From 8544391c64211dc8c590e9b56148eb18f300a854 Mon Sep 17 00:00:00 2001 From: Tom Callaway Date: Tue, 29 Oct 2019 15:25:57 -0400 Subject: [PATCH] drop the patches we dragged with the f29 merge --- ...0.3809.100-gcc-no-alignas-and-export.patch | 14 - ...6.0.3809.100-vtable-symbol-undefined.patch | 11 - ...7.0.3865.75-certificate-transparency.patch | 539 ------------------ ...mium-77.0.3865.75-gcc-abstract-class.patch | 61 -- chromium-77.0.3865.75-harfbuzz-subset.patch | 49 -- chromium-77.0.3865.75-missing-limits.patch | 28 - chromium-77.0.3865.75-unbundle-zlib.patch | 25 - chromium-77.0.3865.90-linked-hash-set.patch | 130 ----- 8 files changed, 857 deletions(-) delete mode 100644 chromium-76.0.3809.100-gcc-no-alignas-and-export.patch delete mode 100644 chromium-76.0.3809.100-vtable-symbol-undefined.patch delete mode 100644 chromium-77.0.3865.75-certificate-transparency.patch delete mode 100644 chromium-77.0.3865.75-gcc-abstract-class.patch delete mode 100644 chromium-77.0.3865.75-harfbuzz-subset.patch delete mode 100644 chromium-77.0.3865.75-missing-limits.patch delete mode 100644 chromium-77.0.3865.75-unbundle-zlib.patch delete mode 100644 chromium-77.0.3865.90-linked-hash-set.patch diff --git a/chromium-76.0.3809.100-gcc-no-alignas-and-export.patch b/chromium-76.0.3809.100-gcc-no-alignas-and-export.patch deleted file mode 100644 index cc91d1ef..00000000 --- a/chromium-76.0.3809.100-gcc-no-alignas-and-export.patch +++ /dev/null @@ -1,14 +0,0 @@ -diff -up chromium-76.0.3809.100/third_party/blink/renderer/core/css/css_property_value_set.h.gcc-no-alignas chromium-76.0.3809.100/third_party/blink/renderer/core/css/css_property_value_set.h ---- chromium-76.0.3809.100/third_party/blink/renderer/core/css/css_property_value_set.h.gcc-no-alignas 2019-08-09 16:48:13.000000000 +0200 -+++ chromium-76.0.3809.100/third_party/blink/renderer/core/css/css_property_value_set.h 2019-08-15 21:04:30.231532746 +0200 -@@ -176,8 +176,8 @@ class CSSLazyPropertyParser - DISALLOW_COPY_AND_ASSIGN(CSSLazyPropertyParser); - }; - --class CORE_EXPORT alignas(Member) alignas( -- CSSPropertyValueMetadata) ImmutableCSSPropertyValueSet -+class CORE_EXPORT ALIGNAS(alignof(Member)) -+ ALIGNAS(alignof(CSSPropertyValueMetadata)) ImmutableCSSPropertyValueSet - : public CSSPropertyValueSet { - public: - ImmutableCSSPropertyValueSet(const CSSPropertyValue*, diff --git a/chromium-76.0.3809.100-vtable-symbol-undefined.patch b/chromium-76.0.3809.100-vtable-symbol-undefined.patch deleted file mode 100644 index 64532df9..00000000 --- a/chromium-76.0.3809.100-vtable-symbol-undefined.patch +++ /dev/null @@ -1,11 +0,0 @@ -diff -up chromium-76.0.3809.100/net/quic/platform/impl/quic_default_proof_providers_impl.cc.vtable-symbol-undefined chromium-76.0.3809.100/net/quic/platform/impl/quic_default_proof_providers_impl.cc ---- chromium-76.0.3809.100/net/quic/platform/impl/quic_default_proof_providers_impl.cc.vtable-symbol-undefined 2019-08-20 21:21:24.901899270 +0200 -+++ chromium-76.0.3809.100/net/quic/platform/impl/quic_default_proof_providers_impl.cc 2019-08-20 21:19:30.361746211 +0200 -@@ -18,6 +18,7 @@ - #include "net/quic/crypto/proof_verifier_chromium.h" - #include "net/third_party/quiche/src/quic/platform/api/quic_flags.h" - #include "net/third_party/quiche/src/quic/platform/api/quic_ptr_util.h" -+#include "net/quic/platform/impl/quic_flags_impl.cc" - - DEFINE_QUIC_COMMAND_LINE_FLAG(std::string, - certificate_file, diff --git a/chromium-77.0.3865.75-certificate-transparency.patch b/chromium-77.0.3865.75-certificate-transparency.patch deleted file mode 100644 index 82e2958e..00000000 --- a/chromium-77.0.3865.75-certificate-transparency.patch +++ /dev/null @@ -1,539 +0,0 @@ -diff -up chromium-77.0.3865.75/chrome/browser/net/system_network_context_manager_browsertest.cc.certificate-transparency chromium-77.0.3865.75/chrome/browser/net/system_network_context_manager_browsertest.cc ---- chromium-77.0.3865.75/chrome/browser/net/system_network_context_manager_browsertest.cc.certificate-transparency 2019-09-12 16:09:52.818635106 +0200 -+++ chromium-77.0.3865.75/chrome/browser/net/system_network_context_manager_browsertest.cc 2019-09-12 16:11:07.662562005 +0200 -@@ -21,6 +21,7 @@ - #include "components/version_info/version_info.h" - #include "content/public/common/content_switches.h" - #include "content/public/common/user_agent.h" -+#include "services/network/public/cpp/network_service_buildflags.h" - #include "services/network/public/mojom/network_context.mojom.h" - #include "services/network/public/mojom/network_service.mojom.h" - #include "testing/gmock/include/gmock/gmock.h" -@@ -356,3 +357,55 @@ IN_PROC_BROWSER_TEST_P(SystemNetworkCont - INSTANTIATE_TEST_SUITE_P(, - SystemNetworkContextManagerFreezeQUICUaBrowsertest, - ::testing::Values(true, false)); -+ -+class SystemNetworkContextManagerCertificateTransparencyBrowsertest -+ : public SystemNetworkContextManagerBrowsertest, -+ public testing::WithParamInterface> { -+ public: -+ SystemNetworkContextManagerCertificateTransparencyBrowsertest() { -+ SystemNetworkContextManager::SetEnableCertificateTransparencyForTesting( -+ GetParam()); -+ } -+ ~SystemNetworkContextManagerCertificateTransparencyBrowsertest() override { -+ SystemNetworkContextManager::SetEnableCertificateTransparencyForTesting( -+ base::nullopt); -+ } -+}; -+ -+#if BUILDFLAG(IS_CT_SUPPORTED) -+IN_PROC_BROWSER_TEST_P( -+ SystemNetworkContextManagerCertificateTransparencyBrowsertest, -+ CertificateTransparencyConfig) { -+ network::mojom::NetworkContextParamsPtr context_params = -+ g_browser_process->system_network_context_manager() -+ ->CreateDefaultNetworkContextParams(); -+ -+ const bool kDefault = -+#if defined(GOOGLE_CHROME_BUILD) && defined(OFFICIAL_BUILD) && \ -+ !defined(OS_ANDROID) -+ true; -+#else -+ false; -+#endif -+ -+ EXPECT_EQ(GetParam().value_or(kDefault), -+ context_params->enforce_chrome_ct_policy); -+ EXPECT_NE(GetParam().value_or(kDefault), context_params->ct_logs.empty()); -+ -+ if (GetParam().value_or(kDefault)) { -+ bool has_google_log = false; -+ bool has_disqualified_log = false; -+ for (const auto& ct_log : context_params->ct_logs) { -+ has_google_log |= ct_log->operated_by_google; -+ has_disqualified_log |= ct_log->disqualified_at.has_value(); -+ } -+ EXPECT_TRUE(has_google_log); -+ EXPECT_TRUE(has_disqualified_log); -+ } -+} -+#endif -+ -+INSTANTIATE_TEST_SUITE_P( -+ , -+ SystemNetworkContextManagerCertificateTransparencyBrowsertest, -+ ::testing::Values(base::nullopt, true, false)); -diff -up chromium-77.0.3865.75/chrome/browser/net/system_network_context_manager.cc.certificate-transparency chromium-77.0.3865.75/chrome/browser/net/system_network_context_manager.cc ---- chromium-77.0.3865.75/chrome/browser/net/system_network_context_manager.cc.certificate-transparency 2019-09-09 23:55:09.000000000 +0200 -+++ chromium-77.0.3865.75/chrome/browser/net/system_network_context_manager.cc 2019-09-12 16:09:52.819635118 +0200 -@@ -4,11 +4,13 @@ - - #include "chrome/browser/net/system_network_context_manager.h" - -+#include - #include - #include - #include - - #include "base/bind.h" -+#include "base/build_time.h" - #include "base/command_line.h" - #include "base/feature_list.h" - #include "base/logging.h" -@@ -50,6 +52,7 @@ - #include "content/public/common/mime_handler_view_mode.h" - #include "content/public/common/service_names.mojom.h" - #include "content/public/common/user_agent.h" -+#include "crypto/sha2.h" - #include "mojo/public/cpp/bindings/associated_interface_ptr.h" - #include "net/dns/public/util.h" - #include "net/net_buildflags.h" -@@ -79,6 +82,20 @@ - - namespace { - -+constexpr bool kCertificateTransparencyEnabled = -+#if defined(GOOGLE_CHROME_BUILD) && defined(OFFICIAL_BUILD) && \ -+ !defined(OS_ANDROID) -+ // Certificate Transparency is only enabled if: -+ // - Desktop (!OS_ANDROID); OS_IOS does not use this file -+ // - base::GetBuildTime() is deterministic to the source (OFFICIAL_BUILD) -+ // - The build in reliably updatable (GOOGLE_CHROME_BUILD) -+ true; -+#else -+ false; -+#endif -+ -+bool g_enable_certificate_transparency = kCertificateTransparencyEnabled; -+ - // The global instance of the SystemNetworkContextmanager. - SystemNetworkContextManager* g_system_network_context_manager = nullptr; - -@@ -658,14 +675,35 @@ SystemNetworkContextManager::CreateDefau - - bool http_09_on_non_default_ports_enabled = false; - #if !defined(OS_ANDROID) -- // CT is only enabled on Desktop platforms for now. -- network_context_params->enforce_chrome_ct_policy = true; -- for (const auto& ct_log : certificate_transparency::GetKnownLogs()) { -- // TODO(rsleevi): https://crbug.com/702062 - Remove this duplication. -- network::mojom::CTLogInfoPtr log_info = network::mojom::CTLogInfo::New(); -- log_info->public_key = std::string(ct_log.log_key, ct_log.log_key_length); -- log_info->name = ct_log.log_name; -- network_context_params->ct_logs.push_back(std::move(log_info)); -+ -+ if (g_enable_certificate_transparency) { -+ network_context_params->enforce_chrome_ct_policy = true; -+ network_context_params->ct_log_update_time = base::GetBuildTime(); -+ -+ std::vector operated_by_google_logs = -+ certificate_transparency::GetLogsOperatedByGoogle(); -+ std::vector> disqualified_logs = -+ certificate_transparency::GetDisqualifiedLogs(); -+ for (const auto& ct_log : certificate_transparency::GetKnownLogs()) { -+ // TODO(rsleevi): https://crbug.com/702062 - Remove this duplication. -+ network::mojom::CTLogInfoPtr log_info = network::mojom::CTLogInfo::New(); -+ log_info->public_key = std::string(ct_log.log_key, ct_log.log_key_length); -+ log_info->name = ct_log.log_name; -+ -+ std::string log_id = crypto::SHA256HashString(log_info->public_key); -+ log_info->operated_by_google = -+ std::binary_search(std::begin(operated_by_google_logs), -+ std::end(operated_by_google_logs), log_id); -+ auto it = std::lower_bound( -+ std::begin(disqualified_logs), std::end(disqualified_logs), log_id, -+ [](const auto& disqualified_log, const std::string& log_id) { -+ return disqualified_log.first < log_id; -+ }); -+ if (it != std::end(disqualified_logs) && it->first == log_id) { -+ log_info->disqualified_at = it->second; -+ } -+ network_context_params->ct_logs.push_back(std::move(log_info)); -+ } - } - - const base::Value* value = -@@ -723,6 +761,12 @@ SystemNetworkContextManager::GetHttpAuth - return CreateHttpAuthDynamicParams(g_browser_process->local_state()); - } - -+void SystemNetworkContextManager::SetEnableCertificateTransparencyForTesting( -+ base::Optional enabled) { -+ g_enable_certificate_transparency = -+ enabled.value_or(kCertificateTransparencyEnabled); -+} -+ - network::mojom::NetworkContextParamsPtr - SystemNetworkContextManager::CreateNetworkContextParams() { - // TODO(mmenke): Set up parameters here (in memory cookie store, etc). -diff -up chromium-77.0.3865.75/chrome/browser/net/system_network_context_manager.h.certificate-transparency chromium-77.0.3865.75/chrome/browser/net/system_network_context_manager.h ---- chromium-77.0.3865.75/chrome/browser/net/system_network_context_manager.h.certificate-transparency 2019-09-09 23:55:09.000000000 +0200 -+++ chromium-77.0.3865.75/chrome/browser/net/system_network_context_manager.h 2019-09-12 16:09:52.819635118 +0200 -@@ -139,6 +139,12 @@ class SystemNetworkContextManager { - static network::mojom::HttpAuthDynamicParamsPtr - GetHttpAuthDynamicParamsForTesting(); - -+ // Enables Certificate Transparency and enforcing the Chrome Certificate -+ // Transparency Policy. For test use only. Use base::nullopt_t to reset to -+ // the default state. -+ static void SetEnableCertificateTransparencyForTesting( -+ base::Optional enabled); -+ - private: - class URLLoaderFactoryForSystem; - -diff -up chromium-77.0.3865.75/chrome/browser/policy/policy_browsertest.cc.certificate-transparency chromium-77.0.3865.75/chrome/browser/policy/policy_browsertest.cc ---- chromium-77.0.3865.75/chrome/browser/policy/policy_browsertest.cc.certificate-transparency 2019-09-09 23:55:10.000000000 +0200 -+++ chromium-77.0.3865.75/chrome/browser/policy/policy_browsertest.cc 2019-09-12 16:09:52.820635131 +0200 -@@ -4836,7 +4836,7 @@ IN_PROC_BROWSER_TEST_F(PolicyTest, - browser()->tab_strip_model()->GetActiveWebContents()->GetTitle()); - } - --IN_PROC_BROWSER_TEST_F(PolicyTest, -+IN_PROC_BROWSER_TEST_F(CertificateTransparencyPolicyTest, - CertificateTransparencyEnforcementDisabledForCas) { - net::EmbeddedTestServer https_server_ok(net::EmbeddedTestServer::TYPE_HTTPS); - https_server_ok.SetSSLConfig(net::EmbeddedTestServer::CERT_OK); -diff -up chromium-77.0.3865.75/chrome/browser/ssl/chrome_expect_ct_reporter_browsertest.cc.certificate-transparency chromium-77.0.3865.75/chrome/browser/ssl/chrome_expect_ct_reporter_browsertest.cc ---- chromium-77.0.3865.75/chrome/browser/ssl/chrome_expect_ct_reporter_browsertest.cc.certificate-transparency 2019-09-09 23:55:10.000000000 +0200 -+++ chromium-77.0.3865.75/chrome/browser/ssl/chrome_expect_ct_reporter_browsertest.cc 2019-09-12 16:09:52.821635143 +0200 -@@ -8,6 +8,7 @@ - #include "base/callback.h" - #include "base/run_loop.h" - #include "base/test/scoped_feature_list.h" -+#include "chrome/browser/net/system_network_context_manager.h" - #include "chrome/browser/profiles/profile.h" - #include "chrome/browser/ssl/cert_verifier_browser_test.h" - #include "chrome/browser/ui/browser.h" -@@ -27,7 +28,17 @@ namespace { - // received by a server. - class ExpectCTBrowserTest : public CertVerifierBrowserTest { - public: -- ExpectCTBrowserTest() : CertVerifierBrowserTest() {} -+ ExpectCTBrowserTest() : CertVerifierBrowserTest() { -+ // Expect-CT reporting depends on actually enforcing Certificate -+ // Transparency. -+ SystemNetworkContextManager::SetEnableCertificateTransparencyForTesting( -+ true); -+ } -+ -+ ~ExpectCTBrowserTest() override { -+ SystemNetworkContextManager::SetEnableCertificateTransparencyForTesting( -+ base::nullopt); -+ } - - void SetUpOnMainThread() override { - run_loop_ = std::make_unique(); -diff -up chromium-77.0.3865.75/chrome/browser/ssl/security_state_tab_helper_browsertest.cc.certificate-transparency chromium-77.0.3865.75/chrome/browser/ssl/security_state_tab_helper_browsertest.cc ---- chromium-77.0.3865.75/chrome/browser/ssl/security_state_tab_helper_browsertest.cc.certificate-transparency 2019-09-09 23:55:10.000000000 +0200 -+++ chromium-77.0.3865.75/chrome/browser/ssl/security_state_tab_helper_browsertest.cc 2019-09-12 16:09:52.821635143 +0200 -@@ -433,6 +433,13 @@ class SecurityStateTabHelperTest : publi - SecurityStateTabHelperTest() - : https_server_(net::EmbeddedTestServer::TYPE_HTTPS) { - https_server_.ServeFilesFromSourceDirectory(GetChromeTestDataDir()); -+ SystemNetworkContextManager::SetEnableCertificateTransparencyForTesting( -+ true); -+ } -+ -+ ~SecurityStateTabHelperTest() override { -+ SystemNetworkContextManager::SetEnableCertificateTransparencyForTesting( -+ base::nullopt); - } - - void SetUpOnMainThread() override { -diff -up chromium-77.0.3865.75/chrome/browser/ssl/ssl_browsertest.cc.certificate-transparency chromium-77.0.3865.75/chrome/browser/ssl/ssl_browsertest.cc ---- chromium-77.0.3865.75/chrome/browser/ssl/ssl_browsertest.cc.certificate-transparency 2019-09-09 23:55:10.000000000 +0200 -+++ chromium-77.0.3865.75/chrome/browser/ssl/ssl_browsertest.cc 2019-09-12 16:09:52.822635155 +0200 -@@ -1853,8 +1853,14 @@ class CertificateTransparencySSLUITest : - public: - CertificateTransparencySSLUITest() - : CertVerifierBrowserTest(), -- https_server_(net::EmbeddedTestServer::TYPE_HTTPS) {} -- ~CertificateTransparencySSLUITest() override {} -+ https_server_(net::EmbeddedTestServer::TYPE_HTTPS) { -+ SystemNetworkContextManager::SetEnableCertificateTransparencyForTesting( -+ true); -+ } -+ ~CertificateTransparencySSLUITest() override { -+ SystemNetworkContextManager::SetEnableCertificateTransparencyForTesting( -+ base::nullopt); -+ } - - void SetUpOnMainThread() override { - CertVerifierBrowserTest::SetUpOnMainThread(); -diff -up chromium-77.0.3865.75/components/certificate_transparency/chrome_ct_policy_enforcer.h.certificate-transparency chromium-77.0.3865.75/components/certificate_transparency/chrome_ct_policy_enforcer.h ---- chromium-77.0.3865.75/components/certificate_transparency/chrome_ct_policy_enforcer.h.certificate-transparency 2019-09-09 23:55:14.000000000 +0200 -+++ chromium-77.0.3865.75/components/certificate_transparency/chrome_ct_policy_enforcer.h 2019-09-12 16:09:52.823635168 +0200 -@@ -45,6 +45,19 @@ class ChromeCTPolicyEnforcer : public ne - - void SetClockForTesting(const base::Clock* clock) { clock_ = clock; } - -+ // TODO(https://crbug.com/999240): These are exposed to allow end-to-end -+ // testing by higher layers (i.e. that the ChromeCTPolicyEnforcer is -+ // correctly constructed). When either this issue or https://crbug.com/848277 -+ // are fixed, the configuration can be tested independently, and these can -+ // be removed. -+ const std::vector& operated_by_google_logs_for_testing() { -+ return operated_by_google_logs_; -+ } -+ const std::vector>& -+ disqualified_logs_for_testing() { -+ return disqualified_logs_; -+ } -+ - private: - // Returns true if the log identified by |log_id| (the SHA-256 hash of the - // log's DER-encoded SPKI) has been disqualified, and sets -diff -up chromium-77.0.3865.75/services/network/network_context.cc.certificate-transparency chromium-77.0.3865.75/services/network/network_context.cc ---- chromium-77.0.3865.75/services/network/network_context.cc.certificate-transparency 2019-09-09 23:55:22.000000000 +0200 -+++ chromium-77.0.3865.75/services/network/network_context.cc 2019-09-12 16:09:52.823635168 +0200 -@@ -36,6 +36,7 @@ - #include "components/prefs/pref_registry_simple.h" - #include "components/prefs/pref_service.h" - #include "components/prefs/pref_service_factory.h" -+#include "crypto/sha2.h" - #include "mojo/public/cpp/bindings/strong_binding.h" - #include "net/base/layered_network_delegate.h" - #include "net/base/load_flags.h" -@@ -1877,16 +1878,6 @@ URLRequestContextOwner NetworkContext::A - base::FeatureList::IsEnabled(features::kNetworkErrorLogging)); - #endif // BUILDFLAG(ENABLE_REPORTING) - --#if BUILDFLAG(IS_CT_SUPPORTED) -- if (params_->enforce_chrome_ct_policy) { -- builder->set_ct_policy_enforcer( -- std::make_unique( -- base::GetBuildTime(), -- certificate_transparency::GetDisqualifiedLogs(), -- certificate_transparency::GetLogsOperatedByGoogle())); -- } --#endif // BUILDFLAG(IS_CT_SUPPORTED) -- - net::HttpNetworkSession::Params session_params; - bool is_quic_force_disabled = false; - if (network_service_ && network_service_->quic_disabled()) -@@ -1936,8 +1927,20 @@ URLRequestContextOwner NetworkContext::A - - #if BUILDFLAG(IS_CT_SUPPORTED) - std::vector> ct_logs; -+ std::vector> disqualified_logs; -+ std::vector operated_by_google_logs; -+ - if (!params_->ct_logs.empty()) { - for (const auto& log : params_->ct_logs) { -+ if (log->operated_by_google || log->disqualified_at) { -+ std::string log_id = crypto::SHA256HashString(log->public_key); -+ if (log->operated_by_google) -+ operated_by_google_logs.push_back(log_id); -+ if (log->disqualified_at) { -+ disqualified_logs.push_back( -+ std::make_pair(log_id, log->disqualified_at.value())); -+ } -+ } - scoped_refptr log_verifier = - net::CTLogVerifier::Create(log->public_key, log->name); - if (!log_verifier) { -@@ -1950,6 +1953,17 @@ URLRequestContextOwner NetworkContext::A - ct_verifier->AddLogs(ct_logs); - builder->set_ct_verifier(std::move(ct_verifier)); - } -+ -+ if (params_->enforce_chrome_ct_policy) { -+ std::sort(std::begin(operated_by_google_logs), -+ std::end(operated_by_google_logs)); -+ std::sort(std::begin(disqualified_logs), std::end(disqualified_logs)); -+ -+ builder->set_ct_policy_enforcer( -+ std::make_unique( -+ params_->ct_log_update_time, disqualified_logs, -+ operated_by_google_logs)); -+ } - #endif // BUILDFLAG(IS_CT_SUPPORTED) - - const base::CommandLine* command_line = -diff -up chromium-77.0.3865.75/services/network/network_context_unittest.cc.certificate-transparency chromium-77.0.3865.75/services/network/network_context_unittest.cc ---- chromium-77.0.3865.75/services/network/network_context_unittest.cc.certificate-transparency 2019-09-09 23:55:22.000000000 +0200 -+++ chromium-77.0.3865.75/services/network/network_context_unittest.cc 2019-09-12 16:13:10.479056669 +0200 -@@ -2,6 +2,7 @@ - // Use of this source code is governed by a BSD-style license that can be - // found in the LICENSE file. - -+#include - #include - #include - #include -@@ -38,10 +39,12 @@ - #include "base/threading/thread_task_runner_handle.h" - #include "base/time/default_clock.h" - #include "base/time/default_tick_clock.h" -+#include "base/time/time.h" - #include "build/build_config.h" - #include "components/network_session_configurator/browser/network_session_configurator.h" - #include "components/network_session_configurator/common/network_switches.h" - #include "components/prefs/testing_pref_service.h" -+#include "crypto/sha2.h" - #include "mojo/public/cpp/bindings/remote.h" - #include "mojo/public/cpp/bindings/self_owned_receiver.h" - #include "mojo/public/cpp/system/data_pipe_utils.h" -@@ -115,6 +118,11 @@ - #include "url/scheme_host_port.h" - #include "url/url_constants.h" - -+#if BUILDFLAG(IS_CT_SUPPORTED) -+#include "components/certificate_transparency/chrome_ct_policy_enforcer.h" -+#include "services/network/public/mojom/ct_log_info.mojom.h" -+#endif -+ - #if !BUILDFLAG(DISABLE_FTP_SUPPORT) - #include "net/ftp/ftp_auth_cache.h" - #endif // !BUILDFLAG(DISABLE_FTP_SUPPORT) -@@ -5958,6 +5966,72 @@ TEST_F(NetworkContextSplitCacheTest, - true /* was_cached */, true /* is_navigation */); - } - -+#if BUILDFLAG(IS_CT_SUPPORTED) -+TEST_F(NetworkContextTest, CertificateTransparencyConfig) { -+ mojom::NetworkContextParamsPtr params = CreateContextParams(); -+ params->enforce_chrome_ct_policy = true; -+ params->ct_log_update_time = base::Time::Now(); -+ -+ // The log public keys do not matter for the test, so invalid keys are used. -+ // However, because the log IDs are derived from the SHA-256 hash of the log -+ // key, the log keys are generated such that qualified logs are in the form -+ // of four digits (e.g. "0000", "1111"), while disqualified logs are in the -+ // form of four letters (e.g. "AAAA", "BBBB"). -+ -+ for (int i = 0; i < 6; ++i) { -+ network::mojom::CTLogInfoPtr log_info = network::mojom::CTLogInfo::New(); -+ // Shift to ASCII '0' (0x30) -+ log_info->public_key = std::string(4, 0x30 + static_cast(i)); -+ log_info->name = std::string(4, 0x30 + static_cast(i)); -+ log_info->operated_by_google = i % 2; -+ -+ params->ct_logs.push_back(std::move(log_info)); -+ } -+ for (int i = 0; i < 3; ++i) { -+ network::mojom::CTLogInfoPtr log_info = network::mojom::CTLogInfo::New(); -+ // Shift to ASCII 'A' (0x41) -+ log_info->public_key = std::string(4, 0x41 + static_cast(i)); -+ log_info->name = std::string(4, 0x41 + static_cast(i)); -+ log_info->operated_by_google = false; -+ log_info->disqualified_at = base::TimeDelta::FromSeconds(i); -+ -+ params->ct_logs.push_back(std::move(log_info)); -+ } -+ std::unique_ptr network_context = -+ CreateContextWithParams(std::move(params)); -+ -+ net::CTPolicyEnforcer* request_enforcer = -+ network_context->url_request_context()->ct_policy_enforcer(); -+ ASSERT_TRUE(request_enforcer); -+ -+ // Completely unsafe if |enforce_chrome_ct_policy| is false. -+ certificate_transparency::ChromeCTPolicyEnforcer* policy_enforcer = -+ reinterpret_cast( -+ request_enforcer); -+ -+ EXPECT_TRUE(std::is_sorted( -+ policy_enforcer->operated_by_google_logs_for_testing().begin(), -+ policy_enforcer->operated_by_google_logs_for_testing().end())); -+ EXPECT_TRUE( -+ std::is_sorted(policy_enforcer->disqualified_logs_for_testing().begin(), -+ policy_enforcer->disqualified_logs_for_testing().end())); -+ -+ EXPECT_THAT( -+ policy_enforcer->operated_by_google_logs_for_testing(), -+ ::testing::UnorderedElementsAreArray({crypto::SHA256HashString("1111"), -+ crypto::SHA256HashString("3333"), -+ crypto::SHA256HashString("5555")})); -+ EXPECT_THAT(policy_enforcer->disqualified_logs_for_testing(), -+ ::testing::UnorderedElementsAre( -+ ::testing::Pair(crypto::SHA256HashString("AAAA"), -+ base::TimeDelta::FromSeconds(0)), -+ ::testing::Pair(crypto::SHA256HashString("BBBB"), -+ base::TimeDelta::FromSeconds(1)), -+ ::testing::Pair(crypto::SHA256HashString("CCCC"), -+ base::TimeDelta::FromSeconds(2)))); -+} -+#endif -+ - } // namespace - - } // namespace network -diff -up chromium-77.0.3865.75/services/network/public/mojom/ct_log_info.mojom.certificate-transparency chromium-77.0.3865.75/services/network/public/mojom/ct_log_info.mojom ---- chromium-77.0.3865.75/services/network/public/mojom/ct_log_info.mojom.certificate-transparency 2019-09-09 23:55:22.000000000 +0200 -+++ chromium-77.0.3865.75/services/network/public/mojom/ct_log_info.mojom 2019-09-12 16:09:52.824635180 +0200 -@@ -4,6 +4,8 @@ - - module network.mojom; - -+import "mojo/public/mojom/base/time.mojom"; -+ - // A single Certificate Transparency Log configuration. - struct CTLogInfo { - // The DER-encoded SubjectPublicKeyInfo of the log. -@@ -14,4 +16,13 @@ struct CTLogInfo { - // The human-readable, log-supplied log name. Note that this will not be - // translated. - string name; -+ -+ // Whether or not the log should should be considered a Google Log for the -+ // purposes of enforcing the "Certificate Transparency in Chrome" policy. -+ bool operated_by_google = false; -+ -+ // If set, the time since the Unix Epoch when the log was disqualified. This -+ // is used to determine the "once or currently qualified" status of the log. -+ // If the log is currently qualified, this will not be set. -+ mojo_base.mojom.TimeDelta? disqualified_at; - }; -diff -up chromium-77.0.3865.75/services/network/public/mojom/network_context.mojom.certificate-transparency chromium-77.0.3865.75/services/network/public/mojom/network_context.mojom ---- chromium-77.0.3865.75/services/network/public/mojom/network_context.mojom.certificate-transparency 2019-09-09 23:55:22.000000000 +0200 -+++ chromium-77.0.3865.75/services/network/public/mojom/network_context.mojom 2019-09-12 16:09:52.825635192 +0200 -@@ -239,15 +239,6 @@ struct NetworkContextParams { - [EnableIf=is_android] - bool check_clear_text_permitted = false; - -- // True if the "Certificate Transparency in Chrome" policy (see -- // https://github.com/chromium/ct-policy/blob/master/ct_policy.md) should -- // be enforced for certificates and connections. -- // -- // See //net/docs/certificate-transparency.md before setting this flag to -- // true. -- [EnableIf=is_ct_supported] -- bool enforce_chrome_ct_policy = false; -- - // Enables HTTP/0.9 on ports other than 80 for HTTP and 443 for HTTPS. - bool http_09_on_non_default_ports_enabled = false; - -@@ -300,6 +291,15 @@ struct NetworkContextParams { - // servers, so they can discover misconfigurations. - bool enable_certificate_reporting = false; - -+ // True if the "Certificate Transparency in Chrome" policy (see -+ // https://github.com/chromium/ct-policy/blob/master/ct_policy.md) should -+ // be enforced for certificates and connections. -+ // -+ // See //net/docs/certificate-transparency.md before setting this flag to -+ // true. -+ [EnableIf=is_ct_supported] -+ bool enforce_chrome_ct_policy = false; -+ - // Enables Expect CT reporting, which sends reports for opted-in sites that - // don't serve sufficient Certificate Transparency information. - [EnableIf=is_ct_supported] -@@ -311,6 +311,13 @@ struct NetworkContextParams { - [EnableIf=is_ct_supported] - array ct_logs; - -+ // When the Certificate Transparency logs in |ct_logs| were last updated. If -+ // |enforce_chrome_ct_policy| is set, and |ct_log_update_time| is not -+ // sufficiently recent, enforcement of the "Certificate Transparency in -+ // Chrome" policy will be disabled. -+ [EnableIf=is_ct_supported] -+ mojo_base.mojom.Time ct_log_update_time; -+ - // Specifies the path to the directory where NSS will store its database. - [EnableIf=is_chromeos] - mojo_base.mojom.FilePath? nss_path; diff --git a/chromium-77.0.3865.75-gcc-abstract-class.patch b/chromium-77.0.3865.75-gcc-abstract-class.patch deleted file mode 100644 index 6d77299e..00000000 --- a/chromium-77.0.3865.75-gcc-abstract-class.patch +++ /dev/null @@ -1,61 +0,0 @@ -From f08cb0022527081c078e8b96062e6c9b4fbda151 Mon Sep 17 00:00:00 2001 -From: Jose Dapena Paz -Date: Fri, 26 Jul 2019 16:48:06 +0000 -Subject: [PATCH] BinaryUploadService: change parameter passing that cannot afford abstract class - -The method UploadForDeepScanning gets a Request as parameter. But Request is an -abstract class, so GCC will not allow that declaration (polimorphycs should be -passed by reference). Use std::unique_ptr so BinaryUploadService can assume -ownership. - -Bug: 819294 -Change-Id: I9e8c75cc92b01abd704d9049b0421555377da5ba -Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1713550 -Reviewed-by: Daniel Rubery -Commit-Queue: José Dapena Paz -Cr-Commit-Position: refs/heads/master@{#681333} ---- - -diff --git a/chrome/browser/safe_browsing/download_protection/binary_upload_service.cc b/chrome/browser/safe_browsing/download_protection/binary_upload_service.cc -index 6430c89..4e90487 100644 ---- a/chrome/browser/safe_browsing/download_protection/binary_upload_service.cc -+++ b/chrome/browser/safe_browsing/download_protection/binary_upload_service.cc -@@ -10,7 +10,7 @@ - namespace safe_browsing { - - void BinaryUploadService::UploadForDeepScanning( -- BinaryUploadService::Request request) { -+ std::unique_ptr request) { - DCHECK_CURRENTLY_ON(content::BrowserThread::UI); - NOTREACHED(); - } -diff --git a/chrome/browser/safe_browsing/download_protection/binary_upload_service.h b/chrome/browser/safe_browsing/download_protection/binary_upload_service.h -index d2dfd83..9b6f395 100644 ---- a/chrome/browser/safe_browsing/download_protection/binary_upload_service.h -+++ b/chrome/browser/safe_browsing/download_protection/binary_upload_service.h -@@ -5,6 +5,8 @@ - #ifndef CHROME_BROWSER_SAFE_BROWSING_DOWNLOAD_PROTECTION_BINARY_UPLOAD_SERVICE_H_ - #define CHROME_BROWSER_SAFE_BROWSING_DOWNLOAD_PROTECTION_BINARY_UPLOAD_SERVICE_H_ - -+#include -+ - #include "base/callback.h" - #include "components/safe_browsing/proto/webprotect.pb.h" - -@@ -40,6 +42,7 @@ - public: - // |callback| will run on the UI thread. - explicit Request(Callback callback); -+ virtual ~Request() = default; - Request(const Request&) = delete; - Request& operator=(const Request&) = delete; - -@@ -67,7 +70,7 @@ - // Upload the given file contents for deep scanning. The results will be - // returned asynchronously by calling |request|'s |callback|. This must be - // called on the UI thread. -- void UploadForDeepScanning(Request request); -+ void UploadForDeepScanning(std::unique_ptr request); - }; - - } // namespace safe_browsing diff --git a/chromium-77.0.3865.75-harfbuzz-subset.patch b/chromium-77.0.3865.75-harfbuzz-subset.patch deleted file mode 100644 index 55d78d19..00000000 --- a/chromium-77.0.3865.75-harfbuzz-subset.patch +++ /dev/null @@ -1,49 +0,0 @@ -From 27e25336b8316ff3ec4e464058682ed85801fd06 Mon Sep 17 00:00:00 2001 -From: Raphael Kubo da Costa -Date: Mon, 29 Jul 2019 10:54:28 +0000 -Subject: [PATCH] Also link against libharfbuzz-subset when use_system_harfbuzz is true - -When building HarfBuzz as part of Chromium, there is a single source set -with all the files we need in the build. - -Upstream HarfBuzz, on the other hand, produces a few different libraries: -harfbuzz, harfbuzz-icu and harfbuzz-subset. When |use_system_harfbuzz| is -true, we were only looking for (and using) harfbuzz.pc with pkg-config even -though we also use symbols from libharfbuzz-subset.so. This resulted in -errors when linking: - - ld: obj/skia/skia/SkPDFSubsetFont.o: in function `SkPDFSubsetFont(sk_sp, SkPDFGlyphUse const&, SkPDF::Metadata::Subsetter, char const*, int)': - SkPDFSubsetFont.cpp:(.text._Z15SkPDFSubsetFont5sk_spI6SkDataERK13SkPDFGlyphUseN5SkPDF8Metadata9SubsetterEPKci+0x48a): undefined reference to `hb_subset_input_create_or_fail' - ld: SkPDFSubsetFont.cpp:(.text._Z15SkPDFSubsetFont5sk_spI6SkDataERK13SkPDFGlyphUseN5SkPDF8Metadata9SubsetterEPKci+0x4af): undefined reference to `hb_subset_input_glyph_set' - ld: SkPDFSubsetFont.cpp:(.text._Z15SkPDFSubsetFont5sk_spI6SkDataERK13SkPDFGlyphUseN5SkPDF8Metadata9SubsetterEPKci+0x5d7): undefined reference to `hb_subset_input_set_retain_gids' - ld: SkPDFSubsetFont.cpp:(.text._Z15SkPDFSubsetFont5sk_spI6SkDataERK13SkPDFGlyphUseN5SkPDF8Metadata9SubsetterEPKci+0x5e4): undefined reference to `hb_subset_input_set_drop_hints' - ld: SkPDFSubsetFont.cpp:(.text._Z15SkPDFSubsetFont5sk_spI6SkDataERK13SkPDFGlyphUseN5SkPDF8Metadata9SubsetterEPKci+0x5f3): undefined reference to `hb_subset' - ld: SkPDFSubsetFont.cpp:(.text._Z15SkPDFSubsetFont5sk_spI6SkDataERK13SkPDFGlyphUseN5SkPDF8Metadata9SubsetterEPKci+0x66f): undefined reference to `hb_subset_input_destroy' - -as reported in -https://groups.google.com/a/chromium.org/d/msg/chromium-packagers/UyJsVJ5QqWo/jSv5z7-rEQAJ - -Change-Id: I997af075c7b7263cd7cc71a63db5b0f93bd1ab59 -Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1715288 -Auto-Submit: Raphael Kubo da Costa -Commit-Queue: Dominik Röttsches -Reviewed-by: Dominik Röttsches -Cr-Commit-Position: refs/heads/master@{#681760} ---- - -diff --git a/third_party/harfbuzz-ng/BUILD.gn b/third_party/harfbuzz-ng/BUILD.gn -index 37d8e33..72013eb1d 100644 ---- a/third_party/harfbuzz-ng/BUILD.gn -+++ b/third_party/harfbuzz-ng/BUILD.gn -@@ -16,7 +16,10 @@ - "//third_party:freetype_harfbuzz", - "//third_party/freetype:freetype_source", - ] -- packages = [ "harfbuzz" ] -+ packages = [ -+ "harfbuzz", -+ "harfbuzz-subset", -+ ] - } - } else { - config("harfbuzz_config") { diff --git a/chromium-77.0.3865.75-missing-limits.patch b/chromium-77.0.3865.75-missing-limits.patch deleted file mode 100644 index 3ac1770f..00000000 --- a/chromium-77.0.3865.75-missing-limits.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 5baf7df7f4c5971dab552897eeef94b194650ce5 Mon Sep 17 00:00:00 2001 -From: Dave Tapuska -Date: Mon, 12 Aug 2019 22:30:13 +0000 -Subject: [PATCH] Fix build failure due to missing include for std::numeric_limits usage. - -Some configurations fail to build, limits should have been included. - -BUG=992832 - -Change-Id: I894ba0543bfcef101c93259e39a31d12ae6d035c -Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1747981 -Commit-Queue: Dave Tapuska -Reviewed-by: Mostyn Bramley-Moore -Cr-Commit-Position: refs/heads/master@{#686214} ---- - -diff --git a/third_party/blink/renderer/platform/exported/web_time_range.cc b/third_party/blink/renderer/platform/exported/web_time_range.cc -index 384566a..68d83e1 100644 ---- a/third_party/blink/renderer/platform/exported/web_time_range.cc -+++ b/third_party/blink/renderer/platform/exported/web_time_range.cc -@@ -31,6 +31,7 @@ - #include "third_party/blink/public/platform/web_time_range.h" - - #include -+#include - - namespace blink { - diff --git a/chromium-77.0.3865.75-unbundle-zlib.patch b/chromium-77.0.3865.75-unbundle-zlib.patch deleted file mode 100644 index d6c45ad8..00000000 --- a/chromium-77.0.3865.75-unbundle-zlib.patch +++ /dev/null @@ -1,25 +0,0 @@ -From e1bbdec720a333937bd1b990ae0f7ee97db0d3b0 Mon Sep 17 00:00:00 2001 -From: Your Name -Date: Fri, 28 Jun 2019 15:56:23 +0000 -Subject: [PATCH] update zlib - ---- - third_party/perfetto/gn/BUILD.gn | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/third_party/perfetto/gn/BUILD.gn b/third_party/perfetto/gn/BUILD.gn -index c951f5f..297eee3 100644 ---- a/third_party/perfetto/gn/BUILD.gn -+++ b/third_party/perfetto/gn/BUILD.gn -@@ -200,7 +200,7 @@ group("zlib") { - "//buildtools:zlib", - ] - } else if (build_with_chromium) { -- public_configs = [ "//third_party/zlib:zlib_config" ] -+ public_configs = [ "//third_party/zlib:system_zlib" ] - public_deps = [ - "//third_party/zlib", - ] --- -2.21.0 - diff --git a/chromium-77.0.3865.90-linked-hash-set.patch b/chromium-77.0.3865.90-linked-hash-set.patch deleted file mode 100644 index f921f1aa..00000000 --- a/chromium-77.0.3865.90-linked-hash-set.patch +++ /dev/null @@ -1,130 +0,0 @@ -From 74138b9febd37eac0fc26b8efb110014a83a52c6 Mon Sep 17 00:00:00 2001 -From: Jeremy Roman -Date: Wed, 07 Aug 2019 13:26:48 +0000 -Subject: [PATCH] WTF: Make LinkedHashSet understand values for which memset initialization would be bad. - -Includes a unit test which fails before, and uses this to fix FontCacheKeyTraits. - -Bug: 980025 -Change-Id: If41f97444c7fd37b9b95d6dadaf3da5689079e9e -Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1739948 -Reviewed-by: Kentaro Hara -Reviewed-by: Yutaka Hirano -Commit-Queue: Jeremy Roman -Cr-Commit-Position: refs/heads/master@{#684731} ---- - -diff --git a/third_party/blink/renderer/platform/fonts/font_cache_key.h b/third_party/blink/renderer/platform/fonts/font_cache_key.h -index 0efc8fb..90063cb 100644 ---- a/third_party/blink/renderer/platform/fonts/font_cache_key.h -+++ b/third_party/blink/renderer/platform/fonts/font_cache_key.h -@@ -133,6 +133,10 @@ - - struct FontCacheKeyTraits : WTF::SimpleClassHashTraits { - STATIC_ONLY(FontCacheKeyTraits); -+ -+ // std::string's empty state need not be zero in all implementations, -+ // and it is held within FontFaceCreationParams. -+ static const bool kEmptyValueIsZero = false; - }; - - } // namespace blink -diff --git a/third_party/blink/renderer/platform/wtf/linked_hash_set.h b/third_party/blink/renderer/platform/wtf/linked_hash_set.h -index b35b6e9..77e524c 100644 ---- a/third_party/blink/renderer/platform/wtf/linked_hash_set.h -+++ b/third_party/blink/renderer/platform/wtf/linked_hash_set.h -@@ -146,6 +146,11 @@ - LinkedHashSetNodeBase* next) - : LinkedHashSetNodeBase(prev, next), value_(value) {} - -+ LinkedHashSetNode(ValueArg&& value, -+ LinkedHashSetNodeBase* prev, -+ LinkedHashSetNodeBase* next) -+ : LinkedHashSetNodeBase(prev, next), value_(std::move(value)) {} -+ - LinkedHashSetNode(LinkedHashSetNode&& other) - : LinkedHashSetNodeBase(std::move(other)), - value_(std::move(other.value_)) {} -@@ -445,10 +450,13 @@ - - // The slot is empty when the next_ field is zero so it's safe to zero - // the backing. -- static const bool kEmptyValueIsZero = true; -+ static const bool kEmptyValueIsZero = ValueTraits::kEmptyValueIsZero; - - static const bool kHasIsEmptyValueFunction = true; - static bool IsEmptyValue(const Node& node) { return !node.next_; } -+ static Node EmptyValue() { -+ return Node(ValueTraits::EmptyValue(), nullptr, nullptr); -+ } - - static const int kDeletedValue = -1; - -diff --git a/third_party/blink/renderer/platform/wtf/list_hash_set_test.cc b/third_party/blink/renderer/platform/wtf/list_hash_set_test.cc -index 4c3f899..cd1be00 100644 ---- a/third_party/blink/renderer/platform/wtf/list_hash_set_test.cc -+++ b/third_party/blink/renderer/platform/wtf/list_hash_set_test.cc -@@ -487,6 +487,7 @@ - }; - - struct Complicated { -+ Complicated() : Complicated(0) {} - Complicated(int value) : simple_(value) { objects_constructed_++; } - - Complicated(const Complicated& other) : simple_(other.simple_) { -@@ -495,9 +496,6 @@ - - Simple simple_; - static int objects_constructed_; -- -- private: -- Complicated() = delete; - }; - - int Complicated::objects_constructed_ = 0; -@@ -731,4 +729,45 @@ - - } // anonymous namespace - -+// A unit type which objects to its state being initialized wrong. -+struct InvalidZeroValue { -+ InvalidZeroValue() = default; -+ InvalidZeroValue(WTF::HashTableDeletedValueType) : deleted_(true) {} -+ ~InvalidZeroValue() { CHECK(ok_); } -+ bool IsHashTableDeletedValue() const { return deleted_; } -+ -+ bool ok_ = true; -+ bool deleted_ = false; -+}; -+ -+template <> -+struct HashTraits : SimpleClassHashTraits { -+ static const bool kEmptyValueIsZero = false; -+}; -+ -+template <> -+struct DefaultHash { -+ struct Hash { -+ static unsigned GetHash(const InvalidZeroValue&) { return 0; } -+ static bool Equal(const InvalidZeroValue&, const InvalidZeroValue&) { -+ return true; -+ } -+ }; -+}; -+ -+template -+class ListOrLinkedHashSetInvalidZeroTest : public testing::Test {}; -+ -+using InvalidZeroValueSetTypes = -+ testing::Types, -+ ListHashSet, -+ LinkedHashSet>; -+TYPED_TEST_SUITE(ListOrLinkedHashSetInvalidZeroTest, InvalidZeroValueSetTypes); -+ -+TYPED_TEST(ListOrLinkedHashSetInvalidZeroTest, InvalidZeroValue) { -+ using Set = TypeParam; -+ Set set; -+ set.insert(InvalidZeroValue()); -+} -+ - } // namespace WTF