Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(150)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/quic/core/crypto/quic_crypto_server_config.h

Issue 2626443002: Fix QUIC crash when ProofSource::GetProof fails (Closed)
Patch Set: Created 3 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/quic/core/crypto/crypto_server_test.cc ('k') | net/quic/core/crypto/quic_crypto_server_config.cc » ('j') | net/quic/test_tools/failing_proof_source.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_QUIC_CORE_CRYPTO_QUIC_CRYPTO_SERVER_CONFIG_H_ 5 #ifndef NET_QUIC_CORE_CRYPTO_QUIC_CRYPTO_SERVER_CONFIG_H_
6 #define NET_QUIC_CORE_CRYPTO_QUIC_CRYPTO_SERVER_CONFIG_H_ 6 #define NET_QUIC_CORE_CRYPTO_QUIC_CRYPTO_SERVER_CONFIG_H_
7 7
8 #include <cstddef> 8 #include <cstddef>
9 #include <cstdint> 9 #include <cstdint>
10 #include <map> 10 #include <map>
(...skipping 638 matching lines...) Expand 10 before | Expand all | Expand 10 after
649 // reason for failure. 649 // reason for failure.
650 HandshakeFailureReason ValidateSourceAddressTokenTimestamp( 650 HandshakeFailureReason ValidateSourceAddressTokenTimestamp(
651 const SourceAddressToken& token, 651 const SourceAddressToken& token,
652 QuicWallTime now) const; 652 QuicWallTime now) const;
653 653
654 // NewServerNonce generates and encrypts a random nonce. 654 // NewServerNonce generates and encrypts a random nonce.
655 std::string NewServerNonce(QuicRandom* rand, QuicWallTime now) const; 655 std::string NewServerNonce(QuicRandom* rand, QuicWallTime now) const;
656 656
657 // ValidateExpectedLeafCertificate checks the |client_hello| to see if it has 657 // ValidateExpectedLeafCertificate checks the |client_hello| to see if it has
658 // an XLCT tag, and if so, verifies that its value matches the hash of the 658 // an XLCT tag, and if so, verifies that its value matches the hash of the
659 // server's leaf certificate. The certs field of |crypto_proof| is used to 659 // server's leaf certificate. |certs| is used to compare against the XLCT
660 // compare against the XLCT value. This method returns true if the XLCT tag 660 // value. This method returns true if the XLCT tag is not present, or if the
661 // is not present, or if the XLCT tag is present and valid. It returns false 661 // XLCT tag is present and valid. It returns false otherwise.
662 // otherwise.
663 bool ValidateExpectedLeafCertificate( 662 bool ValidateExpectedLeafCertificate(
664 const CryptoHandshakeMessage& client_hello, 663 const CryptoHandshakeMessage& client_hello,
665 const QuicSignedServerConfig& crypto_proof) const; 664 const std::vector<std::string>& certs) const;
666 665
667 // Returns true if the PDMD field from the client hello demands an X509 666 // Returns true if the PDMD field from the client hello demands an X509
668 // certificate. 667 // certificate.
669 bool ClientDemandsX509Proof(const CryptoHandshakeMessage& client_hello) const; 668 bool ClientDemandsX509Proof(const CryptoHandshakeMessage& client_hello) const;
670 669
671 // Callback to receive the results of ProofSource::GetProof. Note: this 670 // Callback to receive the results of ProofSource::GetProof. Note: this
672 // callback has no cancellation support, since the lifetime of the ProofSource 671 // callback has no cancellation support, since the lifetime of the ProofSource
673 // is controlled by this object via unique ownership. If that ownership 672 // is controlled by this object via unique ownership. If that ownership
674 // stricture changes, this decision may need to be revisited. 673 // stricture changes, this decision may need to be revisited.
675 class BuildServerConfigUpdateMessageProofSourceCallback 674 class BuildServerConfigUpdateMessageProofSourceCallback
(...skipping 121 matching lines...) Expand 10 before | Expand all | Expand 10 after
797 QuicReferenceCountedPointer<QuicCryptoServerConfig::Config> config; 796 QuicReferenceCountedPointer<QuicCryptoServerConfig::Config> config;
798 std::string primary_scid; 797 std::string primary_scid;
799 798
800 protected: 799 protected:
801 ~QuicSignedServerConfig() override; 800 ~QuicSignedServerConfig() override;
802 }; 801 };
803 802
804 } // namespace net 803 } // namespace net
805 804
806 #endif // NET_QUIC_CORE_CRYPTO_QUIC_CRYPTO_SERVER_CONFIG_H_ 805 #endif // NET_QUIC_CORE_CRYPTO_QUIC_CRYPTO_SERVER_CONFIG_H_
OLDNEW
« no previous file with comments | « net/quic/core/crypto/crypto_server_test.cc ('k') | net/quic/core/crypto/quic_crypto_server_config.cc » ('j') | net/quic/test_tools/failing_proof_source.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698