add a logging event for dropping 1-RTT keys

2020-09-09 14:55:46 +07:00
parent 9e1d65f4c9
commit dbaacd49bd
9 changed files with 77 additions and 1 deletions
--- a/qlog/event.go
+++ b/qlog/event.go
@@ -322,8 +322,13 @@ func (e eventKeyRetired) Name() string       { return "key_retired" }
 func (e eventKeyRetired) IsNil() bool        { return false }

 func (e eventKeyRetired) MarshalJSONObject(enc *gojay.Encoder) {
-	enc.StringKey("trigger", "tls")
+	if e.KeyType != keyTypeClient1RTT && e.KeyType != keyTypeServer1RTT {
+		enc.StringKey("trigger", "tls")
+	}
 	enc.StringKey("key_type", e.KeyType.String())
+	if e.KeyType == keyTypeClient1RTT || e.KeyType == keyTypeServer1RTT {
+		enc.Uint64Key("generation", uint64(e.Generation))
+	}
 }

 type eventTransportParameters struct {
--- a/qlog/qlog.go
+++ b/qlog/qlog.go
@@ -365,6 +365,20 @@ func (t *connectionTracer) DroppedEncryptionLevel(encLevel protocol.EncryptionLe
 	t.mutex.Unlock()
 }

+func (t *connectionTracer) DroppedKey(generation protocol.KeyPhase) {
+	t.mutex.Lock()
+	now := time.Now()
+	t.recordEvent(now, &eventKeyRetired{
+		KeyType:    encLevelToKeyType(protocol.Encryption1RTT, protocol.PerspectiveServer),
+		Generation: generation,
+	})
+	t.recordEvent(now, &eventKeyRetired{
+		KeyType:    encLevelToKeyType(protocol.Encryption1RTT, protocol.PerspectiveClient),
+		Generation: generation,
+	})
+	t.mutex.Unlock()
+}
+
 func (t *connectionTracer) SetLossTimer(tt logging.TimerType, encLevel protocol.EncryptionLevel, timeout time.Time) {
 	t.mutex.Lock()
 	now := time.Now()
--- a/qlog/qlog_test.go
+++ b/qlog/qlog_test.go
@@ -611,6 +611,25 @@ var _ = Describe("Tracing", func() {
 				Expect(keyTypes).To(ContainElement("client_initial_secret"))
 			})

+			It("records dropped keys", func() {
+				tracer.DroppedKey(42)
+				entries := exportAndParse()
+				Expect(entries).To(HaveLen(2))
+				var keyTypes []string
+				for _, entry := range entries {
+					Expect(entry.Time).To(BeTemporally("~", time.Now(), scaleDuration(10*time.Millisecond)))
+					Expect(entry.Category).To(Equal("security"))
+					Expect(entry.Name).To(Equal("key_retired"))
+					ev := entry.Event
+					Expect(ev).To(HaveKeyWithValue("generation", float64(42)))
+					Expect(ev).ToNot(HaveKey("trigger"))
+					Expect(ev).To(HaveKey("key_type"))
+					keyTypes = append(keyTypes, ev["key_type"].(string))
+				}
+				Expect(keyTypes).To(ContainElement("server_1rtt_secret"))
+				Expect(keyTypes).To(ContainElement("client_1rtt_secret"))
+			})
+
 			It("records when the timer is set", func() {
 				timeout := time.Now().Add(137 * time.Millisecond)
 				tracer.SetLossTimer(logging.TimerTypePTO, protocol.EncryptionHandshake, timeout)