| Index: chrome/browser/extensions/extension_service.cc
|
| diff --git a/chrome/browser/extensions/extension_service.cc b/chrome/browser/extensions/extension_service.cc
|
| index b9c734071674fc1a52e7e0df6d7d737803cc8c26..ae344e270e326b5e5b977523304475f0428cb14d 100644
|
| --- a/chrome/browser/extensions/extension_service.cc
|
| +++ b/chrome/browser/extensions/extension_service.cc
|
| @@ -565,12 +565,28 @@ void ExtensionService::Init() {
|
| }
|
| system_->management_policy()->RegisterProvider(
|
| shared_module_policy_provider_.get());
|
| +
|
| + LoadGreylistFromPrefs();
|
| }
|
|
|
| UMA_HISTOGRAM_TIMES("Extensions.ExtensionServiceInitTime",
|
| base::Time::Now() - begin_time);
|
| }
|
|
|
| +void ExtensionService::LoadGreylistFromPrefs() {
|
| + scoped_ptr<ExtensionSet> all_extensions = GenerateInstalledExtensionsSet();
|
| +
|
| + for (ExtensionSet::const_iterator it = all_extensions->begin();
|
| + it != all_extensions->end(); ++it) {
|
| + extensions::BlacklistState state =
|
| + extension_prefs_->GetExtensionBlacklistState((*it)->id());
|
| + if (state == extensions::BLACKLISTED_SECURITY_VULNERABILITY ||
|
| + state == extensions::BLACKLISTED_POTENTIALLY_UNWANTED ||
|
| + state == extensions::BLACKLISTED_CWS_POLICY_VIOLATION)
|
| + greylist_.Insert(*it);
|
| + }
|
| +}
|
| +
|
| void ExtensionService::VerifyAllExtensions() {
|
| ExtensionIdSet to_add;
|
| scoped_ptr<ExtensionSet> all_extensions = GenerateInstalledExtensionsSet();
|
| @@ -2759,27 +2775,73 @@ void ExtensionService::MaybeFinishDelayedInstallations() {
|
| }
|
|
|
| void ExtensionService::OnBlacklistUpdated() {
|
| - blacklist_->GetMalwareIDs(
|
| + blacklist_->GetBlacklistedIDs(
|
| GenerateInstalledExtensionsSet()->GetIDs(),
|
| base::Bind(&ExtensionService::ManageBlacklist, AsWeakPtr()));
|
| }
|
|
|
| -void ExtensionService::ManageBlacklist(const std::set<std::string>& updated) {
|
| +void ExtensionService::ManageBlacklist(
|
| + const extensions::Blacklist::BlacklistStateMap& state_map) {
|
| DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
|
|
|
| - std::set<std::string> before = registry_->blacklisted_extensions().GetIDs();
|
| - std::set<std::string> no_longer_blacklisted =
|
| - base::STLSetDifference<std::set<std::string> >(before, updated);
|
| - std::set<std::string> not_yet_blacklisted =
|
| - base::STLSetDifference<std::set<std::string> >(updated, before);
|
| + std::set<std::string> blocked;
|
| + std::set<std::string> greylist;
|
| + std::set<std::string> unchanged;
|
| + for (extensions::Blacklist::BlacklistStateMap::const_iterator it =
|
| + state_map.begin();
|
| + it != state_map.end();
|
| + ++it) {
|
| + switch (it->second) {
|
| + case extensions::NOT_BLACKLISTED:
|
| + break;
|
| +
|
| + case extensions::BLACKLISTED_MALWARE:
|
| + blocked.insert(it->first);
|
| + break;
|
| +
|
| + case extensions::BLACKLISTED_SECURITY_VULNERABILITY:
|
| + case extensions::BLACKLISTED_CWS_POLICY_VIOLATION:
|
| + case extensions::BLACKLISTED_POTENTIALLY_UNWANTED:
|
| + greylist.insert(it->first);
|
| + break;
|
|
|
| - for (std::set<std::string>::iterator it = no_longer_blacklisted.begin();
|
| - it != no_longer_blacklisted.end(); ++it) {
|
| + case extensions::BLACKLISTED_UNKNOWN:
|
| + unchanged.insert(it->first);
|
| + break;
|
| + }
|
| + }
|
| +
|
| + UpdateBlockedExtensions(blocked, unchanged);
|
| + UpdateGreylistedExtensions(greylist, unchanged, state_map);
|
| +
|
| + IdentifyAlertableExtensions();
|
| +}
|
| +
|
| +void ExtensionService::UpdateBlockedExtensions(
|
| + const std::set<std::string>& blocked,
|
| + const std::set<std::string>& unchanged) {
|
| + std::set<std::string> blocked_and_unchanged;
|
| + std::set_union(
|
| + blocked.begin(), blocked.end(), unchanged.begin(), unchanged.end(),
|
| + std::inserter(blocked_and_unchanged, blocked_and_unchanged.end()));
|
| +
|
| + // Extensions with unchanged blacklist state will remain blocked or unblocked
|
| + // as before this update.
|
| + std::set<std::string> blocked_before =
|
| + registry_->blacklisted_extensions().GetIDs();
|
| + std::set<std::string> no_longer_blocked =
|
| + base::STLSetDifference<std::set<std::string> >(
|
| + blocked_before, blocked_and_unchanged);
|
| + std::set<std::string> not_yet_blocked =
|
| + base::STLSetDifference<std::set<std::string> >(blocked, blocked_before);
|
| +
|
| + for (std::set<std::string>::iterator it = no_longer_blocked.begin();
|
| + it != no_longer_blocked.end(); ++it) {
|
| scoped_refptr<const Extension> extension =
|
| registry_->blacklisted_extensions().GetByID(*it);
|
| if (!extension.get()) {
|
| - NOTREACHED() << "Extension " << *it << " no longer blacklisted, "
|
| - << "but it was never blacklisted.";
|
| + NOTREACHED() << "Extension " << *it << " no longer blocked, "
|
| + << "but it was never blocked.";
|
| continue;
|
| }
|
| registry_->RemoveBlacklisted(*it);
|
| @@ -2790,8 +2852,8 @@ void ExtensionService::ManageBlacklist(const std::set<std::string>& updated) {
|
| Manifest::NUM_LOCATIONS);
|
| }
|
|
|
| - for (std::set<std::string>::iterator it = not_yet_blacklisted.begin();
|
| - it != not_yet_blacklisted.end(); ++it) {
|
| + for (std::set<std::string>::iterator it = not_yet_blocked.begin();
|
| + it != not_yet_blocked.end(); ++it) {
|
| scoped_refptr<const Extension> extension = GetInstalledExtension(*it);
|
| if (!extension.get()) {
|
| NOTREACHED() << "Extension " << *it << " needs to be "
|
| @@ -2799,13 +2861,63 @@ void ExtensionService::ManageBlacklist(const std::set<std::string>& updated) {
|
| continue;
|
| }
|
| registry_->AddBlacklisted(extension);
|
| - extension_prefs_->SetExtensionBlacklisted(extension->id(), true);
|
| + extension_prefs_->SetExtensionBlacklistState(
|
| + extension->id(), extensions::BLACKLISTED_MALWARE);
|
| UnloadExtension(*it, UnloadedExtensionInfo::REASON_BLACKLIST);
|
| UMA_HISTOGRAM_ENUMERATION("ExtensionBlacklist.BlacklistInstalled",
|
| extension->location(), Manifest::NUM_LOCATIONS);
|
| }
|
| +}
|
|
|
| - IdentifyAlertableExtensions();
|
| +// TODO(oleg): UMA logging
|
| +void ExtensionService::UpdateGreylistedExtensions(
|
| + const std::set<std::string>& greylist,
|
| + const std::set<std::string>& unchanged,
|
| + const extensions::Blacklist::BlacklistStateMap& state_map) {
|
| + std::set<std::string> greylist_and_unchanged;
|
| + std::set_union(
|
| + greylist.begin(), greylist.end(), unchanged.begin(), unchanged.end(),
|
| + std::inserter(greylist_and_unchanged, greylist_and_unchanged.end()));
|
| +
|
| + std::set<std::string> greylisted_before = greylist_.GetIDs();
|
| + std::set<std::string> no_longer_greylisted =
|
| + base::STLSetDifference<std::set<std::string> >(
|
| + greylisted_before, greylist_and_unchanged);
|
| + std::set<std::string> not_yet_greylisted =
|
| + base::STLSetDifference<std::set<std::string> >(
|
| + greylist, greylisted_before);
|
| +
|
| + for (std::set<std::string>::iterator it = no_longer_greylisted.begin();
|
| + it != no_longer_greylisted.end(); ++it) {
|
| + scoped_refptr<const Extension> extension = greylist_.GetByID(*it);
|
| + if (!extension.get()) {
|
| + NOTREACHED() << "Extension " << *it << " no longer greylisted, "
|
| + << "but it was not marked as greylisted.";
|
| + continue;
|
| + }
|
| +
|
| + greylist_.Remove(*it);
|
| + extension_prefs_->SetExtensionBlacklistState(extension->id(),
|
| + extensions::NOT_BLACKLISTED);
|
| + if (extension_prefs_->GetDisableReasons(extension->id()) &
|
| + extensions::Extension::DISABLE_GREYLIST)
|
| + EnableExtension(*it);
|
| + }
|
| +
|
| + for (std::set<std::string>::iterator it = not_yet_greylisted.begin();
|
| + it != not_yet_greylisted.end(); ++it) {
|
| + scoped_refptr<const Extension> extension = GetInstalledExtension(*it);
|
| + if (!extension.get()) {
|
| + NOTREACHED() << "Extension " << *it << " needs to be "
|
| + << "disabled, but it's not installed.";
|
| + continue;
|
| + }
|
| + greylist_.Insert(extension);
|
| + extension_prefs_->SetExtensionBlacklistState(extension->id(),
|
| + state_map.find(*it)->second);
|
| + if (registry_->enabled_extensions().Contains(extension->id()))
|
| + DisableExtension(*it, extensions::Extension::DISABLE_GREYLIST);
|
| + }
|
| }
|
|
|
| void ExtensionService::AddUpdateObserver(extensions::UpdateObserver* observer) {
|
|
|
Chromium Code Reviews
Issue 98463005:
Enable/disable extensions upon changes in blacklist. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src