diff -r 000000000000 -r 6474c204b198 netwerk/protocol/http/nsHttpConnection.cpp --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/netwerk/protocol/http/nsHttpConnection.cpp Wed Dec 31 06:09:35 2014 +0100 @@ -0,0 +1,1879 @@ +/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ +/* vim:set ts=4 sw=4 sts=4 et cin: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// HttpLog.h should generally be included first +#include "HttpLog.h" + +// Log on level :5, instead of default :4. +#undef LOG +#define LOG(args) LOG5(args) +#undef LOG_ENABLED +#define LOG_ENABLED() LOG5_ENABLED() + +#include "nsHttpConnection.h" +#include "nsHttpRequestHead.h" +#include "nsHttpResponseHead.h" +#include "nsHttpHandler.h" +#include "nsIOService.h" +#include "nsISocketTransport.h" +#include "nsSocketTransportService2.h" +#include "nsISSLSocketControl.h" +#include "sslt.h" +#include "nsStringStream.h" +#include "nsProxyRelease.h" +#include "nsPreloadedStream.h" +#include "ASpdySession.h" +#include "mozilla/Telemetry.h" +#include "nsISupportsPriority.h" +#include "nsHttpPipeline.h" +#include +#include "mozilla/ChaosMode.h" + +#ifdef DEBUG +// defined by the socket transport service while active +extern PRThread *gSocketThread; +#endif + +namespace mozilla { +namespace net { + +//----------------------------------------------------------------------------- +// nsHttpConnection +//----------------------------------------------------------------------------- + +nsHttpConnection::nsHttpConnection() + : mTransaction(nullptr) + , mHttpHandler(gHttpHandler) + , mCallbacksLock("nsHttpConnection::mCallbacksLock") + , mConsiderReusedAfterInterval(0) + , mConsiderReusedAfterEpoch(0) + , mCurrentBytesRead(0) + , mMaxBytesRead(0) + , mTotalBytesRead(0) + , mTotalBytesWritten(0) + , mKeepAlive(true) // assume to keep-alive by default + , mKeepAliveMask(true) + , mDontReuse(false) + , mSupportsPipelining(false) // assume low-grade server + , mIsReused(false) + , mCompletedProxyConnect(false) + , mLastTransactionExpectedNoContent(false) + , mIdleMonitoring(false) + , mProxyConnectInProgress(false) + , mExperienced(false) + , mHttp1xTransactionCount(0) + , mRemainingConnectionUses(0xffffffff) + , mClassification(nsAHttpTransaction::CLASS_GENERAL) + , mNPNComplete(false) + , mSetupSSLCalled(false) + , mUsingSpdyVersion(0) + , mPriority(nsISupportsPriority::PRIORITY_NORMAL) + , mReportedSpdy(false) + , mEverUsedSpdy(false) + , mLastHttpResponseVersion(NS_HTTP_VERSION_1_1) + , mTransactionCaps(0) + , mResponseTimeoutEnabled(false) + , mTCPKeepaliveConfig(kTCPKeepaliveDisabled) +{ + LOG(("Creating nsHttpConnection @%x\n", this)); + + // the default timeout is for when this connection has not yet processed a + // transaction + static const PRIntervalTime k5Sec = PR_SecondsToInterval(5); + mIdleTimeout = + (k5Sec < gHttpHandler->IdleTimeout()) ? k5Sec : gHttpHandler->IdleTimeout(); +} + +nsHttpConnection::~nsHttpConnection() +{ + LOG(("Destroying nsHttpConnection @%x\n", this)); + + if (!mEverUsedSpdy) { + LOG(("nsHttpConnection %p performed %d HTTP/1.x transactions\n", + this, mHttp1xTransactionCount)); + Telemetry::Accumulate(Telemetry::HTTP_REQUEST_PER_CONN, + mHttp1xTransactionCount); + } + + if (mTotalBytesRead) { + uint32_t totalKBRead = static_cast(mTotalBytesRead >> 10); + LOG(("nsHttpConnection %p read %dkb on connection spdy=%d\n", + this, totalKBRead, mEverUsedSpdy)); + Telemetry::Accumulate(mEverUsedSpdy ? + Telemetry::SPDY_KBREAD_PER_CONN : + Telemetry::HTTP_KBREAD_PER_CONN, + totalKBRead); + } +} + +nsresult +nsHttpConnection::Init(nsHttpConnectionInfo *info, + uint16_t maxHangTime, + nsISocketTransport *transport, + nsIAsyncInputStream *instream, + nsIAsyncOutputStream *outstream, + nsIInterfaceRequestor *callbacks, + PRIntervalTime rtt) +{ + MOZ_ASSERT(transport && instream && outstream, + "invalid socket information"); + LOG(("nsHttpConnection::Init [this=%p " + "transport=%p instream=%p outstream=%p rtt=%d]\n", + this, transport, instream, outstream, + PR_IntervalToMilliseconds(rtt))); + + NS_ENSURE_ARG_POINTER(info); + NS_ENSURE_TRUE(!mConnInfo, NS_ERROR_ALREADY_INITIALIZED); + + mConnInfo = info; + mLastWriteTime = mLastReadTime = PR_IntervalNow(); + mSupportsPipelining = + gHttpHandler->ConnMgr()->SupportsPipelining(mConnInfo); + mRtt = rtt; + mMaxHangTime = PR_SecondsToInterval(maxHangTime); + + mSocketTransport = transport; + mSocketIn = instream; + mSocketOut = outstream; + nsresult rv = mSocketTransport->SetEventSink(this, nullptr); + NS_ENSURE_SUCCESS(rv, rv); + + // See explanation for non-strictness of this operation in SetSecurityCallbacks. + mCallbacks = new nsMainThreadPtrHolder(callbacks, false); + rv = mSocketTransport->SetSecurityCallbacks(this); + NS_ENSURE_SUCCESS(rv, rv); + + return NS_OK; +} + +void +nsHttpConnection::StartSpdy(uint8_t spdyVersion) +{ + LOG(("nsHttpConnection::StartSpdy [this=%p]\n", this)); + + MOZ_ASSERT(!mSpdySession); + + mUsingSpdyVersion = spdyVersion; + mEverUsedSpdy = true; + + // Setting the connection as reused allows some transactions that fail + // with NS_ERROR_NET_RESET to be restarted and SPDY uses that code + // to handle clean rejections (such as those that arrived after + // a server goaway was generated). + mIsReused = true; + + // If mTransaction is a pipeline object it might represent + // several requests. If so, we need to unpack that and + // pack them all into a new spdy session. + + nsTArray > list; + nsresult rv = mTransaction->TakeSubTransactions(list); + + if (rv == NS_ERROR_ALREADY_OPENED) { + // Has the interface for TakeSubTransactions() changed? + LOG(("TakeSubTranscations somehow called after " + "nsAHttpTransaction began processing\n")); + MOZ_ASSERT(false, + "TakeSubTranscations somehow called after " + "nsAHttpTransaction began processing"); + mTransaction->Close(NS_ERROR_ABORT); + return; + } + + if (NS_FAILED(rv) && rv != NS_ERROR_NOT_IMPLEMENTED) { + // Has the interface for TakeSubTransactions() changed? + LOG(("unexpected rv from nnsAHttpTransaction::TakeSubTransactions()")); + MOZ_ASSERT(false, + "unexpected result from " + "nsAHttpTransaction::TakeSubTransactions()"); + mTransaction->Close(NS_ERROR_ABORT); + return; + } + + if (NS_FAILED(rv)) { // includes NS_ERROR_NOT_IMPLEMENTED + MOZ_ASSERT(list.IsEmpty(), "sub transaction list not empty"); + + // This is ok - treat mTransaction as a single real request. + // Wrap the old http transaction into the new spdy session + // as the first stream. + mSpdySession = ASpdySession::NewSpdySession(spdyVersion, + mTransaction, mSocketTransport, + mPriority); + LOG(("nsHttpConnection::StartSpdy moves single transaction %p " + "into SpdySession %p\n", mTransaction.get(), mSpdySession.get())); + } + else { + int32_t count = list.Length(); + + LOG(("nsHttpConnection::StartSpdy moving transaction list len=%d " + "into SpdySession %p\n", count, mSpdySession.get())); + + if (!count) { + mTransaction->Close(NS_ERROR_ABORT); + return; + } + + for (int32_t index = 0; index < count; ++index) { + if (!mSpdySession) { + mSpdySession = ASpdySession::NewSpdySession(spdyVersion, + list[index], mSocketTransport, + mPriority); + } + else { + // AddStream() cannot fail + if (!mSpdySession->AddStream(list[index], mPriority)) { + MOZ_ASSERT(false, "SpdySession::AddStream failed"); + LOG(("SpdySession::AddStream failed\n")); + mTransaction->Close(NS_ERROR_ABORT); + return; + } + } + } + } + + // Disable TCP Keepalives - use SPDY ping instead. + rv = DisableTCPKeepalives(); + if (NS_WARN_IF(NS_FAILED(rv))) { + LOG(("nsHttpConnection::StartSpdy [%p] DisableTCPKeepalives failed " + "rv[0x%x]", this, rv)); + } + + mSupportsPipelining = false; // dont use http/1 pipelines with spdy + mTransaction = mSpdySession; + mIdleTimeout = gHttpHandler->SpdyTimeout(); +} + +bool +nsHttpConnection::EnsureNPNComplete() +{ + // If for some reason the components to check on NPN aren't available, + // this function will just return true to continue on and disable SPDY + + MOZ_ASSERT(mSocketTransport); + if (!mSocketTransport) { + // this cannot happen + mNPNComplete = true; + return true; + } + + if (mNPNComplete) + return true; + + nsresult rv; + + nsCOMPtr securityInfo; + nsCOMPtr ssl; + nsAutoCString negotiatedNPN; + + rv = mSocketTransport->GetSecurityInfo(getter_AddRefs(securityInfo)); + if (NS_FAILED(rv)) + goto npnComplete; + + ssl = do_QueryInterface(securityInfo, &rv); + if (NS_FAILED(rv)) + goto npnComplete; + + rv = ssl->GetNegotiatedNPN(negotiatedNPN); + if (rv == NS_ERROR_NOT_CONNECTED) { + + // By writing 0 bytes to the socket the SSL handshake machine is + // pushed forward. + uint32_t count = 0; + rv = mSocketOut->Write("", 0, &count); + + if (NS_FAILED(rv) && rv != NS_BASE_STREAM_WOULD_BLOCK) + goto npnComplete; + return false; + } + + if (NS_FAILED(rv)) + goto npnComplete; + + LOG(("nsHttpConnection::EnsureNPNComplete %p [%s] negotiated to '%s'\n", + this, mConnInfo->Host(), negotiatedNPN.get())); + + uint8_t spdyVersion; + rv = gHttpHandler->SpdyInfo()->GetNPNVersionIndex(negotiatedNPN, + &spdyVersion); + if (NS_SUCCEEDED(rv)) + StartSpdy(spdyVersion); + + Telemetry::Accumulate(Telemetry::SPDY_NPN_CONNECT, UsingSpdy()); + +npnComplete: + LOG(("nsHttpConnection::EnsureNPNComplete setting complete to true")); + mNPNComplete = true; + return true; +} + +// called on the socket thread +nsresult +nsHttpConnection::Activate(nsAHttpTransaction *trans, uint32_t caps, int32_t pri) +{ + MOZ_ASSERT(PR_GetCurrentThread() == gSocketThread); + LOG(("nsHttpConnection::Activate [this=%p trans=%x caps=%x]\n", + this, trans, caps)); + + if (!trans->IsNullTransaction()) + mExperienced = true; + + mTransactionCaps = caps; + mPriority = pri; + if (mTransaction && mUsingSpdyVersion) + return AddTransaction(trans, pri); + + NS_ENSURE_ARG_POINTER(trans); + NS_ENSURE_TRUE(!mTransaction, NS_ERROR_IN_PROGRESS); + + // reset the read timers to wash away any idle time + mLastWriteTime = mLastReadTime = PR_IntervalNow(); + + // Update security callbacks + nsCOMPtr callbacks; + trans->GetSecurityCallbacks(getter_AddRefs(callbacks)); + SetSecurityCallbacks(callbacks); + + SetupSSL(caps); + + // take ownership of the transaction + mTransaction = trans; + + MOZ_ASSERT(!mIdleMonitoring, "Activating a connection with an Idle Monitor"); + mIdleMonitoring = false; + + // set mKeepAlive according to what will be requested + mKeepAliveMask = mKeepAlive = (caps & NS_HTTP_ALLOW_KEEPALIVE); + + // need to handle HTTP CONNECT tunnels if this is the first time if + // we are tunneling through a proxy + nsresult rv = NS_OK; + if (mConnInfo->UsingConnect() && !mCompletedProxyConnect) { + rv = SetupProxyConnect(); + if (NS_FAILED(rv)) + goto failed_activation; + mProxyConnectInProgress = true; + } + + // Clear the per activation counter + mCurrentBytesRead = 0; + + // The overflow state is not needed between activations + mInputOverflow = nullptr; + + mResponseTimeoutEnabled = gHttpHandler->ResponseTimeoutEnabled() && + mTransaction->ResponseTimeout() > 0 && + mTransaction->ResponseTimeoutEnabled(); + + rv = StartShortLivedTCPKeepalives(); + if (NS_WARN_IF(NS_FAILED(rv))) { + LOG(("nsHttpConnection::Activate [%p] " + "StartShortLivedTCPKeepalives failed rv[0x%x]", + this, rv)); + } + + rv = OnOutputStreamReady(mSocketOut); + +failed_activation: + if (NS_FAILED(rv)) { + mTransaction = nullptr; + } + + return rv; +} + +void +nsHttpConnection::SetupSSL(uint32_t caps) +{ + LOG(("nsHttpConnection::SetupSSL %p caps=0x%X\n", this, caps)); + + if (mSetupSSLCalled) // do only once + return; + mSetupSSLCalled = true; + + if (mNPNComplete) + return; + + // we flip this back to false if SetNPNList succeeds at the end + // of this function + mNPNComplete = true; + + if (!mConnInfo->UsingSSL()) + return; + + LOG(("nsHttpConnection::SetupSSL Setting up " + "Next Protocol Negotiation")); + nsCOMPtr securityInfo; + nsresult rv = + mSocketTransport->GetSecurityInfo(getter_AddRefs(securityInfo)); + if (NS_FAILED(rv)) + return; + + nsCOMPtr ssl = do_QueryInterface(securityInfo, &rv); + if (NS_FAILED(rv)) + return; + + if (caps & NS_HTTP_ALLOW_RSA_FALSESTART) { + LOG(("nsHttpConnection::SetupSSL %p " + ">= RSA Key Exchange Expected\n", this)); + ssl->SetKEAExpected(ssl_kea_rsa); + } + + nsTArray protocolArray; + + // The first protocol is used as the fallback if none of the + // protocols supported overlap with the server's list. + // In the case of overlap, matching priority is driven by + // the order of the server's advertisement. + protocolArray.AppendElement(NS_LITERAL_CSTRING("http/1.1")); + + if (gHttpHandler->IsSpdyEnabled() && + !(caps & NS_HTTP_DISALLOW_SPDY)) { + LOG(("nsHttpConnection::SetupSSL Allow SPDY NPN selection")); + for (uint32_t index = 0; index < SpdyInformation::kCount; ++index) { + if (gHttpHandler->SpdyInfo()->ProtocolEnabled(index)) + protocolArray.AppendElement( + gHttpHandler->SpdyInfo()->VersionString[index]); + } + } + + if (NS_SUCCEEDED(ssl->SetNPNList(protocolArray))) { + LOG(("nsHttpConnection::Init Setting up SPDY Negotiation OK")); + mNPNComplete = false; + } +} + +nsresult +nsHttpConnection::AddTransaction(nsAHttpTransaction *httpTransaction, + int32_t priority) +{ + LOG(("nsHttpConnection::AddTransaction for SPDY")); + + MOZ_ASSERT(PR_GetCurrentThread() == gSocketThread); + MOZ_ASSERT(mSpdySession && mUsingSpdyVersion, + "AddTransaction to live http connection without spdy"); + MOZ_ASSERT(mTransaction, + "AddTransaction to idle http connection"); + + if (!mSpdySession->AddStream(httpTransaction, priority)) { + MOZ_ASSERT(false, "AddStream should never fail due to" + "RoomForMore() admission check"); + return NS_ERROR_FAILURE; + } + + ResumeSend(); + + return NS_OK; +} + +void +nsHttpConnection::Close(nsresult reason) +{ + LOG(("nsHttpConnection::Close [this=%p reason=%x]\n", this, reason)); + + MOZ_ASSERT(PR_GetCurrentThread() == gSocketThread); + + // Ensure TCP keepalive timer is stopped. + if (mTCPKeepaliveTransitionTimer) { + mTCPKeepaliveTransitionTimer->Cancel(); + mTCPKeepaliveTransitionTimer = nullptr; + } + + if (NS_FAILED(reason)) { + if (mIdleMonitoring) + EndIdleMonitoring(); + + if (mSocketTransport) { + mSocketTransport->SetEventSink(nullptr, nullptr); + + // If there are bytes sitting in the input queue then read them + // into a junk buffer to avoid generating a tcp rst by closing a + // socket with data pending. TLS is a classic case of this where + // a Alert record might be superfulous to a clean HTTP/SPDY shutdown. + // Never block to do this and limit it to a small amount of data. + if (mSocketIn) { + char buffer[4000]; + uint32_t count, total = 0; + nsresult rv; + do { + rv = mSocketIn->Read(buffer, 4000, &count); + if (NS_SUCCEEDED(rv)) + total += count; + } + while (NS_SUCCEEDED(rv) && count > 0 && total < 64000); + LOG(("nsHttpConnection::Close drained %d bytes\n", total)); + } + + mSocketTransport->SetSecurityCallbacks(nullptr); + mSocketTransport->Close(reason); + if (mSocketOut) + mSocketOut->AsyncWait(nullptr, 0, 0, nullptr); + } + mKeepAlive = false; + } +} + +// called on the socket thread +nsresult +nsHttpConnection::ProxyStartSSL() +{ + LOG(("nsHttpConnection::ProxyStartSSL [this=%p]\n", this)); + MOZ_ASSERT(PR_GetCurrentThread() == gSocketThread); + + nsCOMPtr securityInfo; + nsresult rv = mSocketTransport->GetSecurityInfo(getter_AddRefs(securityInfo)); + if (NS_FAILED(rv)) return rv; + + nsCOMPtr ssl = do_QueryInterface(securityInfo, &rv); + if (NS_FAILED(rv)) return rv; + + return ssl->ProxyStartSSL(); +} + +void +nsHttpConnection::DontReuse() +{ + mKeepAliveMask = false; + mKeepAlive = false; + mDontReuse = true; + mIdleTimeout = 0; + if (mSpdySession) + mSpdySession->DontReuse(); +} + +// Checked by the Connection Manager before scheduling a pipelined transaction +bool +nsHttpConnection::SupportsPipelining() +{ + if (mTransaction && + mTransaction->PipelineDepth() >= mRemainingConnectionUses) { + LOG(("nsHttpConnection::SupportsPipelining this=%p deny pipeline " + "because current depth %d exceeds max remaining uses %d\n", + this, mTransaction->PipelineDepth(), mRemainingConnectionUses)); + return false; + } + return mSupportsPipelining && IsKeepAlive() && !mDontReuse; +} + +bool +nsHttpConnection::CanReuse() +{ + if (mDontReuse) + return false; + + if ((mTransaction ? mTransaction->PipelineDepth() : 0) >= + mRemainingConnectionUses) { + return false; + } + + bool canReuse; + + if (mSpdySession) + canReuse = mSpdySession->CanReuse(); + else + canReuse = IsKeepAlive(); + + canReuse = canReuse && (IdleTime() < mIdleTimeout) && IsAlive(); + + // An idle persistent connection should not have data waiting to be read + // before a request is sent. Data here is likely a 408 timeout response + // which we would deal with later on through the restart logic, but that + // path is more expensive than just closing the socket now. + + uint64_t dataSize; + if (canReuse && mSocketIn && !mUsingSpdyVersion && mHttp1xTransactionCount && + NS_SUCCEEDED(mSocketIn->Available(&dataSize)) && dataSize) { + LOG(("nsHttpConnection::CanReuse %p %s" + "Socket not reusable because read data pending (%llu) on it.\n", + this, mConnInfo->Host(), dataSize)); + canReuse = false; + } + return canReuse; +} + +bool +nsHttpConnection::CanDirectlyActivate() +{ + // return true if a new transaction can be addded to ths connection at any + // time through Activate(). In practice this means this is a healthy SPDY + // connection with room for more concurrent streams. + + return UsingSpdy() && CanReuse() && + mSpdySession && mSpdySession->RoomForMoreStreams(); +} + +PRIntervalTime +nsHttpConnection::IdleTime() +{ + return mSpdySession ? + mSpdySession->IdleTime() : (PR_IntervalNow() - mLastReadTime); +} + +// returns the number of seconds left before the allowable idle period +// expires, or 0 if the period has already expied. +uint32_t +nsHttpConnection::TimeToLive() +{ + if (IdleTime() >= mIdleTimeout) + return 0; + uint32_t timeToLive = PR_IntervalToSeconds(mIdleTimeout - IdleTime()); + + // a positive amount of time can be rounded to 0. Because 0 is used + // as the expiration signal, round all values from 0 to 1 up to 1. + if (!timeToLive) + timeToLive = 1; + return timeToLive; +} + +bool +nsHttpConnection::IsAlive() +{ + if (!mSocketTransport) + return false; + + // SocketTransport::IsAlive can run the SSL state machine, so make sure + // the NPN options are set before that happens. + SetupSSL(mTransactionCaps); + + bool alive; + nsresult rv = mSocketTransport->IsAlive(&alive); + if (NS_FAILED(rv)) + alive = false; + +//#define TEST_RESTART_LOGIC +#ifdef TEST_RESTART_LOGIC + if (!alive) { + LOG(("pretending socket is still alive to test restart logic\n")); + alive = true; + } +#endif + + return alive; +} + +bool +nsHttpConnection::SupportsPipelining(nsHttpResponseHead *responseHead) +{ + // SPDY supports infinite parallelism, so no need to pipeline. + if (mUsingSpdyVersion) + return false; + + // assuming connection is HTTP/1.1 with keep-alive enabled + if (mConnInfo->UsingHttpProxy() && !mConnInfo->UsingConnect()) { + // XXX check for bad proxy servers... + return true; + } + + // check for bad origin servers + const char *val = responseHead->PeekHeader(nsHttp::Server); + + // If there is no server header we will assume it should not be banned + // as facebook and some other prominent sites do this + if (!val) + return true; + + // The blacklist is indexed by the first character. All of these servers are + // known to return their identifier as the first thing in the server string, + // so we can do a leading match. + + static const char *bad_servers[26][6] = { + { nullptr }, { nullptr }, { nullptr }, { nullptr }, // a - d + { "EFAServer/", nullptr }, // e + { nullptr }, { nullptr }, { nullptr }, { nullptr }, // f - i + { nullptr }, { nullptr }, { nullptr }, // j - l + { "Microsoft-IIS/4.", "Microsoft-IIS/5.", nullptr }, // m + { "Netscape-Enterprise/3.", "Netscape-Enterprise/4.", + "Netscape-Enterprise/5.", "Netscape-Enterprise/6.", nullptr }, // n + { nullptr }, { nullptr }, { nullptr }, { nullptr }, // o - r + { nullptr }, { nullptr }, { nullptr }, { nullptr }, // s - v + { "WebLogic 3.", "WebLogic 4.","WebLogic 5.", "WebLogic 6.", + "Winstone Servlet Engine v0.", nullptr }, // w + { nullptr }, { nullptr }, { nullptr } // x - z + }; + + int index = val[0] - 'A'; // the whole table begins with capital letters + if ((index >= 0) && (index <= 25)) + { + for (int i = 0; bad_servers[index][i] != nullptr; i++) { + if (!PL_strncmp (val, bad_servers[index][i], strlen (bad_servers[index][i]))) { + LOG(("looks like this server does not support pipelining")); + gHttpHandler->ConnMgr()->PipelineFeedbackInfo( + mConnInfo, nsHttpConnectionMgr::RedBannedServer, this , 0); + return false; + } + } + } + + // ok, let's allow pipelining to this server + return true; +} + +//---------------------------------------------------------------------------- +// nsHttpConnection::nsAHttpConnection compatible methods +//---------------------------------------------------------------------------- + +nsresult +nsHttpConnection::OnHeadersAvailable(nsAHttpTransaction *trans, + nsHttpRequestHead *requestHead, + nsHttpResponseHead *responseHead, + bool *reset) +{ + LOG(("nsHttpConnection::OnHeadersAvailable [this=%p trans=%p response-head=%p]\n", + this, trans, responseHead)); + + MOZ_ASSERT(PR_GetCurrentThread() == gSocketThread); + NS_ENSURE_ARG_POINTER(trans); + MOZ_ASSERT(responseHead, "No response head?"); + + // we won't change our keep-alive policy unless the server has explicitly + // told us to do so. + + // inspect the connection headers for keep-alive info provided the + // transaction completed successfully. In the case of a non-sensical close + // and keep-alive favor the close out of conservatism. + + bool explicitKeepAlive = false; + bool explicitClose = responseHead->HasHeaderValue(nsHttp::Connection, "close") || + responseHead->HasHeaderValue(nsHttp::Proxy_Connection, "close"); + if (!explicitClose) + explicitKeepAlive = responseHead->HasHeaderValue(nsHttp::Connection, "keep-alive") || + responseHead->HasHeaderValue(nsHttp::Proxy_Connection, "keep-alive"); + + // deal with 408 Server Timeouts + uint16_t responseStatus = responseHead->Status(); + static const PRIntervalTime k1000ms = PR_MillisecondsToInterval(1000); + if (responseStatus == 408) { + // If this error could be due to a persistent connection reuse then + // we pass an error code of NS_ERROR_NET_RESET to + // trigger the transaction 'restart' mechanism. We tell it to reset its + // response headers so that it will be ready to receive the new response. + if (mIsReused && ((PR_IntervalNow() - mLastWriteTime) < k1000ms)) { + Close(NS_ERROR_NET_RESET); + *reset = true; + return NS_OK; + } + + // timeouts that are not caused by persistent connection reuse should + // not be retried for browser compatibility reasons. bug 907800. The + // server driven close is implicit in the 408. + explicitClose = true; + explicitKeepAlive = false; + } + + // reset to default (the server may have changed since we last checked) + mSupportsPipelining = false; + + if ((responseHead->Version() < NS_HTTP_VERSION_1_1) || + (requestHead->Version() < NS_HTTP_VERSION_1_1)) { + // HTTP/1.0 connections are by default NOT persistent + if (explicitKeepAlive) + mKeepAlive = true; + else + mKeepAlive = false; + + // We need at least version 1.1 to use pipelines + gHttpHandler->ConnMgr()->PipelineFeedbackInfo( + mConnInfo, nsHttpConnectionMgr::RedVersionTooLow, this, 0); + } + else { + // HTTP/1.1 connections are by default persistent + if (explicitClose) { + mKeepAlive = false; + + // persistent connections are required for pipelining to work - if + // this close was not pre-announced then generate the negative + // BadExplicitClose feedback + if (mRemainingConnectionUses > 1) + gHttpHandler->ConnMgr()->PipelineFeedbackInfo( + mConnInfo, nsHttpConnectionMgr::BadExplicitClose, this, 0); + } + else { + mKeepAlive = true; + + // Do not support pipelining when we are establishing + // an SSL tunnel though an HTTP proxy. Pipelining support + // determination must be based on comunication with the + // target server in this case. See bug 422016 for futher + // details. + if (!mProxyConnectStream) + mSupportsPipelining = SupportsPipelining(responseHead); + } + } + mKeepAliveMask = mKeepAlive; + + // Update the pipelining status in the connection info object + // and also read it back. It is possible the ci status is + // locked to false if pipelining has been banned on this ci due to + // some kind of observed flaky behavior + if (mSupportsPipelining) { + // report the pipelining-compatible header to the connection manager + // as positive feedback. This will undo 1 penalty point the host + // may have accumulated in the past. + + gHttpHandler->ConnMgr()->PipelineFeedbackInfo( + mConnInfo, nsHttpConnectionMgr::NeutralExpectedOK, this, 0); + + mSupportsPipelining = + gHttpHandler->ConnMgr()->SupportsPipelining(mConnInfo); + } + + // If this connection is reserved for revalidations and we are + // receiving a document that failed revalidation then switch the + // classification to general to avoid pipelining more revalidations behind + // it. + if (mClassification == nsAHttpTransaction::CLASS_REVALIDATION && + responseStatus != 304) { + mClassification = nsAHttpTransaction::CLASS_GENERAL; + } + + // if this connection is persistent, then the server may send a "Keep-Alive" + // header specifying the maximum number of times the connection can be + // reused as well as the maximum amount of time the connection can be idle + // before the server will close it. we ignore the max reuse count, because + // a "keep-alive" connection is by definition capable of being reused, and + // we only care about being able to reuse it once. if a timeout is not + // specified then we use our advertized timeout value. + bool foundKeepAliveMax = false; + if (mKeepAlive) { + const char *val = responseHead->PeekHeader(nsHttp::Keep_Alive); + + if (!mUsingSpdyVersion) { + const char *cp = PL_strcasestr(val, "timeout="); + if (cp) + mIdleTimeout = PR_SecondsToInterval((uint32_t) atoi(cp + 8)); + else + mIdleTimeout = gHttpHandler->IdleTimeout(); + + cp = PL_strcasestr(val, "max="); + if (cp) { + int val = atoi(cp + 4); + if (val > 0) { + foundKeepAliveMax = true; + mRemainingConnectionUses = static_cast(val); + } + } + } + else { + mIdleTimeout = gHttpHandler->SpdyTimeout(); + } + + LOG(("Connection can be reused [this=%p idle-timeout=%usec]\n", + this, PR_IntervalToSeconds(mIdleTimeout))); + } + + if (!foundKeepAliveMax && mRemainingConnectionUses && !mUsingSpdyVersion) + --mRemainingConnectionUses; + + // If we're doing a proxy connect, we need to check whether or not + // it was successful. If so, we have to reset the transaction and step-up + // the socket connection if using SSL. Finally, we have to wake up the + // socket write request. + if (mProxyConnectStream) { + MOZ_ASSERT(!mUsingSpdyVersion, + "SPDY NPN Complete while using proxy connect stream"); + mProxyConnectStream = 0; + if (responseStatus == 200) { + LOG(("proxy CONNECT succeeded! ssl=%s\n", + mConnInfo->UsingSSL() ? "true" :"false")); + *reset = true; + nsresult rv; + if (mConnInfo->UsingSSL()) { + rv = ProxyStartSSL(); + if (NS_FAILED(rv)) // XXX need to handle this for real + LOG(("ProxyStartSSL failed [rv=%x]\n", rv)); + } + mCompletedProxyConnect = true; + mProxyConnectInProgress = false; + rv = mSocketOut->AsyncWait(this, 0, 0, nullptr); + // XXX what if this fails -- need to handle this error + MOZ_ASSERT(NS_SUCCEEDED(rv), "mSocketOut->AsyncWait failed"); + } + else { + LOG(("proxy CONNECT failed! ssl=%s\n", + mConnInfo->UsingSSL() ? "true" :"false")); + mTransaction->SetProxyConnectFailed(); + } + } + + const char *upgradeReq = requestHead->PeekHeader(nsHttp::Upgrade); + // Don't use persistent connection for Upgrade unless there's an auth failure: + // some proxies expect to see auth response on persistent connection. + if (upgradeReq && responseStatus != 401 && responseStatus != 407) { + LOG(("HTTP Upgrade in play - disable keepalive\n")); + DontReuse(); + } + + if (responseStatus == 101) { + const char *upgradeResp = responseHead->PeekHeader(nsHttp::Upgrade); + if (!upgradeReq || !upgradeResp || + !nsHttp::FindToken(upgradeResp, upgradeReq, + HTTP_HEADER_VALUE_SEPS)) { + LOG(("HTTP 101 Upgrade header mismatch req = %s, resp = %s\n", + upgradeReq, upgradeResp)); + Close(NS_ERROR_ABORT); + } + else { + LOG(("HTTP Upgrade Response to %s\n", upgradeResp)); + } + } + + mLastHttpResponseVersion = responseHead->Version(); + + return NS_OK; +} + +bool +nsHttpConnection::IsReused() +{ + if (mIsReused) + return true; + if (!mConsiderReusedAfterInterval) + return false; + + // ReusedAfter allows a socket to be consider reused only after a certain + // interval of time has passed + return (PR_IntervalNow() - mConsiderReusedAfterEpoch) >= + mConsiderReusedAfterInterval; +} + +void +nsHttpConnection::SetIsReusedAfter(uint32_t afterMilliseconds) +{ + mConsiderReusedAfterEpoch = PR_IntervalNow(); + mConsiderReusedAfterInterval = PR_MillisecondsToInterval(afterMilliseconds); +} + +nsresult +nsHttpConnection::TakeTransport(nsISocketTransport **aTransport, + nsIAsyncInputStream **aInputStream, + nsIAsyncOutputStream **aOutputStream) +{ + if (mUsingSpdyVersion) + return NS_ERROR_FAILURE; + if (mTransaction && !mTransaction->IsDone()) + return NS_ERROR_IN_PROGRESS; + if (!(mSocketTransport && mSocketIn && mSocketOut)) + return NS_ERROR_NOT_INITIALIZED; + + if (mInputOverflow) + mSocketIn = mInputOverflow.forget(); + + // Change TCP Keepalive frequency to long-lived if currently short-lived. + if (mTCPKeepaliveConfig == kTCPKeepaliveShortLivedConfig) { + if (mTCPKeepaliveTransitionTimer) { + mTCPKeepaliveTransitionTimer->Cancel(); + mTCPKeepaliveTransitionTimer = nullptr; + } + nsresult rv = StartLongLivedTCPKeepalives(); + LOG(("nsHttpConnection::TakeTransport [%p] calling " + "StartLongLivedTCPKeepalives", this)); + if (NS_WARN_IF(NS_FAILED(rv))) { + LOG(("nsHttpConnection::TakeTransport [%p] " + "StartLongLivedTCPKeepalives failed rv[0x%x]", this, rv)); + } + } + + NS_IF_ADDREF(*aTransport = mSocketTransport); + NS_IF_ADDREF(*aInputStream = mSocketIn); + NS_IF_ADDREF(*aOutputStream = mSocketOut); + + mSocketTransport->SetSecurityCallbacks(nullptr); + mSocketTransport->SetEventSink(nullptr, nullptr); + mSocketTransport = nullptr; + mSocketIn = nullptr; + mSocketOut = nullptr; + + return NS_OK; +} + +uint32_t +nsHttpConnection::ReadTimeoutTick(PRIntervalTime now) +{ + MOZ_ASSERT(PR_GetCurrentThread() == gSocketThread); + + // make sure timer didn't tick before Activate() + if (!mTransaction) + return UINT32_MAX; + + // Spdy implements some timeout handling using the SPDY ping frame. + if (mSpdySession) { + return mSpdySession->ReadTimeoutTick(now); + } + + uint32_t nextTickAfter = UINT32_MAX; + // Timeout if the response is taking too long to arrive. + if (mResponseTimeoutEnabled) { + NS_WARN_IF_FALSE(gHttpHandler->ResponseTimeoutEnabled(), + "Timing out a response, but response timeout is disabled!"); + + PRIntervalTime initialResponseDelta = now - mLastWriteTime; + + if (initialResponseDelta > mTransaction->ResponseTimeout()) { + LOG(("canceling transaction: no response for %ums: timeout is %dms\n", + PR_IntervalToMilliseconds(initialResponseDelta), + PR_IntervalToMilliseconds(mTransaction->ResponseTimeout()))); + + mResponseTimeoutEnabled = false; + + // This will also close the connection + CloseTransaction(mTransaction, NS_ERROR_NET_TIMEOUT); + return UINT32_MAX; + } + nextTickAfter = PR_IntervalToSeconds(mTransaction->ResponseTimeout()) - + PR_IntervalToSeconds(initialResponseDelta); + nextTickAfter = std::max(nextTickAfter, 1U); + } + + if (!gHttpHandler->GetPipelineRescheduleOnTimeout()) + return nextTickAfter; + + PRIntervalTime delta = now - mLastReadTime; + + // we replicate some of the checks both here and in OnSocketReadable() as + // they will be discovered under different conditions. The ones here + // will generally be discovered if we are totally hung and OSR does + // not get called at all, however OSR discovers them with lower latency + // if the issue is just very slow (but not stalled) reading. + // + // Right now we only take action if pipelining is involved, but this would + // be the place to add general read timeout handling if it is desired. + + uint32_t pipelineDepth = mTransaction->PipelineDepth(); + if (pipelineDepth > 1) { + // if we have pipelines outstanding (not just an idle connection) + // then get a fairly quick tick + nextTickAfter = 1; + } + + if (delta >= gHttpHandler->GetPipelineRescheduleTimeout() && + pipelineDepth > 1) { + + // this just reschedules blocked transactions. no transaction + // is aborted completely. + LOG(("cancelling pipeline due to a %ums stall - depth %d\n", + PR_IntervalToMilliseconds(delta), pipelineDepth)); + + nsHttpPipeline *pipeline = mTransaction->QueryPipeline(); + MOZ_ASSERT(pipeline, "pipelinedepth > 1 without pipeline"); + // code this defensively for the moment and check for null in opt build + // This will reschedule blocked members of the pipeline, but the + // blocking transaction (i.e. response 0) will not be changed. + if (pipeline) { + pipeline->CancelPipeline(NS_ERROR_NET_TIMEOUT); + LOG(("Rescheduling the head of line blocked members of a pipeline " + "because reschedule-timeout idle interval exceeded")); + } + } + + if (delta < gHttpHandler->GetPipelineTimeout()) + return nextTickAfter; + + if (pipelineDepth <= 1 && !mTransaction->PipelinePosition()) + return nextTickAfter; + + // nothing has transpired on this pipelined socket for many + // seconds. Call that a total stall and close the transaction. + // There is a chance the transaction will be restarted again + // depending on its state.. that will come back araound + // without pipelining on, so this won't loop. + + LOG(("canceling transaction stalled for %ums on a pipeline " + "of depth %d and scheduled originally at pos %d\n", + PR_IntervalToMilliseconds(delta), + pipelineDepth, mTransaction->PipelinePosition())); + + // This will also close the connection + CloseTransaction(mTransaction, NS_ERROR_NET_TIMEOUT); + return UINT32_MAX; +} + +void +nsHttpConnection::UpdateTCPKeepalive(nsITimer *aTimer, void *aClosure) +{ + MOZ_ASSERT(aTimer); + MOZ_ASSERT(aClosure); + + nsHttpConnection *self = static_cast(aClosure); + + if (NS_WARN_IF(self->mUsingSpdyVersion)) { + return; + } + + // Do not reduce keepalive probe frequency for idle connections. + if (self->mIdleMonitoring) { + return; + } + + nsresult rv = self->StartLongLivedTCPKeepalives(); + if (NS_WARN_IF(NS_FAILED(rv))) { + LOG(("nsHttpConnection::UpdateTCPKeepalive [%p] " + "StartLongLivedTCPKeepalives failed rv[0x%x]", + self, rv)); + } +} + +void +nsHttpConnection::GetSecurityInfo(nsISupports **secinfo) +{ + MOZ_ASSERT(PR_GetCurrentThread() == gSocketThread); + + if (mSocketTransport) { + if (NS_FAILED(mSocketTransport->GetSecurityInfo(secinfo))) + *secinfo = nullptr; + } +} + +void +nsHttpConnection::SetSecurityCallbacks(nsIInterfaceRequestor* aCallbacks) +{ + MutexAutoLock lock(mCallbacksLock); + // This is called both on and off the main thread. For JS-implemented + // callbacks, we requires that the call happen on the main thread, but + // for C++-implemented callbacks we don't care. Use a pointer holder with + // strict checking disabled. + mCallbacks = new nsMainThreadPtrHolder(aCallbacks, false); +} + +nsresult +nsHttpConnection::PushBack(const char *data, uint32_t length) +{ + LOG(("nsHttpConnection::PushBack [this=%p, length=%d]\n", this, length)); + + if (mInputOverflow) { + NS_ERROR("nsHttpConnection::PushBack only one buffer supported"); + return NS_ERROR_UNEXPECTED; + } + + mInputOverflow = new nsPreloadedStream(mSocketIn, data, length); + return NS_OK; +} + +nsresult +nsHttpConnection::ResumeSend() +{ + LOG(("nsHttpConnection::ResumeSend [this=%p]\n", this)); + + MOZ_ASSERT(PR_GetCurrentThread() == gSocketThread); + + if (mSocketOut) + return mSocketOut->AsyncWait(this, 0, 0, nullptr); + + NS_NOTREACHED("no socket output stream"); + return NS_ERROR_UNEXPECTED; +} + +nsresult +nsHttpConnection::ResumeRecv() +{ + LOG(("nsHttpConnection::ResumeRecv [this=%p]\n", this)); + + MOZ_ASSERT(PR_GetCurrentThread() == gSocketThread); + + // the mLastReadTime timestamp is used for finding slowish readers + // and can be pretty sensitive. For that reason we actually reset it + // when we ask to read (resume recv()) so that when we get called back + // with actual read data in OnSocketReadable() we are only measuring + // the latency between those two acts and not all the processing that + // may get done before the ResumeRecv() call + mLastReadTime = PR_IntervalNow(); + + if (mSocketIn) + return mSocketIn->AsyncWait(this, 0, 0, nullptr); + + NS_NOTREACHED("no socket input stream"); + return NS_ERROR_UNEXPECTED; +} + + +class nsHttpConnectionForceRecv : public nsRunnable +{ +public: + nsHttpConnectionForceRecv(nsHttpConnection *aConn) + : mConn(aConn) {} + + NS_IMETHOD Run() + { + MOZ_ASSERT(PR_GetCurrentThread() == gSocketThread); + + if (!mConn->mSocketIn) + return NS_OK; + return mConn->OnInputStreamReady(mConn->mSocketIn); + } +private: + nsRefPtr mConn; +}; + +// trigger an asynchronous read +nsresult +nsHttpConnection::ForceRecv() +{ + LOG(("nsHttpConnection::ForceRecv [this=%p]\n", this)); + MOZ_ASSERT(PR_GetCurrentThread() == gSocketThread); + + return NS_DispatchToCurrentThread(new nsHttpConnectionForceRecv(this)); +} + +void +nsHttpConnection::BeginIdleMonitoring() +{ + LOG(("nsHttpConnection::BeginIdleMonitoring [this=%p]\n", this)); + MOZ_ASSERT(PR_GetCurrentThread() == gSocketThread); + MOZ_ASSERT(!mTransaction, "BeginIdleMonitoring() while active"); + MOZ_ASSERT(!mUsingSpdyVersion, "Idle monitoring of spdy not allowed"); + + LOG(("Entering Idle Monitoring Mode [this=%p]", this)); + mIdleMonitoring = true; + if (mSocketIn) + mSocketIn->AsyncWait(this, 0, 0, nullptr); +} + +void +nsHttpConnection::EndIdleMonitoring() +{ + LOG(("nsHttpConnection::EndIdleMonitoring [this=%p]\n", this)); + MOZ_ASSERT(PR_GetCurrentThread() == gSocketThread); + MOZ_ASSERT(!mTransaction, "EndIdleMonitoring() while active"); + + if (mIdleMonitoring) { + LOG(("Leaving Idle Monitoring Mode [this=%p]", this)); + mIdleMonitoring = false; + if (mSocketIn) + mSocketIn->AsyncWait(nullptr, 0, 0, nullptr); + } +} + +//----------------------------------------------------------------------------- +// nsHttpConnection +//----------------------------------------------------------------------------- + +void +nsHttpConnection::CloseTransaction(nsAHttpTransaction *trans, nsresult reason) +{ + LOG(("nsHttpConnection::CloseTransaction[this=%p trans=%x reason=%x]\n", + this, trans, reason)); + + MOZ_ASSERT(trans == mTransaction, "wrong transaction"); + MOZ_ASSERT(PR_GetCurrentThread() == gSocketThread); + + if (mCurrentBytesRead > mMaxBytesRead) + mMaxBytesRead = mCurrentBytesRead; + + // mask this error code because its not a real error. + if (reason == NS_BASE_STREAM_CLOSED) + reason = NS_OK; + + if (mUsingSpdyVersion) { + DontReuse(); + // if !mSpdySession then mUsingSpdyVersion must be false for canreuse() + mUsingSpdyVersion = 0; + mSpdySession = nullptr; + } + + if (mTransaction) { + mHttp1xTransactionCount += mTransaction->Http1xTransactionCount(); + + mTransaction->Close(reason); + mTransaction = nullptr; + } + + { + MutexAutoLock lock(mCallbacksLock); + mCallbacks = nullptr; + } + + if (NS_FAILED(reason)) + Close(reason); + + // flag the connection as reused here for convenience sake. certainly + // it might be going away instead ;-) + mIsReused = true; +} + +NS_METHOD +nsHttpConnection::ReadFromStream(nsIInputStream *input, + void *closure, + const char *buf, + uint32_t offset, + uint32_t count, + uint32_t *countRead) +{ + // thunk for nsIInputStream instance + nsHttpConnection *conn = (nsHttpConnection *) closure; + return conn->OnReadSegment(buf, count, countRead); +} + +nsresult +nsHttpConnection::OnReadSegment(const char *buf, + uint32_t count, + uint32_t *countRead) +{ + if (count == 0) { + // some ReadSegments implementations will erroneously call the writer + // to consume 0 bytes worth of data. we must protect against this case + // or else we'd end up closing the socket prematurely. + NS_ERROR("bad ReadSegments implementation"); + return NS_ERROR_FAILURE; // stop iterating + } + + nsresult rv = mSocketOut->Write(buf, count, countRead); + if (NS_FAILED(rv)) + mSocketOutCondition = rv; + else if (*countRead == 0) + mSocketOutCondition = NS_BASE_STREAM_CLOSED; + else { + mLastWriteTime = PR_IntervalNow(); + mSocketOutCondition = NS_OK; // reset condition + if (!mProxyConnectInProgress) + mTotalBytesWritten += *countRead; + } + + return mSocketOutCondition; +} + +nsresult +nsHttpConnection::OnSocketWritable() +{ + LOG(("nsHttpConnection::OnSocketWritable [this=%p] host=%s\n", + this, mConnInfo->Host())); + + nsresult rv; + uint32_t n; + bool again = true; + + do { + mSocketOutCondition = NS_OK; + + // If we're doing a proxy connect, then we need to bypass calling into + // the transaction. + // + // NOTE: this code path can't be shared since the transaction doesn't + // implement nsIInputStream. doing so is not worth the added cost of + // extra indirections during normal reading. + // + if (mProxyConnectStream) { + LOG((" writing CONNECT request stream\n")); + rv = mProxyConnectStream->ReadSegments(ReadFromStream, this, + nsIOService::gDefaultSegmentSize, + &n); + } + else if (!EnsureNPNComplete()) { + // When SPDY is disabled this branch is not executed because Activate() + // sets mNPNComplete to true in that case. + + // We are ready to proceed with SSL but the handshake is not done. + // When using NPN to negotiate between HTTPS and SPDY, we need to + // see the results of the handshake to know what bytes to send, so + // we cannot proceed with the request headers. + + rv = NS_OK; + mSocketOutCondition = NS_BASE_STREAM_WOULD_BLOCK; + n = 0; + } + else { + if (!mReportedSpdy) { + mReportedSpdy = true; + gHttpHandler->ConnMgr()->ReportSpdyConnection(this, mEverUsedSpdy); + } + + LOG((" writing transaction request stream\n")); + mProxyConnectInProgress = false; + rv = mTransaction->ReadSegments(this, nsIOService::gDefaultSegmentSize, &n); + } + + LOG((" ReadSegments returned [rv=%x read=%u sock-cond=%x]\n", + rv, n, mSocketOutCondition)); + + // XXX some streams return NS_BASE_STREAM_CLOSED to indicate EOF. + if (rv == NS_BASE_STREAM_CLOSED && !mTransaction->IsDone()) { + rv = NS_OK; + n = 0; + } + + if (NS_FAILED(rv)) { + // if the transaction didn't want to write any more data, then + // wait for the transaction to call ResumeSend. + if (rv == NS_BASE_STREAM_WOULD_BLOCK) + rv = NS_OK; + again = false; + } + else if (NS_FAILED(mSocketOutCondition)) { + if (mSocketOutCondition == NS_BASE_STREAM_WOULD_BLOCK) + rv = mSocketOut->AsyncWait(this, 0, 0, nullptr); // continue writing + else + rv = mSocketOutCondition; + again = false; + } + else if (n == 0) { + rv = NS_OK; + + if (mTransaction) { // in case the ReadSegments stack called CloseTransaction() + // + // at this point we've written out the entire transaction, and now we + // must wait for the server's response. we manufacture a status message + // here to reflect the fact that we are waiting. this message will be + // trumped (overwritten) if the server responds quickly. + // + mTransaction->OnTransportStatus(mSocketTransport, + NS_NET_STATUS_WAITING_FOR, + 0); + + rv = ResumeRecv(); // start reading + } + again = false; + } + // write more to the socket until error or end-of-request... + } while (again); + + return rv; +} + +nsresult +nsHttpConnection::OnWriteSegment(char *buf, + uint32_t count, + uint32_t *countWritten) +{ + if (count == 0) { + // some WriteSegments implementations will erroneously call the reader + // to provide 0 bytes worth of data. we must protect against this case + // or else we'd end up closing the socket prematurely. + NS_ERROR("bad WriteSegments implementation"); + return NS_ERROR_FAILURE; // stop iterating + } + + if (ChaosMode::isActive() && ChaosMode::randomUint32LessThan(2)) { + // read 1...count bytes + count = ChaosMode::randomUint32LessThan(count) + 1; + } + + nsresult rv = mSocketIn->Read(buf, count, countWritten); + if (NS_FAILED(rv)) + mSocketInCondition = rv; + else if (*countWritten == 0) + mSocketInCondition = NS_BASE_STREAM_CLOSED; + else + mSocketInCondition = NS_OK; // reset condition + + return mSocketInCondition; +} + +nsresult +nsHttpConnection::OnSocketReadable() +{ + LOG(("nsHttpConnection::OnSocketReadable [this=%p]\n", this)); + + PRIntervalTime now = PR_IntervalNow(); + PRIntervalTime delta = now - mLastReadTime; + + // Reset mResponseTimeoutEnabled to stop response timeout checks. + mResponseTimeoutEnabled = false; + + if (mKeepAliveMask && (delta >= mMaxHangTime)) { + LOG(("max hang time exceeded!\n")); + // give the handler a chance to create a new persistent connection to + // this host if we've been busy for too long. + mKeepAliveMask = false; + gHttpHandler->ProcessPendingQ(mConnInfo); + } + + // Look for data being sent in bursts with large pauses. If the pauses + // are caused by server bottlenecks such as think-time, disk i/o, or + // cpu exhaustion (as opposed to network latency) then we generate negative + // pipelining feedback to prevent head of line problems + + // Reduce the estimate of the time since last read by up to 1 RTT to + // accommodate exhausted sender TCP congestion windows or minor I/O delays. + + if (delta > mRtt) + delta -= mRtt; + else + delta = 0; + + static const PRIntervalTime k400ms = PR_MillisecondsToInterval(400); + + if (delta >= (mRtt + gHttpHandler->GetPipelineRescheduleTimeout())) { + LOG(("Read delta ms of %u causing slow read major " + "event and pipeline cancellation", + PR_IntervalToMilliseconds(delta))); + + gHttpHandler->ConnMgr()->PipelineFeedbackInfo( + mConnInfo, nsHttpConnectionMgr::BadSlowReadMajor, this, 0); + + if (gHttpHandler->GetPipelineRescheduleOnTimeout() && + mTransaction->PipelineDepth() > 1) { + nsHttpPipeline *pipeline = mTransaction->QueryPipeline(); + MOZ_ASSERT(pipeline, "pipelinedepth > 1 without pipeline"); + // code this defensively for the moment and check for null + // This will reschedule blocked members of the pipeline, but the + // blocking transaction (i.e. response 0) will not be changed. + if (pipeline) { + pipeline->CancelPipeline(NS_ERROR_NET_TIMEOUT); + LOG(("Rescheduling the head of line blocked members of a " + "pipeline because reschedule-timeout idle interval " + "exceeded")); + } + } + } + else if (delta > k400ms) { + gHttpHandler->ConnMgr()->PipelineFeedbackInfo( + mConnInfo, nsHttpConnectionMgr::BadSlowReadMinor, this, 0); + } + + mLastReadTime = now; + + nsresult rv; + uint32_t n; + bool again = true; + + do { + if (!mProxyConnectInProgress && !mNPNComplete) { + // Unless we are setting up a tunnel via CONNECT, prevent reading + // from the socket until the results of NPN + // negotiation are known (which is determined from the write path). + // If the server speaks SPDY it is likely the readable data here is + // a spdy settings frame and without NPN it would be misinterpreted + // as HTTP/* + + LOG(("nsHttpConnection::OnSocketReadable %p return due to inactive " + "tunnel setup but incomplete NPN state\n", this)); + rv = NS_OK; + break; + } + + rv = mTransaction->WriteSegments(this, nsIOService::gDefaultSegmentSize, &n); + if (NS_FAILED(rv)) { + // if the transaction didn't want to take any more data, then + // wait for the transaction to call ResumeRecv. + if (rv == NS_BASE_STREAM_WOULD_BLOCK) + rv = NS_OK; + again = false; + } + else { + mCurrentBytesRead += n; + mTotalBytesRead += n; + if (NS_FAILED(mSocketInCondition)) { + // continue waiting for the socket if necessary... + if (mSocketInCondition == NS_BASE_STREAM_WOULD_BLOCK) + rv = ResumeRecv(); + else + rv = mSocketInCondition; + again = false; + } + } + // read more from the socket until error... + } while (again); + + return rv; +} + +nsresult +nsHttpConnection::SetupProxyConnect() +{ + const char *val; + + LOG(("nsHttpConnection::SetupProxyConnect [this=%p]\n", this)); + + NS_ENSURE_TRUE(!mProxyConnectStream, NS_ERROR_ALREADY_INITIALIZED); + MOZ_ASSERT(!mUsingSpdyVersion, + "SPDY NPN Complete while using proxy connect stream"); + + nsAutoCString buf; + nsresult rv = nsHttpHandler::GenerateHostPort( + nsDependentCString(mConnInfo->Host()), mConnInfo->Port(), buf); + if (NS_FAILED(rv)) + return rv; + + // CONNECT host:port HTTP/1.1 + nsHttpRequestHead request; + request.SetMethod(NS_LITERAL_CSTRING("CONNECT")); + request.SetVersion(gHttpHandler->HttpVersion()); + request.SetRequestURI(buf); + request.SetHeader(nsHttp::User_Agent, gHttpHandler->UserAgent()); + + // a CONNECT is always persistent + request.SetHeader(nsHttp::Proxy_Connection, NS_LITERAL_CSTRING("keep-alive")); + request.SetHeader(nsHttp::Connection, NS_LITERAL_CSTRING("keep-alive")); + + // all HTTP/1.1 requests must include a Host header (even though it + // may seem redundant in this case; see bug 82388). + request.SetHeader(nsHttp::Host, buf); + + val = mTransaction->RequestHead()->PeekHeader(nsHttp::Proxy_Authorization); + if (val) { + // we don't know for sure if this authorization is intended for the + // SSL proxy, so we add it just in case. + request.SetHeader(nsHttp::Proxy_Authorization, nsDependentCString(val)); + } + + buf.Truncate(); + request.Flatten(buf, false); + buf.AppendLiteral("\r\n"); + + return NS_NewCStringInputStream(getter_AddRefs(mProxyConnectStream), buf); +} + +nsresult +nsHttpConnection::StartShortLivedTCPKeepalives() +{ + if (mUsingSpdyVersion) { + return NS_OK; + } + MOZ_ASSERT(mSocketTransport); + if (!mSocketTransport) { + return NS_ERROR_NOT_INITIALIZED; + } + + nsresult rv = NS_OK; + int32_t idleTimeS = -1; + int32_t retryIntervalS = -1; + if (gHttpHandler->TCPKeepaliveEnabledForShortLivedConns()) { + // Set the idle time. + idleTimeS = gHttpHandler->GetTCPKeepaliveShortLivedIdleTime(); + LOG(("nsHttpConnection::StartShortLivedTCPKeepalives[%p] " + "idle time[%ds].", this, idleTimeS)); + + retryIntervalS = + std::max((int32_t)PR_IntervalToSeconds(mRtt), 1); + rv = mSocketTransport->SetKeepaliveVals(idleTimeS, retryIntervalS); + if (NS_WARN_IF(NS_FAILED(rv))) { + return rv; + } + rv = mSocketTransport->SetKeepaliveEnabled(true); + mTCPKeepaliveConfig = kTCPKeepaliveShortLivedConfig; + } else { + rv = mSocketTransport->SetKeepaliveEnabled(false); + mTCPKeepaliveConfig = kTCPKeepaliveDisabled; + } + if (NS_WARN_IF(NS_FAILED(rv))) { + return rv; + } + + // Start a timer to move to long-lived keepalive config. + if(!mTCPKeepaliveTransitionTimer) { + mTCPKeepaliveTransitionTimer = + do_CreateInstance("@mozilla.org/timer;1"); + } + + if (mTCPKeepaliveTransitionTimer) { + int32_t time = gHttpHandler->GetTCPKeepaliveShortLivedTime(); + + // Adjust |time| to ensure a full set of keepalive probes can be sent + // at the end of the short-lived phase. + if (gHttpHandler->TCPKeepaliveEnabledForShortLivedConns()) { + if (NS_WARN_IF(!gSocketTransportService)) { + return NS_ERROR_NOT_INITIALIZED; + } + int32_t probeCount = -1; + rv = gSocketTransportService->GetKeepaliveProbeCount(&probeCount); + if (NS_WARN_IF(NS_FAILED(rv))) { + return rv; + } + if (NS_WARN_IF(probeCount <= 0)) { + return NS_ERROR_UNEXPECTED; + } + // Add time for final keepalive probes, and 2 seconds for a buffer. + time += ((probeCount) * retryIntervalS) - (time % idleTimeS) + 2; + } + mTCPKeepaliveTransitionTimer->InitWithFuncCallback( + nsHttpConnection::UpdateTCPKeepalive, + this, + (uint32_t)time*1000, + nsITimer::TYPE_ONE_SHOT); + } else { + NS_WARNING("nsHttpConnection::StartShortLivedTCPKeepalives failed to " + "create timer."); + } + + return NS_OK; +} + +nsresult +nsHttpConnection::StartLongLivedTCPKeepalives() +{ + MOZ_ASSERT(!mUsingSpdyVersion, "Don't use TCP Keepalive with SPDY!"); + if (NS_WARN_IF(mUsingSpdyVersion)) { + return NS_OK; + } + MOZ_ASSERT(mSocketTransport); + if (!mSocketTransport) { + return NS_ERROR_NOT_INITIALIZED; + } + + nsresult rv = NS_OK; + if (gHttpHandler->TCPKeepaliveEnabledForLongLivedConns()) { + // Increase the idle time. + int32_t idleTimeS = gHttpHandler->GetTCPKeepaliveLongLivedIdleTime(); + LOG(("nsHttpConnection::StartLongLivedTCPKeepalives[%p] idle time[%ds]", + this, idleTimeS)); + + int32_t retryIntervalS = + std::max((int32_t)PR_IntervalToSeconds(mRtt), 1); + rv = mSocketTransport->SetKeepaliveVals(idleTimeS, retryIntervalS); + if (NS_WARN_IF(NS_FAILED(rv))) { + return rv; + } + + // Ensure keepalive is enabled, if current status is disabled. + if (mTCPKeepaliveConfig == kTCPKeepaliveDisabled) { + rv = mSocketTransport->SetKeepaliveEnabled(true); + if (NS_WARN_IF(NS_FAILED(rv))) { + return rv; + } + } + mTCPKeepaliveConfig = kTCPKeepaliveLongLivedConfig; + } else { + rv = mSocketTransport->SetKeepaliveEnabled(false); + mTCPKeepaliveConfig = kTCPKeepaliveDisabled; + } + + if (NS_WARN_IF(NS_FAILED(rv))) { + return rv; + } + return NS_OK; +} + +nsresult +nsHttpConnection::DisableTCPKeepalives() +{ + MOZ_ASSERT(mSocketTransport); + if (!mSocketTransport) { + return NS_ERROR_NOT_INITIALIZED; + } + LOG(("nsHttpConnection::DisableTCPKeepalives [%p]", this)); + if (mTCPKeepaliveConfig != kTCPKeepaliveDisabled) { + nsresult rv = mSocketTransport->SetKeepaliveEnabled(false); + if (NS_WARN_IF(NS_FAILED(rv))) { + return rv; + } + mTCPKeepaliveConfig = kTCPKeepaliveDisabled; + } + if (mTCPKeepaliveTransitionTimer) { + mTCPKeepaliveTransitionTimer->Cancel(); + mTCPKeepaliveTransitionTimer = nullptr; + } + return NS_OK; +} + +//----------------------------------------------------------------------------- +// nsHttpConnection::nsISupports +//----------------------------------------------------------------------------- + +NS_IMPL_ISUPPORTS(nsHttpConnection, + nsIInputStreamCallback, + nsIOutputStreamCallback, + nsITransportEventSink, + nsIInterfaceRequestor) + +//----------------------------------------------------------------------------- +// nsHttpConnection::nsIInputStreamCallback +//----------------------------------------------------------------------------- + +// called on the socket transport thread +NS_IMETHODIMP +nsHttpConnection::OnInputStreamReady(nsIAsyncInputStream *in) +{ + MOZ_ASSERT(in == mSocketIn, "unexpected stream"); + MOZ_ASSERT(PR_GetCurrentThread() == gSocketThread); + + if (mIdleMonitoring) { + MOZ_ASSERT(!mTransaction, "Idle Input Event While Active"); + + // The only read event that is protocol compliant for an idle connection + // is an EOF, which we check for with CanReuse(). If the data is + // something else then just ignore it and suspend checking for EOF - + // our normal timers or protocol stack are the place to deal with + // any exception logic. + + if (!CanReuse()) { + LOG(("Server initiated close of idle conn %p\n", this)); + gHttpHandler->ConnMgr()->CloseIdleConnection(this); + return NS_OK; + } + + LOG(("Input data on idle conn %p, but not closing yet\n", this)); + return NS_OK; + } + + // if the transaction was dropped... + if (!mTransaction) { + LOG((" no transaction; ignoring event\n")); + return NS_OK; + } + + nsresult rv = OnSocketReadable(); + if (NS_FAILED(rv)) + CloseTransaction(mTransaction, rv); + + return NS_OK; +} + +//----------------------------------------------------------------------------- +// nsHttpConnection::nsIOutputStreamCallback +//----------------------------------------------------------------------------- + +NS_IMETHODIMP +nsHttpConnection::OnOutputStreamReady(nsIAsyncOutputStream *out) +{ + MOZ_ASSERT(PR_GetCurrentThread() == gSocketThread); + MOZ_ASSERT(out == mSocketOut, "unexpected socket"); + + // if the transaction was dropped... + if (!mTransaction) { + LOG((" no transaction; ignoring event\n")); + return NS_OK; + } + + nsresult rv = OnSocketWritable(); + if (NS_FAILED(rv)) + CloseTransaction(mTransaction, rv); + + return NS_OK; +} + +//----------------------------------------------------------------------------- +// nsHttpConnection::nsITransportEventSink +//----------------------------------------------------------------------------- + +NS_IMETHODIMP +nsHttpConnection::OnTransportStatus(nsITransport *trans, + nsresult status, + uint64_t progress, + uint64_t progressMax) +{ + if (mTransaction) + mTransaction->OnTransportStatus(trans, status, progress); + return NS_OK; +} + +//----------------------------------------------------------------------------- +// nsHttpConnection::nsIInterfaceRequestor +//----------------------------------------------------------------------------- + +// not called on the socket transport thread +NS_IMETHODIMP +nsHttpConnection::GetInterface(const nsIID &iid, void **result) +{ + // NOTE: This function is only called on the UI thread via sync proxy from + // the socket transport thread. If that weren't the case, then we'd + // have to worry about the possibility of mTransaction going away + // part-way through this function call. See CloseTransaction. + + // NOTE - there is a bug here, the call to getinterface is proxied off the + // nss thread, not the ui thread as the above comment says. So there is + // indeed a chance of mTransaction going away. bug 615342 + + MOZ_ASSERT(PR_GetCurrentThread() != gSocketThread); + + nsCOMPtr callbacks; + { + MutexAutoLock lock(mCallbacksLock); + callbacks = mCallbacks; + } + if (callbacks) + return callbacks->GetInterface(iid, result); + return NS_ERROR_NO_INTERFACE; +} + +} // namespace mozilla::net +} // namespace mozilla