1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "jingle/glue/proxy_resolving_client_socket.h" 6 7 #include "base/basictypes.h" 8 #include "base/bind.h" 9 #include "base/bind_helpers.h" 10 #include "base/compiler_specific.h" 11 #include "base/logging.h" 12 #include "net/base/io_buffer.h" 13 #include "net/base/net_errors.h" 14 #include "net/http/http_network_session.h" 15 #include "net/socket/client_socket_handle.h" 16 #include "net/socket/client_socket_pool_manager.h" 17 #include "net/url_request/url_request_context.h" 18 #include "net/url_request/url_request_context_getter.h" 19 20 namespace jingle_glue { 21 22 ProxyResolvingClientSocket::ProxyResolvingClientSocket( 23 net::ClientSocketFactory* socket_factory, 24 const scoped_refptr<net::URLRequestContextGetter>& request_context_getter, 25 const net::SSLConfig& ssl_config, 26 const net::HostPortPair& dest_host_port_pair) 27 : proxy_resolve_callback_( 28 base::Bind(&ProxyResolvingClientSocket::ProcessProxyResolveDone, 29 base::Unretained(this))), 30 connect_callback_( 31 base::Bind(&ProxyResolvingClientSocket::ProcessConnectDone, 32 base::Unretained(this))), 33 ssl_config_(ssl_config), 34 pac_request_(NULL), 35 dest_host_port_pair_(dest_host_port_pair), 36 // Assume that we intend to do TLS on this socket; all 37 // current use cases do. 38 proxy_url_("https://" + dest_host_port_pair_.ToString()), 39 tried_direct_connect_fallback_(false), 40 bound_net_log_( 41 net::BoundNetLog::Make( 42 request_context_getter->GetURLRequestContext()->net_log(), 43 net::NetLog::SOURCE_SOCKET)), 44 weak_factory_(this) { 45 DCHECK(request_context_getter.get()); 46 net::URLRequestContext* request_context = 47 request_context_getter->GetURLRequestContext(); 48 DCHECK(request_context); 49 DCHECK(!dest_host_port_pair_.host().empty()); 50 DCHECK_GT(dest_host_port_pair_.port(), 0); 51 DCHECK(proxy_url_.is_valid()); 52 53 net::HttpNetworkSession::Params session_params; 54 session_params.client_socket_factory = socket_factory; 55 session_params.host_resolver = request_context->host_resolver(); 56 session_params.cert_verifier = request_context->cert_verifier(); 57 session_params.transport_security_state = 58 request_context->transport_security_state(); 59 // TODO(rkn): This is NULL because ServerBoundCertService is not thread safe. 60 session_params.server_bound_cert_service = NULL; 61 session_params.proxy_service = request_context->proxy_service(); 62 session_params.ssl_config_service = request_context->ssl_config_service(); 63 session_params.http_auth_handler_factory = 64 request_context->http_auth_handler_factory(); 65 session_params.network_delegate = request_context->network_delegate(); 66 session_params.http_server_properties = 67 request_context->http_server_properties(); 68 session_params.net_log = request_context->net_log(); 69 70 const net::HttpNetworkSession::Params* reference_params = 71 request_context->GetNetworkSessionParams(); 72 if (reference_params) { 73 // TODO(mmenke): Just copying specific parameters seems highly regression 74 // prone. Should have a better way to do this. 75 session_params.host_mapping_rules = reference_params->host_mapping_rules; 76 session_params.ignore_certificate_errors = 77 reference_params->ignore_certificate_errors; 78 session_params.testing_fixed_http_port = 79 reference_params->testing_fixed_http_port; 80 session_params.testing_fixed_https_port = 81 reference_params->testing_fixed_https_port; 82 session_params.next_protos = reference_params->next_protos; 83 session_params.trusted_spdy_proxy = reference_params->trusted_spdy_proxy; 84 session_params.force_spdy_over_ssl = reference_params->force_spdy_over_ssl; 85 session_params.force_spdy_always = reference_params->force_spdy_always; 86 session_params.forced_spdy_exclusions = 87 reference_params->forced_spdy_exclusions; 88 session_params.use_alternate_protocols = 89 reference_params->use_alternate_protocols; 90 } 91 92 network_session_ = new net::HttpNetworkSession(session_params); 93 } 94 95 ProxyResolvingClientSocket::~ProxyResolvingClientSocket() { 96 Disconnect(); 97 } 98 99 int ProxyResolvingClientSocket::Read(net::IOBuffer* buf, int buf_len, 100 const net::CompletionCallback& callback) { 101 if (transport_.get() && transport_->socket()) 102 return transport_->socket()->Read(buf, buf_len, callback); 103 NOTREACHED(); 104 return net::ERR_SOCKET_NOT_CONNECTED; 105 } 106 107 int ProxyResolvingClientSocket::Write( 108 net::IOBuffer* buf, 109 int buf_len, 110 const net::CompletionCallback& callback) { 111 if (transport_.get() && transport_->socket()) 112 return transport_->socket()->Write(buf, buf_len, callback); 113 NOTREACHED(); 114 return net::ERR_SOCKET_NOT_CONNECTED; 115 } 116 117 int ProxyResolvingClientSocket::SetReceiveBufferSize(int32 size) { 118 if (transport_.get() && transport_->socket()) 119 return transport_->socket()->SetReceiveBufferSize(size); 120 NOTREACHED(); 121 return net::ERR_SOCKET_NOT_CONNECTED; 122 } 123 124 int ProxyResolvingClientSocket::SetSendBufferSize(int32 size) { 125 if (transport_.get() && transport_->socket()) 126 return transport_->socket()->SetSendBufferSize(size); 127 NOTREACHED(); 128 return net::ERR_SOCKET_NOT_CONNECTED; 129 } 130 131 int ProxyResolvingClientSocket::Connect( 132 const net::CompletionCallback& callback) { 133 DCHECK(user_connect_callback_.is_null()); 134 135 tried_direct_connect_fallback_ = false; 136 137 // First we try and resolve the proxy. 138 int status = network_session_->proxy_service()->ResolveProxy( 139 proxy_url_, 140 &proxy_info_, 141 proxy_resolve_callback_, 142 &pac_request_, 143 bound_net_log_); 144 if (status != net::ERR_IO_PENDING) { 145 // We defer execution of ProcessProxyResolveDone instead of calling it 146 // directly here for simplicity. From the caller's point of view, 147 // the connect always happens asynchronously. 148 base::MessageLoop* message_loop = base::MessageLoop::current(); 149 CHECK(message_loop); 150 message_loop->PostTask( 151 FROM_HERE, 152 base::Bind(&ProxyResolvingClientSocket::ProcessProxyResolveDone, 153 weak_factory_.GetWeakPtr(), status)); 154 } 155 user_connect_callback_ = callback; 156 return net::ERR_IO_PENDING; 157 } 158 159 void ProxyResolvingClientSocket::RunUserConnectCallback(int status) { 160 DCHECK_LE(status, net::OK); 161 net::CompletionCallback user_connect_callback = user_connect_callback_; 162 user_connect_callback_.Reset(); 163 user_connect_callback.Run(status); 164 } 165 166 // Always runs asynchronously. 167 void ProxyResolvingClientSocket::ProcessProxyResolveDone(int status) { 168 pac_request_ = NULL; 169 170 DCHECK_NE(status, net::ERR_IO_PENDING); 171 if (status == net::OK) { 172 // Remove unsupported proxies from the list. 173 proxy_info_.RemoveProxiesWithoutScheme( 174 net::ProxyServer::SCHEME_DIRECT | 175 net::ProxyServer::SCHEME_HTTP | net::ProxyServer::SCHEME_HTTPS | 176 net::ProxyServer::SCHEME_SOCKS4 | net::ProxyServer::SCHEME_SOCKS5); 177 178 if (proxy_info_.is_empty()) { 179 // No proxies/direct to choose from. This happens when we don't support 180 // any of the proxies in the returned list. 181 status = net::ERR_NO_SUPPORTED_PROXIES; 182 } 183 } 184 185 // Since we are faking the URL, it is possible that no proxies match our URL. 186 // Try falling back to a direct connection if we have not tried that before. 187 if (status != net::OK) { 188 if (!tried_direct_connect_fallback_) { 189 tried_direct_connect_fallback_ = true; 190 proxy_info_.UseDirect(); 191 } else { 192 CloseTransportSocket(); 193 RunUserConnectCallback(status); 194 return; 195 } 196 } 197 198 transport_.reset(new net::ClientSocketHandle); 199 // Now that we have resolved the proxy, we need to connect. 200 status = net::InitSocketHandleForRawConnect( 201 dest_host_port_pair_, network_session_.get(), proxy_info_, ssl_config_, 202 ssl_config_, net::PRIVACY_MODE_DISABLED, bound_net_log_, transport_.get(), 203 connect_callback_); 204 if (status != net::ERR_IO_PENDING) { 205 // Since this method is always called asynchronously. it is OK to call 206 // ProcessConnectDone synchronously. 207 ProcessConnectDone(status); 208 } 209 } 210 211 void ProxyResolvingClientSocket::ProcessConnectDone(int status) { 212 if (status != net::OK) { 213 // If the connection fails, try another proxy. 214 status = ReconsiderProxyAfterError(status); 215 // ReconsiderProxyAfterError either returns an error (in which case it is 216 // not reconsidering a proxy) or returns ERR_IO_PENDING if it is considering 217 // another proxy. 218 DCHECK_NE(status, net::OK); 219 if (status == net::ERR_IO_PENDING) 220 // Proxy reconsideration pending. Return. 221 return; 222 CloseTransportSocket(); 223 } else { 224 ReportSuccessfulProxyConnection(); 225 } 226 RunUserConnectCallback(status); 227 } 228 229 // TODO(sanjeevr): This has largely been copied from 230 // HttpStreamFactoryImpl::Job::ReconsiderProxyAfterError. This should be 231 // refactored into some common place. 232 // This method reconsiders the proxy on certain errors. If it does reconsider 233 // a proxy it always returns ERR_IO_PENDING and posts a call to 234 // ProcessProxyResolveDone with the result of the reconsideration. 235 int ProxyResolvingClientSocket::ReconsiderProxyAfterError(int error) { 236 DCHECK(!pac_request_); 237 DCHECK_NE(error, net::OK); 238 DCHECK_NE(error, net::ERR_IO_PENDING); 239 // A failure to resolve the hostname or any error related to establishing a 240 // TCP connection could be grounds for trying a new proxy configuration. 241 // 242 // Why do this when a hostname cannot be resolved? Some URLs only make sense 243 // to proxy servers. The hostname in those URLs might fail to resolve if we 244 // are still using a non-proxy config. We need to check if a proxy config 245 // now exists that corresponds to a proxy server that could load the URL. 246 // 247 switch (error) { 248 case net::ERR_PROXY_CONNECTION_FAILED: 249 case net::ERR_NAME_NOT_RESOLVED: 250 case net::ERR_INTERNET_DISCONNECTED: 251 case net::ERR_ADDRESS_UNREACHABLE: 252 case net::ERR_CONNECTION_CLOSED: 253 case net::ERR_CONNECTION_RESET: 254 case net::ERR_CONNECTION_REFUSED: 255 case net::ERR_CONNECTION_ABORTED: 256 case net::ERR_TIMED_OUT: 257 case net::ERR_TUNNEL_CONNECTION_FAILED: 258 case net::ERR_SOCKS_CONNECTION_FAILED: 259 break; 260 case net::ERR_SOCKS_CONNECTION_HOST_UNREACHABLE: 261 // Remap the SOCKS-specific "host unreachable" error to a more 262 // generic error code (this way consumers like the link doctor 263 // know to substitute their error page). 264 // 265 // Note that if the host resolving was done by the SOCSK5 proxy, we can't 266 // differentiate between a proxy-side "host not found" versus a proxy-side 267 // "address unreachable" error, and will report both of these failures as 268 // ERR_ADDRESS_UNREACHABLE. 269 return net::ERR_ADDRESS_UNREACHABLE; 270 default: 271 return error; 272 } 273 274 if (proxy_info_.is_https() && ssl_config_.send_client_cert) { 275 network_session_->ssl_client_auth_cache()->Remove( 276 proxy_info_.proxy_server().host_port_pair()); 277 } 278 279 int rv = network_session_->proxy_service()->ReconsiderProxyAfterError( 280 proxy_url_, error, &proxy_info_, proxy_resolve_callback_, &pac_request_, 281 bound_net_log_); 282 if (rv == net::OK || rv == net::ERR_IO_PENDING) { 283 CloseTransportSocket(); 284 } else { 285 // If ReconsiderProxyAfterError() failed synchronously, it means 286 // there was nothing left to fall-back to, so fail the transaction 287 // with the last connection error we got. 288 rv = error; 289 } 290 291 // We either have new proxy info or there was an error in falling back. 292 // In both cases we want to post ProcessProxyResolveDone (in the error case 293 // we might still want to fall back a direct connection). 294 if (rv != net::ERR_IO_PENDING) { 295 base::MessageLoop* message_loop = base::MessageLoop::current(); 296 CHECK(message_loop); 297 message_loop->PostTask( 298 FROM_HERE, 299 base::Bind(&ProxyResolvingClientSocket::ProcessProxyResolveDone, 300 weak_factory_.GetWeakPtr(), rv)); 301 // Since we potentially have another try to go (trying the direct connect) 302 // set the return code code to ERR_IO_PENDING. 303 rv = net::ERR_IO_PENDING; 304 } 305 return rv; 306 } 307 308 void ProxyResolvingClientSocket::ReportSuccessfulProxyConnection() { 309 network_session_->proxy_service()->ReportSuccess(proxy_info_); 310 } 311 312 void ProxyResolvingClientSocket::Disconnect() { 313 CloseTransportSocket(); 314 if (pac_request_) { 315 network_session_->proxy_service()->CancelPacRequest(pac_request_); 316 pac_request_ = NULL; 317 } 318 user_connect_callback_.Reset(); 319 } 320 321 bool ProxyResolvingClientSocket::IsConnected() const { 322 if (!transport_.get() || !transport_->socket()) 323 return false; 324 return transport_->socket()->IsConnected(); 325 } 326 327 bool ProxyResolvingClientSocket::IsConnectedAndIdle() const { 328 if (!transport_.get() || !transport_->socket()) 329 return false; 330 return transport_->socket()->IsConnectedAndIdle(); 331 } 332 333 int ProxyResolvingClientSocket::GetPeerAddress( 334 net::IPEndPoint* address) const { 335 if (transport_.get() && transport_->socket()) 336 return transport_->socket()->GetPeerAddress(address); 337 NOTREACHED(); 338 return net::ERR_SOCKET_NOT_CONNECTED; 339 } 340 341 int ProxyResolvingClientSocket::GetLocalAddress( 342 net::IPEndPoint* address) const { 343 if (transport_.get() && transport_->socket()) 344 return transport_->socket()->GetLocalAddress(address); 345 NOTREACHED(); 346 return net::ERR_SOCKET_NOT_CONNECTED; 347 } 348 349 const net::BoundNetLog& ProxyResolvingClientSocket::NetLog() const { 350 if (transport_.get() && transport_->socket()) 351 return transport_->socket()->NetLog(); 352 NOTREACHED(); 353 return bound_net_log_; 354 } 355 356 void ProxyResolvingClientSocket::SetSubresourceSpeculation() { 357 if (transport_.get() && transport_->socket()) 358 transport_->socket()->SetSubresourceSpeculation(); 359 else 360 NOTREACHED(); 361 } 362 363 void ProxyResolvingClientSocket::SetOmniboxSpeculation() { 364 if (transport_.get() && transport_->socket()) 365 transport_->socket()->SetOmniboxSpeculation(); 366 else 367 NOTREACHED(); 368 } 369 370 bool ProxyResolvingClientSocket::WasEverUsed() const { 371 if (transport_.get() && transport_->socket()) 372 return transport_->socket()->WasEverUsed(); 373 NOTREACHED(); 374 return false; 375 } 376 377 bool ProxyResolvingClientSocket::UsingTCPFastOpen() const { 378 if (transport_.get() && transport_->socket()) 379 return transport_->socket()->UsingTCPFastOpen(); 380 NOTREACHED(); 381 return false; 382 } 383 384 bool ProxyResolvingClientSocket::WasNpnNegotiated() const { 385 return false; 386 } 387 388 net::NextProto ProxyResolvingClientSocket::GetNegotiatedProtocol() const { 389 if (transport_.get() && transport_->socket()) 390 return transport_->socket()->GetNegotiatedProtocol(); 391 NOTREACHED(); 392 return net::kProtoUnknown; 393 } 394 395 bool ProxyResolvingClientSocket::GetSSLInfo(net::SSLInfo* ssl_info) { 396 return false; 397 } 398 399 void ProxyResolvingClientSocket::CloseTransportSocket() { 400 if (transport_.get() && transport_->socket()) 401 transport_->socket()->Disconnect(); 402 transport_.reset(); 403 } 404 405 } // namespace jingle_glue 406
