Persist server's crypto config data to disk cache for 0-RTT

net/quic/quic_crypto_client_stream.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/quic/quic_crypto_client_stream.h"
 
 #include "net/base/completion_callback.h"
 #include "net/base/net_errors.h"
 #include "net/quic/crypto/crypto_protocol.h"
 #include "net/quic/crypto/crypto_utils.h"
 #include "net/quic/crypto/null_encrypter.h"
 #include "net/quic/crypto/proof_verifier.h"
 #include "net/quic/crypto/proof_verifier_chromium.h"
+#include "net/quic/crypto/quic_server_info.h"
 #include "net/quic/quic_protocol.h"
 #include "net/quic/quic_session.h"
 #include "net/ssl/ssl_connection_status_flags.h"
 #include "net/ssl/ssl_info.h"
 
 namespace net {
 
 namespace {
 
 // Copies CertVerifyResult from |verify_details| to |cert_verify_result|.
@@ skipping 60 matching lines @@
 }
 
 void QuicCryptoClientStream::OnHandshakeMessage(
     const CryptoHandshakeMessage& message) {
   QuicCryptoStream::OnHandshakeMessage(message);
 
   DoHandshakeLoop(&message);
 }
 
 bool QuicCryptoClientStream::CryptoConnect() {
-  next_state_ = STATE_SEND_CHLO;
+  next_state_ = STATE_LOAD_QUIC_SERVER_INFO;
   DoHandshakeLoop(NULL);
   return true;
 }
 
 int QuicCryptoClientStream::num_sent_client_hellos() const {
   return num_client_hellos_;
 }
 
 // TODO(rtenneti): Add unittests for GetSSLInfo which exercise the various ways
 // we learn about SSL info (sync vs async vs cached).
@@ skipping 47 matching lines @@
       crypto_config_->LookupOrCreate(server_hostname_);
 
   if (in != NULL) {
     DVLOG(1) << "Client: Received " << in->DebugString();
   }
 
   for (;;) {
     const State state = next_state_;
     next_state_ = STATE_IDLE;
     switch (state) {
+      case STATE_LOAD_QUIC_SERVER_INFO: {
+        if (DoLoadQuicServerInfo(cached) == ERR_IO_PENDING) {
+          return;
+        }
+        break;
+      }
       case STATE_SEND_CHLO: {
         // Send the client hello in plaintext.
         session()->connection()->SetDefaultEncryptionLevel(ENCRYPTION_NONE);
         if (num_client_hellos_ > kMaxClientHellos) {
           CloseConnection(QUIC_CRYPTO_TOO_MANY_REJECTS);
           return;
         }
+        if (!cached->proof_valid() && crypto_config_->proof_verifier() &&
+            !cached->signature().empty()) {
+          next_state_ = STATE_VERIFY_PROOF;
+          break;
+        }

[wtc, 2014/02/07 00:54:11]

I think this should look like lines 274-283. In particular, we should call
cached->SetProofValid() if crypto_config_->proof_verifier() is null.

[ramant (doing other things), 2014/02/07 20:30:51]

Done.

         num_client_hellos_++;
 
         if (!cached->IsComplete(session()->connection()->clock()->WallNow())) {
           crypto_config_->FillInchoateClientHello(
               server_hostname_,
               session()->connection()->supported_versions().front(),
               cached, &crypto_negotiated_params_, &out);
           // Pad the inchoate client hello to fill up a packet.
           const size_t kFramingOverhead = 50;  // A rough estimate.
           const size_t max_packet_size =
@@ skipping 132 matching lines @@
               QUIC_PROOF_INVALID, "Proof invalid: " + verify_error_details_);
           return;
         }
         // Check if generation_counter has changed between STATE_VERIFY_PROOF
         // and STATE_VERIFY_PROOF_COMPLETE state changes.
         if (generation_counter_ != cached->generation_counter()) {
           next_state_ = STATE_VERIFY_PROOF;
         } else {
           cached->SetProofValid();
           cached->SetProofVerifyDetails(verify_details_.release());
+          cached->SaveQuicServerInfo();

[wtc, 2014/02/07 00:54:11]

This can be refined. We only need to call cached->SaveQuicServerInfo() if the
server info comes from a REJ message, rather than from the disk cache.

[ramant (doing other things), 2014/02/07 20:30:51]

ACK (and changed the code).

We set need_to_persist_ to true only when we get REJ message.
SaveQuicServerInfo saves the data if need_to_persist_ is true.

           next_state_ = STATE_SEND_CHLO;
         }
         break;
       case STATE_RECV_SHLO: {
         // We sent a CHLO that we expected to be accepted and now we're hoping
         // for a SHLO from the server to confirm that.
         if (in->tag() == kREJ) {
           // alternative_decrypter will be NULL if the original alternative
           // decrypter latched and became the primary decrypter. That happens
           // if we received a message encrypted with the INITIAL key.
@@ skipping 56 matching lines @@
         return;
       }
       case STATE_IDLE:
         // This means that the peer sent us a message that we weren't expecting.
         CloseConnection(QUIC_INVALID_CRYPTO_MESSAGE_TYPE);
         return;
     }
   }
 }
 
+void QuicCryptoClientStream::OnIOComplete(int result) {
+  DCHECK_EQ(STATE_LOAD_QUIC_SERVER_INFO, next_state_);
+  DoHandshakeLoop(NULL);
+}
+
+int QuicCryptoClientStream::DoLoadQuicServerInfo(

[wtc, 2014/02/07 00:54:11]

This function should be split into two state: STATE_LOAD_QUIC_SERVER_INFO and
STATE_LOAD_QUIC_SERVER_INFO_COMPLETE.

[ramant (doing other things), 2014/02/07 20:30:51]

Done.

+    QuicCryptoClientConfig::CachedState* cached) {
+  next_state_ = STATE_SEND_CHLO;
+  QuicServerInfo* quic_server_info = cached->quic_server_info();
+  if (!quic_server_info) {
+    return OK;
+  }
+
+  int rv = quic_server_info->WaitForDataReady(
+      base::Bind(&QuicCryptoClientStream::OnIOComplete,
+                 base::Unretained(this)));
+
+  if (rv != OK) {
+    if (rv == ERR_IO_PENDING) {
+      next_state_ = STATE_LOAD_QUIC_SERVER_INFO;
+    }
+    return rv;

[wtc, 2014/02/07 00:54:11]

We may want to return OK in this case. We should add a comment that it is fine
to proceed to STATE_SEND_CHLO when we cannot load from the disk cache. We should
log a warning message in that case.

[ramant (doing other things), 2014/02/07 20:30:51]

Done.

+  }
+
+  cached->LoadQuicServerInfo();
+
+  return rv;
+}
+
 }  // namespace net