Convert quic_bounded_crypto_send_buffer to a QUIC_PROTOCOL_FLAG
Because we don't know what size customer certificates could be in the future, we don't anticipate enforcing this flag, and do not plan to verify it. Instead, convert to a QUIC protocol flag so that we have a mechanism to enforce the size limit if necessary in the future.
Protected by quic_bounded_crypto_send_buffer.
PiperOrigin-RevId: 471804475
diff --git a/quiche/quic/core/quic_crypto_stream.cc b/quiche/quic/core/quic_crypto_stream.cc
index 45f5351..33fb1da 100644
--- a/quiche/quic/core/quic_crypto_stream.cc
+++ b/quiche/quic/core/quic_crypto_stream.cc
@@ -151,8 +151,7 @@
// Ensure this data does not cause the send buffer for this encryption level
// to exceed its size limit.
- if (GetQuicReloadableFlag(quic_bounded_crypto_send_buffer)) {
- QUIC_RELOADABLE_FLAG_COUNT(quic_bounded_crypto_send_buffer);
+ if (GetQuicFlag(FLAGS_quic_bounded_crypto_send_buffer)) {
QUIC_BUG_IF(quic_crypto_stream_offset_lt_bytes_written,
offset < send_buffer->stream_bytes_written());
uint64_t current_buffer_size =
diff --git a/quiche/quic/core/quic_crypto_stream_test.cc b/quiche/quic/core/quic_crypto_stream_test.cc
index f5d1f2e..38550f4 100644
--- a/quiche/quic/core/quic_crypto_stream_test.cc
+++ b/quiche/quic/core/quic_crypto_stream_test.cc
@@ -17,6 +17,7 @@
#include "quiche/quic/core/quic_types.h"
#include "quiche/quic/core/quic_utils.h"
#include "quiche/quic/platform/api/quic_expect_bug.h"
+#include "quiche/quic/platform/api/quic_flags.h"
#include "quiche/quic/platform/api/quic_socket_address.h"
#include "quiche/quic/platform/api/quic_test.h"
#include "quiche/quic/test_tools/crypto_test_utils.h"
@@ -688,8 +689,7 @@
EXPECT_TRUE(stream_->HasBufferedCryptoFrames());
// Writing an additional byte to the send buffer closes the connection.
- if (GetQuicReloadableFlag(quic_bounded_crypto_send_buffer)) {
- QUIC_RELOADABLE_FLAG_COUNT(quic_bounded_crypto_send_buffer);
+ if (GetQuicFlag(FLAGS_quic_bounded_crypto_send_buffer)) {
EXPECT_CALL(*connection_, CloseConnection(QUIC_INTERNAL_ERROR, _, _));
EXPECT_QUIC_BUG(
stream_->WriteCryptoData(ENCRYPTION_INITIAL, data2),
diff --git a/quiche/quic/core/quic_flags_list.h b/quiche/quic/core/quic_flags_list.h
index 4059000..6c01fce 100644
--- a/quiche/quic/core/quic_flags_list.h
+++ b/quiche/quic/core/quic_flags_list.h
@@ -33,8 +33,6 @@
QUIC_FLAG(quic_reloadable_flag_quic_can_send_ack_frequency, true)
// If true, allow client to enable BBRv2 on server via connection option \'B2ON\'.
QUIC_FLAG(quic_reloadable_flag_quic_allow_client_enabled_bbr_v2, true)
-// If true, close the connection if a crypto send buffer exceeds its size limit.
-QUIC_FLAG(quic_reloadable_flag_quic_bounded_crypto_send_buffer, false)
// If true, default-enable 5RTO blachole detection.
QUIC_FLAG(quic_reloadable_flag_quic_default_enable_5rto_blackhole_detection2, true)
// If true, disable QUIC version Q043.
diff --git a/quiche/quic/core/quic_protocol_flags_list.h b/quiche/quic/core/quic_protocol_flags_list.h
index c0006f7..a94fbc6 100644
--- a/quiche/quic/core/quic_protocol_flags_list.h
+++ b/quiche/quic/core/quic_protocol_flags_list.h
@@ -214,4 +214,8 @@
QUIC_PROTOCOL_FLAG(bool, quic_enforce_strict_amplification_factor, false,
"If true, enforce strict amplification factor")
+
+QUIC_PROTOCOL_FLAG(bool, quic_bounded_crypto_send_buffer, false,
+ "If true, close the connection if a crypto send buffer "
+ "exceeds its size limit.")
#endif
