Fix random crash on app quit.

Move AtomCTDelegate to brightray as RequireCTDelegate and transfer ownership to
brightray::URLRequestContextGetter. This fixes the wrong lifetime assumptions
that result in AtomCTDelegate being used after free in some scenarios.

Close #10051

atom/browser/atom_browser_context.cc

@@ -13,7 +13,6 @@
 #include "atom/browser/net/about_protocol_handler.h"
 #include "atom/browser/net/asar/asar_protocol_handler.h"
 #include "atom/browser/net/atom_cert_verifier.h"
-#include "atom/browser/net/atom_ct_delegate.h"
 #include "atom/browser/net/atom_network_delegate.h"
 #include "atom/browser/net/atom_url_request_job_factory.h"
 #include "atom/browser/net/http_protocol_handler.h"
@@ -72,7 +71,6 @@ AtomBrowserContext::AtomBrowserContext(const std::string& partition,
                                        bool in_memory,
                                        const base::DictionaryValue& options)
     : brightray::BrowserContext(partition, in_memory),
-      ct_delegate_(new AtomCTDelegate),
       network_delegate_(new AtomNetworkDelegate),
       cookie_delegate_(new AtomCookieDelegate) {
   // Construct user agent string.
@@ -192,8 +190,9 @@ content::PermissionManager* AtomBrowserContext::GetPermissionManager() {
   return permission_manager_.get();
 }
 
-std::unique_ptr<net::CertVerifier> AtomBrowserContext::CreateCertVerifier() {
-  return base::WrapUnique(new AtomCertVerifier(ct_delegate_.get()));
+std::unique_ptr<net::CertVerifier> AtomBrowserContext::CreateCertVerifier(
+    brightray::RequireCTDelegate* ct_delegate) {
+  return base::WrapUnique(new AtomCertVerifier(ct_delegate));
 }
 
 std::vector<std::string> AtomBrowserContext::GetCookieableSchemes() {
@@ -204,11 +203,6 @@ std::vector<std::string> AtomBrowserContext::GetCookieableSchemes() {
   return default_schemes;
 }
 
-net::TransportSecurityState::RequireCTDelegate*
-AtomBrowserContext::GetRequireCTDelegate() {
-  return ct_delegate_.get();
-}
-
 void AtomBrowserContext::RegisterPrefs(PrefRegistrySimple* pref_registry) {
   pref_registry->RegisterFilePathPref(prefs::kSelectFileLastDirectory,
                                       base::FilePath());

atom/browser/atom_browser_context.h

@@ -15,7 +15,6 @@
 namespace atom {
 
 class AtomBlobReader;
-class AtomCTDelegate;
 class AtomDownloadManagerDelegate;
 class AtomNetworkDelegate;
 class AtomPermissionManager;
@@ -40,10 +39,9 @@ class AtomBrowserContext : public brightray::BrowserContext {
       content::ProtocolHandlerMap* protocol_handlers) override;
   net::HttpCache::BackendFactory* CreateHttpCacheBackendFactory(
       const base::FilePath& base_path) override;
-  std::unique_ptr<net::CertVerifier> CreateCertVerifier() override;
+  std::unique_ptr<net::CertVerifier> CreateCertVerifier(
+      brightray::RequireCTDelegate* ct_delegate) override;
   std::vector<std::string> GetCookieableSchemes() override;
-  net::TransportSecurityState::RequireCTDelegate* GetRequireCTDelegate()
-      override;
 
   // content::BrowserContext:
   content::DownloadManagerDelegate* GetDownloadManagerDelegate() override;
@@ -69,7 +67,6 @@ class AtomBrowserContext : public brightray::BrowserContext {
   std::unique_ptr<WebViewManager> guest_manager_;
   std::unique_ptr<AtomPermissionManager> permission_manager_;
   std::unique_ptr<AtomBlobReader> blob_reader_;
-  std::unique_ptr<AtomCTDelegate> ct_delegate_;
   std::string user_agent_;
   bool use_cache_;
 

atom/browser/net/atom_cert_verifier.cc

@@ -5,11 +5,11 @@
 #include "atom/browser/net/atom_cert_verifier.h"
 
 #include "atom/browser/browser.h"
-#include "atom/browser/net/atom_ct_delegate.h"
 #include "atom/common/native_mate_converters/net_converter.h"
 #include "base/containers/linked_list.h"
 #include "base/memory/ptr_util.h"
 #include "base/memory/weak_ptr.h"
+#include "brightray/browser/net/require_ct_delegate.h"
 #include "content/public/browser/browser_thread.h"
 #include "net/base/net_errors.h"
 #include "net/cert/cert_verify_result.h"
@@ -147,7 +147,7 @@ class CertVerifierRequest : public AtomCertVerifier::Request {
   base::WeakPtrFactory<CertVerifierRequest> weak_ptr_factory_;
 };
 
-AtomCertVerifier::AtomCertVerifier(AtomCTDelegate* ct_delegate)
+AtomCertVerifier::AtomCertVerifier(brightray::RequireCTDelegate* ct_delegate)
     : default_cert_verifier_(net::CertVerifier::CreateDefault()),
       ct_delegate_(ct_delegate) {}
 

atom/browser/net/atom_cert_verifier.h

@@ -11,9 +11,14 @@
 
 #include "net/cert/cert_verifier.h"
 
+namespace brightray {
+
+class RequireCTDelegate;
+
+}  // namespace brightray
+
 namespace atom {
 
-class AtomCTDelegate;
 class CertVerifierRequest;
 
 struct VerifyRequestParams {
@@ -25,7 +30,7 @@ struct VerifyRequestParams {
 
 class AtomCertVerifier : public net::CertVerifier {
  public:
-  explicit AtomCertVerifier(AtomCTDelegate* ct_delegate);
+  explicit AtomCertVerifier(brightray::RequireCTDelegate* ct_delegate);
   virtual ~AtomCertVerifier();
 
   using VerifyProc = base::Callback<void(const VerifyRequestParams& request,
@@ -34,7 +39,7 @@ class AtomCertVerifier : public net::CertVerifier {
   void SetVerifyProc(const VerifyProc& proc);
 
   const VerifyProc verify_proc() const { return verify_proc_; }
-  AtomCTDelegate* ct_delegate() const { return ct_delegate_; }
+  brightray::RequireCTDelegate* ct_delegate() const { return ct_delegate_; }
   net::CertVerifier* default_verifier() const {
     return default_cert_verifier_.get();
   }
@@ -58,7 +63,7 @@ class AtomCertVerifier : public net::CertVerifier {
   std::map<RequestParams, CertVerifierRequest*> inflight_requests_;
   VerifyProc verify_proc_;
   std::unique_ptr<net::CertVerifier> default_cert_verifier_;
-  AtomCTDelegate* ct_delegate_;
+  brightray::RequireCTDelegate* ct_delegate_;
 
   DISALLOW_COPY_AND_ASSIGN(AtomCertVerifier);
 };

atom/browser/net/atom_ct_delegate.cc

@@ -1,34 +0,0 @@
-// Copyright (c) 2016 GitHub, Inc.
-// Use of this source code is governed by the MIT license that can be
-// found in the LICENSE file.
-
-#include "atom/browser/net/atom_ct_delegate.h"
-
-#include "content/public/browser/browser_thread.h"
-
-namespace atom {
-
-AtomCTDelegate::AtomCTDelegate() {}
-
-AtomCTDelegate::~AtomCTDelegate() {}
-
-void AtomCTDelegate::AddCTExcludedHost(const std::string& host) {
-  DCHECK_CURRENTLY_ON(content::BrowserThread::IO);
-  ct_excluded_hosts_.insert(host);
-}
-
-void AtomCTDelegate::ClearCTExcludedHostsList() {
-  DCHECK_CURRENTLY_ON(content::BrowserThread::IO);
-  ct_excluded_hosts_.clear();
-}
-
-AtomCTDelegate::CTRequirementLevel AtomCTDelegate::IsCTRequiredForHost(
-    const std::string& host) {
-  DCHECK_CURRENTLY_ON(content::BrowserThread::IO);
-  if (!ct_excluded_hosts_.empty() &&
-      (ct_excluded_hosts_.find(host) != ct_excluded_hosts_.end()))
-    return CTRequirementLevel::NOT_REQUIRED;
-  return CTRequirementLevel::DEFAULT;
-}
-
-}  // namespace atom

atom/browser/net/atom_ct_delegate.h

@@ -1,33 +0,0 @@
-// Copyright (c) 2016 GitHub, Inc.
-// Use of this source code is governed by the MIT license that can be
-// found in the LICENSE file.
-
-#ifndef ATOM_BROWSER_NET_ATOM_CT_DELEGATE_H_
-#define ATOM_BROWSER_NET_ATOM_CT_DELEGATE_H_
-
-#include <set>
-#include <string>
-
-#include "net/http/transport_security_state.h"
-
-namespace atom {
-
-class AtomCTDelegate : public net::TransportSecurityState::RequireCTDelegate {
- public:
-  AtomCTDelegate();
-  ~AtomCTDelegate() override;
-
-  void AddCTExcludedHost(const std::string& host);
-  void ClearCTExcludedHostsList();
-
-  // net::TransportSecurityState::RequireCTDelegate:
-  CTRequirementLevel IsCTRequiredForHost(const std::string& host) override;
-
- private:
-  std::set<std::string> ct_excluded_hosts_;
-  DISALLOW_COPY_AND_ASSIGN(AtomCTDelegate);
-};
-
-}  // namespace atom
-
-#endif  // ATOM_BROWSER_NET_ATOM_CT_DELEGATE_H_