1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
|
// Copyright (c) 2011 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef NET_SOCKET_SSL_CLIENT_SOCKET_POOL_H_
#define NET_SOCKET_SSL_CLIENT_SOCKET_POOL_H_
#pragma once
#include <string>
#include "base/memory/ref_counted.h"
#include "base/memory/scoped_ptr.h"
#include "base/time.h"
#include "net/base/host_resolver.h"
#include "net/base/ssl_config_service.h"
#include "net/http/http_response_info.h"
#include "net/proxy/proxy_server.h"
#include "net/socket/ssl_client_socket.h"
#include "net/socket/client_socket_pool_base.h"
#include "net/socket/client_socket_pool_histograms.h"
#include "net/socket/client_socket_pool.h"
namespace net {
class CertVerifier;
class ClientSocketFactory;
class ConnectJobFactory;
class DnsCertProvenanceChecker;
class DnsRRResolver;
class HostPortPair;
class HttpProxyClientSocketPool;
class HttpProxySocketParams;
class SOCKSClientSocketPool;
class SOCKSSocketParams;
class SSLClientSocket;
class SSLHostInfoFactory;
class TransportSocketParams;
class TransportClientSocketPool;
struct RRResponse;
// SSLSocketParams only needs the socket params for the transport socket
// that will be used (denoted by |proxy|).
class SSLSocketParams : public base::RefCounted<SSLSocketParams> {
public:
SSLSocketParams(const scoped_refptr<TransportSocketParams>& transport_params,
const scoped_refptr<SOCKSSocketParams>& socks_params,
const scoped_refptr<HttpProxySocketParams>& http_proxy_params,
ProxyServer::Scheme proxy,
const HostPortPair& host_and_port,
const SSLConfig& ssl_config,
int load_flags,
bool force_spdy_over_ssl,
bool want_spdy_over_npn);
const scoped_refptr<TransportSocketParams>& transport_params() {
return transport_params_;
}
const scoped_refptr<HttpProxySocketParams>& http_proxy_params() {
return http_proxy_params_;
}
const scoped_refptr<SOCKSSocketParams>& socks_params() {
return socks_params_;
}
ProxyServer::Scheme proxy() const { return proxy_; }
const HostPortPair& host_and_port() const { return host_and_port_; }
const SSLConfig& ssl_config() const { return ssl_config_; }
int load_flags() const { return load_flags_; }
bool force_spdy_over_ssl() const { return force_spdy_over_ssl_; }
bool want_spdy_over_npn() const { return want_spdy_over_npn_; }
bool ignore_limits() const { return ignore_limits_; }
#ifdef ANDROID
// Gets the UID of the calling process
bool getUID(uid_t *uid) const;
void setUID(uid_t uid);
#endif
private:
friend class base::RefCounted<SSLSocketParams>;
~SSLSocketParams();
const scoped_refptr<TransportSocketParams> transport_params_;
const scoped_refptr<HttpProxySocketParams> http_proxy_params_;
const scoped_refptr<SOCKSSocketParams> socks_params_;
const ProxyServer::Scheme proxy_;
const HostPortPair host_and_port_;
const SSLConfig ssl_config_;
const int load_flags_;
const bool force_spdy_over_ssl_;
const bool want_spdy_over_npn_;
bool ignore_limits_;
DISALLOW_COPY_AND_ASSIGN(SSLSocketParams);
};
// SSLConnectJob handles the SSL handshake after setting up the underlying
// connection as specified in the params.
class SSLConnectJob : public ConnectJob {
public:
SSLConnectJob(
const std::string& group_name,
const scoped_refptr<SSLSocketParams>& params,
const base::TimeDelta& timeout_duration,
TransportClientSocketPool* transport_pool,
SOCKSClientSocketPool* socks_pool,
HttpProxyClientSocketPool* http_proxy_pool,
ClientSocketFactory* client_socket_factory,
HostResolver* host_resolver,
CertVerifier* cert_verifier,
DnsRRResolver* dnsrr_resolver,
DnsCertProvenanceChecker* dns_cert_checker,
SSLHostInfoFactory* ssl_host_info_factory,
Delegate* delegate,
NetLog* net_log);
virtual ~SSLConnectJob();
// ConnectJob methods.
virtual LoadState GetLoadState() const;
virtual void GetAdditionalErrorState(ClientSocketHandle * handle);
private:
enum State {
STATE_TRANSPORT_CONNECT,
STATE_TRANSPORT_CONNECT_COMPLETE,
STATE_SOCKS_CONNECT,
STATE_SOCKS_CONNECT_COMPLETE,
STATE_TUNNEL_CONNECT,
STATE_TUNNEL_CONNECT_COMPLETE,
STATE_SSL_CONNECT,
STATE_SSL_CONNECT_COMPLETE,
STATE_NONE,
};
void OnIOComplete(int result);
// Runs the state transition loop.
int DoLoop(int result);
int DoTransportConnect();
int DoTransportConnectComplete(int result);
int DoSOCKSConnect();
int DoSOCKSConnectComplete(int result);
int DoTunnelConnect();
int DoTunnelConnectComplete(int result);
int DoSSLConnect();
int DoSSLConnectComplete(int result);
// Starts the SSL connection process. Returns OK on success and
// ERR_IO_PENDING if it cannot immediately service the request.
// Otherwise, it returns a net error code.
virtual int ConnectInternal();
scoped_refptr<SSLSocketParams> params_;
TransportClientSocketPool* const transport_pool_;
SOCKSClientSocketPool* const socks_pool_;
HttpProxyClientSocketPool* const http_proxy_pool_;
ClientSocketFactory* const client_socket_factory_;
HostResolver* const host_resolver_;
CertVerifier* const cert_verifier_;
DnsRRResolver* const dnsrr_resolver_;
DnsCertProvenanceChecker* dns_cert_checker_;
SSLHostInfoFactory* const ssl_host_info_factory_;
State next_state_;
CompletionCallbackImpl<SSLConnectJob> callback_;
scoped_ptr<ClientSocketHandle> transport_socket_handle_;
scoped_ptr<SSLClientSocket> ssl_socket_;
scoped_ptr<SSLHostInfo> ssl_host_info_;
// The time the DoSSLConnect() method was called.
base::TimeTicks ssl_connect_start_time_;
HttpResponseInfo error_response_info_;
DISALLOW_COPY_AND_ASSIGN(SSLConnectJob);
};
class SSLClientSocketPool : public ClientSocketPool,
public SSLConfigService::Observer {
public:
// Only the pools that will be used are required. i.e. if you never
// try to create an SSL over SOCKS socket, |socks_pool| may be NULL.
SSLClientSocketPool(
int max_sockets,
int max_sockets_per_group,
ClientSocketPoolHistograms* histograms,
HostResolver* host_resolver,
CertVerifier* cert_verifier,
DnsRRResolver* dnsrr_resolver,
DnsCertProvenanceChecker* dns_cert_checker,
SSLHostInfoFactory* ssl_host_info_factory,
ClientSocketFactory* client_socket_factory,
TransportClientSocketPool* transport_pool,
SOCKSClientSocketPool* socks_pool,
HttpProxyClientSocketPool* http_proxy_pool,
SSLConfigService* ssl_config_service,
NetLog* net_log);
virtual ~SSLClientSocketPool();
// ClientSocketPool methods:
virtual int RequestSocket(const std::string& group_name,
const void* connect_params,
RequestPriority priority,
ClientSocketHandle* handle,
CompletionCallback* callback,
const BoundNetLog& net_log);
virtual void RequestSockets(const std::string& group_name,
const void* params,
int num_sockets,
const BoundNetLog& net_log);
virtual void CancelRequest(const std::string& group_name,
ClientSocketHandle* handle);
virtual void ReleaseSocket(const std::string& group_name,
ClientSocket* socket,
int id);
virtual void Flush();
virtual void CloseIdleSockets();
virtual int IdleSocketCount() const;
virtual int IdleSocketCountInGroup(const std::string& group_name) const;
virtual LoadState GetLoadState(const std::string& group_name,
const ClientSocketHandle* handle) const;
virtual DictionaryValue* GetInfoAsValue(const std::string& name,
const std::string& type,
bool include_nested_pools) const;
virtual base::TimeDelta ConnectionTimeout() const;
virtual ClientSocketPoolHistograms* histograms() const;
private:
typedef ClientSocketPoolBase<SSLSocketParams> PoolBase;
// SSLConfigService::Observer methods:
// When the user changes the SSL config, we flush all idle sockets so they
// won't get re-used.
virtual void OnSSLConfigChanged();
class SSLConnectJobFactory : public PoolBase::ConnectJobFactory {
public:
SSLConnectJobFactory(
TransportClientSocketPool* transport_pool,
SOCKSClientSocketPool* socks_pool,
HttpProxyClientSocketPool* http_proxy_pool,
ClientSocketFactory* client_socket_factory,
HostResolver* host_resolver,
CertVerifier* cert_verifier,
DnsRRResolver* dnsrr_resolver,
DnsCertProvenanceChecker* dns_cert_checker,
SSLHostInfoFactory* ssl_host_info_factory,
NetLog* net_log);
virtual ~SSLConnectJobFactory() {}
// ClientSocketPoolBase::ConnectJobFactory methods.
virtual ConnectJob* NewConnectJob(
const std::string& group_name,
const PoolBase::Request& request,
ConnectJob::Delegate* delegate) const;
virtual base::TimeDelta ConnectionTimeout() const { return timeout_; }
private:
TransportClientSocketPool* const transport_pool_;
SOCKSClientSocketPool* const socks_pool_;
HttpProxyClientSocketPool* const http_proxy_pool_;
ClientSocketFactory* const client_socket_factory_;
HostResolver* const host_resolver_;
CertVerifier* const cert_verifier_;
DnsRRResolver* const dnsrr_resolver_;
DnsCertProvenanceChecker* const dns_cert_checker_;
SSLHostInfoFactory* const ssl_host_info_factory_;
base::TimeDelta timeout_;
NetLog* net_log_;
DISALLOW_COPY_AND_ASSIGN(SSLConnectJobFactory);
};
TransportClientSocketPool* const transport_pool_;
SOCKSClientSocketPool* const socks_pool_;
HttpProxyClientSocketPool* const http_proxy_pool_;
PoolBase base_;
const scoped_refptr<SSLConfigService> ssl_config_service_;
DISALLOW_COPY_AND_ASSIGN(SSLClientSocketPool);
};
REGISTER_SOCKET_PARAMS_FOR_POOL(SSLClientSocketPool, SSLSocketParams);
} // namespace net
#endif // NET_SOCKET_SSL_CLIENT_SOCKET_POOL_H_
|
