| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef NET_QUIC_QUIC_CRYPTO_SERVER_STREAM_H_ | |
| 6 #define NET_QUIC_QUIC_CRYPTO_SERVER_STREAM_H_ | |
| 7 | |
| 8 #include <cstdint> | |
| 9 #include <memory> | |
| 10 #include <string> | |
| 11 | |
| 12 #include "base/macros.h" | |
| 13 #include "net/quic/crypto/crypto_handshake.h" | |
| 14 #include "net/quic/crypto/quic_compressed_certs_cache.h" | |
| 15 #include "net/quic/crypto/quic_crypto_server_config.h" | |
| 16 #include "net/quic/proto/source_address_token.pb.h" | |
| 17 #include "net/quic/quic_config.h" | |
| 18 #include "net/quic/quic_crypto_stream.h" | |
| 19 | |
| 20 namespace net { | |
| 21 | |
| 22 class CachedNetworkParameters; | |
| 23 class CryptoHandshakeMessage; | |
| 24 class QuicCryptoServerConfig; | |
| 25 class QuicCryptoServerStreamBase; | |
| 26 class QuicServerSessionBase; | |
| 27 | |
| 28 namespace test { | |
| 29 class CryptoTestUtils; | |
| 30 class QuicCryptoServerStreamPeer; | |
| 31 } // namespace test | |
| 32 | |
| 33 // Receives a notification when the server hello (SHLO) has been ACKed by the | |
| 34 // peer. At this point we disable HANDSHAKE_MODE in the sent packet manager. | |
| 35 class NET_EXPORT_PRIVATE ServerHelloNotifier : public QuicAckListenerInterface { | |
| 36 public: | |
| 37 explicit ServerHelloNotifier(QuicCryptoServerStreamBase* stream) | |
| 38 : server_stream_(stream) {} | |
| 39 | |
| 40 void OnPacketAcked(int acked_bytes, QuicTime::Delta ack_delay_time) override; | |
| 41 | |
| 42 void OnPacketRetransmitted(int retransmitted_bytes) override; | |
| 43 | |
| 44 private: | |
| 45 ~ServerHelloNotifier() override {} | |
| 46 | |
| 47 QuicCryptoServerStreamBase* server_stream_; | |
| 48 | |
| 49 DISALLOW_COPY_AND_ASSIGN(ServerHelloNotifier); | |
| 50 }; | |
| 51 | |
| 52 // TODO(alyssar) see what can be moved out of QuicCryptoServerStream with | |
| 53 // various code and test refactoring. | |
| 54 class NET_EXPORT_PRIVATE QuicCryptoServerStreamBase : public QuicCryptoStream { | |
| 55 public: | |
| 56 explicit QuicCryptoServerStreamBase(QuicServerSessionBase* session); | |
| 57 ~QuicCryptoServerStreamBase() override {} | |
| 58 | |
| 59 // Cancel any outstanding callbacks, such as asynchronous validation of client | |
| 60 // hello. | |
| 61 virtual void CancelOutstandingCallbacks() = 0; | |
| 62 | |
| 63 // GetBase64SHA256ClientChannelID sets |*output| to the base64 encoded, | |
| 64 // SHA-256 hash of the client's ChannelID key and returns true, if the client | |
| 65 // presented a ChannelID. Otherwise it returns false. | |
| 66 virtual bool GetBase64SHA256ClientChannelID(std::string* output) const = 0; | |
| 67 | |
| 68 virtual int NumServerConfigUpdateMessagesSent() const = 0; | |
| 69 | |
| 70 // Sends the latest server config and source-address token to the client. | |
| 71 virtual void SendServerConfigUpdate( | |
| 72 const CachedNetworkParameters* cached_network_params) = 0; | |
| 73 | |
| 74 // Called by the ServerHello AckNotifier once the SHLO has been ACKed by the | |
| 75 // client. | |
| 76 virtual void OnServerHelloAcked() = 0; | |
| 77 | |
| 78 // These are all accessors and setters to their respective counters. | |
| 79 virtual uint8_t NumHandshakeMessages() const = 0; | |
| 80 virtual uint8_t NumHandshakeMessagesWithServerNonces() const = 0; | |
| 81 virtual bool UseStatelessRejectsIfPeerSupported() const = 0; | |
| 82 virtual bool PeerSupportsStatelessRejects() const = 0; | |
| 83 virtual void SetPeerSupportsStatelessRejects(bool set) = 0; | |
| 84 virtual const CachedNetworkParameters* PreviousCachedNetworkParams() | |
| 85 const = 0; | |
| 86 virtual void SetPreviousCachedNetworkParams( | |
| 87 CachedNetworkParameters cached_network_params) = 0; | |
| 88 | |
| 89 // Checks the options on the handshake-message to see whether the | |
| 90 // peer supports stateless-rejects. | |
| 91 static bool DoesPeerSupportStatelessRejects( | |
| 92 const CryptoHandshakeMessage& message); | |
| 93 }; | |
| 94 | |
| 95 class NET_EXPORT_PRIVATE QuicCryptoServerStream | |
| 96 : public QuicCryptoServerStreamBase { | |
| 97 public: | |
| 98 // |crypto_config| must outlive the stream. | |
| 99 QuicCryptoServerStream(const QuicCryptoServerConfig* crypto_config, | |
| 100 QuicCompressedCertsCache* compressed_certs_cache, | |
| 101 bool use_stateless_rejects_if_peer_supported, | |
| 102 QuicServerSessionBase* session); | |
| 103 ~QuicCryptoServerStream() override; | |
| 104 | |
| 105 // From QuicCryptoServerStreamBase | |
| 106 void CancelOutstandingCallbacks() override; | |
| 107 void OnHandshakeMessage(const CryptoHandshakeMessage& message) override; | |
| 108 bool GetBase64SHA256ClientChannelID(std::string* output) const override; | |
| 109 void SendServerConfigUpdate( | |
| 110 const CachedNetworkParameters* cached_network_params) override; | |
| 111 void OnServerHelloAcked() override; | |
| 112 uint8_t NumHandshakeMessages() const override; | |
| 113 uint8_t NumHandshakeMessagesWithServerNonces() const override; | |
| 114 int NumServerConfigUpdateMessagesSent() const override; | |
| 115 const CachedNetworkParameters* PreviousCachedNetworkParams() const override; | |
| 116 bool UseStatelessRejectsIfPeerSupported() const override; | |
| 117 bool PeerSupportsStatelessRejects() const override; | |
| 118 void SetPeerSupportsStatelessRejects( | |
| 119 bool peer_supports_stateless_rejects) override; | |
| 120 void SetPreviousCachedNetworkParams( | |
| 121 CachedNetworkParameters cached_network_params) override; | |
| 122 | |
| 123 protected: | |
| 124 virtual QuicErrorCode ProcessClientHello( | |
| 125 const CryptoHandshakeMessage& message, | |
| 126 const ValidateClientHelloResultCallback::Result& result, | |
| 127 std::unique_ptr<ProofSource::Details> proof_source_details, | |
| 128 CryptoHandshakeMessage* reply, | |
| 129 DiversificationNonce* out_diversification_nonce, | |
| 130 std::string* error_details); | |
| 131 | |
| 132 // Hook that allows the server to set QuicConfig defaults just | |
| 133 // before going through the parameter negotiation step. | |
| 134 virtual void OverrideQuicConfigDefaults(QuicConfig* config); | |
| 135 | |
| 136 // Given the current connection_id, generates a new ConnectionId to | |
| 137 // be returned with a stateless reject. | |
| 138 virtual QuicConnectionId GenerateConnectionIdForReject( | |
| 139 QuicConnectionId connection_id); | |
| 140 | |
| 141 private: | |
| 142 friend class test::CryptoTestUtils; | |
| 143 friend class test::QuicCryptoServerStreamPeer; | |
| 144 | |
| 145 class ValidateCallback : public ValidateClientHelloResultCallback { | |
| 146 public: | |
| 147 explicit ValidateCallback(QuicCryptoServerStream* parent); | |
| 148 // To allow the parent to detach itself from the callback before deletion. | |
| 149 void Cancel(); | |
| 150 | |
| 151 // From ValidateClientHelloResultCallback | |
| 152 void RunImpl(const CryptoHandshakeMessage& client_hello, | |
| 153 const Result& result, | |
| 154 std::unique_ptr<ProofSource::Details> details) override; | |
| 155 | |
| 156 private: | |
| 157 QuicCryptoServerStream* parent_; | |
| 158 | |
| 159 DISALLOW_COPY_AND_ASSIGN(ValidateCallback); | |
| 160 }; | |
| 161 | |
| 162 class SendServerConfigUpdateCallback | |
| 163 : public BuildServerConfigUpdateMessageResultCallback { | |
| 164 public: | |
| 165 explicit SendServerConfigUpdateCallback(QuicCryptoServerStream* parent); | |
| 166 SendServerConfigUpdateCallback(const SendServerConfigUpdateCallback&) = | |
| 167 delete; | |
| 168 void operator=(const SendServerConfigUpdateCallback&) = delete; | |
| 169 | |
| 170 // To allow the parent to detach itself from the callback before deletion. | |
| 171 void Cancel(); | |
| 172 | |
| 173 // From BuildServerConfigUpdateMessageResultCallback | |
| 174 void Run(bool ok, const CryptoHandshakeMessage& message) override; | |
| 175 | |
| 176 private: | |
| 177 QuicCryptoServerStream* parent_; | |
| 178 }; | |
| 179 | |
| 180 // Invoked by ValidateCallback::RunImpl once initial validation of | |
| 181 // the client hello is complete. Finishes processing of the client | |
| 182 // hello message and handles handshake success/failure. | |
| 183 void FinishProcessingHandshakeMessage( | |
| 184 const CryptoHandshakeMessage& message, | |
| 185 const ValidateClientHelloResultCallback::Result& result, | |
| 186 std::unique_ptr<ProofSource::Details> details); | |
| 187 | |
| 188 // Invoked by SendServerConfigUpdateCallback::RunImpl once the proof has been | |
| 189 // received. |ok| indicates whether or not the proof was successfully | |
| 190 // acquired, and |message| holds the partially-constructed message from | |
| 191 // SendServerConfigUpdate. | |
| 192 void FinishSendServerConfigUpdate(bool ok, | |
| 193 const CryptoHandshakeMessage& message); | |
| 194 | |
| 195 // crypto_config_ contains crypto parameters for the handshake. | |
| 196 const QuicCryptoServerConfig* crypto_config_; | |
| 197 | |
| 198 // compressed_certs_cache_ contains a set of most recently compressed certs. | |
| 199 // Owned by QuicDispatcher. | |
| 200 QuicCompressedCertsCache* compressed_certs_cache_; | |
| 201 | |
| 202 // Server's certificate chain and signature of the server config, as provided | |
| 203 // by ProofSource::GetProof. | |
| 204 QuicCryptoProof crypto_proof_; | |
| 205 | |
| 206 // Hash of the last received CHLO message which can be used for generating | |
| 207 // server config update messages. | |
| 208 std::string chlo_hash_; | |
| 209 | |
| 210 // Pointer to the active callback that will receive the result of | |
| 211 // the client hello validation request and forward it to | |
| 212 // FinishProcessingHandshakeMessage for processing. nullptr if no | |
| 213 // handshake message is being validated. | |
| 214 ValidateCallback* validate_client_hello_cb_; | |
| 215 | |
| 216 // Number of handshake messages received by this stream. | |
| 217 uint8_t num_handshake_messages_; | |
| 218 | |
| 219 // Number of handshake messages received by this stream that contain | |
| 220 // server nonces (indicating that this is a non-zero-RTT handshake | |
| 221 // attempt). | |
| 222 uint8_t num_handshake_messages_with_server_nonces_; | |
| 223 | |
| 224 // Pointer to the active callback that will receive the result of | |
| 225 // BuildServerConfigUpdateMessage and forward it to | |
| 226 // FinishSendServerConfigUpdate. nullptr if no update message is currently | |
| 227 // being built. | |
| 228 SendServerConfigUpdateCallback* send_server_config_update_cb_; | |
| 229 | |
| 230 // Number of server config update (SCUP) messages sent by this stream. | |
| 231 int num_server_config_update_messages_sent_; | |
| 232 | |
| 233 // If the client provides CachedNetworkParameters in the STK in the CHLO, then | |
| 234 // store here, and send back in future STKs if we have no better bandwidth | |
| 235 // estimate to send. | |
| 236 std::unique_ptr<CachedNetworkParameters> previous_cached_network_params_; | |
| 237 | |
| 238 // Contains any source address tokens which were present in the CHLO. | |
| 239 SourceAddressTokens previous_source_address_tokens_; | |
| 240 | |
| 241 // If true, the server should use stateless rejects, so long as the | |
| 242 // client supports them, as indicated by | |
| 243 // peer_supports_stateless_rejects_. | |
| 244 bool use_stateless_rejects_if_peer_supported_; | |
| 245 | |
| 246 // Set to true, once the server has received information from the | |
| 247 // client that it supports stateless reject. | |
| 248 // TODO(jokulik): Remove once client stateless reject support | |
| 249 // becomes the default. | |
| 250 bool peer_supports_stateless_rejects_; | |
| 251 | |
| 252 DISALLOW_COPY_AND_ASSIGN(QuicCryptoServerStream); | |
| 253 }; | |
| 254 | |
| 255 } // namespace net | |
| 256 | |
| 257 #endif // NET_QUIC_QUIC_CRYPTO_SERVER_STREAM_H_ | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2193073003:
Move shared files in net/quic/ into net/quic/core/ (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master