Clang format slam.

net/quic/crypto/quic_crypto_server_config.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/quic/crypto/quic_crypto_server_config.h"
 
 #include <stdlib.h>
 #include <algorithm>
 
 #include "base/stl_util.h"
@@ skipping 70 matching lines @@
   StringPiece client_nonce;
   StringPiece server_nonce;
 };
 
 struct ValidateClientHelloResultCallback::Result {
   Result(const CryptoHandshakeMessage& in_client_hello,
          IPEndPoint in_client_ip,
          QuicWallTime in_now)
       : client_hello(in_client_hello),
         info(in_client_ip, in_now),
-        error_code(QUIC_NO_ERROR) {
-  }
+        error_code(QUIC_NO_ERROR) {}
 
   CryptoHandshakeMessage client_hello;
   ClientHelloInfo info;
   QuicErrorCode error_code;
   string error_details;
 };
 
 class ValidateClientHelloHelper {
  public:
   ValidateClientHelloHelper(ValidateClientHelloResultCallback::Result* result,
                             ValidateClientHelloResultCallback* done_cb)
-      : result_(result), done_cb_(done_cb) {
-  }
+      : result_(result), done_cb_(done_cb) {}
 
   ~ValidateClientHelloHelper() {
     LOG_IF(DFATAL, done_cb_ != NULL)
         << "Deleting ValidateClientHelloHelper with a pending callback.";
   }
 
   void ValidationComplete(QuicErrorCode error_code, const char* error_details) {
     result_->error_code = error_code;
     result_->error_details = error_details;
     done_cb_->Run(result_);
     DetachCallback();
   }
 
-  void StartedAsyncCallback() {
-    DetachCallback();
-  }
+  void StartedAsyncCallback() { DetachCallback(); }
 
  private:
   void DetachCallback() {
     LOG_IF(DFATAL, done_cb_ == NULL) << "Callback already detached.";
     done_cb_ = NULL;
   }
 
   ValidateClientHelloResultCallback::Result* result_;
   ValidateClientHelloResultCallback* done_cb_;
 
   DISALLOW_COPY_AND_ASSIGN(ValidateClientHelloHelper);
 };
 
 class VerifyNonceIsValidAndUniqueCallback
     : public StrikeRegisterClient::ResultCallback {
  public:
   VerifyNonceIsValidAndUniqueCallback(
       ValidateClientHelloResultCallback::Result* result,
       ValidateClientHelloResultCallback* done_cb)
-      : result_(result), done_cb_(done_cb) {
-  }
+      : result_(result), done_cb_(done_cb) {}
 
  protected:
   virtual void RunImpl(bool nonce_is_valid_and_unique) OVERRIDE {
     DVLOG(1) << "Using client nonce, unique: " << nonce_is_valid_and_unique;
     result_->info.unique = nonce_is_valid_and_unique;
     done_cb_->Run(result_);
   }
 
  private:
   ValidateClientHelloResultCallback::Result* result_;
@@ skipping 19 matching lines @@
 
 void ValidateClientHelloResultCallback::Run(const Result* result) {
   RunImpl(result->client_hello, *result);
   delete result;
   delete this;
 }
 
 QuicCryptoServerConfig::ConfigOptions::ConfigOptions()
     : expiry_time(QuicWallTime::Zero()),
       channel_id_enabled(false),
-      p256(false) {}
+      p256(false) {
+}
 
 QuicCryptoServerConfig::QuicCryptoServerConfig(
     StringPiece source_address_token_secret,
     QuicRandom* rand)
     : replay_protection_(true),
       configs_lock_(),
       primary_config_(NULL),
       next_config_promotion_time_(QuicWallTime::Zero()),
       server_nonce_strike_register_lock_(),
       strike_register_no_startup_period_(false),
@@ skipping 169 matching lines @@
   return AddConfig(config.get(), clock->WallNow());
 }
 
 bool QuicCryptoServerConfig::SetConfigs(
     const vector<QuicServerConfigProtobuf*>& protobufs,
     const QuicWallTime now) {
   vector<scoped_refptr<Config> > parsed_configs;
   bool ok = true;
 
   for (vector<QuicServerConfigProtobuf*>::const_iterator i = protobufs.begin();
-       i != protobufs.end(); ++i) {
+       i != protobufs.end();
+       ++i) {
     scoped_refptr<Config> config(ParseConfigProtobuf(*i));
     if (!config.get()) {
       ok = false;
       break;
     }
 
     parsed_configs.push_back(config);
   }
 
   if (parsed_configs.empty()) {
     LOG(WARNING) << "New config list is empty.";
     ok = false;
   }
 
   if (!ok) {
     LOG(WARNING) << "Rejecting QUIC configs because of above errors";
   } else {
     VLOG(1) << "Updating configs:";
 
     base::AutoLock locked(configs_lock_);
     ConfigMap new_configs;
 
     for (vector<scoped_refptr<Config> >::const_iterator i =
              parsed_configs.begin();
-         i != parsed_configs.end(); ++i) {
+         i != parsed_configs.end();
+         ++i) {
       scoped_refptr<Config> config = *i;
 
       ConfigMap::iterator it = configs_.find(config->id);
       if (it != configs_.end()) {
-        VLOG(1)
-            << "Keeping scid: " << base::HexEncode(
-                config->id.data(), config->id.size())
-            << " orbit: " << base::HexEncode(
-                reinterpret_cast<const char *>(config->orbit), kOrbitSize)
-            << " new primary_time " << config->primary_time.ToUNIXSeconds()
-            << " old primary_time " << it->second->primary_time.ToUNIXSeconds()
-            << " new priority " << config->priority
-            << " old priority " << it->second->priority;
+        VLOG(1) << "Keeping scid: "
+                << base::HexEncode(config->id.data(), config->id.size())
+                << " orbit: "
+                << base::HexEncode(reinterpret_cast<const char*>(config->orbit),
+                                   kOrbitSize) << " new primary_time "
+                << config->primary_time.ToUNIXSeconds() << " old primary_time "
+                << it->second->primary_time.ToUNIXSeconds() << " new priority "
+                << config->priority << " old priority " << it->second->priority;
         // Update primary_time and priority.
         it->second->primary_time = config->primary_time;
         it->second->priority = config->priority;
         new_configs.insert(*it);
       } else {
-        VLOG(1) << "Adding scid: " << base::HexEncode(
-                    config->id.data(), config->id.size())
-                << " orbit: " << base::HexEncode(
-                    reinterpret_cast<const char *>(config->orbit), kOrbitSize)
-                << " primary_time " << config->primary_time.ToUNIXSeconds()
-                << " priority " << config->priority;
+        VLOG(1) << "Adding scid: "
+                << base::HexEncode(config->id.data(), config->id.size())
+                << " orbit: "
+                << base::HexEncode(reinterpret_cast<const char*>(config->orbit),
+                                   kOrbitSize) << " primary_time "
+                << config->primary_time.ToUNIXSeconds() << " priority "
+                << config->priority;
         new_configs.insert(make_pair(config->id, config));
       }
     }
 
     configs_.swap(new_configs);
     SelectNewPrimaryConfig(now);
     DCHECK(primary_config_);
     DCHECK_EQ(configs_.find(primary_config_->id)->second, primary_config_);
   }
 
   return ok;
 }
 
 void QuicCryptoServerConfig::GetConfigIds(vector<string>* scids) const {
   base::AutoLock locked(configs_lock_);
-  for (ConfigMap::const_iterator it = configs_.begin();
-       it != configs_.end(); ++it) {
+  for (ConfigMap::const_iterator it = configs_.begin(); it != configs_.end();
+       ++it) {
     scids->push_back(it->first);
   }
 }
 
 void QuicCryptoServerConfig::ValidateClientHello(
     const CryptoHandshakeMessage& client_hello,
     IPEndPoint client_ip,
     const QuicClock* clock,
     ValidateClientHelloResultCallback* done_cb) const {
   const QuicWallTime now(clock->WallNow());
@@ skipping 36 matching lines @@
 
 QuicErrorCode QuicCryptoServerConfig::ProcessClientHello(
     const ValidateClientHelloResultCallback::Result& validate_chlo_result,
     QuicConnectionId connection_id,
     IPEndPoint client_address,
     QuicVersion version,
     const QuicVersionVector& supported_versions,
     uint32 initial_flow_control_window_bytes,
     const QuicClock* clock,
     QuicRandom* rand,
-    QuicCryptoNegotiatedParameters *params,
+    QuicCryptoNegotiatedParameters* params,
     CryptoHandshakeMessage* out,
     string* error_details) const {
   DCHECK(error_details);
 
   const CryptoHandshakeMessage& client_hello =
       validate_chlo_result.client_hello;
   const ClientHelloInfo& info = validate_chlo_result.info;
 
   // If the client's preferred version is not the version we are currently
   // speaking, then the client went through a version negotiation.  In this
@@ skipping 46 matching lines @@
     requested_config = GetConfigWithScid(requested_scid);
   }
 
   if (validate_chlo_result.error_code != QUIC_NO_ERROR) {
     *error_details = validate_chlo_result.error_details;
     return validate_chlo_result.error_code;
   }
 
   out->Clear();
 
-  if (!info.valid_source_address_token ||
-      !info.client_nonce_well_formed ||
-      !info.unique ||
-      !requested_config.get()) {
+  if (!info.valid_source_address_token || !info.client_nonce_well_formed ||
+      !info.unique || !requested_config.get()) {
     BuildRejection(*primary_config, client_hello, info, rand, out);
     return QUIC_NO_ERROR;
   }
 
   const QuicTag* their_aeads;
   const QuicTag* their_key_exchanges;
   size_t num_their_aeads, num_their_key_exchanges;
-  if (client_hello.GetTaglist(kAEAD, &their_aeads,
-                              &num_their_aeads) != QUIC_NO_ERROR ||
-      client_hello.GetTaglist(kKEXS, &their_key_exchanges,
+  if (client_hello.GetTaglist(kAEAD, &their_aeads, &num_their_aeads) !=
+          QUIC_NO_ERROR ||
+      client_hello.GetTaglist(kKEXS,
+                              &their_key_exchanges,
                               &num_their_key_exchanges) != QUIC_NO_ERROR ||
-      num_their_aeads != 1 ||
-      num_their_key_exchanges != 1) {
+      num_their_aeads != 1 || num_their_key_exchanges != 1) {
     *error_details = "Missing or invalid AEAD or KEXS";
     return QUIC_INVALID_CRYPTO_MESSAGE_PARAMETER;
   }
 
   size_t key_exchange_index;
-  if (!QuicUtils::FindMutualTag(requested_config->aead, their_aeads,
-                                num_their_aeads, QuicUtils::LOCAL_PRIORITY,
-                                &params->aead, NULL) ||
-      !QuicUtils::FindMutualTag(
-          requested_config->kexs, their_key_exchanges, num_their_key_exchanges,
-          QuicUtils::LOCAL_PRIORITY, &params->key_exchange,
-          &key_exchange_index)) {
+  if (!QuicUtils::FindMutualTag(requested_config->aead,
+                                their_aeads,
+                                num_their_aeads,
+                                QuicUtils::LOCAL_PRIORITY,
+                                &params->aead,
+                                NULL) ||
+      !QuicUtils::FindMutualTag(requested_config->kexs,
+                                their_key_exchanges,
+                                num_their_key_exchanges,
+                                QuicUtils::LOCAL_PRIORITY,
+                                &params->key_exchange,
+                                &key_exchange_index)) {
     *error_details = "Unsupported AEAD or KEXS";
     return QUIC_CRYPTO_NO_SUPPORT;
   }
 
   StringPiece public_value;
   if (!client_hello.GetStringPiece(kPUBS, &public_value)) {
     *error_details = "Missing public value";
     return QUIC_INVALID_CRYPTO_MESSAGE_PARAMETER;
   }
 
@@ skipping 33 matching lines @@
     string hkdf_input;
     hkdf_input.append(QuicCryptoConfig::kCETVLabel,
                       strlen(QuicCryptoConfig::kCETVLabel) + 1);
     hkdf_input.append(reinterpret_cast<char*>(&connection_id),
                       sizeof(connection_id));
     hkdf_input.append(client_hello_serialized.data(),
                       client_hello_serialized.length());
     hkdf_input.append(requested_config->serialized);
 
     CrypterPair crypters;
-    if (!CryptoUtils::DeriveKeys(params->initial_premaster_secret, params->aead,
-                                 info.client_nonce, info.server_nonce,
-                                 hkdf_input, CryptoUtils::SERVER, &crypters)) {
+    if (!CryptoUtils::DeriveKeys(params->initial_premaster_secret,
+                                 params->aead,
+                                 info.client_nonce,
+                                 info.server_nonce,
+                                 hkdf_input,
+                                 CryptoUtils::SERVER,
+                                 &crypters)) {
       *error_details = "Symmetric key setup failed";
       return QUIC_CRYPTO_SYMMETRIC_KEY_SETUP_FAILED;
     }
 
-    scoped_ptr<QuicData> cetv_plaintext(crypters.decrypter->DecryptPacket(
-        0 /* sequence number */, StringPiece() /* associated data */,
-        cetv_ciphertext));
+    scoped_ptr<QuicData> cetv_plaintext(
+        crypters.decrypter->DecryptPacket(0 /* sequence number */,
+                                          StringPiece() /* associated data */,
+                                          cetv_ciphertext));
     if (!cetv_plaintext.get()) {
       *error_details = "CETV decryption failure";
       return QUIC_INVALID_CRYPTO_MESSAGE_PARAMETER;
     }
 
-    scoped_ptr<CryptoHandshakeMessage> cetv(CryptoFramer::ParseMessage(
-        cetv_plaintext->AsStringPiece()));
+    scoped_ptr<CryptoHandshakeMessage> cetv(
+        CryptoFramer::ParseMessage(cetv_plaintext->AsStringPiece()));
     if (!cetv.get()) {
       *error_details = "CETV parse error";
       return QUIC_INVALID_CRYPTO_MESSAGE_PARAMETER;
     }
 
     StringPiece key, signature;
     if (cetv->GetStringPiece(kCIDK, &key) &&
         cetv->GetStringPiece(kCIDS, &signature)) {
       if (!ChannelIDVerifier::Verify(key, hkdf_input, signature)) {
         *error_details = "ChannelID signature failure";
         return QUIC_INVALID_CRYPTO_MESSAGE_PARAMETER;
       }
 
       params->channel_id = key.as_string();
     }
   }
 
   string hkdf_input;
   size_t label_len = strlen(QuicCryptoConfig::kInitialLabel) + 1;
   hkdf_input.reserve(label_len + hkdf_suffix.size());
   hkdf_input.append(QuicCryptoConfig::kInitialLabel, label_len);
   hkdf_input.append(hkdf_suffix);
 
-  if (!CryptoUtils::DeriveKeys(params->initial_premaster_secret, params->aead,
-                               info.client_nonce, info.server_nonce, hkdf_input,
+  if (!CryptoUtils::DeriveKeys(params->initial_premaster_secret,
+                               params->aead,
+                               info.client_nonce,
+                               info.server_nonce,
+                               hkdf_input,
                                CryptoUtils::SERVER,
                                &params->initial_crypters)) {
     *error_details = "Symmetric key setup failed";
     return QUIC_CRYPTO_SYMMETRIC_KEY_SETUP_FAILED;
   }
 
   string forward_secure_public_value;
   if (ephemeral_key_source_.get()) {
     params->forward_secure_premaster_secret =
         ephemeral_key_source_->CalculateForwardSecureKey(
-            key_exchange, rand, clock->ApproximateNow(), public_value,
+            key_exchange,
+            rand,
+            clock->ApproximateNow(),
+            public_value,
             &forward_secure_public_value);
   } else {
     scoped_ptr<KeyExchange> forward_secure_key_exchange(
         key_exchange->NewKeyPair(rand));
     forward_secure_public_value =
         forward_secure_key_exchange->public_value().as_string();
     if (!forward_secure_key_exchange->CalculateSharedKey(
             public_value, &params->forward_secure_premaster_secret)) {
       *error_details = "Invalid public value";
       return QUIC_INVALID_CRYPTO_MESSAGE_PARAMETER;
     }
   }
 
   string forward_secure_hkdf_input;
   label_len = strlen(QuicCryptoConfig::kForwardSecureLabel) + 1;
   forward_secure_hkdf_input.reserve(label_len + hkdf_suffix.size());
   forward_secure_hkdf_input.append(QuicCryptoConfig::kForwardSecureLabel,
                                    label_len);
   forward_secure_hkdf_input.append(hkdf_suffix);
 
-  if (!CryptoUtils::DeriveKeys(
-           params->forward_secure_premaster_secret, params->aead,
-           info.client_nonce, info.server_nonce, forward_secure_hkdf_input,
-           CryptoUtils::SERVER, &params->forward_secure_crypters)) {
+  if (!CryptoUtils::DeriveKeys(params->forward_secure_premaster_secret,
+                               params->aead,
+                               info.client_nonce,
+                               info.server_nonce,
+                               forward_secure_hkdf_input,
+                               CryptoUtils::SERVER,
+                               &params->forward_secure_crypters)) {
     *error_details = "Symmetric key setup failed";
     return QUIC_CRYPTO_SYMMETRIC_KEY_SETUP_FAILED;
   }
 
   out->set_tag(kSHLO);
   QuicTagVector supported_version_tags;
   for (size_t i = 0; i < supported_versions.size(); ++i) {
-    supported_version_tags.push_back
-        (QuicVersionToQuicTag(supported_versions[i]));
+    supported_version_tags.push_back(
+        QuicVersionToQuicTag(supported_versions[i]));
   }
   out->SetVector(kVER, supported_version_tags);
-  out->SetStringPiece(kSourceAddressTokenTag,
-                      NewSourceAddressToken(
-                          *requested_config,
-                          client_address, rand,
-                          info.now));
+  out->SetStringPiece(
+      kSourceAddressTokenTag,
+      NewSourceAddressToken(*requested_config, client_address, rand, info.now));
   QuicSocketAddressCoder address_coder(client_address);
   out->SetStringPiece(kCADR, address_coder.Encode());
   out->SetStringPiece(kPUBS, forward_secure_public_value);
 
   // Set initial receive window for flow control.
   out->SetValue(kIFCW, initial_flow_control_window_bytes);
 
   return QUIC_NO_ERROR;
 }
 
@@ skipping 32 matching lines @@
     // Primary times and priorities are equal, sort by config id.
     return a->id < b->id;
   }
 }
 
 void QuicCryptoServerConfig::SelectNewPrimaryConfig(
     const QuicWallTime now) const {
   vector<scoped_refptr<Config> > configs;
   configs.reserve(configs_.size());
 
-  for (ConfigMap::const_iterator it = configs_.begin();
-       it != configs_.end(); ++it) {
+  for (ConfigMap::const_iterator it = configs_.begin(); it != configs_.end();
+       ++it) {
     // TODO(avd) Exclude expired configs?
     configs.push_back(it->second);
   }
 
   if (configs.empty()) {
     if (primary_config_.get()) {
       LOG(DFATAL) << "No valid QUIC server config. Keeping the current config.";
     } else {
       LOG(DFATAL) << "No valid QUIC server config.";
     }
@@ skipping 28 matching lines @@
       next_config_promotion_time_ = config->primary_time;
     }
 
     if (primary_config_.get()) {
       primary_config_->is_primary = false;
     }
     primary_config_ = new_primary;
     new_primary->is_primary = true;
     DVLOG(1) << "New primary config.  orbit: "
              << base::HexEncode(
-                 reinterpret_cast<const char*>(primary_config_->orbit),
-                 kOrbitSize);
+                    reinterpret_cast<const char*>(primary_config_->orbit),
+                    kOrbitSize);
     if (primary_config_changed_cb_.get() != NULL) {
       primary_config_changed_cb_->Run(primary_config_->id);
     }
 
     return;
   }
 
   // All config's primary times are in the past. We should make the most recent
   // and highest priority candidate primary.
   scoped_refptr<Config> new_primary(best_candidate);
   if (primary_config_.get()) {
     primary_config_->is_primary = false;
   }
   primary_config_ = new_primary;
   new_primary->is_primary = true;
   DVLOG(1) << "New primary config.  orbit: "
            << base::HexEncode(
-               reinterpret_cast<const char*>(primary_config_->orbit),
-               kOrbitSize)
+                  reinterpret_cast<const char*>(primary_config_->orbit),
+                  kOrbitSize)
            << " scid: " << base::HexEncode(primary_config_->id.data(),
                                            primary_config_->id.size());
   next_config_promotion_time_ = QuicWallTime::Zero();
   if (primary_config_changed_cb_.get() != NULL) {
     primary_config_changed_cb_->Run(primary_config_->id);
   }
 }
 
 void QuicCryptoServerConfig::EvaluateClientHello(
     const uint8* primary_orbit,
     scoped_refptr<Config> requested_config,
     ValidateClientHelloResultCallback::Result* client_hello_state,
     ValidateClientHelloResultCallback* done_cb) const {
   ValidateClientHelloHelper helper(client_hello_state, done_cb);
 
-  const CryptoHandshakeMessage& client_hello =
-      client_hello_state->client_hello;
+  const CryptoHandshakeMessage& client_hello = client_hello_state->client_hello;
   ClientHelloInfo* info = &(client_hello_state->info);
 
   if (client_hello.size() < kClientHelloMinimumSize) {
     helper.ValidationComplete(QUIC_CRYPTO_INVALID_VALUE_LENGTH,
                               "Client hello too small");
     return;
   }
 
   if (client_hello.GetStringPiece(kSNI, &info->sni) &&
       !CryptoUtils::IsValidSNI(info->sni)) {
     helper.ValidationComplete(QUIC_INVALID_CRYPTO_MESSAGE_PARAMETER,
                               "Invalid SNI name");
     return;
   }
 
   StringPiece srct;
   if (requested_config.get() != NULL &&
       client_hello.GetStringPiece(kSourceAddressTokenTag, &srct) &&
-      ValidateSourceAddressToken(*requested_config,
-                                 srct,
-                                 info->client_ip,
-                                 info->now)) {
+      ValidateSourceAddressToken(
+          *requested_config, srct, info->client_ip, info->now)) {
     info->valid_source_address_token = true;
   } else {
     // No server config with the requested ID, or no valid source address token.
     helper.ValidationComplete(QUIC_NO_ERROR, "");
     return;
   }
 
   if (client_hello.GetStringPiece(kNONC, &info->client_nonce) &&
       info->client_nonce.size() == kNonceSize) {
     info->client_nonce_well_formed = true;
@@ skipping 24 matching lines @@
   StrikeRegisterClient* strike_register_client;
   {
     base::AutoLock locked(strike_register_client_lock_);
 
     if (strike_register_client_.get() == NULL) {
       strike_register_client_.reset(new LocalStrikeRegisterClient(
           strike_register_max_entries_,
           static_cast<uint32>(info->now.ToUNIXSeconds()),
           strike_register_window_secs_,
           primary_orbit,
-          strike_register_no_startup_period_ ?
-          StrikeRegister::NO_STARTUP_PERIOD_NEEDED :
-          StrikeRegister::DENY_REQUESTS_AT_STARTUP));
+          strike_register_no_startup_period_
+              ? StrikeRegister::NO_STARTUP_PERIOD_NEEDED
+              : StrikeRegister::DENY_REQUESTS_AT_STARTUP));
     }
     strike_register_client = strike_register_client_.get();
   }
 
   strike_register_client->VerifyNonceIsValidAndUnique(
       info->client_nonce,
       info->now,
       new VerifyNonceIsValidAndUniqueCallback(client_hello_state, done_cb));
   helper.StartedAsyncCallback();
 }
 
 void QuicCryptoServerConfig::BuildRejection(
     const Config& config,
     const CryptoHandshakeMessage& client_hello,
     const ClientHelloInfo& info,
     QuicRandom* rand,
     CryptoHandshakeMessage* out) const {
   out->set_tag(kREJ);
   out->SetStringPiece(kSCFG, config.serialized);
-  out->SetStringPiece(kSourceAddressTokenTag,
-                      NewSourceAddressToken(
-                          config,
-                          info.client_ip,
-                          rand,
-                          info.now));
+  out->SetStringPiece(
+      kSourceAddressTokenTag,
+      NewSourceAddressToken(config, info.client_ip, rand, info.now));
   if (replay_protection_) {
     out->SetStringPiece(kServerNonceTag, NewServerNonce(rand, info.now));
   }
 
   // The client may have requested a certificate chain.
   const QuicTag* their_proof_demands;
   size_t num_their_proof_demands;
 
   if (proof_source_.get() == NULL ||
-      client_hello.GetTaglist(kPDMD, &their_proof_demands,
-                              &num_their_proof_demands) !=
-          QUIC_NO_ERROR) {
+      client_hello.GetTaglist(kPDMD,
+                              &their_proof_demands,
+                              &num_their_proof_demands) != QUIC_NO_ERROR) {
     return;
   }
 
   bool x509_supported = false, x509_ecdsa_supported = false;
   for (size_t i = 0; i < num_their_proof_demands; i++) {
     switch (their_proof_demands[i]) {
       case kX509:
         x509_supported = true;
         x509_ecdsa_supported = true;
         break;
       case kX59R:
         x509_supported = true;
         break;
     }
   }
 
   if (!x509_supported) {
     return;
   }
 
   const vector<string>* certs;
   string signature;
-  if (!proof_source_->GetProof(info.sni.as_string(), config.serialized,
-                               x509_ecdsa_supported, &certs, &signature)) {
+  if (!proof_source_->GetProof(info.sni.as_string(),
+                               config.serialized,
+                               x509_ecdsa_supported,
+                               &certs,
+                               &signature)) {
     return;
   }
 
   StringPiece their_common_set_hashes;
   StringPiece their_cached_cert_hashes;
   client_hello.GetStringPiece(kCCS, &their_common_set_hashes);
   client_hello.GetStringPiece(kCCRT, &their_cached_cert_hashes);
 
-  const string compressed = CertCompressor::CompressChain(
-      *certs, their_common_set_hashes, their_cached_cert_hashes,
-      config.common_cert_sets);
+  const string compressed =
+      CertCompressor::CompressChain(*certs,
+                                    their_common_set_hashes,
+                                    their_cached_cert_hashes,
+                                    config.common_cert_sets);
 
   // kREJOverheadBytes is a very rough estimate of how much of a REJ
   // message is taken up by things other than the certificates.
   // STK: 56 bytes
   // SNO: 56 bytes
   // SCFG
   //   SCID: 16 bytes
   //   PUBS: 38 bytes
   const size_t kREJOverheadBytes = 166;
   // kMultiplier is the multiple of the CHLO message size that a REJ message
@@ skipping 88 matching lines @@
     StrikeRegisterClient* strike_register_client;
     {
       base::AutoLock locked(strike_register_client_lock_);
       strike_register_client = strike_register_client_.get();
     }
 
     if (strike_register_client != NULL &&
         !strike_register_client->IsKnownOrbit(orbit)) {
       LOG(WARNING)
           << "Rejecting server config with orbit that the strike register "
-          "client doesn't know about.";
+             "client doesn't know about.";
       return NULL;
     }
   }
 
   if (kexs_len != protobuf->key_size()) {
     LOG(WARNING) << "Server config has " << kexs_len
                  << " key exchange methods configured, but "
                  << protobuf->key_size() << " private keys";
     return NULL;
   }
@@ skipping 48 matching lines @@
           return NULL;
         }
         break;
       default:
         LOG(WARNING) << "Server config message contains unknown key exchange "
                         "method: " << tag;
         return NULL;
     }
 
     for (vector<KeyExchange*>::const_iterator i = config->key_exchanges.begin();
-         i != config->key_exchanges.end(); ++i) {
+         i != config->key_exchanges.end();
+         ++i) {
       if ((*i)->tag() == tag) {
         LOG(WARNING) << "Duplicate key exchange in config: " << tag;
         return NULL;
       }
     }
 
     config->key_exchanges.push_back(ka.release());
   }
 
   return config;
@@ skipping 60 matching lines @@
   DCHECK(!server_nonce_strike_register_.get());
   server_nonce_strike_register_window_secs_ = window_secs;
 }
 
 void QuicCryptoServerConfig::AcquirePrimaryConfigChangedCb(
     PrimaryConfigChangedCallback* cb) {
   base::AutoLock locked(configs_lock_);
   primary_config_changed_cb_.reset(cb);
 }
 
-string QuicCryptoServerConfig::NewSourceAddressToken(
-    const Config& config,
-    const IPEndPoint& ip,
-    QuicRandom* rand,
-    QuicWallTime now) const {
+string QuicCryptoServerConfig::NewSourceAddressToken(const Config& config,
+                                                     const IPEndPoint& ip,
+                                                     QuicRandom* rand,
+                                                     QuicWallTime now) const {
   SourceAddressToken source_address_token;
   source_address_token.set_ip(IPAddressToPackedString(ip.address()));
   source_address_token.set_timestamp(now.ToUNIXSeconds());
 
   return config.source_address_token_boxer->Box(
       rand, source_address_token.SerializeAsString());
 }
 
 bool QuicCryptoServerConfig::ValidateSourceAddressToken(
     const Config& config,
@@ skipping 71 matching lines @@
 
   if (plaintext.size() != kServerNoncePlaintextSize) {
     // This should never happen because the value decrypted correctly.
     LOG(DFATAL) << "Seemingly valid server nonce had incorrect length.";
     return false;
   }
 
   uint8 server_nonce[32];
   memcpy(server_nonce, plaintext.data(), 4);
   memcpy(server_nonce + 4, server_nonce_orbit_, sizeof(server_nonce_orbit_));
-  memcpy(server_nonce + 4 + sizeof(server_nonce_orbit_), plaintext.data() + 4,
-         20);
+  memcpy(
+      server_nonce + 4 + sizeof(server_nonce_orbit_), plaintext.data() + 4, 20);
   COMPILE_ASSERT(4 + sizeof(server_nonce_orbit_) + 20 == sizeof(server_nonce),
                  bad_nonce_buffer_length);
 
   bool is_unique;
   {
     base::AutoLock auto_lock(server_nonce_strike_register_lock_);
     if (server_nonce_strike_register_.get() == NULL) {
-      server_nonce_strike_register_.reset(new StrikeRegister(
-          server_nonce_strike_register_max_entries_,
-          static_cast<uint32>(now.ToUNIXSeconds()),
-          server_nonce_strike_register_window_secs_, server_nonce_orbit_,
-          StrikeRegister::NO_STARTUP_PERIOD_NEEDED));
+      server_nonce_strike_register_.reset(
+          new StrikeRegister(server_nonce_strike_register_max_entries_,
+                             static_cast<uint32>(now.ToUNIXSeconds()),
+                             server_nonce_strike_register_window_secs_,
+                             server_nonce_orbit_,
+                             StrikeRegister::NO_STARTUP_PERIOD_NEEDED));
     }
     is_unique = server_nonce_strike_register_->Insert(
         server_nonce, static_cast<uint32>(now.ToUNIXSeconds()));
   }
 
   return is_unique;
 }
 
 QuicCryptoServerConfig::Config::Config()
     : channel_id_enabled(false),
       is_primary(false),
       primary_time(QuicWallTime::Zero()),
       priority(0),
-      source_address_token_boxer(NULL) {}
+      source_address_token_boxer(NULL) {
+}
 
-QuicCryptoServerConfig::Config::~Config() { STLDeleteElements(&key_exchanges); }
+QuicCryptoServerConfig::Config::~Config() {
+  STLDeleteElements(&key_exchanges);
+}
 
 }  // namespace net