in shell/browser/net/system_network_context_manager.cc [257:350]
void SystemNetworkContextManager::OnNetworkServiceCreated(
network::mojom::NetworkService* network_service) {
network_service->SetUpHttpAuth(CreateHttpAuthStaticParams());
network_service->ConfigureHttpAuthPrefs(CreateHttpAuthDynamicParams());
network_context_.reset();
network_service->CreateNetworkContext(
network_context_.BindNewPipeAndPassReceiver(),
CreateNetworkContextParams());
net::SecureDnsMode default_secure_dns_mode = net::SecureDnsMode::kOff;
std::string default_doh_templates;
if (base::FeatureList::IsEnabled(features::kDnsOverHttps)) {
if (features::kDnsOverHttpsFallbackParam.Get()) {
default_secure_dns_mode = net::SecureDnsMode::kAutomatic;
} else {
default_secure_dns_mode = net::SecureDnsMode::kSecure;
}
default_doh_templates = features::kDnsOverHttpsTemplatesParam.Get();
}
std::string server_method;
std::vector<net::DnsOverHttpsServerConfig> dns_over_https_servers;
if (!default_doh_templates.empty() &&
default_secure_dns_mode != net::SecureDnsMode::kOff) {
for (base::StringPiece server_template :
SplitStringPiece(default_doh_templates, " ", base::TRIM_WHITESPACE,
base::SPLIT_WANT_NONEMPTY)) {
if (auto server_config = net::DnsOverHttpsServerConfig::FromString(
std::string(server_template))) {
dns_over_https_servers.push_back(server_config.value());
}
}
}
bool additional_dns_query_types_enabled = true;
// Configure the stub resolver. This must be done after the system
// NetworkContext is created, but before anything has the chance to use it.
content::GetNetworkService()->ConfigureStubHostResolver(
base::FeatureList::IsEnabled(features::kAsyncDns),
default_secure_dns_mode, std::move(dns_over_https_servers),
additional_dns_query_types_enabled);
std::string app_name = electron::Browser::Get()->GetName();
#if defined(OS_MAC)
KeychainPassword::GetServiceName() = app_name + " Safe Storage";
KeychainPassword::GetAccountName() = app_name;
#endif
#if defined(OS_LINUX)
// c.f.
// https://source.chromium.org/chromium/chromium/src/+/master:chrome/browser/net/system_network_context_manager.cc;l=515;drc=9d82515060b9b75fa941986f5db7390299669ef1;bpv=1;bpt=1
const base::CommandLine& command_line =
*base::CommandLine::ForCurrentProcess();
auto config = std::make_unique<os_crypt::Config>();
config->store = command_line.GetSwitchValueASCII(::switches::kPasswordStore);
config->product_name = app_name;
config->application_name = app_name;
config->main_thread_runner = base::ThreadTaskRunnerHandle::Get();
// c.f.
// https://source.chromium.org/chromium/chromium/src/+/master:chrome/common/chrome_switches.cc;l=689;drc=9d82515060b9b75fa941986f5db7390299669ef1
config->should_use_preference =
command_line.HasSwitch(::switches::kEnableEncryptionSelection);
base::PathService::Get(chrome::DIR_USER_DATA, &config->user_data_path);
#endif
// The OSCrypt keys are process bound, so if network service is out of
// process, send it the required key.
if (content::IsOutOfProcessNetworkService() &&
electron::fuses::IsCookieEncryptionEnabled()) {
#if defined(OS_LINUX)
network::mojom::CryptConfigPtr network_crypt_config =
network::mojom::CryptConfig::New();
network_crypt_config->application_name = config->application_name;
network_crypt_config->product_name = config->product_name;
network_crypt_config->store = config->store;
network_crypt_config->should_use_preference = config->should_use_preference;
network_crypt_config->user_data_path = config->user_data_path;
network_service->SetCryptConfig(std::move(network_crypt_config));
#else
network_service->SetEncryptionKey(OSCrypt::GetRawEncryptionKey());
#endif
}
#if defined(OS_LINUX)
OSCrypt::SetConfig(std::move(config));
#endif
#if DCHECK_IS_ON()
electron::safestorage::SetElectronCryptoReady(true);
#endif
}