| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/io_thread.h" | 5 #include "chrome/browser/io_thread.h" |
| 6 | 6 |
| 7 #include <vector> | 7 #include <vector> |
| 8 | 8 |
| 9 #include "base/base64.h" | 9 #include "base/base64.h" |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 445 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 456 : net_log_(net_log), | 456 : net_log_(net_log), |
| 457 #if defined(ENABLE_EXTENSIONS) | 457 #if defined(ENABLE_EXTENSIONS) |
| 458 extension_event_router_forwarder_(extension_event_router_forwarder), | 458 extension_event_router_forwarder_(extension_event_router_forwarder), |
| 459 #endif | 459 #endif |
| 460 globals_(NULL), | 460 globals_(NULL), |
| 461 is_spdy_disabled_by_policy_(false), | 461 is_spdy_disabled_by_policy_(false), |
| 462 is_quic_allowed_by_policy_(true), | 462 is_quic_allowed_by_policy_(true), |
| 463 creation_time_(base::TimeTicks::Now()), | 463 creation_time_(base::TimeTicks::Now()), |
| 464 weak_factory_(this) { | 464 weak_factory_(this) { |
| 465 auth_schemes_ = local_state->GetString(prefs::kAuthSchemes); | 465 auth_schemes_ = local_state->GetString(prefs::kAuthSchemes); |
| 466 negotiate_disable_cname_lookup_ = local_state->GetBoolean( | 466 negotiate_disable_cname_lookup_.Init( |
| 467 prefs::kDisableAuthNegotiateCnameLookup); | 467 prefs::kDisableAuthNegotiateCnameLookup, local_state, |
| 468 negotiate_enable_port_ = local_state->GetBoolean( | 468 base::Bind(&IOThread::UpdateNegotiateDisableCnameLookup, |
| 469 prefs::kEnableAuthNegotiatePort); | 469 base::Unretained(this))); |
| 470 auth_server_whitelist_ = local_state->GetString(prefs::kAuthServerWhitelist); | 470 scoped_refptr<base::SingleThreadTaskRunner> io_thread_proxy = |
| 471 auth_delegate_whitelist_ = local_state->GetString( | 471 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::IO); |
| 472 prefs::kAuthNegotiateDelegateWhitelist); | 472 negotiate_disable_cname_lookup_.MoveToThread(io_thread_proxy); |
| 473 negotiate_enable_port_.Init( |
| 474 prefs::kEnableAuthNegotiatePort, local_state, |
| 475 base::Bind(&IOThread::UpdateNegotiateEnablePort, base::Unretained(this))); |
| 476 negotiate_enable_port_.MoveToThread(io_thread_proxy); |
| 477 auth_server_whitelist_.Init( |
| 478 prefs::kAuthServerWhitelist, local_state, |
| 479 base::Bind(&IOThread::UpdateServerWhitelist, base::Unretained(this))); |
| 480 auth_server_whitelist_.MoveToThread(io_thread_proxy); |
| 481 auth_delegate_whitelist_.Init( |
| 482 prefs::kAuthNegotiateDelegateWhitelist, local_state, |
| 483 base::Bind(&IOThread::UpdateDelegateWhitelist, base::Unretained(this))); |
| 484 auth_delegate_whitelist_.MoveToThread(io_thread_proxy); |
| 473 gssapi_library_name_ = local_state->GetString(prefs::kGSSAPILibraryName); | 485 gssapi_library_name_ = local_state->GetString(prefs::kGSSAPILibraryName); |
| 474 auth_android_negotiate_account_type_ = | 486 auth_android_negotiate_account_type_.Init( |
| 475 local_state->GetString(prefs::kAuthAndroidNegotiateAccountType); | 487 prefs::kAuthAndroidNegotiateAccountType, local_state, |
| 488 base::Bind(&IOThread::UpdateAndroidAuthNegotiateAccountType, |
| 489 base::Unretained(this))); |
| 490 auth_android_negotiate_account_type_.MoveToThread(io_thread_proxy); |
| 476 pref_proxy_config_tracker_.reset( | 491 pref_proxy_config_tracker_.reset( |
| 477 ProxyServiceFactory::CreatePrefProxyConfigTrackerOfLocalState( | 492 ProxyServiceFactory::CreatePrefProxyConfigTrackerOfLocalState( |
| 478 local_state)); | 493 local_state)); |
| 479 ChromeNetworkDelegate::InitializePrefsOnUIThread( | 494 ChromeNetworkDelegate::InitializePrefsOnUIThread( |
| 480 &system_enable_referrers_, | 495 &system_enable_referrers_, |
| 481 NULL, | 496 NULL, |
| 482 NULL, | 497 NULL, |
| 483 NULL, | 498 NULL, |
| 484 local_state); | 499 local_state); |
| 485 ssl_config_service_manager_.reset( | 500 ssl_config_service_manager_.reset( |
| 486 ssl_config::SSLConfigServiceManager::CreateDefaultManager( | 501 ssl_config::SSLConfigServiceManager::CreateDefaultManager( |
| 487 local_state, | 502 local_state, |
| 488 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::IO))); | 503 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::IO))); |
| 489 | 504 |
| 490 base::Value* dns_client_enabled_default = new base::FundamentalValue( | 505 base::Value* dns_client_enabled_default = new base::FundamentalValue( |
| 491 chrome_browser_net::ConfigureAsyncDnsFieldTrial()); | 506 chrome_browser_net::ConfigureAsyncDnsFieldTrial()); |
| 492 local_state->SetDefaultPrefValue(prefs::kBuiltInDnsClientEnabled, | 507 local_state->SetDefaultPrefValue(prefs::kBuiltInDnsClientEnabled, |
| 493 dns_client_enabled_default); | 508 dns_client_enabled_default); |
| 494 chrome_browser_net::LogAsyncDnsPrefSource( | 509 chrome_browser_net::LogAsyncDnsPrefSource( |
| 495 local_state->FindPreference(prefs::kBuiltInDnsClientEnabled)); | 510 local_state->FindPreference(prefs::kBuiltInDnsClientEnabled)); |
| 496 | 511 |
| 497 dns_client_enabled_.Init(prefs::kBuiltInDnsClientEnabled, | 512 dns_client_enabled_.Init(prefs::kBuiltInDnsClientEnabled, |
| 498 local_state, | 513 local_state, |
| 499 base::Bind(&IOThread::UpdateDnsClientEnabled, | 514 base::Bind(&IOThread::UpdateDnsClientEnabled, |
| 500 base::Unretained(this))); | 515 base::Unretained(this))); |
| 501 dns_client_enabled_.MoveToThread( | 516 dns_client_enabled_.MoveToThread(io_thread_proxy); |
| 502 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::IO)); | |
| 503 | 517 |
| 504 quick_check_enabled_.Init(prefs::kQuickCheckEnabled, | 518 quick_check_enabled_.Init(prefs::kQuickCheckEnabled, |
| 505 local_state); | 519 local_state); |
| 506 quick_check_enabled_.MoveToThread( | 520 quick_check_enabled_.MoveToThread(io_thread_proxy); |
| 507 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::IO)); | |
| 508 | 521 |
| 509 #if defined(ENABLE_CONFIGURATION_POLICY) | 522 #if defined(ENABLE_CONFIGURATION_POLICY) |
| 510 is_spdy_disabled_by_policy_ = policy_service->GetPolicies( | 523 is_spdy_disabled_by_policy_ = policy_service->GetPolicies( |
| 511 policy::PolicyNamespace(policy::POLICY_DOMAIN_CHROME, std::string())).Get( | 524 policy::PolicyNamespace(policy::POLICY_DOMAIN_CHROME, std::string())).Get( |
| 512 policy::key::kDisableSpdy) != NULL; | 525 policy::key::kDisableSpdy) != NULL; |
| 513 | 526 |
| 514 const base::Value* value = policy_service->GetPolicies( | 527 const base::Value* value = policy_service->GetPolicies( |
| 515 policy::PolicyNamespace(policy::POLICY_DOMAIN_CHROME, | 528 policy::PolicyNamespace(policy::POLICY_DOMAIN_CHROME, |
| 516 std::string())).GetValue(policy::key::kQuicAllowed); | 529 std::string())).GetValue(policy::key::kQuicAllowed); |
| 517 if (value) | 530 if (value) |
| (...skipping 203 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 721 // TODO(erikchen): Remove ScopedTracker below once http://crbug.com/466432 | 734 // TODO(erikchen): Remove ScopedTracker below once http://crbug.com/466432 |
| 722 // is fixed. | 735 // is fixed. |
| 723 tracked_objects::ScopedTracker tracking_profile10( | 736 tracked_objects::ScopedTracker tracking_profile10( |
| 724 FROM_HERE_WITH_EXPLICIT_FUNCTION( | 737 FROM_HERE_WITH_EXPLICIT_FUNCTION( |
| 725 "466432 IOThread::InitAsync::CertPolicyEnforcer")); | 738 "466432 IOThread::InitAsync::CertPolicyEnforcer")); |
| 726 net::CertPolicyEnforcer* policy_enforcer = new net::CertPolicyEnforcer; | 739 net::CertPolicyEnforcer* policy_enforcer = new net::CertPolicyEnforcer; |
| 727 globals_->cert_policy_enforcer.reset(policy_enforcer); | 740 globals_->cert_policy_enforcer.reset(policy_enforcer); |
| 728 | 741 |
| 729 globals_->ssl_config_service = GetSSLConfigService(); | 742 globals_->ssl_config_service = GetSSLConfigService(); |
| 730 | 743 |
| 731 globals_->http_auth_handler_factory.reset(CreateDefaultAuthHandlerFactory( | 744 CreateDefaultAuthHandlerFactory(); |
| 732 globals_->host_resolver.get())); | |
| 733 globals_->http_server_properties.reset(new net::HttpServerPropertiesImpl()); | 745 globals_->http_server_properties.reset(new net::HttpServerPropertiesImpl()); |
| 734 // For the ProxyScriptFetcher, we use a direct ProxyService. | 746 // For the ProxyScriptFetcher, we use a direct ProxyService. |
| 735 globals_->proxy_script_fetcher_proxy_service = | 747 globals_->proxy_script_fetcher_proxy_service = |
| 736 net::ProxyService::CreateDirectWithNetLog(net_log_); | 748 net::ProxyService::CreateDirectWithNetLog(net_log_); |
| 737 // In-memory cookie store. | 749 // In-memory cookie store. |
| 738 // TODO(erikchen): Remove ScopedTracker below once http://crbug.com/466432 | 750 // TODO(erikchen): Remove ScopedTracker below once http://crbug.com/466432 |
| 739 // is fixed. | 751 // is fixed. |
| 740 tracked_objects::ScopedTracker tracking_profile11( | 752 tracked_objects::ScopedTracker tracking_profile11( |
| 741 FROM_HERE_WITH_EXPLICIT_FUNCTION( | 753 FROM_HERE_WITH_EXPLICIT_FUNCTION( |
| 742 "466432 IOThread::InitAsync::CreateCookieStore::Start")); | 754 "466432 IOThread::InitAsync::CreateCookieStore::Start")); |
| (...skipping 117 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 860 // Release objects that the net::URLRequestContext could have been pointing | 872 // Release objects that the net::URLRequestContext could have been pointing |
| 861 // to. | 873 // to. |
| 862 | 874 |
| 863 // Shutdown the HistogramWatcher on the IO thread. | 875 // Shutdown the HistogramWatcher on the IO thread. |
| 864 net::NetworkChangeNotifier::ShutdownHistogramWatcher(); | 876 net::NetworkChangeNotifier::ShutdownHistogramWatcher(); |
| 865 | 877 |
| 866 // This must be reset before the ChromeNetLog is destroyed. | 878 // This must be reset before the ChromeNetLog is destroyed. |
| 867 network_change_observer_.reset(); | 879 network_change_observer_.reset(); |
| 868 | 880 |
| 869 system_proxy_config_service_.reset(); | 881 system_proxy_config_service_.reset(); |
| 882 #if defined(OS_ANDROID) |
| 883 // Only needed for tests, since we never do a clean shutdown of the real |
| 884 // application on Android. |
| 885 external_data_use_observer_.reset(); |
| 886 #endif |
| 870 | 887 |
| 871 delete globals_; | 888 delete globals_; |
| 872 globals_ = NULL; | 889 globals_ = NULL; |
| 873 | 890 |
| 874 base::debug::LeakTracker<SystemURLRequestContextGetter>::CheckForLeaks(); | 891 base::debug::LeakTracker<SystemURLRequestContextGetter>::CheckForLeaks(); |
| 875 } | 892 } |
| 876 | 893 |
| 877 void IOThread::InitializeNetworkOptions(const base::CommandLine& command_line) { | 894 void IOThread::InitializeNetworkOptions(const base::CommandLine& command_line) { |
| 878 // Only handle use-spdy command line flags if "spdy.disabled" preference is | 895 // Only handle use-spdy command line flags if "spdy.disabled" preference is |
| 879 // not disabled via policy. | 896 // not disabled via policy. |
| (...skipping 118 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 998 registry->RegisterStringPref(prefs::kAuthAndroidNegotiateAccountType, | 1015 registry->RegisterStringPref(prefs::kAuthAndroidNegotiateAccountType, |
| 999 std::string()); | 1016 std::string()); |
| 1000 registry->RegisterStringPref( | 1017 registry->RegisterStringPref( |
| 1001 data_reduction_proxy::prefs::kDataReductionProxy, std::string()); | 1018 data_reduction_proxy::prefs::kDataReductionProxy, std::string()); |
| 1002 registry->RegisterBooleanPref(prefs::kEnableReferrers, true); | 1019 registry->RegisterBooleanPref(prefs::kEnableReferrers, true); |
| 1003 data_reduction_proxy::RegisterPrefs(registry); | 1020 data_reduction_proxy::RegisterPrefs(registry); |
| 1004 registry->RegisterBooleanPref(prefs::kBuiltInDnsClientEnabled, true); | 1021 registry->RegisterBooleanPref(prefs::kBuiltInDnsClientEnabled, true); |
| 1005 registry->RegisterBooleanPref(prefs::kQuickCheckEnabled, true); | 1022 registry->RegisterBooleanPref(prefs::kQuickCheckEnabled, true); |
| 1006 } | 1023 } |
| 1007 | 1024 |
| 1008 net::HttpAuthHandlerFactory* IOThread::CreateDefaultAuthHandlerFactory( | 1025 void IOThread::UpdateServerWhitelist() { |
| 1009 net::HostResolver* resolver) { | 1026 std::string server_whitelist = auth_server_whitelist_.GetValue(); |
| 1010 net::HttpAuthFilterWhitelist* auth_filter_default_credentials = NULL; | 1027 if (server_whitelist.empty()) { |
| 1011 if (!auth_server_whitelist_.empty()) { | 1028 globals_->url_security_manager->SetDefaultWhitelist( |
| 1012 auth_filter_default_credentials = | 1029 scoped_ptr<net::HttpAuthFilterWhitelist>()); |
| 1013 new net::HttpAuthFilterWhitelist(auth_server_whitelist_); | 1030 } else { |
| 1031 globals_->url_security_manager->SetDefaultWhitelist( |
| 1032 make_scoped_ptr(new net::HttpAuthFilterWhitelist(server_whitelist))); |
| 1014 } | 1033 } |
| 1015 net::HttpAuthFilterWhitelist* auth_filter_delegate = NULL; | 1034 } |
| 1016 if (!auth_delegate_whitelist_.empty()) { | 1035 |
| 1017 auth_filter_delegate = | 1036 void IOThread::UpdateDelegateWhitelist() { |
| 1018 new net::HttpAuthFilterWhitelist(auth_delegate_whitelist_); | 1037 std::string delegate_whitelist = auth_delegate_whitelist_.GetValue(); |
| 1038 if (delegate_whitelist.empty()) { |
| 1039 globals_->url_security_manager->SetDelegateWhitelist( |
| 1040 scoped_ptr<net::HttpAuthFilterWhitelist>()); |
| 1041 } else { |
| 1042 globals_->url_security_manager->SetDelegateWhitelist( |
| 1043 make_scoped_ptr(new net::HttpAuthFilterWhitelist(delegate_whitelist))); |
| 1019 } | 1044 } |
| 1020 globals_->url_security_manager.reset( | 1045 } |
| 1021 net::URLSecurityManager::Create(auth_filter_default_credentials, | 1046 |
| 1022 auth_filter_delegate)); | 1047 void IOThread::UpdateAndroidAuthNegotiateAccountType() { |
| 1048 globals_->http_auth_handler_factory->SetAndroidAuthNegotiateAccountType( |
| 1049 auth_android_negotiate_account_type_.GetValue()); |
| 1050 } |
| 1051 |
| 1052 void IOThread::UpdateNegotiateDisableCnameLookup() { |
| 1053 globals_->http_auth_handler_factory->SetNegotiateDisableCnameLookup( |
| 1054 negotiate_disable_cname_lookup_.GetValue()); |
| 1055 } |
| 1056 |
| 1057 void IOThread::UpdateNegotiateEnablePort() { |
| 1058 globals_->http_auth_handler_factory->SetNegotiateEnablePort( |
| 1059 negotiate_enable_port_.GetValue()); |
| 1060 } |
| 1061 |
| 1062 void IOThread::CreateDefaultAuthHandlerFactory() { |
| 1023 std::vector<std::string> supported_schemes = base::SplitString( | 1063 std::vector<std::string> supported_schemes = base::SplitString( |
| 1024 auth_schemes_, ",", base::TRIM_WHITESPACE, base::SPLIT_WANT_ALL); | 1064 auth_schemes_, ",", base::TRIM_WHITESPACE, base::SPLIT_WANT_NONEMPTY); |
| 1025 | 1065 globals_->url_security_manager.reset(net::URLSecurityManager::Create()); |
| 1026 scoped_ptr<net::HttpAuthHandlerRegistryFactory> registry_factory( | 1066 globals_->http_auth_handler_factory.reset( |
| 1027 net::HttpAuthHandlerRegistryFactory::Create( | 1067 net::HttpAuthHandlerRegistryFactory::Create( |
| 1028 supported_schemes, globals_->url_security_manager.get(), resolver, | 1068 supported_schemes, globals_->url_security_manager.get(), |
| 1029 gssapi_library_name_, auth_android_negotiate_account_type_, | 1069 globals_->host_resolver.get(), gssapi_library_name_)); |
| 1030 negotiate_disable_cname_lookup_, negotiate_enable_port_)); | 1070 UpdateServerWhitelist(); |
| 1031 return registry_factory.release(); | 1071 UpdateDelegateWhitelist(); |
| 1072 UpdateAndroidAuthNegotiateAccountType(); |
| 1073 UpdateNegotiateDisableCnameLookup(); |
| 1074 UpdateNegotiateEnablePort(); |
| 1032 } | 1075 } |
| 1033 | 1076 |
| 1034 void IOThread::ClearHostCache() { | 1077 void IOThread::ClearHostCache() { |
| 1035 DCHECK_CURRENTLY_ON(BrowserThread::IO); | 1078 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
| 1036 | 1079 |
| 1037 net::HostCache* host_cache = globals_->host_resolver->GetHostCache(); | 1080 net::HostCache* host_cache = globals_->host_resolver->GetHostCache(); |
| 1038 if (host_cache) | 1081 if (host_cache) |
| 1039 host_cache->clear(); | 1082 host_cache->clear(); |
| 1040 } | 1083 } |
| 1041 | 1084 |
| (...skipping 612 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1654 globals->proxy_script_fetcher_url_request_job_factory = job_factory.Pass(); | 1697 globals->proxy_script_fetcher_url_request_job_factory = job_factory.Pass(); |
| 1655 | 1698 |
| 1656 context->set_job_factory( | 1699 context->set_job_factory( |
| 1657 globals->proxy_script_fetcher_url_request_job_factory.get()); | 1700 globals->proxy_script_fetcher_url_request_job_factory.get()); |
| 1658 | 1701 |
| 1659 // TODO(rtenneti): We should probably use HttpServerPropertiesManager for the | 1702 // TODO(rtenneti): We should probably use HttpServerPropertiesManager for the |
| 1660 // system URLRequestContext too. There's no reason this should be tied to a | 1703 // system URLRequestContext too. There's no reason this should be tied to a |
| 1661 // profile. | 1704 // profile. |
| 1662 return context; | 1705 return context; |
| 1663 } | 1706 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1414313002:
Allow dynamic updating of authentication policies (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master