| Index: net/quic/quic_stream_factory.h
|
| diff --git a/net/quic/quic_stream_factory.h b/net/quic/quic_stream_factory.h
|
| index 2f014d1242105c7ca6459381dd2b78bda8c7f588..880e0a0be6fb83ec2a972669b38fba1637061933 100644
|
| --- a/net/quic/quic_stream_factory.h
|
| +++ b/net/quic/quic_stream_factory.h
|
| @@ -192,6 +192,7 @@ class NET_EXPORT_PRIVATE QuicStreamFactory
|
| int idle_connection_timeout_seconds,
|
| bool migrate_sessions_on_network_change,
|
| bool migrate_sessions_early,
|
| + bool race_cert_verification,
|
| const QuicTagVector& connection_options,
|
| bool enable_token_binding);
|
| ~QuicStreamFactory() override;
|
| @@ -364,6 +365,7 @@ class NET_EXPORT_PRIVATE QuicStreamFactory
|
|
|
| private:
|
| class Job;
|
| + class CertVerifierJob;
|
| friend class test::QuicStreamFactoryPeer;
|
| FRIEND_TEST_ALL_PREFIXES(HttpStreamFactoryTest, QuicLossyProxyMarkedAsBad);
|
|
|
| @@ -381,6 +383,8 @@ class NET_EXPORT_PRIVATE QuicStreamFactory
|
| typedef std::map<QuicServerId, RequestSet> ServerIDRequestsMap;
|
| typedef std::deque<enum QuicChromiumClientSession::QuicDisabledReason>
|
| DisabledReasonsQueue;
|
| + typedef std::map<QuicServerId, std::unique_ptr<CertVerifierJob>>
|
| + CertVerifierJobMap;
|
|
|
| enum FactoryStatus {
|
| OPEN, // New streams may be created.
|
| @@ -400,8 +404,10 @@ class NET_EXPORT_PRIVATE QuicStreamFactory
|
|
|
| bool OnResolution(const QuicSessionKey& key, const AddressList& address_list);
|
| void OnJobComplete(Job* job, int rv);
|
| + void OnCertVerifyJobComplete(CertVerifierJob* job, int rv);
|
| bool HasActiveSession(const QuicServerId& server_id) const;
|
| bool HasActiveJob(const QuicServerId& server_id) const;
|
| + bool HasActiveCertVerifierJob(const QuicServerId& server_id) const;
|
| int CreateSession(const QuicSessionKey& key,
|
| int cert_verify_flags,
|
| std::unique_ptr<QuicServerInfo> quic_server_info,
|
| @@ -423,6 +429,13 @@ class NET_EXPORT_PRIVATE QuicStreamFactory
|
|
|
| bool CryptoConfigCacheIsEmpty(const QuicServerId& server_id);
|
|
|
| + // Starts an asynchronous job for cert verification if
|
| + // |race_cert_verification_| is enabled and if there are cached certs for the
|
| + // given |server_id|.
|
| + QuicAsyncStatus StartCertVerifyJob(const QuicServerId& server_id,
|
| + int cert_verify_flags,
|
| + const BoundNetLog& net_log);
|
| +
|
| // Initializes the cached state associated with |server_id| in
|
| // |crypto_config_| with the information in |server_info|. Populates
|
| // |connection_id| with the next server designated connection id,
|
| @@ -490,6 +503,8 @@ class NET_EXPORT_PRIVATE QuicStreamFactory
|
| ServerIDRequestsMap job_requests_map_;
|
| RequestMap active_requests_;
|
|
|
| + CertVerifierJobMap active_cert_verifier_jobs_;
|
| +
|
| QuicVersionVector supported_versions_;
|
|
|
| // Determine if we should consistently select a client UDP port. If false,
|
| @@ -572,6 +587,9 @@ class NET_EXPORT_PRIVATE QuicStreamFactory
|
| // experiences poor connectivity.
|
| const bool migrate_sessions_early_;
|
|
|
| + // Set if cert verification is to be raced with host resolution.
|
| + bool race_cert_verification_;
|
| +
|
| // Each profile will (probably) have a unique port_seed_ value. This value
|
| // is used to help seed a pseudo-random number generator (PortSuggester) so
|
| // that we consistently (within this profile) suggest the same ephemeral
|
|
|
Chromium Code Reviews
Issue 2129263002:
Revert "Revert of QUIC - Race Cert Verification with host resolution if (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master