gfe-relnote: When new 0RTT key is available, only allow client to write application data as server application data should be written in forward secure. Protected by gfe2_reloadable_flag_quic_use_handshaker_delegate2 which replaces gfe2_reloadable_flag_quic_use_handshaker_delegate.
PiperOrigin-RevId: 284213052
Change-Id: Ic77723e7f8570fb720af719af98d86e47c76ad34
diff --git a/quic/core/http/quic_spdy_stream_test.cc b/quic/core/http/quic_spdy_stream_test.cc
index 62ef3b5..bc85384 100644
--- a/quic/core/http/quic_spdy_stream_test.cc
+++ b/quic/core/http/quic_spdy_stream_test.cc
@@ -223,7 +223,10 @@
QuicConfigPeer::SetReceivedMaxIncomingUnidirectionalStreams(
session_->config(), 10);
session_->OnConfigNegotiated();
- EXPECT_CALL(*connection_, OnCanWrite());
+ if (!session_->use_handshake_delegate() ||
+ session_->perspective() == Perspective::IS_CLIENT) {
+ EXPECT_CALL(*connection_, OnCanWrite());
+ }
if (UsesHttp3()) {
// In this case, TestStream::WriteHeadersImpl() does not prevent writes.
// Six writes include priority for headers, headers frame header, headers
diff --git a/quic/core/quic_connection.cc b/quic/core/quic_connection.cc
index 9349bf2..55f53eb 100644
--- a/quic/core/quic_connection.cc
+++ b/quic/core/quic_connection.cc
@@ -333,7 +333,7 @@
quic_version_negotiated_by_default_at_server_(
GetQuicReloadableFlag(quic_version_negotiated_by_default_at_server)),
use_handshake_delegate_(
- GetQuicReloadableFlag(quic_use_handshaker_delegate) ||
+ GetQuicReloadableFlag(quic_use_handshaker_delegate2) ||
version().handshake_protocol == PROTOCOL_TLS1_3) {
QUIC_DLOG(INFO) << ENDPOINT << "Created connection with server connection ID "
<< server_connection_id
@@ -345,7 +345,7 @@
<< server_connection_id << " which is invalid with version "
<< QuicVersionToString(transport_version());
if (use_handshake_delegate_) {
- QUIC_RELOADABLE_FLAG_COUNT(quic_use_handshaker_delegate);
+ QUIC_RELOADABLE_FLAG_COUNT(quic_use_handshaker_delegate2);
}
framer_.set_visitor(this);
diff --git a/quic/core/quic_connection.h b/quic/core/quic_connection.h
index abd836f..ca4e9ca 100644
--- a/quic/core/quic_connection.h
+++ b/quic/core/quic_connection.h
@@ -1505,7 +1505,7 @@
// Latched value of quic_version_negotiated_by_default_at_server.
const bool quic_version_negotiated_by_default_at_server_;
- // Latched value of quic_use_handshaker_delegate.
+ // Latched value of quic_use_handshaker_delegate2.
const bool use_handshake_delegate_;
};
diff --git a/quic/core/quic_session.cc b/quic/core/quic_session.cc
index ada8bf4..6381bf2 100644
--- a/quic/core/quic_session.cc
+++ b/quic/core/quic_session.cc
@@ -1326,11 +1326,13 @@
case ENCRYPTION_INITIAL:
break;
case ENCRYPTION_ZERO_RTT:
- // Retransmit old 0-RTT data (if any) with the new 0-RTT keys, since they
- // can't be decrypted by the peer.
- connection_->RetransmitUnackedPackets(ALL_INITIAL_RETRANSMISSION);
- // Given any streams blocked by encryption a chance to write.
- OnCanWrite();
+ if (perspective() == Perspective::IS_CLIENT) {
+ // Retransmit old 0-RTT data (if any) with the new 0-RTT keys, since
+ // they can't be decrypted by the server.
+ connection_->RetransmitUnackedPackets(ALL_INITIAL_RETRANSMISSION);
+ // Given any streams blocked by encryption a chance to write.
+ OnCanWrite();
+ }
break;
case ENCRYPTION_HANDSHAKE:
break;