Remove CreateSslCtx argument from QUIC crypto config constructors
gfe-relnote: refactoring constructors, no behavior change
PiperOrigin-RevId: 254837057
Change-Id: Iec11d45d1febc6eee3514436d4bb15686a290daf
diff --git a/quic/core/crypto/quic_crypto_client_config.cc b/quic/core/crypto/quic_crypto_client_config.cc
index 31cb269..2b458ff 100644
--- a/quic/core/crypto/quic_crypto_client_config.cc
+++ b/quic/core/crypto/quic_crypto_client_config.cc
@@ -61,13 +61,8 @@
QuicCryptoClientConfig::QuicCryptoClientConfig(
std::unique_ptr<ProofVerifier> proof_verifier)
- : QuicCryptoClientConfig(std::move(proof_verifier),
- TlsClientConnection::CreateSslCtx()) {}
-
-QuicCryptoClientConfig::QuicCryptoClientConfig(
- std::unique_ptr<ProofVerifier> proof_verifier,
- bssl::UniquePtr<SSL_CTX> ssl_ctx)
- : proof_verifier_(std::move(proof_verifier)), ssl_ctx_(std::move(ssl_ctx)) {
+ : proof_verifier_(std::move(proof_verifier)),
+ ssl_ctx_(TlsClientConnection::CreateSslCtx()) {
DCHECK(proof_verifier_.get());
SetDefaults();
}
diff --git a/quic/core/crypto/quic_crypto_client_config.h b/quic/core/crypto/quic_crypto_client_config.h
index 2d95103..2de7cd0 100644
--- a/quic/core/crypto/quic_crypto_client_config.h
+++ b/quic/core/crypto/quic_crypto_client_config.h
@@ -205,9 +205,6 @@
explicit QuicCryptoClientConfig(
std::unique_ptr<ProofVerifier> proof_verifier);
- // Deprecated. Use the single-arg constructor instead.
- QuicCryptoClientConfig(std::unique_ptr<ProofVerifier> proof_verifier,
- bssl::UniquePtr<SSL_CTX> ssl_ctx);
QuicCryptoClientConfig(const QuicCryptoClientConfig&) = delete;
QuicCryptoClientConfig& operator=(const QuicCryptoClientConfig&) = delete;
~QuicCryptoClientConfig();
diff --git a/quic/core/crypto/quic_crypto_server_config.cc b/quic/core/crypto/quic_crypto_server_config.cc
index 197620a..50ea2f8 100644
--- a/quic/core/crypto/quic_crypto_server_config.cc
+++ b/quic/core/crypto/quic_crypto_server_config.cc
@@ -233,18 +233,6 @@
QuicRandom* server_nonce_entropy,
std::unique_ptr<ProofSource> proof_source,
std::unique_ptr<KeyExchangeSource> key_exchange_source)
- : QuicCryptoServerConfig(source_address_token_secret,
- server_nonce_entropy,
- std::move(proof_source),
- std::move(key_exchange_source),
- TlsServerConnection::CreateSslCtx()) {}
-
-QuicCryptoServerConfig::QuicCryptoServerConfig(
- QuicStringPiece source_address_token_secret,
- QuicRandom* server_nonce_entropy,
- std::unique_ptr<ProofSource> proof_source,
- std::unique_ptr<KeyExchangeSource> key_exchange_source,
- bssl::UniquePtr<SSL_CTX> ssl_ctx)
: replay_protection_(true),
chlo_multiplier_(kMultiplier),
configs_lock_(),
@@ -252,7 +240,7 @@
next_config_promotion_time_(QuicWallTime::Zero()),
proof_source_(std::move(proof_source)),
key_exchange_source_(std::move(key_exchange_source)),
- ssl_ctx_(std::move(ssl_ctx)),
+ ssl_ctx_(TlsServerConnection::CreateSslCtx()),
source_address_token_future_secs_(3600),
source_address_token_lifetime_secs_(86400),
enable_serving_sct_(false),
diff --git a/quic/core/crypto/quic_crypto_server_config.h b/quic/core/crypto/quic_crypto_server_config.h
index b1c7bec..d8d9cab 100644
--- a/quic/core/crypto/quic_crypto_server_config.h
+++ b/quic/core/crypto/quic_crypto_server_config.h
@@ -212,12 +212,6 @@
// server. Not owned.
// |proof_source|: provides certificate chains and signatures.
// |key_exchange_source|: provides key-exchange functionality.
- // |ssl_ctx|: The SSL_CTX used for doing TLS handshakes.
- QuicCryptoServerConfig(QuicStringPiece source_address_token_secret,
- QuicRandom* server_nonce_entropy,
- std::unique_ptr<ProofSource> proof_source,
- std::unique_ptr<KeyExchangeSource> key_exchange_source,
- bssl::UniquePtr<SSL_CTX> ssl_ctx);
QuicCryptoServerConfig(
QuicStringPiece source_address_token_secret,
QuicRandom* server_nonce_entropy,
diff --git a/quic/quartc/quartc_crypto_helpers.cc b/quic/quartc/quartc_crypto_helpers.cc
index fd579ba..1446ab3 100644
--- a/quic/quartc/quartc_crypto_helpers.cc
+++ b/quic/quartc/quartc_crypto_helpers.cc
@@ -4,8 +4,6 @@
#include "net/third_party/quiche/src/quic/quartc/quartc_crypto_helpers.h"
#include "net/third_party/quiche/src/quic/core/quic_utils.h"
-#include "net/third_party/quiche/src/quic/core/tls_client_handshaker.h"
-#include "net/third_party/quiche/src/quic/core/tls_server_handshaker.h"
namespace quic {
@@ -94,8 +92,7 @@
std::unique_ptr<QuicCryptoClientConfig> CreateCryptoClientConfig(
QuicStringPiece pre_shared_key) {
auto config = QuicMakeUnique<QuicCryptoClientConfig>(
- QuicMakeUnique<InsecureProofVerifier>(),
- TlsClientHandshaker::CreateSslCtx());
+ QuicMakeUnique<InsecureProofVerifier>());
config->set_pad_inchoate_hello(false);
config->set_pad_full_hello(false);
if (!pre_shared_key.empty()) {
@@ -116,8 +113,7 @@
random->RandBytes(source_address_token_secret, kInputKeyingMaterialLength);
auto config = QuicMakeUnique<QuicCryptoServerConfig>(
std::string(source_address_token_secret, kInputKeyingMaterialLength),
- random, QuicMakeUnique<DummyProofSource>(), KeyExchangeSource::Default(),
- TlsServerHandshaker::CreateSslCtx());
+ random, QuicMakeUnique<DummyProofSource>(), KeyExchangeSource::Default());
// We run QUIC over ICE, and ICE is verifying remote side with STUN pings.
// We disable source address token validation in order to allow for 0-rtt
