netwerk/protocol/http/AlternateServices.h


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190

/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

/*
Alt-Svc allows separation of transport routing from the origin host without
using a proxy. See https://httpwg.github.io/http-extensions/alt-svc.html and
https://tools.ietf.org/html/draft-ietf-httpbis-alt-svc-06

 Nice To Have Future Enhancements::
 * flush on network change event when we have an indicator
 * use established https channel for http instead separate of conninfo hash
 * pin via http-tls header
 * clear based on origin when a random fail happens not just 421
 * upon establishment of channel, cancel and retry trans that have not yet written anything
 * persistent storage (including private browsing filter)
 * memory reporter for cache, but this is rather tiny
*/

#ifndef mozilla_net_AlternateServices_h
#define mozilla_net_AlternateServices_h

#include "mozilla/DataStorage.h"
#include "nsRefPtrHashtable.h"
#include "nsString.h"
#include "nsIInterfaceRequestor.h"
#include "nsIStreamListener.h"
#include "nsISpeculativeConnect.h"
#include "mozilla/BasePrincipal.h"

class nsILoadInfo;

namespace mozilla { namespace net {

class nsProxyInfo;
class nsHttpConnectionInfo;
class nsHttpTransaction;
class nsHttpChannel;
class WellKnownChecker;

class AltSvcMapping
{
  NS_INLINE_DECL_THREADSAFE_REFCOUNTING(AltSvcMapping)

private: // ctor from ProcessHeader
  AltSvcMapping(DataStorage *storage,
                int32_t storageEpoch,
                const nsACString &originScheme,
                const nsACString &originHost,
                int32_t originPort,
                const nsACString &username,
                bool privateBrowsing,
                uint32_t expiresAt,
                const nsACString &alternateHost,
                int32_t alternatePort,
                const nsACString &npnToken);
public:
  AltSvcMapping(DataStorage *storage, int32_t storageEpoch, const nsCString &serialized);

  static void ProcessHeader(const nsCString &buf, const nsCString &originScheme,
                            const nsCString &originHost, int32_t originPort,
                            const nsACString &username, bool privateBrowsing,
                            nsIInterfaceRequestor *callbacks, nsProxyInfo *proxyInfo,
                            uint32_t caps, const NeckoOriginAttributes &originAttributes);

  const nsCString &AlternateHost() const { return mAlternateHost; }
  const nsCString &OriginHost() const { return mOriginHost; }
  uint32_t OriginPort() const { return mOriginPort; }
  const nsCString &HashKey() const { return mHashKey; }
  uint32_t AlternatePort() const { return mAlternatePort; }
  bool Validated() { return mValidated; }
  int32_t GetExpiresAt() { return mExpiresAt; }
  bool RouteEquals(AltSvcMapping *map);
  bool HTTPS() { return mHttps; }

  void GetConnectionInfo(nsHttpConnectionInfo **outCI, nsProxyInfo *pi,
                         const NeckoOriginAttributes &originAttributes);

  int32_t TTL();
  int32_t StorageEpoch() { return mStorageEpoch; }
  bool    Private() { return mPrivate; }

  void SetValidated(bool val);
  void SetMixedScheme(bool val);
  void SetExpiresAt(int32_t val);
  void SetExpired();
  void Sync();

  static void MakeHashKey(nsCString &outKey,
                          const nsACString &originScheme,
                          const nsACString &originHost,
                          int32_t originPort,
                          bool privateBrowsing);

private:
  virtual ~AltSvcMapping() {};
  void     SyncString(nsCString val);
  RefPtr<DataStorage> mStorage;
  int32_t             mStorageEpoch;
  void Serialize (nsCString &out);

  nsCString mHashKey;

  // If you change any of these members, update Serialize()
  nsCString mAlternateHost;
  MOZ_INIT_OUTSIDE_CTOR int32_t mAlternatePort;

  nsCString mOriginHost;
  MOZ_INIT_OUTSIDE_CTOR int32_t mOriginPort;

  nsCString mUsername;
  MOZ_INIT_OUTSIDE_CTOR bool mPrivate;

  MOZ_INIT_OUTSIDE_CTOR uint32_t mExpiresAt; // alt-svc mappping

  MOZ_INIT_OUTSIDE_CTOR bool mValidated;
  MOZ_INIT_OUTSIDE_CTOR bool mHttps; // origin is https://
  MOZ_INIT_OUTSIDE_CTOR bool mMixedScheme; // .wk allows http and https on same con

  nsCString mNPNToken;
};

class AltSvcOverride : public nsIInterfaceRequestor
                     , public nsISpeculativeConnectionOverrider
{
public:
  NS_DECL_THREADSAFE_ISUPPORTS
  NS_DECL_NSISPECULATIVECONNECTIONOVERRIDER
  NS_DECL_NSIINTERFACEREQUESTOR

  explicit AltSvcOverride(nsIInterfaceRequestor *aRequestor)
    : mCallbacks(aRequestor) {}

private:
  virtual ~AltSvcOverride() {}
  nsCOMPtr<nsIInterfaceRequestor> mCallbacks;
};

class TransactionObserver : public nsIStreamListener
{
public:
  NS_DECL_THREADSAFE_ISUPPORTS
  NS_DECL_NSISTREAMLISTENER
  NS_DECL_NSIREQUESTOBSERVER

  TransactionObserver(nsHttpChannel *channel, WellKnownChecker *checker);
  void Complete(nsHttpTransaction *, nsresult);
private:
  friend class WellKnownChecker;
  virtual ~TransactionObserver() {}

  nsCOMPtr<nsISupports> mChannelRef;
  nsHttpChannel        *mChannel;
  WellKnownChecker     *mChecker;
  nsCString             mWKResponse;

  bool mRanOnce;
  bool mAuthOK; // confirmed no TLS failure
  bool mVersionOK; // connection h2
  bool mStatusOK; // HTTP Status 200
};

class AltSvcCache
{
public:
  AltSvcCache() : mStorageEpoch(0) {}
  virtual ~AltSvcCache () {};
  void UpdateAltServiceMapping(AltSvcMapping *map, nsProxyInfo *pi,
                               nsIInterfaceRequestor *, uint32_t caps,
                               const NeckoOriginAttributes &originAttributes); // main thread
  already_AddRefed<AltSvcMapping> GetAltServiceMapping(const nsACString &scheme,
                                                       const nsACString &host,
                                                       int32_t port, bool pb);
  void ClearAltServiceMappings();
  void ClearHostMapping(const nsACString &host, int32_t port);
  void ClearHostMapping(nsHttpConnectionInfo *ci);
  DataStorage *GetStoragePtr() { return mStorage.get(); }
  int32_t      StorageEpoch()  { return mStorageEpoch; }

private:
  already_AddRefed<AltSvcMapping> LookupMapping(const nsCString &key, bool privateBrowsing);
  RefPtr<DataStorage>             mStorage;
  int32_t                         mStorageEpoch;
};

} // namespace net
} // namespace mozilla

#endif // include guard