Google Git
Sign in
quiche/quiche.git/ae306481b4bad687974d3750a1c59a71b17ba735^!/.
commit
ae306481b4bad687974d3750a1c59a71b17ba735
[log]
author
fayang <fayang@google.com>
Fri Jan 06 12:22:36 2023 -0800
committer
Copybara-Service <copybara-worker@google.com>
Fri Jan 06 15:01:11 2023 -0800
tree
d0b290b2e4ff2d598b1d29608f58a215e1b27108
parent
93c0e3e0525e9ca980da7e25eb5cd2bc49662700 [diff]
Add a QUIC protocol flag to enable/disable Chaos protection. Such that we can enable tests disabled in crbug/1347664.

PiperOrigin-RevId: 500233723

diff --git a/quiche/quic/core/quic_packet_creator.cc b/quiche/quic/core/quic_packet_creator.cc
index cfcd3e2..566944c 100644
--- a/quiche/quic/core/quic_packet_creator.cc
+++ b/quiche/quic/core/quic_packet_creator.cc

@@ -780,7 +780,8 @@
 absl::optional<size_t>
 QuicPacketCreator::MaybeBuildDataPacketWithChaosProtection(
     const QuicPacketHeader& header, char* buffer) {
-  if (framer_->perspective() != Perspective::IS_CLIENT ||
+  if (!GetQuicFlag(quic_enable_chaos_protection) ||
+      framer_->perspective() != Perspective::IS_CLIENT ||
       packet_.encryption_level != ENCRYPTION_INITIAL ||
       !framer_->version().UsesCryptoFrames() || queued_frames_.size() != 2u ||
       queued_frames_[0].type != CRYPTO_FRAME ||

diff --git a/quiche/quic/core/quic_packet_creator_test.cc b/quiche/quic/core/quic_packet_creator_test.cc
index 6dcd4a5..63a2dc1 100644
--- a/quiche/quic/core/quic_packet_creator_test.cc
+++ b/quiche/quic/core/quic_packet_creator_test.cc

@@ -255,6 +255,8 @@
            n * 2;
   }
 
+  void TestChaosProtection(bool enabled);
+
   static constexpr QuicStreamOffset kOffset = 0u;
 
   char buffer_[kMaxOutgoingPacketSize];
@@ -1345,7 +1347,7 @@
   EXPECT_EQ(GetParam().version_serialization, header.version_flag);
 }
 
-TEST_P(QuicPacketCreatorTest, ChaosProtection) {
+void QuicPacketCreatorTest::TestChaosProtection(bool enabled) {
   if (!GetParam().version.UsesCryptoFrames()) {
     return;
   }
@@ -1362,13 +1364,28 @@
   EXPECT_CALL(framer_visitor_, OnUnauthenticatedHeader(_));
   EXPECT_CALL(framer_visitor_, OnDecryptedPacket(_, _));
   EXPECT_CALL(framer_visitor_, OnPacketHeader(_));
-  EXPECT_CALL(framer_visitor_, OnCryptoFrame(_)).Times(AtLeast(2));
-  EXPECT_CALL(framer_visitor_, OnPaddingFrame(_)).Times(AtLeast(2));
-  EXPECT_CALL(framer_visitor_, OnPingFrame(_)).Times(AtLeast(1));
+  if (enabled) {
+    EXPECT_CALL(framer_visitor_, OnCryptoFrame(_)).Times(AtLeast(2));
+    EXPECT_CALL(framer_visitor_, OnPaddingFrame(_)).Times(AtLeast(2));
+    EXPECT_CALL(framer_visitor_, OnPingFrame(_)).Times(AtLeast(1));
+  } else {
+    EXPECT_CALL(framer_visitor_, OnCryptoFrame(_)).Times(1);
+    EXPECT_CALL(framer_visitor_, OnPaddingFrame(_)).Times(1);
+    EXPECT_CALL(framer_visitor_, OnPingFrame(_)).Times(0);
+  }
   EXPECT_CALL(framer_visitor_, OnPacketComplete());
   ProcessPacket(serialized);
 }
 
+TEST_P(QuicPacketCreatorTest, ChaosProtectionEnabled) {
+  TestChaosProtection(true);
+}
+
+TEST_P(QuicPacketCreatorTest, ChaosProtectionDisabled) {
+  SetQuicFlag(quic_enable_chaos_protection, false);
+  TestChaosProtection(false);
+}
+
 TEST_P(QuicPacketCreatorTest, ConsumeDataLargerThanOneStreamFrame) {
   if (!GetParam().version_serialization) {
     creator_.StopSendingVersion();

diff --git a/quiche/quic/core/quic_protocol_flags_list.h b/quiche/quic/core/quic_protocol_flags_list.h
index 1c92890..7644cbf 100644
--- a/quiche/quic/core/quic_protocol_flags_list.h
+++ b/quiche/quic/core/quic_protocol_flags_list.h

@@ -222,4 +222,8 @@
 QUIC_PROTOCOL_FLAG(bool, quic_interval_set_enable_add_optimization, true,
                    "If true, enable an optimization in QuicIntervalSet")
 
+QUIC_PROTOCOL_FLAG(
+    bool, quic_enable_chaos_protection, true,
+    "If true, use chaos protection to randomize client initials.")
+
 #endif