Update from https://crrev.com/312398

net/tools/quic/quic_client_bin.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // A binary wrapper for QuicClient.
 // Connects to a host using QUIC, sends a request to the provided URL, and
 // displays the response.
 //
 // Some usage examples:
 //
@@ skipping 30 matching lines @@
 #include <iostream>
 
 #include "base/at_exit.h"
 #include "base/command_line.h"
 #include "base/logging.h"
 #include "base/strings/string_number_conversions.h"
 #include "base/strings/string_split.h"
 #include "base/strings/string_util.h"
 #include "net/base/ip_endpoint.h"
 #include "net/base/privacy_mode.h"
+#include "net/cert/cert_verifier.h"
+#include "net/http/transport_security_state.h"
+#include "net/quic/crypto/proof_verifier_chromium.h"
 #include "net/quic/quic_protocol.h"
 #include "net/quic/quic_server_id.h"
 #include "net/quic/quic_utils.h"
 #include "net/tools/epoll_server/epoll_server.h"
 #include "net/tools/quic/quic_client.h"
 #include "net/tools/quic/spdy_utils.h"
 #include "url/gurl.h"
 
 using base::StringPiece;
+using net::CertVerifier;
+using net::ProofVerifierChromium;
+using net::TransportSecurityState;
 using std::cout;
 using std::cerr;
 using std::map;
 using std::string;
 using std::vector;
 using std::endl;
 
 // The IP or hostname the quic client will connect to.
 string FLAGS_host = "";
 // The port to connect to.
@@ skipping 94 matching lines @@
   GURL url(urls[0]);
   string host = FLAGS_host;
   // TODO(rtenneti): get ip_addr from hostname by doing host resolution.
   CHECK(!host.empty());
   net::ParseIPLiteralToNumber(host, &ip_addr);
 
   string host_port = net::IPAddressToStringWithPort(ip_addr, FLAGS_port);
   VLOG(1) << "Resolved " << host << " to " << host_port << endl;
 
   // Build the client, and try to connect.
+  bool is_https = (FLAGS_port == 443);
   net::EpollServer epoll_server;
-  net::QuicServerId server_id(host, FLAGS_port, /*is_https=*/false,
+  net::QuicServerId server_id(host, FLAGS_port, is_https,
                               net::PRIVACY_MODE_DISABLED);
   net::QuicVersionVector versions = net::QuicSupportedVersions();
   if (FLAGS_quic_version != -1) {
     versions.clear();
     versions.push_back(static_cast<net::QuicVersion>(FLAGS_quic_version));
   }
   net::tools::QuicClient client(net::IPEndPoint(ip_addr, FLAGS_port), server_id,
                                 versions, &epoll_server);
+  scoped_ptr<CertVerifier> cert_verifier;
+  scoped_ptr<TransportSecurityState> transport_security_state;
+  if (is_https) {
+    // For secure QUIC we need to verify the cert chain.a
+    cert_verifier.reset(CertVerifier::CreateDefault());
+    transport_security_state.reset(new TransportSecurityState);
+    // TODO(rtenneti): Fix "Proof invalid: Missing context" error.
+    client.SetProofVerifier(new ProofVerifierChromium(
+        cert_verifier.get(), transport_security_state.get()));
+  }
   if (!client.Initialize()) {
     cerr << "Failed to initialize client." << endl;
     return 1;
   }
   if (!client.Connect()) {
     net::QuicErrorCode error = client.session()->error();
     if (FLAGS_version_mismatch_ok && error == net::QUIC_INVALID_VERSION) {
       cout << "Server talks QUIC, but none of the versions supoorted by "
            << "this client: " << QuicVersionVectorToString(versions) << endl;
       // Version mismatch is not deemed a failure.
@@ skipping 60 matching lines @@
       return 0;
     } else {
       cout << "Request failed (redirect " << response_code << ")." << endl;
       return 1;
     }
   } else {
     cerr << "Request failed (" << response_code << ")." << endl;
     return 1;
   }
 }