blob: 66f993a59b84adbcf462c429760a9caf08cdd7cf [file] [log] [blame]
// Copyright (c) 2019 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "net/third_party/quiche/src/quic/quic_transport/quic_transport_client_session.h"
#include <cstdint>
#include <limits>
#include <memory>
#include <string>
#include <utility>
#include "absl/strings/string_view.h"
#include "url/gurl.h"
#include "net/third_party/quiche/src/quic/core/quic_constants.h"
#include "net/third_party/quiche/src/quic/core/quic_crypto_client_stream.h"
#include "net/third_party/quiche/src/quic/core/quic_data_writer.h"
#include "net/third_party/quiche/src/quic/core/quic_error_codes.h"
#include "net/third_party/quiche/src/quic/core/quic_session.h"
#include "net/third_party/quiche/src/quic/core/quic_types.h"
#include "net/third_party/quiche/src/quic/core/quic_versions.h"
#include "net/third_party/quiche/src/quic/platform/api/quic_bug_tracker.h"
#include "net/third_party/quiche/src/quic/platform/api/quic_logging.h"
#include "net/third_party/quiche/src/quic/quic_transport/quic_transport_protocol.h"
#include "net/third_party/quiche/src/quic/quic_transport/quic_transport_stream.h"
namespace quic {
QuicTransportClientSession::QuicTransportClientSession(
QuicConnection* connection,
Visitor* owner,
const QuicConfig& config,
const ParsedQuicVersionVector& supported_versions,
const GURL& url,
QuicCryptoClientConfig* crypto_config,
url::Origin origin,
ClientVisitor* visitor,
std::unique_ptr<QuicDatagramQueue::Observer> datagram_observer)
: QuicSession(connection,
owner,
config,
supported_versions,
/*num_expected_unidirectional_static_streams*/ 0,
std::move(datagram_observer)),
url_(url),
origin_(origin),
visitor_(visitor) {
for (const ParsedQuicVersion& version : supported_versions) {
QUIC_BUG_IF(version.handshake_protocol != PROTOCOL_TLS1_3)
<< "QuicTransport requires TLS 1.3 handshake";
}
crypto_stream_ = std::make_unique<QuicCryptoClientStream>(
QuicServerId(url.host(), url.EffectiveIntPort()), this,
crypto_config->proof_verifier()->CreateDefaultContext(), crypto_config,
/*proof_handler=*/this, /*has_application_state = */ true);
}
void QuicTransportClientSession::OnAlpnSelected(absl::string_view alpn) {
// Defense in-depth: ensure the ALPN selected is the desired one.
if (alpn != QuicTransportAlpn()) {
QUIC_BUG << "QuicTransport negotiated non-QuicTransport ALPN: " << alpn;
connection()->CloseConnection(
QUIC_INTERNAL_ERROR, "QuicTransport negotiated non-QuicTransport ALPN",
ConnectionCloseBehavior::SEND_CONNECTION_CLOSE_PACKET);
return;
}
alpn_received_ = true;
}
QuicStream* QuicTransportClientSession::CreateIncomingStream(QuicStreamId id) {
QUIC_DVLOG(1) << "Creating incoming QuicTransport stream " << id;
QuicTransportStream* stream = CreateStream(id);
if (stream->type() == BIDIRECTIONAL) {
incoming_bidirectional_streams_.push_back(stream);
visitor_->OnIncomingBidirectionalStreamAvailable();
} else {
incoming_unidirectional_streams_.push_back(stream);
visitor_->OnIncomingUnidirectionalStreamAvailable();
}
return stream;
}
void QuicTransportClientSession::SetDefaultEncryptionLevel(
EncryptionLevel level) {
QuicSession::SetDefaultEncryptionLevel(level);
if (level == ENCRYPTION_FORWARD_SECURE) {
SendClientIndication();
}
}
void QuicTransportClientSession::OnTlsHandshakeComplete() {
QuicSession::OnTlsHandshakeComplete();
SendClientIndication();
}
QuicTransportStream*
QuicTransportClientSession::AcceptIncomingBidirectionalStream() {
if (incoming_bidirectional_streams_.empty()) {
return nullptr;
}
QuicTransportStream* stream = incoming_bidirectional_streams_.front();
incoming_bidirectional_streams_.pop_front();
return stream;
}
QuicTransportStream*
QuicTransportClientSession::AcceptIncomingUnidirectionalStream() {
if (incoming_unidirectional_streams_.empty()) {
return nullptr;
}
QuicTransportStream* stream = incoming_unidirectional_streams_.front();
incoming_unidirectional_streams_.pop_front();
return stream;
}
QuicTransportStream*
QuicTransportClientSession::OpenOutgoingBidirectionalStream() {
if (!CanOpenNextOutgoingBidirectionalStream()) {
QUIC_BUG << "Attempted to open a stream in violation of flow control";
return nullptr;
}
return CreateStream(GetNextOutgoingBidirectionalStreamId());
}
QuicTransportStream*
QuicTransportClientSession::OpenOutgoingUnidirectionalStream() {
if (!CanOpenNextOutgoingUnidirectionalStream()) {
QUIC_BUG << "Attempted to open a stream in violation of flow control";
return nullptr;
}
return CreateStream(GetNextOutgoingUnidirectionalStreamId());
}
QuicTransportStream* QuicTransportClientSession::CreateStream(QuicStreamId id) {
auto stream = std::make_unique<QuicTransportStream>(id, this, this);
QuicTransportStream* stream_ptr = stream.get();
ActivateStream(std::move(stream));
return stream_ptr;
}
std::string QuicTransportClientSession::SerializeClientIndication() {
std::string serialized_origin = origin_.Serialize();
if (serialized_origin.size() > std::numeric_limits<uint16_t>::max()) {
QUIC_BUG << "Client origin too long";
connection()->CloseConnection(
QUIC_INTERNAL_ERROR, "Client origin too long",
ConnectionCloseBehavior::SEND_CONNECTION_CLOSE_PACKET);
return "";
}
QUIC_DLOG(INFO) << "Sending client indication with origin "
<< serialized_origin;
std::string path = url_.PathForRequest();
if (path.size() > std::numeric_limits<uint16_t>::max()) {
connection()->CloseConnection(
QUIC_TRANSPORT_INVALID_CLIENT_INDICATION, "Requested URL path too long",
ConnectionCloseBehavior::SEND_CONNECTION_CLOSE_PACKET);
return "";
}
constexpr size_t kPrefixSize =
sizeof(QuicTransportClientIndicationKeys) + sizeof(uint16_t);
const size_t buffer_size =
2 * kPrefixSize + serialized_origin.size() + path.size();
if (buffer_size > std::numeric_limits<uint16_t>::max()) {
connection()->CloseConnection(
QUIC_TRANSPORT_INVALID_CLIENT_INDICATION,
"Client indication size limit exceeded",
ConnectionCloseBehavior::SEND_CONNECTION_CLOSE_PACKET);
return "";
}
std::string buffer;
buffer.resize(buffer_size);
QuicDataWriter writer(buffer.size(), &buffer[0]);
bool success =
writer.WriteUInt16(
static_cast<uint16_t>(QuicTransportClientIndicationKeys::kOrigin)) &&
writer.WriteUInt16(serialized_origin.size()) &&
writer.WriteStringPiece(serialized_origin) &&
writer.WriteUInt16(
static_cast<uint16_t>(QuicTransportClientIndicationKeys::kPath)) &&
writer.WriteUInt16(path.size()) && writer.WriteStringPiece(path);
QUIC_BUG_IF(!success) << "Failed to serialize client indication";
QUIC_BUG_IF(writer.length() != buffer.length())
<< "Serialized client indication has length different from expected";
return buffer;
}
void QuicTransportClientSession::SendClientIndication() {
if (!crypto_stream_->encryption_established()) {
QUIC_BUG << "Client indication may only be sent once the encryption is "
"established.";
connection()->CloseConnection(
QUIC_INTERNAL_ERROR, "Attempted to send client indication unencrypted",
ConnectionCloseBehavior::SEND_CONNECTION_CLOSE_PACKET);
return;
}
if (ready_) {
QUIC_BUG << "Client indication may only be sent once.";
connection()->CloseConnection(
QUIC_INTERNAL_ERROR, "Attempted to send client indication twice",
ConnectionCloseBehavior::SEND_CONNECTION_CLOSE_PACKET);
return;
}
auto client_indication_owned = std::make_unique<ClientIndication>(
/*stream_id=*/GetNextOutgoingUnidirectionalStreamId(), this,
/*is_static=*/false, WRITE_UNIDIRECTIONAL);
QUIC_BUG_IF(client_indication_owned->id() != ClientIndicationStream())
<< "Client indication stream is " << client_indication_owned->id()
<< " instead of expected " << ClientIndicationStream();
ClientIndication* client_indication = client_indication_owned.get();
ActivateStream(std::move(client_indication_owned));
client_indication->WriteOrBufferData(SerializeClientIndication(),
/*fin=*/true, nullptr);
client_indication_sent_ = true;
// Defense in depth: never set the ready bit unless ALPN has been confirmed.
if (!alpn_received_) {
QUIC_BUG << "ALPN confirmation missing after handshake complete";
connection()->CloseConnection(
QUIC_INTERNAL_ERROR,
"ALPN confirmation missing after handshake complete",
ConnectionCloseBehavior::SEND_CONNECTION_CLOSE_PACKET);
return;
}
// Don't set the ready bit if we closed the connection due to any error
// beforehand.
if (!connection()->connected()) {
return;
}
ready_ = true;
visitor_->OnSessionReady();
}
void QuicTransportClientSession::OnMessageReceived(absl::string_view message) {
visitor_->OnDatagramReceived(message);
}
void QuicTransportClientSession::OnCanCreateNewOutgoingStream(
bool unidirectional) {
if (unidirectional) {
visitor_->OnCanCreateNewOutgoingUnidirectionalStream();
} else {
visitor_->OnCanCreateNewOutgoingBidirectionalStream();
}
}
void QuicTransportClientSession::OnProofValid(
const QuicCryptoClientConfig::CachedState& /*cached*/) {}
void QuicTransportClientSession::OnProofVerifyDetailsAvailable(
const ProofVerifyDetails& /*verify_details*/) {}
} // namespace quic