commit | 947c8cf32db7e05b31b10d359e9480bf8aa58e28 | [log] [tgz] |
---|---|---|
author | dschinazi <dschinazi@google.com> | Wed Mar 03 16:20:39 2021 -0800 |
committer | Copybara-Service <copybara-worker@google.com> | Wed Mar 03 16:21:14 2021 -0800 |
tree | 04d093ae790992808a5c8831453c0e8d4aad12fe | |
parent | d6cf8bd92f80f3e001d491304937ff9a97ce02d3 [diff] |
Allow QUIC Key Update on first received 1-RTT packet As per the specification, the first key update is allowed even if we haven't decrypted any packets: <<An endpoint MUST NOT initiate a key update prior to having confirmed the handshake (Section 4.1.2). An endpoint MUST NOT initiate a subsequent key update unless it has received an acknowledgment for a packet that was sent protected with keys from the current key phase.>> This issue was found during the IETF 110 hackathon, as another implementation was performing a key update immediately post handshake. Protected by FLAGS_quic_reloadable_flag_quic_fix_key_update_on_first_packet. PiperOrigin-RevId: 360781943 Change-Id: I678cd85ffdd4d014184fa6db86e8c42c64c421cd
QUICHE (QUIC, Http/2, Etc) is Google‘s implementation of QUIC and related protocols. It powers Chromium as well as Google’s QUIC servers and some other projects. QUICHE is only supported on little-endian platforms.
Code can be viewed in CodeSearch in Quiche and is imported into Chromium.