Fix crash in QUIC GetSSLInfo

If the QUIC version uses TLS and the handshake isn't complete, don't try to fill SSLInfo. Bug: 1107327 Change-Id: I2b8d73c3c1185a9dce92ebe0f6abc00bd8b212af Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2315435 Commit-Queue: Nick Harper <nharper@chromium.org> Auto-Submit: Nick Harper <nharper@chromium.org> Reviewed-by: Renjie Tang <renjietang@chromium.org> Cr-Commit-Position: refs/heads/master@{#791806}

Fix crash in QUIC GetSSLInfo
If the QUIC version uses TLS and the handshake isn't complete, don't try to fill SSLInfo. Bug: 1107327 Change-Id: I2b8d73c3c1185a9dce92ebe0f6abc00bd8b212af Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2315435 Commit-Queue: Nick Harper <nharper@chromium.org> Auto-Submit: Nick Harper <nharper@chromium.org> Reviewed-by: Renjie Tang <renjietang@chromium.org> Cr-Commit-Position: refs/heads/master@{#791806}
323b182d · Nick Harper · Commit Bot · dc298b2e · 323b182d
Commit 323b182d authored Jul 27, 2020 by Nick Harper Committed by Commit Bot Jul 27, 2020
Show whitespace changes
Inline Side-by-side

Showing with 4 additions and 7 deletions

net/quic/quic_chromium_client_session.cc net/quic/quic_chromium_client_session.cc +4 -7

No files found.
--- a/net/quic/quic_chromium_client_session.cc
+++ b/net/quic/quic_chromium_client_session.cc
@@ -1275,7 +1275,8 @@ bool QuicChromiumClientSession::GetRemoteEndpoint(IPEndPoint* endpoint) {
 // we learn about SSL info (sync vs async vs cached).
 bool QuicChromiumClientSession::GetSSLInfo(SSLInfo* ssl_info) const {
  ssl_info->Reset();
-  if (!cert_verify_result_) {
+  if (!cert_verify_result_ || (connection()->version().UsesTls() &&
+                               !crypto_stream_->one_rtt_keys_available())) {
    return false;
  }

@@ -1296,7 +1297,7 @@ bool QuicChromiumClientSession::GetSSLInfo(SSLInfo* ssl_info) const {

  const auto& crypto_params = crypto_stream_->crypto_negotiated_params();
  uint16_t cipher_suite;
-  if (crypto_params.cipher_suite) {
+  if (connection()->version().UsesTls()) {
    cipher_suite = crypto_params.cipher_suite;
  } else {
    // Map QUIC AEADs to the corresponding TLS 1.3 cipher. OpenSSL's cipher
@@ -1320,7 +1321,7 @@ bool QuicChromiumClientSession::GetSSLInfo(SSLInfo* ssl_info) const {
                                &ssl_connection_status);
  ssl_info->connection_status = ssl_connection_status;

-  if (crypto_params.cipher_suite) {
+  if (connection()->version().UsesTls()) {
    ssl_info->key_exchange_group = crypto_params.key_exchange_group;
    ssl_info->peer_signature_algorithm = crypto_params.peer_signature_algorithm;
    return true;
@@ -1340,10 +1341,6 @@ bool QuicChromiumClientSession::GetSSLInfo(SSLInfo* ssl_info) const {
  }

  // QUIC-Crypto always uses RSA-PSS or ECDSA with SHA-256.
-  //
-  // TODO(nharper): This will no longer be true in TLS 1.3. This logic, and
-  // likely the rest of this logic, will want some adjustments for QUIC with TLS
-  // 1.3.
  size_t unused;
  X509Certificate::PublicKeyType key_type;
  X509Certificate::GetPublicKeyInfo(ssl_info->cert->cert_buffer(), &unused,