Land Recent QUIC changes.

net/quic/quic_connection_test.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/quic/quic_connection.h"
 
 #include "base/basictypes.h"
 #include "base/bind.h"
 #include "net/base/net_errors.h"
 #include "net/quic/congestion_control/receive_algorithm_interface.h"
@@ skipping 136 matching lines @@
   }
 
   virtual bool Decrypt(StringPiece nonce,
                        StringPiece associated_data,
                        StringPiece ciphertext,
                        unsigned char* output,
                        size_t* output_length) OVERRIDE {
     if (ciphertext.size() < kTagSize) {
       return false;
     }
-    if (!CheckTag(ciphertext)) {
+    if (!CheckTag(ciphertext, GetTag(ciphertext))) {
       return false;
     }
     *output_length = ciphertext.size() - kTagSize;
     memcpy(output, ciphertext.data(), *output_length);
     return true;
   }
 
   virtual QuicData* DecryptPacket(QuicPacketSequenceNumber sequence_number,
                                   StringPiece associated_data,
                                   StringPiece ciphertext) OVERRIDE {
     if (ciphertext.size() < kTagSize) {
       return NULL;
     }
-    if (!CheckTag(ciphertext)) {
+    if (!CheckTag(ciphertext, GetTag(ciphertext))) {
       return NULL;
     }
     const size_t len = ciphertext.size() - kTagSize;
     uint8* buf = new uint8[len];
     memcpy(buf, ciphertext.data(), len);
     return new QuicData(reinterpret_cast<char*>(buf), len,
                         true /* owns buffer */);
   }
 
   virtual StringPiece GetKey() const OVERRIDE { return StringPiece(); }
   virtual StringPiece GetNoncePrefix() const OVERRIDE { return StringPiece(); }
 
+ protected:
+  virtual uint8 GetTag(StringPiece ciphertext) {
+    return ciphertext.data()[ciphertext.size()-1];
+  }
+
  private:
   enum {
     kTagSize = 12,
   };
 
-  bool CheckTag(StringPiece ciphertext) {
-    uint8 tag = ciphertext.data()[ciphertext.size()-1];
+  bool CheckTag(StringPiece ciphertext, uint8 tag) {
     for (size_t i = ciphertext.size() - kTagSize; i < ciphertext.size(); i++) {
       if (ciphertext.data()[i] != tag) {
         return false;
       }
     }
 
     return true;
   }
 };
 
+// StringTaggingDecrypter ensures that the final kTagSize bytes of the message
+// match the expected value.
+class StrictTaggingDecrypter : public TaggingDecrypter {
+ public:
+  explicit StrictTaggingDecrypter(uint8 tag) : tag_(tag) {}
+  virtual ~StrictTaggingDecrypter() {}
+
+  // TaggingQuicDecrypter
+  virtual uint8 GetTag(StringPiece ciphertext) OVERRIDE {
+    return tag_;
+  }
+
+ private:
+  const uint8 tag_;
+};
+
 class TestConnectionHelper : public QuicConnectionHelperInterface {
  public:
   TestConnectionHelper(MockClock* clock, MockRandom* random_generator)
       : clock_(clock),
         random_generator_(random_generator),
         retransmission_alarm_(QuicTime::Zero()),
         send_alarm_(QuicTime::Zero().Subtract(
             QuicTime::Delta::FromMilliseconds(1))),
         timeout_alarm_(QuicTime::Zero()),
         blocked_(false),
@@ skipping 271 matching lines @@
       EXPECT_CALL(visitor_, OnPacket(_, _, _, _)).Times(2).WillRepeatedly(
           Return(accept_packet_));
     } else {
       EXPECT_CALL(visitor_, OnPacket(_, _, _, _)).WillOnce(
           Return(accept_packet_));
     }
     return ProcessDataPacket(number, 1, !kEntropyFlag);
   }
 
   size_t ProcessDataPacket(QuicPacketSequenceNumber number,
-                         QuicFecGroupNumber fec_group,
-                         bool entropy_flag) {
+                           QuicFecGroupNumber fec_group,
+                           bool entropy_flag) {
+    return ProcessDataPacketAtLevel(number, fec_group, entropy_flag,
+                                    ENCRYPTION_NONE);
+  }
+
+  size_t ProcessDataPacketAtLevel(QuicPacketSequenceNumber number,
+                                  QuicFecGroupNumber fec_group,
+                                  bool entropy_flag,
+                                  EncryptionLevel level) {
     scoped_ptr<QuicPacket> packet(ConstructDataPacket(number, fec_group,
                                                       entropy_flag));
     scoped_ptr<QuicEncryptedPacket> encrypted(framer_.EncryptPacket(
-        ENCRYPTION_NONE, number, *packet));
+        level, number, *packet));
     connection_.ProcessUdpPacket(IPEndPoint(), IPEndPoint(), *encrypted);
     return encrypted->length();
   }
 
   void ProcessClosePacket(QuicPacketSequenceNumber number,
                           QuicFecGroupNumber fec_group) {
     EXPECT_CALL(visitor_, OnCanWrite()).Times(1).WillOnce(Return(true));
     scoped_ptr<QuicPacket> packet(ConstructClosePacket(number, fec_group));
     scoped_ptr<QuicEncryptedPacket> encrypted(framer_.EncryptPacket(
         ENCRYPTION_NONE, number, *packet));
@@ skipping 957 matching lines @@
   connection_.SetDefaultEncryptionLevel(ENCRYPTION_INITIAL);
 
   SendStreamDataToPeer(2, "bar", 0, !kFin, NULL);
 
   EXPECT_CALL(*send_algorithm_, SentPacket(_, _, _, _)).Times(1);
   EXPECT_CALL(*send_algorithm_, AbandoningPacket(_, _)).Times(1);
 
   connection_.RetransmitUnackedPackets(QuicConnection::INITIAL_ENCRYPTION_ONLY);
 }
 
+TEST_F(QuicConnectionTest, BufferNonDecryptablePackets) {
+  use_tagging_decrypter();
+
+  const uint8 tag = 0x07;
+  framer_.SetEncrypter(ENCRYPTION_INITIAL, new TaggingEncrypter(tag));
+
+  // Process an encrypted packet which can not yet be decrypted
+  // which should result in the packet being buffered.
+  ProcessDataPacketAtLevel(1, false, kEntropyFlag, ENCRYPTION_INITIAL);
+
+  // Transition to the new encryption state and process another
+  // encrypted packet which should result in the original packet being
+  // processed.
+  connection_.SetDecrypter(new StrictTaggingDecrypter(tag));
+  connection_.SetDefaultEncryptionLevel(ENCRYPTION_INITIAL);
+  connection_.SetEncrypter(ENCRYPTION_INITIAL, new TaggingEncrypter(tag));
+  EXPECT_CALL(visitor_, OnPacket(_, _, _, _)).Times(2).WillRepeatedly(
+      Return(true));
+  ProcessDataPacketAtLevel(2, false, kEntropyFlag, ENCRYPTION_INITIAL);
+
+  // Finally, process a third packet and note that we do not
+  // reprocess the buffered packet.
+  EXPECT_CALL(visitor_, OnPacket(_, _, _, _)).WillOnce(Return(true));
+  ProcessDataPacketAtLevel(3, false, kEntropyFlag, ENCRYPTION_INITIAL);
+}
+
 TEST_F(QuicConnectionTest, TestRetransmitOrder) {
   QuicByteCount first_packet_size;
   EXPECT_CALL(*send_algorithm_, SentPacket(_, _, _, _)).WillOnce(
       SaveArg<2>(&first_packet_size));
   EXPECT_CALL(*send_algorithm_, AbandoningPacket(_, _)).Times(2);
 
   connection_.SendStreamData(1, "first_packet", 0, !kFin);
   QuicByteCount second_packet_size;
   EXPECT_CALL(*send_algorithm_, SentPacket(_, _, _, _)).WillOnce(
       SaveArg<2>(&second_packet_size));
@@ skipping 698 matching lines @@
   EXPECT_CALL(visitor_, OnCanWrite()).Times(1).WillOnce(Return(true));
   EXPECT_CALL(visitor_, ConnectionClose(QUIC_PEER_GOING_AWAY, true));
   EXPECT_CALL(visitor_, OnPacket(_, _, _, _)).Times(0);
 
   connection_.ProcessUdpPacket(IPEndPoint(), IPEndPoint(), *encrypted);
 }
 
 }  // namespace
 }  // namespace test
 }  // namespace net