QUIC - Track the reason for sending InchoateClientHello in UMA
[chromium/src/net.git] / http / http_network_transaction.cc
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/http/http_network_transaction.h"
6
7 #include <set>
8 #include <vector>
9
10 #include "base/bind.h"
11 #include "base/bind_helpers.h"
12 #include "base/compiler_specific.h"
13 #include "base/format_macros.h"
14 #include "base/memory/scoped_ptr.h"
15 #include "base/metrics/field_trial.h"
16 #include "base/metrics/histogram.h"
17 #include "base/metrics/stats_counters.h"
18 #include "base/stl_util.h"
19 #include "base/strings/string_number_conversions.h"
20 #include "base/strings/string_util.h"
21 #include "base/strings/stringprintf.h"
22 #include "base/time/time.h"
23 #include "base/values.h"
24 #include "build/build_config.h"
25 #include "net/base/auth.h"
26 #include "net/base/host_port_pair.h"
27 #include "net/base/io_buffer.h"
28 #include "net/base/load_flags.h"
29 #include "net/base/load_timing_info.h"
30 #include "net/base/net_errors.h"
31 #include "net/base/net_util.h"
32 #include "net/base/upload_data_stream.h"
33 #include "net/http/http_auth.h"
34 #include "net/http/http_auth_handler.h"
35 #include "net/http/http_auth_handler_factory.h"
36 #include "net/http/http_basic_stream.h"
37 #include "net/http/http_chunked_decoder.h"
38 #include "net/http/http_network_session.h"
39 #include "net/http/http_proxy_client_socket.h"
40 #include "net/http/http_proxy_client_socket_pool.h"
41 #include "net/http/http_request_headers.h"
42 #include "net/http/http_request_info.h"
43 #include "net/http/http_response_headers.h"
44 #include "net/http/http_response_info.h"
45 #include "net/http/http_server_properties.h"
46 #include "net/http/http_status_code.h"
47 #include "net/http/http_stream_base.h"
48 #include "net/http/http_stream_factory.h"
49 #include "net/http/http_util.h"
50 #include "net/http/transport_security_state.h"
51 #include "net/http/url_security_manager.h"
52 #include "net/socket/client_socket_factory.h"
53 #include "net/socket/socks_client_socket_pool.h"
54 #include "net/socket/ssl_client_socket.h"
55 #include "net/socket/ssl_client_socket_pool.h"
56 #include "net/socket/transport_client_socket_pool.h"
57 #include "net/spdy/spdy_http_stream.h"
58 #include "net/spdy/spdy_session.h"
59 #include "net/spdy/spdy_session_pool.h"
60 #include "net/ssl/ssl_cert_request_info.h"
61 #include "net/ssl/ssl_connection_status_flags.h"
62 #include "url/gurl.h"
63
64 #if defined(SPDY_PROXY_AUTH_ORIGIN)
65 #include "net/proxy/proxy_server.h"
66 #endif
67
68
69 using base::Time;
70 using base::TimeDelta;
71
72 namespace net {
73
74 namespace {
75
76 void ProcessAlternateProtocol(
77     HttpStreamFactory* factory,
78     const base::WeakPtr<HttpServerProperties>& http_server_properties,
79     const HttpResponseHeaders& headers,
80     const HostPortPair& http_host_port_pair) {
81   std::string alternate_protocol_str;
82
83   if (!headers.EnumerateHeader(NULL, kAlternateProtocolHeader,
84                                &alternate_protocol_str)) {
85     // Header is not present.
86     return;
87   }
88
89   factory->ProcessAlternateProtocol(http_server_properties,
90                                     alternate_protocol_str,
91                                     http_host_port_pair);
92 }
93
94 // Returns true if |error| is a client certificate authentication error.
95 bool IsClientCertificateError(int error) {
96   switch (error) {
97     case ERR_BAD_SSL_CLIENT_AUTH_CERT:
98     case ERR_SSL_CLIENT_AUTH_PRIVATE_KEY_ACCESS_DENIED:
99     case ERR_SSL_CLIENT_AUTH_CERT_NO_PRIVATE_KEY:
100     case ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED:
101       return true;
102     default:
103       return false;
104   }
105 }
106
107 base::Value* NetLogSSLVersionFallbackCallback(
108     const GURL* url,
109     int net_error,
110     uint16 version_before,
111     uint16 version_after,
112     NetLog::LogLevel /* log_level */) {
113   base::DictionaryValue* dict = new base::DictionaryValue();
114   dict->SetString("host_and_port", GetHostAndPort(*url));
115   dict->SetInteger("net_error", net_error);
116   dict->SetInteger("version_before", version_before);
117   dict->SetInteger("version_after", version_after);
118   return dict;
119 }
120
121 }  // namespace
122
123 //-----------------------------------------------------------------------------
124
125 HttpNetworkTransaction::HttpNetworkTransaction(RequestPriority priority,
126                                                HttpNetworkSession* session)
127     : pending_auth_target_(HttpAuth::AUTH_NONE),
128       io_callback_(base::Bind(&HttpNetworkTransaction::OnIOComplete,
129                               base::Unretained(this))),
130       session_(session),
131       request_(NULL),
132       priority_(priority),
133       headers_valid_(false),
134       logged_response_time_(false),
135       fallback_error_code_(ERR_SSL_INAPPROPRIATE_FALLBACK),
136       request_headers_(),
137       read_buf_len_(0),
138       next_state_(STATE_NONE),
139       establishing_tunnel_(false),
140       websocket_handshake_stream_base_create_helper_(NULL) {
141   session->ssl_config_service()->GetSSLConfig(&server_ssl_config_);
142   if (session->http_stream_factory()->has_next_protos()) {
143     server_ssl_config_.next_protos =
144         session->http_stream_factory()->next_protos();
145   }
146   proxy_ssl_config_ = server_ssl_config_;
147 }
148
149 HttpNetworkTransaction::~HttpNetworkTransaction() {
150   if (stream_.get()) {
151     HttpResponseHeaders* headers = GetResponseHeaders();
152     // TODO(mbelshe): The stream_ should be able to compute whether or not the
153     //                stream should be kept alive.  No reason to compute here
154     //                and pass it in.
155     bool try_to_keep_alive =
156         next_state_ == STATE_NONE &&
157         stream_->CanFindEndOfResponse() &&
158         (!headers || headers->IsKeepAlive());
159     if (!try_to_keep_alive) {
160       stream_->Close(true /* not reusable */);
161     } else {
162       if (stream_->IsResponseBodyComplete()) {
163         // If the response body is complete, we can just reuse the socket.
164         stream_->Close(false /* reusable */);
165       } else if (stream_->IsSpdyHttpStream()) {
166         // Doesn't really matter for SpdyHttpStream. Just close it.
167         stream_->Close(true /* not reusable */);
168       } else {
169         // Otherwise, we try to drain the response body.
170         HttpStreamBase* stream = stream_.release();
171         stream->Drain(session_);
172       }
173     }
174   }
175
176   if (request_ && request_->upload_data_stream)
177     request_->upload_data_stream->Reset();  // Invalidate pending callbacks.
178 }
179
180 int HttpNetworkTransaction::Start(const HttpRequestInfo* request_info,
181                                   const CompletionCallback& callback,
182                                   const BoundNetLog& net_log) {
183   SIMPLE_STATS_COUNTER("HttpNetworkTransaction.Count");
184
185   net_log_ = net_log;
186   request_ = request_info;
187   start_time_ = base::Time::Now();
188
189   if (request_->load_flags & LOAD_DISABLE_CERT_REVOCATION_CHECKING) {
190     server_ssl_config_.rev_checking_enabled = false;
191     proxy_ssl_config_.rev_checking_enabled = false;
192   }
193
194   // Channel ID is enabled unless --disable-tls-channel-id flag is set,
195   // or if privacy mode is enabled.
196   bool channel_id_enabled = server_ssl_config_.channel_id_enabled &&
197       (request_->privacy_mode == kPrivacyModeDisabled);
198   server_ssl_config_.channel_id_enabled = channel_id_enabled;
199
200   next_state_ = STATE_CREATE_STREAM;
201   int rv = DoLoop(OK);
202   if (rv == ERR_IO_PENDING)
203     callback_ = callback;
204   return rv;
205 }
206
207 int HttpNetworkTransaction::RestartIgnoringLastError(
208     const CompletionCallback& callback) {
209   DCHECK(!stream_.get());
210   DCHECK(!stream_request_.get());
211   DCHECK_EQ(STATE_NONE, next_state_);
212
213   next_state_ = STATE_CREATE_STREAM;
214
215   int rv = DoLoop(OK);
216   if (rv == ERR_IO_PENDING)
217     callback_ = callback;
218   return rv;
219 }
220
221 int HttpNetworkTransaction::RestartWithCertificate(
222     X509Certificate* client_cert, const CompletionCallback& callback) {
223   // In HandleCertificateRequest(), we always tear down existing stream
224   // requests to force a new connection.  So we shouldn't have one here.
225   DCHECK(!stream_request_.get());
226   DCHECK(!stream_.get());
227   DCHECK_EQ(STATE_NONE, next_state_);
228
229   SSLConfig* ssl_config = response_.cert_request_info->is_proxy ?
230       &proxy_ssl_config_ : &server_ssl_config_;
231   ssl_config->send_client_cert = true;
232   ssl_config->client_cert = client_cert;
233   session_->ssl_client_auth_cache()->Add(
234       response_.cert_request_info->host_and_port, client_cert);
235   // Reset the other member variables.
236   // Note: this is necessary only with SSL renegotiation.
237   ResetStateForRestart();
238   next_state_ = STATE_CREATE_STREAM;
239   int rv = DoLoop(OK);
240   if (rv == ERR_IO_PENDING)
241     callback_ = callback;
242   return rv;
243 }
244
245 int HttpNetworkTransaction::RestartWithAuth(
246     const AuthCredentials& credentials, const CompletionCallback& callback) {
247   HttpAuth::Target target = pending_auth_target_;
248   if (target == HttpAuth::AUTH_NONE) {
249     NOTREACHED();
250     return ERR_UNEXPECTED;
251   }
252   pending_auth_target_ = HttpAuth::AUTH_NONE;
253
254   auth_controllers_[target]->ResetAuth(credentials);
255
256   DCHECK(callback_.is_null());
257
258   int rv = OK;
259   if (target == HttpAuth::AUTH_PROXY && establishing_tunnel_) {
260     // In this case, we've gathered credentials for use with proxy
261     // authentication of a tunnel.
262     DCHECK_EQ(STATE_CREATE_STREAM_COMPLETE, next_state_);
263     DCHECK(stream_request_ != NULL);
264     auth_controllers_[target] = NULL;
265     ResetStateForRestart();
266     rv = stream_request_->RestartTunnelWithProxyAuth(credentials);
267   } else {
268     // In this case, we've gathered credentials for the server or the proxy
269     // but it is not during the tunneling phase.
270     DCHECK(stream_request_ == NULL);
271     PrepareForAuthRestart(target);
272     rv = DoLoop(OK);
273   }
274
275   if (rv == ERR_IO_PENDING)
276     callback_ = callback;
277   return rv;
278 }
279
280 void HttpNetworkTransaction::PrepareForAuthRestart(HttpAuth::Target target) {
281   DCHECK(HaveAuth(target));
282   DCHECK(!stream_request_.get());
283
284   bool keep_alive = false;
285   // Even if the server says the connection is keep-alive, we have to be
286   // able to find the end of each response in order to reuse the connection.
287   if (GetResponseHeaders()->IsKeepAlive() &&
288       stream_->CanFindEndOfResponse()) {
289     // If the response body hasn't been completely read, we need to drain
290     // it first.
291     if (!stream_->IsResponseBodyComplete()) {
292       next_state_ = STATE_DRAIN_BODY_FOR_AUTH_RESTART;
293       read_buf_ = new IOBuffer(kDrainBodyBufferSize);  // A bit bucket.
294       read_buf_len_ = kDrainBodyBufferSize;
295       return;
296     }
297     keep_alive = true;
298   }
299
300   // We don't need to drain the response body, so we act as if we had drained
301   // the response body.
302   DidDrainBodyForAuthRestart(keep_alive);
303 }
304
305 void HttpNetworkTransaction::DidDrainBodyForAuthRestart(bool keep_alive) {
306   DCHECK(!stream_request_.get());
307
308   if (stream_.get()) {
309     HttpStream* new_stream = NULL;
310     if (keep_alive && stream_->IsConnectionReusable()) {
311       // We should call connection_->set_idle_time(), but this doesn't occur
312       // often enough to be worth the trouble.
313       stream_->SetConnectionReused();
314       new_stream =
315           static_cast<HttpStream*>(stream_.get())->RenewStreamForAuth();
316     }
317
318     if (!new_stream) {
319       // Close the stream and mark it as not_reusable.  Even in the
320       // keep_alive case, we've determined that the stream_ is not
321       // reusable if new_stream is NULL.
322       stream_->Close(true);
323       next_state_ = STATE_CREATE_STREAM;
324     } else {
325       next_state_ = STATE_INIT_STREAM;
326     }
327     stream_.reset(new_stream);
328   }
329
330   // Reset the other member variables.
331   ResetStateForAuthRestart();
332 }
333
334 bool HttpNetworkTransaction::IsReadyToRestartForAuth() {
335   return pending_auth_target_ != HttpAuth::AUTH_NONE &&
336       HaveAuth(pending_auth_target_);
337 }
338
339 int HttpNetworkTransaction::Read(IOBuffer* buf, int buf_len,
340                                  const CompletionCallback& callback) {
341   DCHECK(buf);
342   DCHECK_LT(0, buf_len);
343
344   State next_state = STATE_NONE;
345
346   scoped_refptr<HttpResponseHeaders> headers(GetResponseHeaders());
347   if (headers_valid_ && headers.get() && stream_request_.get()) {
348     // We're trying to read the body of the response but we're still trying
349     // to establish an SSL tunnel through an HTTP proxy.  We can't read these
350     // bytes when establishing a tunnel because they might be controlled by
351     // an active network attacker.  We don't worry about this for HTTP
352     // because an active network attacker can already control HTTP sessions.
353     // We reach this case when the user cancels a 407 proxy auth prompt.  We
354     // also don't worry about this for an HTTPS Proxy, because the
355     // communication with the proxy is secure.
356     // See http://crbug.com/8473.
357     DCHECK(proxy_info_.is_http() || proxy_info_.is_https());
358     DCHECK_EQ(headers->response_code(), HTTP_PROXY_AUTHENTICATION_REQUIRED);
359     LOG(WARNING) << "Blocked proxy response with status "
360                  << headers->response_code() << " to CONNECT request for "
361                  << GetHostAndPort(request_->url) << ".";
362     return ERR_TUNNEL_CONNECTION_FAILED;
363   }
364
365   // Are we using SPDY or HTTP?
366   next_state = STATE_READ_BODY;
367
368   read_buf_ = buf;
369   read_buf_len_ = buf_len;
370
371   next_state_ = next_state;
372   int rv = DoLoop(OK);
373   if (rv == ERR_IO_PENDING)
374     callback_ = callback;
375   return rv;
376 }
377
378 bool HttpNetworkTransaction::GetFullRequestHeaders(
379     HttpRequestHeaders* headers) const {
380   // TODO(ttuttle): Make sure we've populated request_headers_.
381   *headers = request_headers_;
382   return true;
383 }
384
385 const HttpResponseInfo* HttpNetworkTransaction::GetResponseInfo() const {
386   return ((headers_valid_ && response_.headers.get()) ||
387           response_.ssl_info.cert.get() || response_.cert_request_info.get())
388              ? &response_
389              : NULL;
390 }
391
392 LoadState HttpNetworkTransaction::GetLoadState() const {
393   // TODO(wtc): Define a new LoadState value for the
394   // STATE_INIT_CONNECTION_COMPLETE state, which delays the HTTP request.
395   switch (next_state_) {
396     case STATE_CREATE_STREAM_COMPLETE:
397       return stream_request_->GetLoadState();
398     case STATE_GENERATE_PROXY_AUTH_TOKEN_COMPLETE:
399     case STATE_GENERATE_SERVER_AUTH_TOKEN_COMPLETE:
400     case STATE_SEND_REQUEST_COMPLETE:
401       return LOAD_STATE_SENDING_REQUEST;
402     case STATE_READ_HEADERS_COMPLETE:
403       return LOAD_STATE_WAITING_FOR_RESPONSE;
404     case STATE_READ_BODY_COMPLETE:
405       return LOAD_STATE_READING_RESPONSE;
406     default:
407       return LOAD_STATE_IDLE;
408   }
409 }
410
411 UploadProgress HttpNetworkTransaction::GetUploadProgress() const {
412   if (!stream_.get())
413     return UploadProgress();
414
415   // TODO(bashi): This cast is temporary. Remove later.
416   return static_cast<HttpStream*>(stream_.get())->GetUploadProgress();
417 }
418
419 bool HttpNetworkTransaction::GetLoadTimingInfo(
420     LoadTimingInfo* load_timing_info) const {
421   if (!stream_ || !stream_->GetLoadTimingInfo(load_timing_info))
422     return false;
423
424   load_timing_info->proxy_resolve_start =
425       proxy_info_.proxy_resolve_start_time();
426   load_timing_info->proxy_resolve_end = proxy_info_.proxy_resolve_end_time();
427   load_timing_info->send_start = send_start_time_;
428   load_timing_info->send_end = send_end_time_;
429   return true;
430 }
431
432 void HttpNetworkTransaction::SetPriority(RequestPriority priority) {
433   priority_ = priority;
434   if (stream_request_)
435     stream_request_->SetPriority(priority);
436   if (stream_)
437     stream_->SetPriority(priority);
438 }
439
440 void HttpNetworkTransaction::SetWebSocketHandshakeStreamCreateHelper(
441     WebSocketHandshakeStreamBase::CreateHelper* create_helper) {
442   websocket_handshake_stream_base_create_helper_ = create_helper;
443 }
444
445 void HttpNetworkTransaction::OnStreamReady(const SSLConfig& used_ssl_config,
446                                            const ProxyInfo& used_proxy_info,
447                                            HttpStreamBase* stream) {
448   DCHECK_EQ(STATE_CREATE_STREAM_COMPLETE, next_state_);
449   DCHECK(stream_request_.get());
450
451   stream_.reset(stream);
452   server_ssl_config_ = used_ssl_config;
453   proxy_info_ = used_proxy_info;
454   response_.was_npn_negotiated = stream_request_->was_npn_negotiated();
455   response_.npn_negotiated_protocol = SSLClientSocket::NextProtoToString(
456       stream_request_->protocol_negotiated());
457   response_.was_fetched_via_spdy = stream_request_->using_spdy();
458   response_.was_fetched_via_proxy = !proxy_info_.is_direct();
459
460   OnIOComplete(OK);
461 }
462
463 void HttpNetworkTransaction::OnWebSocketHandshakeStreamReady(
464     const SSLConfig& used_ssl_config,
465     const ProxyInfo& used_proxy_info,
466     WebSocketHandshakeStreamBase* stream) {
467   OnStreamReady(used_ssl_config, used_proxy_info, stream);
468 }
469
470 void HttpNetworkTransaction::OnStreamFailed(int result,
471                                             const SSLConfig& used_ssl_config) {
472   DCHECK_EQ(STATE_CREATE_STREAM_COMPLETE, next_state_);
473   DCHECK_NE(OK, result);
474   DCHECK(stream_request_.get());
475   DCHECK(!stream_.get());
476   server_ssl_config_ = used_ssl_config;
477
478   OnIOComplete(result);
479 }
480
481 void HttpNetworkTransaction::OnCertificateError(
482     int result,
483     const SSLConfig& used_ssl_config,
484     const SSLInfo& ssl_info) {
485   DCHECK_EQ(STATE_CREATE_STREAM_COMPLETE, next_state_);
486   DCHECK_NE(OK, result);
487   DCHECK(stream_request_.get());
488   DCHECK(!stream_.get());
489
490   response_.ssl_info = ssl_info;
491   server_ssl_config_ = used_ssl_config;
492
493   // TODO(mbelshe):  For now, we're going to pass the error through, and that
494   // will close the stream_request in all cases.  This means that we're always
495   // going to restart an entire STATE_CREATE_STREAM, even if the connection is
496   // good and the user chooses to ignore the error.  This is not ideal, but not
497   // the end of the world either.
498
499   OnIOComplete(result);
500 }
501
502 void HttpNetworkTransaction::OnNeedsProxyAuth(
503     const HttpResponseInfo& proxy_response,
504     const SSLConfig& used_ssl_config,
505     const ProxyInfo& used_proxy_info,
506     HttpAuthController* auth_controller) {
507   DCHECK(stream_request_.get());
508   DCHECK_EQ(STATE_CREATE_STREAM_COMPLETE, next_state_);
509
510   establishing_tunnel_ = true;
511   response_.headers = proxy_response.headers;
512   response_.auth_challenge = proxy_response.auth_challenge;
513   headers_valid_ = true;
514   server_ssl_config_ = used_ssl_config;
515   proxy_info_ = used_proxy_info;
516
517   auth_controllers_[HttpAuth::AUTH_PROXY] = auth_controller;
518   pending_auth_target_ = HttpAuth::AUTH_PROXY;
519
520   DoCallback(OK);
521 }
522
523 void HttpNetworkTransaction::OnNeedsClientAuth(
524     const SSLConfig& used_ssl_config,
525     SSLCertRequestInfo* cert_info) {
526   DCHECK_EQ(STATE_CREATE_STREAM_COMPLETE, next_state_);
527
528   server_ssl_config_ = used_ssl_config;
529   response_.cert_request_info = cert_info;
530   OnIOComplete(ERR_SSL_CLIENT_AUTH_CERT_NEEDED);
531 }
532
533 void HttpNetworkTransaction::OnHttpsProxyTunnelResponse(
534     const HttpResponseInfo& response_info,
535     const SSLConfig& used_ssl_config,
536     const ProxyInfo& used_proxy_info,
537     HttpStreamBase* stream) {
538   DCHECK_EQ(STATE_CREATE_STREAM_COMPLETE, next_state_);
539
540   headers_valid_ = true;
541   response_ = response_info;
542   server_ssl_config_ = used_ssl_config;
543   proxy_info_ = used_proxy_info;
544   stream_.reset(stream);
545   stream_request_.reset();  // we're done with the stream request
546   OnIOComplete(ERR_HTTPS_PROXY_TUNNEL_RESPONSE);
547 }
548
549 bool HttpNetworkTransaction::is_https_request() const {
550   return request_->url.SchemeIs("https");
551 }
552
553 void HttpNetworkTransaction::DoCallback(int rv) {
554   DCHECK_NE(rv, ERR_IO_PENDING);
555   DCHECK(!callback_.is_null());
556
557   // Since Run may result in Read being called, clear user_callback_ up front.
558   CompletionCallback c = callback_;
559   callback_.Reset();
560   c.Run(rv);
561 }
562
563 void HttpNetworkTransaction::OnIOComplete(int result) {
564   int rv = DoLoop(result);
565   if (rv != ERR_IO_PENDING)
566     DoCallback(rv);
567 }
568
569 int HttpNetworkTransaction::DoLoop(int result) {
570   DCHECK(next_state_ != STATE_NONE);
571
572   int rv = result;
573   do {
574     State state = next_state_;
575     next_state_ = STATE_NONE;
576     switch (state) {
577       case STATE_CREATE_STREAM:
578         DCHECK_EQ(OK, rv);
579         rv = DoCreateStream();
580         break;
581       case STATE_CREATE_STREAM_COMPLETE:
582         rv = DoCreateStreamComplete(rv);
583         break;
584       case STATE_INIT_STREAM:
585         DCHECK_EQ(OK, rv);
586         rv = DoInitStream();
587         break;
588       case STATE_INIT_STREAM_COMPLETE:
589         rv = DoInitStreamComplete(rv);
590         break;
591       case STATE_GENERATE_PROXY_AUTH_TOKEN:
592         DCHECK_EQ(OK, rv);
593         rv = DoGenerateProxyAuthToken();
594         break;
595       case STATE_GENERATE_PROXY_AUTH_TOKEN_COMPLETE:
596         rv = DoGenerateProxyAuthTokenComplete(rv);
597         break;
598       case STATE_GENERATE_SERVER_AUTH_TOKEN:
599         DCHECK_EQ(OK, rv);
600         rv = DoGenerateServerAuthToken();
601         break;
602       case STATE_GENERATE_SERVER_AUTH_TOKEN_COMPLETE:
603         rv = DoGenerateServerAuthTokenComplete(rv);
604         break;
605       case STATE_INIT_REQUEST_BODY:
606         DCHECK_EQ(OK, rv);
607         rv = DoInitRequestBody();
608         break;
609       case STATE_INIT_REQUEST_BODY_COMPLETE:
610         rv = DoInitRequestBodyComplete(rv);
611         break;
612       case STATE_BUILD_REQUEST:
613         DCHECK_EQ(OK, rv);
614         net_log_.BeginEvent(NetLog::TYPE_HTTP_TRANSACTION_SEND_REQUEST);
615         rv = DoBuildRequest();
616         break;
617       case STATE_BUILD_REQUEST_COMPLETE:
618         rv = DoBuildRequestComplete(rv);
619         break;
620       case STATE_SEND_REQUEST:
621         DCHECK_EQ(OK, rv);
622         rv = DoSendRequest();
623         break;
624       case STATE_SEND_REQUEST_COMPLETE:
625         rv = DoSendRequestComplete(rv);
626         net_log_.EndEventWithNetErrorCode(
627             NetLog::TYPE_HTTP_TRANSACTION_SEND_REQUEST, rv);
628         break;
629       case STATE_READ_HEADERS:
630         DCHECK_EQ(OK, rv);
631         net_log_.BeginEvent(NetLog::TYPE_HTTP_TRANSACTION_READ_HEADERS);
632         rv = DoReadHeaders();
633         break;
634       case STATE_READ_HEADERS_COMPLETE:
635         rv = DoReadHeadersComplete(rv);
636         net_log_.EndEventWithNetErrorCode(
637             NetLog::TYPE_HTTP_TRANSACTION_READ_HEADERS, rv);
638         break;
639       case STATE_READ_BODY:
640         DCHECK_EQ(OK, rv);
641         net_log_.BeginEvent(NetLog::TYPE_HTTP_TRANSACTION_READ_BODY);
642         rv = DoReadBody();
643         break;
644       case STATE_READ_BODY_COMPLETE:
645         rv = DoReadBodyComplete(rv);
646         net_log_.EndEventWithNetErrorCode(
647             NetLog::TYPE_HTTP_TRANSACTION_READ_BODY, rv);
648         break;
649       case STATE_DRAIN_BODY_FOR_AUTH_RESTART:
650         DCHECK_EQ(OK, rv);
651         net_log_.BeginEvent(
652             NetLog::TYPE_HTTP_TRANSACTION_DRAIN_BODY_FOR_AUTH_RESTART);
653         rv = DoDrainBodyForAuthRestart();
654         break;
655       case STATE_DRAIN_BODY_FOR_AUTH_RESTART_COMPLETE:
656         rv = DoDrainBodyForAuthRestartComplete(rv);
657         net_log_.EndEventWithNetErrorCode(
658             NetLog::TYPE_HTTP_TRANSACTION_DRAIN_BODY_FOR_AUTH_RESTART, rv);
659         break;
660       default:
661         NOTREACHED() << "bad state";
662         rv = ERR_FAILED;
663         break;
664     }
665   } while (rv != ERR_IO_PENDING && next_state_ != STATE_NONE);
666
667   return rv;
668 }
669
670 int HttpNetworkTransaction::DoCreateStream() {
671   next_state_ = STATE_CREATE_STREAM_COMPLETE;
672
673   if (ForWebSocketHandshake()) {
674     stream_request_.reset(
675         session_->http_stream_factory_for_websocket()
676             ->RequestWebSocketHandshakeStream(
677                   *request_,
678                   priority_,
679                   server_ssl_config_,
680                   proxy_ssl_config_,
681                   this,
682                   websocket_handshake_stream_base_create_helper_,
683                   net_log_));
684   } else {
685     stream_request_.reset(
686         session_->http_stream_factory()->RequestStream(
687             *request_,
688             priority_,
689             server_ssl_config_,
690             proxy_ssl_config_,
691             this,
692             net_log_));
693   }
694   DCHECK(stream_request_.get());
695   return ERR_IO_PENDING;
696 }
697
698 int HttpNetworkTransaction::DoCreateStreamComplete(int result) {
699   if (result == OK) {
700     next_state_ = STATE_INIT_STREAM;
701     DCHECK(stream_.get());
702   } else if (result == ERR_SSL_CLIENT_AUTH_CERT_NEEDED) {
703     result = HandleCertificateRequest(result);
704   } else if (result == ERR_HTTPS_PROXY_TUNNEL_RESPONSE) {
705     // Return OK and let the caller read the proxy's error page
706     next_state_ = STATE_NONE;
707     return OK;
708   }
709
710   // Handle possible handshake errors that may have occurred if the stream
711   // used SSL for one or more of the layers.
712   result = HandleSSLHandshakeError(result);
713
714   // At this point we are done with the stream_request_.
715   stream_request_.reset();
716   return result;
717 }
718
719 int HttpNetworkTransaction::DoInitStream() {
720   DCHECK(stream_.get());
721   next_state_ = STATE_INIT_STREAM_COMPLETE;
722   return stream_->InitializeStream(request_, priority_, net_log_, io_callback_);
723 }
724
725 int HttpNetworkTransaction::DoInitStreamComplete(int result) {
726   if (result == OK) {
727     next_state_ = STATE_GENERATE_PROXY_AUTH_TOKEN;
728   } else {
729     if (result < 0)
730       result = HandleIOError(result);
731
732     // The stream initialization failed, so this stream will never be useful.
733     stream_.reset();
734   }
735
736   return result;
737 }
738
739 int HttpNetworkTransaction::DoGenerateProxyAuthToken() {
740   next_state_ = STATE_GENERATE_PROXY_AUTH_TOKEN_COMPLETE;
741   if (!ShouldApplyProxyAuth())
742     return OK;
743   HttpAuth::Target target = HttpAuth::AUTH_PROXY;
744   if (!auth_controllers_[target].get())
745     auth_controllers_[target] =
746         new HttpAuthController(target,
747                                AuthURL(target),
748                                session_->http_auth_cache(),
749                                session_->http_auth_handler_factory());
750   return auth_controllers_[target]->MaybeGenerateAuthToken(request_,
751                                                            io_callback_,
752                                                            net_log_);
753 }
754
755 int HttpNetworkTransaction::DoGenerateProxyAuthTokenComplete(int rv) {
756   DCHECK_NE(ERR_IO_PENDING, rv);
757   if (rv == OK)
758     next_state_ = STATE_GENERATE_SERVER_AUTH_TOKEN;
759   return rv;
760 }
761
762 int HttpNetworkTransaction::DoGenerateServerAuthToken() {
763   next_state_ = STATE_GENERATE_SERVER_AUTH_TOKEN_COMPLETE;
764   HttpAuth::Target target = HttpAuth::AUTH_SERVER;
765   if (!auth_controllers_[target].get()) {
766     auth_controllers_[target] =
767         new HttpAuthController(target,
768                                AuthURL(target),
769                                session_->http_auth_cache(),
770                                session_->http_auth_handler_factory());
771     if (request_->load_flags & LOAD_DO_NOT_USE_EMBEDDED_IDENTITY)
772       auth_controllers_[target]->DisableEmbeddedIdentity();
773   }
774   if (!ShouldApplyServerAuth())
775     return OK;
776   return auth_controllers_[target]->MaybeGenerateAuthToken(request_,
777                                                            io_callback_,
778                                                            net_log_);
779 }
780
781 int HttpNetworkTransaction::DoGenerateServerAuthTokenComplete(int rv) {
782   DCHECK_NE(ERR_IO_PENDING, rv);
783   if (rv == OK)
784     next_state_ = STATE_INIT_REQUEST_BODY;
785   return rv;
786 }
787
788 void HttpNetworkTransaction::BuildRequestHeaders(bool using_proxy) {
789   request_headers_.SetHeader(HttpRequestHeaders::kHost,
790                              GetHostAndOptionalPort(request_->url));
791
792   // For compat with HTTP/1.0 servers and proxies:
793   if (using_proxy) {
794     request_headers_.SetHeader(HttpRequestHeaders::kProxyConnection,
795                                "keep-alive");
796   } else {
797     request_headers_.SetHeader(HttpRequestHeaders::kConnection, "keep-alive");
798   }
799
800   // Add a content length header?
801   if (request_->upload_data_stream) {
802     if (request_->upload_data_stream->is_chunked()) {
803       request_headers_.SetHeader(
804           HttpRequestHeaders::kTransferEncoding, "chunked");
805     } else {
806       request_headers_.SetHeader(
807           HttpRequestHeaders::kContentLength,
808           base::Uint64ToString(request_->upload_data_stream->size()));
809     }
810   } else if (request_->method == "POST" || request_->method == "PUT" ||
811              request_->method == "HEAD") {
812     // An empty POST/PUT request still needs a content length.  As for HEAD,
813     // IE and Safari also add a content length header.  Presumably it is to
814     // support sending a HEAD request to an URL that only expects to be sent a
815     // POST or some other method that normally would have a message body.
816     request_headers_.SetHeader(HttpRequestHeaders::kContentLength, "0");
817   }
818
819   // Honor load flags that impact proxy caches.
820   if (request_->load_flags & LOAD_BYPASS_CACHE) {
821     request_headers_.SetHeader(HttpRequestHeaders::kPragma, "no-cache");
822     request_headers_.SetHeader(HttpRequestHeaders::kCacheControl, "no-cache");
823   } else if (request_->load_flags & LOAD_VALIDATE_CACHE) {
824     request_headers_.SetHeader(HttpRequestHeaders::kCacheControl, "max-age=0");
825   }
826
827   if (ShouldApplyProxyAuth() && HaveAuth(HttpAuth::AUTH_PROXY))
828     auth_controllers_[HttpAuth::AUTH_PROXY]->AddAuthorizationHeader(
829         &request_headers_);
830   if (ShouldApplyServerAuth() && HaveAuth(HttpAuth::AUTH_SERVER))
831     auth_controllers_[HttpAuth::AUTH_SERVER]->AddAuthorizationHeader(
832         &request_headers_);
833
834   request_headers_.MergeFrom(request_->extra_headers);
835   response_.did_use_http_auth =
836       request_headers_.HasHeader(HttpRequestHeaders::kAuthorization) ||
837       request_headers_.HasHeader(HttpRequestHeaders::kProxyAuthorization);
838 }
839
840 int HttpNetworkTransaction::DoInitRequestBody() {
841   next_state_ = STATE_INIT_REQUEST_BODY_COMPLETE;
842   int rv = OK;
843   if (request_->upload_data_stream)
844     rv = request_->upload_data_stream->Init(io_callback_);
845   return rv;
846 }
847
848 int HttpNetworkTransaction::DoInitRequestBodyComplete(int result) {
849   if (result == OK)
850     next_state_ = STATE_BUILD_REQUEST;
851   return result;
852 }
853
854 int HttpNetworkTransaction::DoBuildRequest() {
855   next_state_ = STATE_BUILD_REQUEST_COMPLETE;
856   headers_valid_ = false;
857
858   // This is constructed lazily (instead of within our Start method), so that
859   // we have proxy info available.
860   if (request_headers_.IsEmpty()) {
861     bool using_proxy = (proxy_info_.is_http() || proxy_info_.is_https()) &&
862                         !is_https_request();
863     BuildRequestHeaders(using_proxy);
864   }
865
866   return OK;
867 }
868
869 int HttpNetworkTransaction::DoBuildRequestComplete(int result) {
870   if (result == OK)
871     next_state_ = STATE_SEND_REQUEST;
872   return result;
873 }
874
875 int HttpNetworkTransaction::DoSendRequest() {
876   send_start_time_ = base::TimeTicks::Now();
877   next_state_ = STATE_SEND_REQUEST_COMPLETE;
878
879   return stream_->SendRequest(request_headers_, &response_, io_callback_);
880 }
881
882 int HttpNetworkTransaction::DoSendRequestComplete(int result) {
883   send_end_time_ = base::TimeTicks::Now();
884   if (result < 0)
885     return HandleIOError(result);
886   response_.network_accessed = true;
887   next_state_ = STATE_READ_HEADERS;
888   return OK;
889 }
890
891 int HttpNetworkTransaction::DoReadHeaders() {
892   next_state_ = STATE_READ_HEADERS_COMPLETE;
893   return stream_->ReadResponseHeaders(io_callback_);
894 }
895
896 int HttpNetworkTransaction::HandleConnectionClosedBeforeEndOfHeaders() {
897   if (!response_.headers.get() && !stream_->IsConnectionReused()) {
898     // The connection was closed before any data was sent. Likely an error
899     // rather than empty HTTP/0.9 response.
900     return ERR_EMPTY_RESPONSE;
901   }
902
903   return OK;
904 }
905
906 int HttpNetworkTransaction::DoReadHeadersComplete(int result) {
907   // We can get a certificate error or ERR_SSL_CLIENT_AUTH_CERT_NEEDED here
908   // due to SSL renegotiation.
909   if (IsCertificateError(result)) {
910     // We don't handle a certificate error during SSL renegotiation, so we
911     // have to return an error that's not in the certificate error range
912     // (-2xx).
913     LOG(ERROR) << "Got a server certificate with error " << result
914                << " during SSL renegotiation";
915     result = ERR_CERT_ERROR_IN_SSL_RENEGOTIATION;
916   } else if (result == ERR_SSL_CLIENT_AUTH_CERT_NEEDED) {
917     // TODO(wtc): Need a test case for this code path!
918     DCHECK(stream_.get());
919     DCHECK(is_https_request());
920     response_.cert_request_info = new SSLCertRequestInfo;
921     stream_->GetSSLCertRequestInfo(response_.cert_request_info.get());
922     result = HandleCertificateRequest(result);
923     if (result == OK)
924       return result;
925   }
926
927   if (result == ERR_QUIC_HANDSHAKE_FAILED) {
928     ResetConnectionAndRequestForResend();
929     return OK;
930   }
931
932   if (result < 0 && result != ERR_CONNECTION_CLOSED)
933     return HandleIOError(result);
934
935   if (result == ERR_CONNECTION_CLOSED && ShouldResendRequest(result)) {
936     ResetConnectionAndRequestForResend();
937     return OK;
938   }
939
940   // After we call RestartWithAuth a new response_time will be recorded, and
941   // we need to be cautious about incorrectly logging the duration across the
942   // authentication activity.
943   if (result == OK)
944     LogTransactionConnectedMetrics();
945
946   if (result == ERR_CONNECTION_CLOSED) {
947     // For now, if we get at least some data, we do the best we can to make
948     // sense of it and send it back up the stack.
949     int rv = HandleConnectionClosedBeforeEndOfHeaders();
950     if (rv != OK)
951       return rv;
952   }
953   DCHECK(response_.headers.get());
954
955 #if defined(SPDY_PROXY_AUTH_ORIGIN)
956   // Server-induced fallback; see: http://crbug.com/143712
957   if (response_.was_fetched_via_proxy && response_.headers.get() != NULL) {
958     ProxyService::DataReductionProxyBypassEventType proxy_bypass_event =
959         ProxyService::BYPASS_EVENT_TYPE_MAX;
960     net::HttpResponseHeaders::ChromeProxyInfo chrome_proxy_info;
961     bool chrome_proxy_used =
962         proxy_info_.proxy_server().isDataReductionProxy();
963     bool chrome_fallback_proxy_used = false;
964 #if defined(DATA_REDUCTION_FALLBACK_HOST)
965     if (!chrome_proxy_used) {
966       chrome_fallback_proxy_used =
967           proxy_info_.proxy_server().isDataReductionProxyFallback();
968     }
969 #endif
970
971     if (chrome_proxy_used || chrome_fallback_proxy_used) {
972       if (response_.headers->GetChromeProxyInfo(&chrome_proxy_info)) {
973         if (chrome_proxy_info.bypass_duration < TimeDelta::FromMinutes(30))
974           proxy_bypass_event = ProxyService::SHORT_BYPASS;
975         else
976           proxy_bypass_event = ProxyService::LONG_BYPASS;
977       } else {
978         // Additionally, fallback if a 500 or 502 is returned via the data
979         // reduction proxy. This is conservative, as the 500 or 502 might have
980         // been generated by the origin, and not the proxy.
981         if (response_.headers->response_code() == HTTP_INTERNAL_SERVER_ERROR ||
982             response_.headers->response_code() == HTTP_BAD_GATEWAY ||
983             response_.headers->response_code() == HTTP_SERVICE_UNAVAILABLE) {
984           proxy_bypass_event = ProxyService::INTERNAL_SERVER_ERROR_BYPASS;
985         }
986       }
987
988       if (proxy_bypass_event < ProxyService::BYPASS_EVENT_TYPE_MAX) {
989         ProxyService* proxy_service = session_->proxy_service();
990
991         proxy_service->RecordDataReductionProxyBypassInfo(
992             chrome_proxy_used, proxy_info_.proxy_server(), proxy_bypass_event);
993
994         ProxyServer proxy_server;
995 #if defined(DATA_REDUCTION_FALLBACK_HOST)
996         if (chrome_proxy_used && chrome_proxy_info.bypass_all) {
997           // TODO(bengr): Rename as DATA_REDUCTION_FALLBACK_ORIGIN.
998           GURL proxy_url(DATA_REDUCTION_FALLBACK_HOST);
999           if (proxy_url.SchemeIsHTTPOrHTTPS()) {
1000             proxy_server = ProxyServer(proxy_url.SchemeIs("http") ?
1001                                            ProxyServer::SCHEME_HTTP :
1002                                            ProxyServer::SCHEME_HTTPS,
1003                                        HostPortPair::FromURL(proxy_url));
1004             }
1005         }
1006 #endif
1007         if (proxy_service->MarkProxiesAsBad(proxy_info_,
1008                                             chrome_proxy_info.bypass_duration,
1009                                             proxy_server,
1010                                             net_log_)) {
1011           // Only retry in the case of GETs. We don't want to resubmit a POST
1012           // if the proxy took some action.
1013           if (request_->method == "GET") {
1014             ResetConnectionAndRequestForResend();
1015             return OK;
1016           }
1017         }
1018       }
1019     }
1020   }
1021 #endif  // defined(SPDY_PROXY_AUTH_ORIGIN)
1022
1023   // Like Net.HttpResponseCode, but only for MAIN_FRAME loads.
1024   if (request_->load_flags & LOAD_MAIN_FRAME) {
1025     const int response_code = response_.headers->response_code();
1026     UMA_HISTOGRAM_ENUMERATION(
1027         "Net.HttpResponseCode_Nxx_MainFrame", response_code/100, 10);
1028   }
1029
1030   net_log_.AddEvent(
1031       NetLog::TYPE_HTTP_TRANSACTION_READ_RESPONSE_HEADERS,
1032       base::Bind(&HttpResponseHeaders::NetLogCallback, response_.headers));
1033
1034   if (response_.headers->GetParsedHttpVersion() < HttpVersion(1, 0)) {
1035     // HTTP/0.9 doesn't support the PUT method, so lack of response headers
1036     // indicates a buggy server.  See:
1037     // https://bugzilla.mozilla.org/show_bug.cgi?id=193921
1038     if (request_->method == "PUT")
1039       return ERR_METHOD_NOT_SUPPORTED;
1040   }
1041
1042   // Check for an intermediate 100 Continue response.  An origin server is
1043   // allowed to send this response even if we didn't ask for it, so we just
1044   // need to skip over it.
1045   // We treat any other 1xx in this same way (although in practice getting
1046   // a 1xx that isn't a 100 is rare).
1047   // Unless this is a WebSocket request, in which case we pass it on up.
1048   if (response_.headers->response_code() / 100 == 1 &&
1049       !ForWebSocketHandshake()) {
1050     response_.headers = new HttpResponseHeaders(std::string());
1051     next_state_ = STATE_READ_HEADERS;
1052     return OK;
1053   }
1054
1055   HostPortPair endpoint = HostPortPair(request_->url.HostNoBrackets(),
1056                                        request_->url.EffectiveIntPort());
1057   ProcessAlternateProtocol(session_->http_stream_factory(),
1058                            session_->http_server_properties(),
1059                            *response_.headers.get(),
1060                            endpoint);
1061
1062   int rv = HandleAuthChallenge();
1063   if (rv != OK)
1064     return rv;
1065
1066   if (is_https_request())
1067     stream_->GetSSLInfo(&response_.ssl_info);
1068
1069   headers_valid_ = true;
1070   return OK;
1071 }
1072
1073 int HttpNetworkTransaction::DoReadBody() {
1074   DCHECK(read_buf_.get());
1075   DCHECK_GT(read_buf_len_, 0);
1076   DCHECK(stream_ != NULL);
1077
1078   next_state_ = STATE_READ_BODY_COMPLETE;
1079   return stream_->ReadResponseBody(
1080       read_buf_.get(), read_buf_len_, io_callback_);
1081 }
1082
1083 int HttpNetworkTransaction::DoReadBodyComplete(int result) {
1084   // We are done with the Read call.
1085   bool done = false;
1086   if (result <= 0) {
1087     DCHECK_NE(ERR_IO_PENDING, result);
1088     done = true;
1089   }
1090
1091   bool keep_alive = false;
1092   if (stream_->IsResponseBodyComplete()) {
1093     // Note: Just because IsResponseBodyComplete is true, we're not
1094     // necessarily "done".  We're only "done" when it is the last
1095     // read on this HttpNetworkTransaction, which will be signified
1096     // by a zero-length read.
1097     // TODO(mbelshe): The keepalive property is really a property of
1098     //    the stream.  No need to compute it here just to pass back
1099     //    to the stream's Close function.
1100     // TODO(rtenneti): CanFindEndOfResponse should return false if there are no
1101     // ResponseHeaders.
1102     if (stream_->CanFindEndOfResponse()) {
1103       HttpResponseHeaders* headers = GetResponseHeaders();
1104       if (headers)
1105         keep_alive = headers->IsKeepAlive();
1106     }
1107   }
1108
1109   // Clean up connection if we are done.
1110   if (done) {
1111     LogTransactionMetrics();
1112     stream_->Close(!keep_alive);
1113     // Note: we don't reset the stream here.  We've closed it, but we still
1114     // need it around so that callers can call methods such as
1115     // GetUploadProgress() and have them be meaningful.
1116     // TODO(mbelshe): This means we closed the stream here, and we close it
1117     // again in ~HttpNetworkTransaction.  Clean that up.
1118
1119     // The next Read call will return 0 (EOF).
1120   }
1121
1122   // Clear these to avoid leaving around old state.
1123   read_buf_ = NULL;
1124   read_buf_len_ = 0;
1125
1126   return result;
1127 }
1128
1129 int HttpNetworkTransaction::DoDrainBodyForAuthRestart() {
1130   // This method differs from DoReadBody only in the next_state_.  So we just
1131   // call DoReadBody and override the next_state_.  Perhaps there is a more
1132   // elegant way for these two methods to share code.
1133   int rv = DoReadBody();
1134   DCHECK(next_state_ == STATE_READ_BODY_COMPLETE);
1135   next_state_ = STATE_DRAIN_BODY_FOR_AUTH_RESTART_COMPLETE;
1136   return rv;
1137 }
1138
1139 // TODO(wtc): This method and the DoReadBodyComplete method are almost
1140 // the same.  Figure out a good way for these two methods to share code.
1141 int HttpNetworkTransaction::DoDrainBodyForAuthRestartComplete(int result) {
1142   // keep_alive defaults to true because the very reason we're draining the
1143   // response body is to reuse the connection for auth restart.
1144   bool done = false, keep_alive = true;
1145   if (result < 0) {
1146     // Error or closed connection while reading the socket.
1147     done = true;
1148     keep_alive = false;
1149   } else if (stream_->IsResponseBodyComplete()) {
1150     done = true;
1151   }
1152
1153   if (done) {
1154     DidDrainBodyForAuthRestart(keep_alive);
1155   } else {
1156     // Keep draining.
1157     next_state_ = STATE_DRAIN_BODY_FOR_AUTH_RESTART;
1158   }
1159
1160   return OK;
1161 }
1162
1163 void HttpNetworkTransaction::LogTransactionConnectedMetrics() {
1164   if (logged_response_time_)
1165     return;
1166
1167   logged_response_time_ = true;
1168
1169   base::TimeDelta total_duration = response_.response_time - start_time_;
1170
1171   UMA_HISTOGRAM_CUSTOM_TIMES(
1172       "Net.Transaction_Connected",
1173       total_duration,
1174       base::TimeDelta::FromMilliseconds(1), base::TimeDelta::FromMinutes(10),
1175       100);
1176
1177   bool reused_socket = stream_->IsConnectionReused();
1178   if (!reused_socket) {
1179     UMA_HISTOGRAM_CUSTOM_TIMES(
1180         "Net.Transaction_Connected_New_b",
1181         total_duration,
1182         base::TimeDelta::FromMilliseconds(1), base::TimeDelta::FromMinutes(10),
1183         100);
1184   }
1185
1186   // Currently, non-HIGHEST priority requests are frame or sub-frame resource
1187   // types.  This will change when we also prioritize certain subresources like
1188   // css, js, etc.
1189   if (priority_ != HIGHEST) {
1190     UMA_HISTOGRAM_CUSTOM_TIMES(
1191         "Net.Priority_High_Latency_b",
1192         total_duration,
1193         base::TimeDelta::FromMilliseconds(1), base::TimeDelta::FromMinutes(10),
1194         100);
1195   } else {
1196     UMA_HISTOGRAM_CUSTOM_TIMES(
1197         "Net.Priority_Low_Latency_b",
1198         total_duration,
1199         base::TimeDelta::FromMilliseconds(1), base::TimeDelta::FromMinutes(10),
1200         100);
1201   }
1202 }
1203
1204 void HttpNetworkTransaction::LogTransactionMetrics() const {
1205   base::TimeDelta duration = base::Time::Now() -
1206                              response_.request_time;
1207   if (60 < duration.InMinutes())
1208     return;
1209
1210   base::TimeDelta total_duration = base::Time::Now() - start_time_;
1211
1212   UMA_HISTOGRAM_CUSTOM_TIMES("Net.Transaction_Latency_b", duration,
1213                              base::TimeDelta::FromMilliseconds(1),
1214                              base::TimeDelta::FromMinutes(10),
1215                              100);
1216   UMA_HISTOGRAM_CUSTOM_TIMES("Net.Transaction_Latency_Total",
1217                              total_duration,
1218                              base::TimeDelta::FromMilliseconds(1),
1219                              base::TimeDelta::FromMinutes(10), 100);
1220
1221   if (!stream_->IsConnectionReused()) {
1222     UMA_HISTOGRAM_CUSTOM_TIMES(
1223         "Net.Transaction_Latency_Total_New_Connection",
1224         total_duration, base::TimeDelta::FromMilliseconds(1),
1225         base::TimeDelta::FromMinutes(10), 100);
1226   }
1227 }
1228
1229 int HttpNetworkTransaction::HandleCertificateRequest(int error) {
1230   // There are two paths through which the server can request a certificate
1231   // from us.  The first is during the initial handshake, the second is
1232   // during SSL renegotiation.
1233   //
1234   // In both cases, we want to close the connection before proceeding.
1235   // We do this for two reasons:
1236   //   First, we don't want to keep the connection to the server hung for a
1237   //   long time while the user selects a certificate.
1238   //   Second, even if we did keep the connection open, NSS has a bug where
1239   //   restarting the handshake for ClientAuth is currently broken.
1240   DCHECK_EQ(error, ERR_SSL_CLIENT_AUTH_CERT_NEEDED);
1241
1242   if (stream_.get()) {
1243     // Since we already have a stream, we're being called as part of SSL
1244     // renegotiation.
1245     DCHECK(!stream_request_.get());
1246     stream_->Close(true);
1247     stream_.reset();
1248   }
1249
1250   // The server is asking for a client certificate during the initial
1251   // handshake.
1252   stream_request_.reset();
1253
1254   // If the user selected one of the certificates in client_certs or declined
1255   // to provide one for this server before, use the past decision
1256   // automatically.
1257   scoped_refptr<X509Certificate> client_cert;
1258   bool found_cached_cert = session_->ssl_client_auth_cache()->Lookup(
1259       response_.cert_request_info->host_and_port, &client_cert);
1260   if (!found_cached_cert)
1261     return error;
1262
1263   // Check that the certificate selected is still a certificate the server
1264   // is likely to accept, based on the criteria supplied in the
1265   // CertificateRequest message.
1266   if (client_cert.get()) {
1267     const std::vector<std::string>& cert_authorities =
1268         response_.cert_request_info->cert_authorities;
1269
1270     bool cert_still_valid = cert_authorities.empty() ||
1271         client_cert->IsIssuedByEncoded(cert_authorities);
1272     if (!cert_still_valid)
1273       return error;
1274   }
1275
1276   // TODO(davidben): Add a unit test which covers this path; we need to be
1277   // able to send a legitimate certificate and also bypass/clear the
1278   // SSL session cache.
1279   SSLConfig* ssl_config = response_.cert_request_info->is_proxy ?
1280       &proxy_ssl_config_ : &server_ssl_config_;
1281   ssl_config->send_client_cert = true;
1282   ssl_config->client_cert = client_cert;
1283   next_state_ = STATE_CREATE_STREAM;
1284   // Reset the other member variables.
1285   // Note: this is necessary only with SSL renegotiation.
1286   ResetStateForRestart();
1287   return OK;
1288 }
1289
1290 void HttpNetworkTransaction::HandleClientAuthError(int error) {
1291   if (server_ssl_config_.send_client_cert &&
1292       (error == ERR_SSL_PROTOCOL_ERROR || IsClientCertificateError(error))) {
1293     session_->ssl_client_auth_cache()->Remove(
1294         HostPortPair::FromURL(request_->url));
1295   }
1296 }
1297
1298 // TODO(rch): This does not correctly handle errors when an SSL proxy is
1299 // being used, as all of the errors are handled as if they were generated
1300 // by the endpoint host, request_->url, rather than considering if they were
1301 // generated by the SSL proxy. http://crbug.com/69329
1302 int HttpNetworkTransaction::HandleSSLHandshakeError(int error) {
1303   DCHECK(request_);
1304   HandleClientAuthError(error);
1305
1306   bool should_fallback = false;
1307   uint16 version_max = server_ssl_config_.version_max;
1308
1309   switch (error) {
1310     case ERR_SSL_PROTOCOL_ERROR:
1311     case ERR_SSL_VERSION_OR_CIPHER_MISMATCH:
1312       if (version_max >= SSL_PROTOCOL_VERSION_TLS1 &&
1313           version_max > server_ssl_config_.version_min) {
1314         // This could be a TLS-intolerant server or a server that chose a
1315         // cipher suite defined only for higher protocol versions (such as
1316         // an SSL 3.0 server that chose a TLS-only cipher suite).  Fall
1317         // back to the next lower version and retry.
1318         // NOTE: if the SSLClientSocket class doesn't support TLS 1.1,
1319         // specifying TLS 1.1 in version_max will result in a TLS 1.0
1320         // handshake, so falling back from TLS 1.1 to TLS 1.0 will simply
1321         // repeat the TLS 1.0 handshake. To avoid this problem, the default
1322         // version_max should match the maximum protocol version supported
1323         // by the SSLClientSocket class.
1324         version_max--;
1325
1326         // Fallback to the lower SSL version.
1327         // While SSL 3.0 fallback should be eliminated because of security
1328         // reasons, there is a high risk of breaking the servers if this is
1329         // done in general.
1330         should_fallback = true;
1331       }
1332       break;
1333     case ERR_SSL_BAD_RECORD_MAC_ALERT:
1334       if (version_max >= SSL_PROTOCOL_VERSION_TLS1_1 &&
1335           version_max > server_ssl_config_.version_min) {
1336         // Some broken SSL devices negotiate TLS 1.0 when sent a TLS 1.1 or
1337         // 1.2 ClientHello, but then return a bad_record_mac alert. See
1338         // crbug.com/260358. In order to make the fallback as minimal as
1339         // possible, this fallback is only triggered for >= TLS 1.1.
1340         version_max--;
1341         should_fallback = true;
1342       }
1343       break;
1344     case ERR_SSL_INAPPROPRIATE_FALLBACK:
1345       // The server told us that we should not have fallen back. A buggy server
1346       // could trigger ERR_SSL_INAPPROPRIATE_FALLBACK with the initial
1347       // connection. |fallback_error_code_| is initialised to
1348       // ERR_SSL_INAPPROPRIATE_FALLBACK to catch this case.
1349       error = fallback_error_code_;
1350       break;
1351   }
1352
1353   if (should_fallback) {
1354     net_log_.AddEvent(
1355         NetLog::TYPE_SSL_VERSION_FALLBACK,
1356         base::Bind(&NetLogSSLVersionFallbackCallback,
1357                    &request_->url, error, server_ssl_config_.version_max,
1358                    version_max));
1359     fallback_error_code_ = error;
1360     server_ssl_config_.version_max = version_max;
1361     server_ssl_config_.version_fallback = true;
1362     ResetConnectionAndRequestForResend();
1363     error = OK;
1364   }
1365
1366   return error;
1367 }
1368
1369 // This method determines whether it is safe to resend the request after an
1370 // IO error.  It can only be called in response to request header or body
1371 // write errors or response header read errors.  It should not be used in
1372 // other cases, such as a Connect error.
1373 int HttpNetworkTransaction::HandleIOError(int error) {
1374   // Because the peer may request renegotiation with client authentication at
1375   // any time, check and handle client authentication errors.
1376   HandleClientAuthError(error);
1377
1378   switch (error) {
1379     // If we try to reuse a connection that the server is in the process of
1380     // closing, we may end up successfully writing out our request (or a
1381     // portion of our request) only to find a connection error when we try to
1382     // read from (or finish writing to) the socket.
1383     case ERR_CONNECTION_RESET:
1384     case ERR_CONNECTION_CLOSED:
1385     case ERR_CONNECTION_ABORTED:
1386     // There can be a race between the socket pool checking checking whether a
1387     // socket is still connected, receiving the FIN, and sending/reading data
1388     // on a reused socket.  If we receive the FIN between the connectedness
1389     // check and writing/reading from the socket, we may first learn the socket
1390     // is disconnected when we get a ERR_SOCKET_NOT_CONNECTED.  This will most
1391     // likely happen when trying to retrieve its IP address.
1392     // See http://crbug.com/105824 for more details.
1393     case ERR_SOCKET_NOT_CONNECTED:
1394       if (ShouldResendRequest(error)) {
1395         net_log_.AddEventWithNetErrorCode(
1396             NetLog::TYPE_HTTP_TRANSACTION_RESTART_AFTER_ERROR, error);
1397         ResetConnectionAndRequestForResend();
1398         error = OK;
1399       }
1400       break;
1401     case ERR_PIPELINE_EVICTION:
1402       if (!session_->force_http_pipelining()) {
1403         net_log_.AddEventWithNetErrorCode(
1404             NetLog::TYPE_HTTP_TRANSACTION_RESTART_AFTER_ERROR, error);
1405         ResetConnectionAndRequestForResend();
1406         error = OK;
1407       }
1408       break;
1409     case ERR_SPDY_PING_FAILED:
1410     case ERR_SPDY_SERVER_REFUSED_STREAM:
1411     case ERR_QUIC_HANDSHAKE_FAILED:
1412       net_log_.AddEventWithNetErrorCode(
1413           NetLog::TYPE_HTTP_TRANSACTION_RESTART_AFTER_ERROR, error);
1414       ResetConnectionAndRequestForResend();
1415       error = OK;
1416       break;
1417   }
1418   return error;
1419 }
1420
1421 void HttpNetworkTransaction::ResetStateForRestart() {
1422   ResetStateForAuthRestart();
1423   stream_.reset();
1424 }
1425
1426 void HttpNetworkTransaction::ResetStateForAuthRestart() {
1427   send_start_time_ = base::TimeTicks();
1428   send_end_time_ = base::TimeTicks();
1429
1430   pending_auth_target_ = HttpAuth::AUTH_NONE;
1431   read_buf_ = NULL;
1432   read_buf_len_ = 0;
1433   headers_valid_ = false;
1434   request_headers_.Clear();
1435   response_ = HttpResponseInfo();
1436   establishing_tunnel_ = false;
1437 }
1438
1439 HttpResponseHeaders* HttpNetworkTransaction::GetResponseHeaders() const {
1440   return response_.headers.get();
1441 }
1442
1443 bool HttpNetworkTransaction::ShouldResendRequest(int error) const {
1444   bool connection_is_proven = stream_->IsConnectionReused();
1445   bool has_received_headers = GetResponseHeaders() != NULL;
1446
1447   // NOTE: we resend a request only if we reused a keep-alive connection.
1448   // This automatically prevents an infinite resend loop because we'll run
1449   // out of the cached keep-alive connections eventually.
1450   if (connection_is_proven && !has_received_headers)
1451     return true;
1452   return false;
1453 }
1454
1455 void HttpNetworkTransaction::ResetConnectionAndRequestForResend() {
1456   if (stream_.get()) {
1457     stream_->Close(true);
1458     stream_.reset();
1459   }
1460
1461   // We need to clear request_headers_ because it contains the real request
1462   // headers, but we may need to resend the CONNECT request first to recreate
1463   // the SSL tunnel.
1464   request_headers_.Clear();
1465   next_state_ = STATE_CREATE_STREAM;  // Resend the request.
1466 }
1467
1468 bool HttpNetworkTransaction::ShouldApplyProxyAuth() const {
1469   return !is_https_request() &&
1470       (proxy_info_.is_https() || proxy_info_.is_http());
1471 }
1472
1473 bool HttpNetworkTransaction::ShouldApplyServerAuth() const {
1474   return !(request_->load_flags & LOAD_DO_NOT_SEND_AUTH_DATA);
1475 }
1476
1477 int HttpNetworkTransaction::HandleAuthChallenge() {
1478   scoped_refptr<HttpResponseHeaders> headers(GetResponseHeaders());
1479   DCHECK(headers.get());
1480
1481   int status = headers->response_code();
1482   if (status != HTTP_UNAUTHORIZED &&
1483       status != HTTP_PROXY_AUTHENTICATION_REQUIRED)
1484     return OK;
1485   HttpAuth::Target target = status == HTTP_PROXY_AUTHENTICATION_REQUIRED ?
1486                             HttpAuth::AUTH_PROXY : HttpAuth::AUTH_SERVER;
1487   if (target == HttpAuth::AUTH_PROXY && proxy_info_.is_direct())
1488     return ERR_UNEXPECTED_PROXY_AUTH;
1489
1490   // This case can trigger when an HTTPS server responds with a "Proxy
1491   // authentication required" status code through a non-authenticating
1492   // proxy.
1493   if (!auth_controllers_[target].get())
1494     return ERR_UNEXPECTED_PROXY_AUTH;
1495
1496   int rv = auth_controllers_[target]->HandleAuthChallenge(
1497       headers, (request_->load_flags & LOAD_DO_NOT_SEND_AUTH_DATA) != 0, false,
1498       net_log_);
1499   if (auth_controllers_[target]->HaveAuthHandler())
1500       pending_auth_target_ = target;
1501
1502   scoped_refptr<AuthChallengeInfo> auth_info =
1503       auth_controllers_[target]->auth_info();
1504   if (auth_info.get())
1505       response_.auth_challenge = auth_info;
1506
1507   return rv;
1508 }
1509
1510 bool HttpNetworkTransaction::HaveAuth(HttpAuth::Target target) const {
1511   return auth_controllers_[target].get() &&
1512       auth_controllers_[target]->HaveAuth();
1513 }
1514
1515 GURL HttpNetworkTransaction::AuthURL(HttpAuth::Target target) const {
1516   switch (target) {
1517     case HttpAuth::AUTH_PROXY: {
1518       if (!proxy_info_.proxy_server().is_valid() ||
1519           proxy_info_.proxy_server().is_direct()) {
1520         return GURL();  // There is no proxy server.
1521       }
1522       const char* scheme = proxy_info_.is_https() ? "https://" : "http://";
1523       return GURL(scheme +
1524                   proxy_info_.proxy_server().host_port_pair().ToString());
1525     }
1526     case HttpAuth::AUTH_SERVER:
1527       return request_->url;
1528     default:
1529      return GURL();
1530   }
1531 }
1532
1533 bool HttpNetworkTransaction::ForWebSocketHandshake() const {
1534   return websocket_handshake_stream_base_create_helper_ &&
1535          request_->url.SchemeIsWSOrWSS();
1536 }
1537
1538 #define STATE_CASE(s) \
1539   case s: \
1540     description = base::StringPrintf("%s (0x%08X)", #s, s); \
1541     break
1542
1543 std::string HttpNetworkTransaction::DescribeState(State state) {
1544   std::string description;
1545   switch (state) {
1546     STATE_CASE(STATE_CREATE_STREAM);
1547     STATE_CASE(STATE_CREATE_STREAM_COMPLETE);
1548     STATE_CASE(STATE_INIT_REQUEST_BODY);
1549     STATE_CASE(STATE_INIT_REQUEST_BODY_COMPLETE);
1550     STATE_CASE(STATE_BUILD_REQUEST);
1551     STATE_CASE(STATE_BUILD_REQUEST_COMPLETE);
1552     STATE_CASE(STATE_SEND_REQUEST);
1553     STATE_CASE(STATE_SEND_REQUEST_COMPLETE);
1554     STATE_CASE(STATE_READ_HEADERS);
1555     STATE_CASE(STATE_READ_HEADERS_COMPLETE);
1556     STATE_CASE(STATE_READ_BODY);
1557     STATE_CASE(STATE_READ_BODY_COMPLETE);
1558     STATE_CASE(STATE_DRAIN_BODY_FOR_AUTH_RESTART);
1559     STATE_CASE(STATE_DRAIN_BODY_FOR_AUTH_RESTART_COMPLETE);
1560     STATE_CASE(STATE_NONE);
1561     default:
1562       description = base::StringPrintf("Unknown state 0x%08X (%u)", state,
1563                                        state);
1564       break;
1565   }
1566   return description;
1567 }
1568
1569 #undef STATE_CASE
1570
1571 }  // namespace net