mirror of
https://github.com/RGBCube/serenity
synced 2025-07-27 15:07:45 +00:00
Ladybird: Plumb overriding root certificate paths through the chromes
This commit is contained in:
parent
080aa567a5
commit
bb9da0ed8d
10 changed files with 63 additions and 33 deletions
|
@ -52,8 +52,8 @@ WebViewBridge::WebViewBridge(Vector<Web::DevicePixelRect> screen_rects, float de
|
|||
on_scroll(to_widget_position(position));
|
||||
};
|
||||
|
||||
on_request_worker_agent = []() {
|
||||
auto worker_client = MUST(launch_web_worker_process(MUST(get_paths_for_helper_process("WebWorker"sv))));
|
||||
on_request_worker_agent = [this]() {
|
||||
auto worker_client = MUST(launch_web_worker_process(MUST(get_paths_for_helper_process("WebWorker"sv)), m_web_content_options.certificates));
|
||||
return worker_client->dup_sockets();
|
||||
};
|
||||
}
|
||||
|
|
|
@ -41,6 +41,7 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
|
|||
Gfx::FontDatabase::set_fixed_width_font_query("Csilla 10 400 0");
|
||||
|
||||
Vector<StringView> raw_urls;
|
||||
Vector<ByteString> certificates;
|
||||
StringView webdriver_content_ipc_path;
|
||||
bool use_gpu_painting = false;
|
||||
bool debug_web_content = false;
|
||||
|
@ -51,6 +52,7 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
|
|||
args_parser.add_option(webdriver_content_ipc_path, "Path to WebDriver IPC for WebContent", "webdriver-content-path", 0, "path", Core::ArgsParser::OptionHideMode::CommandLineAndMarkdown);
|
||||
args_parser.add_option(use_gpu_painting, "Enable GPU painting", "enable-gpu-painting", 0);
|
||||
args_parser.add_option(debug_web_content, "Wait for debugger to attach to WebContent", "debug-web-content", 0);
|
||||
args_parser.add_option(certificates, "Path to a certificate file", "certificate", 'C', "certificate");
|
||||
args_parser.parse(arguments);
|
||||
|
||||
auto sql_server_paths = TRY(get_paths_for_helper_process("SQLServer"sv));
|
||||
|
@ -73,6 +75,7 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
|
|||
Ladybird::WebContentOptions web_content_options {
|
||||
.command_line = MUST(command_line_builder.to_string()),
|
||||
.executable_path = MUST(String::from_byte_string(MUST(Core::System::current_executable_path()))),
|
||||
.certificates = move(certificates),
|
||||
.enable_gpu_painting = use_gpu_painting ? Ladybird::EnableGPUPainting::Yes : Ladybird::EnableGPUPainting::No,
|
||||
.use_lagom_networking = Ladybird::UseLagomNetworking::Yes,
|
||||
.wait_for_debugger = debug_web_content ? Ladybird::WaitForDebugger::Yes : Ladybird::WaitForDebugger::No,
|
||||
|
|
|
@ -61,6 +61,11 @@ ErrorOr<NonnullRefPtr<WebView::WebContentClient>> launch_web_content_process(
|
|||
arguments.append("--use-gpu-painting"sv);
|
||||
if (web_content_options.wait_for_debugger == Ladybird::WaitForDebugger::Yes)
|
||||
arguments.append("--wait-for-debugger"sv);
|
||||
Vector<ByteString> certificate_args;
|
||||
for (auto const& certificate : web_content_options.certificates) {
|
||||
certificate_args.append(ByteString::formatted("--certificate={}", certificate));
|
||||
arguments.append(certificate_args.last().view());
|
||||
}
|
||||
|
||||
result = Core::System::exec(arguments[0], arguments.span(), Core::System::SearchInPath::Yes);
|
||||
if (!result.is_error())
|
||||
|
@ -92,7 +97,7 @@ ErrorOr<NonnullRefPtr<WebView::WebContentClient>> launch_web_content_process(
|
|||
}
|
||||
|
||||
template<typename Client>
|
||||
ErrorOr<NonnullRefPtr<Client>> launch_generic_server_process(ReadonlySpan<String> candidate_server_paths, StringView serenity_resource_root, StringView server_name)
|
||||
ErrorOr<NonnullRefPtr<Client>> launch_generic_server_process(ReadonlySpan<String> candidate_server_paths, StringView serenity_resource_root, Vector<ByteString> const& certificates, StringView server_name)
|
||||
{
|
||||
int socket_fds[2] {};
|
||||
TRY(Core::System::socketpair(AF_LOCAL, SOCK_STREAM, 0, socket_fds));
|
||||
|
@ -125,9 +130,16 @@ ErrorOr<NonnullRefPtr<Client>> launch_generic_server_process(ReadonlySpan<String
|
|||
path.bytes_as_string_view(),
|
||||
"--fd-passing-socket"sv,
|
||||
fd_passing_socket_string,
|
||||
"--serenity-resource-root"sv,
|
||||
serenity_resource_root,
|
||||
};
|
||||
if (!serenity_resource_root.is_empty()) {
|
||||
arguments.append("--serenity-resource-root"sv);
|
||||
arguments.append(serenity_resource_root);
|
||||
}
|
||||
Vector<ByteString> certificate_args;
|
||||
for (auto const& certificate : certificates) {
|
||||
certificate_args.append(ByteString::formatted("--certificate={}", certificate));
|
||||
arguments.append(certificate_args.last().view());
|
||||
}
|
||||
|
||||
result = Core::System::exec(arguments[0], arguments.span(), Core::System::SearchInPath::Yes);
|
||||
if (!result.is_error())
|
||||
|
@ -153,20 +165,20 @@ ErrorOr<NonnullRefPtr<Client>> launch_generic_server_process(ReadonlySpan<String
|
|||
|
||||
ErrorOr<NonnullRefPtr<ImageDecoderClient::Client>> launch_image_decoder_process(ReadonlySpan<String> candidate_image_decoder_paths)
|
||||
{
|
||||
return launch_generic_server_process<ImageDecoderClient::Client>(candidate_image_decoder_paths, ""sv, "ImageDecoder"sv);
|
||||
return launch_generic_server_process<ImageDecoderClient::Client>(candidate_image_decoder_paths, ""sv, {}, "ImageDecoder"sv);
|
||||
}
|
||||
|
||||
ErrorOr<NonnullRefPtr<Web::HTML::WebWorkerClient>> launch_web_worker_process(ReadonlySpan<String> candidate_web_worker_paths)
|
||||
ErrorOr<NonnullRefPtr<Web::HTML::WebWorkerClient>> launch_web_worker_process(ReadonlySpan<String> candidate_web_worker_paths, Vector<ByteString> const& certificates)
|
||||
{
|
||||
return launch_generic_server_process<Web::HTML::WebWorkerClient>(candidate_web_worker_paths, ""sv, "WebWorker"sv);
|
||||
return launch_generic_server_process<Web::HTML::WebWorkerClient>(candidate_web_worker_paths, ""sv, certificates, "WebWorker"sv);
|
||||
}
|
||||
|
||||
ErrorOr<NonnullRefPtr<Protocol::RequestClient>> launch_request_server_process(ReadonlySpan<String> candidate_request_server_paths, StringView serenity_resource_root)
|
||||
ErrorOr<NonnullRefPtr<Protocol::RequestClient>> launch_request_server_process(ReadonlySpan<String> candidate_request_server_paths, StringView serenity_resource_root, Vector<ByteString> const& certificates)
|
||||
{
|
||||
return launch_generic_server_process<Protocol::RequestClient>(candidate_request_server_paths, serenity_resource_root, "RequestServer"sv);
|
||||
return launch_generic_server_process<Protocol::RequestClient>(candidate_request_server_paths, serenity_resource_root, certificates, "RequestServer"sv);
|
||||
}
|
||||
|
||||
ErrorOr<NonnullRefPtr<Protocol::WebSocketClient>> launch_web_socket_process(ReadonlySpan<String> candidate_web_socket_paths, StringView serenity_resource_root)
|
||||
ErrorOr<NonnullRefPtr<Protocol::WebSocketClient>> launch_web_socket_process(ReadonlySpan<String> candidate_web_socket_paths, StringView serenity_resource_root, Vector<ByteString> const& certificates)
|
||||
{
|
||||
return launch_generic_server_process<Protocol::WebSocketClient>(candidate_web_socket_paths, serenity_resource_root, "WebSocket"sv);
|
||||
return launch_generic_server_process<Protocol::WebSocketClient>(candidate_web_socket_paths, serenity_resource_root, certificates, "WebSocket"sv);
|
||||
}
|
||||
|
|
|
@ -23,6 +23,6 @@ ErrorOr<NonnullRefPtr<WebView::WebContentClient>> launch_web_content_process(
|
|||
Ladybird::WebContentOptions const&);
|
||||
|
||||
ErrorOr<NonnullRefPtr<ImageDecoderClient::Client>> launch_image_decoder_process(ReadonlySpan<String> candidate_image_decoder_paths);
|
||||
ErrorOr<NonnullRefPtr<Web::HTML::WebWorkerClient>> launch_web_worker_process(ReadonlySpan<String> candidate_web_worker_paths);
|
||||
ErrorOr<NonnullRefPtr<Protocol::RequestClient>> launch_request_server_process(ReadonlySpan<String> candidate_request_server_paths, StringView serenity_resource_root);
|
||||
ErrorOr<NonnullRefPtr<Protocol::WebSocketClient>> launch_web_socket_process(ReadonlySpan<String> candidate_web_socket_paths, StringView serenity_resource_root);
|
||||
ErrorOr<NonnullRefPtr<Web::HTML::WebWorkerClient>> launch_web_worker_process(ReadonlySpan<String> candidate_web_worker_paths, Vector<ByteString> const& certificates);
|
||||
ErrorOr<NonnullRefPtr<Protocol::RequestClient>> launch_request_server_process(ReadonlySpan<String> candidate_request_server_paths, StringView serenity_resource_root, Vector<ByteString> const& certificates);
|
||||
ErrorOr<NonnullRefPtr<Protocol::WebSocketClient>> launch_web_socket_process(ReadonlySpan<String> candidate_web_socket_paths, StringView serenity_resource_root, Vector<ByteString> const& certificates);
|
||||
|
|
|
@ -119,8 +119,8 @@ WebContentView::WebContentView(QWidget* window, WebContentOptions const& web_con
|
|||
QToolTip::hideText();
|
||||
};
|
||||
|
||||
on_request_worker_agent = []() {
|
||||
auto worker_client = MUST(launch_web_worker_process(MUST(get_paths_for_helper_process("WebWorker"sv))));
|
||||
on_request_worker_agent = [this]() {
|
||||
auto worker_client = MUST(launch_web_worker_process(MUST(get_paths_for_helper_process("WebWorker"sv)), m_web_content_options.certificates));
|
||||
return worker_client->dup_sockets();
|
||||
};
|
||||
}
|
||||
|
|
|
@ -105,6 +105,7 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
|
|||
|
||||
Vector<StringView> raw_urls;
|
||||
StringView webdriver_content_ipc_path;
|
||||
Vector<ByteString> certificates;
|
||||
bool enable_callgrind_profiling = false;
|
||||
bool disable_sql_database = false;
|
||||
bool enable_qt_networking = false;
|
||||
|
@ -120,6 +121,7 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
|
|||
args_parser.add_option(enable_qt_networking, "Enable Qt as the backend networking service", "enable-qt-networking", 0);
|
||||
args_parser.add_option(use_gpu_painting, "Enable GPU painting", "enable-gpu-painting", 0);
|
||||
args_parser.add_option(debug_web_content, "Wait for debugger to attach to WebContent", "debug-web-content", 0);
|
||||
args_parser.add_option(certificates, "Path to a certificate file", "certificate", 'C', "certificate");
|
||||
args_parser.parse(arguments);
|
||||
|
||||
RefPtr<WebView::Database> database;
|
||||
|
@ -148,6 +150,7 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
|
|||
Ladybird::WebContentOptions web_content_options {
|
||||
.command_line = MUST(command_line_builder.to_string()),
|
||||
.executable_path = MUST(String::from_byte_string(MUST(Core::System::current_executable_path()))),
|
||||
.certificates = move(certificates),
|
||||
.enable_callgrind_profiling = enable_callgrind_profiling ? Ladybird::EnableCallgrindProfiling::Yes : Ladybird::EnableCallgrindProfiling::No,
|
||||
.enable_gpu_painting = use_gpu_painting ? Ladybird::EnableGPUPainting::Yes : Ladybird::EnableGPUPainting::No,
|
||||
.use_lagom_networking = enable_qt_networking ? Ladybird::UseLagomNetworking::No : Ladybird::UseLagomNetworking::Yes,
|
||||
|
|
|
@ -38,6 +38,7 @@ enum class WaitForDebugger {
|
|||
struct WebContentOptions {
|
||||
String command_line;
|
||||
String executable_path;
|
||||
Vector<ByteString> certificates;
|
||||
EnableCallgrindProfiling enable_callgrind_profiling { EnableCallgrindProfiling::No };
|
||||
EnableGPUPainting enable_gpu_painting { EnableGPUPainting::No };
|
||||
IsLayoutTestMode is_layout_test_mode { IsLayoutTestMode::No };
|
||||
|
|
|
@ -47,7 +47,7 @@
|
|||
|
||||
static ErrorOr<void> load_content_filters();
|
||||
static ErrorOr<void> load_autoplay_allowlist();
|
||||
static ErrorOr<void> initialize_lagom_networking();
|
||||
static ErrorOr<void> initialize_lagom_networking(Vector<ByteString> const& certificates);
|
||||
|
||||
ErrorOr<int> serenity_main(Main::Arguments arguments)
|
||||
{
|
||||
|
@ -78,6 +78,7 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
|
|||
|
||||
StringView command_line {};
|
||||
StringView executable_path {};
|
||||
Vector<ByteString> certificates;
|
||||
int webcontent_fd_passing_socket { -1 };
|
||||
bool is_layout_test_mode = false;
|
||||
bool use_lagom_networking = false;
|
||||
|
@ -87,6 +88,7 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
|
|||
Core::ArgsParser args_parser;
|
||||
args_parser.add_option(command_line, "Chrome process command line", "command-line", 0, "command_line");
|
||||
args_parser.add_option(executable_path, "Chrome process executable path", "executable-path", 0, "executable_path");
|
||||
args_parser.add_option(certificates, "Path to a certificate file", "certificate", 'C', "certificate");
|
||||
args_parser.add_option(webcontent_fd_passing_socket, "File descriptor of the passing socket for the WebContent connection", "webcontent-fd-passing-socket", 'c', "webcontent_fd_passing_socket");
|
||||
args_parser.add_option(is_layout_test_mode, "Is layout test mode", "layout-test-mode", 0);
|
||||
args_parser.add_option(use_lagom_networking, "Enable Lagom servers for networking", "use-lagom-networking", 0);
|
||||
|
@ -112,7 +114,7 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
|
|||
} else
|
||||
#endif
|
||||
{
|
||||
TRY(initialize_lagom_networking());
|
||||
TRY(initialize_lagom_networking(certificates));
|
||||
}
|
||||
|
||||
Web::HTML::Window::set_internals_object_exposed(is_layout_test_mode);
|
||||
|
@ -196,14 +198,14 @@ static ErrorOr<void> load_autoplay_allowlist()
|
|||
return {};
|
||||
}
|
||||
|
||||
static ErrorOr<void> initialize_lagom_networking()
|
||||
static ErrorOr<void> initialize_lagom_networking(Vector<ByteString> const& certificates)
|
||||
{
|
||||
auto candidate_request_server_paths = TRY(get_paths_for_helper_process("RequestServer"sv));
|
||||
auto request_server_client = TRY(launch_request_server_process(candidate_request_server_paths, s_serenity_resource_root));
|
||||
auto request_server_client = TRY(launch_request_server_process(candidate_request_server_paths, s_serenity_resource_root, certificates));
|
||||
Web::ResourceLoader::initialize(TRY(WebView::RequestServerAdapter::try_create(move(request_server_client))));
|
||||
|
||||
auto candidate_web_socket_paths = TRY(get_paths_for_helper_process("WebSocket"sv));
|
||||
auto web_socket_client = TRY(launch_web_socket_process(candidate_web_socket_paths, s_serenity_resource_root));
|
||||
auto web_socket_client = TRY(launch_web_socket_process(candidate_web_socket_paths, s_serenity_resource_root, certificates));
|
||||
Web::WebSockets::WebSocketClientManager::initialize(TRY(WebView::WebSocketClientManagerAdapter::try_create(move(web_socket_client))));
|
||||
|
||||
return {};
|
||||
|
|
|
@ -26,7 +26,7 @@
|
|||
#include <LibWebView/WebSocketClientAdapter.h>
|
||||
#include <WebWorker/ConnectionFromClient.h>
|
||||
|
||||
static ErrorOr<void> initialize_lagom_networking();
|
||||
static ErrorOr<void> initialize_lagom_networking(Vector<ByteString> const& certificates);
|
||||
|
||||
ErrorOr<int> serenity_main(Main::Arguments arguments)
|
||||
{
|
||||
|
@ -34,10 +34,12 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
|
|||
|
||||
int fd_passing_socket { -1 };
|
||||
StringView serenity_resource_root;
|
||||
Vector<ByteString> certificates;
|
||||
|
||||
Core::ArgsParser args_parser;
|
||||
args_parser.add_option(fd_passing_socket, "File descriptor of the fd passing socket", "fd-passing-socket", 'c', "fd-passing-socket");
|
||||
args_parser.add_option(serenity_resource_root, "Absolute path to directory for serenity resources", "serenity-resource-root", 'r', "serenity-resource-root");
|
||||
args_parser.add_option(certificates, "Path to a certificate file", "certificate", 'C', "certificate");
|
||||
args_parser.parse(arguments);
|
||||
|
||||
platform_init();
|
||||
|
@ -47,7 +49,7 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
|
|||
|
||||
Web::Platform::FontPlugin::install(*new Web::Platform::FontPluginSerenity);
|
||||
|
||||
TRY(initialize_lagom_networking());
|
||||
TRY(initialize_lagom_networking(certificates));
|
||||
|
||||
VERIFY(fd_passing_socket >= 0);
|
||||
|
||||
|
@ -59,14 +61,14 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
|
|||
return event_loop.exec();
|
||||
}
|
||||
|
||||
static ErrorOr<void> initialize_lagom_networking()
|
||||
static ErrorOr<void> initialize_lagom_networking(Vector<ByteString> const& certificates)
|
||||
{
|
||||
auto candidate_request_server_paths = TRY(get_paths_for_helper_process("RequestServer"sv));
|
||||
auto request_server_client = TRY(launch_request_server_process(candidate_request_server_paths, s_serenity_resource_root));
|
||||
auto request_server_client = TRY(launch_request_server_process(candidate_request_server_paths, s_serenity_resource_root, certificates));
|
||||
Web::ResourceLoader::initialize(TRY(WebView::RequestServerAdapter::try_create(move(request_server_client))));
|
||||
|
||||
auto candidate_web_socket_paths = TRY(get_paths_for_helper_process("WebSocket"sv));
|
||||
auto web_socket_client = TRY(launch_web_socket_process(candidate_web_socket_paths, s_serenity_resource_root));
|
||||
auto web_socket_client = TRY(launch_web_socket_process(candidate_web_socket_paths, s_serenity_resource_root, certificates));
|
||||
Web::WebSockets::WebSocketClientManager::initialize(TRY(WebView::WebSocketClientManagerAdapter::try_create(move(web_socket_client))));
|
||||
|
||||
return {};
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue