Google Git
Sign in
chromium / chromium / src.git / 78e6d2b3325b16d8b637b9457a775557e1ec7e0e / . / net / http / http_network_transaction.cc
blob: d17ef213ab9ab01160211c8fe94c1d127e3c3c47 [file] [log] [blame]
[email protected]49ed6cc2012-02-02 08:59:16[diff] [blame]1// Copyright (c) 2012 The Chromium Authors. All rights reserved.
[email protected]d102f542010-06-30 14:51:05[diff] [blame]2// Use of this source code is governed by a BSD-style license that can be
license.botbf09a502008-08-24 00:55:55[diff] [blame]3// found in the LICENSE file.
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]4
5#include "net/http/http_network_transaction.h"
6
danakj1fd259a02016-04-16 03:17:09[diff] [blame]7#include <memory>
[email protected]2fbaecf22010-07-22 22:20:35[diff] [blame]8#include <set>
dchengc7eeda422015-12-26 03:56:48[diff] [blame]9#include <utility>
[email protected]2fbaecf22010-07-22 22:20:35[diff] [blame]10#include <vector>
11
nharperb7441ef2016-01-25 23:54:14[diff] [blame]12#include "base/base64url.h"
[email protected]49639fa2011-12-20 23:22:41[diff] [blame]13#include "base/bind.h"
14#include "base/bind_helpers.h"
[email protected]68bf9152008-09-25 19:47:30[diff] [blame]15#include "base/compiler_specific.h"
[email protected]270c6412010-03-29 22:02:47[diff] [blame]16#include "base/format_macros.h"
[email protected]835d7c82010-10-14 04:38:38[diff] [blame]17#include "base/metrics/field_trial.h"
asvitkinec3c93722015-06-17 14:48:37[diff] [blame]18#include "base/metrics/histogram_macros.h"
davidbenf2eaaf92015-05-15 22:18:42[diff] [blame]19#include "base/metrics/sparse_histogram.h"
vadimt09e7ebe2014-10-29 22:10:41[diff] [blame]20#include "base/profiler/scoped_tracker.h"
[email protected]7286e3fc2011-07-19 22:13:24[diff] [blame]21#include "base/stl_util.h"
[email protected]125ef482013-06-11 18:32:47[diff] [blame]22#include "base/strings/string_number_conversions.h"
23#include "base/strings/string_util.h"
24#include "base/strings/stringprintf.h"
[email protected]3d498f72013-10-28 21:17:40[diff] [blame]25#include "base/time/time.h"
[email protected]db74b0102012-05-31 19:55:53[diff] [blame]26#include "base/values.h"
[email protected]68bf9152008-09-25 19:47:30[diff] [blame]27#include "build/build_config.h"
[email protected]277d5942010-08-11 21:02:35[diff] [blame]28#include "net/base/auth.h"
[email protected]2d6728692011-03-12 01:39:55[diff] [blame]29#include "net/base/host_port_pair.h"
[email protected]74a85ce2009-02-12 00:03:19[diff] [blame]30#include "net/base/io_buffer.h"
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]31#include "net/base/load_flags.h"
[email protected]58e32bb2013-01-21 18:23:25[diff] [blame]32#include "net/base/load_timing_info.h"
[email protected]597cf6e2009-05-29 09:43:26[diff] [blame]33#include "net/base/net_errors.h"
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]34#include "net/base/upload_data_stream.h"
tfarina7a4a7fd2016-01-20 14:23:44[diff] [blame]35#include "net/base/url_util.h"
[email protected]c3b35c22008-09-27 03:19:42[diff] [blame]36#include "net/http/http_auth.h"
37#include "net/http/http_auth_handler.h"
[email protected]fa82f932010-05-20 11:09:24[diff] [blame]38#include "net/http/http_auth_handler_factory.h"
[email protected]8d5a34e2009-06-11 21:21:36[diff] [blame]39#include "net/http/http_basic_stream.h"
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]40#include "net/http/http_chunked_decoder.h"
41#include "net/http/http_network_session.h"
[email protected]a7ea8832010-07-12 17:54:54[diff] [blame]42#include "net/http/http_proxy_client_socket.h"
[email protected]e772db3f2010-07-12 18:11:13[diff] [blame]43#include "net/http/http_proxy_client_socket_pool.h"
[email protected]270c6412010-03-29 22:02:47[diff] [blame]44#include "net/http/http_request_headers.h"
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]45#include "net/http/http_request_info.h"
[email protected]319d9e6f2009-02-18 19:47:21[diff] [blame]46#include "net/http/http_response_headers.h"
[email protected]0877e3d2009-10-17 22:29:57[diff] [blame]47#include "net/http/http_response_info.h"
[email protected]17291a022011-10-10 07:32:53[diff] [blame]48#include "net/http/http_server_properties.h"
[email protected]9094b602012-02-27 21:44:58[diff] [blame]49#include "net/http/http_status_code.h"
yhiranoa7e05bb2014-11-06 05:40:39[diff] [blame]50#include "net/http/http_stream.h"
[email protected]102e27c2011-02-23 01:01:31[diff] [blame]51#include "net/http/http_stream_factory.h"
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]52#include "net/http/http_util.h"
[email protected]158ac972013-04-19 23:29:23[diff] [blame]53#include "net/http/transport_security_state.h"
[email protected]d7f16632010-03-29 18:02:36[diff] [blame]54#include "net/http/url_security_manager.h"
mikecirone8b85c432016-09-08 19:11:00[diff] [blame]55#include "net/log/net_log_event_type.h"
[email protected]f7984fc62009-06-22 23:26:44[diff] [blame]56#include "net/socket/client_socket_factory.h"
[email protected]a796bcec2010-03-22 17:17:26[diff] [blame]57#include "net/socket/socks_client_socket_pool.h"
[email protected]f7984fc62009-06-22 23:26:44[diff] [blame]58#include "net/socket/ssl_client_socket.h"
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]59#include "net/socket/ssl_client_socket_pool.h"
[email protected]ab739042011-04-07 15:22:28[diff] [blame]60#include "net/socket/transport_client_socket_pool.h"
[email protected]65d56aa2010-06-14 04:13:40[diff] [blame]61#include "net/spdy/spdy_http_stream.h"
[email protected]dab9c7d2010-02-06 21:44:32[diff] [blame]62#include "net/spdy/spdy_session.h"
63#include "net/spdy/spdy_session_pool.h"
[email protected]536fd0b2013-03-14 17:41:57[diff] [blame]64#include "net/ssl/ssl_cert_request_info.h"
65#include "net/ssl/ssl_connection_status_flags.h"
svaldez7872fd02015-11-19 21:10:54[diff] [blame]66#include "net/ssl/ssl_private_key.h"
nharperb7441ef2016-01-25 23:54:14[diff] [blame]67#include "net/ssl/token_binding.h"
[email protected]f89276a72013-07-12 06:41:54[diff] [blame]68#include "url/gurl.h"
[email protected]e69c1cd2014-07-29 07:42:29[diff] [blame]69#include "url/url_canon.h"
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]70
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]71namespace net {
72
[email protected]1c773ea12009-04-28 19:58:42[diff] [blame]73namespace {
74
danakj1fd259a02016-04-16 03:17:09[diff] [blame]75std::unique_ptr<base::Value> NetLogSSLCipherFallbackCallback(
eroman001c3742015-04-23 03:11:17[diff] [blame]76 const GURL* url,
77 int net_error,
78 NetLogCaptureMode /* capture_mode */) {
danakj1fd259a02016-04-16 03:17:09[diff] [blame]79 std::unique_ptr<base::DictionaryValue> dict(new base::DictionaryValue());
davidbena4c9d062015-04-03 22:34:25[diff] [blame]80 dict->SetString("host_and_port", GetHostAndPort(*url));
81 dict->SetInteger("net_error", net_error);
dchengc7eeda422015-12-26 03:56:48[diff] [blame]82 return std::move(dict);
davidbena4c9d062015-04-03 22:34:25[diff] [blame]83}
84
[email protected]1c773ea12009-04-28 19:58:42[diff] [blame]85} // namespace
86
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]87//-----------------------------------------------------------------------------
88
[email protected]262eec82013-03-19 21:01:36[diff] [blame]89HttpNetworkTransaction::HttpNetworkTransaction(RequestPriority priority,
90 HttpNetworkSession* session)
[email protected]0757e7702009-03-27 04:00:22[diff] [blame]91 : pending_auth_target_(HttpAuth::AUTH_NONE),
[email protected]aa249b52013-04-30 01:04:32[diff] [blame]92 io_callback_(base::Bind(&HttpNetworkTransaction::OnIOComplete,
93 base::Unretained(this))),
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]94 session_(session),
95 request_(NULL),
[email protected]262eec82013-03-19 21:01:36[diff] [blame]96 priority_(priority),
[email protected]0877e3d2009-10-17 22:29:57[diff] [blame]97 headers_valid_(false),
[email protected]b94f92d2010-10-27 16:45:20[diff] [blame]98 request_headers_(),
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]99 read_buf_len_(0),
[email protected]b8015c42013-12-24 15:18:19[diff] [blame]100 total_received_bytes_(0),
sclittlefb249892015-09-10 21:33:22[diff] [blame]101 total_sent_bytes_(0),
[email protected]a7ea8832010-07-12 17:54:54[diff] [blame]102 next_state_(STATE_NONE),
[email protected]831e4a32013-11-14 02:14:44[diff] [blame]103 establishing_tunnel_(false),
zhongyi48704c182015-12-07 07:52:02[diff] [blame]104 websocket_handshake_stream_base_create_helper_(NULL),
zhongyica364fbb2015-12-12 03:39:12[diff] [blame]105 net_error_details_() {
[email protected]3ce7df0f2010-03-03 00:30:50[diff] [blame]106}
107
[email protected]0b0bf032010-09-21 18:08:50[diff] [blame]108HttpNetworkTransaction::~HttpNetworkTransaction() {
109 if (stream_.get()) {
[email protected]0b0bf032010-09-21 18:08:50[diff] [blame]110 // TODO(mbelshe): The stream_ should be able to compute whether or not the
111 // stream should be kept alive. No reason to compute here
112 // and pass it in.
mmenkebd84c392015-09-02 14:12:34[diff] [blame]113 if (!stream_->CanReuseConnection() || next_state_ != STATE_NONE) {
[email protected]0b0bf032010-09-21 18:08:50[diff] [blame]114 stream_->Close(true /* not reusable */);
mmenkebd84c392015-09-02 14:12:34[diff] [blame]115 } else if (stream_->IsResponseBodyComplete()) {
116 // If the response body is complete, we can just reuse the socket.
117 stream_->Close(false /* reusable */);
[email protected]0b0bf032010-09-21 18:08:50[diff] [blame]118 } else {
mmenkebd84c392015-09-02 14:12:34[diff] [blame]119 // Otherwise, we try to drain the response body.
120 HttpStream* stream = stream_.release();
121 stream->Drain(session_);
[email protected]0b0bf032010-09-21 18:08:50[diff] [blame]122 }
123 }
[email protected]02cad5d2013-10-02 08:14:03[diff] [blame]124
125 if (request_ && request_->upload_data_stream)
126 request_->upload_data_stream->Reset(); // Invalidate pending callbacks.
[email protected]0b0bf032010-09-21 18:08:50[diff] [blame]127}
128
[email protected]684970b2009-08-14 04:54:46[diff] [blame]129int HttpNetworkTransaction::Start(const HttpRequestInfo* request_info,
[email protected]49639fa2011-12-20 23:22:41[diff] [blame]130 const CompletionCallback& callback,
[email protected]9e743cd2010-03-16 07:03:53[diff] [blame]131 const BoundNetLog& net_log) {
[email protected]9e743cd2010-03-16 07:03:53[diff] [blame]132 net_log_ = net_log;
[email protected]96d570e42008-08-05 22:43:04[diff] [blame]133 request_ = request_info;
134
nharper8cdb0fb2016-04-22 21:34:59[diff] [blame]135 // Now that we have an HttpRequestInfo object, update server_ssl_config_.
136 session_->GetSSLConfig(*request_, &server_ssl_config_, &proxy_ssl_config_);
137
[email protected]99ffa5a2011-10-06 04:20:19[diff] [blame]138 if (request_->load_flags & LOAD_DISABLE_CERT_REVOCATION_CHECKING) {
[email protected]102957f2011-09-02 17:10:14[diff] [blame]139 server_ssl_config_.rev_checking_enabled = false;
[email protected]99ffa5a2011-10-06 04:20:19[diff] [blame]140 proxy_ssl_config_.rev_checking_enabled = false;
141 }
[email protected]6fbac162011-06-20 00:29:04[diff] [blame]142
jkarlinfb1d5172015-01-12 14:10:29[diff] [blame]143 if (request_->load_flags & LOAD_PREFETCH)
144 response_.unused_since_prefetch = true;
145
[email protected]1826a402014-01-08 15:40:48[diff] [blame]146 next_state_ = STATE_NOTIFY_BEFORE_CREATE_STREAM;
[email protected]96d570e42008-08-05 22:43:04[diff] [blame]147 int rv = DoLoop(OK);
148 if (rv == ERR_IO_PENDING)
[email protected]49639fa2011-12-20 23:22:41[diff] [blame]149 callback_ = callback;
[email protected]96d570e42008-08-05 22:43:04[diff] [blame]150 return rv;
151}
152
153int HttpNetworkTransaction::RestartIgnoringLastError(
[email protected]49639fa2011-12-20 23:22:41[diff] [blame]154 const CompletionCallback& callback) {
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]155 DCHECK(!stream_.get());
156 DCHECK(!stream_request_.get());
157 DCHECK_EQ(STATE_NONE, next_state_);
158
[email protected]82918cc2010-08-25 17:24:50[diff] [blame]159 next_state_ = STATE_CREATE_STREAM;
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]160
[email protected]ccb40e52008-09-17 20:54:40[diff] [blame]161 int rv = DoLoop(OK);
162 if (rv == ERR_IO_PENDING)
[email protected]49639fa2011-12-20 23:22:41[diff] [blame]163 callback_ = callback;
[email protected]aaead502008-10-15 00:20:11[diff] [blame]164 return rv;
[email protected]96d570e42008-08-05 22:43:04[diff] [blame]165}
166
[email protected]0b45559b2009-06-12 21:45:11[diff] [blame]167int HttpNetworkTransaction::RestartWithCertificate(
svaldez7872fd02015-11-19 21:10:54[diff] [blame]168 X509Certificate* client_cert,
169 SSLPrivateKey* client_private_key,
170 const CompletionCallback& callback) {
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]171 // In HandleCertificateRequest(), we always tear down existing stream
172 // requests to force a new connection. So we shouldn't have one here.
173 DCHECK(!stream_request_.get());
174 DCHECK(!stream_.get());
175 DCHECK_EQ(STATE_NONE, next_state_);
176
[email protected]102957f2011-09-02 17:10:14[diff] [blame]177 SSLConfig* ssl_config = response_.cert_request_info->is_proxy ?
178 &proxy_ssl_config_ : &server_ssl_config_;
179 ssl_config->send_client_cert = true;
180 ssl_config->client_cert = client_cert;
svaldez7872fd02015-11-19 21:10:54[diff] [blame]181 ssl_config->client_private_key = client_private_key;
[email protected]ec229bc92010-11-22 09:51:45[diff] [blame]182 session_->ssl_client_auth_cache()->Add(
svaldez7872fd02015-11-19 21:10:54[diff] [blame]183 response_.cert_request_info->host_and_port, client_cert,
184 client_private_key);
[email protected]0b45559b2009-06-12 21:45:11[diff] [blame]185 // Reset the other member variables.
186 // Note: this is necessary only with SSL renegotiation.
187 ResetStateForRestart();
[email protected]82918cc2010-08-25 17:24:50[diff] [blame]188 next_state_ = STATE_CREATE_STREAM;
[email protected]0b45559b2009-06-12 21:45:11[diff] [blame]189 int rv = DoLoop(OK);
190 if (rv == ERR_IO_PENDING)
[email protected]49639fa2011-12-20 23:22:41[diff] [blame]191 callback_ = callback;
[email protected]0b45559b2009-06-12 21:45:11[diff] [blame]192 return rv;
193}
194
[email protected]49639fa2011-12-20 23:22:41[diff] [blame]195int HttpNetworkTransaction::RestartWithAuth(
196 const AuthCredentials& credentials, const CompletionCallback& callback) {
[email protected]0757e7702009-03-27 04:00:22[diff] [blame]197 HttpAuth::Target target = pending_auth_target_;
198 if (target == HttpAuth::AUTH_NONE) {
199 NOTREACHED();
200 return ERR_UNEXPECTED;
201 }
[email protected]0757e7702009-03-27 04:00:22[diff] [blame]202 pending_auth_target_ = HttpAuth::AUTH_NONE;
[email protected]c3b35c22008-09-27 03:19:42[diff] [blame]203
[email protected]f3cf9802011-10-28 18:44:58[diff] [blame]204 auth_controllers_[target]->ResetAuth(credentials);
[email protected]e772db3f2010-07-12 18:11:13[diff] [blame]205
[email protected]49639fa2011-12-20 23:22:41[diff] [blame]206 DCHECK(callback_.is_null());
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]207
208 int rv = OK;
209 if (target == HttpAuth::AUTH_PROXY && establishing_tunnel_) {
210 // In this case, we've gathered credentials for use with proxy
211 // authentication of a tunnel.
[email protected]82918cc2010-08-25 17:24:50[diff] [blame]212 DCHECK_EQ(STATE_CREATE_STREAM_COMPLETE, next_state_);
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]213 DCHECK(stream_request_ != NULL);
[email protected]394816e92010-08-03 07:38:59[diff] [blame]214 auth_controllers_[target] = NULL;
[email protected]a7ea8832010-07-12 17:54:54[diff] [blame]215 ResetStateForRestart();
[email protected]f3cf9802011-10-28 18:44:58[diff] [blame]216 rv = stream_request_->RestartTunnelWithProxyAuth(credentials);
[email protected]a7ea8832010-07-12 17:54:54[diff] [blame]217 } else {
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]218 // In this case, we've gathered credentials for the server or the proxy
219 // but it is not during the tunneling phase.
220 DCHECK(stream_request_ == NULL);
[email protected]a7ea8832010-07-12 17:54:54[diff] [blame]221 PrepareForAuthRestart(target);
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]222 rv = DoLoop(OK);
[email protected]a7ea8832010-07-12 17:54:54[diff] [blame]223 }
[email protected]c3b35c22008-09-27 03:19:42[diff] [blame]224
[email protected]c3b35c22008-09-27 03:19:42[diff] [blame]225 if (rv == ERR_IO_PENDING)
[email protected]49639fa2011-12-20 23:22:41[diff] [blame]226 callback_ = callback;
[email protected]c3b35c22008-09-27 03:19:42[diff] [blame]227 return rv;
[email protected]96d570e42008-08-05 22:43:04[diff] [blame]228}
229
[email protected]f9ee6b52008-11-08 06:46:23[diff] [blame]230void HttpNetworkTransaction::PrepareForAuthRestart(HttpAuth::Target target) {
231 DCHECK(HaveAuth(target));
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]232 DCHECK(!stream_request_.get());
233
[email protected]2d2697f92009-02-18 21:00:32[diff] [blame]234 bool keep_alive = false;
[email protected]0877e3d2009-10-17 22:29:57[diff] [blame]235 // Even if the server says the connection is keep-alive, we have to be
236 // able to find the end of each response in order to reuse the connection.
mmenkebd84c392015-09-02 14:12:34[diff] [blame]237 if (stream_->CanReuseConnection()) {
[email protected]0877e3d2009-10-17 22:29:57[diff] [blame]238 // If the response body hasn't been completely read, we need to drain
239 // it first.
[email protected]351ab642010-08-05 16:55:31[diff] [blame]240 if (!stream_->IsResponseBodyComplete()) {
[email protected]2d2697f92009-02-18 21:00:32[diff] [blame]241 next_state_ = STATE_DRAIN_BODY_FOR_AUTH_RESTART;
[email protected]0877e3d2009-10-17 22:29:57[diff] [blame]242 read_buf_ = new IOBuffer(kDrainBodyBufferSize); // A bit bucket.
[email protected]2d2697f92009-02-18 21:00:32[diff] [blame]243 read_buf_len_ = kDrainBodyBufferSize;
244 return;
245 }
[email protected]0877e3d2009-10-17 22:29:57[diff] [blame]246 keep_alive = true;
[email protected]37832c6d2009-06-05 19:44:09[diff] [blame]247 }
248
[email protected]2d2697f92009-02-18 21:00:32[diff] [blame]249 // We don't need to drain the response body, so we act as if we had drained
250 // the response body.
251 DidDrainBodyForAuthRestart(keep_alive);
252}
253
254void HttpNetworkTransaction::DidDrainBodyForAuthRestart(bool keep_alive) {
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]255 DCHECK(!stream_request_.get());
256
257 if (stream_.get()) {
[email protected]b8015c42013-12-24 15:18:19[diff] [blame]258 total_received_bytes_ += stream_->GetTotalReceivedBytes();
sclittlefb249892015-09-10 21:33:22[diff] [blame]259 total_sent_bytes_ += stream_->GetTotalSentBytes();
[email protected]697ef4c2010-10-14 16:38:58[diff] [blame]260 HttpStream* new_stream = NULL;
mmenkebd84c392015-09-02 14:12:34[diff] [blame]261 if (keep_alive && stream_->CanReuseConnection()) {
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]262 // We should call connection_->set_idle_time(), but this doesn't occur
263 // often enough to be worth the trouble.
264 stream_->SetConnectionReused();
yhiranoa7e05bb2014-11-06 05:40:39[diff] [blame]265 new_stream = stream_->RenewStreamForAuth();
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]266 }
[email protected]697ef4c2010-10-14 16:38:58[diff] [blame]267
268 if (!new_stream) {
[email protected]2d0a4f92011-05-05 16:38:46[diff] [blame]269 // Close the stream and mark it as not_reusable. Even in the
270 // keep_alive case, we've determined that the stream_ is not
271 // reusable if new_stream is NULL.
272 stream_->Close(true);
[email protected]697ef4c2010-10-14 16:38:58[diff] [blame]273 next_state_ = STATE_CREATE_STREAM;
274 } else {
sclittlefb249892015-09-10 21:33:22[diff] [blame]275 // Renewed streams shouldn't carry over sent or received bytes.
[email protected]b8015c42013-12-24 15:18:19[diff] [blame]276 DCHECK_EQ(0, new_stream->GetTotalReceivedBytes());
sclittlefb249892015-09-10 21:33:22[diff] [blame]277 DCHECK_EQ(0, new_stream->GetTotalSentBytes());
[email protected]697ef4c2010-10-14 16:38:58[diff] [blame]278 next_state_ = STATE_INIT_STREAM;
279 }
280 stream_.reset(new_stream);
[email protected]2d2697f92009-02-18 21:00:32[diff] [blame]281 }
[email protected]f9ee6b52008-11-08 06:46:23[diff] [blame]282
283 // Reset the other member variables.
[email protected]697ef4c2010-10-14 16:38:58[diff] [blame]284 ResetStateForAuthRestart();
[email protected]f9ee6b52008-11-08 06:46:23[diff] [blame]285}
286
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]287bool HttpNetworkTransaction::IsReadyToRestartForAuth() {
288 return pending_auth_target_ != HttpAuth::AUTH_NONE &&
289 HaveAuth(pending_auth_target_);
290}
291
[email protected]9dea9e1f2009-01-29 00:30:47[diff] [blame]292int HttpNetworkTransaction::Read(IOBuffer* buf, int buf_len,
[email protected]49639fa2011-12-20 23:22:41[diff] [blame]293 const CompletionCallback& callback) {
[email protected]96d570e42008-08-05 22:43:04[diff] [blame]294 DCHECK(buf);
[email protected]e0c27be2009-07-15 13:09:35[diff] [blame]295 DCHECK_LT(0, buf_len);
[email protected]96d570e42008-08-05 22:43:04[diff] [blame]296
[email protected]1f14a912009-12-21 20:32:44[diff] [blame]297 State next_state = STATE_NONE;
[email protected]96d570e42008-08-05 22:43:04[diff] [blame]298
[email protected]ad8e04a2010-11-01 04:16:27[diff] [blame]299 scoped_refptr<HttpResponseHeaders> headers(GetResponseHeaders());
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]300 if (headers_valid_ && headers.get() && stream_request_.get()) {
[email protected]8a1f3312010-05-25 19:25:04[diff] [blame]301 // We're trying to read the body of the response but we're still trying
[email protected]511f6f52010-12-17 03:58:29[diff] [blame]302 // to establish an SSL tunnel through an HTTP proxy. We can't read these
[email protected]8a1f3312010-05-25 19:25:04[diff] [blame]303 // bytes when establishing a tunnel because they might be controlled by
304 // an active network attacker. We don't worry about this for HTTP
305 // because an active network attacker can already control HTTP sessions.
[email protected]511f6f52010-12-17 03:58:29[diff] [blame]306 // We reach this case when the user cancels a 407 proxy auth prompt. We
307 // also don't worry about this for an HTTPS Proxy, because the
308 // communication with the proxy is secure.
[email protected]8a1f3312010-05-25 19:25:04[diff] [blame]309 // See http://crbug.com/8473.
[email protected]2df19bb2010-08-25 20:13:46[diff] [blame]310 DCHECK(proxy_info_.is_http() || proxy_info_.is_https());
[email protected]9094b602012-02-27 21:44:58[diff] [blame]311 DCHECK_EQ(headers->response_code(), HTTP_PROXY_AUTHENTICATION_REQUIRED);
[email protected]a7ea8832010-07-12 17:54:54[diff] [blame]312 LOG(WARNING) << "Blocked proxy response with status "
313 << headers->response_code() << " to CONNECT request for "
314 << GetHostAndPort(request_->url) << ".";
[email protected]8a1f3312010-05-25 19:25:04[diff] [blame]315 return ERR_TUNNEL_CONNECTION_FAILED;
[email protected]a8e9b162009-03-12 00:06:44[diff] [blame]316 }
317
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]318 // Are we using SPDY or HTTP?
[email protected]351ab642010-08-05 16:55:31[diff] [blame]319 next_state = STATE_READ_BODY;
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]320
[email protected]96d570e42008-08-05 22:43:04[diff] [blame]321 read_buf_ = buf;
322 read_buf_len_ = buf_len;
323
[email protected]1f14a912009-12-21 20:32:44[diff] [blame]324 next_state_ = next_state;
[email protected]96d570e42008-08-05 22:43:04[diff] [blame]325 int rv = DoLoop(OK);
326 if (rv == ERR_IO_PENDING)
[email protected]49639fa2011-12-20 23:22:41[diff] [blame]327 callback_ = callback;
[email protected]96d570e42008-08-05 22:43:04[diff] [blame]328 return rv;
329}
330
[email protected]8cd06c02014-01-25 07:50:14[diff] [blame]331void HttpNetworkTransaction::StopCaching() {}
332
[email protected]79e1fd62013-06-20 06:50:04[diff] [blame]333bool HttpNetworkTransaction::GetFullRequestHeaders(
334 HttpRequestHeaders* headers) const {
ttuttle960fcbf2016-04-19 13:26:32[diff] [blame]335 // TODO(juliatuttle): Make sure we've populated request_headers_.
[email protected]79e1fd62013-06-20 06:50:04[diff] [blame]336 *headers = request_headers_;
337 return true;
338}
339
sclittle4de1bab92015-09-22 21:28:24[diff] [blame]340int64_t HttpNetworkTransaction::GetTotalReceivedBytes() const {
341 int64_t total_received_bytes = total_received_bytes_;
[email protected]b8015c42013-12-24 15:18:19[diff] [blame]342 if (stream_)
343 total_received_bytes += stream_->GetTotalReceivedBytes();
344 return total_received_bytes;
345}
346
sclittlefb249892015-09-10 21:33:22[diff] [blame]347int64_t HttpNetworkTransaction::GetTotalSentBytes() const {
348 int64_t total_sent_bytes = total_sent_bytes_;
349 if (stream_)
350 total_sent_bytes += stream_->GetTotalSentBytes();
351 return total_sent_bytes;
352}
353
[email protected]8cd06c02014-01-25 07:50:14[diff] [blame]354void HttpNetworkTransaction::DoneReading() {}
355
[email protected]96d570e42008-08-05 22:43:04[diff] [blame]356const HttpResponseInfo* HttpNetworkTransaction::GetResponseInfo() const {
ttuttlec0c828492015-05-15 01:25:55[diff] [blame]357 return &response_;
[email protected]96d570e42008-08-05 22:43:04[diff] [blame]358}
359
360LoadState HttpNetworkTransaction::GetLoadState() const {
361 // TODO(wtc): Define a new LoadState value for the
362 // STATE_INIT_CONNECTION_COMPLETE state, which delays the HTTP request.
363 switch (next_state_) {
[email protected]1826a402014-01-08 15:40:48[diff] [blame]364 case STATE_CREATE_STREAM:
365 return LOAD_STATE_WAITING_FOR_DELEGATE;
[email protected]82918cc2010-08-25 17:24:50[diff] [blame]366 case STATE_CREATE_STREAM_COMPLETE:
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]367 return stream_request_->GetLoadState();
[email protected]044de0642010-06-17 10:42:15[diff] [blame]368 case STATE_GENERATE_PROXY_AUTH_TOKEN_COMPLETE:
369 case STATE_GENERATE_SERVER_AUTH_TOKEN_COMPLETE:
[email protected]0877e3d2009-10-17 22:29:57[diff] [blame]370 case STATE_SEND_REQUEST_COMPLETE:
[email protected]96d570e42008-08-05 22:43:04[diff] [blame]371 return LOAD_STATE_SENDING_REQUEST;
372 case STATE_READ_HEADERS_COMPLETE:
373 return LOAD_STATE_WAITING_FOR_RESPONSE;
374 case STATE_READ_BODY_COMPLETE:
375 return LOAD_STATE_READING_RESPONSE;
376 default:
377 return LOAD_STATE_IDLE;
378 }
379}
380
[email protected]8cd06c02014-01-25 07:50:14[diff] [blame]381void HttpNetworkTransaction::SetQuicServerInfo(
382 QuicServerInfo* quic_server_info) {}
383
[email protected]5033ab82013-03-22 20:17:46[diff] [blame]384bool HttpNetworkTransaction::GetLoadTimingInfo(
385 LoadTimingInfo* load_timing_info) const {
386 if (!stream_ || !stream_->GetLoadTimingInfo(load_timing_info))
387 return false;
388
389 load_timing_info->proxy_resolve_start =
390 proxy_info_.proxy_resolve_start_time();
391 load_timing_info->proxy_resolve_end = proxy_info_.proxy_resolve_end_time();
392 load_timing_info->send_start = send_start_time_;
393 load_timing_info->send_end = send_end_time_;
[email protected]5033ab82013-03-22 20:17:46[diff] [blame]394 return true;
395}
396
ttuttled9dbc652015-09-29 20:00:59[diff] [blame]397bool HttpNetworkTransaction::GetRemoteEndpoint(IPEndPoint* endpoint) const {
thestiga74ad2b2016-07-11 20:52:36[diff] [blame]398 if (remote_endpoint_.address().empty())
ttuttled9dbc652015-09-29 20:00:59[diff] [blame]399 return false;
400
401 *endpoint = remote_endpoint_;
402 return true;
403}
404
zhongyi48704c182015-12-07 07:52:02[diff] [blame]405void HttpNetworkTransaction::PopulateNetErrorDetails(
406 NetErrorDetails* details) const {
zhongyica364fbb2015-12-12 03:39:12[diff] [blame]407 *details = net_error_details_;
408 if (stream_)
409 stream_->PopulateNetErrorDetails(details);
zhongyi48704c182015-12-07 07:52:02[diff] [blame]410}
411
[email protected]5033ab82013-03-22 20:17:46[diff] [blame]412void HttpNetworkTransaction::SetPriority(RequestPriority priority) {
413 priority_ = priority;
[email protected]bf828982013-08-14 18:01:47[diff] [blame]414 if (stream_request_)
415 stream_request_->SetPriority(priority);
[email protected]e86839fd2013-08-14 18:29:03[diff] [blame]416 if (stream_)
417 stream_->SetPriority(priority);
[email protected]5033ab82013-03-22 20:17:46[diff] [blame]418}
419
[email protected]831e4a32013-11-14 02:14:44[diff] [blame]420void HttpNetworkTransaction::SetWebSocketHandshakeStreamCreateHelper(
421 WebSocketHandshakeStreamBase::CreateHelper* create_helper) {
422 websocket_handshake_stream_base_create_helper_ = create_helper;
423}
424
[email protected]1826a402014-01-08 15:40:48[diff] [blame]425void HttpNetworkTransaction::SetBeforeNetworkStartCallback(
426 const BeforeNetworkStartCallback& callback) {
427 before_network_start_callback_ = callback;
428}
429
ryansturm49a8cb12016-06-15 16:51:09[diff] [blame]430void HttpNetworkTransaction::SetBeforeHeadersSentCallback(
431 const BeforeHeadersSentCallback& callback) {
432 before_headers_sent_callback_ = callback;
[email protected]597a1ab2014-06-26 08:12:27[diff] [blame]433}
434
[email protected]1826a402014-01-08 15:40:48[diff] [blame]435int HttpNetworkTransaction::ResumeNetworkStart() {
436 DCHECK_EQ(next_state_, STATE_CREATE_STREAM);
437 return DoLoop(OK);
438}
439
[email protected]102e27c2011-02-23 01:01:31[diff] [blame]440void HttpNetworkTransaction::OnStreamReady(const SSLConfig& used_ssl_config,
441 const ProxyInfo& used_proxy_info,
yhiranoa7e05bb2014-11-06 05:40:39[diff] [blame]442 HttpStream* stream) {
[email protected]82918cc2010-08-25 17:24:50[diff] [blame]443 DCHECK_EQ(STATE_CREATE_STREAM_COMPLETE, next_state_);
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]444 DCHECK(stream_request_.get());
445
sclittlefb249892015-09-10 21:33:22[diff] [blame]446 if (stream_) {
[email protected]b8015c42013-12-24 15:18:19[diff] [blame]447 total_received_bytes_ += stream_->GetTotalReceivedBytes();
sclittlefb249892015-09-10 21:33:22[diff] [blame]448 total_sent_bytes_ += stream_->GetTotalSentBytes();
449 }
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]450 stream_.reset(stream);
[email protected]102957f2011-09-02 17:10:14[diff] [blame]451 server_ssl_config_ = used_ssl_config;
[email protected]102e27c2011-02-23 01:01:31[diff] [blame]452 proxy_info_ = used_proxy_info;
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]453 response_.was_npn_negotiated = stream_request_->was_npn_negotiated();
[email protected]c30bcce2011-12-20 17:50:51[diff] [blame]454 response_.npn_negotiated_protocol = SSLClientSocket::NextProtoToString(
bnc6227b26e2016-08-12 02:00:43[diff] [blame]455 stream_request_->negotiated_protocol());
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]456 response_.was_fetched_via_spdy = stream_request_->using_spdy();
457 response_.was_fetched_via_proxy = !proxy_info_.is_direct();
[email protected]d8fc4722014-06-13 13:17:15[diff] [blame]458 if (response_.was_fetched_via_proxy && !proxy_info_.is_empty())
459 response_.proxy_server = proxy_info_.proxy_server().host_port_pair();
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]460 OnIOComplete(OK);
461}
462
xunjieli5749218c2016-03-22 16:43:06[diff] [blame]463void HttpNetworkTransaction::OnBidirectionalStreamImplReady(
xunjieli11834f02015-12-22 04:27:08[diff] [blame]464 const SSLConfig& used_ssl_config,
465 const ProxyInfo& used_proxy_info,
xunjieli5749218c2016-03-22 16:43:06[diff] [blame]466 BidirectionalStreamImpl* stream) {
xunjieli11834f02015-12-22 04:27:08[diff] [blame]467 NOTREACHED();
468}
469
[email protected]a9cf2b92013-10-30 12:08:49[diff] [blame]470void HttpNetworkTransaction::OnWebSocketHandshakeStreamReady(
[email protected]3732cea2013-06-21 06:50:50[diff] [blame]471 const SSLConfig& used_ssl_config,
472 const ProxyInfo& used_proxy_info,
[email protected]a9cf2b92013-10-30 12:08:49[diff] [blame]473 WebSocketHandshakeStreamBase* stream) {
[email protected]831e4a32013-11-14 02:14:44[diff] [blame]474 OnStreamReady(used_ssl_config, used_proxy_info, stream);
[email protected]3732cea2013-06-21 06:50:50[diff] [blame]475}
476
[email protected]102e27c2011-02-23 01:01:31[diff] [blame]477void HttpNetworkTransaction::OnStreamFailed(int result,
davidben849365422016-06-24 19:04:13[diff] [blame]478 const SSLConfig& used_ssl_config) {
[email protected]82918cc2010-08-25 17:24:50[diff] [blame]479 DCHECK_EQ(STATE_CREATE_STREAM_COMPLETE, next_state_);
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]480 DCHECK_NE(OK, result);
481 DCHECK(stream_request_.get());
482 DCHECK(!stream_.get());
[email protected]102957f2011-09-02 17:10:14[diff] [blame]483 server_ssl_config_ = used_ssl_config;
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]484
485 OnIOComplete(result);
486}
487
[email protected]102e27c2011-02-23 01:01:31[diff] [blame]488void HttpNetworkTransaction::OnCertificateError(
489 int result,
490 const SSLConfig& used_ssl_config,
491 const SSLInfo& ssl_info) {
[email protected]82918cc2010-08-25 17:24:50[diff] [blame]492 DCHECK_EQ(STATE_CREATE_STREAM_COMPLETE, next_state_);
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]493 DCHECK_NE(OK, result);
494 DCHECK(stream_request_.get());
495 DCHECK(!stream_.get());
496
497 response_.ssl_info = ssl_info;
[email protected]102957f2011-09-02 17:10:14[diff] [blame]498 server_ssl_config_ = used_ssl_config;
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]499
500 // TODO(mbelshe): For now, we're going to pass the error through, and that
501 // will close the stream_request in all cases. This means that we're always
[email protected]82918cc2010-08-25 17:24:50[diff] [blame]502 // going to restart an entire STATE_CREATE_STREAM, even if the connection is
503 // good and the user chooses to ignore the error. This is not ideal, but not
504 // the end of the world either.
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]505
506 OnIOComplete(result);
507}
508
509void HttpNetworkTransaction::OnNeedsProxyAuth(
[email protected]6dc476da2010-09-01 04:43:50[diff] [blame]510 const HttpResponseInfo& proxy_response,
[email protected]102e27c2011-02-23 01:01:31[diff] [blame]511 const SSLConfig& used_ssl_config,
512 const ProxyInfo& used_proxy_info,
[email protected]6dc476da2010-09-01 04:43:50[diff] [blame]513 HttpAuthController* auth_controller) {
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]514 DCHECK(stream_request_.get());
[email protected]82918cc2010-08-25 17:24:50[diff] [blame]515 DCHECK_EQ(STATE_CREATE_STREAM_COMPLETE, next_state_);
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]516
517 establishing_tunnel_ = true;
518 response_.headers = proxy_response.headers;
519 response_.auth_challenge = proxy_response.auth_challenge;
520 headers_valid_ = true;
[email protected]102957f2011-09-02 17:10:14[diff] [blame]521 server_ssl_config_ = used_ssl_config;
[email protected]102e27c2011-02-23 01:01:31[diff] [blame]522 proxy_info_ = used_proxy_info;
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]523
524 auth_controllers_[HttpAuth::AUTH_PROXY] = auth_controller;
525 pending_auth_target_ = HttpAuth::AUTH_PROXY;
526
527 DoCallback(OK);
528}
529
530void HttpNetworkTransaction::OnNeedsClientAuth(
[email protected]102e27c2011-02-23 01:01:31[diff] [blame]531 const SSLConfig& used_ssl_config,
[email protected]6dc476da2010-09-01 04:43:50[diff] [blame]532 SSLCertRequestInfo* cert_info) {
[email protected]82918cc2010-08-25 17:24:50[diff] [blame]533 DCHECK_EQ(STATE_CREATE_STREAM_COMPLETE, next_state_);
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]534
[email protected]102957f2011-09-02 17:10:14[diff] [blame]535 server_ssl_config_ = used_ssl_config;
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]536 response_.cert_request_info = cert_info;
[email protected]65a3b912010-08-21 05:46:58[diff] [blame]537 OnIOComplete(ERR_SSL_CLIENT_AUTH_CERT_NEEDED);
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]538}
539
[email protected]511f6f52010-12-17 03:58:29[diff] [blame]540void HttpNetworkTransaction::OnHttpsProxyTunnelResponse(
541 const HttpResponseInfo& response_info,
[email protected]102e27c2011-02-23 01:01:31[diff] [blame]542 const SSLConfig& used_ssl_config,
543 const ProxyInfo& used_proxy_info,
yhiranoa7e05bb2014-11-06 05:40:39[diff] [blame]544 HttpStream* stream) {
[email protected]511f6f52010-12-17 03:58:29[diff] [blame]545 DCHECK_EQ(STATE_CREATE_STREAM_COMPLETE, next_state_);
546
ttuttle1f2d7e92015-04-28 16:17:47[diff] [blame]547 CopyConnectionAttemptsFromStreamRequest();
548
[email protected]511f6f52010-12-17 03:58:29[diff] [blame]549 headers_valid_ = true;
550 response_ = response_info;
[email protected]102957f2011-09-02 17:10:14[diff] [blame]551 server_ssl_config_ = used_ssl_config;
[email protected]102e27c2011-02-23 01:01:31[diff] [blame]552 proxy_info_ = used_proxy_info;
sclittlefb249892015-09-10 21:33:22[diff] [blame]553 if (stream_) {
[email protected]b8015c42013-12-24 15:18:19[diff] [blame]554 total_received_bytes_ += stream_->GetTotalReceivedBytes();
sclittlefb249892015-09-10 21:33:22[diff] [blame]555 total_sent_bytes_ += stream_->GetTotalSentBytes();
556 }
[email protected]511f6f52010-12-17 03:58:29[diff] [blame]557 stream_.reset(stream);
558 stream_request_.reset(); // we're done with the stream request
559 OnIOComplete(ERR_HTTPS_PROXY_TUNNEL_RESPONSE);
560}
561
zhongyi48704c182015-12-07 07:52:02[diff] [blame]562void HttpNetworkTransaction::OnQuicBroken() {
zhongyica364fbb2015-12-12 03:39:12[diff] [blame]563 net_error_details_.quic_broken = true;
zhongyi48704c182015-12-07 07:52:02[diff] [blame]564}
565
ttuttle1f2d7e92015-04-28 16:17:47[diff] [blame]566void HttpNetworkTransaction::GetConnectionAttempts(
567 ConnectionAttempts* out) const {
568 *out = connection_attempts_;
569}
570
Adam Ricecb76ac62015-02-20 05:33:25[diff] [blame]571bool HttpNetworkTransaction::IsSecureRequest() const {
lgarrona774b922015-05-14 22:56:37[diff] [blame]572 return request_->url.SchemeIsCryptographic();
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]573}
574
nharperb7441ef2016-01-25 23:54:14[diff] [blame]575bool HttpNetworkTransaction::IsTokenBindingEnabled() const {
576 if (!IsSecureRequest())
577 return false;
578 SSLInfo ssl_info;
579 stream_->GetSSLInfo(&ssl_info);
580 return ssl_info.token_binding_negotiated &&
581 ssl_info.token_binding_key_param == TB_PARAM_ECDSAP256 &&
582 session_->params().channel_id_service;
583}
584
585void HttpNetworkTransaction::RecordTokenBindingSupport() const {
586 // This enum is used for an UMA histogram - do not change or re-use values.
587 enum {
588 DISABLED = 0,
589 CLIENT_ONLY = 1,
590 CLIENT_AND_SERVER = 2,
591 CLIENT_NO_CHANNEL_ID_SERVICE = 3,
592 TOKEN_BINDING_SUPPORT_MAX
593 } supported;
594 if (!IsSecureRequest())
595 return;
596 SSLInfo ssl_info;
597 stream_->GetSSLInfo(&ssl_info);
598 if (!session_->params().enable_token_binding) {
599 supported = DISABLED;
600 } else if (!session_->params().channel_id_service) {
601 supported = CLIENT_NO_CHANNEL_ID_SERVICE;
602 } else if (ssl_info.token_binding_negotiated) {
603 supported = CLIENT_AND_SERVER;
604 } else {
605 supported = CLIENT_ONLY;
606 }
607 UMA_HISTOGRAM_ENUMERATION("Net.TokenBinding.Support", supported,
608 TOKEN_BINDING_SUPPORT_MAX);
609}
610
Adam Rice425cf122015-01-19 06:18:24[diff] [blame]611bool HttpNetworkTransaction::UsingHttpProxyWithoutTunnel() const {
tbansal7cec3812015-02-05 21:25:12[diff] [blame]612 return (proxy_info_.is_http() || proxy_info_.is_https() ||
613 proxy_info_.is_quic()) &&
Adam Rice425cf122015-01-19 06:18:24[diff] [blame]614 !(request_->url.SchemeIs("https") || request_->url.SchemeIsWSOrWSS());
615}
616
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]617void HttpNetworkTransaction::DoCallback(int rv) {
[email protected]0b0bf032010-09-21 18:08:50[diff] [blame]618 DCHECK_NE(rv, ERR_IO_PENDING);
[email protected]49639fa2011-12-20 23:22:41[diff] [blame]619 DCHECK(!callback_.is_null());
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]620
[email protected]96d570e42008-08-05 22:43:04[diff] [blame]621 // Since Run may result in Read being called, clear user_callback_ up front.
[email protected]49639fa2011-12-20 23:22:41[diff] [blame]622 CompletionCallback c = callback_;
623 callback_.Reset();
624 c.Run(rv);
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]625}
626
627void HttpNetworkTransaction::OnIOComplete(int result) {
628 int rv = DoLoop(result);
629 if (rv != ERR_IO_PENDING)
630 DoCallback(rv);
631}
632
633int HttpNetworkTransaction::DoLoop(int result) {
634 DCHECK(next_state_ != STATE_NONE);
635
636 int rv = result;
637 do {
638 State state = next_state_;
639 next_state_ = STATE_NONE;
640 switch (state) {
[email protected]1826a402014-01-08 15:40:48[diff] [blame]641 case STATE_NOTIFY_BEFORE_CREATE_STREAM:
642 DCHECK_EQ(OK, rv);
643 rv = DoNotifyBeforeCreateStream();
644 break;
[email protected]82918cc2010-08-25 17:24:50[diff] [blame]645 case STATE_CREATE_STREAM:
646 DCHECK_EQ(OK, rv);
647 rv = DoCreateStream();
648 break;
649 case STATE_CREATE_STREAM_COMPLETE:
650 rv = DoCreateStreamComplete(rv);
651 break;
[email protected]351ab642010-08-05 16:55:31[diff] [blame]652 case STATE_INIT_STREAM:
653 DCHECK_EQ(OK, rv);
654 rv = DoInitStream();
655 break;
656 case STATE_INIT_STREAM_COMPLETE:
657 rv = DoInitStreamComplete(rv);
658 break;
[email protected]044de0642010-06-17 10:42:15[diff] [blame]659 case STATE_GENERATE_PROXY_AUTH_TOKEN:
660 DCHECK_EQ(OK, rv);
661 rv = DoGenerateProxyAuthToken();
662 break;
663 case STATE_GENERATE_PROXY_AUTH_TOKEN_COMPLETE:
664 rv = DoGenerateProxyAuthTokenComplete(rv);
665 break;
666 case STATE_GENERATE_SERVER_AUTH_TOKEN:
667 DCHECK_EQ(OK, rv);
668 rv = DoGenerateServerAuthToken();
669 break;
670 case STATE_GENERATE_SERVER_AUTH_TOKEN_COMPLETE:
671 rv = DoGenerateServerAuthTokenComplete(rv);
672 break;
nharperd6e65822016-03-30 23:05:48[diff] [blame]673 case STATE_GET_PROVIDED_TOKEN_BINDING_KEY:
nharperb7441ef2016-01-25 23:54:14[diff] [blame]674 DCHECK_EQ(OK, rv);
nharperd6e65822016-03-30 23:05:48[diff] [blame]675 rv = DoGetProvidedTokenBindingKey();
nharperb7441ef2016-01-25 23:54:14[diff] [blame]676 break;
nharperd6e65822016-03-30 23:05:48[diff] [blame]677 case STATE_GET_PROVIDED_TOKEN_BINDING_KEY_COMPLETE:
678 rv = DoGetProvidedTokenBindingKeyComplete(rv);
679 break;
680 case STATE_GET_REFERRED_TOKEN_BINDING_KEY:
681 DCHECK_EQ(OK, rv);
682 rv = DoGetReferredTokenBindingKey();
683 break;
684 case STATE_GET_REFERRED_TOKEN_BINDING_KEY_COMPLETE:
685 rv = DoGetReferredTokenBindingKeyComplete(rv);
nharperb7441ef2016-01-25 23:54:14[diff] [blame]686 break;
[email protected]daddea62012-09-19 05:51:13[diff] [blame]687 case STATE_INIT_REQUEST_BODY:
688 DCHECK_EQ(OK, rv);
689 rv = DoInitRequestBody();
690 break;
691 case STATE_INIT_REQUEST_BODY_COMPLETE:
692 rv = DoInitRequestBodyComplete(rv);
693 break;
[email protected]4875ba12011-03-30 22:31:51[diff] [blame]694 case STATE_BUILD_REQUEST:
[email protected]725355a2009-03-25 20:42:55[diff] [blame]695 DCHECK_EQ(OK, rv);
mikecirone8b85c432016-09-08 19:11:00[diff] [blame]696 net_log_.BeginEvent(NetLogEventType::HTTP_TRANSACTION_SEND_REQUEST);
[email protected]4875ba12011-03-30 22:31:51[diff] [blame]697 rv = DoBuildRequest();
698 break;
699 case STATE_BUILD_REQUEST_COMPLETE:
700 rv = DoBuildRequestComplete(rv);
701 break;
702 case STATE_SEND_REQUEST:
703 DCHECK_EQ(OK, rv);
[email protected]0877e3d2009-10-17 22:29:57[diff] [blame]704 rv = DoSendRequest();
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]705 break;
[email protected]0877e3d2009-10-17 22:29:57[diff] [blame]706 case STATE_SEND_REQUEST_COMPLETE:
707 rv = DoSendRequestComplete(rv);
[email protected]d7fd1782011-02-08 19:16:43[diff] [blame]708 net_log_.EndEventWithNetErrorCode(
mikecirone8b85c432016-09-08 19:11:00[diff] [blame]709 NetLogEventType::HTTP_TRANSACTION_SEND_REQUEST, rv);
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]710 break;
711 case STATE_READ_HEADERS:
[email protected]725355a2009-03-25 20:42:55[diff] [blame]712 DCHECK_EQ(OK, rv);
mikecirone8b85c432016-09-08 19:11:00[diff] [blame]713 net_log_.BeginEvent(NetLogEventType::HTTP_TRANSACTION_READ_HEADERS);
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]714 rv = DoReadHeaders();
715 break;
716 case STATE_READ_HEADERS_COMPLETE:
717 rv = DoReadHeadersComplete(rv);
[email protected]d7fd1782011-02-08 19:16:43[diff] [blame]718 net_log_.EndEventWithNetErrorCode(
mikecirone8b85c432016-09-08 19:11:00[diff] [blame]719 NetLogEventType::HTTP_TRANSACTION_READ_HEADERS, rv);
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]720 break;
721 case STATE_READ_BODY:
[email protected]725355a2009-03-25 20:42:55[diff] [blame]722 DCHECK_EQ(OK, rv);
mikecirone8b85c432016-09-08 19:11:00[diff] [blame]723 net_log_.BeginEvent(NetLogEventType::HTTP_TRANSACTION_READ_BODY);
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]724 rv = DoReadBody();
725 break;
726 case STATE_READ_BODY_COMPLETE:
727 rv = DoReadBodyComplete(rv);
[email protected]d7fd1782011-02-08 19:16:43[diff] [blame]728 net_log_.EndEventWithNetErrorCode(
mikecirone8b85c432016-09-08 19:11:00[diff] [blame]729 NetLogEventType::HTTP_TRANSACTION_READ_BODY, rv);
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]730 break;
[email protected]2d2697f92009-02-18 21:00:32[diff] [blame]731 case STATE_DRAIN_BODY_FOR_AUTH_RESTART:
[email protected]725355a2009-03-25 20:42:55[diff] [blame]732 DCHECK_EQ(OK, rv);
[email protected]9e743cd2010-03-16 07:03:53[diff] [blame]733 net_log_.BeginEvent(
mikecirone8b85c432016-09-08 19:11:00[diff] [blame]734 NetLogEventType::HTTP_TRANSACTION_DRAIN_BODY_FOR_AUTH_RESTART);
[email protected]2d2697f92009-02-18 21:00:32[diff] [blame]735 rv = DoDrainBodyForAuthRestart();
736 break;
737 case STATE_DRAIN_BODY_FOR_AUTH_RESTART_COMPLETE:
738 rv = DoDrainBodyForAuthRestartComplete(rv);
[email protected]d7fd1782011-02-08 19:16:43[diff] [blame]739 net_log_.EndEventWithNetErrorCode(
mikecirone8b85c432016-09-08 19:11:00[diff] [blame]740 NetLogEventType::HTTP_TRANSACTION_DRAIN_BODY_FOR_AUTH_RESTART, rv);
[email protected]2d2697f92009-02-18 21:00:32[diff] [blame]741 break;
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]742 default:
743 NOTREACHED() << "bad state";
744 rv = ERR_FAILED;
[email protected]96d570e42008-08-05 22:43:04[diff] [blame]745 break;
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]746 }
747 } while (rv != ERR_IO_PENDING && next_state_ != STATE_NONE);
748
749 return rv;
750}
751
[email protected]1826a402014-01-08 15:40:48[diff] [blame]752int HttpNetworkTransaction::DoNotifyBeforeCreateStream() {
753 next_state_ = STATE_CREATE_STREAM;
754 bool defer = false;
755 if (!before_network_start_callback_.is_null())
756 before_network_start_callback_.Run(&defer);
757 if (!defer)
758 return OK;
759 return ERR_IO_PENDING;
760}
761
[email protected]82918cc2010-08-25 17:24:50[diff] [blame]762int HttpNetworkTransaction::DoCreateStream() {
pkastingec2cdb52015-05-02 01:19:34[diff] [blame]763 // TODO(mmenke): Remove ScopedTracker below once crbug.com/424359 is fixed.
pkastinga9269aa42015-04-10 01:42:26[diff] [blame]764 tracked_objects::ScopedTracker tracking_profile(
765 FROM_HERE_WITH_EXPLICIT_FUNCTION(
766 "424359 HttpNetworkTransaction::DoCreateStream"));
767
ttuttlec0c828492015-05-15 01:25:55[diff] [blame]768 response_.network_accessed = true;
769
[email protected]82918cc2010-08-25 17:24:50[diff] [blame]770 next_state_ = STATE_CREATE_STREAM_COMPLETE;
[email protected]831e4a32013-11-14 02:14:44[diff] [blame]771 if (ForWebSocketHandshake()) {
772 stream_request_.reset(
[email protected]0191b51c2013-11-18 10:55:23[diff] [blame]773 session_->http_stream_factory_for_websocket()
[email protected]831e4a32013-11-14 02:14:44[diff] [blame]774 ->RequestWebSocketHandshakeStream(
775 *request_,
776 priority_,
777 server_ssl_config_,
778 proxy_ssl_config_,
779 this,
780 websocket_handshake_stream_base_create_helper_,
781 net_log_));
782 } else {
783 stream_request_.reset(
784 session_->http_stream_factory()->RequestStream(
785 *request_,
786 priority_,
787 server_ssl_config_,
788 proxy_ssl_config_,
789 this,
790 net_log_));
791 }
[email protected]26816882010-10-14 18:03:09[diff] [blame]792 DCHECK(stream_request_.get());
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]793 return ERR_IO_PENDING;
[email protected]351ab642010-08-05 16:55:31[diff] [blame]794}
795
[email protected]82918cc2010-08-25 17:24:50[diff] [blame]796int HttpNetworkTransaction::DoCreateStreamComplete(int result) {
ttuttle1f2d7e92015-04-28 16:17:47[diff] [blame]797 // If |result| is ERR_HTTPS_PROXY_TUNNEL_RESPONSE, then
798 // DoCreateStreamComplete is being called from OnHttpsProxyTunnelResponse,
799 // which resets the stream request first. Therefore, we have to grab the
800 // connection attempts in *that* function instead of here in that case.
801 if (result != ERR_HTTPS_PROXY_TUNNEL_RESPONSE)
802 CopyConnectionAttemptsFromStreamRequest();
803
davidben701ca982015-05-18 21:21:42[diff] [blame]804 if (request_->url.SchemeIsCryptographic())
805 RecordSSLFallbackMetrics(result);
806
[email protected]394816e92010-08-03 07:38:59[diff] [blame]807 if (result == OK) {
[email protected]82918cc2010-08-25 17:24:50[diff] [blame]808 next_state_ = STATE_INIT_STREAM;
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]809 DCHECK(stream_.get());
[email protected]adb00242010-10-29 03:04:33[diff] [blame]810 } else if (result == ERR_SSL_CLIENT_AUTH_CERT_NEEDED) {
811 result = HandleCertificateRequest(result);
[email protected]511f6f52010-12-17 03:58:29[diff] [blame]812 } else if (result == ERR_HTTPS_PROXY_TUNNEL_RESPONSE) {
813 // Return OK and let the caller read the proxy's error page
814 next_state_ = STATE_NONE;
815 return OK;
bncfacdd852015-01-09 19:22:54[diff] [blame]816 } else if (result == ERR_HTTP_1_1_REQUIRED ||
817 result == ERR_PROXY_HTTP_1_1_REQUIRED) {
818 return HandleHttp11Required(result);
[email protected]394816e92010-08-03 07:38:59[diff] [blame]819 }
820
[email protected]bd0b6772011-01-11 19:59:30[diff] [blame]821 // Handle possible handshake errors that may have occurred if the stream
822 // used SSL for one or more of the layers.
823 result = HandleSSLHandshakeError(result);
824
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]825 // At this point we are done with the stream_request_.
[email protected]26816882010-10-14 18:03:09[diff] [blame]826 stream_request_.reset();
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]827 return result;
[email protected]394816e92010-08-03 07:38:59[diff] [blame]828}
829
[email protected]82918cc2010-08-25 17:24:50[diff] [blame]830int HttpNetworkTransaction::DoInitStream() {
831 DCHECK(stream_.get());
832 next_state_ = STATE_INIT_STREAM_COMPLETE;
ttuttled9dbc652015-09-29 20:00:59[diff] [blame]833
834 stream_->GetRemoteEndpoint(&remote_endpoint_);
835
[email protected]262eec82013-03-19 21:01:36[diff] [blame]836 return stream_->InitializeStream(request_, priority_, net_log_, io_callback_);
[email protected]82918cc2010-08-25 17:24:50[diff] [blame]837}
838
839int HttpNetworkTransaction::DoInitStreamComplete(int result) {
840 if (result == OK) {
841 next_state_ = STATE_GENERATE_PROXY_AUTH_TOKEN;
[email protected]82918cc2010-08-25 17:24:50[diff] [blame]842 } else {
[email protected]82918cc2010-08-25 17:24:50[diff] [blame]843 if (result < 0)
[email protected]044dcc52010-09-17 15:44:26[diff] [blame]844 result = HandleIOError(result);
845
846 // The stream initialization failed, so this stream will never be useful.
sclittlefb249892015-09-10 21:33:22[diff] [blame]847 if (stream_) {
848 total_received_bytes_ += stream_->GetTotalReceivedBytes();
849 total_sent_bytes_ += stream_->GetTotalSentBytes();
850 }
zhongyica364fbb2015-12-12 03:39:12[diff] [blame]851 CacheNetErrorDetailsAndResetStream();
[email protected]82918cc2010-08-25 17:24:50[diff] [blame]852 }
853
854 return result;
855}
856
[email protected]044de0642010-06-17 10:42:15[diff] [blame]857int HttpNetworkTransaction::DoGenerateProxyAuthToken() {
858 next_state_ = STATE_GENERATE_PROXY_AUTH_TOKEN_COMPLETE;
859 if (!ShouldApplyProxyAuth())
860 return OK;
[email protected]394816e92010-08-03 07:38:59[diff] [blame]861 HttpAuth::Target target = HttpAuth::AUTH_PROXY;
862 if (!auth_controllers_[target].get())
[email protected]3598c6022010-09-17 23:13:09[diff] [blame]863 auth_controllers_[target] =
864 new HttpAuthController(target,
865 AuthURL(target),
[email protected]102e27c2011-02-23 01:01:31[diff] [blame]866 session_->http_auth_cache(),
[email protected]3598c6022010-09-17 23:13:09[diff] [blame]867 session_->http_auth_handler_factory());
[email protected]394816e92010-08-03 07:38:59[diff] [blame]868 return auth_controllers_[target]->MaybeGenerateAuthToken(request_,
[email protected]49639fa2011-12-20 23:22:41[diff] [blame]869 io_callback_,
[email protected]394816e92010-08-03 07:38:59[diff] [blame]870 net_log_);
[email protected]044de0642010-06-17 10:42:15[diff] [blame]871}
872
873int HttpNetworkTransaction::DoGenerateProxyAuthTokenComplete(int rv) {
874 DCHECK_NE(ERR_IO_PENDING, rv);
875 if (rv == OK)
876 next_state_ = STATE_GENERATE_SERVER_AUTH_TOKEN;
877 return rv;
878}
879
880int HttpNetworkTransaction::DoGenerateServerAuthToken() {
881 next_state_ = STATE_GENERATE_SERVER_AUTH_TOKEN_COMPLETE;
[email protected]394816e92010-08-03 07:38:59[diff] [blame]882 HttpAuth::Target target = HttpAuth::AUTH_SERVER;
[email protected]2217aa22013-10-11 03:03:54[diff] [blame]883 if (!auth_controllers_[target].get()) {
[email protected]3598c6022010-09-17 23:13:09[diff] [blame]884 auth_controllers_[target] =
885 new HttpAuthController(target,
886 AuthURL(target),
[email protected]102e27c2011-02-23 01:01:31[diff] [blame]887 session_->http_auth_cache(),
[email protected]3598c6022010-09-17 23:13:09[diff] [blame]888 session_->http_auth_handler_factory());
[email protected]2217aa22013-10-11 03:03:54[diff] [blame]889 if (request_->load_flags & LOAD_DO_NOT_USE_EMBEDDED_IDENTITY)
890 auth_controllers_[target]->DisableEmbeddedIdentity();
891 }
[email protected]044de0642010-06-17 10:42:15[diff] [blame]892 if (!ShouldApplyServerAuth())
893 return OK;
[email protected]394816e92010-08-03 07:38:59[diff] [blame]894 return auth_controllers_[target]->MaybeGenerateAuthToken(request_,
[email protected]49639fa2011-12-20 23:22:41[diff] [blame]895 io_callback_,
[email protected]394816e92010-08-03 07:38:59[diff] [blame]896 net_log_);
[email protected]044de0642010-06-17 10:42:15[diff] [blame]897}
898
899int HttpNetworkTransaction::DoGenerateServerAuthTokenComplete(int rv) {
900 DCHECK_NE(ERR_IO_PENDING, rv);
901 if (rv == OK)
nharperd6e65822016-03-30 23:05:48[diff] [blame]902 next_state_ = STATE_GET_PROVIDED_TOKEN_BINDING_KEY;
[email protected]044de0642010-06-17 10:42:15[diff] [blame]903 return rv;
904}
905
nharperd6e65822016-03-30 23:05:48[diff] [blame]906int HttpNetworkTransaction::DoGetProvidedTokenBindingKey() {
907 next_state_ = STATE_GET_PROVIDED_TOKEN_BINDING_KEY_COMPLETE;
nharperb7441ef2016-01-25 23:54:14[diff] [blame]908 if (!IsTokenBindingEnabled())
909 return OK;
910
mikecirone8b85c432016-09-08 19:11:00[diff] [blame]911 net_log_.BeginEvent(NetLogEventType::HTTP_TRANSACTION_GET_TOKEN_BINDING_KEY);
nharperb7441ef2016-01-25 23:54:14[diff] [blame]912 ChannelIDService* channel_id_service = session_->params().channel_id_service;
913 return channel_id_service->GetOrCreateChannelID(
nharperd6e65822016-03-30 23:05:48[diff] [blame]914 request_->url.host(), &provided_token_binding_key_, io_callback_,
nharperb7441ef2016-01-25 23:54:14[diff] [blame]915 &token_binding_request_);
916}
917
nharperd6e65822016-03-30 23:05:48[diff] [blame]918int HttpNetworkTransaction::DoGetProvidedTokenBindingKeyComplete(int rv) {
nharperb7441ef2016-01-25 23:54:14[diff] [blame]919 DCHECK_NE(ERR_IO_PENDING, rv);
nharperd6e65822016-03-30 23:05:48[diff] [blame]920 if (IsTokenBindingEnabled()) {
921 net_log_.EndEventWithNetErrorCode(
mikecirone8b85c432016-09-08 19:11:00[diff] [blame]922 NetLogEventType::HTTP_TRANSACTION_GET_TOKEN_BINDING_KEY, rv);
nharperd6e65822016-03-30 23:05:48[diff] [blame]923 }
924
925 if (rv == OK)
926 next_state_ = STATE_GET_REFERRED_TOKEN_BINDING_KEY;
927 return rv;
928}
929
930int HttpNetworkTransaction::DoGetReferredTokenBindingKey() {
931 next_state_ = STATE_GET_REFERRED_TOKEN_BINDING_KEY_COMPLETE;
932 if (!IsTokenBindingEnabled() || request_->token_binding_referrer.empty())
nharperb7441ef2016-01-25 23:54:14[diff] [blame]933 return OK;
934
mikecirone8b85c432016-09-08 19:11:00[diff] [blame]935 net_log_.BeginEvent(NetLogEventType::HTTP_TRANSACTION_GET_TOKEN_BINDING_KEY);
nharperd6e65822016-03-30 23:05:48[diff] [blame]936 ChannelIDService* channel_id_service = session_->params().channel_id_service;
937 return channel_id_service->GetOrCreateChannelID(
938 request_->token_binding_referrer, &referred_token_binding_key_,
939 io_callback_, &token_binding_request_);
940}
941
942int HttpNetworkTransaction::DoGetReferredTokenBindingKeyComplete(int rv) {
943 DCHECK_NE(ERR_IO_PENDING, rv);
944 if (IsTokenBindingEnabled() && !request_->token_binding_referrer.empty()) {
945 net_log_.EndEventWithNetErrorCode(
mikecirone8b85c432016-09-08 19:11:00[diff] [blame]946 NetLogEventType::HTTP_TRANSACTION_GET_TOKEN_BINDING_KEY, rv);
nharperd6e65822016-03-30 23:05:48[diff] [blame]947 }
948 if (rv == OK)
949 next_state_ = STATE_INIT_REQUEST_BODY;
nharperb7441ef2016-01-25 23:54:14[diff] [blame]950 return rv;
951}
952
953int HttpNetworkTransaction::BuildRequestHeaders(
Adam Rice425cf122015-01-19 06:18:24[diff] [blame]954 bool using_http_proxy_without_tunnel) {
[email protected]2979a492011-04-06 00:29:14[diff] [blame]955 request_headers_.SetHeader(HttpRequestHeaders::kHost,
956 GetHostAndOptionalPort(request_->url));
957
958 // For compat with HTTP/1.0 servers and proxies:
Adam Rice425cf122015-01-19 06:18:24[diff] [blame]959 if (using_http_proxy_without_tunnel) {
[email protected]2979a492011-04-06 00:29:14[diff] [blame]960 request_headers_.SetHeader(HttpRequestHeaders::kProxyConnection,
961 "keep-alive");
962 } else {
963 request_headers_.SetHeader(HttpRequestHeaders::kConnection, "keep-alive");
964 }
965
[email protected]2979a492011-04-06 00:29:14[diff] [blame]966 // Add a content length header?
[email protected]bf3eb002012-11-15 05:50:11[diff] [blame]967 if (request_->upload_data_stream) {
968 if (request_->upload_data_stream->is_chunked()) {
[email protected]2979a492011-04-06 00:29:14[diff] [blame]969 request_headers_.SetHeader(
970 HttpRequestHeaders::kTransferEncoding, "chunked");
971 } else {
972 request_headers_.SetHeader(
973 HttpRequestHeaders::kContentLength,
[email protected]bf3eb002012-11-15 05:50:11[diff] [blame]974 base::Uint64ToString(request_->upload_data_stream->size()));
[email protected]2979a492011-04-06 00:29:14[diff] [blame]975 }
csharrisonf473dd192015-08-18 13:54:13[diff] [blame]976 } else if (request_->method == "POST" || request_->method == "PUT") {
[email protected]2979a492011-04-06 00:29:14[diff] [blame]977 // An empty POST/PUT request still needs a content length. As for HEAD,
978 // IE and Safari also add a content length header. Presumably it is to
979 // support sending a HEAD request to an URL that only expects to be sent a
980 // POST or some other method that normally would have a message body.
csharrisonf473dd192015-08-18 13:54:13[diff] [blame]981 // Firefox (40.0) does not send the header, and RFC 7230 & 7231
982 // specify that it should not be sent due to undefined behavior.
[email protected]2979a492011-04-06 00:29:14[diff] [blame]983 request_headers_.SetHeader(HttpRequestHeaders::kContentLength, "0");
984 }
985
nharperb7441ef2016-01-25 23:54:14[diff] [blame]986 RecordTokenBindingSupport();
nharperd6e65822016-03-30 23:05:48[diff] [blame]987 if (provided_token_binding_key_) {
nharperb7441ef2016-01-25 23:54:14[diff] [blame]988 std::string token_binding_header;
989 int rv = BuildTokenBindingHeader(&token_binding_header);
990 if (rv != OK)
991 return rv;
992 request_headers_.SetHeader(HttpRequestHeaders::kTokenBinding,
993 token_binding_header);
994 }
995
[email protected]2979a492011-04-06 00:29:14[diff] [blame]996 // Honor load flags that impact proxy caches.
997 if (request_->load_flags & LOAD_BYPASS_CACHE) {
998 request_headers_.SetHeader(HttpRequestHeaders::kPragma, "no-cache");
999 request_headers_.SetHeader(HttpRequestHeaders::kCacheControl, "no-cache");
1000 } else if (request_->load_flags & LOAD_VALIDATE_CACHE) {
1001 request_headers_.SetHeader(HttpRequestHeaders::kCacheControl, "max-age=0");
1002 }
1003
1004 if (ShouldApplyProxyAuth() && HaveAuth(HttpAuth::AUTH_PROXY))
1005 auth_controllers_[HttpAuth::AUTH_PROXY]->AddAuthorizationHeader(
1006 &request_headers_);
1007 if (ShouldApplyServerAuth() && HaveAuth(HttpAuth::AUTH_SERVER))
1008 auth_controllers_[HttpAuth::AUTH_SERVER]->AddAuthorizationHeader(
1009 &request_headers_);
1010
[email protected]c10450102011-06-27 09:06:16[diff] [blame]1011 request_headers_.MergeFrom(request_->extra_headers);
[email protected]1252d42f2014-07-01 21:20:20[diff] [blame]1012
ryansturm49a8cb12016-06-15 16:51:09[diff] [blame]1013 if (!before_headers_sent_callback_.is_null())
1014 before_headers_sent_callback_.Run(proxy_info_, &request_headers_);
[email protected]1252d42f2014-07-01 21:20:20[diff] [blame]1015
[email protected]173f8e22013-04-10 04:18:20[diff] [blame]1016 response_.did_use_http_auth =
1017 request_headers_.HasHeader(HttpRequestHeaders::kAuthorization) ||
1018 request_headers_.HasHeader(HttpRequestHeaders::kProxyAuthorization);
nharperb7441ef2016-01-25 23:54:14[diff] [blame]1019 return OK;
1020}
1021
1022int HttpNetworkTransaction::BuildTokenBindingHeader(std::string* out) {
nharpercb66ad0202016-03-11 18:17:47[diff] [blame]1023 base::TimeTicks start = base::TimeTicks::Now();
nharperb7441ef2016-01-25 23:54:14[diff] [blame]1024 std::vector<uint8_t> signed_ekm;
nharper78e6d2b2016-09-21 05:42:35[diff] [blame^]1025 int rv = stream_->GetTokenBindingSignature(provided_token_binding_key_.get(),
1026 TokenBindingType::PROVIDED,
1027 &signed_ekm);
nharperb7441ef2016-01-25 23:54:14[diff] [blame]1028 if (rv != OK)
1029 return rv;
1030 std::string provided_token_binding;
nharperd6e65822016-03-30 23:05:48[diff] [blame]1031 rv = BuildTokenBinding(TokenBindingType::PROVIDED,
1032 provided_token_binding_key_.get(), signed_ekm,
1033 &provided_token_binding);
nharperb7441ef2016-01-25 23:54:14[diff] [blame]1034 if (rv != OK)
1035 return rv;
nharperd6e65822016-03-30 23:05:48[diff] [blame]1036
nharperb7441ef2016-01-25 23:54:14[diff] [blame]1037 std::vector<base::StringPiece> token_bindings;
1038 token_bindings.push_back(provided_token_binding);
nharperd6e65822016-03-30 23:05:48[diff] [blame]1039
1040 std::string referred_token_binding;
1041 if (referred_token_binding_key_) {
1042 std::vector<uint8_t> referred_signed_ekm;
nharper78e6d2b2016-09-21 05:42:35[diff] [blame^]1043 int rv = stream_->GetTokenBindingSignature(
1044 referred_token_binding_key_.get(), TokenBindingType::REFERRED,
1045 &referred_signed_ekm);
nharperd6e65822016-03-30 23:05:48[diff] [blame]1046 if (rv != OK)
1047 return rv;
1048 rv = BuildTokenBinding(TokenBindingType::REFERRED,
1049 referred_token_binding_key_.get(),
1050 referred_signed_ekm, &referred_token_binding);
1051 if (rv != OK)
1052 return rv;
1053 token_bindings.push_back(referred_token_binding);
1054 }
nharperb7441ef2016-01-25 23:54:14[diff] [blame]1055 std::string header;
1056 rv = BuildTokenBindingMessageFromTokenBindings(token_bindings, &header);
1057 if (rv != OK)
1058 return rv;
nharper78e6d2b2016-09-21 05:42:35[diff] [blame^]1059 base::Base64UrlEncode(header, base::Base64UrlEncodePolicy::OMIT_PADDING, out);
nharpercb66ad0202016-03-11 18:17:47[diff] [blame]1060 base::TimeDelta header_creation_time = base::TimeTicks::Now() - start;
1061 UMA_HISTOGRAM_CUSTOM_TIMES("Net.TokenBinding.HeaderCreationTime",
1062 header_creation_time,
1063 base::TimeDelta::FromMilliseconds(1),
1064 base::TimeDelta::FromMinutes(1), 50);
nharperb7441ef2016-01-25 23:54:14[diff] [blame]1065 return OK;
[email protected]2979a492011-04-06 00:29:14[diff] [blame]1066}
1067
[email protected]daddea62012-09-19 05:51:13[diff] [blame]1068int HttpNetworkTransaction::DoInitRequestBody() {
1069 next_state_ = STATE_INIT_REQUEST_BODY_COMPLETE;
[email protected]daddea62012-09-19 05:51:13[diff] [blame]1070 int rv = OK;
[email protected]bf3eb002012-11-15 05:50:11[diff] [blame]1071 if (request_->upload_data_stream)
maksim.sisov819ba852016-08-17 08:22:52[diff] [blame]1072 rv = request_->upload_data_stream->Init(io_callback_, net_log_);
[email protected]daddea62012-09-19 05:51:13[diff] [blame]1073 return rv;
1074}
[email protected]4875ba12011-03-30 22:31:51[diff] [blame]1075
[email protected]daddea62012-09-19 05:51:13[diff] [blame]1076int HttpNetworkTransaction::DoInitRequestBodyComplete(int result) {
1077 if (result == OK)
1078 next_state_ = STATE_BUILD_REQUEST;
[email protected]daddea62012-09-19 05:51:13[diff] [blame]1079 return result;
1080}
1081
1082int HttpNetworkTransaction::DoBuildRequest() {
1083 next_state_ = STATE_BUILD_REQUEST_COMPLETE;
[email protected]4875ba12011-03-30 22:31:51[diff] [blame]1084 headers_valid_ = false;
1085
1086 // This is constructed lazily (instead of within our Start method), so that
1087 // we have proxy info available.
1088 if (request_headers_.IsEmpty()) {
Adam Rice425cf122015-01-19 06:18:24[diff] [blame]1089 bool using_http_proxy_without_tunnel = UsingHttpProxyWithoutTunnel();
nharperb7441ef2016-01-25 23:54:14[diff] [blame]1090 return BuildRequestHeaders(using_http_proxy_without_tunnel);
[email protected]4875ba12011-03-30 22:31:51[diff] [blame]1091 }
1092
[email protected]4875ba12011-03-30 22:31:51[diff] [blame]1093 return OK;
1094}
1095
1096int HttpNetworkTransaction::DoBuildRequestComplete(int result) {
[email protected]9f489d72011-04-04 23:29:24[diff] [blame]1097 if (result == OK)
1098 next_state_ = STATE_SEND_REQUEST;
[email protected]4875ba12011-03-30 22:31:51[diff] [blame]1099 return result;
1100}
1101
[email protected]0877e3d2009-10-17 22:29:57[diff] [blame]1102int HttpNetworkTransaction::DoSendRequest() {
pkastingec2cdb52015-05-02 01:19:34[diff] [blame]1103 // TODO(mmenke): Remove ScopedTracker below once crbug.com/424359 is fixed.
pkastinga9269aa42015-04-10 01:42:26[diff] [blame]1104 tracked_objects::ScopedTracker tracking_profile(
1105 FROM_HERE_WITH_EXPLICIT_FUNCTION(
1106 "424359 HttpNetworkTransaction::DoSendRequest"));
1107
[email protected]58e32bb2013-01-21 18:23:25[diff] [blame]1108 send_start_time_ = base::TimeTicks::Now();
[email protected]0877e3d2009-10-17 22:29:57[diff] [blame]1109 next_state_ = STATE_SEND_REQUEST_COMPLETE;
1110
[email protected]bf3eb002012-11-15 05:50:11[diff] [blame]1111 return stream_->SendRequest(request_headers_, &response_, io_callback_);
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]1112}
1113
[email protected]0877e3d2009-10-17 22:29:57[diff] [blame]1114int HttpNetworkTransaction::DoSendRequestComplete(int result) {
[email protected]58e32bb2013-01-21 18:23:25[diff] [blame]1115 send_end_time_ = base::TimeTicks::Now();
bncaa171332016-07-20 14:47:36[diff] [blame]1116
1117 if (result == ERR_HTTP_1_1_REQUIRED ||
1118 result == ERR_PROXY_HTTP_1_1_REQUIRED) {
1119 return HandleHttp11Required(result);
1120 }
1121
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]1122 if (result < 0)
1123 return HandleIOError(result);
[email protected]0877e3d2009-10-17 22:29:57[diff] [blame]1124 next_state_ = STATE_READ_HEADERS;
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]1125 return OK;
1126}
1127
1128int HttpNetworkTransaction::DoReadHeaders() {
1129 next_state_ = STATE_READ_HEADERS_COMPLETE;
[email protected]49639fa2011-12-20 23:22:41[diff] [blame]1130 return stream_->ReadResponseHeaders(io_callback_);
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]1131}
1132
1133int HttpNetworkTransaction::DoReadHeadersComplete(int result) {
[email protected]0b45559b2009-06-12 21:45:11[diff] [blame]1134 // We can get a certificate error or ERR_SSL_CLIENT_AUTH_CERT_NEEDED here
1135 // due to SSL renegotiation.
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]1136 if (IsCertificateError(result)) {
1137 // We don't handle a certificate error during SSL renegotiation, so we
1138 // have to return an error that's not in the certificate error range
1139 // (-2xx).
1140 LOG(ERROR) << "Got a server certificate with error " << result
1141 << " during SSL renegotiation";
1142 result = ERR_CERT_ERROR_IN_SSL_RENEGOTIATION;
1143 } else if (result == ERR_SSL_CLIENT_AUTH_CERT_NEEDED) {
1144 // TODO(wtc): Need a test case for this code path!
1145 DCHECK(stream_.get());
Adam Ricecb76ac62015-02-20 05:33:25[diff] [blame]1146 DCHECK(IsSecureRequest());
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]1147 response_.cert_request_info = new SSLCertRequestInfo;
[email protected]90499482013-06-01 00:39:50[diff] [blame]1148 stream_->GetSSLCertRequestInfo(response_.cert_request_info.get());
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]1149 result = HandleCertificateRequest(result);
1150 if (result == OK)
1151 return result;
[email protected]2181ea002009-06-09 01:37:27[diff] [blame]1152 }
1153
bncfacdd852015-01-09 19:22:54[diff] [blame]1154 if (result == ERR_HTTP_1_1_REQUIRED ||
1155 result == ERR_PROXY_HTTP_1_1_REQUIRED) {
1156 return HandleHttp11Required(result);
1157 }
1158
[email protected]c871864d72014-03-13 19:56:19[diff] [blame]1159 // ERR_CONNECTION_CLOSED is treated differently at this point; if partial
1160 // response headers were received, we do the best we can to make sense of it
1161 // and send it back up the stack.
1162 //
1163 // TODO(davidben): Consider moving this to HttpBasicStream, It's a little
1164 // bizarre for SPDY. Assuming this logic is useful at all.
1165 // TODO(davidben): Bubble the error code up so we do not cache?
1166 if (result == ERR_CONNECTION_CLOSED && response_.headers.get())
1167 result = OK;
1168
1169 if (result < 0)
1170 return HandleIOError(result);
1171
[email protected]90499482013-06-01 00:39:50[diff] [blame]1172 DCHECK(response_.headers.get());
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]1173
[email protected]d58ceea82014-06-04 10:55:54[diff] [blame]1174 // On a 408 response from the server ("Request Timeout") on a stale socket,
1175 // retry the request.
[email protected]0aff0d82014-06-14 08:49:04[diff] [blame]1176 // Headers can be NULL because of http://crbug.com/384554.
1177 if (response_.headers.get() && response_.headers->response_code() == 408 &&
[email protected]d58ceea82014-06-04 10:55:54[diff] [blame]1178 stream_->IsConnectionReused()) {
1179 net_log_.AddEventWithNetErrorCode(
mikecirone8b85c432016-09-08 19:11:00[diff] [blame]1180 NetLogEventType::HTTP_TRANSACTION_RESTART_AFTER_ERROR,
[email protected]d58ceea82014-06-04 10:55:54[diff] [blame]1181 response_.headers->response_code());
1182 // This will close the socket - it would be weird to try and reuse it, even
1183 // if the server doesn't actually close it.
1184 ResetConnectionAndRequestForResend();
1185 return OK;
1186 }
1187
[email protected]93f8b562012-03-27 01:00:16[diff] [blame]1188 // Like Net.HttpResponseCode, but only for MAIN_FRAME loads.
rdsmith4de1fcf2016-08-30 05:35:21[diff] [blame]1189 if (request_->load_flags & LOAD_MAIN_FRAME_DEPRECATED) {
[email protected]93f8b562012-03-27 01:00:16[diff] [blame]1190 const int response_code = response_.headers->response_code();
1191 UMA_HISTOGRAM_ENUMERATION(
1192 "Net.HttpResponseCode_Nxx_MainFrame", response_code/100, 10);
1193 }
1194
[email protected]3abacd62012-06-10 20:20:32[diff] [blame]1195 net_log_.AddEvent(
mikecirone8b85c432016-09-08 19:11:00[diff] [blame]1196 NetLogEventType::HTTP_TRANSACTION_READ_RESPONSE_HEADERS,
[email protected]3abacd62012-06-10 20:20:32[diff] [blame]1197 base::Bind(&HttpResponseHeaders::NetLogCallback, response_.headers));
[email protected]dbb83db2010-05-11 18:13:39[diff] [blame]1198
bncbe0f6af2015-10-15 17:49:56[diff] [blame]1199 if (response_.headers->GetHttpVersion() < HttpVersion(1, 0)) {
[email protected]0877e3d2009-10-17 22:29:57[diff] [blame]1200 // HTTP/0.9 doesn't support the PUT method, so lack of response headers
1201 // indicates a buggy server. See:
1202 // https://bugzilla.mozilla.org/show_bug.cgi?id=193921
1203 if (request_->method == "PUT")
1204 return ERR_METHOD_NOT_SUPPORTED;
1205 }
[email protected]4ddaf2502008-10-23 18:26:19[diff] [blame]1206
[email protected]0877e3d2009-10-17 22:29:57[diff] [blame]1207 // Check for an intermediate 100 Continue response. An origin server is
1208 // allowed to send this response even if we didn't ask for it, so we just
1209 // need to skip over it.
1210 // We treat any other 1xx in this same way (although in practice getting
1211 // a 1xx that isn't a 100 is rare).
[email protected]831e4a32013-11-14 02:14:44[diff] [blame]1212 // Unless this is a WebSocket request, in which case we pass it on up.
1213 if (response_.headers->response_code() / 100 == 1 &&
1214 !ForWebSocketHandshake()) {
[email protected]007b3f82013-04-09 08:46:45[diff] [blame]1215 response_.headers = new HttpResponseHeaders(std::string());
[email protected]0877e3d2009-10-17 22:29:57[diff] [blame]1216 next_state_ = STATE_READ_HEADERS;
1217 return OK;
1218 }
1219
bncb26024382016-06-29 02:39:45[diff] [blame]1220 if (IsSecureRequest()) {
bnce3dd56f2016-06-01 10:37:11[diff] [blame]1221 session_->http_stream_factory()->ProcessAlternativeServices(
1222 session_, response_.headers.get(), url::SchemeHostPort(request_->url));
1223 }
[email protected]564b4912010-03-09 16:30:42[diff] [blame]1224
asanka5ffd5d72016-03-23 16:20:49[diff] [blame]1225 if (IsSecureRequest())
1226 stream_->GetSSLInfo(&response_.ssl_info);
1227
[email protected]e772db3f2010-07-12 18:11:13[diff] [blame]1228 int rv = HandleAuthChallenge();
[email protected]0877e3d2009-10-17 22:29:57[diff] [blame]1229 if (rv != OK)
1230 return rv;
1231
[email protected]0877e3d2009-10-17 22:29:57[diff] [blame]1232 headers_valid_ = true;
1233 return OK;
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]1234}
1235
1236int HttpNetworkTransaction::DoReadBody() {
[email protected]90499482013-06-01 00:39:50[diff] [blame]1237 DCHECK(read_buf_.get());
[email protected]6501bc02009-06-25 20:55:13[diff] [blame]1238 DCHECK_GT(read_buf_len_, 0);
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]1239 DCHECK(stream_ != NULL);
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]1240
1241 next_state_ = STATE_READ_BODY_COMPLETE;
[email protected]90499482013-06-01 00:39:50[diff] [blame]1242 return stream_->ReadResponseBody(
1243 read_buf_.get(), read_buf_len_, io_callback_);
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]1244}
1245
1246int HttpNetworkTransaction::DoReadBodyComplete(int result) {
1247 // We are done with the Read call.
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]1248 bool done = false;
1249 if (result <= 0) {
1250 DCHECK_NE(ERR_IO_PENDING, result);
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]1251 done = true;
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]1252 }
[email protected]9492e4a2010-02-24 00:58:46[diff] [blame]1253
mmenkebd84c392015-09-02 14:12:34[diff] [blame]1254 // Clean up connection if we are done.
1255 if (done) {
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]1256 // Note: Just because IsResponseBodyComplete is true, we're not
1257 // necessarily "done". We're only "done" when it is the last
1258 // read on this HttpNetworkTransaction, which will be signified
1259 // by a zero-length read.
mmenkebd84c392015-09-02 14:12:34[diff] [blame]1260 // TODO(mbelshe): The keep-alive property is really a property of
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]1261 // the stream. No need to compute it here just to pass back
1262 // to the stream's Close function.
mmenkebd84c392015-09-02 14:12:34[diff] [blame]1263 bool keep_alive =
1264 stream_->IsResponseBodyComplete() && stream_->CanReuseConnection();
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]1265
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]1266 stream_->Close(!keep_alive);
[email protected]e2a915a2010-08-19 07:55:01[diff] [blame]1267 // Note: we don't reset the stream here. We've closed it, but we still
1268 // need it around so that callers can call methods such as
1269 // GetUploadProgress() and have them be meaningful.
1270 // TODO(mbelshe): This means we closed the stream here, and we close it
1271 // again in ~HttpNetworkTransaction. Clean that up.
1272
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]1273 // The next Read call will return 0 (EOF).
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]1274 }
1275
1276 // Clear these to avoid leaving around old state.
1277 read_buf_ = NULL;
1278 read_buf_len_ = 0;
1279
1280 return result;
1281}
1282
[email protected]2d2697f92009-02-18 21:00:32[diff] [blame]1283int HttpNetworkTransaction::DoDrainBodyForAuthRestart() {
1284 // This method differs from DoReadBody only in the next_state_. So we just
1285 // call DoReadBody and override the next_state_. Perhaps there is a more
1286 // elegant way for these two methods to share code.
1287 int rv = DoReadBody();
1288 DCHECK(next_state_ == STATE_READ_BODY_COMPLETE);
1289 next_state_ = STATE_DRAIN_BODY_FOR_AUTH_RESTART_COMPLETE;
1290 return rv;
1291}
1292
[email protected]0877e3d2009-10-17 22:29:57[diff] [blame]1293// TODO(wtc): This method and the DoReadBodyComplete method are almost
1294// the same. Figure out a good way for these two methods to share code.
[email protected]2d2697f92009-02-18 21:00:32[diff] [blame]1295int HttpNetworkTransaction::DoDrainBodyForAuthRestartComplete(int result) {
[email protected]68873ba2009-06-04 21:49:23[diff] [blame]1296 // keep_alive defaults to true because the very reason we're draining the
1297 // response body is to reuse the connection for auth restart.
1298 bool done = false, keep_alive = true;
[email protected]2d2697f92009-02-18 21:00:32[diff] [blame]1299 if (result < 0) {
[email protected]0877e3d2009-10-17 22:29:57[diff] [blame]1300 // Error or closed connection while reading the socket.
[email protected]2d2697f92009-02-18 21:00:32[diff] [blame]1301 done = true;
[email protected]68873ba2009-06-04 21:49:23[diff] [blame]1302 keep_alive = false;
[email protected]351ab642010-08-05 16:55:31[diff] [blame]1303 } else if (stream_->IsResponseBodyComplete()) {
[email protected]0877e3d2009-10-17 22:29:57[diff] [blame]1304 done = true;
[email protected]2d2697f92009-02-18 21:00:32[diff] [blame]1305 }
1306
1307 if (done) {
1308 DidDrainBodyForAuthRestart(keep_alive);
1309 } else {
1310 // Keep draining.
1311 next_state_ = STATE_DRAIN_BODY_FOR_AUTH_RESTART;
1312 }
1313
1314 return OK;
1315}
1316
[email protected]5e363962009-06-19 19:57:01[diff] [blame]1317int HttpNetworkTransaction::HandleCertificateRequest(int error) {
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]1318 // There are two paths through which the server can request a certificate
1319 // from us. The first is during the initial handshake, the second is
1320 // during SSL renegotiation.
1321 //
1322 // In both cases, we want to close the connection before proceeding.
1323 // We do this for two reasons:
1324 // First, we don't want to keep the connection to the server hung for a
1325 // long time while the user selects a certificate.
1326 // Second, even if we did keep the connection open, NSS has a bug where
1327 // restarting the handshake for ClientAuth is currently broken.
[email protected]65a3b912010-08-21 05:46:58[diff] [blame]1328 DCHECK_EQ(error, ERR_SSL_CLIENT_AUTH_CERT_NEEDED);
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]1329
1330 if (stream_.get()) {
1331 // Since we already have a stream, we're being called as part of SSL
1332 // renegotiation.
1333 DCHECK(!stream_request_.get());
[email protected]b8015c42013-12-24 15:18:19[diff] [blame]1334 total_received_bytes_ += stream_->GetTotalReceivedBytes();
sclittlefb249892015-09-10 21:33:22[diff] [blame]1335 total_sent_bytes_ += stream_->GetTotalSentBytes();
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]1336 stream_->Close(true);
zhongyica364fbb2015-12-12 03:39:12[diff] [blame]1337 CacheNetErrorDetailsAndResetStream();
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]1338 }
1339
[email protected]26816882010-10-14 18:03:09[diff] [blame]1340 // The server is asking for a client certificate during the initial
1341 // handshake.
1342 stream_request_.reset();
[email protected]5e363962009-06-19 19:57:01[diff] [blame]1343
[email protected]ec229bc92010-11-22 09:51:45[diff] [blame]1344 // If the user selected one of the certificates in client_certs or declined
1345 // to provide one for this server before, use the past decision
1346 // automatically.
1347 scoped_refptr<X509Certificate> client_cert;
svaldez7872fd02015-11-19 21:10:54[diff] [blame]1348 scoped_refptr<SSLPrivateKey> client_private_key;
[email protected]ec229bc92010-11-22 09:51:45[diff] [blame]1349 bool found_cached_cert = session_->ssl_client_auth_cache()->Lookup(
svaldez7872fd02015-11-19 21:10:54[diff] [blame]1350 response_.cert_request_info->host_and_port, &client_cert,
1351 &client_private_key);
[email protected]ec229bc92010-11-22 09:51:45[diff] [blame]1352 if (!found_cached_cert)
1353 return error;
1354
1355 // Check that the certificate selected is still a certificate the server
1356 // is likely to accept, based on the criteria supplied in the
1357 // CertificateRequest message.
[email protected]90499482013-06-01 00:39:50[diff] [blame]1358 if (client_cert.get()) {
[email protected]f1958c382013-02-07 00:15:26[diff] [blame]1359 const std::vector<std::string>& cert_authorities =
1360 response_.cert_request_info->cert_authorities;
[email protected]ec229bc92010-11-22 09:51:45[diff] [blame]1361
[email protected]f1958c382013-02-07 00:15:26[diff] [blame]1362 bool cert_still_valid = cert_authorities.empty() ||
1363 client_cert->IsIssuedByEncoded(cert_authorities);
[email protected]ec229bc92010-11-22 09:51:45[diff] [blame]1364 if (!cert_still_valid)
1365 return error;
[email protected]5e363962009-06-19 19:57:01[diff] [blame]1366 }
[email protected]ec229bc92010-11-22 09:51:45[diff] [blame]1367
1368 // TODO(davidben): Add a unit test which covers this path; we need to be
1369 // able to send a legitimate certificate and also bypass/clear the
1370 // SSL session cache.
[email protected]102957f2011-09-02 17:10:14[diff] [blame]1371 SSLConfig* ssl_config = response_.cert_request_info->is_proxy ?
1372 &proxy_ssl_config_ : &server_ssl_config_;
1373 ssl_config->send_client_cert = true;
1374 ssl_config->client_cert = client_cert;
svaldez7872fd02015-11-19 21:10:54[diff] [blame]1375 ssl_config->client_private_key = client_private_key;
[email protected]ec229bc92010-11-22 09:51:45[diff] [blame]1376 next_state_ = STATE_CREATE_STREAM;
1377 // Reset the other member variables.
1378 // Note: this is necessary only with SSL renegotiation.
1379 ResetStateForRestart();
1380 return OK;
[email protected]0b45559b2009-06-12 21:45:11[diff] [blame]1381}
1382
bncfacdd852015-01-09 19:22:54[diff] [blame]1383int HttpNetworkTransaction::HandleHttp11Required(int error) {
1384 DCHECK(error == ERR_HTTP_1_1_REQUIRED ||
1385 error == ERR_PROXY_HTTP_1_1_REQUIRED);
1386
1387 if (error == ERR_HTTP_1_1_REQUIRED) {
1388 HttpServerProperties::ForceHTTP11(&server_ssl_config_);
1389 } else {
1390 HttpServerProperties::ForceHTTP11(&proxy_ssl_config_);
1391 }
1392 ResetConnectionAndRequestForResend();
1393 return OK;
1394}
1395
[email protected]384cc73a2013-12-08 22:41:03[diff] [blame]1396void HttpNetworkTransaction::HandleClientAuthError(int error) {
1397 if (server_ssl_config_.send_client_cert &&
1398 (error == ERR_SSL_PROTOCOL_ERROR || IsClientCertificateError(error))) {
1399 session_->ssl_client_auth_cache()->Remove(
[email protected]791879c2013-12-17 07:22:41[diff] [blame]1400 HostPortPair::FromURL(request_->url));
[email protected]384cc73a2013-12-08 22:41:03[diff] [blame]1401 }
1402}
1403
[email protected]bd0b6772011-01-11 19:59:30[diff] [blame]1404// TODO(rch): This does not correctly handle errors when an SSL proxy is
1405// being used, as all of the errors are handled as if they were generated
1406// by the endpoint host, request_->url, rather than considering if they were
[email protected]1c53a1f2011-01-13 00:36:38[diff] [blame]1407// generated by the SSL proxy. http://crbug.com/69329
[email protected]bd0b6772011-01-11 19:59:30[diff] [blame]1408int HttpNetworkTransaction::HandleSSLHandshakeError(int error) {
1409 DCHECK(request_);
[email protected]384cc73a2013-12-08 22:41:03[diff] [blame]1410 HandleClientAuthError(error);
[email protected]bd0b6772011-01-11 19:59:30[diff] [blame]1411
davidbena4c9d062015-04-03 22:34:25[diff] [blame]1412 // Accept deprecated cipher suites, but only on a fallback. This makes UMA
1413 // reflect servers require a deprecated cipher rather than merely prefer
1414 // it. This, however, has no security benefit until the ciphers are actually
1415 // removed.
davidben14b1a532015-10-30 16:01:09[diff] [blame]1416 if (!server_ssl_config_.deprecated_cipher_suites_enabled &&
davidbena4c9d062015-04-03 22:34:25[diff] [blame]1417 (error == ERR_SSL_VERSION_OR_CIPHER_MISMATCH ||
1418 error == ERR_CONNECTION_CLOSED || error == ERR_CONNECTION_RESET)) {
1419 net_log_.AddEvent(
mikecirone8b85c432016-09-08 19:11:00[diff] [blame]1420 NetLogEventType::SSL_CIPHER_FALLBACK,
davidbena4c9d062015-04-03 22:34:25[diff] [blame]1421 base::Bind(&NetLogSSLCipherFallbackCallback, &request_->url, error));
davidben14b1a532015-10-30 16:01:09[diff] [blame]1422 server_ssl_config_.deprecated_cipher_suites_enabled = true;
davidbena4c9d062015-04-03 22:34:25[diff] [blame]1423 ResetConnectionAndRequestForResend();
1424 return OK;
1425 }
1426
initial.commit586acc5fe2008-07-26 22:42:52[diff] [blame]1427 return error;
1428}
1429
[email protected]bd0b6772011-01-11 19:59:30[diff] [blame]1430// This method determines whether it is safe to resend the request after an
1431// IO error. It can only be called in response to request header or body
1432// write errors or response header read errors. It should not be used in
1433// other cases, such as a Connect error.
1434int HttpNetworkTransaction::HandleIOError(int error) {
[email protected]384cc73a2013-12-08 22:41:03[diff] [blame]1435 // Because the peer may request renegotiation with client authentication at
1436 // any time, check and handle client authentication errors.
1437 HandleClientAuthError(error);
[email protected]bd0b6772011-01-11 19:59:30[diff] [blame]1438
1439 switch (error) {
1440 // If we try to reuse a connection that the server is in the process of
1441 // closing, we may end up successfully writing out our request (or a
1442 // portion of our request) only to find a connection error when we try to
1443 // read from (or finish writing to) the socket.
1444 case ERR_CONNECTION_RESET:
1445 case ERR_CONNECTION_CLOSED:
1446 case ERR_CONNECTION_ABORTED:
[email protected]202965992011-12-07 23:04:51[diff] [blame]1447 // There can be a race between the socket pool checking checking whether a
1448 // socket is still connected, receiving the FIN, and sending/reading data
1449 // on a reused socket. If we receive the FIN between the connectedness
1450 // check and writing/reading from the socket, we may first learn the socket
1451 // is disconnected when we get a ERR_SOCKET_NOT_CONNECTED. This will most
1452 // likely happen when trying to retrieve its IP address.
1453 // See http://crbug.com/105824 for more details.
1454 case ERR_SOCKET_NOT_CONNECTED:
[email protected]a34f61ee2014-03-18 20:59:49[diff] [blame]1455 // If a socket is closed on its initial request, HttpStreamParser returns
1456 // ERR_EMPTY_RESPONSE. This may still be close/reuse race if the socket was
1457 // preconnected but failed to be used before the server timed it out.
1458 case ERR_EMPTY_RESPONSE:
1459 if (ShouldResendRequest()) {
[email protected]b6754252012-06-13 23:14:38[diff] [blame]1460 net_log_.AddEventWithNetErrorCode(
mikecirone8b85c432016-09-08 19:11:00[diff] [blame]1461 NetLogEventType::HTTP_TRANSACTION_RESTART_AFTER_ERROR, error);
[email protected]bd0b6772011-01-11 19:59:30[diff] [blame]1462 ResetConnectionAndRequestForResend();
1463 error = OK;
1464 }
1465 break;
[email protected]8753a122011-10-16 08:05:08[diff] [blame]1466 case ERR_SPDY_PING_FAILED:
[email protected]721c0ce2011-10-13 02:41:00[diff] [blame]1467 case ERR_SPDY_SERVER_REFUSED_STREAM:
[email protected]4d283b32013-10-17 12:57:27[diff] [blame]1468 case ERR_QUIC_HANDSHAKE_FAILED:
[email protected]b6754252012-06-13 23:14:38[diff] [blame]1469 net_log_.AddEventWithNetErrorCode(
mikecirone8b85c432016-09-08 19:11:00[diff] [blame]1470 NetLogEventType::HTTP_TRANSACTION_RESTART_AFTER_ERROR, error);
[email protected]721c0ce2011-10-13 02:41:00[diff] [blame]1471 ResetConnectionAndRequestForResend();
1472 error = OK;
1473 break;
[email protected]bd0b6772011-01-11 19:59:30[diff] [blame]1474 }
1475 return error;
1476}
1477
[email protected]c3b35c22008-09-27 03:19:42[diff] [blame]1478void HttpNetworkTransaction::ResetStateForRestart() {
[email protected]697ef4c2010-10-14 16:38:58[diff] [blame]1479 ResetStateForAuthRestart();
sclittlefb249892015-09-10 21:33:22[diff] [blame]1480 if (stream_) {
[email protected]b8015c42013-12-24 15:18:19[diff] [blame]1481 total_received_bytes_ += stream_->GetTotalReceivedBytes();
sclittlefb249892015-09-10 21:33:22[diff] [blame]1482 total_sent_bytes_ += stream_->GetTotalSentBytes();
1483 }
zhongyica364fbb2015-12-12 03:39:12[diff] [blame]1484 CacheNetErrorDetailsAndResetStream();
[email protected]697ef4c2010-10-14 16:38:58[diff] [blame]1485}
1486
1487void HttpNetworkTransaction::ResetStateForAuthRestart() {
[email protected]58e32bb2013-01-21 18:23:25[diff] [blame]1488 send_start_time_ = base::TimeTicks();
1489 send_end_time_ = base::TimeTicks();
[email protected]58e32bb2013-01-21 18:23:25[diff] [blame]1490
[email protected]0757e7702009-03-27 04:00:22[diff] [blame]1491 pending_auth_target_ = HttpAuth::AUTH_NONE;
[email protected]c3b35c22008-09-27 03:19:42[diff] [blame]1492 read_buf_ = NULL;
1493 read_buf_len_ = 0;
[email protected]0877e3d2009-10-17 22:29:57[diff] [blame]1494 headers_valid_ = false;
[email protected]b94f92d2010-10-27 16:45:20[diff] [blame]1495 request_headers_.Clear();
[email protected]a7e41312009-12-16 23:18:14[diff] [blame]1496 response_ = HttpResponseInfo();
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]1497 establishing_tunnel_ = false;
ttuttled9dbc652015-09-29 20:00:59[diff] [blame]1498 remote_endpoint_ = IPEndPoint();
zhongyica364fbb2015-12-12 03:39:12[diff] [blame]1499 net_error_details_.quic_broken = false;
1500 net_error_details_.quic_connection_error = QUIC_NO_ERROR;
nharperd6e65822016-03-30 23:05:48[diff] [blame]1501 provided_token_binding_key_.reset();
1502 referred_token_binding_key_.reset();
zhongyica364fbb2015-12-12 03:39:12[diff] [blame]1503}
1504
1505void HttpNetworkTransaction::CacheNetErrorDetailsAndResetStream() {
1506 if (stream_)
1507 stream_->PopulateNetErrorDetails(&net_error_details_);
1508 stream_.reset();
[email protected]0877e3d2009-10-17 22:29:57[diff] [blame]1509}
1510
davidben701ca982015-05-18 21:21:42[diff] [blame]1511void HttpNetworkTransaction::RecordSSLFallbackMetrics(int result) {
davidben701ca982015-05-18 21:21:42[diff] [blame]1512 if (result != OK)
1513 return;
1514
davidbenca9d69162015-05-04 20:18:45[diff] [blame]1515 UMA_HISTOGRAM_BOOLEAN("Net.ConnectionUsedSSLDeprecatedCipherFallback2",
davidben14b1a532015-10-30 16:01:09[diff] [blame]1516 server_ssl_config_.deprecated_cipher_suites_enabled);
davidbenca9d69162015-05-04 20:18:45[diff] [blame]1517}
1518
[email protected]0877e3d2009-10-17 22:29:57[diff] [blame]1519HttpResponseHeaders* HttpNetworkTransaction::GetResponseHeaders() const {
[email protected]90499482013-06-01 00:39:50[diff] [blame]1520 return response_.headers.get();
[email protected]c3b35c22008-09-27 03:19:42[diff] [blame]1521}
1522
[email protected]a34f61ee2014-03-18 20:59:49[diff] [blame]1523bool HttpNetworkTransaction::ShouldResendRequest() const {
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]1524 bool connection_is_proven = stream_->IsConnectionReused();
1525 bool has_received_headers = GetResponseHeaders() != NULL;
[email protected]58cebf8f2010-07-31 19:20:16[diff] [blame]1526
[email protected]2a5c76b2008-09-25 22:15:16[diff] [blame]1527 // NOTE: we resend a request only if we reused a keep-alive connection.
1528 // This automatically prevents an infinite resend loop because we'll run
1529 // out of the cached keep-alive connections eventually.
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]1530 if (connection_is_proven && !has_received_headers)
1531 return true;
1532 return false;
[email protected]1c773ea12009-04-28 19:58:42[diff] [blame]1533}
1534
1535void HttpNetworkTransaction::ResetConnectionAndRequestForResend() {
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]1536 if (stream_.get()) {
1537 stream_->Close(true);
zhongyica364fbb2015-12-12 03:39:12[diff] [blame]1538 CacheNetErrorDetailsAndResetStream();
[email protected]58cebf8f2010-07-31 19:20:16[diff] [blame]1539 }
1540
[email protected]0877e3d2009-10-17 22:29:57[diff] [blame]1541 // We need to clear request_headers_ because it contains the real request
1542 // headers, but we may need to resend the CONNECT request first to recreate
1543 // the SSL tunnel.
[email protected]b94f92d2010-10-27 16:45:20[diff] [blame]1544 request_headers_.Clear();
[email protected]82918cc2010-08-25 17:24:50[diff] [blame]1545 next_state_ = STATE_CREATE_STREAM; // Resend the request.
[email protected]86ec30d2008-09-29 21:53:54[diff] [blame]1546}
1547
[email protected]1c773ea12009-04-28 19:58:42[diff] [blame]1548bool HttpNetworkTransaction::ShouldApplyProxyAuth() const {
Adam Rice425cf122015-01-19 06:18:24[diff] [blame]1549 return UsingHttpProxyWithoutTunnel();
[email protected]1c773ea12009-04-28 19:58:42[diff] [blame]1550}
license.botbf09a502008-08-24 00:55:55[diff] [blame]1551
[email protected]1c773ea12009-04-28 19:58:42[diff] [blame]1552bool HttpNetworkTransaction::ShouldApplyServerAuth() const {
[email protected]8a1f3312010-05-25 19:25:04[diff] [blame]1553 return !(request_->load_flags & LOAD_DO_NOT_SEND_AUTH_DATA);
[email protected]1c773ea12009-04-28 19:58:42[diff] [blame]1554}
1555
[email protected]e772db3f2010-07-12 18:11:13[diff] [blame]1556int HttpNetworkTransaction::HandleAuthChallenge() {
[email protected]ad8e04a2010-11-01 04:16:27[diff] [blame]1557 scoped_refptr<HttpResponseHeaders> headers(GetResponseHeaders());
[email protected]90499482013-06-01 00:39:50[diff] [blame]1558 DCHECK(headers.get());
[email protected]c3b35c22008-09-27 03:19:42[diff] [blame]1559
[email protected]0877e3d2009-10-17 22:29:57[diff] [blame]1560 int status = headers->response_code();
[email protected]9094b602012-02-27 21:44:58[diff] [blame]1561 if (status != HTTP_UNAUTHORIZED &&
1562 status != HTTP_PROXY_AUTHENTICATION_REQUIRED)
[email protected]c3b35c22008-09-27 03:19:42[diff] [blame]1563 return OK;
[email protected]9094b602012-02-27 21:44:58[diff] [blame]1564 HttpAuth::Target target = status == HTTP_PROXY_AUTHENTICATION_REQUIRED ?
[email protected]2227c692010-05-04 15:36:11[diff] [blame]1565 HttpAuth::AUTH_PROXY : HttpAuth::AUTH_SERVER;
[email protected]038e9a32008-10-08 22:40:16[diff] [blame]1566 if (target == HttpAuth::AUTH_PROXY && proxy_info_.is_direct())
1567 return ERR_UNEXPECTED_PROXY_AUTH;
[email protected]c3b35c22008-09-27 03:19:42[diff] [blame]1568
[email protected]9094b602012-02-27 21:44:58[diff] [blame]1569 // This case can trigger when an HTTPS server responds with a "Proxy
1570 // authentication required" status code through a non-authenticating
1571 // proxy.
[email protected]7a67a8152010-11-05 18:31:10[diff] [blame]1572 if (!auth_controllers_[target].get())
1573 return ERR_UNEXPECTED_PROXY_AUTH;
1574
[email protected]a7ea8832010-07-12 17:54:54[diff] [blame]1575 int rv = auth_controllers_[target]->HandleAuthChallenge(
asanka5ffd5d72016-03-23 16:20:49[diff] [blame]1576 headers, response_.ssl_info,
1577 (request_->load_flags & LOAD_DO_NOT_SEND_AUTH_DATA) != 0, false,
[email protected]560c0432010-07-13 20:45:31[diff] [blame]1578 net_log_);
[email protected]228404f2010-06-24 04:31:41[diff] [blame]1579 if (auth_controllers_[target]->HaveAuthHandler())
asanka5ffd5d72016-03-23 16:20:49[diff] [blame]1580 pending_auth_target_ = target;
[email protected]228404f2010-06-24 04:31:41[diff] [blame]1581
1582 scoped_refptr<AuthChallengeInfo> auth_info =
1583 auth_controllers_[target]->auth_info();
1584 if (auth_info.get())
1585 response_.auth_challenge = auth_info;
1586
[email protected]228404f2010-06-24 04:31:41[diff] [blame]1587 return rv;
[email protected]f9ee6b52008-11-08 06:46:23[diff] [blame]1588}
1589
[email protected]8e6441ca2010-08-19 05:56:38[diff] [blame]1590bool HttpNetworkTransaction::HaveAuth(HttpAuth::Target target) const {
1591 return auth_controllers_[target].get() &&
1592 auth_controllers_[target]->HaveAuth();
1593}
1594
[email protected]228404f2010-06-24 04:31:41[diff] [blame]1595GURL HttpNetworkTransaction::AuthURL(HttpAuth::Target target) const {
1596 switch (target) {
[email protected]2df19bb2010-08-25 20:13:46[diff] [blame]1597 case HttpAuth::AUTH_PROXY: {
[email protected]228404f2010-06-24 04:31:41[diff] [blame]1598 if (!proxy_info_.proxy_server().is_valid() ||
1599 proxy_info_.proxy_server().is_direct()) {
1600 return GURL(); // There is no proxy server.
1601 }
[email protected]2df19bb2010-08-25 20:13:46[diff] [blame]1602 const char* scheme = proxy_info_.is_https() ? "https://" : "http://";
1603 return GURL(scheme +
[email protected]2fbaecf22010-07-22 22:20:35[diff] [blame]1604 proxy_info_.proxy_server().host_port_pair().ToString());
[email protected]2df19bb2010-08-25 20:13:46[diff] [blame]1605 }
[email protected]228404f2010-06-24 04:31:41[diff] [blame]1606 case HttpAuth::AUTH_SERVER:
[email protected]e69c1cd2014-07-29 07:42:29[diff] [blame]1607 if (ForWebSocketHandshake()) {
1608 const GURL& url = request_->url;
1609 url::Replacements<char> ws_to_http;
1610 if (url.SchemeIs("ws")) {
1611 ws_to_http.SetScheme("http", url::Component(0, 4));
1612 } else {
1613 DCHECK(url.SchemeIs("wss"));
1614 ws_to_http.SetScheme("https", url::Component(0, 5));
1615 }
1616 return url.ReplaceComponents(ws_to_http);
1617 }
[email protected]228404f2010-06-24 04:31:41[diff] [blame]1618 return request_->url;
1619 default:
1620 return GURL();
1621 }
[email protected]c3b35c22008-09-27 03:19:42[diff] [blame]1622}
1623
[email protected]831e4a32013-11-14 02:14:44[diff] [blame]1624bool HttpNetworkTransaction::ForWebSocketHandshake() const {
[email protected]23d3e022013-11-23 20:38:14[diff] [blame]1625 return websocket_handshake_stream_base_create_helper_ &&
1626 request_->url.SchemeIsWSOrWSS();
[email protected]831e4a32013-11-14 02:14:44[diff] [blame]1627}
1628
ttuttle1f2d7e92015-04-28 16:17:47[diff] [blame]1629void HttpNetworkTransaction::CopyConnectionAttemptsFromStreamRequest() {
1630 DCHECK(stream_request_);
1631
1632 // Since the transaction can restart with auth credentials, it may create a
1633 // stream more than once. Accumulate all of the connection attempts across
1634 // those streams by appending them to the vector:
1635 for (const auto& attempt : stream_request_->connection_attempts())
1636 connection_attempts_.push_back(attempt);
1637}
1638
[email protected]c3b35c22008-09-27 03:19:42[diff] [blame]1639} // namespace net