Fix QUIC ALPN tests when BoringSSL encforces ALPN policy checks PiperOrigin-RevId: 323993527 Change-Id: Iffa709686b5a28fe2e5dabe92da7a00b9b9545cb
diff --git a/quic/core/tls_client_handshaker_test.cc b/quic/core/tls_client_handshaker_test.cc index 87afeb8..adf06ad 100644 --- a/quic/core/tls_client_handshaker_test.cc +++ b/quic/core/tls_client_handshaker_test.cc
@@ -553,16 +553,30 @@ [kTestAlpn](const std::vector<quiche::QuicheStringPiece>& alpns) { return std::find(alpns.cbegin(), alpns.cend(), kTestAlpn); }); +#if BORINGSSL_API_VERSION > 10 + EXPECT_CALL(*server_connection_, + CloseConnection(QUIC_HANDSHAKE_FAILED, + "TLS handshake failure (ENCRYPTION_INITIAL) 120: " + "no application protocol", + _)); +#else // BORINGSSL_API_VERSION <= 10 EXPECT_CALL(*connection_, CloseConnection(QUIC_HANDSHAKE_FAILED, "Server did not select ALPN", _)); +#endif // BORINGSSL_API_VERSION + stream()->CryptoConnect(); crypto_test_utils::AdvanceHandshake(connection_, stream(), 0, server_connection_, server_stream(), 0); EXPECT_FALSE(stream()->one_rtt_keys_available()); - EXPECT_TRUE(stream()->encryption_established()); EXPECT_FALSE(server_stream()->one_rtt_keys_available()); +#if BORINGSSL_API_VERSION > 10 + EXPECT_FALSE(stream()->encryption_established()); + EXPECT_FALSE(server_stream()->encryption_established()); +#else // BORINGSSL_API_VERSION <= 10 + EXPECT_TRUE(stream()->encryption_established()); EXPECT_TRUE(server_stream()->encryption_established()); +#endif // BORINGSSL_API_VERSION } TEST_P(TlsClientHandshakerTest, ZeroRTTNotAttemptedOnALPNChange) {
diff --git a/quic/core/tls_server_handshaker_test.cc b/quic/core/tls_server_handshaker_test.cc index c1e5a89..ac7b530 100644 --- a/quic/core/tls_server_handshaker_test.cc +++ b/quic/core/tls_server_handshaker_test.cc
@@ -297,33 +297,24 @@ EXPECT_FALSE(server_stream()->one_rtt_keys_available()); } -TEST_F(TlsServerHandshakerTest, ClientNotSendingALPN) { - static_cast<TlsClientHandshaker*>( - QuicCryptoClientStreamPeer::GetHandshaker(client_stream())) - ->AllowEmptyAlpnForTests(); - EXPECT_CALL(*client_session_, GetAlpnsToOffer()) - .WillOnce(Return(std::vector<std::string>())); - EXPECT_CALL( - *client_connection_, - CloseConnection(QUIC_HANDSHAKE_FAILED, "Server did not select ALPN", _)); - EXPECT_CALL(*server_connection_, - CloseConnection(QUIC_HANDSHAKE_FAILED, - "Server did not receive a known ALPN", _)); - - // Process two flights of handshake messages. - AdvanceHandshakeWithFakeClient(); - AdvanceHandshakeWithFakeClient(); - - EXPECT_FALSE(client_stream()->one_rtt_keys_available()); - EXPECT_TRUE(client_stream()->encryption_established()); - EXPECT_FALSE(server_stream()->one_rtt_keys_available()); - EXPECT_TRUE(server_stream()->encryption_established()); -} - TEST_F(TlsServerHandshakerTest, ClientSendingBadALPN) { const std::string kTestBadClientAlpn = "bad-client-alpn"; EXPECT_CALL(*client_session_, GetAlpnsToOffer()) .WillOnce(Return(std::vector<std::string>({kTestBadClientAlpn}))); +#if BORINGSSL_API_VERSION > 10 + EXPECT_CALL(*server_connection_, + CloseConnection(QUIC_HANDSHAKE_FAILED, + "TLS handshake failure (ENCRYPTION_INITIAL) 120: " + "no application protocol", + _)); + + AdvanceHandshakeWithFakeClient(); + + EXPECT_FALSE(client_stream()->one_rtt_keys_available()); + EXPECT_FALSE(client_stream()->encryption_established()); + EXPECT_FALSE(server_stream()->one_rtt_keys_available()); + EXPECT_FALSE(server_stream()->encryption_established()); +#else // BORINGSSL_API_VERSION <=10 EXPECT_CALL( *client_connection_, CloseConnection(QUIC_HANDSHAKE_FAILED, "Server did not select ALPN", _)); @@ -339,6 +330,7 @@ EXPECT_TRUE(client_stream()->encryption_established()); EXPECT_FALSE(server_stream()->one_rtt_keys_available()); EXPECT_TRUE(server_stream()->encryption_established()); +#endif // BORINGSSL_API_VERSION } TEST_F(TlsServerHandshakerTest, CustomALPNNegotiation) {