1// Copyright (c) 2012 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#include "chrome/browser/net/chrome_fraudulent_certificate_reporter.h"
6
7#include <set>
8
9#include "base/base64.h"
10#include "base/logging.h"
11#include "base/stl_util.h"
12#include "base/time/time.h"
13#include "chrome/browser/net/cert_logger.pb.h"
14#include "net/base/load_flags.h"
15#include "net/base/request_priority.h"
16#include "net/base/upload_bytes_element_reader.h"
17#include "net/base/upload_data_stream.h"
18#include "net/cert/x509_certificate.h"
19#include "net/ssl/ssl_info.h"
20#include "net/url_request/url_request_context.h"
21
22namespace chrome_browser_net {
23
24// TODO(palmer): Switch to HTTPS when the error handling delegate is more
25// sophisticated. Ultimately we plan to attempt the report on many transports.
26static const char kFraudulentCertificateUploadEndpoint[] =
27    "http://clients3.google.com/log_cert_error";
28
29ChromeFraudulentCertificateReporter::ChromeFraudulentCertificateReporter(
30    net::URLRequestContext* request_context)
31    : request_context_(request_context),
32      upload_url_(kFraudulentCertificateUploadEndpoint) {
33}
34
35ChromeFraudulentCertificateReporter::~ChromeFraudulentCertificateReporter() {
36  STLDeleteElements(&inflight_requests_);
37}
38
39static std::string BuildReport(const std::string& hostname,
40                               const net::SSLInfo& ssl_info) {
41  CertLoggerRequest request;
42  base::Time now = base::Time::Now();
43  request.set_time_usec(now.ToInternalValue());
44  request.set_hostname(hostname);
45
46  std::vector<std::string> pem_encoded_chain;
47  if (!ssl_info.cert->GetPEMEncodedChain(&pem_encoded_chain)) {
48    LOG(ERROR) << "Could not get PEM encoded chain.";
49  }
50  std::string* cert_chain = request.mutable_cert_chain();
51  for (size_t i = 0; i < pem_encoded_chain.size(); ++i)
52    *cert_chain += pem_encoded_chain[i];
53
54  request.add_pin(ssl_info.pinning_failure_log);
55
56  std::string out;
57  request.SerializeToString(&out);
58  return out;
59}
60
61scoped_ptr<net::URLRequest>
62ChromeFraudulentCertificateReporter::CreateURLRequest(
63    net::URLRequestContext* context) {
64  scoped_ptr<net::URLRequest> request =
65      context->CreateRequest(upload_url_, net::DEFAULT_PRIORITY, this, NULL);
66  request->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES |
67                        net::LOAD_DO_NOT_SAVE_COOKIES);
68  return request.Pass();
69}
70
71void ChromeFraudulentCertificateReporter::SendReport(
72    const std::string& hostname,
73    const net::SSLInfo& ssl_info) {
74  // We do silent/automatic reporting ONLY for Google properties. For other
75  // domains (when we start supporting that), we will ask for user permission.
76  if (!net::TransportSecurityState::IsGooglePinnedProperty(hostname)) {
77    return;
78  }
79
80  std::string report = BuildReport(hostname, ssl_info);
81
82  scoped_ptr<net::URLRequest> url_request = CreateURLRequest(request_context_);
83  url_request->set_method("POST");
84
85  scoped_ptr<net::UploadElementReader> reader(
86      net::UploadOwnedBytesElementReader::CreateWithString(report));
87  url_request->set_upload(make_scoped_ptr(
88      net::UploadDataStream::CreateWithReader(reader.Pass(), 0)));
89
90  net::HttpRequestHeaders headers;
91  headers.SetHeader(net::HttpRequestHeaders::kContentType,
92                    "x-application/chrome-fraudulent-cert-report");
93  url_request->SetExtraRequestHeaders(headers);
94
95  net::URLRequest* raw_url_request = url_request.get();
96  inflight_requests_.insert(url_request.release());
97  raw_url_request->Start();
98}
99
100void ChromeFraudulentCertificateReporter::RequestComplete(
101    net::URLRequest* request) {
102  std::set<net::URLRequest*>::iterator i = inflight_requests_.find(request);
103  DCHECK(i != inflight_requests_.end());
104  scoped_ptr<net::URLRequest> url_request(*i);
105  inflight_requests_.erase(i);
106}
107
108// TODO(palmer): Currently, the upload is fire-and-forget but soon we will
109// try to recover by retrying, and trying different endpoints, and
110// appealing to the user.
111void ChromeFraudulentCertificateReporter::OnResponseStarted(
112    net::URLRequest* request) {
113  const net::URLRequestStatus& status(request->status());
114  if (!status.is_success()) {
115    LOG(WARNING) << "Certificate upload failed"
116                 << " status:" << status.status()
117                 << " error:" << status.error();
118  } else if (request->GetResponseCode() != 200) {
119    LOG(WARNING) << "Certificate upload HTTP status: "
120                 << request->GetResponseCode();
121  }
122  RequestComplete(request);
123}
124
125void ChromeFraudulentCertificateReporter::OnReadCompleted(
126    net::URLRequest* request, int bytes_read) {}
127
128}  // namespace chrome_browser_net
129