1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "chrome/browser/net/chrome_fraudulent_certificate_reporter.h" 6 7 #include <set> 8 9 #include "base/base64.h" 10 #include "base/logging.h" 11 #include "base/stl_util.h" 12 #include "base/time/time.h" 13 #include "chrome/browser/net/cert_logger.pb.h" 14 #include "net/base/load_flags.h" 15 #include "net/base/request_priority.h" 16 #include "net/base/upload_bytes_element_reader.h" 17 #include "net/base/upload_data_stream.h" 18 #include "net/cert/x509_certificate.h" 19 #include "net/ssl/ssl_info.h" 20 #include "net/url_request/url_request_context.h" 21 22 namespace chrome_browser_net { 23 24 // TODO(palmer): Switch to HTTPS when the error handling delegate is more 25 // sophisticated. Ultimately we plan to attempt the report on many transports. 26 static const char kFraudulentCertificateUploadEndpoint[] = 27 "http://clients3.google.com/log_cert_error"; 28 29 ChromeFraudulentCertificateReporter::ChromeFraudulentCertificateReporter( 30 net::URLRequestContext* request_context) 31 : request_context_(request_context), 32 upload_url_(kFraudulentCertificateUploadEndpoint) { 33 } 34 35 ChromeFraudulentCertificateReporter::~ChromeFraudulentCertificateReporter() { 36 STLDeleteElements(&inflight_requests_); 37 } 38 39 static std::string BuildReport(const std::string& hostname, 40 const net::SSLInfo& ssl_info) { 41 CertLoggerRequest request; 42 base::Time now = base::Time::Now(); 43 request.set_time_usec(now.ToInternalValue()); 44 request.set_hostname(hostname); 45 46 std::vector<std::string> pem_encoded_chain; 47 if (!ssl_info.cert->GetPEMEncodedChain(&pem_encoded_chain)) { 48 LOG(ERROR) << "Could not get PEM encoded chain."; 49 } 50 std::string* cert_chain = request.mutable_cert_chain(); 51 for (size_t i = 0; i < pem_encoded_chain.size(); ++i) 52 *cert_chain += pem_encoded_chain[i]; 53 54 request.add_pin(ssl_info.pinning_failure_log); 55 56 std::string out; 57 request.SerializeToString(&out); 58 return out; 59 } 60 61 scoped_ptr<net::URLRequest> 62 ChromeFraudulentCertificateReporter::CreateURLRequest( 63 net::URLRequestContext* context) { 64 scoped_ptr<net::URLRequest> request = 65 context->CreateRequest(upload_url_, net::DEFAULT_PRIORITY, this, NULL); 66 request->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES | 67 net::LOAD_DO_NOT_SAVE_COOKIES); 68 return request.Pass(); 69 } 70 71 void ChromeFraudulentCertificateReporter::SendReport( 72 const std::string& hostname, 73 const net::SSLInfo& ssl_info, 74 bool sni_available) { 75 // We do silent/automatic reporting ONLY for Google properties. For other 76 // domains (when we start supporting that), we will ask for user permission. 77 if (!net::TransportSecurityState::IsGooglePinnedProperty(hostname, 78 sni_available)) { 79 return; 80 } 81 82 std::string report = BuildReport(hostname, ssl_info); 83 84 scoped_ptr<net::URLRequest> url_request = CreateURLRequest(request_context_); 85 url_request->set_method("POST"); 86 87 scoped_ptr<net::UploadElementReader> reader( 88 net::UploadOwnedBytesElementReader::CreateWithString(report)); 89 url_request->set_upload(make_scoped_ptr( 90 net::UploadDataStream::CreateWithReader(reader.Pass(), 0))); 91 92 net::HttpRequestHeaders headers; 93 headers.SetHeader(net::HttpRequestHeaders::kContentType, 94 "x-application/chrome-fraudulent-cert-report"); 95 url_request->SetExtraRequestHeaders(headers); 96 97 net::URLRequest* raw_url_request = url_request.get(); 98 inflight_requests_.insert(url_request.release()); 99 raw_url_request->Start(); 100 } 101 102 void ChromeFraudulentCertificateReporter::RequestComplete( 103 net::URLRequest* request) { 104 std::set<net::URLRequest*>::iterator i = inflight_requests_.find(request); 105 DCHECK(i != inflight_requests_.end()); 106 scoped_ptr<net::URLRequest> url_request(*i); 107 inflight_requests_.erase(i); 108 } 109 110 // TODO(palmer): Currently, the upload is fire-and-forget but soon we will 111 // try to recover by retrying, and trying different endpoints, and 112 // appealing to the user. 113 void ChromeFraudulentCertificateReporter::OnResponseStarted( 114 net::URLRequest* request) { 115 const net::URLRequestStatus& status(request->status()); 116 if (!status.is_success()) { 117 LOG(WARNING) << "Certificate upload failed" 118 << " status:" << status.status() 119 << " error:" << status.error(); 120 } else if (request->GetResponseCode() != 200) { 121 LOG(WARNING) << "Certificate upload HTTP status: " 122 << request->GetResponseCode(); 123 } 124 RequestComplete(request); 125 } 126 127 void ChromeFraudulentCertificateReporter::OnReadCompleted( 128 net::URLRequest* request, int bytes_read) {} 129 130 } // namespace chrome_browser_net 131