| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/core/quic_crypto_server_stream.h" | 5 #include "net/quic/core/quic_crypto_server_stream.h" |
| 6 | 6 |
| 7 #include <memory> | 7 #include <memory> |
| 8 | 8 |
| 9 #include "base/base64.h" | 9 #include "base/base64.h" |
| 10 #include "crypto/secure_hash.h" | 10 #include "crypto/secure_hash.h" |
| (...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 73 : QuicCryptoServerStreamBase(session), | 73 : QuicCryptoServerStreamBase(session), |
| 74 crypto_config_(crypto_config), | 74 crypto_config_(crypto_config), |
| 75 compressed_certs_cache_(compressed_certs_cache), | 75 compressed_certs_cache_(compressed_certs_cache), |
| 76 validate_client_hello_cb_(nullptr), | 76 validate_client_hello_cb_(nullptr), |
| 77 num_handshake_messages_(0), | 77 num_handshake_messages_(0), |
| 78 num_handshake_messages_with_server_nonces_(0), | 78 num_handshake_messages_with_server_nonces_(0), |
| 79 send_server_config_update_cb_(nullptr), | 79 send_server_config_update_cb_(nullptr), |
| 80 num_server_config_update_messages_sent_(0), | 80 num_server_config_update_messages_sent_(0), |
| 81 use_stateless_rejects_if_peer_supported_( | 81 use_stateless_rejects_if_peer_supported_( |
| 82 use_stateless_rejects_if_peer_supported), | 82 use_stateless_rejects_if_peer_supported), |
| 83 peer_supports_stateless_rejects_(false) { | 83 peer_supports_stateless_rejects_(false), |
| 84 chlo_packet_size_(0) { |
| 84 DCHECK_EQ(Perspective::IS_SERVER, session->connection()->perspective()); | 85 DCHECK_EQ(Perspective::IS_SERVER, session->connection()->perspective()); |
| 85 } | 86 } |
| 86 | 87 |
| 87 QuicCryptoServerStream::~QuicCryptoServerStream() { | 88 QuicCryptoServerStream::~QuicCryptoServerStream() { |
| 88 CancelOutstandingCallbacks(); | 89 CancelOutstandingCallbacks(); |
| 89 } | 90 } |
| 90 | 91 |
| 91 void QuicCryptoServerStream::CancelOutstandingCallbacks() { | 92 void QuicCryptoServerStream::CancelOutstandingCallbacks() { |
| 92 // Detach from the validation callback. Calling this multiple times is safe. | 93 // Detach from the validation callback. Calling this multiple times is safe. |
| 93 if (validate_client_hello_cb_ != nullptr) { | 94 if (validate_client_hello_cb_ != nullptr) { |
| 94 validate_client_hello_cb_->Cancel(); | 95 validate_client_hello_cb_->Cancel(); |
| 95 validate_client_hello_cb_ = nullptr; | 96 validate_client_hello_cb_ = nullptr; |
| 96 } | 97 } |
| 97 if (send_server_config_update_cb_ != nullptr) { | 98 if (send_server_config_update_cb_ != nullptr) { |
| 98 send_server_config_update_cb_->Cancel(); | 99 send_server_config_update_cb_->Cancel(); |
| 99 send_server_config_update_cb_ = nullptr; | 100 send_server_config_update_cb_ = nullptr; |
| 100 } | 101 } |
| 101 } | 102 } |
| 102 | 103 |
| 103 void QuicCryptoServerStream::OnHandshakeMessage( | 104 void QuicCryptoServerStream::OnHandshakeMessage( |
| 104 const CryptoHandshakeMessage& message) { | 105 const CryptoHandshakeMessage& message) { |
| 105 QuicCryptoServerStreamBase::OnHandshakeMessage(message); | 106 QuicCryptoServerStreamBase::OnHandshakeMessage(message); |
| 106 ++num_handshake_messages_; | 107 ++num_handshake_messages_; |
| 108 chlo_packet_size_ = session()->connection()->GetCurrentPacket().length(); |
| 107 | 109 |
| 108 bool require_kfixd = !FLAGS_quic_deprecate_kfixd; | 110 bool require_kfixd = !FLAGS_quic_deprecate_kfixd; |
| 109 | 111 |
| 110 if (require_kfixd && !HasFixedTag(message)) { | 112 if (require_kfixd && !HasFixedTag(message)) { |
| 111 CloseConnectionWithDetails(QUIC_CRYPTO_MESSAGE_PARAMETER_NOT_FOUND, | 113 CloseConnectionWithDetails(QUIC_CRYPTO_MESSAGE_PARAMETER_NOT_FOUND, |
| 112 "Missing kFIXD"); | 114 "Missing kFIXD"); |
| 113 return; | 115 return; |
| 114 } | 116 } |
| 115 | 117 |
| 116 // Do not process handshake messages after the handshake is confirmed. | 118 // Do not process handshake messages after the handshake is confirmed. |
| (...skipping 315 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 432 use_stateless_rejects_in_crypto_config | 434 use_stateless_rejects_in_crypto_config |
| 433 ? GenerateConnectionIdForReject(connection->connection_id()) | 435 ? GenerateConnectionIdForReject(connection->connection_id()) |
| 434 : 0; | 436 : 0; |
| 435 return crypto_config_->ProcessClientHello( | 437 return crypto_config_->ProcessClientHello( |
| 436 result, /*reject_only=*/false, connection->connection_id(), | 438 result, /*reject_only=*/false, connection->connection_id(), |
| 437 connection->self_address().address(), connection->peer_address(), | 439 connection->self_address().address(), connection->peer_address(), |
| 438 version(), connection->supported_versions(), | 440 version(), connection->supported_versions(), |
| 439 use_stateless_rejects_in_crypto_config, server_designated_connection_id, | 441 use_stateless_rejects_in_crypto_config, server_designated_connection_id, |
| 440 connection->clock(), connection->random_generator(), | 442 connection->clock(), connection->random_generator(), |
| 441 compressed_certs_cache_, &crypto_negotiated_params_, &crypto_proof_, | 443 compressed_certs_cache_, &crypto_negotiated_params_, &crypto_proof_, |
| 442 reply, out_diversification_nonce, error_details); | 444 QuicCryptoStream::CryptoMessageFramingOverhead(version()), |
| 445 chlo_packet_size_, reply, out_diversification_nonce, error_details); |
| 443 } | 446 } |
| 444 | 447 |
| 445 void QuicCryptoServerStream::OverrideQuicConfigDefaults(QuicConfig* config) {} | 448 void QuicCryptoServerStream::OverrideQuicConfigDefaults(QuicConfig* config) {} |
| 446 | 449 |
| 447 QuicCryptoServerStream::ValidateCallback::ValidateCallback( | 450 QuicCryptoServerStream::ValidateCallback::ValidateCallback( |
| 448 QuicCryptoServerStream* parent) | 451 QuicCryptoServerStream* parent) |
| 449 : parent_(parent) {} | 452 : parent_(parent) {} |
| 450 | 453 |
| 451 void QuicCryptoServerStream::ValidateCallback::Cancel() { | 454 void QuicCryptoServerStream::ValidateCallback::Cancel() { |
| 452 parent_ = nullptr; | 455 parent_ = nullptr; |
| (...skipping 12 matching lines...) Expand all Loading... |
| 465 QuicConnectionId QuicCryptoServerStream::GenerateConnectionIdForReject( | 468 QuicConnectionId QuicCryptoServerStream::GenerateConnectionIdForReject( |
| 466 QuicConnectionId connection_id) { | 469 QuicConnectionId connection_id) { |
| 467 // TODO(rch): Remove this method when | 470 // TODO(rch): Remove this method when |
| 468 // reloadable_flag_quic_dispatcher_creates_id2 is removed. | 471 // reloadable_flag_quic_dispatcher_creates_id2 is removed. |
| 469 QuicServerSessionBase* session_base = | 472 QuicServerSessionBase* session_base = |
| 470 static_cast<QuicServerSessionBase*>(session()); | 473 static_cast<QuicServerSessionBase*>(session()); |
| 471 return session_base->GenerateConnectionIdForReject(connection_id); | 474 return session_base->GenerateConnectionIdForReject(connection_id); |
| 472 } | 475 } |
| 473 | 476 |
| 474 } // namespace net | 477 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2227553003:
Use the CHLO packet size, not message size when determining how large a REJ can be. Protected by --… (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@129101660