From e5fbc171aadf11843e71f86069d142f78cd64f2d Mon Sep 17 00:00:00 2001 From: "tony%ponderer.org" Date: Thu, 24 Aug 2006 00:11:59 +0000 Subject: [PATCH] bug 349234: only get a new key once per 24 hours patch: remember last getkey request r=provos,sr=darin --- browser/app/profile/firefox.js | 2 +- .../content/url-crypto-key-manager.js | 36 ++++++++++++++----- 2 files changed, 29 insertions(+), 9 deletions(-) diff --git a/browser/app/profile/firefox.js b/browser/app/profile/firefox.js index e23c1e829ca..0d77e07a78e 100644 --- a/browser/app/profile/firefox.js +++ b/browser/app/profile/firefox.js @@ -531,7 +531,7 @@ pref("browser.safebrowsing.dataProvider", 0); // Does the provider name need to be localizable? pref("browser.safebrowsing.provider.0.name", "Google"); pref("browser.safebrowsing.provider.0.lookupURL", "http://sb.google.com/safebrowsing/lookup?sourceid=firefox-antiphish&features=TrustRank&client={moz:client}&mozver={moz:version}-{moz:buildid}&"); -pref("browser.safebrowsing.provider.0.keyURL", "https://www.google.com/safebrowsing/getkey?"); +pref("browser.safebrowsing.provider.0.keyURL", "https://www.google.com/safebrowsing/getkey?client={moz:client}&"); pref("browser.safebrowsing.provider.0.reportURL", "http://sb.google.com/safebrowsing/report?"); // privacy policy -- must be chrome URL diff --git a/toolkit/components/url-classifier/content/url-crypto-key-manager.js b/toolkit/components/url-classifier/content/url-crypto-key-manager.js index 1c175ca8f36..2b0b1cdb8bd 100644 --- a/toolkit/components/url-classifier/content/url-crypto-key-manager.js +++ b/toolkit/components/url-classifier/content/url-crypto-key-manager.js @@ -55,13 +55,14 @@ // // We implement the following policy: // -// - The extension will issue at most two HTTPS getkey requests per session -// - The extension will issue one HTTPS getkey request at startup -// - The extension will serialize to disk any key it gets -// - The extension will fall back on this serialized key until it has a +// - Firefox will issue at most two HTTPS getkey requests per session +// - Firefox will issue one HTTPS getkey request at startup if more than 24 +// hours has passed since the last getkey request. +// - Firefox will serialize to disk any key it gets +// - Firefox will fall back on this serialized key until it has a // fresh key // - The front-end can respond with a flag in a lookup request that tells -// the client to re-key. The client will issue a new HTTPS getkey request +// the client to re-key. Firefox will issue a new HTTPS getkey request // at this time if it has only issued one before // We store the user key in this file. The key can be used to verify signed @@ -120,6 +121,13 @@ function PROT_UrlCryptoKeyManager(opt_keyFilename, opt_testing) { // Do ***** NOT ***** set this higher; HTTPS is expensive PROT_UrlCryptoKeyManager.MAX_REKEY_TRIES = 2; +// Base pref for keeping track of when we updated our key. +// We store the time as seconds since the epoch. +PROT_UrlCryptoKeyManager.NEXT_REKEY_PREF = "urlclassifier.keyupdatetime."; + +// Once a day (interval in seconds) +PROT_UrlCryptoKeyManager.KEY_MIN_UPDATE_TIME = 24 * 60 * 60; + // These are the names the server will respond with in protocol4 format PROT_UrlCryptoKeyManager.CLIENT_KEY_NAME = "clientkey"; PROT_UrlCryptoKeyManager.WRAPPED_KEY_NAME = "wrappedkey"; @@ -156,7 +164,13 @@ PROT_UrlCryptoKeyManager.prototype.setKeyUrl = function(keyUrl) { this.keyUrl_ = keyUrl; this.rekeyTries_ = 0; - this.reKey(); + + // Check to see if we should make a new getkey request. + var prefs = new G_Preferences(PROT_UrlCryptoKeyManager.NEXT_REKEY_PREF); + var nextRekey = prefs.getPref(this.keyUrl_, 0); + if (nextRekey < parseInt(Date.now() / 1000, 10)) { + this.reKey(); + } } /** @@ -173,11 +187,17 @@ PROT_UrlCryptoKeyManager.prototype.reKey = function() { this.rekeyTries_++; G_Debug(this, "Attempting to re-key"); - var prefs = new G_Preferences(); // If the keyUrl isn't set, we don't do anything. - if (!this.testing_ && this.keyUrl_) + if (!this.testing_ && this.keyUrl_) { (new PROT_XMLFetcher()).get(this.keyUrl_, BindToObject(this.onGetKeyResponse, this)); + + // Calculate the next time we're allowed to re-key. + var prefs = new G_Preferences(PROT_UrlCryptoKeyManager.NEXT_REKEY_PREF); + var nextRekey = parseInt(Date.now() / 1000, 10) + + PROT_UrlCryptoKeyManager.KEY_MIN_UPDATE_TIME; + prefs.setPref(this.keyUrl_, nextRekey); + } } /**