Import Cronet version 114.0.5715.0

Project import generated by Copybara.

FolderOrigin-RevId: /tmp/copybara-origin/src
Test: none
Change-Id: I15627f4badf0f6173d24f6c555169cc815a29fdd

5 files changed, 28 insertions, 26 deletions

diff --git a/net/socket/ssl_client_socket_impl.cc b/net/socket/ssl_client_socket_impl.cc
index 4989bf000..0f1192063 100644
--- a/net/socket/ssl_client_socket_impl.cc
+++ b/net/socket/ssl_client_socket_impl.cc
@@ -238,18 +238,6 @@ RSAKeyUsage CheckRSAKeyUsage(const X509Certificate* cert,
                                 : RSAKeyUsage::kMissingDigitalSignature;
 }
 
-// IsCECPQ2Host returns true if the given host is eligible for CECPQ2. This is
-// used to implement a gradual rollout as the larger TLS messages may cause
-// middlebox issues.
-bool IsCECPQ2Host(const std::string& host) {
-  // Currently only eTLD+1s that start with "aa" are included, for example
-  // aardvark.com or aaron.com.
-  return registry_controlled_domains::GetDomainAndRegistry(
-             host, registry_controlled_domains::PrivateRegistryFilter::
-                       EXCLUDE_PRIVATE_REGISTRIES)
-             .find(features::kPostQuantumCECPQ2Prefix.Get()) == 0;
-}
-
 bool HostIsIPAddressNoBrackets(base::StringPiece host) {
   // Note this cannot directly call url::HostIsIPAddress, because that function
   // expects bracketed IPv6 literals. By the time hosts reach SSLClientSocket,
@@ -758,20 +746,10 @@ int SSLClientSocketImpl::Init() {
     return ERR_UNEXPECTED;
   }
 
-  if (base::FeatureList::IsEnabled(features::kPostQuantumKyber)) {
+  if (context_->config().post_quantum_enabled &&
+      base::FeatureList::IsEnabled(features::kPostQuantumKyber)) {
     static const int kCurves[] = {NID_X25519Kyber768, NID_X25519,
-                                  NID_P256Kyber768, NID_X9_62_prime256v1,
-                                  NID_secp384r1};
-    if (!SSL_set1_curves(ssl_.get(), kCurves, std::size(kCurves))) {
-      return ERR_UNEXPECTED;
-    }
-  } else if (context_->config().cecpq2_enabled &&
-      (base::FeatureList::IsEnabled(features::kPostQuantumCECPQ2) ||
-       (!host_is_ip_address &&
-        base::FeatureList::IsEnabled(features::kPostQuantumCECPQ2SomeDomains) &&
-        IsCECPQ2Host(host_and_port_.host())))) {
-    static const int kCurves[] = {NID_CECPQ2, NID_X25519, NID_X9_62_prime256v1,
-                                  NID_secp384r1};
+                                  NID_X9_62_prime256v1, NID_secp384r1};
     if (!SSL_set1_curves(ssl_.get(), kCurves, std::size(kCurves))) {
       return ERR_UNEXPECTED;
     }
diff --git a/net/socket/udp_socket_posix.cc b/net/socket/udp_socket_posix.cc
index ebdb5129f..d7fe60ca6 100644
--- a/net/socket/udp_socket_posix.cc
+++ b/net/socket/udp_socket_posix.cc
@@ -1063,6 +1063,14 @@ int UDPSocketPosix::SetDiffServCodePoint(DiffServCodePoint dscp) {
   return OK;
 }
 
+int UDPSocketPosix::SetIPv6Only(bool ipv6_only) {
+  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
+  if (is_connected()) {
+    return ERR_SOCKET_IS_CONNECTED;
+  }
+  return net::SetIPv6Only(socket_, ipv6_only);
+}
+
 void UDPSocketPosix::DetachFromThread() {
   DETACH_FROM_THREAD(thread_checker_);
 }
diff --git a/net/socket/udp_socket_posix.h b/net/socket/udp_socket_posix.h
index 59eb51499..ed9c7549c 100644
--- a/net/socket/udp_socket_posix.h
+++ b/net/socket/udp_socket_posix.h
@@ -251,6 +251,10 @@ class NET_EXPORT UDPSocketPosix {
   // Returns a net error code.
   int SetDiffServCodePoint(DiffServCodePoint dscp);
 
+  // Sets IPV6_V6ONLY on the socket. If this flag is true, the socket will be
+  // restricted to only IPv6; false allows both IPv4 and IPv6 traffic.
+  int SetIPv6Only(bool ipv6_only);
+
   // Exposes the underlying socket descriptor for testing its state. Does not
   // release ownership of the descriptor.
   SocketDescriptor SocketDescriptorForTesting() const { return socket_; }
diff --git a/net/socket/udp_socket_win.cc b/net/socket/udp_socket_win.cc
index 3e52f8c30..dfc234f5d 100644
--- a/net/socket/udp_socket_win.cc
+++ b/net/socket/udp_socket_win.cc
@@ -1185,6 +1185,14 @@ int UDPSocketWin::SetDiffServCodePoint(DiffServCodePoint dscp) {
   return OK;
 }
 
+int UDPSocketWin::SetIPv6Only(bool ipv6_only) {
+  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
+  if (is_connected()) {
+    return ERR_SOCKET_IS_CONNECTED;
+  }
+  return net::SetIPv6Only(socket_, ipv6_only);
+}
+
 void UDPSocketWin::DetachFromThread() {
   DETACH_FROM_THREAD(thread_checker_);
 }
diff --git a/net/socket/udp_socket_win.h b/net/socket/udp_socket_win.h
index 421de9df4..857613564 100644
--- a/net/socket/udp_socket_win.h
+++ b/net/socket/udp_socket_win.h
@@ -334,11 +334,15 @@ class NET_EXPORT UDPSocketWin : public base::win::ObjectWatcher::Delegate {
   int SetMulticastLoopbackMode(bool loopback);
 
   // Sets the differentiated services flags on outgoing packets. May not do
-  // anything on some platforms.  A return value of ERR_INVALID_HANDLE indicates
+  // anything on some platforms. A return value of ERR_INVALID_HANDLE indicates
   // the value was not set but could succeed on a future call, because
   // initialization is in progress.
   int SetDiffServCodePoint(DiffServCodePoint dscp);
 
+  // Sets IPV6_V6ONLY on the socket. If this flag is true, the socket will be
+  // restricted to only IPv6; false allows both IPv4 and IPv6 traffic.
+  int SetIPv6Only(bool ipv6_only);
+
   // Resets the thread to be used for thread-safety checks.
   void DetachFromThread();