You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by ma...@apache.org on 2018/03/13 08:04:29 UTC
[trafficserver] branch quic-latest updated: Delay key driviation
until it's ready to do that
This is an automated email from the ASF dual-hosted git repository.
maskit pushed a commit to branch quic-latest
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/quic-latest by this push:
new 94263e8 Delay key driviation until it's ready to do that
94263e8 is described below
commit 94263e8967288676c1d3f16910a8cad9c9f2a16b
Author: Masakazu Kitajo <ma...@apache.org>
AuthorDate: Tue Mar 13 17:03:11 2018 +0900
Delay key driviation until it's ready to do that
---
iocore/net/quic/Mock.h | 6 ++++++
iocore/net/quic/QUICHandshake.cc | 2 +-
iocore/net/quic/QUICHandshakeProtocol.h | 1 +
iocore/net/quic/QUICTLS.cc | 6 ++++++
iocore/net/quic/QUICTLS.h | 1 +
iocore/net/quic/test/test_QUICHandshakeProtocol.cc | 2 --
iocore/net/quic/test/test_QUICLossDetector.cc | 4 ++--
iocore/net/quic/test/test_QUICPacket.cc | 6 +++---
iocore/net/quic/test/test_QUICPacketFactory.cc | 3 ++-
9 files changed, 22 insertions(+), 9 deletions(-)
diff --git a/iocore/net/quic/Mock.h b/iocore/net/quic/Mock.h
index 31a9fd4..2362561 100644
--- a/iocore/net/quic/Mock.h
+++ b/iocore/net/quic/Mock.h
@@ -476,6 +476,12 @@ public:
return true;
}
+ bool
+ is_ready_to_derive() const override
+ {
+ return true;
+ };
+
bool is_key_derived(QUICKeyPhase /* key_phase */) const override { return true; }
int
diff --git a/iocore/net/quic/QUICHandshake.cc b/iocore/net/quic/QUICHandshake.cc
index d71e8c4..428106a 100644
--- a/iocore/net/quic/QUICHandshake.cc
+++ b/iocore/net/quic/QUICHandshake.cc
@@ -464,7 +464,7 @@ QUICHandshake::_do_handshake(bool initial)
stream_io->write(out, out_len);
}
- if (!this->_hs_protocol->is_key_derived(QUICKeyPhase::PHASE_0)) {
+ if (!this->_hs_protocol->is_key_derived(QUICKeyPhase::PHASE_0) && this->_hs_protocol->is_ready_to_derive()) {
int res = this->_hs_protocol->update_key_materials();
if (res) {
QUICHSDebug("Keying Materials are exported");
diff --git a/iocore/net/quic/QUICHandshakeProtocol.h b/iocore/net/quic/QUICHandshakeProtocol.h
index 13c45a4..86412f4 100644
--- a/iocore/net/quic/QUICHandshakeProtocol.h
+++ b/iocore/net/quic/QUICHandshakeProtocol.h
@@ -51,6 +51,7 @@ public:
virtual int handshake(uint8_t *out, size_t &out_len, size_t max_out_len, const uint8_t *in, size_t in_len) = 0;
virtual bool is_handshake_finished() const = 0;
+ virtual bool is_ready_to_derive() const = 0;
virtual bool is_key_derived(QUICKeyPhase key_phase) const = 0;
virtual int initialize_key_materials(QUICConnectionId cid) = 0;
virtual int update_key_materials() = 0;
diff --git a/iocore/net/quic/QUICTLS.cc b/iocore/net/quic/QUICTLS.cc
index 4441260..74e8c46 100644
--- a/iocore/net/quic/QUICTLS.cc
+++ b/iocore/net/quic/QUICTLS.cc
@@ -150,6 +150,12 @@ QUICTLS::is_handshake_finished() const
}
bool
+QUICTLS::is_ready_to_derive() const
+{
+ return SSL_get_current_cipher(this->_ssl) != nullptr;
+}
+
+bool
QUICTLS::is_key_derived(QUICKeyPhase key_phase) const
{
if (key_phase == QUICKeyPhase::ZERORTT) {
diff --git a/iocore/net/quic/QUICTLS.h b/iocore/net/quic/QUICTLS.h
index 5de0dcc..20d1c61 100644
--- a/iocore/net/quic/QUICTLS.h
+++ b/iocore/net/quic/QUICTLS.h
@@ -45,6 +45,7 @@ public:
int handshake(uint8_t *out, size_t &out_len, size_t max_out_len, const uint8_t *in, size_t in_len) override;
bool is_handshake_finished() const override;
+ bool is_ready_to_derive() const override;
bool is_key_derived(QUICKeyPhase key_phase) const override;
int initialize_key_materials(QUICConnectionId cid) override;
int update_key_materials() override;
diff --git a/iocore/net/quic/test/test_QUICHandshakeProtocol.cc b/iocore/net/quic/test/test_QUICHandshakeProtocol.cc
index ccc17ef..3b51d87 100644
--- a/iocore/net/quic/test/test_QUICHandshakeProtocol.cc
+++ b/iocore/net/quic/test/test_QUICHandshakeProtocol.cc
@@ -102,8 +102,6 @@ verify_cookie_callback(SSL *ssl, const unsigned char *cookie, size_t cookie_len)
}
}
-
-
TEST_CASE("QUICHndshakeProtocol Cleartext", "[quic]")
{
// Client
diff --git a/iocore/net/quic/test/test_QUICLossDetector.cc b/iocore/net/quic/test/test_QUICLossDetector.cc
index 963be5f..3fbfbb3 100644
--- a/iocore/net/quic/test/test_QUICLossDetector.cc
+++ b/iocore/net/quic/test/test_QUICLossDetector.cc
@@ -54,8 +54,8 @@ TEST_CASE("QUICLossDetector_Loss", "[quic]")
ats_unique_buf payload = ats_unique_malloc(sizeof(raw));
memcpy(payload.get(), raw, sizeof(raw));
- QUICPacketHeaderUPtr header = QUICPacketHeader::build(QUICPacketType::HANDSHAKE, 0xffddbb9977553311ULL, 0x00000001, 0, 0x00112233,
- std::move(payload), sizeof(raw));
+ QUICPacketHeaderUPtr header = QUICPacketHeader::build(QUICPacketType::HANDSHAKE, 0xffddbb9977553311ULL, 0x00000001, 0,
+ 0x00112233, std::move(payload), sizeof(raw));
QUICPacketUPtr packet =
QUICPacketUPtr(new QUICPacket(std::move(header), std::move(payload), sizeof(raw), true), [](QUICPacket *p) { delete p; });
detector.on_packet_sent(std::move(packet));
diff --git a/iocore/net/quic/test/test_QUICPacket.cc b/iocore/net/quic/test/test_QUICPacket.cc
index d8bf64d..1d79ac2 100644
--- a/iocore/net/quic/test/test_QUICPacket.cc
+++ b/iocore/net/quic/test/test_QUICPacket.cc
@@ -37,7 +37,7 @@ TEST_CASE("QUICPacketHeader - Long", "[quic]")
0x00, 0x00, 0x00, 0x09, // Supported Version 1
};
- QUICPacketHeaderUPtr header = QUICPacketHeader::load({const_cast<uint8_t*>(input), [](void *p) {}}, sizeof(input), 0);
+ QUICPacketHeaderUPtr header = QUICPacketHeader::load({const_cast<uint8_t *>(input), [](void *p) {}}, sizeof(input), 0);
CHECK(header->size() == 13);
CHECK(header->packet_size() == 21);
CHECK(header->type() == QUICPacketType::VERSION_NEGOTIATION);
@@ -58,7 +58,7 @@ TEST_CASE("QUICPacketHeader - Long", "[quic]")
0xff, 0xff, // Payload (dummy)
};
- QUICPacketHeaderUPtr header = QUICPacketHeader::load({const_cast<uint8_t*>(input), [](void *p) {}}, sizeof(input), 0);
+ QUICPacketHeaderUPtr header = QUICPacketHeader::load({const_cast<uint8_t *>(input), [](void *p) {}}, sizeof(input), 0);
CHECK(header->size() == 17);
CHECK(header->packet_size() == 19);
CHECK(header->type() == QUICPacketType::INITIAL);
@@ -141,7 +141,7 @@ TEST_CASE("QUICPacketHeader - Short", "[quic]")
ats_unique_buf payload = ats_unique_malloc(5);
memcpy(payload.get(), expected + 13, 5);
QUICPacketHeaderUPtr header = QUICPacketHeader::build(QUICPacketType::PROTECTED, QUICKeyPhase::PHASE_0, 0x0102030405060708,
- 0x12345678, 0, std::move(payload), 32);
+ 0x12345678, 0, std::move(payload), 32);
CHECK(header->size() == 13);
CHECK(header->packet_size() == 0);
CHECK(header->has_key_phase() == true);
diff --git a/iocore/net/quic/test/test_QUICPacketFactory.cc b/iocore/net/quic/test/test_QUICPacketFactory.cc
index 853f436..4f84f2d 100644
--- a/iocore/net/quic/test/test_QUICPacketFactory.cc
+++ b/iocore/net/quic/test/test_QUICPacketFactory.cc
@@ -42,7 +42,8 @@ TEST_CASE("QUICPacketFactory_Create_VersionNegotiationPacket", "[quic]")
0x00 // Payload
};
- QUICPacketHeaderUPtr header = QUICPacketHeader::load({client_initial_packet_header, [](void *) {}}, sizeof(client_initial_packet_header), 0);
+ QUICPacketHeaderUPtr header =
+ QUICPacketHeader::load({client_initial_packet_header, [](void *) {}}, sizeof(client_initial_packet_header), 0);
QUICPacket client_initial_packet(std::move(header), ats_unique_buf(client_initial_packet_payload, [](void *) {}),
sizeof(client_initial_packet_payload), 0);
--
To stop receiving notification emails like this one, please contact
maskit@apache.org.