Chromium Code Reviews| OLD | NEW |
|---|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/crypto/quic_crypto_server_config.h" | 5 #include "net/quic/crypto/quic_crypto_server_config.h" |
| 6 | 6 |
| 7 #include <stdlib.h> | 7 #include <stdlib.h> |
| 8 #include <algorithm> | 8 #include <algorithm> |
| 9 | 9 |
| 10 #include "base/stl_util.h" | 10 #include "base/stl_util.h" |
| (...skipping 130 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 141 class VerifyNonceIsValidAndUniqueCallback | 141 class VerifyNonceIsValidAndUniqueCallback |
| 142 : public StrikeRegisterClient::ResultCallback { | 142 : public StrikeRegisterClient::ResultCallback { |
| 143 public: | 143 public: |
| 144 VerifyNonceIsValidAndUniqueCallback( | 144 VerifyNonceIsValidAndUniqueCallback( |
| 145 ValidateClientHelloResultCallback::Result* result, | 145 ValidateClientHelloResultCallback::Result* result, |
| 146 ValidateClientHelloResultCallback* done_cb) | 146 ValidateClientHelloResultCallback* done_cb) |
| 147 : result_(result), done_cb_(done_cb) { | 147 : result_(result), done_cb_(done_cb) { |
| 148 } | 148 } |
| 149 | 149 |
| 150 protected: | 150 protected: |
| 151 virtual void RunImpl(bool nonce_is_valid_and_unique) OVERRIDE { | 151 virtual void RunImpl(bool nonce_is_valid_and_unique, |
| 152 DVLOG(1) << "Using client nonce, unique: " << nonce_is_valid_and_unique; | 152 InsertStatus nonce_error) OVERRIDE { |
| 153 DVLOG(1) << "Using client nonce, unique: " << nonce_is_valid_and_unique | |
| 154 << " nonce_error: " << nonce_error; | |
| 153 result_->info.unique = nonce_is_valid_and_unique; | 155 result_->info.unique = nonce_is_valid_and_unique; |
| 154 // TODO(rtenneti): Implement capturing of error from strike register. | |
| 155 // Temporarily treat them as CLIENT_NONCE_INVALID_FAILURE. | |
| 156 if (!nonce_is_valid_and_unique) { | 156 if (!nonce_is_valid_and_unique) { |
| 157 result_->info.reject_reasons.push_back(CLIENT_NONCE_INVALID_FAILURE); | 157 HandshakeFailureReason client_nonce_error; |
| 158 switch (nonce_error) { | |
| 159 case NONCE_INVALID_FAILURE: | |
| 160 client_nonce_error = CLIENT_NONCE_INVALID_FAILURE; | |
| 161 break; | |
| 162 case NONCE_NOT_UNIQUE_FAILURE: | |
| 163 client_nonce_error = CLIENT_NONCE_NOT_UNIQUE_FAILURE; | |
| 164 break; | |
| 165 case NONCE_INVALID_ORBIT_FAILURE: | |
| 166 client_nonce_error = CLIENT_NONCE_INVALID_ORBIT_FAILURE; | |
| 167 break; | |
| 168 case NONCE_INVALID_TIME_FAILURE: | |
| 169 client_nonce_error = CLIENT_NONCE_INVALID_TIME_FAILURE; | |
| 170 break; | |
| 171 case STRIKE_REGISTER_TIMEOUT: | |
| 172 client_nonce_error = CLIENT_NONCE_STRIKE_REGISTER_TIMEOUT; | |
| 173 break; | |
| 174 case STRIKE_REGISTER_FAILURE: | |
| 175 client_nonce_error = CLIENT_NONCE_STRIKE_REGISTER_FAILURE; | |
| 176 break; | |
| 177 case NONCE_OK: | |
| 178 case NONCE_UNKNOWN_FAILURE: | |
| 179 default: | |
| 180 LOG(WARNING) << "Unexpected nonce error: " << nonce_error; | |
| 181 client_nonce_error = CLIENT_NONCE_UNKNOWN_FAILURE; | |
| 182 break; | |
| 183 } | |
| 184 result_->info.reject_reasons.push_back(client_nonce_error); | |
| 158 } | 185 } |
| 159 done_cb_->Run(result_); | 186 done_cb_->Run(result_); |
| 160 } | 187 } |
| 161 | 188 |
| 162 private: | 189 private: |
| 163 ValidateClientHelloResultCallback::Result* result_; | 190 ValidateClientHelloResultCallback::Result* result_; |
| 164 ValidateClientHelloResultCallback* done_cb_; | 191 ValidateClientHelloResultCallback* done_cb_; |
| 165 | 192 |
| 166 DISALLOW_COPY_AND_ASSIGN(VerifyNonceIsValidAndUniqueCallback); | 193 DISALLOW_COPY_AND_ASSIGN(VerifyNonceIsValidAndUniqueCallback); |
| 167 }; | 194 }; |
| (...skipping 1265 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1433 } | 1460 } |
| 1434 | 1461 |
| 1435 uint8 server_nonce[32]; | 1462 uint8 server_nonce[32]; |
| 1436 memcpy(server_nonce, plaintext.data(), 4); | 1463 memcpy(server_nonce, plaintext.data(), 4); |
| 1437 memcpy(server_nonce + 4, server_nonce_orbit_, sizeof(server_nonce_orbit_)); | 1464 memcpy(server_nonce + 4, server_nonce_orbit_, sizeof(server_nonce_orbit_)); |
| 1438 memcpy(server_nonce + 4 + sizeof(server_nonce_orbit_), plaintext.data() + 4, | 1465 memcpy(server_nonce + 4 + sizeof(server_nonce_orbit_), plaintext.data() + 4, |
| 1439 20); | 1466 20); |
| 1440 COMPILE_ASSERT(4 + sizeof(server_nonce_orbit_) + 20 == sizeof(server_nonce), | 1467 COMPILE_ASSERT(4 + sizeof(server_nonce_orbit_) + 20 == sizeof(server_nonce), |
| 1441 bad_nonce_buffer_length); | 1468 bad_nonce_buffer_length); |
| 1442 | 1469 |
| 1443 bool is_unique; | 1470 InsertStatus nonce_error; |
| 1444 { | 1471 { |
| 1445 base::AutoLock auto_lock(server_nonce_strike_register_lock_); | 1472 base::AutoLock auto_lock(server_nonce_strike_register_lock_); |
| 1446 if (server_nonce_strike_register_.get() == NULL) { | 1473 if (server_nonce_strike_register_.get() == NULL) { |
| 1447 server_nonce_strike_register_.reset(new StrikeRegister( | 1474 server_nonce_strike_register_.reset(new StrikeRegister( |
| 1448 server_nonce_strike_register_max_entries_, | 1475 server_nonce_strike_register_max_entries_, |
| 1449 static_cast<uint32>(now.ToUNIXSeconds()), | 1476 static_cast<uint32>(now.ToUNIXSeconds()), |
| 1450 server_nonce_strike_register_window_secs_, server_nonce_orbit_, | 1477 server_nonce_strike_register_window_secs_, server_nonce_orbit_, |
| 1451 StrikeRegister::NO_STARTUP_PERIOD_NEEDED)); | 1478 StrikeRegister::NO_STARTUP_PERIOD_NEEDED)); |
| 1452 } | 1479 } |
| 1453 is_unique = server_nonce_strike_register_->Insert( | 1480 nonce_error = server_nonce_strike_register_->Insert( |
| 1454 server_nonce, static_cast<uint32>(now.ToUNIXSeconds())); | 1481 server_nonce, static_cast<uint32>(now.ToUNIXSeconds())); |
| 1455 } | 1482 } |
| 1456 | 1483 |
| 1457 return is_unique ? HANDSHAKE_OK : SERVER_NONCE_NOT_UNIQUE_FAILURE; | 1484 if (nonce_error == NONCE_OK) { |
| 1485 return HANDSHAKE_OK; | |
| 1486 } | |
| 1487 switch (nonce_error) { | |
| 1488 case NONCE_INVALID_FAILURE: | |
| 1489 return SERVER_NONCE_INVALID_FAILURE; | |
| 1490 case NONCE_NOT_UNIQUE_FAILURE: | |
| 1491 return SERVER_NONCE_NOT_UNIQUE_FAILURE; | |
| 1492 case NONCE_INVALID_TIME_FAILURE: | |
| 1493 return SERVER_NONCE_INVALID_TIME_FAILURE; | |
| 1494 case NONCE_OK: | |
|
wtc
2014/07/14 21:52:28
This case cannot happen because of the check and e
ramant (doing other things)
2014/07/14 22:16:06
Thanks much.
Done.
| |
| 1495 case NONCE_UNKNOWN_FAILURE: | |
| 1496 case NONCE_INVALID_ORBIT_FAILURE: | |
| 1497 case STRIKE_REGISTER_TIMEOUT: | |
| 1498 case STRIKE_REGISTER_FAILURE: | |
| 1499 default: | |
| 1500 LOG(WARNING) << "Unexpected nonce error: " << nonce_error; | |
| 1501 return SERVER_NONCE_NOT_UNIQUE_FAILURE; | |
| 1502 } | |
| 1503 return SERVER_NONCE_NOT_UNIQUE_FAILURE; | |
|
wtc
2014/07/14 21:52:28
Because of the "default" case in the switch statem
ramant (doing other things)
2014/07/14 22:16:06
Done.
| |
| 1458 } | 1504 } |
| 1459 | 1505 |
| 1460 QuicCryptoServerConfig::Config::Config() | 1506 QuicCryptoServerConfig::Config::Config() |
| 1461 : channel_id_enabled(false), | 1507 : channel_id_enabled(false), |
| 1462 is_primary(false), | 1508 is_primary(false), |
| 1463 primary_time(QuicWallTime::Zero()), | 1509 primary_time(QuicWallTime::Zero()), |
| 1464 priority(0), | 1510 priority(0), |
| 1465 source_address_token_boxer(NULL) {} | 1511 source_address_token_boxer(NULL) {} |
| 1466 | 1512 |
| 1467 QuicCryptoServerConfig::Config::~Config() { STLDeleteElements(&key_exchanges); } | 1513 QuicCryptoServerConfig::Config::~Config() { STLDeleteElements(&key_exchanges); } |
| 1468 | 1514 |
| 1469 } // namespace net | 1515 } // namespace net |
| OLD | NEW |