Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(95)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/quic/crypto/quic_crypto_server_config.cc

Issue 1810073002: Log when client nonce is invalid. No functional change. Not flag protected. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@116973081
Patch Set: Created 4 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/quic/crypto/crypto_server_test.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/quic/crypto/quic_crypto_server_config.h" 5 #include "net/quic/crypto/quic_crypto_server_config.h"
6 6
7 #include <stdlib.h> 7 #include <stdlib.h>
8 8
9 #include <algorithm> 9 #include <algorithm>
10 10
(...skipping 1046 matching lines...) Expand 10 before | Expand all | Expand 10 after
1057 if (!ValidateExpectedLeafCertificate(client_hello, *crypto_proof)) { 1057 if (!ValidateExpectedLeafCertificate(client_hello, *crypto_proof)) {
1058 found_error = true; 1058 found_error = true;
1059 info->reject_reasons.push_back(INVALID_EXPECTED_LEAF_CERTIFICATE); 1059 info->reject_reasons.push_back(INVALID_EXPECTED_LEAF_CERTIFICATE);
1060 } 1060 }
1061 } 1061 }
1062 1062
1063 if (!client_hello.GetStringPiece(kNONC, &info->client_nonce) || 1063 if (!client_hello.GetStringPiece(kNONC, &info->client_nonce) ||
1064 info->client_nonce.size() != kNonceSize) { 1064 info->client_nonce.size() != kNonceSize) {
1065 info->reject_reasons.push_back(CLIENT_NONCE_INVALID_FAILURE); 1065 info->reject_reasons.push_back(CLIENT_NONCE_INVALID_FAILURE);
1066 // Invalid client nonce. 1066 // Invalid client nonce.
1067 LOG(ERROR) << "Invalid client nonce: " << client_hello.DebugString();
1067 DVLOG(1) << "Invalid client nonce."; 1068 DVLOG(1) << "Invalid client nonce.";
1068 if (FLAGS_use_early_return_when_verifying_chlo) { 1069 if (FLAGS_use_early_return_when_verifying_chlo) {
1069 helper.ValidationComplete(QUIC_NO_ERROR, ""); 1070 helper.ValidationComplete(QUIC_NO_ERROR, "");
1070 return; 1071 return;
1071 } 1072 }
1072 found_error = true; 1073 found_error = true;
1073 } 1074 }
1074 1075
1075 // Server nonce is optional, and used for key derivation if present. 1076 // Server nonce is optional, and used for key derivation if present.
1076 client_hello.GetStringPiece(kServerNonceTag, &info->server_nonce); 1077 client_hello.GetStringPiece(kServerNonceTag, &info->server_nonce);
(...skipping 734 matching lines...) Expand 10 before | Expand all | Expand 10 after
1811 priority(0), 1812 priority(0),
1812 source_address_token_boxer(nullptr) {} 1813 source_address_token_boxer(nullptr) {}
1813 1814
1814 QuicCryptoServerConfig::Config::~Config() { 1815 QuicCryptoServerConfig::Config::~Config() {
1815 STLDeleteElements(&key_exchanges); 1816 STLDeleteElements(&key_exchanges);
1816 } 1817 }
1817 1818
1818 QuicCryptoProof::QuicCryptoProof() {} 1819 QuicCryptoProof::QuicCryptoProof() {}
1819 QuicCryptoProof::~QuicCryptoProof() {} 1820 QuicCryptoProof::~QuicCryptoProof() {}
1820 } // namespace net 1821 } // namespace net
OLDNEW
« no previous file with comments | « net/quic/crypto/crypto_server_test.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698