| OLD | NEW |
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/http_proxy_client_socket.h" | 5 #include "net/http/http_proxy_client_socket.h" |
| 6 | 6 |
| 7 #include "base/string_util.h" | 7 #include "base/string_util.h" |
| 8 #include "googleurl/src/gurl.h" | 8 #include "googleurl/src/gurl.h" |
| 9 #include "net/base/host_port_pair.h" | 9 #include "net/base/host_port_pair.h" |
| 10 #include "net/base/io_buffer.h" | 10 #include "net/base/io_buffer.h" |
| (...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 43 &user_agent)) | 43 &user_agent)) |
| 44 request_headers->SetHeader(HttpRequestHeaders::kUserAgent, user_agent); | 44 request_headers->SetHeader(HttpRequestHeaders::kUserAgent, user_agent); |
| 45 | 45 |
| 46 request_headers->MergeFrom(authorization_headers); | 46 request_headers->MergeFrom(authorization_headers); |
| 47 } | 47 } |
| 48 | 48 |
| 49 } // namespace | 49 } // namespace |
| 50 | 50 |
| 51 HttpProxyClientSocket::HttpProxyClientSocket( | 51 HttpProxyClientSocket::HttpProxyClientSocket( |
| 52 ClientSocketHandle* transport_socket, const GURL& request_url, | 52 ClientSocketHandle* transport_socket, const GURL& request_url, |
| 53 const HostPortPair& endpoint, const HostPortPair& proxy_server, | 53 const HostPortPair& endpoint, const scoped_refptr<HttpAuthController>& auth, |
| 54 const scoped_refptr<HttpNetworkSession>& session, bool tunnel) | 54 bool tunnel) |
| 55 : ALLOW_THIS_IN_INITIALIZER_LIST( | 55 : ALLOW_THIS_IN_INITIALIZER_LIST( |
| 56 io_callback_(this, &HttpProxyClientSocket::OnIOComplete)), | 56 io_callback_(this, &HttpProxyClientSocket::OnIOComplete)), |
| 57 next_state_(STATE_NONE), | 57 next_state_(STATE_NONE), |
| 58 user_callback_(NULL), | 58 user_callback_(NULL), |
| 59 transport_(transport_socket), | 59 transport_(transport_socket), |
| 60 endpoint_(endpoint), | 60 endpoint_(endpoint), |
| 61 auth_(tunnel ? | 61 auth_(auth), |
| 62 new HttpAuthController(HttpAuth::AUTH_PROXY, | |
| 63 GURL("http://" + proxy_server.ToString()), | |
| 64 session) : NULL), | |
| 65 tunnel_(tunnel), | 62 tunnel_(tunnel), |
| 66 net_log_(transport_socket->socket()->NetLog()) { | 63 net_log_(transport_socket->socket()->NetLog()) { |
| 64 DCHECK_EQ(tunnel, auth != NULL); |
| 67 // Synthesize the bits of a request that we actually use. | 65 // Synthesize the bits of a request that we actually use. |
| 68 request_.url = request_url; | 66 request_.url = request_url; |
| 69 request_.method = "GET"; | 67 request_.method = "GET"; |
| 70 } | 68 } |
| 71 | 69 |
| 72 HttpProxyClientSocket::~HttpProxyClientSocket() { | 70 HttpProxyClientSocket::~HttpProxyClientSocket() { |
| 73 Disconnect(); | 71 Disconnect(); |
| 74 } | 72 } |
| 75 | 73 |
| 76 int HttpProxyClientSocket::Connect(CompletionCallback* callback) { | 74 int HttpProxyClientSocket::Connect(CompletionCallback* callback) { |
| (...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 121 } | 119 } |
| 122 keep_alive = true; | 120 keep_alive = true; |
| 123 } | 121 } |
| 124 | 122 |
| 125 // We don't need to drain the response body, so we act as if we had drained | 123 // We don't need to drain the response body, so we act as if we had drained |
| 126 // the response body. | 124 // the response body. |
| 127 return DidDrainBodyForAuthRestart(keep_alive); | 125 return DidDrainBodyForAuthRestart(keep_alive); |
| 128 } | 126 } |
| 129 | 127 |
| 130 int HttpProxyClientSocket::DidDrainBodyForAuthRestart(bool keep_alive) { | 128 int HttpProxyClientSocket::DidDrainBodyForAuthRestart(bool keep_alive) { |
| 129 int rc = OK; |
| 131 if (keep_alive && transport_->socket()->IsConnectedAndIdle()) { | 130 if (keep_alive && transport_->socket()->IsConnectedAndIdle()) { |
| 132 next_state_ = STATE_GENERATE_AUTH_TOKEN; | 131 next_state_ = STATE_GENERATE_AUTH_TOKEN; |
| 133 transport_->set_is_reused(true); | 132 transport_->set_is_reused(true); |
| 134 } else { | 133 } else { |
| 135 // This assumes that the underlying transport socket is a TCP socket, | |
| 136 // since only TCP sockets are restartable. | |
| 137 next_state_ = STATE_TCP_RESTART; | |
| 138 transport_->socket()->Disconnect(); | 134 transport_->socket()->Disconnect(); |
| 135 rc = ERR_RETRY_CONNECTION; |
| 139 } | 136 } |
| 140 | 137 |
| 141 // Reset the other member variables. | 138 // Reset the other member variables. |
| 142 drain_buf_ = NULL; | 139 drain_buf_ = NULL; |
| 143 http_stream_.reset(); | 140 http_stream_.reset(); |
| 144 request_headers_.clear(); | 141 request_headers_.clear(); |
| 145 response_ = HttpResponseInfo(); | 142 response_ = HttpResponseInfo(); |
| 146 return OK; | 143 return rc; |
| 147 } | 144 } |
| 148 | 145 |
| 149 void HttpProxyClientSocket::LogBlockedTunnelResponse(int response_code) const { | 146 void HttpProxyClientSocket::LogBlockedTunnelResponse(int response_code) const { |
| 150 LOG(WARNING) << "Blocked proxy response with status " << response_code | 147 LOG(WARNING) << "Blocked proxy response with status " << response_code |
| 151 << " to CONNECT request for " | 148 << " to CONNECT request for " |
| 152 << GetHostAndPort(request_.url) << "."; | 149 << GetHostAndPort(request_.url) << "."; |
| 153 } | 150 } |
| 154 | 151 |
| 155 void HttpProxyClientSocket::Disconnect() { | 152 void HttpProxyClientSocket::Disconnect() { |
| 156 transport_->socket()->Disconnect(); | 153 transport_->socket()->Disconnect(); |
| 157 | 154 |
| 158 // Reset other states to make sure they aren't mistakenly used later. | 155 // Reset other states to make sure they aren't mistakenly used later. |
| 159 // These are the states initialized by Connect(). | 156 // These are the states initialized by Connect(). |
| 160 next_state_ = STATE_NONE; | 157 next_state_ = STATE_NONE; |
| 161 user_callback_ = NULL; | 158 user_callback_ = NULL; |
| 162 } | 159 } |
| 163 | 160 |
| 164 bool HttpProxyClientSocket::IsConnected() const { | 161 bool HttpProxyClientSocket::IsConnected() const { |
| 165 return next_state_ == STATE_DONE && transport_->socket()->IsConnected(); | 162 return transport_->socket()->IsConnected(); |
| 166 } | 163 } |
| 167 | 164 |
| 168 bool HttpProxyClientSocket::IsConnectedAndIdle() const { | 165 bool HttpProxyClientSocket::IsConnectedAndIdle() const { |
| 169 return next_state_ == STATE_DONE && | 166 return transport_->socket()->IsConnectedAndIdle(); |
| 170 transport_->socket()->IsConnectedAndIdle(); | 167 } |
| 168 |
| 169 bool HttpProxyClientSocket::NeedsRestartWithAuth() const { |
| 170 return next_state_ != STATE_DONE; |
| 171 } | 171 } |
| 172 | 172 |
| 173 int HttpProxyClientSocket::Read(IOBuffer* buf, int buf_len, | 173 int HttpProxyClientSocket::Read(IOBuffer* buf, int buf_len, |
| 174 CompletionCallback* callback) { | 174 CompletionCallback* callback) { |
| 175 DCHECK(!user_callback_); | 175 DCHECK(!user_callback_); |
| 176 if (next_state_ != STATE_DONE) { | 176 if (next_state_ != STATE_DONE) { |
| 177 // We're trying to read the body of the response but we're still trying | 177 // We're trying to read the body of the response but we're still trying |
| 178 // to establish an SSL tunnel through the proxy. We can't read these | 178 // to establish an SSL tunnel through the proxy. We can't read these |
| 179 // bytes when establishing a tunnel because they might be controlled by | 179 // bytes when establishing a tunnel because they might be controlled by |
| 180 // an active network attacker. We don't worry about this for HTTP | 180 // an active network attacker. We don't worry about this for HTTP |
| 181 // because an active network attacker can already control HTTP sessions. | 181 // because an active network attacker can already control HTTP sessions. |
| 182 // We reach this case when the user cancels a 407 proxy auth prompt. | 182 // We reach this case when the user cancels a 407 proxy auth prompt. |
| 183 // See http://crbug.com/8473. | 183 // See http://crbug.com/8473. |
| 184 DCHECK_EQ(407, response_.headers->response_code()); | 184 DCHECK_EQ(407, response_.headers->response_code()); |
| (...skipping 81 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 266 net_log_.EndEvent(NetLog::TYPE_HTTP_TRANSACTION_TUNNEL_READ_HEADERS, | 266 net_log_.EndEvent(NetLog::TYPE_HTTP_TRANSACTION_TUNNEL_READ_HEADERS, |
| 267 NULL); | 267 NULL); |
| 268 break; | 268 break; |
| 269 case STATE_DRAIN_BODY: | 269 case STATE_DRAIN_BODY: |
| 270 DCHECK_EQ(OK, rv); | 270 DCHECK_EQ(OK, rv); |
| 271 rv = DoDrainBody(); | 271 rv = DoDrainBody(); |
| 272 break; | 272 break; |
| 273 case STATE_DRAIN_BODY_COMPLETE: | 273 case STATE_DRAIN_BODY_COMPLETE: |
| 274 rv = DoDrainBodyComplete(rv); | 274 rv = DoDrainBodyComplete(rv); |
| 275 break; | 275 break; |
| 276 case STATE_TCP_RESTART: | |
| 277 DCHECK_EQ(OK, rv); | |
| 278 rv = DoTCPRestart(); | |
| 279 break; | |
| 280 case STATE_TCP_RESTART_COMPLETE: | |
| 281 rv = DoTCPRestartComplete(rv); | |
| 282 break; | |
| 283 case STATE_DONE: | 276 case STATE_DONE: |
| 284 break; | 277 break; |
| 285 default: | 278 default: |
| 286 NOTREACHED() << "bad state"; | 279 NOTREACHED() << "bad state"; |
| 287 rv = ERR_UNEXPECTED; | 280 rv = ERR_UNEXPECTED; |
| 288 break; | 281 break; |
| 289 } | 282 } |
| 290 } while (rv != ERR_IO_PENDING && next_state_ != STATE_NONE && | 283 } while (rv != ERR_IO_PENDING && next_state_ != STATE_NONE |
| 291 next_state_ != STATE_DONE); | 284 && next_state_ != STATE_DONE); |
| 292 return rv; | 285 return rv; |
| 293 } | 286 } |
| 294 | 287 |
| 295 int HttpProxyClientSocket::DoGenerateAuthToken() { | 288 int HttpProxyClientSocket::DoGenerateAuthToken() { |
| 296 next_state_ = STATE_GENERATE_AUTH_TOKEN_COMPLETE; | 289 next_state_ = STATE_GENERATE_AUTH_TOKEN_COMPLETE; |
| 297 return auth_->MaybeGenerateAuthToken(&request_, &io_callback_, net_log_); | 290 return auth_->MaybeGenerateAuthToken(&request_, &io_callback_, net_log_); |
| 298 } | 291 } |
| 299 | 292 |
| 300 int HttpProxyClientSocket::DoGenerateAuthTokenComplete(int result) { | 293 int HttpProxyClientSocket::DoGenerateAuthTokenComplete(int result) { |
| 301 DCHECK_NE(ERR_IO_PENDING, result); | 294 DCHECK_NE(ERR_IO_PENDING, result); |
| (...skipping 104 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 406 return result; | 399 return result; |
| 407 | 400 |
| 408 if (http_stream_->IsResponseBodyComplete()) | 401 if (http_stream_->IsResponseBodyComplete()) |
| 409 return DidDrainBodyForAuthRestart(true); | 402 return DidDrainBodyForAuthRestart(true); |
| 410 | 403 |
| 411 // Keep draining. | 404 // Keep draining. |
| 412 next_state_ = STATE_DRAIN_BODY; | 405 next_state_ = STATE_DRAIN_BODY; |
| 413 return OK; | 406 return OK; |
| 414 } | 407 } |
| 415 | 408 |
| 416 int HttpProxyClientSocket::DoTCPRestart() { | |
| 417 next_state_ = STATE_TCP_RESTART_COMPLETE; | |
| 418 return transport_->socket()->Connect(&io_callback_); | |
| 419 } | |
| 420 | |
| 421 int HttpProxyClientSocket::DoTCPRestartComplete(int result) { | |
| 422 if (result != OK) | |
| 423 return result; | |
| 424 | |
| 425 next_state_ = STATE_GENERATE_AUTH_TOKEN; | |
| 426 return result; | |
| 427 } | |
| 428 | |
| 429 int HttpProxyClientSocket::HandleAuthChallenge() { | 409 int HttpProxyClientSocket::HandleAuthChallenge() { |
| 430 DCHECK(response_.headers); | 410 DCHECK(response_.headers); |
| 431 | 411 |
| 432 int rv = auth_->HandleAuthChallenge(response_.headers, false, true, net_log_); | 412 int rv = auth_->HandleAuthChallenge(response_.headers, false, true, net_log_); |
| 433 response_.auth_challenge = auth_->auth_info(); | 413 response_.auth_challenge = auth_->auth_info(); |
| 434 if (rv == OK) | 414 if (rv == OK) |
| 435 return ERR_PROXY_AUTH_REQUESTED; | 415 return ERR_PROXY_AUTH_REQUESTED; |
| 436 | 416 |
| 437 return rv; | 417 return rv; |
| 438 } | 418 } |
| 439 | 419 |
| 440 } // namespace net | 420 } // namespace net |
| OLD | NEW |