| Index: net/tools/quic/quic_client_bin.cc
|
| diff --git a/net/tools/quic/quic_client_bin.cc b/net/tools/quic/quic_client_bin.cc
|
| index 14ccc66465280ea3d5732b3eac720a56fa590230..894c34336096bf1ef1947bdf395bce8af806343a 100644
|
| --- a/net/tools/quic/quic_client_bin.cc
|
| +++ b/net/tools/quic/quic_client_bin.cc
|
| @@ -71,6 +71,7 @@ using net::CertVerifier;
|
| using net::CTPolicyEnforcer;
|
| using net::CTVerifier;
|
| using net::MultiLogCTVerifier;
|
| +using net::ProofVerifier;
|
| using net::ProofVerifierChromium;
|
| using net::SpdyHeaderBlock;
|
| using net::TransportSecurityState;
|
| @@ -105,19 +106,33 @@ bool FLAGS_redirect_is_success = true;
|
| // Initial MTU of the connection.
|
| int32_t FLAGS_initial_mtu = 0;
|
|
|
| -class FakeCertVerifier : public net::CertVerifier {
|
| +class FakeProofVerifier : public ProofVerifier {
|
| public:
|
| - int Verify(const RequestParams& params,
|
| - net::CRLSet* crl_set,
|
| - net::CertVerifyResult* verify_result,
|
| - const net::CompletionCallback& callback,
|
| - std::unique_ptr<Request>* out_req,
|
| - const net::NetLogWithSource& net_log) override {
|
| - return net::OK;
|
| + net::QuicAsyncStatus VerifyProof(
|
| + const string& hostname,
|
| + const uint16_t port,
|
| + const string& server_config,
|
| + net::QuicVersion quic_version,
|
| + StringPiece chlo_hash,
|
| + const vector<string>& certs,
|
| + const string& cert_sct,
|
| + const string& signature,
|
| + const net::ProofVerifyContext* context,
|
| + string* error_details,
|
| + std::unique_ptr<net::ProofVerifyDetails>* details,
|
| + std::unique_ptr<net::ProofVerifierCallback> callback) override {
|
| + return net::QUIC_SUCCESS;
|
| }
|
|
|
| - // Returns true if this CertVerifier supports stapled OCSP responses.
|
| - bool SupportsOCSPStapling() override { return false; }
|
| + net::QuicAsyncStatus VerifyCertChain(
|
| + const std::string& hostname,
|
| + const std::vector<std::string>& certs,
|
| + const net::ProofVerifyContext* verify_context,
|
| + std::string* error_details,
|
| + std::unique_ptr<net::ProofVerifyDetails>* verify_details,
|
| + std::unique_ptr<net::ProofVerifierCallback> callback) override {
|
| + return net::QUIC_SUCCESS;
|
| + }
|
| };
|
|
|
| int main(int argc, char* argv[]) {
|
| @@ -245,18 +260,19 @@ int main(int argc, char* argv[]) {
|
| }
|
| // For secure QUIC we need to verify the cert chain.
|
| std::unique_ptr<CertVerifier> cert_verifier(CertVerifier::CreateDefault());
|
| - if (line->HasSwitch("disable-certificate-verification")) {
|
| - cert_verifier.reset(new FakeCertVerifier());
|
| - }
|
| std::unique_ptr<TransportSecurityState> transport_security_state(
|
| new TransportSecurityState);
|
| transport_security_state.reset(new TransportSecurityState);
|
| std::unique_ptr<CTVerifier> ct_verifier(new MultiLogCTVerifier());
|
| std::unique_ptr<CTPolicyEnforcer> ct_policy_enforcer(new CTPolicyEnforcer());
|
| - std::unique_ptr<net::ProofVerifierChromium> proof_verifier(
|
| - new ProofVerifierChromium(cert_verifier.get(), ct_policy_enforcer.get(),
|
| - transport_security_state.get(),
|
| - ct_verifier.get()));
|
| + std::unique_ptr<ProofVerifier> proof_verifier;
|
| + if (line->HasSwitch("disable-certificate-verification")) {
|
| + proof_verifier.reset(new FakeProofVerifier());
|
| + } else {
|
| + proof_verifier.reset(new ProofVerifierChromium(
|
| + cert_verifier.get(), ct_policy_enforcer.get(),
|
| + transport_security_state.get(), ct_verifier.get()));
|
| + }
|
| net::QuicClient client(net::IPEndPoint(ip_addr, port), server_id, versions,
|
| &epoll_server, std::move(proof_verifier));
|
| client.set_initial_max_packet_length(
|
|
|
Chromium Code Reviews
Issue 2441053002:
Fix seg fault crash of quic_client with --disable-certificate-verification (Closed)
