QUIC TXP: Remove TX key update handling from TXP

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)

diff --git a/include/internal/quic_types.h b/include/internal/quic_types.h
index 830c755779a919864ea8630d0a28d7321f97f30e..6b86076ff8fc687c1273fab0c22b8109c963d082 100644 (file)
--- a/include/internal/quic_types.h
+++ b/include/internal/quic_types.h
@@ -67,6 +67,11 @@ static ossl_unused ossl_inline QUIC_PN ossl_quic_pn_min(QUIC_PN a, QUIC_PN b)
     return a < b ? a : b;
 }
 
+static ossl_unused ossl_inline int ossl_quic_pn_valid(QUIC_PN pn)
+{
+    return pn < (((QUIC_PN)1) << 62);
+}
+
 /* QUIC connection ID representation. */
 #  define QUIC_MAX_CONN_ID_LEN   20
 

diff --git a/ssl/quic/quic_txp.c b/ssl/quic/quic_txp.c
index 8626ac457655854df712e2cbdc5847a413a9d8a5..f117b246aaa413e4a70c9673b0050d472e9412aa 100644 (file)
--- a/ssl/quic/quic_txp.c
+++ b/ssl/quic/quic_txp.c
@@ -1935,7 +1935,7 @@ static int txp_generate_for_el_actual(OSSL_QUIC_TX_PACKETISER *txp,
         goto fatal_err;
 
     /* Maximum PN reached? */
-    if (txp->next_pn[pn_space] >= (((QUIC_PN)1) << 62))
+    if (!ossl_quic_pn_valid(txp->next_pn[pn_space]))
         goto fatal_err;
 
     if ((tpkt = ossl_quic_txpim_pkt_alloc(txp->args.txpim)) == NULL)
@@ -2191,18 +2191,6 @@ static int txp_generate_for_el_actual(OSSL_QUIC_TX_PACKETISER *txp,
     pkt.pn          = txp->next_pn[pn_space];
     pkt.flags       = OSSL_QTX_PKT_FLAG_COALESCE; /* always try to coalesce */
 
-    /* Do TX key update if needed. */
-    if (enc_level == QUIC_ENC_LEVEL_1RTT) {
-        uint64_t cur_pkt_count, max_pkt_count;
-
-        cur_pkt_count = ossl_qtx_get_cur_epoch_pkt_count(txp->args.qtx, enc_level);
-        max_pkt_count = ossl_qtx_get_max_epoch_pkt_count(txp->args.qtx, enc_level);
-
-        if (cur_pkt_count >= max_pkt_count / 2)
-            if (!ossl_qtx_trigger_key_update(txp->args.qtx))
-                goto fatal_err;
-    }
-
     if (!ossl_assert(h.bytes_appended > 0))
         goto fatal_err;