| blob | 8c5ccc3aa8905bf2820e2745cbde13d88a7ad26b |
1 /* ***** BEGIN LICENSE BLOCK *****
2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
3 *
4 * The contents of this file are subject to the Mozilla Public License Version
5 * 1.1 (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
7 * http://www.mozilla.org/MPL/
8 *
9 * Software distributed under the License is distributed on an "AS IS" basis,
10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
11 * for the specific language governing rights and limitations under the
12 * License.
13 *
14 * The Original Code is mozilla.org code.
15 *
16 * The Initial Developer of the Original Code is
17 * Red Hat, Inc.
18 * Portions created by the Initial Developer are Copyright (C) 2006
19 * the Initial Developer. All Rights Reserved.
20 *
21 * Contributor(s):
22 * Kai Engert <kengert@redhat.com>
23 *
24 * Alternatively, the contents of this file may be used under the terms of
25 * either the GNU General Public License Version 2 or later (the "GPL"), or
26 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
27 * in which case the provisions of the GPL or the LGPL are applicable instead
28 * of those above. If you wish to allow use of your version of this file only
29 * under the terms of either the GPL or the LGPL, and not to allow others to
30 * use your version of this file under the terms of the MPL, indicate your
31 * decision by deleting the provisions above and replace them with the notice
32 * and other provisions required by the GPL or the LGPL. If you do not delete
33 * the provisions above, a recipient may use your version of this file under
34 * the terms of any one of the MPL, the GPL or the LGPL.
35 *
36 * ***** END LICENSE BLOCK ***** */
45 #ifdef PR_LOGGING
47 #endif
52 {
53 NS_ASSERTION(!ssl_thread_singleton, "nsSSLThread is a singleton, caller attempts to create another instance!");
56 }
59 {
61 }
64 {
71 {
73 }
74 else
75 {
77 }
78 }
81 {
87 }
90 {
96 }
100 {
106 }
110 {
116 }
119 PRInt16 out_flags)
120 {
126 }
130 {
132 {
135 }
139 {
143 {
146 }
149 {
154 {
155 // we have data available that we can return
157 // if there was a failure, just return the failure,
158 // but do not yet clear our state, that should happen
159 // in the call to "read".
164 }
167 }
174 }
180 // for safety reasons, also return would_block on any other state,
181 // although this switch statement should be complete and list
182 // the appropriate behaviour for each state.
184 {
187 }
188 }
191 {
193 }
194 else
195 {
197 }
198 }
201 }
204 {
216 }
219 {
228 {
232 {
233 // If there is currently any socket busy on the SSL thread,
234 // use our own poll method implementation.
237 {
239 {
241 {
243 }
246 }
250 {
252 {
254 }
257 }
262 {
264 {
266 {
267 // The lower layer of the socket is currently the pollable event,
268 // which signals the readable state.
271 }
272 else
273 {
274 // Unfortunately we do not have a pollable event
275 // that we could use to wake up the caller, as soon
276 // as the previously requested I/O operation has completed.
277 // Therefore we must use a kind of busy wait,
278 // we want the caller to check again, whenever any
279 // activity is detected on the associated socket.
280 // Unfortunately this could mean, the caller will detect
281 // activity very often, until we are finally done with
282 // the previously requested action and are able to
283 // return the buffered result.
284 // As our real I/O activity is happening on the other thread
285 // let's sleep some cycles, in order to not waste all CPU
286 // resources.
287 // But let's make sure we do not hold our shared mutex
288 // while waiting, so let's leave this block first.
292 }
293 }
294 else
295 {
296 // We should never get here, well, at least not with the current
297 // implementation of SSL thread, where we have one worker only.
298 // While another socket is busy, this socket "si"
299 // can not be marked with pending I/O at the same time.
303 }
304 }
308 {
310 {
312 {
313 // In this scenario we always want the caller to immediately
314 // try a write again, because it might not wake up otherwise.
317 }
318 }
323 {
324 // Some other socket is currently busy on the SSL thread.
325 // It is possible that busy socket is currently blocked (e.g. by UI).
326 // Therefore we should not report "si" as being readable/writeable,
327 // regardless whether it is.
328 // (Because if we did report readable/writeable to the caller,
329 // the caller would repeatedly request us to do I/O,
330 // although our read/write function would not be able to fulfil
331 // the request, because our single worker is blocked).
332 // To avoid the unnecessary busy loop in that scenario,
333 // for socket "si" we report "not ready" to the caller.
334 // We do this by faking our caller did not ask for neither
335 // readable nor writeable when querying the lower layer.
336 // (this will leave querying for exceptions enabled)
339 }
340 }
345 }
346 }
347 else
348 {
350 }
353 {
354 NS_ASSERTION(in_flags & PR_POLL_EXCEPT, "nsSSLThread::requestPoll handshake timeout, but caller did not poll for EXCEPT");
358 }
359 }
362 {
363 // This is where we wait for any socket activity,
364 // because we do not have a pollable event.
365 // XXX Will this really cause us to wake up
366 // whatever happens?
370 }
373 }
376 {
383 {
388 // That's tricky, SSL thread is currently busy with this socket,
389 // and might even be blocked on it (UI or OCSP).
390 // We should not close the socket directly, but rather
391 // schedule closing it, at the time the SSL thread is done.
392 // If there is indeed a depending OCSP request pending,
393 // we should cancel it now.
396 {
398 }
404 }
405 }
408 {
410 {
412 }
413 else
414 {
415 NS_WARNING("Attempt to close SSL socket from a thread that is not the main thread. Can not cancel pending HTTP request from NSS");
416 }
419 }
422 {
424 }
427 }
430 {
432 {
434 {
437 {
439 }
440 }
443 {
444 // need to restore
447 }
450 }
451 }
455 {
463 {
464 PRSocketOptionData sod;
471 }
474 {
476 }
479 }
482 PRIntervalTime timeout)
483 {
485 {
488 }
495 {
501 }
505 }
508 {
512 {
516 {
517 // we will now care for the data that's ready,
518 // the socket is no longer busy on the ssl thread
524 // We'll handle the results further down,
525 // while not holding the lock.
526 }
527 }
529 {
531 }
534 {
539 }
540 }
541 // leave this mutex protected scope before the blockingFD handling
542 }
545 {
546 // this is an exception, we do not use our SSL thread at all,
547 // just pass the call through to libssl.
549 }
552 {
554 {
558 {
561 }
563 // ssl thread is not busy, we'll continue below
564 }
568 // there has been a previous request to read, that is now done!
569 {
570 // failure ?
575 }
579 }
590 }
593 }
596 }
597 // we never arrive here, see return statement above
601 // We should not see the following events here,
602 // because we have not yet signaled Necko that we are
603 // readable/writable again, so if we end up here,
604 // it means that Necko decided to try read/write again,
605 // for whatever reason. No problem, just return would_block,
609 // We should not see this state here, because Necko has previously
610 // requested us to write, Necko is not yet aware that it's done,
611 // (although it meanwhile is), but Necko now tries to read?
612 // If that ever happens, it's confusing, but not a problem,
613 // just let Necko know we can not do that now and return would_block.
616 // for safety reasons, also return would_block on any other state,
617 // although this switch statement should be complete and list
618 // the appropriate behaviour for each state.
620 {
623 }
624 // we never arrive here, see return statement above
626 }
631 }
635 }
637 // si is idle and good, and no other socket is currently busy,
638 // so it's fine to continue with the request.
641 {
644 }
649 // Remember we are operating on a layered file descriptor, that consists of
650 // a PSM code layer (nsNSSIOLayer), a NSS code layer (SSL protocol logic),
651 // and the raw socket at the bottommost layer.
652 //
653 // We don't want to call the SSL layer read/write directly on this thread,
654 // because it might block, should a callback to UI (for user confirmation)
655 // or Necko (for retrieving OCSP verification data) be necessary.
656 // As Necko is single threaded, it is currently waiting for this
657 // function to return, and a callback into Necko from NSS couldn't succeed.
658 //
659 // Therefore we must defer the request to read/write to a separate SSL thread.
660 // We will return WOULD_BLOCK to Necko, and will return the real results
661 // once the I/O operation on the SSL thread is ready.
662 //
663 // The tricky part is to wake up Necko, as soon as the I/O operation
664 // on the SSL thread is done.
665 //
666 // In order to achieve that, we manipulate the layering of the file
667 // descriptor. Usually the PSM layer points to the SSL layer as its lower
668 // layer. We change that to a pollable event file descriptor.
669 //
670 // Once we return from this original read/write function, Necko will
671 // poll/select on the file descriptor. As result data is not yet ready, we will
672 // instruct Necko to select on the bottommost file descriptor
673 // (by using appropriate flags in PSM's layer implementation of the
674 // poll method), which is the pollable event.
675 //
676 // Once the SSL thread is done with the call to the SSL layer, it will
677 // "set" the pollable event, causing Necko to wake up on the file descriptor
678 // and call read/write again. Now that the file descriptor is in the done state,
679 // we'll arrive in this read/write function again. We'll detect the socket is
680 // in the done state, and restore the original SSL level file descriptor.
681 // Finally, we return the data obtained on the SSL thread back to our caller.
683 {
687 {
695 }
700 // notify the thread
702 }
706 }
709 PRIntervalTime timeout)
710 {
712 {
715 }
722 {
728 }
732 }
735 {
739 {
743 {
744 // we will now care for the data that's ready,
745 // the socket is no longer busy on the ssl thread
751 // We'll handle the results further down,
752 // while not holding the lock.
753 }
754 }
756 {
758 }
761 {
766 }
767 }
768 // leave this mutex protected scope before the blockingFD handling
769 }
772 {
773 // this is an exception, we do not use our SSL thread at all,
774 // just pass the call through to libssl.
776 }
779 {
781 {
785 {
788 }
790 // ssl thread is not busy, we'll continue below
791 }
795 // there has been a previous request to write, that is now done!
796 {
797 // failure ?
802 }
806 }
814 }
817 }
820 // We should not see the following events here,
821 // because we have not yet signaled Necko that we are
822 // readable/writable again, so if we end up here,
823 // it means that Necko decided to try read/write again,
824 // for whatever reason. No problem, just return would_block,
828 // We should not see this state here, because Necko has previously
829 // requested us to read, Necko is not yet aware that it's done,
830 // (although it meanwhile is), but Necko now tries to write?
831 // If that ever happens, it's confusing, but not a problem,
832 // just let Necko know we can not do that now and return would_block.
835 // for safety reasons, also return would_block on any other state,
836 // although this switch statement should be complete and list
837 // the appropriate behaviour for each state.
839 {
842 }
843 // we never arrive here, see return statement above
845 }
850 }
854 }
856 // si is idle and good, and no other socket is currently busy,
857 // so it's fine to continue with the request.
859 // However, use special handling for the
860 // mOneBytePendingFromEarlierWrite
861 // scenario, where we will not change any of our buffers at this point,
862 // as we are waiting for completion of the earlier write.
865 {
867 {
870 }
874 }
878 {
882 {
890 }
896 }
900 }
903 {
904 // Helper variable, we don't want to call destroy
905 // while holding the mutex.
909 {
911 {
914 }
916 // remember whether we'll write or read
919 {
920 // In this scope we need mutex protection,
921 // as we find out what needs to be done.
926 {
928 {
929 // That's rare, but it happens.
930 // We have received a request to close the socket,
931 // although I/O results have not yet been consumed.
937 }
942 }
949 do
950 {
952 &&
954 ||
956 {
958 }
961 {
962 // no work to do ? let's wait a moment
965 }
979 }
981 {
982 // In this scope we need to make sure NSS does not go away
983 // while we are busy.
984 nsNSSShutDownPreventionLock locker;
986 // Reference for shorter code and to avoid multiple dereferencing.
991 {
993 }
996 {
1000 {
1001 // Let's try to flush the final pending byte (that libSSL might already have
1002 // processed). Let's be correct and send the final byte from our buffer.
1006 #ifdef DEBUG_SSL_VERBOSE
1007 PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("[%p] wrote %d bytes\n", (void*)realFileDesc, bytesWritten));
1008 #endif
1012 // give the error back to caller
1014 }
1016 // Cool, all flushed now. We can exit the one-byte-pending mode,
1017 // and report the full amount back to the caller.
1021 }
1022 }
1023 else
1024 {
1025 // standard code, try to write the buffer we've been given just now
1031 #ifdef DEBUG_SSL_VERBOSE
1034 #endif
1038 // give the error back to caller
1040 }
1043 // libSSL signaled us a short write.
1044 // While libSSL accepted all data, not all bytes were flushed to the OS socket.
1050 }
1051 }
1055 }
1057 {
1063 #ifdef DEBUG_SSL_VERBOSE
1065 #endif
1068 // give the error back to caller
1070 }
1075 }
1076 }
1078 // avoid setting event repeatedly
1081 {
1087 {
1090 }
1091 }
1094 {
1095 // Wake up the file descriptor on the Necko thread,
1096 // so it can fetch the results from the SSL I/O call
1097 // that we just completed.
1100 // if we don't have a pollable event, we'll have to wake up
1101 // the caller by other means.
1102 }
1103 }
1105 {
1108 {
1111 }
1113 {
1116 {
1118 }
1119 }
1120 }
1121 }
1124 {
1128 // no lock
1131 }