Persist server's crypto config data to disk cache for 0-RTT

net/quic/crypto/quic_crypto_client_config.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/quic/crypto/quic_crypto_client_config.h"
 
 #include "base/stl_util.h"
 #include "net/quic/crypto/cert_compressor.h"
 #include "net/quic/crypto/channel_id.h"
 #include "net/quic/crypto/common_cert_set.h"
@@ skipping 20 matching lines @@
 
 QuicCryptoClientConfig::QuicCryptoClientConfig() {
 }
 
 QuicCryptoClientConfig::~QuicCryptoClientConfig() {
   STLDeleteValues(&cached_states_);
 }
 
 QuicCryptoClientConfig::CachedState::CachedState()
     : server_config_valid_(false),
+      need_to_persist_(false),
       generation_counter_(0) {}
 
 QuicCryptoClientConfig::CachedState::CachedState(
     scoped_ptr<QuicServerInfo> quic_server_info)
     : server_config_valid_(false),
+      need_to_persist_(false),
       generation_counter_(0),
       quic_server_info_(quic_server_info.Pass()) {}
 
 QuicCryptoClientConfig::CachedState::~CachedState() {}
 
 bool QuicCryptoClientConfig::CachedState::IsComplete(QuicWallTime now) const {
   if (server_config_.empty() || !server_config_valid_) {
     return false;
   }
 
@@ skipping 55 matching lines @@
 
   if (now.ToUNIXSeconds() >= expiry_seconds) {
     *error_details = "SCFG has expired";
     return QUIC_CRYPTO_SERVER_CONFIG_EXPIRED;
   }
 
   if (!matches_existing) {
     server_config_ = server_config.as_string();
     SetProofInvalid();
     scfg_.reset(new_scfg_storage.release());
+    need_to_persist_ = true;
   }
   return QUIC_NO_ERROR;
 }
 
 void QuicCryptoClientConfig::CachedState::InvalidateServerConfig() {
   server_config_.clear();
   scfg_.reset();
   SetProofInvalid();
 }
 
@@ skipping 22 matching lines @@
 }
 
 void QuicCryptoClientConfig::CachedState::ClearProof() {
   SetProofInvalid();
   certs_.clear();
   server_config_sig_.clear();
 }
 
 void QuicCryptoClientConfig::CachedState::SetProofValid() {
   server_config_valid_ = true;
+  SaveQuicServerInfo();
 }
 
 void QuicCryptoClientConfig::CachedState::SetProofInvalid() {
   server_config_valid_ = false;
   ++generation_counter_;
 }
 
 const string& QuicCryptoClientConfig::CachedState::server_config() const {
   return server_config_;
 }
@@ skipping 17 matching lines @@
 
 uint64 QuicCryptoClientConfig::CachedState::generation_counter() const {
   return generation_counter_;
 }
 
 const ProofVerifyDetails*
 QuicCryptoClientConfig::CachedState::proof_verify_details() const {
   return proof_verify_details_.get();
 }
 
+QuicServerInfo* QuicCryptoClientConfig::CachedState::quic_server_info() const {
+  return quic_server_info_.get();
+}
+
 void QuicCryptoClientConfig::CachedState::set_source_address_token(
     StringPiece token) {
   source_address_token_ = token.as_string();
 }
 
 void QuicCryptoClientConfig::CachedState::SetProofVerifyDetails(
     ProofVerifyDetails* details) {
   proof_verify_details_.reset(details);
 }
 
 void QuicCryptoClientConfig::CachedState::InitializeFrom(
     const QuicCryptoClientConfig::CachedState& other) {
   DCHECK(server_config_.empty());
   DCHECK(!server_config_valid_);
   server_config_ = other.server_config_;
   source_address_token_ = other.source_address_token_;
   certs_ = other.certs_;
   server_config_sig_ = other.server_config_sig_;
   server_config_valid_ = other.server_config_valid_;
 }
 
+// TODO(rtenneti): LoadQuicServerInfo and SaveQuicServerInfo have duplication of
+// data in CachedState and QuicServerInfo. We should eliminate the duplication
+// of data.
+// An issue to be solved: while we are loading the data from disk cache, it is
+// possible for another request for the same hostname update the CachedState
+// because that request has sent FillInchoateClientHello and got REJ message.
+// Loading of data from disk cache shouldn't blindly overwrite what is in
+// CachedState.
+void QuicCryptoClientConfig::CachedState::LoadQuicServerInfo() {

[wtc, 2014/02/14 01:46:13]

This method needs to return a bool status.

[ramant (doing other things), 2014/02/15 00:36:12]

Done.

+  if (!server_config_.empty()) {

[wtc, 2014/02/14 01:46:13]

This should become a DCHECK:
  DCHECK(server_config_.empty());

Also DCHECK(quic_server_info_->IsDataReady()).

[ramant (doing other things), 2014/02/15 00:36:12]

Done.

+    return;
+  }
+  DCHECK(quic_server_info_.get());
+
+  const QuicServerInfo::State& state(quic_server_info_->state());
+  if (state.server_config.empty()) {
+    return;

[wtc, 2014/02/14 01:46:13]

We should return false.

[ramant (doing other things), 2014/02/15 00:36:12]

Done.

+  }
+
+  server_config_ = state.server_config;

[wtc, 2014/02/13 23:48:43]

I now think we should call SetServerConfig() to set server_config_ rather than
setting server_config_ directly. SetServerConfig() will check for expiry and
call SetProofInvalid(), which increments the generation counter.

We'll need to make sure that need_to_persist_ should be set to false here, but
for the other call to SetServerConfig() we need to set need_to_persist_ to true.
Perhaps we need to add a new method for setting need_to_persist_

[wtc, 2014/02/14 01:46:13]

If SetServerConfig() fails, we should return false.

[ramant (doing other things), 2014/02/15 00:36:12]

Done.

[ramant (doing other things), 2014/02/15 00:36:12]

Done.

+  source_address_token_ = state.source_address_token;
+  server_config_sig_ = state.server_config_sig;
+  certs_ = state.certs;
+  need_to_persist_ = false;
+}
+
+void QuicCryptoClientConfig::CachedState::SaveQuicServerInfo() {
+  if (!quic_server_info_.get() || !need_to_persist_) {
+    return;
+  }
+  DCHECK(server_config_valid_);
+
+  // If the QuicServerInfo hasn't managed to load from disk yet then we can't
+  // save anything.
+  if (!quic_server_info_->IsDataReady()) {
+    return;
+  }
+
+  QuicServerInfo::State* state = quic_server_info_->mutable_state();
+
+  state->server_config = server_config_;
+  state->source_address_token = source_address_token_;
+  state->server_config_sig = server_config_sig_;
+  state->certs = certs_;
+
+  quic_server_info_->Persist();
+  need_to_persist_ = false;
+}
+
 void QuicCryptoClientConfig::SetDefaults() {
   // Key exchange methods.
   kexs.resize(2);
   kexs[0] = kC255;
   kexs[1] = kP256;
 
   // Authenticated encryption algorithms.
   aead.resize(1);
   aead[0] = kAESG;
 }
@@ skipping 436 matching lines @@
   CachedState* canonical_cached =
       canonical_crypto_config->LookupOrCreate(canonical_server_hostname);
   if (!canonical_cached->proof_valid()) {
     return;
   }
   CachedState* cached = LookupOrCreate(server_hostname);
   cached->InitializeFrom(*canonical_cached);
 }
 
 }  // namespace net