net/quic/core/crypto/quic_crypto_server_config.cc - Issue 2621793002: Landing Recent QUIC changes until Jan 6 14:42:13 2017

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/quic/core/crypto/quic_crypto_server_config.cc

Issue 2621793002: Landing Recent QUIC changes until Jan 6 14:42:13 2017 (Closed)

Patch Set: Created 3 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/quic/core/crypto/quic_crypto_server_config.cc

diff --git a/net/quic/core/crypto/quic_crypto_server_config.cc b/net/quic/core/crypto/quic_crypto_server_config.cc

index fa8df9c5d25606008c50e377636e6c5cf57e64fb..e012f2716c7c4b0338c889db68b5ee44ae0f4c93 100644

--- a/net/quic/core/crypto/quic_crypto_server_config.cc

+++ b/net/quic/core/crypto/quic_crypto_server_config.cc

@@ -774,8 +774,7 @@ void QuicCryptoServerConfig::ProcessClientHelloAfterGetProof(

use_stateless_rejects, server_designated_connection_id, rand,

compressed_certs_cache, params, *signed_config,

total_framing_overhead, chlo_packet_size, out.get());

- if (FLAGS_quic_reloadable_flag_quic_export_rej_for_all_rejects &&

- rejection_observer_ != nullptr) {

+ if (rejection_observer_ != nullptr) {

rejection_observer_->OnRejectionBuilt(info.reject_reasons, out.get());

}

helper.Succeed(std::move(out), std::move(out_diversification_nonce),

@@ -1327,7 +1326,9 @@ void QuicCryptoServerConfig::EvaluateClientHelloAfterGetProof(

info->reject_reasons.push_back(SERVER_CONFIG_UNKNOWN_CONFIG_FAILURE);

}

- if (!ValidateExpectedLeafCertificate(client_hello, *signed_config)) {

+ if (signed_config->chain != nullptr &&

+ !ValidateExpectedLeafCertificate(client_hello,

+ signed_config->chain->certs)) {

info->reject_reasons.push_back(INVALID_EXPECTED_LEAF_CERTIFICATE);

}

@@ -1986,8 +1987,8 @@ string QuicCryptoServerConfig::NewServerNonce(QuicRandom* rand,

bool QuicCryptoServerConfig::ValidateExpectedLeafCertificate(

const CryptoHandshakeMessage& client_hello,

- const QuicSignedServerConfig& signed_config) const {

- if (signed_config.chain->certs.empty()) {

+ const std::vector<string>& certs) const {

+ if (certs.empty()) {

return false;

}

@@ -1995,8 +1996,7 @@ bool QuicCryptoServerConfig::ValidateExpectedLeafCertificate(

if (client_hello.GetUint64(kXLCT, &hash_from_client) != QUIC_NO_ERROR) {

return false;

}

- return CryptoUtils::ComputeLeafCertHash(signed_config.chain->certs.at(0)) ==

- hash_from_client;

+ return CryptoUtils::ComputeLeafCertHash(certs.at(0)) == hash_from_client;

}

bool QuicCryptoServerConfig::ClientDemandsX509Proof(

« no previous file with comments | « net/quic/core/crypto/quic_crypto_server_config.h ('k') | net/quic/core/quic_crypto_server_stream_test.cc » ('j') | no next file with comments »