net/quic/crypto/crypto_protocol.h - Issue 331143006: QUIC Crypto - return the reasons for reject message. Reject reason

Side by Side Diff: net/quic/crypto/crypto_protocol.h

Issue 331143006: QUIC Crypto - return the reasons for reject message. Reject reason (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Rebase with TOT Created 6 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« no previous file with comments | « no previous file | net/quic/crypto/crypto_server_test.cc » ('j') | net/quic/crypto/quic_crypto_client_config.cc » ('J')

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #ifndef NET_QUIC_CRYPTO_CRYPTO_PROTOCOL_H_	5 #ifndef NET_QUIC_CRYPTO_CRYPTO_PROTOCOL_H_

6 #define NET_QUIC_CRYPTO_CRYPTO_PROTOCOL_H_	6 #define NET_QUIC_CRYPTO_CRYPTO_PROTOCOL_H_

7	7

8 #include <string>	8 #include <string>

9	9

10 #include "net/base/net_export.h"	10 #include "net/base/net_export.h"

(...skipping 113 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
124 // message because the server mightn't hold state for a rejected client hello	124 // message because the server mightn't hold state for a rejected client hello

125 // and therefore the client may have issues reassembling the rejection message	125 // and therefore the client may have issues reassembling the rejection message

126 // in the event that it sent two client hellos.	126 // in the event that it sent two client hellos.

127 const QuicTag kServerNonceTag =	127 const QuicTag kServerNonceTag =

128 TAG('S', 'N', 'O', 0); // The server's nonce	128 TAG('S', 'N', 'O', 0); // The server's nonce

129 const QuicTag kSourceAddressTokenTag =	129 const QuicTag kSourceAddressTokenTag =

130 TAG('S', 'T', 'K', 0); // Source-address token	130 TAG('S', 'T', 'K', 0); // Source-address token

131 const QuicTag kCertificateTag =	131 const QuicTag kCertificateTag =

132 TAG('C', 'R', 'T', 255); // Certificate chain	132 TAG('C', 'R', 'T', 255); // Certificate chain

133	133

	134 // Reasons for server sending rejection message.

	135 const QuicTag kRejectReason = TAG('R', 'R', 'E', 'J');
	wtc 2014/06/19 00:13:24 This QUIC tag should be named kRREJ and moved up. This QUIC tag should be named kRREJ and moved up. The three QUIC tags defined here use an alternative naming convention because their values contain a non-printing character such as 0 or 255. I guess you can add a new section "Rejection tags" at line 98 and move this tag there. ramant (doing other things) 2014/06/19 01:57:34 Done. Show quoted text On 2014/06/19 00:13:24, wtc wrote: > > This QUIC tag should be named kRREJ and moved up. > > The three QUIC tags defined here use an alternative naming convention because > their values contain a non-printing character such as 0 or 255. > > I guess you can add a new section "Rejection tags" at line 98 and move this tag > there. Done.
	136

134 #undef TAG	137 #undef TAG

135	138

136 const size_t kMaxEntries = 128; // Max number of entries in a message.	139 const size_t kMaxEntries = 128; // Max number of entries in a message.

137	140

138 const size_t kNonceSize = 32; // Size in bytes of the connection nonce.	141 const size_t kNonceSize = 32; // Size in bytes of the connection nonce.

139	142

140 const size_t kOrbitSize = 8; // Number of bytes in an orbit value.	143 const size_t kOrbitSize = 8; // Number of bytes in an orbit value.

141	144

142 // kProofSignatureLabel is prepended to server configs before signing to avoid	145 // kProofSignatureLabel is prepended to server configs before signing to avoid

143 // any cross-protocol attacks on the signature.	146 // any cross-protocol attacks on the signature.

144 const char kProofSignatureLabel[] = "QUIC server config signature";	147 const char kProofSignatureLabel[] = "QUIC server config signature";

145	148

146 // kClientHelloMinimumSize is the minimum size of a client hello. Client hellos	149 // kClientHelloMinimumSize is the minimum size of a client hello. Client hellos

147 // will have PAD tags added in order to ensure this minimum is met and client	150 // will have PAD tags added in order to ensure this minimum is met and client

148 // hellos smaller than this will be an error. This minimum size reduces the	151 // hellos smaller than this will be an error. This minimum size reduces the

149 // amplification factor of any mirror DoS attack.	152 // amplification factor of any mirror DoS attack.

150 //	153 //

151 // A client may pad an inchoate client hello to a size larger than	154 // A client may pad an inchoate client hello to a size larger than

152 // kClientHelloMinimumSize to make it more likely to receive a complete	155 // kClientHelloMinimumSize to make it more likely to receive a complete

153 // rejection message.	156 // rejection message.

154 const size_t kClientHelloMinimumSize = 1024;	157 const size_t kClientHelloMinimumSize = 1024;

155	158

156 } // namespace net	159 } // namespace net

157	160

158 #endif // NET_QUIC_CRYPTO_CRYPTO_PROTOCOL_H_	161 #endif // NET_QUIC_CRYPTO_CRYPTO_PROTOCOL_H_

OLD	NEW