OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/quic/core/quic_crypto_server_stream.h" | 5 #include "net/quic/core/quic_crypto_server_stream.h" |
6 | 6 |
7 #include <memory> | 7 #include <memory> |
8 | 8 |
9 #include "base/base64.h" | 9 #include "base/base64.h" |
10 #include "crypto/secure_hash.h" | 10 #include "crypto/secure_hash.h" |
(...skipping 13 matching lines...) Expand all Loading... |
24 namespace net { | 24 namespace net { |
25 | 25 |
26 class QuicCryptoServerStream::ProcessClientHelloCallback | 26 class QuicCryptoServerStream::ProcessClientHelloCallback |
27 : public ProcessClientHelloResultCallback { | 27 : public ProcessClientHelloResultCallback { |
28 public: | 28 public: |
29 ProcessClientHelloCallback( | 29 ProcessClientHelloCallback( |
30 QuicCryptoServerStream* stream, | 30 QuicCryptoServerStream* stream, |
31 const scoped_refptr<ValidateClientHelloResultCallback::Result>& result) | 31 const scoped_refptr<ValidateClientHelloResultCallback::Result>& result) |
32 : stream_(stream), result_(result) {} | 32 : stream_(stream), result_(result) {} |
33 | 33 |
34 void Run( | 34 void Run(QuicErrorCode error, |
35 QuicErrorCode error, | 35 const string& error_details, |
36 const string& error_details, | 36 std::unique_ptr<CryptoHandshakeMessage> message, |
37 std::unique_ptr<CryptoHandshakeMessage> message, | 37 std::unique_ptr<DiversificationNonce> diversification_nonce, |
38 std::unique_ptr<DiversificationNonce> diversification_nonce) override { | 38 std::unique_ptr<net::ProofSource::Details> proof_source_details) |
| 39 override { |
39 if (stream_ == nullptr) { | 40 if (stream_ == nullptr) { |
40 return; | 41 return; |
41 } | 42 } |
42 | 43 |
43 // Note: set the parent's callback to nullptr here because | 44 // Note: set the parent's callback to nullptr here because |
44 // FinishProcessingHandshakeMessageAfterProcessClientHello can be invoked | 45 // FinishProcessingHandshakeMessageAfterProcessClientHello can be invoked |
45 // from either synchronous or asynchronous codepaths. When the synchronous | 46 // from either synchronous or asynchronous codepaths. When the synchronous |
46 // codepaths are removed, this assignment should move to | 47 // codepaths are removed, this assignment should move to |
47 // FinishProcessingHandshakeMessageAfterProcessClientHello. | 48 // FinishProcessingHandshakeMessageAfterProcessClientHello. |
48 stream_->process_client_hello_cb_ = nullptr; | 49 stream_->process_client_hello_cb_ = nullptr; |
49 | 50 |
50 stream_->FinishProcessingHandshakeMessageAfterProcessClientHello( | 51 stream_->FinishProcessingHandshakeMessageAfterProcessClientHello( |
51 *result_, error, error_details, std::move(message), | 52 *result_, error, error_details, std::move(message), |
52 std::move(diversification_nonce)); | 53 std::move(diversification_nonce), std::move(proof_source_details)); |
53 } | 54 } |
54 | 55 |
55 void Cancel() { stream_ = nullptr; } | 56 void Cancel() { stream_ = nullptr; } |
56 | 57 |
57 private: | 58 private: |
58 QuicCryptoServerStream* stream_; | 59 QuicCryptoServerStream* stream_; |
59 scoped_refptr<ValidateClientHelloResultCallback::Result> result_; | 60 scoped_refptr<ValidateClientHelloResultCallback::Result> result_; |
60 }; | 61 }; |
61 | 62 |
62 QuicCryptoServerStreamBase::QuicCryptoServerStreamBase(QuicSession* session) | 63 QuicCryptoServerStreamBase::QuicCryptoServerStreamBase(QuicSession* session) |
(...skipping 120 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
183 process_client_hello_cb_ = cb.get(); | 184 process_client_hello_cb_ = cb.get(); |
184 ProcessClientHello(result, std::move(details), std::move(cb)); | 185 ProcessClientHello(result, std::move(details), std::move(cb)); |
185 } | 186 } |
186 | 187 |
187 void QuicCryptoServerStream:: | 188 void QuicCryptoServerStream:: |
188 FinishProcessingHandshakeMessageAfterProcessClientHello( | 189 FinishProcessingHandshakeMessageAfterProcessClientHello( |
189 const ValidateClientHelloResultCallback::Result& result, | 190 const ValidateClientHelloResultCallback::Result& result, |
190 QuicErrorCode error, | 191 QuicErrorCode error, |
191 const string& error_details, | 192 const string& error_details, |
192 std::unique_ptr<CryptoHandshakeMessage> reply, | 193 std::unique_ptr<CryptoHandshakeMessage> reply, |
193 std::unique_ptr<DiversificationNonce> diversification_nonce) { | 194 std::unique_ptr<DiversificationNonce> diversification_nonce, |
| 195 std::unique_ptr<ProofSource::Details> proof_source_details) { |
194 const CryptoHandshakeMessage& message = result.client_hello; | 196 const CryptoHandshakeMessage& message = result.client_hello; |
195 if (error != QUIC_NO_ERROR) { | 197 if (error != QUIC_NO_ERROR) { |
196 CloseConnectionWithDetails(error, error_details); | 198 CloseConnectionWithDetails(error, error_details); |
197 return; | 199 return; |
198 } | 200 } |
199 | 201 |
200 if (reply->tag() != kSHLO) { | 202 if (reply->tag() != kSHLO) { |
201 if (reply->tag() == kSREJ) { | 203 if (reply->tag() == kSREJ) { |
202 DCHECK(use_stateless_rejects_if_peer_supported_); | 204 DCHECK(use_stateless_rejects_if_peer_supported_); |
203 DCHECK(peer_supports_stateless_rejects_); | 205 DCHECK(peer_supports_stateless_rejects_); |
(...skipping 79 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
283 if (FLAGS_enable_async_get_proof) { | 285 if (FLAGS_enable_async_get_proof) { |
284 if (send_server_config_update_cb_ != nullptr) { | 286 if (send_server_config_update_cb_ != nullptr) { |
285 DVLOG(1) | 287 DVLOG(1) |
286 << "Skipped server config update since one is already in progress"; | 288 << "Skipped server config update since one is already in progress"; |
287 return; | 289 return; |
288 } | 290 } |
289 | 291 |
290 std::unique_ptr<SendServerConfigUpdateCallback> cb( | 292 std::unique_ptr<SendServerConfigUpdateCallback> cb( |
291 new SendServerConfigUpdateCallback(this)); | 293 new SendServerConfigUpdateCallback(this)); |
292 send_server_config_update_cb_ = cb.get(); | 294 send_server_config_update_cb_ = cb.get(); |
| 295 |
293 crypto_config_->BuildServerConfigUpdateMessage( | 296 crypto_config_->BuildServerConfigUpdateMessage( |
294 session()->connection()->version(), chlo_hash_, | 297 session()->connection()->version(), chlo_hash_, |
295 previous_source_address_tokens_, | 298 previous_source_address_tokens_, |
296 session()->connection()->self_address().address(), | 299 session()->connection()->self_address().address(), |
297 session()->connection()->peer_address().address(), | 300 session()->connection()->peer_address().address(), |
298 session()->connection()->clock(), | 301 session()->connection()->clock(), |
299 session()->connection()->random_generator(), compressed_certs_cache_, | 302 session()->connection()->random_generator(), compressed_certs_cache_, |
300 *crypto_negotiated_params_, cached_network_params, std::move(cb)); | 303 *crypto_negotiated_params_, cached_network_params, |
| 304 (session()->config()->HasReceivedConnectionOptions() |
| 305 ? session()->config()->ReceivedConnectionOptions() |
| 306 : QuicTagVector()), |
| 307 std::move(cb)); |
301 return; | 308 return; |
302 } | 309 } |
303 | 310 |
304 CryptoHandshakeMessage server_config_update_message; | 311 CryptoHandshakeMessage server_config_update_message; |
305 if (!crypto_config_->BuildServerConfigUpdateMessage( | 312 if (!crypto_config_->BuildServerConfigUpdateMessage( |
306 session()->connection()->version(), chlo_hash_, | 313 session()->connection()->version(), chlo_hash_, |
307 previous_source_address_tokens_, | 314 previous_source_address_tokens_, |
308 session()->connection()->self_address().address(), | 315 session()->connection()->self_address().address(), |
309 session()->connection()->peer_address().address(), | 316 session()->connection()->peer_address().address(), |
310 session()->connection()->clock(), | 317 session()->connection()->clock(), |
311 session()->connection()->random_generator(), compressed_certs_cache_, | 318 session()->connection()->random_generator(), compressed_certs_cache_, |
312 *crypto_negotiated_params_, cached_network_params, | 319 *crypto_negotiated_params_, cached_network_params, |
| 320 (session()->config()->HasReceivedConnectionOptions() |
| 321 ? session()->config()->ReceivedConnectionOptions() |
| 322 : QuicTagVector()), |
313 &server_config_update_message)) { | 323 &server_config_update_message)) { |
314 DVLOG(1) << "Server: Failed to build server config update (SCUP)!"; | 324 DVLOG(1) << "Server: Failed to build server config update (SCUP)!"; |
315 return; | 325 return; |
316 } | 326 } |
317 | 327 |
318 DVLOG(1) << "Server: Sending server config update: " | 328 DVLOG(1) << "Server: Sending server config update: " |
319 << server_config_update_message.DebugString(); | 329 << server_config_update_message.DebugString(); |
320 const QuicData& data = server_config_update_message.GetSerialized(); | 330 const QuicData& data = server_config_update_message.GetSerialized(); |
321 WriteOrBufferData(StringPiece(data.data(), data.length()), false, nullptr); | 331 WriteOrBufferData(StringPiece(data.data(), data.length()), false, nullptr); |
322 | 332 |
(...skipping 108 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
431 } | 441 } |
432 | 442 |
433 void QuicCryptoServerStream::ProcessClientHello( | 443 void QuicCryptoServerStream::ProcessClientHello( |
434 scoped_refptr<ValidateClientHelloResultCallback::Result> result, | 444 scoped_refptr<ValidateClientHelloResultCallback::Result> result, |
435 std::unique_ptr<ProofSource::Details> proof_source_details, | 445 std::unique_ptr<ProofSource::Details> proof_source_details, |
436 std::unique_ptr<ProcessClientHelloResultCallback> done_cb) { | 446 std::unique_ptr<ProcessClientHelloResultCallback> done_cb) { |
437 const CryptoHandshakeMessage& message = result->client_hello; | 447 const CryptoHandshakeMessage& message = result->client_hello; |
438 string error_details; | 448 string error_details; |
439 if (!helper_->CanAcceptClientHello( | 449 if (!helper_->CanAcceptClientHello( |
440 message, session()->connection()->self_address(), &error_details)) { | 450 message, session()->connection()->self_address(), &error_details)) { |
441 done_cb->Run(QUIC_HANDSHAKE_FAILED, error_details, nullptr, nullptr); | 451 done_cb->Run(QUIC_HANDSHAKE_FAILED, error_details, nullptr, nullptr, |
| 452 nullptr); |
442 return; | 453 return; |
443 } | 454 } |
444 | 455 |
445 if (!result->info.server_nonce.empty()) { | 456 if (!result->info.server_nonce.empty()) { |
446 ++num_handshake_messages_with_server_nonces_; | 457 ++num_handshake_messages_with_server_nonces_; |
447 } | 458 } |
448 // Store the bandwidth estimate from the client. | 459 // Store the bandwidth estimate from the client. |
449 if (result->cached_network_params.bandwidth_estimate_bytes_per_second() > 0) { | 460 if (result->cached_network_params.bandwidth_estimate_bytes_per_second() > 0) { |
450 previous_cached_network_params_.reset( | 461 previous_cached_network_params_.reset( |
451 new CachedNetworkParameters(result->cached_network_params)); | 462 new CachedNetworkParameters(result->cached_network_params)); |
(...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
491 QuicConnectionId QuicCryptoServerStream::GenerateConnectionIdForReject( | 502 QuicConnectionId QuicCryptoServerStream::GenerateConnectionIdForReject( |
492 bool use_stateless_rejects) { | 503 bool use_stateless_rejects) { |
493 if (!use_stateless_rejects) { | 504 if (!use_stateless_rejects) { |
494 return 0; | 505 return 0; |
495 } | 506 } |
496 return helper_->GenerateConnectionIdForReject( | 507 return helper_->GenerateConnectionIdForReject( |
497 session()->connection()->connection_id()); | 508 session()->connection()->connection_id()); |
498 } | 509 } |
499 | 510 |
500 } // namespace net | 511 } // namespace net |
OLD | NEW |