Prevent QUIC streams from writing data when encryption is not established.
Merge internal change: 109446528
BUG=
Review URL: https://codereview.chromium.org/1508433002
Cr-Commit-Position: refs/heads/master@{#363354}
diff --git a/net/quic/test_tools/crypto_test_utils.cc b/net/quic/test_tools/crypto_test_utils.cc
index 7c3e8b9..ed34502 100644
--- a/net/quic/test_tools/crypto_test_utils.cc
+++ b/net/quic/test_tools/crypto_test_utils.cc
@@ -355,6 +355,40 @@
return new class MockCommonCertSets(cert, hash, index);
}
+// static
+void CryptoTestUtils::FillInDummyReject(CryptoHandshakeMessage* rej,
+ bool reject_is_stateless) {
+ if (reject_is_stateless) {
+ rej->set_tag(kSREJ);
+ } else {
+ rej->set_tag(kREJ);
+ }
+
+ // Minimum SCFG that passes config validation checks.
+ // clang-format off
+ unsigned char scfg[] = {
+ // SCFG
+ 0x53, 0x43, 0x46, 0x47,
+ // num entries
+ 0x01, 0x00,
+ // padding
+ 0x00, 0x00,
+ // EXPY
+ 0x45, 0x58, 0x50, 0x59,
+ // EXPY end offset
+ 0x08, 0x00, 0x00, 0x00,
+ // Value
+ '1', '2', '3', '4',
+ '5', '6', '7', '8'
+ };
+ // clang-format on
+ rej->SetValue(kSCFG, scfg);
+ rej->SetStringPiece(kServerNonceTag, "SERVER_NONCE");
+ vector<QuicTag> reject_reasons;
+ reject_reasons.push_back(CLIENT_NONCE_INVALID_FAILURE);
+ rej->SetVector(kRREJ, reject_reasons);
+}
+
void CryptoTestUtils::CompareClientAndServerKeys(
QuicCryptoClientStream* client,
QuicCryptoServerStream* server) {
diff --git a/net/quic/test_tools/crypto_test_utils.h b/net/quic/test_tools/crypto_test_utils.h
index b823c61..56b07507 100644
--- a/net/quic/test_tools/crypto_test_utils.h
+++ b/net/quic/test_tools/crypto_test_utils.h
@@ -156,6 +156,12 @@
uint64 hash,
uint32 index);
+ // Creates a minimal dummy reject message that will pass the client-config
+ // validation tests. This will include a server config, but no certs, proof
+ // source address token, or server nonce.
+ static void FillInDummyReject(CryptoHandshakeMessage* rej,
+ bool reject_is_stateless);
+
// ParseTag returns a QuicTag from parsing |tagstr|. |tagstr| may either be
// in the format "EXMP" (i.e. ASCII format), or "#11223344" (an explicit hex
// format). It CHECK fails if there's a parse error.
diff --git a/net/quic/test_tools/quic_packet_creator_peer.cc b/net/quic/test_tools/quic_packet_creator_peer.cc
index 0d20315..a310121f 100644
--- a/net/quic/test_tools/quic_packet_creator_peer.cc
+++ b/net/quic/test_tools/quic_packet_creator_peer.cc
@@ -117,5 +117,11 @@
return creator->rtt_multiplier_for_fec_timeout_;
}
+// static
+EncryptionLevel QuicPacketCreatorPeer::GetEncryptionLevel(
+ QuicPacketCreator* creator) {
+ return creator->encryption_level_;
+}
+
} // namespace test
} // namespace net
diff --git a/net/quic/test_tools/quic_packet_creator_peer.h b/net/quic/test_tools/quic_packet_creator_peer.h
index ca62f36..b871c40 100644
--- a/net/quic/test_tools/quic_packet_creator_peer.h
+++ b/net/quic/test_tools/quic_packet_creator_peer.h
@@ -51,6 +51,7 @@
static QuicTime::Delta GetFecTimeout(QuicPacketCreator* creator);
// TODO(rtenneti): Delete this code after the 0.25 RTT FEC experiment.
static float GetRttMultiplierForFecTimeout(QuicPacketCreator* creator);
+ static EncryptionLevel GetEncryptionLevel(QuicPacketCreator* creator);
private:
DISALLOW_COPY_AND_ASSIGN(QuicPacketCreatorPeer);
