Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(99)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/quic/core/crypto/quic_crypto_server_config.cc

Issue 2464983002: public relnote: Add comment of quic async signing. (Closed)
Patch Set: Created 4 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/quic/core/crypto/quic_crypto_server_config.h" 5 #include "net/quic/core/crypto/quic_crypto_server_config.h"
6 6
7 #include <stdlib.h> 7 #include <stdlib.h>
8 8
9 #include <algorithm> 9 #include <algorithm>
10 #include <memory> 10 #include <memory>
(...skipping 726 matching lines...) Expand 10 before | Expand all | Expand 10 after
737 return; 737 return;
738 } 738 }
739 739
740 if (!ClientDemandsX509Proof(client_hello)) { 740 if (!ClientDemandsX509Proof(client_hello)) {
741 helper.Fail(QUIC_UNSUPPORTED_PROOF_DEMAND, "Missing or invalid PDMD"); 741 helper.Fail(QUIC_UNSUPPORTED_PROOF_DEMAND, "Missing or invalid PDMD");
742 return; 742 return;
743 } 743 }
744 DCHECK(proof_source_.get()); 744 DCHECK(proof_source_.get());
745 string chlo_hash; 745 string chlo_hash;
746 CryptoUtils::HashHandshakeMessage(client_hello, &chlo_hash); 746 CryptoUtils::HashHandshakeMessage(client_hello, &chlo_hash);
747
747 // No need to get a new proof if one was already generated. 748 // No need to get a new proof if one was already generated.
748 if (!crypto_proof->chain) { 749 if (!crypto_proof->chain) {
749 const QuicTag* tag_ptr; 750 const QuicTag* tag_ptr;
750 size_t num_tags; 751 size_t num_tags;
751 QuicTagVector connection_options; 752 QuicTagVector connection_options;
752 if (client_hello.GetTaglist(kCOPT, &tag_ptr, &num_tags) == QUIC_NO_ERROR) { 753 if (client_hello.GetTaglist(kCOPT, &tag_ptr, &num_tags) == QUIC_NO_ERROR) {
753 connection_options.assign(tag_ptr, tag_ptr + num_tags); 754 connection_options.assign(tag_ptr, tag_ptr + num_tags);
754 } 755 }
755 if (FLAGS_enable_async_get_proof) { 756 if (FLAGS_enable_async_get_proof) {
756 std::unique_ptr<ProcessClientHelloCallback> cb( 757 std::unique_ptr<ProcessClientHelloCallback> cb(
(...skipping 812 matching lines...) Expand 10 before | Expand all | Expand 10 after
1569 CryptoHandshakeMessage message; 1570 CryptoHandshakeMessage message;
1570 message.set_tag(kSCUP); 1571 message.set_tag(kSCUP);
1571 message.SetStringPiece(kSCFG, serialized); 1572 message.SetStringPiece(kSCFG, serialized);
1572 message.SetStringPiece(kSourceAddressTokenTag, source_address_token); 1573 message.SetStringPiece(kSourceAddressTokenTag, source_address_token);
1573 1574
1574 std::unique_ptr<BuildServerConfigUpdateMessageProofSourceCallback> 1575 std::unique_ptr<BuildServerConfigUpdateMessageProofSourceCallback>
1575 proof_source_cb(new BuildServerConfigUpdateMessageProofSourceCallback( 1576 proof_source_cb(new BuildServerConfigUpdateMessageProofSourceCallback(
1576 this, version, compressed_certs_cache, common_cert_sets, params, 1577 this, version, compressed_certs_cache, common_cert_sets, params,
1577 std::move(message), std::move(cb))); 1578 std::move(message), std::move(cb)));
1578 1579
1580 // Note: We unconditionally use the async variant of GetProof here, unlike
1581 // elsewhere in this file where we check for the kSYNC tag in the CHLO for the
1582 // connection before deciding. This call is not in the critical serving path,
1583 // and so should not have much impact on the experiments associated with that
1584 // tag (plus it would be a chore to plumb information about the tag down to
1585 // here).
1579 proof_source_->GetProof(server_ip, params.sni, serialized, version, chlo_hash, 1586 proof_source_->GetProof(server_ip, params.sni, serialized, version, chlo_hash,
1580 connection_options, std::move(proof_source_cb)); 1587 connection_options, std::move(proof_source_cb));
1581 } 1588 }
1582 1589
1583 QuicCryptoServerConfig::BuildServerConfigUpdateMessageProofSourceCallback:: 1590 QuicCryptoServerConfig::BuildServerConfigUpdateMessageProofSourceCallback::
1584 ~BuildServerConfigUpdateMessageProofSourceCallback() {} 1591 ~BuildServerConfigUpdateMessageProofSourceCallback() {}
1585 1592
1586 QuicCryptoServerConfig::BuildServerConfigUpdateMessageProofSourceCallback:: 1593 QuicCryptoServerConfig::BuildServerConfigUpdateMessageProofSourceCallback::
1587 BuildServerConfigUpdateMessageProofSourceCallback( 1594 BuildServerConfigUpdateMessageProofSourceCallback(
1588 const QuicCryptoServerConfig* config, 1595 const QuicCryptoServerConfig* config,
(...skipping 678 matching lines...) Expand 10 before | Expand all | Expand 10 after
2267 priority(0), 2274 priority(0),
2268 source_address_token_boxer(nullptr) {} 2275 source_address_token_boxer(nullptr) {}
2269 2276
2270 QuicCryptoServerConfig::Config::~Config() { 2277 QuicCryptoServerConfig::Config::~Config() {
2271 } 2278 }
2272 2279
2273 QuicCryptoProof::QuicCryptoProof() {} 2280 QuicCryptoProof::QuicCryptoProof() {}
2274 QuicCryptoProof::~QuicCryptoProof() {} 2281 QuicCryptoProof::~QuicCryptoProof() {}
2275 2282
2276 } // namespace net 2283 } // namespace net
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698