net/quic/crypto/quic_crypto_client_config.cc - Issue 2121383004: Add a bool demand_x509_proof argument to QuicCryptoClientConfig::FillInchoateClientHello to conditi…

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/quic/crypto/quic_crypto_client_config.cc

Issue 2121383004: Add a bool demand_x509_proof argument to QuicCryptoClientConfig::FillInchoateClientHello to conditi… (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@126002268

Patch Set: Created 4 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/quic/crypto/quic_crypto_client_config.cc

diff --git a/net/quic/crypto/quic_crypto_client_config.cc b/net/quic/crypto/quic_crypto_client_config.cc

index 53c60c2e805404c8bb58ac5dc417b8e10b3f3e2c..b31a73744e29a517fd2ac36da9fdaee495d4e04f 100644

--- a/net/quic/crypto/quic_crypto_client_config.cc

+++ b/net/quic/crypto/quic_crypto_client_config.cc

@@ -413,6 +413,7 @@ void QuicCryptoClientConfig::FillInchoateClientHello(

const QuicVersion preferred_version,

const CachedState* cached,

QuicRandom* rand,

+ bool demand_x509_proof,

QuicCryptoNegotiatedParameters* out_params,

CryptoHandshakeMessage* out) const {

out->set_tag(kCHLO);

@@ -429,10 +430,6 @@ void QuicCryptoClientConfig::FillInchoateClientHello(

out->SetStringPiece(kUAID, user_agent_id_);

}

- char proof_nonce[32];

- rand->RandBytes(proof_nonce, arraysize(proof_nonce));

- out->SetStringPiece(kNONP, StringPiece(proof_nonce, arraysize(proof_nonce)));

// Even though this is an inchoate CHLO, send the SCID so that

// the STK can be validated by the server.

const CryptoHandshakeMessage* scfg = cached->GetServerConfig();

@@ -447,6 +444,14 @@ void QuicCryptoClientConfig::FillInchoateClientHello(

out->SetStringPiece(kSourceAddressTokenTag, cached->source_address_token());

}

+ if (!demand_x509_proof) {

+ return;

+ }

+ char proof_nonce[32];

+ rand->RandBytes(proof_nonce, arraysize(proof_nonce));

+ out->SetStringPiece(kNONP, StringPiece(proof_nonce, arraysize(proof_nonce)));

if (disable_ecdsa_) {

out->SetVector(kPDMD, QuicTagVector{kX59R});

} else {

@@ -493,7 +498,7 @@ QuicErrorCode QuicCryptoClientConfig::FillClientHello(

DCHECK(error_details != nullptr);

FillInchoateClientHello(server_id, preferred_version, cached, rand,

- out_params, out);

+ /* demand_x509_proof= */ true, out_params, out);

const CryptoHandshakeMessage* scfg = cached->GetServerConfig();

if (!scfg) {

« no previous file with comments | « net/quic/crypto/quic_crypto_client_config.h ('k') | net/quic/crypto/quic_crypto_client_config_test.cc » ('j') | no next file with comments »