OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/quic/crypto/quic_crypto_client_config.h" | 5 #include "net/quic/crypto/quic_crypto_client_config.h" |
6 | 6 |
7 #include "base/metrics/histogram_macros.h" | 7 #include "base/metrics/histogram_macros.h" |
8 #include "base/stl_util.h" | 8 #include "base/stl_util.h" |
9 #include "base/strings/string_util.h" | 9 #include "base/strings/string_util.h" |
10 #include "net/quic/crypto/cert_compressor.h" | 10 #include "net/quic/crypto/cert_compressor.h" |
(...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
76 } | 76 } |
77 | 77 |
78 const CryptoHandshakeMessage* scfg = GetServerConfig(); | 78 const CryptoHandshakeMessage* scfg = GetServerConfig(); |
79 if (!scfg) { | 79 if (!scfg) { |
80 // Should be impossible short of cache corruption. | 80 // Should be impossible short of cache corruption. |
81 DCHECK(false); | 81 DCHECK(false); |
82 RecordInchoateClientHelloReason(SERVER_CONFIG_CORRUPTED); | 82 RecordInchoateClientHelloReason(SERVER_CONFIG_CORRUPTED); |
83 return false; | 83 return false; |
84 } | 84 } |
85 | 85 |
86 uint64 expiry_seconds; | 86 uint64_t expiry_seconds; |
87 if (scfg->GetUint64(kEXPY, &expiry_seconds) != QUIC_NO_ERROR) { | 87 if (scfg->GetUint64(kEXPY, &expiry_seconds) != QUIC_NO_ERROR) { |
88 RecordInchoateClientHelloReason(SERVER_CONFIG_INVALID_EXPIRY); | 88 RecordInchoateClientHelloReason(SERVER_CONFIG_INVALID_EXPIRY); |
89 return false; | 89 return false; |
90 } | 90 } |
91 if (now.ToUNIXSeconds() >= expiry_seconds) { | 91 if (now.ToUNIXSeconds() >= expiry_seconds) { |
92 UMA_HISTOGRAM_CUSTOM_TIMES( | 92 UMA_HISTOGRAM_CUSTOM_TIMES( |
93 "Net.QuicClientHelloServerConfig.InvalidDuration", | 93 "Net.QuicClientHelloServerConfig.InvalidDuration", |
94 base::TimeDelta::FromSeconds(now.ToUNIXSeconds() - expiry_seconds), | 94 base::TimeDelta::FromSeconds(now.ToUNIXSeconds() - expiry_seconds), |
95 base::TimeDelta::FromMinutes(1), base::TimeDelta::FromDays(20), 50); | 95 base::TimeDelta::FromMinutes(1), base::TimeDelta::FromDays(20), 50); |
96 RecordInchoateClientHelloReason(SERVER_CONFIG_EXPIRED); | 96 RecordInchoateClientHelloReason(SERVER_CONFIG_EXPIRED); |
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
152 new_scfg = new_scfg_storage.get(); | 152 new_scfg = new_scfg_storage.get(); |
153 } else { | 153 } else { |
154 new_scfg = GetServerConfig(); | 154 new_scfg = GetServerConfig(); |
155 } | 155 } |
156 | 156 |
157 if (!new_scfg) { | 157 if (!new_scfg) { |
158 *error_details = "SCFG invalid"; | 158 *error_details = "SCFG invalid"; |
159 return SERVER_CONFIG_INVALID; | 159 return SERVER_CONFIG_INVALID; |
160 } | 160 } |
161 | 161 |
162 uint64 expiry_seconds; | 162 uint64_t expiry_seconds; |
163 if (new_scfg->GetUint64(kEXPY, &expiry_seconds) != QUIC_NO_ERROR) { | 163 if (new_scfg->GetUint64(kEXPY, &expiry_seconds) != QUIC_NO_ERROR) { |
164 *error_details = "SCFG missing EXPY"; | 164 *error_details = "SCFG missing EXPY"; |
165 return SERVER_CONFIG_INVALID_EXPIRY; | 165 return SERVER_CONFIG_INVALID_EXPIRY; |
166 } | 166 } |
167 | 167 |
168 if (now.ToUNIXSeconds() >= expiry_seconds) { | 168 if (now.ToUNIXSeconds() >= expiry_seconds) { |
169 *error_details = "SCFG has expired"; | 169 *error_details = "SCFG has expired"; |
170 return SERVER_CONFIG_EXPIRED; | 170 return SERVER_CONFIG_EXPIRED; |
171 } | 171 } |
172 | 172 |
(...skipping 116 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
289 } | 289 } |
290 | 290 |
291 const string& QuicCryptoClientConfig::CachedState::signature() const { | 291 const string& QuicCryptoClientConfig::CachedState::signature() const { |
292 return server_config_sig_; | 292 return server_config_sig_; |
293 } | 293 } |
294 | 294 |
295 bool QuicCryptoClientConfig::CachedState::proof_valid() const { | 295 bool QuicCryptoClientConfig::CachedState::proof_valid() const { |
296 return server_config_valid_; | 296 return server_config_valid_; |
297 } | 297 } |
298 | 298 |
299 uint64 QuicCryptoClientConfig::CachedState::generation_counter() const { | 299 uint64_t QuicCryptoClientConfig::CachedState::generation_counter() const { |
300 return generation_counter_; | 300 return generation_counter_; |
301 } | 301 } |
302 | 302 |
303 const ProofVerifyDetails* | 303 const ProofVerifyDetails* |
304 QuicCryptoClientConfig::CachedState::proof_verify_details() const { | 304 QuicCryptoClientConfig::CachedState::proof_verify_details() const { |
305 return proof_verify_details_.get(); | 305 return proof_verify_details_.get(); |
306 } | 306 } |
307 | 307 |
308 void QuicCryptoClientConfig::CachedState::set_source_address_token( | 308 void QuicCryptoClientConfig::CachedState::set_source_address_token( |
309 StringPiece token) { | 309 StringPiece token) { |
(...skipping 134 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
444 out->SetStringPiece(kCertificateSCTTag, ""); | 444 out->SetStringPiece(kCertificateSCTTag, ""); |
445 } | 445 } |
446 | 446 |
447 const vector<string>& certs = cached->certs(); | 447 const vector<string>& certs = cached->certs(); |
448 // We save |certs| in the QuicCryptoNegotiatedParameters so that, if the | 448 // We save |certs| in the QuicCryptoNegotiatedParameters so that, if the |
449 // client config is being used for multiple connections, another connection | 449 // client config is being used for multiple connections, another connection |
450 // doesn't update the cached certificates and cause us to be unable to | 450 // doesn't update the cached certificates and cause us to be unable to |
451 // process the server's compressed certificate chain. | 451 // process the server's compressed certificate chain. |
452 out_params->cached_certs = certs; | 452 out_params->cached_certs = certs; |
453 if (!certs.empty()) { | 453 if (!certs.empty()) { |
454 vector<uint64> hashes; | 454 vector<uint64_t> hashes; |
455 hashes.reserve(certs.size()); | 455 hashes.reserve(certs.size()); |
456 for (vector<string>::const_iterator i = certs.begin(); i != certs.end(); | 456 for (vector<string>::const_iterator i = certs.begin(); i != certs.end(); |
457 ++i) { | 457 ++i) { |
458 hashes.push_back(QuicUtils::FNV1a_64_Hash(i->data(), i->size())); | 458 hashes.push_back(QuicUtils::FNV1a_64_Hash(i->data(), i->size())); |
459 } | 459 } |
460 out->SetVector(kCCRT, hashes); | 460 out->SetVector(kCCRT, hashes); |
461 } | 461 } |
462 } | 462 } |
463 | 463 |
464 QuicErrorCode QuicCryptoClientConfig::FillClientHello( | 464 QuicErrorCode QuicCryptoClientConfig::FillClientHello( |
(...skipping 489 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
954 } | 954 } |
955 | 955 |
956 // Update canonical version to point at the "most recent" entry. | 956 // Update canonical version to point at the "most recent" entry. |
957 canonical_server_map_[suffix_server_id] = server_id; | 957 canonical_server_map_[suffix_server_id] = server_id; |
958 | 958 |
959 server_state->InitializeFrom(*canonical_state); | 959 server_state->InitializeFrom(*canonical_state); |
960 return true; | 960 return true; |
961 } | 961 } |
962 | 962 |
963 } // namespace net | 963 } // namespace net |
OLD | NEW |