dictionary load, and hashes are only 8 // characters, we just do the simple fixup, rather than rewriting the encoder. base::Base64Encode(input, output); std::replace(output->begin(), output->end(), '+', '-'); std::replace(output->begin(), output->end(), '/', '_'); } base::Value* SdchManager::SdchInfoToValue() const { base::DictionaryValue* value = new base::DictionaryValue(); value->SetBoolean("sdch_enabled", sdch_enabled()); value->SetBoolean("secure_scheme_support", secure_scheme_supported()); base::ListValue* entry_list = new base::ListValue(); for (const auto& entry: dictionaries_) { base::DictionaryValue* entry_dict = new base::DictionaryValue(); entry_dict->SetString("url", entry.second->data.url().spec()); entry_dict->SetString("client_hash", entry.second->data.client_hash()); entry_dict->SetString("domain", entry.second->data.domain()); entry_dict->SetString("path", entry.second->data.path()); base::ListValue* port_list = new base::ListValue(); for (std::set::const_iterator port_it = entry.second->data.ports().begin(); port_it != entry.second->data.ports().end(); ++port_it) { port_list->AppendInteger(*port_it); } entry_dict->Set("ports", port_list); entry_dict->SetString("server_hash", entry.first); entry_list->Append(entry_dict); } value->Set("dictionaries", entry_list); entry_list = new base::ListValue(); for (DomainBlacklistInfo::const_iterator it = blacklisted_domains_.begin(); it != blacklisted_domains_.end(); ++it) { if (it->second.count == 0) continue; base::DictionaryValue* entry_dict = new base::DictionaryValue(); entry_dict->SetString("domain", it->first); if (it->second.count != INT_MAX) entry_dict->SetInteger("tries", it->second.count); entry_dict->SetInteger("reason", it->second.reason); entry_list->Append(entry_dict); } value->Set("blacklisted", entry_list); return value; } } // namespace net