| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/core/crypto/quic_crypto_client_config.h" | 5 #include "net/quic/core/crypto/quic_crypto_client_config.h" |
| 6 | 6 |
| 7 #include <memory> | 7 #include <memory> |
| 8 | 8 |
| 9 #include "base/metrics/histogram_macros.h" | 9 #include "base/metrics/histogram_macros.h" |
| 10 #include "base/stl_util.h" | 10 #include "base/stl_util.h" |
| (...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 59 : proof_verifier_(std::move(proof_verifier)) { | 59 : proof_verifier_(std::move(proof_verifier)) { |
| 60 DCHECK(proof_verifier_.get()); | 60 DCHECK(proof_verifier_.get()); |
| 61 SetDefaults(); | 61 SetDefaults(); |
| 62 } | 62 } |
| 63 | 63 |
| 64 QuicCryptoClientConfig::~QuicCryptoClientConfig() { | 64 QuicCryptoClientConfig::~QuicCryptoClientConfig() { |
| 65 base::STLDeleteValues(&cached_states_); | 65 base::STLDeleteValues(&cached_states_); |
| 66 } | 66 } |
| 67 | 67 |
| 68 QuicCryptoClientConfig::CachedState::CachedState() | 68 QuicCryptoClientConfig::CachedState::CachedState() |
| 69 : server_config_valid_(false), generation_counter_(0) {} | 69 : server_config_valid_(false), |
| 70 expiration_time_(QuicWallTime::Zero()), |
| 71 generation_counter_(0) {} |
| 70 | 72 |
| 71 QuicCryptoClientConfig::CachedState::~CachedState() {} | 73 QuicCryptoClientConfig::CachedState::~CachedState() {} |
| 72 | 74 |
| 73 bool QuicCryptoClientConfig::CachedState::IsComplete(QuicWallTime now) const { | 75 bool QuicCryptoClientConfig::CachedState::IsComplete(QuicWallTime now) const { |
| 74 if (server_config_.empty()) { | 76 if (server_config_.empty()) { |
| 75 RecordInchoateClientHelloReason(SERVER_CONFIG_EMPTY); | 77 RecordInchoateClientHelloReason(SERVER_CONFIG_EMPTY); |
| 76 return false; | 78 return false; |
| 77 } | 79 } |
| 78 | 80 |
| 79 if (!server_config_valid_) { | 81 if (!server_config_valid_) { |
| 80 RecordInchoateClientHelloReason(SERVER_CONFIG_INVALID); | 82 RecordInchoateClientHelloReason(SERVER_CONFIG_INVALID); |
| 81 return false; | 83 return false; |
| 82 } | 84 } |
| 83 | 85 |
| 84 const CryptoHandshakeMessage* scfg = GetServerConfig(); | 86 const CryptoHandshakeMessage* scfg = GetServerConfig(); |
| 85 if (!scfg) { | 87 if (!scfg) { |
| 86 // Should be impossible short of cache corruption. | 88 // Should be impossible short of cache corruption. |
| 87 DCHECK(false); | 89 DCHECK(false); |
| 88 RecordInchoateClientHelloReason(SERVER_CONFIG_CORRUPTED); | 90 RecordInchoateClientHelloReason(SERVER_CONFIG_CORRUPTED); |
| 89 return false; | 91 return false; |
| 90 } | 92 } |
| 91 | 93 |
| 92 uint64_t expiry_seconds; | 94 if (now.IsAfter(expiration_time_)) { |
| 93 if (scfg->GetUint64(kEXPY, &expiry_seconds) != QUIC_NO_ERROR) { | |
| 94 RecordInchoateClientHelloReason(SERVER_CONFIG_INVALID_EXPIRY); | |
| 95 return false; | |
| 96 } | |
| 97 if (now.ToUNIXSeconds() >= expiry_seconds) { | |
| 98 UMA_HISTOGRAM_CUSTOM_TIMES( | 95 UMA_HISTOGRAM_CUSTOM_TIMES( |
| 99 "Net.QuicClientHelloServerConfig.InvalidDuration", | 96 "Net.QuicClientHelloServerConfig.InvalidDuration", |
| 100 base::TimeDelta::FromSeconds(now.ToUNIXSeconds() - expiry_seconds), | 97 base::TimeDelta::FromSeconds(now.ToUNIXSeconds() - |
| 98 expiration_time_.ToUNIXSeconds()), |
| 101 base::TimeDelta::FromMinutes(1), base::TimeDelta::FromDays(20), 50); | 99 base::TimeDelta::FromMinutes(1), base::TimeDelta::FromDays(20), 50); |
| 102 RecordInchoateClientHelloReason(SERVER_CONFIG_EXPIRED); | 100 RecordInchoateClientHelloReason(SERVER_CONFIG_EXPIRED); |
| 103 return false; | 101 return false; |
| 104 } | 102 } |
| 105 | 103 |
| 106 return true; | 104 return true; |
| 107 } | 105 } |
| 108 | 106 |
| 109 bool QuicCryptoClientConfig::CachedState::IsEmpty() const { | 107 bool QuicCryptoClientConfig::CachedState::IsEmpty() const { |
| 110 return server_config_.empty(); | 108 return server_config_.empty(); |
| (...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 163 if (!new_scfg) { | 161 if (!new_scfg) { |
| 164 *error_details = "SCFG invalid"; | 162 *error_details = "SCFG invalid"; |
| 165 return SERVER_CONFIG_INVALID; | 163 return SERVER_CONFIG_INVALID; |
| 166 } | 164 } |
| 167 | 165 |
| 168 uint64_t expiry_seconds; | 166 uint64_t expiry_seconds; |
| 169 if (new_scfg->GetUint64(kEXPY, &expiry_seconds) != QUIC_NO_ERROR) { | 167 if (new_scfg->GetUint64(kEXPY, &expiry_seconds) != QUIC_NO_ERROR) { |
| 170 *error_details = "SCFG missing EXPY"; | 168 *error_details = "SCFG missing EXPY"; |
| 171 return SERVER_CONFIG_INVALID_EXPIRY; | 169 return SERVER_CONFIG_INVALID_EXPIRY; |
| 172 } | 170 } |
| 171 expiration_time_ = QuicWallTime::FromUNIXSeconds(expiry_seconds); |
| 173 | 172 |
| 174 if (now.ToUNIXSeconds() >= expiry_seconds) { | 173 if (now.IsAfter(expiration_time_)) { |
| 175 *error_details = "SCFG has expired"; | 174 *error_details = "SCFG has expired"; |
| 176 return SERVER_CONFIG_EXPIRED; | 175 return SERVER_CONFIG_EXPIRED; |
| 177 } | 176 } |
| 178 | 177 |
| 179 if (!matches_existing) { | 178 if (!matches_existing) { |
| 180 server_config_ = server_config.as_string(); | 179 server_config_ = server_config.as_string(); |
| 181 SetProofInvalid(); | 180 SetProofInvalid(); |
| 182 scfg_.reset(new_scfg_storage.release()); | 181 scfg_.reset(new_scfg_storage.release()); |
| 183 } | 182 } |
| 184 return SERVER_CONFIG_VALID; | 183 return SERVER_CONFIG_VALID; |
| (...skipping 794 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 979 } | 978 } |
| 980 | 979 |
| 981 // Update canonical version to point at the "most recent" entry. | 980 // Update canonical version to point at the "most recent" entry. |
| 982 canonical_server_map_[suffix_server_id] = server_id; | 981 canonical_server_map_[suffix_server_id] = server_id; |
| 983 | 982 |
| 984 server_state->InitializeFrom(*canonical_state); | 983 server_state->InitializeFrom(*canonical_state); |
| 985 return true; | 984 return true; |
| 986 } | 985 } |
| 987 | 986 |
| 988 } // namespace net | 987 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2289243003:
Store the QUIC server's crypto config expiration time explicitly in the client's CachedState, inste… (Closed)
