Make SSLClientSocketMac full-duplex

net/socket/ssl_client_socket_mac.cc

 // Copyright (c) 2008-2009 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/socket/ssl_client_socket_mac.h"
 
 #include "base/scoped_cftyperef.h"
 #include "base/singleton.h"
 #include "base/string_util.h"
 #include "net/base/cert_verifier.h"
@@ skipping 50 matching lines @@
 // we wrote before we would have blocked. But with the asynchronous I/O, the
 // transport underneath us can tell us that it'll let us know sometime "later"
 // whether or not things succeeded, and how many bytes were written. What do we
 // return to Secure Transport? We can't return a byte count, but we can't return
 // "later" as we're not guaranteed to be called in the future with the same data
 // to write.
 //
 // So, like in any good relationship, we're forced to lie. Whenever Secure
 // Transport asks for data to be written, we take it all and lie about it always
 // being written. We spin in a loop (see SSLWriteCallback() and
-// OnWriteComplete()) independent of the main state machine writing the data to
-// the network, and get the data out. The main consequence of this independence
-// from the state machine is that we require a full-duplex transport underneath
-// us since we can't use it to keep our reading and writing
-// straight. Fortunately, the NSS implementation also has this issue to deal
-// with, so we share the same Libevent-based full-duplex TCP socket.
+// OnTransportWriteComplete()) independent of the main state machine writing
+// the data to he network, and get the data out. The main consequence of this
+// independence from the state machine is that we require a full-duplex
+// transport underneath us since we can't use it to keep our reading and
+// writing straight. Fortunately, the NSS implementation also has this issue
+// to deal with, so we share the same Libevent-based full-duplex TCP socket.
 //
 // A side comment on return values might be in order. Those who haven't taken
 // the time to read the documentation (ahem, header comments) in our various
 // files might be a bit surprised to see result values being treated as both
 // lengths and errors. Like Shimmer, they are both. In both the case of
 // immediate results as well as results returned in callbacks, a negative return
 // value indicates an error, a zero return value indicates end-of-stream (for
 // reads), and a positive return value indicates the number of bytes read or
 // written. Thus, many functions start off with |if (result < 0) return
 // result;|. That gets the error condition out of the way, and from that point
@@ skipping 203 matching lines @@
   return x509_cert;
 }
 
 }  // namespace
 
 //-----------------------------------------------------------------------------
 
 SSLClientSocketMac::SSLClientSocketMac(ClientSocket* transport_socket,
                                        const std::string& hostname,
                                        const SSLConfig& ssl_config)
-    : io_callback_(this, &SSLClientSocketMac::OnIOComplete),
-      write_callback_(this, &SSLClientSocketMac::OnWriteComplete),
+    : handshake_io_callback_(this, &SSLClientSocketMac::OnHandshakeIOComplete),
+      transport_read_callback_(this,
+                               &SSLClientSocketMac::OnTransportReadComplete),
+      transport_write_callback_(this,
+                                &SSLClientSocketMac::OnTransportWriteComplete),
       transport_(transport_socket),
       hostname_(hostname),
       ssl_config_(ssl_config),
-      user_callback_(NULL),
-      next_state_(STATE_NONE),
-      next_io_state_(STATE_NONE),
+      user_connect_callback_(NULL),
+      user_read_callback_(NULL),
+      user_write_callback_(NULL),
+      user_read_buf_len_(0),
+      user_write_buf_len_(0),
+      next_handshake_state_(STATE_NONE),
       completed_handshake_(false),
       handshake_interrupted_(false),
       ssl_context_(NULL),
       pending_send_error_(OK),
       recv_buffer_head_slop_(0),
       recv_buffer_tail_slop_(0) {
 }
 
 SSLClientSocketMac::~SSLClientSocketMac() {
   Disconnect();
 }
 
 int SSLClientSocketMac::Connect(CompletionCallback* callback) {
   DCHECK(transport_.get());
-  DCHECK(next_state_ == STATE_NONE);
-  DCHECK(!user_callback_);
+  DCHECK(next_handshake_state_ == STATE_NONE);
+  DCHECK(!user_connect_callback_);
 
   OSStatus status = noErr;
 
   status = SSLNewContext(false, &ssl_context_);
   if (status)
     return NetErrorFromOSStatus(status);
 
   status = SSLSetProtocolVersionEnabled(ssl_context_,
                                         kSSLProtocol2,
                                         ssl_config_.ssl2_enabled);
@@ skipping 74 matching lines @@
 
         // SSLSetPeerID() treats peer_id as a binary blob, and makes its
         // own copy.
         status = SSLSetPeerID(ssl_context_, &peer_id[0], peer_id.size());
         if (status)
           return NetErrorFromOSStatus(status);
       }
     }
   }
 
-  next_state_ = STATE_HANDSHAKE_START;
-  int rv = DoLoop(OK);
+  next_handshake_state_ = STATE_HANDSHAKE_START;
+  int rv = DoHandshakeLoop(OK);
   if (rv == ERR_IO_PENDING)
-    user_callback_ = callback;
+    user_connect_callback_ = callback;
   return rv;
 }
 
 void SSLClientSocketMac::Disconnect() {
   completed_handshake_ = false;
 
   if (ssl_context_) {
     SSLClose(ssl_context_);
     SSLDisposeContext(ssl_context_);
     ssl_context_ = NULL;
@@ skipping 21 matching lines @@
   // alert message from the server, and return false in that case.  Although
   // the close_notify alert message means EOF in the SSL layer, it is just
   // bytes to the transport layer below, so transport_->IsConnectedAndIdle()
   // returns the desired false when we receive close_notify.
   return completed_handshake_ && transport_->IsConnectedAndIdle();
 }
 
 int SSLClientSocketMac::Read(IOBuffer* buf, int buf_len,
                              CompletionCallback* callback) {
   DCHECK(completed_handshake_);
-  DCHECK(next_state_ == STATE_NONE);
-  DCHECK(!user_callback_);
-  DCHECK(!user_buf_);
+  DCHECK(!user_read_callback_);
+  DCHECK(!user_read_buf_);
 
-  user_buf_ = buf;
-  user_buf_len_ = buf_len;
+  user_read_buf_ = buf;
+  user_read_buf_len_ = buf_len;
 
-  next_state_ = STATE_PAYLOAD_READ;
-  int rv = DoLoop(OK);
+  int rv = DoPayloadRead();
   if (rv == ERR_IO_PENDING) {
-    user_callback_ = callback;
+    user_read_callback_ = callback;
   } else {
-    user_buf_ = NULL;
+    user_read_buf_ = NULL;
+    user_read_buf_len_ = 0;
   }
   return rv;
 }
 
 int SSLClientSocketMac::Write(IOBuffer* buf, int buf_len,
                               CompletionCallback* callback) {
   DCHECK(completed_handshake_);
-  DCHECK(next_state_ == STATE_NONE);
-  DCHECK(!user_callback_);
-  DCHECK(!user_buf_);
+  DCHECK(!user_write_callback_);
+  DCHECK(!user_write_buf_);
 
-  user_buf_ = buf;
-  user_buf_len_ = buf_len;
+  user_write_buf_ = buf;
+  user_write_buf_len_ = buf_len;
 
-  next_state_ = STATE_PAYLOAD_WRITE;
-  int rv = DoLoop(OK);
+  int rv = DoPayloadWrite();
   if (rv == ERR_IO_PENDING) {
-    user_callback_ = callback;
+    user_write_callback_ = callback;
   } else {
-    user_buf_ = NULL;
+    user_write_buf_ = NULL;
+    user_write_buf_len_ = 0;
   }
   return rv;
 }
 
 bool SSLClientSocketMac::SetReceiveBufferSize(int32 size) {
   return transport_->SetReceiveBufferSize(size);
 }
 
 bool SSLClientSocketMac::SetSendBufferSize(int32 size) {
   return transport_->SetSendBufferSize(size);
@@ skipping 15 matching lines @@
   OSStatus status = SSLGetNegotiatedCipher(ssl_context_, &suite);
   if (!status)
     ssl_info->security_bits = KeySizeOfCipherSuite(suite);
 }
 
 void SSLClientSocketMac::GetSSLCertRequestInfo(
     SSLCertRequestInfo* cert_request_info) {
   // TODO(wtc): implement this.
 }
 
-void SSLClientSocketMac::DoCallback(int rv) {
+void SSLClientSocketMac::DoConnectCallback(int rv) {
   DCHECK(rv != ERR_IO_PENDING);
-  DCHECK(user_callback_);
+  DCHECK(user_connect_callback_);
+  DCHECK(next_handshake_state_ == STATE_NONE);
 
-  // since Run may result in Read being called, clear user_callback_ up front.
-  CompletionCallback* c = user_callback_;
-  user_callback_ = NULL;
-  user_buf_ = NULL;
+  CompletionCallback* c = user_connect_callback_;
+  user_connect_callback_ = NULL;
+  c->Run(rv > OK ? OK : rv);
+}
+
+void SSLClientSocketMac::DoReadCallback(int rv) {
+  DCHECK(rv != ERR_IO_PENDING);
+  DCHECK(user_read_callback_);
+
+  // Since Run may result in Read being called, clear user_read_callback_ up
+  // front.
+  CompletionCallback* c = user_read_callback_;
+  user_read_callback_ = NULL;
+  user_read_buf_ = NULL;
+  user_read_buf_len_ = 0;
   c->Run(rv);
 }
 
-void SSLClientSocketMac::OnIOComplete(int result) {
-  if (next_io_state_ != STATE_NONE) {
-    State next_state = next_state_;
-    next_state_ = next_io_state_;
-    next_io_state_ = STATE_NONE;
-    result = DoLoop(result);
-    next_state_ = next_state;
+void SSLClientSocketMac::DoWriteCallback(int rv) {
+  DCHECK(rv != ERR_IO_PENDING);
+  DCHECK(user_write_callback_);
+
+  // Since Run may result in Write being called, clear user_write_callback_ up
+  // front.
+  CompletionCallback* c = user_write_callback_;
+  user_write_callback_ = NULL;
+  user_write_buf_ = NULL;
+  user_write_buf_len_ = 0;
+  c->Run(rv);
+}
+
+void SSLClientSocketMac::OnHandshakeIOComplete(int result) {
+  DCHECK(next_handshake_state_ != STATE_NONE);
+  int rv = DoHandshakeLoop(result);
+  if (rv != ERR_IO_PENDING)
+    DoConnectCallback(rv);
+}
+
+void SSLClientSocketMac::OnTransportReadComplete(int result) {
+  if (result > 0) {
+      char* buffer =
+          &recv_buffer_[recv_buffer_.size() - recv_buffer_tail_slop_];
+      memcpy(buffer, read_io_buf_->data(), result);
+      recv_buffer_tail_slop_ -= result;
   }
-  if (next_state_ != STATE_NONE) {
-    int rv = DoLoop(result);
+  read_io_buf_ = NULL;
+
+  if (next_handshake_state_ != STATE_NONE) {
+    int rv = DoHandshakeLoop(result);
     if (rv != ERR_IO_PENDING)
-      DoCallback(rv);
+      DoConnectCallback(rv);
+    return;
   }
+  if (user_read_buf_) {
+    if (result < 0) {
+      DoReadCallback(result);
+      return;
+    }
+    int rv = DoPayloadRead();
+    if (rv != ERR_IO_PENDING)
+      DoReadCallback(rv);
+  }
+}
+
+void SSLClientSocketMac::OnTransportWriteComplete(int result) {
+  if (result < 0) {
+    pending_send_error_ = result;
+    return;
+  }
+  send_buffer_.erase(send_buffer_.begin(),
+                     send_buffer_.begin() + result);
+  if (!send_buffer_.empty())
+    SSLWriteCallback(this, NULL, NULL);
+
+  // Since SSLWriteCallback() lies to return noErr even if transport_->Write()
+  // returns ERR_IO_PENDING, we don't need to any callbacks here.

[wtc, 2009/10/22 22:06:44]

Nit: add "call" or "do" after "need to".

 }
 
 // This is the main loop driving the state machine. Most calls coming from the
 // outside just set up a few variables and jump into here.
-int SSLClientSocketMac::DoLoop(int last_io_result) {
-  DCHECK(next_state_ != STATE_NONE);
+int SSLClientSocketMac::DoHandshakeLoop(int last_io_result) {
+  DCHECK(next_handshake_state_ != STATE_NONE);
   int rv = last_io_result;
   do {
-    State state = next_state_;
-    next_state_ = STATE_NONE;
+    State state = next_handshake_state_;
+    next_handshake_state_ = STATE_NONE;
     switch (state) {
       case STATE_HANDSHAKE_START:
         // Do the SSL/TLS handshake, up to the server certificate message.
         rv = DoHandshakeStart();
         break;
       case STATE_VERIFY_CERT:
         // Kick off server certificate validation.
         rv = DoVerifyCert();
         break;
       case STATE_VERIFY_CERT_COMPLETE:
         // Check the results of the  server certificate validation.
         rv = DoVerifyCertComplete(rv);
         break;
       case STATE_HANDSHAKE_FINISH:
         // Do the SSL/TLS handshake, after the server certificate message.
         rv = DoHandshakeFinish();
         break;
-      case STATE_READ_COMPLETE:
-        // A read off the network is complete; do the paperwork.
-        rv = DoReadComplete(rv);
-        break;
-      case STATE_PAYLOAD_READ:
-        // Do a read of data from the network.
-        rv = DoPayloadRead();
-        break;
-      case STATE_PAYLOAD_WRITE:
-        // Do a write of data to the network.
-        rv = DoPayloadWrite();
-        break;
       default:
         rv = ERR_UNEXPECTED;
         NOTREACHED() << "unexpected state";
         break;
     }
-  } while (rv != ERR_IO_PENDING && next_state_ != STATE_NONE);
+  } while (rv != ERR_IO_PENDING && next_handshake_state_ != STATE_NONE);
   return rv;
 }
 
 int SSLClientSocketMac::DoHandshakeStart() {
   OSStatus status = SSLHandshake(ssl_context_);
-
   if (status == errSSLWouldBlock)
-    next_state_ = STATE_HANDSHAKE_START;
+    next_handshake_state_ = STATE_HANDSHAKE_START;
 
   server_cert_ = GetServerCert(ssl_context_);
 
   if (status == noErr || status == errSSLServerAuthCompletedFlag) {
     if (!server_cert_)
       return ERR_UNEXPECTED;
 
     // TODO(hawk): we verify the certificate chain even on resumed sessions
     // so that we have the certificate status (valid, expired but overridden
     // by the user, EV, etc.) available. Eliminate this step once we have
     // a certificate validation result cache.
-    next_state_ = STATE_VERIFY_CERT;
+    next_handshake_state_ = STATE_VERIFY_CERT;
     if (status == errSSLServerAuthCompletedFlag) {
       // Override errSSLServerAuthCompletedFlag as it's not actually an error,
       // but rather an indication that we're only half way through the
       // handshake.
       handshake_interrupted_ = true;
       status = noErr;
     }
   }
 
   return NetErrorFromOSStatus(status);
 }
 
 int SSLClientSocketMac::DoVerifyCert() {
-  next_state_ = STATE_VERIFY_CERT_COMPLETE;
+  next_handshake_state_ = STATE_VERIFY_CERT_COMPLETE;
 
   if (!server_cert_)
     return ERR_UNEXPECTED;
 
   int flags = 0;
   if (ssl_config_.rev_checking_enabled)
     flags |= X509Certificate::VERIFY_REV_CHECKING_ENABLED;
   if (ssl_config_.verify_ev_cert)
     flags |= X509Certificate::VERIFY_EV_CERT;
   verifier_.reset(new CertVerifier);
   return verifier_->Verify(server_cert_, hostname_, flags,
-                           &server_cert_verify_result_, &io_callback_);
+                           &server_cert_verify_result_,
+                           &handshake_io_callback_);
 }
 
 int SSLClientSocketMac::DoVerifyCertComplete(int result) {
   DCHECK(verifier_.get());
   verifier_.reset();
 
   if (IsCertificateError(result) && ssl_config_.IsAllowedBadCert(server_cert_))
     result = OK;
 
   if (handshake_interrupted_) {
     // With session resumption enabled the full handshake (i.e., the handshake
     // in a non-resumed session) occurs in two steps. Continue on to the second
     // step if the certificate is OK.
     if (result == OK)
-      next_state_ = STATE_HANDSHAKE_FINISH;
+      next_handshake_state_ = STATE_HANDSHAKE_FINISH;
   } else {
     // If the session was resumed or session resumption was disabled, we're
     // done with the handshake.
     completed_handshake_ = true;
-    DCHECK(next_state_ == STATE_NONE);
+    DCHECK(next_handshake_state_ == STATE_NONE);
   }
 
   return result;
 }
 
 int SSLClientSocketMac::DoHandshakeFinish() {
   OSStatus status = SSLHandshake(ssl_context_);
 
   if (status == errSSLWouldBlock)
-    next_state_ = STATE_HANDSHAKE_FINISH;
+    next_handshake_state_ = STATE_HANDSHAKE_FINISH;
 
-  if (status == noErr)
+  if (status == noErr) {
     completed_handshake_ = true;
+    DCHECK(next_handshake_state_ == STATE_NONE);
+  }
 
   return NetErrorFromOSStatus(status);
 }
 
-int SSLClientSocketMac::DoReadComplete(int result) {
-  if (result < 0) {
-    read_io_buf_ = NULL;
-    return result;
-  }
-
-  char* buffer = &recv_buffer_[recv_buffer_.size() - recv_buffer_tail_slop_];
-  memcpy(buffer, read_io_buf_->data(), result);
-  read_io_buf_ = NULL;
-
-  recv_buffer_tail_slop_ -= result;
-
-  return result;
-}
-
-void SSLClientSocketMac::OnWriteComplete(int result) {
-  if (result < 0) {
-    pending_send_error_ = result;
-    return;
-  }
-
-  send_buffer_.erase(send_buffer_.begin(),
-                     send_buffer_.begin() + result);
-
-  if (!send_buffer_.empty())
-    SSLWriteCallback(this, NULL, NULL);
-}
-
 int SSLClientSocketMac::DoPayloadRead() {
   size_t processed = 0;
   OSStatus status = SSLRead(ssl_context_,
-                            user_buf_->data(),
-                            user_buf_len_,
+                            user_read_buf_->data(),
+                            user_read_buf_len_,
                             &processed);
 
   // There's a subtle difference here in semantics of the "would block" errors.
   // In our code, ERR_IO_PENDING means the whole operation is async, while
   // errSSLWouldBlock means that the stream isn't ending (and is often returned
   // along with partial data). So even though "would block" is returned, if we
   // have data, let's just return it.
 
   if (processed > 0)
     return processed;
 
   if (status == errSSLClosedNoNotify) {
     // TODO(wtc): Unless we have received the close_notify alert, we need to
     // return an error code indicating that the SSL connection ended
     // uncleanly, a potential truncation attack.  See http://crbug.com/18586.
     return OK;
   }
 
-  if (status == errSSLWouldBlock)
-    next_state_ = STATE_PAYLOAD_READ;
-
   return NetErrorFromOSStatus(status);
 }
 
 int SSLClientSocketMac::DoPayloadWrite() {
   size_t processed = 0;
   OSStatus status = SSLWrite(ssl_context_,
-                             user_buf_->data(),
-                             user_buf_len_,
+                             user_write_buf_->data(),
+                             user_write_buf_len_,
                              &processed);
 
   if (processed > 0)
     return processed;
 
   return NetErrorFromOSStatus(status);
 }
 
 // Handling the reading from the network is one of those things that should be
 // simpler than it is. Ideally, we'd have some kind of ring buffer. For now, a
@@ skipping 21 matching lines @@
 // extra space at the end as "tail slop." Slop is just space at the ends of the
 // buffer that's going to be used for data but isn't (yet). A diagram:
 //
 // +--------------------------------------+--------------------------------+
 // | existing good data ~~~~~~~~~~~~~~~~~ | tail slop area ~~~~~~~~~~~~~~~ |
 // +--------------------------------------+--------------------------------+
 //
 // When executing a read, we pass a pointer to the beginning of the tail slop
 // area (guaranteed to be contiguous space because it's a vector, unlike, say, a
 // deque (sigh)) and the size of the tail slop. When we get data (either here in
-// SSLReadCallback() or above in DoReadComplete()) we subtract the number of
-// bytes received from the tail slop value. That moves those bytes
+// SSLReadCallback() or above in OnTransportReadComplete()) we subtract the
+// number of bytes received from the tail slop value. That moves those bytes
 // (conceptually, not physically) from the tail slop area to the area containing
 // real data.
 //
 // The idea is still pretty simple. We enlarge the tail slop, call our
 // underlying network, get data, shrink the slop area to match, copy requested
 // data back into our caller's buffer, and delete the data from the head of the
 // vector.
 //
 // Except for a nasty little problem. Asynchronous I/O calls keep the buffer
 // pointer.
@@ skipping 29 matching lines @@
                                              size_t* data_length) {
   DCHECK(data);
   DCHECK(data_length);
   SSLClientSocketMac* us =
       const_cast<SSLClientSocketMac*>(
           static_cast<const SSLClientSocketMac*>(connection));
 
   // If we have I/O in flight, promise we'll get back to them and use the
   // existing callback to do so
 
-  if (us->next_io_state_ == STATE_READ_COMPLETE) {
+  if (us->read_io_buf_) {
     *data_length = 0;
     return errSSLWouldBlock;
   }
 
   // Start with what's in the buffer
 
   size_t total_read = us->recv_buffer_.size() - us->recv_buffer_head_slop_ -
                       us->recv_buffer_tail_slop_;
 
   // Resize the buffer if needed
 
   if (us->recv_buffer_.size() - us->recv_buffer_head_slop_ < *data_length) {
     us->recv_buffer_.resize(us->recv_buffer_head_slop_ + *data_length);
     us->recv_buffer_tail_slop_ = *data_length - total_read;
   }
 
   int rv = 1;  // any old value to spin the loop below
   while (rv > 0 && total_read < *data_length) {
     char* buffer = &us->recv_buffer_[us->recv_buffer_head_slop_ + total_read];
     us->read_io_buf_ = new IOBuffer(*data_length - total_read);
     rv = us->transport_->Read(us->read_io_buf_,
                               *data_length - total_read,
-                              &us->io_callback_);
+                              &us->transport_read_callback_);
 
     if (rv >= 0) {
       memcpy(buffer, us->read_io_buf_->data(), rv);
       us->read_io_buf_ = NULL;
       total_read += rv;
       us->recv_buffer_tail_slop_ -= rv;
     }
   }
 
   *data_length = total_read;
   if (total_read) {
     memcpy(data, &us->recv_buffer_[us->recv_buffer_head_slop_], total_read);
     if (rv == ERR_IO_PENDING) {
       // We have I/O in flight which is going to land in our buffer. We can't
       // shuffle things around, so we need to just fiddle with pointers.
       us->recv_buffer_head_slop_ += total_read;
     } else {
       us->recv_buffer_.erase(us->recv_buffer_.begin(),
                              us->recv_buffer_.begin() +
                              total_read +
                              us->recv_buffer_head_slop_);
       us->recv_buffer_head_slop_ = 0;
     }
   }
 
-  if (rv == ERR_IO_PENDING) {
-    us->next_io_state_ = STATE_READ_COMPLETE;
-  } else {
+  if (rv != ERR_IO_PENDING)
     us->read_io_buf_ = NULL;
-  }
 
   if (rv < 0)
     return OSStatusFromNetError(rv);
   else if (rv == 0) // stream closed
     return errSSLClosedGraceful;
   else
     return noErr;
 }
 
 // static
@@ skipping 24 matching lines @@
     // sent data. As always, lie to our caller.
     return noErr;
   }
 
   int rv;
   do {
     scoped_refptr<IOBuffer> buffer = new IOBuffer(us->send_buffer_.size());
     memcpy(buffer->data(), &us->send_buffer_[0], us->send_buffer_.size());
     rv = us->transport_->Write(buffer,
                                us->send_buffer_.size(),
-                               &us->write_callback_);
+                               &us->transport_write_callback_);
     if (rv > 0) {
       us->send_buffer_.erase(us->send_buffer_.begin(),
                              us->send_buffer_.begin() + rv);
     }
   } while (rv > 0 && !us->send_buffer_.empty());
 
   if (rv < 0 && rv != ERR_IO_PENDING) {
     return OSStatusFromNetError(rv);
   }
 
   // always lie to our caller
   return noErr;
 }
 
 }  // namespace net