diff options
Diffstat (limited to 'chromium/net/third_party/quiche/src/quic/core/crypto/quic_crypto_server_config.cc')
| -rw-r--r-- | chromium/net/third_party/quiche/src/quic/core/crypto/quic_crypto_server_config.cc | 20 |
1 files changed, 3 insertions, 17 deletions
diff --git a/chromium/net/third_party/quiche/src/quic/core/crypto/quic_crypto_server_config.cc b/chromium/net/third_party/quiche/src/quic/core/crypto/quic_crypto_server_config.cc index 4f19533b008..f2a88095aac 100644 --- a/chromium/net/third_party/quiche/src/quic/core/crypto/quic_crypto_server_config.cc +++ b/chromium/net/third_party/quiche/src/quic/core/crypto/quic_crypto_server_config.cc @@ -51,7 +51,6 @@ #include "quic/platform/api/quic_reference_counted.h" #include "quic/platform/api/quic_socket_address.h" #include "quic/platform/api/quic_testvalue.h" -#include "common/platform/api/quiche_text_utils.h" namespace quic { @@ -745,9 +744,7 @@ void QuicCryptoServerConfig::ProcessClientHelloAfterGetProof( << context->connection_id() << " which is invalid with version " << context->version(); - if (context->validate_chlo_result()->postpone_cert_validate_for_server && - context->info().reject_reasons.empty()) { - QUIC_RELOADABLE_FLAG_COUNT(quic_crypto_postpone_cert_validate_for_server); + if (context->info().reject_reasons.empty()) { if (!context->signed_config() || !context->signed_config()->chain) { // No chain. context->validate_chlo_result()->info.reject_reasons.push_back( @@ -1224,8 +1221,8 @@ void QuicCryptoServerConfig::SelectNewPrimaryConfig( } void QuicCryptoServerConfig::EvaluateClientHello( - const QuicSocketAddress& server_address, - const QuicSocketAddress& client_address, + const QuicSocketAddress& /*server_address*/, + const QuicSocketAddress& /*client_address*/, QuicTransportVersion /*version*/, const Configs& configs, QuicReferenceCountedPointer<ValidateClientHelloResultCallback::Result> @@ -1294,17 +1291,6 @@ void QuicCryptoServerConfig::EvaluateClientHello( // No valid source address token. } - if (!client_hello_state->postpone_cert_validate_for_server) { - QuicReferenceCountedPointer<ProofSource::Chain> chain = - proof_source_->GetCertChain(server_address, client_address, - std::string(info->sni)); - if (!chain) { - info->reject_reasons.push_back(SERVER_CONFIG_UNKNOWN_CONFIG_FAILURE); - } else if (!ValidateExpectedLeafCertificate(client_hello, chain->certs)) { - info->reject_reasons.push_back(INVALID_EXPECTED_LEAF_CERTIFICATE); - } - } - if (info->client_nonce.size() != kNonceSize) { info->reject_reasons.push_back(CLIENT_NONCE_INVALID_FAILURE); // Invalid client nonce. |