Blame - content/browser/network_service_instance_impl.cc - chromium/src

blob: 44753eb4e1159b9cc4e582535a6431e34f3585d5 [file] [log] [blame]

Avi Drissman	4e1b7bc3	2022-09-15 14:03:50	[diff] [blame]	1	// Copyright 2017 The Chromium Authors
John Abd-El-Malek	deec008	2017-12-20 20:47:47	[diff] [blame]	2	// Use of this source code is governed by a BSD-style license that can be
				3	// found in the LICENSE file.
				4
John Abd-El-Malek	984dc00	2019-05-29 01:26:59	[diff] [blame]	5	#include "content/browser/network_service_instance_impl.h"
John Abd-El-Malek	deec008	2017-12-20 20:47:47	[diff] [blame]	6
Dan McArdle	0c085b2	2024-07-12 14:15:23	[diff] [blame]	7	#include <stdint.h>
				8
Lukasz Anforowicz	ce4487b7	2018-10-23 18:05:53	[diff] [blame]	9	#include <memory>
				10	#include <string>
Md Hasibul Hasan	a963a934	2024-04-03 10:15:14	[diff] [blame]	11	#include <string_view>
Lukasz Anforowicz	ce4487b7	2018-10-23 18:05:53	[diff] [blame]	12	#include <utility>
				13
Felipe Andrade	a9174c6	2022-08-16 18:35:11	[diff] [blame]	14	#include "base/base_paths.h"
Matthew Denton	095b697	2023-11-02 21:56:17	[diff] [blame]	15	#include "base/callback_list.h"
Matt Mueller	e6df72cb	2023-04-12 22:08:37	[diff] [blame]	16	#include "base/check.h"
Gabriel Charette	f385133	2022-04-28 23:39:18	[diff] [blame]	17	#include "base/command_line.h"
Doug Turner	0851234	2018-09-24 20:54:19	[diff] [blame]	18	#include "base/environment.h"
John Abd-El-Malek	deec008	2017-12-20 20:47:47	[diff] [blame]	19	#include "base/feature_list.h"
Matt Menke	04db81d	2020-07-29 21:54:58	[diff] [blame]	20	#include "base/files/file.h"
Will Harris	dac11fb	2021-09-08 02:21:41	[diff] [blame]	21	#include "base/files/file_util.h"
Avi Drissman	adac2199	2023-01-11 23:46:39	[diff] [blame]	22	#include "base/functional/bind.h"
Matthew Denton	542c43c	2023-08-18 07:32:17	[diff] [blame]	23	#include "base/functional/callback_forward.h"
Matthew Denton	402a9900	2023-06-20 08:19:38	[diff] [blame]	24	#include "base/location.h"
Ken Rockot	91216c0f	2019-10-11 20:38:11	[diff] [blame]	25	#include "base/message_loop/message_pump_type.h"
Will Harris	dac11fb	2021-09-08 02:21:41	[diff] [blame]	26	#include "base/metrics/histogram_functions.h"
Clark DuVall	984239a	2019-08-08 23:38:33	[diff] [blame]	27	#include "base/metrics/histogram_macros.h"
Lukasz Anforowicz	ce4487b7	2018-10-23 18:05:53	[diff] [blame]	28	#include "base/no_destructor.h"
Dan McArdle	0c085b2	2024-07-12 14:15:23	[diff] [blame]	29	#include "base/numerics/safe_conversions.h"
Dheeraj Pannala	98969a2f	2025-04-17 01:15:08	[diff] [blame]	30	#include "base/strings/string_number_conversions.h"
Doug Turner	0851234	2018-09-24 20:54:19	[diff] [blame]	31	#include "base/strings/string_util.h"
				32	#include "base/strings/utf_string_conversions.h"
Robbie McElrath	8dc3acc	2019-08-15 20:43:04	[diff] [blame]	33	#include "base/synchronization/waitable_event.h"
Patrick Monette	643cdf6	2021-10-15 19:13:42	[diff] [blame]	34	#include "base/task/sequenced_task_runner.h"
Sean Maher	e672a66	2023-01-09 21:42:28	[diff] [blame]	35	#include "base/task/single_thread_task_runner.h"
Matthew Denton	402a9900	2023-06-20 08:19:38	[diff] [blame]	36	#include "base/task/task_traits.h"
Will Harris	dac11fb	2021-09-08 02:21:41	[diff] [blame]	37	#include "base/task/thread_pool.h"
John Abd-El-Malek	984dc00	2019-05-29 01:26:59	[diff] [blame]	38	#include "base/threading/sequence_local_storage_slot.h"
Ken Rockot	91216c0f	2019-10-11 20:38:11	[diff] [blame]	39	#include "base/threading/thread.h"
Matt Menke	04db81d	2020-07-29 21:54:58	[diff] [blame]	40	#include "base/threading/thread_restrictions.h"
Dheeraj Pannala	98969a2f	2025-04-17 01:15:08	[diff] [blame]	41	#include "base/time/time.h"
Egor Pasko	75389f1	2022-03-22 16:09:11	[diff] [blame]	42	#include "base/trace_event/trace_event.h"
Yoichi Osato	ccb0837	2023-10-02 08:34:37	[diff] [blame]	43	#include "build/build_config.h"
Robbie McElrath	995a2bf	2018-11-19 23:21:59	[diff] [blame]	44	#include "content/browser/browser_main_loop.h"
Shuran Huang	10398150	2022-03-28 21:52:18	[diff] [blame]	45	#include "content/browser/first_party_sets/first_party_sets_handler_impl.h"
Takashi Toyoshima	bfc3b281	2022-10-07 23:51:37	[diff] [blame]	46	#include "content/browser/network/http_cache_backend_file_operations_factory.h"
				47	#include "content/browser/network/socket_broker_impl.h"
Egor Pasko	75389f1	2022-03-22 16:09:11	[diff] [blame]	48	#include "content/browser/network_sandbox_grant_result.h"
John Abd-El-Malek	deec008	2017-12-20 20:47:47	[diff] [blame]	49	#include "content/browser/network_service_client.h"
Eric Seckler	8652dcd5	2018-09-20 10:42:28	[diff] [blame]	50	#include "content/public/browser/browser_task_traits.h"
John Abd-El-Malek	deec008	2017-12-20 20:47:47	[diff] [blame]	51	#include "content/public/browser/browser_thread.h"
				52	#include "content/public/browser/content_browser_client.h"
John Abd-El-Malek	984dc00	2019-05-29 01:26:59	[diff] [blame]	53	#include "content/public/browser/network_service_instance.h"
Yoichi Osato	e040014	2023-05-30 19:35:40	[diff] [blame]	54	#include "content/public/browser/network_service_util.h"
Ken Rockot	91216c0f	2019-10-11 20:38:11	[diff] [blame]	55	#include "content/public/browser/service_process_host.h"
Hans Wennborg	5ffd139	2019-10-16 11:00:02	[diff] [blame]	56	#include "content/public/common/content_client.h"
Yutaka Hirano	92bdfa2	2022-06-01 15:51:33	[diff] [blame]	57	#include "content/public/common/content_features.h"
Will Harris	66b7f8a	2025-07-18 17:56:43	[diff] [blame]	58	#include "content/public/common/content_switches.h"
Ken Rockot	91216c0f	2019-10-11 20:38:11	[diff] [blame]	59	#include "mojo/public/cpp/bindings/pending_receiver.h"
Julie Jeongeun Kim	a3471c6	2019-10-15 07:09:24	[diff] [blame]	60	#include "mojo/public/cpp/bindings/remote.h"
Yutaka Hirano	de9868f	2022-04-27 02:48:44	[diff] [blame]	61	#include "mojo/public/cpp/bindings/self_owned_receiver.h"
				62	#include "net/base/features.h"
Matthew Denton	1ca2b3d	2023-04-20 03:17:56	[diff] [blame]	63	#include "net/base/network_change_notifier.h"
Chris Fredrickson	0cad372	2022-09-30 14:50:31	[diff] [blame]	64	#include "net/first_party_sets/global_first_party_sets.h"
sbingler	072b9784	2023-07-26 20:29:05	[diff] [blame]	65	#include "net/log/file_net_log_observer.h"
Matt Menke	38662e2	2018-08-07 12:18:11	[diff] [blame]	66	#include "net/log/net_log_util.h"
Liza Burakova	2707060	2022-07-01 05:27:40	[diff] [blame]	67	#include "sandbox/policy/features.h"
Matthew Denton	03c45a2	2020-06-01 23:40:48	[diff] [blame]	68	#include "services/cert_verifier/cert_verifier_service_factory.h"
Matthew Denton	1d7839c	2020-11-27 04:59:23	[diff] [blame]	69	#include "services/cert_verifier/public/mojom/cert_verifier_service_factory.mojom.h"
John Abd-El-Malek	8e82a32	2018-01-31 20:30:47	[diff] [blame]	70	#include "services/network/network_service.h"
Yutaka Hirano	d8789f9	2018-01-30 09:59:51	[diff] [blame]	71	#include "services/network/public/cpp/features.h"
Matt Menke	38662e2	2018-08-07 12:18:11	[diff] [blame]	72	#include "services/network/public/cpp/network_switches.h"
Hayato Ito	743f066	2025-07-17 01:05:49	[diff] [blame]	73	#include "services/network/public/cpp/sequence_manager_configurator.h"
Matt Menke	55a16f0	2018-10-09 23:07:53	[diff] [blame]	74	#include "services/network/public/mojom/net_log.mojom.h"
Robbie McElrath	f572f527	2018-08-17 21:21:42	[diff] [blame]	75	#include "services/network/public/mojom/network_change_manager.mojom.h"
Hans Wennborg	78b5218	2021-06-15 13:42:15	[diff] [blame]	76	#include "services/network/public/mojom/network_context.mojom.h"
Matthew Denton	e4eac43	2023-04-21 04:58:32	[diff] [blame]	77	#include "services/network/public/mojom/network_interface_change_listener.mojom.h"
Etienne Pierre-doray	0df4474a	2019-10-16 14:56:39	[diff] [blame]	78	#include "services/network/public/mojom/network_service.mojom.h"
Ken Rockot	91216c0f	2019-10-11 20:38:11	[diff] [blame]	79	#include "services/network/public/mojom/network_service_test.mojom.h"
Liza Burakova	2707060	2022-07-01 05:27:40	[diff] [blame]	80	#include "services/network/public/mojom/socket_broker.mojom.h"
John Abd-El-Malek	deec008	2017-12-20 20:47:47	[diff] [blame]	81
Egor Pasko	75389f1	2022-03-22 16:09:11	[diff] [blame]	82	#if !BUILDFLAG(IS_ANDROID)
				83	#include "content/browser/network_sandbox.h"
				84	#endif
Will Harris	1967f844	2021-02-05 20:34:22	[diff] [blame]	85
Will Harris	f26ad34	2022-09-06 02:03:28	[diff] [blame]	86	#if BUILDFLAG(IS_WIN)
Takashi Toyoshima	bfc3b281	2022-10-07 23:51:37	[diff] [blame]	87	#include "content/browser/network/network_service_process_tracker_win.h"
Will Harris	f26ad34	2022-09-06 02:03:28	[diff] [blame]	88	#endif
				89
Matthew Denton	a9b3770	2022-10-28 22:23:20	[diff] [blame]	90	#if BUILDFLAG(IS_ANDROID) \|\| BUILDFLAG(IS_LINUX) \|\| BUILDFLAG(IS_CHROMEOS)
				91	#include "content/browser/system_dns_resolution/system_dns_resolver.h"
				92	#include "services/network/public/mojom/system_dns_resolution.mojom-forward.h"
				93	#endif
				94
Matthew Denton	1ca2b3d	2023-04-20 03:17:56	[diff] [blame]	95	#if BUILDFLAG(IS_LINUX)
				96	#include "net/base/address_map_linux.h"
				97	#include "net/base/address_tracker_linux.h"
				98	#include "services/network/public/mojom/network_interface_change_listener.mojom.h"
				99	#endif
				100
John Abd-El-Malek	deec008	2017-12-20 20:47:47	[diff] [blame]	101	namespace content {
				102
				103	namespace {
				104
Xiaohan Wang	1ecfd00	2022-01-19 22:33:10	[diff] [blame]	105	#if BUILDFLAG(IS_POSIX)
Felipe Andrade	fc9bc63	2023-10-26 20:26:07	[diff] [blame]	106	// Environment variable pointing to Kerberos credential cache file.
Robbie McElrath	fa25a7c	2019-03-13 17:54:36	[diff] [blame]	107	constexpr char kKrb5CCEnvName[] = "KRB5CCNAME";
				108	// Environment variable pointing to Kerberos config file.
				109	constexpr char kKrb5ConfEnvName[] = "KRB5_CONFIG";
				110	#endif
				111
Matthew Denton	850436d	2023-10-23 22:29:29	[diff] [blame]	112	#if BUILDFLAG(IS_CHROMEOS)
Felipe Andrade	fc9bc63	2023-10-26 20:26:07	[diff] [blame]	113	// File paths to the Kerberos credentials cache and configuration. The `FILE:`
				114	// prefix describes the type of credentials cache used. The `/home/chronos/user`
				115	// subpath corresponds to a bind mount of the active user.
				116	constexpr char kKrb5CCFilePath[] = "FILE:/home/chronos/user/kerberos/krb5cc";
				117	constexpr char kKrb5ConfFilePath[] = "/home/chronos/user/kerberos/krb5.conf";
Matthew Denton	850436d	2023-10-23 22:29:29	[diff] [blame]	118	#endif // BUILDFLAG(IS_CHROMEOS)
Felipe Andrade	a9174c6	2022-08-16 18:35:11	[diff] [blame]	119
John Abd-El-Malek	984dc00	2019-05-29 01:26:59	[diff] [blame]	120	bool g_force_create_network_service_directly = false;
Will Harris	66b7f8a	2025-07-18 17:56:43	[diff] [blame]	121	bool g_network_service_crashes_on_next_startup = false;
Julie Jeongeun Kim	a3471c6	2019-10-15 07:09:24	[diff] [blame]	122	mojo::Remote<network::mojom::NetworkService>* g_network_service_remote =
				123	nullptr;
Robbie McElrath	f961dc5	2018-08-08 21:29:26	[diff] [blame]	124	network::NetworkConnectionTracker* g_network_connection_tracker;
Clark DuVall	b026e58	2019-07-31 19:50:38	[diff] [blame]	125	bool g_network_service_is_responding = false;
John Abd-El-Malek	984dc00	2019-05-29 01:26:59	[diff] [blame]	126
John Abd-El-Malek	984dc00	2019-05-29 01:26:59	[diff] [blame]	127	std::unique_ptr<network::NetworkService>& GetLocalNetworkService() {
Avi Drissman	ded7717	2021-07-02 18:23:00	[diff] [blame]	128	static base::SequenceLocalStorageSlot<
				129	std::unique_ptr<network::NetworkService>>
John Abd-El-Malek	984dc00	2019-05-29 01:26:59	[diff] [blame]	130	service;
Avi Drissman	ded7717	2021-07-02 18:23:00	[diff] [blame]	131	return service.GetOrCreateValue();
John Abd-El-Malek	984dc00	2019-05-29 01:26:59	[diff] [blame]	132	}
John Abd-El-Malek	deec008	2017-12-20 20:47:47	[diff] [blame]	133
Ken Rockot	91216c0f	2019-10-11 20:38:11	[diff] [blame]	134	base::Thread& GetNetworkServiceDedicatedThread() {
				135	static base::NoDestructor<base::Thread> thread{"NetworkService"};
John Abd-El-Malek	a5fe84b	2022-03-18 01:05:29	[diff] [blame]	136	DCHECK(base::FeatureList::IsEnabled(kNetworkServiceDedicatedThread));
Ken Rockot	91216c0f	2019-10-11 20:38:11	[diff] [blame]	137	return *thread;
				138	}
				139
Ken Rockot	7ff141d	2019-11-01 21:09:44	[diff] [blame]	140	// The instance NetworkService used when hosting the service in-process. This is
				141	// set up by \|CreateInProcessNetworkServiceOnThread()\| and destroyed by
				142	// \|ShutDownNetworkService()\|.
				143	network::NetworkService* g_in_process_instance = nullptr;
				144
Dave Tapuska	69f8925	2021-03-10 17:11:37	[diff] [blame]	145	static NetworkServiceClient* g_client = nullptr;
				146
Ken Rockot	91216c0f	2019-10-11 20:38:11	[diff] [blame]	147	void CreateInProcessNetworkServiceOnThread(
				148	mojo::PendingReceiver<network::mojom::NetworkService> receiver) {
Scott Sheehan	8e1d03c	2019-11-05 16:11:15	[diff] [blame]	149	g_in_process_instance = new network::NetworkService(
Matthew Denton	09b7b4b5	2023-03-28 09:02:49	[diff] [blame]	150	nullptr /* registry */, std::move(receiver),
Scott Sheehan	8e1d03c	2019-11-05 16:11:15	[diff] [blame]	151	true /* delay_initialization_until_set_client */);
Ken Rockot	91216c0f	2019-10-11 20:38:11	[diff] [blame]	152	}
				153
Will Harris	3d6f9e4c	2021-09-17 19:11:16	[diff] [blame]	154	// A utility function to make it clear what behavior is expected by the network
				155	// context instance depending on the various errors that can happen during data
				156	// migration.
				157	//
Kevin Marshall	4bdfa5df	2022-03-21 22:33:27	[diff] [blame]	158	// If this function returns 'true' then the `data_directory` should be used (if
Will Harris	3d6f9e4c	2021-09-17 19:11:16	[diff] [blame]	159	// specified in the network context params). If this function returns 'false'
				160	// then the `unsandboxed_data_path` should be used.
				161	bool IsSafeToUseDataPath(SandboxGrantResult result) {
				162	switch (result) {
				163	case SandboxGrantResult::kSuccess:
				164	// A migration occurred, and it was successful.
				165	return true;
				166	case SandboxGrantResult::kFailedToGrantSandboxAccessToCache:
				167	case SandboxGrantResult::kFailedToCreateCacheDirectory:
				168	// A failure to grant create or grant access to the cache dir does not
Kevin Marshall	4bdfa5df	2022-03-21 22:33:27	[diff] [blame]	169	// affect the providence of the data contained in `data_directory` as the
Will Harris	3d6f9e4c	2021-09-17 19:11:16	[diff] [blame]	170	// migration could have still occurred.
				171	//
				172	// These cases are handled internally and so this case should never be
				173	// hit. It is undefined behavior to proceed in this case so CHECK here.
Peter Boström	25c6ec7	2022-11-02 23:25:19	[diff] [blame]	174	base::ImmediateCrash();
Will Harris	3d6f9e4c	2021-09-17 19:11:16	[diff] [blame]	175	case SandboxGrantResult::kFailedToCreateDataDirectory:
Kevin Marshall	4bdfa5df	2022-03-21 22:33:27	[diff] [blame]	176	// A failure to create the `data_directory` is fatal, and the
Will Harris	3d6f9e4c	2021-09-17 19:11:16	[diff] [blame]	177	// `unsandboxed_data_path` should be used.
				178	return false;
				179	case SandboxGrantResult::kFailedToCopyData:
				180	// A failure to copy the data from `unsandboxed_data_path` to the
Kevin Marshall	4bdfa5df	2022-03-21 22:33:27	[diff] [blame]	181	// `data_directory` is fatal, and the `unsandboxed_data_path` should be
				182	// used.
Will Harris	3d6f9e4c	2021-09-17 19:11:16	[diff] [blame]	183	return false;
				184	case SandboxGrantResult::kFailedToDeleteOldData:
				185	// This is not fatal, as the new data has been correctly migrated, and the
				186	// deletion will be retried at a later time.
				187	return true;
				188	case SandboxGrantResult::kFailedToGrantSandboxAccessToData:
				189	// If the sandbox could not be granted access to the new data dir, then
				190	// don't attempt to migrate. This means that the old
				191	// `unsandboxed_data_path` should be used.
				192	return false;
				193	case SandboxGrantResult::kDidNotAttemptToGrantSandboxAccess:
				194	// No migration was attempted either because of platform constraints or
				195	// because the network context had no valid data paths (e.g. in-memory or
Kevin Marshall	4bdfa5df	2022-03-21 22:33:27	[diff] [blame]	196	// incognito), or `unsandboxed_data_path` was not specified.
				197	// `data_directory` should be used in this case (if present).
Will Harris	3d6f9e4c	2021-09-17 19:11:16	[diff] [blame]	198	return true;
				199	case SandboxGrantResult::kFailedToCreateCheckpointFile:
				200	// This is fatal, as a failure to create the checkpoint file means that
				201	// the next time the same network context is used, the data in
Kevin Marshall	4bdfa5df	2022-03-21 22:33:27	[diff] [blame]	202	// `unsandboxed_data_path` will be re-copied to the new `data_directory`
				203	// and thus any changes to the data will be discarded. So in this case,
Will Harris	3d6f9e4c	2021-09-17 19:11:16	[diff] [blame]	204	// `unsandboxed_data_path` should be used.
				205	return false;
				206	case SandboxGrantResult::kNoMigrationRequested:
				207	// The caller supplied an `unsandboxed_data_path` but did not trigger a
				208	// migration so the data should be read from the `unsandboxed_data_path`.
				209	return false;
				210	case SandboxGrantResult::kMigrationAlreadySucceeded:
Kevin Marshall	4bdfa5df	2022-03-21 22:33:27	[diff] [blame]	211	// Migration has already taken place, so `data_directory` contains the
				212	// valid data.
Will Harris	3d6f9e4c	2021-09-17 19:11:16	[diff] [blame]	213	return true;
				214	case SandboxGrantResult::kMigrationAlreadySucceededWithNoAccess:
				215	// If the sandbox could not be granted access to the new data dir, but the
Kevin Marshall	4bdfa5df	2022-03-21 22:33:27	[diff] [blame]	216	// migration has already happened to `data_directory`. This means that the
				217	// sandbox might not have access to the data but `data_directory` should
				218	// still be used because it's been migrated.
Will Harris	3d6f9e4c	2021-09-17 19:11:16	[diff] [blame]	219	return true;
				220	}
				221	}
				222
Will Harris	dac11fb	2021-09-08 02:21:41	[diff] [blame]	223	void CreateNetworkContextInternal(
				224	mojo::PendingReceiver<network::mojom::NetworkContext> context,
				225	network::mojom::NetworkContextParamsPtr params,
				226	SandboxGrantResult grant_access_result) {
Egor Pasko	75389f1	2022-03-22 16:09:11	[diff] [blame]	227	TRACE_EVENT0("loading", "CreateNetworkContextInternal");
Will Harris	3d6f9e4c	2021-09-17 19:11:16	[diff] [blame]	228	// These two histograms are logged from elsewhere, so don't log them twice.
				229	DCHECK(grant_access_result !=
				230	SandboxGrantResult::kFailedToCreateCacheDirectory);
				231	DCHECK(grant_access_result !=
				232	SandboxGrantResult::kFailedToGrantSandboxAccessToCache);
Will Harris	dac11fb	2021-09-08 02:21:41	[diff] [blame]	233	base::UmaHistogramEnumeration("NetworkService.GrantSandboxResult",
				234	grant_access_result);
Will Harris	3d6f9e4c	2021-09-17 19:11:16	[diff] [blame]	235
				236	if (grant_access_result != SandboxGrantResult::kSuccess &&
				237	grant_access_result !=
				238	SandboxGrantResult::kDidNotAttemptToGrantSandboxAccess &&
				239	grant_access_result != SandboxGrantResult::kNoMigrationRequested &&
				240	grant_access_result != SandboxGrantResult::kMigrationAlreadySucceeded) {
				241	PLOG(ERROR) << "Encountered error while migrating network context data or "
				242	"granting sandbox access for "
Kevin Marshall	eece67f	2022-03-30 20:30:04	[diff] [blame]	243	<< (params->file_paths
				244	? params->file_paths->data_directory.path()
				245	: base::FilePath())
Will Harris	3d6f9e4c	2021-09-17 19:11:16	[diff] [blame]	246	<< ". Result: " << static_cast<int>(grant_access_result);
				247	}
				248
				249	if (!IsSafeToUseDataPath(grant_access_result)) {
Kevin Marshall	4bdfa5df	2022-03-21 22:33:27	[diff] [blame]	250	// Unsafe to use new `data_directory`. This means that a migration was
				251	// attempted, and `unsandboxed_data_path` contains the still-valid set of
				252	// data. Swap the parameters to instruct the network service to use this
				253	// path for the network context. This of course will mean that if the
				254	// network service is running sandboxed then this data might not be
				255	// accessible, but does provide a pathway to user recovery, as the sandbox
				256	// can just be disabled in this case.
Will Harris	3d6f9e4c	2021-09-17 19:11:16	[diff] [blame]	257	DCHECK(params->file_paths->unsandboxed_data_path.has_value());
Kevin Marshall	4bdfa5df	2022-03-21 22:33:27	[diff] [blame]	258	params->file_paths->data_directory =
				259	*params->file_paths->unsandboxed_data_path;
Will Harris	dac11fb	2021-09-08 02:21:41	[diff] [blame]	260	}
Kevin Marshall	eece67f	2022-03-30 20:30:04	[diff] [blame]	261
				262	if (network::TransferableDirectory::IsOpenForTransferRequired()) {
				263	if (params->file_paths) {
Liza Burakova	d009fdd	2023-06-23 18:43:23	[diff] [blame]	264	if (params->file_paths->http_cache_directory) {
				265	params->file_paths->http_cache_directory->OpenForTransfer();
				266	}
				267	if (params->file_paths->shared_dictionary_directory) {
				268	params->file_paths->shared_dictionary_directory->OpenForTransfer();
				269	}
Kevin Marshall	eece67f	2022-03-30 20:30:04	[diff] [blame]	270	params->file_paths->data_directory.OpenForTransfer();
				271	}
Will Harris	b246f67	2021-10-28 06:47:13	[diff] [blame]	272	}
Kevin Marshall	eece67f	2022-03-30 20:30:04	[diff] [blame]	273
Will Harris	78ccb55	2022-09-08 05:40:48	[diff] [blame]	274	// This might recreate g_client if the network service needed to be restarted.
				275	auto* network_service = GetNetworkService();
				276
Liza Burakova	1595a781	2023-09-27 15:03:32	[diff] [blame]	277	#if BUILDFLAG(IS_WIN)
Will Harris	ec9cd86	2022-10-05 05:09:25	[diff] [blame]	278	// If the browser has started shutting down, it is possible that either a)
				279	// `g_client` was never created if shutdown started before the network service
				280	// was created, or b) the network service might have crashed meaning
				281	// `g_client` is the client for the already-crashed Network Service, and a new
				282	// network service never started. It's not safe to bind the socket broker in
				283	// either of these cases so skip the binding since the browser is shutting
				284	// down anyway.
				285	if (!GetContentClient()->browser()->IsShuttingDown() &&
				286	GetContentClient()->browser()->ShouldSandboxNetworkService() &&
Liza Burakova	f7b8fe5	2023-11-08 22:37:27	[diff] [blame]	287	!params->socket_brokers) {
				288	params->socket_brokers = network::mojom::SocketBrokerRemotes::New();
				289	params->socket_brokers->client = g_client->BindSocketBroker();
				290	params->socket_brokers->server = g_client->BindSocketBroker();
Will Harris	78ccb55	2022-09-08 05:40:48	[diff] [blame]	291	}
Liza Burakova	1595a781	2023-09-27 15:03:32	[diff] [blame]	292	#endif // BUILDFLAG(IS_WIN)
Will Harris	78ccb55	2022-09-08 05:40:48	[diff] [blame]	293
				294	network_service->CreateNetworkContext(std::move(context), std::move(params));
Will Harris	dac11fb	2021-09-08 02:21:41	[diff] [blame]	295	}
				296
Alexander Timin	7ab3ed8	2020-01-13 20:00:13	[diff] [blame]	297	scoped_refptr<base::SequencedTaskRunner>& GetNetworkTaskRunnerStorage() {
				298	static base::NoDestructor<scoped_refptr<base::SequencedTaskRunner>> storage;
				299	return *storage;
				300	}
				301
Ken Rockot	91216c0f	2019-10-11 20:38:11	[diff] [blame]	302	void CreateInProcessNetworkService(
				303	mojo::PendingReceiver<network::mojom::NetworkService> receiver) {
Egor Pasko	75389f1	2022-03-22 16:09:11	[diff] [blame]	304	TRACE_EVENT0("loading", "CreateInProcessNetworkService");
Ken Rockot	91216c0f	2019-10-11 20:38:11	[diff] [blame]	305	scoped_refptr<base::SingleThreadTaskRunner> task_runner;
John Abd-El-Malek	a5fe84b	2022-03-18 01:05:29	[diff] [blame]	306	if (base::FeatureList::IsEnabled(kNetworkServiceDedicatedThread)) {
Ken Rockot	91216c0f	2019-10-11 20:38:11	[diff] [blame]	307	base::Thread::Options options(base::MessagePumpType::IO, 0);
Hayato Ito	743f066	2025-07-17 01:05:49	[diff] [blame]	308	if (base::FeatureList::IsEnabled(
				309	network::features::kNetworkServiceTaskScheduler)) {
				310	network::ConfigureSequenceManager(options);
				311	}
Olivier Li	89911c4	2021-07-02 21:27:02	[diff] [blame]	312	GetNetworkServiceDedicatedThread().StartWithOptions(std::move(options));
Ken Rockot	91216c0f	2019-10-11 20:38:11	[diff] [blame]	313	task_runner = GetNetworkServiceDedicatedThread().task_runner();
Michael Thiessen	dd70b61	2024-08-17 18:25:25	[diff] [blame]	314	task_runner->PostTask(
				315	FROM_HERE, base::BindOnce([]() {
				316	mojo::InterfaceEndpointClient::SetThreadNameSuffixForMetrics(
				317	"NetworkService");
				318	}));
Ken Rockot	91216c0f	2019-10-11 20:38:11	[diff] [blame]	319	} else {
Gabriel Charette	e7cdc5cd	2020-05-27 23:35:05	[diff] [blame]	320	task_runner = GetIOThreadTaskRunner({});
Ken Rockot	91216c0f	2019-10-11 20:38:11	[diff] [blame]	321	}
				322
Alexander Timin	7ab3ed8	2020-01-13 20:00:13	[diff] [blame]	323	GetNetworkTaskRunnerStorage() = std::move(task_runner);
				324
				325	GetNetworkTaskRunner()->PostTask(
				326	FROM_HERE, base::BindOnce(&CreateInProcessNetworkServiceOnThread,
				327	std::move(receiver)));
Ken Rockot	91216c0f	2019-10-11 20:38:11	[diff] [blame]	328	}
				329
Matthew Denton	e497626	2023-06-20 09:18:32	[diff] [blame]	330	#if BUILDFLAG(IS_ANDROID) \|\| BUILDFLAG(IS_LINUX)
Matthew Denton	402a9900	2023-06-20 08:19:38	[diff] [blame]	331	// Runs a self-owned SystemDnsResolverMojoImpl. This is meant to run on a
				332	// high-priority thread pool.
				333	void RunSystemDnsResolverOnThreadPool(
				334	mojo::PendingReceiver<network::mojom::SystemDnsResolver> dns_receiver) {
				335	mojo::MakeSelfOwnedReceiver(
				336	std::make_unique<content::SystemDnsResolverMojoImpl>(),
				337	std::move(dns_receiver));
				338	}
Matt Mueller	53e75c9	2025-05-22 18:07:54	[diff] [blame]	339	#endif // BUILDFLAG(IS_ANDROID) \|\| BUILDFLAG(IS_LINUX)
Matthew Denton	402a9900	2023-06-20 08:19:38	[diff] [blame]	340
John Abd-El-Malek	d1e2a1c	2019-02-28 20:01:03	[diff] [blame]	341	network::mojom::NetworkServiceParamsPtr CreateNetworkServiceParams() {
				342	network::mojom::NetworkServiceParamsPtr network_service_params =
				343	network::mojom::NetworkServiceParams::New();
				344	network_service_params->initial_connection_type =
				345	network::mojom::ConnectionType(
				346	net::NetworkChangeNotifier::GetConnectionType());
				347	network_service_params->initial_connection_subtype =
				348	network::mojom::ConnectionSubtype(
				349	net::NetworkChangeNotifier::GetConnectionSubtype());
Dave Tapuska	69f8925	2021-03-10 17:11:37	[diff] [blame]	350	network_service_params->default_observer =
				351	g_client->BindURLLoaderNetworkServiceObserver();
Kirubel Aklilu	60d316f	2021-12-16 01:55:33	[diff] [blame]	352	network_service_params->first_party_sets_enabled =
				353	GetContentClient()->browser()->IsFirstPartySetsEnabled();
				354
Matthew Denton	1ca2b3d	2023-04-20 03:17:56	[diff] [blame]	355	#if BUILDFLAG(IS_LINUX)
				356	if (base::FeatureList::IsEnabled(
				357	net::features::kAddressTrackerLinuxIsProxied) &&
				358	IsOutOfProcessNetworkService()) {
Matthew Denton	e4eac43	2023-04-21 04:58:32	[diff] [blame]	359	auto [address_map, online_links] =
				360	net::NetworkChangeNotifier::GetAddressMapOwner()
				361	->GetAddressTrackerLinux()
				362	->GetInitialDataAndStartRecordingDiffs();
Matthew Denton	1ca2b3d	2023-04-20 03:17:56	[diff] [blame]	363	network_service_params->initial_address_map =
Matthew Denton	e4eac43	2023-04-21 04:58:32	[diff] [blame]	364	network::mojom::InitialAddressMap::New(std::move(address_map),
				365	std::move(online_links));
Matthew Denton	1ca2b3d	2023-04-20 03:17:56	[diff] [blame]	366	}
				367	#endif // BUILDFLAG(IS_LINUX)
				368
Matthew Denton	850436d	2023-10-23 22:29:29	[diff] [blame]	369	#if BUILDFLAG(IS_CHROMEOS)
Felipe Andrade	fc9bc63	2023-10-26 20:26:07	[diff] [blame]	370	// On ChromeOS, the network service is always out of process (unless
				371	// --single-process is set on the command-line). In any case, we set Kerberos
				372	// environment variables during the service initialization.
				373	network_service_params->environment.push_back(
				374	network::mojom::EnvironmentVariable::New(kKrb5CCEnvName,
				375	kKrb5CCFilePath));
				376	network_service_params->environment.push_back(
				377	network::mojom::EnvironmentVariable::New(kKrb5ConfEnvName,
				378	kKrb5ConfFilePath));
				379	#elif BUILDFLAG(IS_POSIX)
				380	// Send Kerberos environment variables to the network service, if it's running
				381	// in another process.
				382	if (IsOutOfProcessNetworkService()) {
Robbie McElrath	fa25a7c	2019-03-13 17:54:36	[diff] [blame]	383	std::unique_ptr<base::Environment> env(base::Environment::Create());
Helmut Januschka	b966728	2025-04-03 15:04:37	[diff] [blame]	384	std::optional<std::string> value = env->GetVar(kKrb5CCEnvName);
				385	if (value.has_value()) {
Robbie McElrath	fa25a7c	2019-03-13 17:54:36	[diff] [blame]	386	network_service_params->environment.push_back(
Helmut Januschka	b966728	2025-04-03 15:04:37	[diff] [blame]	387	network::mojom::EnvironmentVariable::New(kKrb5CCEnvName, *value));
Robbie McElrath	fa25a7c	2019-03-13 17:54:36	[diff] [blame]	388	}
Helmut Januschka	b966728	2025-04-03 15:04:37	[diff] [blame]	389	value = env->GetVar(kKrb5ConfEnvName);
				390	if (value.has_value()) {
Robbie McElrath	fa25a7c	2019-03-13 17:54:36	[diff] [blame]	391	network_service_params->environment.push_back(
Helmut Januschka	b966728	2025-04-03 15:04:37	[diff] [blame]	392	network::mojom::EnvironmentVariable::New(kKrb5ConfEnvName, *value));
Robbie McElrath	fa25a7c	2019-03-13 17:54:36	[diff] [blame]	393	}
				394	}
Felipe Andrade	a9174c6	2022-08-16 18:35:11	[diff] [blame]	395	#endif // BUILDFLAG(IS_POSIX)
Matthew Denton	a9b3770	2022-10-28 22:23:20	[diff] [blame]	396
Matthew Denton	e497626	2023-06-20 09:18:32	[diff] [blame]	397	#if BUILDFLAG(IS_ANDROID) \|\| BUILDFLAG(IS_LINUX)
Matthew Denton	98b9148	2023-01-25 01:19:54	[diff] [blame]	398	if (GetContentClient()
				399	->browser()
				400	->ShouldRunOutOfProcessSystemDnsResolution() &&
Matthew Denton	09b7b4b5	2023-03-28 09:02:49	[diff] [blame]	401	IsOutOfProcessNetworkService()) {
Matthew Denton	a9b3770	2022-10-28 22:23:20	[diff] [blame]	402	mojo::PendingRemote<network::mojom::SystemDnsResolver> dns_remote;
Matthew Denton	402a9900	2023-06-20 08:19:38	[diff] [blame]	403	scoped_refptr<base::SequencedTaskRunner> thread_pool_task_runner =
				404	base::ThreadPool::CreateSequencedTaskRunner(
				405	{base::TaskPriority::USER_BLOCKING});
				406	thread_pool_task_runner->PostTask(
				407	FROM_HERE, base::BindOnce(RunSystemDnsResolverOnThreadPool,
				408	dns_remote.InitWithNewPipeAndPassReceiver()));
Matthew Denton	a9b3770	2022-10-28 22:23:20	[diff] [blame]	409	network_service_params->system_dns_resolver = std::move(dns_remote);
				410	}
Matthew Denton	e497626	2023-06-20 09:18:32	[diff] [blame]	411	#endif // BUILDFLAG(IS_ANDROID) \|\| BUILDFLAG(IS_LINUX)
Matthew Denton	a9b3770	2022-10-28 22:23:20	[diff] [blame]	412
Abhijith Nair	7c7be766	2023-11-14 16:25:37	[diff] [blame]	413	network_service_params->ip_protection_proxy_bypass_policy =
				414	GetContentClient()->browser()->GetIpProtectionProxyBypassPolicy();
John Abd-El-Malek	d1e2a1c	2019-02-28 20:01:03	[diff] [blame]	415	return network_service_params;
				416	}
				417
Robbie McElrath	8dc3acc	2019-08-15 20:43:04	[diff] [blame]	418	void CreateNetworkServiceOnIOForTesting(
Julie Jeongeun Kim	a3471c6	2019-10-15 07:09:24	[diff] [blame]	419	mojo::PendingReceiver<network::mojom::NetworkService> receiver,
Robbie McElrath	8dc3acc	2019-08-15 20:43:04	[diff] [blame]	420	base::WaitableEvent* completion_event) {
John Abd-El-Malek	984dc00	2019-05-29 01:26:59	[diff] [blame]	421	if (GetLocalNetworkService()) {
Julie Jeongeun Kim	a3471c6	2019-10-15 07:09:24	[diff] [blame]	422	GetLocalNetworkService()->Bind(std::move(receiver));
John Abd-El-Malek	deec008	2017-12-20 20:47:47	[diff] [blame]	423	return;
				424	}
				425
Etienne Pierre-doray	0df4474a	2019-10-16 14:56:39	[diff] [blame]	426	GetLocalNetworkService() = std::make_unique<network::NetworkService>(
				427	nullptr /* registry */, std::move(receiver),
				428	true /* delay_initialization_until_set_client */);
				429	GetLocalNetworkService()->Initialize(
				430	network::mojom::NetworkServiceParams::New(),
				431	true /* mock_network_change_notifier */);
Robbie McElrath	8dc3acc	2019-08-15 20:43:04	[diff] [blame]	432	if (completion_event)
				433	completion_event->Signal();
John Abd-El-Malek	deec008	2017-12-20 20:47:47	[diff] [blame]	434	}
				435
Gyuyoung Kim	5f3bd420	2019-09-27 01:59:49	[diff] [blame]	436	void BindNetworkChangeManagerReceiver(
				437	mojo::PendingReceiver<network::mojom::NetworkChangeManager> receiver) {
				438	GetNetworkService()->GetNetworkChangeManager(std::move(receiver));
Robbie McElrath	f572f527	2018-08-17 21:21:42	[diff] [blame]	439	}
				440
Matthew Denton	095b697	2023-11-02 21:56:17	[diff] [blame]	441	base::RepeatingCallbackList<void(bool)>& GetProcessGoneHandlersList() {
				442	static base::NoDestructor<base::RepeatingCallbackList<void(bool)>> s_list;
Lukasz Anforowicz	c195e91	2018-10-30 16:20:54	[diff] [blame]	443	return *s_list;
Lukasz Anforowicz	ce4487b7	2018-10-23 18:05:53	[diff] [blame]	444	}
				445
Matthew Denton	095b697	2023-11-02 21:56:17	[diff] [blame]	446	void OnNetworkServiceProcessGone(bool crashed) {
Lukasz Anforowicz	ce4487b7	2018-10-23 18:05:53	[diff] [blame]	447	DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
Julie Jeongeun Kim	a3471c6	2019-10-15 07:09:24	[diff] [blame]	448	DCHECK(g_network_service_remote);
				449	DCHECK(g_network_service_remote->is_bound());
Matthew Denton	095b697	2023-11-02 21:56:17	[diff] [blame]	450	DCHECK(!crashed \|\| !g_network_service_remote->is_connected());
				451	GetProcessGoneHandlersList().Notify(crashed);
Lukasz Anforowicz	ce4487b7	2018-10-23 18:05:53	[diff] [blame]	452	}
				453
Eric Roman	c03b6262	2019-06-25 02:13:22	[diff] [blame]	454	// Parses the desired granularity of NetLog capturing specified by the command
				455	// line.
				456	net::NetLogCaptureMode GetNetCaptureModeFromCommandLine(
				457	const base::CommandLine& command_line) {
Md Hasibul Hasan	a963a934	2024-04-03 10:15:14	[diff] [blame]	458	std::string_view switch_name = network::switches::kNetLogCaptureMode;
Eric Roman	c03b6262	2019-06-25 02:13:22	[diff] [blame]	459
				460	if (command_line.HasSwitch(switch_name)) {
				461	std::string value = command_line.GetSwitchValueASCII(switch_name);
				462
Etienne Dechamps	f568a41	2025-04-22 15:54:56	[diff] [blame]	463	if (value == "HeavilyRedacted") {
				464	return net::NetLogCaptureMode::kHeavilyRedacted;
				465	}
Eric Roman	c03b6262	2019-06-25 02:13:22	[diff] [blame]	466	if (value == "Default")
Eric Roman	3124cde	2019-07-10 22:26:15	[diff] [blame]	467	return net::NetLogCaptureMode::kDefault;
				468	if (value == "IncludeSensitive")
				469	return net::NetLogCaptureMode::kIncludeSensitive;
				470	if (value == "Everything")
				471	return net::NetLogCaptureMode::kEverything;
				472
				473	// Warn when using the old command line switches.
				474	if (value == "IncludeCookiesAndCredentials") {
				475	LOG(ERROR) << "Deprecated value for --" << switch_name
				476	<< ". Use IncludeSensitive instead";
				477	return net::NetLogCaptureMode::kIncludeSensitive;
				478	}
				479	if (value == "IncludeSocketBytes") {
				480	LOG(ERROR) << "Deprecated value for --" << switch_name
				481	<< ". Use Everything instead";
				482	return net::NetLogCaptureMode::kEverything;
				483	}
Eric Roman	c03b6262	2019-06-25 02:13:22	[diff] [blame]	484
				485	LOG(ERROR) << "Unrecognized value for --" << switch_name;
				486	}
				487
Eric Roman	3124cde	2019-07-10 22:26:15	[diff] [blame]	488	return net::NetLogCaptureMode::kDefault;
Eric Roman	c03b6262	2019-06-25 02:13:22	[diff] [blame]	489	}
				490
Dheeraj Pannala	98969a2f	2025-04-17 01:15:08	[diff] [blame]	491	std::optional<base::TimeDelta> GetNetLogDurationFromCommandLine(
				492	const base::CommandLine& command_line) {
				493	std::string_view switch_name = network::switches::kLogNetLogDuration;
				494
				495	if (!command_line.HasSwitch(switch_name)) {
				496	return std::nullopt;
				497	}
				498
				499	std::string duration_str = command_line.GetSwitchValueASCII(switch_name);
				500	int duration_sec = 0;
				501	if (base::StringToInt(duration_str, &duration_sec) && duration_sec > 0) {
				502	return base::Seconds(duration_sec);
				503	}
				504
				505	return std::nullopt;
				506	}
sbingler	072b9784	2023-07-26 20:29:05	[diff] [blame]	507	// Parse the maximum file size for the NetLog, if one was specified.
				508	// kNoLimit indicates no, valid, maximum size was specified.
Dan McArdle	0c085b2	2024-07-12 14:15:23	[diff] [blame]	509	base::StrictNumeric<uint64_t> GetNetLogMaximumFileSizeFromCommandLine(
sbingler	072b9784	2023-07-26 20:29:05	[diff] [blame]	510	const base::CommandLine& command_line) {
Md Hasibul Hasan	a963a934	2024-04-03 10:15:14	[diff] [blame]	511	std::string_view switch_name = network::switches::kNetLogMaxSizeMb;
sbingler	072b9784	2023-07-26 20:29:05	[diff] [blame]	512
				513	if (!command_line.HasSwitch(switch_name)) {
				514	return net::FileNetLogObserver::kNoLimit;
				515	}
				516
				517	std::string value = command_line.GetSwitchValueASCII(switch_name);
				518
				519	if (value.empty()) {
				520	return net::FileNetLogObserver::kNoLimit;
				521	}
				522
				523	// 32 bits for the input is fine, a max size of ~2 PB ought to be enough for
				524	// anybody.
				525	uint32_t max_size_megabytes;
				526	bool valid = base::StringToUint(value, &max_size_megabytes);
				527
				528	if (!valid) {
				529	return net::FileNetLogObserver::kNoLimit;
				530	}
				531
				532	// Value is currently in megabytes, convert to bytes. 1024*1024 == 2^20 ==
				533	// left shift by 20 bits
Dan McArdle	0c085b2	2024-07-12 14:15:23	[diff] [blame]	534	uint64_t max_size_bytes = uint64_t{max_size_megabytes} << 20;
sbingler	072b9784	2023-07-26 20:29:05	[diff] [blame]	535	return max_size_bytes;
				536	}
				537
John Abd-El-Malek	deec008	2017-12-20 20:47:47	[diff] [blame]	538	} // namespace
				539
Thiabaud Engelbrecht	fc999864	2025-07-08 15:09:06	[diff] [blame]	540	// If this feature is enabled, the Network Service will run on its own thread
				541	// when running in-process; otherwise it will run on the IO thread.
				542	BASE_FEATURE(kNetworkServiceDedicatedThread,
				543	"NetworkServiceDedicatedThread",
				544	base::FEATURE_ENABLED_BY_DEFAULT);
				545
Dan McArdle	0c085b2	2024-07-12 14:15:23	[diff] [blame]	546	uint64_t GetNetLogMaximumFileSizeFromCommandLineForTesting( // IN-TEST
				547	const base::CommandLine& command_line) {
				548	return GetNetLogMaximumFileSizeFromCommandLine(command_line);
				549	}
				550
Matt Menke	04db81d	2020-07-29 21:54:58	[diff] [blame]	551	class NetworkServiceInstancePrivate {
				552	public:
				553	// Opens the specified file, blocking until the file is open. Used to open
				554	// files specified by network::switches::kLogNetLog or
				555	// network::switches::kSSLKeyLogFile. Since these arguments can be used to
				556	// debug startup behavior, asynchronously opening the file on another thread
				557	// would result in losing data, hence the need for blocking open operations.
				558	// \|file_flags\| specifies the flags passed to the base::File constructor call.
				559	//
				560	// ThreadRestrictions needs to be able to friend the class/method to allow
				561	// blocking, but can't friend CONTENT_EXPORT methods, so have it friend
				562	// NetworkServiceInstancePrivate instead of GetNetworkService().
				563	static base::File BlockingOpenFile(const base::FilePath& path,
				564	int file_flags) {
				565	base::ScopedAllowBlocking allow_blocking;
				566	return base::File(path, file_flags);
				567	}
				568	};
				569
John Abd-El-Malek	53670dd	2018-01-18 22:07:21	[diff] [blame]	570	network::mojom::NetworkService* GetNetworkService() {
Julie Jeongeun Kim	a3471c6	2019-10-15 07:09:24	[diff] [blame]	571	if (!g_network_service_remote)
				572	g_network_service_remote = new mojo::Remote<network::mojom::NetworkService>;
Julie Jeongeun Kim	a3471c6	2019-10-15 07:09:24	[diff] [blame]	573	if (!g_network_service_remote->is_bound() \|\|
				574	!g_network_service_remote->is_connected()) {
Matt Menke	080a917	2020-01-31 10:44:08	[diff] [blame]	575	bool service_was_bound = g_network_service_remote->is_bound();
Julie Jeongeun Kim	a3471c6	2019-10-15 07:09:24	[diff] [blame]	576	g_network_service_remote->reset();
John Abd-El-Malek	1ae9dbb	2019-03-04 23:40:47	[diff] [blame]	577	if (GetContentClient()->browser()->IsShuttingDown()) {
				578	// This happens at system shutdown, since in other scenarios the network
				579	// process would only be torn down once the message loop stopped running.
Oleh Lamzin	0e22857	2019-12-06 16:46:09	[diff] [blame]	580	// We don't want to start the network service again so just create message
				581	// pipe that's not bound to stop consumers from requesting creation of the
				582	// service.
Julie Jeongeun Kim	a3471c6	2019-10-15 07:09:24	[diff] [blame]	583	auto receiver = g_network_service_remote->BindNewPipeAndPassReceiver();
				584	auto leaked_pipe = receiver.PassPipe().release();
John Abd-El-Malek	deec008	2017-12-20 20:47:47	[diff] [blame]	585	} else {
Ken Rockot	91216c0f	2019-10-11 20:38:11	[diff] [blame]	586	if (!g_force_create_network_service_directly) {
				587	mojo::PendingReceiver<network::mojom::NetworkService> receiver =
Julie Jeongeun Kim	a3471c6	2019-10-15 07:09:24	[diff] [blame]	588	g_network_service_remote->BindNewPipeAndPassReceiver();
				589	g_network_service_remote->set_disconnect_handler(
Matthew Denton	095b697	2023-11-02 21:56:17	[diff] [blame]	590	base::BindOnce(&OnNetworkServiceProcessGone, /crashed=/true));
Ken Rockot	91216c0f	2019-10-11 20:38:11	[diff] [blame]	591	if (IsInProcessNetworkService()) {
				592	CreateInProcessNetworkService(std::move(receiver));
				593	} else {
Matt Menke	080a917	2020-01-31 10:44:08	[diff] [blame]	594	if (service_was_bound)
				595	LOG(ERROR) << "Network service crashed, restarting service.";
Will Harris	66b7f8a	2025-07-18 17:56:43	[diff] [blame]	596	ServiceProcessHost::Options options;
				597	options.WithDisplayName(u"Network Service");
				598	if (g_network_service_crashes_on_next_startup) {
				599	g_network_service_crashes_on_next_startup = false;
				600	options.WithExtraCommandLineSwitches(
				601	{switches::kUtilityImmediateCrashForTesting});
				602	}
				603	ServiceProcessHost::Launch(std::move(receiver), std::move(options));
Ken Rockot	91216c0f	2019-10-11 20:38:11	[diff] [blame]	604	}
John Abd-El-Malek	1ae9dbb	2019-03-04 23:40:47	[diff] [blame]	605	} else {
Matthew Denton	09b7b4b5	2023-03-28 09:02:49	[diff] [blame]	606	DCHECK(IsInProcessNetworkService())
				607	<< "If the network service is created directly, the test must not "
				608	"request an out of process network service.";
Robbie McElrath	8dc3acc	2019-08-15 20:43:04	[diff] [blame]	609	// This should only be reached in unit tests.
				610	if (BrowserThread::CurrentlyOn(BrowserThread::IO)) {
				611	CreateNetworkServiceOnIOForTesting(
Julie Jeongeun Kim	a3471c6	2019-10-15 07:09:24	[diff] [blame]	612	g_network_service_remote->BindNewPipeAndPassReceiver(),
Robbie McElrath	8dc3acc	2019-08-15 20:43:04	[diff] [blame]	613	/completion_event=/nullptr);
				614	} else {
				615	base::WaitableEvent event;
Gabriel Charette	e7cdc5cd	2020-05-27 23:35:05	[diff] [blame]	616	GetIOThreadTaskRunner({})->PostTask(
				617	FROM_HERE,
Julie Jeongeun Kim	a3471c6	2019-10-15 07:09:24	[diff] [blame]	618	base::BindOnce(
				619	CreateNetworkServiceOnIOForTesting,
				620	g_network_service_remote->BindNewPipeAndPassReceiver(),
				621	base::Unretained(&event)));
Robbie McElrath	8dc3acc	2019-08-15 20:43:04	[diff] [blame]	622	event.Wait();
				623	}
John Abd-El-Malek	1ae9dbb	2019-03-04 23:40:47	[diff] [blame]	624	}
John Abd-El-Malek	deec008	2017-12-20 20:47:47	[diff] [blame]	625
Dave Tapuska	69f8925	2021-03-10 17:11:37	[diff] [blame]	626	delete g_client; // In case we're recreating the network service.
				627	g_client = new NetworkServiceClient();
				628
Dave Tapuska	69f8925	2021-03-10 17:11:37	[diff] [blame]	629	(*g_network_service_remote)->SetParams(CreateNetworkServiceParams());
Yutaka Hirano	136bd91	2022-01-31 16:26:11	[diff] [blame]	630	g_client->OnNetworkServiceInitialized(g_network_service_remote->get());
				631
Clark DuVall	b026e58	2019-07-31 19:50:38	[diff] [blame]	632	g_network_service_is_responding = false;
Jan Wilken Dörrie	8c74db02	2020-04-20 09:05:00	[diff] [blame]	633	g_network_service_remote->QueryVersion(base::BindOnce(
Ari Chivukula	10f6536	2023-03-06 05:51:19	[diff] [blame]	634	[](uint32_t) { g_network_service_is_responding = true; }));
John Abd-El-Malek	d1e2a1c	2019-02-28 20:01:03	[diff] [blame]	635
Robbie McElrath	35ef967	2019-02-13 22:01:59	[diff] [blame]	636	const base::CommandLine* command_line =
				637	base::CommandLine::ForCurrentProcess();
John Abd-El-Malek	c134dd8	2019-07-31 20:51:44	[diff] [blame]	638	if (command_line->HasSwitch(network::switches::kLogNetLog)) {
				639	base::FilePath log_path =
				640	command_line->GetSwitchValuePath(network::switches::kLogNetLog);
Cheng Yu	6e46b4d	2021-09-02 06:43:08	[diff] [blame]	641	if (log_path.empty()) {
				642	log_path = GetContentClient()->browser()->GetNetLogDefaultDirectory();
				643	if (!log_path.empty())
				644	log_path = log_path.Append(FILE_PATH_LITERAL("netlog.json"));
				645	}
Doug Turner	0851234	2018-09-24 20:54:19	[diff] [blame]	646
Matt Menke	04db81d	2020-07-29 21:54:58	[diff] [blame]	647	base::File file = NetworkServiceInstancePrivate::BlockingOpenFile(
John Abd-El-Malek	c134dd8	2019-07-31 20:51:44	[diff] [blame]	648	log_path, base::File::FLAG_CREATE_ALWAYS \| base::File::FLAG_WRITE);
				649	if (!file.IsValid()) {
				650	LOG(ERROR) << "Failed opening NetLog: " << log_path.value();
				651	} else {
Julie Jeongeun Kim	a3471c6	2019-10-15 07:09:24	[diff] [blame]	652	(*g_network_service_remote)
Matt Menke	04db81d	2020-07-29 21:54:58	[diff] [blame]	653	->StartNetLog(
Dan McArdle	0c085b2	2024-07-12 14:15:23	[diff] [blame]	654	std::move(file),
				655	GetNetLogMaximumFileSizeFromCommandLine(*command_line),
Matt Menke	04db81d	2020-07-29 21:54:58	[diff] [blame]	656	GetNetCaptureModeFromCommandLine(*command_line),
Dheeraj Pannala	98969a2f	2025-04-17 01:15:08	[diff] [blame]	657	GetContentClient()->browser()->GetNetLogConstants(),
				658	GetNetLogDurationFromCommandLine(*command_line));
Robbie McElrath	35ef967	2019-02-13 22:01:59	[diff] [blame]	659	}
Robbie McElrath	d063ed0	2019-02-13 21:59:30	[diff] [blame]	660	}
Robbie McElrath	d063ed0	2019-02-13 21:59:30	[diff] [blame]	661
David Benjamin	88715385	2019-08-07 23:19:55	[diff] [blame]	662	base::FilePath ssl_key_log_path;
Robbie McElrath	35ef967	2019-02-13 22:01:59	[diff] [blame]	663	if (command_line->HasSwitch(network::switches::kSSLKeyLogFile)) {
Christopher Thompson	2a4c69e9	2019-08-21 16:29:11	[diff] [blame]	664	UMA_HISTOGRAM_ENUMERATION(kSSLKeyLogFileHistogram,
				665	SSLKeyLogFileAction::kSwitchFound);
David Benjamin	88715385	2019-08-07 23:19:55	[diff] [blame]	666	ssl_key_log_path =
Robbie McElrath	35ef967	2019-02-13 22:01:59	[diff] [blame]	667	command_line->GetSwitchValuePath(network::switches::kSSLKeyLogFile);
David Benjamin	88715385	2019-08-07 23:19:55	[diff] [blame]	668	LOG_IF(WARNING, ssl_key_log_path.empty())
Robbie McElrath	35ef967	2019-02-13 22:01:59	[diff] [blame]	669	<< "ssl-key-log-file argument missing";
David Benjamin	88715385	2019-08-07 23:19:55	[diff] [blame]	670	} else {
				671	std::unique_ptr<base::Environment> env(base::Environment::Create());
Helmut Januschka	b966728	2025-04-03 15:04:37	[diff] [blame]	672	std::optional<std::string> env_str = env->GetVar("SSLKEYLOGFILE");
				673	if (env_str.has_value()) {
Christopher Thompson	2a4c69e9	2019-08-21 16:29:11	[diff] [blame]	674	UMA_HISTOGRAM_ENUMERATION(kSSLKeyLogFileHistogram,
				675	SSLKeyLogFileAction::kEnvVarFound);
Xiaohan Wang	1ecfd00	2022-01-19 22:33:10	[diff] [blame]	676	#if BUILDFLAG(IS_WIN)
David Benjamin	88715385	2019-08-07 23:19:55	[diff] [blame]	677	// base::Environment returns environment variables in UTF-8 on
				678	// Windows.
Helmut Januschka	b966728	2025-04-03 15:04:37	[diff] [blame]	679	ssl_key_log_path = base::FilePath(base::UTF8ToWide(*env_str));
David Benjamin	88715385	2019-08-07 23:19:55	[diff] [blame]	680	#else
Helmut Januschka	b966728	2025-04-03 15:04:37	[diff] [blame]	681	ssl_key_log_path = base::FilePath(*env_str);
David Benjamin	88715385	2019-08-07 23:19:55	[diff] [blame]	682	#endif
				683	}
Robbie McElrath	35ef967	2019-02-13 22:01:59	[diff] [blame]	684	}
Robbie McElrath	d063ed0	2019-02-13 21:59:30	[diff] [blame]	685
David Benjamin	88715385	2019-08-07 23:19:55	[diff] [blame]	686	if (!ssl_key_log_path.empty()) {
Matt Menke	04db81d	2020-07-29 21:54:58	[diff] [blame]	687	base::File file = NetworkServiceInstancePrivate::BlockingOpenFile(
				688	ssl_key_log_path,
				689	base::File::FLAG_OPEN_ALWAYS \| base::File::FLAG_APPEND);
David Benjamin	88715385	2019-08-07 23:19:55	[diff] [blame]	690	if (!file.IsValid()) {
				691	LOG(ERROR) << "Failed opening SSL key log file: "
				692	<< ssl_key_log_path.value();
				693	} else {
Christopher Thompson	2a4c69e9	2019-08-21 16:29:11	[diff] [blame]	694	UMA_HISTOGRAM_ENUMERATION(kSSLKeyLogFileHistogram,
				695	SSLKeyLogFileAction::kLogFileEnabled);
Julie Jeongeun Kim	a3471c6	2019-10-15 07:09:24	[diff] [blame]	696	(*g_network_service_remote)->SetSSLKeyLogFile(std::move(file));
David Benjamin	88715385	2019-08-07 23:19:55	[diff] [blame]	697	}
Robbie McElrath	35ef967	2019-02-13 22:01:59	[diff] [blame]	698	}
Doug Turner	0851234	2018-09-24 20:54:19	[diff] [blame]	699
Chris Fredrickson	a2092c9b	2022-05-09 21:54:12	[diff] [blame]	700	if (FirstPartySetsHandlerImpl::GetInstance()->IsEnabled()) {
Arthur Sonzogni	c686e8f	2024-01-11 08:36:37	[diff] [blame]	701	if (std::optional<net::GlobalFirstPartySets> sets =
Chris Fredrickson	a2092c9b	2022-05-09 21:54:12	[diff] [blame]	702	FirstPartySetsHandlerImpl::GetInstance()->GetSets(
Chris Fredrickson	0cad372	2022-09-30 14:50:31	[diff] [blame]	703	base::BindOnce([](net::GlobalFirstPartySets sets) {
Chris Fredrickson	878d06b	2022-09-08 15:20:37	[diff] [blame]	704	GetNetworkService()->SetFirstPartySets(std::move(sets));
				705	}));
Chris Fredrickson	a2092c9b	2022-05-09 21:54:12	[diff] [blame]	706	sets.has_value()) {
				707	g_network_service_remote->get()->SetFirstPartySets(
				708	std::move(sets.value()));
				709	}
cfredric	76329042	2022-03-31 23:00:33	[diff] [blame]	710	}
Shuran Huang	10398150	2022-03-28 21:52:18	[diff] [blame]	711
Robbie McElrath	35ef967	2019-02-13 22:01:59	[diff] [blame]	712	GetContentClient()->browser()->OnNetworkServiceCreated(
Julie Jeongeun Kim	a3471c6	2019-10-15 07:09:24	[diff] [blame]	713	g_network_service_remote->get());
John Abd-El-Malek	1ae9dbb	2019-03-04 23:40:47	[diff] [blame]	714	}
John Abd-El-Malek	deec008	2017-12-20 20:47:47	[diff] [blame]	715	}
Julie Jeongeun Kim	a3471c6	2019-10-15 07:09:24	[diff] [blame]	716	return g_network_service_remote->get();
John Abd-El-Malek	deec008	2017-12-20 20:47:47	[diff] [blame]	717	}
				718
Matthew Denton	095b697	2023-11-02 21:56:17	[diff] [blame]	719	base::CallbackListSubscription RegisterNetworkServiceProcessGoneHandler(
				720	NetworkServiceProcessGoneHandler handler) {
Lukasz Anforowicz	ce4487b7	2018-10-23 18:05:53	[diff] [blame]	721	DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
				722	DCHECK(!handler.is_null());
				723
Matthew Denton	095b697	2023-11-02 21:56:17	[diff] [blame]	724	return GetProcessGoneHandlersList().Add(std::move(handler));
John Abd-El-Malek	deec008	2017-12-20 20:47:47	[diff] [blame]	725	}
				726
Eriko Kurimoto	6465646	2022-07-21 01:07:49	[diff] [blame]	727	#if BUILDFLAG(IS_CHROMEOS)
Robbie McElrath	995a2bf	2018-11-19 23:21:59	[diff] [blame]	728	net::NetworkChangeNotifier* GetNetworkChangeNotifier() {
				729	return BrowserMainLoop::GetInstance()->network_change_notifier();
				730	}
John Abd-El-Malek	0343895	2019-05-16 22:53:51	[diff] [blame]	731	#endif
Robbie McElrath	995a2bf	2018-11-19 23:21:59	[diff] [blame]	732
John Abd-El-Malek	deec008	2017-12-20 20:47:47	[diff] [blame]	733	void FlushNetworkServiceInstanceForTesting() {
				734	DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
John Abd-El-Malek	deec008	2017-12-20 20:47:47	[diff] [blame]	735
Julie Jeongeun Kim	a3471c6	2019-10-15 07:09:24	[diff] [blame]	736	if (g_network_service_remote)
				737	g_network_service_remote->FlushForTesting();
John Abd-El-Malek	deec008	2017-12-20 20:47:47	[diff] [blame]	738	}
				739
Robbie McElrath	f961dc5	2018-08-08 21:29:26	[diff] [blame]	740	network::NetworkConnectionTracker* GetNetworkConnectionTracker() {
Andrew Paseltiner	82a1f89f	2022-02-28 21:59:36	[diff] [blame]	741	DCHECK(!BrowserThread::IsThreadInitialized(BrowserThread::UI) \|\|
				742	BrowserThread::CurrentlyOn(BrowserThread::UI));
Robbie McElrath	f961dc5	2018-08-08 21:29:26	[diff] [blame]	743	if (!g_network_connection_tracker) {
				744	g_network_connection_tracker = new network::NetworkConnectionTracker(
Gyuyoung Kim	5f3bd420	2019-09-27 01:59:49	[diff] [blame]	745	base::BindRepeating(&BindNetworkChangeManagerReceiver));
Robbie McElrath	f961dc5	2018-08-08 21:29:26	[diff] [blame]	746	}
				747	return g_network_connection_tracker;
				748	}
				749
Robbie McElrath	f633990e	2018-10-02 21:44:48	[diff] [blame]	750	void GetNetworkConnectionTrackerFromUIThread(
				751	base::OnceCallback<void(network::NetworkConnectionTracker*)> callback) {
Gabriel Charette	e7cdc5cd	2020-05-27 23:35:05	[diff] [blame]	752	GetUIThreadTaskRunner({base::TaskPriority::BEST_EFFORT})
				753	->PostTaskAndReplyWithResult(FROM_HERE,
				754	base::BindOnce(&GetNetworkConnectionTracker),
				755	std::move(callback));
Robbie McElrath	f633990e	2018-10-02 21:44:48	[diff] [blame]	756	}
				757
Jun Cai	597752e4	2018-11-15 19:54:25	[diff] [blame]	758	network::NetworkConnectionTrackerAsyncGetter
				759	CreateNetworkConnectionTrackerAsyncGetter() {
				760	return base::BindRepeating(&content::GetNetworkConnectionTrackerFromUIThread);
				761	}
				762
Robbie McElrath	f961dc5	2018-08-08 21:29:26	[diff] [blame]	763	void SetNetworkConnectionTrackerForTesting(
				764	network::NetworkConnectionTracker* network_connection_tracker) {
Andrew Paseltiner	82a1f89f	2022-02-28 21:59:36	[diff] [blame]	765	DCHECK(!BrowserThread::IsThreadInitialized(BrowserThread::UI) \|\|
				766	BrowserThread::CurrentlyOn(BrowserThread::UI));
Robbie McElrath	db12d8e	2018-09-18 21:20:40	[diff] [blame]	767	if (g_network_connection_tracker != network_connection_tracker) {
				768	DCHECK(!g_network_connection_tracker \|\| !network_connection_tracker);
				769	g_network_connection_tracker = network_connection_tracker;
				770	}
Robbie McElrath	f961dc5	2018-08-08 21:29:26	[diff] [blame]	771	}
				772
Alexander Timin	7ab3ed8	2020-01-13 20:00:13	[diff] [blame]	773	const scoped_refptr<base::SequencedTaskRunner>& GetNetworkTaskRunner() {
Clark DuVall	b9924e9	2018-12-10 23:36:33	[diff] [blame]	774	DCHECK(IsInProcessNetworkService());
Alexander Timin	7ab3ed8	2020-01-13 20:00:13	[diff] [blame]	775	return GetNetworkTaskRunnerStorage();
Clark DuVall	b9924e9	2018-12-10 23:36:33	[diff] [blame]	776	}
				777
John Abd-El-Malek	984dc00	2019-05-29 01:26:59	[diff] [blame]	778	void ForceCreateNetworkServiceDirectlyForTesting() {
Yoichi Osato	55a287f2	2023-06-01 22:16:27	[diff] [blame]	779	ForceInProcessNetworkService();
John Abd-El-Malek	984dc00	2019-05-29 01:26:59	[diff] [blame]	780	g_force_create_network_service_directly = true;
				781	}
				782
Will Harris	66b7f8a	2025-07-18 17:56:43	[diff] [blame]	783	void SetNetworkServiceCrashOnNextStartupImplForTesting() {
				784	g_network_service_crashes_on_next_startup = true;
				785	}
				786
John Abd-El-Malek	984dc00	2019-05-29 01:26:59	[diff] [blame]	787	void ResetNetworkServiceForTesting() {
Ken Rockot	91216c0f	2019-10-11 20:38:11	[diff] [blame]	788	ShutDownNetworkService();
				789	}
				790
				791	void ShutDownNetworkService() {
Julie Jeongeun Kim	a3471c6	2019-10-15 07:09:24	[diff] [blame]	792	delete g_network_service_remote;
				793	g_network_service_remote = nullptr;
Sebastien Marchand	0d68f75a	2020-07-20 15:39:27	[diff] [blame]	794	delete g_client;
				795	g_client = nullptr;
Ken Rockot	7ff141d	2019-11-01 21:09:44	[diff] [blame]	796	if (g_in_process_instance) {
				797	GetNetworkTaskRunner()->DeleteSoon(FROM_HERE, g_in_process_instance);
				798	g_in_process_instance = nullptr;
				799	}
Ken Rockot	91216c0f	2019-10-11 20:38:11	[diff] [blame]	800	GetNetworkTaskRunnerStorage().reset();
John Abd-El-Malek	984dc00	2019-05-29 01:26:59	[diff] [blame]	801	}
				802
Matthew Denton	542c43c	2023-08-18 07:32:17	[diff] [blame]	803	void RestartNetworkService() {
				804	ShutDownNetworkService();
				805	GetNetworkService();
Matthew Denton	095b697	2023-11-02 21:56:17	[diff] [blame]	806	OnNetworkServiceProcessGone(/crashed=/false);
Matthew Denton	542c43c	2023-08-18 07:32:17	[diff] [blame]	807	}
				808
Matthew Denton	03c45a2	2020-06-01 23:40:48	[diff] [blame]	809	namespace {
				810
Matthew Denton	1d7839c	2020-11-27 04:59:23	[diff] [blame]	811	cert_verifier::mojom::CertVerifierServiceFactory*
				812	g_cert_verifier_service_factory_for_testing = nullptr;
				813
Matt Mueller	47a1527	2023-12-12 01:44:16	[diff] [blame]	814	std::unique_ptr<cert_verifier::CertVerifierServiceFactoryImpl>&
				815	GetCertVerifierServiceFactoryImplStorage() {
Matthew Denton	1d7839c	2020-11-27 04:59:23	[diff] [blame]	816	DCHECK(!BrowserThread::IsThreadInitialized(BrowserThread::UI) \|\|
				817	BrowserThread::CurrentlyOn(BrowserThread::UI));
Avi Drissman	ded7717	2021-07-02 18:23:00	[diff] [blame]	818	static base::SequenceLocalStorageSlot<
				819	std::unique_ptr<cert_verifier::CertVerifierServiceFactoryImpl>>
Matthew Denton	1d7839c	2020-11-27 04:59:23	[diff] [blame]	820	service_factory_slot;
Matt Mueller	47a1527	2023-12-12 01:44:16	[diff] [blame]	821	return service_factory_slot.GetOrCreateValue();
				822	}
				823
				824	void RunInProcessCertVerifierServiceFactory(
				825	mojo::PendingReceiver<cert_verifier::mojom::CertVerifierServiceFactory>
				826	receiver) {
				827	GetCertVerifierServiceFactoryImplStorage() =
Matthew Denton	1d7839c	2020-11-27 04:59:23	[diff] [blame]	828	std::make_unique<cert_verifier::CertVerifierServiceFactoryImpl>(
Matt Mueller	e6df72cb	2023-04-12 22:08:37	[diff] [blame]	829	std::move(receiver));
Matthew Denton	b6730bf	2020-06-25 04:54:11	[diff] [blame]	830	}
				831
Matthew Denton	03c45a2	2020-06-01 23:40:48	[diff] [blame]	832	// Owns the CertVerifierServiceFactory used by the browser.
				833	// Lives on the UI thread.
Matthew Denton	1d7839c	2020-11-27 04:59:23	[diff] [blame]	834	mojo::Remote<cert_verifier::mojom::CertVerifierServiceFactory>&
				835	GetCertVerifierServiceFactoryRemoteStorage() {
Avi Drissman	ded7717	2021-07-02 18:23:00	[diff] [blame]	836	static base::SequenceLocalStorageSlot<
				837	mojo::Remote<cert_verifier::mojom::CertVerifierServiceFactory>>
Matthew Denton	1d7839c	2020-11-27 04:59:23	[diff] [blame]	838	cert_verifier_service_factory_remote;
Avi Drissman	ded7717	2021-07-02 18:23:00	[diff] [blame]	839	return cert_verifier_service_factory_remote.GetOrCreateValue();
Matthew Denton	1d7839c	2020-11-27 04:59:23	[diff] [blame]	840	}
Matthew Denton	03c45a2	2020-06-01 23:40:48	[diff] [blame]	841
Hubert Chao	2a000d7	2022-04-25 19:43:30	[diff] [blame]	842	} // namespace
				843
Matthew Denton	1d7839c	2020-11-27 04:59:23	[diff] [blame]	844	// Returns a pointer to a CertVerifierServiceFactory usable on the UI thread.
				845	cert_verifier::mojom::CertVerifierServiceFactory*
				846	GetCertVerifierServiceFactory() {
Hubert Chao	2a000d7	2022-04-25 19:43:30	[diff] [blame]	847	DCHECK(!BrowserThread::IsThreadInitialized(BrowserThread::UI) \|\|
				848	BrowserThread::CurrentlyOn(BrowserThread::UI));
Matthew Denton	1d7839c	2020-11-27 04:59:23	[diff] [blame]	849	if (g_cert_verifier_service_factory_for_testing)
				850	return g_cert_verifier_service_factory_for_testing;
Yuki Yamada	709edde	2020-11-24 05:47:21	[diff] [blame]	851
Matthew Denton	1d7839c	2020-11-27 04:59:23	[diff] [blame]	852	mojo::Remote<cert_verifier::mojom::CertVerifierServiceFactory>&
				853	factory_remote_storage = GetCertVerifierServiceFactoryRemoteStorage();
				854	if (!factory_remote_storage.is_bound() \|\|
				855	!factory_remote_storage.is_connected()) {
				856	factory_remote_storage.reset();
Matthew Denton	1d7839c	2020-11-27 04:59:23	[diff] [blame]	857	RunInProcessCertVerifierServiceFactory(
				858	factory_remote_storage.BindNewPipeAndPassReceiver());
Yuki Yamada	709edde	2020-11-24 05:47:21	[diff] [blame]	859	}
Matthew Denton	1d7839c	2020-11-27 04:59:23	[diff] [blame]	860	return factory_remote_storage.get();
				861	}
Matthew Denton	03c45a2	2020-06-01 23:40:48	[diff] [blame]	862
Matt Mueller	e6df72cb	2023-04-12 22:08:37	[diff] [blame]	863	mojo::Remote<cert_verifier::mojom::CertVerifierServiceFactory>&
				864	GetCertVerifierServiceFactoryRemoteForTesting() {
				865	CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
				866
				867	// The Remote isn't used if g_cert_verifier_service_factory_for_testing is
				868	// registered, so any test trying to do both is doing something wrong.
				869	CHECK(!g_cert_verifier_service_factory_for_testing);
				870
				871	return GetCertVerifierServiceFactoryRemoteStorage();
				872	}
Matt Mueller	47a1527	2023-12-12 01:44:16	[diff] [blame]	873
				874	cert_verifier::CertVerifierServiceFactoryImpl*
				875	GetCertVerifierServiceFactoryForTesting() {
				876	// The same comment about CHECK(!g_cert_verifier_service_factory_for_testing)
				877	// from GetCertVerifierServiceFactoryRemoteForTesting() applies here, but
				878	// since this method could be called on the IO thread, it is not CHECKed here.
				879
Alison Gale	81f4f2c7	2024-04-22 19:33:31	[diff] [blame]	880	// TODO(crbug.com/40693524): This depends on the cert verifier service
Matt Mueller	47a1527	2023-12-12 01:44:16	[diff] [blame]	881	// and the network service both being in the same process as the unit test.
				882	// The network service is taken care of by `UnitTestTestSuite` calling
				883	// `ForceCreateNetworkServiceDirectlyForTesting()`, but if the cert verifier
				884	// service is moved to a separate process as well, something similar will
				885	// need to be done for that to be testable.
				886	return GetCertVerifierServiceFactoryImplStorage().get();
				887	}
				888
Matthew Denton	82c211f	2021-02-06 01:58:54	[diff] [blame]	889	network::mojom::CertVerifierServiceRemoteParamsPtr GetCertVerifierParams(
Matthew Denton	6f6ca6ac	2021-02-18 09:00:35	[diff] [blame]	890	cert_verifier::mojom::CertVerifierCreationParamsPtr
Matthew Denton	03c45a2	2020-06-01 23:40:48	[diff] [blame]	891	cert_verifier_creation_params) {
Matt Mueller	f783962	2023-11-13 20:23:15	[diff] [blame]	892	return GetCertVerifierParamsWithUpdater(
				893	std::move(cert_verifier_creation_params), mojo::NullReceiver());
				894	}
				895
				896	network::mojom::CertVerifierServiceRemoteParamsPtr
				897	GetCertVerifierParamsWithUpdater(
				898	cert_verifier::mojom::CertVerifierCreationParamsPtr
				899	cert_verifier_creation_params,
				900	mojo::PendingReceiver<cert_verifier::mojom::CertVerifierServiceUpdater>
				901	cert_verifier_updater_remote) {
Matt Mueller	4924f22	2023-04-07 21:47:57	[diff] [blame]	902	mojo::PendingRemote<cert_verifier::mojom::CertVerifierService>
				903	cert_verifier_remote;
				904	mojo::PendingReceiver<cert_verifier::mojom::CertVerifierServiceClient>
				905	cert_verifier_client;
				906
				907	GetCertVerifierServiceFactory()->GetNewCertVerifier(
				908	cert_verifier_remote.InitWithNewPipeAndPassReceiver(),
Matt Mueller	f783962	2023-11-13 20:23:15	[diff] [blame]	909	std::move(cert_verifier_updater_remote),
Matt Mueller	4924f22	2023-04-07 21:47:57	[diff] [blame]	910	cert_verifier_client.InitWithNewPipeAndPassRemote(),
				911	std::move(cert_verifier_creation_params));
				912
Matthew Denton	82c211f	2021-02-06 01:58:54	[diff] [blame]	913	return network::mojom::CertVerifierServiceRemoteParams::New(
Matt Mueller	4924f22	2023-04-07 21:47:57	[diff] [blame]	914	std::move(cert_verifier_remote), std::move(cert_verifier_client));
Matthew Denton	03c45a2	2020-06-01 23:40:48	[diff] [blame]	915	}
				916
				917	void SetCertVerifierServiceFactoryForTesting(
				918	cert_verifier::mojom::CertVerifierServiceFactory* service_factory) {
Matthew Denton	1d7839c	2020-11-27 04:59:23	[diff] [blame]	919	g_cert_verifier_service_factory_for_testing = service_factory;
Matthew Denton	03c45a2	2020-06-01 23:40:48	[diff] [blame]	920	}
				921
Will Harris	a6a750b	2021-07-14 03:12:02	[diff] [blame]	922	void CreateNetworkContextInNetworkService(
				923	mojo::PendingReceiver<network::mojom::NetworkContext> context,
				924	network::mojom::NetworkContextParamsPtr params) {
Egor Pasko	75389f1	2022-03-22 16:09:11	[diff] [blame]	925	TRACE_EVENT0("loading", "CreateNetworkContextInNetworkService");
Will Harris	e06ce872	2023-08-03 23:11:47	[diff] [blame]	926	DCHECK(!BrowserThread::IsThreadInitialized(BrowserThread::UI) \|\|
				927	BrowserThread::CurrentlyOn(BrowserThread::UI));
Kevin Marshall	eece67f	2022-03-30 20:30:04	[diff] [blame]	928
Chris Davis	08351ce	2025-03-04 21:19:33	[diff] [blame]	929	if (params->http_cache_enabled && params->file_paths &&
				930	params->file_paths->http_cache_directory) {
Adam Rice	b26f3f3	2025-08-04 09:37:18	[diff] [blame]	931	if (!params->file_paths->no_vary_search_directory.has_value()) {
				932	static constexpr base::FilePath::CharType kNoVarySearchDirectoryName[] =
				933	FILE_PATH_LITERAL("No_Vary_Search");
				934
				935	params->file_paths->no_vary_search_directory =
				936	params->file_paths->http_cache_directory->path().Append(
				937	kNoVarySearchDirectoryName);
				938	}
Chris Davis	08351ce	2025-03-04 21:19:33	[diff] [blame]	939	params->file_paths->http_cache_directory =
				940	params->file_paths->http_cache_directory->path().Append(
				941	kCacheDataDirectoryName);
				942	}
Kevin Marshall	eece67f	2022-03-30 20:30:04	[diff] [blame]	943
Yutaka Hirano	92bdfa2	2022-06-01 15:51:33	[diff] [blame]	944	const bool has_valid_http_cache_path =
Liza Burakova	d009fdd	2023-06-23 18:43:23	[diff] [blame]	945	params->http_cache_enabled && params->file_paths &&
				946	params->file_paths->http_cache_directory &&
				947	!params->file_paths->http_cache_directory->path().empty();
Yutaka Hirano	92bdfa2	2022-06-01 15:51:33	[diff] [blame]	948	const bool brokering_is_enabled =
				949	IsOutOfProcessNetworkService() &&
				950	base::FeatureList::IsEnabled(
				951	features::kBrokerFileOperationsOnDiskCacheInNetworkService);
				952	if (has_valid_http_cache_path && brokering_is_enabled) {
Yutaka Hirano	de9868f	2022-04-27 02:48:44	[diff] [blame]	953	mojo::MakeSelfOwnedReceiver(
				954	std::make_unique<HttpCacheBackendFileOperationsFactory>(
Liza Burakova	d009fdd	2023-06-23 18:43:23	[diff] [blame]	955	params->file_paths->http_cache_directory->path()),
Yutaka Hirano	de9868f	2022-04-27 02:48:44	[diff] [blame]	956	params->http_cache_file_operations_factory
				957	.InitWithNewPipeAndPassReceiver());
				958	}
				959
Will Harris	7bcc528	2022-07-29 00:51:03	[diff] [blame]	960	#if BUILDFLAG(IS_ANDROID)
Will Harris	b57cfc56	2022-05-27 19:51:51	[diff] [blame]	961	// On Android, if a cookie_manager pending receiver was passed then migration
				962	// should not be attempted as the cookie file is already being accessed by the
				963	// browser instance.
				964	if (params->cookie_manager) {
				965	if (params->file_paths) {
				966	// No migration should ever be attempted under this configuration.
				967	DCHECK(!params->file_paths->unsandboxed_data_path);
				968	}
				969	CreateNetworkContextInternal(
				970	std::move(context), std::move(params),
				971	SandboxGrantResult::kDidNotAttemptToGrantSandboxAccess);
				972	return;
				973	}
				974
				975	// Note: This logic is duplicated from MaybeGrantAccessToDataPath to this fast
				976	// path. This should be kept in sync if there are any changes to the logic.
				977	SandboxGrantResult grant_result = SandboxGrantResult::kNoMigrationRequested;
				978	if (!params->file_paths) {
				979	// No file paths (e.g. in-memory context) so nothing to do.
				980	grant_result = SandboxGrantResult::kDidNotAttemptToGrantSandboxAccess;
				981	} else {
				982	// If no `unsandboxed_data_path` is supplied, it means this is network
				983	// context has been created by Android Webview, which does not understand
				984	// the concept of `unsandboxed_data_path`. In this case, `data_directory`
				985	// should always be used, if present.
				986	if (!params->file_paths->unsandboxed_data_path)
				987	grant_result = SandboxGrantResult::kDidNotAttemptToGrantSandboxAccess;
				988	}
Egor Pasko	75389f1	2022-03-22 16:09:11	[diff] [blame]	989	// Create network context immediately without thread hops.
Will Harris	b57cfc56	2022-05-27 19:51:51	[diff] [blame]	990	CreateNetworkContextInternal(std::move(context), std::move(params),
				991	grant_result);
Egor Pasko	75389f1	2022-03-22 16:09:11	[diff] [blame]	992	#else
				993	// Restrict disk access to a certain path (on another thread) and continue
				994	// with network context creation.
				995	GrantSandboxAccessOnThreadPool(
				996	std::move(params),
				997	base::BindOnce(&CreateNetworkContextInternal, std::move(context)));
Xiaohan Wang	1ecfd00	2022-01-19 22:33:10	[diff] [blame]	998	#endif // BUILDFLAG(IS_ANDROID)
Will Harris	a6a750b	2021-07-14 03:12:02	[diff] [blame]	999	}
				1000
John Abd-El-Malek	deec008	2017-12-20 20:47:47	[diff] [blame]	1001	} // namespace content