corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bug 783047 - Remove MAC support from SafeBrowsing code. r=mmc,dcamp

Browse Source
This commit is contained in:
Gian-Carlo Pascutto
2014-01-16 09:27:58 +01:00
parent 86845f42da
commit 84b97b9f8e
20 changed files with 70 additions and 1009 deletions
Download Patch File Download Diff File Expand all files Collapse all files

67
toolkit/components/url-classifier/nsUrlClassifierDBService.cpp
View File

@@ -181,9 +181,6 @@ private:
nsCOMPtr<nsIUrlClassifierUpdateObserver> mUpdateObserver;
bool mInStream;
// The client key with which the data from the server will be MAC'ed.
nsCString mUpdateClientKey;
// The number of noise entries to add to the set of lookup results.
uint32_t mGethashNoise;
@@ -422,7 +419,6 @@ nsUrlClassifierDBServiceWorker::ResetUpdate()
mUpdateWait = 0;
mUpdateStatus = NS_OK;
mUpdateObserver = nullptr;
mUpdateClientKey.Truncate();
}
NS_IMETHODIMP
@@ -434,8 +430,7 @@ nsUrlClassifierDBServiceWorker::SetHashCompleter(const nsACString &tableName,
NS_IMETHODIMP
nsUrlClassifierDBServiceWorker::BeginUpdate(nsIUrlClassifierUpdateObserver *observer,
const nsACString &tables,
const nsACString &clientKey)
const nsACString &tables)
{
LOG(("nsUrlClassifierDBServiceWorker::BeginUpdate [%s]", PromiseFlatCString(tables).get()));
@@ -454,19 +449,12 @@ nsUrlClassifierDBServiceWorker::BeginUpdate(nsIUrlClassifierUpdateObserver *obse
mUpdateObserver = observer;
SplitTables(tables, mUpdateTables);
if (!clientKey.IsEmpty()) {
rv = nsUrlClassifierUtils::DecodeClientKey(clientKey, mUpdateClientKey);
NS_ENSURE_SUCCESS(rv, rv);
LOG(("clientKey present, marking update key"));
}
return NS_OK;
}
// Called from the stream updater.
NS_IMETHODIMP
nsUrlClassifierDBServiceWorker::BeginStream(const nsACString &table,
const nsACString &serverMAC)
nsUrlClassifierDBServiceWorker::BeginStream(const nsACString &table)
{
LOG(("nsUrlClassifierDBServiceWorker::BeginStream"));
@@ -486,17 +474,6 @@ nsUrlClassifierDBServiceWorker::BeginStream(const nsACString &table,
mProtocolParser->Init(mCryptoHash);
nsresult rv;
// If we're expecting a MAC, create the nsICryptoHMAC component now.
if (!mUpdateClientKey.IsEmpty()) {
LOG(("Expecting MAC in this stream"));
rv = mProtocolParser->InitHMAC(mUpdateClientKey, serverMAC);
NS_ENSURE_SUCCESS(rv, rv);
} else {
LOG(("No MAC in this stream"));
}
if (!table.IsEmpty()) {
mProtocolParser->SetCurrentTable(table);
}
@@ -560,7 +537,6 @@ nsUrlClassifierDBServiceWorker::FinishStream()
mInStream = false;
mProtocolParser->FinishHMAC();
if (NS_SUCCEEDED(mProtocolParser->Status())) {
if (mProtocolParser->UpdateWait()) {
mUpdateWait = mProtocolParser->UpdateWait();
@@ -570,7 +546,7 @@ nsUrlClassifierDBServiceWorker::FinishStream()
mProtocolParser->Forwards();
for (uint32_t i = 0; i < forwards.Length(); i++) {
const ProtocolParser::ForwardedUpdate &forward = forwards[i];
mUpdateObserver->UpdateUrlRequested(forward.url, forward.table, forward.mac);
mUpdateObserver->UpdateUrlRequested(forward.url, forward.table);
}
// Hold on to any TableUpdate objects that were created by the
// parser.
@@ -581,18 +557,12 @@ nsUrlClassifierDBServiceWorker::FinishStream()
}
mUpdateObserver->StreamFinished(mProtocolParser->Status(), 0);
// Only reset if MAC was OK
if (NS_SUCCEEDED(mUpdateStatus)) {
if (mProtocolParser->ResetRequested()) {
mClassifier->Reset();
}
}
// Rekey will cause update to fail (can't check MACs)
if (mProtocolParser->RekeyRequested()) {
mUpdateObserver->RekeyRequested();
}
mProtocolParser = nullptr;
return NS_OK;
@@ -908,11 +878,10 @@ nsUrlClassifierLookupCallback::CompletionFinished(nsresult status)
NS_IMETHODIMP
nsUrlClassifierLookupCallback::Completion(const nsACString& completeHash,
const nsACString& tableName,
uint32_t chunkId,
bool verified)
uint32_t chunkId)
{
LOG(("nsUrlClassifierLookupCallback::Completion [%p, %s, %d, %d]",
this, PromiseFlatCString(tableName).get(), chunkId, verified));
LOG(("nsUrlClassifierLookupCallback::Completion [%p, %s, %d]",
this, PromiseFlatCString(tableName).get(), chunkId));
mozilla::safebrowsing::Completion hash;
hash.Assign(completeHash);
@@ -923,15 +892,13 @@ nsUrlClassifierLookupCallback::Completion(const nsACString& completeHash,
return NS_ERROR_OUT_OF_MEMORY;
}
if (verified) {
CacheResult result;
result.entry.addChunk = chunkId;
result.entry.complete = hash;
result.table = tableName;
CacheResult result;
result.entry.addChunk = chunkId;
result.entry.complete = hash;
result.table = tableName;
// OK if this fails, we just won't cache the item.
mCacheResults->AppendElement(result);
}
// OK if this fails, we just won't cache the item.
mCacheResults->AppendElement(result);
// Check if this matched any of our results.
for (uint32_t i = 0; i < mResults->Length(); i++) {
@@ -1329,8 +1296,7 @@ nsUrlClassifierDBService::SetHashCompleter(const nsACString &tableName,
NS_IMETHODIMP
nsUrlClassifierDBService::BeginUpdate(nsIUrlClassifierUpdateObserver *observer,
const nsACString &updateTables,
const nsACString &clientKey)
const nsACString &updateTables)
{
NS_ENSURE_TRUE(gDbBackgroundThread, NS_ERROR_NOT_INITIALIZED);
@@ -1343,16 +1309,15 @@ nsUrlClassifierDBService::BeginUpdate(nsIUrlClassifierUpdateObserver *observer,
nsCOMPtr<nsIUrlClassifierUpdateObserver> proxyObserver =
new UrlClassifierUpdateObserverProxy(observer);
return mWorkerProxy->BeginUpdate(proxyObserver, updateTables, clientKey);
return mWorkerProxy->BeginUpdate(proxyObserver, updateTables);
}
NS_IMETHODIMP
nsUrlClassifierDBService::BeginStream(const nsACString &table,
const nsACString &serverMAC)
nsUrlClassifierDBService::BeginStream(const nsACString &table)
{
NS_ENSURE_TRUE(gDbBackgroundThread, NS_ERROR_NOT_INITIALIZED);
return mWorkerProxy->BeginStream(table, serverMAC);
return mWorkerProxy->BeginStream(table);
}
NS_IMETHODIMP