Deprecate --gfe2_reloadable_flag_quic_tls_fix_ticket_decrypt.
PiperOrigin-RevId: 393803452
diff --git a/quic/core/quic_flags_list.h b/quic/core/quic_flags_list.h
index a1d0b6d..f6d61eb 100644
--- a/quic/core/quic_flags_list.h
+++ b/quic/core/quic_flags_list.h
@@ -71,8 +71,6 @@
QUIC_FLAG(FLAGS_quic_reloadable_flag_quic_drop_unsent_path_response, true)
// If true, enable server retransmittable on wire PING.
QUIC_FLAG(FLAGS_quic_reloadable_flag_quic_enable_server_on_wire_ping, true)
-// If true, fix a bug in TlsServerHandshaker where the ticket decrypt callback is cleared without being cancelled first.
-QUIC_FLAG(FLAGS_quic_reloadable_flag_quic_tls_fix_ticket_decrypt, true)
// If true, flush any pending frame before default path is about to be updated.
QUIC_FLAG(FLAGS_quic_reloadable_flag_quic_flush_pending_frame_before_updating_default_path, true)
// If true, ignore peer_max_ack_delay during handshake.
diff --git a/quic/core/tls_server_handshaker.cc b/quic/core/tls_server_handshaker.cc
index 4605eaa..8112b41 100644
--- a/quic/core/tls_server_handshaker.cc
+++ b/quic/core/tls_server_handshaker.cc
@@ -138,49 +138,27 @@
// The callback was cancelled before we could run.
return;
}
- if (handshaker_->fix_ticket_decrypt_) {
- TlsServerHandshaker* handshaker = handshaker_;
- handshaker_ = nullptr;
- handshaker->decrypted_session_ticket_ = std::move(plaintext);
- // DecryptCallback::Run could be called synchronously. When that happens, we
- // are currently in the middle of a call to AdvanceHandshake.
- // (AdvanceHandshake called SSL_do_handshake, which through some layers
- // called SessionTicketOpen, which called TicketCrypter::Decrypt, which
- // synchronously called this function.) In that case, the handshake will
- // continue to be processed when this function returns.
- //
- // When this callback is called asynchronously (i.e. the ticket decryption
- // is pending), TlsServerHandshaker is not actively processing handshake
- // messages. We need to have it resume processing handshake messages by
- // calling AdvanceHandshake.
- if (handshaker->expected_ssl_error() == SSL_ERROR_PENDING_TICKET) {
- handshaker->AdvanceHandshakeFromCallback();
- }
+ TlsServerHandshaker* handshaker = handshaker_;
+ handshaker_ = nullptr;
- handshaker->ticket_decryption_callback_ = nullptr;
- return;
- }
- handshaker_->decrypted_session_ticket_ = std::move(plaintext);
+ handshaker->decrypted_session_ticket_ = std::move(plaintext);
// DecryptCallback::Run could be called synchronously. When that happens, we
// are currently in the middle of a call to AdvanceHandshake.
- // (AdvanceHandshake called SSL_do_handshake, which through some layers called
- // SessionTicketOpen, which called TicketCrypter::Decrypt, which synchronously
- // called this function.) In that case, the handshake will continue to be
- // processed when this function returns.
+ // (AdvanceHandshake called SSL_do_handshake, which through some layers
+ // called SessionTicketOpen, which called TicketCrypter::Decrypt, which
+ // synchronously called this function.) In that case, the handshake will
+ // continue to be processed when this function returns.
//
- // When this callback is called asynchronously (i.e. the ticket decryption is
- // pending), TlsServerHandshaker is not actively processing handshake
+ // When this callback is called asynchronously (i.e. the ticket decryption
+ // is pending), TlsServerHandshaker is not actively processing handshake
// messages. We need to have it resume processing handshake messages by
// calling AdvanceHandshake.
- if (handshaker_->expected_ssl_error() == SSL_ERROR_PENDING_TICKET) {
- handshaker_->AdvanceHandshakeFromCallback();
+ if (handshaker->expected_ssl_error() == SSL_ERROR_PENDING_TICKET) {
+ handshaker->AdvanceHandshakeFromCallback();
}
- // The TicketDecrypter took ownership of this callback when Decrypt was
- // called. Once the callback returns, it will be deleted. Remove the
- // (non-owning) pointer to the callback from the handshaker so the handshaker
- // doesn't have an invalid pointer hanging around.
- handshaker_->ticket_decryption_callback_ = nullptr;
+
+ handshaker->ticket_decryption_callback_ = nullptr;
}
void TlsServerHandshaker::DecryptCallback::Cancel() {
@@ -770,20 +748,14 @@
}
async_op_timer_ = QuicTimeAccumulator();
async_op_timer_->Start(now());
-
- if (!fix_ticket_decrypt_) {
- return ssl_ticket_aead_retry;
- }
}
}
- if (fix_ticket_decrypt_) {
- // If the async ticket decryption is pending, either started by this
- // SessionTicketOpen call or one that happened earlier, return
- // ssl_ticket_aead_retry.
- if (ticket_decryption_callback_ && !ticket_decryption_callback_->IsDone()) {
- return ssl_ticket_aead_retry;
- }
+ // If the async ticket decryption is pending, either started by this
+ // SessionTicketOpen call or one that happened earlier, return
+ // ssl_ticket_aead_retry.
+ if (ticket_decryption_callback_ && !ticket_decryption_callback_->IsDone()) {
+ return ssl_ticket_aead_retry;
}
ssl_ticket_aead_result_t result =
diff --git a/quic/core/tls_server_handshaker.h b/quic/core/tls_server_handshaker.h
index 7ed1a8c..0f7289e 100644
--- a/quic/core/tls_server_handshaker.h
+++ b/quic/core/tls_server_handshaker.h
@@ -353,8 +353,6 @@
HandshakeState state_ = HANDSHAKE_START;
bool encryption_established_ = false;
bool valid_alpn_received_ = false;
- const bool fix_ticket_decrypt_ =
- GetQuicReloadableFlag(quic_tls_fix_ticket_decrypt);
QuicReferenceCountedPointer<QuicCryptoNegotiatedParameters>
crypto_negotiated_params_;
TlsServerConnection tls_connection_;
diff --git a/quic/core/tls_server_handshaker_test.cc b/quic/core/tls_server_handshaker_test.cc
index b6ab9de..bf68c85 100644
--- a/quic/core/tls_server_handshaker_test.cc
+++ b/quic/core/tls_server_handshaker_test.cc
@@ -741,9 +741,7 @@
// This will delete |server_handshaker_|.
server_session_ = nullptr;
- if (GetQuicReloadableFlag(quic_tls_fix_ticket_decrypt)) {
- ticket_crypter_->RunPendingCallback(0); // Should not crash.
- }
+ ticket_crypter_->RunPendingCallback(0); // Should not crash.
}
TEST_P(TlsServerHandshakerTest, ResumptionWithFailingDecryptCallback) {
