| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/core/crypto/quic_crypto_client_config.h" | 5 #include "net/quic/core/crypto/quic_crypto_client_config.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 #include <memory> | 8 #include <memory> |
| 9 | 9 |
| 10 #include "base/metrics/histogram_macros.h" | 10 #include "base/metrics/histogram_macros.h" |
| 11 #include "net/quic/core/crypto/cert_compressor.h" | 11 #include "net/quic/core/crypto/cert_compressor.h" |
| 12 #include "net/quic/core/crypto/chacha20_poly1305_encrypter.h" | 12 #include "net/quic/core/crypto/chacha20_poly1305_encrypter.h" |
| 13 #include "net/quic/core/crypto/channel_id.h" | 13 #include "net/quic/core/crypto/channel_id.h" |
| 14 #include "net/quic/core/crypto/common_cert_set.h" | 14 #include "net/quic/core/crypto/common_cert_set.h" |
| 15 #include "net/quic/core/crypto/crypto_framer.h" | 15 #include "net/quic/core/crypto/crypto_framer.h" |
| 16 #include "net/quic/core/crypto/crypto_utils.h" | 16 #include "net/quic/core/crypto/crypto_utils.h" |
| 17 #include "net/quic/core/crypto/curve25519_key_exchange.h" | 17 #include "net/quic/core/crypto/curve25519_key_exchange.h" |
| 18 #include "net/quic/core/crypto/key_exchange.h" | 18 #include "net/quic/core/crypto/key_exchange.h" |
| 19 #include "net/quic/core/crypto/p256_key_exchange.h" | 19 #include "net/quic/core/crypto/p256_key_exchange.h" |
| 20 #include "net/quic/core/crypto/proof_verifier.h" | 20 #include "net/quic/core/crypto/proof_verifier.h" |
| 21 #include "net/quic/core/crypto/quic_encrypter.h" | 21 #include "net/quic/core/crypto/quic_encrypter.h" |
| 22 #include "net/quic/core/crypto/quic_random.h" | 22 #include "net/quic/core/crypto/quic_random.h" |
| 23 #include "net/quic/core/quic_utils.h" | 23 #include "net/quic/core/quic_utils.h" |
| 24 #include "net/quic/platform/api/quic_bug_tracker.h" | 24 #include "net/quic/platform/api/quic_bug_tracker.h" |
| 25 #include "net/quic/platform/api/quic_endian.h" |
| 25 #include "net/quic/platform/api/quic_hostname_utils.h" | 26 #include "net/quic/platform/api/quic_hostname_utils.h" |
| 26 #include "net/quic/platform/api/quic_logging.h" | 27 #include "net/quic/platform/api/quic_logging.h" |
| 27 #include "net/quic/platform/api/quic_map_util.h" | 28 #include "net/quic/platform/api/quic_map_util.h" |
| 28 #include "net/quic/platform/api/quic_ptr_util.h" | 29 #include "net/quic/platform/api/quic_ptr_util.h" |
| 29 #include "net/quic/platform/api/quic_text_utils.h" | 30 #include "net/quic/platform/api/quic_text_utils.h" |
| 30 | 31 |
| 31 using std::string; | 32 using std::string; |
| 32 | 33 |
| 33 namespace net { | 34 namespace net { |
| 34 | 35 |
| (...skipping 150 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 185 scfg_ = std::move(new_scfg_storage); | 186 scfg_ = std::move(new_scfg_storage); |
| 186 } | 187 } |
| 187 return SERVER_CONFIG_VALID; | 188 return SERVER_CONFIG_VALID; |
| 188 } | 189 } |
| 189 | 190 |
| 190 void QuicCryptoClientConfig::CachedState::InvalidateServerConfig() { | 191 void QuicCryptoClientConfig::CachedState::InvalidateServerConfig() { |
| 191 server_config_.clear(); | 192 server_config_.clear(); |
| 192 scfg_.reset(); | 193 scfg_.reset(); |
| 193 SetProofInvalid(); | 194 SetProofInvalid(); |
| 194 std::queue<QuicConnectionId> empty_queue; | 195 std::queue<QuicConnectionId> empty_queue; |
| 196 using std::swap; |
| 195 swap(server_designated_connection_ids_, empty_queue); | 197 swap(server_designated_connection_ids_, empty_queue); |
| 196 } | 198 } |
| 197 | 199 |
| 198 void QuicCryptoClientConfig::CachedState::SetProof( | 200 void QuicCryptoClientConfig::CachedState::SetProof( |
| 199 const std::vector<string>& certs, | 201 const std::vector<string>& certs, |
| 200 QuicStringPiece cert_sct, | 202 QuicStringPiece cert_sct, |
| 201 QuicStringPiece chlo_hash, | 203 QuicStringPiece chlo_hash, |
| 202 QuicStringPiece signature) { | 204 QuicStringPiece signature) { |
| 203 bool has_changed = signature != server_config_sig_ || | 205 bool has_changed = signature != server_config_sig_ || |
| 204 chlo_hash != chlo_hash_ || certs_.size() != certs.size(); | 206 chlo_hash != chlo_hash_ || certs_.size() != certs.size(); |
| (...skipping 24 matching lines...) Expand all Loading... |
| 229 source_address_token_.clear(); | 231 source_address_token_.clear(); |
| 230 certs_.clear(); | 232 certs_.clear(); |
| 231 cert_sct_.clear(); | 233 cert_sct_.clear(); |
| 232 chlo_hash_.clear(); | 234 chlo_hash_.clear(); |
| 233 server_config_sig_.clear(); | 235 server_config_sig_.clear(); |
| 234 server_config_valid_ = false; | 236 server_config_valid_ = false; |
| 235 proof_verify_details_.reset(); | 237 proof_verify_details_.reset(); |
| 236 scfg_.reset(); | 238 scfg_.reset(); |
| 237 ++generation_counter_; | 239 ++generation_counter_; |
| 238 std::queue<QuicConnectionId> empty_queue; | 240 std::queue<QuicConnectionId> empty_queue; |
| 241 using std::swap; |
| 239 swap(server_designated_connection_ids_, empty_queue); | 242 swap(server_designated_connection_ids_, empty_queue); |
| 240 } | 243 } |
| 241 | 244 |
| 242 void QuicCryptoClientConfig::CachedState::ClearProof() { | 245 void QuicCryptoClientConfig::CachedState::ClearProof() { |
| 243 SetProofInvalid(); | 246 SetProofInvalid(); |
| 244 certs_.clear(); | 247 certs_.clear(); |
| 245 cert_sct_.clear(); | 248 cert_sct_.clear(); |
| 246 chlo_hash_.clear(); | 249 chlo_hash_.clear(); |
| 247 server_config_sig_.clear(); | 250 server_config_sig_.clear(); |
| 248 } | 251 } |
| (...skipping 243 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 492 QuicConnectionId connection_id, | 495 QuicConnectionId connection_id, |
| 493 const QuicVersion preferred_version, | 496 const QuicVersion preferred_version, |
| 494 const CachedState* cached, | 497 const CachedState* cached, |
| 495 QuicWallTime now, | 498 QuicWallTime now, |
| 496 QuicRandom* rand, | 499 QuicRandom* rand, |
| 497 const ChannelIDKey* channel_id_key, | 500 const ChannelIDKey* channel_id_key, |
| 498 QuicReferenceCountedPointer<QuicCryptoNegotiatedParameters> out_params, | 501 QuicReferenceCountedPointer<QuicCryptoNegotiatedParameters> out_params, |
| 499 CryptoHandshakeMessage* out, | 502 CryptoHandshakeMessage* out, |
| 500 string* error_details) const { | 503 string* error_details) const { |
| 501 DCHECK(error_details != nullptr); | 504 DCHECK(error_details != nullptr); |
| 505 if (QuicUtils::IsConnectionIdWireFormatBigEndian(Perspective::IS_CLIENT)) { |
| 506 connection_id = QuicEndian::HostToNet64(connection_id); |
| 507 } |
| 502 | 508 |
| 503 FillInchoateClientHello(server_id, preferred_version, cached, rand, | 509 FillInchoateClientHello(server_id, preferred_version, cached, rand, |
| 504 /* demand_x509_proof= */ true, out_params, out); | 510 /* demand_x509_proof= */ true, out_params, out); |
| 505 | 511 |
| 506 const CryptoHandshakeMessage* scfg = cached->GetServerConfig(); | 512 const CryptoHandshakeMessage* scfg = cached->GetServerConfig(); |
| 507 if (!scfg) { | 513 if (!scfg) { |
| 508 // This should never happen as our caller should have checked | 514 // This should never happen as our caller should have checked |
| 509 // cached->IsComplete() before calling this function. | 515 // cached->IsComplete() before calling this function. |
| 510 *error_details = "Handshake not ready"; | 516 *error_details = "Handshake not ready"; |
| 511 return QUIC_CRYPTO_INTERNAL_ERROR; | 517 return QUIC_CRYPTO_INTERNAL_ERROR; |
| (...skipping 300 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 812 if (rej.GetStringPiece(kServerNonceTag, &nonce)) { | 818 if (rej.GetStringPiece(kServerNonceTag, &nonce)) { |
| 813 out_params->server_nonce = nonce.as_string(); | 819 out_params->server_nonce = nonce.as_string(); |
| 814 } | 820 } |
| 815 | 821 |
| 816 if (rej.tag() == kSREJ) { | 822 if (rej.tag() == kSREJ) { |
| 817 QuicConnectionId connection_id; | 823 QuicConnectionId connection_id; |
| 818 if (rej.GetUint64(kRCID, &connection_id) != QUIC_NO_ERROR) { | 824 if (rej.GetUint64(kRCID, &connection_id) != QUIC_NO_ERROR) { |
| 819 *error_details = "Missing kRCID"; | 825 *error_details = "Missing kRCID"; |
| 820 return QUIC_CRYPTO_MESSAGE_PARAMETER_NOT_FOUND; | 826 return QUIC_CRYPTO_MESSAGE_PARAMETER_NOT_FOUND; |
| 821 } | 827 } |
| 828 if (QuicUtils::IsConnectionIdWireFormatBigEndian(Perspective::IS_CLIENT)) { |
| 829 connection_id = QuicEndian::NetToHost64(connection_id); |
| 830 } |
| 822 cached->add_server_designated_connection_id(connection_id); | 831 cached->add_server_designated_connection_id(connection_id); |
| 823 if (!nonce.empty()) { | 832 if (!nonce.empty()) { |
| 824 cached->add_server_nonce(nonce.as_string()); | 833 cached->add_server_nonce(nonce.as_string()); |
| 825 } | 834 } |
| 826 return QUIC_NO_ERROR; | 835 return QUIC_NO_ERROR; |
| 827 } | 836 } |
| 828 | 837 |
| 829 return QUIC_NO_ERROR; | 838 return QUIC_NO_ERROR; |
| 830 } | 839 } |
| 831 | 840 |
| (...skipping 151 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 983 } | 992 } |
| 984 | 993 |
| 985 // Update canonical version to point at the "most recent" entry. | 994 // Update canonical version to point at the "most recent" entry. |
| 986 canonical_server_map_[suffix_server_id] = server_id; | 995 canonical_server_map_[suffix_server_id] = server_id; |
| 987 | 996 |
| 988 server_state->InitializeFrom(*canonical_state); | 997 server_state->InitializeFrom(*canonical_state); |
| 989 return true; | 998 return true; |
| 990 } | 999 } |
| 991 | 1000 |
| 992 } // namespace net | 1001 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2808273006:
Landing Recent QUIC changes until Sun Apr 9 16:12:55 (Closed)
