Chromium Code Reviews Chromium Code Reviews
Issue 2937523002:
add setter for enable_pkp_bypass_etc (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #import "components/cronet/ios/Cronet.h" | 5 #import "components/cronet/ios/Cronet.h" |
| 6 | 6 |
| 7 #include <memory> | 7 #include <memory> |
| 8 | 8 |
| 9 #include "base/lazy_instance.h" | 9 #include "base/lazy_instance.h" |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 42 BOOL gUserAgentPartial = NO; | 42 BOOL gUserAgentPartial = NO; |
| 43 NSString* gSslKeyLogFileName = nil; | 43 NSString* gSslKeyLogFileName = nil; |
| 44 ScopedVector<cronet::URLRequestContextConfig::Pkp> gPkpList = {}; | 44 ScopedVector<cronet::URLRequestContextConfig::Pkp> gPkpList = {}; |
| 45 RequestFilterBlock gRequestFilterBlock = nil; | 45 RequestFilterBlock gRequestFilterBlock = nil; |
| 46 base::LazyInstance<std::unique_ptr<CronetHttpProtocolHandlerDelegate>>::Leaky | 46 base::LazyInstance<std::unique_ptr<CronetHttpProtocolHandlerDelegate>>::Leaky |
| 47 gHttpProtocolHandlerDelegate = LAZY_INSTANCE_INITIALIZER; | 47 gHttpProtocolHandlerDelegate = LAZY_INSTANCE_INITIALIZER; |
| 48 NSURLCache* gPreservedSharedURLCache = nil; | 48 NSURLCache* gPreservedSharedURLCache = nil; |
| 49 BOOL gEnableTestCertVerifierForTesting = FALSE; | 49 BOOL gEnableTestCertVerifierForTesting = FALSE; |
| 50 std::unique_ptr<net::CertVerifier> gMockCertVerifier; | 50 std::unique_ptr<net::CertVerifier> gMockCertVerifier; |
| 51 NSString* gAcceptLanguages = nil; | 51 NSString* gAcceptLanguages = nil; |
| 52 BOOL gEnablePKPBypassForLocalTrustAnchors = TRUE; | |
|
mef
2017/06/13 20:52:58
Hrm, we mix YES/NO and TRUE/FALSE in this file.
T
lilyhoughton
2017/06/14 15:58:41
Done.
| |
| 52 | 53 |
| 53 // CertVerifier, which allows any certificates for testing. | 54 // CertVerifier, which allows any certificates for testing. |
| 54 class TestCertVerifier : public net::CertVerifier { | 55 class TestCertVerifier : public net::CertVerifier { |
| 55 int Verify(const RequestParams& params, | 56 int Verify(const RequestParams& params, |
| 56 net::CRLSet* crl_set, | 57 net::CRLSet* crl_set, |
| 57 net::CertVerifyResult* verify_result, | 58 net::CertVerifyResult* verify_result, |
| 58 const net::CompletionCallback& callback, | 59 const net::CompletionCallback& callback, |
| 59 std::unique_ptr<Request>* out_req, | 60 std::unique_ptr<Request>* out_req, |
| 60 const net::NetLogWithSource& net_log) override { | 61 const net::NetLogWithSource& net_log) override { |
| 61 net::Error result = net::OK; | 62 net::Error result = net::OK; |
| (...skipping 167 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 229 for (NSData* hash in pinHashes) { | 230 for (NSData* hash in pinHashes) { |
| 230 net::SHA256HashValue hashValue; | 231 net::SHA256HashValue hashValue; |
| 231 DCHECK_EQ(sizeof(hashValue.data), hash.length) | 232 DCHECK_EQ(sizeof(hashValue.data), hash.length) |
| 232 << "The length of PKP SHA256 hash should be 256 bits"; | 233 << "The length of PKP SHA256 hash should be 256 bits"; |
| 233 memcpy((void*)(hashValue.data), [hash bytes], sizeof(hashValue.data)); | 234 memcpy((void*)(hashValue.data), [hash bytes], sizeof(hashValue.data)); |
| 234 pkp->pin_hashes.push_back(net::HashValue(hashValue)); | 235 pkp->pin_hashes.push_back(net::HashValue(hashValue)); |
| 235 } | 236 } |
| 236 gPkpList.push_back(std::move(pkp)); | 237 gPkpList.push_back(std::move(pkp)); |
| 237 } | 238 } |
| 238 | 239 |
| 240 + (void)setEnablePublicKeyPinningBypassForLocalTrustAnchors:(bool)enable { | |
|
mef
2017/06/13 20:52:58
BOOL
lilyhoughton
2017/06/14 15:58:41
Done.
| |
| 241 gEnablePKPBypassForLocalTrustAnchors = enable; | |
| 242 } | |
| 243 | |
| 239 + (void)startInternal { | 244 + (void)startInternal { |
| 240 std::string user_agent = base::SysNSStringToUTF8(gUserAgent); | 245 std::string user_agent = base::SysNSStringToUTF8(gUserAgent); |
| 241 | 246 |
| 242 gChromeNet.Get().reset( | 247 gChromeNet.Get().reset( |
| 243 new cronet::CronetEnvironment(user_agent, gUserAgentPartial)); | 248 new cronet::CronetEnvironment(user_agent, gUserAgentPartial)); |
| 244 | 249 |
| 245 gChromeNet.Get()->set_accept_language( | 250 gChromeNet.Get()->set_accept_language( |
| 246 base::SysNSStringToUTF8(gAcceptLanguages ?: [self getAcceptLanguages])); | 251 base::SysNSStringToUTF8(gAcceptLanguages ?: [self getAcceptLanguages])); |
| 247 | 252 |
| 248 gChromeNet.Get()->set_http2_enabled(gHttp2Enabled); | 253 gChromeNet.Get()->set_http2_enabled(gHttp2Enabled); |
| 249 gChromeNet.Get()->set_quic_enabled(gQuicEnabled); | 254 gChromeNet.Get()->set_quic_enabled(gQuicEnabled); |
| 250 gChromeNet.Get()->set_experimental_options( | 255 gChromeNet.Get()->set_experimental_options( |
| 251 base::SysNSStringToUTF8(gExperimentalOptions)); | 256 base::SysNSStringToUTF8(gExperimentalOptions)); |
| 252 gChromeNet.Get()->set_http_cache(gHttpCache); | 257 gChromeNet.Get()->set_http_cache(gHttpCache); |
| 253 gChromeNet.Get()->set_ssl_key_log_file_name( | 258 gChromeNet.Get()->set_ssl_key_log_file_name( |
| 254 base::SysNSStringToUTF8(gSslKeyLogFileName)); | 259 base::SysNSStringToUTF8(gSslKeyLogFileName)); |
| 255 gChromeNet.Get()->set_pkp_list(std::move(gPkpList)); | 260 gChromeNet.Get()->set_pkp_list(std::move(gPkpList)); |
| 261 gChromeNet.Get() | |
| 262 ->set_enable_public_key_pinning_bypass_for_local_trust_anchors( | |
| 263 gEnablePKPBypassForLocalTrustAnchors); | |
| 256 for (const auto* quicHint : gQuicHints) { | 264 for (const auto* quicHint : gQuicHints) { |
| 257 gChromeNet.Get()->AddQuicHint(quicHint->host, quicHint->port, | 265 gChromeNet.Get()->AddQuicHint(quicHint->host, quicHint->port, |
| 258 quicHint->alternate_port); | 266 quicHint->alternate_port); |
| 259 } | 267 } |
| 260 | 268 |
| 261 [self configureCronetEnvironmentForTesting:gChromeNet.Get().get()]; | 269 [self configureCronetEnvironmentForTesting:gChromeNet.Get().get()]; |
| 262 gChromeNet.Get()->Start(); | 270 gChromeNet.Get()->Start(); |
| 263 gHttpProtocolHandlerDelegate.Get().reset( | 271 gHttpProtocolHandlerDelegate.Get().reset( |
| 264 new CronetHttpProtocolHandlerDelegate( | 272 new CronetHttpProtocolHandlerDelegate( |
| 265 gChromeNet.Get()->GetURLRequestContextGetter(), gRequestFilterBlock)); | 273 gChromeNet.Get()->GetURLRequestContextGetter(), gRequestFilterBlock)); |
| (...skipping 110 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 376 base::SysNSStringToUTF8(hostResolverRulesForTesting)); | 384 base::SysNSStringToUTF8(hostResolverRulesForTesting)); |
| 377 } | 385 } |
| 378 | 386 |
| 379 // This is a non-public dummy method that prevents the linker from stripping out | 387 // This is a non-public dummy method that prevents the linker from stripping out |
| 380 // the otherwise non-referenced methods from 'bidirectional_stream.cc'. | 388 // the otherwise non-referenced methods from 'bidirectional_stream.cc'. |
| 381 + (void)preventStrippingCronetBidirectionalStream { | 389 + (void)preventStrippingCronetBidirectionalStream { |
| 382 bidirectional_stream_create(NULL, 0, 0); | 390 bidirectional_stream_create(NULL, 0, 0); |
| 383 } | 391 } |
| 384 | 392 |
| 385 @end | 393 @end |
| OLD | NEW |
