summaryrefslogtreecommitdiffstats
path: root/net/quic/crypto/crypto_server_config.cc
diff options
context:
space:
mode:
Diffstat (limited to 'net/quic/crypto/crypto_server_config.cc')
-rw-r--r--net/quic/crypto/crypto_server_config.cc32
1 files changed, 6 insertions, 26 deletions
diff --git a/net/quic/crypto/crypto_server_config.cc b/net/quic/crypto/crypto_server_config.cc
index d766c20..d7eca6a 100644
--- a/net/quic/crypto/crypto_server_config.cc
+++ b/net/quic/crypto/crypto_server_config.cc
@@ -4,13 +4,11 @@
#include "net/quic/crypto/crypto_server_config.h"
-#include <stdlib.h>
-
#include "base/stl_util.h"
#include "crypto/hkdf.h"
#include "crypto/secure_hash.h"
-#include "net/quic/crypto/aes_128_gcm_12_decrypter.h"
-#include "net/quic/crypto/aes_128_gcm_12_encrypter.h"
+#include "net/quic/crypto/aes_128_gcm_decrypter.h"
+#include "net/quic/crypto/aes_128_gcm_encrypter.h"
#include "net/quic/crypto/cert_compressor.h"
#include "net/quic/crypto/crypto_framer.h"
#include "net/quic/crypto/crypto_server_config_protobuf.h"
@@ -53,8 +51,8 @@ QuicCryptoServerConfig::QuicCryptoServerConfig(
// TODO(agl): switch to an encrypter with a larger nonce space (i.e.
// Salsa20+Poly1305).
: strike_register_lock_(),
- source_address_token_encrypter_(new Aes128Gcm12Encrypter),
- source_address_token_decrypter_(new Aes128Gcm12Decrypter),
+ source_address_token_encrypter_(new Aes128GcmEncrypter),
+ source_address_token_decrypter_(new Aes128GcmDecrypter),
strike_register_max_entries_(1 << 10),
strike_register_window_secs_(600),
source_address_token_future_secs_(3600),
@@ -297,10 +295,7 @@ QuicErrorCode QuicCryptoServerConfig::ProcessClientHello(
string* error_details) const {
DCHECK(error_details);
- if (configs_.empty()) {
- *error_details = "No configurations loaded";
- return QUIC_CRYPTO_INTERNAL_ERROR;
- }
+ CHECK(!configs_.empty());
// FIXME(agl): we should use the client's SCID, not just the active config.
map<ServerConfigID, Config*>::const_iterator it =
@@ -311,11 +306,6 @@ QuicErrorCode QuicCryptoServerConfig::ProcessClientHello(
}
const Config* const config(it->second);
- if (client_hello.size() < kClientHelloMinimumSize) {
- *error_details = "Client hello too small";
- return QUIC_CRYPTO_INVALID_VALUE_LENGTH;
- }
-
const QuicWallTime now = clock->WallNow();
bool valid_source_address_token = false;
StringPiece srct;
@@ -361,11 +351,7 @@ QuicErrorCode QuicCryptoServerConfig::ProcessClientHello(
out->Clear();
StringPiece sni;
- if (client_hello.GetStringPiece(kSNI, &sni) &&
- !CryptoUtils::IsValidSNI(sni)) {
- *error_details = "Invalid SNI name";
- return QUIC_INVALID_CRYPTO_MESSAGE_PARAMETER;
- }
+ client_hello.GetStringPiece(kSNI, &sni);
StringPiece scid;
if (!client_hello.GetStringPiece(kSCID, &scid) ||
@@ -472,12 +458,6 @@ QuicErrorCode QuicCryptoServerConfig::ProcessClientHello(
}
params->server_config_id = scid.as_string();
- if (!sni.empty()) {
- scoped_ptr<char[]> sni_tmp(new char[sni.length() + 1]);
- memcpy(sni_tmp.get(), sni.data(), sni.length());
- sni_tmp[sni.length()] = 0;
- params->sni = CryptoUtils::NormalizeHostname(sni_tmp.get());
- }
string hkdf_suffix;
const QuicData& client_hello_serialized = client_hello.GetSerialized();
generated by cgit v1.1 at 2025-05-13 13:37:20 +0000