electron/atom/browser/io_thread.cc

114 lines
4.1 KiB
C++

// Copyright (c) 2017 GitHub, Inc.
// Use of this source code is governed by the MIT license that can be
// found in the LICENSE file.
#include "atom/browser/io_thread.h"
#include "atom/common/options_switches.h"
#include "components/net_log/chrome_net_log.h"
#include "content/public/browser/browser_thread.h"
#include "content/public/browser/network_service_instance.h"
#include "net/proxy_resolution/proxy_resolution_service.h"
#include "net/url_request/url_request_context.h"
#include "net/url_request/url_request_context_builder.h"
#include "net/url_request/url_request_context_getter.h"
#include "services/network/network_service.h"
#if defined(USE_NSS_CERTS)
#include "net/cert_net/nss_ocsp.h"
#endif
#if defined(OS_LINUX) || defined(OS_MACOSX)
#include "net/cert/cert_net_fetcher.h"
#include "net/cert_net/cert_net_fetcher_impl.h"
#endif
using content::BrowserThread;
namespace {
network::mojom::HttpAuthStaticParamsPtr CreateHttpAuthStaticParams() {
network::mojom::HttpAuthStaticParamsPtr auth_static_params =
network::mojom::HttpAuthStaticParams::New();
auth_static_params->supported_schemes = {"basic", "digest", "ntlm",
"negotiate"};
return auth_static_params;
}
network::mojom::HttpAuthDynamicParamsPtr CreateHttpAuthDynamicParams(
const base::CommandLine& command_line) {
network::mojom::HttpAuthDynamicParamsPtr auth_dynamic_params =
network::mojom::HttpAuthDynamicParams::New();
auth_dynamic_params->server_whitelist =
command_line.GetSwitchValueASCII(atom::switches::kAuthServerWhitelist);
auth_dynamic_params->delegate_whitelist = command_line.GetSwitchValueASCII(
atom::switches::kAuthNegotiateDelegateWhitelist);
return auth_dynamic_params;
}
} // namespace
IOThread::IOThread(net_log::ChromeNetLog* net_log) : net_log_(net_log) {
BrowserThread::SetIOThreadDelegate(this);
}
IOThread::~IOThread() {
BrowserThread::SetIOThreadDelegate(nullptr);
}
void IOThread::Init() {
// Create the network service, so that shared host resolver
// gets created which is required to set the auth preferences below.
auto& command_line = *base::CommandLine::ForCurrentProcess();
auto* network_service = content::GetNetworkServiceImpl();
network_service->SetUpHttpAuth(CreateHttpAuthStaticParams());
network_service->ConfigureHttpAuthPrefs(
CreateHttpAuthDynamicParams(command_line));
net::URLRequestContextBuilder builder;
// TODO(deepak1556): We need to respoect user proxy configurations,
// the following initialization has to happen before any request
// contexts are utilized by the io thread, so that proper cert validation
// take place, solutions:
// 1) Use the request context from default partition, but since
// an app can completely run on a custom session without ever creating
// the default session, we will have to force create the default session
// in those scenarios.
// 2) Add a new api on app module that sets the proxy configuration
// for the global requests, like the cert fetchers below and
// geolocation requests.
// 3) There is also ongoing work in upstream which will eventually allow
// localizing these global fetchers to their own URLRequestContexts.
builder.set_proxy_resolution_service(
net::ProxyResolutionService::CreateDirect());
url_request_context_ = builder.Build();
url_request_context_getter_ = new net::TrivialURLRequestContextGetter(
url_request_context_.get(), base::ThreadTaskRunnerHandle::Get());
#if defined(USE_NSS_CERTS)
net::SetURLRequestContextForNSSHttpIO(url_request_context_.get());
#endif
#if defined(OS_LINUX) || defined(OS_MACOSX)
net::SetGlobalCertNetFetcher(
net::CreateCertNetFetcher(url_request_context_.get()));
#endif
}
void IOThread::CleanUp() {
#if defined(USE_NSS_CERTS)
net::SetURLRequestContextForNSSHttpIO(nullptr);
#endif
#if defined(OS_LINUX) || defined(OS_MACOSX)
net::ShutdownGlobalCertNetFetcher();
#endif
// Explicitly release before the IO thread gets destroyed.
url_request_context_.reset();
url_request_context_getter_ = nullptr;
if (net_log_)
net_log_->ShutDownBeforeTaskScheduler();
}