// Copyright 2017 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "content/browser/network_service_instance_impl.h" #include <stdint.h> #include <memory> #include <string> #include <string_view> #include <utility> #include "base/base_paths.h" #include "base/callback_list.h" #include "base/check.h" #include "base/command_line.h" #include "base/environment.h" #include "base/feature_list.h" #include "base/files/file.h" #include "base/files/file_enumerator.h" #include "base/files/file_util.h" #include "base/functional/bind.h" #include "base/functional/callback_forward.h" #include "base/location.h" #include "base/message_loop/message_pump_type.h" #include "base/metrics/histogram_functions.h" #include "base/metrics/histogram_macros.h" #include "base/no_destructor.h" #include "base/numerics/safe_conversions.h" #include "base/strings/string_util.h" #include "base/strings/utf_string_conversions.h" #include "base/synchronization/waitable_event.h" #include "base/task/sequenced_task_runner.h" #include "base/task/single_thread_task_runner.h" #include "base/task/task_traits.h" #include "base/task/thread_pool.h" #include "base/threading/sequence_local_storage_slot.h" #include "base/threading/thread.h" #include "base/threading/thread_restrictions.h" #include "base/trace_event/trace_event.h" #include "build/build_config.h" #include "build/chromeos_buildflags.h" #include "content/browser/browser_main_loop.h" #include "content/browser/first_party_sets/first_party_sets_handler_impl.h" #include "content/browser/network/http_cache_backend_file_operations_factory.h" #include "content/browser/network/socket_broker_impl.h" #include "content/browser/network_sandbox_grant_result.h" #include "content/browser/network_service_client.h" #include "content/public/browser/browser_task_traits.h" #include "content/public/browser/browser_thread.h" #include "content/public/browser/content_browser_client.h" #include "content/public/browser/network_service_instance.h" #include "content/public/browser/network_service_util.h" #include "content/public/browser/service_process_host.h" #include "content/public/common/content_client.h" #include "content/public/common/content_features.h" #include "mojo/public/cpp/bindings/pending_receiver.h" #include "mojo/public/cpp/bindings/remote.h" #include "mojo/public/cpp/bindings/self_owned_receiver.h" #include "net/base/features.h" #include "net/base/network_change_notifier.h" #include "net/first_party_sets/global_first_party_sets.h" #include "net/log/file_net_log_observer.h" #include "net/log/net_log_util.h" #include "sandbox/policy/features.h" #include "services/cert_verifier/cert_verifier_service_factory.h" #include "services/cert_verifier/public/mojom/cert_verifier_service_factory.mojom.h" #include "services/network/network_service.h" #include "services/network/public/cpp/features.h" #include "services/network/public/cpp/network_switches.h" #include "services/network/public/mojom/net_log.mojom.h" #include "services/network/public/mojom/network_change_manager.mojom.h" #include "services/network/public/mojom/network_context.mojom.h" #include "services/network/public/mojom/network_interface_change_listener.mojom.h" #include "services/network/public/mojom/network_service.mojom.h" #include "services/network/public/mojom/network_service_test.mojom.h" #include "services/network/public/mojom/socket_broker.mojom.h" #if !BUILDFLAG(IS_ANDROID) #include "content/browser/network_sandbox.h" #endif #if BUILDFLAG(IS_WIN) #include "content/browser/network/network_service_process_tracker_win.h" #endif #if BUILDFLAG(IS_ANDROID) || BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) #include "content/browser/system_dns_resolution/system_dns_resolver.h" #include "services/network/public/mojom/system_dns_resolution.mojom-forward.h" #endif #if BUILDFLAG(IS_LINUX) #include "net/base/address_map_linux.h" #include "net/base/address_tracker_linux.h" #include "services/network/public/mojom/network_interface_change_listener.mojom.h" #endif namespace content { namespace { #if BUILDFLAG(IS_POSIX) // Environment variable pointing to Kerberos credential cache file. constexpr char kKrb5CCEnvName[] = …; // Environment variable pointing to Kerberos config file. constexpr char kKrb5ConfEnvName[] = …; #endif #if BUILDFLAG(IS_CHROMEOS) // File paths to the Kerberos credentials cache and configuration. The `FILE:` // prefix describes the type of credentials cache used. The `/home/chronos/user` // subpath corresponds to a bind mount of the active user. constexpr char kKrb5CCFilePath[] = "FILE:/home/chronos/user/kerberos/krb5cc"; constexpr char kKrb5ConfFilePath[] = "/home/chronos/user/kerberos/krb5.conf"; #endif // BUILDFLAG(IS_CHROMEOS) bool g_force_create_network_service_directly = …; mojo::Remote<network::mojom::NetworkService>* g_network_service_remote = …; network::NetworkConnectionTracker* g_network_connection_tracker; bool g_network_service_is_responding = …; // A directory name that is created below the http cache path and passed to the // network context when creating a network context with cache enabled. // This must be a directory below the main cache path so operations such as // resetting the cache via HttpCacheParams.reset_cache can function correctly // as they rely on having access to the parent directory of the cache. const base::FilePath::CharType kCacheDataDirectoryName[] = …); std::unique_ptr<network::NetworkService>& GetLocalNetworkService() { … } // If this feature is enabled, the Network Service will run on its own thread // when running in-process; otherwise it will run on the IO thread. // // On Chrome OS, the Network Service must run on the IO thread because // ProfileIOData and NetworkContext both try to set up NSS, which has to be // called from the IO thread. BASE_FEATURE(…); base::Thread& GetNetworkServiceDedicatedThread() { … } // The instance NetworkService used when hosting the service in-process. This is // set up by |CreateInProcessNetworkServiceOnThread()| and destroyed by // |ShutDownNetworkService()|. network::NetworkService* g_in_process_instance = …; static NetworkServiceClient* g_client = …; void CreateInProcessNetworkServiceOnThread( mojo::PendingReceiver<network::mojom::NetworkService> receiver) { … } // A utility function to make it clear what behavior is expected by the network // context instance depending on the various errors that can happen during data // migration. // // If this function returns 'true' then the `data_directory` should be used (if // specified in the network context params). If this function returns 'false' // then the `unsandboxed_data_path` should be used. bool IsSafeToUseDataPath(SandboxGrantResult result) { … } // Takes a cache dir and deletes all files in it except those in 'Cache_Data' // directory. This can be removed once all caches have been moved to the new // sub-directory, around M99. void MaybeDeleteOldCache(const base::FilePath& cache_dir) { … } void CreateNetworkContextInternal( mojo::PendingReceiver<network::mojom::NetworkContext> context, network::mojom::NetworkContextParamsPtr params, SandboxGrantResult grant_access_result) { … } scoped_refptr<base::SequencedTaskRunner>& GetNetworkTaskRunnerStorage() { … } void CreateInProcessNetworkService( mojo::PendingReceiver<network::mojom::NetworkService> receiver) { … } #if BUILDFLAG(IS_ANDROID) || BUILDFLAG(IS_LINUX) // Runs a self-owned SystemDnsResolverMojoImpl. This is meant to run on a // high-priority thread pool. void RunSystemDnsResolverOnThreadPool( mojo::PendingReceiver<network::mojom::SystemDnsResolver> dns_receiver) { … } #endif // BUILDFLAG(IS_ANDROID) || BUILDFLAG(IS_LINUX) || // BUILDFLAG(IS_CHROMEOS) network::mojom::NetworkServiceParamsPtr CreateNetworkServiceParams() { … } void CreateNetworkServiceOnIOForTesting( mojo::PendingReceiver<network::mojom::NetworkService> receiver, base::WaitableEvent* completion_event) { … } void BindNetworkChangeManagerReceiver( mojo::PendingReceiver<network::mojom::NetworkChangeManager> receiver) { … } base::RepeatingCallbackList<void(bool)>& GetProcessGoneHandlersList() { … } void OnNetworkServiceProcessGone(bool crashed) { … } // Parses the desired granularity of NetLog capturing specified by the command // line. net::NetLogCaptureMode GetNetCaptureModeFromCommandLine( const base::CommandLine& command_line) { … } // Parse the maximum file size for the NetLog, if one was specified. // kNoLimit indicates no, valid, maximum size was specified. base::StrictNumeric<uint64_t> GetNetLogMaximumFileSizeFromCommandLine( const base::CommandLine& command_line) { … } } // namespace uint64_t GetNetLogMaximumFileSizeFromCommandLineForTesting( // IN-TEST const base::CommandLine& command_line) { … } class NetworkServiceInstancePrivate { … }; network::mojom::NetworkService* GetNetworkService() { … } base::CallbackListSubscription RegisterNetworkServiceProcessGoneHandler( NetworkServiceProcessGoneHandler handler) { … } #if BUILDFLAG(IS_CHROMEOS) net::NetworkChangeNotifier* GetNetworkChangeNotifier() { return BrowserMainLoop::GetInstance()->network_change_notifier(); } #endif void FlushNetworkServiceInstanceForTesting() { … } network::NetworkConnectionTracker* GetNetworkConnectionTracker() { … } void GetNetworkConnectionTrackerFromUIThread( base::OnceCallback<void(network::NetworkConnectionTracker*)> callback) { … } network::NetworkConnectionTrackerAsyncGetter CreateNetworkConnectionTrackerAsyncGetter() { … } void SetNetworkConnectionTrackerForTesting( network::NetworkConnectionTracker* network_connection_tracker) { … } const scoped_refptr<base::SequencedTaskRunner>& GetNetworkTaskRunner() { … } void ForceCreateNetworkServiceDirectlyForTesting() { … } void ResetNetworkServiceForTesting() { … } void ShutDownNetworkService() { … } void RestartNetworkService() { … } namespace { cert_verifier::mojom::CertVerifierServiceFactory* g_cert_verifier_service_factory_for_testing = …; std::unique_ptr<cert_verifier::CertVerifierServiceFactoryImpl>& GetCertVerifierServiceFactoryImplStorage() { … } void RunInProcessCertVerifierServiceFactory( mojo::PendingReceiver<cert_verifier::mojom::CertVerifierServiceFactory> receiver) { … } // Owns the CertVerifierServiceFactory used by the browser. // Lives on the UI thread. mojo::Remote<cert_verifier::mojom::CertVerifierServiceFactory>& GetCertVerifierServiceFactoryRemoteStorage() { … } } // namespace // Returns a pointer to a CertVerifierServiceFactory usable on the UI thread. cert_verifier::mojom::CertVerifierServiceFactory* GetCertVerifierServiceFactory() { … } mojo::Remote<cert_verifier::mojom::CertVerifierServiceFactory>& GetCertVerifierServiceFactoryRemoteForTesting() { … } cert_verifier::CertVerifierServiceFactoryImpl* GetCertVerifierServiceFactoryForTesting() { … } network::mojom::CertVerifierServiceRemoteParamsPtr GetCertVerifierParams( cert_verifier::mojom::CertVerifierCreationParamsPtr cert_verifier_creation_params) { … } network::mojom::CertVerifierServiceRemoteParamsPtr GetCertVerifierParamsWithUpdater( cert_verifier::mojom::CertVerifierCreationParamsPtr cert_verifier_creation_params, mojo::PendingReceiver<cert_verifier::mojom::CertVerifierServiceUpdater> cert_verifier_updater_remote) { … } void SetCertVerifierServiceFactoryForTesting( cert_verifier::mojom::CertVerifierServiceFactory* service_factory) { … } void MaybeCleanCacheDirectory(network::mojom::NetworkContextParams* params) { … } void CreateNetworkContextInNetworkService( mojo::PendingReceiver<network::mojom::NetworkContext> context, network::mojom::NetworkContextParamsPtr params) { … } } // namespace content
Codebase Browser
chromium