Issue 783996 link

Starred by 2 users

Issue metadata

Status:	Fixed
Owner:	juncai@chromium.org
Closed:	Apr 2018
Cc:	est...@chromium.org
Components:	Internals>Services>Network
EstimatedDays:	----
NextAction:	----
OS:	----
Pri:	2
Type:	Bug

Proj-Servicification

Blocking:
issue 756654

Add TLS client auth for network service

Project Member Reported by jam@chromium.org, Nov 10 2017

Issue description

content/network's URLLoader needs to implement OnCertificateRequested. Luckily that interface is already asynchronous. It'll have to IPC to the browser and go through the same code path that ResourceLoader::OnCertificateRequested currently does. As an example, see r513989 which did this for OnSSLCertificateError.

This will fix the following browser_tests:
PrerenderBrowserTest.PrerenderSSLClientCertIframe
PrerenderBrowserTest.PrerenderSSLClientCertSubresource
PrerenderBrowserTest.PrerenderSSLClientCertTopLevel
SSLUITestWithClientCert.TestWSSClientCert

Comment 1 by juncai@chromium.org, Dec 5 2017

Owner: juncai@chromium.org
Status: Assigned (was: Available)

Comment 2 by juncai@chromium.org, Dec 8 2017

Status: Started (was: Assigned)

Project Member

Comment 3 by bugdroid1@chromium.org, Dec 18 2017

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/00cae7118d91e596b9f10be3d7e60fa9ae8b830b

commit 00cae7118d91e596b9f10be3d7e60fa9ae8b830b
Author: Jun Cai <juncai@chromium.org>
Date: Mon Dec 18 20:05:13 2017

NetworkService: Move HostPortPair and HttpRequestHeaders traits to //services/network

This CL moves HostPortPair and HttpRequestHeaders type mapping traits
from //content/public/common/ to //services/network/public/cpp/.

Bug:  785420 ,  783996 
Change-Id: I9b8c299e26c2e33164165e12d08da69c2f965619
Reviewed-on: https://chromium-review.googlesource.com/828159
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Reviewed-by: John Abd-El-Malek <jam@chromium.org>
Commit-Queue: Jun Cai <juncai@chromium.org>
Cr-Commit-Position: refs/heads/master@{#524775}
[modify] https://crrev.com/00cae7118d91e596b9f10be3d7e60fa9ae8b830b/content/common/resource_messages.h
[modify] https://crrev.com/00cae7118d91e596b9f10be3d7e60fa9ae8b830b/content/public/common/common_param_traits.cc
[modify] https://crrev.com/00cae7118d91e596b9f10be3d7e60fa9ae8b830b/content/public/common/common_param_traits.h
[modify] https://crrev.com/00cae7118d91e596b9f10be3d7e60fa9ae8b830b/content/public/common/common_param_traits_macros.h
[add] https://crrev.com/00cae7118d91e596b9f10be3d7e60fa9ae8b830b/content/public/common/network_param.typemap
[delete] https://crrev.com/afc57f37df7c22acdf96966c033d1635ce9af054/content/public/common/ssl_info.typemap
[modify] https://crrev.com/00cae7118d91e596b9f10be3d7e60fa9ae8b830b/content/public/common/typemaps.gni
[modify] https://crrev.com/00cae7118d91e596b9f10be3d7e60fa9ae8b830b/services/network/public/cpp/BUILD.gn
[rename] https://crrev.com/00cae7118d91e596b9f10be3d7e60fa9ae8b830b/services/network/public/cpp/network_param_ipc_traits.cc
[rename] https://crrev.com/00cae7118d91e596b9f10be3d7e60fa9ae8b830b/services/network/public/cpp/network_param_ipc_traits.h

Project Member

Comment 4 by bugdroid1@chromium.org, Jan 18 2018

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/f02b90e24f77fa1cf97b418fc9d063d6c7fcc32b

commit f02b90e24f77fa1cf97b418fc9d063d6c7fcc32b
Author: Jun Cai <juncai@chromium.org>
Date: Thu Jan 18 19:24:54 2018

NetworkService: Add X509Certificate::CreateFromPickleUnsafeOptions

This CL is from the discussion:
https://chromium-review.googlesource.com/c/chromium/src/+/848303/12

This CL adds a static function:
X509Certificate::CreateFromPickleUnsafeOptions() so that
ParamTraits<scoped_refptr<net::X509Certificate>>::Read() can use it to
deal with issues with client certs that depend on the
printable_string_is_utf8 hack (See  https://crbug.com/770323  and
 https://crbug.com/788655 ).

Bug:  783996 
Change-Id: I9008e8640de76cee8a078f06f1082034256cf75a
Reviewed-on: https://chromium-review.googlesource.com/871526
Reviewed-by: Matt Mueller <mattm@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Jun Cai <juncai@chromium.org>
Cr-Commit-Position: refs/heads/master@{#530225}
[modify] https://crrev.com/f02b90e24f77fa1cf97b418fc9d063d6c7fcc32b/net/cert/x509_certificate.cc
[modify] https://crrev.com/f02b90e24f77fa1cf97b418fc9d063d6c7fcc32b/net/cert/x509_certificate.h
[modify] https://crrev.com/f02b90e24f77fa1cf97b418fc9d063d6c7fcc32b/services/network/public/cpp/network_param_ipc_traits.cc

Project Member

Comment 5 by bugdroid1@chromium.org, Jan 30 2018

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718

commit 9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718
Author: Jun Cai <juncai@chromium.org>
Date: Tue Jan 30 00:19:46 2018

NetworkService: Implement URLLoader::OnCertificateRequested

This CL implements URLLoader::OnCertificateRequested for network
service. It adds a mojo interface OnCertificateRequested for
NetworkServiceClient, and also adds a SSLPrivateKey mojo interface
to be implemented by browser side and used on the network side.

The design doc is at:
https://docs.google.com/document/d/1H6tdoFgx1JP0fjnVUWxmhwidKz1_DUemTxzteztOhaQ/edit

Bug:  783996 
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo
Change-Id: I29ac6ab766d18d3ffbbaf2ca9512039b778d03b0
Reviewed-on: https://chromium-review.googlesource.com/848303
Reviewed-by: John Abd-El-Malek <jam@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Matt Mueller <mattm@chromium.org>
Commit-Queue: Jun Cai <juncai@chromium.org>
Cr-Commit-Position: refs/heads/master@{#532688}
[modify] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/chrome/browser/chrome_content_browser_client.cc
[modify] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/chrome/browser/chrome_content_browser_client.h
[modify] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/chrome/browser/loader/chrome_resource_dispatcher_host_delegate.cc
[modify] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/chrome/browser/loader/chrome_resource_dispatcher_host_delegate.h
[modify] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/chrome/browser/ssl/ssl_browsertest.cc
[add] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/chrome/test/data/ssl/browser_use_client_cert_store.html
[modify] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/content/browser/BUILD.gn
[modify] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/content/browser/loader/mojo_async_resource_handler_unittest.cc
[modify] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/content/browser/loader/resource_dispatcher_host_impl.cc
[modify] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/content/browser/loader/resource_dispatcher_host_impl.h
[modify] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/content/browser/loader/resource_loader.cc
[modify] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/content/browser/loader/resource_loader.h
[modify] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/content/browser/loader/resource_loader_delegate.h
[modify] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/content/browser/loader/resource_loader_unittest.cc
[modify] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/content/browser/network_service_client.cc
[modify] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/content/browser/network_service_client.h
[modify] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/content/browser/ssl/ssl_client_auth_handler.cc
[modify] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/content/browser/ssl/ssl_client_auth_handler.h
[add] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/content/browser/ssl_private_key_impl.cc
[add] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/content/browser/ssl_private_key_impl.h
[modify] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/content/network/url_loader.cc
[modify] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/content/network/url_loader.h
[modify] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/content/public/browser/content_browser_client.cc
[modify] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/content/public/browser/content_browser_client.h
[modify] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/content/public/browser/resource_dispatcher_host_delegate.cc
[modify] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/content/public/browser/resource_dispatcher_host_delegate.h
[modify] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/services/network/public/cpp/network_param.typemap
[modify] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/services/network/public/cpp/network_param_ipc_traits.cc
[modify] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/services/network/public/cpp/network_param_ipc_traits.h
[modify] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/services/network/public/interfaces/network_service.mojom
[modify] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/services/network/public/interfaces/url_loader.mojom
[modify] https://crrev.com/9409ded1ffb68a4fba35a4a37dc3e39a8f1e5718/testing/buildbot/filters/mojo.fyi.network_browser_tests.filter

Project Member

Comment 6 by bugdroid1@chromium.org, Apr 27 2018

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/2579bd3a62a04687a6b8a007c68a9ed574a990e2

commit 2579bd3a62a04687a6b8a007c68a9ed574a990e2
Author: Jun Cai <juncai@chromium.org>
Date: Fri Apr 27 00:33:47 2018

Network Service: Re-enable SSLUITestWithClientCert.TestWSSClientCert

This CL re-enables SSLUITestWithClientCert.TestWSSClientCert for network
service.

Bug:  783996 
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo
Change-Id: I2e9e9fb28fb6587885db8c0719daa7d053d90bb7
Reviewed-on: https://chromium-review.googlesource.com/1030896
Reviewed-by: Doug Turner <dougt@chromium.org>
Commit-Queue: Jun Cai <juncai@chromium.org>
Cr-Commit-Position: refs/heads/master@{#554219}
[modify] https://crrev.com/2579bd3a62a04687a6b8a007c68a9ed574a990e2/testing/buildbot/filters/mojo.fyi.network_browser_tests.filter

Comment 7 by juncai@chromium.org, Apr 27 2018

Status: Fixed (was: Started)

►

Issue 783996 link

Issue metadata

Add TLS client auth for network service

Issue description

Comment 1 by juncai@chromium.org, Dec 5 2017

Comment 1 Deleted

Comment 2 by juncai@chromium.org, Dec 8 2017

Comment 2 Deleted

Comment 3 by bugdroid1@chromium.org, Dec 18 2017

Comment 3 Deleted

Comment 4 by bugdroid1@chromium.org, Jan 18 2018

Comment 4 Deleted

Comment 5 by bugdroid1@chromium.org, Jan 30 2018

Comment 5 Deleted

Comment 6 by bugdroid1@chromium.org, Apr 27 2018

Comment 6 Deleted

Comment 7 by juncai@chromium.org, Apr 27 2018

Comment 7 Deleted

Sign in to add a comment