OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/io_thread.h" | 5 #include "chrome/browser/io_thread.h" |
6 | 6 |
7 #include <vector> | 7 #include <vector> |
8 | 8 |
9 #include "base/base64.h" | 9 #include "base/base64.h" |
10 #include "base/bind.h" | 10 #include "base/bind.h" |
(...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
46 #include "components/data_reduction_proxy/core/browser/data_reduction_proxy_pref s.h" | 46 #include "components/data_reduction_proxy/core/browser/data_reduction_proxy_pref s.h" |
47 #include "components/data_reduction_proxy/core/browser/data_reduction_proxy_prot ocol.h" | 47 #include "components/data_reduction_proxy/core/browser/data_reduction_proxy_prot ocol.h" |
48 #include "components/data_reduction_proxy/core/browser/data_reduction_proxy_sett ings.h" | 48 #include "components/data_reduction_proxy/core/browser/data_reduction_proxy_sett ings.h" |
49 #include "components/data_reduction_proxy/core/common/data_reduction_proxy_param s.h" | 49 #include "components/data_reduction_proxy/core/common/data_reduction_proxy_param s.h" |
50 #include "components/policy/core/common/policy_service.h" | 50 #include "components/policy/core/common/policy_service.h" |
51 #include "components/variations/variations_associated_data.h" | 51 #include "components/variations/variations_associated_data.h" |
52 #include "content/public/browser/browser_thread.h" | 52 #include "content/public/browser/browser_thread.h" |
53 #include "content/public/browser/cookie_store_factory.h" | 53 #include "content/public/browser/cookie_store_factory.h" |
54 #include "net/base/host_mapping_rules.h" | 54 #include "net/base/host_mapping_rules.h" |
55 #include "net/base/net_util.h" | 55 #include "net/base/net_util.h" |
56 #include "net/cert/cert_policy_enforcer.h" | |
56 #include "net/cert/cert_verifier.h" | 57 #include "net/cert/cert_verifier.h" |
57 #include "net/cert/cert_verify_proc.h" | 58 #include "net/cert/cert_verify_proc.h" |
58 #include "net/cert/ct_known_logs.h" | 59 #include "net/cert/ct_known_logs.h" |
60 #include "net/cert/ct_known_logs_static.h" | |
59 #include "net/cert/ct_log_verifier.h" | 61 #include "net/cert/ct_log_verifier.h" |
60 #include "net/cert/ct_verifier.h" | 62 #include "net/cert/ct_verifier.h" |
61 #include "net/cert/multi_log_ct_verifier.h" | 63 #include "net/cert/multi_log_ct_verifier.h" |
62 #include "net/cert/multi_threaded_cert_verifier.h" | 64 #include "net/cert/multi_threaded_cert_verifier.h" |
63 #include "net/cookies/cookie_store.h" | 65 #include "net/cookies/cookie_store.h" |
64 #include "net/dns/host_cache.h" | 66 #include "net/dns/host_cache.h" |
65 #include "net/dns/host_resolver.h" | 67 #include "net/dns/host_resolver.h" |
66 #include "net/dns/mapped_host_resolver.h" | 68 #include "net/dns/mapped_host_resolver.h" |
67 #include "net/ftp/ftp_network_layer.h" | 69 #include "net/ftp/ftp_network_layer.h" |
68 #include "net/http/http_auth_filter.h" | 70 #include "net/http/http_auth_filter.h" |
(...skipping 564 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
633 &ct_public_key_data)) | 635 &ct_public_key_data)) |
634 << "Unable to decode CT public key."; | 636 << "Unable to decode CT public key."; |
635 scoped_ptr<net::CTLogVerifier> external_log_verifier( | 637 scoped_ptr<net::CTLogVerifier> external_log_verifier( |
636 net::CTLogVerifier::Create(ct_public_key_data, log_description)); | 638 net::CTLogVerifier::Create(ct_public_key_data, log_description)); |
637 CHECK(external_log_verifier) << "Unable to parse CT public key."; | 639 CHECK(external_log_verifier) << "Unable to parse CT public key."; |
638 VLOG(1) << "Adding log with description " << log_description; | 640 VLOG(1) << "Adding log with description " << log_description; |
639 ct_verifier->AddLog(external_log_verifier.Pass()); | 641 ct_verifier->AddLog(external_log_verifier.Pass()); |
640 } | 642 } |
641 } | 643 } |
642 | 644 |
645 net::CertPolicyEnforcer* policy_enforcer = NULL; | |
646 // TODO(eranm): In M41 Certificate Transparency presence will be required | |
647 // by for EV certificates. Remove this flag for M41. | |
Ryan Sleevi
2014/11/28 15:27:44
This comment is out of date.
// TODO(eranm): Cont
Eran Messeri
2014/12/01 13:59:02
Done.
| |
648 if (command_line.HasSwitch(switches::kRequireCTForEV)) { | |
649 policy_enforcer = new net::CertPolicyEnforcer(kNumKnownCTLogs, true); | |
650 } else { | |
651 policy_enforcer = new net::CertPolicyEnforcer(kNumKnownCTLogs, false); | |
652 } | |
653 globals_->cert_policy_enforcer.reset(policy_enforcer); | |
654 | |
643 globals_->ssl_config_service = GetSSLConfigService(); | 655 globals_->ssl_config_service = GetSSLConfigService(); |
644 | 656 |
645 SetupDataReductionProxy(network_delegate); | 657 SetupDataReductionProxy(network_delegate); |
646 | 658 |
647 globals_->http_auth_handler_factory.reset(CreateDefaultAuthHandlerFactory( | 659 globals_->http_auth_handler_factory.reset(CreateDefaultAuthHandlerFactory( |
648 globals_->host_resolver.get())); | 660 globals_->host_resolver.get())); |
649 globals_->http_server_properties.reset(new net::HttpServerPropertiesImpl()); | 661 globals_->http_server_properties.reset(new net::HttpServerPropertiesImpl()); |
650 // For the ProxyScriptFetcher, we use a direct ProxyService. | 662 // For the ProxyScriptFetcher, we use a direct ProxyService. |
651 globals_->proxy_script_fetcher_proxy_service.reset( | 663 globals_->proxy_script_fetcher_proxy_service.reset( |
652 net::ProxyService::CreateDirectWithNetLog(net_log_)); | 664 net::ProxyService::CreateDirectWithNetLog(net_log_)); |
(...skipping 326 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
979 net::HttpNetworkSession::Params* params) { | 991 net::HttpNetworkSession::Params* params) { |
980 InitializeNetworkSessionParamsFromGlobals(*globals_, params); | 992 InitializeNetworkSessionParamsFromGlobals(*globals_, params); |
981 } | 993 } |
982 | 994 |
983 // static | 995 // static |
984 void IOThread::InitializeNetworkSessionParamsFromGlobals( | 996 void IOThread::InitializeNetworkSessionParamsFromGlobals( |
985 const IOThread::Globals& globals, | 997 const IOThread::Globals& globals, |
986 net::HttpNetworkSession::Params* params) { | 998 net::HttpNetworkSession::Params* params) { |
987 params->host_resolver = globals.host_resolver.get(); | 999 params->host_resolver = globals.host_resolver.get(); |
988 params->cert_verifier = globals.cert_verifier.get(); | 1000 params->cert_verifier = globals.cert_verifier.get(); |
1001 params->cert_policy_enforcer = globals.cert_policy_enforcer.get(); | |
989 params->channel_id_service = globals.system_channel_id_service.get(); | 1002 params->channel_id_service = globals.system_channel_id_service.get(); |
990 params->transport_security_state = globals.transport_security_state.get(); | 1003 params->transport_security_state = globals.transport_security_state.get(); |
991 params->ssl_config_service = globals.ssl_config_service.get(); | 1004 params->ssl_config_service = globals.ssl_config_service.get(); |
992 params->http_auth_handler_factory = globals.http_auth_handler_factory.get(); | 1005 params->http_auth_handler_factory = globals.http_auth_handler_factory.get(); |
993 params->http_server_properties = | 1006 params->http_server_properties = |
994 globals.http_server_properties->GetWeakPtr(); | 1007 globals.http_server_properties->GetWeakPtr(); |
995 params->network_delegate = globals.system_network_delegate.get(); | 1008 params->network_delegate = globals.system_network_delegate.get(); |
996 params->host_mapping_rules = globals.host_mapping_rules.get(); | 1009 params->host_mapping_rules = globals.host_mapping_rules.get(); |
997 params->enable_ssl_connect_job_waiting = | 1010 params->enable_ssl_connect_job_waiting = |
998 globals.enable_ssl_connect_job_waiting; | 1011 globals.enable_ssl_connect_job_waiting; |
(...skipping 415 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1414 net::QuicVersionVector supported_versions = net::QuicSupportedVersions(); | 1427 net::QuicVersionVector supported_versions = net::QuicSupportedVersions(); |
1415 for (size_t i = 0; i < supported_versions.size(); ++i) { | 1428 for (size_t i = 0; i < supported_versions.size(); ++i) { |
1416 net::QuicVersion version = supported_versions[i]; | 1429 net::QuicVersion version = supported_versions[i]; |
1417 if (net::QuicVersionToString(version) == quic_version) { | 1430 if (net::QuicVersionToString(version) == quic_version) { |
1418 return version; | 1431 return version; |
1419 } | 1432 } |
1420 } | 1433 } |
1421 | 1434 |
1422 return net::QUIC_VERSION_UNSUPPORTED; | 1435 return net::QUIC_VERSION_UNSUPPORTED; |
1423 } | 1436 } |
OLD | NEW |