chromium/src
0
Fork 0
Code Activity
Files
be826009dec48265af15f6f4dbc8266a334f4df1
src/content/browser/network_service_instance_impl.h
Matt Mueller f783962d1b Reapply "Refactor how additional certificates are configured." 
Originally landed in commit 264e35de52
and was reverted in commit 9192ea3942 due
to a test failure.

Updated with changes to policy_certs_browsertest.cc to
address possible sources of flake.

Original CL description:
Previously they were set through CertVerifier::Config and passed into
CertVerifyProc::Verify on every verification attempt. This also means
they needed to be passed from the browser to the network service on
configuration, and then passed back to the cert verifier service on
every verification attempt.

The new flow stores them in the CertVerifyProc instance and uses the
CertVerifierWithUpdatableProc interface to update them.

(this CL borrows some of the CertVerifierServiceUpdater parts from https://chromium-review.googlesource.com/c/chromium/src/+/4909292)

Bug: 1477317,1427326,978854
Change-Id: Ia64c2af672dc29b473eaa11ad1f5b663ffeaf3b7
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5015687
Reviewed-by: Chris Thompson <cthomp@chromium.org>
Reviewed-by: Matthew Denton <mpdenton@chromium.org>
Reviewed-by: Ken Buchanan <kenrb@chromium.org>
Code-Coverage: findit-for-me@appspot.gserviceaccount.com <findit-for-me@appspot.gserviceaccount.com>
Commit-Queue: Matt Mueller <mattm@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Reviewed-by: Tsuyoshi Horo <horo@chromium.org>
Reviewed-by: David Trainor <dtrainor@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1223813}
2023-11-13 20:23:15 +00:00

76 lines
3.0 KiB
C++
Raw Blame History

// Copyright 2019 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CONTENT_BROWSER_NETWORK_SERVICE_INSTANCE_IMPL_H_
#define CONTENT_BROWSER_NETWORK_SERVICE_INSTANCE_IMPL_H_
#include "base/callback_list.h"
#include "base/functional/callback.h"
#include "content/common/content_export.h"
#include "mojo/public/cpp/bindings/remote.h"
#include "services/cert_verifier/public/mojom/cert_verifier_service_factory.mojom-forward.h"
#include "services/network/public/mojom/cert_verifier_service.mojom-forward.h"
#include "services/network/public/mojom/network_context.mojom-forward.h"
namespace content {
// Creates the network::NetworkService object on the IO thread directly instead
// of trying to go through the ServiceManager.
// This also calls ForceInProcessNetworkService().
CONTENT_EXPORT void ForceCreateNetworkServiceDirectlyForTesting();
// Resets the interface ptr to the network service.
CONTENT_EXPORT void ResetNetworkServiceForTesting();
using NetworkServiceProcessGoneHandler =
base::RepeatingCallback<void(bool crashed)>;
// Registers |handler| to run (on UI thread) after mojo::Remote<NetworkService>
// encounters an error, in which case `crashed` will be true, or after the
// NetworkService is purposely restarted by the browser, in which case `crashed`
// will be false. Note that there are no ordering guarantees wrt error
// handlers for other interfaces (e.g. mojo::Remote<NetworkContext> and/or
// mojo::Remote<URLLoaderFactory>).
//
// Can only be called on the UI thread. No-op if NetworkService is disabled.
CONTENT_EXPORT base::CallbackListSubscription
RegisterNetworkServiceProcessGoneHandler(
NetworkServiceProcessGoneHandler handler);
constexpr char kSSLKeyLogFileHistogram[] = "Net.SSLKeyLogFileUse";
// These values are persisted to logs. Entries should not be renumbered and
// numeric values should never be reused.
enum class SSLKeyLogFileAction {
kLogFileEnabled = 0,
kSwitchFound = 1,
kEnvVarFound = 2,
kMaxValue = kEnvVarFound,
};
// Shuts down the in-process network service or disconnects from the out-of-
// process one, allowing it to shut down.
CONTENT_EXPORT void ShutDownNetworkService();
// `on_restart` will be called at the end of every RestartNetworkService().
CONTENT_EXPORT void OnRestartNetworkServiceForTesting(
base::RepeatingClosure on_restart);
// Returns a CertVerifierParams that can be placed into a new
// network::mojom::NetworkContextParams.
//
// Like |GetCertVerifierParams| but the |cert_verifier_updater_remote| pipe
// passed in can be used to update the returned CertVerifierService with new
// verification parameters.
CONTENT_EXPORT network::mojom::CertVerifierServiceRemoteParamsPtr
GetCertVerifierParamsWithUpdater(
cert_verifier::mojom::CertVerifierCreationParamsPtr
cert_verifier_creation_params,
mojo::PendingReceiver<cert_verifier::mojom::CertVerifierServiceUpdater>
cert_verifier_updater_remote);
} // namespace content
#endif // CONTENT_BROWSER_NETWORK_SERVICE_INSTANCE_IMPL_H_
View Git Blame Copy Permalink