author Dragana Damjanovic <>
Fri, 08 Feb 2019 09:13:21 +0000
changeset 515864 81b95ee7a2f3a2e09ac4428bafe6957f5942781a
parent 509426 da0b07a8386c07b7b4c54a5c001fbedc64fa79eb
child 518501 ac53eefd531e1ad41490211ed173b4ff3fe4a917
permissions -rw-r--r--
Bug 1520483 - Return proper error if the nss layer encounters an error on the http tunnel. r=valentin,kershaw, a=RyanVM Differential Revision:

/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */

/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at */

#ifndef mozilla_net_TLSFilterTransaction_h
#define mozilla_net_TLSFilterTransaction_h

#include "mozilla/Attributes.h"
#include "mozilla/UniquePtr.h"
#include "nsAHttpTransaction.h"
#include "nsIAsyncInputStream.h"
#include "nsIAsyncOutputStream.h"
#include "nsINamed.h"
#include "nsISocketTransport.h"
#include "nsITimer.h"
#include "NullHttpTransaction.h"
#include "mozilla/TimeStamp.h"
#include "prio.h"

// a TLSFilterTransaction wraps another nsAHttpTransaction but
// applies a encode/decode filter of TLS onto the ReadSegments
// and WriteSegments data. It is not used for basic https://
// but it is used for supplemental TLS tunnels - such as those
// needed by CONNECT tunnels in HTTP/2 or even CONNECT tunnels when
// the underlying proxy connection is already running TLS
// HTTP/2 CONNECT tunnels cannot use pushed IO layers because of
// the multiplexing involved on the base stream. i.e. the base stream
// once it is decrypted may have parts that are encrypted with a
// variety of keys, or none at all

/* ************************************************************************
The input path of http over a spdy CONNECT tunnel once it is established as a

note the "real http transaction" can be either a http/1 transaction or another
spdy session inside the tunnel.

  nsHttpConnection::OnInputStreamReady (real socket)
  SpdyStream::WriteSegment (tunnel stream)
  SpdyStream::OnWriteSegment(tunnel stream)
  nsHttpConnection::OnWriteSegment (real socket)
  realSocketIn->Read() return data from network

now pop the stack back up to SpdyConnectTransaction::WriteSegment, the data
that has been read is stored mInputData

  nsHttpTransaction::WriteSegment(real http transaction)
  TLSFilterTransaction::OnWriteSegment() removes tls on way back up stack
  // gets data from mInputData

The output path works similarly:
  nsHttpConnection::OnOutputStreamReady (real socket)
  SpdySession::ReadSegments (locates tunnel)
  SpdyStream::ReadSegments (tunnel stream)
  SpdyConnectTransaction.mTunneledConn::OnOutputStreamReady (tunnel connection)
  SpdyConnectTransaction.mTunneledConn::OnSocketWritable (tunnel connection)
  nsHttpTransaction::ReadSegment (real http transaction generates plaintext on
                                  way down)
  TLSFilterTransaction::OnReadSegment (BUF and LEN gets encrypted here on way
  SpdyConnectTransaction.mTunneledConn::OnReadSegment (BUF and LEN)
                                                      (tunnel connection)
  SpdyConnectTransaction.mTunneledConn.mTunnelStreamOut->Write(BUF, LEN) ..
                                                     get stored in mOutputData

Now pop the stack back up to SpdyConnectTransaction::ReadSegment(), where it has
the encrypted text available in mOutputData

  SpdyStream->OnReadSegment(BUF,LEN) from mOutputData. Tunnel stream
  SpdySession->OnReadSegment() // encrypted data gets put in a data frame
  realSocketOut->write() writes data to network


struct PRSocketOptionData;

namespace mozilla {
namespace net {

class nsHttpRequestHead;
class NullHttpTransaction;
class TLSFilterTransaction;

class NudgeTunnelCallback : public nsISupports {
  virtual nsresult OnTunnelNudged(TLSFilterTransaction *) = 0;

  nsresult OnTunnelNudged(TLSFilterTransaction *) override;

class TLSFilterTransaction final : public nsAHttpTransaction,
                                   public nsAHttpSegmentReader,
                                   public nsAHttpSegmentWriter,
                                   public nsITimerCallback,
                                   public nsINamed {


  TLSFilterTransaction(nsAHttpTransaction *aWrappedTransaction,
                       const char *tlsHost, int32_t tlsPort,
                       nsAHttpSegmentReader *reader,
                       nsAHttpSegmentWriter *writer);

  const nsAHttpTransaction *Transaction() const { return mTransaction.get(); }
  MOZ_MUST_USE nsresult CommitToSegmentSize(uint32_t size,
                                            bool forceCommitment) override;
  MOZ_MUST_USE nsresult GetTransactionSecurityInfo(nsISupports **) override;
  MOZ_MUST_USE nsresult NudgeTunnel(NudgeTunnelCallback *callback);
  MOZ_MUST_USE nsresult
  SetProxiedTransaction(nsAHttpTransaction *aTrans,
                        nsAHttpTransaction *aSpdyConnectTransaction = nullptr);
  void newIODriver(nsIAsyncInputStream *aSocketIn,
                   nsIAsyncOutputStream *aSocketOut,
                   nsIAsyncInputStream **outSocketIn,
                   nsIAsyncOutputStream **outSocketOut);

  // nsAHttpTransaction overloads
  bool IsNullTransaction() override;
  NullHttpTransaction *QueryNullTransaction() override;
  nsHttpTransaction *QueryHttpTransaction() override;
  SpdyConnectTransaction *QuerySpdyConnectTransaction() override;

  MOZ_MUST_USE nsresult StartTimerCallback();
  void Cleanup();
  int32_t FilterOutput(const char *aBuf, int32_t aAmount);
  int32_t FilterInput(char *aBuf, int32_t aAmount);

  static PRStatus GetPeerName(PRFileDesc *fd, PRNetAddr *addr);
  static PRStatus GetSocketOption(PRFileDesc *fd, PRSocketOptionData *data);
  static PRStatus SetSocketOption(PRFileDesc *fd,
                                  const PRSocketOptionData *data);
  static int32_t FilterWrite(PRFileDesc *fd, const void *buf, int32_t amount);
  static int32_t FilterRead(PRFileDesc *fd, void *buf, int32_t amount);
  static int32_t FilterSend(PRFileDesc *fd, const void *buf, int32_t amount,
                            int flags, PRIntervalTime timeout);
  static int32_t FilterRecv(PRFileDesc *fd, void *buf, int32_t amount,
                            int flags, PRIntervalTime timeout);
  static PRStatus FilterClose(PRFileDesc *fd);

  RefPtr<nsAHttpTransaction> mTransaction;
  nsWeakPtr mWeakTrans;  // SpdyConnectTransaction *
  nsCOMPtr<nsISupports> mSecInfo;
  nsCOMPtr<nsITimer> mTimer;
  RefPtr<NudgeTunnelCallback> mNudgeCallback;

  // buffered network output, after encryption
  UniquePtr<char[]> mEncryptedText;
  uint32_t mEncryptedTextUsed;
  uint32_t mEncryptedTextSize;

  PRFileDesc *mFD;
  nsAHttpSegmentReader *mSegmentReader;
  nsAHttpSegmentWriter *mSegmentWriter;

  nsresult mFilterReadCode;
  bool mForce;
  nsresult mReadSegmentReturnValue;
  uint32_t mNudgeCounter;

class SocketTransportShim;
class InputStreamShim;
class OutputStreamShim;
class nsHttpConnection;

class SpdyConnectTransaction final : public NullHttpTransaction {
  SpdyConnectTransaction(nsHttpConnectionInfo *ci,
                         nsIInterfaceRequestor *callbacks, uint32_t caps,
                         nsHttpTransaction *trans, nsAHttpConnection *session,
                         bool isWebsocket);

  SpdyConnectTransaction *QuerySpdyConnectTransaction() override {
    return this;

  // A transaction is forced into plaintext when it is intended to be used as a
  // CONNECT tunnel but the setup fails. The plaintext only carries the CONNECT
  // error.
  void ForcePlainText();
  void MapStreamToHttpConnection(nsISocketTransport *aTransport,
                                 nsHttpConnectionInfo *aConnInfo);

  MOZ_MUST_USE nsresult ReadSegments(nsAHttpSegmentReader *reader,
                                     uint32_t count, uint32_t *countRead) final;
  MOZ_MUST_USE nsresult WriteSegments(nsAHttpSegmentWriter *writer,
                                      uint32_t count,
                                      uint32_t *countWritten) final;
  nsHttpRequestHead *RequestHead() final;
  void Close(nsresult reason) final;

  // ConnectedReadyForInput() tests whether the spdy connect transaction is
  // attached to an nsHttpConnection that can properly deal with flow control,
  // etc..
  bool ConnectedReadyForInput();

  bool IsWebsocket() { return mIsWebsocket; }
  void SetConnRefTaken();

  friend class InputStreamShim;
  friend class OutputStreamShim;

  MOZ_MUST_USE nsresult Flush(uint32_t count, uint32_t *countRead);
  void CreateShimError(nsresult code);

  nsCString mConnectString;
  uint32_t mConnectStringOffset;

  nsAHttpConnection *mSession;
  nsAHttpSegmentReader *mSegmentReader;

  UniquePtr<char[]> mInputData;
  uint32_t mInputDataSize;
  uint32_t mInputDataUsed;
  uint32_t mInputDataOffset;

  UniquePtr<char[]> mOutputData;
  uint32_t mOutputDataSize;
  uint32_t mOutputDataUsed;
  uint32_t mOutputDataOffset;

  bool mForcePlainText;
  TimeStamp mTimestampSyn;
  RefPtr<nsHttpConnectionInfo> mConnInfo;

  // mTunneledConn, mTunnelTransport, mTunnelStreamIn, mTunnelStreamOut
  // are the connectors to the "real" http connection. They are created
  // together when the tunnel setup is complete and a static reference is held
  // for the lifetime of the tunnel.
  RefPtr<nsHttpConnection> mTunneledConn;
  RefPtr<SocketTransportShim> mTunnelTransport;
  RefPtr<InputStreamShim> mTunnelStreamIn;
  RefPtr<OutputStreamShim> mTunnelStreamOut;
  RefPtr<nsHttpTransaction> mDrivingTransaction;

  // This is all for websocket support
  bool mIsWebsocket;
  bool mConnRefTaken;
  nsCOMPtr<nsIAsyncOutputStream> mInputShimPipe;
  nsCOMPtr<nsIAsyncInputStream> mOutputShimPipe;
  nsresult WriteDataToBuffer(nsAHttpSegmentWriter *writer, uint32_t count,
                             uint32_t *countWritten);
  MOZ_MUST_USE nsresult WebsocketWriteSegments(nsAHttpSegmentWriter *writer,
                                               uint32_t count,
                                               uint32_t *countWritten);

  bool mCreateShimErrorCalled;

}  // namespace net
}  // namespace mozilla

#endif  // mozilla_net_TLSFilterTransaction_h