diff options
author | Raman Tenneti <rtenneti@chromium.org> | 2015-06-24 17:16:14 -0700 |
---|---|---|
committer | Raman Tenneti <rtenneti@chromium.org> | 2015-06-25 00:20:05 +0000 |
commit | 5b3b0636c2653b4628097068aae9cb79baf78af6 (patch) | |
tree | e90248263191cd3675de9b9ef91a66c0b2ddab97 | |
parent | ef9208c93586c4158ceccdfcbd3c4cb2a2dad73e (diff) | |
download | chromium_src-5b3b0636c2653b4628097068aae9cb79baf78af6.zip chromium_src-5b3b0636c2653b4628097068aae9cb79baf78af6.tar.gz chromium_src-5b3b0636c2653b4628097068aae9cb79baf78af6.tar.bz2 |
QUIC - Fix QUIC enabled experiment spending significantly more time
verifying certs on Android.
Get computed CertVerifier::VerifyFlags from SSLConfig from
HttpStreamFactoryImpl::Job and pass them to QUIC's
CertVerifier code. With this change, when
SSLClientSocket[NSS|OpenSSL] code tries to verify the
code, certs are already cached and we don't verify certs
twice.
BUG=502509
R=rch@chromium.org
Review URL: https://codereview.chromium.org/1197823002
Cr-Commit-Position: refs/heads/master@{#335463}
(cherry picked from commit a75df625713c20eff6faf082248aad9f34cf6a6f)
Review URL: https://codereview.chromium.org/1208723002.
Cr-Commit-Position: refs/branch-heads/2403@{#397}
Cr-Branched-From: f54b8097a9c45ed4ad308133d49f05325d6c5070-refs/heads/master@{#330231}
-rw-r--r-- | net/http/http_stream_factory_impl_job.cc | 56 | ||||
-rw-r--r-- | net/quic/crypto/proof_verifier_chromium.cc | 31 | ||||
-rw-r--r-- | net/quic/crypto/proof_verifier_chromium.h | 5 | ||||
-rw-r--r-- | net/quic/quic_client_session.cc | 22 | ||||
-rw-r--r-- | net/quic/quic_client_session.h | 2 | ||||
-rw-r--r-- | net/quic/quic_client_session_test.cc | 1 | ||||
-rw-r--r-- | net/quic/quic_crypto_client_stream.cc | 11 | ||||
-rw-r--r-- | net/quic/quic_http_stream_test.cc | 3 | ||||
-rw-r--r-- | net/quic/quic_stream_factory.cc | 33 | ||||
-rw-r--r-- | net/quic/quic_stream_factory.h | 6 | ||||
-rw-r--r-- | net/quic/quic_stream_factory_test.cc | 374 | ||||
-rw-r--r-- | net/quic/test_tools/crypto_test_utils_chromium.cc | 9 | ||||
-rw-r--r-- | net/quic/test_tools/mock_crypto_client_stream.cc | 3 |
13 files changed, 231 insertions, 325 deletions
diff --git a/net/http/http_stream_factory_impl_job.cc b/net/http/http_stream_factory_impl_job.cc index b986415..87a9539 100644 --- a/net/http/http_stream_factory_impl_job.cc +++ b/net/http/http_stream_factory_impl_job.cc @@ -20,6 +20,7 @@ #include "build/build_config.h" #include "net/base/connection_type_histograms.h" #include "net/base/net_util.h" +#include "net/cert/cert_verifier.h" #include "net/http/http_basic_stream.h" #include "net/http/http_network_session.h" #include "net/http/http_proxy_client_socket.h" @@ -795,18 +796,51 @@ int HttpStreamFactoryImpl::Job::DoInitConnection() { DCHECK(session_->params().enable_quic_for_proxies); } + if (proxy_info_.is_https() || proxy_info_.is_quic()) { + InitSSLConfig(proxy_info_.proxy_server().host_port_pair(), + &proxy_ssl_config_, /*is_proxy=*/true); + // Disable revocation checking for HTTPS proxies since the revocation + // requests are probably going to need to go through the proxy too. + proxy_ssl_config_.rev_checking_enabled = false; + } + if (using_ssl_) { + InitSSLConfig(server_, &server_ssl_config_, /*is_proxy=*/false); + } + if (using_quic_) { if (proxy_info_.is_quic() && !request_info_.url.SchemeIs("http")) { NOTREACHED(); // TODO(rch): support QUIC proxies for HTTPS urls. return ERR_NOT_IMPLEMENTED; } - HostPortPair destination = proxy_info_.is_quic() - ? proxy_info_.proxy_server().host_port_pair() - : server_; - bool secure_quic = using_ssl_ || proxy_info_.is_quic(); + HostPortPair destination; + bool secure_quic; + SSLConfig* ssl_config; + if (proxy_info_.is_quic()) { + // A proxy's certificate is expected to be valid for the proxy hostname. + destination = proxy_info_.proxy_server().host_port_pair(); + secure_quic = true; + ssl_config = &proxy_ssl_config_; + } else { + // The certificate of a QUIC alternative server is expected to be valid + // for the origin of the request (in addition to being valid for the + // server itself). + destination = server_; + secure_quic = using_ssl_; + ssl_config = &server_ssl_config_; + } + // TODO(rtenneti): Move the cert_verify_flags code into SSLConfig class. + int flags = 0; + if (ssl_config->rev_checking_enabled) + flags |= CertVerifier::VERIFY_REV_CHECKING_ENABLED; + if (ssl_config->verify_ev_cert) + flags |= CertVerifier::VERIFY_EV_CERT; + if (ssl_config->cert_io_enabled) + flags |= CertVerifier::VERIFY_CERT_IO_ENABLED; + if (ssl_config->rev_checking_required_local_anchors) + flags |= CertVerifier::VERIFY_REV_CHECKING_REQUIRED_LOCAL_ANCHORS; int rv = quic_request_.Request( - destination, secure_quic, request_info_.privacy_mode, + destination, secure_quic, request_info_.privacy_mode, flags, request_info_.method, net_log_, io_callback_); if (rv == OK) { using_existing_quic_session_ = true; @@ -860,18 +894,6 @@ int HttpStreamFactoryImpl::Job::DoInitConnection() { // TODO(bnc): s/want_spdy_over_npn/expect_spdy_over_npn/ bool want_spdy_over_npn = IsAlternate(); - if (proxy_info_.is_https()) { - InitSSLConfig(proxy_info_.proxy_server().host_port_pair(), - &proxy_ssl_config_, - true /* is a proxy server */); - // Disable revocation checking for HTTPS proxies since the revocation - // requests are probably going to need to go through the proxy too. - proxy_ssl_config_.rev_checking_enabled = false; - } - if (using_ssl_) { - InitSSLConfig(server_, &server_ssl_config_, false /* not a proxy server */); - } - base::WeakPtr<HttpServerProperties> http_server_properties = session_->http_server_properties(); if (http_server_properties) { diff --git a/net/quic/crypto/proof_verifier_chromium.cc b/net/quic/crypto/proof_verifier_chromium.cc index 8fcca0a..280ca5a 100644 --- a/net/quic/crypto/proof_verifier_chromium.cc +++ b/net/quic/crypto/proof_verifier_chromium.cc @@ -47,6 +47,7 @@ class ProofVerifierChromium::Job { Job(ProofVerifierChromium* proof_verifier, CertVerifier* cert_verifier, TransportSecurityState* transport_security_state, + int cert_verify_flags, const BoundNetLog& net_log); // Starts the proof verification. If |QUIC_PENDING| is returned, then @@ -94,6 +95,10 @@ class ProofVerifierChromium::Job { // X509Certificate from a chain of DER encoded certificates. scoped_refptr<X509Certificate> cert_; + // |cert_verify_flags| is bitwise OR'd of CertVerifier::VerifyFlags and it is + // passed to CertVerifier::Verify. + int cert_verify_flags_; + State next_state_; BoundNetLog net_log_; @@ -105,10 +110,12 @@ ProofVerifierChromium::Job::Job( ProofVerifierChromium* proof_verifier, CertVerifier* cert_verifier, TransportSecurityState* transport_security_state, + int cert_verify_flags, const BoundNetLog& net_log) : proof_verifier_(proof_verifier), verifier_(cert_verifier), transport_security_state_(transport_security_state), + cert_verify_flags_(cert_verify_flags), next_state_(STATE_NONE), net_log_(net_log) { } @@ -222,13 +229,12 @@ void ProofVerifierChromium::Job::OnIOComplete(int result) { int ProofVerifierChromium::Job::DoVerifyCert(int result) { next_state_ = STATE_VERIFY_CERT_COMPLETE; - int flags = 0; - return verifier_->Verify(cert_.get(), hostname_, std::string(), flags, - SSLConfigService::GetCRLSet().get(), - &verify_details_->cert_verify_result, - base::Bind(&ProofVerifierChromium::Job::OnIOComplete, - base::Unretained(this)), - &cert_verifier_request_, net_log_); + return verifier_->Verify( + cert_.get(), hostname_, std::string(), cert_verify_flags_, + SSLConfigService::GetCRLSet().get(), &verify_details_->cert_verify_result, + base::Bind(&ProofVerifierChromium::Job::OnIOComplete, + base::Unretained(this)), + &cert_verifier_request_, net_log_); } int ProofVerifierChromium::Job::DoVerifyCertComplete(int result) { @@ -380,13 +386,12 @@ QuicAsyncStatus ProofVerifierChromium::VerifyProof( } const ProofVerifyContextChromium* chromium_context = reinterpret_cast<const ProofVerifyContextChromium*>(verify_context); - scoped_ptr<Job> job(new Job(this, - cert_verifier_, - transport_security_state_, + scoped_ptr<Job> job(new Job(this, cert_verifier_, transport_security_state_, + chromium_context->cert_verify_flags, chromium_context->net_log)); - QuicAsyncStatus status = job->VerifyProof(hostname, server_config, certs, - signature, error_details, - verify_details, callback); + QuicAsyncStatus status = + job->VerifyProof(hostname, server_config, certs, signature, error_details, + verify_details, callback); if (status == QUIC_PENDING) { active_jobs_.insert(job.release()); } diff --git a/net/quic/crypto/proof_verifier_chromium.h b/net/quic/crypto/proof_verifier_chromium.h index 8304179..7c0b069 100644 --- a/net/quic/crypto/proof_verifier_chromium.h +++ b/net/quic/crypto/proof_verifier_chromium.h @@ -44,9 +44,10 @@ class NET_EXPORT_PRIVATE ProofVerifyDetailsChromium // ProofVerifierChromium needs in order to log correctly. struct ProofVerifyContextChromium : public ProofVerifyContext { public: - explicit ProofVerifyContextChromium(const BoundNetLog& net_log) - : net_log(net_log) {} + ProofVerifyContextChromium(int cert_verify_flags, const BoundNetLog& net_log) + : cert_verify_flags(cert_verify_flags), net_log(net_log) {} + int cert_verify_flags; BoundNetLog net_log; }; diff --git a/net/quic/quic_client_session.cc b/net/quic/quic_client_session.cc index b5f1d98..9721e71 100644 --- a/net/quic/quic_client_session.cc +++ b/net/quic/quic_client_session.cc @@ -98,6 +98,7 @@ void RecordHandshakeState(HandshakeState state) { base::Value* NetLogQuicClientSessionCallback( const QuicServerId* server_id, + int cert_verify_flags, bool require_confirmation, NetLogCaptureMode /* capture_mode */) { base::DictionaryValue* dict = new base::DictionaryValue(); @@ -107,6 +108,7 @@ base::Value* NetLogQuicClientSessionCallback( dict->SetBoolean("privacy_mode", server_id->privacy_mode() == PRIVACY_MODE_ENABLED); dict->SetBoolean("require_confirmation", require_confirmation); + dict->SetInteger("cert_verify_flags", cert_verify_flags); return dict; } @@ -157,6 +159,7 @@ QuicClientSession::QuicClientSession( QuicStreamFactory* stream_factory, TransportSecurityState* transport_security_state, scoped_ptr<QuicServerInfo> server_info, + int cert_verify_flags, const QuicConfig& config, const char* const connection_description, base::TimeTicks dns_resolution_end_time, @@ -168,6 +171,7 @@ QuicClientSession::QuicClientSession( socket_(socket.Pass()), transport_security_state_(transport_security_state), server_info_(server_info.Pass()), + cert_verify_flags_(cert_verify_flags), num_total_streams_(0), task_runner_(task_runner), net_log_(BoundNetLog::Make(net_log, NetLog::SOURCE_QUIC_SESSION)), @@ -191,18 +195,18 @@ void QuicClientSession::InitializeSession( QuicCryptoClientStreamFactory* crypto_client_stream_factory) { server_id_ = server_id; crypto_stream_.reset( - crypto_client_stream_factory ? - crypto_client_stream_factory->CreateQuicCryptoClientStream( - server_id, this, crypto_config) : - new QuicCryptoClientStream(server_id, this, - new ProofVerifyContextChromium(net_log_), - crypto_config)); + crypto_client_stream_factory + ? crypto_client_stream_factory->CreateQuicCryptoClientStream( + server_id, this, crypto_config) + : new QuicCryptoClientStream( + server_id, this, + new ProofVerifyContextChromium(cert_verify_flags_, net_log_), + crypto_config)); QuicClientSessionBase::InitializeSession(); // TODO(rch): pass in full host port proxy pair net_log_.BeginEvent(NetLog::TYPE_QUIC_SESSION, - base::Bind(NetLogQuicClientSessionCallback, - &server_id, - require_confirmation_)); + base::Bind(NetLogQuicClientSessionCallback, &server_id, + cert_verify_flags_, require_confirmation_)); } QuicClientSession::~QuicClientSession() { diff --git a/net/quic/quic_client_session.h b/net/quic/quic_client_session.h index 6b7dab68..db13de9 100644 --- a/net/quic/quic_client_session.h +++ b/net/quic/quic_client_session.h @@ -97,6 +97,7 @@ class NET_EXPORT_PRIVATE QuicClientSession : public QuicClientSessionBase, QuicStreamFactory* stream_factory, TransportSecurityState* transport_security_state, scoped_ptr<QuicServerInfo> server_info, + int cert_verify_flags, const QuicConfig& config, const char* const connection_description, base::TimeTicks dns_resolution_end_time, @@ -249,6 +250,7 @@ class NET_EXPORT_PRIVATE QuicClientSession : public QuicClientSessionBase, TransportSecurityState* transport_security_state_; scoped_ptr<QuicServerInfo> server_info_; scoped_ptr<CertVerifyResult> cert_verify_result_; + int cert_verify_flags_; std::string pinning_failure_log_; ObserverSet observers_; StreamRequestQueue stream_requests_; diff --git a/net/quic/quic_client_session_test.cc b/net/quic/quic_client_session_test.cc index b6457ec..1d9f021 100644 --- a/net/quic/quic_client_session_test.cc +++ b/net/quic/quic_client_session_test.cc @@ -48,6 +48,7 @@ class QuicClientSessionTest : public ::testing::TestWithParam<QuicVersion> { nullptr, &transport_security_state_, make_scoped_ptr((QuicServerInfo*)nullptr), + /*cert_verify_flags=*/0, DefaultQuicConfig(), "CONNECTION_UNKNOWN", base::TimeTicks::Now(), diff --git a/net/quic/quic_crypto_client_stream.cc b/net/quic/quic_crypto_client_stream.cc index f1f0909..0895700 100644 --- a/net/quic/quic_crypto_client_stream.cc +++ b/net/quic/quic_crypto_client_stream.cc @@ -409,14 +409,9 @@ QuicAsyncStatus QuicCryptoClientStream::DoVerifyProof( verify_ok_ = false; QuicAsyncStatus status = verifier->VerifyProof( - server_id_.host(), - cached->server_config(), - cached->certs(), - cached->signature(), - verify_context_.get(), - &verify_error_details_, - &verify_details_, - proof_verify_callback); + server_id_.host(), cached->server_config(), cached->certs(), + cached->signature(), verify_context_.get(), &verify_error_details_, + &verify_details_, proof_verify_callback); switch (status) { case QUIC_PENDING: diff --git a/net/quic/quic_http_stream_test.cc b/net/quic/quic_http_stream_test.cc index 3e24ccb..fb4d6ae 100644 --- a/net/quic/quic_http_stream_test.cc +++ b/net/quic/quic_http_stream_test.cc @@ -208,7 +208,8 @@ class QuicHttpStreamTest : public ::testing::TestWithParam<QuicVersion> { session_.reset(new QuicClientSession( connection_, scoped_ptr<DatagramClientSocket>(socket), nullptr, &transport_security_state_, make_scoped_ptr((QuicServerInfo*)nullptr), - DefaultQuicConfig(), "CONNECTION_UNKNOWN", base::TimeTicks::Now(), + /*cert_verify_flags=*/0, DefaultQuicConfig(), "CONNECTION_UNKNOWN", + base::TimeTicks::Now(), base::MessageLoop::current()->message_loop_proxy().get(), nullptr)); session_->InitializeSession( QuicServerId(kDefaultServerHostName, kDefaultServerPort, diff --git a/net/quic/quic_stream_factory.cc b/net/quic/quic_stream_factory.cc index 7c24ecd..76ab656 100644 --- a/net/quic/quic_stream_factory.cc +++ b/net/quic/quic_stream_factory.cc @@ -141,6 +141,7 @@ class QuicStreamFactory::Job { bool is_https, bool was_alternate_protocol_recently_broken, PrivacyMode privacy_mode, + int cert_verify_flags, bool is_post, QuicServerInfo* server_info, const BoundNetLog& net_log); @@ -193,6 +194,7 @@ class QuicStreamFactory::Job { QuicStreamFactory* factory_; SingleRequestHostResolver host_resolver_; QuicServerId server_id_; + int cert_verify_flags_; bool is_post_; bool was_alternate_protocol_recently_broken_; scoped_ptr<QuicServerInfo> server_info_; @@ -213,6 +215,7 @@ QuicStreamFactory::Job::Job(QuicStreamFactory* factory, bool is_https, bool was_alternate_protocol_recently_broken, PrivacyMode privacy_mode, + int cert_verify_flags, bool is_post, QuicServerInfo* server_info, const BoundNetLog& net_log) @@ -220,6 +223,7 @@ QuicStreamFactory::Job::Job(QuicStreamFactory* factory, factory_(factory), host_resolver_(host_resolver), server_id_(host_port_pair, is_https, privacy_mode), + cert_verify_flags_(cert_verify_flags), is_post_(is_post), was_alternate_protocol_recently_broken_( was_alternate_protocol_recently_broken), @@ -238,6 +242,7 @@ QuicStreamFactory::Job::Job(QuicStreamFactory* factory, factory_(factory), host_resolver_(host_resolver), // unused server_id_(server_id), + cert_verify_flags_(0), // unused is_post_(false), // unused was_alternate_protocol_recently_broken_(false), // unused started_another_job_(false), // unused @@ -390,7 +395,8 @@ int QuicStreamFactory::Job::DoLoadServerInfo() { // If we are waiting to load server config from the disk cache, then start // another job. started_another_job_ = true; - factory_->CreateAuxilaryJob(server_id_, is_post_, net_log_); + factory_->CreateAuxilaryJob(server_id_, cert_verify_flags_, is_post_, + net_log_); } return rv; } @@ -419,9 +425,9 @@ int QuicStreamFactory::Job::DoLoadServerInfoComplete(int rv) { int QuicStreamFactory::Job::DoConnect() { io_state_ = STATE_CONNECT_COMPLETE; - int rv = - factory_->CreateSession(server_id_, server_info_.Pass(), address_list_, - dns_resolution_end_time_, net_log_, &session_); + int rv = factory_->CreateSession( + server_id_, cert_verify_flags_, server_info_.Pass(), address_list_, + dns_resolution_end_time_, net_log_, &session_); if (rv != OK) { DCHECK(rv != ERR_IO_PENDING); DCHECK(!session_); @@ -485,14 +491,15 @@ QuicStreamRequest::~QuicStreamRequest() { int QuicStreamRequest::Request(const HostPortPair& host_port_pair, bool is_https, PrivacyMode privacy_mode, + int cert_verify_flags, base::StringPiece method, const BoundNetLog& net_log, const CompletionCallback& callback) { DCHECK(!stream_); DCHECK(callback_.is_null()); DCHECK(factory_); - int rv = factory_->Create(host_port_pair, is_https, privacy_mode, method, - net_log, this); + int rv = factory_->Create(host_port_pair, is_https, privacy_mode, + cert_verify_flags, method, net_log, this); if (rv == ERR_IO_PENDING) { host_port_pair_ = host_port_pair; net_log_ = net_log; @@ -615,6 +622,7 @@ void QuicStreamFactory::set_require_confirmation(bool require_confirmation) { int QuicStreamFactory::Create(const HostPortPair& host_port_pair, bool is_https, PrivacyMode privacy_mode, + int cert_verify_flags, base::StringPiece method, const BoundNetLog& net_log, QuicStreamRequest* request) { @@ -657,8 +665,8 @@ int QuicStreamFactory::Create(const HostPortPair& host_port_pair, scoped_ptr<Job> job(new Job(this, host_resolver_, host_port_pair, is_https, WasQuicRecentlyBroken(server_id), privacy_mode, - method == "POST" /* is_post */, quic_server_info, - net_log)); + cert_verify_flags, method == "POST" /* is_post */, + quic_server_info, net_log)); int rv = job->Run(base::Bind(&QuicStreamFactory::OnJobComplete, base::Unretained(this), job.get())); if (rv == ERR_IO_PENDING) { @@ -675,11 +683,13 @@ int QuicStreamFactory::Create(const HostPortPair& host_port_pair, } void QuicStreamFactory::CreateAuxilaryJob(const QuicServerId server_id, + int cert_verify_flags, bool is_post, const BoundNetLog& net_log) { Job* aux_job = new Job(this, host_resolver_, server_id.host_port_pair(), server_id.is_https(), WasQuicRecentlyBroken(server_id), - server_id.privacy_mode(), is_post, nullptr, net_log); + server_id.privacy_mode(), cert_verify_flags, is_post, + nullptr, net_log); active_jobs_[server_id].insert(aux_job); task_runner_->PostTask(FROM_HERE, base::Bind(&QuicStreamFactory::Job::RunAuxilaryJob, @@ -954,6 +964,7 @@ bool QuicStreamFactory::HasActiveJob(const QuicServerId& key) const { } int QuicStreamFactory::CreateSession(const QuicServerId& server_id, + int cert_verify_flags, scoped_ptr<QuicServerInfo> server_info, const AddressList& address_list, base::TimeTicks dns_resolution_end_time, @@ -1063,8 +1074,8 @@ int QuicStreamFactory::CreateSession(const QuicServerId& server_id, *session = new QuicClientSession( connection, socket.Pass(), this, transport_security_state_, - server_info.Pass(), config, network_connection_.GetDescription(), - dns_resolution_end_time, + server_info.Pass(), cert_verify_flags, config, + network_connection_.GetDescription(), dns_resolution_end_time, base::MessageLoop::current()->message_loop_proxy().get(), net_log.net_log()); diff --git a/net/quic/quic_stream_factory.h b/net/quic/quic_stream_factory.h index f3f7a71..f7400a3 100644 --- a/net/quic/quic_stream_factory.h +++ b/net/quic/quic_stream_factory.h @@ -55,9 +55,12 @@ class NET_EXPORT_PRIVATE QuicStreamRequest { ~QuicStreamRequest(); // For http, |is_https| is false. + // |cert_verify_flags| is bitwise OR'd of CertVerifier::VerifyFlags and it is + // passed to CertVerifier::Verify. int Request(const HostPortPair& host_port_pair, bool is_https, PrivacyMode privacy_mode, + int cert_verify_flags, base::StringPiece method, const BoundNetLog& net_log, const CompletionCallback& callback); @@ -122,6 +125,7 @@ class NET_EXPORT_PRIVATE QuicStreamFactory int Create(const HostPortPair& host_port_pair, bool is_https, PrivacyMode privacy_mode, + int cert_verify_flags, base::StringPiece method, const BoundNetLog& net_log, QuicStreamRequest* request); @@ -231,6 +235,7 @@ class NET_EXPORT_PRIVATE QuicStreamFactory // Creates a job which doesn't wait for server config to be loaded from the // disk cache. This job is started via a PostTask. void CreateAuxilaryJob(const QuicServerId server_id, + int cert_verify_flags, bool is_post, const BoundNetLog& net_log); @@ -245,6 +250,7 @@ class NET_EXPORT_PRIVATE QuicStreamFactory bool HasActiveSession(const QuicServerId& server_id) const; bool HasActiveJob(const QuicServerId& server_id) const; int CreateSession(const QuicServerId& server_id, + int cert_verify_flags, scoped_ptr<QuicServerInfo> quic_server_info, const AddressList& address_list, base::TimeTicks dns_resolution_end_time, diff --git a/net/quic/quic_stream_factory_test.cc b/net/quic/quic_stream_factory_test.cc index fc07174..456a8da 100644 --- a/net/quic/quic_stream_factory_test.cc +++ b/net/quic/quic_stream_factory_test.cc @@ -265,11 +265,8 @@ class QuicStreamFactoryTest : public ::testing::TestWithParam<TestParams> { QuicStreamRequest request(&factory_); EXPECT_EQ(ERR_IO_PENDING, - request.Request(destination, - is_https_, - privacy_mode_, - "GET", - net_log_, + request.Request(destination, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, callback_.callback())); EXPECT_EQ(OK, callback_.WaitForResult()); @@ -345,11 +342,8 @@ TEST_P(QuicStreamFactoryTest, Create) { QuicStreamRequest request(&factory_); EXPECT_EQ(ERR_IO_PENDING, - request.Request(host_port_pair_, - is_https_, - privacy_mode_, - "GET", - net_log_, + request.Request(host_port_pair_, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, callback_.callback())); EXPECT_EQ(OK, callback_.WaitForResult()); @@ -363,13 +357,9 @@ TEST_P(QuicStreamFactoryTest, Create) { // TODO(rtenneti): We should probably have a tests that HTTP and HTTPS result // in streams on different sessions. QuicStreamRequest request2(&factory_); - EXPECT_EQ(OK, - request2.Request(host_port_pair_, - is_https_, - privacy_mode_, - "GET", - net_log_, - callback_.callback())); + EXPECT_EQ(OK, request2.Request(host_port_pair_, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, + callback_.callback())); stream = request2.ReleaseStream(); // Will reset stream 5. stream.reset(); // Will reset stream 7. @@ -392,13 +382,9 @@ TEST_P(QuicStreamFactoryTest, CreateZeroRtt) { "192.168.0.1", ""); QuicStreamRequest request(&factory_); - EXPECT_EQ(OK, - request.Request(host_port_pair_, - is_https_, - privacy_mode_, - "GET", - net_log_, - callback_.callback())); + EXPECT_EQ(OK, request.Request(host_port_pair_, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, + callback_.callback())); scoped_ptr<QuicHttpStream> stream = request.ReleaseStream(); EXPECT_TRUE(stream.get()); @@ -423,11 +409,8 @@ TEST_P(QuicStreamFactoryTest, CreateZeroRttPost) { QuicStreamRequest request(&factory_); // Posts require handshake confirmation, so this will return asynchronously. EXPECT_EQ(ERR_IO_PENDING, - request.Request(host_port_pair_, - is_https_, - privacy_mode_, - "POST", - net_log_, + request.Request(host_port_pair_, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "POST", net_log_, callback_.callback())); // Confirm the handshake and verify that the stream is created. @@ -454,11 +437,8 @@ TEST_P(QuicStreamFactoryTest, CreateHttpVsHttps) { QuicStreamRequest request(&factory_); EXPECT_EQ(ERR_IO_PENDING, - request.Request(host_port_pair_, - is_https_, - privacy_mode_, - "GET", - net_log_, + request.Request(host_port_pair_, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, callback_.callback())); EXPECT_EQ(OK, callback_.WaitForResult()); @@ -467,11 +447,8 @@ TEST_P(QuicStreamFactoryTest, CreateHttpVsHttps) { QuicStreamRequest request2(&factory_); EXPECT_EQ(ERR_IO_PENDING, - request2.Request(host_port_pair_, - !is_https_, - privacy_mode_, - "GET", - net_log_, + request2.Request(host_port_pair_, !is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, callback_.callback())); EXPECT_EQ(OK, callback_.WaitForResult()); stream = request2.ReleaseStream(); @@ -505,25 +482,17 @@ TEST_P(QuicStreamFactoryTest, Pooling) { "mail.google.com", "192.168.0.1", ""); QuicStreamRequest request(&factory_); - EXPECT_EQ(OK, - request.Request(host_port_pair_, - is_https_, - privacy_mode_, - "GET", - net_log_, - callback_.callback())); + EXPECT_EQ(OK, request.Request(host_port_pair_, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, + callback_.callback())); scoped_ptr<QuicHttpStream> stream = request.ReleaseStream(); EXPECT_TRUE(stream.get()); TestCompletionCallback callback; QuicStreamRequest request2(&factory_); - EXPECT_EQ(OK, - request2.Request(server2, - is_https_, - privacy_mode_, - "GET", - net_log_, - callback.callback())); + EXPECT_EQ(OK, request2.Request(server2, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, + callback.callback())); scoped_ptr<QuicHttpStream> stream2 = request2.ReleaseStream(); EXPECT_TRUE(stream2.get()); @@ -558,25 +527,17 @@ TEST_P(QuicStreamFactoryTest, NoPoolingIfDisabled) { QuicStreamFactoryPeer::DisableConnectionPooling(&factory_); QuicStreamRequest request(&factory_); - EXPECT_EQ(OK, - request.Request(host_port_pair_, - is_https_, - privacy_mode_, - "GET", - net_log_, - callback_.callback())); + EXPECT_EQ(OK, request.Request(host_port_pair_, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, + callback_.callback())); scoped_ptr<QuicHttpStream> stream = request.ReleaseStream(); EXPECT_TRUE(stream.get()); TestCompletionCallback callback; QuicStreamRequest request2(&factory_); - EXPECT_EQ(OK, - request2.Request(server2, - is_https_, - privacy_mode_, - "GET", - net_log_, - callback.callback())); + EXPECT_EQ(OK, request2.Request(server2, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, + callback.callback())); scoped_ptr<QuicHttpStream> stream2 = request2.ReleaseStream(); EXPECT_TRUE(stream2.get()); @@ -610,25 +571,17 @@ TEST_P(QuicStreamFactoryTest, NoPoolingAfterGoAway) { "mail.google.com", "192.168.0.1", ""); QuicStreamRequest request(&factory_); - EXPECT_EQ(OK, - request.Request(host_port_pair_, - is_https_, - privacy_mode_, - "GET", - net_log_, - callback_.callback())); + EXPECT_EQ(OK, request.Request(host_port_pair_, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, + callback_.callback())); scoped_ptr<QuicHttpStream> stream = request.ReleaseStream(); EXPECT_TRUE(stream.get()); TestCompletionCallback callback; QuicStreamRequest request2(&factory_); - EXPECT_EQ(OK, - request2.Request(server2, - is_https_, - privacy_mode_, - "GET", - net_log_, - callback.callback())); + EXPECT_EQ(OK, request2.Request(server2, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, + callback.callback())); scoped_ptr<QuicHttpStream> stream2 = request2.ReleaseStream(); EXPECT_TRUE(stream2.get()); @@ -641,13 +594,9 @@ TEST_P(QuicStreamFactoryTest, NoPoolingAfterGoAway) { TestCompletionCallback callback3; QuicStreamRequest request3(&factory_); - EXPECT_EQ(OK, - request3.Request(server2, - is_https_, - privacy_mode_, - "GET", - net_log_, - callback3.callback())); + EXPECT_EQ(OK, request3.Request(server2, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, + callback3.callback())); scoped_ptr<QuicHttpStream> stream3 = request3.ReleaseStream(); EXPECT_TRUE(stream3.get()); @@ -690,25 +639,17 @@ TEST_P(QuicStreamFactoryTest, HttpsPooling) { QuicStreamRequest request(&factory_); is_https_ = true; - EXPECT_EQ(OK, - request.Request(server1, - is_https_, - privacy_mode_, - "GET", - net_log_, - callback_.callback())); + EXPECT_EQ(OK, request.Request(server1, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, + callback_.callback())); scoped_ptr<QuicHttpStream> stream = request.ReleaseStream(); EXPECT_TRUE(stream.get()); TestCompletionCallback callback; QuicStreamRequest request2(&factory_); - EXPECT_EQ(OK, - request2.Request(server2, - is_https_, - privacy_mode_, - "GET", - net_log_, - callback_.callback())); + EXPECT_EQ(OK, request2.Request(server2, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, + callback_.callback())); scoped_ptr<QuicHttpStream> stream2 = request2.ReleaseStream(); EXPECT_TRUE(stream2.get()); @@ -757,25 +698,17 @@ TEST_P(QuicStreamFactoryTest, NoHttpsPoolingIfDisabled) { QuicStreamRequest request(&factory_); is_https_ = true; - EXPECT_EQ(OK, - request.Request(server1, - is_https_, - privacy_mode_, - "GET", - net_log_, - callback_.callback())); + EXPECT_EQ(OK, request.Request(server1, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, + callback_.callback())); scoped_ptr<QuicHttpStream> stream = request.ReleaseStream(); EXPECT_TRUE(stream.get()); TestCompletionCallback callback; QuicStreamRequest request2(&factory_); - EXPECT_EQ(OK, - request2.Request(server2, - is_https_, - privacy_mode_, - "GET", - net_log_, - callback_.callback())); + EXPECT_EQ(OK, request2.Request(server2, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, + callback_.callback())); scoped_ptr<QuicHttpStream> stream2 = request2.ReleaseStream(); EXPECT_TRUE(stream2.get()); @@ -823,25 +756,17 @@ TEST_P(QuicStreamFactoryTest, NoHttpsPoolingWithCertMismatch) { QuicStreamRequest request(&factory_); is_https_ = true; - EXPECT_EQ(OK, - request.Request(server1, - is_https_, - privacy_mode_, - "GET", - net_log_, - callback_.callback())); + EXPECT_EQ(OK, request.Request(server1, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, + callback_.callback())); scoped_ptr<QuicHttpStream> stream = request.ReleaseStream(); EXPECT_TRUE(stream.get()); TestCompletionCallback callback; QuicStreamRequest request2(&factory_); - EXPECT_EQ(OK, - request2.Request(server2, - is_https_, - privacy_mode_, - "GET", - net_log_, - callback_.callback())); + EXPECT_EQ(OK, request2.Request(server2, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, + callback_.callback())); scoped_ptr<QuicHttpStream> stream2 = request2.ReleaseStream(); EXPECT_TRUE(stream2.get()); @@ -891,25 +816,17 @@ TEST_P(QuicStreamFactoryTest, HttpsPoolingWithMatchingPins) { QuicStreamRequest request(&factory_); is_https_ = true; - EXPECT_EQ(OK, - request.Request(server1, - is_https_, - privacy_mode_, - "GET", - net_log_, - callback_.callback())); + EXPECT_EQ(OK, request.Request(server1, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, + callback_.callback())); scoped_ptr<QuicHttpStream> stream = request.ReleaseStream(); EXPECT_TRUE(stream.get()); TestCompletionCallback callback; QuicStreamRequest request2(&factory_); - EXPECT_EQ(OK, - request2.Request(server2, - is_https_, - privacy_mode_, - "GET", - net_log_, - callback_.callback())); + EXPECT_EQ(OK, request2.Request(server2, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, + callback_.callback())); scoped_ptr<QuicHttpStream> stream2 = request2.ReleaseStream(); EXPECT_TRUE(stream2.get()); @@ -963,25 +880,17 @@ TEST_P(QuicStreamFactoryTest, NoHttpsPoolingWithMatchingPinsIfDisabled) { QuicStreamRequest request(&factory_); is_https_ = true; - EXPECT_EQ(OK, - request.Request(server1, - is_https_, - privacy_mode_, - "GET", - net_log_, - callback_.callback())); + EXPECT_EQ(OK, request.Request(server1, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, + callback_.callback())); scoped_ptr<QuicHttpStream> stream = request.ReleaseStream(); EXPECT_TRUE(stream.get()); TestCompletionCallback callback; QuicStreamRequest request2(&factory_); - EXPECT_EQ(OK, - request2.Request(server2, - is_https_, - privacy_mode_, - "GET", - net_log_, - callback_.callback())); + EXPECT_EQ(OK, request2.Request(server2, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, + callback_.callback())); scoped_ptr<QuicHttpStream> stream2 = request2.ReleaseStream(); EXPECT_TRUE(stream2.get()); @@ -1043,25 +952,17 @@ TEST_P(QuicStreamFactoryTest, NoHttpsPoolingWithDifferentPins) { QuicStreamRequest request(&factory_); is_https_ = true; - EXPECT_EQ(OK, - request.Request(server1, - is_https_, - privacy_mode_, - "GET", - net_log_, - callback_.callback())); + EXPECT_EQ(OK, request.Request(server1, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, + callback_.callback())); scoped_ptr<QuicHttpStream> stream = request.ReleaseStream(); EXPECT_TRUE(stream.get()); TestCompletionCallback callback; QuicStreamRequest request2(&factory_); - EXPECT_EQ(OK, - request2.Request(server2, - is_https_, - privacy_mode_, - "GET", - net_log_, - callback_.callback())); + EXPECT_EQ(OK, request2.Request(server2, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, + callback_.callback())); scoped_ptr<QuicHttpStream> stream2 = request2.ReleaseStream(); EXPECT_TRUE(stream2.get()); @@ -1089,11 +990,8 @@ TEST_P(QuicStreamFactoryTest, Goaway) { QuicStreamRequest request(&factory_); EXPECT_EQ(ERR_IO_PENDING, - request.Request(host_port_pair_, - is_https_, - privacy_mode_, - "GET", - net_log_, + request.Request(host_port_pair_, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, callback_.callback())); EXPECT_EQ(OK, callback_.WaitForResult()); @@ -1114,11 +1012,8 @@ TEST_P(QuicStreamFactoryTest, Goaway) { // new session is created. QuicStreamRequest request2(&factory_); EXPECT_EQ(ERR_IO_PENDING, - request2.Request(host_port_pair_, - is_https_, - privacy_mode_, - "GET", - net_log_, + request2.Request(host_port_pair_, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, callback_.callback())); EXPECT_EQ(OK, callback_.WaitForResult()); scoped_ptr<QuicHttpStream> stream2 = request2.ReleaseStream(); @@ -1162,11 +1057,8 @@ TEST_P(QuicStreamFactoryTest, MaxOpenStream) { // kDefaultMaxStreamsPerConnection / 2. for (size_t i = 0; i < kDefaultMaxStreamsPerConnection / 2; i++) { QuicStreamRequest request(&factory_); - int rv = request.Request(host_port_pair_, - is_https_, - privacy_mode_, - "GET", - net_log_, + int rv = request.Request(host_port_pair_, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, callback_.callback()); if (i == 0) { EXPECT_EQ(ERR_IO_PENDING, rv); @@ -1182,13 +1074,9 @@ TEST_P(QuicStreamFactoryTest, MaxOpenStream) { } QuicStreamRequest request(&factory_); - EXPECT_EQ(OK, - request.Request(host_port_pair_, - is_https_, - privacy_mode_, - "GET", - net_log_, - CompletionCallback())); + EXPECT_EQ(OK, request.Request(host_port_pair_, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, + CompletionCallback())); scoped_ptr<QuicHttpStream> stream = request.ReleaseStream(); EXPECT_TRUE(stream); EXPECT_EQ(ERR_IO_PENDING, stream->InitializeStream( @@ -1214,11 +1102,8 @@ TEST_P(QuicStreamFactoryTest, ResolutionErrorInCreate) { QuicStreamRequest request(&factory_); EXPECT_EQ(ERR_IO_PENDING, - request.Request(host_port_pair_, - is_https_, - privacy_mode_, - "GET", - net_log_, + request.Request(host_port_pair_, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, callback_.callback())); EXPECT_EQ(ERR_NAME_NOT_RESOLVED, callback_.WaitForResult()); @@ -1236,11 +1121,8 @@ TEST_P(QuicStreamFactoryTest, ConnectErrorInCreate) { QuicStreamRequest request(&factory_); EXPECT_EQ(ERR_IO_PENDING, - request.Request(host_port_pair_, - is_https_, - privacy_mode_, - "GET", - net_log_, + request.Request(host_port_pair_, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, callback_.callback())); EXPECT_EQ(ERR_ADDRESS_IN_USE, callback_.WaitForResult()); @@ -1258,11 +1140,8 @@ TEST_P(QuicStreamFactoryTest, CancelCreate) { { QuicStreamRequest request(&factory_); EXPECT_EQ(ERR_IO_PENDING, - request.Request(host_port_pair_, - is_https_, - privacy_mode_, - "GET", - net_log_, + request.Request(host_port_pair_, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, callback_.callback())); } @@ -1325,11 +1204,8 @@ TEST_P(QuicStreamFactoryTest, CloseAllSessions) { QuicStreamRequest request(&factory_); EXPECT_EQ(ERR_IO_PENDING, - request.Request(host_port_pair_, - is_https_, - privacy_mode_, - "GET", - net_log_, + request.Request(host_port_pair_, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, callback_.callback())); EXPECT_EQ(OK, callback_.WaitForResult()); @@ -1349,11 +1225,8 @@ TEST_P(QuicStreamFactoryTest, CloseAllSessions) { QuicStreamRequest request2(&factory_); EXPECT_EQ(ERR_IO_PENDING, - request2.Request(host_port_pair_, - is_https_, - privacy_mode_, - "GET", - net_log_, + request2.Request(host_port_pair_, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, callback_.callback())); EXPECT_EQ(OK, callback_.WaitForResult()); @@ -1388,11 +1261,8 @@ TEST_P(QuicStreamFactoryTest, OnIPAddressChanged) { QuicStreamRequest request(&factory_); EXPECT_EQ(ERR_IO_PENDING, - request.Request(host_port_pair_, - is_https_, - privacy_mode_, - "GET", - net_log_, + request.Request(host_port_pair_, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, callback_.callback())); EXPECT_EQ(OK, callback_.WaitForResult()); @@ -1413,11 +1283,8 @@ TEST_P(QuicStreamFactoryTest, OnIPAddressChanged) { QuicStreamRequest request2(&factory_); EXPECT_EQ(ERR_IO_PENDING, - request2.Request(host_port_pair_, - is_https_, - privacy_mode_, - "GET", - net_log_, + request2.Request(host_port_pair_, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, callback_.callback())); EXPECT_EQ(OK, callback_.WaitForResult()); @@ -1452,11 +1319,8 @@ TEST_P(QuicStreamFactoryTest, OnCertAdded) { QuicStreamRequest request(&factory_); EXPECT_EQ(ERR_IO_PENDING, - request.Request(host_port_pair_, - is_https_, - privacy_mode_, - "GET", - net_log_, + request.Request(host_port_pair_, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, callback_.callback())); EXPECT_EQ(OK, callback_.WaitForResult()); @@ -1477,11 +1341,8 @@ TEST_P(QuicStreamFactoryTest, OnCertAdded) { QuicStreamRequest request2(&factory_); EXPECT_EQ(ERR_IO_PENDING, - request2.Request(host_port_pair_, - is_https_, - privacy_mode_, - "GET", - net_log_, + request2.Request(host_port_pair_, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, callback_.callback())); EXPECT_EQ(OK, callback_.WaitForResult()); @@ -1516,11 +1377,8 @@ TEST_P(QuicStreamFactoryTest, OnCACertChanged) { QuicStreamRequest request(&factory_); EXPECT_EQ(ERR_IO_PENDING, - request.Request(host_port_pair_, - is_https_, - privacy_mode_, - "GET", - net_log_, + request.Request(host_port_pair_, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, callback_.callback())); EXPECT_EQ(OK, callback_.WaitForResult()); @@ -1541,11 +1399,8 @@ TEST_P(QuicStreamFactoryTest, OnCACertChanged) { QuicStreamRequest request2(&factory_); EXPECT_EQ(ERR_IO_PENDING, - request2.Request(host_port_pair_, - is_https_, - privacy_mode_, - "GET", - net_log_, + request2.Request(host_port_pair_, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, callback_.callback())); EXPECT_EQ(OK, callback_.WaitForResult()); @@ -1655,8 +1510,9 @@ TEST_P(QuicStreamFactoryTest, RacingConnections) { QuicStreamRequest request(&factory_); QuicServerId server_id(host_port_pair_, is_https_, privacy_mode_); EXPECT_EQ(ERR_IO_PENDING, - request.Request(host_port_pair_, is_https_, privacy_mode_, "GET", - net_log_, callback_.callback())); + request.Request(host_port_pair_, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, + callback_.callback())); EXPECT_EQ(2u, QuicStreamFactoryPeer::GetNumberOfActiveJobs(&factory_, server_id)); @@ -1690,7 +1546,8 @@ TEST_P(QuicStreamFactoryTest, EnableNotLoadFromDiskCache) { QuicStreamRequest request(&factory_); EXPECT_EQ(OK, request.Request(host_port_pair_, is_https_, privacy_mode_, - "GET", net_log_, callback_.callback())); + /*cert_verify_flags=*/0, "GET", net_log_, + callback_.callback())); // If we are waiting for disk cache, we would have posted a task. Verify that // the CancelWaitForDataReady task hasn't been posted. @@ -1740,7 +1597,8 @@ TEST_P(QuicStreamFactoryTest, BadPacketLoss) { QuicStreamRequest request(&factory_); EXPECT_EQ(OK, request.Request(host_port_pair_, is_https_, privacy_mode_, - "GET", net_log_, callback_.callback())); + /*cert_verify_flags=*/0, "GET", net_log_, + callback_.callback())); QuicClientSession* session = QuicStreamFactoryPeer::GetActiveSession( &factory_, host_port_pair_, is_https_); @@ -1776,8 +1634,9 @@ TEST_P(QuicStreamFactoryTest, BadPacketLoss) { TestCompletionCallback callback2; QuicStreamRequest request2(&factory_); - EXPECT_EQ(OK, request2.Request(server2, is_https_, privacy_mode_, "GET", - net_log_, callback2.callback())); + EXPECT_EQ(OK, request2.Request(server2, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, + callback2.callback())); QuicClientSession* session2 = QuicStreamFactoryPeer::GetActiveSession(&factory_, server2, is_https_); @@ -1809,8 +1668,9 @@ TEST_P(QuicStreamFactoryTest, BadPacketLoss) { TestCompletionCallback callback3; QuicStreamRequest request3(&factory_); - EXPECT_EQ(OK, request3.Request(server3, is_https_, privacy_mode_, "GET", - net_log_, callback3.callback())); + EXPECT_EQ(OK, request3.Request(server3, is_https_, privacy_mode_, + /*cert_verify_flags=*/0, "GET", net_log_, + callback3.callback())); QuicClientSession* session3 = QuicStreamFactoryPeer::GetActiveSession(&factory_, server3, is_https_); diff --git a/net/quic/test_tools/crypto_test_utils_chromium.cc b/net/quic/test_tools/crypto_test_utils_chromium.cc index ba06264..a1df6b9 100644 --- a/net/quic/test_tools/crypto_test_utils_chromium.cc +++ b/net/quic/test_tools/crypto_test_utils_chromium.cc @@ -113,16 +113,15 @@ ProofSource* CryptoTestUtils::ProofSourceForTesting() { // static ProofVerifier* CryptoTestUtils::ProofVerifierForTesting() { - TestProofVerifierChromium* proof_verifier = - new TestProofVerifierChromium(CertVerifier::CreateDefault(), - new TransportSecurityState, - "quic_root.crt"); + TestProofVerifierChromium* proof_verifier = new TestProofVerifierChromium( + CertVerifier::CreateDefault(), new TransportSecurityState, + "quic_root.crt"); return proof_verifier; } // static ProofVerifyContext* CryptoTestUtils::ProofVerifyContextForTesting() { - return new ProofVerifyContextChromium(BoundNetLog()); + return new ProofVerifyContextChromium(/*cert_verify_flags=*/0, BoundNetLog()); } // static diff --git a/net/quic/test_tools/mock_crypto_client_stream.cc b/net/quic/test_tools/mock_crypto_client_stream.cc index 335a2bd..0018e91 100644 --- a/net/quic/test_tools/mock_crypto_client_stream.cc +++ b/net/quic/test_tools/mock_crypto_client_stream.cc @@ -20,8 +20,7 @@ MockCryptoClientStream::MockCryptoClientStream( QuicCryptoClientConfig* crypto_config, HandshakeMode handshake_mode, const ProofVerifyDetails* proof_verify_details) - : QuicCryptoClientStream(server_id, session, verify_context, - crypto_config), + : QuicCryptoClientStream(server_id, session, verify_context, crypto_config), handshake_mode_(handshake_mode), proof_verify_details_(proof_verify_details) { } |