• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef CHROME_BROWSER_IO_THREAD_H_
6 #define CHROME_BROWSER_IO_THREAD_H_
7 
8 #include <string>
9 #include <vector>
10 
11 #include "base/basictypes.h"
12 #include "base/compiler_specific.h"
13 #include "base/memory/ref_counted.h"
14 #include "base/memory/scoped_ptr.h"
15 #include "base/memory/weak_ptr.h"
16 #include "base/prefs/pref_member.h"
17 #include "base/time/time.h"
18 #include "chrome/browser/net/ssl_config_service_manager.h"
19 #include "components/data_reduction_proxy/browser/data_reduction_proxy_params.h"
20 #include "content/public/browser/browser_thread.h"
21 #include "content/public/browser/browser_thread_delegate.h"
22 #include "net/base/network_change_notifier.h"
23 #include "net/http/http_network_session.h"
24 #include "net/socket/next_proto.h"
25 
26 class ChromeNetLog;
27 class PrefProxyConfigTracker;
28 class PrefService;
29 class PrefRegistrySimple;
30 class SystemURLRequestContextGetter;
31 
32 namespace base {
33 class CommandLine;
34 }
35 
36 namespace chrome_browser_net {
37 class DnsProbeService;
38 }
39 
40 namespace extensions {
41 class EventRouterForwarder;
42 }
43 
44 namespace net {
45 class CertVerifier;
46 class CookieStore;
47 class CTVerifier;
48 class FtpTransactionFactory;
49 class HostMappingRules;
50 class HostResolver;
51 class HttpAuthHandlerFactory;
52 class HttpServerProperties;
53 class HttpTransactionFactory;
54 class HttpUserAgentSettings;
55 class NetworkDelegate;
56 class ServerBoundCertService;
57 class ProxyConfigService;
58 class ProxyService;
59 class SSLConfigService;
60 class TransportSecurityState;
61 class URLRequestContext;
62 class URLRequestContextGetter;
63 class URLRequestJobFactory;
64 class URLRequestThrottlerManager;
65 class URLSecurityManager;
66 }  // namespace net
67 
68 namespace policy {
69 class PolicyService;
70 }  // namespace policy
71 
72 // Contains state associated with, initialized and cleaned up on, and
73 // primarily used on, the IO thread.
74 //
75 // If you are looking to interact with the IO thread (e.g. post tasks
76 // to it or check if it is the current thread), see
77 // content::BrowserThread.
78 class IOThread : public content::BrowserThreadDelegate {
79  public:
80   struct Globals {
81     template <typename T>
82     class Optional {
83      public:
OptionalGlobals84       Optional() : set_(false) {}
85 
setGlobals86       void set(T value) {
87         set_ = true;
88         value_ = value;
89       }
CopyToIfSetGlobals90       void CopyToIfSet(T* value) {
91         if (set_) {
92           *value = value_;
93         }
94       }
95 
96      private:
97       bool set_;
98       T value_;
99     };
100 
101     class SystemRequestContextLeakChecker {
102      public:
103       explicit SystemRequestContextLeakChecker(Globals* globals);
104       ~SystemRequestContextLeakChecker();
105 
106      private:
107       Globals* const globals_;
108     };
109 
110     Globals();
111     ~Globals();
112 
113     // The "system" NetworkDelegate, used for Profile-agnostic network events.
114     scoped_ptr<net::NetworkDelegate> system_network_delegate;
115     scoped_ptr<net::HostResolver> host_resolver;
116     scoped_ptr<net::CertVerifier> cert_verifier;
117     // The ServerBoundCertService must outlive the HttpTransactionFactory.
118     scoped_ptr<net::ServerBoundCertService> system_server_bound_cert_service;
119     // This TransportSecurityState doesn't load or save any state. It's only
120     // used to enforce pinning for system requests and will only use built-in
121     // pins.
122     scoped_ptr<net::TransportSecurityState> transport_security_state;
123     scoped_ptr<net::CTVerifier> cert_transparency_verifier;
124     scoped_refptr<net::SSLConfigService> ssl_config_service;
125     scoped_ptr<net::HttpAuthHandlerFactory> http_auth_handler_factory;
126     scoped_ptr<net::HttpServerProperties> http_server_properties;
127     scoped_ptr<net::ProxyService> proxy_script_fetcher_proxy_service;
128     scoped_ptr<net::HttpTransactionFactory>
129         proxy_script_fetcher_http_transaction_factory;
130     scoped_ptr<net::FtpTransactionFactory>
131         proxy_script_fetcher_ftp_transaction_factory;
132     scoped_ptr<net::URLRequestJobFactory>
133         proxy_script_fetcher_url_request_job_factory;
134     scoped_ptr<net::URLRequestThrottlerManager> throttler_manager;
135     scoped_ptr<net::URLSecurityManager> url_security_manager;
136     // TODO(willchan): Remove proxy script fetcher context since it's not
137     // necessary now that I got rid of refcounting URLRequestContexts.
138     //
139     // The first URLRequestContext is |system_url_request_context|. We introduce
140     // |proxy_script_fetcher_context| for the second context. It has a direct
141     // ProxyService, since we always directly connect to fetch the PAC script.
142     scoped_ptr<net::URLRequestContext> proxy_script_fetcher_context;
143     scoped_ptr<net::ProxyService> system_proxy_service;
144     scoped_ptr<net::HttpTransactionFactory> system_http_transaction_factory;
145     scoped_ptr<net::URLRequestJobFactory> system_url_request_job_factory;
146     scoped_ptr<net::URLRequestContext> system_request_context;
147     SystemRequestContextLeakChecker system_request_context_leak_checker;
148     // |system_cookie_store| and |system_server_bound_cert_service| are shared
149     // between |proxy_script_fetcher_context| and |system_request_context|.
150     scoped_refptr<net::CookieStore> system_cookie_store;
151     scoped_refptr<extensions::EventRouterForwarder>
152         extension_event_router_forwarder;
153     scoped_ptr<net::HostMappingRules> host_mapping_rules;
154     scoped_ptr<net::HttpUserAgentSettings> http_user_agent_settings;
155     bool ignore_certificate_errors;
156     uint16 testing_fixed_http_port;
157     uint16 testing_fixed_https_port;
158 
159     Optional<size_t> initial_max_spdy_concurrent_streams;
160     Optional<bool> force_spdy_single_domain;
161     Optional<bool> enable_spdy_compression;
162     Optional<bool> enable_spdy_ping_based_connection_checking;
163     Optional<net::NextProto> spdy_default_protocol;
164     net::NextProtoVector next_protos;
165     Optional<string> trusted_spdy_proxy;
166     Optional<bool> force_spdy_over_ssl;
167     Optional<bool> force_spdy_always;
168     std::set<net::HostPortPair> forced_spdy_exclusions;
169     Optional<bool> use_alternate_protocols;
170     Optional<bool> enable_websocket_over_spdy;
171 
172     Optional<bool> enable_quic;
173     Optional<bool> enable_quic_https;
174     Optional<bool> enable_quic_pacing;
175     Optional<bool> enable_quic_time_based_loss_detection;
176     Optional<bool> enable_quic_persist_server_info;
177     Optional<bool> enable_quic_port_selection;
178     Optional<size_t> quic_max_packet_length;
179     Optional<std::string> quic_user_agent_id;
180     Optional<net::QuicVersionVector> quic_supported_versions;
181     Optional<net::HostPortPair> origin_to_force_quic_on;
182     bool enable_user_alternate_protocol_ports;
183     // NetErrorTabHelper uses |dns_probe_service| to send DNS probes when a
184     // main frame load fails with a DNS error in order to provide more useful
185     // information to the renderer so it can show a more specific error page.
186     scoped_ptr<chrome_browser_net::DnsProbeService> dns_probe_service;
187     scoped_ptr<data_reduction_proxy::DataReductionProxyParams>
188         data_reduction_proxy_params;
189   };
190 
191   // |net_log| must either outlive the IOThread or be NULL.
192   IOThread(PrefService* local_state,
193            policy::PolicyService* policy_service,
194            ChromeNetLog* net_log,
195            extensions::EventRouterForwarder* extension_event_router_forwarder);
196 
197   virtual ~IOThread();
198 
199   static void RegisterPrefs(PrefRegistrySimple* registry);
200 
201   // Can only be called on the IO thread.
202   Globals* globals();
203 
204   // Allows overriding Globals in tests where IOThread::Init() and
205   // IOThread::CleanUp() are not called.  This allows for injecting mocks into
206   // IOThread global objects.
207   void SetGlobalsForTesting(Globals* globals);
208 
209   ChromeNetLog* net_log();
210 
211   // Handles changing to On The Record mode, discarding confidential data.
212   void ChangedToOnTheRecord();
213 
214   // Returns a getter for the URLRequestContext.  Only called on the UI thread.
215   net::URLRequestContextGetter* system_url_request_context_getter();
216 
217   // Clears the host cache.  Intended to be used to prevent exposing recently
218   // visited sites on about:net-internals/#dns and about:dns pages.  Must be
219   // called on the IO thread.
220   void ClearHostCache();
221 
222   void InitializeNetworkSessionParams(net::HttpNetworkSession::Params* params);
223 
224   base::TimeTicks creation_time() const;
225 
226  private:
227   // Provide SystemURLRequestContextGetter with access to
228   // InitSystemRequestContext().
229   friend class SystemURLRequestContextGetter;
230 
231   // BrowserThreadDelegate implementation, runs on the IO thread.
232   // This handles initialization and destruction of state that must
233   // live on the IO thread.
234   virtual void Init() OVERRIDE;
235   virtual void InitAsync() OVERRIDE;
236   virtual void CleanUp() OVERRIDE;
237 
238   void InitializeNetworkOptions(const base::CommandLine& parsed_command_line);
239 
240   // Enable SPDY with the given mode, which may contain the following:
241   //
242   //   "off"                      : Disables SPDY support entirely.
243   //   "ssl"                      : Forces SPDY for all HTTPS requests.
244   //   "no-ssl"                   : Forces SPDY for all HTTP requests.
245   //   "no-ping"                  : Disables SPDY ping connection testing.
246   //   "exclude=<host>"           : Disables SPDY support for the host <host>.
247   //   "no-compress"              : Disables SPDY header compression.
248   //   "no-alt-protocols          : Disables alternate protocol support.
249   //   "force-alt-protocols       : Forces an alternate protocol of SPDY/3
250   //                                on port 443.
251   //   "single-domain"            : Forces all spdy traffic to a single domain.
252   //   "init-max-streams=<limit>" : Specifies the maximum number of concurrent
253   //                                streams for a SPDY session, unless the
254   //                                specifies a different value via SETTINGS.
255   void EnableSpdy(const std::string& mode);
256 
257   // Global state must be initialized on the IO thread, then this
258   // method must be invoked on the UI thread.
259   void InitSystemRequestContext();
260 
261   // Lazy initialization of system request context for
262   // SystemURLRequestContextGetter. To be called on IO thread only
263   // after global state has been initialized on the IO thread, and
264   // SystemRequestContext state has been initialized on the UI thread.
265   void InitSystemRequestContextOnIOThread();
266 
267   net::HttpAuthHandlerFactory* CreateDefaultAuthHandlerFactory(
268       net::HostResolver* resolver);
269 
270   // Returns an SSLConfigService instance.
271   net::SSLConfigService* GetSSLConfigService();
272 
273   void ChangedToOnTheRecordOnIOThread();
274 
275   void UpdateDnsClientEnabled();
276 
277   // Configures QUIC options based on the flags in |command_line| as
278   // well as the QUIC field trial group.
279   void ConfigureQuic(const base::CommandLine& command_line);
280 
281   // Returns true if QUIC should be enabled, either as a result
282   // of a field trial or a command line flag.
283   bool ShouldEnableQuic(const base::CommandLine& command_line,
284                         base::StringPiece quic_trial_group);
285 
286   // Returns true if HTTPS over QUIC should be enabled, either as a result
287   // of a field trial or a command line flag.
288   bool ShouldEnableQuicHttps(const base::CommandLine& command_line,
289                              base::StringPiece quic_trial_group);
290 
291   // Returns true if the selection of the ephemeral port in bind() should be
292   // performed by Chromium, and false if the OS should select the port.  The OS
293   // option is used to prevent Windows from posting a security security warning
294   // dialog.
295   bool ShouldEnableQuicPortSelection(const base::CommandLine& command_line);
296 
297   // Returns true if QUIC packet pacing should be negotiated during the
298   // QUIC handshake.
299   bool ShouldEnableQuicPacing(const base::CommandLine& command_line,
300                               base::StringPiece quic_trial_group);
301 
302   // Returns true if QUIC time-base loss detection should be negotiated during
303   // the QUIC handshake.
304   bool ShouldEnableQuicTimeBasedLossDetection(
305       const base::CommandLine& command_line,
306       base::StringPiece quic_trial_group);
307 
308   // Returns true if Chromium should persist QUIC server config information to
309   // disk cache.
310   bool ShouldEnableQuicPersistServerInfo(const base::CommandLine& command_line);
311 
312   // Returns the maximum length for QUIC packets, based on any flags in
313   // |command_line| or the field trial.  Returns 0 if there is an error
314   // parsing any of the options, or if the default value should be used.
315   size_t GetQuicMaxPacketLength(const base::CommandLine& command_line,
316                                 base::StringPiece quic_trial_group);
317 
318   // Returns the quic versions specified by any flags in |command_line|.
319   net::QuicVersion GetQuicVersion(const base::CommandLine& command_line);
320 
321   // The NetLog is owned by the browser process, to allow logging from other
322   // threads during shutdown, but is used most frequently on the IOThread.
323   ChromeNetLog* net_log_;
324 
325   // The extensions::EventRouterForwarder allows for sending events to
326   // extensions from the IOThread.
327   extensions::EventRouterForwarder* extension_event_router_forwarder_;
328 
329   // These member variables are basically global, but their lifetimes are tied
330   // to the IOThread.  IOThread owns them all, despite not using scoped_ptr.
331   // This is because the destructor of IOThread runs on the wrong thread.  All
332   // member variables should be deleted in CleanUp().
333 
334   // These member variables are initialized in Init() and do not change for the
335   // lifetime of the IO thread.
336 
337   Globals* globals_;
338 
339   // Observer that logs network changes to the ChromeNetLog.
340   class LoggingNetworkChangeObserver;
341   scoped_ptr<LoggingNetworkChangeObserver> network_change_observer_;
342 
343   BooleanPrefMember system_enable_referrers_;
344 
345   BooleanPrefMember dns_client_enabled_;
346 
347   BooleanPrefMember quick_check_enabled_;
348 
349   // Store HTTP Auth-related policies in this thread.
350   std::string auth_schemes_;
351   bool negotiate_disable_cname_lookup_;
352   bool negotiate_enable_port_;
353   std::string auth_server_whitelist_;
354   std::string auth_delegate_whitelist_;
355   std::string gssapi_library_name_;
356 
357   // This is an instance of the default SSLConfigServiceManager for the current
358   // platform and it gets SSL preferences from local_state object.
359   scoped_ptr<SSLConfigServiceManager> ssl_config_service_manager_;
360 
361   // These member variables are initialized by a task posted to the IO thread,
362   // which gets posted by calling certain member functions of IOThread.
363   scoped_ptr<net::ProxyConfigService> system_proxy_config_service_;
364 
365   scoped_ptr<PrefProxyConfigTracker> pref_proxy_config_tracker_;
366 
367   scoped_refptr<net::URLRequestContextGetter>
368       system_url_request_context_getter_;
369 
370   // True if SPDY is disabled by policy.
371   bool is_spdy_disabled_by_policy_;
372 
373   base::WeakPtrFactory<IOThread> weak_factory_;
374 
375   const base::TimeTicks creation_time_;
376 
377   DISALLOW_COPY_AND_ASSIGN(IOThread);
378 };
379 
380 #endif  // CHROME_BROWSER_IO_THREAD_H_
381