)]}' { "commit": "874df09ee3553da1c2111f9f75cedd08d460ea37", "tree": "3de448b6fa8fe5b99a504be8d70ece98f43de7c0", "parents": [ "db520aba017abbfdac45e3fa550449026efe706b" ], "author": { "name": "wub", "email": "wub@google.com", "time": "Tue Nov 02 11:22:55 2021 -0700" }, "committer": { "name": "Copybara-Service", "email": "copybara-worker@google.com", "time": "Tue Nov 02 11:23:47 2021 -0700" }, "message": "Add mTLS support for IETF QUIC.\n\nIn QUICHE, this CL adds the code that allows embeders to enable TLS client certificates. In GFE, this CL adds client cert support for Google domains in two types of client cert configurations:\n- REQUEST_CLIENT_CERTIFICATE_BUT_DONT_VERIFY\n- REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_BUT_DONT_VERIFY\nOther config types are not supported and will cause QUIC_HANDSHAKE_FAILED if such request is received.\n\nProtected by FLAGS_quic_restart_flag_quic_tls_server_support_client_cert.\n\nPiperOrigin-RevId: 407133294\n", "tree_diff": [ { "type": "modify", "old_id": "fcc6cced8281debd280af62474e3f55ec53b83f5", "old_mode": 33188, "old_path": "quic/core/crypto/proof_source.h", "new_id": "2eb755a92137fe20aa0a7d331906b2ee6b322db9", "new_mode": 33188, "new_path": "quic/core/crypto/proof_source.h" }, { "type": "modify", "old_id": "c8d377e17452c1309945e8025ed9b4ac8bba8469", "old_mode": 33188, "old_path": "quic/core/crypto/tls_connection.h", "new_id": "a7a869ad1cdf2ed14ffe6004933b4d4d0749d4c6", "new_mode": 33188, "new_path": "quic/core/crypto/tls_connection.h" }, { "type": "modify", "old_id": "0da9bbc3e9461dc84c8b3b6b9b25979468dd6ae3", "old_mode": 33188, "old_path": "quic/core/crypto/tls_server_connection.cc", "new_id": "007bdbb1a175484d0dcd9f590a18723a561cdf45", "new_mode": 33188, "new_path": "quic/core/crypto/tls_server_connection.cc" }, { "type": "modify", "old_id": "6c775b86cd74e7550ffb24c68cc85fdf49aba6ce", "old_mode": 33188, "old_path": "quic/core/crypto/tls_server_connection.h", "new_id": "976620dba33a2d513e52148a4360f6b09cbdff60", "new_mode": 33188, "new_path": "quic/core/crypto/tls_server_connection.h" }, { "type": "modify", "old_id": "23be7f96ce0b5b8e0c1bccd84a48925de862cfc6", "old_mode": 33188, "old_path": "quic/core/quic_flags_list.h", "new_id": "73a6927cfbca119f994a9ffaac6950ee9a05fc0e", "new_mode": 33188, "new_path": "quic/core/quic_flags_list.h" }, { "type": "modify", "old_id": "35e0bf3d08f8153b4c7b98c7f09a250eceecd444", "old_mode": 33188, "old_path": "quic/core/quic_session.h", "new_id": "56ec3b294ad9a987453415c74dd7389e2a1398de", "new_mode": 33188, "new_path": "quic/core/quic_session.h" }, { "type": "modify", "old_id": "8c155c4e2e95b8699fae3abfa997b2be96165682", "old_mode": 33188, "old_path": "quic/core/quic_types.cc", "new_id": "6bd58e94ab92e72eb8bca798072e1061b05db410", "new_mode": 33188, "new_path": "quic/core/quic_types.cc" }, { "type": "modify", "old_id": "b0f32cd157cac3e9c84b9598b51ad687a504beb0", "old_mode": 33188, "old_path": "quic/core/quic_types.h", "new_id": "b048121d73a679bbc8dc1844c457b4dd8ba9baa2", "new_mode": 33188, "new_path": "quic/core/quic_types.h" }, { "type": "modify", "old_id": "dee634ba2cce9f2ba443c5968dbf2eb635d68340", "old_mode": 33188, "old_path": "quic/core/tls_handshaker.cc", "new_id": "ac959f251d492a9c4dbb81b03e9ad0992cae67e4", "new_mode": 33188, "new_path": "quic/core/tls_handshaker.cc" }, { "type": "modify", "old_id": "a763875665585219c8a6c34c205dd4dbce70092e", "old_mode": 33188, "old_path": "quic/core/tls_server_handshaker.cc", "new_id": "637435c36d9c4e44e05c926be5f2750035587573", "new_mode": 33188, "new_path": "quic/core/tls_server_handshaker.cc" }, { "type": "modify", "old_id": "b7179a7660772ee9b78a99fad52c8361871dafbd", "old_mode": 33188, "old_path": "quic/core/tls_server_handshaker.h", "new_id": "6a7f358ac51279639dcb87f8071a23ae3bf44273", "new_mode": 33188, "new_path": "quic/core/tls_server_handshaker.h" }, { "type": "modify", "old_id": "bf68c8513f98658155e86d930b356f9d3074a733", "old_mode": 33188, "old_path": "quic/core/tls_server_handshaker_test.cc", "new_id": "3e707b20cdc37abd2da68a93c5439fecba5c74be", "new_mode": 33188, "new_path": "quic/core/tls_server_handshaker_test.cc" }, { "type": "modify", "old_id": "8c1e7f870f1f6d82583bcb1be0d16596cf57fd27", "old_mode": 33188, "old_path": "quic/test_tools/fake_proof_source_handle.cc", "new_id": "46a1d095066b293a8e7237204f89e970e466a384", "new_mode": 33188, "new_path": "quic/test_tools/fake_proof_source_handle.cc" }, { "type": "modify", "old_id": "3d038a4d58b7a5e089b4e66ece66a881e7454660", "old_mode": 33188, "old_path": "quic/test_tools/fake_proof_source_handle.h", "new_id": "b4203e81ddd9e5fc624ec76dacec8765656f6e57", "new_mode": 33188, "new_path": "quic/test_tools/fake_proof_source_handle.h" }, { "type": "modify", "old_id": "e059f311d70a2b7e85784c2fdb60e8c845f0b2dc", "old_mode": 33188, "old_path": "quic/test_tools/quic_test_utils.h", "new_id": "77b7cbbe90c38bf436e74a37cf20a7287629cf79", "new_mode": 33188, "new_path": "quic/test_tools/quic_test_utils.h" } ] }