0
0

Chromium 使用安全 DNS功能源码分析c++

一、选项页安全dns选项如下图:

二、那么如何自定义安全dns功能呢?

1、先看前端部分代码调用

  1. shared.rollup.js
  3. class PrivacyPageBrowserProxyImpl {
  4.      .................................................................
  5.     getSecureDnsResolverList() {
  6.         return sendWithPromise("getSecureDnsResolverList")  //获取dns列表
  7.     }
  8.     getSecureDnsSetting() {
  9.         return sendWithPromise("getSecureDnsSetting")     
  10.     }
  11.     isValidConfig(entry) {
  12.         return sendWithPromise("isValidConfig", entry)  //检测dns是否正确
  13.     }
  14.     probeConfig(entry) {
  15.         return sendWithPromise("probeConfig", entry)
  16.     }
  17.     static getInstance() {
  18.         return instance$g || (instance$g = new PrivacyPageBrowserProxyImpl)
  19.     }
  20.     static setInstance(obj) {
  21.         instance$g = obj
  22.     }
  23. }

2、看c++代码对应的注册函数

chrome\browser\ui\webui\settings\settings_secure_dns_handler.cc

  1. void SecureDnsHandler::RegisterMessages() {
  2.   web_ui()->RegisterMessageCallback(
  3.       "getSecureDnsResolverList",
  4.       base::BindRepeating(&SecureDnsHandler::HandleGetSecureDnsResolverList,
  5.                           base::Unretained(this)));
  7.   web_ui()->RegisterMessageCallback(
  8.       "getSecureDnsSetting",
  9.       base::BindRepeating(&SecureDnsHandler::HandleGetSecureDnsSetting,
  10.                           base::Unretained(this)));
  12.   web_ui()->RegisterMessageCallback(
  13.       "isValidConfig",
  14.       base::BindRepeating(&SecureDnsHandler::HandleIsValidConfig,
  15.                           base::Unretained(this)));
  17.   web_ui()->RegisterMessageCallback(
  18.       "probeConfig", base::BindRepeating(&SecureDnsHandler::HandleProbeConfig,
  19.                                          base::Unretained(this)));
  21.   web_ui()->RegisterMessageCallback(
  22.       "recordUserDropdownInteraction",
  23.       base::BindRepeating(
  24.           &SecureDnsHandler::HandleRecordUserDropdownInteraction,
  25.           base::Unretained(this)));
  26. }
  28. 1、先看 前端"getSecureDnsResolverList "dns列表对应c+++获取函数
  29. base::Value::List SecureDnsHandler::GetSecureDnsResolverList() {
  30.   base::Value::List resolvers;
  32.   // Add a custom option to the front of the list
  33.   base::Value::Dict custom;
  34.   custom.Set("name", l10n_util::GetStringUTF8(IDS_SETTINGS_CUSTOM));
  35.   custom.Set("value", std::string());  // Empty value means custom.
  36.   custom.Set("policy", std::string());
  37.   resolvers.Append(std::move(custom));
  38.   
  39.  //providers_ 是dns数据列表来源,定义参考下面介绍
  40.   for (const auto* entry : providers_) {
  41.     net::DnsOverHttpsConfig doh_config({entry->doh_server_config});
  42.     base::Value::Dict dict;
  43.     dict.Set("name", entry->ui_name);
  44.     dict.Set("value", doh_config.ToString());
  45.     dict.Set("policy", entry->privacy_policy);
  46.     resolvers.Append(std::move(dict));
  47.   }
  49.   // Randomize the order of the resolvers, but keep custom in first place.
  50.   base::RandomShuffle(std::next(resolvers.begin()), resolvers.end());
  52.   return resolvers;
  53. }
  55. 2、重点看providers_函数 ,其赋值和定义看代码:
  57. chrome\browser\ui\webui\settings\settings_secure_dns_handler.h
  58.   static net::DohProviderEntry::List GetFilteredProviders();
  60.   net::DohProviderEntry::List providers_ = GetFilteredProviders();
  61.   std::unique_ptr<chrome_browser_net::DnsProbeRunner> runner_;
  62.   chrome_browser_net::DnsProbeRunner::NetworkContextGetter
  63.       network_context_getter_ =
  64.           base::BindRepeating(&SecureDnsHandler::GetNetworkContext,
  65.                               base::Unretained(this));
  67. // static
  68. net::DohProviderEntry::List SecureDnsHandler::GetFilteredProviders() {
  69.   return secure_dns::ProvidersForCountry(
  70.       secure_dns::SelectEnabledProviders(net::DohProviderEntry::GetList()),
  71.       country_codes::GetCurrentCountryID());
  72. }
  74. providers_ 通过GetFilteredProviders()获取列表
  76. 3、最后看列表定义net::DohProviderEntry::GetList()
  77. net\dns\public\doh_provider_entry.cc
  78. const DohProviderEntry::List& DohProviderEntry::GetList() {
  79.   // See /net/docs/adding_doh_providers.md for instructions on modifying this
  80.   // DoH provider list.
  81.   //
  82.   // The provider names in these entries should be kept in sync with the
  83.   // DohProviderId histogram suffix list in
  84.   // tools/metrics/histograms/metadata/histogram_suffixes_list.xml.
  85.   static const base::NoDestructor<DohProviderEntry::List> providers{{
  86.       new DohProviderEntry(
  87.           "AlekBergNl",
  88.           MAKE_BASE_FEATURE_WITH_STATIC_STORAGE(
  89.               DohProviderAlekBergNl, base::FEATURE_ENABLED_BY_DEFAULT),
  90.           DohProviderIdForHistogram::kAlekBergNl,
  91.           /*ip_strs=*/{}, /*dns_over_tls_hostnames=*/{},
  92.           "https://dnsnl.alekberg.net/dns-query{?dns}",
  93.           /*ui_name=*/"alekberg.net (NL)",
  94.           /*privacy_policy=*/"https://alekberg.net/privacy",
  95.           /*display_globally=*/false,
  96.           /*display_countries=*/{"NL"}, LoggingLevel::kNormal),
  97.       new DohProviderEntry(
  98.           "CleanBrowsingAdult",
  99.           MAKE_BASE_FEATURE_WITH_STATIC_STORAGE(
  100.               DohProviderCleanBrowsingAdult, base::FEATURE_ENABLED_BY_DEFAULT),
  101.           /*provider_id_for_histogram=*/absl::nullopt,
  102.           {"185.228.168.10", "185.228.169.11", "2a0d:2a00:1::1",
  103.            "2a0d:2a00:2::1"},
  104.           /*dns_over_tls_hostnames=*/{"adult-filter-dns.cleanbrowsing.org"},
  105.           "https://doh.cleanbrowsing.org/doh/adult-filter{?dns}",
  106.           /*ui_name=*/"", /*privacy_policy=*/"",
  107.           /*display_globally=*/false, /*display_countries=*/{},
  108.           LoggingLevel::kNormal),
  109.       new DohProviderEntry(
  110.           "CleanBrowsingFamily",
  111.           MAKE_BASE_FEATURE_WITH_STATIC_STORAGE(
  112.               DohProviderCleanBrowsingFamily, base::FEATURE_ENABLED_BY_DEFAULT),
  113.           DohProviderIdForHistogram::kCleanBrowsingFamily,
  114.           {"185.228.168.168", "185.228.169.168",
  115.            "2a0d:2a00:1::", "2a0d:2a00:2::"},
  116.           /*dns_over_tls_hostnames=*/{"family-filter-dns.cleanbrowsing.org"},
  117.           "https://doh.cleanbrowsing.org/doh/family-filter{?dns}",
  118.           /*ui_name=*/"CleanBrowsing (Family Filter)",
  119.           /*privacy_policy=*/"https://cleanbrowsing.org/privacy",
  120.           /*display_globally=*/true, /*display_countries=*/{},
  121.           LoggingLevel::kNormal),
  122.       new DohProviderEntry(
  123.           "CleanBrowsingSecure",
  124.           MAKE_BASE_FEATURE_WITH_STATIC_STORAGE(
  125.               DohProviderCleanBrowsingSecure, base::FEATURE_ENABLED_BY_DEFAULT),
  126.           /*provider_id_for_histogram=*/absl::nullopt,
  127.           {"185.228.168.9", "185.228.169.9", "2a0d:2a00:1::2",
  128.            "2a0d:2a00:2::2"},
  129.           /*dns_over_tls_hostnames=*/{"security-filter-dns.cleanbrowsing.org"},
  130.           "https://doh.cleanbrowsing.org/doh/security-filter{?dns}",
  131.           /*ui_name=*/"", /*privacy_policy=*/"", /*display_globally=*/false,
  132.           /*display_countries=*/{}, LoggingLevel::kNormal),
  133.       new DohProviderEntry(
  134.           "Cloudflare",
  135.           MAKE_BASE_FEATURE_WITH_STATIC_STORAGE(
  136.               DohProviderCloudflare, base::FEATURE_ENABLED_BY_DEFAULT),
  137.           DohProviderIdForHistogram::kCloudflare,
  138.           {"1.1.1.1", "1.0.0.1", "2606:4700:4700::1111",
  139.            "2606:4700:4700::1001"},
  140.           /*dns_over_tls_hostnames=*/
  141.           {"one.one.one.one", "1dot1dot1dot1.cloudflare-dns.com"},
  142.           "https://chrome.cloudflare-dns.com/dns-query",
  143.           /*ui_name=*/"Cloudflare (1.1.1.1)",
  144.           "https://developers.cloudflare.com/1.1.1.1/privacy/"
  145.           /*privacy_policy=*/"public-dns-resolver/",
  146.           /*display_globally=*/true, /*display_countries=*/{},
  147.           LoggingLevel::kExtra),
  148.       new DohProviderEntry(
  149.           "Comcast",
  150.           MAKE_BASE_FEATURE_WITH_STATIC_STORAGE(
  151.               DohProviderComcast, base::FEATURE_ENABLED_BY_DEFAULT),
  152.           /*provider_id_for_histogram=*/absl::nullopt,
  153.           {"75.75.75.75", "75.75.76.76", "2001:558:feed::1",
  154.            "2001:558:feed::2"},
  155.           /*dns_over_tls_hostnames=*/{"dot.xfinity.com"},
  156.           "https://doh.xfinity.com/dns-query{?dns}", /*ui_name=*/"",
  157.           /*privacy_policy*/ "", /*display_globally=*/false,
  158.           /*display_countries=*/{}, LoggingLevel::kExtra),
  159.       new DohProviderEntry(
  160.           "Cox",
  161.           MAKE_BASE_FEATURE_WITH_STATIC_STORAGE(
  162.               DohProviderCox, base::FEATURE_DISABLED_BY_DEFAULT),
  163.           /*provider_id_for_histogram=*/absl::nullopt,
  164.           {"68.105.28.11", "68.105.28.12", "2001:578:3f::30"},
  165.           /*dns_over_tls_hostnames=*/{"dot.cox.net"},
  166.           "https://doh.cox.net/dns-query",
  167.           /*ui_name=*/"", /*privacy_policy=*/"",
  168.           /*display_globally=*/false, /*display_countries=*/{},
  169.           LoggingLevel::kNormal),
  170.       new DohProviderEntry(
  171.           "Cznic",
  172.           MAKE_BASE_FEATURE_WITH_STATIC_STORAGE(
  173.               DohProviderCznic, base::FEATURE_ENABLED_BY_DEFAULT),
  174.           DohProviderIdForHistogram::kCznic,
  175.           {"185.43.135.1", "193.17.47.1", "2001:148f:fffe::1",
  176.            "2001:148f:ffff::1"},
  177.           /*dns_over_tls_hostnames=*/{"odvr.nic.cz"}, "https://odvr.nic.cz/doh",
  178.           /*ui_name=*/"CZ.NIC ODVR",
  179.           /*privacy_policy=*/"https://www.nic.cz/odvr/",
  180.           /*display_globally=*/false, /*display_countries=*/{"CZ"},
  181.           LoggingLevel::kNormal),
  182.       new DohProviderEntry(
  183.           "Dnssb",
  184.           MAKE_BASE_FEATURE_WITH_STATIC_STORAGE(
  185.               DohProviderDnssb, base::FEATURE_ENABLED_BY_DEFAULT),
  186.           DohProviderIdForHistogram::kDnsSb,
  187.           {"185.222.222.222", "45.11.45.11", "2a09::", "2a11::"},
  188.           /*dns_over_tls_hostnames=*/{"dns.sb"},
  189.           "https://doh.dns.sb/dns-query{?dns}", /*ui_name=*/"DNS.SB",
  190.           /*privacy_policy=*/"https://dns.sb/privacy/",
  191.           /*display_globally=*/false, /*display_countries=*/{"EE", "DE"},
  192.           LoggingLevel::kNormal),
  193.       new DohProviderEntry(
  194.           "Google",
  195.           MAKE_BASE_FEATURE_WITH_STATIC_STORAGE(
  196.               DohProviderGoogle, base::FEATURE_ENABLED_BY_DEFAULT),
  197.           DohProviderIdForHistogram::kGoogle,
  198.           {"8.8.8.8", "8.8.4.4", "2001:4860:4860::8888",
  199.            "2001:4860:4860::8844"},
  200.           /*dns_over_tls_hostnames=*/
  201.           {"dns.google", "dns.google.com", "8888.google"},
  202.           "https://dns.google/dns-query{?dns}",
  203.           /*ui_name=*/"Google (Public DNS)",
  204.           "https://developers.google.com/speed/public-dns/"
  205.           /*privacy_policy=*/"privacy",
  206.           /*display_globally=*/true, /*display_countries=*/{},
  207.           LoggingLevel::kExtra),
  208.       new DohProviderEntry(
  209.           "GoogleDns64",
  210.           MAKE_BASE_FEATURE_WITH_STATIC_STORAGE(
  211.               DohProviderGoogleDns64, base::FEATURE_ENABLED_BY_DEFAULT),
  212.           /*provider_id_for_histogram=*/absl::nullopt,
  213.           {"2001:4860:4860::64", "2001:4860:4860::6464"},
  214.           /*dns_over_tls_hostnames=*/{"dns64.dns.google"},
  215.           "https://dns64.dns.google/dns-query{?dns}",
  216.           /*ui_name=*/"", /*privacy_policy=*/"",
  217.           /*display_globally=*/false,
  218.           /*display_countries=*/{}, LoggingLevel::kNormal),
  219.       new DohProviderEntry(
  220.           "Iij",
  221.           MAKE_BASE_FEATURE_WITH_STATIC_STORAGE(
  222.               DohProviderIij, base::FEATURE_ENABLED_BY_DEFAULT),
  223.           DohProviderIdForHistogram::kIij, /*ip_strs=*/{},
  224.           /*dns_over_tls_hostnames=*/{}, "https://public.dns.iij.jp/dns-query",
  225.           /*ui_name=*/"IIJ (Public DNS)",
  226.           /*privacy_policy=*/"https://public.dns.iij.jp/",
  227.           /*display_globally=*/false, /*display_countries=*/{"JP"},
  228.           LoggingLevel::kNormal),
  229.       new DohProviderEntry(
  230.           "NextDns",
  231.           MAKE_BASE_FEATURE_WITH_STATIC_STORAGE(
  232.               DohProviderNextDns, base::FEATURE_ENABLED_BY_DEFAULT),
  233.           DohProviderIdForHistogram::kNextDns, /*ip_strs=*/{},
  234.           /*dns_over_tls_hostnames=*/{}, "https://chromium.dns.nextdns.io",
  235.           /*ui_name=*/"NextDNS",
  236.           /*privacy_policy=*/"https://nextdns.io/privacy",
  237.           /*display_globally=*/false, /*display_countries=*/{"US"},
  238.           LoggingLevel::kNormal),
  239.       new DohProviderEntry(
  240.           "OpenDNS",
  241.           MAKE_BASE_FEATURE_WITH_STATIC_STORAGE(
  242.               DohProviderOpenDNS, base::FEATURE_ENABLED_BY_DEFAULT),
  243.           DohProviderIdForHistogram::kOpenDns,
  244.           {"208.67.222.222", "208.67.220.220", "2620:119:35::35",
  245.            "2620:119:53::53"},
  246.           /*dns_over_tls_hostnames=*/{},
  247.           "https://doh.opendns.com/dns-query{?dns}", /*ui_name=*/"OpenDNS",
  248.           "https://www.cisco.com/c/en/us/about/legal/"
  249.           /*privacy_policy=*/"privacy-full.html",
  250.           /*display_globally=*/true, /*display_countries=*/{},
  251.           LoggingLevel::kNormal),
  252.       new DohProviderEntry(
  253.           "OpenDNSFamily",
  254.           MAKE_BASE_FEATURE_WITH_STATIC_STORAGE(
  255.               DohProviderOpenDNSFamily, base::FEATURE_ENABLED_BY_DEFAULT),
  256.           /*provider_id_for_histogram=*/absl::nullopt,
  257.           {"208.67.222.123", "208.67.220.123", "2620:119:35::123",
  258.            "2620:119:53::123"},
  259.           /*dns_over_tls_hostnames=*/{},
  260.           "https://doh.familyshield.opendns.com/dns-query{?dns}",
  261.           /*ui_name=*/"", /*privacy_policy=*/"", /*display_globally=*/false,
  262.           /*display_countries=*/{}, LoggingLevel::kNormal),
  263.       new DohProviderEntry(
  264.           "Quad9Cdn",
  265.           MAKE_BASE_FEATURE_WITH_STATIC_STORAGE(
  266.               DohProviderQuad9Cdn, base::FEATURE_ENABLED_BY_DEFAULT),
  267.           /*provider_id_for_histogram=*/absl::nullopt,
  268.           {"9.9.9.11", "149.112.112.11", "2620:fe::11", "2620:fe::fe:11"},
  269.           /*dns_over_tls_hostnames=*/{"dns11.quad9.net"},
  270.           "https://dns11.quad9.net/dns-query", /*ui_name=*/"",
  271.           /*privacy_policy=*/"", /*display_globally=*/false,
  272.           /*display_countries=*/{}, LoggingLevel::kNormal),
  273.       new DohProviderEntry(
  274.           "Quad9Insecure",
  275.           MAKE_BASE_FEATURE_WITH_STATIC_STORAGE(
  276.               DohProviderQuad9Insecure, base::FEATURE_ENABLED_BY_DEFAULT),
  277.           /*provider_id_for_histogram=*/absl::nullopt,
  278.           {"9.9.9.10", "149.112.112.10", "2620:fe::10", "2620:fe::fe:10"},
  279.           /*dns_over_tls_hostnames=*/{"dns10.quad9.net"},
  280.           "https://dns10.quad9.net/dns-query", /*ui_name=*/"",
  281.           /*privacy_policy=*/"", /*display_globally=*/false,
  282.           /*display_countries=*/{}, LoggingLevel::kNormal),
  283.       new DohProviderEntry(
  284.           "Quad9Secure",
  285.           MAKE_BASE_FEATURE_WITH_STATIC_STORAGE(
  286.               DohProviderQuad9Secure, base::FEATURE_DISABLED_BY_DEFAULT),
  287.           DohProviderIdForHistogram::kQuad9Secure,
  288.           {"9.9.9.9", "149.112.112.112", "2620:fe::fe", "2620:fe::9"},
  289.           /*dns_over_tls_hostnames=*/{"dns.quad9.net", "dns9.quad9.net"},
  290.           "https://dns.quad9.net/dns-query", /*ui_name=*/"Quad9 (9.9.9.9)",
  291.           /*privacy_policy=*/"https://www.quad9.net/home/privacy/",
  292.           /*display_globally=*/true, /*display_countries=*/{},
  293.           LoggingLevel::kExtra),
  294.       new DohProviderEntry(
  295.           "Quickline",
  296.           MAKE_BASE_FEATURE_WITH_STATIC_STORAGE(
  297.               DohProviderQuickline, base::FEATURE_ENABLED_BY_DEFAULT),
  298.           /*provider_id_for_histogram=*/absl::nullopt,
  299.           {"212.60.61.246", "212.60.63.246", "2001:1a88:10:ffff::1",
  300.            "2001:1a88:10:ffff::2"},
  301.           /*dns_over_tls_hostnames=*/{"dot.quickline.ch"},
  302.           "https://doh.quickline.ch/dns-query{?dns}",
  303.           /*ui_name=*/"", /*privacy_policy=*/"",
  304.           /*display_globally=*/false,
  305.           /*display_countries=*/{}, LoggingLevel::kNormal),
  306.       new DohProviderEntry(
  307.           "Spectrum1",
  308.           MAKE_BASE_FEATURE_WITH_STATIC_STORAGE(
  309.               DohProviderSpectrum1, base::FEATURE_ENABLED_BY_DEFAULT),
  310.           /*provider_id_for_histogram=*/absl::nullopt,
  311.           {"209.18.47.61", "209.18.47.62", "2001:1998:0f00:0001::1",
  312.            "2001:1998:0f00:0002::1"},
  313.           /*dns_over_tls_hostnames=*/{},
  314.           "https://doh-01.spectrum.com/dns-query{?dns}",
  315.           /*ui_name=*/"", /*privacy_policy=*/"",
  316.           /*display_globally=*/false,
  317.           /*display_countries=*/{}, LoggingLevel::kNormal),
  318.       new DohProviderEntry(
  319.           "Spectrum2",
  320.           MAKE_BASE_FEATURE_WITH_STATIC_STORAGE(
  321.               DohProviderSpectrum2, base::FEATURE_ENABLED_BY_DEFAULT),
  322.           /*provider_id_for_histogram=*/absl::nullopt,
  323.           {"209.18.47.61", "209.18.47.62", "2001:1998:0f00:0001::1",
  324.            "2001:1998:0f00:0002::1"},
  325.           /*dns_over_tls_hostnames=*/{},
  326.           "https://doh-02.spectrum.com/dns-query{?dns}",
  327.           /*ui_name=*/"", /*privacy_policy=*/"",
  328.           /*display_globally=*/false,
  329.           /*display_countries=*/{}, LoggingLevel::kNormal),
  330.       new DohProviderEntry(
  331.           "Switch",
  332.           MAKE_BASE_FEATURE_WITH_STATIC_STORAGE(
  333.               DohProviderSwitch, base::FEATURE_DISABLED_BY_DEFAULT),
  334.           /*provider_id_for_histogram=*/absl::nullopt,
  335.           {"130.59.31.251", "130.59.31.248", "2001:620:0:ff::2",
  336.            "2001:620:0:ff::3"},
  337.           /*dns_over_tls_hostnames=*/{"dns.switch.ch"},
  338.           "https://dns.switch.ch/dns-query", /*ui_name=*/"",
  339.           /*privacy_policy=*/"", /*display_globally=*/false,
  340.           /*display_countries=*/{}, LoggingLevel::kNormal),
  341.   }};
  342.   return *providers;
  343. }

三、至此数据来源分析完毕,如果想要用自己的dns只需要在
net\dns\public\doh_provider_entry.cc
const DohProviderEntry::List& DohProviderEntry::GetList() 函数里面按照此格式追加即可。
不同版本内核的浏览器有所差异。

标签: 安全 c++ windows
本文转载自: https://blog.csdn.net/jangdong/article/details/142633166
版权归原作者 风清扬_jd 所有, 如有侵权,请联系我们删除。
登录后发布评论

“Chromium 使用安全 DNS功能源码分析c++”的评论:

还没有评论
关于作者
...
overfit同步小助手
文章同步
相关阅读

网络安全法-网络运行安全

使用selenium/drissionpage时如何阻止chrome自动跳转http到https

docker desktop 里部署的Open WebUI 管理员密码忘记了的处理方法

在ubuntu20.04中搭建onsite比赛运行环境

利用开源的低代码表单设计器FcDesigner高效管理和渲染复杂表单结构

Kafka学习笔记

【前端】浏览器输入url到页面呈现发生了什么?

文章导航
没有找到文章内容分段。。。