| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/crypto/quic_crypto_server_config.h" | 5 #include "net/quic/crypto/quic_crypto_server_config.h" |
| 6 | 6 |
| 7 #include <stdlib.h> | 7 #include <stdlib.h> |
| 8 | 8 |
| 9 #include <algorithm> | 9 #include <algorithm> |
| 10 #include <memory> | 10 #include <memory> |
| (...skipping 1142 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1153 } | 1153 } |
| 1154 | 1154 |
| 1155 strike_register_client->VerifyNonceIsValidAndUnique( | 1155 strike_register_client->VerifyNonceIsValidAndUnique( |
| 1156 info->client_nonce, info->now, | 1156 info->client_nonce, info->now, |
| 1157 new VerifyNonceIsValidAndUniqueCallback(client_hello_state, done_cb)); | 1157 new VerifyNonceIsValidAndUniqueCallback(client_hello_state, done_cb)); |
| 1158 helper.StartedAsyncCallback(); | 1158 helper.StartedAsyncCallback(); |
| 1159 } | 1159 } |
| 1160 | 1160 |
| 1161 bool QuicCryptoServerConfig::BuildServerConfigUpdateMessage( | 1161 bool QuicCryptoServerConfig::BuildServerConfigUpdateMessage( |
| 1162 QuicVersion version, | 1162 QuicVersion version, |
| 1163 StringPiece chlo_hash, |
| 1163 const SourceAddressTokens& previous_source_address_tokens, | 1164 const SourceAddressTokens& previous_source_address_tokens, |
| 1164 const IPAddress& server_ip, | 1165 const IPAddress& server_ip, |
| 1165 const IPAddress& client_ip, | 1166 const IPAddress& client_ip, |
| 1166 const QuicClock* clock, | 1167 const QuicClock* clock, |
| 1167 QuicRandom* rand, | 1168 QuicRandom* rand, |
| 1168 QuicCompressedCertsCache* compressed_certs_cache, | 1169 QuicCompressedCertsCache* compressed_certs_cache, |
| 1169 const QuicCryptoNegotiatedParameters& params, | 1170 const QuicCryptoNegotiatedParameters& params, |
| 1170 const CachedNetworkParameters* cached_network_params, | 1171 const CachedNetworkParameters* cached_network_params, |
| 1171 CryptoHandshakeMessage* out) const { | 1172 CryptoHandshakeMessage* out) const { |
| 1172 base::AutoLock locked(configs_lock_); | 1173 base::AutoLock locked(configs_lock_); |
| 1173 out->set_tag(kSCUP); | 1174 out->set_tag(kSCUP); |
| 1174 out->SetStringPiece(kSCFG, primary_config_->serialized); | 1175 out->SetStringPiece(kSCFG, primary_config_->serialized); |
| 1175 out->SetStringPiece( | 1176 out->SetStringPiece( |
| 1176 kSourceAddressTokenTag, | 1177 kSourceAddressTokenTag, |
| 1177 NewSourceAddressToken(*primary_config_.get(), | 1178 NewSourceAddressToken(*primary_config_.get(), |
| 1178 previous_source_address_tokens, client_ip, rand, | 1179 previous_source_address_tokens, client_ip, rand, |
| 1179 clock->WallNow(), cached_network_params)); | 1180 clock->WallNow(), cached_network_params)); |
| 1180 | 1181 |
| 1181 scoped_refptr<ProofSource::Chain> chain; | 1182 scoped_refptr<ProofSource::Chain> chain; |
| 1182 string signature; | 1183 string signature; |
| 1183 string cert_sct; | 1184 string cert_sct; |
| 1184 if (!proof_source_->GetProof(server_ip, params.sni, | 1185 if (FLAGS_quic_use_hash_in_scup) { |
| 1185 primary_config_->serialized, version, | 1186 if (!proof_source_->GetProof(server_ip, params.sni, |
| 1186 params.client_nonce, params.x509_ecdsa_supported, | 1187 primary_config_->serialized, version, |
| 1187 &chain, &signature, &cert_sct)) { | 1188 chlo_hash, params.x509_ecdsa_supported, &chain, |
| 1188 DVLOG(1) << "Server: failed to get proof."; | 1189 &signature, &cert_sct)) { |
| 1189 return false; | 1190 DVLOG(1) << "Server: failed to get proof."; |
| 1191 return false; |
| 1192 } |
| 1193 } else { |
| 1194 if (!proof_source_->GetProof( |
| 1195 server_ip, params.sni, primary_config_->serialized, version, |
| 1196 params.client_nonce, params.x509_ecdsa_supported, &chain, |
| 1197 &signature, &cert_sct)) { |
| 1198 DVLOG(1) << "Server: failed to get proof."; |
| 1199 return false; |
| 1200 } |
| 1190 } | 1201 } |
| 1191 | 1202 |
| 1192 const string compressed = CompressChain( | 1203 const string compressed = CompressChain( |
| 1193 compressed_certs_cache, chain, params.client_common_set_hashes, | 1204 compressed_certs_cache, chain, params.client_common_set_hashes, |
| 1194 params.client_cached_cert_hashes, primary_config_->common_cert_sets); | 1205 params.client_cached_cert_hashes, primary_config_->common_cert_sets); |
| 1195 | 1206 |
| 1196 out->SetStringPiece(kCertificateTag, compressed); | 1207 out->SetStringPiece(kCertificateTag, compressed); |
| 1197 out->SetStringPiece(kPROF, signature); | 1208 out->SetStringPiece(kPROF, signature); |
| 1198 if (params.sct_supported_by_client && version > QUIC_VERSION_29 && | 1209 if (params.sct_supported_by_client && version > QUIC_VERSION_29 && |
| 1199 enable_serving_sct_) { | 1210 enable_serving_sct_) { |
| (...skipping 622 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1822 priority(0), | 1833 priority(0), |
| 1823 source_address_token_boxer(nullptr) {} | 1834 source_address_token_boxer(nullptr) {} |
| 1824 | 1835 |
| 1825 QuicCryptoServerConfig::Config::~Config() { | 1836 QuicCryptoServerConfig::Config::~Config() { |
| 1826 STLDeleteElements(&key_exchanges); | 1837 STLDeleteElements(&key_exchanges); |
| 1827 } | 1838 } |
| 1828 | 1839 |
| 1829 QuicCryptoProof::QuicCryptoProof() {} | 1840 QuicCryptoProof::QuicCryptoProof() {} |
| 1830 QuicCryptoProof::~QuicCryptoProof() {} | 1841 QuicCryptoProof::~QuicCryptoProof() {} |
| 1831 } // namespace net | 1842 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1983183002:
Landing Recent QUIC changes until 5/14/2016 02:25:25 UTC (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master