Google Git
Sign in
quiche / quiche / 6ebe83b7608c717c4568d8cdf775f51a05d69c77^! / . / quic / core / tls_client_handshaker.cc
commit6ebe83b7608c717c4568d8cdf775f51a05d69c77[log] [tgz]
authornharper <nharper@google.com>Thu Jun 13 17:43:52 2019 -0700
committerCopybara-Service <copybara-worker@google.com>Fri Jun 14 09:41:02 2019 -0700
treebfba35a4a132df62258475a5b2c3fa1a1d455b9e
parentf245d294d1705f5bd4b3df83296dbbd9feff0449 [diff] [blame]
Refactor TlsHandshaker classes

QuicCryptoClientConfig and QuicCryptoServerConfig each own an SSL_CTX,
which is currently created by TlsHandshaker. Those crypto config classes
can't take a dependency on TlsHandshaker (because TlsHandshaker depends on
classes have a dependency in the other direction), resulting in the SSL_CTX
being passed into the crypto config constructors. The SSL_CTX shouldn't be
exposed like this, as it's essentially an implementation detail of the
crypto handshake.

This CL splits TlsHandshaker in two. TlsConnection (and its subclasses) are
in quic/core/crypto, and handle the callbacks from BoringSSL. In turn, it
passes the implementation of those callbacks to a delegate. TlsHandshaker
implements this delegate and owns the TlsConnection.

gfe-relnote: refactor TLS handshake classes in QUIC; not flag protected
PiperOrigin-RevId: 253140899
Change-Id: Ie907a7f61798c29a385be15ea0f53403b86508ab

diff --git a/quic/core/tls_client_handshaker.cc b/quic/core/tls_client_handshaker.cc
index db1f6b4..d90b6f5 100644
--- a/quic/core/tls_client_handshaker.cc
+++ b/quic/core/tls_client_handshaker.cc

@@ -53,7 +53,8 @@
       proof_verifier_(proof_verifier),
       verify_context_(std::move(verify_context)),
       user_agent_id_(user_agent_id),
-      crypto_negotiated_params_(new QuicCryptoNegotiatedParameters) {}
+      crypto_negotiated_params_(new QuicCryptoNegotiatedParameters),
+      tls_connection_(ssl_ctx, this) {}
 
 TlsClientHandshaker::~TlsClientHandshaker() {
   if (proof_verify_callback_) {
@@ -63,7 +64,7 @@
 
 // static
 bssl::UniquePtr<SSL_CTX> TlsClientHandshaker::CreateSslCtx() {
-  return TlsHandshaker::CreateSslCtx();
+  return TlsClientConnection::CreateSslCtx();
 }
 
 bool TlsClientHandshaker::CryptoConnect() {
@@ -76,12 +77,6 @@
   session()->connection()->InstallDecrypter(ENCRYPTION_INITIAL,
                                             std::move(crypters.decrypter));
   state_ = STATE_HANDSHAKE_RUNNING;
-  // Configure certificate verification.
-  // TODO(nharper): This only verifies certs on initial connection, not on
-  // resumption. Chromium has this callback be a no-op and verifies the
-  // certificate after the connection is complete. We need to re-verify on
-  // resumption in case of expiration or revocation/distrust.
-  SSL_set_custom_verify(ssl(), SSL_VERIFY_PEER, &VerifyCallback);
 
   // Configure the SSL to be a client.
   SSL_set_connect_state(ssl());
@@ -298,19 +293,6 @@
   handshake_confirmed_ = true;
 }
 
-// static
-TlsClientHandshaker* TlsClientHandshaker::HandshakerFromSsl(SSL* ssl) {
-  return static_cast<TlsClientHandshaker*>(
-      TlsHandshaker::HandshakerFromSsl(ssl));
-}
-
-// static
-enum ssl_verify_result_t TlsClientHandshaker::VerifyCallback(
-    SSL* ssl,
-    uint8_t* out_alert) {
-  return HandshakerFromSsl(ssl)->VerifyCert(out_alert);
-}
-
 enum ssl_verify_result_t TlsClientHandshaker::VerifyCert(uint8_t* out_alert) {
   if (verify_result_ != ssl_verify_retry ||
       state_ == STATE_CERT_VERIFY_PENDING) {