Google Git
Sign in
quiche / quiche.git / 9b0a1af86bb9559f49ba72f37edd605331f0eff5^! / .
commit9b0a1af86bb9559f49ba72f37edd605331f0eff5[log] [tgz]
authornharper <nharper@google.com>Fri Aug 07 17:11:29 2020 -0700
committerCopybara-Service <copybara-worker@google.com>Fri Aug 07 17:12:04 2020 -0700
tree51d667979ceaa7f61004891f7f788cf571ea388e
parentcd69ce4b2a157d6aa844376295aca28658aba2d9 [diff]
Expose ProofSource::Details on QuicCryptoServerStream

Move ProofSource::Details caching from GfeQuicCryptoServerStream to parent class, not flag protected

PiperOrigin-RevId: 325537643
Change-Id: Idc71b12e1b7a2945e170c972e12a45707ec82457

diff --git a/quic/core/quic_crypto_server_stream.cc b/quic/core/quic_crypto_server_stream.cc
index 6c84067..2b0b3e8 100644
--- a/quic/core/quic_crypto_server_stream.cc
+++ b/quic/core/quic_crypto_server_stream.cc

@@ -157,11 +157,12 @@
         const std::string& error_details,
         std::unique_ptr<CryptoHandshakeMessage> reply,
         std::unique_ptr<DiversificationNonce> diversification_nonce,
-        std::unique_ptr<ProofSource::Details> /*proof_source_details*/) {
+        std::unique_ptr<ProofSource::Details> proof_source_details) {
   // Clear the callback that got us here.
   DCHECK(process_client_hello_cb_ != nullptr);
   DCHECK(validate_client_hello_cb_ == nullptr);
   process_client_hello_cb_ = nullptr;
+  proof_source_details_ = std::move(proof_source_details);
 
   const CryptoHandshakeMessage& message = result.client_hello;
   if (error != QUIC_NO_ERROR) {
@@ -338,6 +339,10 @@
   return signed_config_->proof.send_expect_ct_header;
 }
 
+const ProofSource::Details* QuicCryptoServerStream::ProofSourceDetails() const {
+  return proof_source_details_.get();
+}
+
 bool QuicCryptoServerStream::GetBase64SHA256ClientChannelID(
     std::string* output) const {
   if (!encryption_established() ||
@@ -390,8 +395,9 @@
 void QuicCryptoServerStream::ProcessClientHello(
     QuicReferenceCountedPointer<ValidateClientHelloResultCallback::Result>
         result,
-    std::unique_ptr<ProofSource::Details> /*proof_source_details*/,
+    std::unique_ptr<ProofSource::Details> proof_source_details,
     std::unique_ptr<ProcessClientHelloResultCallback> done_cb) {
+  proof_source_details_ = std::move(proof_source_details);
   const CryptoHandshakeMessage& message = result->client_hello;
   std::string error_details;
   if (!helper_->CanAcceptClientHello(

diff --git a/quic/core/quic_crypto_server_stream.h b/quic/core/quic_crypto_server_stream.h
index 9ed7764..5a4b9b1 100644
--- a/quic/core/quic_crypto_server_stream.h
+++ b/quic/core/quic_crypto_server_stream.h

@@ -29,7 +29,7 @@
 
   ~QuicCryptoServerStream() override;
 
-  // From HandshakerInterface
+  // From QuicCryptoServerStreamBase
   void CancelOutstandingCallbacks() override;
   bool GetBase64SHA256ClientChannelID(std::string* output) const override;
   void SendServerConfigUpdate(
@@ -48,6 +48,7 @@
                           ConnectionCloseSource /*source*/) override {}
   void OnHandshakeDoneReceived() override;
   bool ShouldSendExpectCTHeader() const override;
+  const ProofSource::Details* ProofSourceDetails() const override;
 
   // From QuicCryptoStream
   bool encryption_established() const override;
@@ -237,6 +238,9 @@
   // field is mutually exclusive with validate_client_hello_cb_.
   ProcessClientHelloCallback* process_client_hello_cb_;
 
+  // The ProofSource::Details from this connection.
+  std::unique_ptr<ProofSource::Details> proof_source_details_;
+
   bool encryption_established_;
   bool one_rtt_keys_available_;
   bool one_rtt_packet_decrypted_;

diff --git a/quic/core/quic_crypto_server_stream_base.h b/quic/core/quic_crypto_server_stream_base.h
index 540b7a4..bea998d 100644
--- a/quic/core/quic_crypto_server_stream_base.h
+++ b/quic/core/quic_crypto_server_stream_base.h

@@ -84,6 +84,12 @@
   // However, it is exposed here because that is the only place where the
   // configuration for the certificate used in the connection is accessible.
   virtual bool ShouldSendExpectCTHeader() const = 0;
+
+  // Returns the Details from the latest call to ProofSource::GetProof or
+  // ProofSource::ComputeTlsSignature. Returns nullptr if no such call has been
+  // made. The Details are owned by the QuicCryptoServerStreamBase and the
+  // pointer is only valid while the owning object is still valid.
+  virtual const ProofSource::Details* ProofSourceDetails() const = 0;
 };
 
 // Creates an appropriate QuicCryptoServerStream for the provided parameters,

diff --git a/quic/core/tls_server_handshaker.cc b/quic/core/tls_server_handshaker.cc
index ac3b056..bae9f1a 100644
--- a/quic/core/tls_server_handshaker.cc
+++ b/quic/core/tls_server_handshaker.cc

@@ -166,6 +166,10 @@
   return false;
 }
 
+const ProofSource::Details* TlsServerHandshaker::ProofSourceDetails() const {
+  return proof_source_details_.get();
+}
+
 void TlsServerHandshaker::OnConnectionClosed(QuicErrorCode /*error*/,
                                              ConnectionCloseSource /*source*/) {
   state_ = STATE_CONNECTION_CLOSED;

diff --git a/quic/core/tls_server_handshaker.h b/quic/core/tls_server_handshaker.h
index 13b734e..b0212db 100644
--- a/quic/core/tls_server_handshaker.h
+++ b/quic/core/tls_server_handshaker.h

@@ -53,6 +53,7 @@
                           ConnectionCloseSource source) override;
   void OnHandshakeDoneReceived() override;
   bool ShouldSendExpectCTHeader() const override;
+  const ProofSource::Details* ProofSourceDetails() const override;
 
   // From QuicCryptoServerStreamBase and TlsHandshaker
   bool encryption_established() const override;
@@ -77,10 +78,6 @@
     return &tls_connection_;
   }
 
-  ProofSource::Details* proof_source_details() const {
-    return proof_source_details_.get();
-  }
-
   virtual void ProcessAdditionalTransportParameters(
       const TransportParameters& /*params*/) {}