1*6777b538SAndroid Build Coastguard Worker# Copyright 2016 The Chromium Authors 2*6777b538SAndroid Build Coastguard Worker# Use of this source code is governed by a BSD-style license that can be 3*6777b538SAndroid Build Coastguard Worker# found in the LICENSE file. 4*6777b538SAndroid Build Coastguard Worker 5*6777b538SAndroid Build Coastguard Workerimport("//build/config/cronet/config.gni") 6*6777b538SAndroid Build Coastguard Workerimport("//build/config/features.gni") 7*6777b538SAndroid Build Coastguard Worker 8*6777b538SAndroid Build Coastguard Workerdeclare_args() { 9*6777b538SAndroid Build Coastguard Worker # Disables support for file URLs. File URL support requires use of icu. 10*6777b538SAndroid Build Coastguard Worker # Cronet does not support file URLs. 11*6777b538SAndroid Build Coastguard Worker disable_file_support = is_cronet_build 12*6777b538SAndroid Build Coastguard Worker 13*6777b538SAndroid Build Coastguard Worker # WebSockets and socket stream code are not used when blink is not used 14*6777b538SAndroid Build Coastguard Worker # and are optional in cronet. 15*6777b538SAndroid Build Coastguard Worker enable_websockets = use_blink 16*6777b538SAndroid Build Coastguard Worker 17*6777b538SAndroid Build Coastguard Worker # Enable Kerberos authentication. It is disabled by default on iOS, Fuchsia 18*6777b538SAndroid Build Coastguard Worker # and Chromecast, at least for now. This feature needs configuration 19*6777b538SAndroid Build Coastguard Worker # (krb5.conf and so on). 20*6777b538SAndroid Build Coastguard Worker # TODO(fuchsia): Enable kerberos on Fuchsia when it's implemented there. 21*6777b538SAndroid Build Coastguard Worker use_kerberos = !is_ios && !is_fuchsia && !is_castos && !is_cast_android 22*6777b538SAndroid Build Coastguard Worker 23*6777b538SAndroid Build Coastguard Worker # Do not disable brotli filter by default. 24*6777b538SAndroid Build Coastguard Worker disable_brotli_filter = false 25*6777b538SAndroid Build Coastguard Worker 26*6777b538SAndroid Build Coastguard Worker # Do not disable zstd filter by default, except for Cronet builds. 27*6777b538SAndroid Build Coastguard Worker disable_zstd_filter = is_cronet_build 28*6777b538SAndroid Build Coastguard Worker 29*6777b538SAndroid Build Coastguard Worker # Multicast DNS. 30*6777b538SAndroid Build Coastguard Worker enable_mdns = is_win || is_linux || is_chromeos || is_fuchsia || is_apple 31*6777b538SAndroid Build Coastguard Worker 32*6777b538SAndroid Build Coastguard Worker # Reporting not used on iOS. 33*6777b538SAndroid Build Coastguard Worker enable_reporting = !is_ios 34*6777b538SAndroid Build Coastguard Worker 35*6777b538SAndroid Build Coastguard Worker # Includes the transport security state preload list. This list includes 36*6777b538SAndroid Build Coastguard Worker # mechanisms (e.g. HSTS, HPKP) to enforce trusted connections to a significant 37*6777b538SAndroid Build Coastguard Worker # set of hardcoded domains. While this list has a several hundred KB of binary 38*6777b538SAndroid Build Coastguard Worker # size footprint, this flag should not be disabled unless the embedder is 39*6777b538SAndroid Build Coastguard Worker # willing to take the responsibility to make sure that all important 40*6777b538SAndroid Build Coastguard Worker # connections use HTTPS. 41*6777b538SAndroid Build Coastguard Worker include_transport_security_state_preload_list = true 42*6777b538SAndroid Build Coastguard Worker 43*6777b538SAndroid Build Coastguard Worker # Platforms for which certificate verification can be performed either using 44*6777b538SAndroid Build Coastguard Worker # the builtin cert verifier with the Chrome Root Store, or with the platform 45*6777b538SAndroid Build Coastguard Worker # verifier. 46*6777b538SAndroid Build Coastguard Worker # 47*6777b538SAndroid Build Coastguard Worker # Currently this is used only for Android because WebView does not use the 48*6777b538SAndroid Build Coastguard Worker # builtin cert verifier, but uses the Android cert verifier. 49*6777b538SAndroid Build Coastguard Worker chrome_root_store_optional = is_android && !is_cronet_build 50*6777b538SAndroid Build Coastguard Worker 51*6777b538SAndroid Build Coastguard Worker # Platforms for which certificate verification can only be performed using 52*6777b538SAndroid Build Coastguard Worker # the builtin cert verifier with the Chrome Root Store. 53*6777b538SAndroid Build Coastguard Worker chrome_root_store_only = is_win || is_mac || is_linux || is_chromeos 54*6777b538SAndroid Build Coastguard Worker 55*6777b538SAndroid Build Coastguard Worker # DBSC is only supported on windows for now 56*6777b538SAndroid Build Coastguard Worker enable_device_bound_sessions = is_win 57*6777b538SAndroid Build Coastguard Worker} 58*6777b538SAndroid Build Coastguard Worker 59*6777b538SAndroid Build Coastguard Workerassert(!chrome_root_store_optional || !chrome_root_store_only, 60*6777b538SAndroid Build Coastguard Worker "at most one of chrome_root_store_optional and chrome_root_store_only " + 61*6777b538SAndroid Build Coastguard Worker "may be true") 62*6777b538SAndroid Build Coastguard Worker 63*6777b538SAndroid Build Coastguard Worker# Needs to be in a separate declare_args since it refers to args set in the 64*6777b538SAndroid Build Coastguard Worker# previous declare_args block. 65*6777b538SAndroid Build Coastguard Workerdeclare_args() { 66*6777b538SAndroid Build Coastguard Worker # All platforms for which certificate verification can be performed using the 67*6777b538SAndroid Build Coastguard Worker # builtin cert verifier with the Chrome Root Store. This includes both 68*6777b538SAndroid Build Coastguard Worker # platforms where use of the Chrome Root Store is optional and platforms 69*6777b538SAndroid Build Coastguard Worker # where it is the only supported method. 70*6777b538SAndroid Build Coastguard Worker chrome_root_store_supported = 71*6777b538SAndroid Build Coastguard Worker chrome_root_store_optional || chrome_root_store_only 72*6777b538SAndroid Build Coastguard Worker} 73