Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_update_engine / 7fca28632aaac41c8a2f2f29b519ac8a7387e65c / . / omaha_request_builder_xml.cc
blob: 899f17fff11324bcf7881586259ae5facdb3213d [file] [log] [blame]
Amin Hassani7fca2862019-03-28 16:09:22 -0700[diff] [blame^]1//
2// Copyright (C) 2019 The Android Open Source Project
3//
4// Licensed under the Apache License, Version 2.0 (the "License");
5// you may not use this file except in compliance with the License.
6// You may obtain a copy of the License at
7//
8// http://www.apache.org/licenses/LICENSE-2.0
9//
10// Unless required by applicable law or agreed to in writing, software
11// distributed under the License is distributed on an "AS IS" BASIS,
12// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13// See the License for the specific language governing permissions and
14// limitations under the License.
15//
16
17#include "update_engine/omaha_request_builder_xml.h"
18
19#include <inttypes.h>
20
21#include <string>
22
23#include <base/logging.h>
24#include <base/strings/string_number_conversions.h>
25#include <base/strings/string_util.h>
26#include <base/strings/stringprintf.h>
27#include <base/time/time.h>
28
29#include "update_engine/common/constants.h"
30#include "update_engine/common/prefs_interface.h"
31#include "update_engine/common/utils.h"
32#include "update_engine/omaha_request_params.h"
33
34using std::string;
35
36namespace chromeos_update_engine {
37
38const int kNeverPinged = -1;
39
40bool XmlEncode(const string& input, string* output) {
41 if (std::find_if(input.begin(), input.end(), [](const char c) {
42 return c & 0x80;
43 }) != input.end()) {
44 LOG(WARNING) << "Invalid ASCII-7 string passed to the XML encoder:";
45 utils::HexDumpString(input);
46 return false;
47 }
48 output->clear();
49 // We need at least input.size() space in the output, but the code below will
50 // handle it if we need more.
51 output->reserve(input.size());
52 for (char c : input) {
53 switch (c) {
54 case '\"':
55 output->append("&quot;");
56 break;
57 case '\'':
58 output->append("&apos;");
59 break;
60 case '&':
61 output->append("&amp;");
62 break;
63 case '<':
64 output->append("&lt;");
65 break;
66 case '>':
67 output->append("&gt;");
68 break;
69 default:
70 output->push_back(c);
71 }
72 }
73 return true;
74}
75
76string XmlEncodeWithDefault(const string& input, const string& default_value) {
77 string output;
78 if (XmlEncode(input, &output))
79 return output;
80 return default_value;
81}
82
83string GetPingAttribute(const string& name, int ping_days) {
84 if (ping_days > 0 || ping_days == kNeverPinged)
85 return base::StringPrintf(" %s=\"%d\"", name.c_str(), ping_days);
86 return "";
87}
88
89string GetPingXml(int ping_active_days, int ping_roll_call_days) {
90 string ping_active = GetPingAttribute("a", ping_active_days);
91 string ping_roll_call = GetPingAttribute("r", ping_roll_call_days);
92 if (!ping_active.empty() || !ping_roll_call.empty()) {
93 return base::StringPrintf(" <ping active=\"1\"%s%s></ping>\n",
94 ping_active.c_str(),
95 ping_roll_call.c_str());
96 }
97 return "";
98}
99
100string GetAppBody(const OmahaEvent* event,
101 OmahaRequestParams* params,
102 bool ping_only,
103 bool include_ping,
104 bool skip_updatecheck,
105 int ping_active_days,
106 int ping_roll_call_days,
107 PrefsInterface* prefs) {
108 string app_body;
109 if (event == nullptr) {
110 if (include_ping)
111 app_body = GetPingXml(ping_active_days, ping_roll_call_days);
112 if (!ping_only) {
113 if (!skip_updatecheck) {
114 app_body += " <updatecheck";
115 if (!params->target_version_prefix().empty()) {
116 app_body += base::StringPrintf(
117 " targetversionprefix=\"%s\"",
118 XmlEncodeWithDefault(params->target_version_prefix(), "")
119 .c_str());
120 // Rollback requires target_version_prefix set.
121 if (params->rollback_allowed()) {
122 app_body += " rollback_allowed=\"true\"";
123 }
124 }
125 app_body += "></updatecheck>\n";
126 }
127
128 // If this is the first update check after a reboot following a previous
129 // update, generate an event containing the previous version number. If
130 // the previous version preference file doesn't exist the event is still
131 // generated with a previous version of 0.0.0.0 -- this is relevant for
132 // older clients or new installs. The previous version event is not sent
133 // for ping-only requests because they come before the client has
134 // rebooted. The previous version event is also not sent if it was already
135 // sent for this new version with a previous updatecheck.
136 string prev_version;
137 if (!prefs->GetString(kPrefsPreviousVersion, &prev_version)) {
138 prev_version = "0.0.0.0";
139 }
140 // We only store a non-empty previous version value after a successful
141 // update in the previous boot. After reporting it back to the server,
142 // we clear the previous version value so it doesn't get reported again.
143 if (!prev_version.empty()) {
144 app_body += base::StringPrintf(
145 " <event eventtype=\"%d\" eventresult=\"%d\" "
146 "previousversion=\"%s\"></event>\n",
147 OmahaEvent::kTypeRebootedAfterUpdate,
148 OmahaEvent::kResultSuccess,
149 XmlEncodeWithDefault(prev_version, "0.0.0.0").c_str());
150 LOG_IF(WARNING, !prefs->SetString(kPrefsPreviousVersion, ""))
151 << "Unable to reset the previous version.";
152 }
153 }
154 } else {
155 // The error code is an optional attribute so append it only if the result
156 // is not success.
157 string error_code;
158 if (event->result != OmahaEvent::kResultSuccess) {
159 error_code = base::StringPrintf(" errorcode=\"%d\"",
160 static_cast<int>(event->error_code));
161 }
162 app_body = base::StringPrintf(
163 " <event eventtype=\"%d\" eventresult=\"%d\"%s></event>\n",
164 event->type,
165 event->result,
166 error_code.c_str());
167 }
168
169 return app_body;
170}
171
172string GetCohortArgXml(PrefsInterface* prefs,
173 const string arg_name,
174 const string prefs_key) {
175 // There's nothing wrong with not having a given cohort setting, so we check
176 // existence first to avoid the warning log message.
177 if (!prefs->Exists(prefs_key))
178 return "";
179 string cohort_value;
180 if (!prefs->GetString(prefs_key, &cohort_value) || cohort_value.empty())
181 return "";
182 // This is a sanity check to avoid sending a huge XML file back to Ohama due
183 // to a compromised stateful partition making the update check fail in low
184 // network environments envent after a reboot.
185 if (cohort_value.size() > 1024) {
186 LOG(WARNING) << "The omaha cohort setting " << arg_name
187 << " has a too big value, which must be an error or an "
188 "attacker trying to inhibit updates.";
189 return "";
190 }
191
192 string escaped_xml_value;
193 if (!XmlEncode(cohort_value, &escaped_xml_value)) {
194 LOG(WARNING) << "The omaha cohort setting " << arg_name
195 << " is ASCII-7 invalid, ignoring it.";
196 return "";
197 }
198
199 return base::StringPrintf(
200 "%s=\"%s\" ", arg_name.c_str(), escaped_xml_value.c_str());
201}
202
203bool IsValidComponentID(const string& id) {
204 for (char c : id) {
205 if (!isalnum(c) && c != '-' && c != '_' && c != '.')
206 return false;
207 }
208 return true;
209}
210
211string GetAppXml(const OmahaEvent* event,
212 OmahaRequestParams* params,
213 const OmahaAppData& app_data,
214 bool ping_only,
215 bool include_ping,
216 bool skip_updatecheck,
217 int ping_active_days,
218 int ping_roll_call_days,
219 int install_date_in_days,
220 SystemState* system_state) {
221 string app_body = GetAppBody(event,
222 params,
223 ping_only,
224 include_ping,
225 skip_updatecheck,
226 ping_active_days,
227 ping_roll_call_days,
228 system_state->prefs());
229 string app_versions;
230
231 // If we are downgrading to a more stable channel and we are allowed to do
232 // powerwash, then pass 0.0.0.0 as the version. This is needed to get the
233 // highest-versioned payload on the destination channel.
234 if (params->ShouldPowerwash()) {
235 LOG(INFO) << "Passing OS version as 0.0.0.0 as we are set to powerwash "
236 << "on downgrading to the version in the more stable channel";
237 app_versions = "version=\"0.0.0.0\" from_version=\"" +
238 XmlEncodeWithDefault(app_data.version, "0.0.0.0") + "\" ";
239 } else {
240 app_versions = "version=\"" +
241 XmlEncodeWithDefault(app_data.version, "0.0.0.0") + "\" ";
242 }
243
244 string download_channel = params->download_channel();
245 string app_channels =
246 "track=\"" + XmlEncodeWithDefault(download_channel, "") + "\" ";
247 if (params->current_channel() != download_channel) {
248 app_channels += "from_track=\"" +
249 XmlEncodeWithDefault(params->current_channel(), "") + "\" ";
250 }
251
252 string delta_okay_str = params->delta_okay() ? "true" : "false";
253
254 // If install_date_days is not set (e.g. its value is -1 ), don't
255 // include the attribute.
256 string install_date_in_days_str = "";
257 if (install_date_in_days >= 0) {
258 install_date_in_days_str =
259 base::StringPrintf("installdate=\"%d\" ", install_date_in_days);
260 }
261
262 string app_cohort_args;
263 app_cohort_args +=
264 GetCohortArgXml(system_state->prefs(), "cohort", kPrefsOmahaCohort);
265 app_cohort_args += GetCohortArgXml(
266 system_state->prefs(), "cohorthint", kPrefsOmahaCohortHint);
267 app_cohort_args += GetCohortArgXml(
268 system_state->prefs(), "cohortname", kPrefsOmahaCohortName);
269
270 string fingerprint_arg;
271 if (!params->os_build_fingerprint().empty()) {
272 fingerprint_arg = "fingerprint=\"" +
273 XmlEncodeWithDefault(params->os_build_fingerprint(), "") +
274 "\" ";
275 }
276
277 string buildtype_arg;
278 if (!params->os_build_type().empty()) {
279 buildtype_arg = "os_build_type=\"" +
280 XmlEncodeWithDefault(params->os_build_type(), "") + "\" ";
281 }
282
283 string product_components_args;
284 if (!params->ShouldPowerwash() && !app_data.product_components.empty()) {
285 brillo::KeyValueStore store;
286 if (store.LoadFromString(app_data.product_components)) {
287 for (const string& key : store.GetKeys()) {
288 if (!IsValidComponentID(key)) {
289 LOG(ERROR) << "Invalid component id: " << key;
290 continue;
291 }
292 string version;
293 if (!store.GetString(key, &version)) {
294 LOG(ERROR) << "Failed to get version for " << key
295 << " in product_components.";
296 continue;
297 }
298 product_components_args +=
299 base::StringPrintf("_%s.version=\"%s\" ",
300 key.c_str(),
301 XmlEncodeWithDefault(version, "").c_str());
302 }
303 } else {
304 LOG(ERROR) << "Failed to parse product_components:\n"
305 << app_data.product_components;
306 }
307 }
308
309 // clang-format off
310 string app_xml = " <app "
311 "appid=\"" + XmlEncodeWithDefault(app_data.id, "") + "\" " +
312 app_cohort_args +
313 app_versions +
314 app_channels +
315 product_components_args +
316 fingerprint_arg +
317 buildtype_arg +
318 "lang=\"" + XmlEncodeWithDefault(params->app_lang(), "en-US") + "\" " +
319 "board=\"" + XmlEncodeWithDefault(params->os_board(), "") + "\" " +
320 "hardware_class=\"" + XmlEncodeWithDefault(params->hwid(), "") + "\" " +
321 "delta_okay=\"" + delta_okay_str + "\" "
322 "fw_version=\"" + XmlEncodeWithDefault(params->fw_version(), "") + "\" " +
323 "ec_version=\"" + XmlEncodeWithDefault(params->ec_version(), "") + "\" " +
324 install_date_in_days_str +
325 ">\n" +
326 app_body +
327 " </app>\n";
328 // clang-format on
329 return app_xml;
330}
331
332string GetOsXml(OmahaRequestParams* params) {
333 string os_xml =
334 " <os "
335 "version=\"" +
336 XmlEncodeWithDefault(params->os_version(), "") + "\" " + "platform=\"" +
337 XmlEncodeWithDefault(params->os_platform(), "") + "\" " + "sp=\"" +
338 XmlEncodeWithDefault(params->os_sp(), "") +
339 "\">"
340 "</os>\n";
341 return os_xml;
342}
343
344string GetRequestXml(const OmahaEvent* event,
345 OmahaRequestParams* params,
346 bool ping_only,
347 bool include_ping,
348 int ping_active_days,
349 int ping_roll_call_days,
350 int install_date_in_days,
351 SystemState* system_state) {
352 string os_xml = GetOsXml(params);
353 OmahaAppData product_app = {
354 .id = params->GetAppId(),
355 .version = params->app_version(),
356 .product_components = params->product_components()};
357 // Skips updatecheck for platform app in case of an install operation.
358 string app_xml = GetAppXml(event,
359 params,
360 product_app,
361 ping_only,
362 include_ping,
363 params->is_install(), /* skip_updatecheck */
364 ping_active_days,
365 ping_roll_call_days,
366 install_date_in_days,
367 system_state);
368 if (!params->system_app_id().empty()) {
369 OmahaAppData system_app = {.id = params->system_app_id(),
370 .version = params->system_version()};
371 app_xml += GetAppXml(event,
372 params,
373 system_app,
374 ping_only,
375 include_ping,
376 false, /* skip_updatecheck */
377 ping_active_days,
378 ping_roll_call_days,
379 install_date_in_days,
380 system_state);
381 }
382 // Create APP ID according to |dlc_module_id| (sticking the current AppID to
383 // the DLC module ID with an underscode).
384 for (const auto& dlc_module_id : params->dlc_module_ids()) {
385 OmahaAppData dlc_module_app = {
386 .id = params->GetAppId() + "_" + dlc_module_id,
387 .version = params->app_version()};
388 app_xml += GetAppXml(event,
389 params,
390 dlc_module_app,
391 ping_only,
392 include_ping,
393 false, /* skip_updatecheck */
394 ping_active_days,
395 ping_roll_call_days,
396 install_date_in_days,
397 system_state);
398 }
399
400 string request_xml = base::StringPrintf(
401 "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n"
402 "<request protocol=\"3.0\" updater=\"%s\" updaterversion=\"%s\""
403 " installsource=\"%s\" ismachine=\"1\">\n%s%s</request>\n",
404 constants::kOmahaUpdaterID,
405 kOmahaUpdaterVersion,
406 params->interactive() ? "ondemandupdate" : "scheduler",
407 os_xml.c_str(),
408 app_xml.c_str());
409
410 return request_xml;
411}
412
413} // namespace chromeos_update_engine