morgan/helium
1
0
Fork 0
mirror of https://github.com/morgan9e/helium synced 2026-04-15 00:44:06 +09:00
Code Issues Packages Projects Releases Wiki Activity

Remove patches for Async DNS and DNS over HTTPS

Browse Source 
They require additional effort to work on desktop (e.g. Linux), where
they provide marginal benefits. On Linux, the Async DNS flag does not seem
to work in its current state, and DNS over HTTPS breaks compilation.

Thanks to @xsmile for reporting the details on these patches.

Since Android support isn't nearly ready yet, it isn't worth the effort
to maintain these patches which won't be usable by any supported
configuration. When Android support becomes ready, then DNS over HTTPS can
be added back in.

Fixes #502
This commit is contained in:
Eloston
2018-09-15 18:31:43 +00:00
parent e2e8eb8ef2
commit f05f73c9dc
5 changed files with 8 additions and 310 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
config_bundles/common/patch_order.list
View File

@@ -108,9 +108,7 @@ ungoogled-chromium/add-flag-to-force-punycode-hostnames.patch
ungoogled-chromium/fix-building-without-safebrowsing.patch
ungoogled-chromium/searx.patch
ungoogled-chromium/remove-third-party-analytics.patch
ungoogled-chromium/enable-flag-async-dns.patch
ungoogled-chromium/gn-bootstrap-remove-gn-gen.patch
bromite/fingerprinting-flags-client-rects-and-measuretext.patch
bromite/flag-dns-over-https.patch
bromite/flag-max-connections-per-host.patch

270
patches/bromite/flag-dns-over-https.patch
View File

@@ -1,270 +0,0 @@
# NOTE: A change was made in net/dns/dns_transaction.cc so that the
# request priority default would be DEFAULT_PRIORITY, and it would be
# defaulting to MAXIMUM_PRIORITY exclusively for DNS over HTTPS.
# This prevents any other DNS transport method in DnsTransactionImpl from
# getting a potentially inappropriate request priority.
# Otherwise, this patch is identical to Add-a-flag-for-DNS-over-HTTPS.patch
# from Bromite.
# Also, the Google endpoint was removed.
From: csagan5 <32685696+csagan5@users.noreply.github.com>
Date: Sat, 28 Apr 2018 08:30:26 +0200
Subject: Add a flag for DNS-over-HTTPS
Allow selection between (nothing) and Cloudflare endpoints.
Serve DoH requests with maximum priority, remove traffic annotation.
Reduce HTTP headers in DoH requests to bare minimum.
See also: https://tools.ietf.org/id/draft-ietf-doh-dns-over-https-02.txt
---
chrome/browser/about_flags.cc | 12 +++++++++
chrome/browser/flag_descriptions.cc | 3 +++
chrome/browser/flag_descriptions.h | 3 +++
.../browser/net/system_network_context_manager.cc | 12 +++++----
.../common/network_features.cc | 5 ++--
.../common/network_features.h | 5 ++--
.../common/network_switch_list.h | 4 +++
net/base/load_flags_list.h | 6 +++++
net/dns/dns_transaction.cc | 29 +++-------------------
net/url_request/url_request_http_job.cc | 26 +++++++++++--------
10 files changed, 61 insertions(+), 44 deletions(-)
--- a/chrome/browser/about_flags.cc
+++ b/chrome/browser/about_flags.cc
@@ -434,6 +434,11 @@ const FeatureEntry::Choice kChromeHomeSw
#endif // OS_ANDROID
+const FeatureEntry::Choice kDnsOverHttpsChoices[] = {
+ {features::kDnsOverHttpsChoiceDefault, "", ""},
+ {features::kDnsOverHttpsChoiceCloudflare, switches::kDnsOverHttpsServer, "https://1.1.1.1/dns-query"},
+};
+
const FeatureEntry::Choice kNumRasterThreadsChoices[] = {
{flags_ui::kGenericExperimentChoiceDefault, "", ""},
{flag_descriptions::kNumRasterThreadsOne, switches::kNumRasterThreads, "1"},
@@ -3550,6 +3555,10 @@ const FeatureEntry kFeatureEntries[] = {
flag_descriptions::kAsyncDnsDescription, kOsAll,
FEATURE_VALUE_TYPE(features::kAsyncDns)},
+ {"enable-dns-over-https", flag_descriptions::kDnsOverHttpsName,
+ flag_descriptions::kDnsOverHttpsDescription, kOsAll,
+ MULTI_VALUE_TYPE(kDnsOverHttpsChoices)},
+
{"enable-overflow-icons-for-media-controls",
flag_descriptions::kOverflowIconsForMediaControlsName,
flag_descriptions::kOverflowIconsForMediaControlsDescription, kOsAll,
--- a/chrome/browser/flag_descriptions.cc
+++ b/chrome/browser/flag_descriptions.cc
@@ -2112,6 +2112,9 @@ const char kAndroidPaymentAppsDescriptio
const char kAsyncDnsName[] = "Async DNS resolver";
const char kAsyncDnsDescription[] = "Enables the built-in DNS resolver.";
+const char kDnsOverHttpsName[] = "DNS over HTTPS";
+const char kDnsOverHttpsDescription[] = "Enables DNS-over-HTTPS (experimental).";
+
const char kAutofillAccessoryViewName[] =
"Autofill suggestions as keyboard accessory view";
const char kAutofillAccessoryViewDescription[] =
--- a/chrome/browser/flag_descriptions.h
+++ b/chrome/browser/flag_descriptions.h
@@ -1284,6 +1284,9 @@ extern const char kAppNotificationStatus
extern const char kAsyncDnsName[];
extern const char kAsyncDnsDescription[];
+extern const char kDnsOverHttpsName[];
+extern const char kDnsOverHttpsDescription[];
+
extern const char kAutofillAccessoryViewName[];
extern const char kAutofillAccessoryViewDescription[];
--- a/chrome/browser/net/system_network_context_manager.cc
+++ b/chrome/browser/net/system_network_context_manager.cc
@@ -23,6 +23,7 @@
#include "chrome/common/chrome_features.h"
#include "chrome/common/pref_names.h"
#include "components/network_session_configurator/common/network_features.h"
+#include "components/network_session_configurator/common/network_switches.h"
#include "components/policy/core/common/policy_namespace.h"
#include "components/policy/core/common/policy_service.h"
#include "components/policy/policy_constants.h"
@@ -370,11 +371,12 @@ void SystemNetworkContextManager::Regist
std::make_unique<base::ListValue>();
std::unique_ptr<base::ListValue> default_doh_server_methods =
std::make_unique<base::ListValue>();
- if (base::FeatureList::IsEnabled(features::kDnsOverHttps)) {
- base::Value server(variations::GetVariationParamValueByFeature(
- features::kDnsOverHttps, "server"));
- base::Value method(variations::GetVariationParamValueByFeature(
- features::kDnsOverHttps, "method"));
+ std::string dnsOverHttpsServer =
+ base::CommandLine::ForCurrentProcess()->GetSwitchValueASCII(
+ switches::kDnsOverHttpsServer);
+ if (!dnsOverHttpsServer.empty()) {
+ base::Value server(dnsOverHttpsServer);
+ base::Value method("POST");
if (!server.GetString().empty()) {
default_doh_servers->GetList().push_back(std::move(server));
default_doh_server_methods->GetList().push_back(std::move(method));
--- a/components/network_session_configurator/common/network_features.cc
+++ b/components/network_session_configurator/common/network_features.cc
@@ -14,7 +14,7 @@ const base::Feature kTokenBinding{"token
// TODO(nharper): Disable kChannelID on all platforms in M69.
const base::Feature kChannelID{"channel-id", base::FEATURE_ENABLED_BY_DEFAULT};
-const base::Feature kDnsOverHttps{"dns-over-https",
- base::FEATURE_DISABLED_BY_DEFAULT};
+const char kDnsOverHttpsChoiceDefault[] = "Disabled",
+ kDnsOverHttpsChoiceCloudflare[] = "Cloudflare";
} // namespace features
--- a/components/network_session_configurator/common/network_features.h
+++ b/components/network_session_configurator/common/network_features.h
@@ -17,9 +17,10 @@ NETWORK_SESSION_CONFIGURATOR_EXPORT exte
// Enables Channel ID.
NETWORK_SESSION_CONFIGURATOR_EXPORT extern const base::Feature kChannelID;
-// Enabled DNS over HTTPS
+// DNS over HTTPS server endpoint choices
// (https://tools.ietf.org/id/draft-ietf-doh-dns-over-https-02.txt).
-NETWORK_SESSION_CONFIGURATOR_EXPORT extern const base::Feature kDnsOverHttps;
+NETWORK_SESSION_CONFIGURATOR_EXPORT extern const char kDnsOverHttpsChoiceDefault[],
+ kDnsOverHttpsChoiceCloudflare[];
} // namespace features
--- a/components/network_session_configurator/common/network_switch_list.h
+++ b/components/network_session_configurator/common/network_switch_list.h
@@ -35,6 +35,10 @@ NETWORK_SWITCH(kOriginToForceQuicOn, "or
// the server.
NETWORK_SWITCH(kQuicConnectionOptions, "quic-connection-options")
+// Specifies an IETF DNS-over-HTTPS server endpoint
+// (https://tools.ietf.org/id/draft-ietf-doh-dns-over-https-02.txt).
+NETWORK_SWITCH(kDnsOverHttpsServer, "dns-over-https-server")
+
// Specifies the maximum length for a QUIC packet.
NETWORK_SWITCH(kQuicMaxPacketLength, "quic-max-packet-length")
--- a/net/base/load_flags_list.h
+++ b/net/base/load_flags_list.h
@@ -92,6 +92,12 @@ LOAD_FLAG(MAYBE_USER_GESTURE, 1 << 14)
LOAD_FLAG(DO_NOT_USE_EMBEDDED_IDENTITY, 1 << 15)
// Indicates that this request is not to be migrated to a cellular network when
+
+// This load will not send Accept-Language or User-Agent headers, and not
+// advertise brotli encoding.
+// Used to comply with IETF (draft) DNS-over-HTTPS:
+// "Implementors SHOULD NOT set non-essential HTTP headers in DoH client requests."
+LOAD_FLAG(MINIMAL_HEADERS, 1 << 18)
// QUIC connection migration is enabled.
LOAD_FLAG(DISABLE_CONNECTION_MIGRATION_TO_CELLULAR, 1 << 16)
--- a/net/dns/dns_transaction.cc
+++ b/net/dns/dns_transaction.cc
@@ -389,30 +389,14 @@ class DnsHTTPAttempt : public DnsAttempt
HttpRequestHeaders extra_request_headers;
extra_request_headers.SetHeader("Accept", kDnsOverHttpResponseContentType);
-
- request_ = url_request_context->CreateRequest(
- url, request_priority_, this,
- net::DefineNetworkTrafficAnnotation("dns_over_https", R"(
- semantics {
- sender: "DNS over HTTPS"
- description: "Domain name resolution over HTTPS"
- trigger: "User enters a navigates to a domain or Chrome otherwise "
- "makes a connection to a domain whose IP address isn't cached"
- data: "The domain name that is being requested"
- destination: OTHER
- destination_other: "The user configured DNS over HTTPS server, which"
- "may be dns.google.com"
- }
- policy {
- cookies_allowed: NO
- setting:
- "You can configure this feature via that 'dns_over_https_servers' and"
- "'dns_over_https.method' prefs. Empty lists imply this feature is"
- "disabled"
- policy_exception_justification: "Experimental feature that"
- "is disabled by default"
- }
- )"));
+ //extra_request_headers.SetHeader(HttpRequestHeaders::kUserAgent, "DoH client");
+ RequestPriority desired_request_priority;
+ if (request_priority_ == DEFAULT_PRIORITY) {
+ desired_request_priority = MAXIMUM_PRIORITY;
+ } else {
+ desired_request_priority = request_priority_;
+ }
+ request_ = url_request_context->CreateRequest(url, desired_request_priority, this);
net_log_ = request_->net_log();
if (use_post) {
@@ -430,6 +414,7 @@ class DnsHTTPAttempt : public DnsAttempt
request_->SetLoadFlags(request_->load_flags() | LOAD_DISABLE_CACHE |
LOAD_BYPASS_PROXY | LOAD_DO_NOT_SEND_COOKIES |
LOAD_DO_NOT_SAVE_COOKIES |
+ LOAD_IGNORE_LIMITS | LOAD_MINIMAL_HEADERS |
LOAD_DO_NOT_SEND_AUTH_DATA);
}
--- a/net/url_request/url_request_http_job.cc
+++ b/net/url_request/url_request_http_job.cc
@@ -434,21 +434,25 @@ void URLRequestHttpJob::Start() {
// plugin could set a referrer although sending the referrer is inhibited.
request_info_.extra_headers.RemoveHeader(HttpRequestHeaders::kReferer);
- // Our consumer should have made sure that this is a safe referrer. See for
- // instance WebCore::FrameLoader::HideReferrer.
- if (referrer.is_valid()) {
- request_info_.extra_headers.SetHeader(HttpRequestHeaders::kReferer,
+ if (!(request_info_.load_flags & LOAD_MINIMAL_HEADERS)) {
+ // Our consumer should have made sure that this is a safe referrer. See for
+ // instance WebCore::FrameLoader::HideReferrer.
+ if (referrer.is_valid()) {
+ request_info_.extra_headers.SetHeader(HttpRequestHeaders::kReferer,
referrer.spec());
+ }
}
request_info_.token_binding_referrer = request_->token_binding_referrer();
// This should be kept in sync with the corresponding code in
// URLRequest::GetUserAgent.
- request_info_.extra_headers.SetHeaderIfMissing(
+ if (!(request_info_.load_flags & LOAD_MINIMAL_HEADERS)) {
+ request_info_.extra_headers.SetHeaderIfMissing(
HttpRequestHeaders::kUserAgent,
http_user_agent_settings_ ?
http_user_agent_settings_->GetUserAgent() : std::string());
+ }
AddExtraHeaders();
AddCookieHeaderAndStart();
@@ -666,10 +670,12 @@ void URLRequestHttpJob::AddExtraHeaders(
HttpRequestHeaders::kAcceptEncoding)) {
// Advertise "br" encoding only if transferred data is opaque to proxy.
bool advertise_brotli = false;
- if (request()->context()->enable_brotli()) {
- if (request()->url().SchemeIsCryptographic() ||
- IsLocalhost(request()->url())) {
- advertise_brotli = true;
+ if (!(request_info_.load_flags & LOAD_MINIMAL_HEADERS)) {
+ if (request()->context()->enable_brotli()) {
+ if (request()->url().SchemeIsCryptographic() ||
+ IsLocalhost(request()->url())) {
+ advertise_brotli = true;
+ }
}
}
@@ -686,7 +692,7 @@ void URLRequestHttpJob::AddExtraHeaders(
advertised_encodings);
}
- if (http_user_agent_settings_) {
+ if (!(request_info_.load_flags & LOAD_MINIMAL_HEADERS) && http_user_agent_settings_) {
// Only add default Accept-Language if the request didn't have it
// specified.
std::string accept_language =

4
patches/bromite/flag-max-connections-per-host.patch
View File

@@ -17,7 +17,7 @@ with limited CPU/memory resources and it is disabled by default.
--- a/chrome/browser/about_flags.cc
+++ b/chrome/browser/about_flags.cc
@@ -849,6 +849,11 @@ const FeatureEntry::Choice kForceEffecti
@@ -844,6 +844,11 @@ const FeatureEntry::Choice kForceEffecti
net::kEffectiveConnectionType4G},
};
@@ -29,7 +29,7 @@ with limited CPU/memory resources and it is disabled by default.
// Ensure that all effective connection types returned by Network Quality
// Estimator (NQE) are also exposed via flags.
static_assert(net::EFFECTIVE_CONNECTION_TYPE_LAST + 2 ==
@@ -2466,6 +2471,9 @@ const FeatureEntry kFeatureEntries[] = {
@@ -2461,6 +2466,9 @@ const FeatureEntry kFeatureEntries[] = {
flag_descriptions::kMaterialDesignIncognitoNTPName,
flag_descriptions::kMaterialDesignIncognitoNTPDescription, kOsAndroid,
FEATURE_VALUE_TYPE(features::kMaterialDesignIncognitoNTP)},

12
patches/inox-patchset/chromium-vaapi-r18.patch
View File

@@ -36,7 +36,7 @@ Signed-off-by: Daniel Charles <daniel.charles@intel.com>
--- a/chrome/browser/about_flags.cc
+++ b/chrome/browser/about_flags.cc
@@ -1283,12 +1283,14 @@ const FeatureEntry kFeatureEntries[] = {
@@ -1278,12 +1278,14 @@ const FeatureEntry kFeatureEntries[] = {
{"ui-disable-partial-swap", flag_descriptions::kUiPartialSwapName,
flag_descriptions::kUiPartialSwapDescription, kOsAll,
SINGLE_DISABLE_VALUE_TYPE(switches::kUIDisablePartialSwap)},
@@ -51,7 +51,7 @@ Signed-off-by: Daniel Charles <daniel.charles@intel.com>
{"enable-webrtc-hw-h264-encoding",
flag_descriptions::kWebrtcHwH264EncodingName,
flag_descriptions::kWebrtcHwH264EncodingDescription, kOsAndroid | kOsCrOS,
@@ -1657,6 +1659,13 @@ const FeatureEntry kFeatureEntries[] = {
@@ -1652,6 +1654,13 @@ const FeatureEntry kFeatureEntries[] = {
flag_descriptions::kShowTouchHudDescription, kOsCrOS,
SINGLE_VALUE_TYPE(ash::switches::kAshTouchHud)},
#endif // OS_CHROMEOS
@@ -65,7 +65,7 @@ Signed-off-by: Daniel Charles <daniel.charles@intel.com>
{
"disable-accelerated-video-decode",
flag_descriptions::kAcceleratedVideoDecodeName,
@@ -1664,6 +1673,7 @@ const FeatureEntry kFeatureEntries[] = {
@@ -1659,6 +1668,7 @@ const FeatureEntry kFeatureEntries[] = {
kOsMac | kOsWin | kOsCrOS | kOsAndroid,
SINGLE_DISABLE_VALUE_TYPE(switches::kDisableAcceleratedVideoDecode),
},
@@ -73,7 +73,7 @@ Signed-off-by: Daniel Charles <daniel.charles@intel.com>
#if defined(OS_WIN)
{"enable-hdr", flag_descriptions::kEnableHDRName,
flag_descriptions::kEnableHDRDescription, kOsWin,
@@ -2336,12 +2346,17 @@ const FeatureEntry kFeatureEntries[] = {
@@ -2331,12 +2341,17 @@ const FeatureEntry kFeatureEntries[] = {
FEATURE_VALUE_TYPE(features::kOpenVR)},
#endif // ENABLE_OPENVR
#endif // ENABLE_VR
@@ -161,7 +161,7 @@ Signed-off-by: Daniel Charles <daniel.charles@intel.com>
const char kWebrtcHwH264EncodingName[] = "WebRTC hardware h264 video encoding";
const char kWebrtcHwH264EncodingDescription[] =
@@ -2899,14 +2908,16 @@ const char kTabStripKeyboardFocusDescrip
@@ -2896,14 +2905,16 @@ const char kTabStripKeyboardFocusDescrip
// Chrome OS -------------------------------------------------------------------
@@ -192,7 +192,7 @@ Signed-off-by: Daniel Charles <daniel.charles@intel.com>
extern const char kAcceleratedVideoDecodeName[];
extern const char kAcceleratedVideoDecodeDescription[];
@@ -1768,13 +1772,17 @@ extern const char kPermissionPromptPersi
@@ -1765,13 +1769,17 @@ extern const char kPermissionPromptPersi
#endif // defined(OS_MACOSX)

30
patches/ungoogled-chromium/enable-flag-async-dns.patch
View File

@@ -1,30 +0,0 @@
# Enables the --enable-async-dns feature on all platforms
# The async DNS is Chromium's built-in DNS client. It is needed to enable
# DNS over HTTPS.
--- a/chrome/browser/about_flags.cc
+++ b/chrome/browser/about_flags.cc
@@ -3537,11 +3537,9 @@ const FeatureEntry kFeatureEntries[] = {
kSpeculativePreconnectFeatureVariations,
"SpeculativePreconnectValidation")},
-#if defined(OS_ANDROID)
{"enable-async-dns", flag_descriptions::kAsyncDnsName,
- flag_descriptions::kAsyncDnsDescription, kOsAndroid,
+ flag_descriptions::kAsyncDnsDescription, kOsAll,
FEATURE_VALUE_TYPE(features::kAsyncDns)},
-#endif // defined(OS_ANDROID)
{"enable-overflow-icons-for-media-controls",
flag_descriptions::kOverflowIconsForMediaControlsName,
--- a/chrome/common/chrome_features.cc
+++ b/chrome/common/chrome_features.cc
@@ -77,7 +77,7 @@ const base::Feature kAssetDownloadSugges
// Enables the built-in DNS resolver.
const base::Feature kAsyncDns {
"AsyncDns",
-#if defined(OS_CHROMEOS) || defined(OS_MACOSX) || defined(OS_ANDROID)
+#if defined(OS_CHROMEOS) || defined(OS_ANDROID)
base::FEATURE_ENABLED_BY_DEFAULT
#else
base::FEATURE_DISABLED_BY_DEFAULT