netwerk/socket/nsSOCKSSocketProvider.cpp

   1 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*-
   2  *
   3  * This Source Code Form is subject to the terms of the Mozilla Public
   4  * License, v. 2.0. If a copy of the MPL was not distributed with this
   5  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
   6
   7 #include "nsNamedPipeIOLayer.h"
   8 #include "nsSOCKSSocketProvider.h"
   9 #include "nsSOCKSIOLayer.h"
  10 #include "nsCOMPtr.h"
  11 #include "nsError.h"
  12
  13 using mozilla::OriginAttributes;
  14 using namespace mozilla::net;
  15
  16 //////////////////////////////////////////////////////////////////////////
  17
  18 NS_IMPL_ISUPPORTS(nsSOCKSSocketProvider, nsISocketProvider)
  19
  20 // Per-platform implemenation of OpenTCPSocket helper function
  21 // Different platforms have special cases to handle
  22
  23 #if defined(XP_WIN)
  24 // The proxy host on Windows may be a named pipe uri, in which
  25 // case a named-pipe (rather than a socket) should be returned
  26 static PRFileDesc* OpenTCPSocket(int32_t family, nsIProxyInfo* proxy) {
  27   PRFileDesc* sock = nullptr;
  28
  29   nsAutoCString proxyHost;
  30   proxy->GetHost(proxyHost);
  31   if (IsNamedPipePath(proxyHost)) {
  32     sock = CreateNamedPipeLayer();
  33   } else {
  34     sock = PR_OpenTCPSocket(family);
  35   }
  36
  37   return sock;
  38 }
  39 #elif defined(XP_UNIX)
  40 // The proxy host on UNIX systems may point to a local file uri
  41 // in which case we should create an AF_LOCAL (UNIX Domain) socket
  42 // instead of the requested AF_INET or AF_INET6 socket.
  43
  44 // Normally,this socket would get thrown out and recreated later on
  45 // with the proper family, but we want to do it early here so that
  46 // we can enforce seccomp policy to blacklist socket(AF_INET) calls
  47 // to prevent the content sandbox from creating network requests
  48 static PRFileDesc* OpenTCPSocket(int32_t family, nsIProxyInfo* proxy) {
  49   nsAutoCString proxyHost;
  50   proxy->GetHost(proxyHost);
  51   if (StringBeginsWith(proxyHost, "file://"_ns)) {
  52     family = AF_LOCAL;
  53   }
  54
  55   return PR_OpenTCPSocket(family);
  56 }
  57 #else
  58 // Default, pass-through to PR_OpenTCPSocket
  59 static PRFileDesc* OpenTCPSocket(int32_t family, nsIProxyInfo*) {
  60   return PR_OpenTCPSocket(family);
  61 }
  62 #endif
  63
  64 NS_IMETHODIMP
  65 nsSOCKSSocketProvider::NewSocket(int32_t family, const char* host, int32_t port,
  66                                  nsIProxyInfo* proxy,
  67                                  const OriginAttributes& originAttributes,
  68                                  uint32_t flags, uint32_t tlsFlags,
  69                                  PRFileDesc** result,
  70                                  nsITLSSocketControl** tlsSocketControl) {
  71   PRFileDesc* sock = OpenTCPSocket(family, proxy);
  72   if (!sock) {
  73     return NS_ERROR_OUT_OF_MEMORY;
  74   }
  75
  76   nsresult rv = nsSOCKSIOLayerAddToSocket(family, host, port, proxy, mVersion,
  77                                           flags, tlsFlags, sock);
  78   if (NS_SUCCEEDED(rv)) {
  79     *result = sock;
  80     return NS_OK;
  81   }
  82
  83   return NS_ERROR_SOCKET_CREATE_FAILED;
  84 }
  85
  86 NS_IMETHODIMP
  87 nsSOCKSSocketProvider::AddToSocket(int32_t family, const char* host,
  88                                    int32_t port, nsIProxyInfo* proxy,
  89                                    const OriginAttributes& originAttributes,
  90                                    uint32_t flags, uint32_t tlsFlags,
  91                                    PRFileDesc* sock,
  92                                    nsITLSSocketControl** tlsSocketControl) {
  93   nsresult rv = nsSOCKSIOLayerAddToSocket(family, host, port, proxy, mVersion,
  94                                           flags, tlsFlags, sock);
  95
  96   if (NS_FAILED(rv)) rv = NS_ERROR_SOCKET_CREATE_FAILED;
  97   return rv;
  98 }