From 0da033e962a8afdf0191673558e1c17042e5c320 Mon Sep 17 00:00:00 2001 From: Gian-Carlo Pascutto Date: Tue, 8 Jan 2013 16:43:33 +0100 Subject: [PATCH] Bug 825891 - Remove the code for per-client randomization in the url-classifier. r=dcamp --- b2g/app/b2g.js | 3 - browser/app/profile/firefox.js | 3 - mobile/android/app/mobile.js | 3 - .../components/url-classifier/Classifier.cpp | 87 +------------------ .../components/url-classifier/Classifier.h | 3 - .../components/url-classifier/HashStore.cpp | 7 -- .../components/url-classifier/LookupCache.cpp | 76 +--------------- .../components/url-classifier/LookupCache.h | 22 +---- .../url-classifier/ProtocolParser.cpp | 79 ++--------------- .../url-classifier/ProtocolParser.h | 6 +- .../nsUrlClassifierDBService.cpp | 39 ++------- 11 files changed, 25 insertions(+), 303 deletions(-) diff --git a/b2g/app/b2g.js b/b2g/app/b2g.js index 336012e5e8d2..91a084740fa3 100644 --- a/b2g/app/b2g.js +++ b/b2g/app/b2g.js @@ -328,9 +328,6 @@ pref("urlclassifier.alternate_error_page", "blocked"); // The number of random entries to send with a gethash request. pref("urlclassifier.gethashnoise", 4); -// Randomize all UrlClassifier data with a per-client key. -pref("urlclassifier.randomizeclient", false); - // The list of tables that use the gethash request to confirm partial results. pref("urlclassifier.gethashtables", "goog-phish-shavar,goog-malware-shavar"); diff --git a/browser/app/profile/firefox.js b/browser/app/profile/firefox.js index e2954eeb4408..748911013d2b 100644 --- a/browser/app/profile/firefox.js +++ b/browser/app/profile/firefox.js @@ -736,9 +736,6 @@ pref("urlclassifier.alternate_error_page", "blocked"); // The number of random entries to send with a gethash request. pref("urlclassifier.gethashnoise", 4); -// Randomize all UrlClassifier data with a per-client key. -pref("urlclassifier.randomizeclient", false); - // The list of tables that use the gethash request to confirm partial results. pref("urlclassifier.gethashtables", "goog-phish-shavar,goog-malware-shavar"); diff --git a/mobile/android/app/mobile.js b/mobile/android/app/mobile.js index 65395735702b..edbeb27194c8 100644 --- a/mobile/android/app/mobile.js +++ b/mobile/android/app/mobile.js @@ -575,9 +575,6 @@ pref("urlclassifier.alternate_error_page", "blocked"); // The number of random entries to send with a gethash request. pref("urlclassifier.gethashnoise", 4); -// Randomize all UrlClassifier data with a per-client key. -pref("urlclassifier.randomizeclient", false); - // The list of tables that use the gethash request to confirm partial results. pref("urlclassifier.gethashtables", "goog-phish-shavar,goog-malware-shavar"); diff --git a/toolkit/components/url-classifier/Classifier.cpp b/toolkit/components/url-classifier/Classifier.cpp index 1df8598b57e4..90619b49debc 100644 --- a/toolkit/components/url-classifier/Classifier.cpp +++ b/toolkit/components/url-classifier/Classifier.cpp @@ -34,7 +34,6 @@ namespace safebrowsing { Classifier::Classifier() : mFreshTime(45 * 60) - , mPerClientRandomize(true) { } @@ -43,77 +42,6 @@ Classifier::~Classifier() Close(); } -/* - * Generate a unique 32-bit key for this user, which we will - * use to rehash all prefixes. This ensures that different users - * will get hash collisions on different prefixes, which in turn - * avoids that "unlucky" URLs get mysterious slowdowns, and that - * the servers get spammed if any such URL should get slashdotted. - * https://bugzilla.mozilla.org/show_bug.cgi?id=669407#c10 - */ -nsresult -Classifier::InitKey() -{ - nsCOMPtr storeFile; - nsresult rv = mStoreDirectory->Clone(getter_AddRefs(storeFile)); - NS_ENSURE_SUCCESS(rv, rv); - - rv = storeFile->AppendNative(NS_LITERAL_CSTRING("classifier.hashkey")); - NS_ENSURE_SUCCESS(rv, rv); - - bool exists; - rv = storeFile->Exists(&exists); - NS_ENSURE_SUCCESS(rv, rv); - - if (!exists) { - // generate and store key - nsCOMPtr rg = - do_GetService("@mozilla.org/security/random-generator;1"); - NS_ENSURE_STATE(rg); - - uint8_t *temp; - nsresult rv = rg->GenerateRandomBytes(sizeof(mHashKey), &temp); - NS_ENSURE_SUCCESS(rv, rv); - memcpy(&mHashKey, temp, sizeof(mHashKey)); - NS_Free(temp); - - nsCOMPtr out; - rv = NS_NewSafeLocalFileOutputStream(getter_AddRefs(out), storeFile, - -1, -1, 0); - NS_ENSURE_SUCCESS(rv, rv); - - uint32_t written; - rv = out->Write(reinterpret_cast(&mHashKey), sizeof(uint32_t), &written); - NS_ENSURE_SUCCESS(rv, rv); - - nsCOMPtr safeOut = do_QueryInterface(out); - rv = safeOut->Finish(); - NS_ENSURE_SUCCESS(rv, rv); - - LOG(("Initialized classifier, key = %X", mHashKey)); - } else { - // read key - nsCOMPtr inputStream; - rv = NS_NewLocalFileInputStream(getter_AddRefs(inputStream), storeFile, - -1, -1, 0); - NS_ENSURE_SUCCESS(rv, rv); - - nsCOMPtr seekable = do_QueryInterface(inputStream); - nsresult rv = seekable->Seek(nsISeekableStream::NS_SEEK_SET, 0); - NS_ENSURE_SUCCESS(rv, rv); - - void *buffer = &mHashKey; - rv = NS_ReadInputStreamToBuffer(inputStream, - &buffer, - sizeof(uint32_t)); - NS_ENSURE_SUCCESS(rv, rv); - - LOG(("Loaded classifier key = %X", mHashKey)); - } - - return NS_OK; -} - nsresult Classifier::SetupPathNames() { @@ -198,13 +126,6 @@ Classifier::Open(nsIFile& aCacheDirectory) mCryptoHash = do_CreateInstance(NS_CRYPTO_HASH_CONTRACTID, &rv); NS_ENSURE_SUCCESS(rv, rv); - rv = InitKey(); - if (NS_FAILED(rv)) { - // Without a usable key the database is useless - Reset(); - return NS_ERROR_FAILURE; - } - mTableFreshness.Init(); // Build the list of know urlclassifier lists @@ -321,9 +242,7 @@ Classifier::Check(const nsACString& aSpec, LookupResultArray& aResults) for (uint32_t i = 0; i < cacheArray.Length(); i++) { LookupCache *cache = cacheArray[i]; bool has, complete; - Prefix codedPrefix; - rv = cache->Has(lookupHash, hostKey, mHashKey, - &has, &complete, &codedPrefix); + rv = cache->Has(lookupHash, &has, &complete); NS_ENSURE_SUCCESS(rv, rv); if (has) { LookupResult *result = aResults.AppendElement(); @@ -345,7 +264,6 @@ Classifier::Check(const nsACString& aSpec, LookupResultArray& aResults) age)); result->hash.complete = lookupHash; - result->mCodedPrefix = codedPrefix; result->mComplete = complete; result->mFresh = (age < mFreshTime); result->mTableName.Assign(cache->TableName()); @@ -758,8 +676,7 @@ Classifier::GetLookupCache(const nsACString& aTable) } } - LookupCache *cache = new LookupCache(aTable, mStoreDirectory, - mPerClientRandomize); + LookupCache *cache = new LookupCache(aTable, mStoreDirectory); nsresult rv = cache->Init(); if (NS_FAILED(rv)) { return nullptr; diff --git a/toolkit/components/url-classifier/Classifier.h b/toolkit/components/url-classifier/Classifier.h index 53121bf76c33..0633fab851f6 100644 --- a/toolkit/components/url-classifier/Classifier.h +++ b/toolkit/components/url-classifier/Classifier.h @@ -60,7 +60,6 @@ public: nsresult CacheCompletions(const CacheResultArray& aResults); uint32_t GetHashKey(void) { return mHashKey; } void SetFreshTime(uint32_t aTime) { mFreshTime = aTime; } - void SetPerClientRandomize(bool aRandomize) { mPerClientRandomize = aRandomize; } /* * Get a bunch of extra prefixes to query for completion * and mask the real entry being requested @@ -84,7 +83,6 @@ private: const nsACString& aTable); LookupCache *GetLookupCache(const nsACString& aTable); - nsresult InitKey(); // Root dir of the Local profile. nsCOMPtr mCacheDirectory; @@ -101,7 +99,6 @@ private: // Stores the last time a given table was updated (seconds). nsDataHashtable mTableFreshness; uint32_t mFreshTime; - bool mPerClientRandomize; }; } diff --git a/toolkit/components/url-classifier/HashStore.cpp b/toolkit/components/url-classifier/HashStore.cpp index 41314f93ff3a..df317b76169e 100644 --- a/toolkit/components/url-classifier/HashStore.cpp +++ b/toolkit/components/url-classifier/HashStore.cpp @@ -994,13 +994,6 @@ HashStore::ProcessSubs() RemoveMatchingPrefixes(mSubPrefixes, &mAddCompletes); RemoveMatchingPrefixes(mSubPrefixes, &mSubCompletes); - // Clean up temporary subs (without per-client randomization), - // that we temporarily stored so we could knock out completes. - ChunkSet dummyChunks; - dummyChunks.Set(0); - ExpireEntries(&mSubPrefixes, dummyChunks); - mSubChunks.Remove(dummyChunks); - // Remove any remaining subbed prefixes from both addprefixes // and addcompletes. KnockoutSubs(&mSubPrefixes, &mAddPrefixes); diff --git a/toolkit/components/url-classifier/LookupCache.cpp b/toolkit/components/url-classifier/LookupCache.cpp index 9ed899da9b0f..2033d4252134 100644 --- a/toolkit/components/url-classifier/LookupCache.cpp +++ b/toolkit/components/url-classifier/LookupCache.cpp @@ -48,10 +48,8 @@ namespace safebrowsing { const uint32_t LOOKUPCACHE_MAGIC = 0x1231af3e; const uint32_t CURRENT_VERSION = 2; -LookupCache::LookupCache(const nsACString& aTableName, nsIFile* aStoreDir, - bool aPerClientRandomize) +LookupCache::LookupCache(const nsACString& aTableName, nsIFile* aStoreDir) : mPrimed(false) - , mPerClientRandomize(aPerClientRandomize) , mTableName(aTableName) , mStoreDirectory(aStoreDir) { @@ -191,25 +189,14 @@ LookupCache::Dump() nsresult LookupCache::Has(const Completion& aCompletion, - const Completion& aHostkey, - const uint32_t aHashKey, - bool* aHas, bool* aComplete, - Prefix* aOrigPrefix) + bool* aHas, bool* aComplete) { *aHas = *aComplete = false; uint32_t prefix = aCompletion.ToUint32(); - uint32_t hostkey = aHostkey.ToUint32(); - uint32_t codedkey; - nsresult rv = KeyedHash(prefix, hostkey, aHashKey, &codedkey, !mPerClientRandomize); - NS_ENSURE_SUCCESS(rv, rv); - - Prefix codedPrefix; - codedPrefix.FromUint32(codedkey); - *aOrigPrefix = codedPrefix; bool found; - rv = mPrefixSet->Contains(codedkey, &found); + nsresult rv = mPrefixSet->Contains(prefix, &found); NS_ENSURE_SUCCESS(rv, rv); LOG(("Probe in %s: %X, found %d", mTableName.get(), prefix, found)); @@ -594,63 +581,6 @@ LookupCache::GetHostKeys(const nsACString& aSpec, return NS_OK; } -/* We have both a prefix and a domain. Drop the domain, but - hash the domain, the prefix and a random value together, - ensuring any collisions happens at a different points for - different users. -*/ -/* static */ nsresult LookupCache::KeyedHash(uint32_t aPref, uint32_t aHostKey, - uint32_t aUserKey, uint32_t* aOut, - bool aPassthrough) -{ - /* Do not do any processing in passthrough mode. */ - if (aPassthrough) { - *aOut = aPref; - return NS_OK; - } - - /* This is a reimplementation of MurmurHash3 32-bit - based on the public domain C++ sources. - http://code.google.com/p/smhasher/source/browse/trunk/MurmurHash3.cpp - for nblocks = 2 - */ - uint32_t c1 = 0xCC9E2D51; - uint32_t c2 = 0x1B873593; - uint32_t c3 = 0xE6546B64; - uint32_t c4 = 0x85EBCA6B; - uint32_t c5 = 0xC2B2AE35; - uint32_t h1 = aPref; // seed - uint32_t k1; - uint32_t karr[2]; - - karr[0] = aHostKey; - karr[1] = aUserKey; - - for (uint32_t i = 0; i < 2; i++) { - k1 = karr[i]; - k1 *= c1; - k1 = (k1 << 15) | (k1 >> (32-15)); - k1 *= c2; - - h1 ^= k1; - h1 = (h1 << 13) | (h1 >> (32-13)); - h1 *= 5; - h1 += c3; - } - - h1 ^= 2; // len - // fmix - h1 ^= h1 >> 16; - h1 *= c4; - h1 ^= h1 >> 13; - h1 *= c5; - h1 ^= h1 >> 16; - - *aOut = h1; - - return NS_OK; -} - bool LookupCache::IsPrimed() { return mPrimed; diff --git a/toolkit/components/url-classifier/LookupCache.h b/toolkit/components/url-classifier/LookupCache.h index 6dc16893a1d9..de7546396735 100644 --- a/toolkit/components/url-classifier/LookupCache.h +++ b/toolkit/components/url-classifier/LookupCache.h @@ -45,9 +45,6 @@ public: // that is inserted to mask the true URL we are requesting bool mNoise; - // Value of actual key looked up in the prefixset (coded with client key) - Prefix mCodedPrefix; - // True if we've updated this table recently-enough. bool mFresh; @@ -89,18 +86,7 @@ public: static nsresult GetKey(const nsACString& aSpec, Completion* aHash, nsCOMPtr& aCryptoHash); - /* We have both a prefix and a domain. Drop the domain, but - hash the domain, the prefix and a random value together, - ensuring any collisions happens at a different points for - different users. If aPassthrough is set, we ignore the - random value and copy prefix directly into output. - */ - static nsresult KeyedHash(uint32_t aPref, uint32_t aHostKey, - uint32_t aUserKey, uint32_t* aOut, - bool aPassthrough); - - LookupCache(const nsACString& aTableName, nsIFile* aStoreFile, - bool aPerClientRandomize); + LookupCache(const nsACString& aTableName, nsIFile* aStoreFile); ~LookupCache(); const nsCString &TableName() const { return mTableName; } @@ -121,10 +107,7 @@ public: #endif nsresult WriteFile(); nsresult Has(const Completion& aCompletion, - const Completion& aHostkey, - uint32_t aHashKey, - bool* aHas, bool* aComplete, - Prefix* aOrigPrefix); + bool* aHas, bool* aComplete); bool IsPrimed(); private: @@ -147,7 +130,6 @@ private: Header mHeader; bool mPrimed; - bool mPerClientRandomize; nsCString mTableName; nsCOMPtr mStoreDirectory; CompletionArray mCompletions; diff --git a/toolkit/components/url-classifier/ProtocolParser.cpp b/toolkit/components/url-classifier/ProtocolParser.cpp index 0e3117c675ed..542c302ab735 100644 --- a/toolkit/components/url-classifier/ProtocolParser.cpp +++ b/toolkit/components/url-classifier/ProtocolParser.cpp @@ -65,9 +65,8 @@ ParseChunkRange(nsACString::const_iterator& aBegin, return false; } -ProtocolParser::ProtocolParser(uint32_t aHashKey) +ProtocolParser::ProtocolParser() : mState(PROTOCOL_STATE_CONTROL) - , mHashKey(aHashKey) , mUpdateStatus(NS_OK) , mUpdateWait(0) , mResetRequested(false) @@ -81,10 +80,9 @@ ProtocolParser::~ProtocolParser() } nsresult -ProtocolParser::Init(nsICryptoHash* aHasher, bool aPerClientRandomize) +ProtocolParser::Init(nsICryptoHash* aHasher) { mCryptoHash = aHasher; - mPerClientRandomize = aPerClientRandomize; return NS_OK; } @@ -426,7 +424,6 @@ ProtocolParser::ProcessPlaintextChunk(const nsACString& aChunk) return NS_ERROR_FAILURE; } - nsresult rv; nsTArray lines; ParseString(PromiseFlatCString(aChunk), '\n', lines); @@ -441,18 +438,9 @@ ProtocolParser::ProcessPlaintextChunk(const nsACString& aChunk) mTableUpdate->NewAddComplete(mChunkState.num, hash); } else { NS_ASSERTION(mChunkState.hashSize == 4, "Only 32- or 4-byte hashes can be used for add chunks."); - Completion hash; - Completion domHash; - Prefix newHash; - rv = LookupCache::GetKey(line, &domHash, mCryptoHash); - NS_ENSURE_SUCCESS(rv, rv); + Prefix hash; hash.FromPlaintext(line, mCryptoHash); - uint32_t codedHash; - rv = LookupCache::KeyedHash(hash.ToUint32(), domHash.ToUint32(), mHashKey, - &codedHash, !mPerClientRandomize); - NS_ENSURE_SUCCESS(rv, rv); - newHash.FromUint32(codedHash); - mTableUpdate->NewAddPrefix(mChunkState.num, newHash); + mTableUpdate->NewAddPrefix(mChunkState.num, hash); } } else { nsCString::const_iterator begin, iter, end; @@ -474,21 +462,8 @@ ProtocolParser::ProcessPlaintextChunk(const nsACString& aChunk) } else { NS_ASSERTION(mChunkState.hashSize == 4, "Only 32- or 4-byte hashes can be used for add chunks."); Prefix hash; - Completion domHash; - rv = LookupCache::GetKey(Substring(iter, end), &domHash, mCryptoHash); - NS_ENSURE_SUCCESS(rv, rv); hash.FromPlaintext(Substring(iter, end), mCryptoHash); - uint32_t codedHash; - rv = LookupCache::KeyedHash(hash.ToUint32(), domHash.ToUint32(), mHashKey, - &codedHash, !mPerClientRandomize); - NS_ENSURE_SUCCESS(rv, rv); - Prefix newHash; - newHash.FromUint32(codedHash); - mTableUpdate->NewSubPrefix(addChunk, newHash, mChunkState.num); - // Needed to knock out completes - // Fake chunk nr, will cause it to be removed next update - mTableUpdate->NewSubPrefix(addChunk, hash, 0); - mTableUpdate->NewSubChunk(0); + mTableUpdate->NewSubPrefix(addChunk, hash, mChunkState.num); } } } @@ -539,16 +514,8 @@ ProtocolParser::ProcessHostAdd(const Prefix& aDomain, uint8_t aNumEntries, NS_ASSERTION(mChunkState.hashSize == PREFIX_SIZE, "ProcessHostAdd should only be called for prefix hashes."); - uint32_t codedHash; - uint32_t domHash = aDomain.ToUint32(); - if (aNumEntries == 0) { - nsresult rv = LookupCache::KeyedHash(domHash, domHash, mHashKey, &codedHash, - !mPerClientRandomize); - NS_ENSURE_SUCCESS(rv, rv); - Prefix newHash; - newHash.FromUint32(codedHash); - mTableUpdate->NewAddPrefix(mChunkState.num, newHash); + mTableUpdate->NewAddPrefix(mChunkState.num, aDomain); return NS_OK; } @@ -560,12 +527,7 @@ ProtocolParser::ProcessHostAdd(const Prefix& aDomain, uint8_t aNumEntries, for (uint8_t i = 0; i < aNumEntries; i++) { Prefix hash; hash.Assign(Substring(aChunk, *aStart, PREFIX_SIZE)); - nsresult rv = LookupCache::KeyedHash(hash.ToUint32(), domHash, mHashKey, &codedHash, - !mPerClientRandomize); - NS_ENSURE_SUCCESS(rv, rv); - Prefix newHash; - newHash.FromUint32(codedHash); - mTableUpdate->NewAddPrefix(mChunkState.num, newHash); + mTableUpdate->NewAddPrefix(mChunkState.num, hash); *aStart += PREFIX_SIZE; } @@ -579,9 +541,6 @@ ProtocolParser::ProcessHostSub(const Prefix& aDomain, uint8_t aNumEntries, NS_ASSERTION(mChunkState.hashSize == PREFIX_SIZE, "ProcessHostSub should only be called for prefix hashes."); - uint32_t codedHash; - uint32_t domHash = aDomain.ToUint32(); - if (aNumEntries == 0) { if ((*aStart) + 4 > aChunk.Length()) { NS_WARNING("Received a zero-entry sub chunk without an associated add."); @@ -595,17 +554,7 @@ ProtocolParser::ProcessHostSub(const Prefix& aDomain, uint8_t aNumEntries, memcpy(&addChunk, addChunkStr.BeginReading(), 4); addChunk = PR_ntohl(addChunk); - nsresult rv = LookupCache::KeyedHash(domHash, domHash, mHashKey, &codedHash, - !mPerClientRandomize); - NS_ENSURE_SUCCESS(rv, rv); - Prefix newHash; - newHash.FromUint32(codedHash); - - mTableUpdate->NewSubPrefix(addChunk, newHash, mChunkState.num); - // Needed to knock out completes - // Fake chunk nr, will cause it to be removed next update - mTableUpdate->NewSubPrefix(addChunk, aDomain, 0); - mTableUpdate->NewSubChunk(0); + mTableUpdate->NewSubPrefix(addChunk, aDomain, mChunkState.num); return NS_OK; } @@ -626,17 +575,7 @@ ProtocolParser::ProcessHostSub(const Prefix& aDomain, uint8_t aNumEntries, prefix.Assign(Substring(aChunk, *aStart, PREFIX_SIZE)); *aStart += PREFIX_SIZE; - nsresult rv = LookupCache::KeyedHash(prefix.ToUint32(), domHash, mHashKey, - &codedHash, !mPerClientRandomize); - NS_ENSURE_SUCCESS(rv, rv); - Prefix newHash; - newHash.FromUint32(codedHash); - - mTableUpdate->NewSubPrefix(addChunk, newHash, mChunkState.num); - // Needed to knock out completes - // Fake chunk nr, will cause it to be removed next update - mTableUpdate->NewSubPrefix(addChunk, prefix, 0); - mTableUpdate->NewSubChunk(0); + mTableUpdate->NewSubPrefix(addChunk, prefix, mChunkState.num); } return NS_OK; diff --git a/toolkit/components/url-classifier/ProtocolParser.h b/toolkit/components/url-classifier/ProtocolParser.h index 7b5a92791f30..dd4d6f3b11e5 100644 --- a/toolkit/components/url-classifier/ProtocolParser.h +++ b/toolkit/components/url-classifier/ProtocolParser.h @@ -23,12 +23,12 @@ public: nsCString mac; }; - ProtocolParser(uint32_t aHashKey); + ProtocolParser(); ~ProtocolParser(); nsresult Status() const { return mUpdateStatus; } - nsresult Init(nsICryptoHash* aHasher, bool mPerClientRandomize); + nsresult Init(nsICryptoHash* aHasher); nsresult InitHMAC(const nsACString& aClientKey, const nsACString& aServerMAC); @@ -93,8 +93,6 @@ private: }; ChunkState mChunkState; - uint32_t mHashKey; - bool mPerClientRandomize; nsCOMPtr mCryptoHash; nsresult mUpdateStatus; diff --git a/toolkit/components/url-classifier/nsUrlClassifierDBService.cpp b/toolkit/components/url-classifier/nsUrlClassifierDBService.cpp index 66422a450ffd..cbcda737d604 100644 --- a/toolkit/components/url-classifier/nsUrlClassifierDBService.cpp +++ b/toolkit/components/url-classifier/nsUrlClassifierDBService.cpp @@ -63,9 +63,6 @@ PRLogModuleInfo *gUrlClassifierDbServiceLog = nullptr; #define CHECK_PHISHING_PREF "browser.safebrowsing.enabled" #define CHECK_PHISHING_DEFAULT false -#define RANDOMIZE_CLIENT_PREF "urlclassifier.randomizeclient" -#define RANDOMIZE_CLIENT_DEFAULT false - #define GETHASH_NOISE_PREF "urlclassifier.gethashnoise" #define GETHASH_NOISE_DEFAULT 4 @@ -117,8 +114,7 @@ public: NS_DECL_NSIURLCLASSIFIERDBSERVICE NS_DECL_NSIURLCLASSIFIERDBSERVICEWORKER - nsresult Init(uint32_t aGethashNoise, nsCOMPtr aCacheDir, - bool aPerClientRandomize); + nsresult Init(uint32_t aGethashNoise, nsCOMPtr aCacheDir); // Queue a lookup for the worker to perform, called in the main thread. nsresult QueueLookup(const nsACString& lookupKey, @@ -181,15 +177,9 @@ private: // The client key with which the data from the server will be MAC'ed. nsCString mUpdateClientKey; - // The client-specific hash key to rehash - uint32_t mHashKey; - // The number of noise entries to add to the set of lookup results. uint32_t mGethashNoise; - // Randomize clients with a key or not. - bool mPerClientRandomize; - // Pending lookups are stored in a queue for processing. The queue // is protected by mPendingLookupLock. Mutex mPendingLookupLock; @@ -212,7 +202,6 @@ NS_IMPL_THREADSAFE_ISUPPORTS2(nsUrlClassifierDBServiceWorker, nsUrlClassifierDBServiceWorker::nsUrlClassifierDBServiceWorker() : mInStream(false) , mGethashNoise(0) - , mPerClientRandomize(true) , mPendingLookupLock("nsUrlClassifierDBServerWorker.mPendingLookupLock") { } @@ -226,12 +215,10 @@ nsUrlClassifierDBServiceWorker::~nsUrlClassifierDBServiceWorker() nsresult nsUrlClassifierDBServiceWorker::Init(uint32_t aGethashNoise, - nsCOMPtr aCacheDir, - bool aPerClientRandomize) + nsCOMPtr aCacheDir) { mGethashNoise = aGethashNoise; mCacheDir = aCacheDir; - mPerClientRandomize = aPerClientRandomize; ResetUpdate(); @@ -323,7 +310,7 @@ nsUrlClassifierDBServiceWorker::DoLookup(const nsACString& spec, // We're going to be doing a gethash request, add some extra entries. // Note that we cannot pass the first two by reference, because we // add to completes, whicah can cause completes to reallocate and move. - AddNoise(completes->ElementAt(i).mCodedPrefix, + AddNoise(completes->ElementAt(i).hash.prefix, completes->ElementAt(i).mTableName, mGethashNoise, *completes); break; @@ -485,11 +472,11 @@ nsUrlClassifierDBServiceWorker::BeginStream(const nsACString &table, NS_ASSERTION(!mProtocolParser, "Should not have a protocol parser."); - mProtocolParser = new ProtocolParser(mHashKey); + mProtocolParser = new ProtocolParser(); if (!mProtocolParser) return NS_ERROR_OUT_OF_MEMORY; - mProtocolParser->Init(mCryptoHash, mPerClientRandomize); + mProtocolParser->Init(mCryptoHash); nsresult rv; @@ -709,7 +696,7 @@ nsUrlClassifierDBServiceWorker::CacheCompletions(CacheResultArray *results) // Ownership is transferred in to us nsAutoPtr resultsPtr(results); - nsAutoPtr pParse(new ProtocolParser(mHashKey)); + nsAutoPtr pParse(new ProtocolParser()); nsTArray updates; // Only cache results for tables that we have, don't take @@ -780,12 +767,10 @@ nsUrlClassifierDBServiceWorker::OpenDb() } classifier->SetFreshTime(gFreshnessGuarantee); - classifier->SetPerClientRandomize(mPerClientRandomize); rv = classifier->Open(*mCacheDir); NS_ENSURE_SUCCESS(rv, rv); - mHashKey = classifier->GetHashKey(); mClassifier = classifier; return NS_OK; @@ -1107,7 +1092,6 @@ nsUrlClassifierDBService::GetInstance(nsresult *result) nsUrlClassifierDBService::nsUrlClassifierDBService() : mCheckMalware(CHECK_MALWARE_DEFAULT) , mCheckPhishing(CHECK_PHISHING_DEFAULT) - , mPerClientRandomize(true) , mInUpdate(false) { } @@ -1159,15 +1143,6 @@ nsUrlClassifierDBService::Init() PR_ATOMIC_SET(&gFreshnessGuarantee, NS_SUCCEEDED(rv) ? tmpint : CONFIRM_AGE_DEFAULT_SEC); prefs->AddObserver(CONFIRM_AGE_PREF, this, false); - - rv = prefs->GetBoolPref(RANDOMIZE_CLIENT_PREF, &tmpbool); - mPerClientRandomize = NS_SUCCEEDED(rv) ? tmpbool : RANDOMIZE_CLIENT_DEFAULT; - - LOG(("Per client randomization is %s", - mPerClientRandomize ? "enabled" : "DISABLED")); - - /* We do not observe for runtime changes as changing this preference - in flight kills the database, so it's not really supported. */ } // Force PSM loading on main thread @@ -1192,7 +1167,7 @@ nsUrlClassifierDBService::Init() if (!mWorker) return NS_ERROR_OUT_OF_MEMORY; - rv = mWorker->Init(gethashNoise, cacheDir, mPerClientRandomize); + rv = mWorker->Init(gethashNoise, cacheDir); if (NS_FAILED(rv)) { mWorker = nullptr; return rv;