QuicToyClient provides a hostname to CreateDefaultProofVerifier
gfe-relnote: n/a (quic tools only change)
PiperOrigin-RevId: 265579643
Change-Id: Ife5e3b2f29cb774e0c99437acefd8db91e468108
diff --git a/quic/platform/api/quic_default_proof_providers.h b/quic/platform/api/quic_default_proof_providers.h
index 6f3b636..9890709 100644
--- a/quic/platform/api/quic_default_proof_providers.h
+++ b/quic/platform/api/quic_default_proof_providers.h
@@ -13,11 +13,12 @@
namespace quic {
-// Provides a default proof verifier. The verifier has to do a good faith
-// attempt at verifying the certificate against a reasonable root store, and not
-// just always return success.
-inline std::unique_ptr<ProofVerifier> CreateDefaultProofVerifier() {
- return CreateDefaultProofVerifierImpl();
+// Provides a default proof verifier that can verify a cert chain for |host|.
+// The verifier has to do a good faith attempt at verifying the certificate
+// against a reasonable root store, and not just always return success.
+inline std::unique_ptr<ProofVerifier> CreateDefaultProofVerifier(
+ const std::string& host) {
+ return CreateDefaultProofVerifierImpl(host);
}
// Provides a default proof source for CLI-based tools. The actual certificates
diff --git a/quic/tools/quic_toy_client.cc b/quic/tools/quic_toy_client.cc
index 319d3a2..ed05600 100644
--- a/quic/tools/quic_toy_client.cc
+++ b/quic/tools/quic_toy_client.cc
@@ -216,7 +216,7 @@
if (GetQuicFlag(FLAGS_disable_certificate_verification)) {
proof_verifier = quic::QuicMakeUnique<FakeProofVerifier>();
} else {
- proof_verifier = quic::CreateDefaultProofVerifier();
+ proof_verifier = quic::CreateDefaultProofVerifier(url.host());
}
// Build the client, and try to connect.