Google Git
Sign in
quiche / quiche.git / 0b8f0ca6081ebbc05128fff5b41b2482ce5094e0^! / .
commit0b8f0ca6081ebbc05128fff5b41b2482ce5094e0[log] [tgz]
authornharper <nharper@google.com>Fri Jun 05 12:34:18 2020 -0700
committerCopybara-Service <copybara-worker@google.com>Fri Jun 05 12:34:48 2020 -0700
tree5496b7a0689998ac5780c31ba066c94f728a3edb
parent8212c45924e356cea0bc43acde1826aafa11e493 [diff]
Discard server 0-RTT read key when QUIC TLS handshake completes

Once the handshake is complete (i.e. the server has received the client's
Finished message), there shouldn't be any more messages in flight from the
client under the 0-RTT keys. If a lost 0-RTT packet eventually arrives late
(after the Finished), the server now won't be able to decrypt it, and
instead will need to wait for the retransmission to arrive (which is
presumably already en route).

Protected by disabled flag quic_enable_zero_rtt_for_tls

PiperOrigin-RevId: 314976141
Change-Id: I4b668e79795a942c7cec08a3cfb8085b182df781

diff --git a/quic/core/http/quic_spdy_client_session_test.cc b/quic/core/http/quic_spdy_client_session_test.cc
index d1eb591..34d95c9 100644
--- a/quic/core/http/quic_spdy_client_session_test.cc
+++ b/quic/core/http/quic_spdy_client_session_test.cc

@@ -973,8 +973,7 @@
                  ->application_state);
 }
 
-// TODO(b/158240541) re-enable this test after fixing the bug.
-TEST_P(QuicSpdyClientSessionTest, DISABLED_IetfZeroRttSetup) {
+TEST_P(QuicSpdyClientSessionTest, IetfZeroRttSetup) {
   // This feature is HTTP/3 only
   if (!VersionUsesHttp3(session_->transport_version())) {
     return;

diff --git a/quic/core/tls_client_handshaker_test.cc b/quic/core/tls_client_handshaker_test.cc
index fe6fb08..6ee0b77 100644
--- a/quic/core/tls_client_handshaker_test.cc
+++ b/quic/core/tls_client_handshaker_test.cc

@@ -323,8 +323,7 @@
   EXPECT_TRUE(stream()->one_rtt_keys_available());
 }
 
-// TODO(b/158240541) re-enable this test after fixing the bug.
-TEST_P(TlsClientHandshakerTest, DISABLED_Resumption) {
+TEST_P(TlsClientHandshakerTest, Resumption) {
   // Finish establishing the first connection:
   CompleteCryptoHandshake();
 

diff --git a/quic/core/tls_server_handshaker.cc b/quic/core/tls_server_handshaker.cc
index 7d97bdb..58f75e4 100644
--- a/quic/core/tls_server_handshaker.cc
+++ b/quic/core/tls_server_handshaker.cc

@@ -380,6 +380,7 @@
   handshaker_delegate()->OnOneRttKeysAvailable();
   handshaker_delegate()->DiscardOldEncryptionKey(ENCRYPTION_HANDSHAKE);
   handshaker_delegate()->DiscardOldDecryptionKey(ENCRYPTION_HANDSHAKE);
+  handshaker_delegate()->DiscardOldDecryptionKey(ENCRYPTION_ZERO_RTT);
 }
 
 ssl_private_key_result_t TlsServerHandshaker::PrivateKeySign(