Breaking Change: merge BoringSSL branch into master

sdk/lib/io/http_impl.dart

 // Copyright (c) 2013, the Dart project authors.  Please see the AUTHORS file
 // for details. All rights reserved. Use of this source code is governed by a
 // BSD-style license that can be found in the LICENSE file.
 
 part of dart.io;
 
 const int _OUTGOING_BUFFER_SIZE = 8 * 1024;
 
 class _HttpIncoming extends Stream<List<int>> {
   final int _transferLength;
@@ skipping 1238 matching lines @@
     footerAndHeader[size + 0] = _CharCode.CR;
     footerAndHeader[size + 1] = _CharCode.LF;
     return footerAndHeader;
   }
 }
 
 class _HttpClientConnection {
   final String key;
   final Socket _socket;
   final bool _proxyTunnel;
+  final SecurityContext _context;
   final _HttpParser _httpParser;
   StreamSubscription _subscription;
   final _HttpClient _httpClient;
   bool _dispose = false;
   Timer _idleTimer;
   bool closed = false;
   Uri _currentUri;
 
   Completer<_HttpIncoming> _nextResponseCompleter;
   Future _streamFuture;
 
   _HttpClientConnection(this.key, this._socket, this._httpClient,
-                        [this._proxyTunnel = false])
+                        [this._proxyTunnel = false, this._context])
       : _httpParser = new _HttpParser.responseParser() {
     _httpParser.listenToStream(_socket);
 
     // Set up handlers on the parser here, so we are sure to get 'onDone' from
     // the parser.
     _subscription = _httpParser.listen(
         (incoming) {
           // Only handle one incoming response at the time. Keep the
           // stream paused until the response have been processed.
           _subscription.pause();
@@ skipping 207 matching lines @@
       request.headers.set(HttpHeaders.PROXY_AUTHORIZATION, "Basic $auth");
     }
     return request.close()
         .then((response) {
           if (response.statusCode != HttpStatus.OK) {
             throw "Proxy failed to establish tunnel "
                   "(${response.statusCode} ${response.reasonPhrase})";
           }
           var socket = response._httpRequest._httpClientConnection._socket;
           return SecureSocket.secure(
-              socket, host: host, onBadCertificate: callback);
+              socket,
+              host: host,
+              context: _context,
+              onBadCertificate: callback);
         })
         .then((secureSocket) {
           String key = _HttpClientConnection.makeKey(true, host, port);
           return new _HttpClientConnection(
               key, secureSocket, request._httpClient, true);
         });
   }
 
   HttpConnectionInfo get connectionInfo => _HttpConnectionInfo.create(_socket);
 
@@ skipping 26 matching lines @@
   _ConnectionInfo(this.connection, this.proxy);
 }
 
 
 class _ConnectionTarget {
   // Unique key for this connection target.
   final String key;
   final String host;
   final int port;
   final bool isSecure;
+  final SecurityContext context;
   final Set<_HttpClientConnection> _idle = new HashSet();
   final Set<_HttpClientConnection> _active = new HashSet();
   final Queue _pending = new ListQueue();
   int _connecting = 0;
 
-  _ConnectionTarget(this.key, this.host, this.port, this.isSecure);
+  _ConnectionTarget(this.key,
+                    this.host,
+                    this.port,
+                    this.isSecure,
+                    this.context);
 
   bool get isEmpty => _idle.isEmpty && _active.isEmpty && _connecting == 0;
 
   bool get hasIdle => _idle.isNotEmpty;
 
   bool get hasActive => _active.isNotEmpty || _connecting > 0;
 
   _HttpClientConnection takeIdle() {
     assert(hasIdle);
     _HttpClientConnection connection = _idle.first;
@@ skipping 51 matching lines @@
     if (client.maxConnectionsPerHost != null &&
         _active.length + _connecting >= client.maxConnectionsPerHost) {
       var completer = new Completer();
       _pending.add(() {
         connect(uriHost, uriPort, proxy, client)
             .then(completer.complete, onError: completer.completeError);
       });
       return completer.future;
     }
     var currentBadCertificateCallback = client._badCertificateCallback;
-    bool callback(X509Certificate certificate) =>
+    callback(X509Certificate certificate) =>
         currentBadCertificateCallback == null ? false :
         currentBadCertificateCallback(certificate, uriHost, uriPort);
     Future socketFuture = (isSecure && proxy.isDirect
         ? SecureSocket.connect(host,
                                port,
+                               context: context,
                                sendClientCertificate: true,
                                onBadCertificate: callback)
         : Socket.connect(host, port));
     _connecting++;
     return socketFuture.then((socket) {
         _connecting--;
         socket.setOption(SocketOption.TCP_NODELAY, true);
-        var connection = new _HttpClientConnection(key, socket, client);
+        var connection =
+            new _HttpClientConnection(key, socket, client, false, context);
         if (isSecure && !proxy.isDirect) {
           connection._dispose = true;
           return connection.createProxyTunnel(uriHost, uriPort, proxy, callback)
               .then((tunnel) {
                 client._getConnectionTarget(uriHost, uriPort, true)
                     .addNewActive(tunnel);
                 return new _ConnectionInfo(tunnel, proxy);
               });
         } else {
           addNewActive(connection);
           return new _ConnectionInfo(connection, proxy);
         }
       }, onError: (error) {
         _connecting--;
         _checkPending();
         throw error;
       });
   }
 }
 
 
 class _HttpClient implements HttpClient {
   bool _closing = false;
   bool _closingForcefully = false;
   final Map<String, _ConnectionTarget> _connectionTargets
       = new HashMap<String, _ConnectionTarget>();
   final List<_Credentials> _credentials = [];
   final List<_ProxyCredentials> _proxyCredentials = [];
+  final SecurityContext _context;
   Function _authenticate;
   Function _authenticateProxy;
   Function _findProxy = HttpClient.findProxyFromEnvironment;
   Duration _idleTimeout = const Duration(seconds: 15);
   Function _badCertificateCallback;
 
   Duration get idleTimeout => _idleTimeout;
 
   int maxConnectionsPerHost;
 
   bool autoUncompress = true;
 
   String userAgent = _getHttpVersion();
 
+  _HttpClient(SecurityContext this._context);
+
   void set idleTimeout(Duration timeout) {
     _idleTimeout = timeout;
     for (var c in _connectionTargets.values) {
       for (var idle in c._idle) {
         // Reset timer. This is fine, as it's not happening often.
         idle.stopTimer();
         idle.startTimer();
       }
     }
   }
@@ skipping 198 matching lines @@
   }
 
   void _closeConnections(bool force) {
     for (var connectionTarget in _connectionTargets.values.toList()) {
       connectionTarget.close(force);
     }
   }
 
   _ConnectionTarget _getConnectionTarget(String host, int port, bool isSecure) {
     String key = _HttpClientConnection.makeKey(isSecure, host, port);
-    return _connectionTargets.putIfAbsent(
-        key, () => new _ConnectionTarget(key, host, port, isSecure));
+    return _connectionTargets.putIfAbsent(key, () {
+      return new _ConnectionTarget(key, host, port, isSecure, _context);
+    });
   }
 
   // Get a new _HttpClientConnection, from the matching _ConnectionTarget.
   Future<_ConnectionInfo> _getConnection(String uriHost,
                                           int uriPort,
                                           _ProxyConfiguration proxyConf,
                                           bool isSecure) {
     Iterator<_Proxy> proxies = proxyConf.proxies.iterator;
 
     Future<_ConnectionInfo> connect(error) {
@@ skipping 291 matching lines @@
       address, int port, int backlog, bool v6Only, bool shared) {
     return ServerSocket.bind(
         address, port, backlog: backlog, v6Only: v6Only, shared: shared)
             .then((socket) {
               return new _HttpServer._(socket, true);
             });
   }
 
   static Future<HttpServer> bindSecure(address,
                                        int port,
+                                       SecurityContext context,
                                        int backlog,
                                        bool v6Only,
                                        String certificate_name,
                                        bool requestClientCertificate,
                                        bool shared) {
     return SecureServerSocket.bind(
         address,
         port,
-        certificate_name,
+        context,
         backlog: backlog,
         v6Only: v6Only,
         requestClientCertificate: requestClientCertificate,
         shared: shared)
             .then((socket) {
               return new _HttpServer._(socket, true);
             });
   }
 
   _HttpServer._(this._serverSocket, this._closeServer) {
@@ skipping 619 matching lines @@
   const _RedirectInfo(this.statusCode, this.method, this.location);
 }
 
 String _getHttpVersion() {
   var version = Platform.version;
   // Only include major and minor version numbers.
   int index = version.indexOf('.', version.indexOf('.') + 1);
   version = version.substring(0, index);
   return 'Dart/$version (dart:io)';
 }