Google Git
Sign in
quiche/quiche.git/26e3e88cef291cc283d31dff7c5b51338aef5e8d^!/.
commit
26e3e88cef291cc283d31dff7c5b51338aef5e8d
[log] [tgz]
author
nharper <nharper@google.com>
Wed Sep 09 12:30:55 2020 -0700
committer
Copybara-Service <copybara-worker@google.com>
Wed Sep 09 12:31:27 2020 -0700
tree
be65f6e89ef96145ba76376287f649efcfb9527b
parent
7f547143b82d4ea8fc34161a0c014f655449c1f5 [diff]
Add method to get reason why 0-RTT was accepted or rejected in QUIC

This provides additional detail compared to
QuicCryptoClientStreamBase::EarlyDataAccepted to indicate why early data was
rejected (if it was). This change only adds client-side logging information
- it doesn't change the behavior of a client.
PiperOrigin-RevId: 330774692
Change-Id: I9f59ee5a4a64a5617b5ff9de5aba34156b88538f

diff --git a/quic/core/quic_crypto_client_handshaker.cc b/quic/core/quic_crypto_client_handshaker.cc
index 7276937..b60b026 100644
--- a/quic/core/quic_crypto_client_handshaker.cc
+++ b/quic/core/quic_crypto_client_handshaker.cc

@@ -128,6 +128,10 @@
   return num_client_hellos_ == 1;
 }
 
+ssl_early_data_reason_t QuicCryptoClientHandshaker::EarlyDataReason() const {
+  return early_data_reason_;
+}
+
 bool QuicCryptoClientHandshaker::ReceivedInchoateReject() const {
   QUIC_BUG_IF(!one_rtt_keys_available_);
   return num_client_hellos_ >= 3;
@@ -290,9 +294,16 @@
   // inchoate or subsequent hello.
   session()->config()->ToHandshakeMessage(&out, session()->transport_version());
 
-  if (!cached->IsComplete(session()->connection()->clock()->WallNow()) ||
-      session()->config()->HasClientRequestedIndependentOption(
-          kQNZR, session()->perspective())) {
+  bool fill_inchoate_client_hello = false;
+  if (!cached->IsComplete(session()->connection()->clock()->WallNow())) {
+    early_data_reason_ = ssl_early_data_no_session_offered;
+    fill_inchoate_client_hello = true;
+  } else if (session()->config()->HasClientRequestedIndependentOption(
+                 kQNZR, session()->perspective())) {
+    early_data_reason_ = ssl_early_data_disabled;
+    fill_inchoate_client_hello = true;
+  }
+  if (fill_inchoate_client_hello) {
     crypto_config_->FillInchoateClientHello(
         server_id_, session()->supported_versions().front(), cached,
         session()->connection()->random_generator(),
@@ -356,6 +367,9 @@
       /*latch_once_used=*/true);
   encryption_established_ = true;
   delegate_->SetDefaultEncryptionLevel(ENCRYPTION_ZERO_RTT);
+  if (early_data_reason_ == ssl_early_data_unknown && num_client_hellos_ > 1) {
+    early_data_reason_ = ssl_early_data_peer_declined;
+  }
 }
 
 void QuicCryptoClientHandshaker::DoReceiveREJ(
@@ -531,6 +545,9 @@
                                   "unencrypted SHLO message");
     return;
   }
+  if (num_client_hellos_ == 1) {
+    early_data_reason_ = ssl_early_data_accepted;
+  }
 
   std::string error_details;
   QuicErrorCode error = crypto_config_->ProcessServerHello(

diff --git a/quic/core/quic_crypto_client_handshaker.h b/quic/core/quic_crypto_client_handshaker.h
index 90f011d..605318e 100644
--- a/quic/core/quic_crypto_client_handshaker.h
+++ b/quic/core/quic_crypto_client_handshaker.h

@@ -40,6 +40,7 @@
   int num_sent_client_hellos() const override;
   bool IsResumption() const override;
   bool EarlyDataAccepted() const override;
+  ssl_early_data_reason_t EarlyDataReason() const override;
   bool ReceivedInchoateReject() const override;
   int num_scup_messages_received() const override;
   std::string chlo_hash() const override;
@@ -153,6 +154,8 @@
   // connection has sent.
   int num_client_hellos_;
 
+  ssl_early_data_reason_t early_data_reason_ = ssl_early_data_unknown;
+
   QuicCryptoClientConfig* const crypto_config_;
 
   // SHA-256 hash of the most recently sent CHLO.

diff --git a/quic/core/quic_crypto_client_stream.cc b/quic/core/quic_crypto_client_stream.cc
index 62a261d..67a9a11 100644
--- a/quic/core/quic_crypto_client_stream.cc
+++ b/quic/core/quic_crypto_client_stream.cc

@@ -71,6 +71,10 @@
   return handshaker_->EarlyDataAccepted();
 }
 
+ssl_early_data_reason_t QuicCryptoClientStream::EarlyDataReason() const {
+  return handshaker_->EarlyDataReason();
+}
+
 bool QuicCryptoClientStream::ReceivedInchoateReject() const {
   return handshaker_->ReceivedInchoateReject();
 }

diff --git a/quic/core/quic_crypto_client_stream.h b/quic/core/quic_crypto_client_stream.h
index be99fb2..4100a50 100644
--- a/quic/core/quic_crypto_client_stream.h
+++ b/quic/core/quic_crypto_client_stream.h

@@ -9,6 +9,7 @@
 #include <memory>
 #include <string>
 
+#include "third_party/boringssl/src/include/openssl/ssl.h"
 #include "net/third_party/quiche/src/quic/core/crypto/proof_verifier.h"
 #include "net/third_party/quiche/src/quic/core/crypto/quic_crypto_client_config.h"
 #include "net/third_party/quiche/src/quic/core/quic_config.h"
@@ -53,6 +54,10 @@
   // Returns true if early data (0-RTT) was accepted in the connection.
   virtual bool EarlyDataAccepted() const = 0;
 
+  // Returns the ssl_early_data_reason_t describing why 0-RTT was accepted or
+  // rejected.
+  virtual ssl_early_data_reason_t EarlyDataReason() const = 0;
+
   // Returns true if the client received an inchoate REJ during the handshake,
   // extending the handshake by one round trip. This only applies for QUIC
   // crypto handshakes. The equivalent feature in IETF QUIC is a Retry packet,
@@ -116,6 +121,10 @@
     // Returns true if early data (0-RTT) was accepted in the connection.
     virtual bool EarlyDataAccepted() const = 0;
 
+    // Returns the ssl_early_data_reason_t describing why 0-RTT was accepted or
+    // rejected.
+    virtual ssl_early_data_reason_t EarlyDataReason() const = 0;
+
     // Returns true if the client received an inchoate REJ during the handshake,
     // extending the handshake by one round trip. This only applies for QUIC
     // crypto handshakes. The equivalent feature in IETF QUIC is a Retry packet,
@@ -203,6 +212,7 @@
   int num_sent_client_hellos() const override;
   bool IsResumption() const override;
   bool EarlyDataAccepted() const override;
+  ssl_early_data_reason_t EarlyDataReason() const override;
   bool ReceivedInchoateReject() const override;
 
   int num_scup_messages_received() const override;

diff --git a/quic/core/quic_crypto_client_stream_test.cc b/quic/core/quic_crypto_client_stream_test.cc
index 7f6d777..52791b3 100644
--- a/quic/core/quic_crypto_client_stream_test.cc
+++ b/quic/core/quic_crypto_client_stream_test.cc

@@ -107,6 +107,7 @@
   EXPECT_TRUE(stream()->encryption_established());
   EXPECT_TRUE(stream()->one_rtt_keys_available());
   EXPECT_FALSE(stream()->IsResumption());
+  EXPECT_EQ(stream()->EarlyDataReason(), ssl_early_data_no_session_offered);
 }
 
 TEST_F(QuicCryptoClientStreamTest, MessageAfterHandshake) {
@@ -179,6 +180,7 @@
   // Check that a client hello was sent.
   ASSERT_EQ(1u, connection_->encrypted_packets_.size());
   EXPECT_EQ(ENCRYPTION_INITIAL, connection_->encryption_level());
+  EXPECT_EQ(stream()->EarlyDataReason(), ssl_early_data_disabled);
 }
 
 TEST_F(QuicCryptoClientStreamTest, ClockSkew) {

diff --git a/quic/core/tls_client_handshaker.cc b/quic/core/tls_client_handshaker.cc
index 46bf285..fa19005 100644
--- a/quic/core/tls_client_handshaker.cc
+++ b/quic/core/tls_client_handshaker.cc

@@ -295,6 +295,10 @@
   return SSL_early_data_accepted(ssl()) == 1;
 }
 
+ssl_early_data_reason_t TlsClientHandshaker::EarlyDataReason() const {
+  return SSL_get_early_data_reason(ssl());
+}
+
 bool TlsClientHandshaker::ReceivedInchoateReject() const {
   QUIC_BUG_IF(!one_rtt_keys_available_);
   // REJ messages are a QUIC crypto feature, so TLS always returns false.

diff --git a/quic/core/tls_client_handshaker.h b/quic/core/tls_client_handshaker.h
index bf05ca8..2a09fb8 100644
--- a/quic/core/tls_client_handshaker.h
+++ b/quic/core/tls_client_handshaker.h

@@ -46,6 +46,7 @@
   int num_sent_client_hellos() const override;
   bool IsResumption() const override;
   bool EarlyDataAccepted() const override;
+  ssl_early_data_reason_t EarlyDataReason() const override;
   bool ReceivedInchoateReject() const override;
   int num_scup_messages_received() const override;
   std::string chlo_hash() const override;

diff --git a/quic/core/tls_client_handshaker_test.cc b/quic/core/tls_client_handshaker_test.cc
index a0a6ea7..a4bd87e 100644
--- a/quic/core/tls_client_handshaker_test.cc
+++ b/quic/core/tls_client_handshaker_test.cc

@@ -376,6 +376,8 @@
   EXPECT_TRUE(stream()->one_rtt_keys_available());
   EXPECT_FALSE(stream()->IsResumption());
   EXPECT_FALSE(stream()->EarlyDataAccepted());
+  EXPECT_EQ(stream()->EarlyDataReason(),
+            ssl_early_data_unsupported_for_session);
 }
 
 TEST_P(TlsClientHandshakerTest, ZeroRttResumption) {
@@ -413,6 +415,7 @@
   EXPECT_TRUE(stream()->one_rtt_keys_available());
   EXPECT_TRUE(stream()->IsResumption());
   EXPECT_TRUE(stream()->EarlyDataAccepted());
+  EXPECT_EQ(stream()->EarlyDataReason(), ssl_early_data_accepted);
 }
 
 TEST_P(TlsClientHandshakerTest, ZeroRttRejection) {
@@ -461,6 +464,7 @@
   EXPECT_TRUE(stream()->one_rtt_keys_available());
   EXPECT_TRUE(stream()->IsResumption());
   EXPECT_FALSE(stream()->EarlyDataAccepted());
+  EXPECT_EQ(stream()->EarlyDataReason(), ssl_early_data_peer_declined);
 }
 
 TEST_P(TlsClientHandshakerTest, ZeroRttAndResumptionRejection) {
@@ -509,6 +513,7 @@
   EXPECT_TRUE(stream()->one_rtt_keys_available());
   EXPECT_FALSE(stream()->IsResumption());
   EXPECT_FALSE(stream()->EarlyDataAccepted());
+  EXPECT_EQ(stream()->EarlyDataReason(), ssl_early_data_session_not_resumed);
 }
 
 TEST_P(TlsClientHandshakerTest, ClientSendsNoSNI) {
@@ -606,6 +611,7 @@
   EXPECT_TRUE(stream()->encryption_established());
   EXPECT_TRUE(stream()->one_rtt_keys_available());
   EXPECT_FALSE(stream()->EarlyDataAccepted());
+  EXPECT_EQ(stream()->EarlyDataReason(), ssl_early_data_alpn_mismatch);
 }
 
 TEST_P(TlsClientHandshakerTest, InvalidSNI) {