Deprecate gfe2_reloadable_flag_quic_tls_use_token_in_session_cache.
PiperOrigin-RevId: 438557393
diff --git a/quic/core/crypto/quic_client_session_cache.cc b/quic/core/crypto/quic_client_session_cache.cc
index 5ce935d..24b5588 100644
--- a/quic/core/crypto/quic_client_session_cache.cc
+++ b/quic/core/crypto/quic_client_session_cache.cc
@@ -87,8 +87,7 @@
state->application_state =
std::make_unique<ApplicationState>(*iter->second->application_state);
}
- if (GetQuicReloadableFlag(quic_tls_use_token_in_session_cache) &&
- !iter->second->token.empty()) {
+ if (!iter->second->token.empty()) {
state->token = iter->second->token;
// Clear token after use.
iter->second->token.clear();
diff --git a/quic/core/http/end_to_end_test.cc b/quic/core/http/end_to_end_test.cc
index ac10d0f..95b274a 100644
--- a/quic/core/http/end_to_end_test.cc
+++ b/quic/core/http/end_to_end_test.cc
@@ -1718,27 +1718,14 @@
server_thread_->Pause();
server_session = GetServerSession();
server_connection = GetServerConnection();
- if (!GetQuicReloadableFlag(quic_tls_use_token_in_session_cache)) {
- // Address token is reused.
- if (server_session != nullptr && server_connection != nullptr) {
- // Verify address is validated via validating token received in INITIAL
- // packet.
- EXPECT_FALSE(server_connection->GetStats()
- .address_validated_via_decrypting_packet);
- EXPECT_TRUE(server_connection->GetStats().address_validated_via_token);
- } else {
- ADD_FAILURE() << "Missing server connection";
- }
+ // Verify address token is only used once.
+ if (server_session != nullptr && server_connection != nullptr) {
+ // Verify address is validated via decrypting packet.
+ EXPECT_TRUE(
+ server_connection->GetStats().address_validated_via_decrypting_packet);
+ EXPECT_FALSE(server_connection->GetStats().address_validated_via_token);
} else {
- // Verify address token is only used once.
- if (server_session != nullptr && server_connection != nullptr) {
- // Verify address is validated via decrypting packet.
- EXPECT_TRUE(server_connection->GetStats()
- .address_validated_via_decrypting_packet);
- EXPECT_FALSE(server_connection->GetStats().address_validated_via_token);
- } else {
- ADD_FAILURE() << "Missing server connection";
- }
+ ADD_FAILURE() << "Missing server connection";
}
server_thread_->Resume();
@@ -1763,15 +1750,8 @@
QuicClientSessionCache* session_cache = static_cast<QuicClientSessionCache*>(
client_crypto_config->mutable_session_cache());
- std::string old_address_token;
- if (GetQuicReloadableFlag(quic_tls_use_token_in_session_cache)) {
- old_address_token =
- QuicClientSessionCachePeer::GetToken(session_cache, server_id);
- } else {
- old_address_token =
- client_crypto_config->LookupOrCreate(server_id)->source_address_token();
- }
- ASSERT_TRUE(!old_address_token.empty());
+ ASSERT_TRUE(
+ !QuicClientSessionCachePeer::GetToken(session_cache, server_id).empty());
// Pause the server thread again to blackhole packets from client.
server_thread_->Pause();
@@ -1779,17 +1759,9 @@
EXPECT_FALSE(client_->client()->WaitForOneRttKeysAvailable());
EXPECT_FALSE(client_->client()->connected());
- std::string new_address_token;
- if (GetQuicReloadableFlag(quic_tls_use_token_in_session_cache)) {
- new_address_token =
- QuicClientSessionCachePeer::GetToken(session_cache, server_id);
- // Verify address token gets cleared.
- ASSERT_TRUE(new_address_token.empty());
- } else {
- new_address_token =
- client_crypto_config->LookupOrCreate(server_id)->source_address_token();
- ASSERT_FALSE(new_address_token.empty());
- }
+ // Verify address token gets cleared.
+ ASSERT_TRUE(
+ QuicClientSessionCachePeer::GetToken(session_cache, server_id).empty());
server_thread_->Resume();
}
diff --git a/quic/core/quic_dispatcher_test.cc b/quic/core/quic_dispatcher_test.cc
index add5164..2d5c78c 100644
--- a/quic/core/quic_dispatcher_test.cc
+++ b/quic/core/quic_dispatcher_test.cc
@@ -454,10 +454,6 @@
ParsedClientHello parsed_chlo;
parsed_chlo.alpns = {ExpectedAlpn()};
parsed_chlo.sni = TestHostname();
- if (address_token_.has_value() &&
- !GetQuicReloadableFlag(quic_tls_use_token_in_session_cache)) {
- parsed_chlo.retry_token = *address_token_;
- }
return parsed_chlo;
}
diff --git a/quic/core/quic_flags_list.h b/quic/core/quic_flags_list.h
index 6dc0d06..7245004 100644
--- a/quic/core/quic_flags_list.h
+++ b/quic/core/quic_flags_list.h
@@ -101,8 +101,6 @@
QUIC_FLAG(FLAGS_quic_reloadable_flag_quic_server_reverse_validate_new_path3, true)
// If true, when a packet is forced retransmitted, only set packet state if all data gets retransmitted.
QUIC_FLAG(FLAGS_quic_restart_flag_quic_set_packet_state_if_all_data_retransmitted, true)
-// If true, when client attempts TLS resumption, use token in session_cache_ instead of cached_states_ in QuicCryptoClientConfig.
-QUIC_FLAG(FLAGS_quic_reloadable_flag_quic_tls_use_token_in_session_cache, true)
// When the flag is true, exit STARTUP after the same number of loss events as PROBE_UP.
QUIC_FLAG(FLAGS_quic_reloadable_flag_quic_bbr2_startup_probe_up_loss_events, true)
// When true, defaults to BBR congestion control instead of Cubic.
diff --git a/quic/core/tls_client_handshaker.cc b/quic/core/tls_client_handshaker.cc
index 3cd47ad..d191017 100644
--- a/quic/core/tls_client_handshaker.cc
+++ b/quic/core/tls_client_handshaker.cc
@@ -42,13 +42,6 @@
has_application_state_(has_application_state),
crypto_config_(crypto_config),
tls_connection_(crypto_config->ssl_ctx(), this, session->GetSSLConfig()) {
- if (!GetQuicReloadableFlag(quic_tls_use_token_in_session_cache)) {
- std::string token =
- crypto_config->LookupOrCreate(server_id)->source_address_token();
- if (!token.empty()) {
- session->SetSourceAddressTokenToSend(token);
- }
- }
if (crypto_config->tls_signature_algorithms().has_value()) {
SSL_set1_sigalgs_list(ssl(),
crypto_config->tls_signature_algorithms()->c_str());
@@ -127,8 +120,7 @@
}
if (cached_state_) {
SSL_set_session(ssl(), cached_state_->tls_session.get());
- if (GetQuicReloadableFlag(quic_tls_use_token_in_session_cache) &&
- !cached_state_->token.empty()) {
+ if (!cached_state_->token.empty()) {
session()->SetSourceAddressTokenToSend(cached_state_->token);
}
}
@@ -435,14 +427,8 @@
if (token.empty()) {
return;
}
- if (GetQuicReloadableFlag(quic_tls_use_token_in_session_cache)) {
- if (session_cache_ != nullptr) {
- session_cache_->OnNewTokenReceived(server_id_, token);
- }
- } else {
- QuicCryptoClientConfig::CachedState* cached =
- crypto_config_->LookupOrCreate(server_id_);
- cached->set_source_address_token(token);
+ if (session_cache_ != nullptr) {
+ session_cache_->OnNewTokenReceived(server_id_, token);
}
}
