Chromium Code Reviews Chromium Code Reviews
Issue 9148011:
Allow chrome to handle 407 auth challenges to CONNECT requests (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/http_proxy_client_socket_pool.h" | 5 #include "net/http/http_proxy_client_socket_pool.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 | 8 |
| 9 #include "base/time.h" | 9 #include "base/time.h" |
| 10 #include "base/values.h" | 10 #include "base/values.h" |
| (...skipping 10 matching lines...) Expand all Loading... | |
| 21 #include "net/socket/ssl_client_socket_pool.h" | 21 #include "net/socket/ssl_client_socket_pool.h" |
| 22 #include "net/socket/transport_client_socket_pool.h" | 22 #include "net/socket/transport_client_socket_pool.h" |
| 23 #include "net/spdy/spdy_proxy_client_socket.h" | 23 #include "net/spdy/spdy_proxy_client_socket.h" |
| 24 #include "net/spdy/spdy_session.h" | 24 #include "net/spdy/spdy_session.h" |
| 25 #include "net/spdy/spdy_session_pool.h" | 25 #include "net/spdy/spdy_session_pool.h" |
| 26 #include "net/spdy/spdy_settings_storage.h" | 26 #include "net/spdy/spdy_settings_storage.h" |
| 27 #include "net/spdy/spdy_stream.h" | 27 #include "net/spdy/spdy_stream.h" |
| 28 | 28 |
| 29 namespace net { | 29 namespace net { |
| 30 | 30 |
| 31 namespace { | |
| 32 | |
| 33 std::string GetProxyUrl(const scoped_refptr<HttpProxySocketParams>& params) { | |
| 34 return (params->ssl_params() != NULL ? "https://" : "http://") | |
| 35 + params->destination().host_port_pair().ToString(); | |
| 36 } | |
| 37 | |
| 38 } // namespace | |
| 39 | |
| 31 HttpProxySocketParams::HttpProxySocketParams( | 40 HttpProxySocketParams::HttpProxySocketParams( |
| 32 const scoped_refptr<TransportSocketParams>& transport_params, | 41 const scoped_refptr<TransportSocketParams>& transport_params, |
| 33 const scoped_refptr<SSLSocketParams>& ssl_params, | 42 const scoped_refptr<SSLSocketParams>& ssl_params, |
| 34 const GURL& request_url, | 43 const GURL& request_url, |
| 35 const std::string& user_agent, | 44 const std::string& user_agent, |
| 36 HostPortPair endpoint, | 45 HostPortPair endpoint, |
| 37 HttpAuthCache* http_auth_cache, | 46 HttpAuthCache* http_auth_cache, |
| 38 HttpAuthHandlerFactory* http_auth_handler_factory, | 47 HttpAuthHandlerFactory* http_auth_handler_factory, |
| 39 SpdySessionPool* spdy_session_pool, | 48 SpdySessionPool* spdy_session_pool, |
| 40 bool tunnel) | 49 bool tunnel, |
| 50 TunnelAuthNeededCB auth_needed_callback) | |
| 41 : transport_params_(transport_params), | 51 : transport_params_(transport_params), |
| 42 ssl_params_(ssl_params), | 52 ssl_params_(ssl_params), |
| 43 spdy_session_pool_(spdy_session_pool), | 53 spdy_session_pool_(spdy_session_pool), |
| 44 request_url_(request_url), | 54 request_url_(request_url), |
| 45 user_agent_(user_agent), | 55 user_agent_(user_agent), |
| 46 endpoint_(endpoint), | 56 endpoint_(endpoint), |
| 47 http_auth_cache_(tunnel ? http_auth_cache : NULL), | 57 http_auth_cache_(tunnel ? http_auth_cache : NULL), |
| 48 http_auth_handler_factory_(tunnel ? http_auth_handler_factory : NULL), | 58 http_auth_handler_factory_(tunnel ? http_auth_handler_factory : NULL), |
| 49 tunnel_(tunnel) { | 59 tunnel_(tunnel), |
| 60 auth_needed_callback_(auth_needed_callback) { | |
| 50 DCHECK((transport_params == NULL && ssl_params != NULL) || | 61 DCHECK((transport_params == NULL && ssl_params != NULL) || |
| 51 (transport_params != NULL && ssl_params == NULL)); | 62 (transport_params != NULL && ssl_params == NULL)); |
| 52 if (transport_params_) | 63 if (transport_params_) |
| 53 ignore_limits_ = transport_params->ignore_limits(); | 64 ignore_limits_ = transport_params->ignore_limits(); |
| 54 else | 65 else |
| 55 ignore_limits_ = ssl_params->ignore_limits(); | 66 ignore_limits_ = ssl_params->ignore_limits(); |
| 56 } | 67 } |
| 57 | 68 |
| 58 const HostResolver::RequestInfo& HttpProxySocketParams::destination() const { | 69 const HostResolver::RequestInfo& HttpProxySocketParams::destination() const { |
| 59 if (transport_params_ == NULL) | 70 if (transport_params_ == NULL) |
| (...skipping 20 matching lines...) Expand all Loading... | |
| 80 : ConnectJob(group_name, timeout_duration, delegate, | 91 : ConnectJob(group_name, timeout_duration, delegate, |
| 81 BoundNetLog::Make(net_log, NetLog::SOURCE_CONNECT_JOB)), | 92 BoundNetLog::Make(net_log, NetLog::SOURCE_CONNECT_JOB)), |
| 82 params_(params), | 93 params_(params), |
| 83 transport_pool_(transport_pool), | 94 transport_pool_(transport_pool), |
| 84 ssl_pool_(ssl_pool), | 95 ssl_pool_(ssl_pool), |
| 85 resolver_(host_resolver), | 96 resolver_(host_resolver), |
| 86 ALLOW_THIS_IN_INITIALIZER_LIST( | 97 ALLOW_THIS_IN_INITIALIZER_LIST( |
| 87 callback_(base::Bind(&HttpProxyConnectJob::OnIOComplete, | 98 callback_(base::Bind(&HttpProxyConnectJob::OnIOComplete, |
| 88 base::Unretained(this)))), | 99 base::Unretained(this)))), |
| 89 using_spdy_(false), | 100 using_spdy_(false), |
| 90 protocol_negotiated_(SSLClientSocket::kProtoUnknown) { | 101 auth_(params->tunnel() ? |
|
vandebo (ex-Chrome)
2012/01/19 20:12:49
Why are you removing the initialization of this va
Ryan Hamilton
2012/01/19 23:11:19
OUCH! Thanks for catching this mistake
| |
| 102 new HttpAuthController(HttpAuth::AUTH_PROXY, | |
| 103 GURL(GetProxyUrl(params_)), | |
| 104 params->http_auth_cache(), | |
| 105 params->http_auth_handler_factory()) | |
| 106 : NULL), | |
| 107 ALLOW_THIS_IN_INITIALIZER_LIST(ptr_factory_(this)) { | |
| 91 } | 108 } |
| 92 | 109 |
| 93 HttpProxyConnectJob::~HttpProxyConnectJob() {} | 110 HttpProxyConnectJob::~HttpProxyConnectJob() {} |
| 94 | 111 |
| 95 LoadState HttpProxyConnectJob::GetLoadState() const { | 112 LoadState HttpProxyConnectJob::GetLoadState() const { |
| 96 switch (next_state_) { | 113 switch (next_state_) { |
| 97 case STATE_TCP_CONNECT: | 114 case STATE_TCP_CONNECT: |
| 98 case STATE_TCP_CONNECT_COMPLETE: | 115 case STATE_TCP_CONNECT_COMPLETE: |
| 99 case STATE_SSL_CONNECT: | 116 case STATE_SSL_CONNECT: |
| 100 case STATE_SSL_CONNECT_COMPLETE: | 117 case STATE_SSL_CONNECT_COMPLETE: |
| 101 return transport_socket_handle_->GetLoadState(); | 118 return transport_socket_handle_->GetLoadState(); |
| 102 case STATE_HTTP_PROXY_CONNECT: | 119 case STATE_HTTP_PROXY_CONNECT: |
| 103 case STATE_HTTP_PROXY_CONNECT_COMPLETE: | 120 case STATE_HTTP_PROXY_CONNECT_COMPLETE: |
| 104 case STATE_SPDY_PROXY_CREATE_STREAM: | 121 case STATE_SPDY_PROXY_CREATE_STREAM: |
| 105 case STATE_SPDY_PROXY_CREATE_STREAM_COMPLETE: | 122 case STATE_SPDY_PROXY_CREATE_STREAM_COMPLETE: |
| 123 case STATE_RESTART_WITH_AUTH: | |
| 124 case STATE_RESTART_WITH_AUTH_COMPLETE: | |
| 106 return LOAD_STATE_ESTABLISHING_PROXY_TUNNEL; | 125 return LOAD_STATE_ESTABLISHING_PROXY_TUNNEL; |
| 107 default: | 126 default: |
| 108 NOTREACHED(); | 127 NOTREACHED(); |
| 109 return LOAD_STATE_IDLE; | 128 return LOAD_STATE_IDLE; |
| 110 } | 129 } |
| 111 } | 130 } |
| 112 | 131 |
| 113 void HttpProxyConnectJob::GetAdditionalErrorState(ClientSocketHandle * handle) { | 132 void HttpProxyConnectJob::GetAdditionalErrorState(ClientSocketHandle * handle) { |
| 114 if (error_response_info_.cert_request_info) { | 133 if (error_response_info_.cert_request_info) { |
| 115 handle->set_ssl_error_response_info(error_response_info_); | 134 handle->set_ssl_error_response_info(error_response_info_); |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 152 case STATE_HTTP_PROXY_CONNECT_COMPLETE: | 171 case STATE_HTTP_PROXY_CONNECT_COMPLETE: |
| 153 rv = DoHttpProxyConnectComplete(rv); | 172 rv = DoHttpProxyConnectComplete(rv); |
| 154 break; | 173 break; |
| 155 case STATE_SPDY_PROXY_CREATE_STREAM: | 174 case STATE_SPDY_PROXY_CREATE_STREAM: |
| 156 DCHECK_EQ(OK, rv); | 175 DCHECK_EQ(OK, rv); |
| 157 rv = DoSpdyProxyCreateStream(); | 176 rv = DoSpdyProxyCreateStream(); |
| 158 break; | 177 break; |
| 159 case STATE_SPDY_PROXY_CREATE_STREAM_COMPLETE: | 178 case STATE_SPDY_PROXY_CREATE_STREAM_COMPLETE: |
| 160 rv = DoSpdyProxyCreateStreamComplete(rv); | 179 rv = DoSpdyProxyCreateStreamComplete(rv); |
| 161 break; | 180 break; |
| 181 case STATE_RESTART_WITH_AUTH: | |
| 182 DCHECK_EQ(OK, rv); | |
| 183 rv = DoRestartWithAuth(); | |
| 184 break; | |
| 185 case STATE_RESTART_WITH_AUTH_COMPLETE: | |
| 186 rv = DoRestartWithAuthComplete(rv); | |
| 187 break; | |
| 162 default: | 188 default: |
| 163 NOTREACHED() << "bad state"; | 189 NOTREACHED() << "bad state"; |
| 164 rv = ERR_FAILED; | 190 rv = ERR_FAILED; |
| 165 break; | 191 break; |
| 166 } | 192 } |
| 167 } while (rv != ERR_IO_PENDING && next_state_ != STATE_NONE); | 193 } while (rv != ERR_IO_PENDING && next_state_ != STATE_NONE); |
| 168 | 194 |
| 169 return rv; | 195 return rv; |
| 170 } | 196 } |
| 171 | 197 |
| (...skipping 87 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 259 const HostResolver::RequestInfo& tcp_destination = params_->destination(); | 285 const HostResolver::RequestInfo& tcp_destination = params_->destination(); |
| 260 const HostPortPair& proxy_server = tcp_destination.host_port_pair(); | 286 const HostPortPair& proxy_server = tcp_destination.host_port_pair(); |
| 261 | 287 |
| 262 // Add a HttpProxy connection on top of the tcp socket. | 288 // Add a HttpProxy connection on top of the tcp socket. |
| 263 transport_socket_.reset( | 289 transport_socket_.reset( |
| 264 new HttpProxyClientSocket(transport_socket_handle_.release(), | 290 new HttpProxyClientSocket(transport_socket_handle_.release(), |
| 265 params_->request_url(), | 291 params_->request_url(), |
| 266 params_->user_agent(), | 292 params_->user_agent(), |
| 267 params_->endpoint(), | 293 params_->endpoint(), |
| 268 proxy_server, | 294 proxy_server, |
| 269 params_->http_auth_cache(), | 295 auth_, |
| 270 params_->http_auth_handler_factory(), | |
| 271 params_->tunnel(), | 296 params_->tunnel(), |
| 272 using_spdy_, | 297 using_spdy_, |
| 273 protocol_negotiated_, | 298 protocol_negotiated_, |
| 274 params_->ssl_params() != NULL)); | 299 params_->ssl_params() != NULL)); |
| 275 return transport_socket_->Connect(callback_); | 300 return transport_socket_->Connect(callback_); |
| 276 } | 301 } |
| 277 | 302 |
| 303 void HttpProxyConnectJob::HandleProxyAuthChallenge() { | |
|
vandebo (ex-Chrome)
2012/01/19 20:12:49
I think you were asking if you could get rid of th
Ryan Hamilton
2012/01/19 23:11:19
Will follow up with ajwong offline and possibly im
| |
| 304 next_state_ = STATE_RESTART_WITH_AUTH; | |
| 305 params_->auth_needed_callback().Run( | |
| 306 *transport_socket_->GetConnectResponseInfo(), | |
| 307 transport_socket_->auth_controller(), | |
| 308 callback_); | |
| 309 } | |
| 310 | |
| 311 int HttpProxyConnectJob::DoRestartWithAuth() { | |
| 312 // If no auth was added to the controller, then we should abort. | |
| 313 next_state_ = STATE_RESTART_WITH_AUTH_COMPLETE; | |
| 314 if (!transport_socket_->auth_controller()->HaveAuth()) { | |
| 315 return ERR_PROXY_AUTH_REQUESTED; | |
|
vandebo (ex-Chrome)
2012/01/19 20:12:49
Should we set the socket to the transport socket h
Ryan Hamilton
2012/01/19 23:11:19
No, we don't need to do it here, because we do it
| |
| 316 } | |
| 317 | |
| 318 return transport_socket_->RestartWithAuth(callback_); | |
| 319 } | |
| 320 | |
| 321 int HttpProxyConnectJob::DoRestartWithAuthComplete(int result) { | |
| 322 if (result != OK) { | |
| 323 if (result == ERR_PROXY_AUTH_REQUESTED || | |
| 324 result == ERR_HTTPS_PROXY_TUNNEL_RESPONSE) { | |
| 325 set_socket(transport_socket_.release()); | |
|
vandebo (ex-Chrome)
2012/01/19 20:12:49
I guess maybe we do want to set the socket above,
Ryan Hamilton
2012/01/19 23:11:19
(To amplify the previous comment, this code here h
| |
| 326 } | |
| 327 return result; | |
| 328 } | |
| 329 | |
| 330 if (!transport_socket_->IsConnectedAndIdle()) { | |
| 331 return ConnectInternal(); | |
|
vandebo (ex-Chrome)
2012/01/19 20:12:49
I think you're already inside a DoLoop here (You g
Ryan Hamilton
2012/01/19 23:11:19
Done.
| |
| 332 } | |
| 333 | |
| 334 next_state_ = STATE_HTTP_PROXY_CONNECT_COMPLETE; | |
| 335 return OK; | |
| 336 } | |
| 337 | |
| 278 int HttpProxyConnectJob::DoHttpProxyConnectComplete(int result) { | 338 int HttpProxyConnectJob::DoHttpProxyConnectComplete(int result) { |
| 279 if (result == OK || result == ERR_PROXY_AUTH_REQUESTED || | 339 // Handle a proxy auth challenge by asynchronously invoking the callback. |
|
vandebo (ex-Chrome)
2012/01/19 20:12:49
Wouldn't hurt to explain why it's being done async
Ryan Hamilton
2012/01/19 23:11:19
Done.
| |
| 340 if (result == ERR_PROXY_AUTH_REQUESTED) { | |
| 341 MessageLoop::current()->PostTask( | |
| 342 FROM_HERE, | |
| 343 base::Bind(&HttpProxyConnectJob::HandleProxyAuthChallenge, | |
| 344 ptr_factory_.GetWeakPtr())); | |
| 345 return ERR_IO_PENDING; | |
| 346 } | |
| 347 if (result == OK || | |
| 280 result == ERR_HTTPS_PROXY_TUNNEL_RESPONSE) { | 348 result == ERR_HTTPS_PROXY_TUNNEL_RESPONSE) { |
| 281 set_socket(transport_socket_.release()); | 349 set_socket(transport_socket_.release()); |
| 282 } | 350 } |
| 283 | 351 |
| 284 return result; | 352 return result; |
| 285 } | 353 } |
| 286 | 354 |
| 287 int HttpProxyConnectJob::DoSpdyProxyCreateStream() { | 355 int HttpProxyConnectJob::DoSpdyProxyCreateStream() { |
| 288 DCHECK(using_spdy_); | 356 DCHECK(using_spdy_); |
| 289 DCHECK(params_->tunnel()); | 357 DCHECK(params_->tunnel()); |
| (...skipping 29 matching lines...) Expand all Loading... | |
| 319 if (result < 0) | 387 if (result < 0) |
| 320 return result; | 388 return result; |
| 321 | 389 |
| 322 next_state_ = STATE_HTTP_PROXY_CONNECT_COMPLETE; | 390 next_state_ = STATE_HTTP_PROXY_CONNECT_COMPLETE; |
| 323 transport_socket_.reset( | 391 transport_socket_.reset( |
| 324 new SpdyProxyClientSocket(spdy_stream_, | 392 new SpdyProxyClientSocket(spdy_stream_, |
| 325 params_->user_agent(), | 393 params_->user_agent(), |
| 326 params_->endpoint(), | 394 params_->endpoint(), |
| 327 params_->request_url(), | 395 params_->request_url(), |
| 328 params_->destination().host_port_pair(), | 396 params_->destination().host_port_pair(), |
| 329 params_->http_auth_cache(), | 397 auth_)); |
| 330 params_->http_auth_handler_factory())); | |
| 331 return transport_socket_->Connect(callback_); | 398 return transport_socket_->Connect(callback_); |
| 332 } | 399 } |
| 333 | 400 |
| 334 int HttpProxyConnectJob::ConnectInternal() { | 401 int HttpProxyConnectJob::ConnectInternal() { |
| 335 if (params_->transport_params()) | 402 if (params_->transport_params()) |
| 336 next_state_ = STATE_TCP_CONNECT; | 403 next_state_ = STATE_TCP_CONNECT; |
| 337 else | 404 else |
| 338 next_state_ = STATE_SSL_CONNECT; | 405 next_state_ = STATE_SSL_CONNECT; |
| 339 return DoLoop(OK); | 406 return DoLoop(OK); |
| 340 } | 407 } |
| (...skipping 165 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 506 return base_.histograms(); | 573 return base_.histograms(); |
| 507 } | 574 } |
| 508 | 575 |
| 509 bool HttpProxyClientSocketPool::CloseOneIdleConnection() { | 576 bool HttpProxyClientSocketPool::CloseOneIdleConnection() { |
| 510 if (base_.CloseOneIdleSocket()) | 577 if (base_.CloseOneIdleSocket()) |
| 511 return true; | 578 return true; |
| 512 return base_.CloseOneIdleConnectionInLayeredPool(); | 579 return base_.CloseOneIdleConnectionInLayeredPool(); |
| 513 } | 580 } |
| 514 | 581 |
| 515 } // namespace net | 582 } // namespace net |
| OLD | NEW |
