gfe-relnote: In QUIC + TLS, change connection's default encryption level when new encryption key is available. Protected by gfe2_reloadable_flag_quic_change_default_encryption_level.
PiperOrigin-RevId: 309831825
Change-Id: Ie4439af16ae22f6e27f873cc3f410caa1c81ca74
diff --git a/quic/core/quic_session.cc b/quic/core/quic_session.cc
index 29dfb93..0f00ff3 100644
--- a/quic/core/quic_session.cc
+++ b/quic/core/quic_session.cc
@@ -1499,6 +1499,16 @@
connection()->SetEncrypter(level, std::move(encrypter));
if (connection_->version().handshake_protocol == PROTOCOL_TLS1_3 &&
+ (perspective() == Perspective::IS_CLIENT ||
+ GetQuicReloadableFlag(quic_change_default_encryption_level))) {
+ QUIC_DVLOG(1) << ENDPOINT << "Set default encryption level to "
+ << EncryptionLevelToString(level);
+ QUIC_RELOADABLE_FLAG_COUNT(quic_change_default_encryption_level);
+ connection()->SetDefaultEncryptionLevel(level);
+ return;
+ }
+
+ if (connection_->version().handshake_protocol == PROTOCOL_TLS1_3 &&
level == ENCRYPTION_FORWARD_SECURE) {
// Set connection's default encryption level once 1-RTT write key is
// available.
