chromium/chrome/browser/win/conflicts/proto/module_list.proto

// Copyright 2017 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

syntax = "proto2";

option optimize_for = LITE_RUNTIME;

package chrome.conflicts;

// Describes a module. A module is valid only if at least one of |basename| or
// |code_id| is specified, although both may be specified. A module must exactly
// match all specified fields in order to be considered a match.
// Next id: 5
message Module {
  // The basename of the module. This is case insensitive. If this is not
  // specified then |code_id| must be specified. On the client this actually
  // corresponds to the SHA1 hash of the basename, which has been first made
  // lowercase.
  optional string basename = 1;
  optional bytes basename_hash = 3;

  // Code ID. This is equivalent to the string generated by formatting
  // the FileHeader.TimeDateStamp and OptionalHeader.SizeOfImage with the
  // formatting string %08X%x. Comparison is case insensitive. If this is not
  // specified then |basename| must be specified. On the client this actually
  // corresponds to the SHA1 hash of the code id, which has first been made
  // lowercase.
  optional string code_id = 2;
  optional bytes code_id_hash = 4;
}

// A module group is a collection of one or more modules with shared publisher
// and/or installation directory information.
// Next id: 6
message ModuleGroup {
  // Publisher information. If specified then the modules in this group will
  // only match if they are signed by the specified publisher. This corresponds
  // to the OU specified in the signature. On the client this actually
  // corresponds to the SHA1 of the case-sensitive publisher information.
  optional string publisher = 1;
  optional bytes publisher_hash = 4;

  // The directory in which the modules are found. This may use environment
  // variables such as %LOCALAPPDATA%, %SYSTEMROOT%, etc. This is case
  // insensitive. If not specified then any path will be accepted. On the
  // client this actually corresponds to the SHA1 of the case-insensitive path.
  optional string directory = 2;
  optional bytes directory_hash = 5;

  // A list of modules.
  repeated Module modules = 3;
}

// Describes an allowlist of modules that will always be allowed to load, and
// for which there is no associated user messaging.
// Next id: 2
message ModuleAllowlist {
  // A collection of modules, grouped by publisher/installation path
  // information.
  repeated ModuleGroup module_groups = 1;
}

// The user message to display when a blocklisted module is matched at runtime.
// Next id: 3
enum BlocklistMessageType {
  // The user will be presented with a message to uninstall the software. This
  // message will only be displayed if a matching software entry with
  // uninstallation registry entries can be found. This is the default action
  // that is applied to all modules that are not specifically allowlisted.
  // It's presence in this list allows a module to remain blocklisted, but be
  // allowed to load. If this is specified then |message_url| should be empty
  // and is otherwise ignored.
  UNINSTALL = 0;
  // The user will be presented with a message about the incompatibility of
  // the related software, and provided with a link to follow for further
  // information. The URL is specified via |message_url| in an associated
  // BlocklistAction.
  FURTHER_INFORMATION = 1;
  // The user will be presented with a message about the incompatiblity of
  // the related software, and provided with a link to follow in order to
  // upgrade the software to a compatible version. The URL is specified via
  // |message_url| in an associated BlocklistAction.
  SUGGEST_UPGRADE = 2;
};

// The actions to take when a blocklisted module is encountered.
// Next id: 4
message BlocklistAction {
  // Indicates whether or not this module should be allowed to load. This can be
  // used to explicitly allow modules to load that when blocked cause problems,
  // but otherwise to allow messaging to encourage users to remove them.
  optional bool allow_load = 1;

  // The URL associated with the user message. See BlocklistMessageType for full
  // details.
  optional BlocklistMessageType message_type = 2;
  optional string message_url = 3;
}

// Describes a group in the module blocklist. Modules not allowlisted are
// blocklisted by default, but fine-grained control over the user messaging is
// possible using an explicit blocklist entry.
// Next id: 3
message BlocklistModuleGroup {
  // The action to take when modules in this group are encountered.
  optional BlocklistAction action = 1;

  // The group of modules itself.
  optional ModuleGroup modules = 2;
}

// Describes a blocklist of modules that are to be handled specially when
// encountered.
// Next id: 2
message ModuleBlocklist {
  repeated BlocklistModuleGroup module_groups = 1;
}

// The entire module list itself consists of an allowlist and a blocklist.
// Next id: 3
message ModuleList {
  // The allowlisted modules.
  optional ModuleAllowlist allowlist = 1;

  // The blocklisted modules, and the associated actions to take upon
  // encountering them.
  optional ModuleBlocklist blocklist = 2;
}