Roll src/net/third_party/quiche/src/ 8212c4592..6cccce4f5 (5 commits)

https://quiche.googlesource.com/quiche.git/+log/8212c45924e3..6cccce4f5870 $ git log 8212c4592..6cccce4f5 --date=short --no-merges --format='%ad %ae %s' 2020-06-08 fayang Deprecate gfe2_reloadable_flag_quic_notify_handshaker_on_connection_close. 2020-06-08 fayang In quic, adjust blackhole detection configs based on connection options. protected by existing gfe2_reloadable_flag_quic_default_enable_5rto_blackhole_detection. 2020-06-05 fayang Default enable 5rto blackhole detection. protected by gfe2_reloadable_flag_quic_default_enable_5rto_blackhole_detection. 2020-06-05 nharper Add port field to ProofVerifier::VerifyCertChain 2020-06-05 nharper Discard server 0-RTT read key when QUIC TLS handshake completes Created with: roll-dep src/net/third_party/quiche/src src/third_party/quic_trace/src R=dschinazi@chromium.org Change-Id: Id08bb2df54f342dac304a0c8dda3df40506b5868 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2235986 Commit-Queue: Fan Yang <fayang@chromium.org> Reviewed-by: David Schinazi <dschinazi@chromium.org> Auto-Submit: Fan Yang <fayang@chromium.org> Cr-Commit-Position: refs/heads/master@{#776319}

Roll src/net/third_party/quiche/src/ 8212c4592..6cccce4f5 (5 commits)
https://quiche.googlesource.com/quiche.git/+log/8212c45924e3..6cccce4f5870 $ git log 8212c4592..6cccce4f5 --date=short --no-merges --format='%ad %ae %s' 2020-06-08 fayang Deprecate gfe2_reloadable_flag_quic_notify_handshaker_on_connection_close. 2020-06-08 fayang In quic, adjust blackhole detection configs based on connection options. protected by existing gfe2_reloadable_flag_quic_default_enable_5rto_blackhole_detection. 2020-06-05 fayang Default enable 5rto blackhole detection. protected by gfe2_reloadable_flag_quic_default_enable_5rto_blackhole_detection. 2020-06-05 nharper Add port field to ProofVerifier::VerifyCertChain 2020-06-05 nharper Discard server 0-RTT read key when QUIC TLS handshake completes Created with: roll-dep src/net/third_party/quiche/src src/third_party/quic_trace/src R=dschinazi@chromium.org Change-Id: Id08bb2df54f342dac304a0c8dda3df40506b5868 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2235986 Commit-Queue: Fan Yang <fayang@chromium.org> Reviewed-by: David Schinazi <dschinazi@chromium.org> Auto-Submit: Fan Yang <fayang@chromium.org> Cr-Commit-Position: refs/heads/master@{#776319}
0a793f7c · Fan Yang · Commit Bot · 68c28c5c · 0a793f7c · 0a793f7c
Commit 0a793f7c authored Jun 09, 2020 by Fan Yang Committed by Commit Bot Jun 09, 2020
8 changed files
--- a/DEPS
+++ b/DEPS
@@ -309,7 +309,7 @@ vars = {
  # Three lines of non-changing comments so that
  # the commit queue can handle CLs rolling feed
  # and whatever else without interference from each other.
-  'quiche_revision': '8212c45924e356cea0bc43acde1826aafa11e493',
+  'quiche_revision': '6cccce4f58708940e9a02462007ad6ed0fa019ff',
  # Three lines of non-changing comments so that
  # the commit queue can handle CLs rolling ios_webkit
  # and whatever else without interference from each other.

--- a/net/quic/crypto/proof_verifier_chromium.cc
+++ b/net/quic/crypto/proof_verifier_chromium.cc
@@ -641,6 +641,7 @@ quic::QuicAsyncStatus ProofVerifierChromium::VerifyProof(

 quic::QuicAsyncStatus ProofVerifierChromium::VerifyCertChain(
    const std::string& hostname,
+    const uint16_t /*port*/,
    const std::vector<std::string>& certs,
    const std::string& ocsp_response,
    const std::string& cert_sct,

--- a/net/quic/crypto/proof_verifier_chromium.h
+++ b/net/quic/crypto/proof_verifier_chromium.h
@@ -95,6 +95,7 @@ class NET_EXPORT_PRIVATE ProofVerifierChromium : public quic::ProofVerifier {
      std::unique_ptr<quic::ProofVerifierCallback> callback) override;
  quic::QuicAsyncStatus VerifyCertChain(
      const std::string& hostname,
+      const uint16_t port,
      const std::vector<std::string>& certs,
      const std::string& ocsp_response,
      const std::string& cert_sct,

--- a/net/quic/crypto/proof_verifier_chromium_test.cc
+++ b/net/quic/crypto/proof_verifier_chromium_test.cc
@@ -1003,7 +1003,7 @@ TEST_F(ProofVerifierChromiumTest, VerifyCertChain) {
  std::unique_ptr<DummyProofVerifierCallback> callback(
      new DummyProofVerifierCallback);
  quic::QuicAsyncStatus status = proof_verifier.VerifyCertChain(
-      kTestHostname, certs_, /*ocsp_response=*/std::string(),
+      kTestHostname, kTestPort, certs_, /*ocsp_response=*/std::string(),
      /*cert_sct=*/std::string(), verify_context_.get(), &error_details_,
      &details_, std::move(callback));
  ASSERT_EQ(quic::QUIC_SUCCESS, status);

--- a/net/quic/quic_flags_list.h
+++ b/net/quic/quic_flags_list.h
@@ -320,11 +320,6 @@ QUIC_FLAG(bool, FLAGS_quic_reloadable_flag_quic_enable_tls_resumption, false)
 // When true, QUIC's BBRv2 ignores inflight_lo in PROBE_BW.
 QUIC_FLAG(bool, FLAGS_quic_reloadable_flag_quic_bbr2_ignore_inflight_lo, false)

-// If true, notify handshakers when connection closes.
-QUIC_FLAG(bool,
-          FLAGS_quic_reloadable_flag_quic_notify_handshaker_on_connection_close,
-          true)
-
 // If true, for QUIC + TLS, change default encryption level when new encryption
 // key is available.
 QUIC_FLAG(bool,
@@ -382,7 +377,7 @@ QUIC_FLAG(
 QUIC_FLAG(
    bool,
    FLAGS_quic_reloadable_flag_quic_fix_write_pending_crypto_retransmission,
-    false)
+    true)

 // If true, clear last_inflight_packets_sent_time_ of a packet number space when
 // there is no bytes in flight.
@@ -410,7 +405,7 @@ QUIC_FLAG(bool, FLAGS_quic_reloadable_flag_quic_bbr2_limit_inflight_hi, false)

 // When true, always check the amplification limit before writing, not just for
 // handshake packets.
-QUIC_FLAG(bool, FLAGS_quic_reloadable_flag_quic_move_amplification_limit, false)
+QUIC_FLAG(bool, FLAGS_quic_reloadable_flag_quic_move_amplification_limit, true)

 // If true, SendAllPendingAcks always send the earliest ACK.
 QUIC_FLAG(bool, FLAGS_quic_reloadable_flag_quic_always_send_earliest_ack, false)
@@ -427,3 +422,9 @@ QUIC_FLAG(bool, FLAGS_quic_reloadable_flag_quic_disable_version_t050, false)
 // If true, do not arm PTO on half RTT packets if they are the only ones in
 // flight.
 QUIC_FLAG(bool, FLAGS_quic_reloadable_flag_quic_fix_server_pto_timeout, false)
+
+// If true, default-enable 5RTO blachole detection.
+QUIC_FLAG(
+    bool,
+    FLAGS_quic_reloadable_flag_quic_default_enable_5rto_blackhole_detection,
+    true)
--- a/net/quic/quic_stream_factory.cc
+++ b/net/quic/quic_stream_factory.cc
@@ -253,7 +253,7 @@ class QuicStreamFactory::CertVerifierJob {
    auto* verify_callback_ptr = verify_callback.get();
    quic::QuicAsyncStatus status =
        crypto_config->proof_verifier()->VerifyCertChain(
-            server_id_.host(), cached->certs(),
+            server_id_.host(), server_id_.port(), cached->certs(),
            /*ocsp_response=*/std::string(), cached->cert_sct(),
            verify_context_.get(), &verify_error_details_, &verify_details_,
            std::move(verify_callback));

--- a/third_party/blink/renderer/modules/peerconnection/adapters/p2p_quic_crypto_config_factory_impl.cc
+++ b/third_party/blink/renderer/modules/peerconnection/adapters/p2p_quic_crypto_config_factory_impl.cc
@@ -49,6 +49,7 @@ class InsecureProofVerifier : public quic::ProofVerifier {

  quic::QuicAsyncStatus VerifyCertChain(
      const std::string& hostname,
+      const uint16_t port,
      const std::vector<std::string>& certs,
      const std::string& ocsp_response,
      const std::string& cert_sct,

--- a/third_party/blink/renderer/modules/peerconnection/adapters/p2p_quic_transport_test.cc
+++ b/third_party/blink/renderer/modules/peerconnection/adapters/p2p_quic_transport_test.cc
@@ -365,6 +365,7 @@ class FailingProofVerifierStub : public quic::ProofVerifier {

  quic::QuicAsyncStatus VerifyCertChain(
      const std::string& hostname,
+      const uint16_t port,
      const std::vector<std::string>& certs,
      const std::string& ocsp_response,
      const std::string& cert_sct,