QUIC - Race Cert Verification with host resolution if certs are

net/quic/crypto/proof_verifier_chromium.cc

Index: net/quic/crypto/proof_verifier_chromium.cc
diff --git a/net/quic/crypto/proof_verifier_chromium.cc b/net/quic/crypto/proof_verifier_chromium.cc
index 096374a747255b451000cf3afccf034083a13368..965410db1137dc9f75595e5fcb782b9b78d2aeee 100644
--- a/net/quic/crypto/proof_verifier_chromium.cc
+++ b/net/quic/crypto/proof_verifier_chromium.cc
@@ -228,7 +228,8 @@ QuicAsyncStatus ProofVerifierChromium::Job::VerifyProof(
 
   // We call VerifySignature first to avoid copying of server_config and
   // signature.
-  if (!VerifySignature(server_config, quic_version, chlo_hash, signature,
+  if (!signature.empty() &&

[ramant (doing other things), 2016/07/06 15:27:18]

Hi Ryan,
  Is it better to pass "verify_cert_only" as a param to ProofVerify and skip the
signature check if "verify_cert_only" argument is true?

thanks
raman

[Ryan Hamilton, 2016/07/07 00:24:36]

Yeah, I think being more explicit would be better. It seems like this code might
allow for the server to supply an empty signature and that would trick the
verifier into accepting it.

[ramant (doing other things), 2016/07/07 16:18:20]

Added a new method.

+      !VerifySignature(server_config, quic_version, chlo_hash, signature,
                        certs[0])) {
     *error_details = "Failed to verify signature of server config";
     DLOG(WARNING) << *error_details;