1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
|
// Copyright 2018 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef NET_SOCKET_TRANSPORT_CONNECT_JOB_H_
#define NET_SOCKET_TRANSPORT_CONNECT_JOB_H_
#include <memory>
#include <optional>
#include <set>
#include <string>
#include <variant>
#include <vector>
#include "base/containers/flat_set.h"
#include "base/containers/span.h"
#include "base/memory/ref_counted.h"
#include "base/memory/weak_ptr.h"
#include "base/time/time.h"
#include "base/timer/timer.h"
#include "net/base/host_port_pair.h"
#include "net/base/net_export.h"
#include "net/base/network_anonymization_key.h"
#include "net/dns/host_resolver.h"
#include "net/dns/public/host_resolver_results.h"
#include "net/dns/public/resolve_error_info.h"
#include "net/dns/public/secure_dns_policy.h"
#include "net/socket/connect_job.h"
#include "net/socket/connection_attempts.h"
#include "url/scheme_host_port.h"
namespace net {
class NetLogWithSource;
class SocketTag;
class TransportConnectSubJob;
class NET_EXPORT_PRIVATE TransportSocketParams
: public base::RefCounted<TransportSocketParams> {
public:
// Representation of the destination endpoint of the transport
// socket/connection. Unlike ConnectJobFactory::Endpoint, this does not have a
// `using_ssl` field for schemeless endpoints because that has no meaning for
// transport parameters.
using Endpoint = std::variant<url::SchemeHostPort, HostPortPair>;
// `host_resolution_callback` will be invoked after the the hostname is
// resolved. `network_anonymization_key` is passed to the HostResolver to
// prevent cross-NAK leaks. If `host_resolution_callback` does not return OK,
// then the connection will be aborted with that value. `supported_alpns`
// specifies ALPN protocols for selecting HTTPS/SVCB records. If empty,
// addresses from HTTPS/SVCB records will be ignored and only A/AAAA will be
// used.
TransportSocketParams(Endpoint destination,
NetworkAnonymizationKey network_anonymization_key,
SecureDnsPolicy secure_dns_policy,
OnHostResolutionCallback host_resolution_callback,
base::flat_set<std::string> supported_alpns);
TransportSocketParams(const TransportSocketParams&) = delete;
TransportSocketParams& operator=(const TransportSocketParams&) = delete;
const Endpoint& destination() const { return destination_; }
const NetworkAnonymizationKey& network_anonymization_key() const {
return network_anonymization_key_;
}
SecureDnsPolicy secure_dns_policy() const { return secure_dns_policy_; }
const OnHostResolutionCallback& host_resolution_callback() const {
return host_resolution_callback_;
}
const base::flat_set<std::string>& supported_alpns() const {
return supported_alpns_;
}
private:
friend class base::RefCounted<TransportSocketParams>;
~TransportSocketParams();
const Endpoint destination_;
const NetworkAnonymizationKey network_anonymization_key_;
const SecureDnsPolicy secure_dns_policy_;
const OnHostResolutionCallback host_resolution_callback_;
const base::flat_set<std::string> supported_alpns_;
};
// TransportConnectJob handles the host resolution necessary for socket creation
// and the transport (likely TCP) connect. TransportConnectJob also has fallback
// logic for IPv6 connect() timeouts (which may happen due to networks / routers
// with broken IPv6 support). Those timeouts take 20s, so rather than make the
// user wait 20s for the timeout to fire, we use a fallback timer
// (kIPv6FallbackTime) and start a connect() to a IPv4 address if the timer
// fires. Then we race the IPv4 connect() against the IPv6 connect() (which has
// a headstart) and return the one that completes first to the socket pool.
class NET_EXPORT_PRIVATE TransportConnectJob : public ConnectJob {
public:
class NET_EXPORT_PRIVATE Factory {
public:
Factory() = default;
virtual ~Factory() = default;
virtual std::unique_ptr<TransportConnectJob> Create(
RequestPriority priority,
const SocketTag& socket_tag,
const CommonConnectJobParams* common_connect_job_params,
const scoped_refptr<TransportSocketParams>& params,
Delegate* delegate,
const NetLogWithSource* net_log);
};
// In cases where both IPv6 and IPv4 addresses were returned from DNS,
// TransportConnectJobs will start a second connection attempt to just the
// IPv4 addresses after this much time. (This is "Happy Eyeballs".)
//
// TODO(willchan): Base this off RTT instead of statically setting it. Note we
// choose a timeout that is different from the backup connect job timer so
// they don't synchronize.
static constexpr base::TimeDelta kIPv6FallbackTime = base::Milliseconds(300);
struct NET_EXPORT_PRIVATE EndpointResultOverride {
EndpointResultOverride(HostResolverEndpointResult result,
std::set<std::string> dns_aliases);
EndpointResultOverride(EndpointResultOverride&&);
EndpointResultOverride(const EndpointResultOverride&);
~EndpointResultOverride();
EndpointResultOverride& operator=(EndpointResultOverride&&) = default;
EndpointResultOverride& operator=(const EndpointResultOverride&) = default;
HostResolverEndpointResult result;
std::set<std::string> dns_aliases;
};
TransportConnectJob(RequestPriority priority,
const SocketTag& socket_tag,
const CommonConnectJobParams* common_connect_job_params,
const scoped_refptr<TransportSocketParams>& params,
Delegate* delegate,
const NetLogWithSource* net_log,
std::optional<EndpointResultOverride>
endpoint_result_override = std::nullopt);
TransportConnectJob(const TransportConnectJob&) = delete;
TransportConnectJob& operator=(const TransportConnectJob&) = delete;
~TransportConnectJob() override;
// ConnectJob methods.
LoadState GetLoadState() const override;
bool HasEstablishedConnection() const override;
ConnectionAttempts GetConnectionAttempts() const override;
ResolveErrorInfo GetResolveErrorInfo() const override;
std::optional<HostResolverEndpointResult> GetHostResolverEndpointResult()
const override;
static base::TimeDelta ConnectionTimeout();
private:
friend class TransportConnectSubJob;
enum State {
STATE_RESOLVE_HOST,
STATE_RESOLVE_HOST_COMPLETE,
STATE_RESOLVE_HOST_CALLBACK_COMPLETE,
STATE_TRANSPORT_CONNECT,
STATE_TRANSPORT_CONNECT_COMPLETE,
STATE_NONE,
};
// Although it is not strictly necessary, it makes the code simpler if each
// subjob knows what type it is.
enum SubJobType { SUB_JOB_IPV4, SUB_JOB_IPV6 };
void OnIOComplete(int result);
int DoLoop(int result);
int DoResolveHost();
int DoResolveHostComplete(int result);
int DoResolveHostCallbackComplete();
int DoTransportConnect();
int DoTransportConnectComplete(int result);
// Helper method called called when a SubJob completes, synchronously
// or asynchronously. Returns `ERR_IO_PENDING` if there is more work to
// do and another error if completed. It's up to the caller to manage
// advancing `DoLoop` if a value other than `ERR_IO_PENDING` is returned.
int HandleSubJobComplete(int result, TransportConnectSubJob* job);
// Called back from a SubJob when it completes. Invokes `OnIOComplete`,
// re-entering `DoLoop`, if there is no more work to do. Must not
// be called from within `DoLoop`.
void OnSubJobComplete(int result, TransportConnectSubJob* job);
// Called from |fallback_timer_|.
void StartIPv4JobAsync();
// Begins the host resolution and the TCP connect. Returns OK on success
// and ERR_IO_PENDING if it cannot immediately service the request.
// Otherwise, it returns a net error code.
int ConnectInternal() override;
void ChangePriorityInternal(RequestPriority priority) override;
// Returns whether the client should be SVCB-optional when connecting to
// `results`.
bool IsSvcbOptional(
base::span<const HostResolverEndpointResult> results) const;
// Returns whether `result` is usable for this connection. If `svcb_optional`
// is true, the non-HTTPS/SVCB fallback is allowed.
bool IsEndpointResultUsable(const HostResolverEndpointResult& result,
bool svcb_optional) const;
// Returns the `HostResolverEndpointResult` for the current subjobs.
const HostResolverEndpointResult& GetEndpointResultForCurrentSubJobs() const;
scoped_refptr<TransportSocketParams> params_;
std::unique_ptr<HostResolver::ResolveHostRequest> request_;
std::vector<HostResolverEndpointResult> endpoint_results_;
size_t current_endpoint_result_ = 0;
std::set<std::string> dns_aliases_;
bool has_dns_override_ = false;
State next_state_ = STATE_NONE;
// The addresses are divided into IPv4 and IPv6, which are performed partially
// in parallel. If the list of IPv6 addresses is non-empty, then the IPv6 jobs
// go first, followed after `kIPv6FallbackTime` by the IPv4 addresses. The
// first sub-job to establish a connection wins. If one sub-job fails, the
// other one is launched if needed, and we wait for it to complete.
std::unique_ptr<TransportConnectSubJob> ipv4_job_;
std::unique_ptr<TransportConnectSubJob> ipv6_job_;
base::OneShotTimer fallback_timer_;
ResolveErrorInfo resolve_error_info_;
ConnectionAttempts connection_attempts_;
base::WeakPtrFactory<TransportConnectJob> weak_ptr_factory_{this};
};
} // namespace net
#endif // NET_SOCKET_TRANSPORT_CONNECT_JOB_H_
|
