commit 01062943651f3e11165be6273c9a90005e6b0142
author fayang <fayang@google.com> Wed Jan 22 07:23:23 2020 -0800
committer Copybara-Service <copybara-worker@google.com> Wed Jan 22 07:23:56 2020 -0800
tree 16c337331eb96ff99466918ead4a62cd2b570094
parent 021a1e78bb78f9b63b2d3250ca8156468143c9d3

gfe-relnote: In QUIC version T099, implement HANDSHAKE_DONE frame to drive the handshake to confirmation on the client side. Not used in prod yet.

PiperOrigin-RevId: 290948924
Change-Id: Idcbc5c0d573b5db992b65d4971ea12a3d7e87633

quic/core/tls_server_handshaker.cc

diff --git a/quic/core/tls_server_handshaker.cc b/quic/core/tls_server_handshaker.cc
index b22d964..1c95d2b 100644
--- a/quic/core/tls_server_handshaker.cc
+++ b/quic/core/tls_server_handshaker.cc
@@ -120,6 +120,10 @@
   }
 }
 
+void TlsServerHandshaker::OnHandshakeDoneReceived() {
+  DCHECK(false);
+}
+
 bool TlsServerHandshaker::ShouldSendExpectCTHeader() const {
   return false;
 }
@@ -143,7 +147,7 @@
 
 HandshakeState TlsServerHandshaker::GetHandshakeState() const {
   if (one_rtt_keys_available_) {
-    return HANDSHAKE_COMPLETE;
+    return HANDSHAKE_CONFIRMED;
   }
   if (state_ >= STATE_ENCRYPTION_HANDSHAKE_DATA_PROCESSED) {
     return HANDSHAKE_PROCESSED;
@@ -284,9 +288,8 @@
   crypto_negotiated_params_->key_exchange_group = SSL_get_curve_id(ssl());
 
   delegate()->SetDefaultEncryptionLevel(ENCRYPTION_FORWARD_SECURE);
-  // TODO(fayang): Replace this with DiscardOldKeys(ENCRYPTION_HANDSHAKE) when
-  // handshake key discarding settles down.
-  delegate()->NeuterHandshakeData();
+  delegate()->DiscardOldEncryptionKey(ENCRYPTION_HANDSHAKE);
+  delegate()->DiscardOldDecryptionKey(ENCRYPTION_HANDSHAKE);
 }
 
 ssl_private_key_result_t TlsServerHandshaker::PrivateKeySign(