QUIC - Fix QUIC enabled experiment spending significantly more time verifying certs on Android.
Get computed CertVerifier::VerifyFlags from SSLConfig from
HttpStreamFactoryImpl::Job and pass them to QUIC's
CertVerifier code. With this change, when
SSLClientSocket[NSS|OpenSSL] code tries to verify the
code, certs are already cached and we don't verify certs
twice.
BUG=502509
[email protected]
Review URL: https://codereview.chromium.org/1197823002
Cr-Commit-Position: refs/heads/master@{#335463}
diff --git a/net/http/http_stream_factory_impl_job.cc b/net/http/http_stream_factory_impl_job.cc
index 1ae8aa7..a1f802d 100644
--- a/net/http/http_stream_factory_impl_job.cc
+++ b/net/http/http_stream_factory_impl_job.cc
@@ -23,6 +23,7 @@
#include "build/build_config.h"
#include "net/base/connection_type_histograms.h"
#include "net/base/net_util.h"
+#include "net/cert/cert_verifier.h"
#include "net/http/http_basic_stream.h"
#include "net/http/http_network_session.h"
#include "net/http/http_proxy_client_socket.h"
@@ -803,6 +804,17 @@
DCHECK(session_->params().enable_quic_for_proxies);
}
+ if (proxy_info_.is_https() || proxy_info_.is_quic()) {
+ InitSSLConfig(proxy_info_.proxy_server().host_port_pair(),
+ &proxy_ssl_config_, /*is_proxy=*/true);
+ // Disable revocation checking for HTTPS proxies since the revocation
+ // requests are probably going to need to go through the proxy too.
+ proxy_ssl_config_.rev_checking_enabled = false;
+ }
+ if (using_ssl_) {
+ InitSSLConfig(server_, &server_ssl_config_, /*is_proxy=*/false);
+ }
+
if (using_quic_) {
if (proxy_info_.is_quic() && !request_info_.url.SchemeIs("http")) {
NOTREACHED();
@@ -812,11 +824,13 @@
HostPortPair destination;
std::string origin_host;
bool secure_quic;
+ SSLConfig* ssl_config;
if (proxy_info_.is_quic()) {
// A proxy's certificate is expected to be valid for the proxy hostname.
destination = proxy_info_.proxy_server().host_port_pair();
origin_host = destination.host();
secure_quic = true;
+ ssl_config = &proxy_ssl_config_;
} else {
// The certificate of a QUIC alternative server is expected to be valid
// for the origin of the request (in addition to being valid for the
@@ -824,10 +838,21 @@
destination = server_;
origin_host = origin_url_.host();
secure_quic = using_ssl_;
+ ssl_config = &server_ssl_config_;
}
+ // TODO(rtenneti): Move the cert_verify_flags code into SSLConfig class.
+ int flags = 0;
+ if (ssl_config->rev_checking_enabled)
+ flags |= CertVerifier::VERIFY_REV_CHECKING_ENABLED;
+ if (ssl_config->verify_ev_cert)
+ flags |= CertVerifier::VERIFY_EV_CERT;
+ if (ssl_config->cert_io_enabled)
+ flags |= CertVerifier::VERIFY_CERT_IO_ENABLED;
+ if (ssl_config->rev_checking_required_local_anchors)
+ flags |= CertVerifier::VERIFY_REV_CHECKING_REQUIRED_LOCAL_ANCHORS;
int rv = quic_request_.Request(
- destination, secure_quic, request_info_.privacy_mode, origin_host,
- request_info_.method, net_log_, io_callback_);
+ destination, secure_quic, request_info_.privacy_mode, flags,
+ origin_host, request_info_.method, net_log_, io_callback_);
if (rv == OK) {
using_existing_quic_session_ = true;
} else {
@@ -879,18 +904,6 @@
const bool expect_spdy = IsSpdyAlternative();
- if (proxy_info_.is_https()) {
- InitSSLConfig(proxy_info_.proxy_server().host_port_pair(),
- &proxy_ssl_config_,
- true /* is a proxy server */);
- // Disable revocation checking for HTTPS proxies since the revocation
- // requests are probably going to need to go through the proxy too.
- proxy_ssl_config_.rev_checking_enabled = false;
- }
- if (using_ssl_) {
- InitSSLConfig(server_, &server_ssl_config_, false /* not a proxy server */);
- }
-
base::WeakPtr<HttpServerProperties> http_server_properties =
session_->http_server_properties();
if (http_server_properties) {
diff --git a/net/quic/crypto/proof_verifier_chromium.cc b/net/quic/crypto/proof_verifier_chromium.cc
index b6ce232..90543cb 100644
--- a/net/quic/crypto/proof_verifier_chromium.cc
+++ b/net/quic/crypto/proof_verifier_chromium.cc
@@ -47,6 +47,7 @@
Job(ProofVerifierChromium* proof_verifier,
CertVerifier* cert_verifier,
TransportSecurityState* transport_security_state,
+ int cert_verify_flags,
const BoundNetLog& net_log);
// Starts the proof verification. If |QUIC_PENDING| is returned, then
@@ -94,6 +95,10 @@
// X509Certificate from a chain of DER encoded certificates.
scoped_refptr<X509Certificate> cert_;
+ // |cert_verify_flags| is bitwise OR'd of CertVerifier::VerifyFlags and it is
+ // passed to CertVerifier::Verify.
+ int cert_verify_flags_;
+
State next_state_;
BoundNetLog net_log_;
@@ -105,10 +110,12 @@
ProofVerifierChromium* proof_verifier,
CertVerifier* cert_verifier,
TransportSecurityState* transport_security_state,
+ int cert_verify_flags,
const BoundNetLog& net_log)
: proof_verifier_(proof_verifier),
verifier_(cert_verifier),
transport_security_state_(transport_security_state),
+ cert_verify_flags_(cert_verify_flags),
next_state_(STATE_NONE),
net_log_(net_log) {
}
@@ -222,13 +229,12 @@
int ProofVerifierChromium::Job::DoVerifyCert(int result) {
next_state_ = STATE_VERIFY_CERT_COMPLETE;
- int flags = 0;
- return verifier_->Verify(cert_.get(), hostname_, std::string(), flags,
- SSLConfigService::GetCRLSet().get(),
- &verify_details_->cert_verify_result,
- base::Bind(&ProofVerifierChromium::Job::OnIOComplete,
- base::Unretained(this)),
- &cert_verifier_request_, net_log_);
+ return verifier_->Verify(
+ cert_.get(), hostname_, std::string(), cert_verify_flags_,
+ SSLConfigService::GetCRLSet().get(), &verify_details_->cert_verify_result,
+ base::Bind(&ProofVerifierChromium::Job::OnIOComplete,
+ base::Unretained(this)),
+ &cert_verifier_request_, net_log_);
}
int ProofVerifierChromium::Job::DoVerifyCertComplete(int result) {
@@ -380,13 +386,12 @@
}
const ProofVerifyContextChromium* chromium_context =
reinterpret_cast<const ProofVerifyContextChromium*>(verify_context);
- scoped_ptr<Job> job(new Job(this,
- cert_verifier_,
- transport_security_state_,
+ scoped_ptr<Job> job(new Job(this, cert_verifier_, transport_security_state_,
+ chromium_context->cert_verify_flags,
chromium_context->net_log));
- QuicAsyncStatus status = job->VerifyProof(hostname, server_config, certs,
- signature, error_details,
- verify_details, callback);
+ QuicAsyncStatus status =
+ job->VerifyProof(hostname, server_config, certs, signature, error_details,
+ verify_details, callback);
if (status == QUIC_PENDING) {
active_jobs_.insert(job.release());
}
diff --git a/net/quic/crypto/proof_verifier_chromium.h b/net/quic/crypto/proof_verifier_chromium.h
index 83041791..7c0b069f 100644
--- a/net/quic/crypto/proof_verifier_chromium.h
+++ b/net/quic/crypto/proof_verifier_chromium.h
@@ -44,9 +44,10 @@
// ProofVerifierChromium needs in order to log correctly.
struct ProofVerifyContextChromium : public ProofVerifyContext {
public:
- explicit ProofVerifyContextChromium(const BoundNetLog& net_log)
- : net_log(net_log) {}
+ ProofVerifyContextChromium(int cert_verify_flags, const BoundNetLog& net_log)
+ : cert_verify_flags(cert_verify_flags), net_log(net_log) {}
+ int cert_verify_flags;
BoundNetLog net_log;
};
diff --git a/net/quic/quic_client_session.cc b/net/quic/quic_client_session.cc
index af83f82..57a5393 100644
--- a/net/quic/quic_client_session.cc
+++ b/net/quic/quic_client_session.cc
@@ -100,6 +100,7 @@
scoped_ptr<base::Value> NetLogQuicClientSessionCallback(
const QuicServerId* server_id,
+ int cert_verify_flags,
bool require_confirmation,
NetLogCaptureMode /* capture_mode */) {
scoped_ptr<base::DictionaryValue> dict(new base::DictionaryValue());
@@ -109,6 +110,7 @@
dict->SetBoolean("privacy_mode",
server_id->privacy_mode() == PRIVACY_MODE_ENABLED);
dict->SetBoolean("require_confirmation", require_confirmation);
+ dict->SetInteger("cert_verify_flags", cert_verify_flags);
return dict.Pass();
}
@@ -161,6 +163,7 @@
TransportSecurityState* transport_security_state,
scoped_ptr<QuicServerInfo> server_info,
const QuicServerId& server_id,
+ int cert_verify_flags,
const QuicConfig& config,
QuicCryptoClientConfig* crypto_config,
const char* const connection_description,
@@ -183,17 +186,17 @@
going_away_(false),
weak_factory_(this) {
crypto_stream_.reset(
- crypto_client_stream_factory ?
- crypto_client_stream_factory->CreateQuicCryptoClientStream(
- server_id, this, crypto_config) :
- new QuicCryptoClientStream(server_id, this,
- new ProofVerifyContextChromium(net_log_),
- crypto_config));
+ crypto_client_stream_factory
+ ? crypto_client_stream_factory->CreateQuicCryptoClientStream(
+ server_id, this, crypto_config)
+ : new QuicCryptoClientStream(
+ server_id, this,
+ new ProofVerifyContextChromium(cert_verify_flags, net_log_),
+ crypto_config));
connection->set_debug_visitor(logger_.get());
net_log_.BeginEvent(NetLog::TYPE_QUIC_SESSION,
- base::Bind(NetLogQuicClientSessionCallback,
- &server_id,
- require_confirmation_));
+ base::Bind(NetLogQuicClientSessionCallback, &server_id,
+ cert_verify_flags, require_confirmation_));
IPEndPoint address;
if (socket && socket->GetLocalAddress(&address) == OK &&
address.GetFamily() == ADDRESS_FAMILY_IPV6) {
diff --git a/net/quic/quic_client_session.h b/net/quic/quic_client_session.h
index d8b35a8..414b906 100644
--- a/net/quic/quic_client_session.h
+++ b/net/quic/quic_client_session.h
@@ -99,6 +99,7 @@
TransportSecurityState* transport_security_state,
scoped_ptr<QuicServerInfo> server_info,
const QuicServerId& server_id,
+ int cert_verify_flags,
const QuicConfig& config,
QuicCryptoClientConfig* crypto_config,
const char* const connection_description,
diff --git a/net/quic/quic_client_session_test.cc b/net/quic/quic_client_session_test.cc
index 6bd6e28..921e7a6 100644
--- a/net/quic/quic_client_session_test.cc
+++ b/net/quic/quic_client_session_test.cc
@@ -55,6 +55,7 @@
kServerPort,
/*is_secure=*/false,
PRIVACY_MODE_DISABLED),
+ /*cert_verify_flags=*/0,
DefaultQuicConfig(),
&crypto_config_,
"CONNECTION_UNKNOWN",
diff --git a/net/quic/quic_crypto_client_stream.cc b/net/quic/quic_crypto_client_stream.cc
index d8463c5..84c994c1 100644
--- a/net/quic/quic_crypto_client_stream.cc
+++ b/net/quic/quic_crypto_client_stream.cc
@@ -419,14 +419,9 @@
verify_ok_ = false;
QuicAsyncStatus status = verifier->VerifyProof(
- server_id_.host(),
- cached->server_config(),
- cached->certs(),
- cached->signature(),
- verify_context_.get(),
- &verify_error_details_,
- &verify_details_,
- proof_verify_callback);
+ server_id_.host(), cached->server_config(), cached->certs(),
+ cached->signature(), verify_context_.get(), &verify_error_details_,
+ &verify_details_, proof_verify_callback);
switch (status) {
case QUIC_PENDING:
diff --git a/net/quic/quic_http_stream_test.cc b/net/quic/quic_http_stream_test.cc
index 639135c2..1fcbf27 100644
--- a/net/quic/quic_http_stream_test.cc
+++ b/net/quic/quic_http_stream_test.cc
@@ -213,9 +213,9 @@
&transport_security_state_, make_scoped_ptr((QuicServerInfo*)nullptr),
QuicServerId(kDefaultServerHostName, kDefaultServerPort,
/*is_secure=*/false, PRIVACY_MODE_DISABLED),
- DefaultQuicConfig(), &crypto_config_, "CONNECTION_UNKNOWN",
- base::TimeTicks::Now(), base::ThreadTaskRunnerHandle::Get().get(),
- nullptr));
+ /*cert_verify_flags=*/0, DefaultQuicConfig(), &crypto_config_,
+ "CONNECTION_UNKNOWN", base::TimeTicks::Now(),
+ base::ThreadTaskRunnerHandle::Get().get(), nullptr));
session_->Initialize();
session_->GetCryptoStream()->CryptoConnect();
EXPECT_TRUE(session_->IsCryptoHandshakeConfirmed());
diff --git a/net/quic/quic_stream_factory.cc b/net/quic/quic_stream_factory.cc
index 4602310..02b0b986 100644
--- a/net/quic/quic_stream_factory.cc
+++ b/net/quic/quic_stream_factory.cc
@@ -146,6 +146,7 @@
bool is_https,
bool was_alternative_service_recently_broken,
PrivacyMode privacy_mode,
+ int cert_verify_flags,
bool is_post,
QuicServerInfo* server_info,
const BoundNetLog& net_log);
@@ -198,6 +199,7 @@
QuicStreamFactory* factory_;
SingleRequestHostResolver host_resolver_;
QuicServerId server_id_;
+ int cert_verify_flags_;
// True if and only if server and origin have the same hostname.
bool server_and_origin_have_same_host_;
bool is_post_;
@@ -221,6 +223,7 @@
bool is_https,
bool was_alternative_service_recently_broken,
PrivacyMode privacy_mode,
+ int cert_verify_flags,
bool is_post,
QuicServerInfo* server_info,
const BoundNetLog& net_log)
@@ -228,6 +231,7 @@
factory_(factory),
host_resolver_(host_resolver),
server_id_(host_port_pair, is_https, privacy_mode),
+ cert_verify_flags_(cert_verify_flags),
server_and_origin_have_same_host_(server_and_origin_have_same_host),
is_post_(is_post),
was_alternative_service_recently_broken_(
@@ -247,6 +251,7 @@
factory_(factory),
host_resolver_(host_resolver), // unused
server_id_(server_id),
+ cert_verify_flags_(0), // unused
server_and_origin_have_same_host_(false), // unused
is_post_(false), // unused
was_alternative_service_recently_broken_(false), // unused
@@ -400,8 +405,9 @@
// If we are waiting to load server config from the disk cache, then start
// another job.
started_another_job_ = true;
- factory_->CreateAuxilaryJob(server_id_, server_and_origin_have_same_host_,
- is_post_, net_log_);
+ factory_->CreateAuxilaryJob(server_id_, cert_verify_flags_,
+ server_and_origin_have_same_host_, is_post_,
+ net_log_);
}
return rv;
}
@@ -430,9 +436,9 @@
int QuicStreamFactory::Job::DoConnect() {
io_state_ = STATE_CONNECT_COMPLETE;
- int rv =
- factory_->CreateSession(server_id_, server_info_.Pass(), address_list_,
- dns_resolution_end_time_, net_log_, &session_);
+ int rv = factory_->CreateSession(
+ server_id_, cert_verify_flags_, server_info_.Pass(), address_list_,
+ dns_resolution_end_time_, net_log_, &session_);
if (rv != OK) {
DCHECK(rv != ERR_IO_PENDING);
DCHECK(!session_);
@@ -496,6 +502,7 @@
int QuicStreamRequest::Request(const HostPortPair& host_port_pair,
bool is_https,
PrivacyMode privacy_mode,
+ int cert_verify_flags,
base::StringPiece origin_host,
base::StringPiece method,
const BoundNetLog& net_log,
@@ -505,8 +512,9 @@
DCHECK(factory_);
origin_host_ = origin_host.as_string();
privacy_mode_ = privacy_mode;
- int rv = factory_->Create(host_port_pair, is_https, privacy_mode, origin_host,
- method, net_log, this);
+ int rv =
+ factory_->Create(host_port_pair, is_https, privacy_mode,
+ cert_verify_flags, origin_host, method, net_log, this);
if (rv == ERR_IO_PENDING) {
host_port_pair_ = host_port_pair;
net_log_ = net_log;
@@ -635,6 +643,7 @@
int QuicStreamFactory::Create(const HostPortPair& host_port_pair,
bool is_https,
PrivacyMode privacy_mode,
+ int cert_verify_flags,
base::StringPiece origin_host,
base::StringPiece method,
const BoundNetLog& net_log,
@@ -681,10 +690,11 @@
}
bool server_and_origin_have_same_host = host_port_pair.host() == origin_host;
- scoped_ptr<Job> job(new Job(
- this, host_resolver_, host_port_pair, server_and_origin_have_same_host,
- is_https, WasQuicRecentlyBroken(server_id), privacy_mode,
- method == "POST" /* is_post */, quic_server_info, net_log));
+ scoped_ptr<Job> job(new Job(this, host_resolver_, host_port_pair,
+ server_and_origin_have_same_host, is_https,
+ WasQuicRecentlyBroken(server_id), privacy_mode,
+ cert_verify_flags, method == "POST" /* is_post */,
+ quic_server_info, net_log));
int rv = job->Run(base::Bind(&QuicStreamFactory::OnJobComplete,
base::Unretained(this), job.get()));
if (rv == ERR_IO_PENDING) {
@@ -705,13 +715,15 @@
}
void QuicStreamFactory::CreateAuxilaryJob(const QuicServerId server_id,
+ int cert_verify_flags,
bool server_and_origin_have_same_host,
bool is_post,
const BoundNetLog& net_log) {
- Job* aux_job = new Job(this, host_resolver_, server_id.host_port_pair(),
- server_and_origin_have_same_host, server_id.is_https(),
- WasQuicRecentlyBroken(server_id),
- server_id.privacy_mode(), is_post, nullptr, net_log);
+ Job* aux_job =
+ new Job(this, host_resolver_, server_id.host_port_pair(),
+ server_and_origin_have_same_host, server_id.is_https(),
+ WasQuicRecentlyBroken(server_id), server_id.privacy_mode(),
+ cert_verify_flags, is_post, nullptr, net_log);
active_jobs_[server_id].insert(aux_job);
task_runner_->PostTask(FROM_HERE,
base::Bind(&QuicStreamFactory::Job::RunAuxilaryJob,
@@ -1002,6 +1014,7 @@
}
int QuicStreamFactory::CreateSession(const QuicServerId& server_id,
+ int cert_verify_flags,
scoped_ptr<QuicServerInfo> server_info,
const AddressList& address_list,
base::TimeTicks dns_resolution_end_time,
@@ -1112,10 +1125,10 @@
*session = new QuicClientSession(
connection, socket.Pass(), this, quic_crypto_client_stream_factory_,
- transport_security_state_, server_info.Pass(), server_id, config,
- &crypto_config_, network_connection_.GetDescription(),
- dns_resolution_end_time, base::ThreadTaskRunnerHandle::Get().get(),
- net_log.net_log());
+ transport_security_state_, server_info.Pass(), server_id,
+ cert_verify_flags, config, &crypto_config_,
+ network_connection_.GetDescription(), dns_resolution_end_time,
+ base::ThreadTaskRunnerHandle::Get().get(), net_log.net_log());
all_sessions_[*session] = server_id; // owning pointer
diff --git a/net/quic/quic_stream_factory.h b/net/quic/quic_stream_factory.h
index 3027b59..80ce889 100644
--- a/net/quic/quic_stream_factory.h
+++ b/net/quic/quic_stream_factory.h
@@ -55,9 +55,12 @@
~QuicStreamRequest();
// For http, |is_https| is false.
+ // |cert_verify_flags| is bitwise OR'd of CertVerifier::VerifyFlags and it is
+ // passed to CertVerifier::Verify.
int Request(const HostPortPair& host_port_pair,
bool is_https,
PrivacyMode privacy_mode,
+ int cert_verify_flags,
base::StringPiece origin_host,
base::StringPiece method,
const BoundNetLog& net_log,
@@ -130,6 +133,7 @@
int Create(const HostPortPair& host_port_pair,
bool is_https,
PrivacyMode privacy_mode,
+ int cert_verify_flags,
base::StringPiece origin_host,
base::StringPiece method,
const BoundNetLog& net_log,
@@ -243,6 +247,7 @@
// Creates a job which doesn't wait for server config to be loaded from the
// disk cache. This job is started via a PostTask.
void CreateAuxilaryJob(const QuicServerId server_id,
+ int cert_verify_flags,
bool server_and_origin_have_same_host,
bool is_post,
const BoundNetLog& net_log);
@@ -256,6 +261,7 @@
bool HasActiveSession(const QuicServerId& server_id) const;
bool HasActiveJob(const QuicServerId& server_id) const;
int CreateSession(const QuicServerId& server_id,
+ int cert_verify_flags,
scoped_ptr<QuicServerInfo> quic_server_info,
const AddressList& address_list,
base::TimeTicks dns_resolution_end_time,
diff --git a/net/quic/quic_stream_factory_test.cc b/net/quic/quic_stream_factory_test.cc
index ae1e5d6..195e410f 100644
--- a/net/quic/quic_stream_factory_test.cc
+++ b/net/quic/quic_stream_factory_test.cc
@@ -270,8 +270,8 @@
QuicStreamRequest request(&factory_);
EXPECT_EQ(ERR_IO_PENDING,
request.Request(destination, is_https_, privacy_mode_,
- destination.host(), "GET", net_log_,
- callback_.callback()));
+ /*cert_verify_flags=*/0, destination.host(),
+ "GET", net_log_, callback_.callback()));
EXPECT_EQ(OK, callback_.WaitForResult());
scoped_ptr<QuicHttpStream> stream = request.ReleaseStream();
@@ -355,8 +355,8 @@
QuicStreamRequest request(&factory_);
EXPECT_EQ(ERR_IO_PENDING,
request.Request(host_port_pair_, is_https_, privacy_mode_,
- host_port_pair_.host(), "GET", net_log_,
- callback_.callback()));
+ /*cert_verify_flags=*/0, host_port_pair_.host(),
+ "GET", net_log_, callback_.callback()));
EXPECT_EQ(OK, callback_.WaitForResult());
scoped_ptr<QuicHttpStream> stream = request.ReleaseStream();
@@ -369,9 +369,10 @@
// TODO(rtenneti): We should probably have a tests that HTTP and HTTPS result
// in streams on different sessions.
QuicStreamRequest request2(&factory_);
- EXPECT_EQ(OK, request2.Request(host_port_pair_, is_https_, privacy_mode_,
- host_port_pair_.host(), "GET", net_log_,
- callback_.callback()));
+ EXPECT_EQ(OK,
+ request2.Request(host_port_pair_, is_https_, privacy_mode_,
+ /*cert_verify_flags=*/0, host_port_pair_.host(),
+ "GET", net_log_, callback_.callback()));
stream = request2.ReleaseStream(); // Will reset stream 5.
stream.reset(); // Will reset stream 7.
@@ -395,8 +396,8 @@
QuicStreamRequest request(&factory_);
EXPECT_EQ(OK, request.Request(host_port_pair_, is_https_, privacy_mode_,
- host_port_pair_.host(), "GET", net_log_,
- callback_.callback()));
+ /*cert_verify_flags=*/0, host_port_pair_.host(),
+ "GET", net_log_, callback_.callback()));
scoped_ptr<QuicHttpStream> stream = request.ReleaseStream();
EXPECT_TRUE(stream.get());
@@ -422,8 +423,8 @@
// Posts require handshake confirmation, so this will return asynchronously.
EXPECT_EQ(ERR_IO_PENDING,
request.Request(host_port_pair_, is_https_, privacy_mode_,
- host_port_pair_.host(), "POST", net_log_,
- callback_.callback()));
+ /*cert_verify_flags=*/0, host_port_pair_.host(),
+ "POST", net_log_, callback_.callback()));
// Confirm the handshake and verify that the stream is created.
crypto_client_stream_factory_.last_stream()->SendOnCryptoHandshakeEvent(
@@ -451,9 +452,9 @@
"192.168.0.1", "");
QuicStreamRequest request(&factory_);
- int rv = request.Request(host_port_pair_, is_https_, privacy_mode_,
- "different.host.example.com", "GET", net_log_,
- callback_.callback());
+ int rv = request.Request(
+ host_port_pair_, is_https_, privacy_mode_, /*cert_verify_flags=*/0,
+ "different.host.example.com", "GET", net_log_, callback_.callback());
// If server and origin have different hostnames, then handshake confirmation
// should be required, so Request will return asynchronously.
EXPECT_EQ(ERR_IO_PENDING, rv);
@@ -482,8 +483,8 @@
QuicStreamRequest request(&factory_);
EXPECT_EQ(ERR_IO_PENDING,
request.Request(host_port_pair_, is_https_, privacy_mode_,
- host_port_pair_.host(), "GET", net_log_,
- callback_.callback()));
+ /*cert_verify_flags=*/0, host_port_pair_.host(),
+ "GET", net_log_, callback_.callback()));
EXPECT_EQ(OK, callback_.WaitForResult());
scoped_ptr<QuicHttpStream> stream = request.ReleaseStream();
@@ -492,8 +493,8 @@
QuicStreamRequest request2(&factory_);
EXPECT_EQ(ERR_IO_PENDING,
request2.Request(host_port_pair_, !is_https_, privacy_mode_,
- host_port_pair_.host(), "GET", net_log_,
- callback_.callback()));
+ /*cert_verify_flags=*/0, host_port_pair_.host(),
+ "GET", net_log_, callback_.callback()));
EXPECT_EQ(OK, callback_.WaitForResult());
stream = request2.ReleaseStream();
EXPECT_TRUE(stream.get());
@@ -527,16 +528,16 @@
QuicStreamRequest request(&factory_);
EXPECT_EQ(OK, request.Request(host_port_pair_, is_https_, privacy_mode_,
- host_port_pair_.host(), "GET", net_log_,
- callback_.callback()));
+ /*cert_verify_flags=*/0, host_port_pair_.host(),
+ "GET", net_log_, callback_.callback()));
scoped_ptr<QuicHttpStream> stream = request.ReleaseStream();
EXPECT_TRUE(stream.get());
TestCompletionCallback callback;
QuicStreamRequest request2(&factory_);
- EXPECT_EQ(OK,
- request2.Request(server2, is_https_, privacy_mode_, server2.host(),
- "GET", net_log_, callback.callback()));
+ EXPECT_EQ(OK, request2.Request(server2, is_https_, privacy_mode_,
+ /*cert_verify_flags=*/0, server2.host(), "GET",
+ net_log_, callback.callback()));
scoped_ptr<QuicHttpStream> stream2 = request2.ReleaseStream();
EXPECT_TRUE(stream2.get());
@@ -572,16 +573,16 @@
QuicStreamRequest request(&factory_);
EXPECT_EQ(OK, request.Request(host_port_pair_, is_https_, privacy_mode_,
- host_port_pair_.host(), "GET", net_log_,
- callback_.callback()));
+ /*cert_verify_flags=*/0, host_port_pair_.host(),
+ "GET", net_log_, callback_.callback()));
scoped_ptr<QuicHttpStream> stream = request.ReleaseStream();
EXPECT_TRUE(stream.get());
TestCompletionCallback callback;
QuicStreamRequest request2(&factory_);
- EXPECT_EQ(OK,
- request2.Request(server2, is_https_, privacy_mode_, server2.host(),
- "GET", net_log_, callback.callback()));
+ EXPECT_EQ(OK, request2.Request(server2, is_https_, privacy_mode_,
+ /*cert_verify_flags=*/0, server2.host(), "GET",
+ net_log_, callback.callback()));
scoped_ptr<QuicHttpStream> stream2 = request2.ReleaseStream();
EXPECT_TRUE(stream2.get());
@@ -616,16 +617,16 @@
QuicStreamRequest request(&factory_);
EXPECT_EQ(OK, request.Request(host_port_pair_, is_https_, privacy_mode_,
- host_port_pair_.host(), "GET", net_log_,
- callback_.callback()));
+ /*cert_verify_flags=*/0, host_port_pair_.host(),
+ "GET", net_log_, callback_.callback()));
scoped_ptr<QuicHttpStream> stream = request.ReleaseStream();
EXPECT_TRUE(stream.get());
TestCompletionCallback callback;
QuicStreamRequest request2(&factory_);
- EXPECT_EQ(OK,
- request2.Request(server2, is_https_, privacy_mode_, server2.host(),
- "GET", net_log_, callback.callback()));
+ EXPECT_EQ(OK, request2.Request(server2, is_https_, privacy_mode_,
+ /*cert_verify_flags=*/0, server2.host(), "GET",
+ net_log_, callback.callback()));
scoped_ptr<QuicHttpStream> stream2 = request2.ReleaseStream();
EXPECT_TRUE(stream2.get());
@@ -638,9 +639,9 @@
TestCompletionCallback callback3;
QuicStreamRequest request3(&factory_);
- EXPECT_EQ(OK,
- request3.Request(server2, is_https_, privacy_mode_, server2.host(),
- "GET", net_log_, callback3.callback()));
+ EXPECT_EQ(OK, request3.Request(server2, is_https_, privacy_mode_,
+ /*cert_verify_flags=*/0, server2.host(), "GET",
+ net_log_, callback3.callback()));
scoped_ptr<QuicHttpStream> stream3 = request3.ReleaseStream();
EXPECT_TRUE(stream3.get());
@@ -673,17 +674,17 @@
QuicStreamRequest request(&factory_);
is_https_ = true;
- EXPECT_EQ(OK,
- request.Request(server1, is_https_, privacy_mode_, server1.host(),
- "GET", net_log_, callback_.callback()));
+ EXPECT_EQ(OK, request.Request(server1, is_https_, privacy_mode_,
+ /*cert_verify_flags=*/0, server1.host(), "GET",
+ net_log_, callback_.callback()));
scoped_ptr<QuicHttpStream> stream = request.ReleaseStream();
EXPECT_TRUE(stream.get());
TestCompletionCallback callback;
QuicStreamRequest request2(&factory_);
- EXPECT_EQ(OK,
- request2.Request(server2, is_https_, privacy_mode_, server2.host(),
- "GET", net_log_, callback_.callback()));
+ EXPECT_EQ(OK, request2.Request(server2, is_https_, privacy_mode_,
+ /*cert_verify_flags=*/0, server2.host(), "GET",
+ net_log_, callback_.callback()));
scoped_ptr<QuicHttpStream> stream2 = request2.ReleaseStream();
EXPECT_TRUE(stream2.get());
@@ -722,17 +723,17 @@
QuicStreamRequest request(&factory_);
is_https_ = true;
- EXPECT_EQ(OK,
- request.Request(server1, is_https_, privacy_mode_, server1.host(),
- "GET", net_log_, callback_.callback()));
+ EXPECT_EQ(OK, request.Request(server1, is_https_, privacy_mode_,
+ /*cert_verify_flags=*/0, server1.host(), "GET",
+ net_log_, callback_.callback()));
scoped_ptr<QuicHttpStream> stream = request.ReleaseStream();
EXPECT_TRUE(stream.get());
TestCompletionCallback callback;
QuicStreamRequest request2(&factory_);
- EXPECT_EQ(OK,
- request2.Request(server2, is_https_, privacy_mode_, server2.host(),
- "GET", net_log_, callback_.callback()));
+ EXPECT_EQ(OK, request2.Request(server2, is_https_, privacy_mode_,
+ /*cert_verify_flags=*/0, server2.host(), "GET",
+ net_log_, callback_.callback()));
scoped_ptr<QuicHttpStream> stream2 = request2.ReleaseStream();
EXPECT_TRUE(stream2.get());
@@ -782,15 +783,15 @@
QuicStreamRequest request1(&factory_);
is_https_ = true;
EXPECT_EQ(OK, request1.Request(alternative, is_https_, privacy_mode_,
- alternative.host(), "GET", net_log_,
- callback_.callback()));
+ /*cert_verify_flags=*/0, alternative.host(),
+ "GET", net_log_, callback_.callback()));
scoped_ptr<QuicHttpStream> stream1 = request1.ReleaseStream();
EXPECT_TRUE(stream1.get());
QuicStreamRequest request2(&factory_);
- int rv =
- request2.Request(alternative, is_https_, privacy_mode_, origin_host,
- "GET", net_log_, callback_.callback());
+ int rv = request2.Request(alternative, is_https_, privacy_mode_,
+ /*cert_verify_flags=*/0, origin_host, "GET",
+ net_log_, callback_.callback());
if (valid) {
// Alternative service of origin to |alternative| should pool to session
// of |stream1| even if origin is different. Since only one
@@ -846,17 +847,17 @@
QuicStreamRequest request(&factory_);
is_https_ = true;
- EXPECT_EQ(OK,
- request.Request(server1, is_https_, privacy_mode_, server1.host(),
- "GET", net_log_, callback_.callback()));
+ EXPECT_EQ(OK, request.Request(server1, is_https_, privacy_mode_,
+ /*cert_verify_flags=*/0, server1.host(), "GET",
+ net_log_, callback_.callback()));
scoped_ptr<QuicHttpStream> stream = request.ReleaseStream();
EXPECT_TRUE(stream.get());
TestCompletionCallback callback;
QuicStreamRequest request2(&factory_);
- EXPECT_EQ(OK,
- request2.Request(server2, is_https_, privacy_mode_, server2.host(),
- "GET", net_log_, callback_.callback()));
+ EXPECT_EQ(OK, request2.Request(server2, is_https_, privacy_mode_,
+ /*cert_verify_flags=*/0, server2.host(), "GET",
+ net_log_, callback_.callback()));
scoped_ptr<QuicHttpStream> stream2 = request2.ReleaseStream();
EXPECT_TRUE(stream2.get());
@@ -901,17 +902,17 @@
QuicStreamRequest request(&factory_);
is_https_ = true;
- EXPECT_EQ(OK,
- request.Request(server1, is_https_, privacy_mode_, server1.host(),
- "GET", net_log_, callback_.callback()));
+ EXPECT_EQ(OK, request.Request(server1, is_https_, privacy_mode_,
+ /*cert_verify_flags=*/0, server1.host(), "GET",
+ net_log_, callback_.callback()));
scoped_ptr<QuicHttpStream> stream = request.ReleaseStream();
EXPECT_TRUE(stream.get());
TestCompletionCallback callback;
QuicStreamRequest request2(&factory_);
- EXPECT_EQ(OK,
- request2.Request(server2, is_https_, privacy_mode_, server2.host(),
- "GET", net_log_, callback_.callback()));
+ EXPECT_EQ(OK, request2.Request(server2, is_https_, privacy_mode_,
+ /*cert_verify_flags=*/0, server2.host(), "GET",
+ net_log_, callback_.callback()));
scoped_ptr<QuicHttpStream> stream2 = request2.ReleaseStream();
EXPECT_TRUE(stream2.get());
@@ -961,17 +962,17 @@
QuicStreamRequest request(&factory_);
is_https_ = true;
- EXPECT_EQ(OK,
- request.Request(server1, is_https_, privacy_mode_, server1.host(),
- "GET", net_log_, callback_.callback()));
+ EXPECT_EQ(OK, request.Request(server1, is_https_, privacy_mode_,
+ /*cert_verify_flags=*/0, server1.host(), "GET",
+ net_log_, callback_.callback()));
scoped_ptr<QuicHttpStream> stream = request.ReleaseStream();
EXPECT_TRUE(stream.get());
TestCompletionCallback callback;
QuicStreamRequest request2(&factory_);
- EXPECT_EQ(OK,
- request2.Request(server2, is_https_, privacy_mode_, server2.host(),
- "GET", net_log_, callback_.callback()));
+ EXPECT_EQ(OK, request2.Request(server2, is_https_, privacy_mode_,
+ /*cert_verify_flags=*/0, server2.host(), "GET",
+ net_log_, callback_.callback()));
scoped_ptr<QuicHttpStream> stream2 = request2.ReleaseStream();
EXPECT_TRUE(stream2.get());
@@ -1000,8 +1001,8 @@
QuicStreamRequest request(&factory_);
EXPECT_EQ(ERR_IO_PENDING,
request.Request(host_port_pair_, is_https_, privacy_mode_,
- host_port_pair_.host(), "GET", net_log_,
- callback_.callback()));
+ /*cert_verify_flags=*/0, host_port_pair_.host(),
+ "GET", net_log_, callback_.callback()));
EXPECT_EQ(OK, callback_.WaitForResult());
scoped_ptr<QuicHttpStream> stream = request.ReleaseStream();
@@ -1022,8 +1023,8 @@
QuicStreamRequest request2(&factory_);
EXPECT_EQ(ERR_IO_PENDING,
request2.Request(host_port_pair_, is_https_, privacy_mode_,
- host_port_pair_.host(), "GET", net_log_,
- callback_.callback()));
+ /*cert_verify_flags=*/0, host_port_pair_.host(),
+ "GET", net_log_, callback_.callback()));
EXPECT_EQ(OK, callback_.WaitForResult());
scoped_ptr<QuicHttpStream> stream2 = request2.ReleaseStream();
EXPECT_TRUE(stream2.get());
@@ -1067,8 +1068,8 @@
for (size_t i = 0; i < kDefaultMaxStreamsPerConnection / 2; i++) {
QuicStreamRequest request(&factory_);
int rv = request.Request(host_port_pair_, is_https_, privacy_mode_,
- host_port_pair_.host(), "GET", net_log_,
- callback_.callback());
+ /*cert_verify_flags=*/0, host_port_pair_.host(),
+ "GET", net_log_, callback_.callback());
if (i == 0) {
EXPECT_EQ(ERR_IO_PENDING, rv);
EXPECT_EQ(OK, callback_.WaitForResult());
@@ -1084,8 +1085,8 @@
QuicStreamRequest request(&factory_);
EXPECT_EQ(OK, request.Request(host_port_pair_, is_https_, privacy_mode_,
- host_port_pair_.host(), "GET", net_log_,
- CompletionCallback()));
+ /*cert_verify_flags=*/0, host_port_pair_.host(),
+ "GET", net_log_, CompletionCallback()));
scoped_ptr<QuicHttpStream> stream = request.ReleaseStream();
EXPECT_TRUE(stream);
EXPECT_EQ(ERR_IO_PENDING, stream->InitializeStream(
@@ -1112,8 +1113,8 @@
QuicStreamRequest request(&factory_);
EXPECT_EQ(ERR_IO_PENDING,
request.Request(host_port_pair_, is_https_, privacy_mode_,
- host_port_pair_.host(), "GET", net_log_,
- callback_.callback()));
+ /*cert_verify_flags=*/0, host_port_pair_.host(),
+ "GET", net_log_, callback_.callback()));
EXPECT_EQ(ERR_NAME_NOT_RESOLVED, callback_.WaitForResult());
@@ -1131,8 +1132,8 @@
QuicStreamRequest request(&factory_);
EXPECT_EQ(ERR_IO_PENDING,
request.Request(host_port_pair_, is_https_, privacy_mode_,
- host_port_pair_.host(), "GET", net_log_,
- callback_.callback()));
+ /*cert_verify_flags=*/0, host_port_pair_.host(),
+ "GET", net_log_, callback_.callback()));
EXPECT_EQ(ERR_ADDRESS_IN_USE, callback_.WaitForResult());
@@ -1150,8 +1151,8 @@
QuicStreamRequest request(&factory_);
EXPECT_EQ(ERR_IO_PENDING,
request.Request(host_port_pair_, is_https_, privacy_mode_,
- host_port_pair_.host(), "GET", net_log_,
- callback_.callback()));
+ /*cert_verify_flags=*/0, host_port_pair_.host(),
+ "GET", net_log_, callback_.callback()));
}
socket_data.StopAfter(1);
@@ -1213,8 +1214,8 @@
QuicStreamRequest request(&factory_);
EXPECT_EQ(ERR_IO_PENDING,
request.Request(host_port_pair_, is_https_, privacy_mode_,
- host_port_pair_.host(), "GET", net_log_,
- callback_.callback()));
+ /*cert_verify_flags=*/0, host_port_pair_.host(),
+ "GET", net_log_, callback_.callback()));
EXPECT_EQ(OK, callback_.WaitForResult());
scoped_ptr<QuicHttpStream> stream = request.ReleaseStream();
@@ -1234,8 +1235,8 @@
QuicStreamRequest request2(&factory_);
EXPECT_EQ(ERR_IO_PENDING,
request2.Request(host_port_pair_, is_https_, privacy_mode_,
- host_port_pair_.host(), "GET", net_log_,
- callback_.callback()));
+ /*cert_verify_flags=*/0, host_port_pair_.host(),
+ "GET", net_log_, callback_.callback()));
EXPECT_EQ(OK, callback_.WaitForResult());
stream = request2.ReleaseStream();
@@ -1270,8 +1271,8 @@
QuicStreamRequest request(&factory_);
EXPECT_EQ(ERR_IO_PENDING,
request.Request(host_port_pair_, is_https_, privacy_mode_,
- host_port_pair_.host(), "GET", net_log_,
- callback_.callback()));
+ /*cert_verify_flags=*/0, host_port_pair_.host(),
+ "GET", net_log_, callback_.callback()));
EXPECT_EQ(OK, callback_.WaitForResult());
scoped_ptr<QuicHttpStream> stream = request.ReleaseStream();
@@ -1292,8 +1293,8 @@
QuicStreamRequest request2(&factory_);
EXPECT_EQ(ERR_IO_PENDING,
request2.Request(host_port_pair_, is_https_, privacy_mode_,
- host_port_pair_.host(), "GET", net_log_,
- callback_.callback()));
+ /*cert_verify_flags=*/0, host_port_pair_.host(),
+ "GET", net_log_, callback_.callback()));
EXPECT_EQ(OK, callback_.WaitForResult());
stream = request2.ReleaseStream();
@@ -1328,8 +1329,8 @@
QuicStreamRequest request(&factory_);
EXPECT_EQ(ERR_IO_PENDING,
request.Request(host_port_pair_, is_https_, privacy_mode_,
- host_port_pair_.host(), "GET", net_log_,
- callback_.callback()));
+ /*cert_verify_flags=*/0, host_port_pair_.host(),
+ "GET", net_log_, callback_.callback()));
EXPECT_EQ(OK, callback_.WaitForResult());
scoped_ptr<QuicHttpStream> stream = request.ReleaseStream();
@@ -1350,8 +1351,8 @@
QuicStreamRequest request2(&factory_);
EXPECT_EQ(ERR_IO_PENDING,
request2.Request(host_port_pair_, is_https_, privacy_mode_,
- host_port_pair_.host(), "GET", net_log_,
- callback_.callback()));
+ /*cert_verify_flags=*/0, host_port_pair_.host(),
+ "GET", net_log_, callback_.callback()));
EXPECT_EQ(OK, callback_.WaitForResult());
stream = request2.ReleaseStream();
@@ -1386,8 +1387,8 @@
QuicStreamRequest request(&factory_);
EXPECT_EQ(ERR_IO_PENDING,
request.Request(host_port_pair_, is_https_, privacy_mode_,
- host_port_pair_.host(), "GET", net_log_,
- callback_.callback()));
+ /*cert_verify_flags=*/0, host_port_pair_.host(),
+ "GET", net_log_, callback_.callback()));
EXPECT_EQ(OK, callback_.WaitForResult());
scoped_ptr<QuicHttpStream> stream = request.ReleaseStream();
@@ -1408,8 +1409,8 @@
QuicStreamRequest request2(&factory_);
EXPECT_EQ(ERR_IO_PENDING,
request2.Request(host_port_pair_, is_https_, privacy_mode_,
- host_port_pair_.host(), "GET", net_log_,
- callback_.callback()));
+ /*cert_verify_flags=*/0, host_port_pair_.host(),
+ "GET", net_log_, callback_.callback()));
EXPECT_EQ(OK, callback_.WaitForResult());
stream = request2.ReleaseStream();
@@ -1519,8 +1520,8 @@
QuicServerId server_id(host_port_pair_, is_https_, privacy_mode_);
EXPECT_EQ(ERR_IO_PENDING,
request.Request(host_port_pair_, is_https_, privacy_mode_,
- host_port_pair_.host(), "GET", net_log_,
- callback_.callback()));
+ /*cert_verify_flags=*/0, host_port_pair_.host(),
+ "GET", net_log_, callback_.callback()));
EXPECT_EQ(2u,
QuicStreamFactoryPeer::GetNumberOfActiveJobs(&factory_, server_id));
@@ -1554,8 +1555,8 @@
QuicStreamRequest request(&factory_);
EXPECT_EQ(OK, request.Request(host_port_pair_, is_https_, privacy_mode_,
- host_port_pair_.host(), "GET", net_log_,
- callback_.callback()));
+ /*cert_verify_flags=*/0, host_port_pair_.host(),
+ "GET", net_log_, callback_.callback()));
// If we are waiting for disk cache, we would have posted a task. Verify that
// the CancelWaitForDataReady task hasn't been posted.
@@ -1611,8 +1612,8 @@
QuicStreamRequest request(&factory_);
EXPECT_EQ(OK, request.Request(host_port_pair_, is_https_, privacy_mode_,
- host_port_pair_.host(), "GET", net_log_,
- callback_.callback()));
+ /*cert_verify_flags=*/0, host_port_pair_.host(),
+ "GET", net_log_, callback_.callback()));
QuicClientSession* session = QuicStreamFactoryPeer::GetActiveSession(
&factory_, host_port_pair_, is_https_);
@@ -1648,9 +1649,9 @@
TestCompletionCallback callback2;
QuicStreamRequest request2(&factory_);
- EXPECT_EQ(OK,
- request2.Request(server2, is_https_, privacy_mode_, server2.host(),
- "GET", net_log_, callback2.callback()));
+ EXPECT_EQ(OK, request2.Request(server2, is_https_, privacy_mode_,
+ /*cert_verify_flags=*/0, server2.host(), "GET",
+ net_log_, callback2.callback()));
QuicClientSession* session2 =
QuicStreamFactoryPeer::GetActiveSession(&factory_, server2, is_https_);
@@ -1681,18 +1682,18 @@
TestCompletionCallback callback3;
QuicStreamRequest request3(&factory_);
- EXPECT_EQ(OK,
- request3.Request(server3, is_https_, privacy_mode_, server3.host(),
- "GET", net_log_, callback3.callback()));
+ EXPECT_EQ(OK, request3.Request(server3, is_https_, privacy_mode_,
+ /*cert_verify_flags=*/0, server3.host(), "GET",
+ net_log_, callback3.callback()));
QuicClientSession* session3 =
QuicStreamFactoryPeer::GetActiveSession(&factory_, server3, is_https_);
DVLOG(1) << "Create 4th session with packet loss and test IsQuicDisabled()";
TestCompletionCallback callback4;
QuicStreamRequest request4(&factory_);
- EXPECT_EQ(OK,
- request4.Request(server4, is_https_, privacy_mode_, server4.host(),
- "GET", net_log_, callback4.callback()));
+ EXPECT_EQ(OK, request4.Request(server4, is_https_, privacy_mode_,
+ /*cert_verify_flags=*/0, server4.host(), "GET",
+ net_log_, callback4.callback()));
QuicClientSession* session4 =
QuicStreamFactoryPeer::GetActiveSession(&factory_, server4, is_https_);
diff --git a/net/quic/test_tools/crypto_test_utils_chromium.cc b/net/quic/test_tools/crypto_test_utils_chromium.cc
index ba06264..a1df6b9 100644
--- a/net/quic/test_tools/crypto_test_utils_chromium.cc
+++ b/net/quic/test_tools/crypto_test_utils_chromium.cc
@@ -113,16 +113,15 @@
// static
ProofVerifier* CryptoTestUtils::ProofVerifierForTesting() {
- TestProofVerifierChromium* proof_verifier =
- new TestProofVerifierChromium(CertVerifier::CreateDefault(),
- new TransportSecurityState,
- "quic_root.crt");
+ TestProofVerifierChromium* proof_verifier = new TestProofVerifierChromium(
+ CertVerifier::CreateDefault(), new TransportSecurityState,
+ "quic_root.crt");
return proof_verifier;
}
// static
ProofVerifyContext* CryptoTestUtils::ProofVerifyContextForTesting() {
- return new ProofVerifyContextChromium(BoundNetLog());
+ return new ProofVerifyContextChromium(/*cert_verify_flags=*/0, BoundNetLog());
}
// static
diff --git a/net/quic/test_tools/mock_crypto_client_stream.cc b/net/quic/test_tools/mock_crypto_client_stream.cc
index f0f1dd0..2906939 100644
--- a/net/quic/test_tools/mock_crypto_client_stream.cc
+++ b/net/quic/test_tools/mock_crypto_client_stream.cc
@@ -20,8 +20,7 @@
QuicCryptoClientConfig* crypto_config,
HandshakeMode handshake_mode,
const ProofVerifyDetails* proof_verify_details)
- : QuicCryptoClientStream(server_id, session, verify_context,
- crypto_config),
+ : QuicCryptoClientStream(server_id, session, verify_context, crypto_config),
handshake_mode_(handshake_mode),
proof_verify_details_(proof_verify_details) {
}
