Fail QUIC requests for secure resources over insecure connections.

BUG=350533

Review URL: https://codereview.chromium.org/189513006

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@255850 0039d316-1c4b-4281-b951-d872f2087c98

net/base/net_error_list.h

@@ -572,6 +572,9 @@ NET_ERROR(RESPONSE_HEADERS_TRUNCATED, -357)
 // to read any requests sent, so they may be resent.
 NET_ERROR(QUIC_HANDSHAKE_FAILED, -358)
 
+// An https resource was requested over an insecure QUIC connection.
+NET_ERROR(REQUEST_FOR_SECURE_RESOURCE_OVER_INSECURE_QUIC, -359)
+
 // The cache does not have the requested entry.
 NET_ERROR(CACHE_MISS, -400)
 

net/quic/quic_http_stream.cc

@@ -59,6 +59,13 @@ int QuicHttpStream::InitializeStream(const HttpRequestInfo* request_info,
     return was_handshake_confirmed_ ? ERR_CONNECTION_CLOSED :
         ERR_QUIC_HANDSHAKE_FAILED;
 
+  if (request_info->url.SchemeIsSecure()) {
+    SSLInfo ssl_info;
+    if (!session_->GetSSLInfo(&ssl_info) || !ssl_info.cert) {
+      return ERR_REQUEST_FOR_SECURE_RESOURCE_OVER_INSECURE_QUIC;
+    }
+  }
+
   stream_net_log_ = stream_net_log;
   request_info_ = request_info;
   priority_ = priority;