| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/core/quic_crypto_server_stream.h" | 5 #include "net/quic/core/quic_crypto_server_stream.h" |
| 6 | 6 |
| 7 #include <memory> | 7 #include <memory> |
| 8 | 8 |
| 9 #include "base/base64.h" | 9 #include "base/base64.h" |
| 10 #include "crypto/secure_hash.h" | 10 #include "crypto/secure_hash.h" |
| (...skipping 74 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 85 | 85 |
| 86 QuicCryptoServerStream::QuicCryptoServerStream( | 86 QuicCryptoServerStream::QuicCryptoServerStream( |
| 87 const QuicCryptoServerConfig* crypto_config, | 87 const QuicCryptoServerConfig* crypto_config, |
| 88 QuicCompressedCertsCache* compressed_certs_cache, | 88 QuicCompressedCertsCache* compressed_certs_cache, |
| 89 bool use_stateless_rejects_if_peer_supported, | 89 bool use_stateless_rejects_if_peer_supported, |
| 90 QuicSession* session, | 90 QuicSession* session, |
| 91 Helper* helper) | 91 Helper* helper) |
| 92 : QuicCryptoServerStreamBase(session), | 92 : QuicCryptoServerStreamBase(session), |
| 93 crypto_config_(crypto_config), | 93 crypto_config_(crypto_config), |
| 94 compressed_certs_cache_(compressed_certs_cache), | 94 compressed_certs_cache_(compressed_certs_cache), |
| 95 crypto_proof_(new QuicCryptoProof), | 95 signed_config_(new QuicSignedServerConfig), |
| 96 validate_client_hello_cb_(nullptr), | 96 validate_client_hello_cb_(nullptr), |
| 97 helper_(helper), | 97 helper_(helper), |
| 98 num_handshake_messages_(0), | 98 num_handshake_messages_(0), |
| 99 num_handshake_messages_with_server_nonces_(0), | 99 num_handshake_messages_with_server_nonces_(0), |
| 100 send_server_config_update_cb_(nullptr), | 100 send_server_config_update_cb_(nullptr), |
| 101 num_server_config_update_messages_sent_(0), | 101 num_server_config_update_messages_sent_(0), |
| 102 use_stateless_rejects_if_peer_supported_( | 102 use_stateless_rejects_if_peer_supported_( |
| 103 use_stateless_rejects_if_peer_supported), | 103 use_stateless_rejects_if_peer_supported), |
| 104 peer_supports_stateless_rejects_(false), | 104 peer_supports_stateless_rejects_(false), |
| 105 chlo_packet_size_(0), | 105 chlo_packet_size_(0), |
| (...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 156 return; | 156 return; |
| 157 } | 157 } |
| 158 | 158 |
| 159 CryptoUtils::HashHandshakeMessage(message, &chlo_hash_); | 159 CryptoUtils::HashHandshakeMessage(message, &chlo_hash_); |
| 160 | 160 |
| 161 std::unique_ptr<ValidateCallback> cb(new ValidateCallback(this)); | 161 std::unique_ptr<ValidateCallback> cb(new ValidateCallback(this)); |
| 162 validate_client_hello_cb_ = cb.get(); | 162 validate_client_hello_cb_ = cb.get(); |
| 163 crypto_config_->ValidateClientHello( | 163 crypto_config_->ValidateClientHello( |
| 164 message, session()->connection()->peer_address().address(), | 164 message, session()->connection()->peer_address().address(), |
| 165 session()->connection()->self_address().address(), version(), | 165 session()->connection()->self_address().address(), version(), |
| 166 session()->connection()->clock(), crypto_proof_, std::move(cb)); | 166 session()->connection()->clock(), signed_config_, std::move(cb)); |
| 167 } | 167 } |
| 168 | 168 |
| 169 void QuicCryptoServerStream::FinishProcessingHandshakeMessage( | 169 void QuicCryptoServerStream::FinishProcessingHandshakeMessage( |
| 170 scoped_refptr<ValidateClientHelloResultCallback::Result> result, | 170 scoped_refptr<ValidateClientHelloResultCallback::Result> result, |
| 171 std::unique_ptr<ProofSource::Details> details) { | 171 std::unique_ptr<ProofSource::Details> details) { |
| 172 const CryptoHandshakeMessage& message = result->client_hello; | 172 const CryptoHandshakeMessage& message = result->client_hello; |
| 173 | 173 |
| 174 // Clear the callback that got us here. | 174 // Clear the callback that got us here. |
| 175 DCHECK(validate_client_hello_cb_ != nullptr); | 175 DCHECK(validate_client_hello_cb_ != nullptr); |
| 176 validate_client_hello_cb_ = nullptr; | 176 validate_client_hello_cb_ = nullptr; |
| (...skipping 71 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 248 // NOTE: the SHLO will be encrypted with the new server write key. | 248 // NOTE: the SHLO will be encrypted with the new server write key. |
| 249 session()->connection()->SetEncrypter( | 249 session()->connection()->SetEncrypter( |
| 250 ENCRYPTION_INITIAL, | 250 ENCRYPTION_INITIAL, |
| 251 crypto_negotiated_params_->initial_crypters.encrypter.release()); | 251 crypto_negotiated_params_->initial_crypters.encrypter.release()); |
| 252 session()->connection()->SetDefaultEncryptionLevel(ENCRYPTION_INITIAL); | 252 session()->connection()->SetDefaultEncryptionLevel(ENCRYPTION_INITIAL); |
| 253 // Set the decrypter immediately so that we no longer accept unencrypted | 253 // Set the decrypter immediately so that we no longer accept unencrypted |
| 254 // packets. | 254 // packets. |
| 255 session()->connection()->SetDecrypter( | 255 session()->connection()->SetDecrypter( |
| 256 ENCRYPTION_INITIAL, | 256 ENCRYPTION_INITIAL, |
| 257 crypto_negotiated_params_->initial_crypters.decrypter.release()); | 257 crypto_negotiated_params_->initial_crypters.decrypter.release()); |
| 258 if (version() > QUIC_VERSION_32) { | 258 session()->connection()->SetDiversificationNonce(*diversification_nonce); |
| 259 session()->connection()->SetDiversificationNonce(*diversification_nonce); | |
| 260 } | |
| 261 | 259 |
| 262 SendHandshakeMessage(*reply); | 260 SendHandshakeMessage(*reply); |
| 263 | 261 |
| 264 session()->connection()->SetEncrypter( | 262 session()->connection()->SetEncrypter( |
| 265 ENCRYPTION_FORWARD_SECURE, | 263 ENCRYPTION_FORWARD_SECURE, |
| 266 crypto_negotiated_params_->forward_secure_crypters.encrypter.release()); | 264 crypto_negotiated_params_->forward_secure_crypters.encrypter.release()); |
| 267 session()->connection()->SetDefaultEncryptionLevel(ENCRYPTION_FORWARD_SECURE); | 265 session()->connection()->SetDefaultEncryptionLevel(ENCRYPTION_FORWARD_SECURE); |
| 268 | 266 |
| 269 session()->connection()->SetAlternativeDecrypter( | 267 session()->connection()->SetAlternativeDecrypter( |
| 270 ENCRYPTION_FORWARD_SECURE, | 268 ENCRYPTION_FORWARD_SECURE, |
| (...skipping 197 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 468 peer_supports_stateless_rejects_; | 466 peer_supports_stateless_rejects_; |
| 469 QuicConnection* connection = session()->connection(); | 467 QuicConnection* connection = session()->connection(); |
| 470 const QuicConnectionId server_designated_connection_id = | 468 const QuicConnectionId server_designated_connection_id = |
| 471 GenerateConnectionIdForReject(use_stateless_rejects_in_crypto_config); | 469 GenerateConnectionIdForReject(use_stateless_rejects_in_crypto_config); |
| 472 crypto_config_->ProcessClientHello( | 470 crypto_config_->ProcessClientHello( |
| 473 result, /*reject_only=*/false, connection->connection_id(), | 471 result, /*reject_only=*/false, connection->connection_id(), |
| 474 connection->self_address().address(), connection->peer_address(), | 472 connection->self_address().address(), connection->peer_address(), |
| 475 version(), connection->supported_versions(), | 473 version(), connection->supported_versions(), |
| 476 use_stateless_rejects_in_crypto_config, server_designated_connection_id, | 474 use_stateless_rejects_in_crypto_config, server_designated_connection_id, |
| 477 connection->clock(), connection->random_generator(), | 475 connection->clock(), connection->random_generator(), |
| 478 compressed_certs_cache_, crypto_negotiated_params_, crypto_proof_, | 476 compressed_certs_cache_, crypto_negotiated_params_, signed_config_, |
| 479 QuicCryptoStream::CryptoMessageFramingOverhead(version()), | 477 QuicCryptoStream::CryptoMessageFramingOverhead(version()), |
| 480 chlo_packet_size_, std::move(done_cb)); | 478 chlo_packet_size_, std::move(done_cb)); |
| 481 } | 479 } |
| 482 | 480 |
| 483 void QuicCryptoServerStream::OverrideQuicConfigDefaults(QuicConfig* config) {} | 481 void QuicCryptoServerStream::OverrideQuicConfigDefaults(QuicConfig* config) {} |
| 484 | 482 |
| 485 QuicCryptoServerStream::ValidateCallback::ValidateCallback( | 483 QuicCryptoServerStream::ValidateCallback::ValidateCallback( |
| 486 QuicCryptoServerStream* parent) | 484 QuicCryptoServerStream* parent) |
| 487 : parent_(parent) {} | 485 : parent_(parent) {} |
| 488 | 486 |
| (...skipping 13 matching lines...) Expand all Loading... |
| 502 QuicConnectionId QuicCryptoServerStream::GenerateConnectionIdForReject( | 500 QuicConnectionId QuicCryptoServerStream::GenerateConnectionIdForReject( |
| 503 bool use_stateless_rejects) { | 501 bool use_stateless_rejects) { |
| 504 if (!use_stateless_rejects) { | 502 if (!use_stateless_rejects) { |
| 505 return 0; | 503 return 0; |
| 506 } | 504 } |
| 507 return helper_->GenerateConnectionIdForReject( | 505 return helper_->GenerateConnectionIdForReject( |
| 508 session()->connection()->connection_id()); | 506 session()->connection()->connection_id()); |
| 509 } | 507 } |
| 510 | 508 |
| 511 } // namespace net | 509 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2516033003:
Landing Recent QUIC changes until Mon Nov 14 04:43:50 2016 +0000 (Closed)
