/*
* Copyright (C) 2010 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.webkit;
import android.net.http.SslError;
import android.os.Bundle;
import android.os.Handler;
import android.os.Message;
import android.util.Log;
import java.util.LinkedList;
import java.util.ListIterator;
/**
* SslErrorHandler's implementation for Android Java HTTP stack.
* This class is not needed if the Chromium HTTP stack is used.
*/
class SslErrorHandlerImpl extends SslErrorHandler {
/* One problem here is that there may potentially be multiple SSL errors
* coming from multiple loaders. Therefore, we keep a queue of loaders
* that have SSL-related problems and process errors one by one in the
* order they were received.
*/
private static final String LOGTAG = "network";
/**
* Queue of loaders that experience SSL-related problems.
*/
private LinkedList<LoadListener> mLoaderQueue;
/**
* SSL error preference table.
*/
private Bundle mSslPrefTable;
// These are only used in the client facing SslErrorHandler.
private final SslErrorHandler mOriginHandler;
private final LoadListener mLoadListener;
// Message id for handling the response from the client.
private static final int HANDLE_RESPONSE = 100;
@Override
public void handleMessage(Message msg) {
switch (msg.what) {
case HANDLE_RESPONSE:
LoadListener loader = (LoadListener) msg.obj;
synchronized (SslErrorHandlerImpl.this) {
handleSslErrorResponse(loader, loader.sslError(),
msg.arg1 == 1);
mLoaderQueue.remove(loader);
fastProcessQueuedSslErrors();
}
break;
}
}
/**
* Creates a new error handler with an empty loader queue.
*/
/* package */ SslErrorHandlerImpl() {
mLoaderQueue = new LinkedList<LoadListener>();
mSslPrefTable = new Bundle();
// These are used by client facing SslErrorHandlers.
mOriginHandler = null;
mLoadListener = null;
}
/**
* Create a new error handler that will be passed to the client.
*/
private SslErrorHandlerImpl(SslErrorHandler origin, LoadListener listener) {
mOriginHandler = origin;
mLoadListener = listener;
}
/**
* Saves this handler's state into a map.
* @return True iff succeeds.
*/
/* package */ synchronized boolean saveState(Bundle outState) {
boolean success = (outState != null);
if (success) {
// TODO?
outState.putBundle("ssl-error-handler", mSslPrefTable);
}
return success;
}
/**
* Restores this handler's state from a map.
* @return True iff succeeds.
*/
/* package */ synchronized boolean restoreState(Bundle inState) {
boolean success = (inState != null);
if (success) {
success = inState.containsKey("ssl-error-handler");
if (success) {
mSslPrefTable = inState.getBundle("ssl-error-handler");
}
}
return success;
}
/**
* Clears SSL error preference table.
*/
/* package */ synchronized void clear() {
mSslPrefTable.clear();
}
/**
* Handles requests from the network stack about whether to proceed with a
* load given an SSL error(s). We may ask the client what to do, or use a
* cached response.
*/
/* package */ synchronized void handleSslErrorRequest(LoadListener loader) {
if (DebugFlags.SSL_ERROR_HANDLER) {
Log.v(LOGTAG, "SslErrorHandler.handleSslErrorRequest(): " +
"url=" + loader.url());
}
if (!loader.cancelled()) {
mLoaderQueue.offer(loader);
if (loader == mLoaderQueue.peek()) {
fastProcessQueuedSslErrors();
}
}
}
/**
* Check the preference table to see if we already have a 'proceed' decision
* from the client for this host and for an error of equal or greater
* severity than the supplied error. If so, instruct the loader to proceed
* and return true. Otherwise return false.
*/
/* package */ synchronized boolean checkSslPrefTable(LoadListener loader,
SslError error) {
final String host = loader.host();
final int primary = error.getPrimaryError();
if (DebugFlags.SSL_ERROR_HANDLER) {
assert host != null;
assert primary != -1;
}
if (mSslPrefTable.containsKey(host) && primary <= mSslPrefTable.getInt(host)) {
if (!loader.cancelled()) {
loader.handleSslErrorResponse(true);
}
return true;
}
return false;
}
/**
* Processes queued SSL-error confirmation requests in
* a tight loop while there is no need to ask the client.
*/
/* package */void fastProcessQueuedSslErrors() {
while (processNextLoader());
}
/**
* Processes the next loader in the queue.
* @return True iff should proceed to processing the
* following loader in the queue
*/
private synchronized boolean processNextLoader() {
LoadListener loader = mLoaderQueue.peek();
if (loader != null) {
// if this loader has been cancelled
if (loader.cancelled()) {
// go to the following loader in the queue. Make sure this
// loader has been removed from the queue.
mLoaderQueue.remove(loader);
return true;
}
SslError error = loader.sslError();
if (DebugFlags.SSL_ERROR_HANDLER) {
assert error != null;
}
// checkSslPrefTable() will instruct the loader to proceed if we
// have a cached 'proceed' decision. It does not remove the loader
// from the queue.
if (checkSslPrefTable(loader, error)) {
mLoaderQueue.remove(loader);
return true;
}
// If we can not proceed based on a cached decision, ask the client.
CallbackProxy proxy = loader.getFrame().getCallbackProxy();
proxy.onReceivedSslError(new SslErrorHandlerImpl(this, loader), error);
}
// the queue must be empty, stop
return false;
}
/**
* Proceed with this load.
*/
public void proceed() {
mOriginHandler.sendMessage(mOriginHandler.obtainMessage(
HANDLE_RESPONSE, 1, 0, mLoadListener));
}
/**
* Cancel this load and all pending loads for the WebView that had the
* error.
*/
public void cancel() {
mOriginHandler.sendMessage(mOriginHandler.obtainMessage(
HANDLE_RESPONSE, 0, 0, mLoadListener));
}
/**
* Handles the response from the client about whether to proceed with this
* load. We save the response to be re-used in the future.
*/
/* package */ synchronized void handleSslErrorResponse(LoadListener loader,
SslError error, boolean proceed) {
if (DebugFlags.SSL_ERROR_HANDLER) {
assert loader != null;
assert error != null;
}
if (DebugFlags.SSL_ERROR_HANDLER) {
Log.v(LOGTAG, "SslErrorHandler.handleSslErrorResponse():"
+ " proceed: " + proceed
+ " url:" + loader.url());
}
if (!loader.cancelled()) {
if (proceed) {
// Update the SSL error preference table
int primary = error.getPrimaryError();
String host = loader.host();
if (DebugFlags.SSL_ERROR_HANDLER) {
assert host != null;
assert primary != -1;
}
boolean hasKey = mSslPrefTable.containsKey(host);
if (!hasKey || primary > mSslPrefTable.getInt(host)) {
mSslPrefTable.putInt(host, primary);
}
}
loader.handleSslErrorResponse(proceed);
}
}
}