Chromium Code Reviews Chromium Code Reviews
Issue 342863005:
QUIC - Record reject reasons for CHLO message. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/crypto/quic_crypto_client_config.h" | 5 #include "net/quic/crypto/quic_crypto_client_config.h" |
| 6 | 6 |
| 7 #include "base/metrics/sparse_histogram.h" | |
| 7 #include "base/stl_util.h" | 8 #include "base/stl_util.h" |
| 8 #include "base/strings/string_util.h" | 9 #include "base/strings/string_util.h" |
| 9 #include "net/quic/crypto/cert_compressor.h" | 10 #include "net/quic/crypto/cert_compressor.h" |
| 10 #include "net/quic/crypto/chacha20_poly1305_encrypter.h" | 11 #include "net/quic/crypto/chacha20_poly1305_encrypter.h" |
| 11 #include "net/quic/crypto/channel_id.h" | 12 #include "net/quic/crypto/channel_id.h" |
| 12 #include "net/quic/crypto/common_cert_set.h" | 13 #include "net/quic/crypto/common_cert_set.h" |
| 13 #include "net/quic/crypto/crypto_framer.h" | 14 #include "net/quic/crypto/crypto_framer.h" |
| 14 #include "net/quic/crypto/crypto_utils.h" | 15 #include "net/quic/crypto/crypto_utils.h" |
| 15 #include "net/quic/crypto/curve25519_key_exchange.h" | 16 #include "net/quic/crypto/curve25519_key_exchange.h" |
| 16 #include "net/quic/crypto/key_exchange.h" | 17 #include "net/quic/crypto/key_exchange.h" |
| (...skipping 568 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 585 *error_details = "Proof missing"; | 586 *error_details = "Proof missing"; |
| 586 return QUIC_INVALID_CRYPTO_MESSAGE_PARAMETER; | 587 return QUIC_INVALID_CRYPTO_MESSAGE_PARAMETER; |
| 587 } | 588 } |
| 588 } | 589 } |
| 589 | 590 |
| 590 const uint32* reject_reasons; | 591 const uint32* reject_reasons; |
| 591 size_t num_reject_reasons; | 592 size_t num_reject_reasons; |
| 592 COMPILE_ASSERT(sizeof(QuicTag) == sizeof(uint32), header_out_of_sync); | 593 COMPILE_ASSERT(sizeof(QuicTag) == sizeof(uint32), header_out_of_sync); |
| 593 if (rej.GetTaglist(kRREJ, &reject_reasons, | 594 if (rej.GetTaglist(kRREJ, &reject_reasons, |
| 594 &num_reject_reasons) == QUIC_NO_ERROR) { | 595 &num_reject_reasons) == QUIC_NO_ERROR) { |
| 595 #if defined(DEBUG) | 596 uint32 packed_error = 0; |
| 596 for (size_t i = 0; i < num_reject_reasons; ++i) { | 597 for (size_t i = 0; i < num_reject_reasons; ++i) { |
| 597 DVLOG(1) << "Reasons for rejection: " << reject_reasons[i]; | 598 HandshakeFailureReason reason = |
| 599 static_cast<HandshakeFailureReason>(reject_reasons[i]); | |
| 600 packed_error |= RejectReasonToPackedError(reason); | |
| 598 } | 601 } |
| 599 #endif | 602 UMA_HISTOGRAM_SPARSE_SLOWLY("Net.QuicClientHelloRejectReasons", |
| 603 packed_error); | |
| 600 } | 604 } |
| 601 | 605 |
| 602 return QUIC_NO_ERROR; | 606 return QUIC_NO_ERROR; |
| 603 } | 607 } |
| 604 | 608 |
| 609 uint32 QuicCryptoClientConfig::RejectReasonToPackedError( | |
| 610 HandshakeFailureReason reason) { | |
| 611 // The return value is uploaded to UMA, they cannot be changed. | |
| 612 switch (reason) { | |
| 613 case HANDSHAKE_OK: | |
| 614 return 0; | |
| 615 case CLIENT_NONCE_UNKNOWN_FAILURE: | |
|
Ryan Hamilton
2014/06/24 21:09:24
Let's renumber these enum values to avoid the gaps
ramant (doing other things)
2014/07/14 22:04:13
Done.
| |
| 616 return 1u << 5; | |
| 617 case CLIENT_NONCE_INVALID_FAILURE: | |
| 618 return 2u << 5; | |
| 619 case SERVER_NONCE_INVALID_FAILURE: | |
| 620 return 1u << 10; | |
| 621 case SERVER_NONCE_DECRYPTION_FAILURE: | |
| 622 return 2u << 10; | |
| 623 case SERVER_NONCE_NOT_UNIQUE_FAILURE: | |
| 624 return 3u << 10; | |
| 625 case SERVER_CONFIG_INCHOATE_HELLO_FAILURE: | |
| 626 return 1u << 15; | |
| 627 case SERVER_CONFIG_UNKNOWN_CONFIG_FAILURE: | |
| 628 return 2u << 15; | |
| 629 case SOURCE_ADDRESS_TOKEN_INVALID_FAILURE: | |
| 630 return 1u << 20; | |
| 631 case SOURCE_ADDRESS_TOKEN_DECRYPTION_FAILURE: | |
| 632 return 2u << 20; | |
| 633 case SOURCE_ADDRESS_TOKEN_PARSE_FAILURE: | |
| 634 return 3u << 20; | |
| 635 case SOURCE_ADDRESS_TOKEN_DIFFERENT_IP_ADDRESS_FAILURE: | |
| 636 return 4u << 20; | |
| 637 case SOURCE_ADDRESS_TOKEN_CLOCK_SKEW_FAILURE: | |
| 638 return 5u << 20; | |
| 639 case SOURCE_ADDRESS_TOKEN_EXPIRED_FAILURE: | |
| 640 return 6u << 20; | |
| 641 default: | |
| 642 NOTREACHED(); | |
| 643 return 1u << 31; | |
| 644 } | |
| 645 } | |
| 646 | |
| 605 QuicErrorCode QuicCryptoClientConfig::ProcessServerHello( | 647 QuicErrorCode QuicCryptoClientConfig::ProcessServerHello( |
| 606 const CryptoHandshakeMessage& server_hello, | 648 const CryptoHandshakeMessage& server_hello, |
| 607 QuicConnectionId connection_id, | 649 QuicConnectionId connection_id, |
| 608 const QuicVersionVector& negotiated_versions, | 650 const QuicVersionVector& negotiated_versions, |
| 609 CachedState* cached, | 651 CachedState* cached, |
| 610 QuicCryptoNegotiatedParameters* out_params, | 652 QuicCryptoNegotiatedParameters* out_params, |
| 611 string* error_details) { | 653 string* error_details) { |
| 612 DCHECK(error_details != NULL); | 654 DCHECK(error_details != NULL); |
| 613 | 655 |
| 614 if (server_hello.tag() != kSHLO) { | 656 if (server_hello.tag() != kSHLO) { |
| (...skipping 141 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 756 return; | 798 return; |
| 757 } | 799 } |
| 758 | 800 |
| 759 // Update canonical version to point at the "most recent" entry. | 801 // Update canonical version to point at the "most recent" entry. |
| 760 canonical_server_map_[suffix_server_id] = server_id; | 802 canonical_server_map_[suffix_server_id] = server_id; |
| 761 | 803 |
| 762 server_state->InitializeFrom(*canonical_state); | 804 server_state->InitializeFrom(*canonical_state); |
| 763 } | 805 } |
| 764 | 806 |
| 765 } // namespace net | 807 } // namespace net |
| OLD | NEW |
