gfe-relnote: In QUIC, ensure STREAM frames are never sent at level ENCRYPTION_HANDSHAKE. Not protected as ENCRYPTION_HANDSHAKE is not used currently.
PiperOrigin-RevId: 246498127
Change-Id: Ib558b86f56965d94a456cc1b38176924eeaf3136
diff --git a/quic/core/quic_connection_test.cc b/quic/core/quic_connection_test.cc
index 85ec46b..f78bb51 100644
--- a/quic/core/quic_connection_test.cc
+++ b/quic/core/quic_connection_test.cc
@@ -7517,7 +7517,7 @@
struct iovec iov;
MakeIOVector("", &iov);
EXPECT_QUIC_BUG(connection_.SaveAndSendStreamData(3, &iov, 1, 0, 0, FIN),
- "Cannot send stream data without encryption.");
+ "Cannot send stream data with level: ENCRYPTION_INITIAL");
EXPECT_FALSE(connection_.connected());
}
diff --git a/quic/core/quic_packet_creator.cc b/quic/core/quic_packet_creator.cc
index 548b504..4934666 100644
--- a/quic/core/quic_packet_creator.cc
+++ b/quic/core/quic_packet_creator.cc
@@ -841,9 +841,11 @@
if (frame.type == STREAM_FRAME &&
frame.stream_frame.stream_id !=
QuicUtils::GetCryptoStreamId(framer_->transport_version()) &&
- packet_.encryption_level == ENCRYPTION_INITIAL) {
- const std::string error_details =
- "Cannot send stream data without encryption.";
+ (packet_.encryption_level == ENCRYPTION_INITIAL ||
+ packet_.encryption_level == ENCRYPTION_HANDSHAKE)) {
+ const std::string error_details = QuicStrCat(
+ "Cannot send stream data with level: ",
+ QuicUtils::EncryptionLevelToString(packet_.encryption_level));
QUIC_BUG << error_details;
delegate_->OnUnrecoverableError(
QUIC_ATTEMPT_TO_SEND_UNENCRYPTED_STREAM_DATA, error_details,
diff --git a/quic/core/quic_packet_creator_test.cc b/quic/core/quic_packet_creator_test.cc
index 6b489ba..eddddc6 100644
--- a/quic/core/quic_packet_creator_test.cc
+++ b/quic/core/quic_packet_creator_test.cc
@@ -295,7 +295,7 @@
frames_.push_back(QuicFrame(new QuicAckFrame(InitAckFrame(1))));
QuicStreamId stream_id = QuicUtils::GetFirstBidirectionalStreamId(
client_framer_.transport_version(), Perspective::IS_CLIENT);
- if (level != ENCRYPTION_INITIAL) {
+ if (level != ENCRYPTION_INITIAL && level != ENCRYPTION_HANDSHAKE) {
frames_.push_back(
QuicFrame(QuicStreamFrame(stream_id, false, 0u, QuicStringPiece())));
frames_.push_back(
@@ -320,7 +320,7 @@
.WillOnce(Return(true));
EXPECT_CALL(framer_visitor_, OnAckFrameEnd(QuicPacketNumber(1)))
.WillOnce(Return(true));
- if (level != ENCRYPTION_INITIAL) {
+ if (level != ENCRYPTION_INITIAL && level != ENCRYPTION_HANDSHAKE) {
EXPECT_CALL(framer_visitor_, OnStreamFrame(_));
EXPECT_CALL(framer_visitor_, OnStreamFrame(_));
}
@@ -1361,7 +1361,23 @@
/*fin=*/false, 0u, QuicStringPiece());
EXPECT_QUIC_BUG(
creator_.AddSavedFrame(QuicFrame(stream_frame), NOT_RETRANSMISSION),
- "Cannot send stream data without encryption.");
+ "Cannot send stream data with level: ENCRYPTION_INITIAL");
+}
+
+TEST_P(QuicPacketCreatorTest, SendStreamDataWithEncryptionHandshake) {
+ // EXPECT_QUIC_BUG tests are expensive so only run one instance of them.
+ if (!IsDefaultTestConfiguration()) {
+ return;
+ }
+
+ creator_.set_encryption_level(ENCRYPTION_HANDSHAKE);
+ EXPECT_CALL(delegate_, OnUnrecoverableError(_, _, _));
+ QuicStreamFrame stream_frame(
+ QuicUtils::GetHeadersStreamId(client_framer_.transport_version()),
+ /*fin=*/false, 0u, QuicStringPiece());
+ EXPECT_QUIC_BUG(
+ creator_.AddSavedFrame(QuicFrame(stream_frame), NOT_RETRANSMISSION),
+ "Cannot send stream data with level: ENCRYPTION_HANDSHAKE");
}
TEST_P(QuicPacketCreatorTest, ChloTooLarge) {
