1 files changed, 184 insertions, 0 deletions
diff --git a/chromium/components/safe_browsing_db/database_manager.h b/chromium/components/safe_browsing_db/database_manager.h
new file mode 100644
index 00000000000..12d893d3f9d
--- /dev/null
+++ b/chromium/components/safe_browsing_db/database_manager.h
@@ -0,0 +1,184 @@
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+//
+// The Safe Browsing service is responsible for downloading anti-phishing and
+// anti-malware tables and checking urls against them.
+
+#ifndef COMPONENTS_SAFE_BROWSING_DB_DATABASE_MANAGER_H_
+#define COMPONENTS_SAFE_BROWSING_DB_DATABASE_MANAGER_H_
+
+#include <deque>
+#include <map>
+#include <set>
+#include <string>
+#include <vector>
+
+#include "base/memory/ref_counted.h"
+#include "components/safe_browsing_db/hit_report.h"
+#include "components/safe_browsing_db/util.h"
+#include "content/public/common/resource_type.h"
+#include "url/gurl.h"
+
+namespace net {
+class URLRequestContextGetter;
+}  // namespace net
+
+namespace safe_browsing {
+
+struct V4ProtocolConfig;
+class V4GetHashProtocolManager;
+
+// Base class to either the locally-managed or a remotely-managed database.
+class SafeBrowsingDatabaseManager
+    : public base::RefCountedThreadSafe<SafeBrowsingDatabaseManager> {
+ public:
+  // Callers requesting a result should derive from this class.
+  // The destructor should call db_manager->CancelCheck(client) if a
+  // request is still pending.
+  class Client {
+   public:
+    virtual ~Client() {}
+
+    // Called when the result of checking a browse URL is known.
+    virtual void OnCheckBrowseUrlResult(const GURL& url,
+                                        SBThreatType threat_type,
+                                        const ThreatMetadata& metadata) {}
+
+    // Called when the result of checking a download URL is known.
+    virtual void OnCheckDownloadUrlResult(const std::vector<GURL>& url_chain,
+                                          SBThreatType threat_type) {}
+
+    // Called when the result of checking a set of extensions is known.
+    virtual void OnCheckExtensionsResult(
+        const std::set<std::string>& threats) {}
+
+    // Called when the result of checking the API blacklist is known.
+    virtual void OnCheckApiBlacklistUrlResult(const GURL& url,
+                                              const ThreatMetadata& metadata) {}
+
+    // Called when the result of checking the resource blacklist is known.
+    virtual void OnCheckResourceUrlResult(const GURL& url,
+                                          SBThreatType threat_type,
+                                          const std::string& threat_hash) {}
+  };
+
+
+  // Returns true if URL-checking is supported on this build+device.
+  // If false, calls to CheckBrowseUrl may dcheck-fail.
+  virtual bool IsSupported() const = 0;
+
+  // Returns the ThreatSource for this implementation.
+  virtual ThreatSource GetThreatSource() const = 0;
+
+  // Returns true if checks are never done synchronously, and therefore
+  // always have some latency.
+  virtual bool ChecksAreAlwaysAsync() const = 0;
+
+  // Returns true if this resource type should be checked.
+  virtual bool CanCheckResourceType(
+      content::ResourceType resource_type) const = 0;
+
+  // Returns true if the url's scheme can be checked.
+  virtual bool CanCheckUrl(const GURL& url) const = 0;
+
+  // Returns whether download protection is enabled.
+  virtual bool IsDownloadProtectionEnabled() const = 0;
+
+  // Called on the IO thread to check if the given url is safe or not.  If we
+  // can synchronously determine that the url is safe, CheckUrl returns true.
+  // Otherwise it returns false, and "client" is called asynchronously with the
+  // result when it is ready.
+  virtual bool CheckBrowseUrl(const GURL& url, Client* client) = 0;
+
+  // Check if the prefix for |url| is in safebrowsing download add lists.
+  // Result will be passed to callback in |client|.
+  virtual bool CheckDownloadUrl(const std::vector<GURL>& url_chain,
+                                Client* client) = 0;
+
+  // Check which prefixes in |extension_ids| are in the safebrowsing blacklist.
+  // Returns true if not, false if further checks need to be made in which case
+  // the result will be passed to |client|.
+  virtual bool CheckExtensionIDs(const std::set<std::string>& extension_ids,
+                                 Client* client) = 0;
+
+  // Check if |url| is in the resources blacklist. Returns true if not, false
+  // if further checks need to be made in which case the result will be passed
+  // to callback in |client|.
+  virtual bool CheckResourceUrl(const GURL& url, Client* client) = 0;
+
+  // Check if the |url| matches any of the full-length hashes from the client-
+  // side phishing detection whitelist.  Returns true if there was a match and
+  // false otherwise.  To make sure we are conservative we will return true if
+  // an error occurs.  This method must be called on the IO thread.
+  virtual bool MatchCsdWhitelistUrl(const GURL& url) = 0;
+
+  // Check if the given IP address (either IPv4 or IPv6) matches the malware
+  // IP blacklist.
+  virtual bool MatchMalwareIP(const std::string& ip_address) = 0;
+
+  // Check if the |url| matches any of the full-length hashes from the download
+  // whitelist.  Returns true if there was a match and false otherwise. To make
+  // sure we are conservative we will return true if an error occurs.  This
+  // method must be called on the IO thread.
+  virtual bool MatchDownloadWhitelistUrl(const GURL& url) = 0;
+
+  // Check if |str| matches any of the full-length hashes from the download
+  // whitelist.  Returns true if there was a match and false otherwise. To make
+  // sure we are conservative we will return true if an error occurs.  This
+  // method must be called on the IO thread.
+  virtual bool MatchDownloadWhitelistString(const std::string& str) = 0;
+
+  // Check if the |url| matches any of the full-length hashes from the off-
+  // domain inclusion whitelist. Returns true if there was a match and false
+  // otherwise. To make sure we are conservative, we will return true if an
+  // error occurs.  This method must be called on the IO thread.
+  virtual bool MatchInclusionWhitelistUrl(const GURL& url) = 0;
+
+  // Check if |str|, a lowercase DLL file name, matches any of the full-length
+  // hashes from the module whitelist.  Returns true if there was a match and
+  // false otherwise.  To make sure we are conservative we will return true if
+  // an error occurs.  This method must be called on the IO thread.
+  virtual bool MatchModuleWhitelistString(const std::string& str) = 0;
+
+  // Check if the CSD malware IP matching kill switch is turned on.
+  virtual bool IsMalwareKillSwitchOn() = 0;
+
+  // Check if the CSD whitelist kill switch is turned on.
+  virtual bool IsCsdWhitelistKillSwitchOn() = 0;
+
+  // Called on the IO thread to cancel a pending check if the result is no
+  // longer needed.  Also called after the result has been handled.
+  virtual void CancelCheck(Client* client) = 0;
+
+  // Called on the IO thread to check if the given url has blacklisted APIs.
+  // "client" is called asynchronously with the result when it is ready.
+  // This method has the same implementation for both the local and remote
+  // database managers since it pings Safe Browsing servers directly without
+  // accessing the database at all.
+  virtual void CheckApiBlacklistUrl(const GURL& url, Client* client);
+
+  // Called to initialize objects that are used on the io_thread, such as the
+  // v4 protocol manager.  This may be called multiple times during the life of
+  // the DatabaseManager. Must be called on IO thread.
+  virtual void StartOnIOThread(
+      net::URLRequestContextGetter* request_context_getter,
+      const V4ProtocolConfig& config);
+
+  // Called to stop or shutdown operations on the io_thread.
+  virtual void StopOnIOThread(bool shutdown);
+
+ protected:
+  SafeBrowsingDatabaseManager();
+
+  virtual ~SafeBrowsingDatabaseManager();
+
+  friend class base::RefCountedThreadSafe<SafeBrowsingDatabaseManager>;
+
+  // Created and destroyed via StartonIOThread/StopOnIOThread.
+  V4GetHashProtocolManager* v4_get_hash_protocol_manager_;
+};  // class SafeBrowsingDatabaseManager
+
+}  // namespace safe_browsing
+
+#endif  // COMPONENTS_SAFE_BROWSING_DB_DATABASE_MANAGER_H_