Google Git
Sign in
quiche/quiche/53cbf3f57e5c4e652567df43bedb2631d012eee8^!/.
commit
53cbf3f57e5c4e652567df43bedb2631d012eee8
[log]
author
haoyuewang <haoyuewang@google.com>
Tue Apr 13 12:52:11 2021 -0700
committer
Copybara-Service <copybara-worker@google.com>
Tue Apr 13 12:52:42 2021 -0700
tree
eec81c356e1db5cd587b78c8475555e54211860f
parent
1ad3f0669eada80f7a2f2c72249c0bb570575f8e [diff]
Group sending path response and reverse path challenge closer on the server side.

The advantages are:
(1) The outermost ScopedPeerAddressContext can be instantiated after alternative_path_ has been created. This makes it straightforward to find a connection ID for this scoped context.
(2) Ideally, path response and reverse path challenge is better sent at the end of packet processing. But that is a more complex change. The current change allows progress made in usage of connection ID without that.

Protected by FLAGS_quic_reloadable_flag_quic_group_path_response_and_challenge_sending_closer.

PiperOrigin-RevId: 368275656
Change-Id: I1735ff20babd2f190ba27ea7037e2be9317a6f3a

diff --git a/quic/core/quic_connection.cc b/quic/core/quic_connection.cc
index a793af8..95a9c3b 100644
--- a/quic/core/quic_connection.cc
+++ b/quic/core/quic_connection.cc

@@ -1703,8 +1703,11 @@
     // PATH_RESPONSE. This context needs to be out of scope before returning.
     // TODO(danzh) inline OnPathChallengeFrameInternal() once
     // support_reverse_path_validation_ is deprecated.
-    QuicPacketCreator::ScopedPeerAddressContext context(
-        &packet_creator_, last_packet_source_address_);
+    auto context =
+        group_path_response_and_challenge_sending_closer_
+            ? nullptr
+            : std::make_unique<QuicPacketCreator::ScopedPeerAddressContext>(
+                  &packet_creator_, last_packet_source_address_);
     if (!OnPathChallengeFrameInternal(frame)) {
       return false;
     }
@@ -1714,6 +1717,7 @@
 
 bool QuicConnection::OnPathChallengeFrameInternal(
     const QuicPathChallengeFrame& frame) {
+  should_proactively_validate_peer_address_on_path_challenge_ = false;
   // UpdatePacketContent() may start reverse path validation.
   if (!UpdatePacketContent(PATH_CHALLENGE_FRAME)) {
     return false;
@@ -1722,6 +1726,29 @@
     debug_visitor_->OnPathChallengeFrame(frame);
   }
 
+  std::unique_ptr<QuicPacketCreator::ScopedPeerAddressContext> context;
+  if (group_path_response_and_challenge_sending_closer_) {
+    context = std::make_unique<QuicPacketCreator::ScopedPeerAddressContext>(
+        &packet_creator_, last_packet_source_address_);
+  }
+  if (should_proactively_validate_peer_address_on_path_challenge_) {
+    QUIC_RELOADABLE_FLAG_COUNT(
+        quic_group_path_response_and_challenge_sending_closer);
+    QuicSocketAddress current_effective_peer_address =
+        GetEffectivePeerAddressFromCurrentPacket();
+    // Conditions to proactively validate peer address:
+    // The perspective is server
+    // The PATH_CHALLENGE is received on an unvalidated alternative path.
+    // The connection isn't validating migrated peer address, which is of
+    // higher prority.
+    QUIC_DVLOG(1) << "Proactively validate the effective peer address "
+                  << current_effective_peer_address;
+    ValidatePath(std::make_unique<ReversePathValidationContext>(
+                     default_path_.self_address, current_effective_peer_address,
+                     current_effective_peer_address, this),
+                 std::make_unique<ReversePathValidationResultDelegate>(
+                     this, peer_address()));
+  }
   if (!send_path_response_) {
     // Save the path challenge's payload, for later use in generating the
     // response.
@@ -5453,19 +5480,23 @@
             last_packet_destination_address_, current_effective_peer_address,
             client_connection_id, last_packet_destination_connection_id_,
             stateless_reset_token_received, stateless_reset_token);
-        // Conditions to proactively validate peer address:
-        // The perspective is server
-        // The PATH_CHALLENGE is received on an unvalidated alternative path.
-        // The connection isn't validating migrated peer address, which is of
-        // higher prority.
-        QUIC_DVLOG(1) << "Proactively validate the effective peer address "
-                      << current_effective_peer_address;
-        ValidatePath(
-            std::make_unique<ReversePathValidationContext>(
-                default_path_.self_address, current_effective_peer_address,
-                current_effective_peer_address, this),
-            std::make_unique<ReversePathValidationResultDelegate>(
-                this, peer_address()));
+        if (group_path_response_and_challenge_sending_closer_) {
+          should_proactively_validate_peer_address_on_path_challenge_ = true;
+        } else {
+          // Conditions to proactively validate peer address:
+          // The perspective is server
+          // The PATH_CHALLENGE is received on an unvalidated alternative path.
+          // The connection isn't validating migrated peer address, which is of
+          // higher prority.
+          QUIC_DVLOG(1) << "Proactively validate the effective peer address "
+                        << current_effective_peer_address;
+          ValidatePath(
+              std::make_unique<ReversePathValidationContext>(
+                  default_path_.self_address, current_effective_peer_address,
+                  current_effective_peer_address, this),
+              std::make_unique<ReversePathValidationResultDelegate>(
+                  this, peer_address()));
+        }
       }
     }
     MaybeUpdateBytesReceivedFromAlternativeAddress(last_size_);

diff --git a/quic/core/quic_connection.h b/quic/core/quic_connection.h
index 5513795..b935943 100644
--- a/quic/core/quic_connection.h
+++ b/quic/core/quic_connection.h

@@ -2229,6 +2229,14 @@
   bool use_connection_id_on_default_path_ =
       GetQuicReloadableFlag(quic_use_connection_id_on_default_path);
 
+  // Indicates whether we should proactively validate peer address on a
+  // PATH_CHALLENGE received.
+  bool should_proactively_validate_peer_address_on_path_challenge_ = false;
+
+  const bool group_path_response_and_challenge_sending_closer_ =
+      GetQuicReloadableFlag(
+          quic_group_path_response_and_challenge_sending_closer);
+
   const bool quic_deprecate_incoming_connection_ids_ =
       GetQuicReloadableFlag(quic_deprecate_incoming_connection_ids);
 };

diff --git a/quic/core/quic_flags_list.h b/quic/core/quic_flags_list.h
index 17c34a9..f5fe8bc 100644
--- a/quic/core/quic_flags_list.h
+++ b/quic/core/quic_flags_list.h

@@ -52,6 +52,7 @@
 QUIC_FLAG(FLAGS_quic_reloadable_flag_quic_fix_on_stream_reset, true)
 QUIC_FLAG(FLAGS_quic_reloadable_flag_quic_fix_stateless_reset, true)
 QUIC_FLAG(FLAGS_quic_reloadable_flag_quic_fix_willing_and_able_to_write2, true)
+QUIC_FLAG(FLAGS_quic_reloadable_flag_quic_group_path_response_and_challenge_sending_closer, false)
 QUIC_FLAG(FLAGS_quic_reloadable_flag_quic_h3_datagram, false)
 QUIC_FLAG(FLAGS_quic_reloadable_flag_quic_pass_path_response_to_validator, false)
 QUIC_FLAG(FLAGS_quic_reloadable_flag_quic_preempt_stream_data_with_handshake_packet, true)