Google Git
Sign in
fuchsia / fuchsia / refs/changes/62/478362/24
commite843114d7e01ab55707f9913be6e342717f40e06[log] [tgz]
authorDevon H. O'Dell <dhobsd@google.com>Fri Jan 29 15:32:28 2021 -0800
committerDevon H. O'Dell <dhobsd@google.com>Wed Feb 03 10:04:53 2021 -0800
tree496b8effc8861401db3389a78722eed347733d55
parent713634d75fd49cc0fff6e121c6050d6864dbbfe8 [diff]
[fuchsia-hyper] Add RFC8446 Appendix C.4 session cache

TLS 1.3 makes some large changes around how sessions are resumed. In
particular, tickets are no longer sent from the server in plaintext.
While the client does send these to the server in plaintext, section
4.6.1 of the RFC suggests servers send multiple tickets to the client.

One reason for this is to prevent tracking of client sessions. Because
client session tickets are sent in plain text, it is possible to know
which sessions are related. Clients that never reuse a session ticket
cannot be tracked in this fashion.

Although the default session storage implementation doesn't reuse
tickets (it uses the newest ticket supplied), it has some undesirable
properties:

 * It evicts tickets in an arbitrary order. When the capacity of the
 cache is full, the newest item may be the one evicted. This may return
 the original item, which diminishes privacy.
 * It only stores a single ticket, which prevents effective racing of
 TLS connections in a Happy Eyeballs implementation.
 * When a negotiation attempt fails, the ticket will be retried.

This change adds a `StoresClientSessions` implementation that solves
these issues. The cache is sized and LRU-managed. Because keyspace is
shared between TLS 1.3 and TLS 1.2 resumption information, insertion of
one where the other is present evicts all the rest. It is expected to be
unlikely to run into cases where a SN is served by native 1.3 and 1.2
servers, and that this will continue to be unlikelier.

The TLS 1.3 cache stores 6 tickets per subject name; this value is
derived from Appendix C.4, which suggests that this is an expected
concurrency level for HTTP/1.1 clients. This is also a reasonable number
of tickets to store from a Happy Eyeballs perspective, allowing
consumption of all 6 tickets within the "magical" 2 second window
defined-in and oft-cited-from [Miller68].

This change makes the new C.4 compliant cache the default for
fuchsia_hyper clients, and updates the httpsdate client library to use
this cache as well.

[Miller68]: https://dl.acm.org/doi/10.1145/1476589.1476628

Test: New unit tests, OTA tests, CQ, bogo test in upstream.
Fixed: 68871

Change-Id: Iffa78459c14a2e66f8be38f5c229bfce71afe8a9
5 files changed
tree: 496b8effc8861401db3389a78722eed347733d55
  1. boards/
  2. build/
  3. buildtools/
  4. bundles/
  5. docs/
  6. examples/
  7. garnet/
  8. products/
  9. scripts/
  10. sdk/
  11. src/
  12. third_party/
  13. tools/
  14. zircon/
  15. .clang-format
  16. .clang-tidy
  17. .git-blame-ignore-revs
  18. .gitattributes
  19. .gitignore
  20. .gn
  21. .style.yapf
  22. AUTHORS
  23. BUILD.gn
  24. CODE_OF_CONDUCT.md
  25. CONTRIBUTING.md
  26. LICENSE
  27. OWNERS
  28. PATENTS
  29. README.md
  30. rustfmt.toml
README.md

Fuchsia

Pink + Purple == Fuchsia (a new operating system)

What is Fuchsia?

Fuchsia is a modular, capability-based operating system. Fuchsia runs on modern 64-bit Intel and ARM processors.

Fuchsia is an open source project with a code of conduct that we expect everyone who interacts with the project to respect.

Read more about Fuchsia's principles.

How can I build and run Fuchsia?

See Getting Started.

Where can I learn more about Fuchsia?

See fuchsia.dev.