Google Git
Sign in
chromium / chromium / src.git / c63248d4041385f117c09a47cee79415396193c5 / . / net / socket / ssl_client_socket_pool.cc
blob: cbd87affe6c6a566464f04bbd6daa39342cfe7ec [file] [log] [blame]
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]1// Copyright (c) 2010 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#include "net/socket/ssl_client_socket_pool.h"
6
[email protected]c63248d42011-02-18 17:54:39[diff] [blame^]7#include "base/metrics/field_trial.h"
[email protected]835d7c82010-10-14 04:38:38[diff] [blame]8#include "base/metrics/histogram.h"
[email protected]ba00b492010-09-08 14:53:38[diff] [blame]9#include "base/values.h"
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]10#include "net/base/net_errors.h"
[email protected]4f4de7e62010-11-12 19:55:27[diff] [blame]11#include "net/base/host_port_pair.h"
[email protected]277d5942010-08-11 21:02:35[diff] [blame]12#include "net/base/ssl_cert_request_info.h"
[email protected]33b511c2010-08-11 00:04:43[diff] [blame]13#include "net/http/http_proxy_client_socket.h"
14#include "net/http/http_proxy_client_socket_pool.h"
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]15#include "net/socket/client_socket_factory.h"
16#include "net/socket/client_socket_handle.h"
[email protected]33b511c2010-08-11 00:04:43[diff] [blame]17#include "net/socket/socks_client_socket_pool.h"
18#include "net/socket/ssl_client_socket.h"
[email protected]d0672be2010-10-20 16:30:19[diff] [blame]19#include "net/socket/ssl_host_info.h"
[email protected]33b511c2010-08-11 00:04:43[diff] [blame]20#include "net/socket/tcp_client_socket_pool.h"
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]21
22namespace net {
23
24SSLSocketParams::SSLSocketParams(
25 const scoped_refptr<TCPSocketParams>& tcp_params,
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]26 const scoped_refptr<SOCKSSocketParams>& socks_params,
[email protected]2431756e2010-09-29 20:26:13[diff] [blame]27 const scoped_refptr<HttpProxySocketParams>& http_proxy_params,
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]28 ProxyServer::Scheme proxy,
[email protected]4f4de7e62010-11-12 19:55:27[diff] [blame]29 const HostPortPair& host_and_port,
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]30 const SSLConfig& ssl_config,
31 int load_flags,
[email protected]9e9e842e2010-07-23 23:09:15[diff] [blame]32 bool force_spdy_over_ssl,
33 bool want_spdy_over_npn)
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]34 : tcp_params_(tcp_params),
35 http_proxy_params_(http_proxy_params),
36 socks_params_(socks_params),
37 proxy_(proxy),
[email protected]4f4de7e62010-11-12 19:55:27[diff] [blame]38 host_and_port_(host_and_port),
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]39 ssl_config_(ssl_config),
40 load_flags_(load_flags),
[email protected]9e9e842e2010-07-23 23:09:15[diff] [blame]41 force_spdy_over_ssl_(force_spdy_over_ssl),
[email protected]9cf1e9da72010-09-30 16:13:15[diff] [blame]42 want_spdy_over_npn_(want_spdy_over_npn) {
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]43 switch (proxy_) {
44 case ProxyServer::SCHEME_DIRECT:
45 DCHECK(tcp_params_.get() != NULL);
46 DCHECK(http_proxy_params_.get() == NULL);
47 DCHECK(socks_params_.get() == NULL);
48 break;
49 case ProxyServer::SCHEME_HTTP:
[email protected]2df19bb2010-08-25 20:13:46[diff] [blame]50 case ProxyServer::SCHEME_HTTPS:
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]51 DCHECK(tcp_params_.get() == NULL);
52 DCHECK(http_proxy_params_.get() != NULL);
53 DCHECK(socks_params_.get() == NULL);
54 break;
55 case ProxyServer::SCHEME_SOCKS4:
56 case ProxyServer::SCHEME_SOCKS5:
57 DCHECK(tcp_params_.get() == NULL);
58 DCHECK(http_proxy_params_.get() == NULL);
59 DCHECK(socks_params_.get() != NULL);
60 break;
61 default:
62 LOG(DFATAL) << "unknown proxy type";
63 break;
64 }
65}
66
67SSLSocketParams::~SSLSocketParams() {}
68
69// Timeout for the SSL handshake portion of the connect.
70static const int kSSLHandshakeTimeoutInSeconds = 30;
71
72SSLConnectJob::SSLConnectJob(
73 const std::string& group_name,
74 const scoped_refptr<SSLSocketParams>& params,
75 const base::TimeDelta& timeout_duration,
[email protected]2431756e2010-09-29 20:26:13[diff] [blame]76 TCPClientSocketPool* tcp_pool,
77 SOCKSClientSocketPool* socks_pool,
78 HttpProxyClientSocketPool* http_proxy_pool,
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]79 ClientSocketFactory* client_socket_factory,
[email protected]73c45322010-10-01 23:57:54[diff] [blame]80 HostResolver* host_resolver,
[email protected]822581d2010-12-16 17:27:15[diff] [blame]81 CertVerifier* cert_verifier,
[email protected]2db580532010-10-08 14:32:37[diff] [blame]82 DnsRRResolver* dnsrr_resolver,
[email protected]345c613b2010-11-22 19:33:18[diff] [blame]83 DnsCertProvenanceChecker* dns_cert_checker,
[email protected]7ab5bbd12010-10-19 13:33:21[diff] [blame]84 SSLHostInfoFactory* ssl_host_info_factory,
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]85 Delegate* delegate,
86 NetLog* net_log)
87 : ConnectJob(group_name, timeout_duration, delegate,
88 BoundNetLog::Make(net_log, NetLog::SOURCE_CONNECT_JOB)),
89 params_(params),
90 tcp_pool_(tcp_pool),
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]91 socks_pool_(socks_pool),
[email protected]2431756e2010-09-29 20:26:13[diff] [blame]92 http_proxy_pool_(http_proxy_pool),
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]93 client_socket_factory_(client_socket_factory),
[email protected]822581d2010-12-16 17:27:15[diff] [blame]94 host_resolver_(host_resolver),
95 cert_verifier_(cert_verifier),
[email protected]2db580532010-10-08 14:32:37[diff] [blame]96 dnsrr_resolver_(dnsrr_resolver),
[email protected]345c613b2010-11-22 19:33:18[diff] [blame]97 dns_cert_checker_(dns_cert_checker),
[email protected]7ab5bbd12010-10-19 13:33:21[diff] [blame]98 ssl_host_info_factory_(ssl_host_info_factory),
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]99 ALLOW_THIS_IN_INITIALIZER_LIST(
100 callback_(this, &SSLConnectJob::OnIOComplete)) {}
101
102SSLConnectJob::~SSLConnectJob() {}
103
104LoadState SSLConnectJob::GetLoadState() const {
105 switch (next_state_) {
[email protected]135e2262010-07-17 00:32:04[diff] [blame]106 case STATE_TUNNEL_CONNECT_COMPLETE:
107 if (transport_socket_handle_->socket())
108 return LOAD_STATE_ESTABLISHING_PROXY_TUNNEL;
109 // else, fall through.
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]110 case STATE_TCP_CONNECT:
111 case STATE_TCP_CONNECT_COMPLETE:
112 case STATE_SOCKS_CONNECT:
113 case STATE_SOCKS_CONNECT_COMPLETE:
114 case STATE_TUNNEL_CONNECT:
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]115 return transport_socket_handle_->GetLoadState();
116 case STATE_SSL_CONNECT:
117 case STATE_SSL_CONNECT_COMPLETE:
118 return LOAD_STATE_SSL_HANDSHAKE;
119 default:
120 NOTREACHED();
121 return LOAD_STATE_IDLE;
122 }
123}
124
[email protected]ad74a592011-01-21 18:40:55[diff] [blame]125void SSLConnectJob::GetAdditionalErrorState(ClientSocketHandle * handle) {
126 // Headers in |error_response_info_| indicate a proxy tunnel setup
127 // problem. See DoTunnelConnectComplete.
128 if (error_response_info_.headers) {
129 handle->set_pending_http_proxy_connection(
130 transport_socket_handle_.release());
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]131 }
[email protected]ad74a592011-01-21 18:40:55[diff] [blame]132 handle->set_ssl_error_response_info(error_response_info_);
133 if (!ssl_connect_start_time_.is_null())
134 handle->set_is_ssl_error(true);
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]135}
136
137void SSLConnectJob::OnIOComplete(int result) {
138 int rv = DoLoop(result);
139 if (rv != ERR_IO_PENDING)
140 NotifyDelegateOfCompletion(rv); // Deletes |this|.
141}
142
143int SSLConnectJob::DoLoop(int result) {
144 DCHECK_NE(next_state_, STATE_NONE);
145
146 int rv = result;
147 do {
148 State state = next_state_;
149 next_state_ = STATE_NONE;
150 switch (state) {
151 case STATE_TCP_CONNECT:
152 DCHECK_EQ(OK, rv);
153 rv = DoTCPConnect();
154 break;
155 case STATE_TCP_CONNECT_COMPLETE:
156 rv = DoTCPConnectComplete(rv);
157 break;
158 case STATE_SOCKS_CONNECT:
159 DCHECK_EQ(OK, rv);
160 rv = DoSOCKSConnect();
161 break;
162 case STATE_SOCKS_CONNECT_COMPLETE:
163 rv = DoSOCKSConnectComplete(rv);
164 break;
165 case STATE_TUNNEL_CONNECT:
166 DCHECK_EQ(OK, rv);
167 rv = DoTunnelConnect();
168 break;
169 case STATE_TUNNEL_CONNECT_COMPLETE:
170 rv = DoTunnelConnectComplete(rv);
171 break;
172 case STATE_SSL_CONNECT:
173 DCHECK_EQ(OK, rv);
174 rv = DoSSLConnect();
175 break;
176 case STATE_SSL_CONNECT_COMPLETE:
177 rv = DoSSLConnectComplete(rv);
178 break;
179 default:
180 NOTREACHED() << "bad state";
181 rv = ERR_FAILED;
182 break;
183 }
184 } while (rv != ERR_IO_PENDING && next_state_ != STATE_NONE);
185
186 return rv;
187}
188
189int SSLConnectJob::DoTCPConnect() {
[email protected]2431756e2010-09-29 20:26:13[diff] [blame]190 DCHECK(tcp_pool_);
[email protected]899c3e92010-08-28 15:53:50[diff] [blame]191
[email protected]fd348122010-12-16 22:17:35[diff] [blame]192 if (ssl_host_info_factory_) {
[email protected]7ab5bbd12010-10-19 13:33:21[diff] [blame]193 ssl_host_info_.reset(
[email protected]4f4de7e62010-11-12 19:55:27[diff] [blame]194 ssl_host_info_factory_->GetForHost(params_->host_and_port().host(),
[email protected]98f397e2010-10-26 13:56:57[diff] [blame]195 params_->ssl_config()));
[email protected]7ab5bbd12010-10-19 13:33:21[diff] [blame]196 }
[email protected]c6781de2011-01-06 19:49:43[diff] [blame]197
[email protected]7ab5bbd12010-10-19 13:33:21[diff] [blame]198 if (ssl_host_info_.get()) {
[email protected]0bc64522011-01-14 15:42:38[diff] [blame]199 if (dnsrr_resolver_)
200 ssl_host_info_->StartDnsLookup(dnsrr_resolver_);
201
[email protected]4d52f192010-10-11 17:00:30[diff] [blame]202 // This starts fetching the SSL host info from the disk cache for Snap
203 // Start.
[email protected]7ab5bbd12010-10-19 13:33:21[diff] [blame]204 ssl_host_info_->Start();
[email protected]4d52f192010-10-11 17:00:30[diff] [blame]205 }
206
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]207 next_state_ = STATE_TCP_CONNECT_COMPLETE;
208 transport_socket_handle_.reset(new ClientSocketHandle());
209 scoped_refptr<TCPSocketParams> tcp_params = params_->tcp_params();
210 return transport_socket_handle_->Init(group_name(), tcp_params,
211 tcp_params->destination().priority(),
212 &callback_, tcp_pool_, net_log());
213}
214
215int SSLConnectJob::DoTCPConnectComplete(int result) {
216 if (result == OK)
217 next_state_ = STATE_SSL_CONNECT;
218
219 return result;
220}
221
222int SSLConnectJob::DoSOCKSConnect() {
[email protected]2431756e2010-09-29 20:26:13[diff] [blame]223 DCHECK(socks_pool_);
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]224 next_state_ = STATE_SOCKS_CONNECT_COMPLETE;
225 transport_socket_handle_.reset(new ClientSocketHandle());
226 scoped_refptr<SOCKSSocketParams> socks_params = params_->socks_params();
227 return transport_socket_handle_->Init(group_name(), socks_params,
228 socks_params->destination().priority(),
229 &callback_, socks_pool_, net_log());
230}
231
232int SSLConnectJob::DoSOCKSConnectComplete(int result) {
233 if (result == OK)
234 next_state_ = STATE_SSL_CONNECT;
235
236 return result;
237}
238
239int SSLConnectJob::DoTunnelConnect() {
[email protected]2431756e2010-09-29 20:26:13[diff] [blame]240 DCHECK(http_proxy_pool_);
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]241 next_state_ = STATE_TUNNEL_CONNECT_COMPLETE;
[email protected]394816e92010-08-03 07:38:59[diff] [blame]242
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]243 transport_socket_handle_.reset(new ClientSocketHandle());
244 scoped_refptr<HttpProxySocketParams> http_proxy_params =
245 params_->http_proxy_params();
246 return transport_socket_handle_->Init(
247 group_name(), http_proxy_params,
[email protected]2df19bb2010-08-25 20:13:46[diff] [blame]248 http_proxy_params->destination().priority(), &callback_,
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]249 http_proxy_pool_, net_log());
250}
251
252int SSLConnectJob::DoTunnelConnectComplete(int result) {
[email protected]4f4de7e62010-11-12 19:55:27[diff] [blame]253 // Extract the information needed to prompt for appropriate proxy
254 // authentication so that when ClientSocketPoolBaseHelper calls
255 // |GetAdditionalErrorState|, we can easily set the state.
256 if (result == ERR_SSL_CLIENT_AUTH_CERT_NEEDED) {
257 error_response_info_ = transport_socket_handle_->ssl_error_response_info();
[email protected]511f6f52010-12-17 03:58:29[diff] [blame]258 } else if (result == ERR_PROXY_AUTH_REQUESTED ||
259 result == ERR_HTTPS_PROXY_TUNNEL_RESPONSE) {
[email protected]4f4de7e62010-11-12 19:55:27[diff] [blame]260 ClientSocket* socket = transport_socket_handle_->socket();
261 HttpProxyClientSocket* tunnel_socket =
262 static_cast<HttpProxyClientSocket*>(socket);
[email protected]511f6f52010-12-17 03:58:29[diff] [blame]263 error_response_info_ = *tunnel_socket->GetConnectResponseInfo();
[email protected]4f4de7e62010-11-12 19:55:27[diff] [blame]264 }
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]265 if (result < 0)
266 return result;
267
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]268 next_state_ = STATE_SSL_CONNECT;
269 return result;
270}
271
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]272int SSLConnectJob::DoSSLConnect() {
273 next_state_ = STATE_SSL_CONNECT_COMPLETE;
274 // Reset the timeout to just the time allowed for the SSL handshake.
275 ResetTimer(base::TimeDelta::FromSeconds(kSSLHandshakeTimeoutInSeconds));
276 ssl_connect_start_time_ = base::TimeTicks::Now();
277
278 ssl_socket_.reset(client_socket_factory_->CreateSSLClientSocket(
[email protected]4f4de7e62010-11-12 19:55:27[diff] [blame]279 transport_socket_handle_.release(), params_->host_and_port(),
[email protected]822581d2010-12-16 17:27:15[diff] [blame]280 params_->ssl_config(), ssl_host_info_.release(), cert_verifier_,
281 dns_cert_checker_));
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]282 return ssl_socket_->Connect(&callback_);
283}
284
285int SSLConnectJob::DoSSLConnectComplete(int result) {
286 SSLClientSocket::NextProtoStatus status =
287 SSLClientSocket::kNextProtoUnsupported;
288 std::string proto;
289 // GetNextProto will fail and and trigger a NOTREACHED if we pass in a socket
290 // that hasn't had SSL_ImportFD called on it. If we get a certificate error
291 // here, then we know that we called SSL_ImportFD.
292 if (result == OK || IsCertificateError(result))
293 status = ssl_socket_->GetNextProto(&proto);
294
[email protected]9e9e842e2010-07-23 23:09:15[diff] [blame]295 // If we want spdy over npn, make sure it succeeded.
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]296 if (status == SSLClientSocket::kNextProtoNegotiated) {
[email protected]d7c9f422010-08-27 22:54:53[diff] [blame]297 ssl_socket_->set_was_npn_negotiated(true);
[email protected]bace48c2010-08-03 20:52:02[diff] [blame]298 SSLClientSocket::NextProto next_protocol =
299 SSLClientSocket::NextProtoFromString(proto);
300 // If we negotiated either version of SPDY, we must have
301 // advertised it, so allow it.
302 // TODO(mbelshe): verify it was a protocol we advertised?
303 if (next_protocol == SSLClientSocket::kProtoSPDY1 ||
304 next_protocol == SSLClientSocket::kProtoSPDY2) {
[email protected]d7c9f422010-08-27 22:54:53[diff] [blame]305 ssl_socket_->set_was_spdy_negotiated(true);
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]306 }
307 }
[email protected]d7c9f422010-08-27 22:54:53[diff] [blame]308 if (params_->want_spdy_over_npn() && !ssl_socket_->was_spdy_negotiated())
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]309 return ERR_NPN_NEGOTIATION_FAILED;
310
[email protected]9e9e842e2010-07-23 23:09:15[diff] [blame]311 // Spdy might be turned on by default, or it might be over npn.
312 bool using_spdy = params_->force_spdy_over_ssl() ||
313 params_->want_spdy_over_npn();
314
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]315 if (result == OK ||
316 ssl_socket_->IgnoreCertError(result, params_->load_flags())) {
317 DCHECK(ssl_connect_start_time_ != base::TimeTicks());
318 base::TimeDelta connect_duration =
319 base::TimeTicks::Now() - ssl_connect_start_time_;
[email protected]835d7c82010-10-14 04:38:38[diff] [blame]320 if (using_spdy) {
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]321 UMA_HISTOGRAM_CUSTOM_TIMES("Net.SpdyConnectionLatency",
322 connect_duration,
323 base::TimeDelta::FromMilliseconds(1),
324 base::TimeDelta::FromMinutes(10),
325 100);
[email protected]835d7c82010-10-14 04:38:38[diff] [blame]326 } else {
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]327 UMA_HISTOGRAM_CUSTOM_TIMES("Net.SSL_Connection_Latency",
328 connect_duration,
329 base::TimeDelta::FromMilliseconds(1),
330 base::TimeDelta::FromMinutes(10),
331 100);
[email protected]c63248d42011-02-18 17:54:39[diff] [blame^]332
333 static bool false_start_trial(
334 base::FieldTrialList::Find("SSLFalseStart") &&
335 !base::FieldTrialList::Find("SSLFalseStart")->group_name().empty());
336 if (false_start_trial) {
337 UMA_HISTOGRAM_CUSTOM_TIMES(base::FieldTrial::MakeName(
338 "Net.SSL_Connection_Latency",
339 "SSLFalseStart"),
340 connect_duration,
341 base::TimeDelta::FromMilliseconds(1),
342 base::TimeDelta::FromMinutes(10),
343 100);
344 }
[email protected]835d7c82010-10-14 04:38:38[diff] [blame]345 }
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]346 }
[email protected]8b498692010-07-16 17:11:43[diff] [blame]347
348 if (result == OK || IsCertificateError(result)) {
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]349 set_socket(ssl_socket_.release());
[email protected]8b498692010-07-16 17:11:43[diff] [blame]350 } else if (result == ERR_SSL_CLIENT_AUTH_CERT_NEEDED) {
351 error_response_info_.cert_request_info = new SSLCertRequestInfo;
352 ssl_socket_->GetSSLCertRequestInfo(error_response_info_.cert_request_info);
353 }
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]354
355 return result;
356}
357
[email protected]ad74a592011-01-21 18:40:55[diff] [blame]358int SSLConnectJob::ConnectInternal() {
359 switch (params_->proxy()) {
360 case ProxyServer::SCHEME_DIRECT:
361 next_state_ = STATE_TCP_CONNECT;
362 break;
363 case ProxyServer::SCHEME_HTTP:
364 case ProxyServer::SCHEME_HTTPS:
365 next_state_ = STATE_TUNNEL_CONNECT;
366 break;
367 case ProxyServer::SCHEME_SOCKS4:
368 case ProxyServer::SCHEME_SOCKS5:
369 next_state_ = STATE_SOCKS_CONNECT;
370 break;
371 default:
372 NOTREACHED() << "unknown proxy type";
373 break;
374 }
375 return DoLoop(OK);
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]376}
377
378SSLClientSocketPool::SSLConnectJobFactory::SSLConnectJobFactory(
[email protected]2431756e2010-09-29 20:26:13[diff] [blame]379 TCPClientSocketPool* tcp_pool,
380 SOCKSClientSocketPool* socks_pool,
381 HttpProxyClientSocketPool* http_proxy_pool,
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]382 ClientSocketFactory* client_socket_factory,
383 HostResolver* host_resolver,
[email protected]822581d2010-12-16 17:27:15[diff] [blame]384 CertVerifier* cert_verifier,
[email protected]2db580532010-10-08 14:32:37[diff] [blame]385 DnsRRResolver* dnsrr_resolver,
[email protected]345c613b2010-11-22 19:33:18[diff] [blame]386 DnsCertProvenanceChecker* dns_cert_checker,
[email protected]7ab5bbd12010-10-19 13:33:21[diff] [blame]387 SSLHostInfoFactory* ssl_host_info_factory,
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]388 NetLog* net_log)
389 : tcp_pool_(tcp_pool),
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]390 socks_pool_(socks_pool),
[email protected]2431756e2010-09-29 20:26:13[diff] [blame]391 http_proxy_pool_(http_proxy_pool),
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]392 client_socket_factory_(client_socket_factory),
393 host_resolver_(host_resolver),
[email protected]822581d2010-12-16 17:27:15[diff] [blame]394 cert_verifier_(cert_verifier),
[email protected]2db580532010-10-08 14:32:37[diff] [blame]395 dnsrr_resolver_(dnsrr_resolver),
[email protected]345c613b2010-11-22 19:33:18[diff] [blame]396 dns_cert_checker_(dns_cert_checker),
[email protected]7ab5bbd12010-10-19 13:33:21[diff] [blame]397 ssl_host_info_factory_(ssl_host_info_factory),
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]398 net_log_(net_log) {
399 base::TimeDelta max_transport_timeout = base::TimeDelta();
400 base::TimeDelta pool_timeout;
401 if (tcp_pool_)
402 max_transport_timeout = tcp_pool_->ConnectionTimeout();
403 if (socks_pool_) {
404 pool_timeout = socks_pool_->ConnectionTimeout();
405 if (pool_timeout > max_transport_timeout)
406 max_transport_timeout = pool_timeout;
407 }
408 if (http_proxy_pool_) {
409 pool_timeout = http_proxy_pool_->ConnectionTimeout();
410 if (pool_timeout > max_transport_timeout)
411 max_transport_timeout = pool_timeout;
412 }
413 timeout_ = max_transport_timeout +
414 base::TimeDelta::FromSeconds(kSSLHandshakeTimeoutInSeconds);
415}
416
417SSLClientSocketPool::SSLClientSocketPool(
418 int max_sockets,
419 int max_sockets_per_group,
[email protected]2431756e2010-09-29 20:26:13[diff] [blame]420 ClientSocketPoolHistograms* histograms,
[email protected]73c45322010-10-01 23:57:54[diff] [blame]421 HostResolver* host_resolver,
[email protected]822581d2010-12-16 17:27:15[diff] [blame]422 CertVerifier* cert_verifier,
[email protected]2db580532010-10-08 14:32:37[diff] [blame]423 DnsRRResolver* dnsrr_resolver,
[email protected]345c613b2010-11-22 19:33:18[diff] [blame]424 DnsCertProvenanceChecker* dns_cert_checker,
[email protected]7ab5bbd12010-10-19 13:33:21[diff] [blame]425 SSLHostInfoFactory* ssl_host_info_factory,
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]426 ClientSocketFactory* client_socket_factory,
[email protected]2431756e2010-09-29 20:26:13[diff] [blame]427 TCPClientSocketPool* tcp_pool,
428 SOCKSClientSocketPool* socks_pool,
429 HttpProxyClientSocketPool* http_proxy_pool,
[email protected]7abf7d22010-09-04 01:41:59[diff] [blame]430 SSLConfigService* ssl_config_service,
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]431 NetLog* net_log)
[email protected]ba00b492010-09-08 14:53:38[diff] [blame]432 : tcp_pool_(tcp_pool),
[email protected]ba00b492010-09-08 14:53:38[diff] [blame]433 socks_pool_(socks_pool),
[email protected]2431756e2010-09-29 20:26:13[diff] [blame]434 http_proxy_pool_(http_proxy_pool),
[email protected]ba00b492010-09-08 14:53:38[diff] [blame]435 base_(max_sockets, max_sockets_per_group, histograms,
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]436 base::TimeDelta::FromSeconds(
437 ClientSocketPool::unused_idle_socket_timeout()),
438 base::TimeDelta::FromSeconds(kUsedIdleSocketTimeout),
[email protected]2431756e2010-09-29 20:26:13[diff] [blame]439 new SSLConnectJobFactory(tcp_pool, socks_pool, http_proxy_pool,
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]440 client_socket_factory, host_resolver,
[email protected]822581d2010-12-16 17:27:15[diff] [blame]441 cert_verifier, dnsrr_resolver,
442 dns_cert_checker, ssl_host_info_factory,
[email protected]7ab5bbd12010-10-19 13:33:21[diff] [blame]443 net_log)),
[email protected]7abf7d22010-09-04 01:41:59[diff] [blame]444 ssl_config_service_(ssl_config_service) {
445 if (ssl_config_service_)
446 ssl_config_service_->AddObserver(this);
447}
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]448
[email protected]7abf7d22010-09-04 01:41:59[diff] [blame]449SSLClientSocketPool::~SSLClientSocketPool() {
450 if (ssl_config_service_)
451 ssl_config_service_->RemoveObserver(this);
452}
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]453
[email protected]ad74a592011-01-21 18:40:55[diff] [blame]454ConnectJob* SSLClientSocketPool::SSLConnectJobFactory::NewConnectJob(
455 const std::string& group_name,
456 const PoolBase::Request& request,
457 ConnectJob::Delegate* delegate) const {
458 return new SSLConnectJob(group_name, request.params(), ConnectionTimeout(),
459 tcp_pool_, socks_pool_, http_proxy_pool_,
460 client_socket_factory_, host_resolver_,
461 cert_verifier_, dnsrr_resolver_, dns_cert_checker_,
462 ssl_host_info_factory_, delegate, net_log_);
463}
464
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]465int SSLClientSocketPool::RequestSocket(const std::string& group_name,
466 const void* socket_params,
467 RequestPriority priority,
468 ClientSocketHandle* handle,
469 CompletionCallback* callback,
470 const BoundNetLog& net_log) {
471 const scoped_refptr<SSLSocketParams>* casted_socket_params =
472 static_cast<const scoped_refptr<SSLSocketParams>*>(socket_params);
473
474 return base_.RequestSocket(group_name, *casted_socket_params, priority,
475 handle, callback, net_log);
476}
477
[email protected]2c2bef152010-10-13 00:55:03[diff] [blame]478void SSLClientSocketPool::RequestSockets(
479 const std::string& group_name,
480 const void* params,
481 int num_sockets,
482 const BoundNetLog& net_log) {
483 const scoped_refptr<SSLSocketParams>* casted_params =
484 static_cast<const scoped_refptr<SSLSocketParams>*>(params);
485
486 base_.RequestSockets(group_name, *casted_params, num_sockets, net_log);
487}
488
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]489void SSLClientSocketPool::CancelRequest(const std::string& group_name,
[email protected]05ea9ff2010-07-15 19:08:21[diff] [blame]490 ClientSocketHandle* handle) {
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]491 base_.CancelRequest(group_name, handle);
492}
493
494void SSLClientSocketPool::ReleaseSocket(const std::string& group_name,
495 ClientSocket* socket, int id) {
496 base_.ReleaseSocket(group_name, socket, id);
497}
498
499void SSLClientSocketPool::Flush() {
500 base_.Flush();
501}
502
503void SSLClientSocketPool::CloseIdleSockets() {
504 base_.CloseIdleSockets();
505}
506
[email protected]ddb1e5a2010-12-13 20:10:45[diff] [blame]507int SSLClientSocketPool::IdleSocketCount() const {
508 return base_.idle_socket_count();
509}
510
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]511int SSLClientSocketPool::IdleSocketCountInGroup(
512 const std::string& group_name) const {
513 return base_.IdleSocketCountInGroup(group_name);
514}
515
516LoadState SSLClientSocketPool::GetLoadState(
517 const std::string& group_name, const ClientSocketHandle* handle) const {
518 return base_.GetLoadState(group_name, handle);
519}
520
[email protected]ba00b492010-09-08 14:53:38[diff] [blame]521DictionaryValue* SSLClientSocketPool::GetInfoAsValue(
522 const std::string& name,
523 const std::string& type,
524 bool include_nested_pools) const {
525 DictionaryValue* dict = base_.GetInfoAsValue(name, type);
526 if (include_nested_pools) {
527 ListValue* list = new ListValue();
[email protected]2431756e2010-09-29 20:26:13[diff] [blame]528 if (tcp_pool_) {
[email protected]ba00b492010-09-08 14:53:38[diff] [blame]529 list->Append(tcp_pool_->GetInfoAsValue("tcp_socket_pool",
530 "tcp_socket_pool",
531 false));
532 }
[email protected]2431756e2010-09-29 20:26:13[diff] [blame]533 if (socks_pool_) {
[email protected]ba00b492010-09-08 14:53:38[diff] [blame]534 list->Append(socks_pool_->GetInfoAsValue("socks_pool",
535 "socks_pool",
536 true));
537 }
[email protected]2431756e2010-09-29 20:26:13[diff] [blame]538 if (http_proxy_pool_) {
539 list->Append(http_proxy_pool_->GetInfoAsValue("http_proxy_pool",
540 "http_proxy_pool",
541 true));
542 }
[email protected]ba00b492010-09-08 14:53:38[diff] [blame]543 dict->Set("nested_pools", list);
544 }
545 return dict;
546}
547
[email protected]ddb1e5a2010-12-13 20:10:45[diff] [blame]548base::TimeDelta SSLClientSocketPool::ConnectionTimeout() const {
549 return base_.ConnectionTimeout();
550}
551
552ClientSocketPoolHistograms* SSLClientSocketPool::histograms() const {
553 return base_.histograms();
554}
555
[email protected]ad74a592011-01-21 18:40:55[diff] [blame]556void SSLClientSocketPool::OnSSLConfigChanged() {
557 Flush();
558}
559
[email protected]e60e47a2010-07-14 03:37:18[diff] [blame]560} // namespace net