Commit c512b7a8 authored by sorin's avatar sorin Committed by Commit bot

Component updater must fallback on using HTTP on Windows XPSP2 and below

BUG=411009

Review URL: https://codereview.chromium.org/581803002

Cr-Commit-Position: refs/heads/master@{#295633}
parent 52b435da
...@@ -370,6 +370,25 @@ void SetDomainStateForTesting(bool state) { ...@@ -370,6 +370,25 @@ void SetDomainStateForTesting(bool state) {
g_domain_state = state ? ENROLLED : NOT_ENROLLED; g_domain_state = state ? ENROLLED : NOT_ENROLLED;
} }
bool MaybeHasSHA256Support() {
const base::win::OSInfo* os_info = base::win::OSInfo::GetInstance();
if (os_info->version() == base::win::VERSION_PRE_XP)
return false; // Too old to have it and this OS is not supported anyway.
if (os_info->version() == base::win::VERSION_XP)
return os_info->service_pack().major >= 3; // Windows XP SP3 has it.
// Assume it is missing in this case, although it may not be. This category
// includes Windows XP x64, and Windows Server, where a hotfix could be
// deployed.
if (os_info->version() == base::win::VERSION_SERVER_2003)
return false;
DCHECK(os_info->version() >= base::win::VERSION_VISTA);
return true; // New enough to have SHA-256 support.
}
} // namespace win } // namespace win
} // namespace base } // namespace base
......
...@@ -134,6 +134,13 @@ BASE_EXPORT bool IsEnrolledToDomain(); ...@@ -134,6 +134,13 @@ BASE_EXPORT bool IsEnrolledToDomain();
// simulate being in a domain and false otherwise. // simulate being in a domain and false otherwise.
BASE_EXPORT void SetDomainStateForTesting(bool state); BASE_EXPORT void SetDomainStateForTesting(bool state);
// Returns true if the current operating system has support for SHA-256
// certificates. As its name indicates, this function provides a best-effort
// answer, which is solely based on comparing version numbers. The function
// may be re-implemented in the future to return a reliable value, based on
// run-time detection of this capability.
BASE_EXPORT bool MaybeHasSHA256Support();
} // namespace win } // namespace win
} // namespace base } // namespace base
......
...@@ -12,6 +12,9 @@ ...@@ -12,6 +12,9 @@
#include "base/compiler_specific.h" #include "base/compiler_specific.h"
#include "base/strings/string_util.h" #include "base/strings/string_util.h"
#include "base/version.h" #include "base/version.h"
#if defined(OS_WIN)
#include "base/win/win_util.h"
#endif // OS_WIN
#include "build/build_config.h" #include "build/build_config.h"
#include "chrome/browser/component_updater/component_patcher_operation_out_of_process.h" #include "chrome/browser/component_updater/component_patcher_operation_out_of_process.h"
#include "chrome/browser/omaha_query_params/chrome_omaha_query_params_delegate.h" #include "chrome/browser/omaha_query_params/chrome_omaha_query_params_delegate.h"
...@@ -47,10 +50,13 @@ const char kSwitchUrlSource[] = "url-source"; ...@@ -47,10 +50,13 @@ const char kSwitchUrlSource[] = "url-source";
#define COMPONENT_UPDATER_SERVICE_ENDPOINT \ #define COMPONENT_UPDATER_SERVICE_ENDPOINT \
"//clients2.google.com/service/update2" "//clients2.google.com/service/update2"
// The default url for the v3 protocol service endpoint. // The default URL for the v3 protocol service endpoint. In some cases, the
// component updater is allowed to fall back to and alternate URL source, if
// the request to the default URL source fails.
// The value of |kDefaultUrlSource| can be overridden with // The value of |kDefaultUrlSource| can be overridden with
// --component-updater=url-source=someurl. // --component-updater=url-source=someurl.
const char kDefaultUrlSource[] = "https:" COMPONENT_UPDATER_SERVICE_ENDPOINT; const char kDefaultUrlSource[] = "https:" COMPONENT_UPDATER_SERVICE_ENDPOINT;
const char kAltUrlSource[] = "http:" COMPONENT_UPDATER_SERVICE_ENDPOINT;
// Disables differential updates. // Disables differential updates.
const char kSwitchDisableDeltaUpdates[] = "disable-delta-updates"; const char kSwitchDisableDeltaUpdates[] = "disable-delta-updates";
...@@ -67,6 +73,19 @@ bool HasSwitchValue(const std::vector<std::string>& vec, const char* test) { ...@@ -67,6 +73,19 @@ bool HasSwitchValue(const std::vector<std::string>& vec, const char* test) {
return (std::find(vec.begin(), vec.end(), test) != vec.end()); return (std::find(vec.begin(), vec.end(), test) != vec.end());
} }
// Returns true if falling back on an alternate, unsafe, service URL is
// allowed. In the fallback case, the security of the component update relies
// only on the integrity of the CRX payloads, which is self-validating.
// This is allowed only for some of the pre-Windows Vista versions not including
// Windows XP SP3. As a side note, pings could be sent to the alternate URL too.
bool CanUseAltUrlSource() {
#if defined(OS_WIN)
return !base::win::MaybeHasSHA256Support();
#else
return false;
#endif // OS_WIN
}
// If there is an element of |vec| of the form |test|=.*, returns the right- // If there is an element of |vec| of the form |test|=.*, returns the right-
// hand side of that assignment. Otherwise, returns an empty string. // hand side of that assignment. Otherwise, returns an empty string.
// The right-hand side may contain additional '=' characters, allowing for // The right-hand side may contain additional '=' characters, allowing for
...@@ -127,6 +146,7 @@ class ChromeConfigurator : public Configurator { ...@@ -127,6 +146,7 @@ class ChromeConfigurator : public Configurator {
bool pings_enabled_; bool pings_enabled_;
bool deltas_enabled_; bool deltas_enabled_;
bool background_downloads_enabled_; bool background_downloads_enabled_;
bool fallback_to_alt_source_url_enabled_;
}; };
ChromeConfigurator::ChromeConfigurator( ChromeConfigurator::ChromeConfigurator(
...@@ -136,7 +156,8 @@ ChromeConfigurator::ChromeConfigurator( ...@@ -136,7 +156,8 @@ ChromeConfigurator::ChromeConfigurator(
fast_update_(false), fast_update_(false),
pings_enabled_(false), pings_enabled_(false),
deltas_enabled_(false), deltas_enabled_(false),
background_downloads_enabled_(false) { background_downloads_enabled_(false),
fallback_to_alt_source_url_enabled_(false) {
// Parse comma-delimited debug flags. // Parse comma-delimited debug flags.
std::vector<std::string> switch_values; std::vector<std::string> switch_values;
Tokenize(cmdline->GetSwitchValueASCII(switches::kComponentUpdater), Tokenize(cmdline->GetSwitchValueASCII(switches::kComponentUpdater),
...@@ -162,6 +183,8 @@ ChromeConfigurator::ChromeConfigurator( ...@@ -162,6 +183,8 @@ ChromeConfigurator::ChromeConfigurator(
if (HasSwitchValue(switch_values, kSwitchRequestParam)) if (HasSwitchValue(switch_values, kSwitchRequestParam))
extra_info_ += "testrequest=\"1\""; extra_info_ += "testrequest=\"1\"";
fallback_to_alt_source_url_enabled_ = CanUseAltUrlSource();
} }
int ChromeConfigurator::InitialDelay() const { int ChromeConfigurator::InitialDelay() const {
...@@ -194,6 +217,9 @@ std::vector<GURL> ChromeConfigurator::UpdateUrl() const { ...@@ -194,6 +217,9 @@ std::vector<GURL> ChromeConfigurator::UpdateUrl() const {
urls.push_back(GURL(url_source_override_)); urls.push_back(GURL(url_source_override_));
} else { } else {
urls.push_back(GURL(kDefaultUrlSource)); urls.push_back(GURL(kDefaultUrlSource));
if (fallback_to_alt_source_url_enabled_) {
urls.push_back(GURL(kAltUrlSource));
}
} }
return urls; return urls;
} }
......
...@@ -471,7 +471,7 @@ std::string SSLBlockingPage::GetHTMLContents() { ...@@ -471,7 +471,7 @@ std::string SSLBlockingPage::GetHTMLContents() {
SSLErrorInfo::ErrorType type = SSLErrorInfo::ErrorType type =
SSLErrorInfo::NetErrorToErrorType(cert_error_); SSLErrorInfo::NetErrorToErrorType(cert_error_);
if (type == SSLErrorInfo::CERT_INVALID && SSLErrorClassification:: if (type == SSLErrorInfo::CERT_INVALID && SSLErrorClassification::
IsWindowsVersionSP3OrLower()) { MaybeWindowsLacksSHA256Support()) {
load_time_data.SetString( load_time_data.SetString(
"explanationParagraph", "explanationParagraph",
l10n_util::GetStringFUTF16( l10n_util::GetStringFUTF16(
......
...@@ -30,6 +30,7 @@ ...@@ -30,6 +30,7 @@
#endif #endif
#if defined(OS_WIN) #if defined(OS_WIN)
#include "base/win/win_util.h"
#include "base/win/windows_version.h" #include "base/win/windows_version.h"
#endif #endif
...@@ -366,14 +367,12 @@ bool SSLErrorClassification::IsUserClockInTheFuture( ...@@ -366,14 +367,12 @@ bool SSLErrorClassification::IsUserClockInTheFuture(
return false; return false;
} }
bool SSLErrorClassification::IsWindowsVersionSP3OrLower() { bool SSLErrorClassification::MaybeWindowsLacksSHA256Support() {
#if defined(OS_WIN) #if defined(OS_WIN)
const base::win::OSInfo* os_info = base::win::OSInfo::GetInstance(); return !base::win::MaybeHasSHA256Support();
base::win::OSInfo::ServicePack service_pack = os_info->service_pack(); #else
if (os_info->version() < base::win::VERSION_VISTA && service_pack.major < 3)
return true;
#endif
return false; return false;
#endif
} }
bool SSLErrorClassification::IsHostNameKnownTLD(const std::string& host_name) { bool SSLErrorClassification::IsHostNameKnownTLD(const std::string& host_name) {
......
...@@ -40,7 +40,9 @@ class SSLErrorClassification : public content::NotificationObserver { ...@@ -40,7 +40,9 @@ class SSLErrorClassification : public content::NotificationObserver {
// using a version of Chrome which is more than 1 year old. // using a version of Chrome which is more than 1 year old.
static bool IsUserClockInTheFuture(const base::Time& time_now); static bool IsUserClockInTheFuture(const base::Time& time_now);
static bool IsWindowsVersionSP3OrLower(); // Returns true if the Windows platform is likely to not have SHA-256 support.
// On other platforms, returns false always.
static bool MaybeWindowsLacksSHA256Support();
// A function which calculates the severity score when the ssl error is // A function which calculates the severity score when the ssl error is
// |CERT_DATE_INVALID|. The calculated score is between 0.0 and 1.0, higher // |CERT_DATE_INVALID|. The calculated score is between 0.0 and 1.0, higher
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment