Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(872)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/quic/crypto/quic_crypto_server_config.cc

Issue 497553004: Landing Recent QUIC Changes. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Rebase with TOT Created 6 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/quic/crypto/quic_crypto_server_config.h ('k') | net/quic/crypto/quic_crypto_server_config_test.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/quic/crypto/quic_crypto_server_config.h" 5 #include "net/quic/crypto/quic_crypto_server_config.h"
6 6
7 #include <stdlib.h> 7 #include <stdlib.h>
8 #include <algorithm> 8 #include <algorithm>
9 9
10 #include "base/stl_util.h" 10 #include "base/stl_util.h"
(...skipping 757 matching lines...) Expand 10 before | Expand all | Expand 10 after
768 out->set_tag(kSHLO); 768 out->set_tag(kSHLO);
769 QuicTagVector supported_version_tags; 769 QuicTagVector supported_version_tags;
770 for (size_t i = 0; i < supported_versions.size(); ++i) { 770 for (size_t i = 0; i < supported_versions.size(); ++i) {
771 supported_version_tags.push_back 771 supported_version_tags.push_back
772 (QuicVersionToQuicTag(supported_versions[i])); 772 (QuicVersionToQuicTag(supported_versions[i]));
773 } 773 }
774 out->SetVector(kVER, supported_version_tags); 774 out->SetVector(kVER, supported_version_tags);
775 out->SetStringPiece(kSourceAddressTokenTag, 775 out->SetStringPiece(kSourceAddressTokenTag,
776 NewSourceAddressToken( 776 NewSourceAddressToken(
777 *requested_config, 777 *requested_config,
778 client_address, rand, 778 client_address,
779 info.now)); 779 rand,
780 info.now,
781 NULL));
780 QuicSocketAddressCoder address_coder(client_address); 782 QuicSocketAddressCoder address_coder(client_address);
781 out->SetStringPiece(kCADR, address_coder.Encode()); 783 out->SetStringPiece(kCADR, address_coder.Encode());
782 out->SetStringPiece(kPUBS, forward_secure_public_value); 784 out->SetStringPiece(kPUBS, forward_secure_public_value);
783 785
784 return QUIC_NO_ERROR; 786 return QUIC_NO_ERROR;
785 } 787 }
786 788
787 scoped_refptr<QuicCryptoServerConfig::Config> 789 scoped_refptr<QuicCryptoServerConfig::Config>
788 QuicCryptoServerConfig::GetConfigWithScid(StringPiece requested_scid) const { 790 QuicCryptoServerConfig::GetConfigWithScid(StringPiece requested_scid) const {
789 // In Chromium, we will dead lock if the lock is held by the current thread. 791 // In Chromium, we will dead lock if the lock is held by the current thread.
(...skipping 247 matching lines...) Expand 10 before | Expand all | Expand 10 after
1037 info->now, 1039 info->now,
1038 new VerifyNonceIsValidAndUniqueCallback(client_hello_state, done_cb)); 1040 new VerifyNonceIsValidAndUniqueCallback(client_hello_state, done_cb));
1039 helper.StartedAsyncCallback(); 1041 helper.StartedAsyncCallback();
1040 } 1042 }
1041 1043
1042 bool QuicCryptoServerConfig::BuildServerConfigUpdateMessage( 1044 bool QuicCryptoServerConfig::BuildServerConfigUpdateMessage(
1043 const IPEndPoint& client_ip, 1045 const IPEndPoint& client_ip,
1044 const QuicClock* clock, 1046 const QuicClock* clock,
1045 QuicRandom* rand, 1047 QuicRandom* rand,
1046 const QuicCryptoNegotiatedParameters& params, 1048 const QuicCryptoNegotiatedParameters& params,
1049 const CachedNetworkParameters* cached_network_params,
1047 CryptoHandshakeMessage* out) const { 1050 CryptoHandshakeMessage* out) const {
1048 base::AutoLock locked(configs_lock_); 1051 base::AutoLock locked(configs_lock_);
1049 out->set_tag(kSCUP); 1052 out->set_tag(kSCUP);
1050 out->SetStringPiece(kSCFG, primary_config_->serialized); 1053 out->SetStringPiece(kSCFG, primary_config_->serialized);
1051 out->SetStringPiece(kSourceAddressTokenTag, 1054 out->SetStringPiece(kSourceAddressTokenTag,
1052 NewSourceAddressToken(*primary_config_, 1055 NewSourceAddressToken(*primary_config_,
1053 client_ip, 1056 client_ip,
1054 rand, 1057 rand,
1055 clock->WallNow())); 1058 clock->WallNow(),
1059 cached_network_params));
1056 1060
1057 if (proof_source_ == NULL) { 1061 if (proof_source_ == NULL) {
1058 // Insecure QUIC, can send SCFG without proof. 1062 // Insecure QUIC, can send SCFG without proof.
1059 return true; 1063 return true;
1060 } 1064 }
1061 1065
1062 const vector<string>* certs; 1066 const vector<string>* certs;
1063 string signature; 1067 string signature;
1064 if (!proof_source_->GetProof(params.sni, primary_config_->serialized, 1068 if (!proof_source_->GetProof(params.sni, primary_config_->serialized,
1065 params.x509_ecdsa_supported, &certs, 1069 params.x509_ecdsa_supported, &certs,
(...skipping 18 matching lines...) Expand all
1084 QuicRandom* rand, 1088 QuicRandom* rand,
1085 QuicCryptoNegotiatedParameters *params, 1089 QuicCryptoNegotiatedParameters *params,
1086 CryptoHandshakeMessage* out) const { 1090 CryptoHandshakeMessage* out) const {
1087 out->set_tag(kREJ); 1091 out->set_tag(kREJ);
1088 out->SetStringPiece(kSCFG, config.serialized); 1092 out->SetStringPiece(kSCFG, config.serialized);
1089 out->SetStringPiece(kSourceAddressTokenTag, 1093 out->SetStringPiece(kSourceAddressTokenTag,
1090 NewSourceAddressToken( 1094 NewSourceAddressToken(
1091 config, 1095 config,
1092 info.client_ip, 1096 info.client_ip,
1093 rand, 1097 rand,
1094 info.now)); 1098 info.now,
1099 NULL));
1095 if (replay_protection_) { 1100 if (replay_protection_) {
1096 out->SetStringPiece(kServerNonceTag, NewServerNonce(rand, info.now)); 1101 out->SetStringPiece(kServerNonceTag, NewServerNonce(rand, info.now));
1097 } 1102 }
1098 1103
1099 if (FLAGS_send_quic_crypto_reject_reason) { 1104 if (FLAGS_send_quic_crypto_reject_reason) {
1100 // Send client the reject reason for debugging purposes. 1105 // Send client the reject reason for debugging purposes.
1101 DCHECK_LT(0u, info.reject_reasons.size()); 1106 DCHECK_LT(0u, info.reject_reasons.size());
1102 out->SetVector(kRREJ, info.reject_reasons); 1107 out->SetVector(kRREJ, info.reject_reasons);
1103 } 1108 }
1104 1109
(...skipping 297 matching lines...) Expand 10 before | Expand all | Expand 10 after
1402 DCHECK(!server_nonce_strike_register_.get()); 1407 DCHECK(!server_nonce_strike_register_.get());
1403 server_nonce_strike_register_window_secs_ = window_secs; 1408 server_nonce_strike_register_window_secs_ = window_secs;
1404 } 1409 }
1405 1410
1406 void QuicCryptoServerConfig::AcquirePrimaryConfigChangedCb( 1411 void QuicCryptoServerConfig::AcquirePrimaryConfigChangedCb(
1407 PrimaryConfigChangedCallback* cb) { 1412 PrimaryConfigChangedCallback* cb) {
1408 base::AutoLock locked(configs_lock_); 1413 base::AutoLock locked(configs_lock_);
1409 primary_config_changed_cb_.reset(cb); 1414 primary_config_changed_cb_.reset(cb);
1410 } 1415 }
1411 1416
1412 string QuicCryptoServerConfig::NewSourceAddressToken(const Config& config, 1417 string QuicCryptoServerConfig::NewSourceAddressToken(
1413 const IPEndPoint& ip, 1418 const Config& config,
1414 QuicRandom* rand, 1419 const IPEndPoint& ip,
1415 QuicWallTime now) const { 1420 QuicRandom* rand,
1416 SourceAddressToken source_address_token; 1421 QuicWallTime now,
1422 const CachedNetworkParameters* cached_network_params) const {
1417 IPAddressNumber ip_address = ip.address(); 1423 IPAddressNumber ip_address = ip.address();
1418 if (ip.GetSockAddrFamily() == AF_INET) { 1424 if (ip.GetSockAddrFamily() == AF_INET) {
1419 ip_address = ConvertIPv4NumberToIPv6Number(ip_address); 1425 ip_address = ConvertIPv4NumberToIPv6Number(ip_address);
1420 } 1426 }
1427 SourceAddressToken source_address_token;
1421 source_address_token.set_ip(IPAddressToPackedString(ip_address)); 1428 source_address_token.set_ip(IPAddressToPackedString(ip_address));
1422 source_address_token.set_timestamp(now.ToUNIXSeconds()); 1429 source_address_token.set_timestamp(now.ToUNIXSeconds());
1430 if (cached_network_params != NULL) {
1431 source_address_token.set_cached_network_parameters(*cached_network_params);
1432 }
1423 1433
1424 return config.source_address_token_boxer->Box( 1434 return config.source_address_token_boxer->Box(
1425 rand, source_address_token.SerializeAsString()); 1435 rand, source_address_token.SerializeAsString());
1426 } 1436 }
1427 1437
1428 HandshakeFailureReason QuicCryptoServerConfig::ValidateSourceAddressToken( 1438 HandshakeFailureReason QuicCryptoServerConfig::ValidateSourceAddressToken(
1429 const Config& config, 1439 const Config& config,
1430 StringPiece token, 1440 StringPiece token,
1431 const IPEndPoint& ip, 1441 const IPEndPoint& ip,
1432 QuicWallTime now) const { 1442 QuicWallTime now) const {
(...skipping 121 matching lines...) Expand 10 before | Expand all | Expand 10 after
1554 QuicCryptoServerConfig::Config::Config() 1564 QuicCryptoServerConfig::Config::Config()
1555 : channel_id_enabled(false), 1565 : channel_id_enabled(false),
1556 is_primary(false), 1566 is_primary(false),
1557 primary_time(QuicWallTime::Zero()), 1567 primary_time(QuicWallTime::Zero()),
1558 priority(0), 1568 priority(0),
1559 source_address_token_boxer(NULL) {} 1569 source_address_token_boxer(NULL) {}
1560 1570
1561 QuicCryptoServerConfig::Config::~Config() { STLDeleteElements(&key_exchanges); } 1571 QuicCryptoServerConfig::Config::~Config() { STLDeleteElements(&key_exchanges); }
1562 1572
1563 } // namespace net 1573 } // namespace net
OLDNEW
« no previous file with comments | « net/quic/crypto/quic_crypto_server_config.h ('k') | net/quic/crypto/quic_crypto_server_config_test.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698