1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "net/http/http_proxy_client_socket_pool.h"
9 #include "base/compiler_specific.h"
10 #include "base/time/time.h"
11 #include "base/values.h"
12 #include "net/base/load_flags.h"
13 #include "net/base/net_errors.h"
14 #include "net/http/http_network_session.h"
15 #include "net/http/http_proxy_client_socket.h"
16 #include "net/socket/client_socket_factory.h"
17 #include "net/socket/client_socket_handle.h"
18 #include "net/socket/client_socket_pool_base.h"
19 #include "net/socket/ssl_client_socket.h"
20 #include "net/socket/ssl_client_socket_pool.h"
21 #include "net/socket/transport_client_socket_pool.h"
22 #include "net/spdy/spdy_proxy_client_socket.h"
23 #include "net/spdy/spdy_session.h"
24 #include "net/spdy/spdy_session_pool.h"
25 #include "net/spdy/spdy_stream.h"
26 #include "net/ssl/ssl_cert_request_info.h"
31 HttpProxySocketParams::HttpProxySocketParams(
32 const scoped_refptr<TransportSocketParams>& transport_params,
33 const scoped_refptr<SSLSocketParams>& ssl_params,
34 const GURL& request_url,
35 const std::string& user_agent,
36 const HostPortPair& endpoint,
37 HttpAuthCache* http_auth_cache,
38 HttpAuthHandlerFactory* http_auth_handler_factory,
39 SpdySessionPool* spdy_session_pool,
41 : transport_params_(transport_params),
42 ssl_params_(ssl_params),
43 spdy_session_pool_(spdy_session_pool),
44 request_url_(request_url),
45 user_agent_(user_agent),
47 http_auth_cache_(tunnel ? http_auth_cache : NULL),
48 http_auth_handler_factory_(tunnel ? http_auth_handler_factory : NULL),
50 DCHECK((transport_params.get() == NULL && ssl_params.get() != NULL) ||
51 (transport_params.get() != NULL && ssl_params.get() == NULL));
52 if (transport_params_.get()) {
53 ignore_limits_ = transport_params->ignore_limits();
55 ignore_limits_ = ssl_params->ignore_limits();
59 const HostResolver::RequestInfo& HttpProxySocketParams::destination() const {
60 if (transport_params_.get() == NULL) {
61 return ssl_params_->GetDirectConnectionParams()->destination();
63 return transport_params_->destination();
67 HttpProxySocketParams::~HttpProxySocketParams() {}
69 // HttpProxyConnectJobs will time out after this many seconds. Note this is on
70 // top of the timeout for the transport socket.
71 #if (defined(OS_ANDROID) || defined(OS_IOS)) && defined(SPDY_PROXY_AUTH_ORIGIN)
72 static const int kHttpProxyConnectJobTimeoutInSeconds = 10;
74 static const int kHttpProxyConnectJobTimeoutInSeconds = 30;
78 HttpProxyConnectJob::HttpProxyConnectJob(
79 const std::string& group_name,
80 RequestPriority priority,
81 const scoped_refptr<HttpProxySocketParams>& params,
82 const base::TimeDelta& timeout_duration,
83 TransportClientSocketPool* transport_pool,
84 SSLClientSocketPool* ssl_pool,
85 HostResolver* host_resolver,
88 : ConnectJob(group_name, timeout_duration, priority, delegate,
89 BoundNetLog::Make(net_log, NetLog::SOURCE_CONNECT_JOB)),
90 weak_ptr_factory_(this),
92 transport_pool_(transport_pool),
94 resolver_(host_resolver),
95 callback_(base::Bind(&HttpProxyConnectJob::OnIOComplete,
96 weak_ptr_factory_.GetWeakPtr())),
98 protocol_negotiated_(kProtoUnknown) {
101 HttpProxyConnectJob::~HttpProxyConnectJob() {}
103 LoadState HttpProxyConnectJob::GetLoadState() const {
104 switch (next_state_) {
105 case STATE_TCP_CONNECT:
106 case STATE_TCP_CONNECT_COMPLETE:
107 case STATE_SSL_CONNECT:
108 case STATE_SSL_CONNECT_COMPLETE:
109 return transport_socket_handle_->GetLoadState();
110 case STATE_HTTP_PROXY_CONNECT:
111 case STATE_HTTP_PROXY_CONNECT_COMPLETE:
112 case STATE_SPDY_PROXY_CREATE_STREAM:
113 case STATE_SPDY_PROXY_CREATE_STREAM_COMPLETE:
114 return LOAD_STATE_ESTABLISHING_PROXY_TUNNEL;
117 return LOAD_STATE_IDLE;
121 void HttpProxyConnectJob::GetAdditionalErrorState(ClientSocketHandle * handle) {
122 if (error_response_info_.cert_request_info.get()) {
123 handle->set_ssl_error_response_info(error_response_info_);
124 handle->set_is_ssl_error(true);
128 void HttpProxyConnectJob::OnIOComplete(int result) {
129 int rv = DoLoop(result);
130 if (rv != ERR_IO_PENDING)
131 NotifyDelegateOfCompletion(rv); // Deletes |this|
134 int HttpProxyConnectJob::DoLoop(int result) {
135 DCHECK_NE(next_state_, STATE_NONE);
139 State state = next_state_;
140 next_state_ = STATE_NONE;
142 case STATE_TCP_CONNECT:
144 rv = DoTransportConnect();
146 case STATE_TCP_CONNECT_COMPLETE:
147 rv = DoTransportConnectComplete(rv);
149 case STATE_SSL_CONNECT:
153 case STATE_SSL_CONNECT_COMPLETE:
154 rv = DoSSLConnectComplete(rv);
156 case STATE_HTTP_PROXY_CONNECT:
158 rv = DoHttpProxyConnect();
160 case STATE_HTTP_PROXY_CONNECT_COMPLETE:
161 rv = DoHttpProxyConnectComplete(rv);
163 case STATE_SPDY_PROXY_CREATE_STREAM:
165 rv = DoSpdyProxyCreateStream();
167 case STATE_SPDY_PROXY_CREATE_STREAM_COMPLETE:
168 rv = DoSpdyProxyCreateStreamComplete(rv);
171 NOTREACHED() << "bad state";
175 } while (rv != ERR_IO_PENDING && next_state_ != STATE_NONE);
180 int HttpProxyConnectJob::DoTransportConnect() {
181 next_state_ = STATE_TCP_CONNECT_COMPLETE;
182 transport_socket_handle_.reset(new ClientSocketHandle());
183 return transport_socket_handle_->Init(group_name(),
184 params_->transport_params(),
191 int HttpProxyConnectJob::DoTransportConnectComplete(int result) {
193 return ERR_PROXY_CONNECTION_FAILED;
195 // Reset the timer to just the length of time allowed for HttpProxy handshake
196 // so that a fast TCP connection plus a slow HttpProxy failure doesn't take
197 // longer to timeout than it should.
198 ResetTimer(base::TimeDelta::FromSeconds(
199 kHttpProxyConnectJobTimeoutInSeconds));
201 next_state_ = STATE_HTTP_PROXY_CONNECT;
205 int HttpProxyConnectJob::DoSSLConnect() {
206 if (params_->tunnel()) {
207 SpdySessionKey key(params_->destination().host_port_pair(),
208 ProxyServer::Direct(),
209 PRIVACY_MODE_DISABLED);
210 if (params_->spdy_session_pool()->FindAvailableSession(key, net_log())) {
212 next_state_ = STATE_SPDY_PROXY_CREATE_STREAM;
216 next_state_ = STATE_SSL_CONNECT_COMPLETE;
217 transport_socket_handle_.reset(new ClientSocketHandle());
218 return transport_socket_handle_->Init(
219 group_name(), params_->ssl_params(), priority(), callback_,
220 ssl_pool_, net_log());
223 int HttpProxyConnectJob::DoSSLConnectComplete(int result) {
224 if (result == ERR_SSL_CLIENT_AUTH_CERT_NEEDED) {
225 error_response_info_ = transport_socket_handle_->ssl_error_response_info();
226 DCHECK(error_response_info_.cert_request_info.get());
227 error_response_info_.cert_request_info->is_proxy = true;
230 if (IsCertificateError(result)) {
231 if (params_->ssl_params()->load_flags() & LOAD_IGNORE_ALL_CERT_ERRORS) {
234 // TODO(rch): allow the user to deal with proxy cert errors in the
235 // same way as server cert errors.
236 transport_socket_handle_->socket()->Disconnect();
237 return ERR_PROXY_CERTIFICATE_INVALID;
240 // A SPDY session to the proxy completed prior to resolving the proxy
241 // hostname. Surface this error, and allow the delegate to retry.
242 // See crbug.com/334413.
243 if (result == ERR_SPDY_SESSION_ALREADY_EXISTS) {
244 DCHECK(!transport_socket_handle_->socket());
245 return ERR_SPDY_SESSION_ALREADY_EXISTS;
248 if (transport_socket_handle_->socket())
249 transport_socket_handle_->socket()->Disconnect();
250 return ERR_PROXY_CONNECTION_FAILED;
253 SSLClientSocket* ssl =
254 static_cast<SSLClientSocket*>(transport_socket_handle_->socket());
255 using_spdy_ = ssl->was_spdy_negotiated();
256 protocol_negotiated_ = ssl->GetNegotiatedProtocol();
258 // Reset the timer to just the length of time allowed for HttpProxy handshake
259 // so that a fast SSL connection plus a slow HttpProxy failure doesn't take
260 // longer to timeout than it should.
261 ResetTimer(base::TimeDelta::FromSeconds(
262 kHttpProxyConnectJobTimeoutInSeconds));
263 // TODO(rch): If we ever decide to implement a "trusted" SPDY proxy
264 // (one that we speak SPDY over SSL to, but to which we send HTTPS
265 // request directly instead of through CONNECT tunnels, then we
266 // need to add a predicate to this if statement so we fall through
267 // to the else case. (HttpProxyClientSocket currently acts as
268 // a "trusted" SPDY proxy).
269 if (using_spdy_ && params_->tunnel()) {
270 next_state_ = STATE_SPDY_PROXY_CREATE_STREAM;
272 next_state_ = STATE_HTTP_PROXY_CONNECT;
277 int HttpProxyConnectJob::DoHttpProxyConnect() {
278 next_state_ = STATE_HTTP_PROXY_CONNECT_COMPLETE;
279 const HostResolver::RequestInfo& tcp_destination = params_->destination();
280 const HostPortPair& proxy_server = tcp_destination.host_port_pair();
282 // Add a HttpProxy connection on top of the tcp socket.
283 transport_socket_.reset(
284 new HttpProxyClientSocket(transport_socket_handle_.release(),
285 params_->request_url(),
286 params_->user_agent(),
289 params_->http_auth_cache(),
290 params_->http_auth_handler_factory(),
293 protocol_negotiated_,
294 params_->ssl_params().get() != NULL));
295 return transport_socket_->Connect(callback_);
298 int HttpProxyConnectJob::DoHttpProxyConnectComplete(int result) {
299 if (result == OK || result == ERR_PROXY_AUTH_REQUESTED ||
300 result == ERR_HTTPS_PROXY_TUNNEL_RESPONSE) {
301 SetSocket(transport_socket_.PassAs<StreamSocket>());
307 int HttpProxyConnectJob::DoSpdyProxyCreateStream() {
309 DCHECK(params_->tunnel());
310 SpdySessionKey key(params_->destination().host_port_pair(),
311 ProxyServer::Direct(),
312 PRIVACY_MODE_DISABLED);
313 SpdySessionPool* spdy_pool = params_->spdy_session_pool();
314 base::WeakPtr<SpdySession> spdy_session =
315 spdy_pool->FindAvailableSession(key, net_log());
316 // It's possible that a session to the proxy has recently been created
318 if (transport_socket_handle_.get()) {
319 if (transport_socket_handle_->socket())
320 transport_socket_handle_->socket()->Disconnect();
321 transport_socket_handle_->Reset();
324 // Create a session direct to the proxy itself
326 spdy_pool->CreateAvailableSessionFromSocket(
327 key, transport_socket_handle_.Pass(),
328 net_log(), OK, /*using_ssl_*/ true);
329 DCHECK(spdy_session);
332 next_state_ = STATE_SPDY_PROXY_CREATE_STREAM_COMPLETE;
333 return spdy_stream_request_.StartRequest(SPDY_BIDIRECTIONAL_STREAM,
335 params_->request_url(),
337 spdy_session->net_log(),
341 int HttpProxyConnectJob::DoSpdyProxyCreateStreamComplete(int result) {
345 next_state_ = STATE_HTTP_PROXY_CONNECT_COMPLETE;
346 base::WeakPtr<SpdyStream> stream = spdy_stream_request_.ReleaseStream();
347 DCHECK(stream.get());
348 // |transport_socket_| will set itself as |stream|'s delegate.
349 transport_socket_.reset(
350 new SpdyProxyClientSocket(stream,
351 params_->user_agent(),
353 params_->request_url(),
354 params_->destination().host_port_pair(),
356 params_->http_auth_cache(),
357 params_->http_auth_handler_factory()));
358 return transport_socket_->Connect(callback_);
361 int HttpProxyConnectJob::ConnectInternal() {
362 if (params_->transport_params().get()) {
363 next_state_ = STATE_TCP_CONNECT;
365 next_state_ = STATE_SSL_CONNECT;
370 HttpProxyClientSocketPool::
371 HttpProxyConnectJobFactory::HttpProxyConnectJobFactory(
372 TransportClientSocketPool* transport_pool,
373 SSLClientSocketPool* ssl_pool,
374 HostResolver* host_resolver,
376 : transport_pool_(transport_pool),
378 host_resolver_(host_resolver),
380 base::TimeDelta max_pool_timeout = base::TimeDelta();
382 #if (defined(OS_ANDROID) || defined(OS_IOS)) && defined(SPDY_PROXY_AUTH_ORIGIN)
385 max_pool_timeout = transport_pool_->ConnectionTimeout();
387 max_pool_timeout = std::max(max_pool_timeout,
388 ssl_pool_->ConnectionTimeout());
390 timeout_ = max_pool_timeout +
391 base::TimeDelta::FromSeconds(kHttpProxyConnectJobTimeoutInSeconds);
395 scoped_ptr<ConnectJob>
396 HttpProxyClientSocketPool::HttpProxyConnectJobFactory::NewConnectJob(
397 const std::string& group_name,
398 const PoolBase::Request& request,
399 ConnectJob::Delegate* delegate) const {
400 return scoped_ptr<ConnectJob>(new HttpProxyConnectJob(group_name,
412 HttpProxyClientSocketPool::HttpProxyConnectJobFactory::ConnectionTimeout(
417 HttpProxyClientSocketPool::HttpProxyClientSocketPool(
419 int max_sockets_per_group,
420 ClientSocketPoolHistograms* histograms,
421 HostResolver* host_resolver,
422 TransportClientSocketPool* transport_pool,
423 SSLClientSocketPool* ssl_pool,
425 : transport_pool_(transport_pool),
427 base_(this, max_sockets, max_sockets_per_group, histograms,
428 ClientSocketPool::unused_idle_socket_timeout(),
429 ClientSocketPool::used_idle_socket_timeout(),
430 new HttpProxyConnectJobFactory(transport_pool,
434 // We should always have a |transport_pool_| except in unit tests.
436 base_.AddLowerLayeredPool(transport_pool_);
438 base_.AddLowerLayeredPool(ssl_pool_);
441 HttpProxyClientSocketPool::~HttpProxyClientSocketPool() {
444 int HttpProxyClientSocketPool::RequestSocket(
445 const std::string& group_name, const void* socket_params,
446 RequestPriority priority, ClientSocketHandle* handle,
447 const CompletionCallback& callback, const BoundNetLog& net_log) {
448 const scoped_refptr<HttpProxySocketParams>* casted_socket_params =
449 static_cast<const scoped_refptr<HttpProxySocketParams>*>(socket_params);
451 return base_.RequestSocket(group_name, *casted_socket_params, priority,
452 handle, callback, net_log);
455 void HttpProxyClientSocketPool::RequestSockets(
456 const std::string& group_name,
459 const BoundNetLog& net_log) {
460 const scoped_refptr<HttpProxySocketParams>* casted_params =
461 static_cast<const scoped_refptr<HttpProxySocketParams>*>(params);
463 base_.RequestSockets(group_name, *casted_params, num_sockets, net_log);
466 void HttpProxyClientSocketPool::CancelRequest(
467 const std::string& group_name,
468 ClientSocketHandle* handle) {
469 base_.CancelRequest(group_name, handle);
472 void HttpProxyClientSocketPool::ReleaseSocket(const std::string& group_name,
473 scoped_ptr<StreamSocket> socket,
475 base_.ReleaseSocket(group_name, socket.Pass(), id);
478 void HttpProxyClientSocketPool::FlushWithError(int error) {
479 base_.FlushWithError(error);
482 void HttpProxyClientSocketPool::CloseIdleSockets() {
483 base_.CloseIdleSockets();
486 int HttpProxyClientSocketPool::IdleSocketCount() const {
487 return base_.idle_socket_count();
490 int HttpProxyClientSocketPool::IdleSocketCountInGroup(
491 const std::string& group_name) const {
492 return base_.IdleSocketCountInGroup(group_name);
495 LoadState HttpProxyClientSocketPool::GetLoadState(
496 const std::string& group_name, const ClientSocketHandle* handle) const {
497 return base_.GetLoadState(group_name, handle);
500 base::DictionaryValue* HttpProxyClientSocketPool::GetInfoAsValue(
501 const std::string& name,
502 const std::string& type,
503 bool include_nested_pools) const {
504 base::DictionaryValue* dict = base_.GetInfoAsValue(name, type);
505 if (include_nested_pools) {
506 base::ListValue* list = new base::ListValue();
507 if (transport_pool_) {
508 list->Append(transport_pool_->GetInfoAsValue("transport_socket_pool",
509 "transport_socket_pool",
513 list->Append(ssl_pool_->GetInfoAsValue("ssl_socket_pool",
517 dict->Set("nested_pools", list);
522 base::TimeDelta HttpProxyClientSocketPool::ConnectionTimeout() const {
523 return base_.ConnectionTimeout();
526 ClientSocketPoolHistograms* HttpProxyClientSocketPool::histograms() const {
527 return base_.histograms();
530 bool HttpProxyClientSocketPool::IsStalled() const {
531 return base_.IsStalled();
534 void HttpProxyClientSocketPool::AddHigherLayeredPool(
535 HigherLayeredPool* higher_pool) {
536 base_.AddHigherLayeredPool(higher_pool);
539 void HttpProxyClientSocketPool::RemoveHigherLayeredPool(
540 HigherLayeredPool* higher_pool) {
541 base_.RemoveHigherLayeredPool(higher_pool);
544 bool HttpProxyClientSocketPool::CloseOneIdleConnection() {
545 if (base_.CloseOneIdleSocket())
547 return base_.CloseOneIdleConnectionInHigherLayeredPool();
projects / platform / framework / web / crosswalk.git / blob