From 63921b6dcb2ab5600caf1730e962c991596bb477 Mon Sep 17 00:00:00 2001 From: Marten Seemann Date: Fri, 13 Mar 2020 17:17:28 +0700 Subject: [PATCH] qlog dropped encryption levels --- qlog/event.go | 14 ++++++++++++++ qlog/qlog.go | 16 ++++++++++++++++ qlog/qlog_test.go | 21 ++++++++++++++++++++- session.go | 3 +++ 4 files changed, 53 insertions(+), 1 deletion(-) diff --git a/qlog/event.go b/qlog/event.go index e4086a479..261c3ad0b 100644 --- a/qlog/event.go +++ b/qlog/event.go @@ -238,3 +238,17 @@ func (e eventKeyUpdated) MarshalJSONObject(enc *gojay.Encoder) { enc.StringKey("key_type", e.KeyType.String()) enc.Uint64KeyOmitEmpty("generation", uint64(e.Generation)) } + +type eventKeyRetired struct { + KeyType keyType + Generation protocol.KeyPhase +} + +func (e eventKeyRetired) Category() category { return categorySecurity } +func (e eventKeyRetired) Name() string { return "key_retired" } +func (e eventKeyRetired) IsNil() bool { return false } + +func (e eventKeyRetired) MarshalJSONObject(enc *gojay.Encoder) { + enc.StringKey("trigger", "tls") + enc.StringKey("key_type", e.KeyType.String()) +} diff --git a/qlog/qlog.go b/qlog/qlog.go index 47f33cde7..1b88b91f4 100644 --- a/qlog/qlog.go +++ b/qlog/qlog.go @@ -25,6 +25,7 @@ type Tracer interface { UpdatedPTOCount(time.Time, uint32) UpdatedKeyFromTLS(time.Time, protocol.EncryptionLevel, protocol.Perspective) UpdatedKey(t time.Time, generation protocol.KeyPhase, remote bool) + DroppedEncryptionLevel(time.Time, protocol.EncryptionLevel) } type tracer struct { @@ -210,3 +211,18 @@ func (t *tracer) UpdatedKey(time time.Time, generation protocol.KeyPhase, remote }, }) } + +func (t *tracer) DroppedEncryptionLevel(time time.Time, encLevel protocol.EncryptionLevel) { + t.events = append(t.events, event{ + Time: time, + eventDetails: eventKeyRetired{ + KeyType: encLevelToKeyType(encLevel, protocol.PerspectiveServer), + }, + }) + t.events = append(t.events, event{ + Time: time, + eventDetails: eventKeyRetired{ + KeyType: encLevelToKeyType(encLevel, protocol.PerspectiveClient), + }, + }) +} diff --git a/qlog/qlog_test.go b/qlog/qlog_test.go index 364171134..19941e006 100644 --- a/qlog/qlog_test.go +++ b/qlog/qlog_test.go @@ -328,7 +328,7 @@ var _ = Describe("Tracer", func() { Expect(ev).ToNot(HaveKey("new")) }) - It("records QUIC key udpates", func() { + It("records QUIC key updates", func() { now := time.Now() tracer.UpdatedKey(now, 1337, true) entries := exportAndParse() @@ -347,5 +347,24 @@ var _ = Describe("Tracer", func() { Expect(keyTypes).To(ContainElement("server_1rtt_secret")) Expect(keyTypes).To(ContainElement("client_1rtt_secret")) }) + + It("records dropped encryption levels", func() { + now := time.Now() + tracer.DroppedEncryptionLevel(now, protocol.EncryptionInitial) + entries := exportAndParse() + Expect(entries).To(HaveLen(2)) + var keyTypes []string + for _, entry := range entries { + Expect(entry.Time).To(BeTemporally("~", now, time.Millisecond)) + Expect(entry.Category).To(Equal("security")) + Expect(entry.Name).To(Equal("key_retired")) + ev := entry.Event + Expect(ev).To(HaveKeyWithValue("trigger", "tls")) + Expect(ev).To(HaveKey("key_type")) + keyTypes = append(keyTypes, ev["key_type"].(string)) + } + Expect(keyTypes).To(ContainElement("server_initial_secret")) + Expect(keyTypes).To(ContainElement("client_initial_secret")) + }) }) }) diff --git a/session.go b/session.go index 676fad353..41232920a 100644 --- a/session.go +++ b/session.go @@ -1167,6 +1167,9 @@ func (s *session) dropEncryptionLevel(encLevel protocol.EncryptionLevel) { } s.sentPacketHandler.DropPackets(encLevel) s.receivedPacketHandler.DropPackets(encLevel) + if s.qlogger != nil { + s.qlogger.DroppedEncryptionLevel(time.Now(), encLevel) + } } func (s *session) processTransportParameters(params *handshake.TransportParameters) {