rlz/lib/rlz_lib.cc

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4 //
   5 // A library to manage RLZ information for access-points shared
   6 // across different client applications.
   7
   8 #include "rlz/lib/rlz_lib.h"
   9
  10 #include "base/strings/string_util.h"
  11 #include "base/strings/stringprintf.h"
  12 #include "rlz/lib/assert.h"
  13 #include "rlz/lib/crc32.h"
  14 #include "rlz/lib/financial_ping.h"
  15 #include "rlz/lib/lib_values.h"
  16 #include "rlz/lib/rlz_value_store.h"
  17 #include "rlz/lib/string_utils.h"
  18
  19 namespace {
  20
  21 // Event information returned from ping response.
  22 struct ReturnedEvent {
  23   rlz_lib::AccessPoint access_point;
  24   rlz_lib::Event event_type;
  25 };
  26
  27 // Helper functions
  28
  29 bool IsAccessPointSupported(rlz_lib::AccessPoint point) {
  30   switch (point) {
  31   case rlz_lib::NO_ACCESS_POINT:
  32   case rlz_lib::LAST_ACCESS_POINT:
  33
  34   case rlz_lib::MOBILE_IDLE_SCREEN_BLACKBERRY:
  35   case rlz_lib::MOBILE_IDLE_SCREEN_WINMOB:
  36   case rlz_lib::MOBILE_IDLE_SCREEN_SYMBIAN:
  37     // These AP's are never available on Windows PCs.
  38     return false;
  39
  40   case rlz_lib::IE_DEFAULT_SEARCH:
  41   case rlz_lib::IE_HOME_PAGE:
  42   case rlz_lib::IETB_SEARCH_BOX:
  43   case rlz_lib::QUICK_SEARCH_BOX:
  44   case rlz_lib::GD_DESKBAND:
  45   case rlz_lib::GD_SEARCH_GADGET:
  46   case rlz_lib::GD_WEB_SERVER:
  47   case rlz_lib::GD_OUTLOOK:
  48   case rlz_lib::CHROME_OMNIBOX:
  49   case rlz_lib::CHROME_HOME_PAGE:
  50     // TODO: Figure out when these settings are set to Google.
  51
  52   default:
  53     return true;
  54   }
  55 }
  56
  57 // Current RLZ can only use [a-zA-Z0-9_\-]
  58 // We will be more liberal and allow some additional chars, but not url meta
  59 // chars.
  60 bool IsGoodRlzChar(const char ch) {
  61   if (IsAsciiAlpha(ch) || IsAsciiDigit(ch))
  62     return true;
  63
  64   switch (ch) {
  65     case '_':
  66     case '-':
  67     case '!':
  68     case '@':
  69     case '$':
  70     case '*':
  71     case '(':
  72     case ')':
  73     case ';':
  74     case '.':
  75     case '<':
  76     case '>':
  77     return true;
  78   }
  79
  80   return false;
  81 }
  82
  83 // This function will remove bad rlz chars and also limit the max rlz to some
  84 // reasonable size.  It also assumes that normalized_rlz is at least
  85 // kMaxRlzLength+1 long.
  86 void NormalizeRlz(const char* raw_rlz, char* normalized_rlz) {
  87   size_t index = 0;
  88   for (; raw_rlz[index] != 0 && index < rlz_lib::kMaxRlzLength; ++index) {
  89     char current = raw_rlz[index];
  90     if (IsGoodRlzChar(current)) {
  91       normalized_rlz[index] = current;
  92     } else {
  93       normalized_rlz[index] = '.';
  94     }
  95   }
  96
  97   normalized_rlz[index] = 0;
  98 }
  99
 100 void GetEventsFromResponseString(
 101     const std::string& response_line,
 102     const std::string& field_header,
 103     std::vector<ReturnedEvent>* event_array) {
 104   // Get the string of events.
 105   std::string events = response_line.substr(field_header.size());
 106   base::TrimWhitespaceASCII(events, base::TRIM_LEADING, &events);
 107
 108   int events_length = events.find_first_of("\r\n ");
 109   if (events_length < 0)
 110     events_length = events.size();
 111   events = events.substr(0, events_length);
 112
 113   // Break this up into individual events
 114   int event_end_index = -1;
 115   do {
 116     int event_begin = event_end_index + 1;
 117     event_end_index = events.find(rlz_lib::kEventsCgiSeparator, event_begin);
 118     int event_end = event_end_index;
 119     if (event_end < 0)
 120       event_end = events_length;
 121
 122     std::string event_string = events.substr(event_begin,
 123                                              event_end - event_begin);
 124     if (event_string.size() != 3)  // 3 = 2(AP) + 1(E)
 125       continue;
 126
 127     rlz_lib::AccessPoint point = rlz_lib::NO_ACCESS_POINT;
 128     rlz_lib::Event event = rlz_lib::INVALID_EVENT;
 129     if (!GetAccessPointFromName(event_string.substr(0, 2).c_str(), &point) ||
 130         point == rlz_lib::NO_ACCESS_POINT) {
 131       continue;
 132     }
 133
 134     if (!GetEventFromName(event_string.substr(event_string.size() - 1).c_str(),
 135                           &event) || event == rlz_lib::INVALID_EVENT) {
 136       continue;
 137     }
 138
 139     ReturnedEvent current_event = {point, event};
 140     event_array->push_back(current_event);
 141   } while (event_end_index >= 0);
 142 }
 143
 144 // Event storage functions.
 145 bool RecordStatefulEvent(rlz_lib::Product product, rlz_lib::AccessPoint point,
 146                          rlz_lib::Event event) {
 147   rlz_lib::ScopedRlzValueStoreLock lock;
 148   rlz_lib::RlzValueStore* store = lock.GetStore();
 149   if (!store || !store->HasAccess(rlz_lib::RlzValueStore::kWriteAccess))
 150     return false;
 151
 152   // Write the new event to the value store.
 153   const char* point_name = GetAccessPointName(point);
 154   const char* event_name = GetEventName(event);
 155   if (!point_name || !event_name)
 156     return false;
 157
 158   if (!point_name[0] || !event_name[0])
 159     return false;
 160
 161   std::string new_event_value;
 162   base::StringAppendF(&new_event_value, "%s%s", point_name, event_name);
 163   return store->AddStatefulEvent(product, new_event_value.c_str());
 164 }
 165
 166 bool GetProductEventsAsCgiHelper(rlz_lib::Product product, char* cgi,
 167                                  size_t cgi_size,
 168                                  rlz_lib::RlzValueStore* store) {
 169   // Prepend the CGI param key to the buffer.
 170   std::string cgi_arg;
 171   base::StringAppendF(&cgi_arg, "%s=", rlz_lib::kEventsCgiVariable);
 172   if (cgi_size <= cgi_arg.size())
 173     return false;
 174
 175   size_t index;
 176   for (index = 0; index < cgi_arg.size(); ++index)
 177     cgi[index] = cgi_arg[index];
 178
 179   // Read stored events.
 180   std::vector<std::string> events;
 181   if (!store->ReadProductEvents(product, &events))
 182     return false;
 183
 184   // Append the events to the buffer.
 185   size_t num_values = 0;
 186
 187   for (num_values = 0; num_values < events.size(); ++num_values) {
 188     cgi[index] = '\0';
 189
 190     int divider = num_values > 0 ? 1 : 0;
 191     int size = cgi_size - (index + divider);
 192     if (size <= 0)
 193       return cgi_size >= (rlz_lib::kMaxCgiLength + 1);
 194
 195     strncpy(cgi + index + divider, events[num_values].c_str(), size);
 196     if (divider)
 197       cgi[index] = rlz_lib::kEventsCgiSeparator;
 198
 199     index += std::min((int)events[num_values].length(), size) + divider;
 200   }
 201
 202   cgi[index] = '\0';
 203
 204   return num_values > 0;
 205 }
 206
 207 }  // namespace
 208
 209 namespace rlz_lib {
 210
 211 #if defined(RLZ_NETWORK_IMPLEMENTATION_CHROME_NET)
 212 bool SetURLRequestContext(net::URLRequestContextGetter* context) {
 213   return FinancialPing::SetURLRequestContext(context);
 214 }
 215 #endif
 216
 217 bool GetProductEventsAsCgi(Product product, char* cgi, size_t cgi_size) {
 218   if (!cgi || cgi_size <= 0) {
 219     ASSERT_STRING("GetProductEventsAsCgi: Invalid buffer");
 220     return false;
 221   }
 222
 223   cgi[0] = 0;
 224
 225   ScopedRlzValueStoreLock lock;
 226   RlzValueStore* store = lock.GetStore();
 227   if (!store || !store->HasAccess(RlzValueStore::kReadAccess))
 228     return false;
 229
 230   size_t size_local = std::min(
 231       static_cast<size_t>(kMaxCgiLength + 1), cgi_size);
 232   bool result = GetProductEventsAsCgiHelper(product, cgi, size_local, store);
 233
 234   if (!result) {
 235     ASSERT_STRING("GetProductEventsAsCgi: Possibly insufficient buffer size");
 236     cgi[0] = 0;
 237     return false;
 238   }
 239
 240   return true;
 241 }
 242
 243 bool RecordProductEvent(Product product, AccessPoint point, Event event) {
 244   ScopedRlzValueStoreLock lock;
 245   RlzValueStore* store = lock.GetStore();
 246   if (!store || !store->HasAccess(RlzValueStore::kWriteAccess))
 247     return false;
 248
 249   // Get this event's value.
 250   const char* point_name = GetAccessPointName(point);
 251   const char* event_name = GetEventName(event);
 252   if (!point_name || !event_name)
 253     return false;
 254
 255   if (!point_name[0] || !event_name[0])
 256     return false;
 257
 258   std::string new_event_value;
 259   base::StringAppendF(&new_event_value, "%s%s", point_name, event_name);
 260
 261   // Check whether this event is a stateful event. If so, don't record it.
 262   if (store->IsStatefulEvent(product, new_event_value.c_str())) {
 263     // For a stateful event we skip recording, this function is also
 264     // considered successful.
 265     return true;
 266   }
 267
 268   // Write the new event to the value store.
 269   return store->AddProductEvent(product, new_event_value.c_str());
 270 }
 271
 272 bool ClearProductEvent(Product product, AccessPoint point, Event event) {
 273   ScopedRlzValueStoreLock lock;
 274   RlzValueStore* store = lock.GetStore();
 275   if (!store || !store->HasAccess(RlzValueStore::kWriteAccess))
 276     return false;
 277
 278   // Get the event's value store value and delete it.
 279   const char* point_name = GetAccessPointName(point);
 280   const char* event_name = GetEventName(event);
 281   if (!point_name || !event_name)
 282     return false;
 283
 284   if (!point_name[0] || !event_name[0])
 285     return false;
 286
 287   std::string event_value;
 288   base::StringAppendF(&event_value, "%s%s", point_name, event_name);
 289   return store->ClearProductEvent(product, event_value.c_str());
 290 }
 291
 292 // RLZ storage functions.
 293
 294 bool GetAccessPointRlz(AccessPoint point, char* rlz, size_t rlz_size) {
 295   if (!rlz || rlz_size <= 0) {
 296     ASSERT_STRING("GetAccessPointRlz: Invalid buffer");
 297     return false;
 298   }
 299
 300   rlz[0] = 0;
 301
 302   ScopedRlzValueStoreLock lock;
 303   RlzValueStore* store = lock.GetStore();
 304   if (!store || !store->HasAccess(RlzValueStore::kReadAccess))
 305     return false;
 306
 307   if (!IsAccessPointSupported(point))
 308     return false;
 309
 310   return store->ReadAccessPointRlz(point, rlz, rlz_size);
 311 }
 312
 313 bool SetAccessPointRlz(AccessPoint point, const char* new_rlz) {
 314   ScopedRlzValueStoreLock lock;
 315   RlzValueStore* store = lock.GetStore();
 316   if (!store || !store->HasAccess(RlzValueStore::kWriteAccess))
 317     return false;
 318
 319   if (!new_rlz) {
 320     ASSERT_STRING("SetAccessPointRlz: Invalid buffer");
 321     return false;
 322   }
 323
 324   // Return false if the access point is not set to Google.
 325   if (!IsAccessPointSupported(point)) {
 326     ASSERT_STRING(("SetAccessPointRlz: "
 327                 "Cannot set RLZ for unsupported access point."));
 328     return false;
 329   }
 330
 331   // Verify the RLZ length.
 332   size_t rlz_length = strlen(new_rlz);
 333   if (rlz_length > kMaxRlzLength) {
 334     ASSERT_STRING("SetAccessPointRlz: RLZ length is exceeds max allowed.");
 335     return false;
 336   }
 337
 338   char normalized_rlz[kMaxRlzLength + 1];
 339   NormalizeRlz(new_rlz, normalized_rlz);
 340   VERIFY(strlen(new_rlz) == rlz_length);
 341
 342   // Setting RLZ to empty == clearing.
 343   if (normalized_rlz[0] == 0)
 344     return store->ClearAccessPointRlz(point);
 345   return store->WriteAccessPointRlz(point, normalized_rlz);
 346 }
 347
 348 // Financial Server pinging functions.
 349
 350 bool FormFinancialPingRequest(Product product, const AccessPoint* access_points,
 351                               const char* product_signature,
 352                               const char* product_brand,
 353                               const char* product_id,
 354                               const char* product_lang,
 355                               bool exclude_machine_id,
 356                               char* request, size_t request_buffer_size) {
 357   if (!request || request_buffer_size == 0)
 358     return false;
 359
 360   request[0] = 0;
 361
 362   std::string request_string;
 363   if (!FinancialPing::FormRequest(product, access_points, product_signature,
 364                                   product_brand, product_id, product_lang,
 365                                   exclude_machine_id, &request_string))
 366     return false;
 367
 368   if (request_string.size() >= request_buffer_size)
 369     return false;
 370
 371   strncpy(request, request_string.c_str(), request_buffer_size);
 372   request[request_buffer_size - 1] = 0;
 373   return true;
 374 }
 375
 376 bool PingFinancialServer(Product product, const char* request, char* response,
 377                          size_t response_buffer_size) {
 378   if (!response || response_buffer_size == 0)
 379     return false;
 380   response[0] = 0;
 381
 382   // Check if the time is right to ping.
 383   if (!FinancialPing::IsPingTime(product, false))
 384     return false;
 385
 386   // Send out the ping.
 387   std::string response_string;
 388   if (!FinancialPing::PingServer(request, &response_string))
 389     return false;
 390
 391   if (response_string.size() >= response_buffer_size)
 392     return false;
 393
 394   strncpy(response, response_string.c_str(), response_buffer_size);
 395   response[response_buffer_size - 1] = 0;
 396   return true;
 397 }
 398
 399 bool IsPingResponseValid(const char* response, int* checksum_idx) {
 400   if (!response || !response[0])
 401     return false;
 402
 403   if (checksum_idx)
 404     *checksum_idx = -1;
 405
 406   if (strlen(response) > kMaxPingResponseLength) {
 407     ASSERT_STRING("IsPingResponseValid: response is too long to parse.");
 408     return false;
 409   }
 410
 411   // Find the checksum line.
 412   std::string response_string(response);
 413
 414   std::string checksum_param("\ncrc32: ");
 415   int calculated_crc;
 416   int checksum_index = response_string.find(checksum_param);
 417   if (checksum_index >= 0) {
 418     // Calculate checksum of message preceeding checksum line.
 419     // (+ 1 to include the \n)
 420     std::string message(response_string.substr(0, checksum_index + 1));
 421     if (!Crc32(message.c_str(), &calculated_crc))
 422       return false;
 423   } else {
 424     checksum_param = "crc32: ";  // Empty response case.
 425     if (!StartsWithASCII(response_string, checksum_param, true))
 426       return false;
 427
 428     checksum_index = 0;
 429     if (!Crc32("", &calculated_crc))
 430       return false;
 431   }
 432
 433   // Find the checksum value on the response.
 434   int checksum_end = response_string.find("\n", checksum_index + 1);
 435   if (checksum_end < 0)
 436     checksum_end = response_string.size();
 437
 438   int checksum_begin = checksum_index + checksum_param.size();
 439   std::string checksum = response_string.substr(checksum_begin,
 440       checksum_end - checksum_begin + 1);
 441   base::TrimWhitespaceASCII(checksum, base::TRIM_ALL, &checksum);
 442
 443   if (checksum_idx)
 444     *checksum_idx = checksum_index;
 445
 446   return calculated_crc == HexStringToInteger(checksum.c_str());
 447 }
 448
 449 // Complex helpers built on top of other functions.
 450
 451 bool ParseFinancialPingResponse(Product product, const char* response) {
 452   // Update the last ping time irrespective of success.
 453   FinancialPing::UpdateLastPingTime(product);
 454   // Parse the ping response - update RLZs, clear events.
 455   return ParsePingResponse(product, response);
 456 }
 457
 458 bool SendFinancialPing(Product product, const AccessPoint* access_points,
 459                        const char* product_signature,
 460                        const char* product_brand,
 461                        const char* product_id, const char* product_lang,
 462                        bool exclude_machine_id) {
 463   return SendFinancialPing(product, access_points, product_signature,
 464                            product_brand, product_id, product_lang,
 465                            exclude_machine_id, false);
 466 }
 467
 468
 469 bool SendFinancialPing(Product product, const AccessPoint* access_points,
 470                        const char* product_signature,
 471                        const char* product_brand,
 472                        const char* product_id, const char* product_lang,
 473                        bool exclude_machine_id,
 474                        const bool skip_time_check) {
 475   // Create the financial ping request.
 476   std::string request;
 477   if (!FinancialPing::FormRequest(product, access_points, product_signature,
 478                                   product_brand, product_id, product_lang,
 479                                   exclude_machine_id, &request))
 480     return false;
 481
 482   // Check if the time is right to ping.
 483   if (!FinancialPing::IsPingTime(product, skip_time_check))
 484     return false;
 485
 486   // Send out the ping, update the last ping time irrespective of success.
 487   FinancialPing::UpdateLastPingTime(product);
 488   std::string response;
 489   if (!FinancialPing::PingServer(request.c_str(), &response))
 490     return false;
 491
 492   // Parse the ping response - update RLZs, clear events.
 493   return ParsePingResponse(product, response.c_str());
 494 }
 495
 496 // TODO: Use something like RSA to make sure the response is
 497 // from a Google server.
 498 bool ParsePingResponse(Product product, const char* response) {
 499   rlz_lib::ScopedRlzValueStoreLock lock;
 500   rlz_lib::RlzValueStore* store = lock.GetStore();
 501   if (!store || !store->HasAccess(rlz_lib::RlzValueStore::kWriteAccess))
 502     return false;
 503
 504   std::string response_string(response);
 505   int response_length = -1;
 506   if (!IsPingResponseValid(response, &response_length))
 507     return false;
 508
 509   if (0 == response_length)
 510     return true;  // Empty response - no parsing.
 511
 512   std::string events_variable;
 513   std::string stateful_events_variable;
 514   base::SStringPrintf(&events_variable, "%s: ", kEventsCgiVariable);
 515   base::SStringPrintf(&stateful_events_variable, "%s: ",
 516                       kStatefulEventsCgiVariable);
 517
 518   int rlz_cgi_length = strlen(kRlzCgiVariable);
 519
 520   // Split response lines. Expected response format is lines of the form:
 521   // rlzW1: 1R1_____en__252
 522   int line_end_index = -1;
 523   do {
 524     int line_begin = line_end_index + 1;
 525     line_end_index = response_string.find("\n", line_begin);
 526
 527     int line_end = line_end_index;
 528     if (line_end < 0)
 529       line_end = response_length;
 530
 531     if (line_end <= line_begin)
 532       continue;  // Empty line.
 533
 534     std::string response_line;
 535     response_line = response_string.substr(line_begin, line_end - line_begin);
 536
 537     if (StartsWithASCII(response_line, kRlzCgiVariable, true)) {  // An RLZ.
 538       int separator_index = -1;
 539       if ((separator_index = response_line.find(": ")) < 0)
 540         continue;  // Not a valid key-value pair.
 541
 542       // Get the access point.
 543       std::string point_name =
 544         response_line.substr(3, separator_index - rlz_cgi_length);
 545       AccessPoint point = NO_ACCESS_POINT;
 546       if (!GetAccessPointFromName(point_name.c_str(), &point) ||
 547           point == NO_ACCESS_POINT)
 548         continue;  // Not a valid access point.
 549
 550       // Get the new RLZ.
 551       std::string rlz_value(response_line.substr(separator_index + 2));
 552       base::TrimWhitespaceASCII(rlz_value, base::TRIM_LEADING, &rlz_value);
 553
 554       size_t rlz_length = rlz_value.find_first_of("\r\n ");
 555       if (rlz_length == std::string::npos)
 556         rlz_length = rlz_value.size();
 557
 558       if (rlz_length > kMaxRlzLength)
 559         continue;  // Too long.
 560
 561       if (IsAccessPointSupported(point))
 562         SetAccessPointRlz(point, rlz_value.substr(0, rlz_length).c_str());
 563     } else if (StartsWithASCII(response_line, events_variable, true)) {
 564       // Clear events which server parsed.
 565       std::vector<ReturnedEvent> event_array;
 566       GetEventsFromResponseString(response_line, events_variable, &event_array);
 567       for (size_t i = 0; i < event_array.size(); ++i) {
 568         ClearProductEvent(product, event_array[i].access_point,
 569                           event_array[i].event_type);
 570       }
 571     } else if (StartsWithASCII(response_line, stateful_events_variable, true)) {
 572       // Record any stateful events the server send over.
 573       std::vector<ReturnedEvent> event_array;
 574       GetEventsFromResponseString(response_line, stateful_events_variable,
 575                                   &event_array);
 576       for (size_t i = 0; i < event_array.size(); ++i) {
 577         RecordStatefulEvent(product, event_array[i].access_point,
 578                             event_array[i].event_type);
 579       }
 580     }
 581   } while (line_end_index >= 0);
 582
 583 #if defined(OS_WIN)
 584   // Update the DCC in registry if needed.
 585   SetMachineDealCodeFromPingResponse(response);
 586 #endif
 587
 588   return true;
 589 }
 590
 591 bool GetPingParams(Product product, const AccessPoint* access_points,
 592                    char* cgi, size_t cgi_size) {
 593   if (!cgi || cgi_size <= 0) {
 594     ASSERT_STRING("GetPingParams: Invalid buffer");
 595     return false;
 596   }
 597
 598   cgi[0] = 0;
 599
 600   if (!access_points) {
 601     ASSERT_STRING("GetPingParams: access_points is NULL");
 602     return false;
 603   }
 604
 605   // Add the RLZ Exchange Protocol version.
 606   std::string cgi_string(kProtocolCgiArgument);
 607
 608   // Copy the &rlz= over.
 609   base::StringAppendF(&cgi_string, "&%s=", kRlzCgiVariable);
 610
 611   {
 612     // Now add each of the RLZ's. Keep the lock during all GetAccessPointRlz()
 613     // calls below.
 614     ScopedRlzValueStoreLock lock;
 615     RlzValueStore* store = lock.GetStore();
 616     if (!store || !store->HasAccess(RlzValueStore::kReadAccess))
 617       return false;
 618     bool first_rlz = true;  // comma before every RLZ but the first.
 619     for (int i = 0; access_points[i] != NO_ACCESS_POINT; i++) {
 620       char rlz[kMaxRlzLength + 1];
 621       if (GetAccessPointRlz(access_points[i], rlz, arraysize(rlz))) {
 622         const char* access_point = GetAccessPointName(access_points[i]);
 623         if (!access_point)
 624           continue;
 625
 626         base::StringAppendF(&cgi_string, "%s%s%s%s",
 627                             first_rlz ? "" : kRlzCgiSeparator,
 628                             access_point, kRlzCgiIndicator, rlz);
 629         first_rlz = false;
 630       }
 631     }
 632
 633 #if defined(OS_WIN)
 634     // Report the DCC too if not empty. DCCs are windows-only.
 635     char dcc[kMaxDccLength + 1];
 636     dcc[0] = 0;
 637     if (GetMachineDealCode(dcc, arraysize(dcc)) && dcc[0])
 638       base::StringAppendF(&cgi_string, "&%s=%s", kDccCgiVariable, dcc);
 639 #endif
 640   }
 641
 642   if (cgi_string.size() >= cgi_size)
 643     return false;
 644
 645   strncpy(cgi, cgi_string.c_str(), cgi_size);
 646   cgi[cgi_size - 1] = 0;
 647
 648   return true;
 649 }
 650
 651 }  // namespace rlz_lib