| OLD | NEW |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/safe_browsing/download_protection_service.h" | 5 #include "chrome/browser/safe_browsing/download_protection_service.h" |
| 6 | 6 |
| 7 #include <map> | 7 #include <map> |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/base_paths.h" | 10 #include "base/base_paths.h" |
| (...skipping 309 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 320 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | 320 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 321 base::Unretained(this))); | 321 base::Unretained(this))); |
| 322 msg_loop_.Run(); | 322 msg_loop_.Run(); |
| 323 ExpectResult(DownloadProtectionService::SAFE); | 323 ExpectResult(DownloadProtectionService::SAFE); |
| 324 } | 324 } |
| 325 | 325 |
| 326 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadFetchFailed) { | 326 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadFetchFailed) { |
| 327 net::FakeURLFetcherFactory factory; | 327 net::FakeURLFetcherFactory factory; |
| 328 // HTTP request will fail. | 328 // HTTP request will fail. |
| 329 factory.SetFakeResponse( | 329 factory.SetFakeResponse( |
| 330 DownloadProtectionService::kDownloadRequestUrl, "", false); | 330 DownloadProtectionService::GetDownloadRequestUrl(), "", false); |
| 331 | 331 |
| 332 DownloadProtectionService::DownloadInfo info; | 332 DownloadProtectionService::DownloadInfo info; |
| 333 info.local_file = FilePath(FILE_PATH_LITERAL("a.tmp")); | 333 info.local_file = FilePath(FILE_PATH_LITERAL("a.tmp")); |
| 334 info.target_file = FilePath(FILE_PATH_LITERAL("a.exe")); | 334 info.target_file = FilePath(FILE_PATH_LITERAL("a.exe")); |
| 335 info.download_url_chain.push_back(GURL("http://www.evil.com/a.exe")); | 335 info.download_url_chain.push_back(GURL("http://www.evil.com/a.exe")); |
| 336 info.referrer_url = GURL("http://www.google.com/"); | 336 info.referrer_url = GURL("http://www.google.com/"); |
| 337 | 337 |
| 338 EXPECT_CALL(*sb_service_, MatchDownloadWhitelistUrl(_)) | 338 EXPECT_CALL(*sb_service_, MatchDownloadWhitelistUrl(_)) |
| 339 .WillRepeatedly(Return(false)); | 339 .WillRepeatedly(Return(false)); |
| 340 EXPECT_CALL(*signature_util_, CheckSignature(info.local_file, _)); | 340 EXPECT_CALL(*signature_util_, CheckSignature(info.local_file, _)); |
| 341 | 341 |
| 342 download_service_->CheckClientDownload( | 342 download_service_->CheckClientDownload( |
| 343 info, | 343 info, |
| 344 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | 344 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 345 base::Unretained(this))); | 345 base::Unretained(this))); |
| 346 msg_loop_.Run(); | 346 msg_loop_.Run(); |
| 347 ExpectResult(DownloadProtectionService::SAFE); | 347 ExpectResult(DownloadProtectionService::SAFE); |
| 348 } | 348 } |
| 349 | 349 |
| 350 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadSuccess) { | 350 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadSuccess) { |
| 351 ClientDownloadResponse response; | 351 ClientDownloadResponse response; |
| 352 response.set_verdict(ClientDownloadResponse::SAFE); | 352 response.set_verdict(ClientDownloadResponse::SAFE); |
| 353 net::FakeURLFetcherFactory factory; | 353 net::FakeURLFetcherFactory factory; |
| 354 // Empty response means SAFE. | 354 // Empty response means SAFE. |
| 355 factory.SetFakeResponse( | 355 factory.SetFakeResponse( |
| 356 DownloadProtectionService::kDownloadRequestUrl, | 356 DownloadProtectionService::GetDownloadRequestUrl(), |
| 357 response.SerializeAsString(), | 357 response.SerializeAsString(), |
| 358 true); | 358 true); |
| 359 | 359 |
| 360 DownloadProtectionService::DownloadInfo info; | 360 DownloadProtectionService::DownloadInfo info; |
| 361 info.local_file = FilePath(FILE_PATH_LITERAL("a.tmp")); | 361 info.local_file = FilePath(FILE_PATH_LITERAL("a.tmp")); |
| 362 info.target_file = FilePath(FILE_PATH_LITERAL("a.exe")); | 362 info.target_file = FilePath(FILE_PATH_LITERAL("a.exe")); |
| 363 info.download_url_chain.push_back(GURL("http://www.evil.com/a.exe")); | 363 info.download_url_chain.push_back(GURL("http://www.evil.com/a.exe")); |
| 364 info.referrer_url = GURL("http://www.google.com/"); | 364 info.referrer_url = GURL("http://www.google.com/"); |
| 365 | 365 |
| 366 EXPECT_CALL(*sb_service_, MatchDownloadWhitelistUrl(_)) | 366 EXPECT_CALL(*sb_service_, MatchDownloadWhitelistUrl(_)) |
| 367 .WillRepeatedly(Return(false)); | 367 .WillRepeatedly(Return(false)); |
| 368 EXPECT_CALL(*signature_util_, CheckSignature(info.local_file, _)).Times(4); | 368 EXPECT_CALL(*signature_util_, CheckSignature(info.local_file, _)).Times(4); |
| 369 | 369 |
| 370 download_service_->CheckClientDownload( | 370 download_service_->CheckClientDownload( |
| 371 info, | 371 info, |
| 372 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | 372 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 373 base::Unretained(this))); | 373 base::Unretained(this))); |
| 374 msg_loop_.Run(); | 374 msg_loop_.Run(); |
| 375 ExpectResult(DownloadProtectionService::SAFE); | 375 ExpectResult(DownloadProtectionService::SAFE); |
| 376 | 376 |
| 377 // Invalid response should be safe too. | 377 // Invalid response should be safe too. |
| 378 response.Clear(); | 378 response.Clear(); |
| 379 factory.SetFakeResponse( | 379 factory.SetFakeResponse( |
| 380 DownloadProtectionService::kDownloadRequestUrl, | 380 DownloadProtectionService::GetDownloadRequestUrl(), |
| 381 response.SerializePartialAsString(), | 381 response.SerializePartialAsString(), |
| 382 true); | 382 true); |
| 383 | 383 |
| 384 download_service_->CheckClientDownload( | 384 download_service_->CheckClientDownload( |
| 385 info, | 385 info, |
| 386 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | 386 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 387 base::Unretained(this))); | 387 base::Unretained(this))); |
| 388 msg_loop_.Run(); | 388 msg_loop_.Run(); |
| 389 ExpectResult(DownloadProtectionService::SAFE); | 389 ExpectResult(DownloadProtectionService::SAFE); |
| 390 | 390 |
| 391 // If the response is dangerous the result should also be marked as dangerous. | 391 // If the response is dangerous the result should also be marked as dangerous. |
| 392 response.set_verdict(ClientDownloadResponse::DANGEROUS); | 392 response.set_verdict(ClientDownloadResponse::DANGEROUS); |
| 393 factory.SetFakeResponse( | 393 factory.SetFakeResponse( |
| 394 DownloadProtectionService::kDownloadRequestUrl, | 394 DownloadProtectionService::GetDownloadRequestUrl(), |
| 395 response.SerializeAsString(), | 395 response.SerializeAsString(), |
| 396 true); | 396 true); |
| 397 | 397 |
| 398 download_service_->CheckClientDownload( | 398 download_service_->CheckClientDownload( |
| 399 info, | 399 info, |
| 400 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | 400 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 401 base::Unretained(this))); | 401 base::Unretained(this))); |
| 402 msg_loop_.Run(); | 402 msg_loop_.Run(); |
| 403 #if defined(OS_WIN) | 403 #if defined(OS_WIN) |
| 404 ExpectResult(DownloadProtectionService::DANGEROUS); | 404 ExpectResult(DownloadProtectionService::DANGEROUS); |
| 405 #else | 405 #else |
| 406 ExpectResult(DownloadProtectionService::SAFE); | 406 ExpectResult(DownloadProtectionService::SAFE); |
| 407 #endif | 407 #endif |
| 408 | 408 |
| 409 // If the response is uncommon the result should also be marked as uncommon. | 409 // If the response is uncommon the result should also be marked as uncommon. |
| 410 response.set_verdict(ClientDownloadResponse::UNCOMMON); | 410 response.set_verdict(ClientDownloadResponse::UNCOMMON); |
| 411 factory.SetFakeResponse( | 411 factory.SetFakeResponse( |
| 412 DownloadProtectionService::kDownloadRequestUrl, | 412 DownloadProtectionService::GetDownloadRequestUrl(), |
| 413 response.SerializeAsString(), | 413 response.SerializeAsString(), |
| 414 true); | 414 true); |
| 415 | 415 |
| 416 download_service_->CheckClientDownload( | 416 download_service_->CheckClientDownload( |
| 417 info, | 417 info, |
| 418 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | 418 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 419 base::Unretained(this))); | 419 base::Unretained(this))); |
| 420 msg_loop_.Run(); | 420 msg_loop_.Run(); |
| 421 #if defined(OS_WIN) | 421 #if defined(OS_WIN) |
| 422 ExpectResult(DownloadProtectionService::UNCOMMON); | 422 ExpectResult(DownloadProtectionService::UNCOMMON); |
| 423 #else | 423 #else |
| 424 ExpectResult(DownloadProtectionService::SAFE); | 424 ExpectResult(DownloadProtectionService::SAFE); |
| 425 #endif | 425 #endif |
| 426 } | 426 } |
| 427 | 427 |
| 428 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadHTTPS) { | 428 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadHTTPS) { |
| 429 ClientDownloadResponse response; | 429 ClientDownloadResponse response; |
| 430 response.set_verdict(ClientDownloadResponse::DANGEROUS); | 430 response.set_verdict(ClientDownloadResponse::DANGEROUS); |
| 431 net::FakeURLFetcherFactory factory; | 431 net::FakeURLFetcherFactory factory; |
| 432 factory.SetFakeResponse( | 432 factory.SetFakeResponse( |
| 433 DownloadProtectionService::kDownloadRequestUrl, | 433 DownloadProtectionService::GetDownloadRequestUrl(), |
| 434 response.SerializeAsString(), | 434 response.SerializeAsString(), |
| 435 true); | 435 true); |
| 436 | 436 |
| 437 DownloadProtectionService::DownloadInfo info; | 437 DownloadProtectionService::DownloadInfo info; |
| 438 info.local_file = FilePath(FILE_PATH_LITERAL("a.tmp")); | 438 info.local_file = FilePath(FILE_PATH_LITERAL("a.tmp")); |
| 439 info.target_file = FilePath(FILE_PATH_LITERAL("a.exe")); | 439 info.target_file = FilePath(FILE_PATH_LITERAL("a.exe")); |
| 440 info.download_url_chain.push_back(GURL("https://www.evil.com/a.exe")); | 440 info.download_url_chain.push_back(GURL("https://www.evil.com/a.exe")); |
| 441 info.referrer_url = GURL("http://www.google.com/"); | 441 info.referrer_url = GURL("http://www.google.com/"); |
| 442 | 442 |
| 443 EXPECT_CALL(*sb_service_, MatchDownloadWhitelistUrl(_)) | 443 EXPECT_CALL(*sb_service_, MatchDownloadWhitelistUrl(_)) |
| (...skipping 11 matching lines...) Expand all Loading... |
| 455 ExpectResult(DownloadProtectionService::SAFE); | 455 ExpectResult(DownloadProtectionService::SAFE); |
| 456 #endif | 456 #endif |
| 457 } | 457 } |
| 458 | 458 |
| 459 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadZip) { | 459 TEST_F(DownloadProtectionServiceTest, CheckClientDownloadZip) { |
| 460 ClientDownloadResponse response; | 460 ClientDownloadResponse response; |
| 461 response.set_verdict(ClientDownloadResponse::SAFE); | 461 response.set_verdict(ClientDownloadResponse::SAFE); |
| 462 net::FakeURLFetcherFactory factory; | 462 net::FakeURLFetcherFactory factory; |
| 463 // Empty response means SAFE. | 463 // Empty response means SAFE. |
| 464 factory.SetFakeResponse( | 464 factory.SetFakeResponse( |
| 465 DownloadProtectionService::kDownloadRequestUrl, | 465 DownloadProtectionService::GetDownloadRequestUrl(), |
| 466 response.SerializeAsString(), | 466 response.SerializeAsString(), |
| 467 true); | 467 true); |
| 468 | 468 |
| 469 ScopedTempDir download_dir; | 469 ScopedTempDir download_dir; |
| 470 ASSERT_TRUE(download_dir.CreateUniqueTempDir()); | 470 ASSERT_TRUE(download_dir.CreateUniqueTempDir()); |
| 471 | 471 |
| 472 DownloadProtectionService::DownloadInfo info; | 472 DownloadProtectionService::DownloadInfo info; |
| 473 info.local_file = download_dir.path().Append(FILE_PATH_LITERAL("a.tmp")); | 473 info.local_file = download_dir.path().Append(FILE_PATH_LITERAL("a.tmp")); |
| 474 info.target_file = FilePath(FILE_PATH_LITERAL("a.zip")); | 474 info.target_file = FilePath(FILE_PATH_LITERAL("a.zip")); |
| 475 info.download_url_chain.push_back(GURL("http://www.evil.com/a.zip")); | 475 info.download_url_chain.push_back(GURL("http://www.evil.com/a.zip")); |
| (...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 508 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | 508 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 509 base::Unretained(this))); | 509 base::Unretained(this))); |
| 510 msg_loop_.Run(); | 510 msg_loop_.Run(); |
| 511 ExpectResult(DownloadProtectionService::SAFE); | 511 ExpectResult(DownloadProtectionService::SAFE); |
| 512 Mock::VerifyAndClearExpectations(signature_util_); | 512 Mock::VerifyAndClearExpectations(signature_util_); |
| 513 | 513 |
| 514 // If the response is dangerous the result should also be marked as | 514 // If the response is dangerous the result should also be marked as |
| 515 // dangerous. | 515 // dangerous. |
| 516 response.set_verdict(ClientDownloadResponse::DANGEROUS); | 516 response.set_verdict(ClientDownloadResponse::DANGEROUS); |
| 517 factory.SetFakeResponse( | 517 factory.SetFakeResponse( |
| 518 DownloadProtectionService::kDownloadRequestUrl, | 518 DownloadProtectionService::GetDownloadRequestUrl(), |
| 519 response.SerializeAsString(), | 519 response.SerializeAsString(), |
| 520 true); | 520 true); |
| 521 | 521 |
| 522 download_service_->CheckClientDownload( | 522 download_service_->CheckClientDownload( |
| 523 info, | 523 info, |
| 524 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, | 524 base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback, |
| 525 base::Unretained(this))); | 525 base::Unretained(this))); |
| 526 msg_loop_.Run(); | 526 msg_loop_.Run(); |
| 527 #if defined(OS_WIN) | 527 #if defined(OS_WIN) |
| 528 ExpectResult(DownloadProtectionService::DANGEROUS); | 528 ExpectResult(DownloadProtectionService::DANGEROUS); |
| (...skipping 30 matching lines...) Expand all Loading... |
| 559 | 559 |
| 560 TEST_F(DownloadProtectionServiceTest, CheckClientCrxDownloadSuccess) { | 560 TEST_F(DownloadProtectionServiceTest, CheckClientCrxDownloadSuccess) { |
| 561 ClientDownloadResponse response; | 561 ClientDownloadResponse response; |
| 562 // Even if the server verdict is dangerous we should return SAFE because | 562 // Even if the server verdict is dangerous we should return SAFE because |
| 563 // DownloadProtectionService::IsSupportedDownload() will return false | 563 // DownloadProtectionService::IsSupportedDownload() will return false |
| 564 // for crx downloads. | 564 // for crx downloads. |
| 565 response.set_verdict(ClientDownloadResponse::DANGEROUS); | 565 response.set_verdict(ClientDownloadResponse::DANGEROUS); |
| 566 net::FakeURLFetcherFactory factory; | 566 net::FakeURLFetcherFactory factory; |
| 567 // Empty response means SAFE. | 567 // Empty response means SAFE. |
| 568 factory.SetFakeResponse( | 568 factory.SetFakeResponse( |
| 569 DownloadProtectionService::kDownloadRequestUrl, | 569 DownloadProtectionService::GetDownloadRequestUrl(), |
| 570 response.SerializeAsString(), | 570 response.SerializeAsString(), |
| 571 true); | 571 true); |
| 572 | 572 |
| 573 DownloadProtectionService::DownloadInfo info; | 573 DownloadProtectionService::DownloadInfo info; |
| 574 info.local_file = FilePath(FILE_PATH_LITERAL("a.tmp")); | 574 info.local_file = FilePath(FILE_PATH_LITERAL("a.tmp")); |
| 575 info.target_file = FilePath(FILE_PATH_LITERAL("a.crx")); | 575 info.target_file = FilePath(FILE_PATH_LITERAL("a.crx")); |
| 576 info.download_url_chain.push_back(GURL("http://www.evil.com/a.crx")); | 576 info.download_url_chain.push_back(GURL("http://www.evil.com/a.crx")); |
| 577 info.referrer_url = GURL("http://www.google.com/"); | 577 info.referrer_url = GURL("http://www.google.com/"); |
| 578 | 578 |
| 579 EXPECT_CALL(*sb_service_, MatchDownloadWhitelistUrl(_)) | 579 EXPECT_CALL(*sb_service_, MatchDownloadWhitelistUrl(_)) |
| (...skipping 290 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 870 GetCertificateWhitelistStrings(*cert, *issuer_cert, &whitelist_strings); | 870 GetCertificateWhitelistStrings(*cert, *issuer_cert, &whitelist_strings); |
| 871 EXPECT_THAT(whitelist_strings, ElementsAre(cert_base + "/OU=unit")); | 871 EXPECT_THAT(whitelist_strings, ElementsAre(cert_base + "/OU=unit")); |
| 872 | 872 |
| 873 cert = ReadTestCertificate("test_c.pem"); | 873 cert = ReadTestCertificate("test_c.pem"); |
| 874 ASSERT_TRUE(cert.get()); | 874 ASSERT_TRUE(cert.get()); |
| 875 whitelist_strings.clear(); | 875 whitelist_strings.clear(); |
| 876 GetCertificateWhitelistStrings(*cert, *issuer_cert, &whitelist_strings); | 876 GetCertificateWhitelistStrings(*cert, *issuer_cert, &whitelist_strings); |
| 877 EXPECT_THAT(whitelist_strings, ElementsAre()); | 877 EXPECT_THAT(whitelist_strings, ElementsAre()); |
| 878 } | 878 } |
| 879 } // namespace safe_browsing | 879 } // namespace safe_browsing |
| OLD | NEW |