| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/socket/ssl_client_socket_pool.h" | 5 #include "net/socket/ssl_client_socket_pool.h" |
| 6 | 6 |
| 7 #include <utility> | 7 #include <utility> |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/bind_helpers.h" | 10 #include "base/bind_helpers.h" |
| (...skipping 29 matching lines...) Expand all Loading... |
| 40 bool expect_spdy) | 40 bool expect_spdy) |
| 41 : direct_params_(direct_params), | 41 : direct_params_(direct_params), |
| 42 socks_proxy_params_(socks_proxy_params), | 42 socks_proxy_params_(socks_proxy_params), |
| 43 http_proxy_params_(http_proxy_params), | 43 http_proxy_params_(http_proxy_params), |
| 44 host_and_port_(host_and_port), | 44 host_and_port_(host_and_port), |
| 45 ssl_config_(ssl_config), | 45 ssl_config_(ssl_config), |
| 46 privacy_mode_(privacy_mode), | 46 privacy_mode_(privacy_mode), |
| 47 load_flags_(load_flags), | 47 load_flags_(load_flags), |
| 48 expect_spdy_(expect_spdy), | 48 expect_spdy_(expect_spdy), |
| 49 ignore_limits_(false) { | 49 ignore_limits_(false) { |
| 50 if (direct_params_.get()) { | 50 // Only one set of lower level pool params should be non-NULL. |
| 51 DCHECK(!socks_proxy_params_.get()); | 51 DCHECK((direct_params_ && !socks_proxy_params_ && !http_proxy_params_) || |
| 52 DCHECK(!http_proxy_params_.get()); | 52 (!direct_params_ && socks_proxy_params_ && !http_proxy_params_) || |
| 53 ignore_limits_ = direct_params_->ignore_limits(); | 53 (!direct_params_ && !socks_proxy_params_ && http_proxy_params_)); |
| 54 } else if (socks_proxy_params_.get()) { | |
| 55 DCHECK(!http_proxy_params_.get()); | |
| 56 ignore_limits_ = socks_proxy_params_->ignore_limits(); | |
| 57 } else { | |
| 58 DCHECK(http_proxy_params_.get()); | |
| 59 ignore_limits_ = http_proxy_params_->ignore_limits(); | |
| 60 } | |
| 61 } | 54 } |
| 62 | 55 |
| 63 SSLSocketParams::~SSLSocketParams() {} | 56 SSLSocketParams::~SSLSocketParams() {} |
| 64 | 57 |
| 65 SSLSocketParams::ConnectionType SSLSocketParams::GetConnectionType() const { | 58 SSLSocketParams::ConnectionType SSLSocketParams::GetConnectionType() const { |
| 66 if (direct_params_.get()) { | 59 if (direct_params_.get()) { |
| 67 DCHECK(!socks_proxy_params_.get()); | 60 DCHECK(!socks_proxy_params_.get()); |
| 68 DCHECK(!http_proxy_params_.get()); | 61 DCHECK(!http_proxy_params_.get()); |
| 69 return DIRECT; | 62 return DIRECT; |
| 70 } | 63 } |
| (...skipping 23 matching lines...) Expand all Loading... |
| 94 SSLSocketParams::GetHttpProxyConnectionParams() const { | 87 SSLSocketParams::GetHttpProxyConnectionParams() const { |
| 95 DCHECK_EQ(GetConnectionType(), HTTP_PROXY); | 88 DCHECK_EQ(GetConnectionType(), HTTP_PROXY); |
| 96 return http_proxy_params_; | 89 return http_proxy_params_; |
| 97 } | 90 } |
| 98 | 91 |
| 99 // Timeout for the SSL handshake portion of the connect. | 92 // Timeout for the SSL handshake portion of the connect. |
| 100 static const int kSSLHandshakeTimeoutInSeconds = 30; | 93 static const int kSSLHandshakeTimeoutInSeconds = 30; |
| 101 | 94 |
| 102 SSLConnectJob::SSLConnectJob(const std::string& group_name, | 95 SSLConnectJob::SSLConnectJob(const std::string& group_name, |
| 103 RequestPriority priority, | 96 RequestPriority priority, |
| 97 bool ignore_limits, |
| 104 const scoped_refptr<SSLSocketParams>& params, | 98 const scoped_refptr<SSLSocketParams>& params, |
| 105 const base::TimeDelta& timeout_duration, | 99 const base::TimeDelta& timeout_duration, |
| 106 TransportClientSocketPool* transport_pool, | 100 TransportClientSocketPool* transport_pool, |
| 107 SOCKSClientSocketPool* socks_pool, | 101 SOCKSClientSocketPool* socks_pool, |
| 108 HttpProxyClientSocketPool* http_proxy_pool, | 102 HttpProxyClientSocketPool* http_proxy_pool, |
| 109 ClientSocketFactory* client_socket_factory, | 103 ClientSocketFactory* client_socket_factory, |
| 110 const SSLClientSocketContext& context, | 104 const SSLClientSocketContext& context, |
| 111 Delegate* delegate, | 105 Delegate* delegate, |
| 112 NetLog* net_log) | 106 NetLog* net_log) |
| 113 : ConnectJob(group_name, | 107 : ConnectJob(group_name, |
| 114 timeout_duration, | 108 timeout_duration, |
| 115 priority, | 109 priority, |
| 110 ignore_limits, |
| 116 delegate, | 111 delegate, |
| 117 BoundNetLog::Make(net_log, NetLog::SOURCE_CONNECT_JOB)), | 112 BoundNetLog::Make(net_log, NetLog::SOURCE_CONNECT_JOB)), |
| 118 params_(params), | 113 params_(params), |
| 119 transport_pool_(transport_pool), | 114 transport_pool_(transport_pool), |
| 120 socks_pool_(socks_pool), | 115 socks_pool_(socks_pool), |
| 121 http_proxy_pool_(http_proxy_pool), | 116 http_proxy_pool_(http_proxy_pool), |
| 122 client_socket_factory_(client_socket_factory), | 117 client_socket_factory_(client_socket_factory), |
| 123 context_(context.cert_verifier, | 118 context_(context.cert_verifier, |
| 124 context.channel_id_service, | 119 context.channel_id_service, |
| 125 context.transport_security_state, | 120 context.transport_security_state, |
| 126 context.cert_transparency_verifier, | 121 context.cert_transparency_verifier, |
| 127 context.ct_policy_enforcer, | 122 context.ct_policy_enforcer, |
| 128 (params->privacy_mode() == PRIVACY_MODE_ENABLED | 123 (params->privacy_mode() == PRIVACY_MODE_ENABLED |
| 129 ? "pm/" + context.ssl_session_cache_shard | 124 ? "pm/" + context.ssl_session_cache_shard |
| 130 : context.ssl_session_cache_shard)), | 125 : context.ssl_session_cache_shard)), |
| 131 callback_( | 126 callback_( |
| 132 base::Bind(&SSLConnectJob::OnIOComplete, base::Unretained(this))) { | 127 base::Bind(&SSLConnectJob::OnIOComplete, base::Unretained(this))) {} |
| 133 } | |
| 134 | 128 |
| 135 SSLConnectJob::~SSLConnectJob() { | 129 SSLConnectJob::~SSLConnectJob() { |
| 136 } | 130 } |
| 137 | 131 |
| 138 LoadState SSLConnectJob::GetLoadState() const { | 132 LoadState SSLConnectJob::GetLoadState() const { |
| 139 switch (next_state_) { | 133 switch (next_state_) { |
| 140 case STATE_TUNNEL_CONNECT_COMPLETE: | 134 case STATE_TUNNEL_CONNECT_COMPLETE: |
| 141 if (transport_socket_handle_->socket()) | 135 if (transport_socket_handle_->socket()) |
| 142 return LOAD_STATE_ESTABLISHING_PROXY_TUNNEL; | 136 return LOAD_STATE_ESTABLISHING_PROXY_TUNNEL; |
| 143 // else, fall through. | 137 // else, fall through. |
| (...skipping 81 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 225 } | 219 } |
| 226 | 220 |
| 227 int SSLConnectJob::DoTransportConnect() { | 221 int SSLConnectJob::DoTransportConnect() { |
| 228 DCHECK(transport_pool_); | 222 DCHECK(transport_pool_); |
| 229 | 223 |
| 230 next_state_ = STATE_TRANSPORT_CONNECT_COMPLETE; | 224 next_state_ = STATE_TRANSPORT_CONNECT_COMPLETE; |
| 231 transport_socket_handle_.reset(new ClientSocketHandle()); | 225 transport_socket_handle_.reset(new ClientSocketHandle()); |
| 232 scoped_refptr<TransportSocketParams> direct_params = | 226 scoped_refptr<TransportSocketParams> direct_params = |
| 233 params_->GetDirectConnectionParams(); | 227 params_->GetDirectConnectionParams(); |
| 234 return transport_socket_handle_->Init(group_name(), direct_params, priority(), | 228 return transport_socket_handle_->Init(group_name(), direct_params, priority(), |
| 235 callback_, transport_pool_, net_log()); | 229 ignore_limits(), callback_, |
| 230 transport_pool_, net_log()); |
| 236 } | 231 } |
| 237 | 232 |
| 238 int SSLConnectJob::DoTransportConnectComplete(int result) { | 233 int SSLConnectJob::DoTransportConnectComplete(int result) { |
| 239 connection_attempts_ = transport_socket_handle_->connection_attempts(); | 234 connection_attempts_ = transport_socket_handle_->connection_attempts(); |
| 240 if (result == OK) { | 235 if (result == OK) { |
| 241 next_state_ = STATE_SSL_CONNECT; | 236 next_state_ = STATE_SSL_CONNECT; |
| 242 transport_socket_handle_->socket()->GetPeerAddress(&server_address_); | 237 transport_socket_handle_->socket()->GetPeerAddress(&server_address_); |
| 243 } | 238 } |
| 244 | 239 |
| 245 return result; | 240 return result; |
| 246 } | 241 } |
| 247 | 242 |
| 248 int SSLConnectJob::DoSOCKSConnect() { | 243 int SSLConnectJob::DoSOCKSConnect() { |
| 249 DCHECK(socks_pool_); | 244 DCHECK(socks_pool_); |
| 250 next_state_ = STATE_SOCKS_CONNECT_COMPLETE; | 245 next_state_ = STATE_SOCKS_CONNECT_COMPLETE; |
| 251 transport_socket_handle_.reset(new ClientSocketHandle()); | 246 transport_socket_handle_.reset(new ClientSocketHandle()); |
| 252 scoped_refptr<SOCKSSocketParams> socks_proxy_params = | 247 scoped_refptr<SOCKSSocketParams> socks_proxy_params = |
| 253 params_->GetSocksProxyConnectionParams(); | 248 params_->GetSocksProxyConnectionParams(); |
| 254 return transport_socket_handle_->Init(group_name(), socks_proxy_params, | 249 return transport_socket_handle_->Init(group_name(), socks_proxy_params, |
| 255 priority(), callback_, socks_pool_, | 250 priority(), ignore_limits(), callback_, |
| 256 net_log()); | 251 socks_pool_, net_log()); |
| 257 } | 252 } |
| 258 | 253 |
| 259 int SSLConnectJob::DoSOCKSConnectComplete(int result) { | 254 int SSLConnectJob::DoSOCKSConnectComplete(int result) { |
| 260 if (result == OK) | 255 if (result == OK) |
| 261 next_state_ = STATE_SSL_CONNECT; | 256 next_state_ = STATE_SSL_CONNECT; |
| 262 | 257 |
| 263 return result; | 258 return result; |
| 264 } | 259 } |
| 265 | 260 |
| 266 int SSLConnectJob::DoTunnelConnect() { | 261 int SSLConnectJob::DoTunnelConnect() { |
| 267 DCHECK(http_proxy_pool_); | 262 DCHECK(http_proxy_pool_); |
| 268 next_state_ = STATE_TUNNEL_CONNECT_COMPLETE; | 263 next_state_ = STATE_TUNNEL_CONNECT_COMPLETE; |
| 269 | 264 |
| 270 transport_socket_handle_.reset(new ClientSocketHandle()); | 265 transport_socket_handle_.reset(new ClientSocketHandle()); |
| 271 scoped_refptr<HttpProxySocketParams> http_proxy_params = | 266 scoped_refptr<HttpProxySocketParams> http_proxy_params = |
| 272 params_->GetHttpProxyConnectionParams(); | 267 params_->GetHttpProxyConnectionParams(); |
| 273 return transport_socket_handle_->Init(group_name(), http_proxy_params, | 268 return transport_socket_handle_->Init(group_name(), http_proxy_params, |
| 274 priority(), callback_, http_proxy_pool_, | 269 priority(), ignore_limits(), callback_, |
| 275 net_log()); | 270 http_proxy_pool_, net_log()); |
| 276 } | 271 } |
| 277 | 272 |
| 278 int SSLConnectJob::DoTunnelConnectComplete(int result) { | 273 int SSLConnectJob::DoTunnelConnectComplete(int result) { |
| 279 // Extract the information needed to prompt for appropriate proxy | 274 // Extract the information needed to prompt for appropriate proxy |
| 280 // authentication so that when ClientSocketPoolBaseHelper calls | 275 // authentication so that when ClientSocketPoolBaseHelper calls |
| 281 // |GetAdditionalErrorState|, we can easily set the state. | 276 // |GetAdditionalErrorState|, we can easily set the state. |
| 282 if (result == ERR_SSL_CLIENT_AUTH_CERT_NEEDED) { | 277 if (result == ERR_SSL_CLIENT_AUTH_CERT_NEEDED) { |
| 283 error_response_info_ = transport_socket_handle_->ssl_error_response_info(); | 278 error_response_info_ = transport_socket_handle_->ssl_error_response_info(); |
| 284 } else if (result == ERR_PROXY_AUTH_REQUESTED || | 279 } else if (result == ERR_PROXY_AUTH_REQUESTED || |
| 285 result == ERR_HTTPS_PROXY_TUNNEL_RESPONSE) { | 280 result == ERR_HTTPS_PROXY_TUNNEL_RESPONSE) { |
| (...skipping 265 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 551 | 546 |
| 552 SSLClientSocketPool::~SSLClientSocketPool() { | 547 SSLClientSocketPool::~SSLClientSocketPool() { |
| 553 if (ssl_config_service_.get()) | 548 if (ssl_config_service_.get()) |
| 554 ssl_config_service_->RemoveObserver(this); | 549 ssl_config_service_->RemoveObserver(this); |
| 555 } | 550 } |
| 556 | 551 |
| 557 scoped_ptr<ConnectJob> SSLClientSocketPool::SSLConnectJobFactory::NewConnectJob( | 552 scoped_ptr<ConnectJob> SSLClientSocketPool::SSLConnectJobFactory::NewConnectJob( |
| 558 const std::string& group_name, | 553 const std::string& group_name, |
| 559 const PoolBase::Request& request, | 554 const PoolBase::Request& request, |
| 560 ConnectJob::Delegate* delegate) const { | 555 ConnectJob::Delegate* delegate) const { |
| 561 return scoped_ptr<ConnectJob>(new SSLConnectJob(group_name, | 556 return scoped_ptr<ConnectJob>(new SSLConnectJob( |
| 562 request.priority(), | 557 group_name, request.priority(), request.ignore_limits(), request.params(), |
| 563 request.params(), | 558 ConnectionTimeout(), transport_pool_, socks_pool_, http_proxy_pool_, |
| 564 ConnectionTimeout(), | 559 client_socket_factory_, context_, delegate, net_log_)); |
| 565 transport_pool_, | |
| 566 socks_pool_, | |
| 567 http_proxy_pool_, | |
| 568 client_socket_factory_, | |
| 569 context_, | |
| 570 delegate, | |
| 571 net_log_)); | |
| 572 } | 560 } |
| 573 | 561 |
| 574 base::TimeDelta SSLClientSocketPool::SSLConnectJobFactory::ConnectionTimeout() | 562 base::TimeDelta SSLClientSocketPool::SSLConnectJobFactory::ConnectionTimeout() |
| 575 const { | 563 const { |
| 576 return timeout_; | 564 return timeout_; |
| 577 } | 565 } |
| 578 | 566 |
| 579 int SSLClientSocketPool::RequestSocket(const std::string& group_name, | 567 int SSLClientSocketPool::RequestSocket(const std::string& group_name, |
| 580 const void* socket_params, | 568 const void* socket_params, |
| 581 RequestPriority priority, | 569 RequestPriority priority, |
| 570 bool ignore_limits, |
| 582 ClientSocketHandle* handle, | 571 ClientSocketHandle* handle, |
| 583 const CompletionCallback& callback, | 572 const CompletionCallback& callback, |
| 584 const BoundNetLog& net_log) { | 573 const BoundNetLog& net_log) { |
| 585 const scoped_refptr<SSLSocketParams>* casted_socket_params = | 574 const scoped_refptr<SSLSocketParams>* casted_socket_params = |
| 586 static_cast<const scoped_refptr<SSLSocketParams>*>(socket_params); | 575 static_cast<const scoped_refptr<SSLSocketParams>*>(socket_params); |
| 587 | 576 |
| 588 return base_.RequestSocket(group_name, *casted_socket_params, priority, | 577 return base_.RequestSocket(group_name, *casted_socket_params, priority, |
| 589 handle, callback, net_log); | 578 ignore_limits, handle, callback, net_log); |
| 590 } | 579 } |
| 591 | 580 |
| 592 void SSLClientSocketPool::RequestSockets( | 581 void SSLClientSocketPool::RequestSockets( |
| 593 const std::string& group_name, | 582 const std::string& group_name, |
| 594 const void* params, | 583 const void* params, |
| 595 int num_sockets, | 584 int num_sockets, |
| 596 const BoundNetLog& net_log) { | 585 const BoundNetLog& net_log) { |
| 597 const scoped_refptr<SSLSocketParams>* casted_params = | 586 const scoped_refptr<SSLSocketParams>* casted_params = |
| 598 static_cast<const scoped_refptr<SSLSocketParams>*>(params); | 587 static_cast<const scoped_refptr<SSLSocketParams>*>(params); |
| 599 | 588 |
| (...skipping 81 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 681 if (base_.CloseOneIdleSocket()) | 670 if (base_.CloseOneIdleSocket()) |
| 682 return true; | 671 return true; |
| 683 return base_.CloseOneIdleConnectionInHigherLayeredPool(); | 672 return base_.CloseOneIdleConnectionInHigherLayeredPool(); |
| 684 } | 673 } |
| 685 | 674 |
| 686 void SSLClientSocketPool::OnSSLConfigChanged() { | 675 void SSLClientSocketPool::OnSSLConfigChanged() { |
| 687 FlushWithError(ERR_NETWORK_CHANGED); | 676 FlushWithError(ERR_NETWORK_CHANGED); |
| 688 } | 677 } |
| 689 | 678 |
| 690 } // namespace net | 679 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1580903002:
Convert ignore_limits from a SocketParam to a socket request argument. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master