Land Recent QUIC changes.

net/quic/crypto/crypto_server_config.cc

 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/quic/crypto/crypto_server_config.h"
 
 #include <stdlib.h>
 #include <algorithm>
 
 #include "base/stl_util.h"
@@ skipping 119 matching lines @@
 
   if (options.id.empty()) {
     char scid_bytes[16];
     rand->RandBytes(scid_bytes, sizeof(scid_bytes));
     msg.SetStringPiece(kSCID, StringPiece(scid_bytes, sizeof(scid_bytes)));
   } else {
     msg.SetStringPiece(kSCID, options.id);
   }
 
   char orbit_bytes[kOrbitSize];
-  rand->RandBytes(orbit_bytes, sizeof(orbit_bytes));
+  if (options.orbit.size() == kOrbitSize) {
+    memcpy(orbit_bytes, options.orbit.data(), sizeof(orbit_bytes));
+  } else {
+    DCHECK(options.orbit.empty());
+    rand->RandBytes(orbit_bytes, sizeof(orbit_bytes));
+  }
   msg.SetStringPiece(kORBT, StringPiece(orbit_bytes, sizeof(orbit_bytes)));
 
   if (options.channel_id_enabled) {
     msg.SetTaglist(kPDMD, kCHID, 0);
   }
 
   scoped_ptr<QuicData> serialized(CryptoFramer::ConstructHandshakeMessage(msg));
 
   scoped_ptr<QuicServerConfigProtobuf> config(new QuicServerConfigProtobuf);
   config->set_config(serialized->AsStringPiece());
@@ skipping 516 matching lines @@
   out->SetStringPiece(kSourceAddressTokenTag,
                       NewSourceAddressToken(info.client_ip, rand, info.now));
   if (replay_protection_) {
     out->SetStringPiece(kServerNonceTag, NewServerNonce(rand, info.now));
   }
 
   // The client may have requested a certificate chain.
   const QuicTag* their_proof_demands;
   size_t num_their_proof_demands;
 
-  if (proof_source_.get() != NULL &&
+  if (proof_source_.get() == NULL ||
       client_hello.GetTaglist(kPDMD, &their_proof_demands,
-                              &num_their_proof_demands) ==
+                              &num_their_proof_demands) !=
           QUIC_NO_ERROR) {
-    for (size_t i = 0; i < num_their_proof_demands; i++) {
-      if (their_proof_demands[i] != kX509) {
-        continue;
-      }
+    return;
+  }
 
-      const vector<string>* certs;
-      string signature;
-      if (!proof_source_->GetProof(info.sni.as_string(), config->serialized,
-                                   &certs, &signature)) {
+  bool x509_supported = false, x509_ecdsa_supported = false;
+  for (size_t i = 0; i < num_their_proof_demands; i++) {
+    switch (their_proof_demands[i]) {
+      case kX509:
+        x509_supported = true;
+        x509_ecdsa_supported = true;
         break;
-      }
+      case kX59R:
+        x509_supported = true;
+        break;
+    }
+  }
 
-      StringPiece their_common_set_hashes;
-      StringPiece their_cached_cert_hashes;
-      client_hello.GetStringPiece(kCCS, &their_common_set_hashes);
-      client_hello.GetStringPiece(kCCRT, &their_cached_cert_hashes);
+  if (!x509_supported) {
+    return;
+  }
 
-      const string compressed = CertCompressor::CompressChain(
-          *certs, their_common_set_hashes, their_cached_cert_hashes,
-          config->common_cert_sets);
+  const vector<string>* certs;
+  string signature;
+  if (!proof_source_->GetProof(info.sni.as_string(), config->serialized,
+                               x509_ecdsa_supported, &certs, &signature)) {
+    return;
+  }
 
-      // kMaxUnverifiedSize is the number of bytes that the certificate chain
-      // and signature can consume before we will demand a valid
-      // source-address token.
-      // TODO(agl): make this configurable.
-      static const size_t kMaxUnverifiedSize = 400;
-      if (info.valid_source_address_token ||
-          signature.size() + compressed.size() < kMaxUnverifiedSize) {
-        out->SetStringPiece(kCertificateTag, compressed);
-        out->SetStringPiece(kPROF, signature);
-      }
-      break;
-    }
+  StringPiece their_common_set_hashes;
+  StringPiece their_cached_cert_hashes;
+  client_hello.GetStringPiece(kCCS, &their_common_set_hashes);
+  client_hello.GetStringPiece(kCCRT, &their_cached_cert_hashes);
+
+  const string compressed = CertCompressor::CompressChain(
+      *certs, their_common_set_hashes, their_cached_cert_hashes,
+      config->common_cert_sets);
+
+  // kREJOverheadBytes is a very rough estimate of how much of a REJ
+  // message is taken up by things other than the certificates.
+  const size_t kREJOverheadBytes = 112;
+  // kMaxUnverifiedSize is the number of bytes that the certificate chain
+  // and signature can consume before we will demand a valid source-address
+  // token.
+  const size_t kMaxUnverifiedSize = client_hello.size() - kREJOverheadBytes;
+  COMPILE_ASSERT(kClientHelloMinimumSize >= kREJOverheadBytes,
+                 overhead_calculation_may_underflow);
+  if (info.valid_source_address_token ||
+      signature.size() + compressed.size() < kMaxUnverifiedSize) {
+    out->SetStringPiece(kCertificateTag, compressed);
+    out->SetStringPiece(kPROF, signature);
   }
 }
 
 scoped_refptr<QuicCryptoServerConfig::Config>
 QuicCryptoServerConfig::ParseConfigProtobuf(
     QuicServerConfigProtobuf* protobuf) {
   scoped_ptr<CryptoHandshakeMessage> msg(
       CryptoFramer::ParseMessage(protobuf->config()));
 
   if (msg->tag() != kSCFG) {
@@ skipping 312 matching lines @@
 }
 
 QuicCryptoServerConfig::Config::Config()
     : channel_id_enabled(false),
       is_primary(false),
       primary_time(QuicWallTime::Zero()) {}
 
 QuicCryptoServerConfig::Config::~Config() { STLDeleteElements(&key_exchanges); }
 
 }  // namespace net