gfe-relnote: In QUIC, add anti-amplification limit. Protected by version T099. Anti-amplification limit kicks in before address validation. Now, server can only validate address by processing HANDSHAKE encrypted packet since address validation via token is not implemented. In T099, deprecate HANDSHAKE_MODE and PTO is armed when 1) handshake is not confirmed 2) or there is packets in flight. Such that when PTO fires, at least 1 packet is sent to avoid handshake deadlock due to anti-amplification limit in case of packet losses. PiperOrigin-RevId: 264960590 Change-Id: Ib2d9749b773af9328f96c176a49b2505be006b00

commit: 5f13505fff1cda764a9ba8aeb39551f502122141 [log] [tgz]
author: fayang <fayang@google.com> Thu Aug 22 17:59:40 2019 -0700
committer: Copybara-Service <copybara-worker@google.com> Fri Aug 23 12:19:31 2019 -0700
tree: f6b2d9b15313771d57c5308d307fe6949d1689ca
parent: d17a7400d12793f89e4e98c6dff03e8d828ae933 [diff] [blame]
diff --git a/quic/core/quic_versions.cc b/quic/core/quic_versions.cc
index 372c4f7..af93f85 100644
--- a/quic/core/quic_versions.cc
+++ b/quic/core/quic_versions.cc

@@ -79,6 +79,11 @@
   return VersionHasLengthPrefixedConnectionIds(transport_version);
 }
 
+bool ParsedQuicVersion::SupportsAntiAmplificationLimit() const {
+  return transport_version == QUIC_VERSION_99 &&
+         handshake_protocol == PROTOCOL_TLS1_3;
+}
+
 bool VersionHasLengthPrefixedConnectionIds(
     QuicTransportVersion transport_version) {
   return transport_version >= QUIC_VERSION_99;
commit	5f13505fff1cda764a9ba8aeb39551f502122141	[log] [tgz]
author	fayang <fayang@google.com>	Thu Aug 22 17:59:40 2019 -0700
committer	Copybara-Service <copybara-worker@google.com>	Fri Aug 23 12:19:31 2019 -0700
tree	f6b2d9b15313771d57c5308d307fe6949d1689ca
parent	d17a7400d12793f89e4e98c6dff03e8d828ae933 [diff] [blame]