Index: net/quic/core/crypto/quic_crypto_server_config.cc |
diff --git a/net/quic/core/crypto/quic_crypto_server_config.cc b/net/quic/core/crypto/quic_crypto_server_config.cc |
index 543a7debd6758e39c7a2f25de4225bdc6755c818..dcc925f3920ca14b2a86b635bc7779a2df15a265 100644 |
--- a/net/quic/core/crypto/quic_crypto_server_config.cc |
+++ b/net/quic/core/crypto/quic_crypto_server_config.cc |
@@ -744,6 +744,7 @@ void QuicCryptoServerConfig::ProcessClientHello( |
DCHECK(proof_source_.get()); |
string chlo_hash; |
CryptoUtils::HashHandshakeMessage(client_hello, &chlo_hash); |
+ |
// No need to get a new proof if one was already generated. |
if (!crypto_proof->chain) { |
const QuicTag* tag_ptr; |
@@ -1576,6 +1577,12 @@ void QuicCryptoServerConfig::BuildServerConfigUpdateMessage( |
this, version, compressed_certs_cache, common_cert_sets, params, |
std::move(message), std::move(cb))); |
+ // Note: We unconditionally use the async variant of GetProof here, unlike |
+ // elsewhere in this file where we check for the kSYNC tag in the CHLO for the |
+ // connection before deciding. This call is not in the critical serving path, |
+ // and so should not have much impact on the experiments associated with that |
+ // tag (plus it would be a chore to plumb information about the tag down to |
+ // here). |
proof_source_->GetProof(server_ip, params.sni, serialized, version, chlo_hash, |
connection_options, std::move(proof_source_cb)); |
} |