Google Git
Sign in
quiche/quiche.git/39c88abb973e634dc1197e15e376ba52ae8bd16e^!/.
commit
39c88abb973e634dc1197e15e376ba52ae8bd16e
[log]
author
rch <rch@google.com>
Wed Oct 16 19:24:40 2019 -0700
committer
Copybara-Service <copybara-worker@google.com>
Wed Oct 16 19:25:19 2019 -0700
tree
e8649827b6649e89a59b1d874ffc8d78bb16bb4b
parent
e861aee825feae9384e3320501fc297b6de68eae [diff]
gfe-relnote: Send QUIC connection close packets at all available encryption levels.

PiperOrigin-RevId: 275164869
Change-Id: I0a75e528218a6526dbeef2d44df5cf0cb332094e

diff --git a/quic/core/quic_connection.cc b/quic/core/quic_connection.cc
index 079e14d..7916791 100644
--- a/quic/core/quic_connection.cc
+++ b/quic/core/quic_connection.cc

@@ -2832,13 +2832,13 @@
 
 void QuicConnection::QueueUndecryptablePacket(
     const QuicEncryptedPacket& packet) {
-    for (const auto& saved_packet : undecryptable_packets_) {
-      if (packet.data() == saved_packet->data() &&
-          packet.length() == saved_packet->length()) {
-        QUIC_DVLOG(1) << ENDPOINT << "Not queueing known undecryptable packet";
-        return;
-      }
+  for (const auto& saved_packet : undecryptable_packets_) {
+    if (packet.data() == saved_packet->data() &&
+        packet.length() == saved_packet->length()) {
+      QUIC_DVLOG(1) << ENDPOINT << "Not queueing known undecryptable packet";
+      return;
     }
+  }
   QUIC_DVLOG(1) << ENDPOINT << "Queueing undecryptable packet.";
   undecryptable_packets_.push_back(packet.Clone());
 }
@@ -2942,25 +2942,58 @@
 
 void QuicConnection::SendConnectionClosePacket(QuicErrorCode error,
                                                const std::string& details) {
-  QUIC_DLOG(INFO) << ENDPOINT << "Sending connection close packet.";
-  SetDefaultEncryptionLevel(GetConnectionCloseEncryptionLevel());
-  ClearQueuedPackets();
-  // If there was a packet write error, write the smallest close possible.
-  ScopedPacketFlusher flusher(this);
-  // When multiple packet number spaces is supported, an ACK frame will be
-  // bundled when connection is not write blocked.
-  if (!SupportsMultiplePacketNumberSpaces() &&
-      error != QUIC_PACKET_WRITE_ERROR &&
-      !GetUpdatedAckFrame().ack_frame->packets.Empty()) {
-    SendAck();
-  }
-  QuicConnectionCloseFrame* frame;
+  if (!GetQuicReloadableFlag(quic_close_all_encryptions_levels)) {
+    QUIC_DLOG(INFO) << ENDPOINT << "Sending connection close packet.";
+    SetDefaultEncryptionLevel(GetConnectionCloseEncryptionLevel());
+    ClearQueuedPackets();
+    // If there was a packet write error, write the smallest close possible.
+    ScopedPacketFlusher flusher(this);
+    // When multiple packet number spaces is supported, an ACK frame will be
+    // bundled when connection is not write blocked.
+    if (!SupportsMultiplePacketNumberSpaces() &&
+        error != QUIC_PACKET_WRITE_ERROR &&
+        !GetUpdatedAckFrame().ack_frame->packets.Empty()) {
+      SendAck();
+    }
+    QuicConnectionCloseFrame* frame;
 
-  frame = new QuicConnectionCloseFrame(transport_version(), error, details,
-                                       framer_.current_received_frame_type());
-  packet_generator_.ConsumeRetransmittableControlFrame(QuicFrame(frame));
-  packet_generator_.FlushAllQueuedFrames();
-  ClearQueuedPackets();
+    frame = new QuicConnectionCloseFrame(transport_version(), error, details,
+                                         framer_.current_received_frame_type());
+    packet_generator_.ConsumeRetransmittableControlFrame(QuicFrame(frame));
+    packet_generator_.FlushAllQueuedFrames();
+    ClearQueuedPackets();
+    return;
+  }
+  const EncryptionLevel current_encryption_level = encryption_level_;
+  ScopedPacketFlusher flusher(this);
+  QUIC_RELOADABLE_FLAG_COUNT(quic_close_all_encryptions_levels);
+  for (EncryptionLevel level :
+       {ENCRYPTION_INITIAL, ENCRYPTION_HANDSHAKE, ENCRYPTION_ZERO_RTT,
+        ENCRYPTION_FORWARD_SECURE}) {
+    if (!framer_.HasEncrypterOfEncryptionLevel(level)) {
+      continue;
+    }
+    QUIC_DLOG(INFO) << ENDPOINT << "Sending connection close packet at level: "
+                    << EncryptionLevelToString(level);
+    SetDefaultEncryptionLevel(level);
+    ClearQueuedPackets();
+    // If there was a packet write error, write the smallest close possible.
+    // When multiple packet number spaces are supported, an ACK frame will
+    // be bundled by the ScopedPacketFlusher. Otherwise, an ACK must be sent
+    // explicitly.
+    if (!SupportsMultiplePacketNumberSpaces() &&
+        error != QUIC_PACKET_WRITE_ERROR &&
+        !GetUpdatedAckFrame().ack_frame->packets.Empty()) {
+      SendAck();
+    }
+    auto* frame =
+        new QuicConnectionCloseFrame(transport_version(), error, details,
+                                     framer_.current_received_frame_type());
+    packet_generator_.ConsumeRetransmittableControlFrame(QuicFrame(frame));
+    packet_generator_.FlushAllQueuedFrames();
+    ClearQueuedPackets();
+  }
+  SetDefaultEncryptionLevel(current_encryption_level);
 }
 
 void QuicConnection::TearDownLocalConnectionState(

diff --git a/quic/core/quic_connection_test.cc b/quic/core/quic_connection_test.cc
index 20f63f7..d73865c 100644
--- a/quic/core/quic_connection_test.cc
+++ b/quic/core/quic_connection_test.cc

@@ -2053,8 +2053,9 @@
   // Regression test for b/74073386.
   {
     InSequence seq;
-    EXPECT_CALL(*send_algorithm_, OnPacketSent(_, _, _, _, _)).Times(1);
-    EXPECT_CALL(visitor_, OnConnectionClosed(_, _)).Times(1);
+    EXPECT_CALL(*send_algorithm_, OnPacketSent(_, _, _, _, _))
+        .Times(AtLeast(1));
+    EXPECT_CALL(visitor_, OnConnectionClosed(_, _)).Times(AtLeast(1));
   }
 
   set_perspective(Perspective::IS_CLIENT);
@@ -2852,9 +2853,11 @@
   // one.  This should cause a connection error.
   QuicPacketCreatorPeer::SetPacketNumber(&peer_creator_, 7);
   if (!GetParam().no_stop_waiting) {
-    EXPECT_CALL(*send_algorithm_, OnPacketSent(_, _, _, _, _));
+    EXPECT_CALL(*send_algorithm_, OnPacketSent(_, _, _, _, _))
+        .Times(AtLeast(1));
     EXPECT_CALL(visitor_,
-                OnConnectionClosed(_, ConnectionCloseSource::FROM_SELF));
+                OnConnectionClosed(_, ConnectionCloseSource::FROM_SELF))
+        .Times(AtLeast(1));
   }
   ProcessStopWaitingPacket(InitStopWaitingFrame(1));
   if (!GetParam().no_stop_waiting) {
@@ -2907,7 +2910,7 @@
   EXPECT_CALL(visitor_,
               OnConnectionClosed(_, ConnectionCloseSource::FROM_SELF));
   EXPECT_CALL(visitor_, OnSuccessfulVersionNegotiation(_));
-  EXPECT_CALL(*send_algorithm_, OnPacketSent(_, _, _, _, _));
+  EXPECT_CALL(*send_algorithm_, OnPacketSent(_, _, _, _, _)).Times(AtLeast(1));
   QuicAckFrame frame = InitAckFrame(1);
   EXPECT_CALL(visitor_, OnCanWrite()).Times(0);
   ProcessAckPacket(&frame);
@@ -5473,7 +5476,7 @@
   // This time, we should time out.
   EXPECT_CALL(visitor_,
               OnConnectionClosed(_, ConnectionCloseSource::FROM_SELF));
-  EXPECT_CALL(*send_algorithm_, OnPacketSent(_, _, _, _, _));
+  EXPECT_CALL(*send_algorithm_, OnPacketSent(_, _, _, _, _)).Times(AtLeast(1));
   clock_.AdvanceTime(five_ms);
   EXPECT_EQ(default_timeout + five_ms, clock_.ApproximateNow());
   connection_.GetTimeoutAlarm()->Fire();
@@ -5551,7 +5554,7 @@
   // This time, we should time out.
   EXPECT_CALL(visitor_,
               OnConnectionClosed(_, ConnectionCloseSource::FROM_SELF));
-  EXPECT_CALL(*send_algorithm_, OnPacketSent(_, _, _, _, _));
+  EXPECT_CALL(*send_algorithm_, OnPacketSent(_, _, _, _, _)).Times(AtLeast(1));
   clock_.AdvanceTime(final_timeout - clock_.Now());
   EXPECT_EQ(connection_.GetTimeoutAlarm()->deadline(), clock_.Now());
   EXPECT_EQ(final_timeout, clock_.Now());
@@ -5686,7 +5689,7 @@
   // This time, we should time out and send a connection close due to the TLP.
   EXPECT_CALL(visitor_,
               OnConnectionClosed(_, ConnectionCloseSource::FROM_SELF));
-  EXPECT_CALL(*send_algorithm_, OnPacketSent(_, _, _, _, _));
+  EXPECT_CALL(*send_algorithm_, OnPacketSent(_, _, _, _, _)).Times(AtLeast(1));
   clock_.AdvanceTime(connection_.GetTimeoutAlarm()->deadline() -
                      clock_.ApproximateNow() + five_ms);
   connection_.GetTimeoutAlarm()->Fire();
@@ -5741,7 +5744,7 @@
   // This time, we should time out and send a connection close due to the TLP.
   EXPECT_CALL(visitor_,
               OnConnectionClosed(_, ConnectionCloseSource::FROM_SELF));
-  EXPECT_CALL(*send_algorithm_, OnPacketSent(_, _, _, _, _));
+  EXPECT_CALL(*send_algorithm_, OnPacketSent(_, _, _, _, _)).Times(AtLeast(1));
   clock_.AdvanceTime(connection_.GetTimeoutAlarm()->deadline() -
                      clock_.ApproximateNow() + five_ms);
   connection_.GetTimeoutAlarm()->Fire();
@@ -5792,7 +5795,7 @@
   // This time, we should time out.
   EXPECT_CALL(visitor_,
               OnConnectionClosed(_, ConnectionCloseSource::FROM_SELF));
-  EXPECT_CALL(*send_algorithm_, OnPacketSent(_, _, _, _, _));
+  EXPECT_CALL(*send_algorithm_, OnPacketSent(_, _, _, _, _)).Times(AtLeast(1));
   clock_.AdvanceTime(five_ms);
   EXPECT_EQ(default_timeout + five_ms, clock_.ApproximateNow());
   connection_.GetTimeoutAlarm()->Fire();
@@ -5895,7 +5898,7 @@
   // This time, we should time out.
   EXPECT_CALL(visitor_,
               OnConnectionClosed(_, ConnectionCloseSource::FROM_SELF));
-  EXPECT_CALL(*send_algorithm_, OnPacketSent(_, _, _, _, _));
+  EXPECT_CALL(*send_algorithm_, OnPacketSent(_, _, _, _, _)).Times(AtLeast(1));
   connection_.GetRetransmissionAlarm()->Fire();
   EXPECT_FALSE(connection_.GetTimeoutAlarm()->IsSet());
   EXPECT_FALSE(connection_.connected());
@@ -7407,7 +7410,7 @@
   EXPECT_EQ(1u, writer_->packets_write_attempts());
 
   TriggerConnectionClose();
-  EXPECT_EQ(2u, writer_->packets_write_attempts());
+  EXPECT_LE(2u, writer_->packets_write_attempts());
 }
 
 TEST_P(QuicConnectionTest, ConnectionCloseGettingWriteBlocked) {
@@ -8813,6 +8816,8 @@
   use_tagging_decrypter();
   connection_.SetEncrypter(ENCRYPTION_INITIAL,
                            std::make_unique<TaggingEncrypter>(0x01));
+  connection_.SetEncrypter(ENCRYPTION_FORWARD_SECURE,
+                           std::make_unique<TaggingEncrypter>(0x01));
 
   connection_.SendCryptoStreamData();
   EXPECT_CALL(visitor_, OnSuccessfulVersionNegotiation(_));
@@ -8834,7 +8839,7 @@
       InitAckFrame({{QuicPacketNumber(2), QuicPacketNumber(4)}});
   EXPECT_CALL(visitor_,
               OnConnectionClosed(_, ConnectionCloseSource::FROM_SELF));
-  EXPECT_CALL(*send_algorithm_, OnPacketSent(_, _, _, _, _)).Times(1);
+  EXPECT_CALL(*send_algorithm_, OnPacketSent(_, _, _, _, _)).Times(AtLeast(1));
   ProcessFramePacketAtLevel(300, QuicFrame(&invalid_ack), ENCRYPTION_INITIAL);
   TestConnectionCloseQuicErrorCode(QUIC_INVALID_ACK_DATA);
 }
@@ -9317,7 +9322,7 @@
       0, FIN, nullptr);
 
   // 5PTO + 1 connection close.
-  EXPECT_CALL(*send_algorithm_, OnPacketSent(_, _, _, _, _)).Times(6);
+  EXPECT_CALL(*send_algorithm_, OnPacketSent(_, _, _, _, _)).Times(AtLeast(6));
 
   // Fire the retransmission alarm 5 times.
   for (int i = 0; i < 5; ++i) {
@@ -9371,7 +9376,7 @@
   // Closes connection on 7th PTO.
   EXPECT_CALL(visitor_,
               OnConnectionClosed(_, ConnectionCloseSource::FROM_SELF));
-  EXPECT_CALL(*send_algorithm_, OnPacketSent(_, _, _, _, _));
+  EXPECT_CALL(*send_algorithm_, OnPacketSent(_, _, _, _, _)).Times(AtLeast(1));
   connection_.GetRetransmissionAlarm()->Fire();
   EXPECT_FALSE(connection_.GetTimeoutAlarm()->IsSet());
   EXPECT_FALSE(connection_.connected());
@@ -9411,7 +9416,7 @@
   // Closes connection on 8th PTO.
   EXPECT_CALL(visitor_,
               OnConnectionClosed(_, ConnectionCloseSource::FROM_SELF));
-  EXPECT_CALL(*send_algorithm_, OnPacketSent(_, _, _, _, _));
+  EXPECT_CALL(*send_algorithm_, OnPacketSent(_, _, _, _, _)).Times(AtLeast(1));
   connection_.GetRetransmissionAlarm()->Fire();
   EXPECT_FALSE(connection_.GetTimeoutAlarm()->IsSet());
   EXPECT_FALSE(connection_.connected());