| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/socket/ssl_client_socket_pool.h" | 5 #include "net/socket/ssl_client_socket_pool.h" |
| 6 | 6 |
| 7 #include <utility> | 7 #include <utility> |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/bind_helpers.h" | 10 #include "base/bind_helpers.h" |
| (...skipping 27 matching lines...) Expand all Loading... |
| 38 PrivacyMode privacy_mode, | 38 PrivacyMode privacy_mode, |
| 39 int load_flags, | 39 int load_flags, |
| 40 bool expect_spdy) | 40 bool expect_spdy) |
| 41 : direct_params_(direct_params), | 41 : direct_params_(direct_params), |
| 42 socks_proxy_params_(socks_proxy_params), | 42 socks_proxy_params_(socks_proxy_params), |
| 43 http_proxy_params_(http_proxy_params), | 43 http_proxy_params_(http_proxy_params), |
| 44 host_and_port_(host_and_port), | 44 host_and_port_(host_and_port), |
| 45 ssl_config_(ssl_config), | 45 ssl_config_(ssl_config), |
| 46 privacy_mode_(privacy_mode), | 46 privacy_mode_(privacy_mode), |
| 47 load_flags_(load_flags), | 47 load_flags_(load_flags), |
| 48 expect_spdy_(expect_spdy), | 48 expect_spdy_(expect_spdy) { |
| 49 ignore_limits_(false) { | 49 // Only one set of lower level pool params should be non-NULL. |
| 50 if (direct_params_.get()) { | 50 DCHECK((direct_params_ && !socks_proxy_params_ && !http_proxy_params_) || |
| 51 DCHECK(!socks_proxy_params_.get()); | 51 (!direct_params_ && socks_proxy_params_ && !http_proxy_params_) || |
| 52 DCHECK(!http_proxy_params_.get()); | 52 (!direct_params_ && !socks_proxy_params_ && http_proxy_params_)); |
| 53 ignore_limits_ = direct_params_->ignore_limits(); | |
| 54 } else if (socks_proxy_params_.get()) { | |
| 55 DCHECK(!http_proxy_params_.get()); | |
| 56 ignore_limits_ = socks_proxy_params_->ignore_limits(); | |
| 57 } else { | |
| 58 DCHECK(http_proxy_params_.get()); | |
| 59 ignore_limits_ = http_proxy_params_->ignore_limits(); | |
| 60 } | |
| 61 } | 53 } |
| 62 | 54 |
| 63 SSLSocketParams::~SSLSocketParams() {} | 55 SSLSocketParams::~SSLSocketParams() {} |
| 64 | 56 |
| 65 SSLSocketParams::ConnectionType SSLSocketParams::GetConnectionType() const { | 57 SSLSocketParams::ConnectionType SSLSocketParams::GetConnectionType() const { |
| 66 if (direct_params_.get()) { | 58 if (direct_params_.get()) { |
| 67 DCHECK(!socks_proxy_params_.get()); | 59 DCHECK(!socks_proxy_params_.get()); |
| 68 DCHECK(!http_proxy_params_.get()); | 60 DCHECK(!http_proxy_params_.get()); |
| 69 return DIRECT; | 61 return DIRECT; |
| 70 } | 62 } |
| (...skipping 23 matching lines...) Expand all Loading... |
| 94 SSLSocketParams::GetHttpProxyConnectionParams() const { | 86 SSLSocketParams::GetHttpProxyConnectionParams() const { |
| 95 DCHECK_EQ(GetConnectionType(), HTTP_PROXY); | 87 DCHECK_EQ(GetConnectionType(), HTTP_PROXY); |
| 96 return http_proxy_params_; | 88 return http_proxy_params_; |
| 97 } | 89 } |
| 98 | 90 |
| 99 // Timeout for the SSL handshake portion of the connect. | 91 // Timeout for the SSL handshake portion of the connect. |
| 100 static const int kSSLHandshakeTimeoutInSeconds = 30; | 92 static const int kSSLHandshakeTimeoutInSeconds = 30; |
| 101 | 93 |
| 102 SSLConnectJob::SSLConnectJob(const std::string& group_name, | 94 SSLConnectJob::SSLConnectJob(const std::string& group_name, |
| 103 RequestPriority priority, | 95 RequestPriority priority, |
| 96 ClientSocketPool::IgnoreLimits ignore_limits, |
| 104 const scoped_refptr<SSLSocketParams>& params, | 97 const scoped_refptr<SSLSocketParams>& params, |
| 105 const base::TimeDelta& timeout_duration, | 98 const base::TimeDelta& timeout_duration, |
| 106 TransportClientSocketPool* transport_pool, | 99 TransportClientSocketPool* transport_pool, |
| 107 SOCKSClientSocketPool* socks_pool, | 100 SOCKSClientSocketPool* socks_pool, |
| 108 HttpProxyClientSocketPool* http_proxy_pool, | 101 HttpProxyClientSocketPool* http_proxy_pool, |
| 109 ClientSocketFactory* client_socket_factory, | 102 ClientSocketFactory* client_socket_factory, |
| 110 const SSLClientSocketContext& context, | 103 const SSLClientSocketContext& context, |
| 111 Delegate* delegate, | 104 Delegate* delegate, |
| 112 NetLog* net_log) | 105 NetLog* net_log) |
| 113 : ConnectJob(group_name, | 106 : ConnectJob(group_name, |
| 114 timeout_duration, | 107 timeout_duration, |
| 115 priority, | 108 priority, |
| 109 ignore_limits, |
| 116 delegate, | 110 delegate, |
| 117 BoundNetLog::Make(net_log, NetLog::SOURCE_CONNECT_JOB)), | 111 BoundNetLog::Make(net_log, NetLog::SOURCE_CONNECT_JOB)), |
| 118 params_(params), | 112 params_(params), |
| 119 transport_pool_(transport_pool), | 113 transport_pool_(transport_pool), |
| 120 socks_pool_(socks_pool), | 114 socks_pool_(socks_pool), |
| 121 http_proxy_pool_(http_proxy_pool), | 115 http_proxy_pool_(http_proxy_pool), |
| 122 client_socket_factory_(client_socket_factory), | 116 client_socket_factory_(client_socket_factory), |
| 123 context_(context.cert_verifier, | 117 context_(context.cert_verifier, |
| 124 context.channel_id_service, | 118 context.channel_id_service, |
| 125 context.transport_security_state, | 119 context.transport_security_state, |
| 126 context.cert_transparency_verifier, | 120 context.cert_transparency_verifier, |
| 127 context.ct_policy_enforcer, | 121 context.ct_policy_enforcer, |
| 128 (params->privacy_mode() == PRIVACY_MODE_ENABLED | 122 (params->privacy_mode() == PRIVACY_MODE_ENABLED |
| 129 ? "pm/" + context.ssl_session_cache_shard | 123 ? "pm/" + context.ssl_session_cache_shard |
| 130 : context.ssl_session_cache_shard)), | 124 : context.ssl_session_cache_shard)), |
| 131 callback_( | 125 callback_( |
| 132 base::Bind(&SSLConnectJob::OnIOComplete, base::Unretained(this))) { | 126 base::Bind(&SSLConnectJob::OnIOComplete, base::Unretained(this))) {} |
| 133 } | |
| 134 | 127 |
| 135 SSLConnectJob::~SSLConnectJob() { | 128 SSLConnectJob::~SSLConnectJob() { |
| 136 } | 129 } |
| 137 | 130 |
| 138 LoadState SSLConnectJob::GetLoadState() const { | 131 LoadState SSLConnectJob::GetLoadState() const { |
| 139 switch (next_state_) { | 132 switch (next_state_) { |
| 140 case STATE_TUNNEL_CONNECT_COMPLETE: | 133 case STATE_TUNNEL_CONNECT_COMPLETE: |
| 141 if (transport_socket_handle_->socket()) | 134 if (transport_socket_handle_->socket()) |
| 142 return LOAD_STATE_ESTABLISHING_PROXY_TUNNEL; | 135 return LOAD_STATE_ESTABLISHING_PROXY_TUNNEL; |
| 143 // else, fall through. | 136 // else, fall through. |
| (...skipping 81 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 225 } | 218 } |
| 226 | 219 |
| 227 int SSLConnectJob::DoTransportConnect() { | 220 int SSLConnectJob::DoTransportConnect() { |
| 228 DCHECK(transport_pool_); | 221 DCHECK(transport_pool_); |
| 229 | 222 |
| 230 next_state_ = STATE_TRANSPORT_CONNECT_COMPLETE; | 223 next_state_ = STATE_TRANSPORT_CONNECT_COMPLETE; |
| 231 transport_socket_handle_.reset(new ClientSocketHandle()); | 224 transport_socket_handle_.reset(new ClientSocketHandle()); |
| 232 scoped_refptr<TransportSocketParams> direct_params = | 225 scoped_refptr<TransportSocketParams> direct_params = |
| 233 params_->GetDirectConnectionParams(); | 226 params_->GetDirectConnectionParams(); |
| 234 return transport_socket_handle_->Init(group_name(), direct_params, priority(), | 227 return transport_socket_handle_->Init(group_name(), direct_params, priority(), |
| 235 callback_, transport_pool_, net_log()); | 228 ignore_limits(), callback_, |
| 229 transport_pool_, net_log()); |
| 236 } | 230 } |
| 237 | 231 |
| 238 int SSLConnectJob::DoTransportConnectComplete(int result) { | 232 int SSLConnectJob::DoTransportConnectComplete(int result) { |
| 239 connection_attempts_ = transport_socket_handle_->connection_attempts(); | 233 connection_attempts_ = transport_socket_handle_->connection_attempts(); |
| 240 if (result == OK) { | 234 if (result == OK) { |
| 241 next_state_ = STATE_SSL_CONNECT; | 235 next_state_ = STATE_SSL_CONNECT; |
| 242 transport_socket_handle_->socket()->GetPeerAddress(&server_address_); | 236 transport_socket_handle_->socket()->GetPeerAddress(&server_address_); |
| 243 } | 237 } |
| 244 | 238 |
| 245 return result; | 239 return result; |
| 246 } | 240 } |
| 247 | 241 |
| 248 int SSLConnectJob::DoSOCKSConnect() { | 242 int SSLConnectJob::DoSOCKSConnect() { |
| 249 DCHECK(socks_pool_); | 243 DCHECK(socks_pool_); |
| 250 next_state_ = STATE_SOCKS_CONNECT_COMPLETE; | 244 next_state_ = STATE_SOCKS_CONNECT_COMPLETE; |
| 251 transport_socket_handle_.reset(new ClientSocketHandle()); | 245 transport_socket_handle_.reset(new ClientSocketHandle()); |
| 252 scoped_refptr<SOCKSSocketParams> socks_proxy_params = | 246 scoped_refptr<SOCKSSocketParams> socks_proxy_params = |
| 253 params_->GetSocksProxyConnectionParams(); | 247 params_->GetSocksProxyConnectionParams(); |
| 254 return transport_socket_handle_->Init(group_name(), socks_proxy_params, | 248 return transport_socket_handle_->Init(group_name(), socks_proxy_params, |
| 255 priority(), callback_, socks_pool_, | 249 priority(), ignore_limits(), callback_, |
| 256 net_log()); | 250 socks_pool_, net_log()); |
| 257 } | 251 } |
| 258 | 252 |
| 259 int SSLConnectJob::DoSOCKSConnectComplete(int result) { | 253 int SSLConnectJob::DoSOCKSConnectComplete(int result) { |
| 260 if (result == OK) | 254 if (result == OK) |
| 261 next_state_ = STATE_SSL_CONNECT; | 255 next_state_ = STATE_SSL_CONNECT; |
| 262 | 256 |
| 263 return result; | 257 return result; |
| 264 } | 258 } |
| 265 | 259 |
| 266 int SSLConnectJob::DoTunnelConnect() { | 260 int SSLConnectJob::DoTunnelConnect() { |
| 267 DCHECK(http_proxy_pool_); | 261 DCHECK(http_proxy_pool_); |
| 268 next_state_ = STATE_TUNNEL_CONNECT_COMPLETE; | 262 next_state_ = STATE_TUNNEL_CONNECT_COMPLETE; |
| 269 | 263 |
| 270 transport_socket_handle_.reset(new ClientSocketHandle()); | 264 transport_socket_handle_.reset(new ClientSocketHandle()); |
| 271 scoped_refptr<HttpProxySocketParams> http_proxy_params = | 265 scoped_refptr<HttpProxySocketParams> http_proxy_params = |
| 272 params_->GetHttpProxyConnectionParams(); | 266 params_->GetHttpProxyConnectionParams(); |
| 273 return transport_socket_handle_->Init(group_name(), http_proxy_params, | 267 return transport_socket_handle_->Init(group_name(), http_proxy_params, |
| 274 priority(), callback_, http_proxy_pool_, | 268 priority(), ignore_limits(), callback_, |
| 275 net_log()); | 269 http_proxy_pool_, net_log()); |
| 276 } | 270 } |
| 277 | 271 |
| 278 int SSLConnectJob::DoTunnelConnectComplete(int result) { | 272 int SSLConnectJob::DoTunnelConnectComplete(int result) { |
| 279 // Extract the information needed to prompt for appropriate proxy | 273 // Extract the information needed to prompt for appropriate proxy |
| 280 // authentication so that when ClientSocketPoolBaseHelper calls | 274 // authentication so that when ClientSocketPoolBaseHelper calls |
| 281 // |GetAdditionalErrorState|, we can easily set the state. | 275 // |GetAdditionalErrorState|, we can easily set the state. |
| 282 if (result == ERR_SSL_CLIENT_AUTH_CERT_NEEDED) { | 276 if (result == ERR_SSL_CLIENT_AUTH_CERT_NEEDED) { |
| 283 error_response_info_ = transport_socket_handle_->ssl_error_response_info(); | 277 error_response_info_ = transport_socket_handle_->ssl_error_response_info(); |
| 284 } else if (result == ERR_PROXY_AUTH_REQUESTED || | 278 } else if (result == ERR_PROXY_AUTH_REQUESTED || |
| 285 result == ERR_HTTPS_PROXY_TUNNEL_RESPONSE) { | 279 result == ERR_HTTPS_PROXY_TUNNEL_RESPONSE) { |
| (...skipping 265 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 551 | 545 |
| 552 SSLClientSocketPool::~SSLClientSocketPool() { | 546 SSLClientSocketPool::~SSLClientSocketPool() { |
| 553 if (ssl_config_service_.get()) | 547 if (ssl_config_service_.get()) |
| 554 ssl_config_service_->RemoveObserver(this); | 548 ssl_config_service_->RemoveObserver(this); |
| 555 } | 549 } |
| 556 | 550 |
| 557 scoped_ptr<ConnectJob> SSLClientSocketPool::SSLConnectJobFactory::NewConnectJob( | 551 scoped_ptr<ConnectJob> SSLClientSocketPool::SSLConnectJobFactory::NewConnectJob( |
| 558 const std::string& group_name, | 552 const std::string& group_name, |
| 559 const PoolBase::Request& request, | 553 const PoolBase::Request& request, |
| 560 ConnectJob::Delegate* delegate) const { | 554 ConnectJob::Delegate* delegate) const { |
| 561 return scoped_ptr<ConnectJob>(new SSLConnectJob(group_name, | 555 return scoped_ptr<ConnectJob>(new SSLConnectJob( |
| 562 request.priority(), | 556 group_name, request.priority(), request.ignore_limits(), request.params(), |
| 563 request.params(), | 557 ConnectionTimeout(), transport_pool_, socks_pool_, http_proxy_pool_, |
| 564 ConnectionTimeout(), | 558 client_socket_factory_, context_, delegate, net_log_)); |
| 565 transport_pool_, | |
| 566 socks_pool_, | |
| 567 http_proxy_pool_, | |
| 568 client_socket_factory_, | |
| 569 context_, | |
| 570 delegate, | |
| 571 net_log_)); | |
| 572 } | 559 } |
| 573 | 560 |
| 574 base::TimeDelta SSLClientSocketPool::SSLConnectJobFactory::ConnectionTimeout() | 561 base::TimeDelta SSLClientSocketPool::SSLConnectJobFactory::ConnectionTimeout() |
| 575 const { | 562 const { |
| 576 return timeout_; | 563 return timeout_; |
| 577 } | 564 } |
| 578 | 565 |
| 579 int SSLClientSocketPool::RequestSocket(const std::string& group_name, | 566 int SSLClientSocketPool::RequestSocket(const std::string& group_name, |
| 580 const void* socket_params, | 567 const void* socket_params, |
| 581 RequestPriority priority, | 568 RequestPriority priority, |
| 569 IgnoreLimits ignore_limits, |
| 582 ClientSocketHandle* handle, | 570 ClientSocketHandle* handle, |
| 583 const CompletionCallback& callback, | 571 const CompletionCallback& callback, |
| 584 const BoundNetLog& net_log) { | 572 const BoundNetLog& net_log) { |
| 585 const scoped_refptr<SSLSocketParams>* casted_socket_params = | 573 const scoped_refptr<SSLSocketParams>* casted_socket_params = |
| 586 static_cast<const scoped_refptr<SSLSocketParams>*>(socket_params); | 574 static_cast<const scoped_refptr<SSLSocketParams>*>(socket_params); |
| 587 | 575 |
| 588 return base_.RequestSocket(group_name, *casted_socket_params, priority, | 576 return base_.RequestSocket(group_name, *casted_socket_params, priority, |
| 589 handle, callback, net_log); | 577 ignore_limits, handle, callback, net_log); |
| 590 } | 578 } |
| 591 | 579 |
| 592 void SSLClientSocketPool::RequestSockets( | 580 void SSLClientSocketPool::RequestSockets( |
| 593 const std::string& group_name, | 581 const std::string& group_name, |
| 594 const void* params, | 582 const void* params, |
| 595 int num_sockets, | 583 int num_sockets, |
| 596 const BoundNetLog& net_log) { | 584 const BoundNetLog& net_log) { |
| 597 const scoped_refptr<SSLSocketParams>* casted_params = | 585 const scoped_refptr<SSLSocketParams>* casted_params = |
| 598 static_cast<const scoped_refptr<SSLSocketParams>*>(params); | 586 static_cast<const scoped_refptr<SSLSocketParams>*>(params); |
| 599 | 587 |
| (...skipping 81 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 681 if (base_.CloseOneIdleSocket()) | 669 if (base_.CloseOneIdleSocket()) |
| 682 return true; | 670 return true; |
| 683 return base_.CloseOneIdleConnectionInHigherLayeredPool(); | 671 return base_.CloseOneIdleConnectionInHigherLayeredPool(); |
| 684 } | 672 } |
| 685 | 673 |
| 686 void SSLClientSocketPool::OnSSLConfigChanged() { | 674 void SSLClientSocketPool::OnSSLConfigChanged() { |
| 687 FlushWithError(ERR_NETWORK_CHANGED); | 675 FlushWithError(ERR_NETWORK_CHANGED); |
| 688 } | 676 } |
| 689 | 677 |
| 690 } // namespace net | 678 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1580903002:
Convert ignore_limits from a SocketParam to a socket request argument. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master