search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge Chromium + Blink git repositories
[chromium-blink-merge.git] / net / websockets / websocket_channel.cc
blob0237ca10330832a0321aef8f96831c3596838c44
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/websockets/websocket_channel.h"
6
7 #include <limits.h> // for INT_MAX
8
9 #include <algorithm>
10 #include <deque>
11
12 #include "base/basictypes.h" // for size_t
13 #include "base/big_endian.h"
14 #include "base/bind.h"
15 #include "base/compiler_specific.h"
16 #include "base/location.h"
17 #include "base/memory/ref_counted.h"
18 #include "base/memory/weak_ptr.h"
19 #include "base/metrics/histogram_macros.h"
20 #include "base/numerics/safe_conversions.h"
21 #include "base/single_thread_task_runner.h"
22 #include "base/stl_util.h"
23 #include "base/strings/stringprintf.h"
24 #include "base/thread_task_runner_handle.h"
25 #include "base/time/time.h"
26 #include "net/base/io_buffer.h"
27 #include "net/http/http_request_headers.h"
28 #include "net/http/http_response_headers.h"
29 #include "net/http/http_util.h"
30 #include "net/log/net_log.h"
31 #include "net/websockets/websocket_errors.h"
32 #include "net/websockets/websocket_event_interface.h"
33 #include "net/websockets/websocket_frame.h"
34 #include "net/websockets/websocket_handshake_request_info.h"
35 #include "net/websockets/websocket_handshake_response_info.h"
36 #include "net/websockets/websocket_mux.h"
37 #include "net/websockets/websocket_stream.h"
38 #include "url/origin.h"
39
40 namespace net {
41
42 namespace {
43
44 using base::StreamingUtf8Validator;
45
46 const int kDefaultSendQuotaLowWaterMark = 1 << 16;
47 const int kDefaultSendQuotaHighWaterMark = 1 << 17;
48 const size_t kWebSocketCloseCodeLength = 2;
49 // Timeout for waiting for the server to acknowledge a closing handshake.
50 const int kClosingHandshakeTimeoutSeconds = 60;
51 // We wait for the server to close the underlying connection as recommended in
52 // https://tools.ietf.org/html/rfc6455#section-7.1.1
53 // We don't use 2MSL since there're server implementations that don't follow
54 // the recommendation and wait for the client to close the underlying
55 // connection. It leads to unnecessarily long time before CloseEvent
56 // invocation. We want to avoid this rather than strictly following the spec
57 // recommendation.
58 const int kUnderlyingConnectionCloseTimeoutSeconds = 2;
59
60 typedef WebSocketEventInterface::ChannelState ChannelState;
61 const ChannelState CHANNEL_ALIVE = WebSocketEventInterface::CHANNEL_ALIVE;
62 const ChannelState CHANNEL_DELETED = WebSocketEventInterface::CHANNEL_DELETED;
63
64 // Maximum close reason length = max control frame payload -
65 // status code length
66 // = 125 - 2
67 const size_t kMaximumCloseReasonLength = 125 - kWebSocketCloseCodeLength;
68
69 // Check a close status code for strict compliance with RFC6455. This is only
70 // used for close codes received from a renderer that we are intending to send
71 // out over the network. See ParseClose() for the restrictions on incoming close
72 // codes. The |code| parameter is type int for convenience of implementation;
73 // the real type is uint16. Code 1005 is treated specially; it cannot be set
74 // explicitly by Javascript but the renderer uses it to indicate we should send
75 // a Close frame with no payload.
76 bool IsStrictlyValidCloseStatusCode(int code) {
77 static const int kInvalidRanges[] = {
78 // [BAD, OK)
79 0, 1000, // 1000 is the first valid code
80 1006, 1007, // 1006 MUST NOT be set.
81 1014, 3000, // 1014 unassigned; 1015 up to 2999 are reserved.
82 5000, 65536, // Codes above 5000 are invalid.
83 };
84 const int* const kInvalidRangesEnd =
85 kInvalidRanges + arraysize(kInvalidRanges);
86
87 DCHECK_GE(code, 0);
88 DCHECK_LT(code, 65536);
89 const int* upper = std::upper_bound(kInvalidRanges, kInvalidRangesEnd, code);
90 DCHECK_NE(kInvalidRangesEnd, upper);
91 DCHECK_GT(upper, kInvalidRanges);
92 DCHECK_GT(*upper, code);
93 DCHECK_LE(*(upper - 1), code);
94 return ((upper - kInvalidRanges) % 2) == 0;
95 }
96
97 // Sets |name| to the name of the frame type for the given |opcode|. Note that
98 // for all of Text, Binary and Continuation opcode, this method returns
99 // "Data frame".
100 void GetFrameTypeForOpcode(WebSocketFrameHeader::OpCode opcode,
101 std::string* name) {
102 switch (opcode) {
103 case WebSocketFrameHeader::kOpCodeText: // fall-thru
104 case WebSocketFrameHeader::kOpCodeBinary: // fall-thru
105 case WebSocketFrameHeader::kOpCodeContinuation:
106 *name = "Data frame";
107 break;
108
109 case WebSocketFrameHeader::kOpCodePing:
110 *name = "Ping";
111 break;
112
113 case WebSocketFrameHeader::kOpCodePong:
114 *name = "Pong";
115 break;
116
117 case WebSocketFrameHeader::kOpCodeClose:
118 *name = "Close";
119 break;
120
121 default:
122 *name = "Unknown frame type";
123 break;
124 }
125
126 return;
127 }
128
129 } // namespace
130
131 // A class to encapsulate a set of frames and information about the size of
132 // those frames.
133 class WebSocketChannel::SendBuffer {
134 public:
135 SendBuffer() : total_bytes_(0) {}
136
137 // Add a WebSocketFrame to the buffer and increase total_bytes_.
138 void AddFrame(scoped_ptr<WebSocketFrame> chunk);
139
140 // Return a pointer to the frames_ for write purposes.
141 ScopedVector<WebSocketFrame>* frames() { return &frames_; }
142
143 private:
144 // The frames_ that will be sent in the next call to WriteFrames().
145 ScopedVector<WebSocketFrame> frames_;
146
147 // The total size of the payload data in |frames_|. This will be used to
148 // measure the throughput of the link.
149 // TODO(ricea): Measure the throughput of the link.
150 uint64 total_bytes_;
151 };
152
153 void WebSocketChannel::SendBuffer::AddFrame(scoped_ptr<WebSocketFrame> frame) {
154 total_bytes_ += frame->header.payload_length;
155 frames_.push_back(frame.Pass());
156 }
157
158 // Implementation of WebSocketStream::ConnectDelegate that simply forwards the
159 // calls on to the WebSocketChannel that created it.
160 class WebSocketChannel::ConnectDelegate
161 : public WebSocketStream::ConnectDelegate {
162 public:
163 explicit ConnectDelegate(WebSocketChannel* creator) : creator_(creator) {}
164
165 void OnSuccess(scoped_ptr<WebSocketStream> stream) override {
166 creator_->OnConnectSuccess(stream.Pass());
167 // |this| may have been deleted.
168 }
169
170 void OnFailure(const std::string& message) override {
171 creator_->OnConnectFailure(message);
172 // |this| has been deleted.
173 }
174
175 void OnStartOpeningHandshake(
176 scoped_ptr<WebSocketHandshakeRequestInfo> request) override {
177 creator_->OnStartOpeningHandshake(request.Pass());
178 }
179
180 void OnFinishOpeningHandshake(
181 scoped_ptr<WebSocketHandshakeResponseInfo> response) override {
182 creator_->OnFinishOpeningHandshake(response.Pass());
183 }
184
185 void OnSSLCertificateError(
186 scoped_ptr<WebSocketEventInterface::SSLErrorCallbacks>
187 ssl_error_callbacks,
188 const SSLInfo& ssl_info,
189 bool fatal) override {
190 creator_->OnSSLCertificateError(
191 ssl_error_callbacks.Pass(), ssl_info, fatal);
192 }
193
194 private:
195 // A pointer to the WebSocketChannel that created this object. There is no
196 // danger of this pointer being stale, because deleting the WebSocketChannel
197 // cancels the connect process, deleting this object and preventing its
198 // callbacks from being called.
199 WebSocketChannel* const creator_;
200
201 DISALLOW_COPY_AND_ASSIGN(ConnectDelegate);
202 };
203
204 class WebSocketChannel::HandshakeNotificationSender
205 : public base::SupportsWeakPtr<HandshakeNotificationSender> {
206 public:
207 explicit HandshakeNotificationSender(WebSocketChannel* channel);
208 ~HandshakeNotificationSender();
209
210 static void Send(base::WeakPtr<HandshakeNotificationSender> sender);
211
212 ChannelState SendImmediately(WebSocketEventInterface* event_interface);
213
214 const WebSocketHandshakeRequestInfo* handshake_request_info() const {
215 return handshake_request_info_.get();
216 }
217
218 void set_handshake_request_info(
219 scoped_ptr<WebSocketHandshakeRequestInfo> request_info) {
220 handshake_request_info_ = request_info.Pass();
221 }
222
223 const WebSocketHandshakeResponseInfo* handshake_response_info() const {
224 return handshake_response_info_.get();
225 }
226
227 void set_handshake_response_info(
228 scoped_ptr<WebSocketHandshakeResponseInfo> response_info) {
229 handshake_response_info_ = response_info.Pass();
230 }
231
232 private:
233 WebSocketChannel* owner_;
234 scoped_ptr<WebSocketHandshakeRequestInfo> handshake_request_info_;
235 scoped_ptr<WebSocketHandshakeResponseInfo> handshake_response_info_;
236 };
237
238 WebSocketChannel::HandshakeNotificationSender::HandshakeNotificationSender(
239 WebSocketChannel* channel)
240 : owner_(channel) {}
241
242 WebSocketChannel::HandshakeNotificationSender::~HandshakeNotificationSender() {}
243
244 void WebSocketChannel::HandshakeNotificationSender::Send(
245 base::WeakPtr<HandshakeNotificationSender> sender) {
246 // Do nothing if |sender| is already destructed.
247 if (sender) {
248 WebSocketChannel* channel = sender->owner_;
249 sender->SendImmediately(channel->event_interface_.get());
250 }
251 }
252
253 ChannelState WebSocketChannel::HandshakeNotificationSender::SendImmediately(
254 WebSocketEventInterface* event_interface) {
255
256 if (handshake_request_info_.get()) {
257 if (CHANNEL_DELETED == event_interface->OnStartOpeningHandshake(
258 handshake_request_info_.Pass()))
259 return CHANNEL_DELETED;
260 }
261
262 if (handshake_response_info_.get()) {
263 if (CHANNEL_DELETED == event_interface->OnFinishOpeningHandshake(
264 handshake_response_info_.Pass()))
265 return CHANNEL_DELETED;
266
267 // TODO(yhirano): We can release |this| to save memory because
268 // there will be no more opening handshake notification.
269 }
270
271 return CHANNEL_ALIVE;
272 }
273
274 WebSocketChannel::PendingReceivedFrame::PendingReceivedFrame(
275 bool final,
276 WebSocketFrameHeader::OpCode opcode,
277 const scoped_refptr<IOBuffer>& data,
278 uint64 offset,
279 uint64 size)
280 : final_(final),
281 opcode_(opcode),
282 data_(data),
283 offset_(offset),
284 size_(size) {}
285
286 WebSocketChannel::PendingReceivedFrame::~PendingReceivedFrame() {}
287
288 void WebSocketChannel::PendingReceivedFrame::ResetOpcode() {
289 DCHECK(WebSocketFrameHeader::IsKnownDataOpCode(opcode_));
290 opcode_ = WebSocketFrameHeader::kOpCodeContinuation;
291 }
292
293 void WebSocketChannel::PendingReceivedFrame::DidConsume(uint64 bytes) {
294 DCHECK_LE(offset_, size_);
295 DCHECK_LE(bytes, size_ - offset_);
296 offset_ += bytes;
297 }
298
299 WebSocketChannel::WebSocketChannel(
300 scoped_ptr<WebSocketEventInterface> event_interface,
301 URLRequestContext* url_request_context)
302 : event_interface_(event_interface.Pass()),
303 url_request_context_(url_request_context),
304 send_quota_low_water_mark_(kDefaultSendQuotaLowWaterMark),
305 send_quota_high_water_mark_(kDefaultSendQuotaHighWaterMark),
306 current_send_quota_(0),
307 current_receive_quota_(0),
308 closing_handshake_timeout_(base::TimeDelta::FromSeconds(
309 kClosingHandshakeTimeoutSeconds)),
310 underlying_connection_close_timeout_(base::TimeDelta::FromSeconds(
311 kUnderlyingConnectionCloseTimeoutSeconds)),
312 has_received_close_frame_(false),
313 received_close_code_(0),
314 state_(FRESHLY_CONSTRUCTED),
315 notification_sender_(new HandshakeNotificationSender(this)),
316 sending_text_message_(false),
317 receiving_text_message_(false),
318 expecting_to_handle_continuation_(false),
319 initial_frame_forwarded_(false) {}
320
321 WebSocketChannel::~WebSocketChannel() {
322 // The stream may hold a pointer to read_frames_, and so it needs to be
323 // destroyed first.
324 stream_.reset();
325 // The timer may have a callback pointing back to us, so stop it just in case
326 // someone decides to run the event loop from their destructor.
327 close_timer_.Stop();
328 }
329
330 void WebSocketChannel::SendAddChannelRequest(
331 const GURL& socket_url,
332 const std::vector<std::string>& requested_subprotocols,
333 const url::Origin& origin) {
334 // Delegate to the tested version.
335 SendAddChannelRequestWithSuppliedCreator(
336 socket_url,
337 requested_subprotocols,
338 origin,
339 base::Bind(&WebSocketStream::CreateAndConnectStream));
340 }
341
342 void WebSocketChannel::SetState(State new_state) {
343 DCHECK_NE(state_, new_state);
344
345 if (new_state == CONNECTED)
346 established_on_ = base::TimeTicks::Now();
347 if (state_ == CONNECTED && !established_on_.is_null()) {
348 UMA_HISTOGRAM_LONG_TIMES(
349 "Net.WebSocket.Duration", base::TimeTicks::Now() - established_on_);
350 }
351
352 state_ = new_state;
353 }
354
355 bool WebSocketChannel::InClosingState() const {
356 // The state RECV_CLOSED is not supported here, because it is only used in one
357 // code path and should not leak into the code in general.
358 DCHECK_NE(RECV_CLOSED, state_)
359 << "InClosingState called with state_ == RECV_CLOSED";
360 return state_ == SEND_CLOSED || state_ == CLOSE_WAIT || state_ == CLOSED;
361 }
362
363 void WebSocketChannel::SendFrame(bool fin,
364 WebSocketFrameHeader::OpCode op_code,
365 const std::vector<char>& data) {
366 if (data.size() > INT_MAX) {
367 NOTREACHED() << "Frame size sanity check failed";
368 return;
369 }
370 if (stream_ == NULL) {
371 LOG(DFATAL) << "Got SendFrame without a connection established; "
372 << "misbehaving renderer? fin=" << fin << " op_code=" << op_code
373 << " data.size()=" << data.size();
374 return;
375 }
376 if (InClosingState()) {
377 DVLOG(1) << "SendFrame called in state " << state_
378 << ". This may be a bug, or a harmless race.";
379 return;
380 }
381 if (state_ != CONNECTED) {
382 NOTREACHED() << "SendFrame() called in state " << state_;
383 return;
384 }
385 if (data.size() > base::checked_cast<size_t>(current_send_quota_)) {
386 // TODO(ricea): Kill renderer.
387 ignore_result(
388 FailChannel("Send quota exceeded", kWebSocketErrorGoingAway, ""));
389 // |this| has been deleted.
390 return;
391 }
392 if (!WebSocketFrameHeader::IsKnownDataOpCode(op_code)) {
393 LOG(DFATAL) << "Got SendFrame with bogus op_code " << op_code
394 << "; misbehaving renderer? fin=" << fin
395 << " data.size()=" << data.size();
396 return;
397 }
398 if (op_code == WebSocketFrameHeader::kOpCodeText ||
399 (op_code == WebSocketFrameHeader::kOpCodeContinuation &&
400 sending_text_message_)) {
401 StreamingUtf8Validator::State state =
402 outgoing_utf8_validator_.AddBytes(vector_as_array(&data), data.size());
403 if (state == StreamingUtf8Validator::INVALID ||
404 (state == StreamingUtf8Validator::VALID_MIDPOINT && fin)) {
405 // TODO(ricea): Kill renderer.
406 ignore_result(
407 FailChannel("Browser sent a text frame containing invalid UTF-8",
408 kWebSocketErrorGoingAway,
409 ""));
410 // |this| has been deleted.
411 return;
412 }
413 sending_text_message_ = !fin;
414 DCHECK(!fin || state == StreamingUtf8Validator::VALID_ENDPOINT);
415 }
416 current_send_quota_ -= data.size();
417 // TODO(ricea): If current_send_quota_ has dropped below
418 // send_quota_low_water_mark_, it might be good to increase the "low
419 // water mark" and "high water mark", but only if the link to the WebSocket
420 // server is not saturated.
421 scoped_refptr<IOBuffer> buffer(new IOBuffer(data.size()));
422 std::copy(data.begin(), data.end(), buffer->data());
423 ignore_result(SendFrameFromIOBuffer(fin, op_code, buffer, data.size()));
424 // |this| may have been deleted.
425 }
426
427 void WebSocketChannel::SendFlowControl(int64 quota) {
428 DCHECK(state_ == CONNECTING || state_ == CONNECTED || state_ == SEND_CLOSED ||
429 state_ == CLOSE_WAIT);
430 // TODO(ricea): Kill the renderer if it tries to send us a negative quota
431 // value or > INT_MAX.
432 DCHECK_GE(quota, 0);
433 DCHECK_LE(quota, INT_MAX);
434 if (!pending_received_frames_.empty()) {
435 DCHECK_EQ(0u, current_receive_quota_);
436 }
437 while (!pending_received_frames_.empty() && quota > 0) {
438 PendingReceivedFrame& front = pending_received_frames_.front();
439 const uint64 data_size = front.size() - front.offset();
440 const uint64 bytes_to_send =
441 std::min(base::checked_cast<uint64>(quota), data_size);
442 const bool final = front.final() && data_size == bytes_to_send;
443 const char* data =
444 front.data().get() ? front.data()->data() + front.offset() : NULL;
445 DCHECK(!bytes_to_send || data) << "Non empty data should not be null.";
446 const std::vector<char> data_vector(data, data + bytes_to_send);
447 DVLOG(3) << "Sending frame previously split due to quota to the "
448 << "renderer: quota=" << quota << " data_size=" << data_size
449 << " bytes_to_send=" << bytes_to_send;
450 if (event_interface_->OnDataFrame(final, front.opcode(), data_vector) ==
451 CHANNEL_DELETED)
452 return;
453 if (bytes_to_send < data_size) {
454 front.DidConsume(bytes_to_send);
455 front.ResetOpcode();
456 return;
457 }
458 quota -= bytes_to_send;
459
460 pending_received_frames_.pop();
461 }
462 // If current_receive_quota_ == 0 then there is no pending ReadFrames()
463 // operation.
464 const bool start_read =
465 current_receive_quota_ == 0 && quota > 0 &&
466 (state_ == CONNECTED || state_ == SEND_CLOSED || state_ == CLOSE_WAIT);
467 current_receive_quota_ += quota;
468 if (start_read)
469 ignore_result(ReadFrames());
470 // |this| may have been deleted.
471 }
472
473 void WebSocketChannel::StartClosingHandshake(uint16 code,
474 const std::string& reason) {
475 if (InClosingState()) {
476 // When the associated renderer process is killed while the channel is in
477 // CLOSING state we reach here.
478 DVLOG(1) << "StartClosingHandshake called in state " << state_
479 << ". This may be a bug, or a harmless race.";
480 return;
481 }
482 if (state_ == CONNECTING) {
483 // Abort the in-progress handshake and drop the connection immediately.
484 stream_request_.reset();
485 SetState(CLOSED);
486 DoDropChannel(false, kWebSocketErrorAbnormalClosure, "");
487 return;
488 }
489 if (state_ != CONNECTED) {
490 NOTREACHED() << "StartClosingHandshake() called in state " << state_;
491 return;
492 }
493
494 DCHECK(!close_timer_.IsRunning());
495 // This use of base::Unretained() is safe because we stop the timer in the
496 // destructor.
497 close_timer_.Start(
498 FROM_HERE,
499 closing_handshake_timeout_,
500 base::Bind(&WebSocketChannel::CloseTimeout, base::Unretained(this)));
501
502 // Javascript actually only permits 1000 and 3000-4999, but the implementation
503 // itself may produce different codes. The length of |reason| is also checked
504 // by Javascript.
505 if (!IsStrictlyValidCloseStatusCode(code) ||
506 reason.size() > kMaximumCloseReasonLength) {
507 // "InternalServerError" is actually used for errors from any endpoint, per
508 // errata 3227 to RFC6455. If the renderer is sending us an invalid code or
509 // reason it must be malfunctioning in some way, and based on that we
510 // interpret this as an internal error.
511 if (SendClose(kWebSocketErrorInternalServerError, "") != CHANNEL_DELETED) {
512 DCHECK_EQ(CONNECTED, state_);
513 SetState(SEND_CLOSED);
514 }
515 return;
516 }
517 if (SendClose(
518 code,
519 StreamingUtf8Validator::Validate(reason) ? reason : std::string()) ==
520 CHANNEL_DELETED)
521 return;
522 DCHECK_EQ(CONNECTED, state_);
523 SetState(SEND_CLOSED);
524 }
525
526 void WebSocketChannel::SendAddChannelRequestForTesting(
527 const GURL& socket_url,
528 const std::vector<std::string>& requested_subprotocols,
529 const url::Origin& origin,
530 const WebSocketStreamCreator& creator) {
531 SendAddChannelRequestWithSuppliedCreator(
532 socket_url, requested_subprotocols, origin, creator);
533 }
534
535 void WebSocketChannel::SetClosingHandshakeTimeoutForTesting(
536 base::TimeDelta delay) {
537 closing_handshake_timeout_ = delay;
538 }
539
540 void WebSocketChannel::SetUnderlyingConnectionCloseTimeoutForTesting(
541 base::TimeDelta delay) {
542 underlying_connection_close_timeout_ = delay;
543 }
544
545 void WebSocketChannel::SendAddChannelRequestWithSuppliedCreator(
546 const GURL& socket_url,
547 const std::vector<std::string>& requested_subprotocols,
548 const url::Origin& origin,
549 const WebSocketStreamCreator& creator) {
550 DCHECK_EQ(FRESHLY_CONSTRUCTED, state_);
551 if (!socket_url.SchemeIsWSOrWSS()) {
552 // TODO(ricea): Kill the renderer (this error should have been caught by
553 // Javascript).
554 ignore_result(event_interface_->OnFailChannel("Invalid scheme"));
555 // |this| is deleted here.
556 return;
557 }
558 socket_url_ = socket_url;
559 scoped_ptr<WebSocketStream::ConnectDelegate> connect_delegate(
560 new ConnectDelegate(this));
561 stream_request_ = creator.Run(socket_url_,
562 requested_subprotocols,
563 origin,
564 url_request_context_,
565 BoundNetLog(),
566 connect_delegate.Pass());
567 SetState(CONNECTING);
568 }
569
570 void WebSocketChannel::OnConnectSuccess(scoped_ptr<WebSocketStream> stream) {
571 DCHECK(stream);
572 DCHECK_EQ(CONNECTING, state_);
573
574 stream_ = stream.Pass();
575
576 SetState(CONNECTED);
577
578 if (event_interface_->OnAddChannelResponse(stream_->GetSubProtocol(),
579 stream_->GetExtensions()) ==
580 CHANNEL_DELETED)
581 return;
582
583 // TODO(ricea): Get flow control information from the WebSocketStream once we
584 // have a multiplexing WebSocketStream.
585 current_send_quota_ = send_quota_high_water_mark_;
586 if (event_interface_->OnFlowControl(send_quota_high_water_mark_) ==
587 CHANNEL_DELETED)
588 return;
589
590 // |stream_request_| is not used once the connection has succeeded.
591 stream_request_.reset();
592
593 ignore_result(ReadFrames());
594 // |this| may have been deleted.
595 }
596
597 void WebSocketChannel::OnConnectFailure(const std::string& message) {
598 DCHECK_EQ(CONNECTING, state_);
599
600 // Copy the message before we delete its owner.
601 std::string message_copy = message;
602
603 SetState(CLOSED);
604 stream_request_.reset();
605
606 if (CHANNEL_DELETED ==
607 notification_sender_->SendImmediately(event_interface_.get())) {
608 // |this| has been deleted.
609 return;
610 }
611 ChannelState result = event_interface_->OnFailChannel(message_copy);
612 DCHECK_EQ(CHANNEL_DELETED, result);
613 // |this| has been deleted.
614 }
615
616 void WebSocketChannel::OnSSLCertificateError(
617 scoped_ptr<WebSocketEventInterface::SSLErrorCallbacks> ssl_error_callbacks,
618 const SSLInfo& ssl_info,
619 bool fatal) {
620 ignore_result(event_interface_->OnSSLCertificateError(
621 ssl_error_callbacks.Pass(), socket_url_, ssl_info, fatal));
622 }
623
624 void WebSocketChannel::OnStartOpeningHandshake(
625 scoped_ptr<WebSocketHandshakeRequestInfo> request) {
626 DCHECK(!notification_sender_->handshake_request_info());
627
628 // Because it is hard to handle an IPC error synchronously is difficult,
629 // we asynchronously notify the information.
630 notification_sender_->set_handshake_request_info(request.Pass());
631 ScheduleOpeningHandshakeNotification();
632 }
633
634 void WebSocketChannel::OnFinishOpeningHandshake(
635 scoped_ptr<WebSocketHandshakeResponseInfo> response) {
636 DCHECK(!notification_sender_->handshake_response_info());
637
638 // Because it is hard to handle an IPC error synchronously is difficult,
639 // we asynchronously notify the information.
640 notification_sender_->set_handshake_response_info(response.Pass());
641 ScheduleOpeningHandshakeNotification();
642 }
643
644 void WebSocketChannel::ScheduleOpeningHandshakeNotification() {
645 base::ThreadTaskRunnerHandle::Get()->PostTask(
646 FROM_HERE, base::Bind(HandshakeNotificationSender::Send,
647 notification_sender_->AsWeakPtr()));
648 }
649
650 ChannelState WebSocketChannel::WriteFrames() {
651 int result = OK;
652 do {
653 // This use of base::Unretained is safe because this object owns the
654 // WebSocketStream and destroying it cancels all callbacks.
655 result = stream_->WriteFrames(
656 data_being_sent_->frames(),
657 base::Bind(base::IgnoreResult(&WebSocketChannel::OnWriteDone),
658 base::Unretained(this),
659 false));
660 if (result != ERR_IO_PENDING) {
661 if (OnWriteDone(true, result) == CHANNEL_DELETED)
662 return CHANNEL_DELETED;
663 // OnWriteDone() returns CHANNEL_DELETED on error. Here |state_| is
664 // guaranteed to be the same as before OnWriteDone() call.
665 }
666 } while (result == OK && data_being_sent_);
667 return CHANNEL_ALIVE;
668 }
669
670 ChannelState WebSocketChannel::OnWriteDone(bool synchronous, int result) {
671 DCHECK_NE(FRESHLY_CONSTRUCTED, state_);
672 DCHECK_NE(CONNECTING, state_);
673 DCHECK_NE(ERR_IO_PENDING, result);
674 DCHECK(data_being_sent_);
675 switch (result) {
676 case OK:
677 if (data_to_send_next_) {
678 data_being_sent_ = data_to_send_next_.Pass();
679 if (!synchronous)
680 return WriteFrames();
681 } else {
682 data_being_sent_.reset();
683 if (current_send_quota_ < send_quota_low_water_mark_) {
684 // TODO(ricea): Increase low_water_mark and high_water_mark if
685 // throughput is high, reduce them if throughput is low. Low water
686 // mark needs to be >= the bandwidth delay product *of the IPC
687 // channel*. Because factors like context-switch time, thread wake-up
688 // time, and bus speed come into play it is complex and probably needs
689 // to be determined empirically.
690 DCHECK_LE(send_quota_low_water_mark_, send_quota_high_water_mark_);
691 // TODO(ricea): Truncate quota by the quota specified by the remote
692 // server, if the protocol in use supports quota.
693 int fresh_quota = send_quota_high_water_mark_ - current_send_quota_;
694 current_send_quota_ += fresh_quota;
695 return event_interface_->OnFlowControl(fresh_quota);
696 }
697 }
698 return CHANNEL_ALIVE;
699
700 // If a recoverable error condition existed, it would go here.
701
702 default:
703 DCHECK_LT(result, 0)
704 << "WriteFrames() should only return OK or ERR_ codes";
705
706 stream_->Close();
707 SetState(CLOSED);
708 return DoDropChannel(false, kWebSocketErrorAbnormalClosure, "");
709 }
710 }
711
712 ChannelState WebSocketChannel::ReadFrames() {
713 int result = OK;
714 while (result == OK && current_receive_quota_ > 0) {
715 // This use of base::Unretained is safe because this object owns the
716 // WebSocketStream, and any pending reads will be cancelled when it is
717 // destroyed.
718 result = stream_->ReadFrames(
719 &read_frames_,
720 base::Bind(base::IgnoreResult(&WebSocketChannel::OnReadDone),
721 base::Unretained(this),
722 false));
723 if (result != ERR_IO_PENDING) {
724 if (OnReadDone(true, result) == CHANNEL_DELETED)
725 return CHANNEL_DELETED;
726 }
727 DCHECK_NE(CLOSED, state_);
728 }
729 return CHANNEL_ALIVE;
730 }
731
732 ChannelState WebSocketChannel::OnReadDone(bool synchronous, int result) {
733 DCHECK_NE(FRESHLY_CONSTRUCTED, state_);
734 DCHECK_NE(CONNECTING, state_);
735 DCHECK_NE(ERR_IO_PENDING, result);
736 switch (result) {
737 case OK:
738 // ReadFrames() must use ERR_CONNECTION_CLOSED for a closed connection
739 // with no data read, not an empty response.
740 DCHECK(!read_frames_.empty())
741 << "ReadFrames() returned OK, but nothing was read.";
742 for (size_t i = 0; i < read_frames_.size(); ++i) {
743 scoped_ptr<WebSocketFrame> frame(read_frames_[i]);
744 read_frames_[i] = NULL;
745 if (HandleFrame(frame.Pass()) == CHANNEL_DELETED)
746 return CHANNEL_DELETED;
747 }
748 read_frames_.clear();
749 // There should always be a call to ReadFrames pending.
750 // TODO(ricea): Unless we are out of quota.
751 DCHECK_NE(CLOSED, state_);
752 if (!synchronous)
753 return ReadFrames();
754 return CHANNEL_ALIVE;
755
756 case ERR_WS_PROTOCOL_ERROR:
757 // This could be kWebSocketErrorProtocolError (specifically, non-minimal
758 // encoding of payload length) or kWebSocketErrorMessageTooBig, or an
759 // extension-specific error.
760 return FailChannel("Invalid frame header",
761 kWebSocketErrorProtocolError,
762 "WebSocket Protocol Error");
763
764 default:
765 DCHECK_LT(result, 0)
766 << "ReadFrames() should only return OK or ERR_ codes";
767
768 stream_->Close();
769 SetState(CLOSED);
770
771 uint16 code = kWebSocketErrorAbnormalClosure;
772 std::string reason = "";
773 bool was_clean = false;
774 if (has_received_close_frame_) {
775 code = received_close_code_;
776 reason = received_close_reason_;
777 was_clean = (result == ERR_CONNECTION_CLOSED);
778 }
779
780 return DoDropChannel(was_clean, code, reason);
781 }
782 }
783
784 ChannelState WebSocketChannel::HandleFrame(scoped_ptr<WebSocketFrame> frame) {
785 if (frame->header.masked) {
786 // RFC6455 Section 5.1 "A client MUST close a connection if it detects a
787 // masked frame."
788 return FailChannel(
789 "A server must not mask any frames that it sends to the "
790 "client.",
791 kWebSocketErrorProtocolError,
792 "Masked frame from server");
793 }
794 const WebSocketFrameHeader::OpCode opcode = frame->header.opcode;
795 DCHECK(!WebSocketFrameHeader::IsKnownControlOpCode(opcode) ||
796 frame->header.final);
797 if (frame->header.reserved1 || frame->header.reserved2 ||
798 frame->header.reserved3) {
799 return FailChannel(base::StringPrintf(
800 "One or more reserved bits are on: reserved1 = %d, "
801 "reserved2 = %d, reserved3 = %d",
802 static_cast<int>(frame->header.reserved1),
803 static_cast<int>(frame->header.reserved2),
804 static_cast<int>(frame->header.reserved3)),
805 kWebSocketErrorProtocolError,
806 "Invalid reserved bit");
807 }
808
809 // Respond to the frame appropriately to its type.
810 return HandleFrameByState(
811 opcode, frame->header.final, frame->data, frame->header.payload_length);
812 }
813
814 ChannelState WebSocketChannel::HandleFrameByState(
815 const WebSocketFrameHeader::OpCode opcode,
816 bool final,
817 const scoped_refptr<IOBuffer>& data_buffer,
818 uint64 size) {
819 DCHECK_NE(RECV_CLOSED, state_)
820 << "HandleFrame() does not support being called re-entrantly from within "
821 "SendClose()";
822 DCHECK_NE(CLOSED, state_);
823 if (state_ == CLOSE_WAIT) {
824 std::string frame_name;
825 GetFrameTypeForOpcode(opcode, &frame_name);
826
827 // FailChannel() won't send another Close frame.
828 return FailChannel(
829 frame_name + " received after close", kWebSocketErrorProtocolError, "");
830 }
831 switch (opcode) {
832 case WebSocketFrameHeader::kOpCodeText: // fall-thru
833 case WebSocketFrameHeader::kOpCodeBinary:
834 case WebSocketFrameHeader::kOpCodeContinuation:
835 return HandleDataFrame(opcode, final, data_buffer, size);
836
837 case WebSocketFrameHeader::kOpCodePing:
838 DVLOG(1) << "Got Ping of size " << size;
839 if (state_ == CONNECTED)
840 return SendFrameFromIOBuffer(
841 true, WebSocketFrameHeader::kOpCodePong, data_buffer, size);
842 DVLOG(3) << "Ignored ping in state " << state_;
843 return CHANNEL_ALIVE;
844
845 case WebSocketFrameHeader::kOpCodePong:
846 DVLOG(1) << "Got Pong of size " << size;
847 // There is no need to do anything with pong messages.
848 return CHANNEL_ALIVE;
849
850 case WebSocketFrameHeader::kOpCodeClose: {
851 // TODO(ricea): If there is a message which is queued for transmission to
852 // the renderer, then the renderer should not receive an
853 // OnClosingHandshake or OnDropChannel IPC until the queued message has
854 // been completedly transmitted.
855 uint16 code = kWebSocketNormalClosure;
856 std::string reason;
857 std::string message;
858 if (!ParseClose(data_buffer, size, &code, &reason, &message)) {
859 return FailChannel(message, code, reason);
860 }
861 // TODO(ricea): Find a way to safely log the message from the close
862 // message (escape control codes and so on).
863 DVLOG(1) << "Got Close with code " << code;
864 switch (state_) {
865 case CONNECTED:
866 SetState(RECV_CLOSED);
867
868 if (SendClose(code, reason) == CHANNEL_DELETED)
869 return CHANNEL_DELETED;
870 DCHECK_EQ(RECV_CLOSED, state_);
871
872 SetState(CLOSE_WAIT);
873 DCHECK(!close_timer_.IsRunning());
874 // This use of base::Unretained() is safe because we stop the timer
875 // in the destructor.
876 close_timer_.Start(
877 FROM_HERE,
878 underlying_connection_close_timeout_,
879 base::Bind(
880 &WebSocketChannel::CloseTimeout, base::Unretained(this)));
881
882 if (event_interface_->OnClosingHandshake() == CHANNEL_DELETED)
883 return CHANNEL_DELETED;
884 has_received_close_frame_ = true;
885 received_close_code_ = code;
886 received_close_reason_ = reason;
887 break;
888
889 case SEND_CLOSED:
890 SetState(CLOSE_WAIT);
891 DCHECK(close_timer_.IsRunning());
892 close_timer_.Stop();
893 // This use of base::Unretained() is safe because we stop the timer
894 // in the destructor.
895 close_timer_.Start(
896 FROM_HERE,
897 underlying_connection_close_timeout_,
898 base::Bind(
899 &WebSocketChannel::CloseTimeout, base::Unretained(this)));
900
901 // From RFC6455 section 7.1.5: "Each endpoint
902 // will see the status code sent by the other end as _The WebSocket
903 // Connection Close Code_."
904 has_received_close_frame_ = true;
905 received_close_code_ = code;
906 received_close_reason_ = reason;
907 break;
908
909 default:
910 LOG(DFATAL) << "Got Close in unexpected state " << state_;
911 break;
912 }
913 return CHANNEL_ALIVE;
914 }
915
916 default:
917 return FailChannel(
918 base::StringPrintf("Unrecognized frame opcode: %d", opcode),
919 kWebSocketErrorProtocolError,
920 "Unknown opcode");
921 }
922 }
923
924 ChannelState WebSocketChannel::HandleDataFrame(
925 WebSocketFrameHeader::OpCode opcode,
926 bool final,
927 const scoped_refptr<IOBuffer>& data_buffer,
928 uint64 size) {
929 if (state_ != CONNECTED) {
930 DVLOG(3) << "Ignored data packet received in state " << state_;
931 return CHANNEL_ALIVE;
932 }
933 DCHECK(opcode == WebSocketFrameHeader::kOpCodeContinuation ||
934 opcode == WebSocketFrameHeader::kOpCodeText ||
935 opcode == WebSocketFrameHeader::kOpCodeBinary);
936 const bool got_continuation =
937 (opcode == WebSocketFrameHeader::kOpCodeContinuation);
938 if (got_continuation != expecting_to_handle_continuation_) {
939 const std::string console_log = got_continuation
940 ? "Received unexpected continuation frame."
941 : "Received start of new message but previous message is unfinished.";
942 const std::string reason = got_continuation
943 ? "Unexpected continuation"
944 : "Previous data frame unfinished";
945 return FailChannel(console_log, kWebSocketErrorProtocolError, reason);
946 }
947 expecting_to_handle_continuation_ = !final;
948 WebSocketFrameHeader::OpCode opcode_to_send = opcode;
949 if (!initial_frame_forwarded_ &&
950 opcode == WebSocketFrameHeader::kOpCodeContinuation) {
951 opcode_to_send = receiving_text_message_
952 ? WebSocketFrameHeader::kOpCodeText
953 : WebSocketFrameHeader::kOpCodeBinary;
954 }
955 if (opcode == WebSocketFrameHeader::kOpCodeText ||
956 (opcode == WebSocketFrameHeader::kOpCodeContinuation &&
957 receiving_text_message_)) {
958 // This call is not redundant when size == 0 because it tells us what
959 // the current state is.
960 StreamingUtf8Validator::State state = incoming_utf8_validator_.AddBytes(
961 size ? data_buffer->data() : NULL, static_cast<size_t>(size));
962 if (state == StreamingUtf8Validator::INVALID ||
963 (state == StreamingUtf8Validator::VALID_MIDPOINT && final)) {
964 return FailChannel("Could not decode a text frame as UTF-8.",
965 kWebSocketErrorProtocolError,
966 "Invalid UTF-8 in text frame");
967 }
968 receiving_text_message_ = !final;
969 DCHECK(!final || state == StreamingUtf8Validator::VALID_ENDPOINT);
970 }
971 if (size == 0U && !final)
972 return CHANNEL_ALIVE;
973
974 initial_frame_forwarded_ = !final;
975 if (size > current_receive_quota_ || !pending_received_frames_.empty()) {
976 const bool no_quota = (current_receive_quota_ == 0);
977 DCHECK(no_quota || pending_received_frames_.empty());
978 DVLOG(3) << "Queueing frame to renderer due to quota. quota="
979 << current_receive_quota_ << " size=" << size;
980 WebSocketFrameHeader::OpCode opcode_to_queue =
981 no_quota ? opcode_to_send : WebSocketFrameHeader::kOpCodeContinuation;
982 pending_received_frames_.push(PendingReceivedFrame(
983 final, opcode_to_queue, data_buffer, current_receive_quota_, size));
984 if (no_quota)
985 return CHANNEL_ALIVE;
986 size = current_receive_quota_;
987 final = false;
988 }
989
990 // TODO(ricea): Can this copy be eliminated?
991 const char* const data_begin = size ? data_buffer->data() : NULL;
992 const char* const data_end = data_begin + size;
993 const std::vector<char> data(data_begin, data_end);
994 current_receive_quota_ -= size;
995
996 // Sends the received frame to the renderer process.
997 return event_interface_->OnDataFrame(final, opcode_to_send, data);
998 }
999
1000 ChannelState WebSocketChannel::SendFrameFromIOBuffer(
1001 bool fin,
1002 WebSocketFrameHeader::OpCode op_code,
1003 const scoped_refptr<IOBuffer>& buffer,
1004 uint64 size) {
1005 DCHECK(state_ == CONNECTED || state_ == RECV_CLOSED);
1006 DCHECK(stream_);
1007
1008 scoped_ptr<WebSocketFrame> frame(new WebSocketFrame(op_code));
1009 WebSocketFrameHeader& header = frame->header;
1010 header.final = fin;
1011 header.masked = true;
1012 header.payload_length = size;
1013 frame->data = buffer;
1014
1015 if (data_being_sent_) {
1016 // Either the link to the WebSocket server is saturated, or several messages
1017 // are being sent in a batch.
1018 // TODO(ricea): Keep some statistics to work out the situation and adjust
1019 // quota appropriately.
1020 if (!data_to_send_next_)
1021 data_to_send_next_.reset(new SendBuffer);
1022 data_to_send_next_->AddFrame(frame.Pass());
1023 return CHANNEL_ALIVE;
1024 }
1025
1026 data_being_sent_.reset(new SendBuffer);
1027 data_being_sent_->AddFrame(frame.Pass());
1028 return WriteFrames();
1029 }
1030
1031 ChannelState WebSocketChannel::FailChannel(const std::string& message,
1032 uint16 code,
1033 const std::string& reason) {
1034 DCHECK_NE(FRESHLY_CONSTRUCTED, state_);
1035 DCHECK_NE(CONNECTING, state_);
1036 DCHECK_NE(CLOSED, state_);
1037
1038 // TODO(ricea): Logging.
1039 if (state_ == CONNECTED) {
1040 if (SendClose(code, reason) == CHANNEL_DELETED)
1041 return CHANNEL_DELETED;
1042 }
1043
1044 // Careful study of RFC6455 section 7.1.7 and 7.1.1 indicates the browser
1045 // should close the connection itself without waiting for the closing
1046 // handshake.
1047 stream_->Close();
1048 SetState(CLOSED);
1049 ChannelState result = event_interface_->OnFailChannel(message);
1050 DCHECK_EQ(CHANNEL_DELETED, result);
1051 return result;
1052 }
1053
1054 ChannelState WebSocketChannel::SendClose(uint16 code,
1055 const std::string& reason) {
1056 DCHECK(state_ == CONNECTED || state_ == RECV_CLOSED);
1057 DCHECK_LE(reason.size(), kMaximumCloseReasonLength);
1058 scoped_refptr<IOBuffer> body;
1059 uint64 size = 0;
1060 if (code == kWebSocketErrorNoStatusReceived) {
1061 // Special case: translate kWebSocketErrorNoStatusReceived into a Close
1062 // frame with no payload.
1063 DCHECK(reason.empty());
1064 body = new IOBuffer(0);
1065 } else {
1066 const size_t payload_length = kWebSocketCloseCodeLength + reason.length();
1067 body = new IOBuffer(payload_length);
1068 size = payload_length;
1069 base::WriteBigEndian(body->data(), code);
1070 static_assert(sizeof(code) == kWebSocketCloseCodeLength,
1071 "they should both be two");
1072 std::copy(
1073 reason.begin(), reason.end(), body->data() + kWebSocketCloseCodeLength);
1074 }
1075 if (SendFrameFromIOBuffer(
1076 true, WebSocketFrameHeader::kOpCodeClose, body, size) ==
1077 CHANNEL_DELETED)
1078 return CHANNEL_DELETED;
1079 return CHANNEL_ALIVE;
1080 }
1081
1082 bool WebSocketChannel::ParseClose(const scoped_refptr<IOBuffer>& buffer,
1083 uint64 size,
1084 uint16* code,
1085 std::string* reason,
1086 std::string* message) {
1087 reason->clear();
1088 if (size < kWebSocketCloseCodeLength) {
1089 if (size == 0U) {
1090 *code = kWebSocketErrorNoStatusReceived;
1091 return true;
1092 }
1093
1094 DVLOG(1) << "Close frame with payload size " << size << " received "
1095 << "(the first byte is " << std::hex
1096 << static_cast<int>(buffer->data()[0]) << ")";
1097 *code = kWebSocketErrorProtocolError;
1098 *message =
1099 "Received a broken close frame containing an invalid size body.";
1100 return false;
1101 }
1102
1103 const char* data = buffer->data();
1104 uint16 unchecked_code = 0;
1105 base::ReadBigEndian(data, &unchecked_code);
1106 static_assert(sizeof(unchecked_code) == kWebSocketCloseCodeLength,
1107 "they should both be two bytes");
1108
1109 switch (unchecked_code) {
1110 case kWebSocketErrorNoStatusReceived:
1111 case kWebSocketErrorAbnormalClosure:
1112 case kWebSocketErrorTlsHandshake:
1113 *code = kWebSocketErrorProtocolError;
1114 *message =
1115 "Received a broken close frame containing a reserved status code.";
1116 return false;
1117
1118 default:
1119 *code = unchecked_code;
1120 break;
1121 }
1122
1123 std::string text(data + kWebSocketCloseCodeLength, data + size);
1124 if (StreamingUtf8Validator::Validate(text)) {
1125 reason->swap(text);
1126 return true;
1127 }
1128
1129 *code = kWebSocketErrorProtocolError;
1130 *reason = "Invalid UTF-8 in Close frame";
1131 *message = "Received a broken close frame containing invalid UTF-8.";
1132 return false;
1133 }
1134
1135 ChannelState WebSocketChannel::DoDropChannel(bool was_clean,
1136 uint16 code,
1137 const std::string& reason) {
1138 if (CHANNEL_DELETED ==
1139 notification_sender_->SendImmediately(event_interface_.get()))
1140 return CHANNEL_DELETED;
1141 ChannelState result =
1142 event_interface_->OnDropChannel(was_clean, code, reason);
1143 DCHECK_EQ(CHANNEL_DELETED, result);
1144 return result;
1145 }
1146
1147 void WebSocketChannel::CloseTimeout() {
1148 stream_->Close();
1149 SetState(CLOSED);
1150 DoDropChannel(false, kWebSocketErrorAbnormalClosure, "");
1151 // |this| has been deleted.
1152 }
1153
1154 } // namespace net