net/quic/crypto/crypto_server_config.h - Issue 17302002: Land Recent QUIC changes.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/quic/crypto/crypto_server_config.h

Issue 17302002: Land Recent QUIC changes. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 7 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/quic/crypto/crypto_server_config.h

diff --git a/net/quic/crypto/crypto_server_config.h b/net/quic/crypto/crypto_server_config.h

index 726bd783862018bd8907efedb0bb786e218a9d87..f4816b69048725075ec13ce9898f149c66a018b0 100644

--- a/net/quic/crypto/crypto_server_config.h

+++ b/net/quic/crypto/crypto_server_config.h

@@ -142,6 +142,13 @@ class NET_EXPORT_PRIVATE QuicCryptoServerConfig {

// per-connection.

void SetEphemeralKeySource(EphemeralKeySource* ephemeral_key_source);

+ // set_replay_protection controls whether replay protection is enabled. If

+ // replay protection is disabled then no strike registers are needed and

+ // frontends can share an orbit value without a shared strike-register.

+ // However, an attacker can duplicate a handshake and cause a client's

+ // request to be processed twice.

+ void set_replay_protection(bool on);

// set_strike_register_max_entries sets the maximum number of entries that

// the internal strike register will hold. If the strike register fills up

// then the oldest entries (by the client's clock) will be dropped.

@@ -225,6 +232,8 @@ class NET_EXPORT_PRIVATE QuicCryptoServerConfig {

DISALLOW_COPY_AND_ASSIGN(Config);

};

+ typedef std::map<ServerConfigID, scoped_refptr<Config> > ConfigMap;

// ConfigPrimaryTimeLessThan returns true if a->primary_time <

// b->primary_time.

static bool ConfigPrimaryTimeLessThan(const scoped_refptr<Config>& a,

@@ -280,6 +289,10 @@ class NET_EXPORT_PRIVATE QuicCryptoServerConfig {

bool ValidateServerNonce(base::StringPiece echoed_server_nonce,

QuicWallTime now) const;

+ // replay_protection_ controls whether the server enforces that handshakes

+ // aren't replays.

+ bool replay_protection_;

// configs_ satisfies the following invariants:

// 1) configs_.empty() <-> primary_config_ == NULL

// 2) primary_config_ != NULL -> primary_config_->is_primary

@@ -287,7 +300,6 @@ class NET_EXPORT_PRIVATE QuicCryptoServerConfig {

mutable base::Lock configs_lock_;

// configs_ contains all active server configs. It's expected that there are

// about half-a-dozen configs active at any one time.

- typedef std::map<ServerConfigID, scoped_refptr<Config> > ConfigMap;

ConfigMap configs_;

// primary_config_ points to a Config (which is also in |configs_|) which is

// the primary config - i.e. the one that we'll give out to new clients.

« no previous file with comments | « net/quic/crypto/crypto_handshake_test.cc ('k') | net/quic/crypto/crypto_server_config.cc » ('j') | no next file with comments »