diff options
Diffstat (limited to '')
-rw-r--r-- | netwerk/protocol/http/nsHttpConnectionInfo.h | 280 |
1 files changed, 280 insertions, 0 deletions
diff --git a/netwerk/protocol/http/nsHttpConnectionInfo.h b/netwerk/protocol/http/nsHttpConnectionInfo.h new file mode 100644 index 0000000000..c1b22f48eb --- /dev/null +++ b/netwerk/protocol/http/nsHttpConnectionInfo.h @@ -0,0 +1,280 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set sw=2 ts=8 et tw=80 : */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef nsHttpConnectionInfo_h__ +#define nsHttpConnectionInfo_h__ + +#include "nsHttp.h" +#include "nsProxyInfo.h" +#include "nsCOMPtr.h" +#include "nsStringFwd.h" +#include "mozilla/Logging.h" +#include "mozilla/BasePrincipal.h" +#include "mozilla/AlreadyAddRefed.h" +#include "ARefBase.h" + +//----------------------------------------------------------------------------- +// nsHttpConnectionInfo - holds the properties of a connection +//----------------------------------------------------------------------------- + +// http:// uris through a proxy will all share the same CI, because they can +// all use the same connection. (modulo pb and anonymous flags). They just use +// the proxy as the origin host name. +// however, https:// uris tunnel through the proxy so they will have different +// CIs - the CI reflects both the proxy and the origin. +// however, proxy conenctions made with http/2 (or spdy) can tunnel to the +// origin and multiplex non tunneled transactions at the same time, so they have +// a special wildcard CI that accepts all origins through that proxy. + +class nsISVCBRecord; + +namespace mozilla { +namespace net { + +extern LazyLogModule gHttpLog; +class HttpConnectionInfoCloneArgs; +class nsHttpTransaction; + +class nsHttpConnectionInfo final : public ARefBase { + public: + nsHttpConnectionInfo(const nsACString& originHost, int32_t originPort, + const nsACString& npnToken, const nsACString& username, + const nsACString& topWindowOrigin, + nsProxyInfo* proxyInfo, + const OriginAttributes& originAttributes, + bool endToEndSSL = false, bool aIsHttp3 = false); + + // this version must use TLS and you may supply separate + // connection (aka routing) information than the authenticated + // origin information + nsHttpConnectionInfo(const nsACString& originHost, int32_t originPort, + const nsACString& npnToken, const nsACString& username, + const nsACString& topWindowOrigin, + nsProxyInfo* proxyInfo, + const OriginAttributes& originAttributes, + const nsACString& routedHost, int32_t routedPort, + bool aIsHttp3); + + static void SerializeHttpConnectionInfo(nsHttpConnectionInfo* aInfo, + HttpConnectionInfoCloneArgs& aArgs); + static already_AddRefed<nsHttpConnectionInfo> + DeserializeHttpConnectionInfoCloneArgs( + const HttpConnectionInfoCloneArgs& aInfoArgs); + + private: + virtual ~nsHttpConnectionInfo() { + MOZ_LOG(gHttpLog, LogLevel::Debug, + ("Destroying nsHttpConnectionInfo @%p\n", this)); + } + + void BuildHashKey(); + void RebuildHashKey(); + + public: + const nsCString& HashKey() const { return mHashKey; } + + const nsCString& GetOrigin() const { return mOrigin; } + const char* Origin() const { return mOrigin.get(); } + int32_t OriginPort() const { return mOriginPort; } + + const nsCString& GetRoutedHost() const { return mRoutedHost; } + const char* RoutedHost() const { return mRoutedHost.get(); } + int32_t RoutedPort() const { return mRoutedPort; } + + // OK to treat these as an infalible allocation + already_AddRefed<nsHttpConnectionInfo> Clone() const; + // This main prupose of this function is to clone this connection info, but + // replace mRoutedHost with SvcDomainName in the given SVCB record. Note that + // if SvcParamKeyPort and SvcParamKeyAlpn are presented in the SVCB record, + // mRoutedPort and mNPNToken will be replaced as well. + already_AddRefed<nsHttpConnectionInfo> CloneAndAdoptHTTPSSVCRecord( + nsISVCBRecord* aRecord) const; + void CloneAsDirectRoute(nsHttpConnectionInfo** outParam); + [[nodiscard]] nsresult CreateWildCard(nsHttpConnectionInfo** outParam); + + const char* ProxyHost() const { + return mProxyInfo ? mProxyInfo->Host().get() : nullptr; + } + int32_t ProxyPort() const { return mProxyInfo ? mProxyInfo->Port() : -1; } + const char* ProxyType() const { + return mProxyInfo ? mProxyInfo->Type() : nullptr; + } + const char* ProxyUsername() const { + return mProxyInfo ? mProxyInfo->Username().get() : nullptr; + } + const char* ProxyPassword() const { + return mProxyInfo ? mProxyInfo->Password().get() : nullptr; + } + + const nsCString& ProxyAuthorizationHeader() const { + return mProxyInfo ? mProxyInfo->ProxyAuthorizationHeader() : EmptyCString(); + } + const nsCString& ConnectionIsolationKey() const { + return mProxyInfo ? mProxyInfo->ConnectionIsolationKey() : EmptyCString(); + } + + // Compare this connection info to another... + // Two connections are 'equal' if they end up talking the same + // protocol to the same server. This is needed to properly manage + // persistent connections to proxies + // Note that we don't care about transparent proxies - + // it doesn't matter if we're talking via socks or not, since + // a request will end up at the same host. + bool Equals(const nsHttpConnectionInfo* info) { + return mHashKey.Equals(info->HashKey()); + } + + const char* Username() const { return mUsername.get(); } + nsProxyInfo* ProxyInfo() const { return mProxyInfo; } + int32_t DefaultPort() const { + return mEndToEndSSL ? NS_HTTPS_DEFAULT_PORT : NS_HTTP_DEFAULT_PORT; + } + void SetAnonymous(bool anon) { mHashKey.SetCharAt(anon ? 'A' : '.', 2); } + bool GetAnonymous() const { return mHashKey.CharAt(2) == 'A'; } + void SetPrivate(bool priv) { mHashKey.SetCharAt(priv ? 'P' : '.', 3); } + bool GetPrivate() const { return mHashKey.CharAt(3) == 'P'; } + void SetInsecureScheme(bool insecureScheme) { + mHashKey.SetCharAt(insecureScheme ? 'I' : '.', 4); + } + bool GetInsecureScheme() const { return mHashKey.CharAt(4) == 'I'; } + + void SetNoSpdy(bool aNoSpdy) { mHashKey.SetCharAt(aNoSpdy ? 'X' : '.', 5); } + bool GetNoSpdy() const { return mHashKey.CharAt(5) == 'X'; } + + void SetBeConservative(bool aBeConservative) { + mHashKey.SetCharAt(aBeConservative ? 'C' : '.', 6); + } + bool GetBeConservative() const { return mHashKey.CharAt(6) == 'C'; } + + void SetIsolated(bool aIsolated) { + mIsolated = aIsolated; + RebuildHashKey(); + } + bool GetIsolated() const { return mIsolated; } + + void SetTlsFlags(uint32_t aTlsFlags); + uint32_t GetTlsFlags() const { return mTlsFlags; } + + // IsTrrServiceChannel means that this connection is used to send TRR requests + // over + void SetIsTrrServiceChannel(bool aIsTRRChannel) { + mIsTrrServiceChannel = aIsTRRChannel; + } + bool GetIsTrrServiceChannel() const { return mIsTrrServiceChannel; } + + void SetTRRMode(nsIRequest::TRRMode aTRRMode); + nsIRequest::TRRMode GetTRRMode() const { return mTRRMode; } + + void SetIPv4Disabled(bool aNoIPv4); + bool GetIPv4Disabled() const { return mIPv4Disabled; } + + void SetIPv6Disabled(bool aNoIPv6); + bool GetIPv6Disabled() const { return mIPv6Disabled; } + + const nsCString& GetNPNToken() { return mNPNToken; } + const nsCString& GetUsername() { return mUsername; } + const nsCString& GetTopWindowOrigin() { return mTopWindowOrigin; } + + const OriginAttributes& GetOriginAttributes() { return mOriginAttributes; } + + // Returns true for any kind of proxy (http, socks, https, etc..) + bool UsingProxy(); + + // Returns true when proxying over HTTP or HTTPS + bool UsingHttpProxy() const { return mUsingHttpProxy || mUsingHttpsProxy; } + + // Returns true when proxying over HTTPS + bool UsingHttpsProxy() const { return mUsingHttpsProxy; } + + // Returns true when a resource is in SSL end to end (e.g. https:// uri) + bool EndToEndSSL() const { return mEndToEndSSL; } + + // Returns true when at least first hop is SSL (e.g. proxy over https or https + // uri) + bool FirstHopSSL() const { return mEndToEndSSL || mUsingHttpsProxy; } + + // Returns true when CONNECT is used to tunnel through the proxy (e.g. + // https:// or ws://) + bool UsingConnect() const { return mUsingConnect; } + + // Returns true when origin/proxy is an RFC1918 literal. + bool HostIsLocalIPLiteral() const; + + bool GetLessThanTls13() const { return mLessThanTls13; } + void SetLessThanTls13(bool aLessThanTls13) { + mLessThanTls13 = aLessThanTls13; + } + + bool IsHttp3() const { return mIsHttp3; } + + void SetHasIPHintAddress(bool aHasIPHint) { mHasIPHintAddress = aHasIPHint; } + bool HasIPHintAddress() const { return mHasIPHintAddress; } + + void SetEchConfig(const nsACString& aEchConfig) { mEchConfig = aEchConfig; } + const nsCString& GetEchConfig() const { return mEchConfig; } + + private: + // These constructor versions are intended to be used from Clone() and + // DeserializeHttpConnectionInfoCloneArgs(). + nsHttpConnectionInfo(const nsACString& originHost, int32_t originPort, + const nsACString& npnToken, const nsACString& username, + const nsACString& topWindowOrigin, + nsProxyInfo* proxyInfo, + const OriginAttributes& originAttributes, + bool endToEndSSL, bool isolated, bool aIsHttp3); + nsHttpConnectionInfo(const nsACString& originHost, int32_t originPort, + const nsACString& npnToken, const nsACString& username, + const nsACString& topWindowOrigin, + nsProxyInfo* proxyInfo, + const OriginAttributes& originAttributes, + const nsACString& routedHost, int32_t routedPort, + bool isolated, bool aIsHttp3); + + void Init(const nsACString& host, int32_t port, const nsACString& npnToken, + const nsACString& username, const nsACString& topWindowOrigin, + nsProxyInfo* proxyInfo, const OriginAttributes& originAttributes, + bool EndToEndSSL, bool aIsHttp3); + void SetOriginServer(const nsACString& host, int32_t port); + + nsCString mOrigin; + int32_t mOriginPort; + nsCString mRoutedHost; + int32_t mRoutedPort; + + nsCString mHashKey; + nsCString mUsername; + nsCString mTopWindowOrigin; + nsCOMPtr<nsProxyInfo> mProxyInfo; + bool mUsingHttpProxy; + bool mUsingHttpsProxy; + bool mEndToEndSSL; + bool mUsingConnect; // if will use CONNECT with http proxy + nsCString mNPNToken; + OriginAttributes mOriginAttributes; + nsIRequest::TRRMode mTRRMode; + + uint32_t mTlsFlags; + uint16_t mIsolated : 1; + uint16_t mIsTrrServiceChannel : 1; + uint16_t mIPv4Disabled : 1; + uint16_t mIPv6Disabled : 1; + + bool mLessThanTls13; // This will be set to true if we negotiate less than + // tls1.3. If the tls version is till not know or it + // is 1.3 or greater the value will be false. + bool mIsHttp3; + + bool mHasIPHintAddress = false; + nsCString mEchConfig; + + // for RefPtr + NS_INLINE_DECL_THREADSAFE_REFCOUNTING(nsHttpConnectionInfo, override) +}; + +} // namespace net +} // namespace mozilla + +#endif // nsHttpConnectionInfo_h__ |