Google Git
Sign in
quiche / quiche.git / d58736db7b79ab31e6dc652c0fa2d6b2f0564881^! / . / quic / core / tls_server_handshaker.cc
commitd58736db7b79ab31e6dc652c0fa2d6b2f0564881[log] [tgz]
authorfayang <fayang@google.com>Wed Nov 27 13:35:31 2019 -0800
committerCopybara-Service <copybara-worker@google.com>Wed Nov 27 13:36:12 2019 -0800
tree3d266d883b20b4dfc479c93ad2a1aeefc5d4db10
parent446887ea229c40427cfbd7b2e00ad259099a4c6a [diff] [blame]
gfe-relnote: Use HandshakerDelegateInterface in QUIC handshakers. Abstract keys installation, keys discarding, default encryption level change and mark handshake complete to HandshakerDelegateInterface. Protected by gfe2_reloadable_flag_quic_use_handshaker_delegate.

The final goal is remove session pointer from handshakers.

PiperOrigin-RevId: 282826263
Change-Id: I9b379ccfcebd174df1850f7df45069d388460173

diff --git a/quic/core/tls_server_handshaker.cc b/quic/core/tls_server_handshaker.cc
index 76bd289..24af98d 100644
--- a/quic/core/tls_server_handshaker.cc
+++ b/quic/core/tls_server_handshaker.cc

@@ -109,6 +109,15 @@
 void TlsServerHandshaker::SetPreviousCachedNetworkParams(
     CachedNetworkParameters /*cached_network_params*/) {}
 
+void TlsServerHandshaker::OnPacketDecrypted(EncryptionLevel level) {
+  if (level == ENCRYPTION_HANDSHAKE &&
+      state_ < STATE_ENCRYPTION_HANDSHAKE_DATA_PROCESSED) {
+    state_ = STATE_ENCRYPTION_HANDSHAKE_DATA_PROCESSED;
+    delegate()->DiscardOldEncryptionKey(ENCRYPTION_INITIAL);
+    delegate()->DiscardOldDecryptionKey(ENCRYPTION_INITIAL);
+  }
+}
+
 bool TlsServerHandshaker::ShouldSendExpectCTHeader() const {
   return false;
 }
@@ -252,10 +261,9 @@
   QUIC_LOG(INFO) << "Server: handshake finished";
   state_ = STATE_HANDSHAKE_COMPLETE;
 
-  session()->connection()->SetDefaultEncryptionLevel(ENCRYPTION_FORWARD_SECURE);
   encryption_established_ = true;
   handshake_confirmed_ = true;
-  session()->OnCryptoHandshakeEvent(QuicSession::HANDSHAKE_CONFIRMED);
+  delegate()->SetDefaultEncryptionLevel(ENCRYPTION_FORWARD_SECURE);
 
   // Fill crypto_negotiated_params_:
   const SSL_CIPHER* cipher = SSL_get_current_cipher(ssl());
@@ -263,8 +271,9 @@
     crypto_negotiated_params_->cipher_suite = SSL_CIPHER_get_value(cipher);
   }
   crypto_negotiated_params_->key_exchange_group = SSL_get_curve_id(ssl());
-
-  session()->connection()->OnHandshakeComplete();
+  // TODO(fayang): Replace this with DiscardOldKeys(ENCRYPTION_HANDSHAKE) when
+  // handshake key discarding settles down.
+  delegate()->NeuterHandshakeData();
 }
 
 ssl_private_key_result_t TlsServerHandshaker::PrivateKeySign(