Implement SSL server socket over OpenSSL.

net/socket/ssl_server_socket_nss.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/socket/ssl_server_socket_nss.h"
 
 #if defined(OS_WIN)
 #include <winsock2.h>
 #endif
 
@@ skipping 11 matching lines @@
 #include <nss.h>
 #include <pk11pub.h>
 #include <secerr.h>
 #include <sechash.h>
 #include <ssl.h>
 #include <sslerr.h>
 #include <sslproto.h>
 
 #include <limits>
 
+#include "base/callback_helpers.h"
 #include "base/lazy_instance.h"
 #include "base/memory/ref_counted.h"
 #include "crypto/rsa_private_key.h"
 #include "crypto/nss_util_internal.h"
 #include "net/base/io_buffer.h"
 #include "net/base/net_errors.h"
 #include "net/base/net_log.h"
 #include "net/socket/nss_ssl_util.h"
 #include "net/socket/ssl_error_params.h"
 
@@ skipping 448 matching lines @@
   return OK;
 }
 
 void SSLServerSocketNSS::OnSendComplete(int result) {
   if (next_handshake_state_ == STATE_HANDSHAKE) {
     // In handshake phase.
     OnHandshakeIOComplete(result);
     return;
   }
 
+  // TODO(byungchul): This state machine is not correct. Refactor this with
+  // SSLClientSocketNSS::OnSendComplete() which handles it better.

[wtc, 2014/05/16 03:57:17]

Nit: it's not clear what "Refactor this with
SSLClientSocketNSS::OnSendComplete()". Do you mean "Copy the state machine of
SSLClientSocketNSS::OnSendComplete()"?

[byungchul, 2014/05/16 17:49:59]

Done.

   if (!completed_handshake_)
     return;
 
   if (user_write_buf_.get()) {
     int rv = DoWriteLoop(result);
     if (rv != ERR_IO_PENDING)
       DoWriteCallback(rv);
   } else {
     // Ensure that any queued ciphertext is flushed.
     DoTransportIO();
@@ skipping 12 matching lines @@
   if (!user_read_buf_.get() || !completed_handshake_)
     return;
 
   int rv = DoReadLoop(result);
   if (rv != ERR_IO_PENDING)
     DoReadCallback(rv);
 }
 
 void SSLServerSocketNSS::OnHandshakeIOComplete(int result) {
   int rv = DoHandshakeLoop(result);
-  if (rv != ERR_IO_PENDING) {
-    net_log_.EndEventWithNetErrorCode(NetLog::TYPE_SSL_SERVER_HANDSHAKE, rv);
-    if (!user_handshake_callback_.is_null())
-      DoHandshakeCallback(rv);
-  }
+  if (rv == ERR_IO_PENDING)
+    return;
+
+  net_log_.EndEventWithNetErrorCode(NetLog::TYPE_SSL_SERVER_HANDSHAKE, rv);
+  if (!user_handshake_callback_.is_null())
+    DoHandshakeCallback(rv);
 }
 
 // Return 0 for EOF,
 // > 0 for bytes transferred immediately,
 // < 0 for error (or the non-error ERR_IO_PENDING).
 int SSLServerSocketNSS::BufferSend(void) {
   if (transport_send_busy_)
     return ERR_IO_PENDING;
 
   const char* buf1;
@@ skipping 171 matching lines @@
   int rv;
   do {
     rv = DoPayloadRead();
     network_moved = DoTransportIO();
   } while (rv == ERR_IO_PENDING && network_moved);
   return rv;
 }
 
 int SSLServerSocketNSS::DoWriteLoop(int result) {
   DCHECK(completed_handshake_);
-  DCHECK(next_handshake_state_ == STATE_NONE);
+  DCHECK_EQ(next_handshake_state_, STATE_NONE);
 
   if (result < 0)
     return result;
 
   if (!nss_bufs_) {
     LOG(DFATAL) << "!nss_bufs_";
     int rv = ERR_UNEXPECTED;
     net_log_.AddEvent(NetLog::TYPE_SSL_WRITE_ERROR,
                       CreateNetLogSSLErrorCallback(rv, 0));
     return rv;
@@ skipping 26 matching lines @@
                  << ", net_error " << net_error;
       net_log_.AddEvent(NetLog::TYPE_SSL_HANDSHAKE_ERROR,
                         CreateNetLogSSLErrorCallback(net_error, prerr));
     }
   }
   return net_error;
 }
 
 void SSLServerSocketNSS::DoHandshakeCallback(int rv) {
   DCHECK_NE(rv, ERR_IO_PENDING);
-
-  CompletionCallback c = user_handshake_callback_;
-  user_handshake_callback_.Reset();
-  c.Run(rv > OK ? OK : rv);
+  ResetAndReturn(&user_handshake_callback_).Run(rv > OK ? OK : rv);
 }
 
 void SSLServerSocketNSS::DoReadCallback(int rv) {
   DCHECK(rv != ERR_IO_PENDING);
   DCHECK(!user_read_callback_.is_null());
 
+  user_read_buf_ = NULL;
+  user_read_buf_len_ = 0;
   // Since Run may result in Read being called, clear |user_read_callback_|
   // up front.

[wtc, 2014/05/16 03:57:17]

Nit: We may want to delete this comment and the comment on lines 799-800. They
are clearer with the original code.

[byungchul, 2014/05/16 17:49:59]

Done.

-  CompletionCallback c = user_read_callback_;
-  user_read_callback_.Reset();
-  user_read_buf_ = NULL;
-  user_read_buf_len_ = 0;
-  c.Run(rv);
+  ResetAndReturn(&user_read_callback_).Run(rv);
 }
 
 void SSLServerSocketNSS::DoWriteCallback(int rv) {
   DCHECK(rv != ERR_IO_PENDING);
   DCHECK(!user_write_callback_.is_null());
 
+  user_write_buf_ = NULL;
+  user_write_buf_len_ = 0;
   // Since Run may result in Write being called, clear |user_write_callback_|
   // up front.
-  CompletionCallback c = user_write_callback_;
-  user_write_callback_.Reset();
-  user_write_buf_ = NULL;
-  user_write_buf_len_ = 0;
-  c.Run(rv);
+  ResetAndReturn(&user_write_callback_).Run(rv);
 }
 
 // static
 // NSS calls this if an incoming certificate needs to be verified.
 // Do nothing but return SECSuccess.
 // This is called only in full handshake mode.
 // Peer certificate is retrieved in HandshakeCallback() later, which is called
 // in full handshake mode or in resumption handshake mode.
 SECStatus SSLServerSocketNSS::OwnAuthCertHandler(void* arg,
                                                  PRFileDesc* socket,
@@ skipping 17 matching lines @@
   // initializes the NSS base library.
   EnsureNSSSSLInit();
   if (!NSS_IsInitialized())
     return ERR_UNEXPECTED;
 
   EnableSSLServerSockets();
   return OK;
 }
 
 }  // namespace net