Migrates QUIC sessions to a new network when old network is (about to be) disconnected.

net/quic/quic_stream_factory.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/quic/quic_stream_factory.h"
 
 #include <algorithm>
 #include <set>
 
 #include "base/location.h"
@@ skipping 52 matching lines @@
 
 namespace {
 
 enum CreateSessionFailure {
   CREATION_ERROR_CONNECTING_SOCKET,
   CREATION_ERROR_SETTING_RECEIVE_BUFFER,
   CREATION_ERROR_SETTING_SEND_BUFFER,
   CREATION_ERROR_MAX
 };
 
+enum QuicConnectionMigrationStatus {
+  MIGRATION_STATUS_NO_MIGRATABLE_STREAMS,
+  MIGRATION_STATUS_ALREADY_MIGRATED,
+  MIGRATION_STATUS_INTERNAL_ERROR,
+  MIGRATION_STATUS_TOO_MANY_CHANGES,
+  MIGRATION_STATUS_SUCCESS,
+  MIGRATION_STATUS_MAX
+};
+
 // The maximum receive window sizes for QUIC sessions and streams.
 const int32 kQuicSessionMaxRecvWindowSize = 15 * 1024 * 1024;  // 15 MB
 const int32 kQuicStreamMaxRecvWindowSize = 6 * 1024 * 1024;    // 6 MB
 
 // Set the maximum number of undecryptable packets the connection will store.
 const int32 kMaxUndecryptablePackets = 100;
 
 void HistogramCreateSessionFailure(enum CreateSessionFailure error) {
   UMA_HISTOGRAM_ENUMERATION("Net.QuicSession.CreationError", error,
                             CREATION_ERROR_MAX);
@@ skipping 481 matching lines @@
     int max_number_of_lossy_connections,
     float packet_loss_threshold,
     int max_disabled_reasons,
     int threshold_public_resets_post_handshake,
     int threshold_timeouts_with_open_streams,
     int socket_receive_buffer_size,
     bool delay_tcp_race,
     bool store_server_configs_in_properties,
     bool close_sessions_on_ip_change,
     int idle_connection_timeout_seconds,
+    bool migrate_sessions_on_network_change,
     const QuicTagVector& connection_options)
     : require_confirmation_(true),
       host_resolver_(host_resolver),
       client_socket_factory_(client_socket_factory),
       http_server_properties_(http_server_properties),
       transport_security_state_(transport_security_state),
       cert_transparency_verifier_(cert_transparency_verifier),
       quic_crypto_client_stream_factory_(quic_crypto_client_stream_factory),
       random_generator_(random_generator),
       clock_(clock),
@@ skipping 27 matching lines @@
           threshold_timeouts_with_open_streams),
       threshold_public_resets_post_handshake_(
           threshold_public_resets_post_handshake),
       socket_receive_buffer_size_(socket_receive_buffer_size),
       delay_tcp_race_(delay_tcp_race),
       yield_after_packets_(kQuicYieldAfterPacketsRead),
       yield_after_duration_(QuicTime::Delta::FromMilliseconds(
           kQuicYieldAfterDurationMilliseconds)),
       store_server_configs_in_properties_(store_server_configs_in_properties),
       close_sessions_on_ip_change_(close_sessions_on_ip_change),
+      migrate_sessions_on_network_change_(migrate_sessions_on_network_change),

[Ryan Hamilton, 2015/12/18 21:51:23]

Presumably we don't want both close_ and migrate_ to be true at the same time?
We could use a tri-state enum for this. Or in the worst case DCHECK(!(close_ &&
migrate_));

[Jana, 2015/12/21 23:10:19]

Hmm -- yes, I think we'd want them to be mutually exclusive until we decide what
default behaviors we want. Given that there's mutual exclusion guaranteed below
by only registering for one of the two observers below, I'm happy with adding a
DCHECK here (done below). SG?

       port_seed_(random_generator_->RandUint64()),
       check_persisted_supports_quic_(true),
       has_initialized_data_(false),
       task_runner_(nullptr),
       weak_factory_(this) {
   DCHECK(transport_security_state_);
   DCHECK(http_server_properties_);
   crypto_config_.set_user_agent_id(user_agent_id);
   crypto_config_.AddCanonicalSuffix(".c.youtube.com");
   crypto_config_.AddCanonicalSuffix(".googlevideo.com");
@@ skipping 18 matching lines @@
   if (!IsEcdsaSupported())
     crypto_config_.DisableEcdsa();
   // When disk cache is used to store the server configs, HttpCache code calls
   // |set_quic_server_info_factory| if |quic_server_info_factory_| wasn't
   // created.
   if (store_server_configs_in_properties_) {
     quic_server_info_factory_.reset(
         new PropertiesBasedQuicServerInfoFactory(http_server_properties_));
   }
 
-  if (close_sessions_on_ip_change_) {
+  if (migrate_sessions_on_network_change_ &&
+      NetworkChangeNotifier::AreNetworkHandlesSupported()) {

[Ryan Hamilton, 2015/12/18 21:51:23]

This is basically Android only currently?

[Jana, 2015/12/21 23:10:19]

Yes, Android >= L

+    NetworkChangeNotifier::AddNetworkObserver(this);
+  } else if (close_sessions_on_ip_change_) {
     NetworkChangeNotifier::AddIPAddressObserver(this);
   }
 }
 
 QuicStreamFactory::~QuicStreamFactory() {
   CloseAllSessions(ERR_ABORTED);
   while (!all_sessions_.empty()) {
     delete all_sessions_.begin()->first;
     all_sessions_.erase(all_sessions_.begin());
   }
   while (!active_jobs_.empty()) {
     const QuicServerId server_id = active_jobs_.begin()->first;
     STLDeleteElements(&(active_jobs_[server_id]));
     active_jobs_.erase(server_id);
   }
-  if (close_sessions_on_ip_change_) {
+  if (migrate_sessions_on_network_change_ &&
+      NetworkChangeNotifier::AreNetworkHandlesSupported()) {
+    NetworkChangeNotifier::RemoveNetworkObserver(this);
+  } else if (close_sessions_on_ip_change_) {
     NetworkChangeNotifier::RemoveIPAddressObserver(this);
   }
 }
 
 void QuicStreamFactory::set_require_confirmation(bool require_confirmation) {
   require_confirmation_ = require_confirmation;
   if (!(local_address_ == IPEndPoint())) {
     http_server_properties_->SetSupportsQuic(!require_confirmation,
                                              local_address_.address());
   }
@@ skipping 405 matching lines @@
   DCHECK_EQ(ERR_IO_PENDING, rv);
 }
 
 void QuicStreamFactory::CancelRequest(QuicStreamRequest* request) {
   DCHECK(ContainsKey(active_requests_, request));
   QuicServerId server_id = active_requests_[request];
   job_requests_map_[server_id].erase(request);
   active_requests_.erase(request);
 }
 
 void QuicStreamFactory::CloseAllSessions(int error) {

[Ryan Hamilton, 2015/12/18 21:51:23]

I'd be inclined to remove this method and just use your new one instead.

[Jana, 2015/12/21 23:10:19]

Done.

+  CloseAllSessionsInner(error, QUIC_INTERNAL_ERROR);
+}
+
+void QuicStreamFactory::CloseAllSessionsInner(int error,
+                                              QuicErrorCode quic_error) {
   while (!active_sessions_.empty()) {
     size_t initial_size = active_sessions_.size();
-    active_sessions_.begin()->second->CloseSessionOnError(error,
-                                                          QUIC_INTERNAL_ERROR);
+    active_sessions_.begin()->second->CloseSessionOnError(error, quic_error);
     DCHECK_NE(initial_size, active_sessions_.size());
   }
   while (!all_sessions_.empty()) {
     size_t initial_size = all_sessions_.size();
-    all_sessions_.begin()->first->CloseSessionOnError(error,
-                                                      QUIC_INTERNAL_ERROR);
+    all_sessions_.begin()->first->CloseSessionOnError(error, quic_error);
     DCHECK_NE(initial_size, all_sessions_.size());
   }
   DCHECK(all_sessions_.empty());
 }
 
 scoped_ptr<base::Value> QuicStreamFactory::QuicStreamFactoryInfoToValue()
     const {
   scoped_ptr<base::ListValue> list(new base::ListValue());
 
   for (SessionMap::const_iterator it = active_sessions_.begin();
@@ skipping 12 matching lines @@
     }
   }
   return list.Pass();
 }
 
 void QuicStreamFactory::ClearCachedStatesInCryptoConfig() {
   crypto_config_.ClearCachedStates();
 }
 
 void QuicStreamFactory::OnIPAddressChanged() {
-  CloseAllSessions(ERR_NETWORK_CHANGED);
+  CloseAllSessionsInner(ERR_NETWORK_CHANGED, QUIC_IP_ADDRESS_CHANGED);
   set_require_confirmation(true);
 }
 
+void QuicStreamFactory::OnNetworkConnected(
+    NetworkChangeNotifier::NetworkHandle network) {}
+
+void QuicStreamFactory::OnNetworkMadeDefault(
+    NetworkChangeNotifier::NetworkHandle network) {}
+
+void QuicStreamFactory::OnNetworkDisconnected(
+    NetworkChangeNotifier::NetworkHandle network) {
+  MigrateOrCloseSessions(network);
+  set_require_confirmation(true);
+}
+
+void QuicStreamFactory::OnNetworkSoonToDisconnect(
+    NetworkChangeNotifier::NetworkHandle network) {
+  MigrateOrCloseSessions(network);
+}
+
+void QuicStreamFactory::MigrateOrCloseSessions(
+    NetworkChangeNotifier::NetworkHandle network) {
+  DCHECK_NE(NetworkChangeNotifier::kInvalidNetworkHandle, network);
+  // Find a new network that old sockets can be migrated to.

[Ryan Hamilton, 2015/12/18 21:51:23]

nit: s/sockets/connections/?

[Jana, 2015/12/21 23:10:19]

Done.

+  NetworkChangeNotifier::NetworkList network_list;
+  NetworkChangeNotifier::GetConnectedNetworks(&network_list);
+  NetworkChangeNotifier::NetworkHandle new_network =
+      NetworkChangeNotifier::kInvalidNetworkHandle;
+  for (NetworkChangeNotifier::NetworkHandle n : network_list) {
+    if (n == network) {
+      continue;
+    }
+    new_network = n;

[Ryan Hamilton, 2015/12/18 21:51:23]

Can you break; here?

for (...) {
  if (n != network) {
    new_newtwork = n;
    break;
  }
}

[Jana, 2015/12/21 23:10:19]

Done.

+  }
+
+  if (new_network == NetworkChangeNotifier::kInvalidNetworkHandle) {
+    CloseAllSessionsInner(ERR_NETWORK_CHANGED,
+                          QUIC_CONNECTION_MIGRATION_NO_NEW_NETWORK);

[Ryan Hamilton, 2015/12/18 21:51:23]

It seems sad to do this in the "SoonToDisconnect" case, doesn't it?

[Jana, 2015/12/21 23:10:19]

Yes, it is a bit aggressive. I had two reasons for doing the mgiration here:
(i) This gives us some "drain time" to drain the old network., since the client
continues reading from the old socket. The client does not have another signal
later before "Disconnected", when migration may be not as seamless, since any
packets still inflight to the client from the server over the old network will
have to be retransmitted by the server over the new network, possibly after a
TLP period.
(ii) This signal is delivered when we're moving from Cellular to WiFi, and I
hypothesized that the sooner we migrate to WiFi, the better.

Do you have any other suggestions?

+    return;
+  }
+
+  QuicStreamFactory::SessionIdMap::iterator it = all_sessions_.begin();
+  while (it != all_sessions_.end()) {
+    QuicChromiumClientSession* session = it->first;
+    QuicServerId server_id = it->second;
+    ++it;
+
+    if (session->GetNumActiveStreams() == 0) {

[Ryan Hamilton, 2015/12/18 21:51:23]

Ah, that's why you were needing this method.

[Jana, 2015/12/21 23:10:19]

Acknowledged.

+      // Close idle sessions.
+      session->CloseSessionOnError(
+          ERR_NETWORK_CHANGED, QUIC_CONNECTION_MIGRATION_NO_MIGRATABLE_STREAMS);
+      UMA_HISTOGRAM_ENUMERATION("Net.QuicSession.ConnectionMigration",
+                                MIGRATION_STATUS_NO_MIGRATABLE_STREAMS,
+                                MIGRATION_STATUS_MAX);

[Ryan Hamilton, 2015/12/18 21:51:23]

Please factor this out into a helper method which simply takes a single enum as
an argument.

[Jana, 2015/12/21 23:10:19]

I thought of doing this too simply to reduce clutter, but it seemed an overkill
(3 args vs. 1 arg). If you have the same reaction, I'll do it :-)

[Jana, 2015/12/21 23:10:19]

Done.

+      continue;
+    } else if (session->GetDefaultSocket()->GetBoundNetwork() == new_network) {
+      // If session is already using |network|, move on.
+      UMA_HISTOGRAM_ENUMERATION("Net.QuicSession.ConnectionMigration",
+                                MIGRATION_STATUS_ALREADY_MIGRATED,
+                                MIGRATION_STATUS_MAX);
+      continue;
+    }
+
+    // If session has active streams, (i) make the session GO_AWAY,
+    // (ii) create a new socket bound to the new network, and (iii)
+    // migrate the session to using the new socket.
+    OnSessionGoingAway(session);
+    QuicConnection* connection = session->connection();
+
+    // Use OS-specified port for socket (DEFAULT_BIND) since the connection is
+    // being migrated and not being newly created.

[Ryan Hamilton, 2015/12/18 21:51:23]

I don't understand this comment.

[Jana, 2015/12/21 23:10:19]

The point of the PortSuggester, AIUI, is to use a port for a new 0RTT connect so
that it maps to the same GFE as previously, to possibly increase 0RTT chances.
Given that the IP is changing, retaining the same port as earlier shouldn't get
us anything... right?

Modifying the comment per our conversation.

+    scoped_ptr<DatagramClientSocket> socket(
+        client_socket_factory_->CreateDatagramClientSocket(
+            DatagramSocket::DEFAULT_BIND, RandIntCallback(),
+            session->net_log().net_log(), session->net_log().source()));
+
+    if (ConfigureDatagramClientSocket(socket.get(), connection->peer_address(),
+                                      network) != OK) {
+      session->CloseSessionOnError(ERR_NETWORK_CHANGED, QUIC_INTERNAL_ERROR);
+      UMA_HISTOGRAM_ENUMERATION("Net.QuicSession.ConnectionMigration",
+                                MIGRATION_STATUS_INTERNAL_ERROR,
+                                MIGRATION_STATUS_MAX);
+      continue;
+    }
+    scoped_ptr<QuicPacketReader> new_reader(new QuicPacketReader(
+        socket.get(), clock_.get(), session, yield_after_packets_,
+        yield_after_duration_, session->net_log()));
+    DefaultPacketWriterFactory packet_writer_factory(socket.get());
+    scoped_ptr<QuicPacketWriter> new_writer(
+        packet_writer_factory.Create(connection));
+
+    if (!session->MigrateToSocket(socket.Pass(), new_reader.Pass(),
+                                  new_writer.Pass())) {
+      session->CloseSessionOnError(ERR_NETWORK_CHANGED,
+                                   QUIC_CONNECTION_MIGRATION_TOO_MANY_CHANGES);
+      UMA_HISTOGRAM_ENUMERATION("Net.QuicSession.ConnectionMigration",
+                                MIGRATION_STATUS_TOO_MANY_CHANGES,
+                                MIGRATION_STATUS_MAX);
+    } else {
+      UMA_HISTOGRAM_ENUMERATION("Net.QuicSession.ConnectionMigration",
+                                MIGRATION_STATUS_SUCCESS, MIGRATION_STATUS_MAX);
+    }
+  }
+}
+
 void QuicStreamFactory::OnSSLConfigChanged() {
   CloseAllSessions(ERR_CERT_DATABASE_CHANGED);
 }
 
 void QuicStreamFactory::OnCertAdded(const X509Certificate* cert) {
   CloseAllSessions(ERR_CERT_DATABASE_CHANGED);
 }
 
 void QuicStreamFactory::OnCACertChanged(const X509Certificate* cert) {
   // We should flush the sessions if we removed trust from a
@@ skipping 13 matching lines @@
   // TODO(rtenneti): crbug.com/498823 - delete active_sessions_.empty() check.
   if (active_sessions_.empty())
     return false;
   return ContainsKey(active_sessions_, server_id);
 }
 
 bool QuicStreamFactory::HasActiveJob(const QuicServerId& key) const {
   return ContainsKey(active_jobs_, key);
 }
 
-int QuicStreamFactory::CreateSession(const QuicServerId& server_id,
-                                     int cert_verify_flags,
-                                     scoped_ptr<QuicServerInfo> server_info,
-                                     const AddressList& address_list,
-                                     base::TimeTicks dns_resolution_end_time,
-                                     const BoundNetLog& net_log,
-                                     QuicChromiumClientSession** session) {
-  bool enable_port_selection = enable_port_selection_;
-  if (enable_port_selection &&
-      ContainsKey(gone_away_aliases_, server_id)) {
-    // Disable port selection when the server is going away.
-    // There is no point in trying to return to the same server, if
-    // that server is no longer handling requests.
-    enable_port_selection = false;
-    gone_away_aliases_.erase(server_id);
-  }
-
-  QuicConnectionId connection_id = random_generator_->RandUint64();
-  IPEndPoint addr = *address_list.begin();
-  scoped_refptr<PortSuggester> port_suggester =
-      new PortSuggester(server_id.host_port_pair(), port_seed_);
-  DatagramSocket::BindType bind_type = enable_port_selection ?
-      DatagramSocket::RANDOM_BIND :  // Use our callback.
-      DatagramSocket::DEFAULT_BIND;  // Use OS to randomize.
-  scoped_ptr<DatagramClientSocket> socket(
-      client_socket_factory_->CreateDatagramClientSocket(
-          bind_type,
-          base::Bind(&PortSuggester::SuggestPort, port_suggester),
-          net_log.net_log(), net_log.source()));
-
+int QuicStreamFactory::ConfigureDatagramClientSocket(
+    DatagramClientSocket* socket,
+    IPEndPoint addr,
+    NetworkChangeNotifier::NetworkHandle network) {
   if (enable_non_blocking_io_ &&
       client_socket_factory_ == ClientSocketFactory::GetDefaultFactory()) {
 #if defined(OS_WIN)
     static_cast<UDPClientSocket*>(socket.get())->UseNonBlockingIO();
 #endif
   }
 
-  int rv = socket->Connect(addr);
+  // If caller leaves network unspecified, use current default.
+  int rv;
+  if (network == NetworkChangeNotifier::kInvalidNetworkHandle) {
+    rv = socket->BindToDefaultNetwork();

[Ryan Hamilton, 2015/12/18 21:51:23]

Does this represent a behavior change? Is "BindToDefault" different from not
doing BindToDefault()?

[Jana, 2015/12/21 23:10:19]

Yes. This is a behavior change in that there was no explicit or implicit
bind()ing before.

[Ryan Hamilton, 2015/12/21 23:18:19]

I guess it probably doesn't matter, but I wonder if we want to "bind to default"
when we're not doing migration? Thinking about non-Android... Maybe it doesn't
matter?

+  } else {
+    rv = socket->BindToNetwork(network);
+  }
+  if (rv != OK) {
+    return rv;
+  }

[Ryan Hamilton, 2015/12/18 21:51:23]

nit: no {}s

[Jana, 2015/12/21 23:10:19]

I can never keep this together in my mind. Done.

 
+  rv = socket->Connect(addr);
   if (rv != OK) {
     HistogramCreateSessionFailure(CREATION_ERROR_CONNECTING_SOCKET);
     return rv;
   }
-  UMA_HISTOGRAM_COUNTS("Net.QuicEphemeralPortsSuggested",
-                       port_suggester->call_count());
-  if (enable_port_selection) {
-    DCHECK_LE(1u, port_suggester->call_count());
-  } else {
-    DCHECK_EQ(0u, port_suggester->call_count());
-  }
 
   rv = socket->SetReceiveBufferSize(socket_receive_buffer_size_);
   if (rv != OK) {
     HistogramCreateSessionFailure(CREATION_ERROR_SETTING_RECEIVE_BUFFER);
     return rv;
   }
+
   // Set a buffer large enough to contain the initial CWND's worth of packet
   // to work around the problem with CHLO packets being sent out with the
   // wrong encryption level, when the send buffer is full.
   rv = socket->SetSendBufferSize(kMaxPacketSize * 20);
   if (rv != OK) {
     HistogramCreateSessionFailure(CREATION_ERROR_SETTING_SEND_BUFFER);
     return rv;
   }
 
   socket->GetLocalAddress(&local_address_);
   if (check_persisted_supports_quic_) {
     check_persisted_supports_quic_ = false;
     IPAddressNumber last_address;
     if (http_server_properties_->GetSupportsQuic(&last_address) &&
         last_address == local_address_.address()) {
       require_confirmation_ = false;
     }
   }
 
+  return OK;
+}
+
+int QuicStreamFactory::CreateSession(const QuicServerId& server_id,
+                                     int cert_verify_flags,
+                                     scoped_ptr<QuicServerInfo> server_info,
+                                     const AddressList& address_list,
+                                     base::TimeTicks dns_resolution_end_time,
+                                     const BoundNetLog& net_log,
+                                     QuicChromiumClientSession** session) {
+  IPEndPoint addr = *address_list.begin();
+  bool enable_port_selection = enable_port_selection_;
+  if (enable_port_selection && ContainsKey(gone_away_aliases_, server_id)) {
+    // Disable port selection when the server is going away.
+    // There is no point in trying to return to the same server, if
+    // that server is no longer handling requests.
+    enable_port_selection = false;
+    gone_away_aliases_.erase(server_id);
+  }
+  scoped_refptr<PortSuggester> port_suggester =
+      new PortSuggester(server_id.host_port_pair(), port_seed_);
+  DatagramSocket::BindType bind_type =
+      enable_port_selection ? DatagramSocket::RANDOM_BIND
+                            :            // Use our callback.
+          DatagramSocket::DEFAULT_BIND;  // Use OS to randomize.
+
+  scoped_ptr<DatagramClientSocket> socket(
+      client_socket_factory_->CreateDatagramClientSocket(
+          bind_type, base::Bind(&PortSuggester::SuggestPort, port_suggester),
+          net_log.net_log(), net_log.source()));
+
+  // Passing in kInvalidNetworkHandle binds socket to default network.
+  int rv = ConfigureDatagramClientSocket(
+      socket.get(), addr, NetworkChangeNotifier::kInvalidNetworkHandle);
+  if (rv != OK) {
+    return rv;
+  }
+
+  UMA_HISTOGRAM_COUNTS("Net.QuicEphemeralPortsSuggested",
+                       port_suggester->call_count());
+  if (enable_port_selection) {
+    DCHECK_LE(1u, port_suggester->call_count());
+  } else {
+    DCHECK_EQ(0u, port_suggester->call_count());
+  }
+
   DefaultPacketWriterFactory packet_writer_factory(socket.get());
-
   if (!helper_.get()) {
     helper_.reset(
         new QuicConnectionHelper(base::ThreadTaskRunnerHandle::Get().get(),
                                  clock_.get(), random_generator_));
   }
 
+  QuicConnectionId connection_id = random_generator_->RandUint64();
   QuicConnection* connection = new QuicConnection(
       connection_id, addr, helper_.get(), packet_writer_factory,
       true /* owns_writer */, Perspective::IS_CLIENT, supported_versions_);
   connection->SetMaxPacketLength(max_packet_length_);
 
   InitializeCachedStateInCryptoConfig(server_id, server_info);
 
   QuicConfig config = config_;
   config.SetSocketReceiveBufferToSend(socket_receive_buffer_size_);
   config.set_max_undecryptable_packets(kMaxUndecryptablePackets);
@@ skipping 183 matching lines @@
   // Since the session was active, there's no longer an
   // HttpStreamFactoryImpl::Job running which can mark it broken, unless the TCP
   // job also fails. So to avoid not using QUIC when we otherwise could, we mark
   // it as recently broken, which means that 0-RTT will be disabled but we'll
   // still race.
   http_server_properties_->MarkAlternativeServiceRecentlyBroken(
       alternative_service);
 }
 
 }  // namespace net