quiche: update tar ball to f555d99a084cdd086a349548c70fb558ac5847cf

bazel/external/quiche.BUILD

@@ -53,23 +53,20 @@ genrule(
 
 # These options are only used to suppress errors in brought-in QUICHE tests.
 # Use #pragma GCC diagnostic ignored in integration code to suppress these errors.
+quiche_common_copts = [
+    "-Wno-unused-function",
+    # quic_inlined_frame.h uses offsetof() to optimize memory usage in frames.
+    "-Wno-invalid-offsetof",
+    "-Wno-range-loop-analysis",
+]
+
 quiche_copts = select({
     "@envoy//bazel:windows_x86_64": [],
-    "//conditions:default": [
-        # Remove these after upstream fix.
-        "-Wno-unused-parameter",
-        "-Wno-unused-function",
-        "-Wno-return-type",
-        "-Wno-unknown-warning-option",
-        "-Wno-deprecated-copy",
-        "-Wno-ignored-qualifiers",
-        "-Wno-sign-compare",
-        "-Wno-inconsistent-missing-override",
-        # quic_inlined_frame.h uses offsetof() to optimize memory usage in frames.
-        "-Wno-invalid-offsetof",
-        # to suppress errors re: size_t vs. int comparisons
+    # Remove these after upstream fix.
+    "@envoy//bazel:gcc_build": [
         "-Wno-sign-compare",
-    ],
+    ] + quiche_common_copts,
+    "//conditions:default": quiche_common_copts,
 })
 
 test_suite(
@@ -3534,6 +3531,23 @@ envoy_cc_test_library(
     ],
 )
 
+envoy_cc_library(
+    name = "quic_test_tools_flow_controller_peer_lib",
+    srcs = [
+        "quiche/quic/test_tools/quic_flow_controller_peer.cc",
+    ],
+    hdrs = [
+        "quiche/quic/test_tools/quic_flow_controller_peer.h",
+    ],
+    copts = quiche_copts,
+    repository = "@envoy",
+    tags = ["nofips"],
+    deps = [
+        ":quic_core_packets_lib",
+        ":quic_core_session_lib",
+    ],
+)
+
 envoy_cc_test_library(
     name = "quic_test_tools_framer_peer_lib",
     srcs = ["quiche/quic/test_tools/quic_framer_peer.cc"],
@@ -3667,6 +3681,7 @@ envoy_cc_test_library(
         ":quic_core_session_lib",
         ":quic_core_stream_send_buffer_lib",
         ":quic_platform_base",
+        ":quic_test_tools_flow_controller_peer_lib",
         ":quic_test_tools_stream_send_buffer_peer_lib",
     ],
 )
@@ -3831,7 +3846,6 @@ envoy_cc_library(
     hdrs = [
         "quiche/common/platform/api/quiche_arraysize.h",
         "quiche/common/platform/api/quiche_logging.h",
-        "quiche/common/platform/api/quiche_map_util.h",
         "quiche/common/platform/api/quiche_optional.h",
         "quiche/common/platform/api/quiche_ptr_util.h",
         "quiche/common/platform/api/quiche_str_cat.h",

bazel/repository_locations.bzl

@@ -543,9 +543,9 @@ DEPENDENCY_REPOSITORIES_SPEC = dict(
     com_googlesource_quiche = dict(
         project_name = "QUICHE",
         project_url = "https://quiche.googlesource.com/quiche",
-        # Static snapshot of https://quiche.googlesource.com/quiche/+archive/96bd860bec207d4b722ab7f319fa47be129a85cd.tar.gz
-        version = "96bd860bec207d4b722ab7f319fa47be129a85cd",
-        sha256 = "d7129a2f41f2bd00a8a38b33f9b7b955d3e7de3dec20f69b70d7000d3a856360",
+        # Static snapshot of https://quiche.googlesource.com/quiche/+archive/f555d99a084cdd086a349548c70fb558ac5847cf.tar.gz
+        version = "f555d99a084cdd086a349548c70fb558ac5847cf",
+        sha256 = "1833f08e7b0f18b49d7498b029b7f3e6559a82113ec82a98a9e945553756e351",
         urls = ["https://storage.googleapis.com/quiche-envoy-integration/{version}.tar.gz"],
         use_category = ["dataplane"],
         cpe = "N/A",

source/extensions/quic_listeners/quiche/BUILD

@@ -181,7 +181,7 @@ envoy_cc_library(
     ],
     tags = ["nofips"],
     deps = [
-        ":envoy_quic_crypto_server_stream_lib",
+        ":envoy_quic_proof_source_lib",
         ":envoy_quic_stream_lib",
         ":envoy_quic_utils_lib",
         ":quic_filter_manager_connection_lib",
@@ -445,14 +445,3 @@ envoy_cc_library(
         "@envoy_api//envoy/config/listener/v3:pkg_cc_proto",
     ],
 )
-
-envoy_cc_library(
-    name = "envoy_quic_crypto_server_stream_lib",
-    srcs = ["envoy_quic_crypto_server_stream.cc"],
-    hdrs = ["envoy_quic_crypto_server_stream.h"],
-    tags = ["nofips"],
-    deps = [
-        ":envoy_quic_proof_source_lib",
-        "@com_googlesource_quiche//:quic_core_http_spdy_session_lib",
-    ],
-)

source/extensions/quic_listeners/quiche/envoy_quic_client_session.cc

@@ -99,7 +99,7 @@ EnvoyQuicClientSession::CreateIncomingStream(quic::PendingStream* /*pending*/) {
 
 bool EnvoyQuicClientSession::hasDataToWrite() { return HasDataToWrite(); }
 
-void EnvoyQuicClientSession::OnOneRttKeysAvailable() {
+void EnvoyQuicClientSession::OnTlsHandshakeComplete() {
   raiseConnectionEvent(Network::ConnectionEvent::Connected);
 }
 

source/extensions/quic_listeners/quiche/envoy_quic_client_session.h

@@ -56,7 +56,7 @@ class EnvoyQuicClientSession : public QuicFilterManagerConnectionImpl,
   void OnCanWrite() override;
   void OnGoAway(const quic::QuicGoAwayFrame& frame) override;
   void OnHttp3GoAway(uint64_t stream_id) override;
-  void OnOneRttKeysAvailable() override;
+  void OnTlsHandshakeComplete() override;
   // quic::QuicSpdyClientSessionBase
   void SetDefaultEncryptionLevel(quic::EncryptionLevel level) override;
 

source/extensions/quic_listeners/quiche/envoy_quic_server_session.cc

@@ -4,7 +4,7 @@
 
 #include "common/common/assert.h"
 
-#include "extensions/quic_listeners/quiche/envoy_quic_crypto_server_stream.h"
+#include "extensions/quic_listeners/quiche/envoy_quic_proof_source.h"
 #include "extensions/quic_listeners/quiche/envoy_quic_server_stream.h"
 
 namespace Envoy {
@@ -34,17 +34,7 @@ std::unique_ptr<quic::QuicCryptoServerStreamBase>
 EnvoyQuicServerSession::CreateQuicCryptoServerStream(
     const quic::QuicCryptoServerConfig* crypto_config,
     quic::QuicCompressedCertsCache* compressed_certs_cache) {
-  switch (connection()->version().handshake_protocol) {
-  case quic::PROTOCOL_QUIC_CRYPTO:
-    return std::make_unique<EnvoyQuicCryptoServerStream>(crypto_config, compressed_certs_cache,
-                                                         this, stream_helper());
-  case quic::PROTOCOL_TLS1_3:
-    return std::make_unique<EnvoyQuicTlsServerHandshaker>(this, *crypto_config);
-  case quic::PROTOCOL_UNSUPPORTED:
-    PANIC(fmt::format("Unknown handshake protocol: {}",
-                      static_cast<int>(connection()->version().handshake_protocol)));
-  }
-  return nullptr;
+  return CreateCryptoServerStream(crypto_config, compressed_certs_cache, this, stream_helper());
 }
 
 quic::QuicSpdyStream* EnvoyQuicServerSession::CreateIncomingStream(quic::QuicStreamId id) {
@@ -117,15 +107,15 @@ void EnvoyQuicServerSession::SetDefaultEncryptionLevel(quic::EncryptionLevel lev
 
 bool EnvoyQuicServerSession::hasDataToWrite() { return HasDataToWrite(); }
 
-void EnvoyQuicServerSession::OnOneRttKeysAvailable() {
-  quic::QuicServerSessionBase::OnOneRttKeysAvailable();
+void EnvoyQuicServerSession::OnTlsHandshakeComplete() {
+  quic::QuicServerSessionBase::OnTlsHandshakeComplete();
   maybeCreateNetworkFilters();
   raiseConnectionEvent(Network::ConnectionEvent::Connected);
 }
 
 void EnvoyQuicServerSession::maybeCreateNetworkFilters() {
-  const EnvoyQuicProofSourceDetails* proof_source_details =
-      dynamic_cast<const EnvoyCryptoServerStream*>(GetCryptoStream())->proofSourceDetails();
+  auto proof_source_details =
+      dynamic_cast<const EnvoyQuicProofSourceDetails*>(GetCryptoStream()->ProofSourceDetails());
   ASSERT(proof_source_details != nullptr,
          "ProofSource didn't provide ProofSource::Details. No filter chain will be installed.");
 

source/extensions/quic_listeners/quiche/envoy_quic_server_session.h

@@ -8,14 +8,15 @@
 #pragma GCC diagnostic ignored "-Wtype-limits"
 
 #include "quiche/quic/core/http/quic_server_session_base.h"
+#include "quiche/quic/core/quic_crypto_server_stream.h"
+#include "quiche/quic/core/tls_server_handshaker.h"
 
 #pragma GCC diagnostic pop
 
 #include <memory>
 
 #include "extensions/quic_listeners/quiche/quic_filter_manager_connection_impl.h"
 #include "extensions/quic_listeners/quiche/envoy_quic_server_stream.h"
-#include "extensions/quic_listeners/quiche/envoy_quic_crypto_server_stream.h"
 
 namespace Envoy {
 namespace Quic {
@@ -52,7 +53,7 @@ class EnvoyQuicServerSession : public quic::QuicServerSessionBase,
                           quic::ConnectionCloseSource source) override;
   void Initialize() override;
   void OnCanWrite() override;
-  void OnOneRttKeysAvailable() override;
+  void OnTlsHandshakeComplete() override;
   // quic::QuicSpdySession
   void SetDefaultEncryptionLevel(quic::EncryptionLevel level) override;