Allow chrome to handle 407 auth challenges to CONNECT requests

net/http/http_stream_factory_impl_job.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/http/http_stream_factory_impl_job.h"
 
 #include "base/bind.h"
 #include "base/bind_helpers.h"
 #include "base/logging.h"
 #include "base/stl_util.h"
@@ skipping 163 matching lines @@
       session_->http_server_properties();
   if (http_server_properties &&
       http_server_properties->SupportsSpdy(origin_server)) {
     num_streams_ = 1;
   } else {
     num_streams_ = num_streams;
   }
   return StartInternal();
 }
 
-int HttpStreamFactoryImpl::Job::RestartTunnelWithProxyAuth(
-    const AuthCredentials& credentials) {
-  DCHECK(establishing_tunnel_);
-  next_state_ = STATE_RESTART_TUNNEL_AUTH;
-  stream_.reset();
-  return RunLoop(OK);
+int HttpStreamFactoryImpl::Job::RestartTunnelWithProxyAuth() {
+  MessageLoop::current()->PostTask(
+      FROM_HERE,
+      base::Bind(&HttpStreamFactoryImpl::Job::DoRestartTunnelWithProxyAuth,

[cbentzel, 2012/01/20 02:09:46]

Is this to prevent potential reentrancy if OnNeedsProxyAuth completes
synchronously? 

[Ryan Hamilton, 2012/01/20 04:20:04]

Yes... Specifically, we want to invoke the callback (which might, say, delete
the caller) while the caller is still waiting for this function to return.

+                 ptr_factory_.GetWeakPtr()));
+  return ERR_IO_PENDING;
+}
+
+void HttpStreamFactoryImpl::Job::DoRestartTunnelWithProxyAuth() {
+  tunnel_auth_handled_callback_.Run(OK);
 }
 
 LoadState HttpStreamFactoryImpl::Job::GetLoadState() const {
   switch (next_state_) {
     case STATE_RESOLVE_PROXY_COMPLETE:
       return session_->proxy_service()->GetLoadState(pac_request_);
     case STATE_CREATE_STREAM_COMPLETE:
       return connection_->GetLoadState();
     case STATE_INIT_CONNECTION_COMPLETE:
       return LOAD_STATE_SENDING_REQUEST;
@@ skipping 135 matching lines @@
     HttpAuthController* auth_controller) {
   DCHECK(!IsPreconnecting());
   if (IsOrphaned())
     stream_factory_->OnOrphanedJobComplete(this);
   else
     request_->OnNeedsProxyAuth(
         this, response, server_ssl_config_, proxy_info_, auth_controller);
   // |this| may be deleted after this call.
 }
 
+void HttpStreamFactoryImpl::Job::OnNeedsProxyTunnelAuthCallback(
+    const HttpResponseInfo& response_info,
+    HttpAuthController* auth_controller,
+    CompletionCallback callback) {
+  tunnel_auth_handled_callback_ = callback;

[cbentzel, 2012/01/20 02:09:46]

Should this DCHECK that callback is non-null?

[Ryan Hamilton, 2012/01/20 04:20:04]

Steve had the same suggestion, but it's an object, not a pointer. 

[cbentzel, 2012/01/20 11:15:46]

I meant DCHECK(!callback.is_null());

I try to use the lowercase null to indicate uninitialized callback, rather than
uninitialized pointer.

[Ryan Hamilton, 2012/01/20 17:20:13]

Ah!  I see.  I added a check that callback is not null, and that
tunnel_auth_handled_callback_ is null.  Cool?

+  request_->OnNeedsProxyAuth(
+    this, response_info, server_ssl_config_, proxy_info_, auth_controller);
+  // |this| may be deleted after this call.
+}
+
 void HttpStreamFactoryImpl::Job::OnNeedsClientAuthCallback(
     SSLCertRequestInfo* cert_info) {
   DCHECK(!IsPreconnecting());
   if (IsOrphaned())
     stream_factory_->OnOrphanedJobComplete(this);
   else
     request_->OnNeedsClientAuth(this, server_ssl_config_, cert_info);
   // |this| may be deleted after this call.
 }
 
@@ skipping 54 matching lines @@
     return ERR_IO_PENDING;
   }
 
   switch (result) {
     case ERR_PROXY_AUTH_REQUESTED:
       {
         DCHECK(connection_.get());
         DCHECK(connection_->socket());
         DCHECK(establishing_tunnel_);
 
-        HttpProxyClientSocket* http_proxy_socket =
-            static_cast<HttpProxyClientSocket*>(connection_->socket());
+        ProxyClientSocket* proxy_socket =
+            static_cast<ProxyClientSocket*>(connection_->socket());
         const HttpResponseInfo* tunnel_auth_response =
-            http_proxy_socket->GetConnectResponseInfo();
+            proxy_socket->GetConnectResponseInfo();
 
         next_state_ = STATE_WAITING_USER_ACTION;
         MessageLoop::current()->PostTask(
             FROM_HERE,
             base::Bind(
                 &HttpStreamFactoryImpl::Job::OnNeedsProxyAuthCallback,
                 ptr_factory_.GetWeakPtr(),
                 *tunnel_auth_response,
-                http_proxy_socket->auth_controller()));
+                proxy_socket->auth_controller()));
       }
       return ERR_IO_PENDING;
 
     case ERR_SSL_CLIENT_AUTH_CERT_NEEDED:
       MessageLoop::current()->PostTask(
           FROM_HERE,
           base::Bind(
               &HttpStreamFactoryImpl::Job::OnNeedsClientAuthCallback,
               ptr_factory_.GetWeakPtr(),
               connection_->ssl_error_response_info().cert_request_info));
@@ skipping 272 matching lines @@
         request_info_.extra_headers,
         request_info_.load_flags,
         request_info_.priority,
         session_,
         proxy_info_,
         ShouldForceSpdySSL(),
         want_spdy_over_npn,
         server_ssl_config_,
         proxy_ssl_config_,
         net_log_,
-        num_streams_);
+        num_streams_,
+        base::Bind(&HttpStreamFactoryImpl::Job::OnNeedsProxyTunnelAuthCallback,
+                   ptr_factory_.GetWeakPtr()));
   } else {
     return InitSocketHandleForHttpRequest(
         origin_url_, request_info_.extra_headers, request_info_.load_flags,
         request_info_.priority, session_, proxy_info_, ShouldForceSpdySSL(),
         want_spdy_over_npn, server_ssl_config_, proxy_ssl_config_, net_log_,
-        connection_.get(), io_callback_);
+        connection_.get(),
+        base::Bind(&HttpStreamFactoryImpl::Job::OnNeedsProxyTunnelAuthCallback,
+                   ptr_factory_.GetWeakPtr()),
+        io_callback_);
   }
 }
 
 int HttpStreamFactoryImpl::Job::DoInitConnectionComplete(int result) {
   if (IsPreconnecting()) {
     DCHECK_EQ(OK, result);
     return OK;
   }
 
   // TODO(willchan): Make this a bit more exact. Maybe there are recoverable
@@ skipping 467 matching lines @@
     return false;
   }
   if (request_info_.method != "GET" && request_info_.method != "HEAD") {
     return false;
   }
   return stream_factory_->http_pipelined_host_pool_.IsHostEligibleForPipelining(
       origin_);
 }
 
 }  // namespace net