| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_QUIC_CRYPTO_QUIC_CRYPTO_SERVER_CONFIG_H_ | 5 #ifndef NET_QUIC_CRYPTO_QUIC_CRYPTO_SERVER_CONFIG_H_ |
| 6 #define NET_QUIC_CRYPTO_QUIC_CRYPTO_SERVER_CONFIG_H_ | 6 #define NET_QUIC_CRYPTO_QUIC_CRYPTO_SERVER_CONFIG_H_ |
| 7 | 7 |
| 8 #include <stddef.h> | 8 #include <stddef.h> |
| 9 #include <stdint.h> | 9 #include <stdint.h> |
| 10 | 10 |
| (...skipping 87 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 98 ClientHelloInfo info; | 98 ClientHelloInfo info; |
| 99 QuicErrorCode error_code; | 99 QuicErrorCode error_code; |
| 100 std::string error_details; | 100 std::string error_details; |
| 101 | 101 |
| 102 // Populated if the CHLO STK contained a CachedNetworkParameters proto. | 102 // Populated if the CHLO STK contained a CachedNetworkParameters proto. |
| 103 CachedNetworkParameters cached_network_params; | 103 CachedNetworkParameters cached_network_params; |
| 104 }; | 104 }; |
| 105 | 105 |
| 106 ValidateClientHelloResultCallback(); | 106 ValidateClientHelloResultCallback(); |
| 107 virtual ~ValidateClientHelloResultCallback(); | 107 virtual ~ValidateClientHelloResultCallback(); |
| 108 void Run(const Result* result); | 108 void Run(const Result* result, std::unique_ptr<ProofSource::Details> details); |
| 109 | 109 |
| 110 protected: | 110 protected: |
| 111 virtual void RunImpl(const CryptoHandshakeMessage& client_hello, | 111 virtual void RunImpl(const CryptoHandshakeMessage& client_hello, |
| 112 const Result& result) = 0; | 112 const Result& result, |
| 113 std::unique_ptr<ProofSource::Details> details) = 0; |
| 113 | 114 |
| 114 private: | 115 private: |
| 115 DISALLOW_COPY_AND_ASSIGN(ValidateClientHelloResultCallback); | 116 DISALLOW_COPY_AND_ASSIGN(ValidateClientHelloResultCallback); |
| 116 }; | 117 }; |
| 117 | 118 |
| 118 // Callback used to receive the results of a call to | 119 // Callback used to receive the results of a call to |
| 119 // BuildServerConfigUpdateMessage. | 120 // BuildServerConfigUpdateMessage. |
| 120 class BuildServerConfigUpdateMessageResultCallback { | 121 class BuildServerConfigUpdateMessageResultCallback { |
| 121 public: | 122 public: |
| 122 BuildServerConfigUpdateMessageResultCallback() = default; | 123 BuildServerConfigUpdateMessageResultCallback() = default; |
| (...skipping 402 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 525 // GetProof failed. If GetProof was not run, then |get_proof_failed| will be | 526 // GetProof failed. If GetProof was not run, then |get_proof_failed| will be |
| 526 // set to false. | 527 // set to false. |
| 527 void EvaluateClientHelloAfterGetProof( | 528 void EvaluateClientHelloAfterGetProof( |
| 528 bool found_error, | 529 bool found_error, |
| 529 const IPAddress& server_ip, | 530 const IPAddress& server_ip, |
| 530 QuicVersion version, | 531 QuicVersion version, |
| 531 const uint8_t* primary_orbit, | 532 const uint8_t* primary_orbit, |
| 532 scoped_refptr<Config> requested_config, | 533 scoped_refptr<Config> requested_config, |
| 533 scoped_refptr<Config> primary_config, | 534 scoped_refptr<Config> primary_config, |
| 534 QuicCryptoProof* crypto_proof, | 535 QuicCryptoProof* crypto_proof, |
| 536 std::unique_ptr<ProofSource::Details> proof_source_details, |
| 535 bool get_proof_failed, | 537 bool get_proof_failed, |
| 536 ValidateClientHelloResultCallback::Result* client_hello_state, | 538 ValidateClientHelloResultCallback::Result* client_hello_state, |
| 537 ValidateClientHelloResultCallback* done_cb) const; | 539 ValidateClientHelloResultCallback* done_cb) const; |
| 538 | 540 |
| 539 // BuildRejection sets |out| to be a REJ message in reply to |client_hello|. | 541 // BuildRejection sets |out| to be a REJ message in reply to |client_hello|. |
| 540 void BuildRejection(QuicVersion version, | 542 void BuildRejection(QuicVersion version, |
| 541 const Config& config, | 543 const Config& config, |
| 542 const CryptoHandshakeMessage& client_hello, | 544 const CryptoHandshakeMessage& client_hello, |
| 543 const ClientHelloInfo& info, | 545 const ClientHelloInfo& info, |
| 544 const CachedNetworkParameters& cached_network_params, | 546 const CachedNetworkParameters& cached_network_params, |
| (...skipping 113 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 658 QuicVersion version, | 660 QuicVersion version, |
| 659 QuicCompressedCertsCache* compressed_certs_cache, | 661 QuicCompressedCertsCache* compressed_certs_cache, |
| 660 const CommonCertSets* common_cert_sets, | 662 const CommonCertSets* common_cert_sets, |
| 661 const QuicCryptoNegotiatedParameters& params, | 663 const QuicCryptoNegotiatedParameters& params, |
| 662 CryptoHandshakeMessage message, | 664 CryptoHandshakeMessage message, |
| 663 std::unique_ptr<BuildServerConfigUpdateMessageResultCallback> cb); | 665 std::unique_ptr<BuildServerConfigUpdateMessageResultCallback> cb); |
| 664 | 666 |
| 665 void Run(bool ok, | 667 void Run(bool ok, |
| 666 const scoped_refptr<ProofSource::Chain>& chain, | 668 const scoped_refptr<ProofSource::Chain>& chain, |
| 667 const std::string& signature, | 669 const std::string& signature, |
| 668 const std::string& leaf_cert_sct) override; | 670 const std::string& leaf_cert_sct, |
| 671 std::unique_ptr<ProofSource::Details> details) override; |
| 669 | 672 |
| 670 private: | 673 private: |
| 671 const QuicCryptoServerConfig* config_; | 674 const QuicCryptoServerConfig* config_; |
| 672 const QuicVersion version_; | 675 const QuicVersion version_; |
| 673 QuicCompressedCertsCache* compressed_certs_cache_; | 676 QuicCompressedCertsCache* compressed_certs_cache_; |
| 674 const CommonCertSets* common_cert_sets_; | 677 const CommonCertSets* common_cert_sets_; |
| 675 const std::string client_common_set_hashes_; | 678 const std::string client_common_set_hashes_; |
| 676 const std::string client_cached_cert_hashes_; | 679 const std::string client_cached_cert_hashes_; |
| 677 const bool sct_supported_by_client_; | 680 const bool sct_supported_by_client_; |
| 678 CryptoHandshakeMessage message_; | 681 CryptoHandshakeMessage message_; |
| 679 std::unique_ptr<BuildServerConfigUpdateMessageResultCallback> cb_; | 682 std::unique_ptr<BuildServerConfigUpdateMessageResultCallback> cb_; |
| 680 }; | 683 }; |
| 681 | 684 |
| 682 // Invoked by BuildServerConfigUpdateMessageProofSourceCallback::RunImpl once | 685 // Invoked by BuildServerConfigUpdateMessageProofSourceCallback::RunImpl once |
| 683 // the proof has been acquired. Finishes building the server config update | 686 // the proof has been acquired. Finishes building the server config update |
| 684 // message and invokes |cb|. | 687 // message and invokes |cb|. |
| 685 void FinishBuildServerConfigUpdateMessage( | 688 void FinishBuildServerConfigUpdateMessage( |
| 686 QuicVersion version, | 689 QuicVersion version, |
| 687 QuicCompressedCertsCache* compressed_certs_cache, | 690 QuicCompressedCertsCache* compressed_certs_cache, |
| 688 const CommonCertSets* common_cert_sets, | 691 const CommonCertSets* common_cert_sets, |
| 689 const std::string& client_common_set_hashes, | 692 const std::string& client_common_set_hashes, |
| 690 const std::string& client_cached_cert_hashes, | 693 const std::string& client_cached_cert_hashes, |
| 691 bool sct_supported_by_client, | 694 bool sct_supported_by_client, |
| 692 bool ok, | 695 bool ok, |
| 693 const scoped_refptr<ProofSource::Chain>& chain, | 696 const scoped_refptr<ProofSource::Chain>& chain, |
| 694 const std::string& signature, | 697 const std::string& signature, |
| 695 const std::string& leaf_cert_sct, | 698 const std::string& leaf_cert_sct, |
| 699 std::unique_ptr<ProofSource::Details> details, |
| 696 CryptoHandshakeMessage message, | 700 CryptoHandshakeMessage message, |
| 697 std::unique_ptr<BuildServerConfigUpdateMessageResultCallback> cb) const; | 701 std::unique_ptr<BuildServerConfigUpdateMessageResultCallback> cb) const; |
| 698 | 702 |
| 699 // replay_protection_ controls whether the server enforces that handshakes | 703 // replay_protection_ controls whether the server enforces that handshakes |
| 700 // aren't replays. | 704 // aren't replays. |
| 701 bool replay_protection_; | 705 bool replay_protection_; |
| 702 | 706 |
| 703 // The multiple of the CHLO message size that a REJ message must stay under | 707 // The multiple of the CHLO message size that a REJ message must stay under |
| 704 // when the client doesn't present a valid source-address token. This is | 708 // when the client doesn't present a valid source-address token. This is |
| 705 // used to protect QUIC from amplification attacks. | 709 // used to protect QUIC from amplification attacks. |
| (...skipping 75 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 781 std::string cert_sct; | 785 std::string cert_sct; |
| 782 // The server config that is used for this proof (and the rest of the | 786 // The server config that is used for this proof (and the rest of the |
| 783 // request). | 787 // request). |
| 784 scoped_refptr<QuicCryptoServerConfig::Config> config; | 788 scoped_refptr<QuicCryptoServerConfig::Config> config; |
| 785 std::string primary_scid; | 789 std::string primary_scid; |
| 786 }; | 790 }; |
| 787 | 791 |
| 788 } // namespace net | 792 } // namespace net |
| 789 | 793 |
| 790 #endif // NET_QUIC_CRYPTO_QUIC_CRYPTO_SERVER_CONFIG_H_ | 794 #endif // NET_QUIC_CRYPTO_QUIC_CRYPTO_SERVER_CONFIG_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2188663003:
Add plumbing for passing stats from calls to ProofSource::GetProof through QUIC. These stats are n… (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@128459519