Add DCHECKs to enforce encryption level in packet creator The QuicPacketCreator has 5 different paths that serialize packets: one general-purpose, then one for non-crypto streams and three for path probes. Non-crypto streams are only ever sent in 0-RTT or 1-RTT, while path probes are only sent in 1-RTT. This CL enforces this with DCHECKs, and tweaks some tests to use the correct encryption levels. Dcheck-only change PiperOrigin-RevId: 317334226 Change-Id: I55419c30c927ab155ba375d6ef71e1e293aaa1f4
diff --git a/quic/core/quic_connection_test.cc b/quic/core/quic_connection_test.cc index 41e1974..44a1b69 100644 --- a/quic/core/quic_connection_test.cc +++ b/quic/core/quic_connection_test.cc
@@ -1771,6 +1771,16 @@ EXPECT_TRUE(connection_.connected()); } + void PathProbeTestInit(Perspective perspective) { + set_perspective(perspective); + EXPECT_EQ(connection_.perspective(), perspective); + if (perspective == Perspective::IS_SERVER) { + QuicPacketCreatorPeer::SetSendVersionInPacket(creator_, false); + } + connection_.SetDefaultEncryptionLevel(ENCRYPTION_FORWARD_SECURE); + peer_creator_.set_encryption_level(ENCRYPTION_FORWARD_SECURE); + } + void TestClientRetryHandling(bool invalid_retry_tag, bool missing_original_id_in_config, bool wrong_original_id_in_config, @@ -2086,9 +2096,7 @@ } TEST_P(QuicConnectionTest, ReceivePathProbeWithNoAddressChangeAtServer) { - set_perspective(Perspective::IS_SERVER); - QuicPacketCreatorPeer::SetSendVersionInPacket(creator_, false); - EXPECT_EQ(Perspective::IS_SERVER, connection_.perspective()); + PathProbeTestInit(Perspective::IS_SERVER); // Clear direct_peer_address. QuicConnectionPeer::SetDirectPeerAddress(&connection_, QuicSocketAddress()); @@ -2199,9 +2207,7 @@ // in IETF version: receive a packet contains PATH CHALLENGE with peer address // change. TEST_P(QuicConnectionTest, ReceivePathProbingAtServer) { - set_perspective(Perspective::IS_SERVER); - QuicPacketCreatorPeer::SetSendVersionInPacket(creator_, false); - EXPECT_EQ(Perspective::IS_SERVER, connection_.perspective()); + PathProbeTestInit(Perspective::IS_SERVER); // Clear direct_peer_address. QuicConnectionPeer::SetDirectPeerAddress(&connection_, QuicSocketAddress()); @@ -2339,9 +2345,7 @@ } TEST_P(QuicConnectionTest, ReceiveReorderedPathProbingAtServer) { - set_perspective(Perspective::IS_SERVER); - QuicPacketCreatorPeer::SetSendVersionInPacket(creator_, false); - EXPECT_EQ(Perspective::IS_SERVER, connection_.perspective()); + PathProbeTestInit(Perspective::IS_SERVER); // Clear direct_peer_address. QuicConnectionPeer::SetDirectPeerAddress(&connection_, QuicSocketAddress()); @@ -2397,9 +2401,7 @@ } TEST_P(QuicConnectionTest, MigrateAfterProbingAtServer) { - set_perspective(Perspective::IS_SERVER); - QuicPacketCreatorPeer::SetSendVersionInPacket(creator_, false); - EXPECT_EQ(Perspective::IS_SERVER, connection_.perspective()); + PathProbeTestInit(Perspective::IS_SERVER); // Clear direct_peer_address. QuicConnectionPeer::SetDirectPeerAddress(&connection_, QuicSocketAddress()); @@ -2454,8 +2456,7 @@ TEST_P(QuicConnectionTest, ReceivePaddedPingAtClient) { EXPECT_CALL(visitor_, OnSuccessfulVersionNegotiation(_)); - set_perspective(Perspective::IS_CLIENT); - EXPECT_EQ(Perspective::IS_CLIENT, connection_.perspective()); + PathProbeTestInit(Perspective::IS_CLIENT); // Clear direct_peer_address. QuicConnectionPeer::SetDirectPeerAddress(&connection_, QuicSocketAddress()); @@ -2503,8 +2504,7 @@ return; } EXPECT_CALL(visitor_, OnSuccessfulVersionNegotiation(_)); - set_perspective(Perspective::IS_CLIENT); - EXPECT_EQ(Perspective::IS_CLIENT, connection_.perspective()); + PathProbeTestInit(Perspective::IS_CLIENT); // Clear direct_peer_address. QuicConnectionPeer::SetDirectPeerAddress(&connection_, QuicSocketAddress()); @@ -7325,7 +7325,7 @@ } TEST_P(QuicConnectionTest, WriteBlockedAfterClientSendsConnectivityProbe) { - EXPECT_EQ(Perspective::IS_CLIENT, connection_.perspective()); + PathProbeTestInit(Perspective::IS_CLIENT); TestPacketWriter probing_writer(version(), &clock_); // Block next write so that sending connectivity probe will encounter a // blocked write when send a connectivity probe to the peer. @@ -7341,8 +7341,7 @@ } TEST_P(QuicConnectionTest, WriterBlockedAfterServerSendsConnectivityProbe) { - set_perspective(Perspective::IS_SERVER); - QuicPacketCreatorPeer::SetSendVersionInPacket(creator_, false); + PathProbeTestInit(Perspective::IS_SERVER); // Block next write so that sending connectivity probe will encounter a // blocked write when send a connectivity probe to the peer. @@ -7358,7 +7357,7 @@ } TEST_P(QuicConnectionTest, WriterErrorWhenClientSendsConnectivityProbe) { - EXPECT_EQ(Perspective::IS_CLIENT, connection_.perspective()); + PathProbeTestInit(Perspective::IS_CLIENT); TestPacketWriter probing_writer(version(), &clock_); probing_writer.SetShouldWriteFail(); @@ -7373,8 +7372,7 @@ } TEST_P(QuicConnectionTest, WriterErrorWhenServerSendsConnectivityProbe) { - set_perspective(Perspective::IS_SERVER); - QuicPacketCreatorPeer::SetSendVersionInPacket(creator_, false); + PathProbeTestInit(Perspective::IS_SERVER); writer_->SetShouldWriteFail(); // Connection should not be closed if a connectivity probe is failed to be @@ -7695,6 +7693,7 @@ } TEST_P(QuicConnectionTest, OnPacketSentDebugVisitor) { + PathProbeTestInit(Perspective::IS_CLIENT); MockQuicConnectionDebugVisitor debug_visitor; connection_.set_debug_visitor(&debug_visitor); @@ -9241,8 +9240,7 @@ return; } EXPECT_CALL(visitor_, OnSuccessfulVersionNegotiation(_)); - set_perspective(Perspective::IS_CLIENT); - EXPECT_EQ(Perspective::IS_CLIENT, connection_.perspective()); + PathProbeTestInit(Perspective::IS_CLIENT); // Clear direct_peer_address and effective_peer_address. QuicConnectionPeer::SetDirectPeerAddress(&connection_, QuicSocketAddress());
diff --git a/quic/core/quic_packet_creator.cc b/quic/core/quic_packet_creator.cc index a977a8e..82b4a27 100644 --- a/quic/core/quic_packet_creator.cc +++ b/quic/core/quic_packet_creator.cc
@@ -550,6 +550,7 @@ TransmissionType transmission_type, size_t* num_bytes_consumed) { DCHECK(queued_frames_.empty()); + DCHECK(!QuicUtils::IsCryptoStreamId(transport_version(), id)); // Write out the packet header QuicPacketHeader header; FillPacketHeader(&header); @@ -638,6 +639,9 @@ packet_.transmission_type = transmission_type; + DCHECK(packet_.encryption_level == ENCRYPTION_FORWARD_SECURE || + packet_.encryption_level == ENCRYPTION_ZERO_RTT) + << packet_.encryption_level; size_t encrypted_length = framer_->EncryptInPlace( packet_.encryption_level, packet_.packet_number, GetStartOfEncryptedData(framer_->transport_version(), header), @@ -838,6 +842,7 @@ header, buffer.get(), max_plaintext_size_, packet_.encryption_level); DCHECK(length); + DCHECK_EQ(packet_.encryption_level, ENCRYPTION_FORWARD_SECURE); const size_t encrypted_length = framer_->EncryptInPlace( packet_.encryption_level, packet_.packet_number, GetStartOfEncryptedData(framer_->transport_version(), header), length, @@ -877,6 +882,7 @@ packet_.encryption_level); DCHECK(length); + DCHECK_EQ(packet_.encryption_level, ENCRYPTION_FORWARD_SECURE); const size_t encrypted_length = framer_->EncryptInPlace( packet_.encryption_level, packet_.packet_number, GetStartOfEncryptedData(framer_->transport_version(), header), length, @@ -918,6 +924,7 @@ payloads, is_padded, packet_.encryption_level); DCHECK(length); + DCHECK_EQ(packet_.encryption_level, ENCRYPTION_FORWARD_SECURE); const size_t encrypted_length = framer_->EncryptInPlace( packet_.encryption_level, packet_.packet_number, GetStartOfEncryptedData(framer_->transport_version(), header), length,
diff --git a/quic/core/quic_packet_creator_test.cc b/quic/core/quic_packet_creator_test.cc index ca59097..394b82e 100644 --- a/quic/core/quic_packet_creator_test.cc +++ b/quic/core/quic_packet_creator_test.cc
@@ -931,40 +931,36 @@ } TEST_P(QuicPacketCreatorTest, SerializeConnectivityProbingPacket) { - for (int i = ENCRYPTION_INITIAL; i < NUM_ENCRYPTION_LEVELS; ++i) { - EncryptionLevel level = static_cast<EncryptionLevel>(i); + creator_.set_encryption_level(ENCRYPTION_FORWARD_SECURE); - creator_.set_encryption_level(level); - - std::unique_ptr<SerializedPacket> encrypted; - if (VersionHasIetfQuicFrames(creator_.transport_version())) { - QuicPathFrameBuffer payload = { - {0xde, 0xad, 0xbe, 0xef, 0xba, 0xdc, 0x0f, 0xfe}}; - encrypted = - creator_.SerializePathChallengeConnectivityProbingPacket(&payload); - } else { - encrypted = creator_.SerializeConnectivityProbingPacket(); - } - { - InSequence s; - EXPECT_CALL(framer_visitor_, OnPacket()); - EXPECT_CALL(framer_visitor_, OnUnauthenticatedPublicHeader(_)); - EXPECT_CALL(framer_visitor_, OnUnauthenticatedHeader(_)); - EXPECT_CALL(framer_visitor_, OnDecryptedPacket(_)); - EXPECT_CALL(framer_visitor_, OnPacketHeader(_)); - if (VersionHasIetfQuicFrames(creator_.transport_version())) { - EXPECT_CALL(framer_visitor_, OnPathChallengeFrame(_)); - EXPECT_CALL(framer_visitor_, OnPaddingFrame(_)); - } else { - EXPECT_CALL(framer_visitor_, OnPingFrame(_)); - EXPECT_CALL(framer_visitor_, OnPaddingFrame(_)); - } - EXPECT_CALL(framer_visitor_, OnPacketComplete()); - } - // QuicFramerPeer::SetPerspective(&client_framer_, Perspective::IS_SERVER); - server_framer_.ProcessPacket(QuicEncryptedPacket( - encrypted->encrypted_buffer, encrypted->encrypted_length)); + std::unique_ptr<SerializedPacket> encrypted; + if (VersionHasIetfQuicFrames(creator_.transport_version())) { + QuicPathFrameBuffer payload = { + {0xde, 0xad, 0xbe, 0xef, 0xba, 0xdc, 0x0f, 0xfe}}; + encrypted = + creator_.SerializePathChallengeConnectivityProbingPacket(&payload); + } else { + encrypted = creator_.SerializeConnectivityProbingPacket(); } + { + InSequence s; + EXPECT_CALL(framer_visitor_, OnPacket()); + EXPECT_CALL(framer_visitor_, OnUnauthenticatedPublicHeader(_)); + EXPECT_CALL(framer_visitor_, OnUnauthenticatedHeader(_)); + EXPECT_CALL(framer_visitor_, OnDecryptedPacket(_)); + EXPECT_CALL(framer_visitor_, OnPacketHeader(_)); + if (VersionHasIetfQuicFrames(creator_.transport_version())) { + EXPECT_CALL(framer_visitor_, OnPathChallengeFrame(_)); + EXPECT_CALL(framer_visitor_, OnPaddingFrame(_)); + } else { + EXPECT_CALL(framer_visitor_, OnPingFrame(_)); + EXPECT_CALL(framer_visitor_, OnPaddingFrame(_)); + } + EXPECT_CALL(framer_visitor_, OnPacketComplete()); + } + // QuicFramerPeer::SetPerspective(&client_framer_, Perspective::IS_SERVER); + server_framer_.ProcessPacket(QuicEncryptedPacket( + encrypted->encrypted_buffer, encrypted->encrypted_length)); } TEST_P(QuicPacketCreatorTest, SerializePathChallengeProbePacket) { @@ -974,28 +970,24 @@ QuicPathFrameBuffer payload = { {0xde, 0xad, 0xbe, 0xef, 0xba, 0xdc, 0x0f, 0xee}}; - for (int i = ENCRYPTION_INITIAL; i < NUM_ENCRYPTION_LEVELS; ++i) { - EncryptionLevel level = static_cast<EncryptionLevel>(i); + creator_.set_encryption_level(ENCRYPTION_FORWARD_SECURE); - creator_.set_encryption_level(level); - - std::unique_ptr<SerializedPacket> encrypted( - creator_.SerializePathChallengeConnectivityProbingPacket(&payload)); - { - InSequence s; - EXPECT_CALL(framer_visitor_, OnPacket()); - EXPECT_CALL(framer_visitor_, OnUnauthenticatedPublicHeader(_)); - EXPECT_CALL(framer_visitor_, OnUnauthenticatedHeader(_)); - EXPECT_CALL(framer_visitor_, OnDecryptedPacket(_)); - EXPECT_CALL(framer_visitor_, OnPacketHeader(_)); - EXPECT_CALL(framer_visitor_, OnPathChallengeFrame(_)); - EXPECT_CALL(framer_visitor_, OnPaddingFrame(_)); - EXPECT_CALL(framer_visitor_, OnPacketComplete()); - } - // QuicFramerPeer::SetPerspective(&client_framer_, Perspective::IS_SERVER); - server_framer_.ProcessPacket(QuicEncryptedPacket( - encrypted->encrypted_buffer, encrypted->encrypted_length)); + std::unique_ptr<SerializedPacket> encrypted( + creator_.SerializePathChallengeConnectivityProbingPacket(&payload)); + { + InSequence s; + EXPECT_CALL(framer_visitor_, OnPacket()); + EXPECT_CALL(framer_visitor_, OnUnauthenticatedPublicHeader(_)); + EXPECT_CALL(framer_visitor_, OnUnauthenticatedHeader(_)); + EXPECT_CALL(framer_visitor_, OnDecryptedPacket(_)); + EXPECT_CALL(framer_visitor_, OnPacketHeader(_)); + EXPECT_CALL(framer_visitor_, OnPathChallengeFrame(_)); + EXPECT_CALL(framer_visitor_, OnPaddingFrame(_)); + EXPECT_CALL(framer_visitor_, OnPacketComplete()); } + // QuicFramerPeer::SetPerspective(&client_framer_, Perspective::IS_SERVER); + server_framer_.ProcessPacket(QuicEncryptedPacket( + encrypted->encrypted_buffer, encrypted->encrypted_length)); } TEST_P(QuicPacketCreatorTest, SerializePathResponseProbePacket1PayloadPadded) { @@ -1005,30 +997,26 @@ QuicPathFrameBuffer payload0 = { {0xde, 0xad, 0xbe, 0xef, 0xba, 0xdc, 0x0f, 0xee}}; - for (int i = ENCRYPTION_INITIAL; i < NUM_ENCRYPTION_LEVELS; ++i) { - EncryptionLevel level = static_cast<EncryptionLevel>(i); - creator_.set_encryption_level(level); + creator_.set_encryption_level(ENCRYPTION_FORWARD_SECURE); - QuicCircularDeque<QuicPathFrameBuffer> payloads; - payloads.push_back(payload0); + QuicCircularDeque<QuicPathFrameBuffer> payloads; + payloads.push_back(payload0); - std::unique_ptr<SerializedPacket> encrypted( - creator_.SerializePathResponseConnectivityProbingPacket(payloads, - true)); - { - InSequence s; - EXPECT_CALL(framer_visitor_, OnPacket()); - EXPECT_CALL(framer_visitor_, OnUnauthenticatedPublicHeader(_)); - EXPECT_CALL(framer_visitor_, OnUnauthenticatedHeader(_)); - EXPECT_CALL(framer_visitor_, OnDecryptedPacket(_)); - EXPECT_CALL(framer_visitor_, OnPacketHeader(_)); - EXPECT_CALL(framer_visitor_, OnPathResponseFrame(_)); - EXPECT_CALL(framer_visitor_, OnPaddingFrame(_)); - EXPECT_CALL(framer_visitor_, OnPacketComplete()); - } - server_framer_.ProcessPacket(QuicEncryptedPacket( - encrypted->encrypted_buffer, encrypted->encrypted_length)); + std::unique_ptr<SerializedPacket> encrypted( + creator_.SerializePathResponseConnectivityProbingPacket(payloads, true)); + { + InSequence s; + EXPECT_CALL(framer_visitor_, OnPacket()); + EXPECT_CALL(framer_visitor_, OnUnauthenticatedPublicHeader(_)); + EXPECT_CALL(framer_visitor_, OnUnauthenticatedHeader(_)); + EXPECT_CALL(framer_visitor_, OnDecryptedPacket(_)); + EXPECT_CALL(framer_visitor_, OnPacketHeader(_)); + EXPECT_CALL(framer_visitor_, OnPathResponseFrame(_)); + EXPECT_CALL(framer_visitor_, OnPaddingFrame(_)); + EXPECT_CALL(framer_visitor_, OnPacketComplete()); } + server_framer_.ProcessPacket(QuicEncryptedPacket( + encrypted->encrypted_buffer, encrypted->encrypted_length)); } TEST_P(QuicPacketCreatorTest, @@ -1039,29 +1027,25 @@ QuicPathFrameBuffer payload0 = { {0xde, 0xad, 0xbe, 0xef, 0xba, 0xdc, 0x0f, 0xee}}; - for (int i = ENCRYPTION_INITIAL; i < NUM_ENCRYPTION_LEVELS; ++i) { - EncryptionLevel level = static_cast<EncryptionLevel>(i); - creator_.set_encryption_level(level); + creator_.set_encryption_level(ENCRYPTION_FORWARD_SECURE); - QuicCircularDeque<QuicPathFrameBuffer> payloads; - payloads.push_back(payload0); + QuicCircularDeque<QuicPathFrameBuffer> payloads; + payloads.push_back(payload0); - std::unique_ptr<SerializedPacket> encrypted( - creator_.SerializePathResponseConnectivityProbingPacket(payloads, - false)); - { - InSequence s; - EXPECT_CALL(framer_visitor_, OnPacket()); - EXPECT_CALL(framer_visitor_, OnUnauthenticatedPublicHeader(_)); - EXPECT_CALL(framer_visitor_, OnUnauthenticatedHeader(_)); - EXPECT_CALL(framer_visitor_, OnDecryptedPacket(_)); - EXPECT_CALL(framer_visitor_, OnPacketHeader(_)); - EXPECT_CALL(framer_visitor_, OnPathResponseFrame(_)); - EXPECT_CALL(framer_visitor_, OnPacketComplete()); - } - server_framer_.ProcessPacket(QuicEncryptedPacket( - encrypted->encrypted_buffer, encrypted->encrypted_length)); + std::unique_ptr<SerializedPacket> encrypted( + creator_.SerializePathResponseConnectivityProbingPacket(payloads, false)); + { + InSequence s; + EXPECT_CALL(framer_visitor_, OnPacket()); + EXPECT_CALL(framer_visitor_, OnUnauthenticatedPublicHeader(_)); + EXPECT_CALL(framer_visitor_, OnUnauthenticatedHeader(_)); + EXPECT_CALL(framer_visitor_, OnDecryptedPacket(_)); + EXPECT_CALL(framer_visitor_, OnPacketHeader(_)); + EXPECT_CALL(framer_visitor_, OnPathResponseFrame(_)); + EXPECT_CALL(framer_visitor_, OnPacketComplete()); } + server_framer_.ProcessPacket(QuicEncryptedPacket( + encrypted->encrypted_buffer, encrypted->encrypted_length)); } TEST_P(QuicPacketCreatorTest, SerializePathResponseProbePacket2PayloadsPadded) { @@ -1073,31 +1057,27 @@ QuicPathFrameBuffer payload1 = { {0xad, 0xbe, 0xef, 0xba, 0xdc, 0x0f, 0xee, 0xde}}; - for (int i = ENCRYPTION_INITIAL; i < NUM_ENCRYPTION_LEVELS; ++i) { - EncryptionLevel level = static_cast<EncryptionLevel>(i); - creator_.set_encryption_level(level); + creator_.set_encryption_level(ENCRYPTION_FORWARD_SECURE); - QuicCircularDeque<QuicPathFrameBuffer> payloads; - payloads.push_back(payload0); - payloads.push_back(payload1); + QuicCircularDeque<QuicPathFrameBuffer> payloads; + payloads.push_back(payload0); + payloads.push_back(payload1); - std::unique_ptr<SerializedPacket> encrypted( - creator_.SerializePathResponseConnectivityProbingPacket(payloads, - true)); - { - InSequence s; - EXPECT_CALL(framer_visitor_, OnPacket()); - EXPECT_CALL(framer_visitor_, OnUnauthenticatedPublicHeader(_)); - EXPECT_CALL(framer_visitor_, OnUnauthenticatedHeader(_)); - EXPECT_CALL(framer_visitor_, OnDecryptedPacket(_)); - EXPECT_CALL(framer_visitor_, OnPacketHeader(_)); - EXPECT_CALL(framer_visitor_, OnPathResponseFrame(_)).Times(2); - EXPECT_CALL(framer_visitor_, OnPaddingFrame(_)); - EXPECT_CALL(framer_visitor_, OnPacketComplete()); - } - server_framer_.ProcessPacket(QuicEncryptedPacket( - encrypted->encrypted_buffer, encrypted->encrypted_length)); + std::unique_ptr<SerializedPacket> encrypted( + creator_.SerializePathResponseConnectivityProbingPacket(payloads, true)); + { + InSequence s; + EXPECT_CALL(framer_visitor_, OnPacket()); + EXPECT_CALL(framer_visitor_, OnUnauthenticatedPublicHeader(_)); + EXPECT_CALL(framer_visitor_, OnUnauthenticatedHeader(_)); + EXPECT_CALL(framer_visitor_, OnDecryptedPacket(_)); + EXPECT_CALL(framer_visitor_, OnPacketHeader(_)); + EXPECT_CALL(framer_visitor_, OnPathResponseFrame(_)).Times(2); + EXPECT_CALL(framer_visitor_, OnPaddingFrame(_)); + EXPECT_CALL(framer_visitor_, OnPacketComplete()); } + server_framer_.ProcessPacket(QuicEncryptedPacket( + encrypted->encrypted_buffer, encrypted->encrypted_length)); } TEST_P(QuicPacketCreatorTest, @@ -1110,30 +1090,26 @@ QuicPathFrameBuffer payload1 = { {0xad, 0xbe, 0xef, 0xba, 0xdc, 0x0f, 0xee, 0xde}}; - for (int i = ENCRYPTION_INITIAL; i < NUM_ENCRYPTION_LEVELS; ++i) { - EncryptionLevel level = static_cast<EncryptionLevel>(i); - creator_.set_encryption_level(level); + creator_.set_encryption_level(ENCRYPTION_FORWARD_SECURE); - QuicCircularDeque<QuicPathFrameBuffer> payloads; - payloads.push_back(payload0); - payloads.push_back(payload1); + QuicCircularDeque<QuicPathFrameBuffer> payloads; + payloads.push_back(payload0); + payloads.push_back(payload1); - std::unique_ptr<SerializedPacket> encrypted( - creator_.SerializePathResponseConnectivityProbingPacket(payloads, - false)); - { - InSequence s; - EXPECT_CALL(framer_visitor_, OnPacket()); - EXPECT_CALL(framer_visitor_, OnUnauthenticatedPublicHeader(_)); - EXPECT_CALL(framer_visitor_, OnUnauthenticatedHeader(_)); - EXPECT_CALL(framer_visitor_, OnDecryptedPacket(_)); - EXPECT_CALL(framer_visitor_, OnPacketHeader(_)); - EXPECT_CALL(framer_visitor_, OnPathResponseFrame(_)).Times(2); - EXPECT_CALL(framer_visitor_, OnPacketComplete()); - } - server_framer_.ProcessPacket(QuicEncryptedPacket( - encrypted->encrypted_buffer, encrypted->encrypted_length)); + std::unique_ptr<SerializedPacket> encrypted( + creator_.SerializePathResponseConnectivityProbingPacket(payloads, false)); + { + InSequence s; + EXPECT_CALL(framer_visitor_, OnPacket()); + EXPECT_CALL(framer_visitor_, OnUnauthenticatedPublicHeader(_)); + EXPECT_CALL(framer_visitor_, OnUnauthenticatedHeader(_)); + EXPECT_CALL(framer_visitor_, OnDecryptedPacket(_)); + EXPECT_CALL(framer_visitor_, OnPacketHeader(_)); + EXPECT_CALL(framer_visitor_, OnPathResponseFrame(_)).Times(2); + EXPECT_CALL(framer_visitor_, OnPacketComplete()); } + server_framer_.ProcessPacket(QuicEncryptedPacket( + encrypted->encrypted_buffer, encrypted->encrypted_length)); } TEST_P(QuicPacketCreatorTest, SerializePathResponseProbePacket3PayloadsPadded) { @@ -1147,32 +1123,28 @@ QuicPathFrameBuffer payload2 = { {0xbe, 0xef, 0xba, 0xdc, 0x0f, 0xee, 0xde, 0xad}}; - for (int i = ENCRYPTION_INITIAL; i < NUM_ENCRYPTION_LEVELS; ++i) { - EncryptionLevel level = static_cast<EncryptionLevel>(i); - creator_.set_encryption_level(level); + creator_.set_encryption_level(ENCRYPTION_FORWARD_SECURE); - QuicCircularDeque<QuicPathFrameBuffer> payloads; - payloads.push_back(payload0); - payloads.push_back(payload1); - payloads.push_back(payload2); + QuicCircularDeque<QuicPathFrameBuffer> payloads; + payloads.push_back(payload0); + payloads.push_back(payload1); + payloads.push_back(payload2); - std::unique_ptr<SerializedPacket> encrypted( - creator_.SerializePathResponseConnectivityProbingPacket(payloads, - true)); - { - InSequence s; - EXPECT_CALL(framer_visitor_, OnPacket()); - EXPECT_CALL(framer_visitor_, OnUnauthenticatedPublicHeader(_)); - EXPECT_CALL(framer_visitor_, OnUnauthenticatedHeader(_)); - EXPECT_CALL(framer_visitor_, OnDecryptedPacket(_)); - EXPECT_CALL(framer_visitor_, OnPacketHeader(_)); - EXPECT_CALL(framer_visitor_, OnPathResponseFrame(_)).Times(3); - EXPECT_CALL(framer_visitor_, OnPaddingFrame(_)); - EXPECT_CALL(framer_visitor_, OnPacketComplete()); - } - server_framer_.ProcessPacket(QuicEncryptedPacket( - encrypted->encrypted_buffer, encrypted->encrypted_length)); + std::unique_ptr<SerializedPacket> encrypted( + creator_.SerializePathResponseConnectivityProbingPacket(payloads, true)); + { + InSequence s; + EXPECT_CALL(framer_visitor_, OnPacket()); + EXPECT_CALL(framer_visitor_, OnUnauthenticatedPublicHeader(_)); + EXPECT_CALL(framer_visitor_, OnUnauthenticatedHeader(_)); + EXPECT_CALL(framer_visitor_, OnDecryptedPacket(_)); + EXPECT_CALL(framer_visitor_, OnPacketHeader(_)); + EXPECT_CALL(framer_visitor_, OnPathResponseFrame(_)).Times(3); + EXPECT_CALL(framer_visitor_, OnPaddingFrame(_)); + EXPECT_CALL(framer_visitor_, OnPacketComplete()); } + server_framer_.ProcessPacket(QuicEncryptedPacket( + encrypted->encrypted_buffer, encrypted->encrypted_length)); } TEST_P(QuicPacketCreatorTest, @@ -1187,30 +1159,26 @@ QuicPathFrameBuffer payload2 = { {0xbe, 0xef, 0xba, 0xdc, 0x0f, 0xee, 0xde, 0xad}}; - for (int i = ENCRYPTION_INITIAL; i < NUM_ENCRYPTION_LEVELS; ++i) { - EncryptionLevel level = static_cast<EncryptionLevel>(i); - creator_.set_encryption_level(level); + creator_.set_encryption_level(ENCRYPTION_FORWARD_SECURE); - QuicCircularDeque<QuicPathFrameBuffer> payloads; - payloads.push_back(payload0); - payloads.push_back(payload1); - payloads.push_back(payload2); + QuicCircularDeque<QuicPathFrameBuffer> payloads; + payloads.push_back(payload0); + payloads.push_back(payload1); + payloads.push_back(payload2); - std::unique_ptr<SerializedPacket> encrypted( - creator_.SerializePathResponseConnectivityProbingPacket(payloads, - false)); - InSequence s; - EXPECT_CALL(framer_visitor_, OnPacket()); - EXPECT_CALL(framer_visitor_, OnUnauthenticatedPublicHeader(_)); - EXPECT_CALL(framer_visitor_, OnUnauthenticatedHeader(_)); - EXPECT_CALL(framer_visitor_, OnDecryptedPacket(_)); - EXPECT_CALL(framer_visitor_, OnPacketHeader(_)); - EXPECT_CALL(framer_visitor_, OnPathResponseFrame(_)).Times(3); - EXPECT_CALL(framer_visitor_, OnPacketComplete()); + std::unique_ptr<SerializedPacket> encrypted( + creator_.SerializePathResponseConnectivityProbingPacket(payloads, false)); + InSequence s; + EXPECT_CALL(framer_visitor_, OnPacket()); + EXPECT_CALL(framer_visitor_, OnUnauthenticatedPublicHeader(_)); + EXPECT_CALL(framer_visitor_, OnUnauthenticatedHeader(_)); + EXPECT_CALL(framer_visitor_, OnDecryptedPacket(_)); + EXPECT_CALL(framer_visitor_, OnPacketHeader(_)); + EXPECT_CALL(framer_visitor_, OnPathResponseFrame(_)).Times(3); + EXPECT_CALL(framer_visitor_, OnPacketComplete()); - server_framer_.ProcessPacket(QuicEncryptedPacket( - encrypted->encrypted_buffer, encrypted->encrypted_length)); - } + server_framer_.ProcessPacket(QuicEncryptedPacket( + encrypted->encrypted_buffer, encrypted->encrypted_length)); } TEST_P(QuicPacketCreatorTest, UpdatePacketSequenceNumberLengthLeastAwaiting) { @@ -1500,6 +1468,7 @@ } TEST_P(QuicPacketCreatorTest, SerializeAndSendStreamFrame) { + creator_.set_encryption_level(ENCRYPTION_FORWARD_SECURE); if (!GetParam().version_serialization) { creator_.StopSendingVersion(); } @@ -1535,6 +1504,7 @@ // Regression test to check that CreateAndSerializeStreamFrame uses a // correctly formatted stream frame header when appending padding. + creator_.set_encryption_level(ENCRYPTION_FORWARD_SECURE); if (!GetParam().version_serialization) { creator_.StopSendingVersion(); }
diff --git a/quic/core/quic_session_test.cc b/quic/core/quic_session_test.cc index a400d97..c64dca3 100644 --- a/quic/core/quic_session_test.cc +++ b/quic/core/quic_session_test.cc
@@ -10,6 +10,7 @@ #include <utility> #include "net/third_party/quiche/src/quic/core/crypto/crypto_protocol.h" +#include "net/third_party/quiche/src/quic/core/crypto/null_decrypter.h" #include "net/third_party/quiche/src/quic/core/crypto/null_encrypter.h" #include "net/third_party/quiche/src/quic/core/crypto/transport_parameters.h" #include "net/third_party/quiche/src/quic/core/frames/quic_max_streams_frame.h" @@ -570,6 +571,11 @@ kQuicDefaultConnectionIdLength) { client_framer_.set_visitor(&framer_visitor_); client_framer_.SetInitialObfuscators(TestConnectionId()); + if (client_framer_.version().KnowsWhichDecrypterToUse()) { + client_framer_.InstallDecrypter( + ENCRYPTION_FORWARD_SECURE, + std::make_unique<NullDecrypter>(Perspective::IS_CLIENT)); + } } QuicPathFrameBuffer path_frame_buffer1_; @@ -1448,6 +1454,7 @@ // Test that server session will send a connectivity probe in response to a // connectivity probe on the same path. TEST_P(QuicSessionTestServer, ServerReplyToConnectivityProbe) { + connection_->SetDefaultEncryptionLevel(ENCRYPTION_FORWARD_SECURE); QuicSocketAddress old_peer_address = QuicSocketAddress(QuicIpAddress::Loopback4(), kTestPort); EXPECT_EQ(old_peer_address, session_.peer_address()); @@ -1481,6 +1488,7 @@ if (!VersionHasIetfQuicFrames(transport_version())) { return; } + connection_->SetDefaultEncryptionLevel(ENCRYPTION_FORWARD_SECURE); QuicSocketAddress old_peer_address = QuicSocketAddress(QuicIpAddress::Loopback4(), kTestPort); EXPECT_EQ(old_peer_address, session_.peer_address());