xref: /aosp_15_r20/external/cronet/net/socket/connect_job_factory.h (revision 6777b5387eb2ff775bb5750e3f5d96f37fb7352b) 
1 // Copyright 2021 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef NET_SOCKET_CONNECT_JOB_FACTORY_H_
6 #define NET_SOCKET_CONNECT_JOB_FACTORY_H_
7 
8 #include <memory>
9 #include <optional>
10 #include <vector>
11 
12 #include "net/base/host_port_pair.h"
13 #include "net/base/network_anonymization_key.h"
14 #include "net/base/privacy_mode.h"
15 #include "net/base/request_priority.h"
16 #include "net/dns/public/secure_dns_policy.h"
17 #include "net/http/http_proxy_connect_job.h"
18 #include "net/socket/connect_job.h"
19 #include "net/socket/socket_tag.h"
20 #include "net/socket/socks_connect_job.h"
21 #include "net/socket/ssl_connect_job.h"
22 #include "net/socket/transport_connect_job.h"
23 #include "net/ssl/ssl_config.h"
24 #include "third_party/abseil-cpp/absl/types/variant.h"
25 #include "url/scheme_host_port.h"
26 
27 namespace net {
28 
29 class NetworkAnonymizationKey;
30 struct NetworkTrafficAnnotationTag;
31 class ProxyChain;
32 struct SSLConfig;
33 
34 // Common factory for all ConnectJob types. Determines and creates the correct
35 // ConnectJob depending on the passed in parameters.
36 class NET_EXPORT_PRIVATE ConnectJobFactory {
37  public:
38   // What protocols may be negotiated with the destination SSL server via ALPN.
39   // These do not apply to the proxy server, for which all protocols listed in
40   // CommonConnectJobParams are always allowed to be negotiated, unless
41   // HttpServerProperties forces H1.
42   //
43   // AlpnMode has no impact when not talking to an HTTPS destination server.
44   enum class AlpnMode {
45     // Don't use ALPN mode at all when negotiating a connection. This is used by
46     // non-HTTP consumers.
47     kDisabled,
48     // Only try to negotiate H1. This is only used by WebSockets.
49     kHttp11Only,
50     // Allow negotiating H2 or H1 via ALPN. H2 may only be negotiated if
51     // CommonConnectJobParams allows it. Also, if HttpServerProperties only
52     // allows H1 for the destination server, only H1 will be negotiated, even
53     // if `kHttpAll` is specified.
54     kHttpAll,
55   };
56 
57   // The endpoint of a connection when the endpoint does not have a known
58   // standard scheme.
59   struct SchemelessEndpoint {
60     bool using_ssl;
61     HostPortPair host_port_pair;
62   };
63 
64   // Representation of the endpoint of a connection. Could be schemeful or
65   // schemeless.
66   using Endpoint = absl::variant<url::SchemeHostPort, SchemelessEndpoint>;
67 
68   // Default factory will be used if passed the default `nullptr`.
69   explicit ConnectJobFactory(
70       std::unique_ptr<HttpProxyConnectJob::Factory>
71           http_proxy_connect_job_factory = nullptr,
72       std::unique_ptr<SOCKSConnectJob::Factory> socks_connect_job_factory =
73           nullptr,
74       std::unique_ptr<SSLConnectJob::Factory> ssl_connect_job_factory = nullptr,
75       std::unique_ptr<TransportConnectJob::Factory>
76           transport_connect_job_factory = nullptr);
77 
78   // Not copyable/movable. Intended for polymorphic use via pointer.
79   ConnectJobFactory(const ConnectJobFactory&) = delete;
80   ConnectJobFactory& operator=(const ConnectJobFactory&) = delete;
81 
82   virtual ~ConnectJobFactory();
83 
84   // `common_connect_job_params` and `delegate` must outlive the returned
85   // ConnectJob.
86   std::unique_ptr<ConnectJob> CreateConnectJob(
87       url::SchemeHostPort endpoint,
88       const ProxyChain& proxy_chain,
89       const std::optional<NetworkTrafficAnnotationTag>& proxy_annotation_tag,
90       const std::vector<SSLConfig::CertAndStatus>& allowed_bad_certs,
91       ConnectJobFactory::AlpnMode alpn_mode,
92       bool force_tunnel,
93       PrivacyMode privacy_mode,
94       const OnHostResolutionCallback& resolution_callback,
95       RequestPriority request_priority,
96       SocketTag socket_tag,
97       const NetworkAnonymizationKey& network_anonymization_key,
98       SecureDnsPolicy secure_dns_policy,
99       bool disable_cert_network_fetches,
100       const CommonConnectJobParams* common_connect_job_params,
101       ConnectJob::Delegate* delegate) const;
102 
103   // TODO(crbug.com/1206799): Rename to discourage use except in cases where the
104   // scheme is non-standard or unknown.
105   std::unique_ptr<ConnectJob> CreateConnectJob(
106       bool using_ssl,
107       HostPortPair endpoint,
108       const ProxyChain& proxy_chain,
109       const std::optional<NetworkTrafficAnnotationTag>& proxy_annotation_tag,
110       bool force_tunnel,
111       PrivacyMode privacy_mode,
112       const OnHostResolutionCallback& resolution_callback,
113       RequestPriority request_priority,
114       SocketTag socket_tag,
115       const NetworkAnonymizationKey& network_anonymization_key,
116       SecureDnsPolicy secure_dns_policy,
117       const CommonConnectJobParams* common_connect_job_params,
118       ConnectJob::Delegate* delegate) const;
119 
120  private:
121   virtual std::unique_ptr<ConnectJob> CreateConnectJob(
122       Endpoint endpoint,
123       const ProxyChain& proxy_chain,
124       const std::optional<NetworkTrafficAnnotationTag>& proxy_annotation_tag,
125       const std::vector<SSLConfig::CertAndStatus>& allowed_bad_certs,
126       ConnectJobFactory::AlpnMode alpn_mode,
127       bool force_tunnel,
128       PrivacyMode privacy_mode,
129       const OnHostResolutionCallback& resolution_callback,
130       RequestPriority request_priority,
131       SocketTag socket_tag,
132       const NetworkAnonymizationKey& network_anonymization_key,
133       SecureDnsPolicy secure_dns_policy,
134       bool disable_cert_network_fetches,
135       const CommonConnectJobParams* common_connect_job_params,
136       ConnectJob::Delegate* delegate) const;
137 
138   std::unique_ptr<HttpProxyConnectJob::Factory> http_proxy_connect_job_factory_;
139   std::unique_ptr<SOCKSConnectJob::Factory> socks_connect_job_factory_;
140   std::unique_ptr<SSLConnectJob::Factory> ssl_connect_job_factory_;
141   std::unique_ptr<TransportConnectJob::Factory> transport_connect_job_factory_;
142 
143   // Use a single NetworkAnonymizationKey for looking up proxy hostnames.
144   // Proxies are typically used across sites, but cached proxy IP addresses
145   // don't really expose useful information to destination sites, and not
146   // caching them has a performance cost.
147   net::NetworkAnonymizationKey proxy_dns_network_anonymization_key_ =
148       net::NetworkAnonymizationKey::CreateTransient();
149 };
150 
151 }  // namespace net
152 
153 #endif  // NET_SOCKET_CONNECT_JOB_FACTORY_H_
154