Enable TLS for more tests in //gfe/gfe2/quic:end_to_end_test
This change involves adding a TlsServerHandshaker::OverrideQuicConfigDefaults
method to allow subclasses to change the QuicConfig based on the SNI, like
can currently be done in QUIC Crypto.
gfe-relnote: protected by quic version flags draft_27 and draft_25
PiperOrigin-RevId: 301896631
Change-Id: Ib74d4fa52fa49f15544d72d7f2ecbed673cd2131
diff --git a/quic/core/tls_server_handshaker.cc b/quic/core/tls_server_handshaker.cc
index 6f372df..346e872 100644
--- a/quic/core/tls_server_handshaker.cc
+++ b/quic/core/tls_server_handshaker.cc
@@ -54,11 +54,6 @@
// Configure the SSL to be a server.
SSL_set_accept_state(ssl());
-
- if (!SetTransportParameters()) {
- CloseConnection(QUIC_HANDSHAKE_FAILED,
- "Server failed to set Transport Parameters");
- }
}
TlsServerHandshaker::~TlsServerHandshaker() {
@@ -155,6 +150,8 @@
return TlsHandshaker::BufferSizeLimitForLevel(level);
}
+void TlsServerHandshaker::OverrideQuicConfigDefaults(QuicConfig* /*config*/) {}
+
bool TlsServerHandshaker::SetReadSecret(
EncryptionLevel level,
const SSL_CIPHER* cipher,
@@ -390,6 +387,11 @@
*out_alert = SSL_AD_INTERNAL_ERROR;
return SSL_TLSEXT_ERR_ALERT_FATAL;
}
+ OverrideQuicConfigDefaults(session()->config());
+ if (!SetTransportParameters()) {
+ QUIC_LOG(ERROR) << "Failed to set transport parameters";
+ return SSL_TLSEXT_ERR_ALERT_FATAL;
+ }
QUIC_LOG(INFO) << "Set " << chain->certs.size() << " certs for server";
return SSL_TLSEXT_ERR_OK;
