1/***************************************************************************
2 * _ _ ____ _
3 * Project ___| | | | _ \| |
4 * / __| | | | |_) | |
5 * | (__| |_| | _ <| |___
6 * \___|\___/|_| \_\_____|
7 *
8 * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
9 *
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at https://curl.se/docs/copyright.html.
13 *
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
17 *
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
20 *
21 * SPDX-License-Identifier: curl
22 *
23 ***************************************************************************/
24
25#include "curl_setup.h"
26
27#if !defined(CURL_DISABLE_HTTP) && !defined(USE_HYPER)
28
29#include "urldata.h"
30#include <curl/curl.h>
31#include "curl_trc.h"
32#include "cfilters.h"
33#include "connect.h"
34#include "multiif.h"
35#include "cf-https-connect.h"
36#include "http2.h"
37#include "vquic/vquic.h"
38
39/* The last 3 #include files should be in this order */
40#include "curl_printf.h"
41#include "curl_memory.h"
42#include "memdebug.h"
43
44
45typedef enum {
46 CF_HC_INIT,
47 CF_HC_CONNECT,
48 CF_HC_SUCCESS,
49 CF_HC_FAILURE
50} cf_hc_state;
51
52struct cf_hc_baller {
53 const char *name;
54 struct Curl_cfilter *cf;
55 CURLcode result;
56 struct curltime started;
57 int reply_ms;
58 bool enabled;
59};
60
61static void cf_hc_baller_reset(struct cf_hc_baller *b,
62 struct Curl_easy *data)
63{
64 if(b->cf) {
65 Curl_conn_cf_close(cf: b->cf, data);
66 Curl_conn_cf_discard_chain(pcf: &b->cf, data);
67 b->cf = NULL;
68 }
69 b->result = CURLE_OK;
70 b->reply_ms = -1;
71}
72
73static bool cf_hc_baller_is_active(struct cf_hc_baller *b)
74{
75 return b->enabled && b->cf && !b->result;
76}
77
78static bool cf_hc_baller_has_started(struct cf_hc_baller *b)
79{
80 return !!b->cf;
81}
82
83static int cf_hc_baller_reply_ms(struct cf_hc_baller *b,
84 struct Curl_easy *data)
85{
86 if(b->reply_ms < 0)
87 b->cf->cft->query(b->cf, data, CF_QUERY_CONNECT_REPLY_MS,
88 &b->reply_ms, NULL);
89 return b->reply_ms;
90}
91
92static bool cf_hc_baller_data_pending(struct cf_hc_baller *b,
93 const struct Curl_easy *data)
94{
95 return b->cf && !b->result && b->cf->cft->has_data_pending(b->cf, data);
96}
97
98struct cf_hc_ctx {
99 cf_hc_state state;
100 const struct Curl_dns_entry *remotehost;
101 struct curltime started; /* when connect started */
102 CURLcode result; /* overall result */
103 struct cf_hc_baller h3_baller;
104 struct cf_hc_baller h21_baller;
105 int soft_eyeballs_timeout_ms;
106 int hard_eyeballs_timeout_ms;
107};
108
109static void cf_hc_baller_init(struct cf_hc_baller *b,
110 struct Curl_cfilter *cf,
111 struct Curl_easy *data,
112 const char *name,
113 int transport)
114{
115 struct cf_hc_ctx *ctx = cf->ctx;
116 struct Curl_cfilter *save = cf->next;
117
118 b->name = name;
119 cf->next = NULL;
120 b->started = Curl_now();
121 b->result = Curl_cf_setup_insert_after(cf_at: cf, data, remotehost: ctx->remotehost,
122 transport, CURL_CF_SSL_ENABLE);
123 b->cf = cf->next;
124 cf->next = save;
125}
126
127static CURLcode cf_hc_baller_connect(struct cf_hc_baller *b,
128 struct Curl_cfilter *cf,
129 struct Curl_easy *data,
130 bool *done)
131{
132 struct Curl_cfilter *save = cf->next;
133
134 cf->next = b->cf;
135 b->result = Curl_conn_cf_connect(cf: cf->next, data, FALSE, done);
136 b->cf = cf->next; /* it might mutate */
137 cf->next = save;
138 return b->result;
139}
140
141static void cf_hc_reset(struct Curl_cfilter *cf, struct Curl_easy *data)
142{
143 struct cf_hc_ctx *ctx = cf->ctx;
144
145 if(ctx) {
146 cf_hc_baller_reset(b: &ctx->h3_baller, data);
147 cf_hc_baller_reset(b: &ctx->h21_baller, data);
148 ctx->state = CF_HC_INIT;
149 ctx->result = CURLE_OK;
150 ctx->hard_eyeballs_timeout_ms = data->set.happy_eyeballs_timeout;
151 ctx->soft_eyeballs_timeout_ms = data->set.happy_eyeballs_timeout / 2;
152 }
153}
154
155static CURLcode baller_connected(struct Curl_cfilter *cf,
156 struct Curl_easy *data,
157 struct cf_hc_baller *winner)
158{
159 struct cf_hc_ctx *ctx = cf->ctx;
160 CURLcode result = CURLE_OK;
161
162 DEBUGASSERT(winner->cf);
163 if(winner != &ctx->h3_baller)
164 cf_hc_baller_reset(b: &ctx->h3_baller, data);
165 if(winner != &ctx->h21_baller)
166 cf_hc_baller_reset(b: &ctx->h21_baller, data);
167
168 CURL_TRC_CF(data, cf, "connect+handshake %s: %dms, 1st data: %dms",
169 winner->name, (int)Curl_timediff(Curl_now(), winner->started),
170 cf_hc_baller_reply_ms(winner, data));
171 cf->next = winner->cf;
172 winner->cf = NULL;
173
174 switch(cf->conn->alpn) {
175 case CURL_HTTP_VERSION_3:
176 infof(data, "using HTTP/3");
177 break;
178 case CURL_HTTP_VERSION_2:
179#ifdef USE_NGHTTP2
180 /* Using nghttp2, we add the filter "below" us, so when the conn
181 * closes, we tear it down for a fresh reconnect */
182 result = Curl_http2_switch_at(cf, data);
183 if(result) {
184 ctx->state = CF_HC_FAILURE;
185 ctx->result = result;
186 return result;
187 }
188#endif
189 infof(data, "using HTTP/2");
190 break;
191 case CURL_HTTP_VERSION_1_1:
192 infof(data, "using HTTP/1.1");
193 break;
194 default:
195 infof(data, "using HTTP/1.x");
196 break;
197 }
198 ctx->state = CF_HC_SUCCESS;
199 cf->connected = TRUE;
200 Curl_conn_cf_cntrl(cf: cf->next, data, TRUE,
201 CF_CTRL_CONN_INFO_UPDATE, arg1: 0, NULL);
202 return result;
203}
204
205
206static bool time_to_start_h21(struct Curl_cfilter *cf,
207 struct Curl_easy *data,
208 struct curltime now)
209{
210 struct cf_hc_ctx *ctx = cf->ctx;
211 timediff_t elapsed_ms;
212
213 if(!ctx->h21_baller.enabled || cf_hc_baller_has_started(b: &ctx->h21_baller))
214 return FALSE;
215
216 if(!ctx->h3_baller.enabled || !cf_hc_baller_is_active(b: &ctx->h3_baller))
217 return TRUE;
218
219 elapsed_ms = Curl_timediff(newer: now, older: ctx->started);
220 if(elapsed_ms >= ctx->hard_eyeballs_timeout_ms) {
221 CURL_TRC_CF(data, cf, "hard timeout of %dms reached, starting h21",
222 ctx->hard_eyeballs_timeout_ms);
223 return TRUE;
224 }
225
226 if(elapsed_ms >= ctx->soft_eyeballs_timeout_ms) {
227 if(cf_hc_baller_reply_ms(b: &ctx->h3_baller, data) < 0) {
228 CURL_TRC_CF(data, cf, "soft timeout of %dms reached, h3 has not "
229 "seen any data, starting h21",
230 ctx->soft_eyeballs_timeout_ms);
231 return TRUE;
232 }
233 /* set the effective hard timeout again */
234 Curl_expire(data, milli: ctx->hard_eyeballs_timeout_ms - elapsed_ms,
235 EXPIRE_ALPN_EYEBALLS);
236 }
237 return FALSE;
238}
239
240static CURLcode cf_hc_connect(struct Curl_cfilter *cf,
241 struct Curl_easy *data,
242 bool blocking, bool *done)
243{
244 struct cf_hc_ctx *ctx = cf->ctx;
245 struct curltime now;
246 CURLcode result = CURLE_OK;
247
248 (void)blocking;
249 if(cf->connected) {
250 *done = TRUE;
251 return CURLE_OK;
252 }
253
254 *done = FALSE;
255 now = Curl_now();
256 switch(ctx->state) {
257 case CF_HC_INIT:
258 DEBUGASSERT(!ctx->h3_baller.cf);
259 DEBUGASSERT(!ctx->h21_baller.cf);
260 DEBUGASSERT(!cf->next);
261 CURL_TRC_CF(data, cf, "connect, init");
262 ctx->started = now;
263 if(ctx->h3_baller.enabled) {
264 cf_hc_baller_init(b: &ctx->h3_baller, cf, data, name: "h3", TRNSPRT_QUIC);
265 if(ctx->h21_baller.enabled)
266 Curl_expire(data, milli: ctx->soft_eyeballs_timeout_ms, EXPIRE_ALPN_EYEBALLS);
267 }
268 else if(ctx->h21_baller.enabled)
269 cf_hc_baller_init(b: &ctx->h21_baller, cf, data, name: "h21",
270 transport: cf->conn->transport);
271 ctx->state = CF_HC_CONNECT;
272 /* FALLTHROUGH */
273
274 case CF_HC_CONNECT:
275 if(cf_hc_baller_is_active(b: &ctx->h3_baller)) {
276 result = cf_hc_baller_connect(b: &ctx->h3_baller, cf, data, done);
277 if(!result && *done) {
278 result = baller_connected(cf, data, winner: &ctx->h3_baller);
279 goto out;
280 }
281 }
282
283 if(time_to_start_h21(cf, data, now)) {
284 cf_hc_baller_init(b: &ctx->h21_baller, cf, data, name: "h21",
285 transport: cf->conn->transport);
286 }
287
288 if(cf_hc_baller_is_active(b: &ctx->h21_baller)) {
289 CURL_TRC_CF(data, cf, "connect, check h21");
290 result = cf_hc_baller_connect(b: &ctx->h21_baller, cf, data, done);
291 if(!result && *done) {
292 result = baller_connected(cf, data, winner: &ctx->h21_baller);
293 goto out;
294 }
295 }
296
297 if((!ctx->h3_baller.enabled || ctx->h3_baller.result) &&
298 (!ctx->h21_baller.enabled || ctx->h21_baller.result)) {
299 /* both failed or disabled. we give up */
300 CURL_TRC_CF(data, cf, "connect, all failed");
301 result = ctx->result = ctx->h3_baller.enabled?
302 ctx->h3_baller.result : ctx->h21_baller.result;
303 ctx->state = CF_HC_FAILURE;
304 goto out;
305 }
306 result = CURLE_OK;
307 *done = FALSE;
308 break;
309
310 case CF_HC_FAILURE:
311 result = ctx->result;
312 cf->connected = FALSE;
313 *done = FALSE;
314 break;
315
316 case CF_HC_SUCCESS:
317 result = CURLE_OK;
318 cf->connected = TRUE;
319 *done = TRUE;
320 break;
321 }
322
323out:
324 CURL_TRC_CF(data, cf, "connect -> %d, done=%d", result, *done);
325 return result;
326}
327
328static int cf_hc_get_select_socks(struct Curl_cfilter *cf,
329 struct Curl_easy *data,
330 curl_socket_t *socks)
331{
332 struct cf_hc_ctx *ctx = cf->ctx;
333 size_t i, j, s;
334 int brc, rc = GETSOCK_BLANK;
335 curl_socket_t bsocks[MAX_SOCKSPEREASYHANDLE];
336 struct cf_hc_baller *ballers[2];
337
338 if(cf->connected)
339 return cf->next->cft->get_select_socks(cf->next, data, socks);
340
341 ballers[0] = &ctx->h3_baller;
342 ballers[1] = &ctx->h21_baller;
343 for(i = s = 0; i < sizeof(ballers)/sizeof(ballers[0]); i++) {
344 struct cf_hc_baller *b = ballers[i];
345 if(!cf_hc_baller_is_active(b))
346 continue;
347 brc = Curl_conn_cf_get_select_socks(cf: b->cf, data, socks: bsocks);
348 CURL_TRC_CF(data, cf, "get_selected_socks(%s) -> %x", b->name, brc);
349 if(!brc)
350 continue;
351 for(j = 0; j < MAX_SOCKSPEREASYHANDLE && s < MAX_SOCKSPEREASYHANDLE; ++j) {
352 if((brc & GETSOCK_WRITESOCK(j)) || (brc & GETSOCK_READSOCK(j))) {
353 socks[s] = bsocks[j];
354 if(brc & GETSOCK_WRITESOCK(j))
355 rc |= GETSOCK_WRITESOCK(s);
356 if(brc & GETSOCK_READSOCK(j))
357 rc |= GETSOCK_READSOCK(s);
358 s++;
359 }
360 }
361 }
362 CURL_TRC_CF(data, cf, "get_selected_socks -> %x", rc);
363 return rc;
364}
365
366static bool cf_hc_data_pending(struct Curl_cfilter *cf,
367 const struct Curl_easy *data)
368{
369 struct cf_hc_ctx *ctx = cf->ctx;
370
371 if(cf->connected)
372 return cf->next->cft->has_data_pending(cf->next, data);
373
374 CURL_TRC_CF((struct Curl_easy *)data, cf, "data_pending");
375 return cf_hc_baller_data_pending(b: &ctx->h3_baller, data)
376 || cf_hc_baller_data_pending(b: &ctx->h21_baller, data);
377}
378
379static struct curltime cf_get_max_baller_time(struct Curl_cfilter *cf,
380 struct Curl_easy *data,
381 int query)
382{
383 struct cf_hc_ctx *ctx = cf->ctx;
384 struct Curl_cfilter *cfb;
385 struct curltime t, tmax;
386
387 memset(s: &tmax, c: 0, n: sizeof(tmax));
388 memset(s: &t, c: 0, n: sizeof(t));
389 cfb = ctx->h21_baller.enabled? ctx->h21_baller.cf : NULL;
390 if(cfb && !cfb->cft->query(cfb, data, query, NULL, &t)) {
391 if((t.tv_sec || t.tv_usec) && Curl_timediff_us(newer: t, older: tmax) > 0)
392 tmax = t;
393 }
394 memset(s: &t, c: 0, n: sizeof(t));
395 cfb = ctx->h3_baller.enabled? ctx->h3_baller.cf : NULL;
396 if(cfb && !cfb->cft->query(cfb, data, query, NULL, &t)) {
397 if((t.tv_sec || t.tv_usec) && Curl_timediff_us(newer: t, older: tmax) > 0)
398 tmax = t;
399 }
400 return tmax;
401}
402
403static CURLcode cf_hc_query(struct Curl_cfilter *cf,
404 struct Curl_easy *data,
405 int query, int *pres1, void *pres2)
406{
407 if(!cf->connected) {
408 switch(query) {
409 case CF_QUERY_TIMER_CONNECT: {
410 struct curltime *when = pres2;
411 *when = cf_get_max_baller_time(cf, data, CF_QUERY_TIMER_CONNECT);
412 return CURLE_OK;
413 }
414 case CF_QUERY_TIMER_APPCONNECT: {
415 struct curltime *when = pres2;
416 *when = cf_get_max_baller_time(cf, data, CF_QUERY_TIMER_APPCONNECT);
417 return CURLE_OK;
418 }
419 default:
420 break;
421 }
422 }
423 return cf->next?
424 cf->next->cft->query(cf->next, data, query, pres1, pres2) :
425 CURLE_UNKNOWN_OPTION;
426}
427
428static void cf_hc_close(struct Curl_cfilter *cf, struct Curl_easy *data)
429{
430 CURL_TRC_CF(data, cf, "close");
431 cf_hc_reset(cf, data);
432 cf->connected = FALSE;
433
434 if(cf->next) {
435 cf->next->cft->do_close(cf->next, data);
436 Curl_conn_cf_discard_chain(pcf: &cf->next, data);
437 }
438}
439
440static void cf_hc_destroy(struct Curl_cfilter *cf, struct Curl_easy *data)
441{
442 struct cf_hc_ctx *ctx = cf->ctx;
443
444 (void)data;
445 CURL_TRC_CF(data, cf, "destroy");
446 cf_hc_reset(cf, data);
447 Curl_safefree(ctx);
448}
449
450struct Curl_cftype Curl_cft_http_connect = {
451 "HTTPS-CONNECT",
452 0,
453 CURL_LOG_LVL_NONE,
454 cf_hc_destroy,
455 cf_hc_connect,
456 cf_hc_close,
457 Curl_cf_def_get_host,
458 cf_hc_get_select_socks,
459 cf_hc_data_pending,
460 Curl_cf_def_send,
461 Curl_cf_def_recv,
462 Curl_cf_def_cntrl,
463 Curl_cf_def_conn_is_alive,
464 Curl_cf_def_conn_keep_alive,
465 cf_hc_query,
466};
467
468static CURLcode cf_hc_create(struct Curl_cfilter **pcf,
469 struct Curl_easy *data,
470 const struct Curl_dns_entry *remotehost,
471 bool try_h3, bool try_h21)
472{
473 struct Curl_cfilter *cf = NULL;
474 struct cf_hc_ctx *ctx;
475 CURLcode result = CURLE_OK;
476
477 (void)data;
478 ctx = calloc(sizeof(*ctx), 1);
479 if(!ctx) {
480 result = CURLE_OUT_OF_MEMORY;
481 goto out;
482 }
483 ctx->remotehost = remotehost;
484 ctx->h3_baller.enabled = try_h3;
485 ctx->h21_baller.enabled = try_h21;
486
487 result = Curl_cf_create(pcf: &cf, cft: &Curl_cft_http_connect, ctx);
488 if(result)
489 goto out;
490 ctx = NULL;
491 cf_hc_reset(cf, data);
492
493out:
494 *pcf = result? NULL : cf;
495 free(ctx);
496 return result;
497}
498
499static CURLcode cf_http_connect_add(struct Curl_easy *data,
500 struct connectdata *conn,
501 int sockindex,
502 const struct Curl_dns_entry *remotehost,
503 bool try_h3, bool try_h21)
504{
505 struct Curl_cfilter *cf;
506 CURLcode result = CURLE_OK;
507
508 DEBUGASSERT(data);
509 result = cf_hc_create(pcf: &cf, data, remotehost, try_h3, try_h21);
510 if(result)
511 goto out;
512 Curl_conn_cf_add(data, conn, sockindex, cf);
513out:
514 return result;
515}
516
517CURLcode Curl_cf_https_setup(struct Curl_easy *data,
518 struct connectdata *conn,
519 int sockindex,
520 const struct Curl_dns_entry *remotehost)
521{
522 bool try_h3 = FALSE, try_h21 = TRUE; /* defaults, for now */
523 CURLcode result = CURLE_OK;
524
525 (void)sockindex;
526 (void)remotehost;
527
528 if(!conn->bits.tls_enable_alpn)
529 goto out;
530
531 if(data->state.httpwant == CURL_HTTP_VERSION_3ONLY) {
532 result = Curl_conn_may_http3(data, conn);
533 if(result) /* can't do it */
534 goto out;
535 try_h3 = TRUE;
536 try_h21 = FALSE;
537 }
538 else if(data->state.httpwant >= CURL_HTTP_VERSION_3) {
539 /* We assume that silently not even trying H3 is ok here */
540 /* TODO: should we fail instead? */
541 try_h3 = (Curl_conn_may_http3(data, conn) == CURLE_OK);
542 try_h21 = TRUE;
543 }
544
545 result = cf_http_connect_add(data, conn, sockindex, remotehost,
546 try_h3, try_h21);
547out:
548 return result;
549}
550
551#endif /* !defined(CURL_DISABLE_HTTP) && !defined(USE_HYPER) */
552