commit 914536425ee6193b2b60169389574eb8c56435e0
author dschinazi <dschinazi@google.com> Thu Aug 01 11:12:15 2019 -0700
committer Copybara-Service <copybara-worker@google.com> Fri Aug 02 06:20:41 2019 -0700
tree f37cba0e327b963b8e3197f2e3a3597485e3898a
parent 2e963aa59c08f3c9d45d268077423258981631c0

Make QUIC enforce ALPN when using TLS handshake

gfe-relnote: enforce ALPN when using TLS, protected by disabled quic_tls flag
PiperOrigin-RevId: 261159061
Change-Id: I9ccdd221e92beae2b83677e692e3c6d084351731

quic/core/tls_handshaker_test.cc

diff --git a/quic/core/tls_handshaker_test.cc b/quic/core/tls_handshaker_test.cc
index f15a266..67dd47f 100644
--- a/quic/core/tls_handshaker_test.cc
+++ b/quic/core/tls_handshaker_test.cc
@@ -430,6 +430,42 @@
   EXPECT_FALSE(server_stream_->handshake_confirmed());
 }
 
+TEST_F(TlsHandshakerTest, ClientNotSendingALPN) {
+  static std::string kTestClientNoAlpn = "";
+  quic_alpn_override_on_client_for_tests = &kTestClientNoAlpn;
+  EXPECT_CALL(*client_conn_, CloseConnection(QUIC_HANDSHAKE_FAILED,
+                                             "Server did not select ALPN", _));
+  EXPECT_CALL(*server_conn_,
+              CloseConnection(QUIC_HANDSHAKE_FAILED,
+                              "Server did not receive a known ALPN", _));
+  client_stream_->CryptoConnect();
+  ExchangeHandshakeMessages(client_stream_, server_stream_);
+
+  EXPECT_FALSE(client_stream_->handshake_confirmed());
+  EXPECT_FALSE(client_stream_->encryption_established());
+  EXPECT_FALSE(server_stream_->handshake_confirmed());
+  EXPECT_FALSE(server_stream_->encryption_established());
+  quic_alpn_override_on_client_for_tests = nullptr;
+}
+
+TEST_F(TlsHandshakerTest, ClientSendingBadALPN) {
+  static std::string kTestBadClientAlpn = "bad-client-alpn";
+  quic_alpn_override_on_client_for_tests = &kTestBadClientAlpn;
+  EXPECT_CALL(*client_conn_, CloseConnection(QUIC_HANDSHAKE_FAILED,
+                                             "Server did not select ALPN", _));
+  EXPECT_CALL(*server_conn_,
+              CloseConnection(QUIC_HANDSHAKE_FAILED,
+                              "Server did not receive a known ALPN", _));
+  client_stream_->CryptoConnect();
+  ExchangeHandshakeMessages(client_stream_, server_stream_);
+
+  EXPECT_FALSE(client_stream_->handshake_confirmed());
+  EXPECT_FALSE(client_stream_->encryption_established());
+  EXPECT_FALSE(server_stream_->handshake_confirmed());
+  EXPECT_FALSE(server_stream_->encryption_established());
+  quic_alpn_override_on_client_for_tests = nullptr;
+}
+
 }  // namespace
 }  // namespace test
 }  // namespace quic