diff options
Diffstat (limited to 'src/core/profile_io_data_qt.cpp')
| -rw-r--r-- | src/core/profile_io_data_qt.cpp | 152 |
1 files changed, 88 insertions, 64 deletions
diff --git a/src/core/profile_io_data_qt.cpp b/src/core/profile_io_data_qt.cpp index a2613d3fc..68be09ad2 100644 --- a/src/core/profile_io_data_qt.cpp +++ b/src/core/profile_io_data_qt.cpp @@ -55,7 +55,9 @@ #include "net/cert/ct_log_verifier.h" #include "net/cert/ct_policy_enforcer.h" #include "net/cert/multi_log_ct_verifier.h" -#include "net/extras/sqlite/sqlite_channel_id_store.h" +#include "net/cert_net/cert_net_fetcher_impl.h" +#include "net/ftp/ftp_auth_cache.h" +#include "net/dns/host_resolver_manager.h" #include "net/http/http_auth_handler_factory.h" #include "net/http/http_auth_scheme.h" #include "net/http/http_auth_preferences.h" @@ -67,7 +69,6 @@ #include "net/proxy_resolution/pac_file_fetcher_impl.h" #include "net/proxy_resolution/proxy_config_service.h" #include "net/proxy_resolution/proxy_resolution_service.h" -#include "net/ssl/channel_id_service.h" #include "net/ssl/ssl_config_service_defaults.h" #include "net/url_request/data_protocol_handler.h" #include "net/url_request/file_protocol_handler.h" @@ -78,6 +79,7 @@ #include "net/url_request/url_request_intercepting_job_factory.h" #include "services/file/user_id_map.h" #include "services/network/proxy_service_mojo.h" +#include "services/network/restricted_cookie_manager.h" #include "net/client_cert_override.h" #include "net/client_cert_store_data.h" @@ -85,6 +87,7 @@ #include "net/custom_protocol_handler.h" #include "net/network_delegate_qt.h" #include "net/proxy_config_service_qt.h" +#include "net/restricted_cookie_manager_qt.h" #include "net/url_request_context_getter_qt.h" #include "profile_qt.h" #include "resource_context_qt.h" @@ -99,15 +102,17 @@ #include "net/cert_net/cert_net_fetcher_impl.h" #endif +#include <mutex> + namespace QtWebEngineCore { +static scoped_refptr<net::CertNetFetcherImpl> s_certNetFetcher; + static bool doNetworkSessionParamsMatch(const net::HttpNetworkSession::Params &first, const net::HttpNetworkSession::Params &second) { if (first.ignore_certificate_errors != second.ignore_certificate_errors) return false; - if (first.enable_channel_id != second.enable_channel_id) - return false; return true; } @@ -118,14 +123,14 @@ static bool doNetworkSessionContextMatch(const net::HttpNetworkSession::Context return false; if (first.cert_verifier != second.cert_verifier) return false; - if (first.channel_id_service != second.channel_id_service) - return false; if (first.proxy_resolution_service != second.proxy_resolution_service) return false; if (first.ssl_config_service != second.ssl_config_service) return false; if (first.http_auth_handler_factory != second.http_auth_handler_factory) return false; + if (first.http_user_agent_settings != second.http_user_agent_settings) + return false; if (first.http_server_properties != second.http_server_properties) return false; if (first.host_resolver != second.host_resolver) @@ -142,10 +147,10 @@ static net::HttpNetworkSession::Context generateNetworkSessionContext(net::URLRe net::HttpNetworkSession::Context network_session_context; network_session_context.transport_security_state = urlRequestContext->transport_security_state(); network_session_context.cert_verifier = urlRequestContext->cert_verifier(); - network_session_context.channel_id_service = urlRequestContext->channel_id_service(); network_session_context.proxy_resolution_service = urlRequestContext->proxy_resolution_service(); network_session_context.ssl_config_service = urlRequestContext->ssl_config_service(); network_session_context.http_auth_handler_factory = urlRequestContext->http_auth_handler_factory(); + network_session_context.http_user_agent_settings = urlRequestContext->http_user_agent_settings(); network_session_context.http_server_properties = urlRequestContext->http_server_properties(); network_session_context.host_resolver = urlRequestContext->host_resolver(); network_session_context.cert_transparency_verifier = urlRequestContext->cert_transparency_verifier(); @@ -165,7 +170,6 @@ ProfileIODataQt::ProfileIODataQt(ProfileQt *profile) #if QT_CONFIG(ssl) m_clientCertificateStoreData(new ClientCertificateStoreData), #endif - m_mutex(QMutex::Recursive), m_removerObserver(this), m_weakPtrFactory(this) { @@ -182,13 +186,18 @@ ProfileIODataQt::~ProfileIODataQt() #if defined(USE_NSS_CERTS) net::SetURLRequestContextForNSSHttpIO(nullptr); #endif -#if defined(OS_LINUX) ||defined(OS_MACOSX) - net::ShutdownGlobalCertNetFetcher(); -#endif + if (s_certNetFetcher) { + s_certNetFetcher->Shutdown(); + s_certNetFetcher.reset(); + } } - if (m_urlRequestContext && m_urlRequestContext->proxy_resolution_service()) - m_urlRequestContext->proxy_resolution_service()->OnShutdown(); + if (m_urlRequestContext) { + if (m_urlRequestContext->proxy_resolution_service()) + m_urlRequestContext->proxy_resolution_service()->OnShutdown(); + m_restrictedCookieManagerBindings.CloseAllBindings(); + cancelAllUrlRequests(); + } m_resourceContext.reset(); if (m_cookieDelegate) @@ -236,17 +245,23 @@ extensions::ExtensionSystemQt* ProfileIODataQt::GetExtensionSystem() } #endif // BUILDFLAG(ENABLE_EXTENSIONS) +base::WeakPtr<ProfileIODataQt> ProfileIODataQt::getWeakPtrOnUIThread() +{ + DCHECK_CURRENTLY_ON(content::BrowserThread::UI); + return m_weakPtr; +} + void ProfileIODataQt::initializeOnIOThread() { m_networkDelegate.reset(new NetworkDelegateQt(this)); - m_hostResolver = net::HostResolver::CreateDefaultResolver(NULL); + m_hostResolver = net::HostResolver::CreateStandaloneResolver(nullptr); m_urlRequestContext.reset(new net::URLRequestContext()); m_urlRequestContext->set_network_delegate(m_networkDelegate.get()); - m_urlRequestContext->set_enable_brotli(base::FeatureList::IsEnabled(features::kBrotliEncoding)); + m_urlRequestContext->set_enable_brotli(true); m_urlRequestContext->set_host_resolver(m_hostResolver.get()); // this binds factory to io thread m_weakPtr = m_weakPtrFactory.GetWeakPtr(); - QMutexLocker lock(&m_mutex); + const std::lock_guard<QRecursiveMutex> lock(m_mutex); generateAllStorage(); generateJobFactory(); setGlobalCertificateVerification(); @@ -261,8 +276,7 @@ void ProfileIODataQt::initializeOnUIThread() ProtocolHandlerRegistry* protocolHandlerRegistry = ProtocolHandlerRegistryFactory::GetForBrowserContext(m_profile); DCHECK(protocolHandlerRegistry); - m_protocolHandlerInterceptor = - protocolHandlerRegistry->CreateJobInterceptorFactory(); + m_protocolHandlerRegistryIOThreadDelegate = protocolHandlerRegistry->io_thread_delegate(); m_cookieDelegate = new CookieMonsterDelegateQt(); m_cookieDelegate->setClient(m_profile->profileAdapter()->cookieStore()); createProxyConfig(); @@ -286,7 +300,7 @@ void ProfileIODataQt::cancelAllUrlRequests() void ProfileIODataQt::generateAllStorage() { Q_ASSERT(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO)); - QMutexLocker lock(&m_mutex); + const std::lock_guard<QRecursiveMutex> lock(m_mutex); generateStorage(); generateCookieStore(); generateUserAgent(); @@ -298,10 +312,12 @@ void ProfileIODataQt::generateStorage() { Q_ASSERT(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO)); Q_ASSERT(m_urlRequestContext); +// Q_ASSERT(!m_mutex.tryLock()); // assert locked // We must stop all requests before deleting their backends. if (m_storage) { m_urlRequestContext->proxy_resolution_service()->OnShutdown(); + m_restrictedCookieManagerBindings.CloseAllBindings(); m_cookieDelegate->setCookieMonster(nullptr); m_storage->set_cookie_store(nullptr); cancelAllUrlRequests(); @@ -316,7 +332,7 @@ void ProfileIODataQt::generateStorage() net::ProxyConfigService *proxyConfigService = m_proxyConfigService.fetchAndStoreAcquire(0); Q_ASSERT(proxyConfigService); - std::unique_ptr<net::CertVerifier> cert_verifier = net::CertVerifier::CreateDefault(); + std::unique_ptr<net::CertVerifier> cert_verifier = net::CertVerifier::CreateDefault(s_certNetFetcher); net::CertVerifier::Config config; // Enable revocation checking: config.enable_rev_checking = true; @@ -330,8 +346,7 @@ void ProfileIODataQt::generateStorage() for (const auto &ct_log : certificate_transparency::GetKnownLogs()) { scoped_refptr<const net::CTLogVerifier> log_verifier = net::CTLogVerifier::Create(std::string(ct_log.log_key, ct_log.log_key_length), - ct_log.log_name, - ct_log.log_dns_domain); + ct_log.log_name); if (!log_verifier) continue; ct_logs.push_back(std::move(log_verifier)); @@ -346,7 +361,6 @@ void ProfileIODataQt::generateStorage() m_httpAuthPreferences->SetServerWhitelist(serverWhitelist); } m_storage->set_http_auth_handler_factory(net::HttpAuthHandlerFactory::CreateDefault( - m_urlRequestContext->host_resolver(), m_httpAuthPreferences.get())); m_storage->set_transport_security_state(std::make_unique<net::TransportSecurityState>()); @@ -380,6 +394,8 @@ void ProfileIODataQt::generateStorage() m_urlRequestContext->host_resolver(), nullptr /* NetLog */, m_urlRequestContext->network_delegate())); + + m_storage->set_ftp_auth_cache(std::make_unique<net::FtpAuthCache>()); } @@ -388,19 +404,9 @@ void ProfileIODataQt::generateCookieStore() Q_ASSERT(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO)); Q_ASSERT(m_urlRequestContext); - QMutexLocker lock(&m_mutex); - - scoped_refptr<net::SQLiteChannelIDStore> channel_id_db; - if (!m_channelIdPath.isEmpty() && m_persistentCookiesPolicy != ProfileAdapter::NoPersistentCookies) { - channel_id_db = new net::SQLiteChannelIDStore( - toFilePath(m_channelIdPath), - base::CreateSequencedTaskRunnerWithTraits( - {base::MayBlock(), base::TaskPriority::BEST_EFFORT})); - } + const std::lock_guard<QRecursiveMutex> lock(m_mutex); - m_storage->set_channel_id_service( - base::WrapUnique(new net::ChannelIDService( - new net::DefaultChannelIDStore(channel_id_db.get())))); + // FIXME: Add code to remove the old channel-id database. std::unique_ptr<net::CookieStore> cookieStore; switch (m_persistentCookiesPolicy) { @@ -434,13 +440,12 @@ void ProfileIODataQt::generateCookieStore() } net::CookieMonster * const cookieMonster = static_cast<net::CookieMonster*>(cookieStore.get()); - cookieStore->SetChannelIDServiceID(m_urlRequestContext->channel_id_service()->GetUniqueID()); m_cookieDelegate->setCookieMonster(cookieMonster); m_storage->set_cookie_store(std::move(cookieStore)); const std::vector<std::string> cookieableSchemes(kCookieableSchemes, kCookieableSchemes + base::size(kCookieableSchemes)); - cookieMonster->SetCookieableSchemes(cookieableSchemes); + cookieMonster->SetCookieableSchemes(cookieableSchemes, base::DoNothing()); } void ProfileIODataQt::generateUserAgent() @@ -449,7 +454,7 @@ void ProfileIODataQt::generateUserAgent() Q_ASSERT(m_urlRequestContext); Q_ASSERT(m_storage); - QMutexLocker lock(&m_mutex); + const std::lock_guard<QRecursiveMutex> lock(m_mutex); m_storage->set_http_user_agent_settings(std::unique_ptr<net::HttpUserAgentSettings>( new net::StaticHttpUserAgentSettings(m_httpAcceptLanguage.toStdString(), m_httpUserAgent.toStdString()))); @@ -461,7 +466,7 @@ void ProfileIODataQt::generateHttpCache() Q_ASSERT(m_urlRequestContext); Q_ASSERT(m_storage); - QMutexLocker lock(&m_mutex); + const std::lock_guard<QRecursiveMutex> lock(m_mutex); net::HttpCache::DefaultBackend* main_backend = 0; switch (m_httpCacheType) { @@ -497,7 +502,6 @@ void ProfileIODataQt::generateHttpCache() if (!m_httpNetworkSession || !doNetworkSessionParamsMatch(network_session_params, m_httpNetworkSession->params()) || !doNetworkSessionContextMatch(network_session_context, m_httpNetworkSession->context())) { - cancelAllUrlRequests(); m_httpNetworkSession.reset(new net::HttpNetworkSession(network_session_params, network_session_context)); } @@ -514,7 +518,7 @@ void ProfileIODataQt::generateJobFactory() Q_ASSERT(m_urlRequestContext); Q_ASSERT(!m_jobFactory); - QMutexLocker lock(&m_mutex); + const std::lock_guard<QRecursiveMutex> lock(m_mutex); m_updateJobFactory = false; std::unique_ptr<net::URLRequestJobFactoryImpl> jobFactory(new net::URLRequestJobFactoryImpl()); @@ -531,7 +535,7 @@ void ProfileIODataQt::generateJobFactory() jobFactory->SetProtocolHandler(url::kFileScheme, std::make_unique<net::FileProtocolHandler>(taskRunner)); jobFactory->SetProtocolHandler(url::kFtpScheme, - net::FtpProtocolHandler::Create(m_urlRequestContext->host_resolver())); + net::FtpProtocolHandler::Create(m_urlRequestContext->host_resolver(), m_urlRequestContext->ftp_auth_cache())); m_installedCustomSchemes = m_customUrlSchemes; for (const QByteArray &scheme : qAsConst(m_installedCustomSchemes)) { @@ -552,11 +556,6 @@ void ProfileIODataQt::generateJobFactory() m_requestInterceptors.clear(); - if (m_protocolHandlerInterceptor) { - m_protocolHandlerInterceptor->Chain(std::move(topJobFactory)); - topJobFactory = std::move(m_protocolHandlerInterceptor); - } - m_jobFactory = std::move(topJobFactory); m_urlRequestContext->set_job_factory(m_jobFactory.get()); @@ -569,7 +568,7 @@ void ProfileIODataQt::regenerateJobFactory() Q_ASSERT(m_jobFactory); Q_ASSERT(m_baseJobFactory); - QMutexLocker lock(&m_mutex); + const std::lock_guard<QRecursiveMutex> lock(m_mutex); m_updateJobFactory = false; if (m_customUrlSchemes == m_installedCustomSchemes) @@ -590,15 +589,15 @@ void ProfileIODataQt::regenerateJobFactory() void ProfileIODataQt::setGlobalCertificateVerification() { Q_ASSERT(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO)); - QMutexLocker lock(&m_mutex); + const std::lock_guard<QRecursiveMutex> lock(m_mutex); if (m_useForGlobalCertificateVerification) { #if defined(USE_NSS_CERTS) // Set request context used by NSS for OCSP requests. net::SetURLRequestContextForNSSHttpIO(m_urlRequestContext.get()); #endif -#if defined(OS_LINUX) || defined(OS_MACOSX) - net::SetGlobalCertNetFetcher(net::CreateCertNetFetcher(m_urlRequestContext.get())); -#endif + if (!s_certNetFetcher) + s_certNetFetcher = base::MakeRefCounted<net::CertNetFetcherImpl>(); + s_certNetFetcher->SetURLRequestContext(m_urlRequestContext.get()); } } @@ -616,7 +615,6 @@ void ProfileIODataQt::setFullConfiguration() Q_ASSERT(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI)); m_persistentCookiesPolicy = m_profileAdapter->persistentCookiesPolicy(); m_cookiesPath = m_profileAdapter->cookiesPath(); - m_channelIdPath = m_profileAdapter->channelIdPath(); m_httpAcceptLanguage = m_profileAdapter->httpAcceptLanguage(); m_httpUserAgent = m_profileAdapter->httpUserAgent(); m_httpCacheType = m_profileAdapter->httpCacheType(); @@ -629,7 +627,7 @@ void ProfileIODataQt::setFullConfiguration() void ProfileIODataQt::requestStorageGeneration() { Q_ASSERT(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI)); - QMutexLocker lock(&m_mutex); + const std::lock_guard<QRecursiveMutex> lock(m_mutex); if (m_initialized && !m_updateAllStorage) { m_updateAllStorage = true; createProxyConfig(); @@ -642,7 +640,7 @@ void ProfileIODataQt::requestStorageGeneration() { void ProfileIODataQt::createProxyConfig() { Q_ASSERT(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI)); - QMutexLocker lock(&m_mutex); + const std::lock_guard<QRecursiveMutex> lock(m_mutex); // We must create the proxy config service on the UI loop on Linux because it // must synchronously run on the glib message loop. This will be passed to // the URLRequestContextStorage on the IO thread in GetURLRequestContext(). @@ -656,14 +654,14 @@ void ProfileIODataQt::createProxyConfig() base::CreateSingleThreadTaskRunnerWithTraits({content::BrowserThread::IO})), initialConfig, initialConfigState); //pass interface to io thread - m_proxyResolverFactoryInterface = ChromeMojoProxyResolverFactory::CreateWithStrongBinding().PassInterface(); + m_proxyResolverFactoryInterface = ChromeMojoProxyResolverFactory::CreateWithSelfOwnedReceiver(); } void ProfileIODataQt::updateStorageSettings() { Q_ASSERT(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI)); - QMutexLocker lock(&m_mutex); + const std::lock_guard<QRecursiveMutex> lock(m_mutex); setFullConfiguration(); base::Token groupId = content::BrowserContext::GetServiceInstanceGroupFor(m_profile); @@ -678,10 +676,9 @@ void ProfileIODataQt::updateStorageSettings() void ProfileIODataQt::updateCookieStore() { Q_ASSERT(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI)); - QMutexLocker lock(&m_mutex); + const std::lock_guard<QRecursiveMutex> lock(m_mutex); m_persistentCookiesPolicy = m_profileAdapter->persistentCookiesPolicy(); m_cookiesPath = m_profileAdapter->cookiesPath(); - m_channelIdPath = m_profileAdapter->channelIdPath(); if (!m_pendingStorageRequestGeneration) requestStorageGeneration(); } @@ -689,7 +686,7 @@ void ProfileIODataQt::updateCookieStore() void ProfileIODataQt::updateUserAgent() { Q_ASSERT(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI)); - QMutexLocker lock(&m_mutex); + const std::lock_guard<QRecursiveMutex> lock(m_mutex); m_httpAcceptLanguage = m_profileAdapter->httpAcceptLanguage(); m_httpUserAgent = m_profileAdapter->httpUserAgent(); if (!m_pendingStorageRequestGeneration) @@ -699,7 +696,7 @@ void ProfileIODataQt::updateUserAgent() void ProfileIODataQt::updateHttpCache() { Q_ASSERT(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI)); - QMutexLocker lock(&m_mutex); + const std::lock_guard<QRecursiveMutex> lock(m_mutex); m_httpCacheType = m_profileAdapter->httpCacheType(); m_httpCachePath = m_profileAdapter->httpCachePath(); m_httpCacheMaxSize = m_profileAdapter->httpCacheMaxSize(); @@ -723,7 +720,7 @@ void ProfileIODataQt::updateHttpCache() void ProfileIODataQt::updateJobFactory() { Q_ASSERT(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI)); - QMutexLocker lock(&m_mutex); + const std::lock_guard<QRecursiveMutex> lock(m_mutex); m_customUrlSchemes = m_profileAdapter->customUrlSchemes(); @@ -737,7 +734,7 @@ void ProfileIODataQt::updateJobFactory() void ProfileIODataQt::updateRequestInterceptor() { Q_ASSERT(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI)); - QMutexLocker lock(&m_mutex); + const std::lock_guard<QRecursiveMutex> lock(m_mutex); m_requestInterceptor = m_profileAdapter->requestInterceptor(); m_hasPageInterceptors = m_profileAdapter->hasPageRequestInterceptor(); if (m_requestInterceptor) @@ -788,7 +785,9 @@ bool ProfileIODataQt::canGetCookies(const QUrl &firstPartyUrl, const QUrl &url) void ProfileIODataQt::updateUsedForGlobalCertificateVerification() { Q_ASSERT(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI)); - QMutexLocker lock(&m_mutex); + const std::lock_guard<QRecursiveMutex> lock(m_mutex); + if (m_useForGlobalCertificateVerification == m_profileAdapter->isUsedForGlobalCertificateVerification()) + return; m_useForGlobalCertificateVerification = m_profileAdapter->isUsedForGlobalCertificateVerification(); if (m_useForGlobalCertificateVerification) @@ -812,9 +811,34 @@ std::unique_ptr<net::ClientCertStore> ProfileIODataQt::CreateClientCertStore() #endif } +void ProfileIODataQt::CreateRestrictedCookieManager(network::mojom::RestrictedCookieManagerRequest request, + network::mojom::RestrictedCookieManagerRole role, + const url::Origin &origin, + bool is_service_worker, + int32_t process_id, + int32_t routing_id) +{ + Q_ASSERT(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO)); + m_restrictedCookieManagerBindings.AddBinding( + std::make_unique<RestrictedCookieManagerQt>( + m_weakPtr, + role, urlRequestContext()->cookie_store(), + &m_cookieSettings, origin, + is_service_worker, process_id, routing_id), + std::move(request)); +} + +// static +ProfileIODataQt *ProfileIODataQt::FromBrowserContext(content::BrowserContext *browser_context) +{ + Q_ASSERT(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI)); + return static_cast<ProfileQt *>(browser_context)->m_profileIOData.get(); +} + // static ProfileIODataQt *ProfileIODataQt::FromResourceContext(content::ResourceContext *resource_context) { + Q_ASSERT(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO)); return static_cast<ResourceContextQt *>(resource_context)->m_io_data; } |