1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "jingle/glue/proxy_resolving_client_socket.h"
7 #include "base/basictypes.h"
9 #include "base/bind_helpers.h"
10 #include "base/compiler_specific.h"
11 #include "base/logging.h"
12 #include "net/base/io_buffer.h"
13 #include "net/base/load_flags.h"
14 #include "net/base/net_errors.h"
15 #include "net/http/http_auth_controller.h"
16 #include "net/http/http_network_session.h"
17 #include "net/http/proxy_client_socket.h"
18 #include "net/socket/client_socket_handle.h"
19 #include "net/socket/client_socket_pool_manager.h"
20 #include "net/url_request/url_request_context.h"
21 #include "net/url_request/url_request_context_getter.h"
23 namespace jingle_glue
{
25 ProxyResolvingClientSocket::ProxyResolvingClientSocket(
26 net::ClientSocketFactory
* socket_factory
,
27 const scoped_refptr
<net::URLRequestContextGetter
>& request_context_getter
,
28 const net::SSLConfig
& ssl_config
,
29 const net::HostPortPair
& dest_host_port_pair
)
30 : proxy_resolve_callback_(
31 base::Bind(&ProxyResolvingClientSocket::ProcessProxyResolveDone
,
32 base::Unretained(this))),
34 base::Bind(&ProxyResolvingClientSocket::ProcessConnectDone
,
35 base::Unretained(this))),
36 ssl_config_(ssl_config
),
38 dest_host_port_pair_(dest_host_port_pair
),
39 // Assume that we intend to do TLS on this socket; all
40 // current use cases do.
41 proxy_url_("https://" + dest_host_port_pair_
.ToString()),
42 tried_direct_connect_fallback_(false),
44 net::BoundNetLog::Make(
45 request_context_getter
->GetURLRequestContext()->net_log(),
46 net::NetLog::SOURCE_SOCKET
)),
48 DCHECK(request_context_getter
.get());
49 net::URLRequestContext
* request_context
=
50 request_context_getter
->GetURLRequestContext();
51 DCHECK(request_context
);
52 DCHECK(!dest_host_port_pair_
.host().empty());
53 DCHECK_GT(dest_host_port_pair_
.port(), 0);
54 DCHECK(proxy_url_
.is_valid());
56 net::HttpNetworkSession::Params session_params
;
57 session_params
.client_socket_factory
= socket_factory
;
58 session_params
.host_resolver
= request_context
->host_resolver();
59 session_params
.cert_verifier
= request_context
->cert_verifier();
60 session_params
.transport_security_state
=
61 request_context
->transport_security_state();
62 // TODO(rkn): This is NULL because ChannelIDService is not thread safe.
63 session_params
.channel_id_service
= NULL
;
64 session_params
.proxy_service
= request_context
->proxy_service();
65 session_params
.ssl_config_service
= request_context
->ssl_config_service();
66 session_params
.http_auth_handler_factory
=
67 request_context
->http_auth_handler_factory();
68 session_params
.network_delegate
= request_context
->network_delegate();
69 session_params
.http_server_properties
=
70 request_context
->http_server_properties();
71 session_params
.net_log
= request_context
->net_log();
73 const net::HttpNetworkSession::Params
* reference_params
=
74 request_context
->GetNetworkSessionParams();
75 if (reference_params
) {
76 // TODO(mmenke): Just copying specific parameters seems highly regression
77 // prone. Should have a better way to do this.
78 session_params
.host_mapping_rules
= reference_params
->host_mapping_rules
;
79 session_params
.ignore_certificate_errors
=
80 reference_params
->ignore_certificate_errors
;
81 session_params
.testing_fixed_http_port
=
82 reference_params
->testing_fixed_http_port
;
83 session_params
.testing_fixed_https_port
=
84 reference_params
->testing_fixed_https_port
;
85 session_params
.next_protos
= reference_params
->next_protos
;
86 session_params
.trusted_spdy_proxy
= reference_params
->trusted_spdy_proxy
;
87 session_params
.force_spdy_over_ssl
= reference_params
->force_spdy_over_ssl
;
88 session_params
.force_spdy_always
= reference_params
->force_spdy_always
;
89 session_params
.forced_spdy_exclusions
=
90 reference_params
->forced_spdy_exclusions
;
91 session_params
.use_alternate_protocols
=
92 reference_params
->use_alternate_protocols
;
95 network_session_
= new net::HttpNetworkSession(session_params
);
98 ProxyResolvingClientSocket::~ProxyResolvingClientSocket() {
102 int ProxyResolvingClientSocket::Read(net::IOBuffer
* buf
, int buf_len
,
103 const net::CompletionCallback
& callback
) {
104 if (transport_
.get() && transport_
->socket())
105 return transport_
->socket()->Read(buf
, buf_len
, callback
);
107 return net::ERR_SOCKET_NOT_CONNECTED
;
110 int ProxyResolvingClientSocket::Write(
113 const net::CompletionCallback
& callback
) {
114 if (transport_
.get() && transport_
->socket())
115 return transport_
->socket()->Write(buf
, buf_len
, callback
);
117 return net::ERR_SOCKET_NOT_CONNECTED
;
120 int ProxyResolvingClientSocket::SetReceiveBufferSize(int32 size
) {
121 if (transport_
.get() && transport_
->socket())
122 return transport_
->socket()->SetReceiveBufferSize(size
);
124 return net::ERR_SOCKET_NOT_CONNECTED
;
127 int ProxyResolvingClientSocket::SetSendBufferSize(int32 size
) {
128 if (transport_
.get() && transport_
->socket())
129 return transport_
->socket()->SetSendBufferSize(size
);
131 return net::ERR_SOCKET_NOT_CONNECTED
;
134 int ProxyResolvingClientSocket::Connect(
135 const net::CompletionCallback
& callback
) {
136 DCHECK(user_connect_callback_
.is_null());
138 tried_direct_connect_fallback_
= false;
140 // First we try and resolve the proxy.
141 int status
= network_session_
->proxy_service()->ResolveProxy(
145 proxy_resolve_callback_
,
149 if (status
!= net::ERR_IO_PENDING
) {
150 // We defer execution of ProcessProxyResolveDone instead of calling it
151 // directly here for simplicity. From the caller's point of view,
152 // the connect always happens asynchronously.
153 base::MessageLoop
* message_loop
= base::MessageLoop::current();
155 message_loop
->PostTask(
157 base::Bind(&ProxyResolvingClientSocket::ProcessProxyResolveDone
,
158 weak_factory_
.GetWeakPtr(), status
));
160 user_connect_callback_
= callback
;
161 return net::ERR_IO_PENDING
;
164 void ProxyResolvingClientSocket::RunUserConnectCallback(int status
) {
165 DCHECK_LE(status
, net::OK
);
166 net::CompletionCallback user_connect_callback
= user_connect_callback_
;
167 user_connect_callback_
.Reset();
168 user_connect_callback
.Run(status
);
171 // Always runs asynchronously.
172 void ProxyResolvingClientSocket::ProcessProxyResolveDone(int status
) {
175 DCHECK_NE(status
, net::ERR_IO_PENDING
);
176 if (status
== net::OK
) {
177 // Remove unsupported proxies from the list.
178 proxy_info_
.RemoveProxiesWithoutScheme(
179 net::ProxyServer::SCHEME_DIRECT
|
180 net::ProxyServer::SCHEME_HTTP
| net::ProxyServer::SCHEME_HTTPS
|
181 net::ProxyServer::SCHEME_SOCKS4
| net::ProxyServer::SCHEME_SOCKS5
);
183 if (proxy_info_
.is_empty()) {
184 // No proxies/direct to choose from. This happens when we don't support
185 // any of the proxies in the returned list.
186 status
= net::ERR_NO_SUPPORTED_PROXIES
;
190 // Since we are faking the URL, it is possible that no proxies match our URL.
191 // Try falling back to a direct connection if we have not tried that before.
192 if (status
!= net::OK
) {
193 if (!tried_direct_connect_fallback_
) {
194 tried_direct_connect_fallback_
= true;
195 proxy_info_
.UseDirect();
197 CloseTransportSocket();
198 RunUserConnectCallback(status
);
203 transport_
.reset(new net::ClientSocketHandle
);
204 // Now that we have resolved the proxy, we need to connect.
205 status
= net::InitSocketHandleForRawConnect(
206 dest_host_port_pair_
, network_session_
.get(), proxy_info_
, ssl_config_
,
207 ssl_config_
, net::PRIVACY_MODE_DISABLED
, bound_net_log_
, transport_
.get(),
209 if (status
!= net::ERR_IO_PENDING
) {
210 // Since this method is always called asynchronously. it is OK to call
211 // ProcessConnectDone synchronously.
212 ProcessConnectDone(status
);
216 void ProxyResolvingClientSocket::ProcessConnectDone(int status
) {
217 if (status
!= net::OK
) {
218 // If the connection fails, try another proxy.
219 status
= ReconsiderProxyAfterError(status
);
220 // ReconsiderProxyAfterError either returns an error (in which case it is
221 // not reconsidering a proxy) or returns ERR_IO_PENDING if it is considering
223 DCHECK_NE(status
, net::OK
);
224 if (status
== net::ERR_IO_PENDING
)
225 // Proxy reconsideration pending. Return.
227 CloseTransportSocket();
229 ReportSuccessfulProxyConnection();
231 RunUserConnectCallback(status
);
234 // TODO(sanjeevr): This has largely been copied from
235 // HttpStreamFactoryImpl::Job::ReconsiderProxyAfterError. This should be
236 // refactored into some common place.
237 // This method reconsiders the proxy on certain errors. If it does reconsider
238 // a proxy it always returns ERR_IO_PENDING and posts a call to
239 // ProcessProxyResolveDone with the result of the reconsideration.
240 int ProxyResolvingClientSocket::ReconsiderProxyAfterError(int error
) {
241 DCHECK(!pac_request_
);
242 DCHECK_NE(error
, net::OK
);
243 DCHECK_NE(error
, net::ERR_IO_PENDING
);
244 // A failure to resolve the hostname or any error related to establishing a
245 // TCP connection could be grounds for trying a new proxy configuration.
247 // Why do this when a hostname cannot be resolved? Some URLs only make sense
248 // to proxy servers. The hostname in those URLs might fail to resolve if we
249 // are still using a non-proxy config. We need to check if a proxy config
250 // now exists that corresponds to a proxy server that could load the URL.
253 case net::ERR_PROXY_CONNECTION_FAILED
:
254 case net::ERR_NAME_NOT_RESOLVED
:
255 case net::ERR_INTERNET_DISCONNECTED
:
256 case net::ERR_ADDRESS_UNREACHABLE
:
257 case net::ERR_CONNECTION_CLOSED
:
258 case net::ERR_CONNECTION_RESET
:
259 case net::ERR_CONNECTION_REFUSED
:
260 case net::ERR_CONNECTION_ABORTED
:
261 case net::ERR_TIMED_OUT
:
262 case net::ERR_TUNNEL_CONNECTION_FAILED
:
263 case net::ERR_SOCKS_CONNECTION_FAILED
:
265 case net::ERR_SOCKS_CONNECTION_HOST_UNREACHABLE
:
266 // Remap the SOCKS-specific "host unreachable" error to a more
267 // generic error code (this way consumers like the link doctor
268 // know to substitute their error page).
270 // Note that if the host resolving was done by the SOCSK5 proxy, we can't
271 // differentiate between a proxy-side "host not found" versus a proxy-side
272 // "address unreachable" error, and will report both of these failures as
273 // ERR_ADDRESS_UNREACHABLE.
274 return net::ERR_ADDRESS_UNREACHABLE
;
275 case net::ERR_PROXY_AUTH_REQUESTED
: {
276 net::ProxyClientSocket
* proxy_socket
=
277 static_cast<net::ProxyClientSocket
*>(transport_
->socket());
279 if (proxy_socket
->GetAuthController()->HaveAuth())
280 return proxy_socket
->RestartWithAuth(connect_callback_
);
288 if (proxy_info_
.is_https() && ssl_config_
.send_client_cert
) {
289 network_session_
->ssl_client_auth_cache()->Remove(
290 proxy_info_
.proxy_server().host_port_pair());
293 int rv
= network_session_
->proxy_service()->ReconsiderProxyAfterError(
294 proxy_url_
, net::LOAD_NORMAL
, error
, &proxy_info_
,
295 proxy_resolve_callback_
, &pac_request_
, NULL
, bound_net_log_
);
296 if (rv
== net::OK
|| rv
== net::ERR_IO_PENDING
) {
297 CloseTransportSocket();
299 // If ReconsiderProxyAfterError() failed synchronously, it means
300 // there was nothing left to fall-back to, so fail the transaction
301 // with the last connection error we got.
305 // We either have new proxy info or there was an error in falling back.
306 // In both cases we want to post ProcessProxyResolveDone (in the error case
307 // we might still want to fall back a direct connection).
308 if (rv
!= net::ERR_IO_PENDING
) {
309 base::MessageLoop
* message_loop
= base::MessageLoop::current();
311 message_loop
->PostTask(
313 base::Bind(&ProxyResolvingClientSocket::ProcessProxyResolveDone
,
314 weak_factory_
.GetWeakPtr(), rv
));
315 // Since we potentially have another try to go (trying the direct connect)
316 // set the return code code to ERR_IO_PENDING.
317 rv
= net::ERR_IO_PENDING
;
322 void ProxyResolvingClientSocket::ReportSuccessfulProxyConnection() {
323 network_session_
->proxy_service()->ReportSuccess(proxy_info_
, NULL
);
326 void ProxyResolvingClientSocket::Disconnect() {
327 CloseTransportSocket();
329 network_session_
->proxy_service()->CancelPacRequest(pac_request_
);
332 user_connect_callback_
.Reset();
335 bool ProxyResolvingClientSocket::IsConnected() const {
336 if (!transport_
.get() || !transport_
->socket())
338 return transport_
->socket()->IsConnected();
341 bool ProxyResolvingClientSocket::IsConnectedAndIdle() const {
342 if (!transport_
.get() || !transport_
->socket())
344 return transport_
->socket()->IsConnectedAndIdle();
347 int ProxyResolvingClientSocket::GetPeerAddress(
348 net::IPEndPoint
* address
) const {
349 if (!transport_
.get() || !transport_
->socket()) {
351 return net::ERR_SOCKET_NOT_CONNECTED
;
354 if (proxy_info_
.is_direct())
355 return transport_
->socket()->GetPeerAddress(address
);
357 net::IPAddressNumber ip_number
;
358 if (!net::ParseIPLiteralToNumber(dest_host_port_pair_
.host(), &ip_number
)) {
359 // Do not expose the proxy IP address to the caller.
360 return net::ERR_NAME_NOT_RESOLVED
;
363 *address
= net::IPEndPoint(ip_number
, dest_host_port_pair_
.port());
367 int ProxyResolvingClientSocket::GetLocalAddress(
368 net::IPEndPoint
* address
) const {
369 if (transport_
.get() && transport_
->socket())
370 return transport_
->socket()->GetLocalAddress(address
);
372 return net::ERR_SOCKET_NOT_CONNECTED
;
375 const net::BoundNetLog
& ProxyResolvingClientSocket::NetLog() const {
376 if (transport_
.get() && transport_
->socket())
377 return transport_
->socket()->NetLog();
379 return bound_net_log_
;
382 void ProxyResolvingClientSocket::SetSubresourceSpeculation() {
383 if (transport_
.get() && transport_
->socket())
384 transport_
->socket()->SetSubresourceSpeculation();
389 void ProxyResolvingClientSocket::SetOmniboxSpeculation() {
390 if (transport_
.get() && transport_
->socket())
391 transport_
->socket()->SetOmniboxSpeculation();
396 bool ProxyResolvingClientSocket::WasEverUsed() const {
397 if (transport_
.get() && transport_
->socket())
398 return transport_
->socket()->WasEverUsed();
403 bool ProxyResolvingClientSocket::UsingTCPFastOpen() const {
404 if (transport_
.get() && transport_
->socket())
405 return transport_
->socket()->UsingTCPFastOpen();
410 bool ProxyResolvingClientSocket::WasNpnNegotiated() const {
414 net::NextProto
ProxyResolvingClientSocket::GetNegotiatedProtocol() const {
415 if (transport_
.get() && transport_
->socket())
416 return transport_
->socket()->GetNegotiatedProtocol();
418 return net::kProtoUnknown
;
421 bool ProxyResolvingClientSocket::GetSSLInfo(net::SSLInfo
* ssl_info
) {
425 void ProxyResolvingClientSocket::CloseTransportSocket() {
426 if (transport_
.get() && transport_
->socket())
427 transport_
->socket()->Disconnect();
431 } // namespace jingle_glue