Move shared files in net/quic/ into net/quic/core/

net/quic/quic_crypto_server_stream_test.cc

-// Copyright (c) 2012 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#include "net/quic/quic_crypto_server_stream.h"
-
-#include <map>
-#include <memory>
-#include <vector>
-
-#include "base/stl_util.h"
-#include "net/quic/crypto/aes_128_gcm_12_encrypter.h"
-#include "net/quic/crypto/crypto_framer.h"
-#include "net/quic/crypto/crypto_handshake.h"
-#include "net/quic/crypto/crypto_protocol.h"
-#include "net/quic/crypto/crypto_utils.h"
-#include "net/quic/crypto/quic_crypto_server_config.h"
-#include "net/quic/crypto/quic_decrypter.h"
-#include "net/quic/crypto/quic_encrypter.h"
-#include "net/quic/crypto/quic_random.h"
-#include "net/quic/quic_crypto_client_stream.h"
-#include "net/quic/quic_flags.h"
-#include "net/quic/quic_protocol.h"
-#include "net/quic/quic_session.h"
-#include "net/quic/test_tools/crypto_test_utils.h"
-#include "net/quic/test_tools/delayed_verify_strike_register_client.h"
-#include "net/quic/test_tools/quic_crypto_server_config_peer.h"
-#include "net/quic/test_tools/quic_test_utils.h"
-#include "testing/gmock/include/gmock/gmock.h"
-#include "testing/gtest/include/gtest/gtest.h"
-
-namespace net {
-class QuicConnection;
-class ReliableQuicStream;
-}  // namespace net
-
-using std::pair;
-using std::string;
-using testing::_;
-
-namespace net {
-namespace test {
-
-class QuicCryptoServerStreamPeer {
- public:
-  static bool DoesPeerSupportStatelessRejects(
-      const CryptoHandshakeMessage& message) {
-    return net::QuicCryptoServerStream::DoesPeerSupportStatelessRejects(
-        message);
-  }
-};
-
-namespace {
-
-const char kServerHostname[] = "test.example.com";
-const uint16_t kServerPort = 443;
-
-class QuicCryptoServerStreamTest : public ::testing::TestWithParam<bool> {
- public:
-  QuicCryptoServerStreamTest()
-      : server_crypto_config_(QuicCryptoServerConfig::TESTING,
-                              QuicRandom::GetInstance(),
-                              CryptoTestUtils::ProofSourceForTesting()),
-        server_compressed_certs_cache_(
-            QuicCompressedCertsCache::kQuicCompressedCertsCacheSize),
-        server_id_(kServerHostname, kServerPort, PRIVACY_MODE_DISABLED),
-        client_crypto_config_(CryptoTestUtils::ProofVerifierForTesting()) {
-    FLAGS_enable_quic_stateless_reject_support = false;
-    server_crypto_config_.set_strike_register_no_startup_period();
-  }
-
-  void Initialize() {
-    InitializeServer();
-
-    if (AsyncStrikeRegisterVerification()) {
-      QuicCryptoServerConfigPeer peer(&server_crypto_config_);
-      strike_register_client_ = new DelayedVerifyStrikeRegisterClient(
-          10000,  // strike_register_max_entries
-          static_cast<uint32_t>(
-              server_connection_->clock()->WallNow().ToUNIXSeconds()),
-          60,  // strike_register_window_secs
-          peer.GetPrimaryConfig()->orbit,
-          StrikeRegister::NO_STARTUP_PERIOD_NEEDED);
-      strike_register_client_->StartDelayingVerification();
-      server_crypto_config_.SetStrikeRegisterClient(strike_register_client_);
-    }
-  }
-
-  ~QuicCryptoServerStreamTest() override {
-    // Ensure that anything that might reference |helpers_| is destroyed before
-    // |helpers_| is destroyed.
-    server_session_.reset();
-    client_session_.reset();
-    STLDeleteElements(&helpers_);
-    STLDeleteElements(&alarm_factories_);
-  }
-
-  // Initializes the crypto server stream state for testing.  May be
-  // called multiple times.
-  void InitializeServer() {
-    TestQuicSpdyServerSession* server_session = nullptr;
-    helpers_.push_back(new MockQuicConnectionHelper);
-    alarm_factories_.push_back(new MockAlarmFactory);
-    CreateServerSessionForTest(
-        server_id_, QuicTime::Delta::FromSeconds(100000), supported_versions_,
-        helpers_.back(), alarm_factories_.back(), &server_crypto_config_,
-        &server_compressed_certs_cache_, &server_connection_, &server_session);
-    CHECK(server_session);
-    server_session_.reset(server_session);
-    CryptoTestUtils::FakeServerOptions options;
-    options.token_binding_enabled = true;
-    CryptoTestUtils::SetupCryptoServerConfigForTest(
-        server_connection_->clock(), server_connection_->random_generator(),
-        server_session_->config(), &server_crypto_config_, options);
-  }
-
-  QuicCryptoServerStream* server_stream() {
-    return server_session_->GetCryptoStream();
-  }
-
-  QuicCryptoClientStream* client_stream() {
-    return client_session_->GetCryptoStream();
-  }
-
-  // Initializes a fake client, and all its associated state, for
-  // testing.  May be called multiple times.
-  void InitializeFakeClient(bool supports_stateless_rejects) {
-    TestQuicSpdyClientSession* client_session = nullptr;
-    helpers_.push_back(new MockQuicConnectionHelper);
-    alarm_factories_.push_back(new MockAlarmFactory);
-    CreateClientSessionForTest(
-        server_id_, supports_stateless_rejects,
-        QuicTime::Delta::FromSeconds(100000), supported_versions_,
-
-        helpers_.back(), alarm_factories_.back(), &client_crypto_config_,
-        &client_connection_, &client_session);
-    CHECK(client_session);
-    client_session_.reset(client_session);
-  }
-
-  bool AsyncStrikeRegisterVerification() {
-    if (server_connection_->version() > QUIC_VERSION_32) {
-      return false;
-    }
-    return GetParam();
-  }
-
-  void ConstructHandshakeMessage() {
-    CryptoFramer framer;
-    message_data_.reset(framer.ConstructHandshakeMessage(message_));
-  }
-
-  int CompleteCryptoHandshake() {
-    CHECK(server_connection_);
-    CHECK(server_session_ != nullptr);
-    return CryptoTestUtils::HandshakeWithFakeClient(
-        helpers_.back(), alarm_factories_.back(), server_connection_,
-        server_stream(), server_id_, client_options_);
-  }
-
-  // Performs a single round of handshake message-exchange between the
-  // client and server.
-  void AdvanceHandshakeWithFakeClient() {
-    CHECK(server_connection_);
-    CHECK(client_session_ != nullptr);
-
-    EXPECT_CALL(*client_session_, OnProofValid(_)).Times(testing::AnyNumber());
-    client_stream()->CryptoConnect();
-    CryptoTestUtils::AdvanceHandshake(client_connection_, client_stream(), 0,
-                                      server_connection_, server_stream(), 0);
-  }
-
- protected:
-  // Every connection gets its own MockQuicConnectionHelper and
-  // MockAlarmFactory,
-  // tracked separately from
-  // the server and client state so their lifetimes persist through the whole
-  // test.
-  std::vector<MockQuicConnectionHelper*> helpers_;
-  std::vector<MockAlarmFactory*> alarm_factories_;
-
-  // Server state
-  PacketSavingConnection* server_connection_;
-  std::unique_ptr<TestQuicSpdyServerSession> server_session_;
-  QuicCryptoServerConfig server_crypto_config_;
-  QuicCompressedCertsCache server_compressed_certs_cache_;
-  QuicServerId server_id_;
-
-  // Client state
-  PacketSavingConnection* client_connection_;
-  QuicCryptoClientConfig client_crypto_config_;
-  std::unique_ptr<TestQuicSpdyClientSession> client_session_;
-
-  CryptoHandshakeMessage message_;
-  std::unique_ptr<QuicData> message_data_;
-  CryptoTestUtils::FakeClientOptions client_options_;
-  DelayedVerifyStrikeRegisterClient* strike_register_client_;
-
-  // Which QUIC versions the client and server support.
-  QuicVersionVector supported_versions_ = QuicSupportedVersions();
-};
-
-INSTANTIATE_TEST_CASE_P(Tests, QuicCryptoServerStreamTest, testing::Bool());
-
-TEST_P(QuicCryptoServerStreamTest, NotInitiallyConected) {
-  Initialize();
-  EXPECT_FALSE(server_stream()->encryption_established());
-  EXPECT_FALSE(server_stream()->handshake_confirmed());
-}
-
-TEST_P(QuicCryptoServerStreamTest, NotInitiallySendingStatelessRejects) {
-  Initialize();
-  EXPECT_FALSE(server_stream()->UseStatelessRejectsIfPeerSupported());
-  EXPECT_FALSE(server_stream()->PeerSupportsStatelessRejects());
-}
-
-TEST_P(QuicCryptoServerStreamTest, ConnectedAfterCHLO) {
-  // CompleteCryptoHandshake returns the number of client hellos sent. This
-  // test should send:
-  //   * One to get a source-address token and certificates.
-  //   * One to complete the handshake.
-  Initialize();
-  EXPECT_EQ(2, CompleteCryptoHandshake());
-  EXPECT_TRUE(server_stream()->encryption_established());
-  EXPECT_TRUE(server_stream()->handshake_confirmed());
-}
-
-TEST_P(QuicCryptoServerStreamTest, ForwardSecureAfterCHLO) {
-  Initialize();
-  InitializeFakeClient(/* supports_stateless_rejects= */ false);
-
-  // Do a first handshake in order to prime the client config with the server's
-  // information.
-  AdvanceHandshakeWithFakeClient();
-  EXPECT_FALSE(server_stream()->encryption_established());
-  EXPECT_FALSE(server_stream()->handshake_confirmed());
-
-  // Now do another handshake, with the blocking SHLO connection option.
-  InitializeServer();
-  InitializeFakeClient(/* supports_stateless_rejects= */ false);
-
-  AdvanceHandshakeWithFakeClient();
-  EXPECT_TRUE(server_stream()->encryption_established());
-  EXPECT_TRUE(server_stream()->handshake_confirmed());
-  EXPECT_EQ(ENCRYPTION_FORWARD_SECURE,
-            server_session_->connection()->encryption_level());
-}
-
-TEST_P(QuicCryptoServerStreamTest, StatelessRejectAfterCHLO) {
-  ValueRestore<bool> old_flag(&FLAGS_enable_quic_stateless_reject_support,
-                              true);
-  Initialize();
-
-  EXPECT_CALL(*server_connection_,
-              CloseConnection(QUIC_CRYPTO_HANDSHAKE_STATELESS_REJECT, _, _));
-
-  InitializeFakeClient(/* supports_stateless_rejects= */ true);
-  AdvanceHandshakeWithFakeClient();
-
-  // Check the server to make the sure the handshake did not succeed.
-  EXPECT_FALSE(server_stream()->encryption_established());
-  EXPECT_FALSE(server_stream()->handshake_confirmed());
-
-  // Check the client state to make sure that it received a server-designated
-  // connection id.
-  QuicCryptoClientConfig::CachedState* client_state =
-      client_crypto_config_.LookupOrCreate(server_id_);
-
-  ASSERT_TRUE(client_state->has_server_nonce());
-  ASSERT_FALSE(client_state->GetNextServerNonce().empty());
-  ASSERT_FALSE(client_state->has_server_nonce());
-
-  ASSERT_TRUE(client_state->has_server_designated_connection_id());
-  const QuicConnectionId server_designated_connection_id =
-      client_state->GetNextServerDesignatedConnectionId();
-  const QuicConnectionId expected_id =
-      server_connection_->random_generator()->RandUint64();
-  EXPECT_EQ(expected_id, server_designated_connection_id);
-  EXPECT_FALSE(client_state->has_server_designated_connection_id());
-  ASSERT_TRUE(client_state->IsComplete(QuicWallTime::FromUNIXSeconds(0)));
-}
-
-TEST_P(QuicCryptoServerStreamTest, ConnectedAfterStatelessHandshake) {
-  ValueRestore<bool> old_flag(&FLAGS_enable_quic_stateless_reject_support,
-                              true);
-  Initialize();
-
-  InitializeFakeClient(/* supports_stateless_rejects= */ true);
-  AdvanceHandshakeWithFakeClient();
-
-  // On the first round, encryption will not be established.
-  EXPECT_FALSE(server_stream()->encryption_established());
-  EXPECT_FALSE(server_stream()->handshake_confirmed());
-  EXPECT_EQ(1, server_stream()->NumHandshakeMessages());
-  EXPECT_EQ(0, server_stream()->NumHandshakeMessagesWithServerNonces());
-
-  // Now check the client state.
-  QuicCryptoClientConfig::CachedState* client_state =
-      client_crypto_config_.LookupOrCreate(server_id_);
-
-  ASSERT_TRUE(client_state->has_server_designated_connection_id());
-  const QuicConnectionId server_designated_connection_id =
-      client_state->GetNextServerDesignatedConnectionId();
-  const QuicConnectionId expected_id =
-      server_connection_->random_generator()->RandUint64();
-  EXPECT_EQ(expected_id, server_designated_connection_id);
-  EXPECT_FALSE(client_state->has_server_designated_connection_id());
-  ASSERT_TRUE(client_state->IsComplete(QuicWallTime::FromUNIXSeconds(0)));
-
-  // Now create new client and server streams with the existing config
-  // and try the handshake again (0-RTT handshake).
-  InitializeServer();
-
-  InitializeFakeClient(/* supports_stateless_rejects= */ true);
-
-  // In the stateless case, the second handshake contains a server-nonce, so the
-  // AsyncStrikeRegisterVerification() case will still succeed (unlike a 0-RTT
-  // handshake).
-  AdvanceHandshakeWithFakeClient();
-
-  // On the second round, encryption will be established.
-  EXPECT_TRUE(server_stream()->encryption_established());
-  EXPECT_TRUE(server_stream()->handshake_confirmed());
-  EXPECT_EQ(1, server_stream()->NumHandshakeMessages());
-  EXPECT_EQ(1, server_stream()->NumHandshakeMessagesWithServerNonces());
-}
-
-TEST_P(QuicCryptoServerStreamTest, NoStatelessRejectIfNoClientSupport) {
-  ValueRestore<bool> old_flag(&FLAGS_enable_quic_stateless_reject_support,
-                              true);
-  Initialize();
-
-  // The server is configured to use stateless rejects, but the client does not
-  // support it.
-  InitializeFakeClient(/* supports_stateless_rejects= */ false);
-  AdvanceHandshakeWithFakeClient();
-
-  // Check the server to make the sure the handshake did not succeed.
-  EXPECT_FALSE(server_stream()->encryption_established());
-  EXPECT_FALSE(server_stream()->handshake_confirmed());
-
-  // Check the client state to make sure that it did not receive a
-  // server-designated connection id.
-  QuicCryptoClientConfig::CachedState* client_state =
-      client_crypto_config_.LookupOrCreate(server_id_);
-
-  ASSERT_FALSE(client_state->has_server_designated_connection_id());
-  ASSERT_TRUE(client_state->IsComplete(QuicWallTime::FromUNIXSeconds(0)));
-}
-
-TEST_P(QuicCryptoServerStreamTest, ZeroRTT) {
-  Initialize();
-  InitializeFakeClient(/* supports_stateless_rejects= */ false);
-
-  // Do a first handshake in order to prime the client config with the server's
-  // information.
-  AdvanceHandshakeWithFakeClient();
-
-  // Now do another handshake, hopefully in 0-RTT.
-  DVLOG(1) << "Resetting for 0-RTT handshake attempt";
-  InitializeFakeClient(/* supports_stateless_rejects= */ false);
-  InitializeServer();
-
-  client_stream()->CryptoConnect();
-
-  if (AsyncStrikeRegisterVerification()) {
-    EXPECT_FALSE(client_stream()->handshake_confirmed());
-    EXPECT_FALSE(server_stream()->handshake_confirmed());
-
-    // Advance the handshake.  Expect that the server will be stuck waiting for
-    // client nonce verification to complete.
-    pair<size_t, size_t> messages_moved = CryptoTestUtils::AdvanceHandshake(
-        client_connection_, client_stream(), 0, server_connection_,
-        server_stream(), 0);
-    EXPECT_EQ(1u, messages_moved.first);
-    EXPECT_EQ(0u, messages_moved.second);
-    EXPECT_EQ(1, strike_register_client_->PendingVerifications());
-    EXPECT_FALSE(client_stream()->handshake_confirmed());
-    EXPECT_FALSE(server_stream()->handshake_confirmed());
-
-    // The server handshake completes once the nonce verification completes.
-    strike_register_client_->RunPendingVerifications();
-    EXPECT_FALSE(client_stream()->handshake_confirmed());
-    EXPECT_TRUE(server_stream()->handshake_confirmed());
-
-    messages_moved = CryptoTestUtils::AdvanceHandshake(
-        client_connection_, client_stream(), messages_moved.first,
-        server_connection_, server_stream(), messages_moved.second);
-    EXPECT_EQ(1u, messages_moved.first);
-    EXPECT_EQ(1u, messages_moved.second);
-    EXPECT_TRUE(client_stream()->handshake_confirmed());
-    EXPECT_TRUE(server_stream()->handshake_confirmed());
-  } else {
-    CryptoTestUtils::CommunicateHandshakeMessages(
-        client_connection_, client_stream(), server_connection_,
-        server_stream());
-  }
-
-  EXPECT_EQ(1, client_stream()->num_sent_client_hellos());
-}
-
-TEST_P(QuicCryptoServerStreamTest, FailByPolicy) {
-  FLAGS_quic_deprecate_kfixd = true;
-  Initialize();
-  InitializeFakeClient(/* supports_stateless_rejects= */ false);
-
-  EXPECT_CALL(*server_session_->helper(), CanAcceptClientHello(_, _, _))
-      .WillOnce(testing::Return(false));
-  EXPECT_CALL(*server_connection_,
-              CloseConnection(QUIC_HANDSHAKE_FAILED, _, _));
-
-  AdvanceHandshakeWithFakeClient();
-}
-
-TEST_P(QuicCryptoServerStreamTest, MessageAfterHandshake) {
-  FLAGS_quic_deprecate_kfixd = true;
-  Initialize();
-  CompleteCryptoHandshake();
-  EXPECT_CALL(
-      *server_connection_,
-      CloseConnection(QUIC_CRYPTO_MESSAGE_AFTER_HANDSHAKE_COMPLETE, _, _));
-  message_.set_tag(kCHLO);
-  ConstructHandshakeMessage();
-  server_stream()->OnStreamFrame(
-      QuicStreamFrame(kCryptoStreamId, /*fin=*/false, /*offset=*/0,
-                      message_data_->AsStringPiece()));
-}
-
-TEST_P(QuicCryptoServerStreamTest, BadMessageType) {
-  FLAGS_quic_deprecate_kfixd = true;
-  Initialize();
-
-  message_.set_tag(kSHLO);
-  ConstructHandshakeMessage();
-  EXPECT_CALL(*server_connection_,
-              CloseConnection(QUIC_INVALID_CRYPTO_MESSAGE_TYPE, _, _));
-  server_stream()->OnStreamFrame(
-      QuicStreamFrame(kCryptoStreamId, /*fin=*/false, /*offset=*/0,
-                      message_data_->AsStringPiece()));
-}
-
-TEST_P(QuicCryptoServerStreamTest, ChannelID) {
-  Initialize();
-
-  client_options_.channel_id_enabled = true;
-  client_options_.channel_id_source_async = false;
-  // CompleteCryptoHandshake verifies
-  // server_stream()->crypto_negotiated_params().channel_id is correct.
-  EXPECT_EQ(2, CompleteCryptoHandshake());
-  EXPECT_TRUE(server_stream()->encryption_established());
-  EXPECT_TRUE(server_stream()->handshake_confirmed());
-}
-
-TEST_P(QuicCryptoServerStreamTest, ChannelIDAsync) {
-  Initialize();
-
-  client_options_.channel_id_enabled = true;
-  client_options_.channel_id_source_async = true;
-  // CompleteCryptoHandshake verifies
-  // server_stream()->crypto_negotiated_params().channel_id is correct.
-  EXPECT_EQ(2, CompleteCryptoHandshake());
-  EXPECT_TRUE(server_stream()->encryption_established());
-  EXPECT_TRUE(server_stream()->handshake_confirmed());
-}
-
-TEST_P(QuicCryptoServerStreamTest, OnlySendSCUPAfterHandshakeComplete) {
-  // An attempt to send a SCUP before completing handshake should fail.
-  Initialize();
-
-  server_stream()->SendServerConfigUpdate(nullptr);
-  EXPECT_EQ(0, server_stream()->NumServerConfigUpdateMessagesSent());
-}
-
-TEST_P(QuicCryptoServerStreamTest, SendSCUPAfterHandshakeComplete) {
-  Initialize();
-
-  InitializeFakeClient(/* supports_stateless_rejects= */ false);
-
-  // Do a first handshake in order to prime the client config with the server's
-  // information.
-  AdvanceHandshakeWithFakeClient();
-
-  // Now do another handshake, with the blocking SHLO connection option.
-  InitializeServer();
-  InitializeFakeClient(/* supports_stateless_rejects= */ false);
-  AdvanceHandshakeWithFakeClient();
-
-  // Send a SCUP message and ensure that the client was able to verify it.
-  EXPECT_CALL(*client_connection_, CloseConnection(_, _, _)).Times(0);
-  server_stream()->SendServerConfigUpdate(nullptr);
-  CryptoTestUtils::AdvanceHandshake(client_connection_, client_stream(), 1,
-                                    server_connection_, server_stream(), 1);
-
-  EXPECT_EQ(1, server_stream()->NumServerConfigUpdateMessagesSent());
-  EXPECT_EQ(1, client_stream()->num_scup_messages_received());
-}
-
-TEST_P(QuicCryptoServerStreamTest, DoesPeerSupportStatelessRejects) {
-  Initialize();
-
-  ConstructHandshakeMessage();
-  QuicConfig stateless_reject_config = DefaultQuicConfigStatelessRejects();
-  stateless_reject_config.ToHandshakeMessage(&message_);
-  EXPECT_TRUE(
-      QuicCryptoServerStreamPeer::DoesPeerSupportStatelessRejects(message_));
-
-  message_.Clear();
-  QuicConfig stateful_reject_config = DefaultQuicConfig();
-  stateful_reject_config.ToHandshakeMessage(&message_);
-  EXPECT_FALSE(
-      QuicCryptoServerStreamPeer::DoesPeerSupportStatelessRejects(message_));
-}
-
-TEST_P(QuicCryptoServerStreamTest, TokenBindingNegotiated) {
-  Initialize();
-
-  client_options_.token_binding_enabled = true;
-  CompleteCryptoHandshake();
-  EXPECT_EQ(
-      kP256,
-      server_stream()->crypto_negotiated_params().token_binding_key_param);
-  EXPECT_TRUE(server_stream()->encryption_established());
-  EXPECT_TRUE(server_stream()->handshake_confirmed());
-}
-
-TEST_P(QuicCryptoServerStreamTest, NoTokenBindingWithoutClientSupport) {
-  Initialize();
-
-  CompleteCryptoHandshake();
-  EXPECT_EQ(
-      0u, server_stream()->crypto_negotiated_params().token_binding_key_param);
-  EXPECT_TRUE(server_stream()->encryption_established());
-  EXPECT_TRUE(server_stream()->handshake_confirmed());
-}
-
-TEST_P(QuicCryptoServerStreamTest, CancelRPCBeforeVerificationCompletes) {
-  FLAGS_quic_require_handshake_confirmation_pre33 = false;
-  // Tests that the client can close the connection while the remote strike
-  // register verification RPC is still pending.
-
-  // Set version to QUIC_VERSION_32 as QUIC_VERSION_33 and later don't support
-  // asynchronous strike register RPCs.
-  supported_versions_ = {QUIC_VERSION_32};
-  Initialize();
-  if (!AsyncStrikeRegisterVerification()) {
-    return;
-  }
-  InitializeFakeClient(/* supports_stateless_rejects= */ false);
-
-  // Do a first handshake in order to prime the client config with the server's
-  // information.
-  AdvanceHandshakeWithFakeClient();
-
-  // Now start another handshake, this time the server will attempt to verify
-  // the client's nonce with the strike registers.
-  InitializeFakeClient(/* supports_stateless_rejects= */ false);
-  InitializeServer();
-  client_stream()->CryptoConnect();
-  EXPECT_FALSE(client_stream()->handshake_confirmed());
-  EXPECT_FALSE(server_stream()->handshake_confirmed());
-
-  // Advance the handshake.  Expect that the server will be stuck waiting for
-  // client nonce verification to complete.
-  CryptoTestUtils::AdvanceHandshake(client_connection_, client_stream(), 0,
-                                    server_connection_, server_stream(), 0);
-  EXPECT_EQ(1, strike_register_client_->PendingVerifications());
-  EXPECT_FALSE(client_stream()->handshake_confirmed());
-  EXPECT_FALSE(server_stream()->handshake_confirmed());
-
-  // While waiting for the asynchronous verification to complete, the client
-  // decides to close the connection.
-  server_session_->connection()->CloseConnection(
-      QUIC_NO_ERROR, "", ConnectionCloseBehavior::SILENT_CLOSE);
-
-  // The outstanding nonce verification RPC now completes.
-  strike_register_client_->RunPendingVerifications();
-}
-
-}  // namespace
-
-}  // namespace test
-}  // namespace net