Enable public key pinning of local trust anchors

components/cronet/android/cronet_url_request_context_adapter.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "components/cronet/android/cronet_url_request_context_adapter.h"
 
 #include <limits.h>
 #include <stddef.h>
 #include <stdint.h>
 
@@ skipping 617 matching lines @@
   }
 
   // Iterate through PKP configuration for every host.
   for (const auto& pkp : config->pkp_list) {
     // Add the host pinning.
     context_->transport_security_state()->AddHPKP(
         pkp->host, pkp->expiration_date, pkp->include_subdomains,
         pkp->pin_hashes, GURL::EmptyGURL());
   }
 
+  context_->transport_security_state()->EnableLocalTrustAnchorPinning(

[Ryan Sleevi, 2016/06/13 17:03:11]

Naming: This C++ method name is not correct/consistent.

[kapishnikov, 2016/06/15 00:56:20]

Done.

+      config->pin_local_trust_anchors);
+
   JNIEnv* env = base::android::AttachCurrentThread();
   jcronet_url_request_context_.Reset(env, jcronet_url_request_context.obj());
   Java_CronetUrlRequestContext_initNetworkThread(
       env, jcronet_url_request_context.obj());
 
 #if defined(DATA_REDUCTION_PROXY_SUPPORT)
   if (data_reduction_proxy_)
     data_reduction_proxy_->Init(true, GetURLRequestContext());
 #endif
   is_context_initialized_ = true;
@@ skipping 144 matching lines @@
     const JavaParamRef<jstring>& jquic_default_user_agent_id,
     jboolean jhttp2_enabled,
     jboolean jsdch_enabled,
     const JavaParamRef<jstring>& jdata_reduction_proxy_key,
     const JavaParamRef<jstring>& jdata_reduction_proxy_primary_proxy,
     const JavaParamRef<jstring>& jdata_reduction_proxy_fallback_proxy,
     const JavaParamRef<jstring>& jdata_reduction_proxy_secure_proxy_check_url,
     jboolean jdisable_cache,
     jint jhttp_cache_mode,
     jlong jhttp_cache_max_size,
+    jboolean jpin_local_trust_anchors,
     const JavaParamRef<jstring>& jexperimental_quic_connection_options,
     jlong jmock_cert_verifier) {
   return reinterpret_cast<jlong>(new URLRequestContextConfig(
       jquic_enabled,
       ConvertNullableJavaStringToUTF8(env, jquic_default_user_agent_id),
       jhttp2_enabled, jsdch_enabled,
       static_cast<URLRequestContextConfig::HttpCacheType>(jhttp_cache_mode),
       jhttp_cache_max_size, jdisable_cache,
       ConvertNullableJavaStringToUTF8(env, jstorage_path),
       ConvertNullableJavaStringToUTF8(env, juser_agent),
       ConvertNullableJavaStringToUTF8(env,
                                       jexperimental_quic_connection_options),
       ConvertNullableJavaStringToUTF8(env, jdata_reduction_proxy_key),
       ConvertNullableJavaStringToUTF8(env, jdata_reduction_proxy_primary_proxy),
       ConvertNullableJavaStringToUTF8(env,
                                       jdata_reduction_proxy_fallback_proxy),
       ConvertNullableJavaStringToUTF8(
           env, jdata_reduction_proxy_secure_proxy_check_url),
+      jpin_local_trust_anchors,
       base::WrapUnique(
           reinterpret_cast<net::CertVerifier*>(jmock_cert_verifier))));
 }
 
 // Add a QUIC hint to a URLRequestContextConfig.
 static void AddQuicHint(JNIEnv* env,
                         const JavaParamRef<jclass>& jcaller,
                         jlong jurl_request_context_config,
                         const JavaParamRef<jstring>& jhost,
                         jint jport,
@@ skipping 74 matching lines @@
     JNIEnv* env,
     const JavaParamRef<jclass>& jcaller) {
   base::StatisticsRecorder::Initialize();
   std::vector<uint8_t> data;
   if (!HistogramManager::GetInstance()->GetDeltas(&data))
     return ScopedJavaLocalRef<jbyteArray>();
   return base::android::ToJavaByteArray(env, &data[0], data.size());
 }
 
 }  // namespace cronet