search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Backed out changeset 36e95068e103 (bug 1848160) for bc failures on browser_preference...
[gecko.git] / netwerk / base / BackgroundFileSaver.h
blob214aa31d10560950b87d1048b45f01bd4135b512
1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim: set ts=2 et sw=2 tw=80: */
3 /* This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6
7 /**
8 * This file defines two implementations of the nsIBackgroundFileSaver
9 * interface. See the "test_backgroundfilesaver.js" file for usage examples.
10 */
11
12 #ifndef BackgroundFileSaver_h__
13 #define BackgroundFileSaver_h__
14
15 #include "ScopedNSSTypes.h"
16 #include "mozilla/Mutex.h"
17 #include "nsCOMArray.h"
18 #include "nsCOMPtr.h"
19 #include "nsIAsyncOutputStream.h"
20 #include "nsIBackgroundFileSaver.h"
21 #include "nsIStreamListener.h"
22 #include "nsStreamUtils.h"
23 #include "nsString.h"
24
25 class nsIAsyncInputStream;
26 class nsISerialEventTarget;
27
28 namespace mozilla {
29 namespace net {
30
31 class DigestOutputStream;
32
33 ////////////////////////////////////////////////////////////////////////////////
34 //// BackgroundFileSaver
35
36 class BackgroundFileSaver : public nsIBackgroundFileSaver {
37 public:
38 NS_DECL_NSIBACKGROUNDFILESAVER
39
40 BackgroundFileSaver();
41
42 /**
43 * Initializes the pipe and the worker thread on XPCOM construction.
44 *
45 * This is called automatically by the XPCOM infrastructure, and if this
46 * fails, the factory will delete this object without returning a reference.
47 */
48 nsresult Init();
49
50 /**
51 * Number of worker threads that are currently running.
52 */
53 static uint32_t sThreadCount;
54
55 /**
56 * Maximum number of worker threads reached during the current download
57 * session, used for telemetry.
58 *
59 * When there are no more worker threads running, we consider the download
60 * session finished, and this counter is reset.
61 */
62 static uint32_t sTelemetryMaxThreadCount;
63
64 protected:
65 virtual ~BackgroundFileSaver();
66
67 /**
68 * Thread that constructed this object.
69 */
70 nsCOMPtr<nsIEventTarget> mControlEventTarget;
71
72 /**
73 * Thread to which the actual input/output is delegated.
74 */
75 nsCOMPtr<nsISerialEventTarget> mBackgroundET;
76
77 /**
78 * Stream that receives data from derived classes. The received data will be
79 * available to the worker thread through mPipeInputStream. This is an
80 * instance of nsPipeOutputStream, not BackgroundFileSaverOutputStream.
81 */
82 nsCOMPtr<nsIAsyncOutputStream> mPipeOutputStream;
83
84 /**
85 * Used during initialization, determines if the pipe is created with an
86 * infinite buffer. An infinite buffer is required if the derived class
87 * implements nsIStreamListener, because this interface requires all the
88 * provided data to be consumed synchronously.
89 */
90 virtual bool HasInfiniteBuffer() = 0;
91
92 /**
93 * Used by derived classes if they need to be called back while copying.
94 */
95 virtual nsAsyncCopyProgressFun GetProgressCallback() = 0;
96
97 /**
98 * Stream used by the worker thread to read the data to be saved.
99 */
100 nsCOMPtr<nsIAsyncInputStream> mPipeInputStream;
101
102 private:
103 friend class NotifyTargetChangeRunnable;
104
105 /**
106 * Matches the nsIBackgroundFileSaver::observer property.
107 *
108 * @remarks This is a strong reference so that JavaScript callers don't need
109 * to worry about keeping another reference to the observer.
110 */
111 nsCOMPtr<nsIBackgroundFileSaverObserver> mObserver;
112
113 //////////////////////////////////////////////////////////////////////////////
114 //// Shared state between control and worker threads
115
116 /**
117 * Protects the shared state between control and worker threads. This mutex
118 * is always locked for a very short time, never during input/output.
119 */
120 mozilla::Mutex mLock{"BackgroundFileSaver.mLock"};
121
122 /**
123 * True if the worker thread is already waiting to process a change in state.
124 */
125 bool mWorkerThreadAttentionRequested MOZ_GUARDED_BY(mLock){false};
126
127 /**
128 * True if the operation should finish as soon as possibile.
129 */
130 bool mFinishRequested MOZ_GUARDED_BY(mLock){false};
131
132 /**
133 * True if the operation completed, with either success or failure.
134 */
135 bool mComplete MOZ_GUARDED_BY(mLock){false};
136
137 /**
138 * Holds the current file saver status. This is a success status while the
139 * object is working correctly, and remains such if the operation completes
140 * successfully. This becomes an error status when an error occurs on the
141 * worker thread, or when the operation is canceled.
142 */
143 nsresult mStatus MOZ_GUARDED_BY(mLock){NS_OK};
144
145 /**
146 * True if we should append data to the initial target file, instead of
147 * overwriting it.
148 */
149 bool mAppend MOZ_GUARDED_BY(mLock){false};
150
151 /**
152 * This is set by the first SetTarget call on the control thread, and contains
153 * the target file name that will be used by the worker thread, as soon as it
154 * is possible to update mActualTarget and open the file. This is null if no
155 * target was ever assigned to this object.
156 */
157 nsCOMPtr<nsIFile> mInitialTarget MOZ_GUARDED_BY(mLock);
158
159 /**
160 * This is set by the first SetTarget call on the control thread, and
161 * indicates whether mInitialTarget should be kept as partially completed,
162 * rather than deleted, if the operation fails or is canceled.
163 */
164 bool mInitialTargetKeepPartial MOZ_GUARDED_BY(mLock){false};
165
166 /**
167 * This is set by subsequent SetTarget calls on the control thread, and
168 * contains the new target file name to which the worker thread will move the
169 * target file, as soon as it can be done. This is null if SetTarget was
170 * called only once, or no target was ever assigned to this object.
171 *
172 * The target file can be renamed multiple times, though only the most recent
173 * rename is guaranteed to be processed by the worker thread.
174 */
175 nsCOMPtr<nsIFile> mRenamedTarget MOZ_GUARDED_BY(mLock);
176
177 /**
178 * This is set by subsequent SetTarget calls on the control thread, and
179 * indicates whether mRenamedTarget should be kept as partially completed,
180 * rather than deleted, if the operation fails or is canceled.
181 */
182 bool mRenamedTargetKeepPartial MOZ_GUARDED_BY(mLock){false};
183
184 /**
185 * While NS_AsyncCopy is in progress, allows canceling it. Null otherwise.
186 * This is read by both threads but only written by the worker thread.
187 */
188 nsCOMPtr<nsISupports> mAsyncCopyContext MOZ_GUARDED_BY(mLock);
189
190 /**
191 * The SHA 256 hash in raw bytes of the downloaded file. This is written
192 * by the worker thread but can be read on the main thread.
193 */
194 nsCString mSha256 MOZ_GUARDED_BY(mLock);
195
196 /**
197 * Whether or not to compute the hash. Must be set on the main thread before
198 * setTarget is called.
199 */
200 bool mSha256Enabled MOZ_GUARDED_BY(mLock){false};
201
202 /**
203 * Store the signature info.
204 */
205 nsTArray<nsTArray<nsTArray<uint8_t>>> mSignatureInfo MOZ_GUARDED_BY(mLock);
206
207 /**
208 * Whether or not to extract the signature. Must be set on the main thread
209 * before setTarget is called.
210 */
211 bool mSignatureInfoEnabled MOZ_GUARDED_BY(mLock){false};
212
213 //////////////////////////////////////////////////////////////////////////////
214 //// State handled exclusively by the worker thread
215
216 /**
217 * Current target file associated to the input and output streams.
218 */
219 nsCOMPtr<nsIFile> mActualTarget;
220
221 /**
222 * Indicates whether mActualTarget should be kept as partially completed,
223 * rather than deleted, if the operation fails or is canceled.
224 */
225 bool mActualTargetKeepPartial{false};
226
227 /**
228 * Used to calculate the file hash. This keeps state across file renames and
229 * is lazily initialized in ProcessStateChange.
230 */
231 Maybe<Digest> mDigest;
232
233 //////////////////////////////////////////////////////////////////////////////
234 //// Private methods
235
236 /**
237 * Called when NS_AsyncCopy completes.
238 *
239 * @param aClosure
240 * Populated with a raw pointer to the BackgroundFileSaver object.
241 * @param aStatus
242 * Success or failure status specified when the copy was interrupted.
243 */
244 static void AsyncCopyCallback(void* aClosure, nsresult aStatus);
245
246 /**
247 * Called on the control thread after state changes, to ensure that the worker
248 * thread will process the state change appropriately.
249 *
250 * @param aShouldInterruptCopy
251 * If true, the current NS_AsyncCopy, if any, is canceled.
252 */
253 nsresult GetWorkerThreadAttention(bool aShouldInterruptCopy);
254
255 /**
256 * Event called on the worker thread to begin processing a state change.
257 */
258 nsresult ProcessAttention();
259
260 /**
261 * Called by ProcessAttention to execute the operations corresponding to the
262 * state change. If this results in an error, ProcessAttention will force the
263 * entire operation to be aborted.
264 */
265 nsresult ProcessStateChange();
266
267 /**
268 * Returns true if completion conditions are met on the worker thread. The
269 * first time this happens, posts the completion event to the control thread.
270 */
271 bool CheckCompletion();
272
273 /**
274 * Event called on the control thread to indicate that file contents will now
275 * be saved to the specified file.
276 */
277 nsresult NotifyTargetChange(nsIFile* aTarget);
278
279 /**
280 * Event called on the control thread to send the final notification.
281 */
282 nsresult NotifySaveComplete();
283
284 /**
285 * Verifies the signature of the binary at the specified file path and stores
286 * the signature data in mSignatureInfo. We extract only X.509 certificates,
287 * since that is what Google's Safebrowsing protocol specifies.
288 */
289 nsresult ExtractSignatureInfo(const nsAString& filePath);
290 };
291
292 ////////////////////////////////////////////////////////////////////////////////
293 //// BackgroundFileSaverOutputStream
294
295 class BackgroundFileSaverOutputStream : public BackgroundFileSaver,
296 public nsIAsyncOutputStream,
297 public nsIOutputStreamCallback {
298 public:
299 NS_DECL_THREADSAFE_ISUPPORTS
300 NS_DECL_NSIOUTPUTSTREAM
301 NS_DECL_NSIASYNCOUTPUTSTREAM
302 NS_DECL_NSIOUTPUTSTREAMCALLBACK
303
304 BackgroundFileSaverOutputStream();
305
306 protected:
307 virtual bool HasInfiniteBuffer() override;
308 virtual nsAsyncCopyProgressFun GetProgressCallback() override;
309
310 private:
311 ~BackgroundFileSaverOutputStream() = default;
312
313 /**
314 * Original callback provided to our AsyncWait wrapper.
315 */
316 nsCOMPtr<nsIOutputStreamCallback> mAsyncWaitCallback;
317 };
318
319 ////////////////////////////////////////////////////////////////////////////////
320 //// BackgroundFileSaverStreamListener. This class is instantiated by
321 // nsExternalHelperAppService, DownloadCore.sys.mjs, and possibly others.
322
323 class BackgroundFileSaverStreamListener final : public BackgroundFileSaver,
324 public nsIStreamListener {
325 public:
326 NS_DECL_THREADSAFE_ISUPPORTS
327 NS_DECL_NSIREQUESTOBSERVER
328 NS_DECL_NSISTREAMLISTENER
329
330 BackgroundFileSaverStreamListener() = default;
331
332 protected:
333 virtual bool HasInfiniteBuffer() override;
334 virtual nsAsyncCopyProgressFun GetProgressCallback() override;
335
336 private:
337 ~BackgroundFileSaverStreamListener() = default;
338
339 /**
340 * Protects the state related to whether the request should be suspended.
341 */
342 mozilla::Mutex mSuspensionLock{
343 "BackgroundFileSaverStreamListener.mSuspensionLock"};
344
345 /**
346 * Whether we should suspend the request because we received too much data.
347 */
348 bool mReceivedTooMuchData MOZ_GUARDED_BY(mSuspensionLock){false};
349
350 /**
351 * Request for which we received too much data. This is populated when
352 * mReceivedTooMuchData becomes true for the first time.
353 */
354 nsCOMPtr<nsIRequest> mRequest MOZ_GUARDED_BY(mSuspensionLock);
355
356 /**
357 * Whether mRequest is currently suspended.
358 */
359 bool mRequestSuspended MOZ_GUARDED_BY(mSuspensionLock){false};
360
361 /**
362 * Called while NS_AsyncCopy is copying data.
363 */
364 static void AsyncCopyProgressCallback(void* aClosure, uint32_t aCount);
365
366 /**
367 * Called on the control thread to suspend or resume the request.
368 */
369 nsresult NotifySuspendOrResume();
370 };
371
372 // A wrapper around nsIOutputStream, so that we can compute hashes on the
373 // stream without copying and without polluting pristine NSS code with XPCOM
374 // interfaces.
375 class DigestOutputStream : public nsIOutputStream {
376 public:
377 NS_DECL_THREADSAFE_ISUPPORTS
378 NS_DECL_NSIOUTPUTSTREAM
379 // Constructor. Neither parameter may be null. The caller owns both.
380 DigestOutputStream(nsIOutputStream* aStream, Digest& aDigest);
381
382 private:
383 virtual ~DigestOutputStream() = default;
384
385 // Calls to write are passed to this stream.
386 nsCOMPtr<nsIOutputStream> mOutputStream;
387 // Digest used to compute the hash, owned by the caller.
388 Digest& mDigest;
389
390 // Don't accidentally copy construct.
391 DigestOutputStream(const DigestOutputStream& d) = delete;
392 };
393
394 } // namespace net
395 } // namespace mozilla
396
397 #endif