Pin Chrome's shortcut to the Win10 Start menu on install and OS upgrade.
[chromium-blink-merge.git] / net / http / http_proxy_client_socket_pool.cc
blob1a60c6ae5adfcc4b81da43e115ce4c85542dc364
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "net/http/http_proxy_client_socket_pool.h"
7 #include <algorithm>
9 #include "base/compiler_specific.h"
10 #include "base/time/time.h"
11 #include "base/values.h"
12 #include "net/base/load_flags.h"
13 #include "net/base/net_errors.h"
14 #include "net/base/proxy_delegate.h"
15 #include "net/http/http_network_session.h"
16 #include "net/http/http_proxy_client_socket.h"
17 #include "net/socket/client_socket_factory.h"
18 #include "net/socket/client_socket_handle.h"
19 #include "net/socket/client_socket_pool_base.h"
20 #include "net/socket/ssl_client_socket.h"
21 #include "net/socket/ssl_client_socket_pool.h"
22 #include "net/socket/transport_client_socket_pool.h"
23 #include "net/spdy/spdy_proxy_client_socket.h"
24 #include "net/spdy/spdy_session.h"
25 #include "net/spdy/spdy_session_pool.h"
26 #include "net/spdy/spdy_stream.h"
27 #include "net/ssl/ssl_cert_request_info.h"
28 #include "url/gurl.h"
30 namespace net {
32 HttpProxySocketParams::HttpProxySocketParams(
33 const scoped_refptr<TransportSocketParams>& transport_params,
34 const scoped_refptr<SSLSocketParams>& ssl_params,
35 const std::string& user_agent,
36 const HostPortPair& endpoint,
37 HttpAuthCache* http_auth_cache,
38 HttpAuthHandlerFactory* http_auth_handler_factory,
39 SpdySessionPool* spdy_session_pool,
40 bool tunnel,
41 ProxyDelegate* proxy_delegate)
42 : transport_params_(transport_params),
43 ssl_params_(ssl_params),
44 spdy_session_pool_(spdy_session_pool),
45 user_agent_(user_agent),
46 endpoint_(endpoint),
47 http_auth_cache_(tunnel ? http_auth_cache : NULL),
48 http_auth_handler_factory_(tunnel ? http_auth_handler_factory : NULL),
49 tunnel_(tunnel),
50 proxy_delegate_(proxy_delegate) {
51 DCHECK((transport_params.get() == NULL && ssl_params.get() != NULL) ||
52 (transport_params.get() != NULL && ssl_params.get() == NULL));
53 if (transport_params_.get()) {
54 ignore_limits_ = transport_params->ignore_limits();
55 } else {
56 ignore_limits_ = ssl_params->ignore_limits();
60 const HostResolver::RequestInfo& HttpProxySocketParams::destination() const {
61 if (transport_params_.get() == NULL) {
62 return ssl_params_->GetDirectConnectionParams()->destination();
63 } else {
64 return transport_params_->destination();
68 HttpProxySocketParams::~HttpProxySocketParams() {}
70 // HttpProxyConnectJobs will time out after this many seconds. Note this is on
71 // top of the timeout for the transport socket.
72 // TODO(kundaji): Proxy connect timeout should be independent of platform and be
73 // based on proxy. Bug http://crbug.com/407446.
74 #if defined(OS_ANDROID) || defined(OS_IOS)
75 static const int kHttpProxyConnectJobTimeoutInSeconds = 10;
76 #else
77 static const int kHttpProxyConnectJobTimeoutInSeconds = 30;
78 #endif
80 HttpProxyConnectJob::HttpProxyConnectJob(
81 const std::string& group_name,
82 RequestPriority priority,
83 const scoped_refptr<HttpProxySocketParams>& params,
84 const base::TimeDelta& timeout_duration,
85 TransportClientSocketPool* transport_pool,
86 SSLClientSocketPool* ssl_pool,
87 Delegate* delegate,
88 NetLog* net_log)
89 : ConnectJob(group_name, timeout_duration, priority, delegate,
90 BoundNetLog::Make(net_log, NetLog::SOURCE_CONNECT_JOB)),
91 params_(params),
92 transport_pool_(transport_pool),
93 ssl_pool_(ssl_pool),
94 using_spdy_(false),
95 protocol_negotiated_(kProtoUnknown),
96 weak_ptr_factory_(this) {
97 callback_= base::Bind(&HttpProxyConnectJob::OnIOComplete,
98 weak_ptr_factory_.GetWeakPtr());
101 HttpProxyConnectJob::~HttpProxyConnectJob() {}
103 LoadState HttpProxyConnectJob::GetLoadState() const {
104 switch (next_state_) {
105 case STATE_TCP_CONNECT:
106 case STATE_TCP_CONNECT_COMPLETE:
107 case STATE_SSL_CONNECT:
108 case STATE_SSL_CONNECT_COMPLETE:
109 return transport_socket_handle_->GetLoadState();
110 case STATE_HTTP_PROXY_CONNECT:
111 case STATE_HTTP_PROXY_CONNECT_COMPLETE:
112 case STATE_SPDY_PROXY_CREATE_STREAM:
113 case STATE_SPDY_PROXY_CREATE_STREAM_COMPLETE:
114 return LOAD_STATE_ESTABLISHING_PROXY_TUNNEL;
115 default:
116 NOTREACHED();
117 return LOAD_STATE_IDLE;
121 void HttpProxyConnectJob::GetAdditionalErrorState(ClientSocketHandle * handle) {
122 if (error_response_info_.cert_request_info.get()) {
123 handle->set_ssl_error_response_info(error_response_info_);
124 handle->set_is_ssl_error(true);
128 void HttpProxyConnectJob::OnIOComplete(int result) {
129 int rv = DoLoop(result);
130 if (rv != ERR_IO_PENDING) {
131 NotifyProxyDelegateOfCompletion(rv);
132 NotifyDelegateOfCompletion(rv); // Deletes |this|
136 int HttpProxyConnectJob::DoLoop(int result) {
137 DCHECK_NE(next_state_, STATE_NONE);
139 int rv = result;
140 do {
141 State state = next_state_;
142 next_state_ = STATE_NONE;
143 switch (state) {
144 case STATE_TCP_CONNECT:
145 DCHECK_EQ(OK, rv);
146 rv = DoTransportConnect();
147 break;
148 case STATE_TCP_CONNECT_COMPLETE:
149 rv = DoTransportConnectComplete(rv);
150 break;
151 case STATE_SSL_CONNECT:
152 DCHECK_EQ(OK, rv);
153 rv = DoSSLConnect();
154 break;
155 case STATE_SSL_CONNECT_COMPLETE:
156 rv = DoSSLConnectComplete(rv);
157 break;
158 case STATE_HTTP_PROXY_CONNECT:
159 DCHECK_EQ(OK, rv);
160 rv = DoHttpProxyConnect();
161 break;
162 case STATE_HTTP_PROXY_CONNECT_COMPLETE:
163 rv = DoHttpProxyConnectComplete(rv);
164 break;
165 case STATE_SPDY_PROXY_CREATE_STREAM:
166 DCHECK_EQ(OK, rv);
167 rv = DoSpdyProxyCreateStream();
168 break;
169 case STATE_SPDY_PROXY_CREATE_STREAM_COMPLETE:
170 rv = DoSpdyProxyCreateStreamComplete(rv);
171 break;
172 default:
173 NOTREACHED() << "bad state";
174 rv = ERR_FAILED;
175 break;
177 } while (rv != ERR_IO_PENDING && next_state_ != STATE_NONE);
179 return rv;
182 int HttpProxyConnectJob::DoTransportConnect() {
183 next_state_ = STATE_TCP_CONNECT_COMPLETE;
184 transport_socket_handle_.reset(new ClientSocketHandle());
185 return transport_socket_handle_->Init(group_name(),
186 params_->transport_params(),
187 priority(),
188 callback_,
189 transport_pool_,
190 net_log());
193 int HttpProxyConnectJob::DoTransportConnectComplete(int result) {
194 if (result != OK)
195 return ERR_PROXY_CONNECTION_FAILED;
197 // Reset the timer to just the length of time allowed for HttpProxy handshake
198 // so that a fast TCP connection plus a slow HttpProxy failure doesn't take
199 // longer to timeout than it should.
200 ResetTimer(base::TimeDelta::FromSeconds(
201 kHttpProxyConnectJobTimeoutInSeconds));
203 next_state_ = STATE_HTTP_PROXY_CONNECT;
204 return result;
207 int HttpProxyConnectJob::DoSSLConnect() {
208 if (params_->tunnel()) {
209 SpdySessionKey key(params_->destination().host_port_pair(),
210 ProxyServer::Direct(),
211 PRIVACY_MODE_DISABLED);
212 if (params_->spdy_session_pool()->FindAvailableSession(key, net_log())) {
213 using_spdy_ = true;
214 next_state_ = STATE_SPDY_PROXY_CREATE_STREAM;
215 return OK;
218 next_state_ = STATE_SSL_CONNECT_COMPLETE;
219 transport_socket_handle_.reset(new ClientSocketHandle());
220 return transport_socket_handle_->Init(
221 group_name(), params_->ssl_params(), priority(), callback_,
222 ssl_pool_, net_log());
225 int HttpProxyConnectJob::DoSSLConnectComplete(int result) {
226 if (result == ERR_SSL_CLIENT_AUTH_CERT_NEEDED) {
227 error_response_info_ = transport_socket_handle_->ssl_error_response_info();
228 DCHECK(error_response_info_.cert_request_info.get());
229 error_response_info_.cert_request_info->is_proxy = true;
230 return result;
232 if (IsCertificateError(result)) {
233 if (params_->ssl_params()->load_flags() & LOAD_IGNORE_ALL_CERT_ERRORS) {
234 result = OK;
235 } else {
236 // TODO(rch): allow the user to deal with proxy cert errors in the
237 // same way as server cert errors.
238 transport_socket_handle_->socket()->Disconnect();
239 return ERR_PROXY_CERTIFICATE_INVALID;
242 // A SPDY session to the proxy completed prior to resolving the proxy
243 // hostname. Surface this error, and allow the delegate to retry.
244 // See crbug.com/334413.
245 if (result == ERR_SPDY_SESSION_ALREADY_EXISTS) {
246 DCHECK(!transport_socket_handle_->socket());
247 return ERR_SPDY_SESSION_ALREADY_EXISTS;
249 if (result < 0) {
250 if (transport_socket_handle_->socket())
251 transport_socket_handle_->socket()->Disconnect();
252 return ERR_PROXY_CONNECTION_FAILED;
255 SSLClientSocket* ssl =
256 static_cast<SSLClientSocket*>(transport_socket_handle_->socket());
257 protocol_negotiated_ = ssl->GetNegotiatedProtocol();
258 using_spdy_ = NextProtoIsSPDY(protocol_negotiated_);
260 // Reset the timer to just the length of time allowed for HttpProxy handshake
261 // so that a fast SSL connection plus a slow HttpProxy failure doesn't take
262 // longer to timeout than it should.
263 ResetTimer(base::TimeDelta::FromSeconds(
264 kHttpProxyConnectJobTimeoutInSeconds));
265 // TODO(rch): If we ever decide to implement a "trusted" SPDY proxy
266 // (one that we speak SPDY over SSL to, but to which we send HTTPS
267 // request directly instead of through CONNECT tunnels, then we
268 // need to add a predicate to this if statement so we fall through
269 // to the else case. (HttpProxyClientSocket currently acts as
270 // a "trusted" SPDY proxy).
271 if (using_spdy_ && params_->tunnel()) {
272 next_state_ = STATE_SPDY_PROXY_CREATE_STREAM;
273 } else {
274 next_state_ = STATE_HTTP_PROXY_CONNECT;
276 return result;
279 int HttpProxyConnectJob::DoHttpProxyConnect() {
280 next_state_ = STATE_HTTP_PROXY_CONNECT_COMPLETE;
281 const HostResolver::RequestInfo& tcp_destination = params_->destination();
282 const HostPortPair& proxy_server = tcp_destination.host_port_pair();
284 // Add a HttpProxy connection on top of the tcp socket.
285 transport_socket_.reset(
286 new HttpProxyClientSocket(transport_socket_handle_.release(),
287 params_->user_agent(),
288 params_->endpoint(),
289 proxy_server,
290 params_->http_auth_cache(),
291 params_->http_auth_handler_factory(),
292 params_->tunnel(),
293 using_spdy_,
294 protocol_negotiated_,
295 params_->proxy_delegate(),
296 params_->ssl_params().get() != NULL));
297 return transport_socket_->Connect(callback_);
300 int HttpProxyConnectJob::DoHttpProxyConnectComplete(int result) {
301 if (result == OK || result == ERR_PROXY_AUTH_REQUESTED ||
302 result == ERR_HTTPS_PROXY_TUNNEL_RESPONSE) {
303 SetSocket(transport_socket_.Pass());
306 if (result == ERR_HTTP_1_1_REQUIRED)
307 return ERR_PROXY_HTTP_1_1_REQUIRED;
309 return result;
312 int HttpProxyConnectJob::DoSpdyProxyCreateStream() {
313 DCHECK(using_spdy_);
314 DCHECK(params_->tunnel());
315 SpdySessionKey key(params_->destination().host_port_pair(),
316 ProxyServer::Direct(),
317 PRIVACY_MODE_DISABLED);
318 SpdySessionPool* spdy_pool = params_->spdy_session_pool();
319 base::WeakPtr<SpdySession> spdy_session =
320 spdy_pool->FindAvailableSession(key, net_log());
321 // It's possible that a session to the proxy has recently been created
322 if (spdy_session) {
323 if (transport_socket_handle_.get()) {
324 if (transport_socket_handle_->socket())
325 transport_socket_handle_->socket()->Disconnect();
326 transport_socket_handle_->Reset();
328 } else {
329 // Create a session direct to the proxy itself
330 spdy_session =
331 spdy_pool->CreateAvailableSessionFromSocket(
332 key, transport_socket_handle_.Pass(),
333 net_log(), OK, /*using_ssl_*/ true);
334 DCHECK(spdy_session);
337 next_state_ = STATE_SPDY_PROXY_CREATE_STREAM_COMPLETE;
338 return spdy_stream_request_.StartRequest(
339 SPDY_BIDIRECTIONAL_STREAM, spdy_session,
340 GURL("https://" + params_->endpoint().ToString()), priority(),
341 spdy_session->net_log(), callback_);
344 int HttpProxyConnectJob::DoSpdyProxyCreateStreamComplete(int result) {
345 if (result < 0)
346 return result;
348 next_state_ = STATE_HTTP_PROXY_CONNECT_COMPLETE;
349 base::WeakPtr<SpdyStream> stream = spdy_stream_request_.ReleaseStream();
350 DCHECK(stream.get());
351 // |transport_socket_| will set itself as |stream|'s delegate.
352 transport_socket_.reset(
353 new SpdyProxyClientSocket(stream,
354 params_->user_agent(),
355 params_->endpoint(),
356 params_->destination().host_port_pair(),
357 net_log(),
358 params_->http_auth_cache(),
359 params_->http_auth_handler_factory()));
360 return transport_socket_->Connect(callback_);
363 void HttpProxyConnectJob::NotifyProxyDelegateOfCompletion(int result) {
364 if (!params_->proxy_delegate())
365 return;
367 const HostPortPair& proxy_server = params_->destination().host_port_pair();
368 params_->proxy_delegate()->OnTunnelConnectCompleted(params_->endpoint(),
369 proxy_server,
370 result);
373 int HttpProxyConnectJob::ConnectInternal() {
374 if (params_->transport_params().get()) {
375 next_state_ = STATE_TCP_CONNECT;
376 } else {
377 next_state_ = STATE_SSL_CONNECT;
380 int rv = DoLoop(OK);
381 if (rv != ERR_IO_PENDING) {
382 NotifyProxyDelegateOfCompletion(rv);
385 return rv;
388 HttpProxyClientSocketPool::
389 HttpProxyConnectJobFactory::HttpProxyConnectJobFactory(
390 TransportClientSocketPool* transport_pool,
391 SSLClientSocketPool* ssl_pool,
392 NetLog* net_log)
393 : transport_pool_(transport_pool),
394 ssl_pool_(ssl_pool),
395 net_log_(net_log) {
396 base::TimeDelta max_pool_timeout = base::TimeDelta();
398 // TODO(kundaji): Proxy connect timeout should be independent of platform and be
399 // based on proxy. Bug http://crbug.com/407446.
400 #if (defined(OS_ANDROID) || defined(OS_IOS))
401 #else
402 if (transport_pool_)
403 max_pool_timeout = transport_pool_->ConnectionTimeout();
404 if (ssl_pool_)
405 max_pool_timeout = std::max(max_pool_timeout,
406 ssl_pool_->ConnectionTimeout());
407 #endif
408 timeout_ = max_pool_timeout +
409 base::TimeDelta::FromSeconds(kHttpProxyConnectJobTimeoutInSeconds);
413 scoped_ptr<ConnectJob>
414 HttpProxyClientSocketPool::HttpProxyConnectJobFactory::NewConnectJob(
415 const std::string& group_name,
416 const PoolBase::Request& request,
417 ConnectJob::Delegate* delegate) const {
418 return scoped_ptr<ConnectJob>(new HttpProxyConnectJob(group_name,
419 request.priority(),
420 request.params(),
421 ConnectionTimeout(),
422 transport_pool_,
423 ssl_pool_,
424 delegate,
425 net_log_));
428 base::TimeDelta
429 HttpProxyClientSocketPool::HttpProxyConnectJobFactory::ConnectionTimeout(
430 ) const {
431 return timeout_;
434 HttpProxyClientSocketPool::HttpProxyClientSocketPool(
435 int max_sockets,
436 int max_sockets_per_group,
437 TransportClientSocketPool* transport_pool,
438 SSLClientSocketPool* ssl_pool,
439 NetLog* net_log)
440 : transport_pool_(transport_pool),
441 ssl_pool_(ssl_pool),
442 base_(this,
443 max_sockets,
444 max_sockets_per_group,
445 ClientSocketPool::unused_idle_socket_timeout(),
446 ClientSocketPool::used_idle_socket_timeout(),
447 new HttpProxyConnectJobFactory(transport_pool, ssl_pool, net_log)) {
448 // We should always have a |transport_pool_| except in unit tests.
449 if (transport_pool_)
450 base_.AddLowerLayeredPool(transport_pool_);
451 if (ssl_pool_)
452 base_.AddLowerLayeredPool(ssl_pool_);
455 HttpProxyClientSocketPool::~HttpProxyClientSocketPool() {
458 int HttpProxyClientSocketPool::RequestSocket(
459 const std::string& group_name, const void* socket_params,
460 RequestPriority priority, ClientSocketHandle* handle,
461 const CompletionCallback& callback, const BoundNetLog& net_log) {
462 const scoped_refptr<HttpProxySocketParams>* casted_socket_params =
463 static_cast<const scoped_refptr<HttpProxySocketParams>*>(socket_params);
465 return base_.RequestSocket(group_name, *casted_socket_params, priority,
466 handle, callback, net_log);
469 void HttpProxyClientSocketPool::RequestSockets(
470 const std::string& group_name,
471 const void* params,
472 int num_sockets,
473 const BoundNetLog& net_log) {
474 const scoped_refptr<HttpProxySocketParams>* casted_params =
475 static_cast<const scoped_refptr<HttpProxySocketParams>*>(params);
477 base_.RequestSockets(group_name, *casted_params, num_sockets, net_log);
480 void HttpProxyClientSocketPool::CancelRequest(
481 const std::string& group_name,
482 ClientSocketHandle* handle) {
483 base_.CancelRequest(group_name, handle);
486 void HttpProxyClientSocketPool::ReleaseSocket(const std::string& group_name,
487 scoped_ptr<StreamSocket> socket,
488 int id) {
489 base_.ReleaseSocket(group_name, socket.Pass(), id);
492 void HttpProxyClientSocketPool::FlushWithError(int error) {
493 base_.FlushWithError(error);
496 void HttpProxyClientSocketPool::CloseIdleSockets() {
497 base_.CloseIdleSockets();
500 int HttpProxyClientSocketPool::IdleSocketCount() const {
501 return base_.idle_socket_count();
504 int HttpProxyClientSocketPool::IdleSocketCountInGroup(
505 const std::string& group_name) const {
506 return base_.IdleSocketCountInGroup(group_name);
509 LoadState HttpProxyClientSocketPool::GetLoadState(
510 const std::string& group_name, const ClientSocketHandle* handle) const {
511 return base_.GetLoadState(group_name, handle);
514 scoped_ptr<base::DictionaryValue> HttpProxyClientSocketPool::GetInfoAsValue(
515 const std::string& name,
516 const std::string& type,
517 bool include_nested_pools) const {
518 scoped_ptr<base::DictionaryValue> dict(base_.GetInfoAsValue(name, type));
519 if (include_nested_pools) {
520 base::ListValue* list = new base::ListValue();
521 if (transport_pool_) {
522 list->Append(transport_pool_->GetInfoAsValue("transport_socket_pool",
523 "transport_socket_pool",
524 true));
526 if (ssl_pool_) {
527 list->Append(ssl_pool_->GetInfoAsValue("ssl_socket_pool",
528 "ssl_socket_pool",
529 true));
531 dict->Set("nested_pools", list);
533 return dict.Pass();
536 base::TimeDelta HttpProxyClientSocketPool::ConnectionTimeout() const {
537 return base_.ConnectionTimeout();
540 bool HttpProxyClientSocketPool::IsStalled() const {
541 return base_.IsStalled();
544 void HttpProxyClientSocketPool::AddHigherLayeredPool(
545 HigherLayeredPool* higher_pool) {
546 base_.AddHigherLayeredPool(higher_pool);
549 void HttpProxyClientSocketPool::RemoveHigherLayeredPool(
550 HigherLayeredPool* higher_pool) {
551 base_.RemoveHigherLayeredPool(higher_pool);
554 bool HttpProxyClientSocketPool::CloseOneIdleConnection() {
555 if (base_.CloseOneIdleSocket())
556 return true;
557 return base_.CloseOneIdleConnectionInHigherLayeredPool();
560 } // namespace net