commit d01e996bcd94ac92434112c1b3f073ee99474fe4
author fayang <fayang@google.com> Thu Sep 24 11:29:31 2020 -0700
committer Copybara-Service <copybara-worker@google.com> Thu Sep 24 11:30:04 2020 -0700
tree f62ad066a0b9c8b14705b7f828ebe81cb67f61a9
parent daeb819e4012b1a4b76a71c3bdd7573782af587b

Make sure we have the right key before sending data.

Protected by FLAGS_quic_reloadable_flag_quic_check_keys_before_writing.

PiperOrigin-RevId: 333559010
Change-Id: I4ac0ed51c5401ef8b872c06c32148fa554eead54

quic/core/quic_session.cc

diff --git a/quic/core/quic_session.cc b/quic/core/quic_session.cc
index e3c389b..cec2337 100644
--- a/quic/core/quic_session.cc
+++ b/quic/core/quic_session.cc
@@ -774,6 +774,17 @@
                                    QuicStreamOffset offset,
                                    TransmissionType type) {
   DCHECK(QuicVersionUsesCryptoFrames(transport_version()));
+  if (connection()->check_keys_before_writing() &&
+      !connection()->framer().HasEncrypterOfEncryptionLevel(level)) {
+    const std::string error_details = quiche::QuicheStrCat(
+        "Try to send crypto data with missing keys of encryption level: ",
+        EncryptionLevelToString(level));
+    QUIC_BUG << ENDPOINT << error_details;
+    connection()->CloseConnection(
+        QUIC_MISSING_WRITE_KEYS, error_details,
+        ConnectionCloseBehavior::SEND_CONNECTION_CLOSE_PACKET);
+    return 0;
+  }
   SetTransmissionType(type);
   const auto current_level = connection()->encryption_level();
   connection_->SetDefaultEncryptionLevel(level);