Allow configuration of DNS-over-HTTPS

Implement QWebEngineGlobalSettings, a singleton class that contains
global web engine settings (currently only for DoH).

Allow the user to configure the stub host resolver to enable
DNS-over-HTTPS.

Fixes: QTBUG-98284
Change-Id: I1b06737c84e1b8d613aa257f4a891f82cac21013
Reviewed-by: Michael Brüning <michael.bruning@qt.io>

6 files changed, 210 insertions, 9 deletions

diff --git a/src/core/api/CMakeLists.txt b/src/core/api/CMakeLists.txt
index ba973fd32..32b3451bd 100644
--- a/src/core/api/CMakeLists.txt
+++ b/src/core/api/CMakeLists.txt
@@ -38,6 +38,7 @@ qt_internal_add_module(WebEngineCore
         qwebengineurlrequestjob.cpp qwebengineurlrequestjob.h
         qwebengineurlscheme.cpp qwebengineurlscheme.h
         qwebengineurlschemehandler.cpp qwebengineurlschemehandler.h
+        qwebengineglobalsettings.cpp qwebengineglobalsettings.h qwebengineglobalsettings_p.h
     DEFINES
         BUILDING_CHROMIUM
         NOMINMAX
@@ -46,6 +47,7 @@ qt_internal_add_module(WebEngineCore
         ../../3rdparty/chromium
         ../../3rdparty/chromium/third_party/abseil-cpp
         ../../3rdparty/chromium/third_party/perfetto/include
+        ../../3rdparty/chromium/third_party/boringssl/src/include
     LIBRARIES
         Qt::CorePrivate
         Qt::GuiPrivate
diff --git a/src/core/api/qwebengineglobalsettings.cpp b/src/core/api/qwebengineglobalsettings.cpp
new file mode 100644
index 000000000..685d9d593
--- /dev/null
+++ b/src/core/api/qwebengineglobalsettings.cpp
@@ -0,0 +1,92 @@
+// Copyright (C) 2023 The Qt Company Ltd.
+// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
+
+#include "services/network/network_service.h"
+#include "content/public/browser/network_service_instance.h"
+
+#include "qwebengineglobalsettings.h"
+#include "qwebengineglobalsettings_p.h"
+
+QT_BEGIN_NAMESPACE
+
+/*!
+    \class QWebEngineGlobalSettings
+    \brief The QWebEngineGlobalSettings class configures global properties of the web engine.
+    \since 6.6
+    \inmodule QtWebEngineCore
+
+    The QWebEngineGlobalSettings class is a singleton that configures global properties
+    of the web engine.
+
+    Invoke configureDnsOverHttps() to configure DNS-over-HTTPS capabilities.
+
+    \sa QWebEngineGlobalSettings::configureDnsOverHttps()
+*/
+
+QWebEngineGlobalSettings::QWebEngineGlobalSettings(QObject *p)
+    : QObject(p), d_ptr(new QWebEngineGlobalSettingsPrivate)
+{
+}
+
+QWebEngineGlobalSettings::~QWebEngineGlobalSettings() { }
+
+/*!
+    \fn QWebEngineGlobalSettings *QWebEngineGlobalSettings::GetInstance()
+
+    Gets the global instance of QWebEngineGlobalSettings.
+*/
+QWebEngineGlobalSettings *QWebEngineGlobalSettings::GetInstance()
+{
+    static QWebEngineGlobalSettings settings;
+    return &settings;
+}
+
+/*!
+    \enum QWebEngineGlobalSettings::DnsMode
+
+    This enum sets the DNS-over-HTTPS mode:
+
+    \value WithFallback Enable DNS-over-HTTPS with fallbacks. If a host
+    can't be resolved, try the insecure DNS client of Chromium. If that fails as
+    well, try the system DNS host resolution, which can be secure or insecure.
+    \value Secure Enable DNS-over-HTTPS and only allow the secure Chromium
+    DNS client to resolve hosts.
+*/
+
+/*!
+    \fn QWebEngineGlobalSettings::configureDnsOverHttps(const DnsMode dnsMode,
+                                                        const QString &dnsOverHttpsTemplates)
+
+    Configures the Chromium stub host resolver, thus allowing DNS-over-HTTPS functionality.
+
+    Set \a dnsMode to QWebEngineGlobalSettings::DnsMode::WithFallback to enable secure DNS
+    host resolution with a fallback to insecure DNS host resolution and a final fallback to
+    the system DNS resolution, which can be secure or insecure. Set it to
+    QWebEngineGlobalSettings::DnsMode::Secure to only allow secure DNS host resolution via
+    the Chromium DNS client.
+
+    Independently of \a {dnsMode}, \a dnsOverHttpsTemplates has to be set to one or multiple
+    valid \l{https://datatracker.ietf.org/doc/html/rfc6570}{URI templates} separated by
+    whitespace characters. One example URI template is https://dns.google/dns-query{?dns}.
+*/
+void QWebEngineGlobalSettings::configureDnsOverHttps(const DnsMode dnsMode,
+                                                     const QString &dnsOverHttpsTemplates)
+{
+    Q_D(QWebEngineGlobalSettings);
+
+    d->dnsMode = dnsMode;
+    d->dnsOverHttpsTemplates = dnsOverHttpsTemplates.toStdString();
+    d->isDnsOverHttpsUserConfigured = true;
+
+    // Make sure that DoH settings are in effect immediately if the network service already exists,
+    // thus allowing to change DoH configuration at any point
+    network::mojom::NetworkService *networkService = content::GetNetworkService();
+    if (networkService) {
+        networkService->ConfigureStubHostResolver(
+                d->insecureDnsClientEnabled, net::SecureDnsMode(d->dnsMode),
+                *net::DnsOverHttpsConfig::FromString(d->dnsOverHttpsTemplates),
+                d->additionalInsecureDnsTypesEnabled);
+    }
+}
+
+QT_END_NAMESPACE
diff --git a/src/core/api/qwebengineglobalsettings.h b/src/core/api/qwebengineglobalsettings.h
new file mode 100644
index 000000000..a65a08359
--- /dev/null
+++ b/src/core/api/qwebengineglobalsettings.h
@@ -0,0 +1,42 @@
+// Copyright (C) 2023 The Qt Company Ltd.
+// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
+
+#ifndef QWEBENGINEGLOBALSETTINGS_H
+#define QWEBENGINEGLOBALSETTINGS_H
+
+#include <QtWebEngineCore/qtwebenginecoreglobal.h>
+#include <QtCore/QObject>
+#include <QtCore/QScopedPointer>
+
+namespace QtWebEngineCore {
+class SystemNetworkContextManager;
+}
+
+QT_BEGIN_NAMESPACE
+
+class QWebEngineGlobalSettingsPrivate;
+
+class Q_WEBENGINECORE_EXPORT QWebEngineGlobalSettings : public QObject
+{
+    Q_OBJECT
+    Q_DISABLE_COPY(QWebEngineGlobalSettings)
+public:
+    static QWebEngineGlobalSettings *GetInstance();
+
+    // Mapping net::SecureDnsMode
+    enum class DnsMode { WithFallback = 1, Secure = 2 };
+
+    void configureDnsOverHttps(const DnsMode dnsMode, const QString &dnsOverHttpsTemplates);
+
+private:
+    QWebEngineGlobalSettings(QObject *p = nullptr);
+    ~QWebEngineGlobalSettings();
+
+    friend class QtWebEngineCore::SystemNetworkContextManager;
+    Q_DECLARE_PRIVATE(QWebEngineGlobalSettings)
+    QScopedPointer<QWebEngineGlobalSettingsPrivate> d_ptr;
+};
+
+QT_END_NAMESPACE
+
+#endif // QWEBENGINEGLOBALSETTINGS_H
diff --git a/src/core/api/qwebengineglobalsettings_p.h b/src/core/api/qwebengineglobalsettings_p.h
new file mode 100644
index 000000000..4c15f62b0
--- /dev/null
+++ b/src/core/api/qwebengineglobalsettings_p.h
@@ -0,0 +1,43 @@
+// Copyright (C) 2023 The Qt Company Ltd.
+// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
+
+#ifndef QWEBENGINEGLOBALSETTINGS_P_H
+#define QWEBENGINEGLOBALSETTINGS_P_H
+
+//
+//  W A R N I N G
+//  -------------
+//
+// This file is not part of the Qt API.  It exists purely as an
+// implementation detail. This header file may change from version to
+// version without notice, or even be removed.
+//
+// We mean it.
+//
+
+#include "qtwebenginecoreglobal_p.h"
+#include "qwebengineglobalsettings.h"
+#include <string>
+
+QT_BEGIN_NAMESPACE
+
+class Q_WEBENGINECORE_PRIVATE_EXPORT QWebEngineGlobalSettingsPrivate
+{
+public:
+    QWebEngineGlobalSettingsPrivate()
+        : dnsMode(QWebEngineGlobalSettings::DnsMode::WithFallback)
+        , dnsOverHttpsTemplates("")
+        , insecureDnsClientEnabled(true)
+        , additionalInsecureDnsTypesEnabled(true)
+        , isDnsOverHttpsUserConfigured(false){};
+
+    QWebEngineGlobalSettings::DnsMode dnsMode;
+    std::string dnsOverHttpsTemplates;
+    bool insecureDnsClientEnabled;
+    bool additionalInsecureDnsTypesEnabled;
+    bool isDnsOverHttpsUserConfigured;
+};
+
+QT_END_NAMESPACE
+
+#endif // QWEBENGINEGLOBALSETTINGS_P_H
diff --git a/src/core/net/system_network_context_manager.cpp b/src/core/net/system_network_context_manager.cpp
index 83e122aab..8df65b7a5 100644
--- a/src/core/net/system_network_context_manager.cpp
+++ b/src/core/net/system_network_context_manager.cpp
@@ -29,6 +29,8 @@
 #include "services/network/public/mojom/cert_verifier_service.mojom.h"
 #include "services/network/public/mojom/network_context.mojom.h"
 #include "services/proxy_resolver/public/mojom/proxy_resolver.mojom.h"
+#include "api/qwebengineglobalsettings.h"
+#include "api/qwebengineglobalsettings_p.h"
 
 #if BUILDFLAG(IS_WIN)
 #include "chrome/browser/net/chrome_mojo_proxy_resolver_win.h"
@@ -38,9 +40,6 @@
 
 namespace {
 
-// The global instance of the SystemNetworkContextmanager.
-SystemNetworkContextManager *g_system_network_context_manager = nullptr;
-
 network::mojom::HttpAuthStaticParamsPtr CreateHttpAuthStaticParams()
 {
     network::mojom::HttpAuthStaticParamsPtr auth_static_params =
@@ -65,6 +64,11 @@ network::mojom::HttpAuthDynamicParamsPtr CreateHttpAuthDynamicParams()
 
 } // namespace
 
+namespace QtWebEngineCore {
+
+// The global instance of the SystemNetworkContextmanager.
+SystemNetworkContextManager *g_system_network_context_manager = nullptr;
+
 // SharedURLLoaderFactory backed by a SystemNetworkContextManager and its
 // network context. Transparently handles crashes.
 class SystemNetworkContextManager::URLLoaderFactoryForSystem : public network::SharedURLLoaderFactory
@@ -255,12 +259,24 @@ void SystemNetworkContextManager::OnNetworkServiceCreated(network::mojom::Networ
 
         network_service->SetExplicitlyAllowedPorts(explicitly_allowed_network_ports);
     }
-    // Configure the stub resolver. This must be done after the system
-    // NetworkContext is created, but before anything has the chance to use it.
-    //    bool stub_resolver_enabled;
-    //    absl::optional<std::vector<network::mojom::DnsOverHttpsServerPtr>> dns_over_https_servers;
-    //    GetStubResolverConfig(local_state_, &stub_resolver_enabled, &dns_over_https_servers);
-    //    content::GetNetworkService()->ConfigureStubHostResolver(stub_resolver_enabled, std::move(dns_over_https_servers));
+
+    // The network service is a singleton that can be reinstantiated for different reasons,
+    // e.g., when the network service crashes. Therefore, we configure the stub host
+    // resolver of the network service here, each time it is instantiated, with our global
+    // DNS-Over-HTTPS settings. This ensures that the global settings don't get lost
+    // on reinstantiation and are in effect upon initial instantiation.
+    QWebEngineGlobalSettings *const globalSettings = QWebEngineGlobalSettings::GetInstance();
+    if (globalSettings->d_ptr->isDnsOverHttpsUserConfigured) {
+        const bool insecureDnsClientEnabled = globalSettings->d_ptr->insecureDnsClientEnabled;
+        const bool additionalInsecureDnsTypesEnabled =
+                globalSettings->d_ptr->additionalInsecureDnsTypesEnabled;
+        const net::SecureDnsMode dnsMode = net::SecureDnsMode(globalSettings->d_ptr->dnsMode);
+        const absl::optional<net::DnsOverHttpsConfig> dnsOverHttpsTemplates =
+                net::DnsOverHttpsConfig::FromString(globalSettings->d_ptr->dnsOverHttpsTemplates);
+        content::GetNetworkService()->ConfigureStubHostResolver(insecureDnsClientEnabled, dnsMode,
+                                                                *dnsOverHttpsTemplates,
+                                                                additionalInsecureDnsTypesEnabled);
+    }
 }
 
 void SystemNetworkContextManager::AddSSLConfigToNetworkContextParams(network::mojom::NetworkContextParams *network_context_params)
@@ -320,3 +336,5 @@ network::mojom::NetworkContextParamsPtr SystemNetworkContextManager::CreateNetwo
          content::GetCertVerifierParams(std::move(cert_verifier_creation_params));
     return network_context_params;
 }
+
+} // namespace QtWebEngineCore
diff --git a/src/core/net/system_network_context_manager.h b/src/core/net/system_network_context_manager.h
index fa761cb44..d56bdab78 100644
--- a/src/core/net/system_network_context_manager.h
+++ b/src/core/net/system_network_context_manager.h
@@ -28,6 +28,8 @@ class URLLoaderFactory;
 class SharedURLLoaderFactory;
 } // namespace network
 
+namespace QtWebEngineCore {
+
 // Responsible for creating and managing access to the system NetworkContext.
 // Lives on the UI thread. The NetworkContext this owns is intended for requests
 // not associated with a profile. It stores no data on disk, and has no HTTP
@@ -114,4 +116,6 @@ private:
     ProxyConfigMonitor proxy_config_monitor_;
 };
 
+} // namespace QtWebEngineCore
+
 #endif // SYSTEM_NETWORK_CONTEXT_MANAGER_H_