Make QuicDispatcher to queue packets for new connections while waiting for CHLOs. Flag protected by…

net/tools/quic/quic_dispatcher.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/tools/quic/quic_dispatcher.h"
 
 #include <utility>
 
 #include "base/debug/stack_trace.h"
 #include "base/logging.h"
 #include "base/macros.h"
 #include "base/stl_util.h"
 #include "net/quic/core/crypto/quic_random.h"
 #include "net/quic/core/quic_bug_tracker.h"
 #include "net/quic/core/quic_flags.h"
 #include "net/quic/core/quic_utils.h"
 #include "net/tools/quic/chlo_extractor.h"
 #include "net/tools/quic/quic_per_connection_packet_writer.h"
 #include "net/tools/quic/quic_simple_server_session.h"
 #include "net/tools/quic/quic_time_wait_list_manager.h"
 #include "net/tools/quic/stateless_rejector.h"
 
 using base::StringPiece;
 using std::string;
 
 namespace net {
 
+typedef QuicBufferedPacketStore::BufferedPacket BufferedPacket;
+typedef QuicBufferedPacketStore::BufferedPacketList BufferedPacketList;
+typedef QuicBufferedPacketStore::EnqueuePacketResult EnqueuePacketResult;
+
 namespace {
 
 // An alarm that informs the QuicDispatcher to delete old sessions.
 class DeleteSessionsAlarm : public QuicAlarm::Delegate {
  public:
   explicit DeleteSessionsAlarm(QuicDispatcher* dispatcher)
       : dispatcher_(dispatcher) {}
 
   void OnAlarm() override { dispatcher_->DeleteSessions(); }
 
@@ skipping 282 matching lines @@
   }
 
   // Packet's connection ID is unknown.
   // Apply the validity checks.
   QuicPacketFate fate = ValidityChecks(header);
   if (fate == kFateProcess) {
     fate = MaybeRejectStatelessly(connection_id, header);
   }
   switch (fate) {
     case kFateProcess: {
-      // Create a session and process the packet.
-      QuicServerSessionBase* session =
-          CreateQuicSession(connection_id, current_client_address_);
-      DVLOG(1) << "Created new session for " << connection_id;
-      session_map_.insert(std::make_pair(connection_id, session));
-      session->ProcessUdpPacket(current_server_address_,
-                                current_client_address_, *current_packet_);
-      std::list<QuicBufferedPacketStore::BufferedPacket> packets =
-          buffered_packets_.DeliverPackets(connection_id);
-      for (const auto& packet : packets) {
-        SessionMap::iterator it = session_map_.find(connection_id);
-        if (it == session_map_.end()) {
-          break;
-        }
-        it->second->ProcessUdpPacket(packet.server_address,
-                                     packet.client_address, *packet.packet);
-      }
+      ProcessChlo();
       break;
     }
     case kFateTimeWait:
       // MaybeRejectStatelessly might have already added the connection to
       // time wait, in which case it should not be added again.
       if (!FLAGS_quic_use_cheap_stateless_rejects ||
           !time_wait_list_manager_->IsConnectionIdInTimeWait(
               header.public_header.connection_id)) {
         // Add this connection_id to the time-wait state, to safely reject
         // future packets.
         DVLOG(1) << "Adding connection ID " << connection_id
                  << "to time-wait list.";
         time_wait_list_manager_->AddConnectionIdToTimeWait(
             connection_id, framer_.version(),
             /*connection_rejected_statelessly=*/false, nullptr);
       }
       DCHECK(time_wait_list_manager_->IsConnectionIdInTimeWait(
           header.public_header.connection_id));
       time_wait_list_manager_->ProcessPacket(
           current_server_address_, current_client_address_,
           header.public_header.connection_id, header.packet_number,
           *current_packet_);
       break;
+    case kFateBuffer:
+      // This packet is a non-CHLO packet which has arrived out of order.
+      // Buffer it.
+      BufferEarlyPacket(connection_id);
+      break;
     case kFateDrop:
       // Do nothing with the packet.
       break;
   }
 
   return false;
 }
 
 QuicDispatcher::QuicPacketFate QuicDispatcher::ValidityChecks(
     const QuicPacketHeader& header) {
@@ skipping 219 matching lines @@
   DCHECK(false);
   return false;
 }
 
 void QuicDispatcher::OnPacketComplete() {
   DCHECK(false);
 }
 
 void QuicDispatcher::OnExpiredPackets(
     QuicConnectionId connection_id,
-    QuicBufferedPacketStore::BufferedPacketList early_arrived_packets) {}
+    BufferedPacketList early_arrived_packets) {
+  time_wait_list_manager_->AddConnectionIdToTimeWait(
+      connection_id, framer_.version(), false, nullptr);
+}
+
+void QuicDispatcher::OnNewConnectionAdded(QuicConnectionId connection_id) {
+  VLOG(1) << "Received packet from new connection " << connection_id;
+}
+
+// Return true if there is any packet buffered in the store.
+bool QuicDispatcher::HasBufferedPackets(QuicConnectionId connection_id) {
+  return buffered_packets_.HasBufferedPackets(connection_id);
+}
+
+void QuicDispatcher::OnBufferPacketFailure(EnqueuePacketResult result,
+                                           QuicConnectionId connection_id) {
+  DVLOG(1) << "Fail to buffer packet on connection " << connection_id
+           << " because of " << result;
+}
 
 void QuicDispatcher::OnConnectionRejectedStatelessly() {}
 
 void QuicDispatcher::OnConnectionClosedStatelessly(QuicErrorCode error) {}
 
 bool QuicDispatcher::ShouldAttemptCheapStatelessRejection() {
   return true;
 }
 
 QuicTimeWaitListManager* QuicDispatcher::CreateQuicTimeWaitListManager() {
   return new QuicTimeWaitListManager(writer_.get(), this, helper_.get(),
                                      alarm_factory_.get());
 }
 
+void QuicDispatcher::BufferEarlyPacket(QuicConnectionId connection_id) {
+  bool is_new_connection = !buffered_packets_.HasBufferedPackets(connection_id);
+  EnqueuePacketResult rs = buffered_packets_.EnqueuePacket(
+      connection_id, *current_packet_, current_server_address_,
+      current_client_address_);
+  if (rs != EnqueuePacketResult::SUCCESS) {
+    OnBufferPacketFailure(rs, connection_id);
+  } else if (is_new_connection) {
+    OnNewConnectionAdded(connection_id);
+  }
+}
+
+void QuicDispatcher::ProcessChlo() {
+  // Creates a new session and process all buffered packets for this connection.
+  QuicServerSessionBase* session =
+      CreateQuicSession(current_connection_id_, current_client_address_);
+  DVLOG(1) << "Created new session for " << current_connection_id_;
+  session_map_.insert(std::make_pair(current_connection_id_, session));
+  std::list<BufferedPacket> packets =
+      buffered_packets_.DeliverPackets(current_connection_id_);
+  // Check if CHLO is the first packet arrived on this connection.
+  if (FLAGS_quic_buffer_packet_till_chlo && packets.empty()) {
+    OnNewConnectionAdded(current_connection_id_);
+  }
+  // Process CHLO at first.
+  session->ProcessUdpPacket(current_server_address_, current_client_address_,
+                            *current_packet_);
+
+  // Deliver queued-up packets in the same order as they arrived.
+  // Do this even when flag is off because there might be still some packets
+  // buffered in the store before flag is turned off.
+  for (const BufferedPacket& packet : packets) {
+    session->ProcessUdpPacket(packet.server_address, packet.client_address,
+                              *(packet.packet));
+  }
+}
+
 bool QuicDispatcher::HandlePacketForTimeWait(
     const QuicPacketPublicHeader& header) {
   if (header.reset_flag) {
     // Public reset packets do not have packet numbers, so ignore the packet.
     return false;
   }
 
   // Switch the framer to the correct version, so that the packet number can
   // be parsed correctly.
   framer_.set_version(time_wait_list_manager_->GetQuicVersionFromConnectionId(
@@ skipping 18 matching lines @@
 }
 
 QuicDispatcher::QuicPacketFate QuicDispatcher::MaybeRejectStatelessly(
     QuicConnectionId connection_id,
     const QuicPacketHeader& header) {
   // TODO(rch): This logic should probably live completely inside the rejector.
   if (!FLAGS_quic_use_cheap_stateless_rejects ||
       !FLAGS_enable_quic_stateless_reject_support ||
       header.public_header.versions.front() <= QUIC_VERSION_32 ||
       !ShouldAttemptCheapStatelessRejection()) {
+    // Not use cheap stateless reject.
+    if (FLAGS_quic_buffer_packet_till_chlo &&
+        !ChloExtractor::Extract(*current_packet_, GetSupportedVersions(),
+                                nullptr)) {
+      // Buffer non-CHLO packets.
+      return kFateBuffer;
+    }
     return kFateProcess;
   }
 
   StatelessRejector rejector(
       header.public_header.versions.front(), GetSupportedVersions(),
       crypto_config_, &compressed_certs_cache_, helper()->GetClock(),
       helper()->GetRandomGenerator(), current_packet_->length(),
       current_client_address_, current_server_address_);
   ChloValidator validator(session_helper_.get(), current_server_address_,
                           &rejector);
   if (!ChloExtractor::Extract(*current_packet_, GetSupportedVersions(),
                               &validator)) {
-    DVLOG(1) << "Buffering undecryptable packet.";
-    buffered_packets_.EnqueuePacket(connection_id, *current_packet_,
-                                    current_server_address_,
-                                    current_client_address_);
-    return kFateDrop;
+    if (!FLAGS_quic_buffer_packet_till_chlo) {
+      QUIC_BUG << "Have to drop packet because buffering non-chlo packet is "
+                  "not supported while trying to do stateless reject. "
+               << "--gfe2_reloadable_flag_quic_buffer_packet_till_chlo "
+               << FLAGS_quic_buffer_packet_till_chlo
+               << " --gfe2_reloadable_flag_quic_use_cheap_stateless_rejects "
+               << FLAGS_quic_use_cheap_stateless_rejects;
+      return kFateDrop;
+    }
+    return kFateBuffer;
   }
 
   if (!validator.can_accept()) {
     // This CHLO is prohibited by policy.
     StatelessConnectionTerminator terminator(connection_id, &framer_, helper(),
                                              time_wait_list_manager_.get());
     terminator.CloseConnection(QUIC_HANDSHAKE_FAILED,
                                validator.error_details());
     OnConnectionClosedStatelessly(QUIC_HANDSHAKE_FAILED);
     return kFateTimeWait;
@@ skipping 30 matching lines @@
 
   QUIC_BUG << "Rejector has unknown invalid state.";
   return kFateDrop;
 }
 
 const QuicVersionVector& QuicDispatcher::GetSupportedVersions() {
   return version_manager_->GetSupportedVersions();
 }
 
 }  // namespace net