Move test for incoming packets with incorrect connection ID from

net/quic/quic_connection.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/quic/quic_connection.h"
 
 #include <string.h>
 #include <sys/types.h>
 
 #include <algorithm>
@@ skipping 373 matching lines @@
          last_window_update_frames_.empty() &&
          last_blocked_frames_.empty() &&
          last_ping_frames_.empty() &&
          last_close_frames_.empty());
   last_packet_decrypted_ = false;
   last_packet_revived_ = false;
 }
 
 void QuicConnection::OnPublicResetPacket(
     const QuicPublicResetPacket& packet) {
+  // Check that any public reset packet with a different connection ID that was
+  // routed to this QuicConnection has been redirected before control reaches
+  // here.  (Check for a bug regression.)
+  DCHECK_EQ(connection_id_, packet.public_header.connection_id);
   if (debug_visitor_ != nullptr) {
     debug_visitor_->OnPublicResetPacket(packet);
   }
   CloseConnection(QUIC_PUBLIC_RESET, true);
 
   DVLOG(1) << ENDPOINT << "Connection " << connection_id()
            << " closed via QUIC_PUBLIC_RESET from peer.";
 }
 
 bool QuicConnection::OnProtocolVersionMismatch(QuicVersion received_version) {
@@ skipping 49 matching lines @@
 
   // TODO(satyamshekhar): Store the sequence number of this packet and close the
   // connection if we ever received a packet with incorrect version and whose
   // sequence number is greater.
   return true;
 }
 
 // Handles version negotiation for client connection.
 void QuicConnection::OnVersionNegotiationPacket(
     const QuicVersionNegotiationPacket& packet) {
+  // Check that any public reset packet with a different connection ID that was
+  // routed to this QuicConnection has been redirected before control reaches
+  // here.  (Check for a bug regression.)
+  DCHECK_EQ(connection_id_, packet.connection_id);
   if (perspective_ == Perspective::IS_SERVER) {
     LOG(DFATAL) << ENDPOINT << "Framer parsed VersionNegotiationPacket."
                 << " Closing connection.";
     CloseConnection(QUIC_INTERNAL_ERROR, false);
     return;
   }
   if (debug_visitor_ != nullptr) {
     debug_visitor_->OnVersionNegotiationPacket(packet);
   }
 
@@ skipping 23 matching lines @@
   server_supported_versions_ = packet.versions;
   version_negotiation_state_ = NEGOTIATION_IN_PROGRESS;
   RetransmitUnackedPackets(ALL_UNACKED_RETRANSMISSION);
 }
 
 void QuicConnection::OnRevivedPacket() {
 }
 
 bool QuicConnection::OnUnauthenticatedPublicHeader(
     const QuicPacketPublicHeader& header) {
+  if (header.connection_id == connection_id_) {
+    return true;
+  }
+
+  ++stats_.packets_dropped;
+  DVLOG(1) << ENDPOINT << "Ignoring packet from unexpected ConnectionId: "
+           << header.connection_id << " instead of " << connection_id_;
+  if (debug_visitor_ != nullptr) {
+    debug_visitor_->OnIncorrectConnectionId(header.connection_id);
+  }
+  // If this is a server, the dispatcher routes each packet to the
+  // QuicConnection responsible for the packet's connection ID.  So if control
+  // arrives here and this is a server, the dispatcher must be malfunctioning.
+  DCHECK_NE(Perspective::IS_SERVER, perspective_);
+  return false;
+}
+
+bool QuicConnection::OnUnauthenticatedHeader(const QuicPacketHeader& header) {
+  // Check that any public reset packet with a different connection ID that was
+  // routed to this QuicConnection has been redirected before control reaches
+  // here.
+  DCHECK_EQ(connection_id_, header.public_header.connection_id);
   return true;
 }
 
-bool QuicConnection::OnUnauthenticatedHeader(const QuicPacketHeader& header) {
-  return true;
-}
-
 void QuicConnection::OnDecryptedPacket(EncryptionLevel level) {
   last_decrypted_packet_level_ = level;
   last_packet_decrypted_ = true;
   // If this packet was foward-secure encrypted and the forward-secure encrypter
   // is not being used, start using it.
   if (encryption_level_ != ENCRYPTION_FORWARD_SECURE &&
       has_forward_secure_encrypter_ && level == ENCRYPTION_FORWARD_SECURE) {
     SetDefaultEncryptionLevel(ENCRYPTION_FORWARD_SECURE);
   }
 }
 
 bool QuicConnection::OnPacketHeader(const QuicPacketHeader& header) {
   if (debug_visitor_ != nullptr) {
     debug_visitor_->OnPacketHeader(header);
   }
 
   if (!ProcessValidatedPacket()) {
     return false;
   }
 
   // Will be decrement below if we fall through to return true;
   ++stats_.packets_dropped;
 
-  if (header.public_header.connection_id != connection_id_) {
-    DVLOG(1) << ENDPOINT << "Ignoring packet from unexpected ConnectionId: "
-             << header.public_header.connection_id << " instead of "
-             << connection_id_;
-    if (debug_visitor_ != nullptr) {
-      debug_visitor_->OnIncorrectConnectionId(
-          header.public_header.connection_id);
-    }
-    return false;
-  }
-
   if (!Near(header.packet_sequence_number,
             last_header_.packet_sequence_number)) {
     DVLOG(1) << ENDPOINT << "Packet " << header.packet_sequence_number
              << " out of bounds.  Discarding";
     SendConnectionCloseWithDetails(QUIC_INVALID_PACKET_HEADER,
                                    "Packet sequence number out of bounds");
     return false;
   }
 
   // If this packet has already been seen, or that the sender
@@ skipping 1571 matching lines @@
   }
   for (const QuicFrame& frame : retransmittable_frames->frames()) {
     if (frame.type == CONNECTION_CLOSE_FRAME) {
       return true;
     }
   }
   return false;
 }
 
 }  // namespace net