OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/public/browser/browser_main_runner.h" | 5 #include "content/public/browser/browser_main_runner.h" |
6 | 6 |
7 #include "base/allocator/allocator_shim.h" | 7 #include "base/allocator/allocator_shim.h" |
8 #include "base/base_switches.h" | 8 #include "base/base_switches.h" |
9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
10 #include "base/debug/leak_annotations.h" | 10 #include "base/debug/leak_annotations.h" |
11 #include "base/debug/trace_event.h" | 11 #include "base/debug/trace_event.h" |
12 #include "base/logging.h" | 12 #include "base/logging.h" |
13 #include "base/metrics/histogram.h" | 13 #include "base/metrics/histogram.h" |
14 #include "base/metrics/statistics_recorder.h" | 14 #include "base/metrics/statistics_recorder.h" |
15 #include "content/browser/browser_main_loop.h" | 15 #include "content/browser/browser_main_loop.h" |
16 #include "content/browser/browser_shutdown_profile_dumper.h" | 16 #include "content/browser/browser_shutdown_profile_dumper.h" |
17 #include "content/browser/notification_service_impl.h" | 17 #include "content/browser/notification_service_impl.h" |
18 #include "content/public/common/content_switches.h" | 18 #include "content/public/common/content_switches.h" |
19 #include "content/public/common/main_function_params.h" | 19 #include "content/public/common/main_function_params.h" |
20 #include "ui/base/ime/input_method_initializer.h" | 20 #include "ui/base/ime/input_method_initializer.h" |
21 | 21 |
22 #if defined(OS_WIN) | 22 #if defined(OS_WIN) |
23 #include "base/win/windows_version.h" | 23 #include "base/win/windows_version.h" |
24 #include "net/cert/sha256_legacy_support_win.h" | |
25 #include "sandbox/win/src/sidestep/preamble_patcher.h" | |
24 #include "ui/base/win/scoped_ole_initializer.h" | 26 #include "ui/base/win/scoped_ole_initializer.h" |
25 #endif | 27 #endif |
26 | 28 |
27 bool g_exited_main_message_loop = false; | 29 bool g_exited_main_message_loop = false; |
28 | 30 |
29 namespace content { | 31 namespace content { |
30 | 32 |
33 #if defined(OS_WIN) | |
34 namespace { | |
35 | |
36 // Pointer to the original CryptVerifyCertificateSignatureEx function. | |
37 net::sha256_interception::CryptVerifyCertificateSignatureExFunc | |
38 g_real_crypt_verify_signature_stub = NULL; | |
39 | |
40 // Stub function that is called whenever the Crypt32 function | |
41 // CryptVerifyCertificateSignatureEx is called. It just defers to net to perform | |
42 // the actual verification. | |
43 BOOL WINAPI CryptVerifyCertificateSignatureExStub( | |
44 HCRYPTPROV_LEGACY provider, | |
45 DWORD encoding_type, | |
46 DWORD subject_type, | |
47 void* subject_data, | |
48 DWORD issuer_type, | |
49 void* issuer_data, | |
50 DWORD flags, | |
51 void* extra) { | |
52 return net::sha256_interception::CryptVerifyCertificateSignatureExHook( | |
53 g_real_crypt_verify_signature_stub, provider, encoding_type, subject_type, | |
54 subject_data, issuer_type, issuer_data, flags, extra); | |
55 } | |
56 | |
57 // If necessary, install an interception | |
58 void InstallSha256LegacyHooks() { | |
59 #if defined(_WIN64) | |
60 // Interception on x64 is not supported. | |
jam
2014/09/12 04:13:08
nit: move this to net::sha256_interception::IsNeed
Ryan Sleevi
2014/09/12 08:34:35
The logic behind this is that the function would t
| |
61 return; | |
62 #else | |
63 if (!net::sha256_interception::IsNeeded()) | |
64 return; | |
65 | |
66 net::sha256_interception::CryptVerifyCertificateSignatureExFunc | |
67 cert_verify_signature_ptr = reinterpret_cast< | |
68 net::sha256_interception::CryptVerifyCertificateSignatureExFunc>( | |
69 ::GetProcAddress(::GetModuleHandle(L"crypt32.dll"), | |
70 "CryptVerifyCertificateSignatureEx")); | |
71 CHECK(cert_verify_signature_ptr); | |
72 | |
73 DWORD old_protect = 0; | |
74 if (!::VirtualProtect(cert_verify_signature_ptr, 5, PAGE_EXECUTE_READWRITE, | |
75 &old_protect)) { | |
76 return; | |
77 } | |
78 | |
79 g_real_crypt_verify_signature_stub = | |
80 reinterpret_cast< | |
81 net::sha256_interception::CryptVerifyCertificateSignatureExFunc>( | |
82 VirtualAllocEx(::GetCurrentProcess(), NULL, | |
83 sidestep::kMaxPreambleStubSize, MEM_COMMIT, | |
84 PAGE_EXECUTE_READWRITE)); | |
85 if (g_real_crypt_verify_signature_stub == NULL) | |
86 return; | |
davidben
2014/09/12 22:51:17
If this return fires, we'll leave cert_verify_sign
| |
87 | |
88 sidestep::SideStepError patch_result = | |
89 sidestep::PreamblePatcher::Patch( | |
90 cert_verify_signature_ptr, CryptVerifyCertificateSignatureExStub, | |
91 g_real_crypt_verify_signature_stub, sidestep::kMaxPreambleStubSize); | |
92 if (patch_result != sidestep::SIDESTEP_SUCCESS) { | |
93 CHECK(::VirtualFreeEx(::GetCurrentProcess(), | |
94 g_real_crypt_verify_signature_stub, 0, | |
95 MEM_RELEASE)); | |
96 CHECK(::VirtualProtect(cert_verify_signature_ptr, 5, old_protect, | |
97 &old_protect)); | |
98 return; | |
99 } | |
100 | |
101 DWORD dummy = 0; | |
102 CHECK(::VirtualProtect(cert_verify_signature_ptr, 5, old_protect, &dummy)); | |
103 CHECK(::VirtualProtect(g_real_crypt_verify_signature_stub, | |
104 sidestep::kMaxPreambleStubSize, old_protect, | |
105 &old_protect)); | |
jam
2014/09/12 04:13:08
that's a lot of lines to patch the method. can you
Ryan Sleevi
2014/09/12 08:34:35
Nope. I worked with Carlos and Shrikant on this. B
| |
106 #endif // _WIN64 | |
107 } | |
108 | |
109 } // namespace | |
110 | |
111 #endif // OS_WIN | |
112 | |
31 class BrowserMainRunnerImpl : public BrowserMainRunner { | 113 class BrowserMainRunnerImpl : public BrowserMainRunner { |
32 public: | 114 public: |
33 BrowserMainRunnerImpl() | 115 BrowserMainRunnerImpl() |
34 : initialization_started_(false), is_shutdown_(false) {} | 116 : initialization_started_(false), is_shutdown_(false) {} |
35 | 117 |
36 virtual ~BrowserMainRunnerImpl() { | 118 virtual ~BrowserMainRunnerImpl() { |
37 if (initialization_started_ && !is_shutdown_) | 119 if (initialization_started_ && !is_shutdown_) |
38 Shutdown(); | 120 Shutdown(); |
39 } | 121 } |
40 | 122 |
(...skipping 16 matching lines...) Expand all Loading... | |
57 // When "Extend support of advanced text services to all programs" | 139 // When "Extend support of advanced text services to all programs" |
58 // (a.k.a. Cicero Unaware Application Support; CUAS) is enabled on | 140 // (a.k.a. Cicero Unaware Application Support; CUAS) is enabled on |
59 // Windows XP and handwriting modules shipped with Office 2003 are | 141 // Windows XP and handwriting modules shipped with Office 2003 are |
60 // installed, "penjpn.dll" and "skchui.dll" will be loaded and then | 142 // installed, "penjpn.dll" and "skchui.dll" will be loaded and then |
61 // crash unless a user installs Office 2003 SP3. To prevent these | 143 // crash unless a user installs Office 2003 SP3. To prevent these |
62 // modules from being loaded, disable TSF entirely. crbug.com/160914. | 144 // modules from being loaded, disable TSF entirely. crbug.com/160914. |
63 // TODO(yukawa): Add a high-level wrapper for this instead of calling | 145 // TODO(yukawa): Add a high-level wrapper for this instead of calling |
64 // Win32 API here directly. | 146 // Win32 API here directly. |
65 ImmDisableTextFrameService(static_cast<DWORD>(-1)); | 147 ImmDisableTextFrameService(static_cast<DWORD>(-1)); |
66 } | 148 } |
149 InstallSha256LegacyHooks(); | |
davidben
2014/09/12 22:51:17
Perhaps add tests the exercise the patched version
Ryan Sleevi
2014/09/23 21:59:58
Considering that the XP bots we have are SP3, I do
| |
67 #endif // OS_WIN | 150 #endif // OS_WIN |
68 | 151 |
69 base::StatisticsRecorder::Initialize(); | 152 base::StatisticsRecorder::Initialize(); |
70 | 153 |
71 notification_service_.reset(new NotificationServiceImpl); | 154 notification_service_.reset(new NotificationServiceImpl); |
72 | 155 |
73 #if defined(OS_WIN) | 156 #if defined(OS_WIN) |
74 // Ole must be initialized before starting message pump, so that TSF | 157 // Ole must be initialized before starting message pump, so that TSF |
75 // (Text Services Framework) module can interact with the message pump | 158 // (Text Services Framework) module can interact with the message pump |
76 // on Windows 8 Metro mode. | 159 // on Windows 8 Metro mode. |
(...skipping 117 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
194 | 277 |
195 DISALLOW_COPY_AND_ASSIGN(BrowserMainRunnerImpl); | 278 DISALLOW_COPY_AND_ASSIGN(BrowserMainRunnerImpl); |
196 }; | 279 }; |
197 | 280 |
198 // static | 281 // static |
199 BrowserMainRunner* BrowserMainRunner::Create() { | 282 BrowserMainRunner* BrowserMainRunner::Create() { |
200 return new BrowserMainRunnerImpl(); | 283 return new BrowserMainRunnerImpl(); |
201 } | 284 } |
202 | 285 |
203 } // namespace content | 286 } // namespace content |
OLD | NEW |