gfe-relnote: In QUIC, add anti-amplification limit. Protected by version T099. Anti-amplification limit kicks in before address validation. Now, server can only validate address by processing HANDSHAKE encrypted packet since address validation via token is not implemented. In T099, deprecate HANDSHAKE_MODE and PTO is armed when 1) handshake is not confirmed 2) or there is packets in flight. Such that when PTO fires, at least 1 packet is sent to avoid handshake deadlock due to anti-amplification limit in case of packet losses. PiperOrigin-RevId: 264960590 Change-Id: Ib2d9749b773af9328f96c176a49b2505be006b00

commit: 5f13505fff1cda764a9ba8aeb39551f502122141 [log] [tgz]
author: fayang <fayang@google.com> Thu Aug 22 17:59:40 2019 -0700
committer: Copybara-Service <copybara-worker@google.com> Fri Aug 23 12:19:31 2019 -0700
tree: f6b2d9b15313771d57c5308d307fe6949d1689ca
parent: d17a7400d12793f89e4e98c6dff03e8d828ae933 [diff] [blame]
diff --git a/quic/core/quic_sent_packet_manager_test.cc b/quic/core/quic_sent_packet_manager_test.cc
index fced1eb..43b0094 100644
--- a/quic/core/quic_sent_packet_manager_test.cc
+++ b/quic/core/quic_sent_packet_manager_test.cc

@@ -3090,6 +3090,50 @@
   manager_.MaybeSendProbePackets();
 }
 
+TEST_P(QuicSentPacketManagerTest, DisableHandshakeModeClient) {
+  QuicSentPacketManagerPeer::SetPerspective(&manager_, Perspective::IS_CLIENT);
+  manager_.SetSessionDecideWhatToWrite(true);
+  manager_.DisableHandshakeMode();
+  // Send CHLO.
+  SendCryptoPacket(1);
+  EXPECT_NE(QuicTime::Zero(), manager_.GetRetransmissionTime());
+  // Ack packet 1.
+  ExpectAck(1);
+  manager_.OnAckFrameStart(QuicPacketNumber(1), QuicTime::Delta::Infinite(),
+                           clock_.Now());
+  manager_.OnAckRange(QuicPacketNumber(1), QuicPacketNumber(2));
+  EXPECT_EQ(PACKETS_NEWLY_ACKED,
+            manager_.OnAckFrameEnd(clock_.Now(), QuicPacketNumber(1),
+                                   ENCRYPTION_INITIAL));
+  EXPECT_EQ(0u, manager_.GetBytesInFlight());
+  // Verify retransmission timeout is not zero because handshake is not
+  // confirmed although there is no in flight packet.
+  EXPECT_NE(QuicTime::Zero(), manager_.GetRetransmissionTime());
+  // Fire PTO.
+  EXPECT_EQ(QuicSentPacketManager::PTO_MODE,
+            manager_.OnRetransmissionTimeout());
+}
+
+TEST_P(QuicSentPacketManagerTest, DisableHandshakeModeServer) {
+  manager_.SetSessionDecideWhatToWrite(true);
+  manager_.DisableHandshakeMode();
+  // Send SHLO.
+  SendCryptoPacket(1);
+  EXPECT_NE(QuicTime::Zero(), manager_.GetRetransmissionTime());
+  // Ack packet 1.
+  ExpectAck(1);
+  manager_.OnAckFrameStart(QuicPacketNumber(1), QuicTime::Delta::Infinite(),
+                           clock_.Now());
+  manager_.OnAckRange(QuicPacketNumber(1), QuicPacketNumber(2));
+  EXPECT_EQ(PACKETS_NEWLY_ACKED,
+            manager_.OnAckFrameEnd(clock_.Now(), QuicPacketNumber(1),
+                                   ENCRYPTION_INITIAL));
+  EXPECT_EQ(0u, manager_.GetBytesInFlight());
+  // Verify retransmission timeout is not set on server side because there is
+  // nothing in flight.
+  EXPECT_EQ(QuicTime::Zero(), manager_.GetRetransmissionTime());
+}
+
 }  // namespace
 }  // namespace test
 }  // namespace quic
commit	5f13505fff1cda764a9ba8aeb39551f502122141	[log] [tgz]
author	fayang <fayang@google.com>	Thu Aug 22 17:59:40 2019 -0700
committer	Copybara-Service <copybara-worker@google.com>	Fri Aug 23 12:19:31 2019 -0700
tree	f6b2d9b15313771d57c5308d307fe6949d1689ca
parent	d17a7400d12793f89e4e98c6dff03e8d828ae933 [diff] [blame]