summaryrefslogtreecommitdiffstats
path: root/net/quic
diff options
context:
space:
mode:
Diffstat (limited to 'net/quic')
-rw-r--r--net/quic/crypto/proof_test.cc20
-rw-r--r--net/quic/crypto/proof_verifier.h12
-rw-r--r--net/quic/crypto/proof_verifier_chromium.cc36
-rw-r--r--net/quic/crypto/proof_verifier_chromium.h19
-rw-r--r--net/quic/quic_client_session.cc4
-rw-r--r--net/quic/quic_crypto_client_stream.cc5
-rw-r--r--net/quic/quic_crypto_client_stream.h2
-rw-r--r--net/quic/quic_crypto_client_stream_test.cc8
-rw-r--r--net/quic/quic_crypto_server_stream_test.cc4
-rw-r--r--net/quic/quic_stream_factory.cc3
-rw-r--r--net/quic/test_tools/crypto_test_utils.cc2
-rw-r--r--net/quic/test_tools/crypto_test_utils.h5
-rw-r--r--net/quic/test_tools/crypto_test_utils_chromium.cc7
-rw-r--r--net/quic/test_tools/mock_crypto_client_stream.cc4
-rw-r--r--net/quic/test_tools/mock_crypto_client_stream.h1
-rw-r--r--net/quic/test_tools/mock_crypto_client_stream_factory.cc2
16 files changed, 92 insertions, 42 deletions
diff --git a/net/quic/crypto/proof_test.cc b/net/quic/crypto/proof_test.cc
index df68dd0..4aa7bac 100644
--- a/net/quic/crypto/proof_test.cc
+++ b/net/quic/crypto/proof_test.cc
@@ -38,6 +38,7 @@ TEST(ProofTest, Verify) {
const vector<string>* first_certs;
string error_details, signature, first_signature;
CertVerifyResult cert_verify_result;
+ ProofVerifyContext verify_context;
ASSERT_TRUE(source->GetProof(hostname, server_config, false /* no ECDSA */,
&first_certs, &first_signature));
@@ -52,7 +53,8 @@ TEST(ProofTest, Verify) {
TestCompletionCallback callback;
rv = verifier->VerifyProof(hostname, server_config, *certs, signature,
&error_details, &cert_verify_result,
- callback.callback());
+ verify_context, callback.callback());
+
rv = callback.GetResult(rv);
ASSERT_EQ(OK, rv);
ASSERT_EQ("", error_details);
@@ -60,14 +62,15 @@ TEST(ProofTest, Verify) {
rv = verifier->VerifyProof("foo.com", server_config, *certs, signature,
&error_details, &cert_verify_result,
- callback.callback());
+ verify_context, callback.callback());
rv = callback.GetResult(rv);
ASSERT_EQ(ERR_FAILED, rv);
ASSERT_NE("", error_details);
rv = verifier->VerifyProof(hostname, server_config.substr(1, string::npos),
*certs, signature, &error_details,
- &cert_verify_result, callback.callback());
+ &cert_verify_result, verify_context,
+ callback.callback());
rv = callback.GetResult(rv);
ASSERT_EQ(ERR_FAILED, rv);
ASSERT_NE("", error_details);
@@ -75,7 +78,8 @@ TEST(ProofTest, Verify) {
const string corrupt_signature = "1" + signature;
rv = verifier->VerifyProof(hostname, server_config, *certs,
corrupt_signature, &error_details,
- &cert_verify_result, callback.callback());
+ &cert_verify_result, verify_context,
+ callback.callback());
rv = callback.GetResult(rv);
ASSERT_EQ(ERR_FAILED, rv);
ASSERT_NE("", error_details);
@@ -86,7 +90,7 @@ TEST(ProofTest, Verify) {
}
rv = verifier->VerifyProof("foo.com", server_config, wrong_certs, signature,
&error_details, &cert_verify_result,
- callback.callback());
+ verify_context, callback.callback());
rv = callback.GetResult(rv);
ASSERT_EQ(ERR_FAILED, rv);
ASSERT_NE("", error_details);
@@ -132,12 +136,14 @@ static void RunVerification(ProofVerifier* verifier,
TestCompletionCallback comp_callback;
bool ok;
string error_details;
+ scoped_ptr<ProofVerifyContext> verify_context(
+ CryptoTestUtils::ProofVerifyContextForTesting());
TestProofVerifierCallback* callback =
new TestProofVerifierCallback(&comp_callback, &ok, &error_details);
ProofVerifier::Status status = verifier->VerifyProof(
- hostname, server_config, certs, proof, &error_details, &details,
- callback);
+ hostname, server_config, certs, proof, verify_context.get(),
+ &error_details, &details, callback);
switch (status) {
case ProofVerifier::FAILURE:
diff --git a/net/quic/crypto/proof_verifier.h b/net/quic/crypto/proof_verifier.h
index 3b47776..50d1635 100644
--- a/net/quic/crypto/proof_verifier.h
+++ b/net/quic/crypto/proof_verifier.h
@@ -21,6 +21,13 @@ class NET_EXPORT_PRIVATE ProofVerifyDetails {
virtual ~ProofVerifyDetails() {}
};
+// ProofVerifyContext is an abstract class that acts as a container for any
+// implementation specific context that a ProofVerifier needs.
+class NET_EXPORT_PRIVATE ProofVerifyContext {
+ public:
+ virtual ~ProofVerifyContext() {}
+};
+
// ProofVerifierCallback provides a generic mechanism for a ProofVerifier to
// call back after an asynchronous verification.
class NET_EXPORT_PRIVATE ProofVerifierCallback {
@@ -60,6 +67,10 @@ class NET_EXPORT_PRIVATE ProofVerifier {
// description of the problem. In either case it may set |*details|, which the
// caller takes ownership of.
//
+ // |context| specifies an implementation specific struct (which may be NULL
+ // for some implementations) that provides useful information for the
+ // verifier, e.g. logging handles.
+ //
// This function may also return PENDING, in which case the ProofVerifier
// will call back, on the original thread, via |callback| when complete.
// In this case, the ProofVerifier will take ownership of |callback|.
@@ -70,6 +81,7 @@ class NET_EXPORT_PRIVATE ProofVerifier {
const std::string& server_config,
const std::vector<std::string>& certs,
const std::string& signature,
+ const ProofVerifyContext* context,
std::string* error_details,
scoped_ptr<ProofVerifyDetails>* details,
ProofVerifierCallback* callback) = 0;
diff --git a/net/quic/crypto/proof_verifier_chromium.cc b/net/quic/crypto/proof_verifier_chromium.cc
index 8584aed..fdb6a0d 100644
--- a/net/quic/crypto/proof_verifier_chromium.cc
+++ b/net/quic/crypto/proof_verifier_chromium.cc
@@ -47,7 +47,7 @@ class ProofVerifierChromium::Job {
const std::vector<std::string>& certs,
const std::string& signature,
std::string* error_details,
- scoped_ptr<ProofVerifyDetails>* details,
+ scoped_ptr<ProofVerifyDetails>* verify_details,
ProofVerifierCallback* callback);
private:
@@ -104,10 +104,10 @@ ProofVerifierChromium::Status ProofVerifierChromium::Job::VerifyProof(
const vector<string>& certs,
const string& signature,
std::string* error_details,
- scoped_ptr<ProofVerifyDetails>* details,
+ scoped_ptr<ProofVerifyDetails>* verify_details,
ProofVerifierCallback* callback) {
DCHECK(error_details);
- DCHECK(details);
+ DCHECK(verify_details);
DCHECK(callback);
callback_.reset(callback);
@@ -125,7 +125,7 @@ ProofVerifierChromium::Status ProofVerifierChromium::Job::VerifyProof(
*error_details = "Failed to create certificate chain. Certs are empty.";
DLOG(WARNING) << *error_details;
verify_details_->cert_verify_result.cert_status = CERT_STATUS_INVALID;
- details->reset(verify_details_.release());
+ verify_details->reset(verify_details_.release());
return FAILURE;
}
@@ -139,7 +139,7 @@ ProofVerifierChromium::Status ProofVerifierChromium::Job::VerifyProof(
*error_details = "Failed to create certificate chain";
DLOG(WARNING) << *error_details;
verify_details_->cert_verify_result.cert_status = CERT_STATUS_INVALID;
- details->reset(verify_details_.release());
+ verify_details->reset(verify_details_.release());
return FAILURE;
}
@@ -149,7 +149,7 @@ ProofVerifierChromium::Status ProofVerifierChromium::Job::VerifyProof(
*error_details = "Failed to verify signature of server config";
DLOG(WARNING) << *error_details;
verify_details_->cert_verify_result.cert_status = CERT_STATUS_INVALID;
- details->reset(verify_details_.release());
+ verify_details->reset(verify_details_.release());
return FAILURE;
}
@@ -158,13 +158,13 @@ ProofVerifierChromium::Status ProofVerifierChromium::Job::VerifyProof(
next_state_ = STATE_VERIFY_CERT;
switch (DoLoop(OK)) {
case OK:
- details->reset(verify_details_.release());
+ verify_details->reset(verify_details_.release());
return SUCCESS;
case ERR_IO_PENDING:
return PENDING;
default:
*error_details = error_details_;
- details->reset(verify_details_.release());
+ verify_details->reset(verify_details_.release());
return FAILURE;
}
}
@@ -310,11 +310,8 @@ bool ProofVerifierChromium::Job::VerifySignature(const string& signed_data,
return true;
}
-ProofVerifierChromium::ProofVerifierChromium(CertVerifier* cert_verifier,
- const BoundNetLog& net_log)
- : cert_verifier_(cert_verifier),
- net_log_(net_log) {
-}
+ProofVerifierChromium::ProofVerifierChromium(CertVerifier* cert_verifier)
+ : cert_verifier_(cert_verifier) {}
ProofVerifierChromium::~ProofVerifierChromium() {
STLDeleteElements(&active_jobs_);
@@ -325,12 +322,19 @@ ProofVerifierChromium::Status ProofVerifierChromium::VerifyProof(
const std::string& server_config,
const std::vector<std::string>& certs,
const std::string& signature,
+ const ProofVerifyContext* verify_context,
std::string* error_details,
- scoped_ptr<ProofVerifyDetails>* details,
+ scoped_ptr<ProofVerifyDetails>* verify_details,
ProofVerifierCallback* callback) {
- scoped_ptr<Job> job(new Job(this, cert_verifier_, net_log_));
+ if (!verify_context) {
+ *error_details = "Missing context";
+ return FAILURE;
+ }
+ const ProofVerifyContextChromium* chromium_context =
+ reinterpret_cast<const ProofVerifyContextChromium*>(verify_context);
+ scoped_ptr<Job> job(new Job(this, cert_verifier_, chromium_context->net_log));
Status status = job->VerifyProof(hostname, server_config, certs, signature,
- error_details, details, callback);
+ error_details, verify_details, callback);
if (status == PENDING) {
active_jobs_.insert(job.release());
}
diff --git a/net/quic/crypto/proof_verifier_chromium.h b/net/quic/crypto/proof_verifier_chromium.h
index 7f695e6..ebf9a2c 100644
--- a/net/quic/crypto/proof_verifier_chromium.h
+++ b/net/quic/crypto/proof_verifier_chromium.h
@@ -15,6 +15,7 @@
#include "net/base/net_export.h"
#include "net/base/net_log.h"
#include "net/cert/cert_verify_result.h"
+#include "net/cert/x509_certificate.h"
#include "net/quic/crypto/proof_verifier.h"
namespace net {
@@ -29,12 +30,21 @@ struct ProofVerifyDetailsChromium : public ProofVerifyDetails {
CertVerifyResult cert_verify_result;
};
+// ProofVerifyContextChromium is the implementation-specific information that a
+// ProofVerifierChromium needs in order to log correctly.
+struct ProofVerifyContextChromium : public ProofVerifyContext {
+ public:
+ explicit ProofVerifyContextChromium(const BoundNetLog& net_log)
+ : net_log(net_log) {}
+
+ BoundNetLog net_log;
+};
+
// ProofVerifierChromium implements the QUIC ProofVerifier interface. It is
// capable of handling multiple simultaneous requests.
class NET_EXPORT_PRIVATE ProofVerifierChromium : public ProofVerifier {
public:
- ProofVerifierChromium(CertVerifier* cert_verifier,
- const BoundNetLog& net_log);
+ explicit ProofVerifierChromium(CertVerifier* cert_verifier);
virtual ~ProofVerifierChromium();
// ProofVerifier interface
@@ -42,8 +52,9 @@ class NET_EXPORT_PRIVATE ProofVerifierChromium : public ProofVerifier {
const std::string& server_config,
const std::vector<std::string>& certs,
const std::string& signature,
+ const ProofVerifyContext* verify_context,
std::string* error_details,
- scoped_ptr<ProofVerifyDetails>* details,
+ scoped_ptr<ProofVerifyDetails>* verify_details,
ProofVerifierCallback* callback) OVERRIDE;
private:
@@ -58,8 +69,6 @@ class NET_EXPORT_PRIVATE ProofVerifierChromium : public ProofVerifier {
// Underlying verifier used to verify certificates.
CertVerifier* const cert_verifier_;
- BoundNetLog net_log_;
-
DISALLOW_COPY_AND_ASSIGN(ProofVerifierChromium);
};
diff --git a/net/quic/quic_client_session.cc b/net/quic/quic_client_session.cc
index 865c9b0..92f3cd5 100644
--- a/net/quic/quic_client_session.cc
+++ b/net/quic/quic_client_session.cc
@@ -112,7 +112,9 @@ QuicClientSession::QuicClientSession(
crypto_client_stream_factory ?
crypto_client_stream_factory->CreateQuicCryptoClientStream(
server_key, this, crypto_config) :
- new QuicCryptoClientStream(server_key, this, this, crypto_config));
+ new QuicCryptoClientStream(server_key, this, this,
+ new ProofVerifyContextChromium(net_log_),
+ crypto_config));
connection->set_debug_visitor(&logger_);
// TODO(rch): pass in full host port proxy pair
diff --git a/net/quic/quic_crypto_client_stream.cc b/net/quic/quic_crypto_client_stream.cc
index 8c574fe..5de69c2 100644
--- a/net/quic/quic_crypto_client_stream.cc
+++ b/net/quic/quic_crypto_client_stream.cc
@@ -46,6 +46,7 @@ QuicCryptoClientStream::QuicCryptoClientStream(
const QuicSessionKey& server_key,
QuicSession* session,
Visitor* visitor,
+ ProofVerifyContext* verify_context,
QuicCryptoClientConfig* crypto_config)
: QuicCryptoStream(session),
visitor_(visitor),
@@ -54,7 +55,8 @@ QuicCryptoClientStream::QuicCryptoClientStream(
crypto_config_(crypto_config),
server_key_(server_key),
generation_counter_(0),
- proof_verify_callback_(NULL) {
+ proof_verify_callback_(NULL),
+ verify_context_(verify_context) {
}
QuicCryptoClientStream::~QuicCryptoClientStream() {
@@ -239,6 +241,7 @@ void QuicCryptoClientStream::DoHandshakeLoop(
cached->server_config(),
cached->certs(),
cached->signature(),
+ verify_context_.get(),
&verify_error_details_,
&verify_details_,
proof_verify_callback);
diff --git a/net/quic/quic_crypto_client_stream.h b/net/quic/quic_crypto_client_stream.h
index 8e28360..812cf43 100644
--- a/net/quic/quic_crypto_client_stream.h
+++ b/net/quic/quic_crypto_client_stream.h
@@ -45,6 +45,7 @@ class NET_EXPORT_PRIVATE QuicCryptoClientStream : public QuicCryptoStream {
QuicCryptoClientStream(const QuicSessionKey& server_key,
QuicSession* session,
Visitor* visitor,
+ ProofVerifyContext* verify_context,
QuicCryptoClientConfig* crypto_config);
virtual ~QuicCryptoClientStream();
@@ -134,6 +135,7 @@ class NET_EXPORT_PRIVATE QuicCryptoClientStream : public QuicCryptoStream {
bool verify_ok_;
string verify_error_details_;
scoped_ptr<ProofVerifyDetails> verify_details_;
+ scoped_ptr<ProofVerifyContext> verify_context_;
DISALLOW_COPY_AND_ASSIGN(QuicCryptoClientStream);
};
diff --git a/net/quic/quic_crypto_client_stream_test.cc b/net/quic/quic_crypto_client_stream_test.cc
index 1b64c9c..3081210 100644
--- a/net/quic/quic_crypto_client_stream_test.cc
+++ b/net/quic/quic_crypto_client_stream_test.cc
@@ -29,8 +29,8 @@ class QuicCryptoClientStreamTest : public ::testing::Test {
: connection_(new PacketSavingConnection(false)),
session_(new TestSession(connection_, DefaultQuicConfig())),
server_key_(kServerHostname, kServerPort, false),
- stream_(new QuicCryptoClientStream(server_key_, session_.get(), NULL,
- &crypto_config_)) {
+ stream_(new QuicCryptoClientStream(
+ server_key_, session_.get(), NULL, NULL, &crypto_config_)) {
session_->SetCryptoStream(stream_.get());
session_->config()->SetDefaults();
crypto_config_.SetDefaults();
@@ -108,7 +108,7 @@ TEST_F(QuicCryptoClientStreamTest, NegotiatedParameters) {
TEST_F(QuicCryptoClientStreamTest, InvalidHostname) {
QuicSessionKey server_key("invalid", 80, false);
stream_.reset(new QuicCryptoClientStream(server_key, session_.get(), NULL,
- &crypto_config_));
+ NULL, &crypto_config_));
session_->SetCryptoStream(stream_.get());
CompleteCryptoHandshake();
@@ -123,7 +123,7 @@ TEST_F(QuicCryptoClientStreamTest, ExpiredServerConfig) {
connection_ = new PacketSavingConnection(true);
session_.reset(new TestSession(connection_, DefaultQuicConfig()));
stream_.reset(new QuicCryptoClientStream(server_key_, session_.get(), NULL,
- &crypto_config_));
+ NULL, &crypto_config_));
session_->SetCryptoStream(stream_.get());
session_->config()->SetDefaults();
diff --git a/net/quic/quic_crypto_server_stream_test.cc b/net/quic/quic_crypto_server_stream_test.cc
index 4135187..0c279f5 100644
--- a/net/quic/quic_crypto_server_stream_test.cc
+++ b/net/quic/quic_crypto_server_stream_test.cc
@@ -147,7 +147,7 @@ TEST_P(QuicCryptoServerStreamTest, ZeroRTT) {
QuicSessionKey server_key(kServerHostname, kServerPort, false);
scoped_ptr<QuicCryptoClientStream> client(new QuicCryptoClientStream(
- server_key, client_session.get(), NULL, &client_crypto_config));
+ server_key, client_session.get(), NULL, NULL, &client_crypto_config));
client_session->SetCryptoStream(client.get());
// Do a first handshake in order to prime the client config with the server's
@@ -180,7 +180,7 @@ TEST_P(QuicCryptoServerStreamTest, ZeroRTT) {
client_session.reset(new TestSession(client_conn, client_config));
server_session.reset(new TestSession(server_conn, config_));
client.reset(new QuicCryptoClientStream(
- server_key, client_session.get(), NULL, &client_crypto_config));
+ server_key, client_session.get(), NULL, NULL, &client_crypto_config));
client_session->SetCryptoStream(client.get());
server.reset(new QuicCryptoServerStream(crypto_config_,
diff --git a/net/quic/quic_stream_factory.cc b/net/quic/quic_stream_factory.cc
index 119be2b..06b5134 100644
--- a/net/quic/quic_stream_factory.cc
+++ b/net/quic/quic_stream_factory.cc
@@ -737,8 +737,7 @@ int QuicStreamFactory::CreateSession(
config, crypto_config, net_log.net_log());
all_sessions_.insert(*session); // owning pointer
if (is_https) {
- crypto_config->SetProofVerifier(
- new ProofVerifierChromium(cert_verifier, net_log));
+ crypto_config->SetProofVerifier(new ProofVerifierChromium(cert_verifier));
}
return OK;
}
diff --git a/net/quic/test_tools/crypto_test_utils.cc b/net/quic/test_tools/crypto_test_utils.cc
index c3ccf72..f8d65b9 100644
--- a/net/quic/test_tools/crypto_test_utils.cc
+++ b/net/quic/test_tools/crypto_test_utils.cc
@@ -180,7 +180,7 @@ int CryptoTestUtils::HandshakeWithFakeClient(
crypto_config.SetChannelIDSigner(ChannelIDSignerForTesting());
}
QuicSessionKey server_key(kServerHostname, kServerPort, false);
- QuicCryptoClientStream client(server_key, &client_session, NULL,
+ QuicCryptoClientStream client(server_key, &client_session, NULL, NULL,
&crypto_config);
client_session.SetCryptoStream(&client);
diff --git a/net/quic/test_tools/crypto_test_utils.h b/net/quic/test_tools/crypto_test_utils.h
index 65ba9ee..4a38b0e 100644
--- a/net/quic/test_tools/crypto_test_utils.h
+++ b/net/quic/test_tools/crypto_test_utils.h
@@ -23,6 +23,7 @@ class ChannelIDSigner;
class CommonCertSets;
class ProofSource;
class ProofVerifier;
+class ProofVerifyContext;
class QuicClock;
class QuicConfig;
class QuicCryptoClientStream;
@@ -96,6 +97,10 @@ class CryptoTestUtils {
// Returns a |ProofVerifier| that uses the QUIC testing root CA.
static ProofVerifier* ProofVerifierForTesting();
+ // Returns a |ProofVerifyContext| that must be used with the verifier
+ // returned by ||ProofVerifierForTesting.
+ static ProofVerifyContext* ProofVerifyContextForTesting();
+
// MockCommonCertSets returns a CommonCertSets that contains a single set with
// hash |hash|, consisting of the certificate |cert| at index |index|.
static CommonCertSets* MockCommonCertSets(base::StringPiece cert,
diff --git a/net/quic/test_tools/crypto_test_utils_chromium.cc b/net/quic/test_tools/crypto_test_utils_chromium.cc
index 8aaef42..12dadb1 100644
--- a/net/quic/test_tools/crypto_test_utils_chromium.cc
+++ b/net/quic/test_tools/crypto_test_utils_chromium.cc
@@ -22,7 +22,7 @@ class TestProofVerifierChromium : public ProofVerifierChromium {
public:
TestProofVerifierChromium(CertVerifier* cert_verifier,
const std::string& cert_file)
- : ProofVerifierChromium(cert_verifier, BoundNetLog()),
+ : ProofVerifierChromium(cert_verifier),
cert_verifier_(cert_verifier) {
// Load and install the root for the validated chain.
scoped_refptr<X509Certificate> root_cert =
@@ -42,6 +42,11 @@ ProofSource* CryptoTestUtils::ProofSourceForTesting() {
}
// static
+ProofVerifyContext* CryptoTestUtils::ProofVerifyContextForTesting() {
+ return new ProofVerifyContextChromium(BoundNetLog());
+}
+
+// static
ProofVerifier* CryptoTestUtils::ProofVerifierForTesting() {
TestProofVerifierChromium* proof_verifier = new TestProofVerifierChromium(
CertVerifier::CreateDefault(), "quic_root.crt");
diff --git a/net/quic/test_tools/mock_crypto_client_stream.cc b/net/quic/test_tools/mock_crypto_client_stream.cc
index b0112d5..d829fb2 100644
--- a/net/quic/test_tools/mock_crypto_client_stream.cc
+++ b/net/quic/test_tools/mock_crypto_client_stream.cc
@@ -13,10 +13,12 @@ MockCryptoClientStream::MockCryptoClientStream(
const QuicSessionKey& server_key,
QuicSession* session,
QuicCryptoClientStream::Visitor* visitor,
+ ProofVerifyContext* verify_context,
QuicCryptoClientConfig* crypto_config,
HandshakeMode handshake_mode,
const ProofVerifyDetails* proof_verify_details)
- : QuicCryptoClientStream(server_key, session, visitor, crypto_config),
+ : QuicCryptoClientStream(server_key, session, visitor, verify_context,
+ crypto_config),
handshake_mode_(handshake_mode),
proof_verify_details_(proof_verify_details) {
}
diff --git a/net/quic/test_tools/mock_crypto_client_stream.h b/net/quic/test_tools/mock_crypto_client_stream.h
index 444f88d..1bec098 100644
--- a/net/quic/test_tools/mock_crypto_client_stream.h
+++ b/net/quic/test_tools/mock_crypto_client_stream.h
@@ -39,6 +39,7 @@ class MockCryptoClientStream : public QuicCryptoClientStream {
const QuicSessionKey& server_key,
QuicSession* session,
QuicCryptoClientStream::Visitor* visitor,
+ ProofVerifyContext* verify_context,
QuicCryptoClientConfig* crypto_config,
HandshakeMode handshake_mode,
const ProofVerifyDetails* proof_verify_details_);
diff --git a/net/quic/test_tools/mock_crypto_client_stream_factory.cc b/net/quic/test_tools/mock_crypto_client_stream_factory.cc
index 686fd56..d9ebcaf 100644
--- a/net/quic/test_tools/mock_crypto_client_stream_factory.cc
+++ b/net/quic/test_tools/mock_crypto_client_stream_factory.cc
@@ -25,7 +25,7 @@ MockCryptoClientStreamFactory::CreateQuicCryptoClientStream(
QuicClientSession* session,
QuicCryptoClientConfig* crypto_config) {
last_stream_ = new MockCryptoClientStream(
- server_key, session, session, crypto_config, handshake_mode_,
+ server_key, session, session, NULL, crypto_config, handshake_mode_,
proof_verify_details_);
return last_stream_;
}