Deprecate --gfe2_restart_flag_quic_server_temporarily_retain_tls_zero_rtt_keys
PiperOrigin-RevId: 357759506
Change-Id: Iaef5f5f31c58b3f437560187edd255ee99eff3d3
diff --git a/quic/core/quic_connection.cc b/quic/core/quic_connection.cc
index e63b953..4d16aa4 100644
--- a/quic/core/quic_connection.cc
+++ b/quic/core/quic_connection.cc
@@ -1138,15 +1138,13 @@
if (level == ENCRYPTION_FORWARD_SECURE &&
!have_decrypted_first_one_rtt_packet_) {
have_decrypted_first_one_rtt_packet_ = true;
- if (GetQuicRestartFlag(quic_server_temporarily_retain_tls_zero_rtt_keys) &&
- version().UsesTls() && perspective_ == Perspective::IS_SERVER) {
+ if (version().UsesTls() && perspective_ == Perspective::IS_SERVER) {
// Servers MAY temporarily retain 0-RTT keys to allow decrypting reordered
// packets without requiring their contents to be retransmitted with 1-RTT
// keys. After receiving a 1-RTT packet, servers MUST discard 0-RTT keys
// within a short time; the RECOMMENDED time period is three times the
// Probe Timeout.
// https://quicwg.org/base-drafts/draft-ietf-quic-tls.html#name-discarding-0-rtt-keys
- QUIC_RESTART_FLAG_COUNT(quic_server_temporarily_retain_tls_zero_rtt_keys);
discard_zero_rtt_decryption_keys_alarm_->Set(
clock_->ApproximateNow() + sent_packet_manager_.GetPtoDelay() * 3);
}
diff --git a/quic/core/quic_connection_test.cc b/quic/core/quic_connection_test.cc
index 30d9144..74534df 100644
--- a/quic/core/quic_connection_test.cc
+++ b/quic/core/quic_connection_test.cc
@@ -13004,50 +13004,7 @@
}
TEST_P(QuicConnectionTest,
- ServerReceivedZeroRttPacketAfterOneRttPacketWithoutRetainedKey) {
- SetQuicRestartFlag(quic_server_temporarily_retain_tls_zero_rtt_keys, false);
- if (!connection_.version().UsesTls()) {
- return;
- }
-
- set_perspective(Perspective::IS_SERVER);
- SetDecrypter(ENCRYPTION_ZERO_RTT,
- std::make_unique<NullDecrypter>(Perspective::IS_SERVER));
-
- EXPECT_CALL(visitor_, OnStreamFrame(_)).Times(1);
- ProcessDataPacketAtLevel(1, !kHasStopWaiting, ENCRYPTION_ZERO_RTT);
-
- // Finish handshake.
- connection_.SetDefaultEncryptionLevel(ENCRYPTION_FORWARD_SECURE);
- notifier_.NeuterUnencryptedData();
- connection_.NeuterUnencryptedPackets();
- connection_.OnHandshakeComplete();
- EXPECT_CALL(visitor_, GetHandshakeState())
- .WillRepeatedly(Return(HANDSHAKE_COMPLETE));
- // When quic_server_temporarily_retain_tls_zero_rtt_keys=false,
- // TlsServerHandshaker::FinishHandshake will remove the ENCRYPTION_ZERO_RTT
- // decrypter, simulate that here:
- connection_.RemoveDecrypter(ENCRYPTION_ZERO_RTT);
-
- EXPECT_CALL(visitor_, OnStreamFrame(_)).Times(1);
- ProcessDataPacketAtLevel(3, !kHasStopWaiting, ENCRYPTION_FORWARD_SECURE);
- EXPECT_FALSE(connection_.GetDiscardZeroRttDecryptionKeysAlarm()->IsSet());
- EXPECT_EQ(
- 0u,
- connection_.GetStats()
- .num_tls_server_zero_rtt_packets_received_after_discarding_decrypter);
-
- EXPECT_CALL(visitor_, OnStreamFrame(_)).Times(0);
- ProcessDataPacketAtLevel(2, !kHasStopWaiting, ENCRYPTION_ZERO_RTT);
- EXPECT_EQ(
- 1u,
- connection_.GetStats()
- .num_tls_server_zero_rtt_packets_received_after_discarding_decrypter);
-}
-
-TEST_P(QuicConnectionTest,
ServerReceivedZeroRttPacketAfterOneRttPacketWithRetainedKey) {
- SetQuicRestartFlag(quic_server_temporarily_retain_tls_zero_rtt_keys, true);
if (!connection_.version().UsesTls()) {
return;
}
@@ -13167,7 +13124,6 @@
TEST_P(QuicConnectionTest,
ServerReceivedZeroRttWithHigherPacketNumberThanOneRttAndFlagDisabled) {
- SetQuicRestartFlag(quic_server_temporarily_retain_tls_zero_rtt_keys, true);
SetQuicReloadableFlag(
quic_close_connection_on_0rtt_packet_number_higher_than_1rtt, false);
if (!connection_.version().UsesTls()) {
@@ -13223,7 +13179,6 @@
TEST_P(QuicConnectionTest,
ServerReceivedZeroRttWithHigherPacketNumberThanOneRtt) {
- SetQuicRestartFlag(quic_server_temporarily_retain_tls_zero_rtt_keys, true);
SetQuicReloadableFlag(
quic_close_connection_on_0rtt_packet_number_higher_than_1rtt, true);
if (!connection_.version().UsesTls()) {
diff --git a/quic/core/quic_flags_list.h b/quic/core/quic_flags_list.h
index 7b6bd95..82c923a 100644
--- a/quic/core/quic_flags_list.h
+++ b/quic/core/quic_flags_list.h
@@ -69,7 +69,6 @@
QUIC_FLAG(FLAGS_quic_restart_flag_quic_dispatcher_support_multiple_cid_per_connection_v2, true)
QUIC_FLAG(FLAGS_quic_restart_flag_quic_enable_zero_rtt_for_tls_v2, true)
QUIC_FLAG(FLAGS_quic_restart_flag_quic_offload_pacing_to_usps2, false)
-QUIC_FLAG(FLAGS_quic_restart_flag_quic_server_temporarily_retain_tls_zero_rtt_keys, true)
QUIC_FLAG(FLAGS_quic_restart_flag_quic_session_tickets_always_enabled, true)
QUIC_FLAG(FLAGS_quic_restart_flag_quic_support_release_time_for_gso, false)
QUIC_FLAG(FLAGS_quic_restart_flag_quic_testonly_default_false, false)
diff --git a/quic/core/tls_server_handshaker.cc b/quic/core/tls_server_handshaker.cc
index 29ffa58..81c7559 100644
--- a/quic/core/tls_server_handshaker.cc
+++ b/quic/core/tls_server_handshaker.cc
@@ -557,15 +557,11 @@
handshaker_delegate()->OnTlsHandshakeComplete();
handshaker_delegate()->DiscardOldEncryptionKey(ENCRYPTION_HANDSHAKE);
handshaker_delegate()->DiscardOldDecryptionKey(ENCRYPTION_HANDSHAKE);
- if (!GetQuicRestartFlag(quic_server_temporarily_retain_tls_zero_rtt_keys)) {
- handshaker_delegate()->DiscardOldDecryptionKey(ENCRYPTION_ZERO_RTT);
- } else {
- // ENCRYPTION_ZERO_RTT decryption key is not discarded here as "Servers MAY
- // temporarily retain 0-RTT keys to allow decrypting reordered packets
- // without requiring their contents to be retransmitted with 1-RTT keys."
- // It is expected that QuicConnection will discard the key at an
- // appropriate time.
- }
+ // ENCRYPTION_ZERO_RTT decryption key is not discarded here as "Servers MAY
+ // temporarily retain 0-RTT keys to allow decrypting reordered packets
+ // without requiring their contents to be retransmitted with 1-RTT keys."
+ // It is expected that QuicConnection will discard the key at an
+ // appropriate time.
}
QuicAsyncStatus TlsServerHandshaker::VerifyCertChain(