OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/io_thread.h" | 5 #include "chrome/browser/io_thread.h" |
6 | 6 |
7 #include <vector> | 7 #include <vector> |
8 | 8 |
| 9 #include "base/base64.h" |
9 #include "base/bind.h" | 10 #include "base/bind.h" |
10 #include "base/bind_helpers.h" | 11 #include "base/bind_helpers.h" |
11 #include "base/command_line.h" | 12 #include "base/command_line.h" |
12 #include "base/compiler_specific.h" | 13 #include "base/compiler_specific.h" |
13 #include "base/debug/leak_tracker.h" | 14 #include "base/debug/leak_tracker.h" |
14 #include "base/debug/trace_event.h" | 15 #include "base/debug/trace_event.h" |
15 #include "base/logging.h" | 16 #include "base/logging.h" |
16 #include "base/metrics/field_trial.h" | 17 #include "base/metrics/field_trial.h" |
17 #include "base/prefs/pref_registry_simple.h" | 18 #include "base/prefs/pref_registry_simple.h" |
18 #include "base/prefs/pref_service.h" | 19 #include "base/prefs/pref_service.h" |
(...skipping 24 matching lines...) Expand all Loading... |
43 #include "chrome/browser/policy/policy_service.h" | 44 #include "chrome/browser/policy/policy_service.h" |
44 #include "chrome/common/chrome_switches.h" | 45 #include "chrome/common/chrome_switches.h" |
45 #include "chrome/common/pref_names.h" | 46 #include "chrome/common/pref_names.h" |
46 #include "chrome/common/url_constants.h" | 47 #include "chrome/common/url_constants.h" |
47 #include "content/public/browser/browser_thread.h" | 48 #include "content/public/browser/browser_thread.h" |
48 #include "net/base/host_mapping_rules.h" | 49 #include "net/base/host_mapping_rules.h" |
49 #include "net/base/net_util.h" | 50 #include "net/base/net_util.h" |
50 #include "net/base/network_time_notifier.h" | 51 #include "net/base/network_time_notifier.h" |
51 #include "net/base/sdch_manager.h" | 52 #include "net/base/sdch_manager.h" |
52 #include "net/cert/cert_verifier.h" | 53 #include "net/cert/cert_verifier.h" |
| 54 #include "net/cert/ct_known_logs.h" |
| 55 #include "net/cert/ct_verifier.h" |
53 #include "net/cookies/cookie_monster.h" | 56 #include "net/cookies/cookie_monster.h" |
54 #include "net/dns/host_cache.h" | 57 #include "net/dns/host_cache.h" |
55 #include "net/dns/host_resolver.h" | 58 #include "net/dns/host_resolver.h" |
56 #include "net/dns/mapped_host_resolver.h" | 59 #include "net/dns/mapped_host_resolver.h" |
57 #include "net/ftp/ftp_network_layer.h" | 60 #include "net/ftp/ftp_network_layer.h" |
58 #include "net/http/http_auth_filter.h" | 61 #include "net/http/http_auth_filter.h" |
59 #include "net/http/http_auth_handler_factory.h" | 62 #include "net/http/http_auth_handler_factory.h" |
60 #include "net/http/http_network_layer.h" | 63 #include "net/http/http_network_layer.h" |
61 #include "net/http/http_server_properties_impl.h" | 64 #include "net/http/http_server_properties_impl.h" |
62 #include "net/proxy/proxy_config_service.h" | 65 #include "net/proxy/proxy_config_service.h" |
(...skipping 12 matching lines...) Expand all Loading... |
75 #include "net/websockets/websocket_job.h" | 78 #include "net/websockets/websocket_job.h" |
76 | 79 |
77 #if defined(OS_WIN) | 80 #if defined(OS_WIN) |
78 #include "win8/util/win8_util.h" | 81 #include "win8/util/win8_util.h" |
79 #endif | 82 #endif |
80 | 83 |
81 #if defined(ENABLE_CONFIGURATION_POLICY) | 84 #if defined(ENABLE_CONFIGURATION_POLICY) |
82 #include "policy/policy_constants.h" | 85 #include "policy/policy_constants.h" |
83 #endif | 86 #endif |
84 | 87 |
| 88 #if !defined(USE_OPENSSL) |
| 89 #include "net/cert/ct_log_verifier.h" |
| 90 #include "net/cert/multi_log_ct_verifier.h" |
| 91 #endif |
| 92 |
85 #if defined(USE_NSS) || defined(OS_IOS) | 93 #if defined(USE_NSS) || defined(OS_IOS) |
86 #include "net/ocsp/nss_ocsp.h" | 94 #include "net/ocsp/nss_ocsp.h" |
87 #endif | 95 #endif |
88 | 96 |
89 #if !defined(OS_IOS) && !defined(OS_ANDROID) | 97 #if !defined(OS_IOS) && !defined(OS_ANDROID) |
90 #include "net/proxy/proxy_resolver_v8.h" | 98 #include "net/proxy/proxy_resolver_v8.h" |
91 #endif | 99 #endif |
92 | 100 |
93 #if defined(OS_ANDROID) || defined(OS_IOS) | 101 #if defined(OS_ANDROID) || defined(OS_IOS) |
94 #include "chrome/browser/net/spdyproxy/data_reduction_proxy_settings.h" | 102 #include "chrome/browser/net/spdyproxy/data_reduction_proxy_settings.h" |
(...skipping 103 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
198 // See IOThread::Globals for details. | 206 // See IOThread::Globals for details. |
199 net::URLRequestContext* | 207 net::URLRequestContext* |
200 ConstructProxyScriptFetcherContext(IOThread::Globals* globals, | 208 ConstructProxyScriptFetcherContext(IOThread::Globals* globals, |
201 net::NetLog* net_log) { | 209 net::NetLog* net_log) { |
202 net::URLRequestContext* context = new net::URLRequestContext; | 210 net::URLRequestContext* context = new net::URLRequestContext; |
203 context->set_net_log(net_log); | 211 context->set_net_log(net_log); |
204 context->set_host_resolver(globals->host_resolver.get()); | 212 context->set_host_resolver(globals->host_resolver.get()); |
205 context->set_cert_verifier(globals->cert_verifier.get()); | 213 context->set_cert_verifier(globals->cert_verifier.get()); |
206 context->set_transport_security_state( | 214 context->set_transport_security_state( |
207 globals->transport_security_state.get()); | 215 globals->transport_security_state.get()); |
| 216 context->set_cert_transparency_verifier( |
| 217 globals->cert_transparency_verifier.get()); |
208 context->set_http_auth_handler_factory( | 218 context->set_http_auth_handler_factory( |
209 globals->http_auth_handler_factory.get()); | 219 globals->http_auth_handler_factory.get()); |
210 context->set_proxy_service(globals->proxy_script_fetcher_proxy_service.get()); | 220 context->set_proxy_service(globals->proxy_script_fetcher_proxy_service.get()); |
211 context->set_http_transaction_factory( | 221 context->set_http_transaction_factory( |
212 globals->proxy_script_fetcher_http_transaction_factory.get()); | 222 globals->proxy_script_fetcher_http_transaction_factory.get()); |
213 context->set_job_factory( | 223 context->set_job_factory( |
214 globals->proxy_script_fetcher_url_request_job_factory.get()); | 224 globals->proxy_script_fetcher_url_request_job_factory.get()); |
215 context->set_cookie_store(globals->system_cookie_store.get()); | 225 context->set_cookie_store(globals->system_cookie_store.get()); |
216 context->set_server_bound_cert_service( | 226 context->set_server_bound_cert_service( |
217 globals->system_server_bound_cert_service.get()); | 227 globals->system_server_bound_cert_service.get()); |
218 context->set_network_delegate(globals->system_network_delegate.get()); | 228 context->set_network_delegate(globals->system_network_delegate.get()); |
219 context->set_http_user_agent_settings( | 229 context->set_http_user_agent_settings( |
220 globals->http_user_agent_settings.get()); | 230 globals->http_user_agent_settings.get()); |
221 // TODO(rtenneti): We should probably use HttpServerPropertiesManager for the | 231 // TODO(rtenneti): We should probably use HttpServerPropertiesManager for the |
222 // system URLRequestContext too. There's no reason this should be tied to a | 232 // system URLRequestContext too. There's no reason this should be tied to a |
223 // profile. | 233 // profile. |
224 return context; | 234 return context; |
225 } | 235 } |
226 | 236 |
227 net::URLRequestContext* | 237 net::URLRequestContext* |
228 ConstructSystemRequestContext(IOThread::Globals* globals, | 238 ConstructSystemRequestContext(IOThread::Globals* globals, |
229 net::NetLog* net_log) { | 239 net::NetLog* net_log) { |
230 net::URLRequestContext* context = new SystemURLRequestContext; | 240 net::URLRequestContext* context = new SystemURLRequestContext; |
231 context->set_net_log(net_log); | 241 context->set_net_log(net_log); |
232 context->set_host_resolver(globals->host_resolver.get()); | 242 context->set_host_resolver(globals->host_resolver.get()); |
233 context->set_cert_verifier(globals->cert_verifier.get()); | 243 context->set_cert_verifier(globals->cert_verifier.get()); |
234 context->set_transport_security_state( | 244 context->set_transport_security_state( |
235 globals->transport_security_state.get()); | 245 globals->transport_security_state.get()); |
| 246 context->set_cert_transparency_verifier( |
| 247 globals->cert_transparency_verifier.get()); |
236 context->set_http_auth_handler_factory( | 248 context->set_http_auth_handler_factory( |
237 globals->http_auth_handler_factory.get()); | 249 globals->http_auth_handler_factory.get()); |
238 context->set_proxy_service(globals->system_proxy_service.get()); | 250 context->set_proxy_service(globals->system_proxy_service.get()); |
239 context->set_http_transaction_factory( | 251 context->set_http_transaction_factory( |
240 globals->system_http_transaction_factory.get()); | 252 globals->system_http_transaction_factory.get()); |
241 context->set_cookie_store(globals->system_cookie_store.get()); | 253 context->set_cookie_store(globals->system_cookie_store.get()); |
242 context->set_server_bound_cert_service( | 254 context->set_server_bound_cert_service( |
243 globals->system_server_bound_cert_service.get()); | 255 globals->system_server_bound_cert_service.get()); |
244 context->set_throttler_manager(globals->throttler_manager.get()); | 256 context->set_throttler_manager(globals->throttler_manager.get()); |
245 context->set_network_delegate(globals->system_network_delegate.get()); | 257 context->set_network_delegate(globals->system_network_delegate.get()); |
(...skipping 275 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
521 &system_enable_referrers_); | 533 &system_enable_referrers_); |
522 if (command_line.HasSwitch(switches::kEnableClientHints)) | 534 if (command_line.HasSwitch(switches::kEnableClientHints)) |
523 network_delegate->SetEnableClientHints(); | 535 network_delegate->SetEnableClientHints(); |
524 if (command_line.HasSwitch(switches::kDisableExtensionsHttpThrottling)) | 536 if (command_line.HasSwitch(switches::kDisableExtensionsHttpThrottling)) |
525 network_delegate->NeverThrottleRequests(); | 537 network_delegate->NeverThrottleRequests(); |
526 globals_->system_network_delegate.reset(network_delegate); | 538 globals_->system_network_delegate.reset(network_delegate); |
527 globals_->host_resolver = CreateGlobalHostResolver(net_log_); | 539 globals_->host_resolver = CreateGlobalHostResolver(net_log_); |
528 UpdateDnsClientEnabled(); | 540 UpdateDnsClientEnabled(); |
529 globals_->cert_verifier.reset(net::CertVerifier::CreateDefault()); | 541 globals_->cert_verifier.reset(net::CertVerifier::CreateDefault()); |
530 globals_->transport_security_state.reset(new net::TransportSecurityState()); | 542 globals_->transport_security_state.reset(new net::TransportSecurityState()); |
| 543 #if !defined(USE_OPENSSL) |
| 544 // For now, Certificate Transparency is only implemented for platforms |
| 545 // that use NSS. |
| 546 net::MultiLogCTVerifier* ct_verifier = new net::MultiLogCTVerifier(); |
| 547 globals_->cert_transparency_verifier.reset(ct_verifier); |
| 548 |
| 549 // Add built-in logs |
| 550 ct_verifier->AddLog(net::ct::CreateGooglePilotLogVerifier().Pass()); |
| 551 ct_verifier->AddLog(net::ct::CreateGoogleAviatorLogVerifier().Pass()); |
| 552 ct_verifier->AddLog(net::ct::CreateGoogleRocketeerLogVerifier().Pass()); |
| 553 |
| 554 // Add logs from command line |
| 555 if (command_line.HasSwitch(switches::kCertificateTransparencyLog)) { |
| 556 std::string switch_value = command_line.GetSwitchValueASCII( |
| 557 switches::kCertificateTransparencyLog); |
| 558 size_t delim_pos = switch_value.find(":"); |
| 559 CHECK(delim_pos != std::string::npos) |
| 560 << "CT log description not provided (switch format" |
| 561 " is 'description:base64_key')"; |
| 562 std::string log_description(switch_value.substr(0, delim_pos)); |
| 563 std::string ct_public_key_data; |
| 564 CHECK(base::Base64Decode( |
| 565 switch_value.substr(delim_pos + 1), |
| 566 &ct_public_key_data)) << "Unable to decode CT public key."; |
| 567 scoped_ptr<net::CTLogVerifier> external_log_verifier( |
| 568 net::CTLogVerifier::Create(ct_public_key_data, log_description)); |
| 569 CHECK(external_log_verifier) << "Unable to parse CT public key."; |
| 570 ct_verifier->AddLog(external_log_verifier.Pass()); |
| 571 } |
| 572 #else |
| 573 if (command_line.HasSwitch(switches::kCertificateTransparencyLog)) { |
| 574 LOG(DFATAL) << "Certificate Transparency is not yet supported in Chrome " |
| 575 "builds using OpenSSL."; |
| 576 } |
| 577 #endif |
531 globals_->ssl_config_service = GetSSLConfigService(); | 578 globals_->ssl_config_service = GetSSLConfigService(); |
532 #if defined(OS_ANDROID) || defined(OS_IOS) | 579 #if defined(OS_ANDROID) || defined(OS_IOS) |
533 if (DataReductionProxySettings::IsDataReductionProxyAllowed()) { | 580 if (DataReductionProxySettings::IsDataReductionProxyAllowed()) { |
534 spdyproxy_auth_origins_ = | 581 spdyproxy_auth_origins_ = |
535 DataReductionProxySettings::GetDataReductionProxies(); | 582 DataReductionProxySettings::GetDataReductionProxies(); |
536 } | 583 } |
537 #endif // defined(OS_ANDROID) || defined(OS_IOS) | 584 #endif // defined(OS_ANDROID) || defined(OS_IOS) |
538 globals_->http_auth_handler_factory.reset(CreateDefaultAuthHandlerFactory( | 585 globals_->http_auth_handler_factory.reset(CreateDefaultAuthHandlerFactory( |
539 globals_->host_resolver.get())); | 586 globals_->host_resolver.get())); |
540 globals_->http_server_properties.reset(new net::HttpServerPropertiesImpl()); | 587 globals_->http_server_properties.reset(new net::HttpServerPropertiesImpl()); |
(...skipping 528 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1069 if (!length_str.ends_with(kQuicFieldTrialPacketLengthSuffix)) { | 1116 if (!length_str.ends_with(kQuicFieldTrialPacketLengthSuffix)) { |
1070 return 0; | 1117 return 0; |
1071 } | 1118 } |
1072 length_str.remove_suffix(strlen(kQuicFieldTrialPacketLengthSuffix)); | 1119 length_str.remove_suffix(strlen(kQuicFieldTrialPacketLengthSuffix)); |
1073 unsigned value; | 1120 unsigned value; |
1074 if (!base::StringToUint(length_str, &value)) { | 1121 if (!base::StringToUint(length_str, &value)) { |
1075 return 0; | 1122 return 0; |
1076 } | 1123 } |
1077 return value; | 1124 return value; |
1078 } | 1125 } |
OLD | NEW |