Merge Chromium + Blink git repositories
[chromium-blink-merge.git] / net / spdy / spdy_proxy_client_socket.cc
blobe6d521e1356d7cca7fc58b01afddac3727b560b1
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "net/spdy/spdy_proxy_client_socket.h"
7 #include <algorithm> // min
9 #include "base/bind.h"
10 #include "base/bind_helpers.h"
11 #include "base/callback_helpers.h"
12 #include "base/location.h"
13 #include "base/logging.h"
14 #include "base/single_thread_task_runner.h"
15 #include "base/strings/string_util.h"
16 #include "base/thread_task_runner_handle.h"
17 #include "base/values.h"
18 #include "net/base/auth.h"
19 #include "net/base/io_buffer.h"
20 #include "net/base/net_util.h"
21 #include "net/http/http_auth_cache.h"
22 #include "net/http/http_auth_handler_factory.h"
23 #include "net/http/http_request_info.h"
24 #include "net/http/http_response_headers.h"
25 #include "net/http/proxy_connect_redirect_http_stream.h"
26 #include "net/spdy/spdy_http_utils.h"
27 #include "url/gurl.h"
29 namespace net {
31 SpdyProxyClientSocket::SpdyProxyClientSocket(
32 const base::WeakPtr<SpdyStream>& spdy_stream,
33 const std::string& user_agent,
34 const HostPortPair& endpoint,
35 const HostPortPair& proxy_server,
36 const BoundNetLog& source_net_log,
37 HttpAuthCache* auth_cache,
38 HttpAuthHandlerFactory* auth_handler_factory)
39 : next_state_(STATE_DISCONNECTED),
40 spdy_stream_(spdy_stream),
41 endpoint_(endpoint),
42 auth_(new HttpAuthController(HttpAuth::AUTH_PROXY,
43 GURL("https://" + proxy_server.ToString()),
44 auth_cache,
45 auth_handler_factory)),
46 user_agent_(user_agent),
47 user_buffer_len_(0),
48 write_buffer_len_(0),
49 was_ever_used_(false),
50 redirect_has_load_timing_info_(false),
51 net_log_(BoundNetLog::Make(spdy_stream->net_log().net_log(),
52 NetLog::SOURCE_PROXY_CLIENT_SOCKET)),
53 weak_factory_(this),
54 write_callback_weak_factory_(this) {
55 request_.method = "CONNECT";
56 request_.url = GURL("https://" + endpoint.ToString());
57 net_log_.BeginEvent(NetLog::TYPE_SOCKET_ALIVE,
58 source_net_log.source().ToEventParametersCallback());
59 net_log_.AddEvent(
60 NetLog::TYPE_HTTP2_PROXY_CLIENT_SESSION,
61 spdy_stream->net_log().source().ToEventParametersCallback());
63 spdy_stream_->SetDelegate(this);
64 was_ever_used_ = spdy_stream_->WasEverUsed();
67 SpdyProxyClientSocket::~SpdyProxyClientSocket() {
68 Disconnect();
69 net_log_.EndEvent(NetLog::TYPE_SOCKET_ALIVE);
72 const HttpResponseInfo* SpdyProxyClientSocket::GetConnectResponseInfo() const {
73 return response_.headers.get() ? &response_ : NULL;
76 const scoped_refptr<HttpAuthController>&
77 SpdyProxyClientSocket::GetAuthController() const {
78 return auth_;
81 int SpdyProxyClientSocket::RestartWithAuth(const CompletionCallback& callback) {
82 // A SPDY Stream can only handle a single request, so the underlying
83 // stream may not be reused and a new SpdyProxyClientSocket must be
84 // created (possibly on top of the same SPDY Session).
85 next_state_ = STATE_DISCONNECTED;
86 return OK;
89 bool SpdyProxyClientSocket::IsUsingSpdy() const {
90 return true;
93 NextProto SpdyProxyClientSocket::GetProtocolNegotiated() const {
94 // Save the negotiated protocol
95 SSLInfo ssl_info;
96 bool was_npn_negotiated;
97 NextProto protocol_negotiated;
98 spdy_stream_->GetSSLInfo(&ssl_info, &was_npn_negotiated,
99 &protocol_negotiated);
100 return protocol_negotiated;
103 HttpStream* SpdyProxyClientSocket::CreateConnectResponseStream() {
104 return new ProxyConnectRedirectHttpStream(
105 redirect_has_load_timing_info_ ? &redirect_load_timing_info_ : NULL);
108 // Sends a SYN_STREAM frame to the proxy with a CONNECT request
109 // for the specified endpoint. Waits for the server to send back
110 // a SYN_REPLY frame. OK will be returned if the status is 200.
111 // ERR_TUNNEL_CONNECTION_FAILED will be returned for any other status.
112 // In any of these cases, Read() may be called to retrieve the HTTP
113 // response body. Any other return values should be considered fatal.
114 // TODO(rch): handle 407 proxy auth requested correctly, perhaps
115 // by creating a new stream for the subsequent request.
116 // TODO(rch): create a more appropriate error code to disambiguate
117 // the HTTPS Proxy tunnel failure from an HTTP Proxy tunnel failure.
118 int SpdyProxyClientSocket::Connect(const CompletionCallback& callback) {
119 DCHECK(read_callback_.is_null());
120 if (next_state_ == STATE_OPEN)
121 return OK;
123 DCHECK_EQ(STATE_DISCONNECTED, next_state_);
124 next_state_ = STATE_GENERATE_AUTH_TOKEN;
126 int rv = DoLoop(OK);
127 if (rv == ERR_IO_PENDING)
128 read_callback_ = callback;
129 return rv;
132 void SpdyProxyClientSocket::Disconnect() {
133 read_buffer_queue_.Clear();
134 user_buffer_ = NULL;
135 user_buffer_len_ = 0;
136 read_callback_.Reset();
138 write_buffer_len_ = 0;
139 write_callback_.Reset();
140 write_callback_weak_factory_.InvalidateWeakPtrs();
142 next_state_ = STATE_DISCONNECTED;
144 if (spdy_stream_.get()) {
145 // This will cause OnClose to be invoked, which takes care of
146 // cleaning up all the internal state.
147 spdy_stream_->Cancel();
148 DCHECK(!spdy_stream_.get());
152 bool SpdyProxyClientSocket::IsConnected() const {
153 return next_state_ == STATE_OPEN;
156 bool SpdyProxyClientSocket::IsConnectedAndIdle() const {
157 return IsConnected() && read_buffer_queue_.IsEmpty() &&
158 spdy_stream_->IsOpen();
161 const BoundNetLog& SpdyProxyClientSocket::NetLog() const {
162 return net_log_;
165 void SpdyProxyClientSocket::SetSubresourceSpeculation() {
166 // TODO(rch): what should this implementation be?
169 void SpdyProxyClientSocket::SetOmniboxSpeculation() {
170 // TODO(rch): what should this implementation be?
173 bool SpdyProxyClientSocket::WasEverUsed() const {
174 return was_ever_used_ || (spdy_stream_.get() && spdy_stream_->WasEverUsed());
177 bool SpdyProxyClientSocket::UsingTCPFastOpen() const {
178 return false;
181 bool SpdyProxyClientSocket::WasNpnNegotiated() const {
182 return false;
185 NextProto SpdyProxyClientSocket::GetNegotiatedProtocol() const {
186 return kProtoUnknown;
189 bool SpdyProxyClientSocket::GetSSLInfo(SSLInfo* ssl_info) {
190 bool was_npn_negotiated;
191 NextProto protocol_negotiated;
192 return spdy_stream_->GetSSLInfo(ssl_info, &was_npn_negotiated,
193 &protocol_negotiated);
196 void SpdyProxyClientSocket::GetConnectionAttempts(
197 ConnectionAttempts* out) const {
198 out->clear();
201 int SpdyProxyClientSocket::Read(IOBuffer* buf, int buf_len,
202 const CompletionCallback& callback) {
203 DCHECK(read_callback_.is_null());
204 DCHECK(!user_buffer_.get());
206 if (next_state_ == STATE_DISCONNECTED)
207 return ERR_SOCKET_NOT_CONNECTED;
209 if (next_state_ == STATE_CLOSED && read_buffer_queue_.IsEmpty()) {
210 return 0;
213 DCHECK(next_state_ == STATE_OPEN || next_state_ == STATE_CLOSED);
214 DCHECK(buf);
215 size_t result = PopulateUserReadBuffer(buf->data(), buf_len);
216 if (result == 0) {
217 user_buffer_ = buf;
218 user_buffer_len_ = static_cast<size_t>(buf_len);
219 DCHECK(!callback.is_null());
220 read_callback_ = callback;
221 return ERR_IO_PENDING;
223 user_buffer_ = NULL;
224 return result;
227 size_t SpdyProxyClientSocket::PopulateUserReadBuffer(char* data, size_t len) {
228 return read_buffer_queue_.Dequeue(data, len);
231 int SpdyProxyClientSocket::Write(IOBuffer* buf, int buf_len,
232 const CompletionCallback& callback) {
233 DCHECK(write_callback_.is_null());
234 if (next_state_ != STATE_OPEN)
235 return ERR_SOCKET_NOT_CONNECTED;
237 DCHECK(spdy_stream_.get());
238 spdy_stream_->SendData(buf, buf_len, MORE_DATA_TO_SEND);
239 net_log_.AddByteTransferEvent(NetLog::TYPE_SOCKET_BYTES_SENT,
240 buf_len, buf->data());
241 write_callback_ = callback;
242 write_buffer_len_ = buf_len;
243 return ERR_IO_PENDING;
246 int SpdyProxyClientSocket::SetReceiveBufferSize(int32 size) {
247 // Since this StreamSocket sits on top of a shared SpdySession, it
248 // is not safe for callers to change this underlying socket.
249 return ERR_NOT_IMPLEMENTED;
252 int SpdyProxyClientSocket::SetSendBufferSize(int32 size) {
253 // Since this StreamSocket sits on top of a shared SpdySession, it
254 // is not safe for callers to change this underlying socket.
255 return ERR_NOT_IMPLEMENTED;
258 int SpdyProxyClientSocket::GetPeerAddress(IPEndPoint* address) const {
259 if (!IsConnected())
260 return ERR_SOCKET_NOT_CONNECTED;
261 return spdy_stream_->GetPeerAddress(address);
264 int SpdyProxyClientSocket::GetLocalAddress(IPEndPoint* address) const {
265 if (!IsConnected())
266 return ERR_SOCKET_NOT_CONNECTED;
267 return spdy_stream_->GetLocalAddress(address);
270 void SpdyProxyClientSocket::LogBlockedTunnelResponse() const {
271 ProxyClientSocket::LogBlockedTunnelResponse(
272 response_.headers->response_code(),
273 /* is_https_proxy = */ true);
276 void SpdyProxyClientSocket::RunCallback(const CompletionCallback& callback,
277 int result) const {
278 callback.Run(result);
281 void SpdyProxyClientSocket::OnIOComplete(int result) {
282 DCHECK_NE(STATE_DISCONNECTED, next_state_);
283 int rv = DoLoop(result);
284 if (rv != ERR_IO_PENDING) {
285 CompletionCallback c = read_callback_;
286 read_callback_.Reset();
287 c.Run(rv);
291 int SpdyProxyClientSocket::DoLoop(int last_io_result) {
292 DCHECK_NE(next_state_, STATE_DISCONNECTED);
293 int rv = last_io_result;
294 do {
295 State state = next_state_;
296 next_state_ = STATE_DISCONNECTED;
297 switch (state) {
298 case STATE_GENERATE_AUTH_TOKEN:
299 DCHECK_EQ(OK, rv);
300 rv = DoGenerateAuthToken();
301 break;
302 case STATE_GENERATE_AUTH_TOKEN_COMPLETE:
303 rv = DoGenerateAuthTokenComplete(rv);
304 break;
305 case STATE_SEND_REQUEST:
306 DCHECK_EQ(OK, rv);
307 net_log_.BeginEvent(NetLog::TYPE_HTTP_TRANSACTION_TUNNEL_SEND_REQUEST);
308 rv = DoSendRequest();
309 break;
310 case STATE_SEND_REQUEST_COMPLETE:
311 net_log_.EndEventWithNetErrorCode(
312 NetLog::TYPE_HTTP_TRANSACTION_TUNNEL_SEND_REQUEST, rv);
313 rv = DoSendRequestComplete(rv);
314 if (rv >= 0 || rv == ERR_IO_PENDING) {
315 // Emit extra event so can use the same events as
316 // HttpProxyClientSocket.
317 net_log_.BeginEvent(
318 NetLog::TYPE_HTTP_TRANSACTION_TUNNEL_READ_HEADERS);
320 break;
321 case STATE_READ_REPLY_COMPLETE:
322 rv = DoReadReplyComplete(rv);
323 net_log_.EndEventWithNetErrorCode(
324 NetLog::TYPE_HTTP_TRANSACTION_TUNNEL_READ_HEADERS, rv);
325 break;
326 default:
327 NOTREACHED() << "bad state";
328 rv = ERR_UNEXPECTED;
329 break;
331 } while (rv != ERR_IO_PENDING && next_state_ != STATE_DISCONNECTED &&
332 next_state_ != STATE_OPEN);
333 return rv;
336 int SpdyProxyClientSocket::DoGenerateAuthToken() {
337 next_state_ = STATE_GENERATE_AUTH_TOKEN_COMPLETE;
338 return auth_->MaybeGenerateAuthToken(
339 &request_,
340 base::Bind(&SpdyProxyClientSocket::OnIOComplete,
341 weak_factory_.GetWeakPtr()),
342 net_log_);
345 int SpdyProxyClientSocket::DoGenerateAuthTokenComplete(int result) {
346 DCHECK_NE(ERR_IO_PENDING, result);
347 if (result == OK)
348 next_state_ = STATE_SEND_REQUEST;
349 return result;
352 int SpdyProxyClientSocket::DoSendRequest() {
353 next_state_ = STATE_SEND_REQUEST_COMPLETE;
355 // Add Proxy-Authentication header if necessary.
356 HttpRequestHeaders authorization_headers;
357 if (auth_->HaveAuth()) {
358 auth_->AddAuthorizationHeader(&authorization_headers);
361 std::string request_line;
362 BuildTunnelRequest(endpoint_, authorization_headers, user_agent_,
363 &request_line, &request_.extra_headers);
365 net_log_.AddEvent(
366 NetLog::TYPE_HTTP_TRANSACTION_SEND_TUNNEL_HEADERS,
367 base::Bind(&HttpRequestHeaders::NetLogCallback,
368 base::Unretained(&request_.extra_headers), &request_line));
370 scoped_ptr<SpdyHeaderBlock> headers(new SpdyHeaderBlock());
371 CreateSpdyHeadersFromHttpRequest(request_, request_.extra_headers,
372 spdy_stream_->GetProtocolVersion(), true,
373 headers.get());
375 return spdy_stream_->SendRequestHeaders(headers.Pass(), MORE_DATA_TO_SEND);
378 int SpdyProxyClientSocket::DoSendRequestComplete(int result) {
379 if (result < 0)
380 return result;
382 // Wait for SYN_REPLY frame from the server
383 next_state_ = STATE_READ_REPLY_COMPLETE;
384 return ERR_IO_PENDING;
387 int SpdyProxyClientSocket::DoReadReplyComplete(int result) {
388 // We enter this method directly from DoSendRequestComplete, since
389 // we are notified by a callback when the SYN_REPLY frame arrives
391 if (result < 0)
392 return result;
394 // Require the "HTTP/1.x" status line for SSL CONNECT.
395 if (response_.headers->GetParsedHttpVersion() < HttpVersion(1, 0))
396 return ERR_TUNNEL_CONNECTION_FAILED;
398 net_log_.AddEvent(
399 NetLog::TYPE_HTTP_TRANSACTION_READ_TUNNEL_RESPONSE_HEADERS,
400 base::Bind(&HttpResponseHeaders::NetLogCallback, response_.headers));
402 switch (response_.headers->response_code()) {
403 case 200: // OK
404 next_state_ = STATE_OPEN;
405 return OK;
407 case 302: // Found / Moved Temporarily
408 // Try to return a sanitized response so we can follow auth redirects.
409 // If we can't, fail the tunnel connection.
410 if (!SanitizeProxyRedirect(&response_)) {
411 LogBlockedTunnelResponse();
412 return ERR_TUNNEL_CONNECTION_FAILED;
415 redirect_has_load_timing_info_ =
416 spdy_stream_->GetLoadTimingInfo(&redirect_load_timing_info_);
417 // Note that this triggers a RST_STREAM_CANCEL.
418 spdy_stream_->DetachDelegate();
419 next_state_ = STATE_DISCONNECTED;
420 return ERR_HTTPS_PROXY_TUNNEL_RESPONSE;
422 case 407: // Proxy Authentication Required
423 next_state_ = STATE_OPEN;
424 if (!SanitizeProxyAuth(&response_)) {
425 LogBlockedTunnelResponse();
426 return ERR_TUNNEL_CONNECTION_FAILED;
428 return HandleProxyAuthChallenge(auth_.get(), &response_, net_log_);
430 default:
431 // Ignore response to avoid letting the proxy impersonate the target
432 // server. (See http://crbug.com/137891.)
433 LogBlockedTunnelResponse();
434 return ERR_TUNNEL_CONNECTION_FAILED;
438 // SpdyStream::Delegate methods:
439 // Called when SYN frame has been sent.
440 // Returns true if no more data to be sent after SYN frame.
441 void SpdyProxyClientSocket::OnRequestHeadersSent() {
442 DCHECK_EQ(next_state_, STATE_SEND_REQUEST_COMPLETE);
444 OnIOComplete(OK);
447 SpdyResponseHeadersStatus SpdyProxyClientSocket::OnResponseHeadersUpdated(
448 const SpdyHeaderBlock& response_headers) {
449 // If we've already received the reply, existing headers are too late.
450 // TODO(mbelshe): figure out a way to make HEADERS frames useful after the
451 // initial response.
452 if (next_state_ != STATE_READ_REPLY_COMPLETE)
453 return RESPONSE_HEADERS_ARE_COMPLETE;
455 // Save the response
456 if (!SpdyHeadersToHttpResponse(
457 response_headers, spdy_stream_->GetProtocolVersion(), &response_))
458 return RESPONSE_HEADERS_ARE_INCOMPLETE;
460 OnIOComplete(OK);
461 return RESPONSE_HEADERS_ARE_COMPLETE;
464 // Called when data is received or on EOF (if |buffer| is NULL).
465 void SpdyProxyClientSocket::OnDataReceived(scoped_ptr<SpdyBuffer> buffer) {
466 if (buffer) {
467 net_log_.AddByteTransferEvent(NetLog::TYPE_SOCKET_BYTES_RECEIVED,
468 buffer->GetRemainingSize(),
469 buffer->GetRemainingData());
470 read_buffer_queue_.Enqueue(buffer.Pass());
471 } else {
472 net_log_.AddByteTransferEvent(NetLog::TYPE_SOCKET_BYTES_RECEIVED, 0, NULL);
475 if (!read_callback_.is_null()) {
476 int rv = PopulateUserReadBuffer(user_buffer_->data(), user_buffer_len_);
477 CompletionCallback c = read_callback_;
478 read_callback_.Reset();
479 user_buffer_ = NULL;
480 user_buffer_len_ = 0;
481 c.Run(rv);
485 void SpdyProxyClientSocket::OnDataSent() {
486 DCHECK(!write_callback_.is_null());
488 int rv = write_buffer_len_;
489 write_buffer_len_ = 0;
491 // Proxy write callbacks result in deep callback chains. Post to allow the
492 // stream's write callback chain to unwind (see crbug.com/355511).
493 base::ThreadTaskRunnerHandle::Get()->PostTask(
494 FROM_HERE, base::Bind(&SpdyProxyClientSocket::RunCallback,
495 write_callback_weak_factory_.GetWeakPtr(),
496 ResetAndReturn(&write_callback_), rv));
499 void SpdyProxyClientSocket::OnTrailers(const SpdyHeaderBlock& trailers) {
500 // |spdy_stream_| is of type SPDY_BIDIRECTIONAL_STREAM, so trailers are
501 // combined with response headers and this method will not be calld.
502 NOTREACHED();
505 void SpdyProxyClientSocket::OnClose(int status) {
506 was_ever_used_ = spdy_stream_->WasEverUsed();
507 spdy_stream_.reset();
509 bool connecting = next_state_ != STATE_DISCONNECTED &&
510 next_state_ < STATE_OPEN;
511 if (next_state_ == STATE_OPEN)
512 next_state_ = STATE_CLOSED;
513 else
514 next_state_ = STATE_DISCONNECTED;
516 base::WeakPtr<SpdyProxyClientSocket> weak_ptr = weak_factory_.GetWeakPtr();
517 CompletionCallback write_callback = write_callback_;
518 write_callback_.Reset();
519 write_buffer_len_ = 0;
521 // If we're in the middle of connecting, we need to make sure
522 // we invoke the connect callback.
523 if (connecting) {
524 DCHECK(!read_callback_.is_null());
525 CompletionCallback read_callback = read_callback_;
526 read_callback_.Reset();
527 read_callback.Run(status);
528 } else if (!read_callback_.is_null()) {
529 // If we have a read_callback_, the we need to make sure we call it back.
530 OnDataReceived(scoped_ptr<SpdyBuffer>());
532 // This may have been deleted by read_callback_, so check first.
533 if (weak_ptr.get() && !write_callback.is_null())
534 write_callback.Run(ERR_CONNECTION_CLOSED);
537 } // namespace net