Change default zero rtt matching policy

Summary: This is a safer default than allowing limited on the source address not matching. While here, also change the attemptEarlyData setting to false, since 0-rtt should be opt-in. Reviewed By: yangchi, JunqiWang Differential Revision: D21383402 fbshipit-source-id: b60fbbbe9438861eea894cb11ccb8bae2243a174
2025-11-24 04:01:07 +03:00 · 2020-05-04 14:42:46 -07:00
parent 0c5f00f0dc
commit d83d7f3024
5 changed files with 21 additions and 2 deletions
--- a/quic/fizz/client/handshake/test/FizzClientHandshakeTest.cpp
+++ b/quic/fizz/client/handshake/test/FizzClientHandshakeTest.cpp
@@ -94,6 +94,7 @@ class ClientHandshakeTest : public Test, public boost::static_visitor<> {
    cryptoState = conn->cryptoState.get();
    handshake = conn->clientHandshakeLayer;
    conn->transportSettings.attemptEarlyData = true;
    std::vector<QuicVersion> supportedVersions = {getVersion()};
    auto serverTransportParameters =
        std::make_shared<ServerTransportParametersExtension>(
--- a/quic/fizz/client/test/QuicClientTransportTest.cpp
+++ b/quic/fizz/client/test/QuicClientTransportTest.cpp
@@ -233,11 +233,18 @@ class QuicClientTransportIntegrationTest : public TestWithParam<TestingParams> {
        std::make_shared<DefaultCongestionControllerFactory>());
    client->setHostname(hostname);
    client->addNewPeerAddress(serverAddr);
    auto transportSettings = client->getTransportSettings();
    transportSettings.attemptEarlyData = true;
    client->setTransportSettings(transportSettings);
    return client;
  }
  std::shared_ptr<QuicServer> createServer(ProcessId processId) {
    auto server = QuicServer::createQuicServer();
    auto transportSettings = server->getTransportSettings();
    transportSettings.zeroRttSourceTokenMatchingPolicy =
        ZeroRttSourceTokenMatchingPolicy::LIMIT_IF_NO_EXACT_MATCH;
    server->setTransportSettings(transportSettings);
    server->setQuicServerTransportFactory(
        std::make_unique<EchoServerTransportFactory>());
    server->setQuicUDPSocketFactory(
@@ -5271,6 +5278,7 @@ class QuicZeroRttClientTest : public QuicClientTransportAfterStartTestBase {
    TransportSettings clientSettings;
    // Ignore path mtu to test negotiation.
    clientSettings.canIgnorePathMTU = true;
    clientSettings.attemptEarlyData = true;
    client->setTransportSettings(clientSettings);
  }
--- a/quic/server/handshake/test/DefaultAppTokenValidatorTest.cpp
+++ b/quic/server/handshake/test/DefaultAppTokenValidatorTest.cpp
@@ -28,6 +28,8 @@ TEST(DefaultAppTokenValidatorTest, TestValidParams) {
  QuicServerConnectionState conn;
  conn.peerAddress = folly::SocketAddress("1.2.3.4", 443);
  conn.version = QuicVersion::MVFST;
  conn.transportSettings.zeroRttSourceTokenMatchingPolicy =
      ZeroRttSourceTokenMatchingPolicy::LIMIT_IF_NO_EXACT_MATCH;
  AppToken appToken;
  appToken.transportParams = createTicketTransportParameters(
@@ -54,6 +56,8 @@ TEST(
  QuicServerConnectionState conn;
  conn.peerAddress = folly::SocketAddress("1.2.3.4", 443);
  conn.version = QuicVersion::MVFST;
  conn.transportSettings.zeroRttSourceTokenMatchingPolicy =
      ZeroRttSourceTokenMatchingPolicy::LIMIT_IF_NO_EXACT_MATCH;
  auto initialMaxData =
      conn.transportSettings.advertisedInitialConnectionWindowSize;
@@ -291,6 +295,8 @@ class SourceAddressTokenTest : public Test {
  void SetUp() override {
    conn_.peerAddress = folly::SocketAddress("1.2.3.4", 443);
    conn_.version = QuicVersion::MVFST;
    conn_.transportSettings.zeroRttSourceTokenMatchingPolicy =
        ZeroRttSourceTokenMatchingPolicy::LIMIT_IF_NO_EXACT_MATCH;
    appToken_.transportParams = createTicketTransportParameters(
        conn_.transportSettings.idleTimeout.count(),
--- a/quic/server/test/QuicServerTransportTest.cpp
+++ b/quic/server/test/QuicServerTransportTest.cpp
@@ -3614,6 +3614,8 @@ TEST_F(
    TestClearInFlightBytesLimitationAfterCFIN) {
  auto qLogger = std::make_shared<FileQLogger>(VantagePoint::Server);
  server->getNonConstConn().qLogger = qLogger;
  server->getNonConstConn().transportSettings.zeroRttSourceTokenMatchingPolicy =
      ZeroRttSourceTokenMatchingPolicy::LIMIT_IF_NO_EXACT_MATCH;
  getFakeHandshakeLayer()->allowZeroRttKeys();
  auto originalUdpSize = server->getConn().udpSendPacketLen;
@@ -3670,6 +3672,8 @@ TEST_F(
  auto qLogger = std::make_shared<FileQLogger>(VantagePoint::Server);
  server->getNonConstConn().qLogger = qLogger;
  getFakeHandshakeLayer()->allowZeroRttKeys();
  server->getNonConstConn().transportSettings.zeroRttSourceTokenMatchingPolicy =
      ZeroRttSourceTokenMatchingPolicy::LIMIT_IF_NO_EXACT_MATCH;
  auto originalUdpSize = server->getConn().udpSendPacketLen;
  setupClientReadCodec();
--- a/quic/state/TransportSettings.h
+++ b/quic/state/TransportSettings.h
@@ -86,8 +86,8 @@ struct TransportSettings {
  std::chrono::microseconds pacingTimerTickInterval{
      kDefaultPacingTimerTickInterval};
  ZeroRttSourceTokenMatchingPolicy zeroRttSourceTokenMatchingPolicy{
-      ZeroRttSourceTokenMatchingPolicy::LIMIT_IF_NO_EXACT_MATCH};
+      ZeroRttSourceTokenMatchingPolicy::REJECT_IF_NO_EXACT_MATCH};
-  bool attemptEarlyData{true};
+  bool attemptEarlyData{false};
  // Maximum number of packets the connection will write in
  // writeConnectionDataToSocket.
  uint64_t writeConnectionDataPacketsLimit{