Provide valid port on HPKP reports for QUIC connections

net/quic/crypto/proof_verifier_chromium.cc

Index: net/quic/crypto/proof_verifier_chromium.cc
diff --git a/net/quic/crypto/proof_verifier_chromium.cc b/net/quic/crypto/proof_verifier_chromium.cc
index 6823550e9913a6ad1b5f6bec1173c321c2184bbf..70aa63cc2a91b890af915b19c08d7d051dc89a56 100644
--- a/net/quic/crypto/proof_verifier_chromium.cc
+++ b/net/quic/crypto/proof_verifier_chromium.cc
@@ -63,6 +63,7 @@ class ProofVerifierChromium::Job {
   // Starts the proof verification.  If |QUIC_PENDING| is returned, then
   // |callback| will be invoked asynchronously when the verification completes.
   QuicAsyncStatus VerifyProof(const std::string& hostname,
+                              const uint16_t port,
                               const std::string& server_config,
                               const std::vector<std::string>& certs,
                               const std::string& cert_sct,
@@ -102,6 +103,7 @@ class ProofVerifierChromium::Job {
 
   // |hostname| specifies the hostname for which |certs| is a valid chain.
   std::string hostname_;
+  uint16_t port_;

[estark, 2016/03/14 20:13:58]

Please add a comment on this similar to line 104.

 
   scoped_ptr<ProofVerifierCallback> callback_;
   scoped_ptr<ProofVerifyDetailsChromium> verify_details_;
@@ -154,6 +156,7 @@ ProofVerifierChromium::Job::~Job() {
 
 QuicAsyncStatus ProofVerifierChromium::Job::VerifyProof(
     const string& hostname,
+    const uint16_t port,
     const string& server_config,
     const vector<string>& certs,
     const std::string& cert_sct,
@@ -217,6 +220,7 @@ QuicAsyncStatus ProofVerifierChromium::Job::VerifyProof(
   }
 
   hostname_ = hostname;
+  port_ = port;
 
   next_state_ = STATE_VERIFY_CERT;
   switch (DoLoop(OK)) {
@@ -316,12 +320,11 @@ int ProofVerifierChromium::Job::DoVerifyCertComplete(int result) {
             verify_details_->ct_verify_result.verified_scts, net_log_);
   }
 
-  // TODO(estark): replace 0 below with the port of the connection.
   if (transport_security_state_ &&
       (result == OK ||
        (IsCertificateError(result) && IsCertStatusMinorError(cert_status))) &&
       !transport_security_state_->CheckPublicKeyPins(
-          HostPortPair(hostname_, 0),
+          HostPortPair(hostname_, port_),
           cert_verify_result.is_issued_by_known_root,
           cert_verify_result.public_key_hashes, cert_.get(),
           cert_verify_result.verified_cert.get(),
@@ -414,6 +417,7 @@ ProofVerifierChromium::~ProofVerifierChromium() {
 
 QuicAsyncStatus ProofVerifierChromium::VerifyProof(
     const std::string& hostname,
+    const uint16_t port,
     const std::string& server_config,
     const std::vector<std::string>& certs,
     const std::string& cert_sct,
@@ -433,8 +437,8 @@ QuicAsyncStatus ProofVerifierChromium::VerifyProof(
               transport_security_state_, cert_transparency_verifier_,
               chromium_context->cert_verify_flags, chromium_context->net_log));
   QuicAsyncStatus status =
-      job->VerifyProof(hostname, server_config, certs, cert_sct, signature,
-                       error_details, verify_details, callback);
+      job->VerifyProof(hostname, port, server_config, certs, cert_sct,
+                       signature, error_details, verify_details, callback);
   if (status == QUIC_PENDING) {
     active_jobs_.insert(job.release());
   }