Cleanup of OpenSSL/NSS implementation of ProofVerfifier release.

net/quic/quic_crypto_client_stream.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/quic/quic_crypto_client_stream.h"
 
 #include "net/base/completion_callback.h"
 #include "net/base/net_errors.h"
 #include "net/quic/crypto/crypto_protocol.h"
 #include "net/quic/crypto/crypto_utils.h"
@@ skipping 53 matching lines @@
 
   if (in != NULL) {
     DVLOG(1) << "Client received: " << in->DebugString();
   }
 
   for (;;) {
     const State state = next_state_;
     next_state_ = STATE_IDLE;
     switch (state) {
       case STATE_SEND_CHLO: {
-        // Send the subsequent client hello in plaintext.
+        DCHECK_EQ(OK, result);
+        // Send the client hello in plaintext.
         session()->connection()->SetDefaultEncryptionLevel(ENCRYPTION_NONE);
         if (num_client_hellos_ > kMaxClientHellos) {
           CloseConnection(QUIC_CRYPTO_TOO_MANY_REJECTS);
           return;
         }
         num_client_hellos_++;
 
         if (!cached->IsComplete(session()->connection()->clock()->WallNow())) {
           crypto_config_->FillInchoateClientHello(
               server_hostname_, cached, &crypto_negotiated_params_, &out);
@@ skipping 61 matching lines @@
           CloseConnectionWithDetails(error, error_details);
           return;
         }
         if (!cached->proof_valid()) {
           ProofVerifier* verifier = session()->proof_verifier();
           if (!verifier) {
             // If no verifier is set then we don't check the certificates.
             cached->SetProofValid();
           } else if (!cached->signature().empty()) {
             next_state_ = STATE_VERIFY_PROOF;
-            continue;
+            break;
           }
         }
         next_state_ = STATE_SEND_CHLO;
         break;
       case STATE_VERIFY_PROOF: {
         ProofVerifier* verifier = session()->proof_verifier();
         DCHECK(verifier);
-        next_state_ = STATE_VERIFY_PROOF_COMPLETED;
+        next_state_ = STATE_VERIFY_PROOF_COMPLETE;
         generation_counter_ = cached->generation_counter();
         result = verifier->VerifyProof(
             server_hostname_,
             cached->server_config(),
             cached->certs(),
             cached->signature(),
             &error_details_,
             base::Bind(&QuicCryptoClientStream::OnVerifyProofComplete,
                        weak_factory_.GetWeakPtr()));
         if (result == ERR_IO_PENDING) {
           DVLOG(1) << "Doing VerifyProof";
           return;
         }
         break;
       }
-      case STATE_VERIFY_PROOF_COMPLETED: {
+      case STATE_VERIFY_PROOF_COMPLETE:
         if (result != OK) {
             CloseConnectionWithDetails(
                 QUIC_PROOF_INVALID, "Proof invalid: " + error_details_);
             return;
         }
-        ProofVerifier* verifier = session()->proof_verifier();
-        DCHECK(verifier);
         // Check if generation_counter has changed between STATE_VERIFY_PROOF
-        // and STATE_VERIFY_PROOF_COMPLETED state changes.
+        // and STATE_VERIFY_PROOF_COMPLETE state changes.
         if (generation_counter_ != cached->generation_counter()) {
           next_state_ = STATE_VERIFY_PROOF;
-          continue;
+        } else {
+          cached->SetProofValid();
+          next_state_ = STATE_SEND_CHLO;
         }
-        cached->SetProofValid();
-        next_state_ = STATE_SEND_CHLO;
         break;
-      }
       case STATE_RECV_SHLO: {
         // We sent a CHLO that we expected to be accepted and now we're hoping
         // for a SHLO from the server to confirm that.
         if (in->tag() == kREJ) {
           // alternative_decrypter will be NULL if the original alternative
           // decrypter latched and became the primary decrypter. That happens
           // if we received a message encrypted with the INITIAL key.
           if (session()->connection()->alternative_decrypter() == NULL) {
             // The rejection was sent encrypted!
             CloseConnectionWithDetails(QUIC_CRYPTO_ENCRYPTION_LEVEL_INCORRECT,
@@ skipping 50 matching lines @@
       }
       case STATE_IDLE:
         // This means that the peer sent us a message that we weren't expecting.
         CloseConnection(QUIC_INVALID_CRYPTO_MESSAGE_TYPE);
         return;
     }
   }
 }
 
 void QuicCryptoClientStream::OnVerifyProofComplete(int result) {
-  DCHECK_EQ(STATE_VERIFY_PROOF_COMPLETED, next_state_);
+  DCHECK_EQ(STATE_VERIFY_PROOF_COMPLETE, next_state_);
   DVLOG(1) << "VerifyProof completed: " << result;
   DoHandshakeLoop(NULL, result);
 }
 
 }  // namespace net