| Index: net/quic/quic_stream_factory.h
|
| diff --git a/net/quic/quic_stream_factory.h b/net/quic/quic_stream_factory.h
|
| index 4be260fcdde9eed1c3c6624513669875689844c4..e31e5de9e439338b330c4a78f48a8c2b6aa3d9bb 100644
|
| --- a/net/quic/quic_stream_factory.h
|
| +++ b/net/quic/quic_stream_factory.h
|
| @@ -185,6 +185,7 @@ class NET_EXPORT_PRIVATE QuicStreamFactory
|
| int idle_connection_timeout_seconds,
|
| bool migrate_sessions_on_network_change,
|
| bool migrate_sessions_early,
|
| + bool race_cert_verification,
|
| const QuicTagVector& connection_options,
|
| bool enable_token_binding);
|
| ~QuicStreamFactory() override;
|
| @@ -351,6 +352,7 @@ class NET_EXPORT_PRIVATE QuicStreamFactory
|
|
|
| private:
|
| class Job;
|
| + class CertVerifierJob;
|
| friend class test::QuicStreamFactoryPeer;
|
| FRIEND_TEST_ALL_PREFIXES(HttpStreamFactoryTest, QuicLossyProxyMarkedAsBad);
|
|
|
| @@ -368,6 +370,7 @@ class NET_EXPORT_PRIVATE QuicStreamFactory
|
| typedef std::map<QuicServerId, RequestSet> ServerIDRequestsMap;
|
| typedef std::deque<enum QuicChromiumClientSession::QuicDisabledReason>
|
| DisabledReasonsQueue;
|
| + typedef std::map<QuicServerId, CertVerifierJob*> CertVerifierJobMap;
|
|
|
| enum FactoryStatus {
|
| OPEN, // New streams may be created.
|
| @@ -387,8 +390,10 @@ class NET_EXPORT_PRIVATE QuicStreamFactory
|
|
|
| bool OnResolution(const QuicSessionKey& key, const AddressList& address_list);
|
| void OnJobComplete(Job* job, int rv);
|
| + void OnCertVerifyJobComplete(CertVerifierJob* job, int rv);
|
| bool HasActiveSession(const QuicServerId& server_id) const;
|
| bool HasActiveJob(const QuicServerId& server_id) const;
|
| + bool HasActiveCertVerifierJob(const QuicServerId& server_id) const;
|
| int CreateSession(const QuicSessionKey& key,
|
| int cert_verify_flags,
|
| std::unique_ptr<QuicServerInfo> quic_server_info,
|
| @@ -410,6 +415,12 @@ class NET_EXPORT_PRIVATE QuicStreamFactory
|
|
|
| bool CryptoConfigCacheIsEmpty(const QuicServerId& server_id);
|
|
|
| + // Starts an asynchronous job for cert verification if certs have to be
|
| + // verified.
|
| + void StartCertVerifyJob(const QuicServerId& server_id,
|
| + int cert_verify_flags,
|
| + const BoundNetLog& net_log);
|
| +
|
| // Initializes the cached state associated with |server_id| in
|
| // |crypto_config_| with the information in |server_info|. Populates
|
| // |connection_id| with the next server designated connection id,
|
| @@ -477,6 +488,8 @@ class NET_EXPORT_PRIVATE QuicStreamFactory
|
| ServerIDRequestsMap job_requests_map_;
|
| RequestMap active_requests_;
|
|
|
| + CertVerifierJobMap active_cert_verifier_jobs_;
|
| +
|
| QuicVersionVector supported_versions_;
|
|
|
| // Determine if we should consistently select a client UDP port. If false,
|
| @@ -559,6 +572,9 @@ class NET_EXPORT_PRIVATE QuicStreamFactory
|
| // experiences poor connectivity.
|
| const bool migrate_sessions_early_;
|
|
|
| + // Set if we do want to race cert verification with host resolution.
|
| + const bool race_cert_verification_;
|
| +
|
| // Each profile will (probably) have a unique port_seed_ value. This value
|
| // is used to help seed a pseudo-random number generator (PortSuggester) so
|
| // that we consistently (within this profile) suggest the same ephemeral
|
|
|
Chromium Code Reviews
Issue 2097123002:
QUIC - Race Cert Verification with host resolution if certs are (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master