Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(485)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/quic/core/crypto/quic_crypto_server_config.cc

Issue 2246253002: Log info about QUIC inchoate rejects, since we expect to "never" (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@130064080
Patch Set: Created 4 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/quic/core/crypto/quic_crypto_server_config.h" 5 #include "net/quic/core/crypto/quic_crypto_server_config.h"
6 6
7 #include <stdlib.h> 7 #include <stdlib.h>
8 8
9 #include <algorithm> 9 #include <algorithm>
10 #include <memory> 10 #include <memory>
(...skipping 1498 matching lines...) Expand 10 before | Expand all | Expand 10 after
1509 chlo_multiplier_ * (chlo_packet_size - total_framing_overhead) - 1509 chlo_multiplier_ * (chlo_packet_size - total_framing_overhead) -
1510 kREJOverheadBytes; 1510 kREJOverheadBytes;
1511 const size_t max_unverified_size = FLAGS_quic_use_chlo_packet_size 1511 const size_t max_unverified_size = FLAGS_quic_use_chlo_packet_size
1512 ? new_max_unverified_size 1512 ? new_max_unverified_size
1513 : old_max_unverified_size; 1513 : old_max_unverified_size;
1514 static_assert(kClientHelloMinimumSize * kMultiplier >= kREJOverheadBytes, 1514 static_assert(kClientHelloMinimumSize * kMultiplier >= kREJOverheadBytes,
1515 "overhead calculation may underflow"); 1515 "overhead calculation may underflow");
1516 bool should_return_sct = 1516 bool should_return_sct =
1517 params->sct_supported_by_client && enable_serving_sct_; 1517 params->sct_supported_by_client && enable_serving_sct_;
1518 const size_t sct_size = should_return_sct ? crypto_proof.cert_sct.size() : 0; 1518 const size_t sct_size = should_return_sct ? crypto_proof.cert_sct.size() : 0;
1519 if (info.valid_source_address_token || 1519 const size_t total_size =
1520 crypto_proof.signature.size() + compressed.size() + sct_size < 1520 crypto_proof.signature.size() + compressed.size() + sct_size;
1521 max_unverified_size) { 1521 if (info.valid_source_address_token || total_size < max_unverified_size) {
1522 out->SetStringPiece(kCertificateTag, compressed); 1522 out->SetStringPiece(kCertificateTag, compressed);
1523 out->SetStringPiece(kPROF, crypto_proof.signature); 1523 out->SetStringPiece(kPROF, crypto_proof.signature);
1524 if (should_return_sct) { 1524 if (should_return_sct) {
1525 if (crypto_proof.cert_sct.empty()) { 1525 if (crypto_proof.cert_sct.empty()) {
1526 DLOG(WARNING) << "SCT is expected but it is empty."; 1526 DLOG(WARNING) << "SCT is expected but it is empty.";
1527 } else { 1527 } else {
1528 out->SetStringPiece(kCertificateSCTTag, crypto_proof.cert_sct); 1528 out->SetStringPiece(kCertificateSCTTag, crypto_proof.cert_sct);
1529 } 1529 }
1530 } 1530 }
1531 } else {
1532 if (FLAGS_quic_use_chlo_packet_size) {
1533 DLOG(WARNING)
1534 << "Sending inchoate REJ for hostname: " << info.sni
1535 << " signature: " << crypto_proof.signature.size()
1536 << " cert: " << compressed.size() << " sct:" << sct_size
1537 << " total: " << total_size << " max: " << max_unverified_size;
1538 }
1531 } 1539 }
1532 } 1540 }
1533 1541
1534 string QuicCryptoServerConfig::CompressChain( 1542 string QuicCryptoServerConfig::CompressChain(
1535 QuicCompressedCertsCache* compressed_certs_cache, 1543 QuicCompressedCertsCache* compressed_certs_cache,
1536 const scoped_refptr<ProofSource::Chain>& chain, 1544 const scoped_refptr<ProofSource::Chain>& chain,
1537 const string& client_common_set_hashes, 1545 const string& client_common_set_hashes,
1538 const string& client_cached_cert_hashes, 1546 const string& client_cached_cert_hashes,
1539 const CommonCertSets* common_sets) { 1547 const CommonCertSets* common_sets) {
1540 // Check whether the compressed certs is available in the cache. 1548 // Check whether the compressed certs is available in the cache.
(...skipping 508 matching lines...) Expand 10 before | Expand all | Expand 10 after
2049 priority(0), 2057 priority(0),
2050 source_address_token_boxer(nullptr) {} 2058 source_address_token_boxer(nullptr) {}
2051 2059
2052 QuicCryptoServerConfig::Config::~Config() { 2060 QuicCryptoServerConfig::Config::~Config() {
2053 base::STLDeleteElements(&key_exchanges); 2061 base::STLDeleteElements(&key_exchanges);
2054 } 2062 }
2055 2063
2056 QuicCryptoProof::QuicCryptoProof() {} 2064 QuicCryptoProof::QuicCryptoProof() {}
2057 QuicCryptoProof::~QuicCryptoProof() {} 2065 QuicCryptoProof::~QuicCryptoProof() {}
2058 } // namespace net 2066 } // namespace net
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698