Persist server's crypto config data to disk cache for 0-RTT

net/quic/crypto/quic_crypto_client_config.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/quic/crypto/quic_crypto_client_config.h"
 
 #include "base/stl_util.h"
 #include "net/quic/crypto/cert_compressor.h"
 #include "net/quic/crypto/channel_id.h"
 #include "net/quic/crypto/common_cert_set.h"
@@ skipping 20 matching lines @@
 
 QuicCryptoClientConfig::QuicCryptoClientConfig() {
 }
 
 QuicCryptoClientConfig::~QuicCryptoClientConfig() {
   STLDeleteValues(&cached_states_);
 }
 
 QuicCryptoClientConfig::CachedState::CachedState()
     : server_config_valid_(false),
+      need_to_persist_(false),
       generation_counter_(0) {}
 
 QuicCryptoClientConfig::CachedState::CachedState(
     scoped_ptr<QuicServerInfo> quic_server_info)
     : server_config_valid_(false),
+      need_to_persist_(false),
       generation_counter_(0),
       quic_server_info_(quic_server_info.Pass()) {}
 
 QuicCryptoClientConfig::CachedState::~CachedState() {}
 
 bool QuicCryptoClientConfig::CachedState::IsComplete(QuicWallTime now) const {
   if (server_config_.empty() || !server_config_valid_) {
     return false;
   }
 
@@ skipping 52 matching lines @@
     *error_details = "SCFG missing EXPY";
     return QUIC_INVALID_CRYPTO_MESSAGE_PARAMETER;
   }
 
   if (now.ToUNIXSeconds() >= expiry_seconds) {
     *error_details = "SCFG has expired";
     return QUIC_CRYPTO_SERVER_CONFIG_EXPIRED;
   }
 
   if (!matches_existing) {
     server_config_ = server_config.as_string();

[wtc, 2014/02/11 01:01:45]

It seems that should set need_to_persist_ to true here because we changed
server_config_ from an external source (as opposed to the disk cache).

[ramant (doing other things), 2014/02/11 07:57:55]

Done.

     SetProofInvalid();
     scfg_.reset(new_scfg_storage.release());
   }
   return QUIC_NO_ERROR;
 }
 
 void QuicCryptoClientConfig::CachedState::InvalidateServerConfig() {
   server_config_.clear();
   scfg_.reset();
   SetProofInvalid();
@@ skipping 14 matching lines @@
   }
 
   if (!has_changed) {
     return;
   }
 
   // If the proof has changed then it needs to be revalidated.
   SetProofInvalid();
   certs_ = certs;
   server_config_sig_ = signature.as_string();
+  need_to_persist_ = true;

[wtc, 2014/02/11 01:01:45]

This doesn't seem like the right place to set need_to_persist to true because
the proof for a server config is optional.

[ramant (doing other things), 2014/02/11 07:57:55]

Done.

 }
 
 void QuicCryptoClientConfig::CachedState::ClearProof() {
   SetProofInvalid();
   certs_.clear();
   server_config_sig_.clear();
 }
 
 void QuicCryptoClientConfig::CachedState::SetProofValid() {
   server_config_valid_ = true;
@@ skipping 27 matching lines @@
 
 uint64 QuicCryptoClientConfig::CachedState::generation_counter() const {
   return generation_counter_;
 }
 
 const ProofVerifyDetails*
 QuicCryptoClientConfig::CachedState::proof_verify_details() const {
   return proof_verify_details_.get();
 }
 
+QuicServerInfo* QuicCryptoClientConfig::CachedState::quic_server_info() const {
+  return quic_server_info_.get();
+}
+
 void QuicCryptoClientConfig::CachedState::set_source_address_token(
     StringPiece token) {
   source_address_token_ = token.as_string();
 }
 
 void QuicCryptoClientConfig::CachedState::SetProofVerifyDetails(
     ProofVerifyDetails* details) {
   proof_verify_details_.reset(details);
 }
 
 void QuicCryptoClientConfig::CachedState::InitializeFrom(
     const QuicCryptoClientConfig::CachedState& other) {
   DCHECK(server_config_.empty());
   DCHECK(!server_config_valid_);
   server_config_ = other.server_config_;
   source_address_token_ = other.source_address_token_;
   certs_ = other.certs_;
   server_config_sig_ = other.server_config_sig_;
   server_config_valid_ = other.server_config_valid_;
 }
 
+// TODO(rtenneti): LoadQuicServerInfo and SaveQuicServerInfo have duplication of
+// data in CachedState and QuicServerInfo. We should eliminate the duplication
+// of data.
+// An issue to be solved: while we are loading the data from disk cache, it is
+// possible for another request for the same hostname update the CachedState
+// because that request has sent FillInchoateClientHello and got REJ message.
+// Loading of data from disk cache shouldn't blindly overwrite what is in
+// CachedState.
+void QuicCryptoClientConfig::CachedState::LoadQuicServerInfo() {
+  if (server_config_valid_ || !server_config_sig_.empty()) {

[wtc, 2014/02/11 01:01:45]

It seems that we should not test server_config_valid_.

It should be enough to just test !server_config_.empty(). Testing
!server_config_sig_.empty() is not ideal because server config signature is
optional.

[ramant (doing other things), 2014/02/11 07:57:55]

Done.

+    return;
+  }
+  DCHECK(quic_server_info_.get());
+
+  const QuicServerInfo::State& state(quic_server_info_->state());
+  if (state.certs_.empty()) {

[wtc, 2014/02/11 01:01:45]

It is better to test state.server_config_.empty() instead, because state.certs_
may be empty in a valid State (if we didn't request a proof).

[ramant (doing other things), 2014/02/11 07:57:55]

Done.

+    return;
+  }
+
+  server_config_ = state.server_config_;
+  source_address_token_ = state.source_address_token_;
+  server_config_sig_ = state.server_config_sig_;
+  certs_ = state.certs_;
+  need_to_persist_ = false;
+}
+
+void QuicCryptoClientConfig::CachedState::SaveQuicServerInfo() {
+  if (!quic_server_info_.get() || !need_to_persist_) {
+    return;
+  }
+  DCHECK(server_config_valid_);
+
+  // If the QuicServerInfo hasn't managed to load from disk yet then we can't
+  // save anything.
+  if (!quic_server_info_->IsDataReady()) {
+    return;
+  }
+
+  QuicServerInfo::State* state = quic_server_info_->mutable_state();
+
+  state->Clear();

[wtc, 2014/02/11 01:01:45]

This state->Clear() call is not necessary because we are going to set all
members of |state| next.

[ramant (doing other things), 2014/02/11 07:57:55]

Done.

+  state->server_config_ = server_config_;
+  state->source_address_token_ = source_address_token_;
+  state->server_config_sig_ = server_config_sig_;
+  state->certs_ = certs_;
+
+  quic_server_info_->Persist();

[wtc, 2014/02/11 01:01:45]

We should set need_to_persist_ to false after the Persist() call.

[ramant (doing other things), 2014/02/11 07:57:55]

Done.

+}
+
 void QuicCryptoClientConfig::SetDefaults() {
   // Key exchange methods.
   kexs.resize(2);
   kexs[0] = kC255;
   kexs[1] = kP256;
 
   // Authenticated encryption algorithms.
   aead.resize(1);
   aead[0] = kAESG;
 }
@@ skipping 436 matching lines @@
   CachedState* canonical_cached =
       canonical_crypto_config->LookupOrCreate(canonical_server_hostname);
   if (!canonical_cached->proof_valid()) {
     return;
   }
   CachedState* cached = LookupOrCreate(server_hostname);
   cached->InitializeFrom(*canonical_cached);
 }
 
 }  // namespace net