Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(271)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/socket/ssl_client_socket_nss.cc

Issue 169643006: Use sockets with unread data if they've never been used before. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: wtc and mmenke comments Created 6 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« net/socket/client_socket_pool_base_unittest.cc ('K') | « net/socket/socks_client_socket.cc ('k') | net/socket/ssl_client_socket_openssl.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived
6 // from AuthCertificateCallback() in 6 // from AuthCertificateCallback() in
7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp.
8 8
9 /* ***** BEGIN LICENSE BLOCK ***** 9 /* ***** BEGIN LICENSE BLOCK *****
10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
(...skipping 621 matching lines...) Expand 10 before | Expand all | Expand 10 after
632 // Read() and Write() mirror the net::Socket functions of the same name. 632 // Read() and Write() mirror the net::Socket functions of the same name.
633 // If ERR_IO_PENDING is returned, |callback| will be invoked on the network 633 // If ERR_IO_PENDING is returned, |callback| will be invoked on the network
634 // task runner at a later point, unless the caller calls Detach(). 634 // task runner at a later point, unless the caller calls Detach().
635 int Read(IOBuffer* buf, int buf_len, const CompletionCallback& callback); 635 int Read(IOBuffer* buf, int buf_len, const CompletionCallback& callback);
636 int Write(IOBuffer* buf, int buf_len, const CompletionCallback& callback); 636 int Write(IOBuffer* buf, int buf_len, const CompletionCallback& callback);
637 637
638 // Called on the network task runner. 638 // Called on the network task runner.
639 bool IsConnected(); 639 bool IsConnected();
640 bool HasPendingAsyncOperation(); 640 bool HasPendingAsyncOperation();
641 bool HasUnhandledReceivedData(); 641 bool HasUnhandledReceivedData();
642 bool WasEverUsed();
642 643
643 // Called on the network task runner. 644 // Called on the network task runner.
644 // Causes the associated SSL/TLS session ID to be added to NSS's session 645 // Causes the associated SSL/TLS session ID to be added to NSS's session
645 // cache, but only if the connection has not been False Started. 646 // cache, but only if the connection has not been False Started.
646 // 647 //
647 // This should only be called after the server's certificate has been 648 // This should only be called after the server's certificate has been
648 // verified, and may not be called within an NSS callback. 649 // verified, and may not be called within an NSS callback.
649 void CacheSessionIfNecessary(); 650 void CacheSessionIfNecessary();
650 651
651 private: 652 private:
(...skipping 182 matching lines...) Expand 10 before | Expand all | Expand 10 after
834 // The service for retrieving Channel ID keys. May be NULL. 835 // The service for retrieving Channel ID keys. May be NULL.
835 ServerBoundCertService* server_bound_cert_service_; 836 ServerBoundCertService* server_bound_cert_service_;
836 ServerBoundCertService::RequestHandle domain_bound_cert_request_handle_; 837 ServerBoundCertService::RequestHandle domain_bound_cert_request_handle_;
837 838
838 // The information about NSS task runner. 839 // The information about NSS task runner.
839 int unhandled_buffer_size_; 840 int unhandled_buffer_size_;
840 bool nss_waiting_read_; 841 bool nss_waiting_read_;
841 bool nss_waiting_write_; 842 bool nss_waiting_write_;
842 bool nss_is_closed_; 843 bool nss_is_closed_;
843 844
845 // Set when Read() or Write() successfully reads or writes data to or from the
846 // network.
847 bool was_ever_used_;
848
844 //////////////////////////////////////////////////////////////////////////// 849 ////////////////////////////////////////////////////////////////////////////
845 // Members that are ONLY accessed on the NSS task runner: 850 // Members that are ONLY accessed on the NSS task runner:
846 //////////////////////////////////////////////////////////////////////////// 851 ////////////////////////////////////////////////////////////////////////////
847 HostPortPair host_and_port_; 852 HostPortPair host_and_port_;
848 SSLConfig ssl_config_; 853 SSLConfig ssl_config_;
849 854
850 // NSS SSL socket. 855 // NSS SSL socket.
851 PRFileDesc* nss_fd_; 856 PRFileDesc* nss_fd_;
852 857
853 // Buffers for the network end of the SSL state machine 858 // Buffers for the network end of the SSL state machine
(...skipping 75 matching lines...) Expand 10 before | Expand all | Expand 10 after
929 BoundNetLog* net_log, 934 BoundNetLog* net_log,
930 ServerBoundCertService* server_bound_cert_service) 935 ServerBoundCertService* server_bound_cert_service)
931 : detached_(false), 936 : detached_(false),
932 transport_(transport), 937 transport_(transport),
933 weak_net_log_factory_(net_log), 938 weak_net_log_factory_(net_log),
934 server_bound_cert_service_(server_bound_cert_service), 939 server_bound_cert_service_(server_bound_cert_service),
935 unhandled_buffer_size_(0), 940 unhandled_buffer_size_(0),
936 nss_waiting_read_(false), 941 nss_waiting_read_(false),
937 nss_waiting_write_(false), 942 nss_waiting_write_(false),
938 nss_is_closed_(false), 943 nss_is_closed_(false),
944 was_ever_used_(false),
939 host_and_port_(host_and_port), 945 host_and_port_(host_and_port),
940 ssl_config_(ssl_config), 946 ssl_config_(ssl_config),
941 nss_fd_(NULL), 947 nss_fd_(NULL),
942 nss_bufs_(NULL), 948 nss_bufs_(NULL),
943 pending_read_result_(kNoPendingReadResult), 949 pending_read_result_(kNoPendingReadResult),
944 pending_read_nss_error_(0), 950 pending_read_nss_error_(0),
945 next_handshake_state_(STATE_NONE), 951 next_handshake_state_(STATE_NONE),
946 channel_id_xtn_negotiated_(false), 952 channel_id_xtn_negotiated_(false),
947 channel_id_needed_(false), 953 channel_id_needed_(false),
948 client_auth_cert_needed_(false), 954 client_auth_cert_needed_(false),
(...skipping 192 matching lines...) Expand 10 before | Expand all | Expand 10 after
1141 } else { 1147 } else {
1142 user_read_buf_ = NULL; 1148 user_read_buf_ = NULL;
1143 user_read_buf_len_ = 0; 1149 user_read_buf_len_ = 0;
1144 1150
1145 if (!OnNetworkTaskRunner()) { 1151 if (!OnNetworkTaskRunner()) {
1146 PostOrRunCallback(FROM_HERE, base::Bind(&Core::DidNSSRead, this, rv)); 1152 PostOrRunCallback(FROM_HERE, base::Bind(&Core::DidNSSRead, this, rv));
1147 PostOrRunCallback(FROM_HERE, base::Bind(callback, rv)); 1153 PostOrRunCallback(FROM_HERE, base::Bind(callback, rv));
1148 return ERR_IO_PENDING; 1154 return ERR_IO_PENDING;
1149 } else { 1155 } else {
1150 DCHECK(!nss_waiting_read_); 1156 DCHECK(!nss_waiting_read_);
1151 if (rv <= 0) 1157 if (rv <= 0) {
1152 nss_is_closed_ = true; 1158 nss_is_closed_ = true;
1159 } else {
1160 was_ever_used_ = true;
1161 }
1153 } 1162 }
1154 } 1163 }
1155 1164
1156 return rv; 1165 return rv;
1157 } 1166 }
1158 1167
1159 int SSLClientSocketNSS::Core::Write(IOBuffer* buf, int buf_len, 1168 int SSLClientSocketNSS::Core::Write(IOBuffer* buf, int buf_len,
1160 const CompletionCallback& callback) { 1169 const CompletionCallback& callback) {
1161 if (!OnNSSTaskRunner()) { 1170 if (!OnNSSTaskRunner()) {
1162 DCHECK(OnNetworkTaskRunner()); 1171 DCHECK(OnNetworkTaskRunner());
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after
1195 } else { 1204 } else {
1196 user_write_buf_ = NULL; 1205 user_write_buf_ = NULL;
1197 user_write_buf_len_ = 0; 1206 user_write_buf_len_ = 0;
1198 1207
1199 if (!OnNetworkTaskRunner()) { 1208 if (!OnNetworkTaskRunner()) {
1200 PostOrRunCallback(FROM_HERE, base::Bind(&Core::DidNSSWrite, this, rv)); 1209 PostOrRunCallback(FROM_HERE, base::Bind(&Core::DidNSSWrite, this, rv));
1201 PostOrRunCallback(FROM_HERE, base::Bind(callback, rv)); 1210 PostOrRunCallback(FROM_HERE, base::Bind(callback, rv));
1202 return ERR_IO_PENDING; 1211 return ERR_IO_PENDING;
1203 } else { 1212 } else {
1204 DCHECK(!nss_waiting_write_); 1213 DCHECK(!nss_waiting_write_);
1205 if (rv < 0) 1214 if (rv < 0) {
1206 nss_is_closed_ = true; 1215 nss_is_closed_ = true;
1216 } else if (rv > 0) {
1217 was_ever_used_ = true;
1218 }
1207 } 1219 }
1208 } 1220 }
1209 1221
1210 return rv; 1222 return rv;
1211 } 1223 }
1212 1224
1213 bool SSLClientSocketNSS::Core::IsConnected() { 1225 bool SSLClientSocketNSS::Core::IsConnected() {
1214 DCHECK(OnNetworkTaskRunner()); 1226 DCHECK(OnNetworkTaskRunner());
1215 return !nss_is_closed_; 1227 return !nss_is_closed_;
1216 } 1228 }
1217 1229
1218 bool SSLClientSocketNSS::Core::HasPendingAsyncOperation() { 1230 bool SSLClientSocketNSS::Core::HasPendingAsyncOperation() {
1219 DCHECK(OnNetworkTaskRunner()); 1231 DCHECK(OnNetworkTaskRunner());
1220 return nss_waiting_read_ || nss_waiting_write_; 1232 return nss_waiting_read_ || nss_waiting_write_;
1221 } 1233 }
1222 1234
1223 bool SSLClientSocketNSS::Core::HasUnhandledReceivedData() { 1235 bool SSLClientSocketNSS::Core::HasUnhandledReceivedData() {
1224 DCHECK(OnNetworkTaskRunner()); 1236 DCHECK(OnNetworkTaskRunner());
1225 return unhandled_buffer_size_ != 0; 1237 return unhandled_buffer_size_ != 0;
1226 } 1238 }
1227 1239
1240 bool SSLClientSocketNSS::Core::WasEverUsed() {
mmenke 2014/03/26 15:18:32 nit: const
mmenke 2014/03/26 15:18:32 Hrm...The above 3 functions can all be const, too.
davidben 2014/03/26 16:58:29 Done.
davidben 2014/03/26 16:58:29 Done.
1241 DCHECK(OnNetworkTaskRunner());
1242 return was_ever_used_;
1243 }
1244
1228 void SSLClientSocketNSS::Core::CacheSessionIfNecessary() { 1245 void SSLClientSocketNSS::Core::CacheSessionIfNecessary() {
1229 // TODO(rsleevi): This should occur on the NSS task runner, due to the use of 1246 // TODO(rsleevi): This should occur on the NSS task runner, due to the use of
1230 // nss_fd_. However, it happens on the network task runner in order to match 1247 // nss_fd_. However, it happens on the network task runner in order to match
1231 // the buggy behavior of ExportKeyingMaterial. 1248 // the buggy behavior of ExportKeyingMaterial.
1232 // 1249 //
1233 // Once http://crbug.com/330360 is fixed, this should be moved to an 1250 // Once http://crbug.com/330360 is fixed, this should be moved to an
1234 // implementation that exclusively does this work on the NSS TaskRunner. This 1251 // implementation that exclusively does this work on the NSS TaskRunner. This
1235 // is "safe" because it is only called during the certificate verification 1252 // is "safe" because it is only called during the certificate verification
1236 // state machine of the main socket, which is safe because no underlying 1253 // state machine of the main socket, which is safe because no underlying
1237 // transport IO will be occuring in that state, and NSS will not be blocking 1254 // transport IO will be occuring in that state, and NSS will not be blocking
(...skipping 1411 matching lines...) Expand 10 before | Expand all | Expand 10 after
2649 2666
2650 void SSLClientSocketNSS::Core::OnNSSBufferUpdated(int amount_in_read_buffer) { 2667 void SSLClientSocketNSS::Core::OnNSSBufferUpdated(int amount_in_read_buffer) {
2651 DCHECK(OnNetworkTaskRunner()); 2668 DCHECK(OnNetworkTaskRunner());
2652 unhandled_buffer_size_ = amount_in_read_buffer; 2669 unhandled_buffer_size_ = amount_in_read_buffer;
2653 } 2670 }
2654 2671
2655 void SSLClientSocketNSS::Core::DidNSSRead(int result) { 2672 void SSLClientSocketNSS::Core::DidNSSRead(int result) {
2656 DCHECK(OnNetworkTaskRunner()); 2673 DCHECK(OnNetworkTaskRunner());
2657 DCHECK(nss_waiting_read_); 2674 DCHECK(nss_waiting_read_);
2658 nss_waiting_read_ = false; 2675 nss_waiting_read_ = false;
2659 if (result <= 0) 2676 if (result <= 0) {
2660 nss_is_closed_ = true; 2677 nss_is_closed_ = true;
2678 } else {
2679 was_ever_used_ = true;
2680 }
2661 } 2681 }
2662 2682
2663 void SSLClientSocketNSS::Core::DidNSSWrite(int result) { 2683 void SSLClientSocketNSS::Core::DidNSSWrite(int result) {
2664 DCHECK(OnNetworkTaskRunner()); 2684 DCHECK(OnNetworkTaskRunner());
2665 DCHECK(nss_waiting_write_); 2685 DCHECK(nss_waiting_write_);
2666 nss_waiting_write_ = false; 2686 nss_waiting_write_ = false;
2667 if (result < 0) 2687 if (result < 0) {
2668 nss_is_closed_ = true; 2688 nss_is_closed_ = true;
2689 } else if (result > 0) {
2690 was_ever_used_ = true;
2691 }
2669 } 2692 }
2670 2693
2671 void SSLClientSocketNSS::Core::BufferSendComplete(int result) { 2694 void SSLClientSocketNSS::Core::BufferSendComplete(int result) {
2672 if (!OnNSSTaskRunner()) { 2695 if (!OnNSSTaskRunner()) {
2673 if (detached_) 2696 if (detached_)
2674 return; 2697 return;
2675 2698
2676 nss_task_runner_->PostTask( 2699 nss_task_runner_->PostTask(
2677 FROM_HERE, base::Bind(&Core::BufferSendComplete, this, result)); 2700 FROM_HERE, base::Bind(&Core::BufferSendComplete, this, result));
2678 return; 2701 return;
(...skipping 339 matching lines...) Expand 10 before | Expand all | Expand 10 after
3018 3041
3019 void SSLClientSocketNSS::SetOmniboxSpeculation() { 3042 void SSLClientSocketNSS::SetOmniboxSpeculation() {
3020 if (transport_.get() && transport_->socket()) { 3043 if (transport_.get() && transport_->socket()) {
3021 transport_->socket()->SetOmniboxSpeculation(); 3044 transport_->socket()->SetOmniboxSpeculation();
3022 } else { 3045 } else {
3023 NOTREACHED(); 3046 NOTREACHED();
3024 } 3047 }
3025 } 3048 }
3026 3049
3027 bool SSLClientSocketNSS::WasEverUsed() const { 3050 bool SSLClientSocketNSS::WasEverUsed() const {
3028 if (transport_.get() && transport_->socket()) { 3051 DCHECK(core_.get());
3029 return transport_->socket()->WasEverUsed(); 3052
3030 } 3053 return core_->WasEverUsed();
3031 NOTREACHED();
3032 return false;
3033 } 3054 }
3034 3055
3035 bool SSLClientSocketNSS::UsingTCPFastOpen() const { 3056 bool SSLClientSocketNSS::UsingTCPFastOpen() const {
3036 if (transport_.get() && transport_->socket()) { 3057 if (transport_.get() && transport_->socket()) {
3037 return transport_->socket()->UsingTCPFastOpen(); 3058 return transport_->socket()->UsingTCPFastOpen();
3038 } 3059 }
3039 NOTREACHED(); 3060 NOTREACHED();
3040 return false; 3061 return false;
3041 } 3062 }
3042 3063
(...skipping 549 matching lines...) Expand 10 before | Expand all | Expand 10 after
3592 scoped_refptr<X509Certificate> 3613 scoped_refptr<X509Certificate>
3593 SSLClientSocketNSS::GetUnverifiedServerCertificateChain() const { 3614 SSLClientSocketNSS::GetUnverifiedServerCertificateChain() const {
3594 return core_->state().server_cert.get(); 3615 return core_->state().server_cert.get();
3595 } 3616 }
3596 3617
3597 ServerBoundCertService* SSLClientSocketNSS::GetServerBoundCertService() const { 3618 ServerBoundCertService* SSLClientSocketNSS::GetServerBoundCertService() const {
3598 return server_bound_cert_service_; 3619 return server_bound_cert_service_;
3599 } 3620 }
3600 3621
3601 } // namespace net 3622 } // namespace net
OLDNEW
« net/socket/client_socket_pool_base_unittest.cc ('K') | « net/socket/socks_client_socket.cc ('k') | net/socket/ssl_client_socket_openssl.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698