Chromium Code Reviews Chromium Code Reviews
Issue 169643006:
Use sockets with unread data if they've never been used before. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived | 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived |
| 6 // from AuthCertificateCallback() in | 6 // from AuthCertificateCallback() in |
| 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. | 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. |
| 8 | 8 |
| 9 /* ***** BEGIN LICENSE BLOCK ***** | 9 /* ***** BEGIN LICENSE BLOCK ***** |
| 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
| (...skipping 621 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 632 // Read() and Write() mirror the net::Socket functions of the same name. | 632 // Read() and Write() mirror the net::Socket functions of the same name. |
| 633 // If ERR_IO_PENDING is returned, |callback| will be invoked on the network | 633 // If ERR_IO_PENDING is returned, |callback| will be invoked on the network |
| 634 // task runner at a later point, unless the caller calls Detach(). | 634 // task runner at a later point, unless the caller calls Detach(). |
| 635 int Read(IOBuffer* buf, int buf_len, const CompletionCallback& callback); | 635 int Read(IOBuffer* buf, int buf_len, const CompletionCallback& callback); |
| 636 int Write(IOBuffer* buf, int buf_len, const CompletionCallback& callback); | 636 int Write(IOBuffer* buf, int buf_len, const CompletionCallback& callback); |
| 637 | 637 |
| 638 // Called on the network task runner. | 638 // Called on the network task runner. |
| 639 bool IsConnected(); | 639 bool IsConnected(); |
| 640 bool HasPendingAsyncOperation(); | 640 bool HasPendingAsyncOperation(); |
| 641 bool HasUnhandledReceivedData(); | 641 bool HasUnhandledReceivedData(); |
| 642 bool WasEverUsed(); | |
| 642 | 643 |
| 643 // Called on the network task runner. | 644 // Called on the network task runner. |
| 644 // Causes the associated SSL/TLS session ID to be added to NSS's session | 645 // Causes the associated SSL/TLS session ID to be added to NSS's session |
| 645 // cache, but only if the connection has not been False Started. | 646 // cache, but only if the connection has not been False Started. |
| 646 // | 647 // |
| 647 // This should only be called after the server's certificate has been | 648 // This should only be called after the server's certificate has been |
| 648 // verified, and may not be called within an NSS callback. | 649 // verified, and may not be called within an NSS callback. |
| 649 void CacheSessionIfNecessary(); | 650 void CacheSessionIfNecessary(); |
| 650 | 651 |
| 651 private: | 652 private: |
| (...skipping 181 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 833 | 834 |
| 834 // The service for retrieving Channel ID keys. May be NULL. | 835 // The service for retrieving Channel ID keys. May be NULL. |
| 835 ServerBoundCertService* server_bound_cert_service_; | 836 ServerBoundCertService* server_bound_cert_service_; |
| 836 ServerBoundCertService::RequestHandle domain_bound_cert_request_handle_; | 837 ServerBoundCertService::RequestHandle domain_bound_cert_request_handle_; |
| 837 | 838 |
| 838 // The information about NSS task runner. | 839 // The information about NSS task runner. |
| 839 int unhandled_buffer_size_; | 840 int unhandled_buffer_size_; |
| 840 bool nss_waiting_read_; | 841 bool nss_waiting_read_; |
| 841 bool nss_waiting_write_; | 842 bool nss_waiting_write_; |
| 842 bool nss_is_closed_; | 843 bool nss_is_closed_; |
| 844 bool was_used_to_convey_data_; | |
|
wtc
2014/03/19 00:17:46
Nit: document this member. I copied your comment f
davidben
2014/03/25 19:50:18
Done.
| |
| 843 | 845 |
| 844 //////////////////////////////////////////////////////////////////////////// | 846 //////////////////////////////////////////////////////////////////////////// |
| 845 // Members that are ONLY accessed on the NSS task runner: | 847 // Members that are ONLY accessed on the NSS task runner: |
| 846 //////////////////////////////////////////////////////////////////////////// | 848 //////////////////////////////////////////////////////////////////////////// |
| 847 HostPortPair host_and_port_; | 849 HostPortPair host_and_port_; |
| 848 SSLConfig ssl_config_; | 850 SSLConfig ssl_config_; |
| 849 | 851 |
| 850 // NSS SSL socket. | 852 // NSS SSL socket. |
| 851 PRFileDesc* nss_fd_; | 853 PRFileDesc* nss_fd_; |
| 852 | 854 |
| (...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 929 BoundNetLog* net_log, | 931 BoundNetLog* net_log, |
| 930 ServerBoundCertService* server_bound_cert_service) | 932 ServerBoundCertService* server_bound_cert_service) |
| 931 : detached_(false), | 933 : detached_(false), |
| 932 transport_(transport), | 934 transport_(transport), |
| 933 weak_net_log_factory_(net_log), | 935 weak_net_log_factory_(net_log), |
| 934 server_bound_cert_service_(server_bound_cert_service), | 936 server_bound_cert_service_(server_bound_cert_service), |
| 935 unhandled_buffer_size_(0), | 937 unhandled_buffer_size_(0), |
| 936 nss_waiting_read_(false), | 938 nss_waiting_read_(false), |
| 937 nss_waiting_write_(false), | 939 nss_waiting_write_(false), |
| 938 nss_is_closed_(false), | 940 nss_is_closed_(false), |
| 941 was_used_to_convey_data_(false), | |
| 939 host_and_port_(host_and_port), | 942 host_and_port_(host_and_port), |
| 940 ssl_config_(ssl_config), | 943 ssl_config_(ssl_config), |
| 941 nss_fd_(NULL), | 944 nss_fd_(NULL), |
| 942 nss_bufs_(NULL), | 945 nss_bufs_(NULL), |
| 943 pending_read_result_(kNoPendingReadResult), | 946 pending_read_result_(kNoPendingReadResult), |
| 944 pending_read_nss_error_(0), | 947 pending_read_nss_error_(0), |
| 945 next_handshake_state_(STATE_NONE), | 948 next_handshake_state_(STATE_NONE), |
| 946 channel_id_xtn_negotiated_(false), | 949 channel_id_xtn_negotiated_(false), |
| 947 channel_id_needed_(false), | 950 channel_id_needed_(false), |
| 948 client_auth_cert_needed_(false), | 951 client_auth_cert_needed_(false), |
| (...skipping 192 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1141 } else { | 1144 } else { |
| 1142 user_read_buf_ = NULL; | 1145 user_read_buf_ = NULL; |
| 1143 user_read_buf_len_ = 0; | 1146 user_read_buf_len_ = 0; |
| 1144 | 1147 |
| 1145 if (!OnNetworkTaskRunner()) { | 1148 if (!OnNetworkTaskRunner()) { |
| 1146 PostOrRunCallback(FROM_HERE, base::Bind(&Core::DidNSSRead, this, rv)); | 1149 PostOrRunCallback(FROM_HERE, base::Bind(&Core::DidNSSRead, this, rv)); |
| 1147 PostOrRunCallback(FROM_HERE, base::Bind(callback, rv)); | 1150 PostOrRunCallback(FROM_HERE, base::Bind(callback, rv)); |
| 1148 return ERR_IO_PENDING; | 1151 return ERR_IO_PENDING; |
| 1149 } else { | 1152 } else { |
| 1150 DCHECK(!nss_waiting_read_); | 1153 DCHECK(!nss_waiting_read_); |
| 1151 if (rv <= 0) | 1154 if (rv <= 0) { |
| 1152 nss_is_closed_ = true; | 1155 nss_is_closed_ = true; |
| 1156 } else { | |
| 1157 was_used_to_convey_data_ = true; | |
| 1158 } | |
| 1153 } | 1159 } |
| 1154 } | 1160 } |
| 1155 | 1161 |
| 1156 return rv; | 1162 return rv; |
| 1157 } | 1163 } |
| 1158 | 1164 |
| 1159 int SSLClientSocketNSS::Core::Write(IOBuffer* buf, int buf_len, | 1165 int SSLClientSocketNSS::Core::Write(IOBuffer* buf, int buf_len, |
| 1160 const CompletionCallback& callback) { | 1166 const CompletionCallback& callback) { |
| 1161 if (!OnNSSTaskRunner()) { | 1167 if (!OnNSSTaskRunner()) { |
| 1162 DCHECK(OnNetworkTaskRunner()); | 1168 DCHECK(OnNetworkTaskRunner()); |
| (...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1195 } else { | 1201 } else { |
| 1196 user_write_buf_ = NULL; | 1202 user_write_buf_ = NULL; |
| 1197 user_write_buf_len_ = 0; | 1203 user_write_buf_len_ = 0; |
| 1198 | 1204 |
| 1199 if (!OnNetworkTaskRunner()) { | 1205 if (!OnNetworkTaskRunner()) { |
| 1200 PostOrRunCallback(FROM_HERE, base::Bind(&Core::DidNSSWrite, this, rv)); | 1206 PostOrRunCallback(FROM_HERE, base::Bind(&Core::DidNSSWrite, this, rv)); |
| 1201 PostOrRunCallback(FROM_HERE, base::Bind(callback, rv)); | 1207 PostOrRunCallback(FROM_HERE, base::Bind(callback, rv)); |
| 1202 return ERR_IO_PENDING; | 1208 return ERR_IO_PENDING; |
| 1203 } else { | 1209 } else { |
| 1204 DCHECK(!nss_waiting_write_); | 1210 DCHECK(!nss_waiting_write_); |
| 1205 if (rv < 0) | 1211 if (rv < 0) { |
| 1206 nss_is_closed_ = true; | 1212 nss_is_closed_ = true; |
| 1213 } else { | |
|
wtc
2014/03/19 00:17:46
We may want to test rv > 0 here because the condit
davidben
2014/03/25 19:50:18
Done.
| |
| 1214 was_used_to_convey_data_ = true; | |
| 1215 } | |
| 1207 } | 1216 } |
| 1208 } | 1217 } |
| 1209 | 1218 |
| 1210 return rv; | 1219 return rv; |
| 1211 } | 1220 } |
| 1212 | 1221 |
| 1213 bool SSLClientSocketNSS::Core::IsConnected() { | 1222 bool SSLClientSocketNSS::Core::IsConnected() { |
| 1214 DCHECK(OnNetworkTaskRunner()); | 1223 DCHECK(OnNetworkTaskRunner()); |
| 1215 return !nss_is_closed_; | 1224 return !nss_is_closed_; |
| 1216 } | 1225 } |
| 1217 | 1226 |
| 1218 bool SSLClientSocketNSS::Core::HasPendingAsyncOperation() { | 1227 bool SSLClientSocketNSS::Core::HasPendingAsyncOperation() { |
| 1219 DCHECK(OnNetworkTaskRunner()); | 1228 DCHECK(OnNetworkTaskRunner()); |
| 1220 return nss_waiting_read_ || nss_waiting_write_; | 1229 return nss_waiting_read_ || nss_waiting_write_; |
| 1221 } | 1230 } |
| 1222 | 1231 |
| 1223 bool SSLClientSocketNSS::Core::HasUnhandledReceivedData() { | 1232 bool SSLClientSocketNSS::Core::HasUnhandledReceivedData() { |
| 1224 DCHECK(OnNetworkTaskRunner()); | 1233 DCHECK(OnNetworkTaskRunner()); |
| 1225 return unhandled_buffer_size_ != 0; | 1234 return unhandled_buffer_size_ != 0; |
| 1226 } | 1235 } |
| 1227 | 1236 |
| 1237 bool SSLClientSocketNSS::Core::WasEverUsed() { | |
| 1238 DCHECK(OnNetworkTaskRunner()); | |
| 1239 return was_used_to_convey_data_; | |
| 1240 } | |
| 1241 | |
| 1228 void SSLClientSocketNSS::Core::CacheSessionIfNecessary() { | 1242 void SSLClientSocketNSS::Core::CacheSessionIfNecessary() { |
| 1229 // TODO(rsleevi): This should occur on the NSS task runner, due to the use of | 1243 // TODO(rsleevi): This should occur on the NSS task runner, due to the use of |
| 1230 // nss_fd_. However, it happens on the network task runner in order to match | 1244 // nss_fd_. However, it happens on the network task runner in order to match |
| 1231 // the buggy behavior of ExportKeyingMaterial. | 1245 // the buggy behavior of ExportKeyingMaterial. |
| 1232 // | 1246 // |
| 1233 // Once http://crbug.com/330360 is fixed, this should be moved to an | 1247 // Once http://crbug.com/330360 is fixed, this should be moved to an |
| 1234 // implementation that exclusively does this work on the NSS TaskRunner. This | 1248 // implementation that exclusively does this work on the NSS TaskRunner. This |
| 1235 // is "safe" because it is only called during the certificate verification | 1249 // is "safe" because it is only called during the certificate verification |
| 1236 // state machine of the main socket, which is safe because no underlying | 1250 // state machine of the main socket, which is safe because no underlying |
| 1237 // transport IO will be occuring in that state, and NSS will not be blocking | 1251 // transport IO will be occuring in that state, and NSS will not be blocking |
| (...skipping 1411 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 2649 | 2663 |
| 2650 void SSLClientSocketNSS::Core::OnNSSBufferUpdated(int amount_in_read_buffer) { | 2664 void SSLClientSocketNSS::Core::OnNSSBufferUpdated(int amount_in_read_buffer) { |
| 2651 DCHECK(OnNetworkTaskRunner()); | 2665 DCHECK(OnNetworkTaskRunner()); |
| 2652 unhandled_buffer_size_ = amount_in_read_buffer; | 2666 unhandled_buffer_size_ = amount_in_read_buffer; |
| 2653 } | 2667 } |
| 2654 | 2668 |
| 2655 void SSLClientSocketNSS::Core::DidNSSRead(int result) { | 2669 void SSLClientSocketNSS::Core::DidNSSRead(int result) { |
| 2656 DCHECK(OnNetworkTaskRunner()); | 2670 DCHECK(OnNetworkTaskRunner()); |
| 2657 DCHECK(nss_waiting_read_); | 2671 DCHECK(nss_waiting_read_); |
| 2658 nss_waiting_read_ = false; | 2672 nss_waiting_read_ = false; |
| 2659 if (result <= 0) | 2673 if (result <= 0) { |
| 2660 nss_is_closed_ = true; | 2674 nss_is_closed_ = true; |
| 2675 } else { | |
| 2676 was_used_to_convey_data_ = true; | |
| 2677 } | |
| 2661 } | 2678 } |
| 2662 | 2679 |
| 2663 void SSLClientSocketNSS::Core::DidNSSWrite(int result) { | 2680 void SSLClientSocketNSS::Core::DidNSSWrite(int result) { |
| 2664 DCHECK(OnNetworkTaskRunner()); | 2681 DCHECK(OnNetworkTaskRunner()); |
| 2665 DCHECK(nss_waiting_write_); | 2682 DCHECK(nss_waiting_write_); |
| 2666 nss_waiting_write_ = false; | 2683 nss_waiting_write_ = false; |
| 2667 if (result < 0) | 2684 if (result < 0) { |
| 2668 nss_is_closed_ = true; | 2685 nss_is_closed_ = true; |
| 2686 } else { | |
|
wtc
2014/03/19 00:17:46
We may want to test rv > 0 here because the condit
davidben
2014/03/25 19:50:18
Done.
| |
| 2687 was_used_to_convey_data_ = true; | |
| 2688 } | |
| 2669 } | 2689 } |
| 2670 | 2690 |
| 2671 void SSLClientSocketNSS::Core::BufferSendComplete(int result) { | 2691 void SSLClientSocketNSS::Core::BufferSendComplete(int result) { |
| 2672 if (!OnNSSTaskRunner()) { | 2692 if (!OnNSSTaskRunner()) { |
| 2673 if (detached_) | 2693 if (detached_) |
| 2674 return; | 2694 return; |
| 2675 | 2695 |
| 2676 nss_task_runner_->PostTask( | 2696 nss_task_runner_->PostTask( |
| 2677 FROM_HERE, base::Bind(&Core::BufferSendComplete, this, result)); | 2697 FROM_HERE, base::Bind(&Core::BufferSendComplete, this, result)); |
| 2678 return; | 2698 return; |
| (...skipping 339 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 3018 | 3038 |
| 3019 void SSLClientSocketNSS::SetOmniboxSpeculation() { | 3039 void SSLClientSocketNSS::SetOmniboxSpeculation() { |
| 3020 if (transport_.get() && transport_->socket()) { | 3040 if (transport_.get() && transport_->socket()) { |
| 3021 transport_->socket()->SetOmniboxSpeculation(); | 3041 transport_->socket()->SetOmniboxSpeculation(); |
| 3022 } else { | 3042 } else { |
| 3023 NOTREACHED(); | 3043 NOTREACHED(); |
| 3024 } | 3044 } |
| 3025 } | 3045 } |
| 3026 | 3046 |
| 3027 bool SSLClientSocketNSS::WasEverUsed() const { | 3047 bool SSLClientSocketNSS::WasEverUsed() const { |
| 3028 if (transport_.get() && transport_->socket()) { | 3048 DCHECK(core_.get()); |
| 3029 return transport_->socket()->WasEverUsed(); | 3049 |
| 3030 } | 3050 return core_->WasEverUsed(); |
| 3031 NOTREACHED(); | |
| 3032 return false; | |
| 3033 } | 3051 } |
| 3034 | 3052 |
| 3035 bool SSLClientSocketNSS::UsingTCPFastOpen() const { | 3053 bool SSLClientSocketNSS::UsingTCPFastOpen() const { |
| 3036 if (transport_.get() && transport_->socket()) { | 3054 if (transport_.get() && transport_->socket()) { |
| 3037 return transport_->socket()->UsingTCPFastOpen(); | 3055 return transport_->socket()->UsingTCPFastOpen(); |
| 3038 } | 3056 } |
| 3039 NOTREACHED(); | 3057 NOTREACHED(); |
| 3040 return false; | 3058 return false; |
| 3041 } | 3059 } |
| 3042 | 3060 |
| (...skipping 544 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 3587 SignedCertificateTimestampAndStatus(*iter, | 3605 SignedCertificateTimestampAndStatus(*iter, |
| 3588 ct::SCT_STATUS_LOG_UNKNOWN)); | 3606 ct::SCT_STATUS_LOG_UNKNOWN)); |
| 3589 } | 3607 } |
| 3590 } | 3608 } |
| 3591 | 3609 |
| 3592 ServerBoundCertService* SSLClientSocketNSS::GetServerBoundCertService() const { | 3610 ServerBoundCertService* SSLClientSocketNSS::GetServerBoundCertService() const { |
| 3593 return server_bound_cert_service_; | 3611 return server_bound_cert_service_; |
| 3594 } | 3612 } |
| 3595 | 3613 |
| 3596 } // namespace net | 3614 } // namespace net |
| OLD | NEW |
