Clear the QUIC cached proof when a client receives a REJ w/o a PROF tag.

net/quic/crypto/crypto_handshake.cc

Index: net/quic/crypto/crypto_handshake.cc
diff --git a/net/quic/crypto/crypto_handshake.cc b/net/quic/crypto/crypto_handshake.cc
index d6a76f9f51195005e52a385a06cfbb636265f153..2110d183a3676dada32186addb11b41fb7888e0f 100644
--- a/net/quic/crypto/crypto_handshake.cc
+++ b/net/quic/crypto/crypto_handshake.cc
@@ -470,6 +470,12 @@ void QuicCryptoClientConfig::CachedState::SetProof(const vector<string>& certs,
   server_config_sig_ = signature.as_string();
 }
 
+void QuicCryptoClientConfig::CachedState::ClearProof() {
+  SetProofInvalid();
+  certs_.clear();
+  server_config_sig_.clear();
+}
+
 void QuicCryptoClientConfig::CachedState::SetProofValid() {
   server_config_valid_ = true;
 }
@@ -822,8 +828,9 @@ QuicErrorCode QuicCryptoClientConfig::ProcessRejection(
   }
 
   StringPiece proof, cert_bytes;
-  if (rej.GetStringPiece(kPROF, &proof) &&
-      rej.GetStringPiece(kCertificateTag, &cert_bytes)) {
+  bool has_proof = rej.GetStringPiece(kPROF, &proof);
+  bool has_cert = rej.GetStringPiece(kCertificateTag, &cert_bytes);
+  if (has_proof && has_cert) {
     vector<string> certs;
     if (!CertCompressor::DecompressChain(cert_bytes, out_params->cached_certs,
                                          common_cert_sets, &certs)) {
@@ -832,6 +839,17 @@ QuicErrorCode QuicCryptoClientConfig::ProcessRejection(
     }
 
     cached->SetProof(certs, proof);
+  } else {
+    cached->ClearProof();
+    if (has_proof && !has_cert) {
+      *error_details = "Certificate missing";
+      return QUIC_INVALID_CRYPTO_MESSAGE_PARAMETER;
+    }
+
+    if (!has_proof && has_cert) {
+      *error_details = "Proof missing";
+      return QUIC_INVALID_CRYPTO_MESSAGE_PARAMETER;
+    }
   }
 
   return QUIC_NO_ERROR;