Use sockets with unread data if they've never been used before.

net/socket/ssl_client_socket_nss.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived
 // from AuthCertificateCallback() in
 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp.
 
 /* ***** BEGIN LICENSE BLOCK *****
  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
@@ skipping 618 matching lines @@
   const HandshakeState& state() const { return network_handshake_state_; }
 
   // Called on the network task runner.
   // Read() and Write() mirror the net::Socket functions of the same name.
   // If ERR_IO_PENDING is returned, |callback| will be invoked on the network
   // task runner at a later point, unless the caller calls Detach().
   int Read(IOBuffer* buf, int buf_len, const CompletionCallback& callback);
   int Write(IOBuffer* buf, int buf_len, const CompletionCallback& callback);
 
   // Called on the network task runner.
-  bool IsConnected();
-  bool HasPendingAsyncOperation();
-  bool HasUnhandledReceivedData();
+  bool IsConnected() const;
+  bool HasPendingAsyncOperation() const;
+  bool HasUnhandledReceivedData() const;
+  bool WasEverUsed() const;
 
   // Called on the network task runner.
   // Causes the associated SSL/TLS session ID to be added to NSS's session
   // cache, but only if the connection has not been False Started.
   //
   // This should only be called after the server's certificate has been
   // verified, and may not be called within an NSS callback.
   void CacheSessionIfNecessary();
 
  private:
@@ skipping 182 matching lines @@
   // The service for retrieving Channel ID keys.  May be NULL.
   ServerBoundCertService* server_bound_cert_service_;
   ServerBoundCertService::RequestHandle domain_bound_cert_request_handle_;
 
   // The information about NSS task runner.
   int unhandled_buffer_size_;
   bool nss_waiting_read_;
   bool nss_waiting_write_;
   bool nss_is_closed_;
 
+  // Set when Read() or Write() successfully reads or writes data to or from the
+  // network.
+  bool was_ever_used_;
+
   ////////////////////////////////////////////////////////////////////////////
   // Members that are ONLY accessed on the NSS task runner:
   ////////////////////////////////////////////////////////////////////////////
   HostPortPair host_and_port_;
   SSLConfig ssl_config_;
 
   // NSS SSL socket.
   PRFileDesc* nss_fd_;
 
   // Buffers for the network end of the SSL state machine
@@ skipping 75 matching lines @@
     BoundNetLog* net_log,
     ServerBoundCertService* server_bound_cert_service)
     : detached_(false),
       transport_(transport),
       weak_net_log_factory_(net_log),
       server_bound_cert_service_(server_bound_cert_service),
       unhandled_buffer_size_(0),
       nss_waiting_read_(false),
       nss_waiting_write_(false),
       nss_is_closed_(false),
+      was_ever_used_(false),
       host_and_port_(host_and_port),
       ssl_config_(ssl_config),
       nss_fd_(NULL),
       nss_bufs_(NULL),
       pending_read_result_(kNoPendingReadResult),
       pending_read_nss_error_(0),
       next_handshake_state_(STATE_NONE),
       channel_id_xtn_negotiated_(false),
       channel_id_needed_(false),
       client_auth_cert_needed_(false),
@@ skipping 192 matching lines @@
   } else {
     user_read_buf_ = NULL;
     user_read_buf_len_ = 0;
 
     if (!OnNetworkTaskRunner()) {
       PostOrRunCallback(FROM_HERE, base::Bind(&Core::DidNSSRead, this, rv));
       PostOrRunCallback(FROM_HERE, base::Bind(callback, rv));
       return ERR_IO_PENDING;
     } else {
       DCHECK(!nss_waiting_read_);
-      if (rv <= 0)
+      if (rv <= 0) {
         nss_is_closed_ = true;
+      } else {
+        was_ever_used_ = true;
+      }
     }
   }
 
   return rv;
 }
 
 int SSLClientSocketNSS::Core::Write(IOBuffer* buf, int buf_len,
                                     const CompletionCallback& callback) {
   if (!OnNSSTaskRunner()) {
     DCHECK(OnNetworkTaskRunner());
@@ skipping 32 matching lines @@
   } else {
     user_write_buf_ = NULL;
     user_write_buf_len_ = 0;
 
     if (!OnNetworkTaskRunner()) {
       PostOrRunCallback(FROM_HERE, base::Bind(&Core::DidNSSWrite, this, rv));
       PostOrRunCallback(FROM_HERE, base::Bind(callback, rv));
       return ERR_IO_PENDING;
     } else {
       DCHECK(!nss_waiting_write_);
-      if (rv < 0)
+      if (rv < 0) {
         nss_is_closed_ = true;
+      } else if (rv > 0) {
+        was_ever_used_ = true;
+      }
     }
   }
 
   return rv;
 }
 
-bool SSLClientSocketNSS::Core::IsConnected() {
+bool SSLClientSocketNSS::Core::IsConnected() const {
   DCHECK(OnNetworkTaskRunner());
   return !nss_is_closed_;
 }
 
-bool SSLClientSocketNSS::Core::HasPendingAsyncOperation() {
+bool SSLClientSocketNSS::Core::HasPendingAsyncOperation() const {
   DCHECK(OnNetworkTaskRunner());
   return nss_waiting_read_ || nss_waiting_write_;
 }
 
-bool SSLClientSocketNSS::Core::HasUnhandledReceivedData() {
+bool SSLClientSocketNSS::Core::HasUnhandledReceivedData() const {
   DCHECK(OnNetworkTaskRunner());
   return unhandled_buffer_size_ != 0;
 }
 
+bool SSLClientSocketNSS::Core::WasEverUsed() const {
+  DCHECK(OnNetworkTaskRunner());
+  return was_ever_used_;
+}
+
 void SSLClientSocketNSS::Core::CacheSessionIfNecessary() {
   // TODO(rsleevi): This should occur on the NSS task runner, due to the use of
   // nss_fd_. However, it happens on the network task runner in order to match
   // the buggy behavior of ExportKeyingMaterial.
   //
   // Once http://crbug.com/330360 is fixed, this should be moved to an
   // implementation that exclusively does this work on the NSS TaskRunner. This
   // is "safe" because it is only called during the certificate verification
   // state machine of the main socket, which is safe because no underlying
   // transport IO will be occuring in that state, and NSS will not be blocking
@@ skipping 1411 matching lines @@
 
 void SSLClientSocketNSS::Core::OnNSSBufferUpdated(int amount_in_read_buffer) {
   DCHECK(OnNetworkTaskRunner());
   unhandled_buffer_size_ = amount_in_read_buffer;
 }
 
 void SSLClientSocketNSS::Core::DidNSSRead(int result) {
   DCHECK(OnNetworkTaskRunner());
   DCHECK(nss_waiting_read_);
   nss_waiting_read_ = false;
-  if (result <= 0)
+  if (result <= 0) {
     nss_is_closed_ = true;
+  } else {
+    was_ever_used_ = true;
+  }
 }
 
 void SSLClientSocketNSS::Core::DidNSSWrite(int result) {
   DCHECK(OnNetworkTaskRunner());
   DCHECK(nss_waiting_write_);
   nss_waiting_write_ = false;
-  if (result < 0)
+  if (result < 0) {
     nss_is_closed_ = true;
+  } else if (result > 0) {
+    was_ever_used_ = true;
+  }
 }
 
 void SSLClientSocketNSS::Core::BufferSendComplete(int result) {
   if (!OnNSSTaskRunner()) {
     if (detached_)
       return;
 
     nss_task_runner_->PostTask(
         FROM_HERE, base::Bind(&Core::BufferSendComplete, this, result));
     return;
@@ skipping 339 matching lines @@
 
 void SSLClientSocketNSS::SetOmniboxSpeculation() {
   if (transport_.get() && transport_->socket()) {
     transport_->socket()->SetOmniboxSpeculation();
   } else {
     NOTREACHED();
   }
 }
 
 bool SSLClientSocketNSS::WasEverUsed() const {
-  if (transport_.get() && transport_->socket()) {
-    return transport_->socket()->WasEverUsed();
-  }
-  NOTREACHED();
-  return false;
+  DCHECK(core_.get());
+
+  return core_->WasEverUsed();
 }
 
 bool SSLClientSocketNSS::UsingTCPFastOpen() const {
   if (transport_.get() && transport_->socket()) {
     return transport_->socket()->UsingTCPFastOpen();
   }
   NOTREACHED();
   return false;
 }
 
@@ skipping 549 matching lines @@
 scoped_refptr<X509Certificate>
 SSLClientSocketNSS::GetUnverifiedServerCertificateChain() const {
   return core_->state().server_cert.get();
 }
 
 ServerBoundCertService* SSLClientSocketNSS::GetServerBoundCertService() const {
   return server_bound_cert_service_;
 }
 
 }  // namespace net