gfe-relnote: When new 0RTT key is available, only allow client to write application data as server application data should be written in forward secure. Protected by gfe2_reloadable_flag_quic_use_handshaker_delegate2 which replaces gfe2_reloadable_flag_quic_use_handshaker_delegate. PiperOrigin-RevId: 284213052 Change-Id: Ic77723e7f8570fb720af719af98d86e47c76ad34

commit: 401cf20ca7dbfec7046aa54b4bbd3b48fbfe980e [log] [tgz]
author: fayang <fayang@google.com> Fri Dec 06 10:30:13 2019 -0800
committer: Copybara-Service <copybara-worker@google.com> Fri Dec 06 10:30:49 2019 -0800
tree: 20fc97e154002c75d9b3f800d1397241f9a6dc58
parent: 7e3fe6b7eb99c0597cd8143762e21b3a9240cc3b [diff] [blame]
diff --git a/quic/core/quic_session.cc b/quic/core/quic_session.cc
index ada8bf4..6381bf2 100644
--- a/quic/core/quic_session.cc
+++ b/quic/core/quic_session.cc

@@ -1326,11 +1326,13 @@
     case ENCRYPTION_INITIAL:
       break;
     case ENCRYPTION_ZERO_RTT:
-      // Retransmit old 0-RTT data (if any) with the new 0-RTT keys, since they
-      // can't be decrypted by the peer.
-      connection_->RetransmitUnackedPackets(ALL_INITIAL_RETRANSMISSION);
-      // Given any streams blocked by encryption a chance to write.
-      OnCanWrite();
+      if (perspective() == Perspective::IS_CLIENT) {
+        // Retransmit old 0-RTT data (if any) with the new 0-RTT keys, since
+        // they can't be decrypted by the server.
+        connection_->RetransmitUnackedPackets(ALL_INITIAL_RETRANSMISSION);
+        // Given any streams blocked by encryption a chance to write.
+        OnCanWrite();
+      }
       break;
     case ENCRYPTION_HANDSHAKE:
       break;
commit	401cf20ca7dbfec7046aa54b4bbd3b48fbfe980e	[log] [tgz]
author	fayang <fayang@google.com>	Fri Dec 06 10:30:13 2019 -0800
committer	Copybara-Service <copybara-worker@google.com>	Fri Dec 06 10:30:49 2019 -0800
tree	20fc97e154002c75d9b3f800d1397241f9a6dc58
parent	7e3fe6b7eb99c0597cd8143762e21b3a9240cc3b [diff] [blame]