Chromium Code Reviews Chromium Code Reviews
Issue 342863005:
QUIC - Record reject reasons for CHLO message. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/crypto/quic_crypto_client_config.h" | 5 #include "net/quic/crypto/quic_crypto_client_config.h" |
| 6 | 6 |
| 7 #include "base/metrics/sparse_histogram.h" | |
| 7 #include "base/stl_util.h" | 8 #include "base/stl_util.h" |
| 8 #include "base/strings/string_util.h" | 9 #include "base/strings/string_util.h" |
| 9 #include "net/quic/crypto/cert_compressor.h" | 10 #include "net/quic/crypto/cert_compressor.h" |
| 10 #include "net/quic/crypto/chacha20_poly1305_encrypter.h" | 11 #include "net/quic/crypto/chacha20_poly1305_encrypter.h" |
| 11 #include "net/quic/crypto/channel_id.h" | 12 #include "net/quic/crypto/channel_id.h" |
| 12 #include "net/quic/crypto/common_cert_set.h" | 13 #include "net/quic/crypto/common_cert_set.h" |
| 13 #include "net/quic/crypto/crypto_framer.h" | 14 #include "net/quic/crypto/crypto_framer.h" |
| 14 #include "net/quic/crypto/crypto_utils.h" | 15 #include "net/quic/crypto/crypto_utils.h" |
| 15 #include "net/quic/crypto/curve25519_key_exchange.h" | 16 #include "net/quic/crypto/curve25519_key_exchange.h" |
| 16 #include "net/quic/crypto/key_exchange.h" | 17 #include "net/quic/crypto/key_exchange.h" |
| (...skipping 568 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 585 *error_details = "Proof missing"; | 586 *error_details = "Proof missing"; |
| 586 return QUIC_INVALID_CRYPTO_MESSAGE_PARAMETER; | 587 return QUIC_INVALID_CRYPTO_MESSAGE_PARAMETER; |
| 587 } | 588 } |
| 588 } | 589 } |
| 589 | 590 |
| 590 const uint32* reject_reasons; | 591 const uint32* reject_reasons; |
| 591 size_t num_reject_reasons; | 592 size_t num_reject_reasons; |
| 592 COMPILE_ASSERT(sizeof(QuicTag) == sizeof(uint32), header_out_of_sync); | 593 COMPILE_ASSERT(sizeof(QuicTag) == sizeof(uint32), header_out_of_sync); |
| 593 if (rej.GetTaglist(kRREJ, &reject_reasons, | 594 if (rej.GetTaglist(kRREJ, &reject_reasons, |
| 594 &num_reject_reasons) == QUIC_NO_ERROR) { | 595 &num_reject_reasons) == QUIC_NO_ERROR) { |
| 595 #if defined(DEBUG) | 596 uint32 packed_error = 0; |
| 596 for (size_t i = 0; i < num_reject_reasons; ++i) { | 597 for (size_t i = 0; i < num_reject_reasons; ++i) { |
| 597 DVLOG(1) << "Reasons for rejection: " << reject_reasons[i]; | 598 HandshakeFailureReason reason = |
| 599 static_cast<HandshakeFailureReason>(reject_reasons[i]); | |
| 600 packed_error |= RejectReasonToPackedError(reason); | |
| 598 } | 601 } |
| 599 #endif | 602 UMA_HISTOGRAM_SPARSE_SLOWLY("Net.QuicClientHelloRejectReasons", |
| 603 packed_error); | |
| 600 } | 604 } |
| 601 | 605 |
| 602 return QUIC_NO_ERROR; | 606 return QUIC_NO_ERROR; |
| 603 } | 607 } |
| 604 | 608 |
| 609 uint32 QuicCryptoClientConfig::RejectReasonToPackedError( | |
| 610 HandshakeFailureReason reason) { | |
| 611 enum RejectReasonShift { | |
| 612 CLIENT_NONCE_SHIFT = 5, | |
| 613 SERVER_NONCE_SHIFT = 10, | |
| 614 SERVER_CONFIG_SHIFT = 15, | |
| 615 SOURCE_ADDRESS_TOKEN_SHIFT = 20, | |
|
Ryan Hamilton
2014/06/21 03:02:29
If you were really excited, you could add some com
ramant (doing other things)
2014/06/23 17:27:35
Done.
| |
| 616 }; | |
| 617 | |
| 618 if (reason < CLIENT_NONCE_UNKNOWN_FAILURE) { | |
| 619 return reason; | |
| 620 } | |
| 621 if (reason < SERVER_NONCE_INVALID_FAILURE) { | |
| 622 return (reason - CLIENT_NONCE_UNKNOWN_FAILURE + 1) << CLIENT_NONCE_SHIFT; | |
| 623 } | |
| 624 if (reason < SERVER_CONFIG_INCHOATE_HELLO_FAILURE) { | |
| 625 return (reason - SERVER_NONCE_INVALID_FAILURE + 1) << SERVER_NONCE_SHIFT; | |
| 626 } | |
| 627 if (reason < SOURCE_ADDRESS_TOKEN_INVALID_FAILURE) { | |
| 628 return (reason - SERVER_CONFIG_INCHOATE_HELLO_FAILURE + 1) << | |
| 629 SERVER_CONFIG_SHIFT; | |
| 630 } | |
| 631 return (reason - SOURCE_ADDRESS_TOKEN_INVALID_FAILURE + 1) << | |
| 632 SOURCE_ADDRESS_TOKEN_SHIFT; | |
| 633 } | |
| 634 | |
| 605 QuicErrorCode QuicCryptoClientConfig::ProcessServerHello( | 635 QuicErrorCode QuicCryptoClientConfig::ProcessServerHello( |
| 606 const CryptoHandshakeMessage& server_hello, | 636 const CryptoHandshakeMessage& server_hello, |
| 607 QuicConnectionId connection_id, | 637 QuicConnectionId connection_id, |
| 608 const QuicVersionVector& negotiated_versions, | 638 const QuicVersionVector& negotiated_versions, |
| 609 CachedState* cached, | 639 CachedState* cached, |
| 610 QuicCryptoNegotiatedParameters* out_params, | 640 QuicCryptoNegotiatedParameters* out_params, |
| 611 string* error_details) { | 641 string* error_details) { |
| 612 DCHECK(error_details != NULL); | 642 DCHECK(error_details != NULL); |
| 613 | 643 |
| 614 if (server_hello.tag() != kSHLO) { | 644 if (server_hello.tag() != kSHLO) { |
| (...skipping 141 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 756 return; | 786 return; |
| 757 } | 787 } |
| 758 | 788 |
| 759 // Update canonical version to point at the "most recent" entry. | 789 // Update canonical version to point at the "most recent" entry. |
| 760 canonical_server_map_[suffix_server_id] = server_id; | 790 canonical_server_map_[suffix_server_id] = server_id; |
| 761 | 791 |
| 762 server_state->InitializeFrom(*canonical_state); | 792 server_state->InitializeFrom(*canonical_state); |
| 763 } | 793 } |
| 764 | 794 |
| 765 } // namespace net | 795 } // namespace net |
| OLD | NEW |
