| Index: net/quic/quic_crypto_server_stream_test.cc
|
| diff --git a/net/quic/quic_crypto_server_stream_test.cc b/net/quic/quic_crypto_server_stream_test.cc
|
| index 2cc8e2930925d162990f144c0c38ca28b09a1d47..6874612dd1bf0d5541fb84f0a86a3fe0e64c5ece 100644
|
| --- a/net/quic/quic_crypto_server_stream_test.cc
|
| +++ b/net/quic/quic_crypto_server_stream_test.cc
|
| @@ -18,6 +18,7 @@
|
| #include "net/quic/crypto/quic_encrypter.h"
|
| #include "net/quic/crypto/quic_random.h"
|
| #include "net/quic/quic_crypto_client_stream.h"
|
| +#include "net/quic/quic_flags.h"
|
| #include "net/quic/quic_protocol.h"
|
| #include "net/quic/quic_session.h"
|
| #include "net/quic/test_tools/crypto_test_utils.h"
|
| @@ -48,6 +49,15 @@ class QuicCryptoServerConfigPeer {
|
| }
|
| };
|
|
|
| +class QuicCryptoServerStreamPeer {
|
| + public:
|
| + static bool DoesPeerSupportStatelessRejects(
|
| + const CryptoHandshakeMessage& message) {
|
| + return net::QuicCryptoServerStream::DoesPeerSupportStatelessRejects(
|
| + message);
|
| + }
|
| +};
|
| +
|
| namespace {
|
|
|
| const char kServerHostname[] = "test.example.com";
|
| @@ -56,39 +66,65 @@ const uint16 kServerPort = 80;
|
| class QuicCryptoServerStreamTest : public ::testing::TestWithParam<bool> {
|
| public:
|
| QuicCryptoServerStreamTest()
|
| - : connection_(new PacketSavingConnection(Perspective::IS_SERVER)),
|
| - session_(connection_, DefaultQuicConfig()),
|
| - crypto_config_(QuicCryptoServerConfig::TESTING,
|
| - QuicRandom::GetInstance()),
|
| - stream_(&crypto_config_, &session_),
|
| - strike_register_client_(nullptr) {
|
| - session_.SetCryptoStream(&stream_);
|
| - // We advance the clock initially because the default time is zero and the
|
| - // strike register worries that we've just overflowed a uint32 time.
|
| - connection_->AdvanceTime(QuicTime::Delta::FromSeconds(100000));
|
| + : server_crypto_config_(QuicCryptoServerConfig::TESTING,
|
| + QuicRandom::GetInstance()),
|
| + server_id_(kServerHostname, kServerPort, false, PRIVACY_MODE_DISABLED) {
|
| // TODO(wtc): replace this with ProofSourceForTesting() when Chromium has
|
| // a working ProofSourceForTesting().
|
| - crypto_config_.SetProofSource(CryptoTestUtils::FakeProofSourceForTesting());
|
| - crypto_config_.set_strike_register_no_startup_period();
|
| + server_crypto_config_.SetProofSource(
|
| + CryptoTestUtils::FakeProofSourceForTesting());
|
| + server_crypto_config_.set_strike_register_no_startup_period();
|
|
|
| - CryptoTestUtils::SetupCryptoServerConfigForTest(
|
| - connection_->clock(), connection_->random_generator(),
|
| - session_.config(), &crypto_config_);
|
| + InitializeServer();
|
|
|
| if (AsyncStrikeRegisterVerification()) {
|
| string orbit =
|
| - QuicCryptoServerConfigPeer::GetPrimaryOrbit(crypto_config_);
|
| + QuicCryptoServerConfigPeer::GetPrimaryOrbit(server_crypto_config_);
|
| strike_register_client_ = new DelayedVerifyStrikeRegisterClient(
|
| 10000, // strike_register_max_entries
|
| - static_cast<uint32>(connection_->clock()->WallNow().ToUNIXSeconds()),
|
| + static_cast<uint32>(
|
| + server_connection_->clock()->WallNow().ToUNIXSeconds()),
|
| 60, // strike_register_window_secs
|
| - reinterpret_cast<const uint8 *>(orbit.data()),
|
| + reinterpret_cast<const uint8*>(orbit.data()),
|
| StrikeRegister::NO_STARTUP_PERIOD_NEEDED);
|
| strike_register_client_->StartDelayingVerification();
|
| - crypto_config_.SetStrikeRegisterClient(strike_register_client_);
|
| + server_crypto_config_.SetStrikeRegisterClient(strike_register_client_);
|
| }
|
| }
|
|
|
| + // Initializes the crypto server stream state for testing. May be
|
| + // called multiple times.
|
| + void InitializeServer() {
|
| + TestServerSession* server_session = nullptr;
|
| + QuicCryptoServerStream* server_stream = nullptr;
|
| + SetupCryptoServerStreamForTest(server_id_,
|
| + QuicTime::Delta::FromSeconds(100000),
|
| + &server_crypto_config_, &server_connection_,
|
| + &server_session, &server_stream);
|
| + CHECK(server_session);
|
| + CHECK(server_stream);
|
| + server_session_.reset(server_session);
|
| + server_stream_.reset(server_stream);
|
| + CryptoTestUtils::SetupCryptoServerConfigForTest(
|
| + server_connection_->clock(), server_connection_->random_generator(),
|
| + server_session_->config(), &server_crypto_config_);
|
| + }
|
| +
|
| + // Initializes a fake client, and all its associated state, for
|
| + // testing. May be called multiple times.
|
| + void InitializeFakeClient(bool supports_stateless_rejects) {
|
| + TestClientSession* client_session = nullptr;
|
| + QuicCryptoClientStream* client_stream = nullptr;
|
| + SetupCryptoClientStreamForTest(server_id_, supports_stateless_rejects,
|
| + QuicTime::Delta::FromSeconds(100000),
|
| + &client_crypto_config_, &client_connection_,
|
| + &client_session, &client_stream);
|
| + CHECK(client_session);
|
| + CHECK(client_stream);
|
| + client_session_.reset(client_session);
|
| + client_stream_.reset(client_stream);
|
| + }
|
| +
|
| bool AsyncStrikeRegisterVerification() {
|
| return GetParam();
|
| }
|
| @@ -99,16 +135,41 @@ class QuicCryptoServerStreamTest : public ::testing::TestWithParam<bool> {
|
| }
|
|
|
| int CompleteCryptoHandshake() {
|
| - return CryptoTestUtils::HandshakeWithFakeClient(connection_, &stream_,
|
| - client_options_);
|
| + CHECK(server_connection_);
|
| + CHECK(server_stream_ != nullptr);
|
| + return CryptoTestUtils::HandshakeWithFakeClient(
|
| + server_connection_, server_stream_.get(), client_options_);
|
| + }
|
| +
|
| + // Performs a single round of handshake message-exchange between the
|
| + // client and server.
|
| + void AdvanceHandshakeWithFakeClient() {
|
| + CHECK(server_connection_);
|
| + CHECK(server_stream_ != nullptr);
|
| + CHECK(client_session_ != nullptr);
|
| + CHECK(client_stream_ != nullptr);
|
| +
|
| + EXPECT_CALL(*client_session_, OnProofValid(_)).Times(testing::AnyNumber());
|
| + client_stream_->CryptoConnect();
|
| + CryptoTestUtils::AdvanceHandshake(client_connection_, client_stream_.get(),
|
| + 0, server_connection_,
|
| + server_stream_.get(), 0);
|
| }
|
|
|
| protected:
|
| - PacketSavingConnection* connection_;
|
| - TestClientSession session_;
|
| - QuicConfig config_;
|
| - QuicCryptoServerConfig crypto_config_;
|
| - QuicCryptoServerStream stream_;
|
| + // Server state
|
| + PacketSavingConnection* server_connection_;
|
| + scoped_ptr<TestServerSession> server_session_;
|
| + QuicCryptoServerConfig server_crypto_config_;
|
| + scoped_ptr<QuicCryptoServerStream> server_stream_;
|
| + QuicServerId server_id_;
|
| +
|
| + // Client state
|
| + PacketSavingConnection* client_connection_;
|
| + QuicCryptoClientConfig client_crypto_config_;
|
| + scoped_ptr<TestClientSession> client_session_;
|
| + scoped_ptr<QuicCryptoClientStream> client_stream_;
|
| +
|
| CryptoHandshakeMessage message_;
|
| scoped_ptr<QuicData> message_data_;
|
| CryptoTestUtils::FakeClientOptions client_options_;
|
| @@ -118,8 +179,13 @@ class QuicCryptoServerStreamTest : public ::testing::TestWithParam<bool> {
|
| INSTANTIATE_TEST_CASE_P(Tests, QuicCryptoServerStreamTest, testing::Bool());
|
|
|
| TEST_P(QuicCryptoServerStreamTest, NotInitiallyConected) {
|
| - EXPECT_FALSE(stream_.encryption_established());
|
| - EXPECT_FALSE(stream_.handshake_confirmed());
|
| + EXPECT_FALSE(server_stream_->encryption_established());
|
| + EXPECT_FALSE(server_stream_->handshake_confirmed());
|
| +}
|
| +
|
| +TEST_P(QuicCryptoServerStreamTest, NotInitiallySendingStatelessRejects) {
|
| + EXPECT_FALSE(server_stream_->use_stateless_rejects_if_peer_supported());
|
| + EXPECT_FALSE(server_stream_->peer_supports_stateless_rejects());
|
| }
|
|
|
| TEST_P(QuicCryptoServerStreamTest, ConnectedAfterCHLO) {
|
| @@ -128,154 +194,248 @@ TEST_P(QuicCryptoServerStreamTest, ConnectedAfterCHLO) {
|
| // * One to get a source-address token and certificates.
|
| // * One to complete the handshake.
|
| EXPECT_EQ(2, CompleteCryptoHandshake());
|
| - EXPECT_TRUE(stream_.encryption_established());
|
| - EXPECT_TRUE(stream_.handshake_confirmed());
|
| + EXPECT_TRUE(server_stream_->encryption_established());
|
| + EXPECT_TRUE(server_stream_->handshake_confirmed());
|
| +}
|
| +
|
| +TEST_P(QuicCryptoServerStreamTest, StatelessRejectAfterCHLO) {
|
| + ValueRestore<bool> old_flag(&FLAGS_enable_quic_stateless_reject_support,
|
| + true);
|
| + server_stream_->set_use_stateless_rejects_if_peer_supported(true);
|
| +
|
| + InitializeFakeClient(/* supports_stateless_rejects= */ true);
|
| + AdvanceHandshakeWithFakeClient();
|
| +
|
| + // Check the server to make the sure the handshake did not succeed.
|
| + EXPECT_FALSE(server_stream_->encryption_established());
|
| + EXPECT_FALSE(server_stream_->handshake_confirmed());
|
| +
|
| + // Check the client state to make sure that it received a
|
| + // server-designated connection id.
|
| + QuicCryptoClientConfig::CachedState* client_state =
|
| + client_crypto_config_.LookupOrCreate(server_id_);
|
| +
|
| + ASSERT_TRUE(client_state->has_server_designated_connection_id());
|
| + const QuicConnectionId server_designated_connection_id =
|
| + client_state->GetNextServerDesignatedConnectionId();
|
| + const QuicConnectionId expected_id =
|
| + reinterpret_cast<MockRandom*>(server_connection_->random_generator())
|
| + ->RandUint64();
|
| + EXPECT_EQ(expected_id, server_designated_connection_id);
|
| + EXPECT_FALSE(client_state->has_server_designated_connection_id());
|
| + ASSERT_TRUE(client_state->IsComplete(QuicWallTime::FromUNIXSeconds(0)));
|
| +}
|
| +
|
| +TEST_P(QuicCryptoServerStreamTest, ConnectedAfterStatelessHandshake) {
|
| + ValueRestore<bool> old_flag(&FLAGS_enable_quic_stateless_reject_support,
|
| + true);
|
| + server_stream_->set_use_stateless_rejects_if_peer_supported(true);
|
| +
|
| + InitializeFakeClient(/* supports_stateless_rejects= */ true);
|
| + AdvanceHandshakeWithFakeClient();
|
| +
|
| + // On the first round, encryption will not be established.
|
| + EXPECT_FALSE(server_stream_->encryption_established());
|
| + EXPECT_FALSE(server_stream_->handshake_confirmed());
|
| +
|
| + // Now check the client state.
|
| + QuicCryptoClientConfig::CachedState* client_state =
|
| + client_crypto_config_.LookupOrCreate(server_id_);
|
| +
|
| + ASSERT_TRUE(client_state->has_server_designated_connection_id());
|
| + const QuicConnectionId server_designated_connection_id =
|
| + client_state->GetNextServerDesignatedConnectionId();
|
| + const QuicConnectionId expected_id =
|
| + reinterpret_cast<MockRandom*>(server_connection_->random_generator())
|
| + ->RandUint64();
|
| + EXPECT_EQ(expected_id, server_designated_connection_id);
|
| + EXPECT_FALSE(client_state->has_server_designated_connection_id());
|
| + ASSERT_TRUE(client_state->IsComplete(QuicWallTime::FromUNIXSeconds(0)));
|
| +
|
| + // Now create new client and server streams with the existing config
|
| + // and try the handshake again (0-RTT handshake).
|
| + InitializeServer();
|
| + server_stream_->set_use_stateless_rejects_if_peer_supported(true);
|
| +
|
| + InitializeFakeClient(/* supports_stateless_rejects= */ true);
|
| +
|
| + client_stream_->CryptoConnect();
|
| + if (AsyncStrikeRegisterVerification()) {
|
| + EXPECT_FALSE(client_stream_->handshake_confirmed());
|
| + EXPECT_FALSE(server_stream_->handshake_confirmed());
|
| +
|
| + // Advance the handshake. Expect that the server will be stuck
|
| + // waiting for client nonce verification to complete.
|
| + pair<size_t, size_t> messages_moved = CryptoTestUtils::AdvanceHandshake(
|
| + client_connection_, client_stream_.get(), 0, server_connection_,
|
| + server_stream_.get(), 0);
|
| + EXPECT_EQ(1u, messages_moved.first);
|
| + EXPECT_EQ(0u, messages_moved.second);
|
| + EXPECT_EQ(1, strike_register_client_->PendingVerifications());
|
| + EXPECT_FALSE(client_stream_->handshake_confirmed());
|
| + EXPECT_FALSE(server_stream_->handshake_confirmed());
|
| +
|
| + // The server handshake completes once the nonce verification completes.
|
| + strike_register_client_->RunPendingVerifications();
|
| + EXPECT_FALSE(client_stream_->handshake_confirmed());
|
| + EXPECT_TRUE(server_stream_->handshake_confirmed());
|
| +
|
| + messages_moved = CryptoTestUtils::AdvanceHandshake(
|
| + client_connection_, client_stream_.get(), messages_moved.first,
|
| + server_connection_, server_stream_.get(), messages_moved.second);
|
| + EXPECT_EQ(1u, messages_moved.first);
|
| + EXPECT_EQ(1u, messages_moved.second);
|
| + } else {
|
| + AdvanceHandshakeWithFakeClient();
|
| + }
|
| +
|
| + // On the second round, encryption will be established.
|
| + EXPECT_TRUE(server_stream_->encryption_established());
|
| + EXPECT_TRUE(server_stream_->handshake_confirmed());
|
| +}
|
| +
|
| +TEST_P(QuicCryptoServerStreamTest, NoStatelessRejectIfNoClientSupport) {
|
| + ValueRestore<bool> old_flag(&FLAGS_enable_quic_stateless_reject_support,
|
| + true);
|
| + server_stream_->set_use_stateless_rejects_if_peer_supported(true);
|
| +
|
| + // The server is configured to use stateless rejects, but the client
|
| + // does not support it.
|
| + InitializeFakeClient(/* supports_stateless_rejects= */ false);
|
| + AdvanceHandshakeWithFakeClient();
|
| +
|
| + // Check the server to make the sure the handshake did not succeed.
|
| + EXPECT_FALSE(server_stream_->encryption_established());
|
| + EXPECT_FALSE(server_stream_->handshake_confirmed());
|
| +
|
| + // Check the client state to make sure that it did not receive a
|
| + // server-designated connection id.
|
| + QuicCryptoClientConfig::CachedState* client_state =
|
| + client_crypto_config_.LookupOrCreate(server_id_);
|
| +
|
| + ASSERT_FALSE(client_state->has_server_designated_connection_id());
|
| + ASSERT_TRUE(client_state->IsComplete(QuicWallTime::FromUNIXSeconds(0)));
|
| }
|
|
|
| TEST_P(QuicCryptoServerStreamTest, ZeroRTT) {
|
| - PacketSavingConnection* client_conn =
|
| - new PacketSavingConnection(Perspective::IS_CLIENT);
|
| - PacketSavingConnection* server_conn =
|
| - new PacketSavingConnection(Perspective::IS_SERVER);
|
| - client_conn->AdvanceTime(QuicTime::Delta::FromSeconds(100000));
|
| - server_conn->AdvanceTime(QuicTime::Delta::FromSeconds(100000));
|
| -
|
| - QuicConfig client_config;
|
| - scoped_ptr<TestClientSession> client_session(
|
| - new TestClientSession(client_conn, client_config));
|
| - QuicCryptoClientConfig client_crypto_config;
|
| -
|
| - QuicServerId server_id(kServerHostname, kServerPort, false,
|
| - PRIVACY_MODE_DISABLED);
|
| - scoped_ptr<QuicCryptoClientStream> client(new QuicCryptoClientStream(
|
| - server_id, client_session.get(), nullptr, &client_crypto_config));
|
| - client_session->SetCryptoStream(client.get());
|
| + InitializeFakeClient(/* supports_stateless_rejects= */ false);
|
|
|
| // Do a first handshake in order to prime the client config with the server's
|
| // information.
|
| - client->CryptoConnect();
|
| - CHECK_EQ(1u, client_conn->encrypted_packets_.size());
|
| -
|
| - scoped_ptr<TestSession> server_session(new TestSession(server_conn, config_));
|
| - scoped_ptr<QuicCryptoServerStream> server(
|
| - new QuicCryptoServerStream(&crypto_config_, server_session.get()));
|
| - server_session->SetCryptoStream(server.get());
|
| -
|
| - CryptoTestUtils::CommunicateHandshakeMessages(
|
| - client_conn, client.get(), server_conn, server.get());
|
| - EXPECT_EQ(2, client->num_sent_client_hellos());
|
| + AdvanceHandshakeWithFakeClient();
|
|
|
| // Now do another handshake, hopefully in 0-RTT.
|
| - LOG(INFO) << "Resetting for 0-RTT handshake attempt";
|
| -
|
| - client_conn = new PacketSavingConnection(Perspective::IS_CLIENT);
|
| - server_conn = new PacketSavingConnection(Perspective::IS_SERVER);
|
| - // We need to advance time past the strike-server window so that it's
|
| - // authoritative in this time span.
|
| - client_conn->AdvanceTime(QuicTime::Delta::FromSeconds(102000));
|
| - server_conn->AdvanceTime(QuicTime::Delta::FromSeconds(102000));
|
| -
|
| - // This causes the client's nonce to be different and thus stops the
|
| - // strike-register from rejecting the repeated nonce.
|
| - reinterpret_cast<MockRandom*>(client_conn->random_generator())->ChangeValue();
|
| - client_session.reset(new TestClientSession(client_conn, client_config));
|
| - server_session.reset(new TestSession(server_conn, config_));
|
| - client.reset(new QuicCryptoClientStream(server_id, client_session.get(),
|
| - nullptr, &client_crypto_config));
|
| - client_session->SetCryptoStream(client.get());
|
| -
|
| - server.reset(new QuicCryptoServerStream(&crypto_config_,
|
| - server_session.get()));
|
| - server_session->SetCryptoStream(server.get());
|
| -
|
| - client->CryptoConnect();
|
| + DVLOG(1) << "Resetting for 0-RTT handshake attempt";
|
| + InitializeFakeClient(/* supports_stateless_rejects= */ false);
|
| + InitializeServer();
|
| +
|
| + client_stream_->CryptoConnect();
|
|
|
| if (AsyncStrikeRegisterVerification()) {
|
| - EXPECT_FALSE(client->handshake_confirmed());
|
| - EXPECT_FALSE(server->handshake_confirmed());
|
| + EXPECT_FALSE(client_stream_->handshake_confirmed());
|
| + EXPECT_FALSE(server_stream_->handshake_confirmed());
|
|
|
| // Advance the handshake. Expect that the server will be stuck
|
| // waiting for client nonce verification to complete.
|
| pair<size_t, size_t> messages_moved = CryptoTestUtils::AdvanceHandshake(
|
| - client_conn, client.get(), 0, server_conn, server.get(), 0);
|
| + client_connection_, client_stream_.get(), 0, server_connection_,
|
| + server_stream_.get(), 0);
|
| EXPECT_EQ(1u, messages_moved.first);
|
| EXPECT_EQ(0u, messages_moved.second);
|
| EXPECT_EQ(1, strike_register_client_->PendingVerifications());
|
| - EXPECT_FALSE(client->handshake_confirmed());
|
| - EXPECT_FALSE(server->handshake_confirmed());
|
| + EXPECT_FALSE(client_stream_->handshake_confirmed());
|
| + EXPECT_FALSE(server_stream_->handshake_confirmed());
|
|
|
| // The server handshake completes once the nonce verification completes.
|
| strike_register_client_->RunPendingVerifications();
|
| - EXPECT_FALSE(client->handshake_confirmed());
|
| - EXPECT_TRUE(server->handshake_confirmed());
|
| + EXPECT_FALSE(client_stream_->handshake_confirmed());
|
| + EXPECT_TRUE(server_stream_->handshake_confirmed());
|
|
|
| messages_moved = CryptoTestUtils::AdvanceHandshake(
|
| - client_conn, client.get(), messages_moved.first,
|
| - server_conn, server.get(), messages_moved.second);
|
| + client_connection_, client_stream_.get(), messages_moved.first,
|
| + server_connection_, server_stream_.get(), messages_moved.second);
|
| EXPECT_EQ(1u, messages_moved.first);
|
| EXPECT_EQ(1u, messages_moved.second);
|
| - EXPECT_TRUE(client->handshake_confirmed());
|
| - EXPECT_TRUE(server->handshake_confirmed());
|
| + EXPECT_TRUE(client_stream_->handshake_confirmed());
|
| + EXPECT_TRUE(server_stream_->handshake_confirmed());
|
| } else {
|
| CryptoTestUtils::CommunicateHandshakeMessages(
|
| - client_conn, client.get(), server_conn, server.get());
|
| + client_connection_, client_stream_.get(), server_connection_,
|
| + server_stream_.get());
|
| }
|
|
|
| - EXPECT_EQ(1, client->num_sent_client_hellos());
|
| + EXPECT_EQ(1, client_stream_->num_sent_client_hellos());
|
| }
|
|
|
| TEST_P(QuicCryptoServerStreamTest, MessageAfterHandshake) {
|
| CompleteCryptoHandshake();
|
| - EXPECT_CALL(*connection_, SendConnectionClose(
|
| - QUIC_CRYPTO_MESSAGE_AFTER_HANDSHAKE_COMPLETE));
|
| + EXPECT_CALL(
|
| + *server_connection_,
|
| + SendConnectionClose(QUIC_CRYPTO_MESSAGE_AFTER_HANDSHAKE_COMPLETE));
|
| message_.set_tag(kCHLO);
|
| ConstructHandshakeMessage();
|
| - stream_.ProcessRawData(message_data_->data(), message_data_->length());
|
| + server_stream_->ProcessRawData(message_data_->data(),
|
| + message_data_->length());
|
| }
|
|
|
| TEST_P(QuicCryptoServerStreamTest, BadMessageType) {
|
| message_.set_tag(kSHLO);
|
| ConstructHandshakeMessage();
|
| - EXPECT_CALL(*connection_, SendConnectionClose(
|
| - QUIC_INVALID_CRYPTO_MESSAGE_TYPE));
|
| - stream_.ProcessRawData(message_data_->data(), message_data_->length());
|
| + EXPECT_CALL(*server_connection_,
|
| + SendConnectionClose(QUIC_INVALID_CRYPTO_MESSAGE_TYPE));
|
| + server_stream_->ProcessRawData(message_data_->data(),
|
| + message_data_->length());
|
| }
|
|
|
| TEST_P(QuicCryptoServerStreamTest, WithoutCertificates) {
|
| - crypto_config_.SetProofSource(nullptr);
|
| + server_crypto_config_.SetProofSource(nullptr);
|
| client_options_.dont_verify_certs = true;
|
|
|
| // Only 2 client hellos need to be sent in the no-certs case: one to get the
|
| // source-address token and the second to finish.
|
| EXPECT_EQ(2, CompleteCryptoHandshake());
|
| - EXPECT_TRUE(stream_.encryption_established());
|
| - EXPECT_TRUE(stream_.handshake_confirmed());
|
| + EXPECT_TRUE(server_stream_->encryption_established());
|
| + EXPECT_TRUE(server_stream_->handshake_confirmed());
|
| }
|
|
|
| TEST_P(QuicCryptoServerStreamTest, ChannelID) {
|
| client_options_.channel_id_enabled = true;
|
| client_options_.channel_id_source_async = false;
|
| // CompleteCryptoHandshake verifies
|
| - // stream_.crypto_negotiated_params().channel_id is correct.
|
| + // server_stream_->crypto_negotiated_params().channel_id is correct.
|
| EXPECT_EQ(2, CompleteCryptoHandshake());
|
| - EXPECT_TRUE(stream_.encryption_established());
|
| - EXPECT_TRUE(stream_.handshake_confirmed());
|
| + EXPECT_TRUE(server_stream_->encryption_established());
|
| + EXPECT_TRUE(server_stream_->handshake_confirmed());
|
| }
|
|
|
| TEST_P(QuicCryptoServerStreamTest, ChannelIDAsync) {
|
| client_options_.channel_id_enabled = true;
|
| client_options_.channel_id_source_async = true;
|
| // CompleteCryptoHandshake verifies
|
| - // stream_.crypto_negotiated_params().channel_id is correct.
|
| + // server_stream_->crypto_negotiated_params().channel_id is correct.
|
| EXPECT_EQ(2, CompleteCryptoHandshake());
|
| - EXPECT_TRUE(stream_.encryption_established());
|
| - EXPECT_TRUE(stream_.handshake_confirmed());
|
| + EXPECT_TRUE(server_stream_->encryption_established());
|
| + EXPECT_TRUE(server_stream_->handshake_confirmed());
|
| }
|
|
|
| TEST_P(QuicCryptoServerStreamTest, OnlySendSCUPAfterHandshakeComplete) {
|
| // An attempt to send a SCUP before completing handshake should fail.
|
| - stream_.SendServerConfigUpdate(nullptr);
|
| - EXPECT_EQ(0, stream_.num_server_config_update_messages_sent());
|
| + server_stream_->SendServerConfigUpdate(nullptr);
|
| + EXPECT_EQ(0, server_stream_->num_server_config_update_messages_sent());
|
| +}
|
| +
|
| +TEST_P(QuicCryptoServerStreamTest, DoesPeerSupportStatelessRejects) {
|
| + ConstructHandshakeMessage();
|
| + QuicConfig stateless_reject_config = DefaultQuicConfigStatelessRejects();
|
| + stateless_reject_config.ToHandshakeMessage(&message_);
|
| + EXPECT_TRUE(
|
| + QuicCryptoServerStreamPeer::DoesPeerSupportStatelessRejects(message_));
|
| +
|
| + message_.Clear();
|
| + QuicConfig stateful_reject_config = DefaultQuicConfig();
|
| + stateful_reject_config.ToHandshakeMessage(&message_);
|
| + EXPECT_FALSE(
|
| + QuicCryptoServerStreamPeer::DoesPeerSupportStatelessRejects(message_));
|
| }
|
|
|
| } // namespace
|
|
|
Chromium Code Reviews
Issue 1139183002:
Flag-protected. Add stateless reject support to crypto streams. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@QuicCryptoClientConfig_ProcessRejection_92637704