components/certificate_transparency/log_dns_client.h - Issue 2367523002: Merge LogDnsClient's QueryLeafIndex and QueryAuditProof methods

Side by Side Diff: components/certificate_transparency/log_dns_client.h

Issue 2367523002: Merge LogDnsClient's QueryLeafIndex and QueryAuditProof methods (Closed)

Patch Set: Created 4 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

OLD	NEW
1 // Copyright 2016 The Chromium Authors. All rights reserved.	1 // Copyright 2016 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #ifndef COMPONENTS_CERTIFICATE_TRANSPARENCY_LOG_DNS_CLIENT_H_	5 #ifndef COMPONENTS_CERTIFICATE_TRANSPARENCY_LOG_DNS_CLIENT_H_

6 #define COMPONENTS_CERTIFICATE_TRANSPARENCY_LOG_DNS_CLIENT_H_	6 #define COMPONENTS_CERTIFICATE_TRANSPARENCY_LOG_DNS_CLIENT_H_

7	7

8 #include <stdint.h>	8 #include <stdint.h>

9	9

10 #include <list>	10 #include <list>

(...skipping 16 matching lines...) Expand all Loading...
27	27

28 namespace certificate_transparency {	28 namespace certificate_transparency {

29	29

30 // Queries Certificate Transparency (CT) log servers via DNS.	30 // Queries Certificate Transparency (CT) log servers via DNS.

31 // All queries are performed asynchronously.	31 // All queries are performed asynchronously.

32 // For more information, see	32 // For more information, see

33 // https://github.com/google/certificate-transparency-rfcs/blob/master/dns/draft -ct-over-dns.md.	33 // https://github.com/google/certificate-transparency-rfcs/blob/master/dns/draft -ct-over-dns.md.

34 // It must be created and deleted on the same thread. It is not thread-safe.	34 // It must be created and deleted on the same thread. It is not thread-safe.

35 class LogDnsClient : public net::NetworkChangeNotifier::DNSObserver {	35 class LogDnsClient : public net::NetworkChangeNotifier::DNSObserver {

36 public:	36 public:

37 // Invoked when a leaf index query completes.

38 // If an error occured, \|net_error\| will be a net::Error code, otherwise it

39 // will be net::OK and \|leaf_index\| will be the leaf index that was received.

40 using LeafIndexCallback =

41 base::Callback<void(int net_error, uint64_t leaf_index)>;

42 // Invoked when an audit proof query completes.	37 // Invoked when an audit proof query completes.

43 // If an error occurred, \|net_error\| will be a net::Error code, otherwise it	38 // If an error occurred, \|net_error\| will be a net::Error code, otherwise it

44 // will be net::OK and \|proof\| will be the audit proof that was received.	39 // will be net::OK and \|proof\| will be the audit proof that was received.

45 // The log ID of \|proof\| will not be set, as that is not known by this class,	40 // The log ID of \|proof\| will not be set, as that is not known by this class,

46 // but the leaf index will be set.	41 // but the leaf index will be set.

47 using AuditProofCallback =	42 using AuditProofCallback =

48 base::Callback<void(int net_error,	43 base::Callback<void(int net_error,

49 std::unique_ptr<net::ct::MerkleAuditProof> proof)>;	44 std::unique_ptr<net::ct::MerkleAuditProof> proof)>;

50	45

51 // Creates a log client that will take ownership of \|dns_client\| and use it	46 // Creates a log client that will take ownership of \|dns_client\| and use it

(...skipping 11 matching lines...) Expand all Loading...
63 ~LogDnsClient() override;	58 ~LogDnsClient() override;

64	59

65 // Called by NetworkChangeNotifier when the DNS config changes.	60 // Called by NetworkChangeNotifier when the DNS config changes.

66 // The DnsClient's config will be updated in response.	61 // The DnsClient's config will be updated in response.

67 void OnDNSChanged() override;	62 void OnDNSChanged() override;

68	63

69 // Called by NetworkChangeNotifier when the DNS config is first read.	64 // Called by NetworkChangeNotifier when the DNS config is first read.

70 // The DnsClient's config will be updated in response.	65 // The DnsClient's config will be updated in response.

71 void OnInitialDNSConfigRead() override;	66 void OnInitialDNSConfigRead() override;

72	67

73 // Queries a CT log to discover the index of the leaf with \|leaf_hash\|.	68 // Queries a CT log to retrieve an audit proof for the leaf with \|leaf_hash\|.

74 // The log is identified by \|domain_for_log\|, which is the DNS name used as a	69 // The \|leaf_hash\| is the SHA-256 Merkle leaf hash (see RFC6962, section 2.1).

75 // suffix for all queries.

76 // The \|leaf_hash\| is the SHA-256 hash of a Merkle tree leaf in that log.

77 // The \|callback\| is invoked when the query is complete, or an error occurs.

78 void QueryLeafIndex(base::StringPiece domain_for_log,

79 base::StringPiece leaf_hash,

80 const LeafIndexCallback& callback);

81

82 // Queries a CT log to retrieve an audit proof for the leaf at \|leaf_index\|.

83 // The size of the CT log tree must be provided in \|tree_size\|.	70 // The size of the CT log tree must be provided in \|tree_size\|.

84 // The log is identified by \|domain_for_log\|, which is the DNS name used as a	71 // The log is identified by \|domain_for_log\|, which is the DNS name used as a

85 // suffix for all queries.	72 // suffix for all queries.

86 // The \|callback\| is invoked when the query is complete, or an error occurs.	73 // The \|callback\| is invoked when the query is complete, or an error occurs.

87 void QueryAuditProof(base::StringPiece domain_for_log,	74 void QueryAuditProof(base::StringPiece domain_for_log,

88 uint64_t leaf_index,	75 base::StringPiece leaf_hash,

89 uint64_t tree_size,	76 uint64_t tree_size,

90 const AuditProofCallback& callback);	77 const AuditProofCallback& callback);

91	78

92 private:	79 private:

93 void QueryLeafIndexComplete(net::DnsTransaction* transaction,	80 void QueryLeafIndex(base::StringPiece domain_for_log,

	81 base::StringPiece leaf_hash,

	82 uint64_t tree_size,

	83 const AuditProofCallback& callback);

	84

	85 void QueryLeafIndexComplete(base::StringPiece domain_for_log,

	86 uint64_t tree_size,

	87 net::DnsTransaction* transaction,

94 int neterror,	88 int neterror,

95 const net::DnsResponse* response);	89 const net::DnsResponse* response);

96	90

97 // Queries a CT log to retrieve part of an audit \|proof\|. The \|node_index\|	91 // Queries a CT log to retrieve part of an audit \|proof\|. The \|node_index\|

98 // indicates which node of the audit proof/ should be requested. The CT log	92 // indicates which node of the audit proof/ should be requested. The CT log

99 // may return up to 7 nodes, starting from \|node_index\| (this is the maximum	93 // may return up to 7 nodes, starting from \|node_index\| (this is the maximum

100 // that will fit in a DNS UDP packet). The nodes will be appended to	94 // that will fit in a DNS UDP packet). The nodes will be appended to

101 // \|proof->nodes\|.	95 // \|proof->nodes\|.

102 void QueryAuditProofNodes(std::unique_ptr<net::ct::MerkleAuditProof> proof,	96 void QueryAuditProofNodes(std::unique_ptr<net::ct::MerkleAuditProof> proof,

103 base::StringPiece domain_for_log,	97 base::StringPiece domain_for_log,

104 uint64_t tree_size,	98 uint64_t tree_size,

105 uint64_t node_index,	99 uint64_t node_index,

106 const AuditProofCallback& callback);	100 const AuditProofCallback& callback);

107	101

108 void QueryAuditProofNodesComplete(	102 void QueryAuditProofNodesComplete(

109 std::unique_ptr<net::ct::MerkleAuditProof> proof,	103 std::unique_ptr<net::ct::MerkleAuditProof> proof,

110 base::StringPiece domain_for_log,	104 base::StringPiece domain_for_log,

111 uint64_t tree_size,	105 uint64_t tree_size,

112 net::DnsTransaction* transaction,	106 net::DnsTransaction* transaction,

113 int net_error,	107 int net_error,

114 const net::DnsResponse* response);	108 const net::DnsResponse* response);
	Ryan Sleevi 2016/09/23 21:59:29 Can these four methods be encapsulated into an int Can these four methods be encapsulated into an internal implementation? It seems like they could - that is, the only sort of private structures necessary are the dns_client and maybe the bound_net_log, but those could be passed internally in the constructor of the internal "Query" object - because they're guaranteed to outlive the query (c.f. 126ish) Rob Percival 2016/09/27 17:44:17 Done. Show quoted text On 2016/09/23 21:59:29, Ryan Sleevi (slow) wrote: > Can these four methods be encapsulated into an internal implementation? It seems > like they could - that is, the only sort of private structures necessary are the > dns_client and maybe the bound_net_log, but those could be passed internally in > the constructor of the internal "Query" object - because they're guaranteed to > outlive the query (c.f. 126ish) Done.
115	109

116 // Returns true if the maximum number of queries are currently in flight.	110 // Returns true if the maximum number of queries are currently in flight.

117 // If the maximum number of concurrency queries is set to 0, this will always	111 // If the maximum number of concurrency queries is set to 0, this will always

118 // return false.	112 // return false.

119 bool HasMaxConcurrentQueriesInProgress() const;	113 bool HasMaxConcurrentQueriesInProgress() const;

120	114

121 // Updates the \|dns_client_\| config using NetworkChangeNotifier.	115 // Updates the \|dns_client_\| config using NetworkChangeNotifier.

122 void UpdateDnsConfig();	116 void UpdateDnsConfig();

123	117

124 // A DNS query that is in flight.	118 // A DNS query that is in flight.

125 template <typename CallbackType>	119 struct Query;

126 struct Query {

127 std::unique_ptr<net::DnsTransaction> transaction;

128 CallbackType callback;

129 };

130	120

131 // Used to perform DNS queries.	121 // Used to perform DNS queries.

132 std::unique_ptr<net::DnsClient> dns_client_;	122 std::unique_ptr<net::DnsClient> dns_client_;

133 // Passed to the DNS client for logging.	123 // Passed to the DNS client for logging.

134 net::BoundNetLog net_log_;	124 net::BoundNetLog net_log_;

135 // Leaf index queries that haven't completed yet.

136 std::list<Query<LeafIndexCallback>> leaf_index_queries_;

137 // Audit proof queries that haven't completed yet.	125 // Audit proof queries that haven't completed yet.

138 std::list<Query<AuditProofCallback>> audit_proof_queries_;	126 std::list<Query> audit_proof_queries_;

139 // The maximum number of queries that can be in flight at one time.	127 // The maximum number of queries that can be in flight at one time.

140 size_t max_concurrent_queries_;	128 size_t max_concurrent_queries_;

141 // Creates weak_ptrs to this, for callback purposes.	129 // Creates weak_ptrs to this, for callback purposes.

142 base::WeakPtrFactory<LogDnsClient> weak_ptr_factory_;	130 base::WeakPtrFactory<LogDnsClient> weak_ptr_factory_;

143	131

144 DISALLOW_COPY_AND_ASSIGN(LogDnsClient);	132 DISALLOW_COPY_AND_ASSIGN(LogDnsClient);

145 };	133 };

146	134

147 } // namespace certificate_transparency	135 } // namespace certificate_transparency

148 #endif // COMPONENTS_CERTIFICATE_TRANSPARENCY_LOG_DNS_CLIENT_H_	136 #endif // COMPONENTS_CERTIFICATE_TRANSPARENCY_LOG_DNS_CLIENT_H_

OLD	NEW

« no previous file with comments | « no previous file | components/certificate_transparency/log_dns_client.cc » ('j') | components/certificate_transparency/log_dns_client.cc » ('J')