| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refactor hybrid slow start in QUIC to create a simpler interface between
it an TCPCubicSender.
In preparation for BBR.
Merge internal change: 64031462
https://codereview.chromium.org/218993002/
Don't log decryption errors in AeadBaseDecrypter::Decrypt.
Instead, have QuicFramer::DecryptPayload log a warning message if both
trial decryptions fail.
Merge internal change: 63977728
https://codereview.chromium.org/218983002/
QUIC refactor to remove a return value which was always true.
Merge internal change: 63977684
https://codereview.chromium.org/218913003/
Simplify the bytes_consumed computation
in QuicPacketCreator::CreateStreamFrame. Does not change behavior.
Merge internal change: 63900899
https://codereview.chromium.org/218873003/
Fixing a broken test for quic. cr/63542972 added the proxy flag on
outbound packets. Unfortunately, this broke our tests using the magic
header. This CL provides hooks for clearing that bit of data.
Adding a virtual function to quic client so we can fix a test.
Merge internal change: 63898585
https://codereview.chromium.org/218963003/
+ Use QuicServerKey tuple (host, port, is_https) instead of
server_hostname, while creating QuicClientSession,
QuicCryptoClientStream, QuicCryptoClientConfig, QuicClient,
QuicTestClient, etc objects.
+ QuicServerKey is used as the key to access QUIC server
config information from all caches.
+ Added couple of new unit tests for HostPortPair class.
+ Added unit tests for QuicServerId for privacy mode
combination with host, port, is_https.
Merge internal change: 63891842
https://codereview.chromium.org/218923002/
R=rch@chromium.org
Review URL: https://codereview.chromium.org/216713003
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@260810 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
kPrivacyModeDisabled => PRIVACY_MODE_DISABLED
kPrivacyModeEnabled => PRIVACY_MODE_ENABLED
To match the chromium style guide:
Though the Google C++ Style Guide now says to use kConstantNaming for enums,
Chromium was written using MACRO_STYLE naming. Continue to use this style for consistency.
R=mef@chromium.org
Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=260281
Review URL: https://codereview.chromium.org/215023002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@260729 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(https://codereview.chromium.org/215023002/)
Reason for revert:
Broke build.
http://build.chromium.org/p/chromium.linux/builders/Linux%20Builder%20%28dbg%29/builds/71042/steps/compile/logs/stdio#error1
Original issue's description:
> Rename PrivateMode enum values:
>
> kPrivacyModeDisabled => PRIVACY_MODE_DISABLED
> kPrivacyModeEnabled => PRIVACY_MODE_ENABLED
>
> To match the chromium style guide:
>
> Though the Google C++ Style Guide now says to use kConstantNaming for enums,
> Chromium was written using MACRO_STYLE naming. Continue to use this style for consistency.
>
> R=mef@chromium.org
>
> Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=260281
TBR=mef@chromium.org,zea@chromium.org
NOTREECHECKS=true
NOTRY=true
Review URL: https://codereview.chromium.org/217053010
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@260296 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
kPrivacyModeDisabled => PRIVACY_MODE_DISABLED
kPrivacyModeEnabled => PRIVACY_MODE_ENABLED
To match the chromium style guide:
Though the Google C++ Style Guide now says to use kConstantNaming for enums,
Chromium was written using MACRO_STYLE naming. Continue to use this style for consistency.
R=mef@chromium.org
Review URL: https://codereview.chromium.org/215023002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@260281 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
| |
BUG=356338
Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=259303
Review URL: https://codereview.chromium.org/185773006
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@259537 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(https://codereview.chromium.org/185773006/)
Reason for revert:
Reverted by request from kareng. It breaks the continuous official tests.
../../net/tools/quic/quic_client_bin.cc: In function ‘int main(int, char**)’:
../../net/tools/quic/quic_client_bin.cc:76:67: error: no matching function for call to ‘net::QuicSessionKey::QuicSessionKey(std::string&, int32&, bool&)’
../../net/tools/quic/quic_client_bin.cc:76:67: note: candidates are:
../../net/quic/quic_session_key.h:23:3: note: net::QuicSessionKey::QuicSessionKey(const string&, uint16, bool, net::PrivacyMode)
../../net/quic/quic_session_key.h:23:3: note: candidate expects 4 arguments, 3 provided
../../net/quic/quic_session_key.h:20:3: note: net::QuicSessionKey::QuicSessionKey(const net::HostPortPair&, bool, net::PrivacyMode)
../../net/quic/quic_session_key.h:20:3: note: no known conversion for argument 1 from ‘std::string {aka std::basic_string<char>}’ to ‘const net::HostPortPair&’
../../net/quic/quic_session_key.h:19:3: note: net::QuicSessionKey::QuicSessionKey()
../../net/quic/quic_session_key.h:19:3: note: candidate expects 0 arguments, 3 provided
../../net/quic/quic_session_key.h:17:26: note: net::QuicSessionKey::QuicSessionKey(const net::QuicSessionKey&)
../../net/quic/quic_session_key.h:17:26: note: candidate expects 1 argument, 3 provided
Original issue's description:
> Add PrivacyMode support to the QuicStreamFactory.
>
> BUG=
>
> Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=259303
TBR=rtenneti@chromium.org,rch@chromium.org
NOTREECHECKS=true
NOTRY=true
BUG=
Review URL: https://codereview.chromium.org/211373004
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@259323 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
| |
BUG=
Review URL: https://codereview.chromium.org/185773006
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@259303 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
| |
QuicClientSessionBase to serve a similar purpose.
Review URL: https://codereview.chromium.org/207113002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@258847 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
| |
ProofVerifyContext is an abstract class that acts as a container for any
implementation specific context that a ProofVerifier needs.
Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=258618
Review URL: https://codereview.chromium.org/203903002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@258693 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(https://codereview.chromium.org/203903002/)
Reason for revert:
http://build.chromium.org/p/chromium.memory/builders/Linux%20ASan%2BLSan%20Tests%20%281%29/builds/647/steps/net_unittests/logs/stdio
Original issue's description:
> Add ProofVerifierContext struct to QUIC's ProofVerifier::VerifyProof
>
> ProofVerifyContext is an abstract class that acts as a container for any
> implementation specific context that a ProofVerifier needs.
>
> Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=258618
TBR=wtc@chromium.org,rtenneti@chromium.org
NOTREECHECKS=true
NOTRY=true
Review URL: https://codereview.chromium.org/208053007
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@258631 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
| |
ProofVerifyContext is an abstract class that acts as a container for any
implementation specific context that a ProofVerifier needs.
Review URL: https://codereview.chromium.org/203903002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@258618 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
| |
and into QuicClientSession (which is Chrome-specific).
Review URL: https://codereview.chromium.org/197873011
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@257667 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
server_hostname, while creating QuicClientSession,
QuicCryptoClientStream, QuicCryptoClientConfig, etc objects.
QuicSessionKey is used as the key to access QUIC server
config information from all caches (disk and memory caches).
On Disk cache, the key for accessing QUIC server information is the
flattened version (scheme://hostname:port) of QuicSession.
scheme would be either http or https until we support other schemes.
R=rch@chromium.org, wtc@chromium.org
Review URL: https://codereview.chromium.org/192583004
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@257272 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
headers.
Changes the way headers are delivered in QUIC from being the first bytes
on a stream, to being delivered as SPDY SYN_STREAM/SYN_REPLY frames on
a dedicated headers stream. This also creates QUIC_VERSION_13. Since
the intra-stream serialization format changes, it is not possible for a
client to handle a version negotiation across this boundary.
Merge internal change: 58313427
R=rch@chromium.org
Review URL: https://codereview.chromium.org/116513003
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@241682 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add convenience HighestPriority and LowestPriority methods to QuicUtils
Merge internal change: 58122394
https://codereview.chromium.org/112463003/
Change QUIC to only ack every other packet when there are no losses
within the last four received packets.
Merge internal change: 58111242
https://codereview.chromium.org/113123004/
Add a version() convenience method to ReliableQuicStream.
Merge internal change: 58110960
https://codereview.chromium.org/112273003/
Fix two tests that fail when FLAGS_enable_quic_pacing is enabled
Merge internal change: 58101756
https://codereview.chromium.org/115393003/
Remove deprecated flag FLAGS_pad_quic_handshake_packets.
Merge internal change: 58101024
https://codereview.chromium.org/114923007/
Remove the is_server argument from the QuicSession constructor.
In a previous CL, I removed this from TestSession, but I missed, that
it's an argument of the main QuicSession constructor.
Merge internal change: 58059515
https://codereview.chromium.org/102313005/
Fix QUIC's TCP style retransmission logic to only send a maximum of 2
packets per incoming ack instead of 10.
Merge internal change: 58059328
https://codereview.chromium.org/109993008/
Remove redundant |is_server| argument from TestSession and call the
connection's is_server() method instead.
Merge internal change: 58047118
https://codereview.chromium.org/110373004/
Minor cleanup of QUIC MockConnection and PacketSavingConnection
constructors.
Merge internal change: 58042657
https://codereview.chromium.org/114933003/
Cleanup in QUIC to merge the previous_transmissions_map in
QuicSentPacketManager with the unacked_packets map.
Merge internal change: 58011531
https://codereview.chromium.org/109323012/
R=rch@chromium.org
Review URL: https://codereview.chromium.org/115463002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@240972 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
VLOG(0) isn't any better than LOG(INFO), other than sneaking past PRESUBMIT.
> LOG(INFO) tidying in net/
>
> Some deletions, some to VLOG.
>
> R=rsleevi@chromium.org
> BUG=322805
>
> Review URL: https://codereview.chromium.org/82913011
TBR=scottmg@chromium.org
Review URL: https://codereview.chromium.org/86203003
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@237122 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
| |
Some deletions, some to VLOG.
R=rsleevi@chromium.org
BUG=322805
Review URL: https://codereview.chromium.org/82913011
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@237095 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
QUIC - manually sync'ing changes between chrome and internal source
code.
Refactorings to QuicCryptoServerConfig to allow for async quic client
hello validation.
Merge internal change: 56375103
- Remove the QuicConnectionPeer::GetCongestionManager method (can call
QuicConnection()::congestion_manager() directly now).
- Update a bunch of CongestionManager/SendAlgorithm methods to be const.
Merge internal change: 56361306
Change the QuicDispatcher to immediately put packets in time wait when
there is no version negotiation packet, instead of creating a new
session.
Merge internal change: 56353674
Add a new PacingSender which can be used to add pacing on top of an
existing QUIC sender.
Merge internal change: 56183480
Move StrikeRegisterClient to gfe/quic/crypto, so that
QuicCryptoServerConfig can depend on it. Implement a
StrikeRegisterClient that queries a local StrikeRegister.
See internal CL 56173502 for use cases.
Merge internal change: 56316281
R=rch@chromium.org
Review URL: https://codereview.chromium.org/75163007
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@235976 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixing a QUIC bug where public reset packets would only be sent for
null encrypted packets.
Merge internal change: 56125340
Implement TcpCubicSender::BandwidthEstimate to return CWND/SRTT, which
will be used as the basis for pacing.
Implements a currently unused method in the QUIC TCP implementation.
Merge internal change: 56109841
Add bandwidth limits and maximum packet queue size to the
PacketDroppingTestWriter for QUIC.
Merge internal change: 56104313
Change QUIC's TCP implementation to not reduce the congestion window
when multiple losses occur in a window.
Merge internal change: 56097813
Add flexibility to SimpleClient by exposing epoll_server(), fd() and
buffer_body() at the interface level. Affects tests only.
I need this for ustreamer load testing. The requirements there (like
slowing down the transfer) are divergent from internal server and it's
easier to implement them by talking to epoll directly.
Merge internal change: 56097002
Removing QUIC_VERSION_10 which had a longer NullEncryption hash length
of 16 bytes vs the new 12 bytes.
Merge internal change: 56033303
Change QUIC's minimum congestion window for TCP to 2*MSS, matching
RFC2582.
Merge internal change: 55999043
Request from avd@ in review of cl/55013562
Merge QuicConnection SendStreamData methods.
Merge internal change: 55985552
Replacing StringPiece with IOVector in QUIC's read and write paths.
QuicConnection on below, QUIC now trafficks in only IOVectors.
QuicStreamFrame now holds frame data in an IOVector instead of a
StringPiece.
Merge internal change: 55838620
Change order of operations in
QuicCryptoServerConfig::EvaluateClientHello so that:
- Local, syncrhonous operations can happen first.
- Validating the client nonce against the strike register only
happens when uniqueness must be established using the client
nonce.
- Server nonce is always used if it is present.
- A repeated server nonce triggers a replay protection failure even
if the client nonce is unique.
Resulting behavior is more correct: we used to allow handshakes that
had both a server nonce and client nonce to be repeated twice.
Merge internal change: 55930987
QUIC - Minor cleanup of the code to match the internal code.
Merge internal change: 55929037
Increase the minimum CHLO size from 512 bytes to 1024 bytes. Pad an
inchoate CHLO to fill up a packet.
On the server side, enforce the old minimum CHLO size of 512 bytes so
we can support old clients.
Merge internal change: 55881305
R=rch@chromium.org
Review URL: https://codereview.chromium.org/71143003
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@235006 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix a bug in the QuicFramer where the entropy genererator was not
being consulted when truncated acks were sent, causing an incorrect
entropy to be sent for truncated acks.
Merge internal change: 55879563
Add an optional initial RTT to the negotiation parameters to allow the
QUIC client to suggest an expected RTT to the server.
Merge internal change: 55792505
Changing DCHECKs to LOG(DFATAL) so we'll notice if they're occurring in
the running server/client.
Merge internal change: 55790448
Added a blank line per the change in the following CL which deleted
default-true flags.
Merge internal change: 55738366
Allow a REJ message to be twice as large as a CHLO message that doesn't
contain a valid source-address token.
message that doesn't contain a valid source-address token could be
twice as large as before.
Merge internal change: 55736193
Log OpenSSL errors when QUIC encryption fails.
Merge internal change: 55718465
Second version with improved tests and keeping the client and server
packet sizes identical to ensure the truncated ack detection works
correctly.
Merge internal change: 55651642
Hidden bug that uses ack_frame instead of stream_frame.
Merge internal change: 55648483
Move QuicCryptoServerConfig from crypto_server_config.{h,cc} to
quic_crypto_server_config.{h,cc} and move QuicCryptoClientConfig from
crypt_handshake.{h,cc} to quic_crypto_client_config.{h,cc} to be
consistent.
Merge internal change: 55644306
Ported IOVector unit tests (as part of porting the following CL).
Makes GFE's IOVector class copy-able. I am working on using IOVector
through QUIC's read and write paths, and it would be tremendously
helpful to have value-semantics for an IOVector object. Making it
copy-able was noted in joechan@'s TODO in the original IOVector code.
Merge internal change: 55509822
Cancel all pending alarms when the QUIC connection is closed.
Merge internal change: 55640997
Removed version 10 from supported versions.
Adding QUIC_VERSION_12 to optimize the Quic ack framing format to
reduce the size and better handle ranges of nacks, which should make
truncated acks virtually impossible. Also adding an explicit flag for
truncated acks and moving the ack outside of the connection close frame.
Merge internal change: 55594574
R=rch@chromium.org
Review URL: https://codereview.chromium.org/51313002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@232035 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix a bug in the quic_client where disconnecting and re-connecting would
re-use the same packet writer, and attempt to write to the same (now
closed) socket.
Merge internal change: 55509535
If the most significant byte of a QuicTag is 255 ('\xff'), print that
byte as a space rather than printing the QuicTag as a decimal number.
Add a unit test for QuicUtils::TagToString.
as "CRT " instead of its decimal value "4283716163".
Merge internal change: 55493160
Miscellaneous cleanup of the supported_versions CL.
Remove QuicVersionArrayToString. Replace the only
QuicVersionArrayToString call by QuicVersionVectorToString.
Add a protected supported_versions() getter method to QuicDispatcher
to allow access to supported_versions_ by derived classes of
QuicDispatcher.
Document the purpose of each combination of supported versions in
gfe/quic/end_to_end_test.cc.
"gfe2/quic_versions" and its value no longer has an extraneous comma
at the end. For example, "QUIC_VERSION_11,QUIC_VERSION_10" as opposed
to "QUIC_VERSION_11,QUIC_VERSION_10,"
Merge internal change: 55490062
Implement encoding and decoding of unsigned half precision floats in QUIC.
Merge internal change: 55454508
Annotate QUIC streams as server/client in DLOG output.
Merge internal change: 55419499
Expose methods for getting/setting the QUIC congestion manager's
congestion window value.
Merge internal change: 55416317
Return the unused server port once EndToEndTest has finished, to
reduce the chance PickUnusedPortOrDie will fail in the future.
Merge internal change: 55376533
This change hasn't been enabled in chromium.
Fix quic prober to use new QuicClient constructor which takes
QuicSupportedVersions as argument.
Merge internal change: 55353942
Change all QuicConfig constructors to DefaultQuicConfig.
Merge internal change: 55307326
Fixing TSAN warnings in the PacketDroppingTestWriter by adding a lock.
Merge internal change: 55234723
Fixing potential bugs with write blocking in QuicConnection.
Merge internal change: 55230366
Added back QuicVersionMax to fix borg TAP failures.
This is a temporary fix until until CL 55170273 lands.
Merge internal change: 55173927
Test server/client various combinations of supported versions.
- Fix to handle if chrome were to send VERSION 11 and GFE supports
version 10 and vice versa (fixes to setting of NULL decrypter).
Fixed unit tests to handle different packet sizes between 11 and
10 because of changes to Null encrypter/decrypter.
- Send version negotiation packet packet again (from server) if that
packet is dropped.
- Changed end_to_end_test.cc to configure the client to support
multiple versions and configure the server to support only one
version and vice versa.
- Moved QuicVersionMax and QuicVersonMin to quic_test_utils.cc.
Most of the bug fixes are from rch.
re-transmitting that packet again. Fixed bugs with server supporting
VERSION 10 and chrome negotiating down from 11 to 10. Added tests for
version negotiation and testing of various combinations of server and
client version negotiation.
Merge internal change: 55168938
Don't cast a uint32 to int32 then to a uint64. Seen in test logs:
I1018 11:55:44.626228 1775 packet_dropping_test_writer.cc:50] Seeding packet loss with -508765393
I1018 11:55:44.626275 1775 packet_dropping_test_writer.cc:50] Seeding packet loss with 631710332
Merge internal change: 55135280
R=rch@chromium.org
Review URL: https://codereview.chromium.org/47283002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@231296 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
| |
R=rch@chromium.org
Review URL: https://chromiumcodereview.appspot.com/19854002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@212770 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Implement the variable length changes necessary to easily accommodate
both the new STREAM framing format, as well as the existing format.
Merge internal change: 48567379
Stop storing two copies of the version (one in Connection, one in Framer),
instead only the Framer stores the version.
Merge internal change: 48452109
Cleaning up QuicPacketEntropyManager as part of an effort reduce
EndToEndTest::LargePostFEC flakiness, and avoid sending incorrect
entropy.
Merge internal change: 48443412
Enabling a handful of cert selection tests for secure QUIC
Merge internal change: 48306046
QUIC: support default certificates.
In the event that the client doesn't supply an SNI value but does request a
certificate, the server will use its default certificate.
Merge internal change: 48305575
Added more comments to QuicPacket{Public,Private}Flags enums.
Merge internal change: 48304472
R=rch@chromium.org
Review URL: https://chromiumcodereview.appspot.com/18497011
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@210324 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Merging changes from chromium CL - 16203007
Merge internal change: 48035020
Minor changes from review comments from CL 48035020.
Fix http://crbug.com/248737 where QuicSession::ConnectionClose
would DCHECK when attempting to close a stream that did not close
via ConnectionClose. Add regression test.
Merge internal change: 47988326
Added a helper method SetSelfAddress to set the real address.
Merge internal change: 47983053
Allow packets to be sent by the client when encryption is first established
without waiting for the handshake to be confirmed. Simply doing this made
the LargePost test flaky. To deal with *that* problem, I made two more
changes:
1) When setting up an RTO for an ENCRYPTION_NONE packet, do not
exponentially back off.
2) When an endpoint receives encrypted packets that can not be
decrypted buffer some of them and attempt to re-process them
when the endpoint moves to the next encryption level.
Merge internal change: 47934275
Fix grammatical errors in comments.
Merge internal change: 47877973
QUIC: allow replay protection to be configured.
Bandaid nodes can't run a shared strike-register (at least,
not without a lot of trouble) so would need different orbits
for each machine.
However, we'll be sending HTTP requests on the QUIC connection anyway - and
will be falling back to HTTP in the event of a failure. So there's no actual
security. Rather than burn round trips having the clients fetch new server
configs each time they talk to a new Bandaid machine, just disable replay
protection and give them all the same server config.
This change is the QUIC part of disabling replay protection. The GFE config
still remains to be done, as does the distribution of server configs to the
Bandaid machines.
Merge internal change: 47857583
Removing an unnecessary API from the quic stream sequencer, cleaning up
an obsolete GFE TODO. We propagate stream RSTs immediately
(via PropogateClose gfe-side) so no longer need to pull them from the
sequencer.
Merge internal change: 47848450
Minor cleanup change for SetNonce in StrikeRegisterTest per wtc's comments
in CL: https://codereview.chromium.org/15937012/
R=rch@chromium.org
Review URL: https://chromiumcodereview.appspot.com/17302002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@207016 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
| |
Review URL: https://chromiumcodereview.appspot.com/16126013
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@206913 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Make the FEC group optional by adding a flag to the private headers.
Merge internal change: 46979143
Merging changes from chromium CL - 15385004
Merge internal change: 46949614
Removing debug logging from RecordPacketReceived. Seems redundant to
log both when we actually receive and when we record it.
Merge internal change: 46934210
Logging crypto handshake as a DVLOG rather than DLOG as it hasn't
recently been needed to debug test failures.
Merge internal change: 46932247
Changing the quic test client to simply not return a stream if not connected.
This will hopefully turn server test check-failures into server test
failures.
Merge internal change: 46932163
QUIC: redo server nonces.
Previously, in order to cope with strike-register failures and client
clock-sync issues, the server could issue a server nonce to a client. This
meant that the server had to remember rejected handshakes so that the server
nonce could be matched up. With this change, QUIC servers no longer need to
keep track of rejected handshakes.
Instead of issuing and remembering nonces, a server will now encrypt them and
forget about them. When a server nonce is used to establish freshness for a
connection, it will be stored in a per-GFE strike-register. (This
strike-register is separate from the one used to process client nonces.)
Merge internal change: 46889484
Remove FEC_ENTROPY_FLAG from private flags. Now, FEC packet's entropy
flag contain the xor of entropies of the protected packets.
Merge internal change: 46889094
Limit the number of times we'll fast-retransmit a given packet using taildrop.
Merge internal change: 46754530
Added CommonCertSetsQUIC to anonymous namespace.
QUIC: cleanups round two.
* Make CommonCertSetsQUIC a Singleton to save on every Config having its own
copy.
* Rework server config expiry: previously it caused an error at client hello
send time. Now it will cause an error at REJ processing time but, if the
config expired after we cached it, we will act as if we didn't have a cached
server config.
* Invalidate the server config cache in the event of a client hello sending
failure. This will prevent a bad server config from being cached and poisoning
connection attempts for the lifetime of the cache.
* Fix a bug in the test code which failed to parse hex chunks in debugging
messages correctly. (Thanks to wtc for noticing.)
Merge internal change: 46742937
Merging changes from chromium - CL 15074007
Merge internal change: 46710932
Fix a bug in QuicSession's header compression behavior which could lead
to infinite loops.
Merge internal change: 46694681
Getting 5% our CPU usage back by not calculating SentBandwidth for the
tcp congestion control algorithm.
Added a TODO to improve that function since it's pretty abysmal: the
ToLargerUnits and Subtract overhead alone accounted for 4.5% of the cpu
in initial loadtest runs.
Merge internal change: 46608880
Adding support for truncated guids in QuicFramer.
Merge internal change: 46575819
using our latched write_blocked status to spare us useless system calls.
Merge internal change: 46573462
Fixing some crashing issues in the QUIC loadtest, where if a client ever
disconnects it never recovers, either crashing trying to create a stream
or crashing waiting for a response on a non-existant stream.
I'm not sure if we have the same problem for the http/https simple clients
but we definitely do for QUIC.
Merge internal change: 46562890
Merging changes from chromium - CL 14614006
Merge internal change: 46460427
Merging cleanup changes from chromium CL - 14651009
Merge internal change: 46457093
Fixing a test framework bug for quic: we were munging headers to do
https:// for insecure quic resulting in a 404 in the http-only service
map. Then disalbing the test since we don't advertise secure SPDY on
insecure QUIC.
Merge internal change: 46408400
Move QuicConfig from ssl_global_data to quic_dispatcher.cc. Initialize
using values from QuicConfigProto and use the max_time_before_crypto_handshake
to set the overall connection timeout before crypto handshake finishes.
Merge internal change: 46400649
QUIC: implement ChannelIDs.
We'll need this for HTTPS.
Merge internal change: 46396357
Deleted usage of scoped_ptr_openssl. Added TODO comments for porting
ChannelIDSigner and Verifier.
R=rch@chromium.org
Review URL: https://chromiumcodereview.appspot.com/15937012
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@203220 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use example.com as test hostname.
Merge internal change: 46048925
Only updating the time of last packet once we've done our best to verify packet validity.
Merge internal change: 46044184
Improve logging behavior in quic_connection.h.
Merge internal change: 46033559
Moving the public flags to the beginning of the header in preparation for variable length guids.
Merge internal change: 45980153
QUIC: change the GCM tag size to 12 bytes.
Merge internal change: 45973625
QUIC: add some crypto tests.
The client code tries to be correct, which can hamper some tests that wish to
send invalid requests.
This CL contains some utilities for constructing arbitrary handshake messages
and some tests that exercise the server crypto code.
Merge internal change: 45972782
Not allowing retransmissions to affect client timeouts. Fixes a serious
bug where if client vanishes and we have unacked packets, the connection
could live on forever.
Merge internal change: 45935953
Address wtc's comments on cl/44272981.
Merge internal change: 45917323
QUIC: don't CHECK when QUIC is enabled without any certificates loaded.
Without certificates we don't have any key material for the source-address
token nor server config and so QUIC isn't setup at server load time. However,
if QUIC is enabled anyway then it'll crash.
This change removes the CHECK and has every crypto handshake fail instead.
(I have tests for the recent SNI change pending, into which a test for this
will fall nicely, hopefully this afternoon. But I'm prioritising this change
for now rather than waiting for the test CL to land.)
Merge internal change: 45914344
Merging cleanup changes from chromium
Merge internal change: 45797529
QUIC: pad client hello messages and require padding on the server.
This reduces any amplification factor that an attacker might get from us. I've
picked a minimum size of 512 bytes out of thin air.
Satyam has a change pending that bumps the version to 2 so I've omitted that here.
Merge internal change: 45779287
QUIC: small fixes
* Don't send invalid SNIs as a client.
* Don't require an SNI as a server.
* Don't ignore client hello processing errors.
Merge internal change: 45774287
QUIC - set QUIC max stream per connections based on SNI.
Merge internal change: 45656436
- Enabled EndToEnd's Timeout unittest.
- Ported IsValidSNI and NormalizeHostname from internal code.
R=rch@chromium.org
Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=201501
Review URL: https://chromiumcodereview.appspot.com/15385004
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@201674 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Broke chromium.chrome build:
../../net/quic/test_tools/crypto_test_utils.cc:400:error: 'v' may be used uninitialized in this function
> Land Recent QUIC changes.
>
> Use example.com as test hostname.
>
> Merge internal change: 46048925
>
> Only updating the time of last packet once we've done our best to verify packet validity.
>
> Merge internal change: 46044184
>
> Improve logging behavior in quic_connection.h.
>
> Merge internal change: 46033559
>
> Moving the public flags to the beginning of the header in preparation for variable length guids.
>
> Merge internal change: 45980153
>
> QUIC: change the GCM tag size to 12 bytes.
>
> Merge internal change: 45973625
>
> QUIC: add some crypto tests.
>
> The client code tries to be correct, which can hamper some tests that wish to
> send invalid requests.
>
> This CL contains some utilities for constructing arbitrary handshake messages
> and some tests that exercise the server crypto code.
>
> Merge internal change: 45972782
>
> Not allowing retransmissions to affect client timeouts. Fixes a serious
> bug where if client vanishes and we have unacked packets, the connection
> could live on forever.
>
> Merge internal change: 45935953
>
> Address wtc's comments on cl/44272981.
>
> Merge internal change: 45917323
>
> QUIC: don't CHECK when QUIC is enabled without any certificates loaded.
>
> Without certificates we don't have any key material for the source-address
> token nor server config and so QUIC isn't setup at server load time. However,
> if QUIC is enabled anyway then it'll crash.
>
> This change removes the CHECK and has every crypto handshake fail instead.
>
> (I have tests for the recent SNI change pending, into which a test for this
> will fall nicely, hopefully this afternoon. But I'm prioritising this change
> for now rather than waiting for the test CL to land.)
>
> Merge internal change: 45914344
>
> Merging cleanup changes from chromium
>
> Merge internal change: 45797529
>
> QUIC: pad client hello messages and require padding on the server.
>
> This reduces any amplification factor that an attacker might get from us. I've
> picked a minimum size of 512 bytes out of thin air.
>
> Satyam has a change pending that bumps the version to 2 so I've omitted that here.
>
> Merge internal change: 45779287
>
> QUIC: small fixes
>
> * Don't send invalid SNIs as a client.
> * Don't require an SNI as a server.
> * Don't ignore client hello processing errors.
>
> Merge internal change: 45774287
>
> QUIC - set QUIC max stream per connections based on SNI.
>
> Merge internal change: 45656436
>
> - Enabled EndToEnd's Timeout unittest.
> - Ported IsValidSNI and NormalizeHostname from internal code.
>
> R=rch@chromium.org
>
> Review URL: https://chromiumcodereview.appspot.com/15385004
TBR=rtenneti@chromium.org
Review URL: https://codereview.chromium.org/15737008
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@201516 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use example.com as test hostname.
Merge internal change: 46048925
Only updating the time of last packet once we've done our best to verify packet validity.
Merge internal change: 46044184
Improve logging behavior in quic_connection.h.
Merge internal change: 46033559
Moving the public flags to the beginning of the header in preparation for variable length guids.
Merge internal change: 45980153
QUIC: change the GCM tag size to 12 bytes.
Merge internal change: 45973625
QUIC: add some crypto tests.
The client code tries to be correct, which can hamper some tests that wish to
send invalid requests.
This CL contains some utilities for constructing arbitrary handshake messages
and some tests that exercise the server crypto code.
Merge internal change: 45972782
Not allowing retransmissions to affect client timeouts. Fixes a serious
bug where if client vanishes and we have unacked packets, the connection
could live on forever.
Merge internal change: 45935953
Address wtc's comments on cl/44272981.
Merge internal change: 45917323
QUIC: don't CHECK when QUIC is enabled without any certificates loaded.
Without certificates we don't have any key material for the source-address
token nor server config and so QUIC isn't setup at server load time. However,
if QUIC is enabled anyway then it'll crash.
This change removes the CHECK and has every crypto handshake fail instead.
(I have tests for the recent SNI change pending, into which a test for this
will fall nicely, hopefully this afternoon. But I'm prioritising this change
for now rather than waiting for the test CL to land.)
Merge internal change: 45914344
Merging cleanup changes from chromium
Merge internal change: 45797529
QUIC: pad client hello messages and require padding on the server.
This reduces any amplification factor that an attacker might get from us. I've
picked a minimum size of 512 bytes out of thin air.
Satyam has a change pending that bumps the version to 2 so I've omitted that here.
Merge internal change: 45779287
QUIC: small fixes
* Don't send invalid SNIs as a client.
* Don't require an SNI as a server.
* Don't ignore client hello processing errors.
Merge internal change: 45774287
QUIC - set QUIC max stream per connections based on SNI.
Merge internal change: 45656436
- Enabled EndToEnd's Timeout unittest.
- Ported IsValidSNI and NormalizeHostname from internal code.
R=rch@chromium.org
Review URL: https://chromiumcodereview.appspot.com/15385004
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@201501 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Stop versioning non crypto parameters by SCFG. This enables the server
to send different values for these parameters for same SCFG.
As a consequence the server sends the negotiated (authoritative) values
of these parameters in SHLO.
Merge internal change: 45655201
QUIC: make several magic values configurable.
This is half a change. The other half needs to alter server and so
I'll put it in a different CL.
This makes four magic values from the server handshake into parameters
of the server config. A future CL will be able to have the server set
them from it's SSL config protobuf.
Merge internal change: 45622443
QUIC: don't request a proof if the client doesn't have a ProofVerifier.
In order to support cert-less operation, this change alters the client
to not request a proof from the server if it doesn't have a
ProofVerifier configured. Without a ProofVerifier, the client will
simply do opportunistic encryption.
Merge internal change: 45614800
* Stop processing if the current packet closed the connection.
* Close the connection if invalid RST packet received (consistent with
current behavior) -- UDP provides simple CRC.
Merge internal change: 45612040
Don't call ConnectionClose on ConnectionCloseFrame if visitor asked to
stop after processing ack frame.
Merge internal change: 45606025
Don't further process revived packet if visitor refuses the packet header.
Merge internal change: 45530388
Fix coding style nits.
Use "*sets" instead of "set" for arguments or variables of the
CommonCertSets type.
Merge internal change: 45523282
Added enum for write packet error.
Handling failed writes due to errors other than EAGAIN/EWOULDBLOCK I
don't know if this happens for us but might as well handle it.
Merge internal change: 45522400
Tear down the connection when there is a decompression error.
Merge internal change: 45521857
Bugfix infinite wait
Merge internal change: 45509285
Replaced number 3 with kSpdyVersion3.
Will work akalin to define and use SpdyMajorVersion enum and use it
everywhere.
This is a partial merge of internal change: 45485205
Removing an obselete TODO
Merge internal change: 45471987
Move QuicConfig out of QuicCryptoStream. The motivation behind this
change is to be able to select different values for QuicConfig
depending upon SNI (after we receive CHLO).
Merge internal change: 45434264
Limiting the number of FEC groups to 2
Merge internal change: 45425759
Closing connection on out of bounds packet.
Merge internal change: 45413532
Miscellaneous cleanup: add 'const', remove unneeded headers, and make
random minor fixes.
Document the CommonCertSets methods better.
Merge internal change: 45380570
Move FindMutualTag from CryptoUtils to QuicUtils. We will also use
this in version negotiation
Merge internal change: 45337156
Replacing CHECK-fails on address migration with graceful shutdown.
Added GetAddressFamily utility method. Added check for IPV4 in
WritePacket method QuicSocketUtils to copy the IPV4 self_address.
Merge internal change: 45306947
QUIC - Negotiate max open streams.
Added QuicClientSessionPeer to access QuicConfig in QuicClientSession.
Merge internal change: 45233402
Allow retransmitting packets that are retransmissions when we get trucated acks.
Merge internal change: 45233252
Reduce connection timeout till crypto handshake is finished to 1min.
Merge internal change: 45232483
R=rch@chromium.org
Review URL: https://chromiumcodereview.appspot.com/15074007
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@200519 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
QUIC: use QuicTag/QuicTagVector throughout.
crypto_protocol.h has had CryptoTag and CryptoTagVector. Then quic_protocol.h
got QuicVersionTag and QuicVersionTagList because it didn't want to depend on
crypto_protocol.h
This change uses a single QuicTag and QuicTagVector throughout the code,
including the crypto code.
Merge internal change: 45230337
QUIC: move random values to the beginning and the certifiate chain to the end.
jar suggested that the certificate chain should have a tag that will cause it
to be sorted at the end of any handshake messages because it's likely to be
large and the client might be able to get everything that it needs from the
small values at the beginning.
Likewise he argued that tags with random values should be towards the beginning
of the message because the server mightn't hold state for a rejected client
hello and therefore the client may have issues reassembling the rejection
message in the event that it sent two client hellos.
This change tweaks the tag values to achieve that ordering.
Merge internal change: 45228375
Removing obselete TODOs
Merge internal change: 45219448
Use the idle connection state timeout negotiated in crypto handshake.
Merge internal change: 45176251
QUIC: address wtc's followup comments on cl/44792710.
This change addresses wtc's comments on cl/44792710. There should be no
semantic differences.
Merge internal change: 45051718
QUIC - Fixed HasRetransmittableData enum to have the correct values.
Fixed comments from rch
Merge internal change: 45143336
Change the QUIC version number to a new value which is amenable to frequent i ncrementing.
Merge internal change: 45111687
QUIC: run clang-format over .../quic/crypto.
I ran:
for x in $(ls -1 *.cc *.h) ; do clang-format -i $x -style Google; echo $x;
done
And then used git add -p to manually review the changes. In the cases where I
didn't care, I went with what the tool produced.
Merge internal change: 45053104
QUIC: address wtc's followup comments on cl/44792710.
This change addresses wtc's comments on cl/44792710. There should be no
semantic differences.
Merge internal change: 45051718
Minor cleanup of ReliableQuicStreamTest output. Also change MockConnection to create a NiceMock version of the Helper to avoid annoying GMock messages.
Merge internal change: 45010564
QUIC: partly deflake EndToEndTest.LargePost
Since cl/44690884, some runs of this test have timed out. Everything
appears to be working ok, just not fast enough. It's possible that the
additional packet `losses' caused by decryption failures when we lose
the client hello are convincing the congestion control that the loss
rate is very high.
However, since I have a trip to NIST this week, this change removes the
flake by reverting a tiny part of cl/44690884.
Sadly there is another flake in the test which this CL doesn't fix.
Details in the bug.
Merge internal change: 45008247
Fix a bug in QUIC header compression handling where buffered headers were not handled properly.
Merge internal change: 45007035
QUIC: tiny test cleanup.
wtc suggested this in a post-submission comment.
Merge internal change: 44898354
QUIC: add expiry to server configs and have the GFE generate random server configs.
Server configs need an expiry because they are effectively certificates. This
change has the GFE generate server configs with the same expiry as the primary
certificate.
It also switches the GFE to generating random server configs at startup.
(Random in the sense of random keys and orbit values.)
Originally I wanted to have the server config persist over a restart and so
derived them, deterministically, from the primary, private key with a todo to
diversify the orbit. However, since we don't have any shared strike registers
at the moment that doesn't seem to be worth the complexity. Also, figuring out
how to diversify the orbit value in a per-GFE sense is really messy (include
the hostname? include the port? Which port?). So this CL goes for simple and
secure.
Merge internal change: 44898035
QUIC: use 24-bit lengths for public values.
If ideal lattices don't work out then we may end up with Diffie-Hellman public
values that are larger than 16-bits. (Hopefully not, but you never know.)
Merge internal change: 44897191
QUIC: have the client echo the server's nonce.
This reflects a comment from wtc previously that this would be a good idea.
Merge internal change: 44896699
QUIC: steps 12 and 13, forward secure mode.
Merge internal change: 44896363
Fix LOG(DFATAL) when client sends invalid stream frame with fin.
Merge internal change: 44871764
R=rch@chromium.org
Review URL: https://chromiumcodereview.appspot.com/14816006
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@199190 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Implement header compression/decompression in ReliableQuicStream.
Merge internal change: 44867738
QUIC: deflake proof_test.
The current proof_test removes a byte from the start of the signature in order
to make it invalid. However, the signature is a big-endian number and, ~1% of
the time, the first byte will be zero - thus removing it doesn't change the
number.
This change adds a non-zero byte to the start of the signature instead.
Merge internal change: 44803399
Replace calls to scoped_ptr(NULL) with calls to scoped_ptr().
Merge internal change: 44799980
Add a blank line in order to get the dependencies correct for rebuild.
Merge internal change: 44796024
Fix "large integer implicitly truncated to unsigned type"
Merge internal change: 44793986
QUIC: compress certificates.
This change causes server certificates to be compressed using three tricks:
1) The client can advertise sets of common certificates that the server can
then simply reference. This change contains "common certificate set 0",
which is the set of the intermediates used twice or more in the Alexa top
5000. It's temporary because it's missing GIAG2 which we'll want to
include soon.
2) The client can send 64-bit, FNV-1a hashes of certificates that it already
has and the server can reference them by hash.
3) Otherwise, certifciates are gzip compressed with a dictionary that
includes any certificates compressed using the previous two methods and a
1500 byte lump of common substrings. (Again, taken from the Alexa top 5000)
POKE=1
Merge internal change: 44792710
R=mnaganov@chromium.org, rch@chromium.org
Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=198736
Review URL: https://codereview.chromium.org/14651009
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@198793 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Caused compile failures on the "Google Chrome ChromeOS" builder:
cc1plus: warnings being treated as errors
net/quic/quic_utils.cc:14:error: integer constant is too large for 'unsigned long' type
net/quic/quic_utils.cc:15:error: integer constant is too large for 'unsigned long' type
make: *** [out/Release/obj.target/net/net/quic/quic_utils.o] Error 1
> Land Recent QUIC changes
>
> Implement header compression/decompression in ReliableQuicStream.
>
> Merge internal change: 44867738
>
>
> QUIC: deflake proof_test.
>
> The current proof_test removes a byte from the start of the signature in order
> to make it invalid. However, the signature is a big-endian number and, ~1% of
> the time, the first byte will be zero - thus removing it doesn't change the
> number.
>
> This change adds a non-zero byte to the start of the signature instead.
>
> Merge internal change: 44803399
>
> Replace calls to scoped_ptr(NULL) with calls to scoped_ptr().
>
> Merge internal change: 44799980
>
> Add a blank line in order to get the dependencies correct for rebuild.
>
> Merge internal change: 44796024
>
> Fix "large integer implicitly truncated to unsigned type"
>
> Merge internal change: 44793986
>
> QUIC: compress certificates.
>
> This change causes server certificates to be compressed using three tricks:
> 1) The client can advertise sets of common certificates that the server can
> then simply reference. This change contains "common certificate set 0",
> which is the set of the intermediates used twice or more in the Alexa top
> 5000. It's temporary because it's missing GIAG2 which we'll want to
> include soon.
> 2) The client can send 64-bit, FNV-1a hashes of certificates that it already
> has and the server can reference them by hash.
> 3) Otherwise, certifciates are gzip compressed with a dictionary that
> includes any certificates compressed using the previous two methods and a
> 1500 byte lump of common substrings. (Again, taken from the Alexa top 5000)
>
> POKE=1
>
> Merge internal change: 44792710
>
> R=rch@chromium.org
>
> Review URL: https://chromiumcodereview.appspot.com/14651009
TBR=rtenneti@chromium.org
Review URL: https://codereview.chromium.org/15018013
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@198764 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Implement header compression/decompression in ReliableQuicStream.
Merge internal change: 44867738
QUIC: deflake proof_test.
The current proof_test removes a byte from the start of the signature in order
to make it invalid. However, the signature is a big-endian number and, ~1% of
the time, the first byte will be zero - thus removing it doesn't change the
number.
This change adds a non-zero byte to the start of the signature instead.
Merge internal change: 44803399
Replace calls to scoped_ptr(NULL) with calls to scoped_ptr().
Merge internal change: 44799980
Add a blank line in order to get the dependencies correct for rebuild.
Merge internal change: 44796024
Fix "large integer implicitly truncated to unsigned type"
Merge internal change: 44793986
QUIC: compress certificates.
This change causes server certificates to be compressed using three tricks:
1) The client can advertise sets of common certificates that the server can
then simply reference. This change contains "common certificate set 0",
which is the set of the intermediates used twice or more in the Alexa top
5000. It's temporary because it's missing GIAG2 which we'll want to
include soon.
2) The client can send 64-bit, FNV-1a hashes of certificates that it already
has and the server can reference them by hash.
3) Otherwise, certifciates are gzip compressed with a dictionary that
includes any certificates compressed using the previous two methods and a
1500 byte lump of common substrings. (Again, taken from the Alexa top 5000)
POKE=1
Merge internal change: 44792710
R=rch@chromium.org
Review URL: https://chromiumcodereview.appspot.com/14651009
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@198736 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Alter the serialisation format of the crypto messages.
This changes the format of the crypto messages so that:
* We can cope with > 65K values in order to be robust to
post-quantum algorithms in the future.
* Rather than encoding lengths, we encode the offset one byte past the end of
the value. This allows an implementation to binary search the header
without having to do all the allocation and copying the we currently do.
Merge internal change: 44699015
Automated rollback of changelist 44685914.
Rollback: Bugfix infinite wait
Merge internal change: 44693957
QUIC: retransmit packets with the correct encryption.
This change does four things:
* Splits the concept of a completed handshake in two: when encryption is
established and when the server has confirmed the handshake. In order to do
0-RTT, we have to start sending after the first of those events.
* Retransmits packets using the same encryption level as they were sent with.
Without this, the loss of a client hello message is fatal to the connection
because it will be retransmitted under encryption and the server will never
be able to process it.
* Makes decryption failures an ignored error. This is needed because, if a
client hello message is lost, the subsequent packets will be encrypted and
the server won't have the decrypter to process them.
* Changes how decrypters are handled by the framer. A server now replaces its
decrypter completely - thus removing the NullDecrypter. The client now has
latching alternative decrypters which replace the primary decrypter when
used. This doesn't completely close the hole: the connection still needs to
worry about plaintext packets injected into the client.
This change does not implement the correct fallback for the server rejecting a
full client hello. It also doesn't implement a limit for the number of packets
that we'll send without the server confirming the handshake. I'm hoping that
rch can do that much more easily than I can!
Merge internal change: 44690884
R=rch@chromium.org
Review URL: https://chromiumcodereview.appspot.com/14718011
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@198099 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
| |
This is only enabled for Linux (so far).
BUG=115047
Review URL: https://chromiumcodereview.appspot.com/14696007
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@197788 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bugfix infinite wait
Merge internal change: 44685914
Some backports for chrome issue 12893018 Mostly cleaning up things for
chrome style.
Merge internal change: 44682570
rch: didn't merge the changes that make QuickClock an
interface. Cleaned up couple of things in chrome while merging the
changes.
Add behaviour in the framer that enables visitor to make the framer
stop proces sing a packet after the visitor processes a frame.
Merge internal change: 44615956
Fix the stream close behaviour to not try to close the stream once
again is the visitor closes the connection on Stream::OnClose.
Merge internal change: 44560671
Small changes to QUIC client.
Merge internal change: 44560573
Bug fix for entropy hash.
Merge internal change: 44524848
Minor formatting changes to match internal code.
Wire up delta_time_largest_observed_us in the ACK frames
Merge internal change: 44518617
Minor formatting changes to match internal code.
QUIC: step 9, certificate validation support.
Note that certificate validation is currently synchronous. However, I put it in
the crypto stream, rather than deeper in the crypto handshake code, so that the
client handshake loop is very near by and thus it should be easy to make it
asynchronous in the future.
I also trimmed the includes of crypto_protocol.h and stopped the MAKE_TAG
leaking out since preprocessor macros cannot be namespaced.
Merge internal change: 44509151
R=rch@chromium.org
Review URL: https://chromiumcodereview.appspot.com/14287009
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@196653 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
QUIC: step 8, server certificate support.
Merge internal change: 44460951
Returning early from framer callbacks on error.
Merge internal change: 44428665
Rename QUIC_VERSION_NOT_SUPPORTED to QUIC_CRYPTO_VERSION_NOT_SUPPORTED.
Merge internal change: 44422561
QUIC: split the server config into its own file.
This change moves QuicCryptoServerConfig into a separate file so that Chromium
need only link it into tests.
Merge internal change: 44397707
QUIC: remove ifs around error_details
They were never needed and clutter up the code.
Merge internal change: 44275147
QUIC: add tests for 0-RTT handshaking using strike-register.
This change fixes a couple of issues and adds a test that performs a 0-RTT
handshake.
Merge internal change: 44272981
R=rch@chromium.org
Review URL: https://codereview.chromium.org/14411004
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@195897 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
QUIC crypto: move config objects.
Currently the client and server configs are setup and torn-down for each
connection. Since they are supposed to be per-client and per-server objects,
this change makes them parameters that are passed into the connection
Merge internal change: 44269387
QUIC crypto steps 6 and 7: per-server strike register.
This change adds a per-server strike-register that allows the server to
complete 0-RTT connections if the client has enough information cached.
Due to the fact that the per-server and per-client objects
(QuicCryptoServerConfig and QuicCryptoClientConfig) are currently setup and
torn down for each connection, there's no tests in this change for a 0-RTT
handshake because we can't do one yet. The next change will move these objects
into the right place so that 0-RTT handshakes can be tested.
This change also reminded me why I had a server nonce: without it the server
cannot terminate any connections if the strike-register fails. So the server
nonce is firmly back.
Merge internal change: 44228897
R=rch@chromium.org
Review URL: https://codereview.chromium.org/13976007
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@194634 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
| |
string_piece.h was moved into base/strings/ in r191206 -
https://chromiumcodereview.appspot.com/12982018/
TBR=eroman@chromium.org,brettw@chromium.org
Review URL: https://codereview.chromium.org/14223008
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@194055 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Merge internal change: 44173744
Add default return to avoid crashing when we get an unknown
error code from the peer.
Merge internal change: 44160057
Fix incorrect DCHECK while serializing version negotiation
packet.
Merge internal change: 44156166
Reorder the addends in GetPacketHeaderSize to match the order
of the public header fields.
Merge internal change: 44153020
Changing retransmission and retransmittable data boolean flags
to enums.
Merge internal change: 44071662
Remove methods from QuicTime for converting to/from
microseconds and milliseconds since the epoch for QuicTime is
unspecified. (It wraps TimeTicks in Chromium).
Merge internal change: 44069965
Change InterArrival feedback message to traffic in delta since
the "start" of the connection instead of a delta since the epoch.
One step closer to being able to remove QuicTime::To/FromMicroseconds
since those methods don't "do the right thing".
Merge internal change: 44037996
Changing kForce into an enum.
Merge internal change: 44024887
Cleanups from landing P-256 key exchange in Chromium.
Merge internal change: 44023801
Fix for std::vector in QuicPacketPublicHeader's memory
corruption by memset.
Merge internal change: 44022862
Merging cleanup changes from chromium.
Merge internal change: 44009665
Plug in the new decrypter and encrypter after the new keys have
been derived.
This is a first cut, as some details on changing the encryption
keys still need to be worked out. Our interim solution is
permissive trial decryption, which allows the peer to encrypt
with the wrong key, either using the new key too early or using
the null key for too long. The latter will leak confidential
information, so we err on the side of using the new key too early.
WARNING: the interim solution protects against eavesdroppers, but
is vulberable to active attackers.
Merge internal change: 44006658
Start tracking server and client stream resets and export them
via varz.
Merge internal change: 43971847
Pull out RstStreamFrame error code from QuicErrorCode so that
they don't appear in the tracked ConnectionClose error map.
This will also help in tracking RstStream error codes separately.
Merge internal change: 43968620
Adding Client/Server logging to all LOGS/DLOGs Not bothering
with VLOGs/DVLOGS unless it's requested.
Merge internal change: 43948596
crypto: step 5.
This change implements source-address tokens at the server and has the client
echo them. Source address tokens are opaque (to the client) bytestrings that
prove ownership of an IP address. In order to prevent amplification attacks,
the server demands that the client have a valid source address token for the IP
address that it's claiming to come from and that the token is reasonably
recent.
Since we already have it implemented, this code uses AES-GCM to encrypt and
authenticate the tokens with a fixed, dummy secret (for now). In the future,
the secret will be derived from the primary, private key in the same way that
SessionTicket keys used to be.
The QuicEncrypter/Decrypter code was written to be quite specific to the task
of encrypting and decrypting packets and, as part of this, it exposed only 64
bits of the AEAD nonce.
Since all GFEs will share the same token secret, and they'll all create tokens
with random nonces, that runs an unacceptably high risk of an attacker
obtaining two tokens with the same nonce.
Thus this change also reworks the QuicEncrypter/Decrypter so that the full
nonce is exposed and thus we can use 96-bit nonces. That's still not completely
wonderful but, at 10Mpps an attacker would still take a year to obtain a pair
of nonces, so it's good enough for a while at least.
Merge internal change: 43893806
R=rch@chromium.org
Review URL: https://chromiumcodereview.appspot.com/13282004
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@191569 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Removed the tab characters.
Fixed review comments from rch.
R=rch@chromium.org
QUIC - pending changelist - Use static for congestion manager constants.
Merger internal change: 43867480
R=rch@chromium.org
QUIC - cleanup of stats
Merge internal change: 43864412
R=rch@chromium.org
QUIC - Add two new methods to QuicConnectionHelper to abstarct away differences between server and chromium.
Merge internal change: 43850438
R=rch@chromium.org
QUIC - Start tracking number of rejected connections and connection close.
Merge internal change: 43846131
R=rch@chromium.org
QUIC - Temporary work around for bug with server tests.
Merge internal change: 43845688
R=rch@chromium.org
QUIC - Bugfix; don't queue ConnectionClosePackets and don't process incoming packets if the connection is closed.
Merge internal change: 43813759
R=rch@chromium.org
QUIC - More cleanups
Merge internal change: 43805954
R=rch@chromium.org
QUIC Crypto - Change CryptoHandshakeMessage to a class.
Merge internal change: 43798895
R=rch@chromium.org, wtc@chromium.org
QUIC crypto: cleanup between steps 4 and 5.
Merge internal change: 43791096
R=rch@chromium.org, agl@chromium.org
QUIC crypto: steps 3 and 4 from the plan.
Merge internal change: 43787806
R=rch@chromium.org, agl@chromium.org
QUIC - Improved sendalarm accuracy
Merge internal change: 43785455
R=rch@chromium.org
Review URL: https://chromiumcodereview.appspot.com/12863007
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@190594 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Handle versioning by closing the connection on version mismatch for now.
Merge internal change: 43606997
Number of cleanups from landing recent crypto changes.
Merge internal change: 43606111
Added delta_time_largest_observed to ReceivedPacketInfo to calculate accurate RTT.
Merge internal change: 43582099
Implement server-side QUIC key expansion. The derived keys are still not being used yet.
TODO: Code is in crypto_test_utils needs to be enabled.
Merge internal change: 43570937
Added AbandoningPacket to congestion control to avoid issue with FEC.
Merge internal change: 43570099
Wait infinite (aka wait for next ack) is not handled correctly.
Merge internal change: 43558636
Enable faster stats for QUIC.
Merge internal change: 43557310
Implement QUIC key expansion on the client side. The keys are not being used yet.
Merge internal change: 43515237
Add missing quic_stats files.
Track some connection stats.
Merge internal change: 43506869
Fix bug in WriteQueuedPackets
Merge internal change: 43499600
Small comment change in crypto_handshake's ProcessServerHello method.
Merge internal change: 43448804
R=rch@chromium.org
BUG=
Review URL: https://chromiumcodereview.appspot.com/12806002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@188096 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
| |
Review URL: https://chromiumcodereview.appspot.com/12452007
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@187757 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
Remove the kAESH tag (AES CBC mode with HMAC) because we won't support it.
Merge internal change: 43418211
Get client to the point where it can do key agreement.
This small change completes allows the client to perform an anonymous DH
handshake. After this, plumbing the pre-master secret into the KDF and enabling
the encrypter/decrypter should Just Work.
More crypto handshake work.
This change brings back the non-crypto parts of the negotiation, outside of
crypto/.
Merge internal change: 43400046
More work on crypto handshake.
This change:
* Removes the rest of the non-crypto related parameters from crypto/.
* Enables actual key-negotiation on the server.
Next step is to enable the non-crypto parameters to be negotiated again.
Merge internal change: 43175686
Inform the congestion manager if a sent packet has data in it, or only acks. The TCP manager does not could ack-only packets against the congestion window.
Merge internal change: 43304285
R=rtenneti@chromium.org
BUG=
Review URL: https://chromiumcodereview.appspot.com/12559005
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@187000 0039d316-1c4b-4281-b951-d872f2087c98
|
