Revert "gsb-storage: Don't hardcode Linux threat lists"35-hardcode-threat-lists

This reverts commit 3c8cd6387f85106051c9e674ee8b1e59fb40858c.

Also, increment SCHEMA_VERSION in ephy-gsb-storage.c.

3 files changed, 51 insertions, 124 deletions

diff --git a/lib/safe-browsing/ephy-gsb-service.c b/lib/safe-browsing/ephy-gsb-service.c
index b36592af3..a99a6d243 100644
--- a/lib/safe-browsing/ephy-gsb-service.c
+++ b/lib/safe-browsing/ephy-gsb-service.c
@@ -163,74 +163,6 @@ ephy_gsb_service_schedule_update (EphyGSBService *self)
   LOG ("Next update scheduled in %ld seconds", interval);
 }
 
-static GList *
-ephy_gsb_service_fetch_threat_lists_sync (EphyGSBService *self)
-{
-  GList *retval = NULL;
-  JsonNode *body_node = NULL;
-  JsonObject *body_obj;
-  JsonArray *threat_lists;
-  JsonObject *descriptor;
-  const char *threat_type;
-  const char *platform_type;
-  const char *threat_entry_type;
-  SoupMessage *msg;
-  char *url;
-
-  g_assert (EPHY_IS_GSB_SERVICE (self));
-
-  url = g_strdup_printf ("%sthreatLists?key=%s", API_PREFIX, self->api_key);
-  msg = soup_message_new (SOUP_METHOD_GET, url);
-  soup_session_send_message (self->session, msg);
-
-  if (msg->status_code != 200) {
-    LOG ("Failed to fetch the threat lists from the server, got: %u, %s",
-         msg->status_code, msg->response_body->data);
-    goto out;
-  }
-
-  body_node = json_from_string (msg->response_body->data, NULL);
-  if (!body_node || !JSON_NODE_HOLDS_OBJECT (body_node)) {
-    g_warning ("Response is not a valid JSON object");
-    goto out;
-  }
-
-  body_obj = json_node_get_object (body_node);
-
-  if (json_object_has_non_null_array_member (body_obj, "threatLists")) {
-    threat_lists = json_object_get_array_member (body_obj, "threatLists");
-    for (guint i = 0; i < json_array_get_length (threat_lists); i++) {
-      descriptor = json_array_get_object_element (threat_lists, i);
-      threat_type = json_object_get_string_member (descriptor, "threatType");
-      platform_type = json_object_get_string_member (descriptor, "platformType");
-
-      /* Keep SOCIAL_ENGINEERING threats that are for any platform.
-       * Keep MALWARE/UNWANTED_SOFTWARE threats that are for Linux only.
-       */
-      if (g_strcmp0 (threat_type, "SOCIAL_ENGINEERING") == 0) {
-        if (g_strcmp0 (platform_type, "ANY_PLATFORM") != 0)
-          continue;
-      } else if (g_strcmp0 (platform_type, "LINUX") != 0) {
-          continue;
-      }
-
-      threat_entry_type = json_object_get_string_member (descriptor, "threatEntryType");
-      retval = g_list_prepend (retval, ephy_gsb_threat_list_new (threat_type,
-                                                                 platform_type,
-                                                                 threat_entry_type,
-                                                                 NULL));
-    }
-  }
-
-out:
-  g_free (url);
-  g_object_unref (msg);
-  if (body_node)
-    json_node_unref (body_node);
-
-  return g_list_reverse (retval);
-}
-
 static void
 ephy_gsb_service_update_thread (GTask          *task,
                                 EphyGSBService *self,
@@ -255,12 +187,6 @@ ephy_gsb_service_update_thread (GTask          *task,
 
   ephy_gsb_storage_delete_old_full_hashes (self->storage);
 
-  /* Fetch and store new threat lists, if any. */
-  threat_lists = ephy_gsb_service_fetch_threat_lists_sync (self);
-  for (GList *l = threat_lists; l && l->data; l = l->next)
-    ephy_gsb_storage_insert_threat_list (self->storage, l->data);
-  g_list_free_full (threat_lists, (GDestroyNotify)ephy_gsb_threat_list_free);
-
   threat_lists = ephy_gsb_storage_get_threat_lists (self->storage);
   if (!threat_lists) {
     LOG ("No threat lists to update");
diff --git a/lib/safe-browsing/ephy-gsb-storage.c b/lib/safe-browsing/ephy-gsb-storage.c
index 374d98dd4..05d8f27a7 100644
--- a/lib/safe-browsing/ephy-gsb-storage.c
+++ b/lib/safe-browsing/ephy-gsb-storage.c
@@ -34,8 +34,21 @@
  */
 #define BATCH_SIZE 199
 
-/* Increment schema version if you modify the database table structure. */
-#define SCHEMA_VERSION 2
+/* Increment schema version if you:
+ * 1) Modify the database table structure.
+ * 2) Modify the threat lists below.
+ */
+#define SCHEMA_VERSION 3
+
+/* The available Linux threat lists of Google Safe Browsing API v4.
+ * The format is {THREAT_TYPE, PLATFORM_TYPE, THREAT_ENTRY_TYPE}.
+ */
+static const char * const gsb_linux_threat_lists[][3] = {
+  {GSB_THREAT_TYPE_MALWARE,            "LINUX",        "URL"},
+  {GSB_THREAT_TYPE_SOCIAL_ENGINEERING, "ANY_PLATFORM", "URL"},
+  {GSB_THREAT_TYPE_UNWANTED_SOFTWARE,  "LINUX",        "URL"},
+  {GSB_THREAT_TYPE_MALWARE,            "LINUX",        "IP_RANGE"},
+};
 
 struct _EphyGSBStorage {
   GObject parent_instance;
@@ -195,7 +208,9 @@ ephy_gsb_storage_init_metadata_table (EphyGSBStorage *self)
 static gboolean
 ephy_gsb_storage_init_threats_table (EphyGSBStorage *self)
 {
+  EphySQLiteStatement *statement;
   GError *error = NULL;
+  GString *string;
   const char *sql;
 
   g_assert (EPHY_IS_GSB_STORAGE (self));
@@ -218,6 +233,40 @@ ephy_gsb_storage_init_threats_table (EphyGSBStorage *self)
     return FALSE;
   }
 
+  sql = "INSERT INTO threats (threat_type, platform_type, threat_entry_type) VALUES ";
+  string = g_string_new (sql);
+  for (guint i = 0; i < G_N_ELEMENTS (gsb_linux_threat_lists); i++)
+    g_string_append (string, "(?, ?, ?),");
+  /* Remove trailing comma character. */
+  g_string_erase (string, string->len - 1, -1);
+
+  statement = ephy_sqlite_connection_create_statement (self->db, string->str, &error);
+  g_string_free (string, TRUE);
+
+  if (error) {
+    g_warning ("Failed to create threats table insert statement: %s", error->message);
+    g_error_free (error);
+    return FALSE;
+  }
+
+  for (guint i = 0; i < G_N_ELEMENTS (gsb_linux_threat_lists); i++) {
+    EphyGSBThreatList *list = ephy_gsb_threat_list_new (gsb_linux_threat_lists[i][0],
+                                                        gsb_linux_threat_lists[i][1],
+                                                        gsb_linux_threat_lists[i][2],
+                                                        NULL);
+    bind_threat_list_params (statement, list, i * 3, i * 3 + 1, i * 3 + 2, -1);
+    ephy_gsb_threat_list_free (list);
+  }
+
+  ephy_sqlite_statement_step (statement, &error);
+  g_object_unref (statement);
+
+  if (error) {
+    g_warning ("Failed to insert initial data into threats table: %s", error->message);
+    g_error_free (error);
+    return FALSE;
+  }
+
   return TRUE;
 }
 
@@ -600,52 +649,6 @@ ephy_gsb_storage_set_metadata (EphyGSBStorage *self,
 }
 
 /**
- * ephy_gsb_storage_insert_threat_list:
- * @self: an #EphyGSBStorage
- * @list: an #EphyGSBThreatList
- *
- * Insert a threat lists into the local database. If the combination
- * THREAT_TYPE/PLATFORM_TYPE/THREAT_ENTRY_TYPE already exists in the
- * database, then this function does nothing. The client state is ignored.
- * Use ephy_gsb_storage_update_client_state() if you need to update the
- * client state.
- **/
-void
-ephy_gsb_storage_insert_threat_list (EphyGSBStorage    *self,
-                                     EphyGSBThreatList *list)
-{
-  EphySQLiteStatement *statement;
-  GError *error = NULL;
-  const char *sql;
-
-  g_assert (EPHY_IS_GSB_STORAGE (self));
-  g_assert (list);
-
-  sql = "INSERT OR IGNORE INTO threats "
-        "(threat_type, platform_type, threat_entry_type, client_state) "
-        "VALUES (?, ?, ?, ?)";
-  statement = ephy_sqlite_connection_create_statement (self->db, sql, &error);
-  if (error) {
-    g_warning ("Failed to create insert threat list statement: %s", error->message);
-    g_error_free (error);
-    return;
-  }
-
-  if (!bind_threat_list_params (statement, list, 0, 1, 2, -1)) {
-    g_object_unref (statement);
-    return;
-  }
-
-  ephy_sqlite_statement_step (statement, &error);
-  if (error) {
-    g_warning ("Failed to execute insert threat list statement: %s", error->message);
-    g_error_free (error);
-  }
-
-  g_object_unref (statement);
-}
-
-/**
  * ephy_gsb_storage_get_threat_lists:
  * @self: an #EphyGSBStorage
  *
diff --git a/lib/safe-browsing/ephy-gsb-storage.h b/lib/safe-browsing/ephy-gsb-storage.h
index 056b4e741..ed41a7e23 100644
--- a/lib/safe-browsing/ephy-gsb-storage.h
+++ b/lib/safe-browsing/ephy-gsb-storage.h
@@ -38,8 +38,6 @@ gint64          ephy_gsb_storage_get_metadata                   (EphyGSBStorage
 void            ephy_gsb_storage_set_metadata                   (EphyGSBStorage *self,
                                                                  const char     *key,
                                                                  gint64          value);
-void            ephy_gsb_storage_insert_threat_list             (EphyGSBStorage    *self,
-                                                                 EphyGSBThreatList *list);
 GList          *ephy_gsb_storage_get_threat_lists               (EphyGSBStorage *self);
 char           *ephy_gsb_storage_compute_checksum               (EphyGSBStorage    *self,
                                                                  EphyGSBThreatList *list);