| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/quic_crypto_server_stream.h" | 5 #include "net/quic/quic_crypto_server_stream.h" |
| 6 | 6 |
| 7 #include "base/base64.h" | 7 #include "base/base64.h" |
| 8 #include "crypto/secure_hash.h" | 8 #include "crypto/secure_hash.h" |
| 9 #include "net/quic/crypto/crypto_protocol.h" | 9 #include "net/quic/crypto/crypto_protocol.h" |
| 10 #include "net/quic/crypto/crypto_utils.h" | 10 #include "net/quic/crypto/crypto_utils.h" |
| (...skipping 20 matching lines...) Expand all Loading... |
| 31 | 31 |
| 32 QuicCryptoServerStream::QuicCryptoServerStream( | 32 QuicCryptoServerStream::QuicCryptoServerStream( |
| 33 const QuicCryptoServerConfig* crypto_config, | 33 const QuicCryptoServerConfig* crypto_config, |
| 34 QuicSession* session) | 34 QuicSession* session) |
| 35 : QuicCryptoStream(session), | 35 : QuicCryptoStream(session), |
| 36 crypto_config_(crypto_config), | 36 crypto_config_(crypto_config), |
| 37 validate_client_hello_cb_(nullptr), | 37 validate_client_hello_cb_(nullptr), |
| 38 num_handshake_messages_(0), | 38 num_handshake_messages_(0), |
| 39 num_handshake_messages_with_server_nonces_(0), | 39 num_handshake_messages_with_server_nonces_(0), |
| 40 num_server_config_update_messages_sent_(0), | 40 num_server_config_update_messages_sent_(0), |
| 41 use_stateless_rejects_if_peer_supported_(false), | 41 use_stateless_rejects_if_peer_supported_( |
| 42 FLAGS_enable_quic_stateless_reject_support), |
| 42 peer_supports_stateless_rejects_(false) { | 43 peer_supports_stateless_rejects_(false) { |
| 43 DCHECK_EQ(Perspective::IS_SERVER, session->connection()->perspective()); | 44 DCHECK_EQ(Perspective::IS_SERVER, session->connection()->perspective()); |
| 44 } | 45 } |
| 45 | 46 |
| 46 QuicCryptoServerStream::~QuicCryptoServerStream() { | 47 QuicCryptoServerStream::~QuicCryptoServerStream() { |
| 47 CancelOutstandingCallbacks(); | 48 CancelOutstandingCallbacks(); |
| 48 } | 49 } |
| 49 | 50 |
| 50 void QuicCryptoServerStream::CancelOutstandingCallbacks() { | 51 void QuicCryptoServerStream::CancelOutstandingCallbacks() { |
| 51 // Detach from the validation callback. Calling this multiple times is safe. | 52 // Detach from the validation callback. Calling this multiple times is safe. |
| (...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 86 validate_client_hello_cb_); | 87 validate_client_hello_cb_); |
| 87 } | 88 } |
| 88 | 89 |
| 89 void QuicCryptoServerStream::FinishProcessingHandshakeMessage( | 90 void QuicCryptoServerStream::FinishProcessingHandshakeMessage( |
| 90 const CryptoHandshakeMessage& message, | 91 const CryptoHandshakeMessage& message, |
| 91 const ValidateClientHelloResultCallback::Result& result) { | 92 const ValidateClientHelloResultCallback::Result& result) { |
| 92 // Clear the callback that got us here. | 93 // Clear the callback that got us here. |
| 93 DCHECK(validate_client_hello_cb_ != nullptr); | 94 DCHECK(validate_client_hello_cb_ != nullptr); |
| 94 validate_client_hello_cb_ = nullptr; | 95 validate_client_hello_cb_ = nullptr; |
| 95 | 96 |
| 96 if (FLAGS_enable_quic_stateless_reject_support) { | 97 if (use_stateless_rejects_if_peer_supported_) { |
| 97 peer_supports_stateless_rejects_ = DoesPeerSupportStatelessRejects(message); | 98 peer_supports_stateless_rejects_ = DoesPeerSupportStatelessRejects(message); |
| 98 } | 99 } |
| 99 | 100 |
| 100 CryptoHandshakeMessage reply; | 101 CryptoHandshakeMessage reply; |
| 101 string error_details; | 102 string error_details; |
| 102 QuicErrorCode error = | 103 QuicErrorCode error = |
| 103 ProcessClientHello(message, result, &reply, &error_details); | 104 ProcessClientHello(message, result, &reply, &error_details); |
| 104 | 105 |
| 105 if (error != QUIC_NO_ERROR) { | 106 if (error != QUIC_NO_ERROR) { |
| 106 CloseConnectionWithDetails(error, error_details); | 107 CloseConnectionWithDetails(error, error_details); |
| 107 return; | 108 return; |
| 108 } | 109 } |
| 109 | 110 |
| 110 if (reply.tag() != kSHLO) { | 111 if (reply.tag() != kSHLO) { |
| 111 if (FLAGS_enable_quic_stateless_reject_support && | 112 if (reply.tag() == kSREJ) { |
| 112 reply.tag() == kSREJ) { | 113 DCHECK(use_stateless_rejects_if_peer_supported()); |
| 114 DCHECK(peer_supports_stateless_rejects()); |
| 113 // Before sending the SREJ, cause the connection to save crypto packets | 115 // Before sending the SREJ, cause the connection to save crypto packets |
| 114 // so that they can be added to the time wait list manager and | 116 // so that they can be added to the time wait list manager and |
| 115 // retransmitted. | 117 // retransmitted. |
| 116 session()->connection()->EnableSavingCryptoPackets(); | 118 session()->connection()->EnableSavingCryptoPackets(); |
| 117 } | 119 } |
| 118 SendHandshakeMessage(reply); | 120 SendHandshakeMessage(reply); |
| 119 | 121 |
| 120 if (FLAGS_enable_quic_stateless_reject_support && reply.tag() == kSREJ) { | 122 if (reply.tag() == kSREJ) { |
| 121 DCHECK(use_stateless_rejects_if_peer_supported()); | 123 DCHECK(use_stateless_rejects_if_peer_supported()); |
| 122 DCHECK(peer_supports_stateless_rejects()); | 124 DCHECK(peer_supports_stateless_rejects()); |
| 123 DCHECK(!handshake_confirmed()); | 125 DCHECK(!handshake_confirmed()); |
| 124 DVLOG(1) << "Closing connection " | 126 DVLOG(1) << "Closing connection " |
| 125 << session()->connection()->connection_id() | 127 << session()->connection()->connection_id() |
| 126 << " because of a stateless reject."; | 128 << " because of a stateless reject."; |
| 127 session()->connection()->CloseConnection( | 129 session()->connection()->CloseConnection( |
| 128 QUIC_CRYPTO_HANDSHAKE_STATELESS_REJECT, /* from_peer */ false); | 130 QUIC_CRYPTO_HANDSHAKE_STATELESS_REJECT, /* from_peer */ false); |
| 129 } | 131 } |
| 130 return; | 132 return; |
| (...skipping 124 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 255 ++num_handshake_messages_with_server_nonces_; | 257 ++num_handshake_messages_with_server_nonces_; |
| 256 } | 258 } |
| 257 // Store the bandwidth estimate from the client. | 259 // Store the bandwidth estimate from the client. |
| 258 if (result.cached_network_params.bandwidth_estimate_bytes_per_second() > 0) { | 260 if (result.cached_network_params.bandwidth_estimate_bytes_per_second() > 0) { |
| 259 previous_cached_network_params_.reset( | 261 previous_cached_network_params_.reset( |
| 260 new CachedNetworkParameters(result.cached_network_params)); | 262 new CachedNetworkParameters(result.cached_network_params)); |
| 261 } | 263 } |
| 262 previous_source_address_tokens_ = result.info.source_address_tokens; | 264 previous_source_address_tokens_ = result.info.source_address_tokens; |
| 263 | 265 |
| 264 const bool use_stateless_rejects_in_crypto_config = | 266 const bool use_stateless_rejects_in_crypto_config = |
| 265 FLAGS_enable_quic_stateless_reject_support && | |
| 266 use_stateless_rejects_if_peer_supported_ && | 267 use_stateless_rejects_if_peer_supported_ && |
| 267 peer_supports_stateless_rejects_; | 268 peer_supports_stateless_rejects_; |
| 268 QuicConnection* connection = session()->connection(); | 269 QuicConnection* connection = session()->connection(); |
| 269 const QuicConnectionId server_designated_connection_id = | 270 const QuicConnectionId server_designated_connection_id = |
| 270 use_stateless_rejects_in_crypto_config | 271 use_stateless_rejects_in_crypto_config |
| 271 ? GenerateConnectionIdForReject(connection->connection_id()) | 272 ? GenerateConnectionIdForReject(connection->connection_id()) |
| 272 : 0; | 273 : 0; |
| 273 return crypto_config_->ProcessClientHello( | 274 return crypto_config_->ProcessClientHello( |
| 274 result, connection->connection_id(), connection->self_address().address(), | 275 result, connection->connection_id(), connection->self_address().address(), |
| 275 connection->peer_address(), version(), connection->supported_versions(), | 276 connection->peer_address(), version(), connection->supported_versions(), |
| (...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 319 } | 320 } |
| 320 for (size_t i = 0; i < received_tags_length; ++i) { | 321 for (size_t i = 0; i < received_tags_length; ++i) { |
| 321 if (received_tags[i] == kSREJ) { | 322 if (received_tags[i] == kSREJ) { |
| 322 return true; | 323 return true; |
| 323 } | 324 } |
| 324 } | 325 } |
| 325 return false; | 326 return false; |
| 326 } | 327 } |
| 327 | 328 |
| 328 } // namespace net | 329 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1411223011:
Simplify QUIC stateless rejects by latching the value of FLAGS_enable_quic_stateless_reject_support… (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@106709176