OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/http/http_network_transaction.h" | 5 #include "net/http/http_network_transaction.h" |
6 | 6 |
7 #include <set> | 7 #include <set> |
8 #include <utility> | 8 #include <utility> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
(...skipping 689 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
700 case STATE_GENERATE_PROXY_AUTH_TOKEN_COMPLETE: | 700 case STATE_GENERATE_PROXY_AUTH_TOKEN_COMPLETE: |
701 rv = DoGenerateProxyAuthTokenComplete(rv); | 701 rv = DoGenerateProxyAuthTokenComplete(rv); |
702 break; | 702 break; |
703 case STATE_GENERATE_SERVER_AUTH_TOKEN: | 703 case STATE_GENERATE_SERVER_AUTH_TOKEN: |
704 DCHECK_EQ(OK, rv); | 704 DCHECK_EQ(OK, rv); |
705 rv = DoGenerateServerAuthToken(); | 705 rv = DoGenerateServerAuthToken(); |
706 break; | 706 break; |
707 case STATE_GENERATE_SERVER_AUTH_TOKEN_COMPLETE: | 707 case STATE_GENERATE_SERVER_AUTH_TOKEN_COMPLETE: |
708 rv = DoGenerateServerAuthTokenComplete(rv); | 708 rv = DoGenerateServerAuthTokenComplete(rv); |
709 break; | 709 break; |
710 case STATE_GET_TOKEN_BINDING_KEY: | 710 case STATE_GET_PROVIDED_TOKEN_BINDING_KEY: |
711 DCHECK_EQ(OK, rv); | 711 DCHECK_EQ(OK, rv); |
712 rv = DoGetTokenBindingKey(); | 712 rv = DoGetProvidedTokenBindingKey(); |
713 break; | 713 break; |
714 case STATE_GET_TOKEN_BINDING_KEY_COMPLETE: | 714 case STATE_GET_PROVIDED_TOKEN_BINDING_KEY_COMPLETE: |
715 rv = DoGetTokenBindingKeyComplete(rv); | 715 rv = DoGetProvidedTokenBindingKeyComplete(rv); |
| 716 break; |
| 717 case STATE_GET_REFERRED_TOKEN_BINDING_KEY: |
| 718 DCHECK_EQ(OK, rv); |
| 719 rv = DoGetReferredTokenBindingKey(); |
| 720 break; |
| 721 case STATE_GET_REFERRED_TOKEN_BINDING_KEY_COMPLETE: |
| 722 rv = DoGetReferredTokenBindingKeyComplete(rv); |
716 break; | 723 break; |
717 case STATE_INIT_REQUEST_BODY: | 724 case STATE_INIT_REQUEST_BODY: |
718 DCHECK_EQ(OK, rv); | 725 DCHECK_EQ(OK, rv); |
719 rv = DoInitRequestBody(); | 726 rv = DoInitRequestBody(); |
720 break; | 727 break; |
721 case STATE_INIT_REQUEST_BODY_COMPLETE: | 728 case STATE_INIT_REQUEST_BODY_COMPLETE: |
722 rv = DoInitRequestBodyComplete(rv); | 729 rv = DoInitRequestBodyComplete(rv); |
723 break; | 730 break; |
724 case STATE_BUILD_REQUEST: | 731 case STATE_BUILD_REQUEST: |
725 DCHECK_EQ(OK, rv); | 732 DCHECK_EQ(OK, rv); |
(...skipping 196 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
922 if (!ShouldApplyServerAuth()) | 929 if (!ShouldApplyServerAuth()) |
923 return OK; | 930 return OK; |
924 return auth_controllers_[target]->MaybeGenerateAuthToken(request_, | 931 return auth_controllers_[target]->MaybeGenerateAuthToken(request_, |
925 io_callback_, | 932 io_callback_, |
926 net_log_); | 933 net_log_); |
927 } | 934 } |
928 | 935 |
929 int HttpNetworkTransaction::DoGenerateServerAuthTokenComplete(int rv) { | 936 int HttpNetworkTransaction::DoGenerateServerAuthTokenComplete(int rv) { |
930 DCHECK_NE(ERR_IO_PENDING, rv); | 937 DCHECK_NE(ERR_IO_PENDING, rv); |
931 if (rv == OK) | 938 if (rv == OK) |
932 next_state_ = STATE_GET_TOKEN_BINDING_KEY; | 939 next_state_ = STATE_GET_PROVIDED_TOKEN_BINDING_KEY; |
933 return rv; | 940 return rv; |
934 } | 941 } |
935 | 942 |
936 int HttpNetworkTransaction::DoGetTokenBindingKey() { | 943 int HttpNetworkTransaction::DoGetProvidedTokenBindingKey() { |
937 next_state_ = STATE_GET_TOKEN_BINDING_KEY_COMPLETE; | 944 next_state_ = STATE_GET_PROVIDED_TOKEN_BINDING_KEY_COMPLETE; |
938 if (!IsTokenBindingEnabled()) | 945 if (!IsTokenBindingEnabled()) |
939 return OK; | 946 return OK; |
940 | 947 |
941 net_log_.BeginEvent(NetLog::TYPE_HTTP_TRANSACTION_GET_TOKEN_BINDING_KEY); | 948 net_log_.BeginEvent(NetLog::TYPE_HTTP_TRANSACTION_GET_TOKEN_BINDING_KEY); |
942 ChannelIDService* channel_id_service = session_->params().channel_id_service; | 949 ChannelIDService* channel_id_service = session_->params().channel_id_service; |
943 return channel_id_service->GetOrCreateChannelID( | 950 return channel_id_service->GetOrCreateChannelID( |
944 request_->url.host(), &token_binding_key_, io_callback_, | 951 request_->url.host(), &provided_token_binding_key_, io_callback_, |
945 &token_binding_request_); | 952 &token_binding_request_); |
946 } | 953 } |
947 | 954 |
948 int HttpNetworkTransaction::DoGetTokenBindingKeyComplete(int rv) { | 955 int HttpNetworkTransaction::DoGetProvidedTokenBindingKeyComplete(int rv) { |
949 DCHECK_NE(ERR_IO_PENDING, rv); | 956 DCHECK_NE(ERR_IO_PENDING, rv); |
950 next_state_ = STATE_INIT_REQUEST_BODY; | 957 if (IsTokenBindingEnabled()) { |
951 if (!IsTokenBindingEnabled()) | 958 net_log_.EndEventWithNetErrorCode( |
952 return OK; | 959 NetLog::TYPE_HTTP_TRANSACTION_GET_TOKEN_BINDING_KEY, rv); |
| 960 } |
953 | 961 |
954 net_log_.EndEventWithNetErrorCode( | 962 if (rv == OK) |
955 NetLog::TYPE_HTTP_TRANSACTION_GET_TOKEN_BINDING_KEY, rv); | 963 next_state_ = STATE_GET_REFERRED_TOKEN_BINDING_KEY; |
956 return rv; | 964 return rv; |
957 } | 965 } |
958 | 966 |
| 967 int HttpNetworkTransaction::DoGetReferredTokenBindingKey() { |
| 968 next_state_ = STATE_GET_REFERRED_TOKEN_BINDING_KEY_COMPLETE; |
| 969 if (!IsTokenBindingEnabled() || request_->token_binding_referrer.empty()) |
| 970 return OK; |
| 971 |
| 972 net_log_.BeginEvent(NetLog::TYPE_HTTP_TRANSACTION_GET_TOKEN_BINDING_KEY); |
| 973 ChannelIDService* channel_id_service = session_->params().channel_id_service; |
| 974 return channel_id_service->GetOrCreateChannelID( |
| 975 request_->token_binding_referrer, &referred_token_binding_key_, |
| 976 io_callback_, &token_binding_request_); |
| 977 } |
| 978 |
| 979 int HttpNetworkTransaction::DoGetReferredTokenBindingKeyComplete(int rv) { |
| 980 DCHECK_NE(ERR_IO_PENDING, rv); |
| 981 if (IsTokenBindingEnabled() && !request_->token_binding_referrer.empty()) { |
| 982 net_log_.EndEventWithNetErrorCode( |
| 983 NetLog::TYPE_HTTP_TRANSACTION_GET_TOKEN_BINDING_KEY, rv); |
| 984 } |
| 985 if (rv == OK) |
| 986 next_state_ = STATE_INIT_REQUEST_BODY; |
| 987 return rv; |
| 988 } |
| 989 |
959 int HttpNetworkTransaction::BuildRequestHeaders( | 990 int HttpNetworkTransaction::BuildRequestHeaders( |
960 bool using_http_proxy_without_tunnel) { | 991 bool using_http_proxy_without_tunnel) { |
961 request_headers_.SetHeader(HttpRequestHeaders::kHost, | 992 request_headers_.SetHeader(HttpRequestHeaders::kHost, |
962 GetHostAndOptionalPort(request_->url)); | 993 GetHostAndOptionalPort(request_->url)); |
963 | 994 |
964 // For compat with HTTP/1.0 servers and proxies: | 995 // For compat with HTTP/1.0 servers and proxies: |
965 if (using_http_proxy_without_tunnel) { | 996 if (using_http_proxy_without_tunnel) { |
966 request_headers_.SetHeader(HttpRequestHeaders::kProxyConnection, | 997 request_headers_.SetHeader(HttpRequestHeaders::kProxyConnection, |
967 "keep-alive"); | 998 "keep-alive"); |
968 } else { | 999 } else { |
(...skipping 14 matching lines...) Expand all Loading... |
983 // An empty POST/PUT request still needs a content length. As for HEAD, | 1014 // An empty POST/PUT request still needs a content length. As for HEAD, |
984 // IE and Safari also add a content length header. Presumably it is to | 1015 // IE and Safari also add a content length header. Presumably it is to |
985 // support sending a HEAD request to an URL that only expects to be sent a | 1016 // support sending a HEAD request to an URL that only expects to be sent a |
986 // POST or some other method that normally would have a message body. | 1017 // POST or some other method that normally would have a message body. |
987 // Firefox (40.0) does not send the header, and RFC 7230 & 7231 | 1018 // Firefox (40.0) does not send the header, and RFC 7230 & 7231 |
988 // specify that it should not be sent due to undefined behavior. | 1019 // specify that it should not be sent due to undefined behavior. |
989 request_headers_.SetHeader(HttpRequestHeaders::kContentLength, "0"); | 1020 request_headers_.SetHeader(HttpRequestHeaders::kContentLength, "0"); |
990 } | 1021 } |
991 | 1022 |
992 RecordTokenBindingSupport(); | 1023 RecordTokenBindingSupport(); |
993 if (token_binding_key_) { | 1024 if (provided_token_binding_key_) { |
994 std::string token_binding_header; | 1025 std::string token_binding_header; |
995 int rv = BuildTokenBindingHeader(&token_binding_header); | 1026 int rv = BuildTokenBindingHeader(&token_binding_header); |
996 if (rv != OK) | 1027 if (rv != OK) |
997 return rv; | 1028 return rv; |
998 request_headers_.SetHeader(HttpRequestHeaders::kTokenBinding, | 1029 request_headers_.SetHeader(HttpRequestHeaders::kTokenBinding, |
999 token_binding_header); | 1030 token_binding_header); |
1000 } | 1031 } |
1001 | 1032 |
1002 // Honor load flags that impact proxy caches. | 1033 // Honor load flags that impact proxy caches. |
1003 if (request_->load_flags & LOAD_BYPASS_CACHE) { | 1034 if (request_->load_flags & LOAD_BYPASS_CACHE) { |
(...skipping 18 matching lines...) Expand all Loading... |
1022 | 1053 |
1023 response_.did_use_http_auth = | 1054 response_.did_use_http_auth = |
1024 request_headers_.HasHeader(HttpRequestHeaders::kAuthorization) || | 1055 request_headers_.HasHeader(HttpRequestHeaders::kAuthorization) || |
1025 request_headers_.HasHeader(HttpRequestHeaders::kProxyAuthorization); | 1056 request_headers_.HasHeader(HttpRequestHeaders::kProxyAuthorization); |
1026 return OK; | 1057 return OK; |
1027 } | 1058 } |
1028 | 1059 |
1029 int HttpNetworkTransaction::BuildTokenBindingHeader(std::string* out) { | 1060 int HttpNetworkTransaction::BuildTokenBindingHeader(std::string* out) { |
1030 base::TimeTicks start = base::TimeTicks::Now(); | 1061 base::TimeTicks start = base::TimeTicks::Now(); |
1031 std::vector<uint8_t> signed_ekm; | 1062 std::vector<uint8_t> signed_ekm; |
1032 int rv = stream_->GetSignedEKMForTokenBinding(token_binding_key_.get(), | 1063 int rv = stream_->GetSignedEKMForTokenBinding( |
1033 &signed_ekm); | 1064 provided_token_binding_key_.get(), &signed_ekm); |
1034 if (rv != OK) | 1065 if (rv != OK) |
1035 return rv; | 1066 return rv; |
1036 std::string provided_token_binding; | 1067 std::string provided_token_binding; |
1037 rv = BuildProvidedTokenBinding(token_binding_key_.get(), signed_ekm, | 1068 rv = BuildTokenBinding(TokenBindingType::PROVIDED, |
1038 &provided_token_binding); | 1069 provided_token_binding_key_.get(), signed_ekm, |
| 1070 &provided_token_binding); |
1039 if (rv != OK) | 1071 if (rv != OK) |
1040 return rv; | 1072 return rv; |
| 1073 |
1041 std::vector<base::StringPiece> token_bindings; | 1074 std::vector<base::StringPiece> token_bindings; |
1042 token_bindings.push_back(provided_token_binding); | 1075 token_bindings.push_back(provided_token_binding); |
| 1076 |
| 1077 std::string referred_token_binding; |
| 1078 if (referred_token_binding_key_) { |
| 1079 std::vector<uint8_t> referred_signed_ekm; |
| 1080 int rv = stream_->GetSignedEKMForTokenBinding( |
| 1081 referred_token_binding_key_.get(), &referred_signed_ekm); |
| 1082 if (rv != OK) |
| 1083 return rv; |
| 1084 rv = BuildTokenBinding(TokenBindingType::REFERRED, |
| 1085 referred_token_binding_key_.get(), |
| 1086 referred_signed_ekm, &referred_token_binding); |
| 1087 if (rv != OK) |
| 1088 return rv; |
| 1089 token_bindings.push_back(referred_token_binding); |
| 1090 } |
1043 std::string header; | 1091 std::string header; |
1044 rv = BuildTokenBindingMessageFromTokenBindings(token_bindings, &header); | 1092 rv = BuildTokenBindingMessageFromTokenBindings(token_bindings, &header); |
1045 if (rv != OK) | 1093 if (rv != OK) |
1046 return rv; | 1094 return rv; |
1047 base::Base64UrlEncode(header, base::Base64UrlEncodePolicy::INCLUDE_PADDING, | 1095 base::Base64UrlEncode(header, base::Base64UrlEncodePolicy::INCLUDE_PADDING, |
1048 out); | 1096 out); |
1049 base::TimeDelta header_creation_time = base::TimeTicks::Now() - start; | 1097 base::TimeDelta header_creation_time = base::TimeTicks::Now() - start; |
1050 UMA_HISTOGRAM_CUSTOM_TIMES("Net.TokenBinding.HeaderCreationTime", | 1098 UMA_HISTOGRAM_CUSTOM_TIMES("Net.TokenBinding.HeaderCreationTime", |
1051 header_creation_time, | 1099 header_creation_time, |
1052 base::TimeDelta::FromMilliseconds(1), | 1100 base::TimeDelta::FromMilliseconds(1), |
(...skipping 471 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1524 pending_auth_target_ = HttpAuth::AUTH_NONE; | 1572 pending_auth_target_ = HttpAuth::AUTH_NONE; |
1525 read_buf_ = NULL; | 1573 read_buf_ = NULL; |
1526 read_buf_len_ = 0; | 1574 read_buf_len_ = 0; |
1527 headers_valid_ = false; | 1575 headers_valid_ = false; |
1528 request_headers_.Clear(); | 1576 request_headers_.Clear(); |
1529 response_ = HttpResponseInfo(); | 1577 response_ = HttpResponseInfo(); |
1530 establishing_tunnel_ = false; | 1578 establishing_tunnel_ = false; |
1531 remote_endpoint_ = IPEndPoint(); | 1579 remote_endpoint_ = IPEndPoint(); |
1532 net_error_details_.quic_broken = false; | 1580 net_error_details_.quic_broken = false; |
1533 net_error_details_.quic_connection_error = QUIC_NO_ERROR; | 1581 net_error_details_.quic_connection_error = QUIC_NO_ERROR; |
1534 token_binding_key_.reset(); | 1582 provided_token_binding_key_.reset(); |
| 1583 referred_token_binding_key_.reset(); |
1535 } | 1584 } |
1536 | 1585 |
1537 void HttpNetworkTransaction::CacheNetErrorDetailsAndResetStream() { | 1586 void HttpNetworkTransaction::CacheNetErrorDetailsAndResetStream() { |
1538 if (stream_) | 1587 if (stream_) |
1539 stream_->PopulateNetErrorDetails(&net_error_details_); | 1588 stream_->PopulateNetErrorDetails(&net_error_details_); |
1540 stream_.reset(); | 1589 stream_.reset(); |
1541 } | 1590 } |
1542 | 1591 |
1543 void HttpNetworkTransaction::RecordSSLFallbackMetrics(int result) { | 1592 void HttpNetworkTransaction::RecordSSLFallbackMetrics(int result) { |
1544 if (result != OK && result != ERR_SSL_INAPPROPRIATE_FALLBACK) | 1593 if (result != OK && result != ERR_SSL_INAPPROPRIATE_FALLBACK) |
(...skipping 211 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1756 DCHECK(stream_request_); | 1805 DCHECK(stream_request_); |
1757 | 1806 |
1758 // Since the transaction can restart with auth credentials, it may create a | 1807 // Since the transaction can restart with auth credentials, it may create a |
1759 // stream more than once. Accumulate all of the connection attempts across | 1808 // stream more than once. Accumulate all of the connection attempts across |
1760 // those streams by appending them to the vector: | 1809 // those streams by appending them to the vector: |
1761 for (const auto& attempt : stream_request_->connection_attempts()) | 1810 for (const auto& attempt : stream_request_->connection_attempts()) |
1762 connection_attempts_.push_back(attempt); | 1811 connection_attempts_.push_back(attempt); |
1763 } | 1812 } |
1764 | 1813 |
1765 } // namespace net | 1814 } // namespace net |
OLD | NEW |