lsquic_mini_conn_ietf.c revision feca77f5
1/* Copyright (c) 2017 - 2020 LiteSpeed Technologies Inc. See LICENSE. */ 2/* 3 * lsquic_mini_conn_ietf.c -- Mini connection used by the IETF QUIC 4 */ 5 6#include <assert.h> 7#include <errno.h> 8#include <inttypes.h> 9#include <stddef.h> 10#include <stdint.h> 11#include <string.h> 12#include <sys/queue.h> 13#include <stdlib.h> 14 15#include "lsquic.h" 16#include "lsquic_int_types.h" 17#include "lsquic_sizes.h" 18#include "lsquic_hash.h" 19#include "lsquic_conn.h" 20#include "lsquic_mm.h" 21#include "lsquic_malo.h" 22#include "lsquic_engine_public.h" 23#include "lsquic_packet_common.h" 24#include "lsquic_packet_in.h" 25#include "lsquic_packet_out.h" 26#include "lsquic_parse.h" 27#include "lsquic_rtt.h" 28#include "lsquic_util.h" 29#include "lsquic_enc_sess.h" 30#include "lsquic_mini_conn_ietf.h" 31#include "lsquic_ev_log.h" 32#include "lsquic_trans_params.h" 33#include "lsquic_ietf.h" 34#include "lsquic_packet_ietf.h" 35#include "lsquic_attq.h" 36#include "lsquic_alarmset.h" 37 38#define LSQUIC_LOGGER_MODULE LSQLM_MINI_CONN 39#define LSQUIC_LOG_CONN_ID lsquic_conn_log_cid(&conn->imc_conn) 40#include "lsquic_logger.h" 41 42#define MIN(a, b) ((a) < (b) ? (a) : (b)) 43#define MAX(a, b) ((a) > (b) ? (a) : (b)) 44 45static const struct conn_iface mini_conn_ietf_iface; 46 47static unsigned highest_bit_set (unsigned long long); 48 49 50static const enum header_type el2hety[] = 51{ 52 [ENC_LEV_INIT] = HETY_HANDSHAKE, 53 [ENC_LEV_CLEAR] = HETY_INITIAL, 54 [ENC_LEV_FORW] = HETY_NOT_SET, 55 [ENC_LEV_EARLY] = 0, /* Invalid */ 56}; 57 58 59static void 60imico_destroy_packet (struct ietf_mini_conn *conn, 61 struct lsquic_packet_out *packet_out) 62{ 63 lsquic_packet_out_destroy(packet_out, conn->imc_enpub, 64 conn->imc_path.np_peer_ctx); 65} 66 67 68int 69lsquic_mini_conn_ietf_ecn_ok (const struct ietf_mini_conn *conn) 70{ 71 packno_set_t acked; 72 73 /* First flight has only Initial and Handshake packets */ 74 acked = conn->imc_acked_packnos[PNS_INIT] 75 | conn->imc_acked_packnos[PNS_HSK] 76 ; 77 return 0 != (conn->imc_ecn_packnos & acked); 78} 79 80 81#define imico_ecn_ok lsquic_mini_conn_ietf_ecn_ok 82 83 84static enum ecn 85imico_get_ecn (struct ietf_mini_conn *conn) 86{ 87 if (!conn->imc_enpub->enp_settings.es_ecn) 88 return ECN_NOT_ECT; 89 else if (!conn->imc_sent_packnos /* We set ECT0 in first flight */ 90 || imico_ecn_ok(conn)) 91 return ECN_ECT0; 92 else 93 return ECN_NOT_ECT; 94} 95 96 97static struct lsquic_packet_out * 98imico_get_packet_out (struct ietf_mini_conn *conn, 99 enum header_type header_type, size_t need) 100{ 101 struct lsquic_packet_out *packet_out; 102 enum ecn ecn; 103 104 if (need) 105 TAILQ_FOREACH(packet_out, &conn->imc_packets_out, po_next) 106 if (!(packet_out->po_flags & PO_SENT) 107 && packet_out->po_header_type == header_type 108 && lsquic_packet_out_avail(packet_out) >= need) 109 return packet_out; 110 111 if (conn->imc_next_packno >= MAX_PACKETS) 112 { 113 LSQ_DEBUG("ran out of outgoing packet numbers, won't allocate packet"); 114 return NULL; 115 } 116 117 packet_out = lsquic_packet_out_new(&conn->imc_enpub->enp_mm, NULL, 1, 118 &conn->imc_conn, IQUIC_PACKNO_LEN_1, NULL, NULL, &conn->imc_path); 119 if (!packet_out) 120 { 121 LSQ_WARN("could not allocate packet: %s", strerror(errno)); 122 return NULL; 123 } 124 125 packet_out->po_header_type = header_type; 126 packet_out->po_packno = conn->imc_next_packno++; 127 packet_out->po_flags |= PO_MINI; 128 lsquic_packet_out_set_pns(packet_out, lsquic_hety2pns[header_type]); 129 ecn = imico_get_ecn(conn); 130 packet_out->po_lflags |= ecn << POECN_SHIFT; 131 TAILQ_INSERT_TAIL(&conn->imc_packets_out, packet_out, po_next); 132 packet_out->po_loss_chain = packet_out; 133 return packet_out; 134} 135 136 137static struct ietf_mini_conn * 138cryst_get_conn (const struct mini_crypto_stream *cryst) 139{ 140 return (void *) 141 ((unsigned char *) (cryst - cryst->mcs_enc_level) 142 - offsetof(struct ietf_mini_conn, imc_streams)); 143} 144 145 146struct msg_ctx 147{ 148 const unsigned char *buf; 149 const unsigned char *const end; 150}; 151 152 153static size_t 154read_from_msg_ctx (void *ctx, void *buf, size_t len) 155{ 156 struct msg_ctx *msg_ctx = ctx; 157 if (len > (uintptr_t) (msg_ctx->end - msg_ctx->buf)) 158 len = msg_ctx->end - msg_ctx->buf; 159 memcpy(buf, msg_ctx->buf, len); 160 msg_ctx->buf += len; 161 return len; 162} 163 164 165static ssize_t 166imico_stream_write (void *stream, const void *bufp, size_t bufsz) 167{ 168 struct mini_crypto_stream *const cryst = stream; 169 struct ietf_mini_conn *const conn = cryst_get_conn(cryst); 170 struct lsquic_conn *const lconn = &conn->imc_conn; 171 const struct parse_funcs *const pf = lconn->cn_pf; 172 struct msg_ctx msg_ctx = { bufp, (unsigned char *) bufp + bufsz, }; 173 struct lsquic_packet_out *packet_out; 174 size_t header_sz, need; 175 const unsigned char *p; 176 int len; 177 178 if (PNS_INIT == lsquic_enclev2pns[ cryst->mcs_enc_level ] 179 && (conn->imc_flags & IMC_IGNORE_INIT)) 180 { 181 LSQ_WARN("trying to write at the ignored Initial level"); 182 return bufsz; 183 } 184 185 while (msg_ctx.buf < msg_ctx.end) 186 { 187 header_sz = lconn->cn_pf->pf_calc_crypto_frame_header_sz( 188 cryst->mcs_write_off, msg_ctx.end - msg_ctx.buf); 189 need = header_sz + 1; 190 packet_out = imico_get_packet_out(conn, 191 el2hety[ cryst->mcs_enc_level ], need); 192 if (!packet_out) 193 return -1; 194 195 p = msg_ctx.buf; 196 len = pf->pf_gen_crypto_frame(packet_out->po_data + packet_out->po_data_sz, 197 lsquic_packet_out_avail(packet_out), cryst->mcs_write_off, 198 msg_ctx.end - msg_ctx.buf, read_from_msg_ctx, &msg_ctx); 199 if (len < 0) 200 return len; 201 EV_LOG_GENERATED_CRYPTO_FRAME(LSQUIC_LOG_CONN_ID, pf, 202 packet_out->po_data + packet_out->po_data_sz, len); 203 packet_out->po_data_sz += len; 204 packet_out->po_frame_types |= 1 << QUIC_FRAME_CRYPTO; 205 packet_out->po_flags |= PO_HELLO; 206 cryst->mcs_write_off += msg_ctx.buf - p; 207 } 208 209 assert(msg_ctx.buf == msg_ctx.end); 210 return bufsz; 211} 212 213 214static int 215imico_stream_flush (void *stream) 216{ 217 return 0; 218} 219 220 221static struct stream_frame * 222imico_find_stream_frame (const struct ietf_mini_conn *conn, 223 enum enc_level enc_level, unsigned read_off) 224{ 225 struct stream_frame *frame; 226 227 if (conn->imc_last_in.frame && enc_level == conn->imc_last_in.enc_level 228 && read_off == DF_ROFF(conn->imc_last_in.frame)) 229 return conn->imc_last_in.frame; 230 231 TAILQ_FOREACH(frame, &conn->imc_crypto_frames, next_frame) 232 if (enc_level == frame->stream_id && read_off == DF_ROFF(frame)) 233 return frame; 234 235 return NULL; 236} 237 238 239static void 240imico_read_chlo_size (struct ietf_mini_conn *conn, const unsigned char *buf, 241 size_t sz) 242{ 243 const unsigned char *const end = buf + sz; 244 245 assert(conn->imc_streams[ENC_LEV_CLEAR].mcs_read_off < 4); 246 switch (conn->imc_streams[ENC_LEV_CLEAR].mcs_read_off) 247 { 248 case 0: 249 if (buf == end) 250 return; 251 if (*buf != 1) 252 { 253 LSQ_DEBUG("Does not begin with ClientHello"); 254 conn->imc_flags |= IMC_ERROR; 255 return; 256 } 257 ++buf; 258 /* fall-through */ 259 case 1: 260 if (buf == end) 261 return; 262 if (*buf != 0) 263 { 264 LSQ_DEBUG("ClientHello larger than 16K"); 265 conn->imc_flags |= IMC_ERROR; 266 return; 267 } 268 ++buf; 269 /* fall-through */ 270 case 2: 271 if (buf == end) 272 return; 273 conn->imc_ch_len = *buf << 8; 274 ++buf; 275 /* fall-through */ 276 default: 277 if (buf == end) 278 return; 279 conn->imc_ch_len |= *buf; 280 } 281} 282 283 284static int 285imico_chlo_has_been_consumed (const struct ietf_mini_conn *conn) 286{ 287 return conn->imc_streams[ENC_LEV_CLEAR].mcs_read_off > 3 288 && conn->imc_streams[ENC_LEV_CLEAR].mcs_read_off >= conn->imc_ch_len; 289} 290 291 292static ssize_t 293imico_stream_readf (void *stream, 294 size_t (*readf)(void *, const unsigned char *, size_t, int), void *ctx) 295{ 296 struct mini_crypto_stream *const cryst = stream; 297 struct ietf_mini_conn *const conn = cryst_get_conn(cryst); 298 struct stream_frame *frame; 299 const unsigned char *buf; 300 size_t nread, total_read; 301 unsigned avail; 302 303 total_read = 0; 304 while ((frame = imico_find_stream_frame(conn, cryst->mcs_enc_level, 305 cryst->mcs_read_off))) 306 { 307 avail = DF_SIZE(frame) - frame->data_frame.df_read_off; 308 buf = frame->data_frame.df_data + frame->data_frame.df_read_off; 309 nread = readf(ctx, buf, avail, DF_FIN(frame)); 310 if (cryst->mcs_enc_level == ENC_LEV_CLEAR && cryst->mcs_read_off < 4) 311 imico_read_chlo_size(conn, buf, nread); 312 total_read += nread; 313 cryst->mcs_read_off += nread; 314 frame->data_frame.df_read_off += nread; 315 LSQ_DEBUG("read %zu bytes at offset %"PRIu64" on enc level %u", nread, 316 DF_ROFF(frame), cryst->mcs_enc_level); 317 if (DF_END(frame) == DF_ROFF(frame)) 318 { 319 if (frame == conn->imc_last_in.frame) 320 conn->imc_last_in.frame = NULL; 321 else 322 { 323 TAILQ_REMOVE(&conn->imc_crypto_frames, frame, next_frame); 324 --conn->imc_n_crypto_frames; 325 conn->imc_crypto_frames_sz -= DF_SIZE(frame); 326 lsquic_packet_in_put(&conn->imc_enpub->enp_mm, 327 frame->packet_in); 328 lsquic_malo_put(frame); 329 } 330 } 331 if (nread < avail) 332 break; 333 } 334 335 if (total_read > 0) 336 return total_read; 337 else 338 { 339 /* CRYPTO streams never end, so zero bytes read always means 340 * EWOULDBLOCK 341 */ 342 errno = EWOULDBLOCK; 343 return -1; 344 } 345} 346 347 348static int 349imico_stream_wantX (struct mini_crypto_stream *cryst, int bit, int is_want) 350{ 351 int old; 352 353 old = (cryst->mcs_flags & (1 << bit)) > 0; 354 cryst->mcs_flags &= ~(1 << bit); 355 cryst->mcs_flags |= !!is_want << bit; 356 return old; 357} 358 359 360static int 361imico_stream_wantwrite (void *stream, int is_want) 362{ 363 return imico_stream_wantX(stream, MCSBIT_WANTWRITE, is_want); 364} 365 366 367static int 368imico_stream_wantread (void *stream, int is_want) 369{ 370 return imico_stream_wantX(stream, MCSBIT_WANTREAD, is_want); 371} 372 373 374static enum enc_level 375imico_stream_enc_level (void *stream) 376{ 377 struct mini_crypto_stream *const cryst = stream; 378 return cryst->mcs_enc_level; 379} 380 381 382static const struct crypto_stream_if crypto_stream_if = 383{ 384 .csi_write = imico_stream_write, 385 .csi_flush = imico_stream_flush, 386 .csi_readf = imico_stream_readf, 387 .csi_wantwrite = imico_stream_wantwrite, 388 .csi_wantread = imico_stream_wantread, 389 .csi_enc_level = imico_stream_enc_level, 390}; 391 392 393static int 394is_first_packet_ok (const struct lsquic_packet_in *packet_in, 395 size_t udp_payload_size) 396{ 397 if (udp_payload_size < IQUIC_MIN_INIT_PACKET_SZ) 398 { 399 /* [draft-ietf-quic-transport-24] Section 14 */ 400 LSQ_LOG1(LSQ_LOG_DEBUG, "incoming UDP payload too small: %zu bytes", 401 udp_payload_size); 402 return 0; 403 } 404 /* TODO: Move decryption of the first packet into this function? */ 405 return 1; /* TODO */ 406} 407 408 409struct lsquic_conn * 410lsquic_mini_conn_ietf_new (struct lsquic_engine_public *enpub, 411 const struct lsquic_packet_in *packet_in, 412 enum lsquic_version version, int is_ipv4, const lsquic_cid_t *odcid, 413 size_t udp_payload_size) 414{ 415 struct ietf_mini_conn *conn; 416 enc_session_t *enc_sess; 417 enum enc_level i; 418 const struct enc_session_funcs_iquic *esfi; 419 420 if (!is_first_packet_ok(packet_in, udp_payload_size)) 421 return NULL; 422 423 conn = lsquic_malo_get(enpub->enp_mm.malo.mini_conn_ietf); 424 if (!conn) 425 { 426 LSQ_LOG1(LSQ_LOG_WARN, "cannot allocate mini connection: %s", 427 strerror(errno)); 428 return NULL; 429 } 430 memset(conn, 0, sizeof(*conn)); 431 conn->imc_conn.cn_if = &mini_conn_ietf_iface; 432 conn->imc_conn.cn_cces = conn->imc_cces; 433 conn->imc_conn.cn_n_cces = sizeof(conn->imc_cces) 434 / sizeof(conn->imc_cces[0]); 435 conn->imc_cces[0].cce_cid = packet_in->pi_dcid; 436 conn->imc_cces[0].cce_flags = CCE_USED; 437 conn->imc_conn.cn_cces_mask = 1; 438 lsquic_scid_from_packet_in(packet_in, &conn->imc_path.np_dcid); 439 LSQ_DEBUGC("recv SCID from client %"CID_FMT, CID_BITS(&conn->imc_cces[0].cce_cid)); 440 LSQ_DEBUGC("recv DCID from client %"CID_FMT, CID_BITS(&conn->imc_path.np_dcid)); 441 442 /* Generate new SCID. Since is not the original SCID, it is given 443 * a sequence number (0) and therefore can be retired by the client. 444 */ 445 lsquic_generate_cid(&conn->imc_conn.cn_cces[1].cce_cid, 446 enpub->enp_settings.es_scid_len); 447 LSQ_DEBUGC("generated SCID %"CID_FMT" at index %u, switching to it", 448 CID_BITS(&conn->imc_conn.cn_cces[1].cce_cid), 1); 449 conn->imc_conn.cn_cces[1].cce_flags = CCE_SEQNO | CCE_USED; 450 conn->imc_conn.cn_cces_mask |= 1u << 1; 451 conn->imc_conn.cn_cur_cce_idx = 1; 452 453 conn->imc_conn.cn_flags = LSCONN_MINI|LSCONN_IETF|LSCONN_SERVER; 454 455 for (i = 0; i < N_ENC_LEVS; ++i) 456 { 457 conn->imc_streams[i].mcs_enc_level = i; 458 conn->imc_stream_ps[i] = &conn->imc_streams[i]; 459 } 460 461 esfi = select_esf_iquic_by_ver(version); 462 enc_sess = esfi->esfi_create_server(enpub, &conn->imc_conn, 463 &packet_in->pi_dcid, conn->imc_stream_ps, &crypto_stream_if, 464 odcid); 465 if (!enc_sess) 466 { 467 lsquic_malo_put(conn); 468 return NULL; 469 } 470 471 conn->imc_enpub = enpub; 472 conn->imc_created = packet_in->pi_received; 473 conn->imc_path.np_pack_size = is_ipv4 ? IQUIC_MAX_IPv4_PACKET_SZ 474 : IQUIC_MAX_IPv6_PACKET_SZ; 475#ifndef NDEBUG 476 if (getenv("LSQUIC_CN_PACK_SIZE")) 477 conn->imc_path.np_pack_size = atoi(getenv("LSQUIC_CN_PACK_SIZE")); 478#endif 479 conn->imc_conn.cn_version = version; 480 conn->imc_conn.cn_pf = select_pf_by_ver(version); 481 conn->imc_conn.cn_esf.i = esfi; 482 conn->imc_conn.cn_enc_session = enc_sess; 483 conn->imc_conn.cn_esf_c = select_esf_common_by_ver(version); 484 TAILQ_INIT(&conn->imc_packets_out); 485 TAILQ_INIT(&conn->imc_app_packets); 486 TAILQ_INIT(&conn->imc_crypto_frames); 487 if (odcid) 488 conn->imc_flags |= IMC_ADDR_VALIDATED; 489 490 LSQ_DEBUG("created mini connection object %p; max packet size=%hu", 491 conn, conn->imc_path.np_pack_size); 492 return &conn->imc_conn; 493} 494 495 496static void 497ietf_mini_conn_ci_client_call_on_new (struct lsquic_conn *lconn) 498{ 499 assert(0); 500} 501 502 503static void 504ietf_mini_conn_ci_destroy (struct lsquic_conn *lconn) 505{ 506 struct ietf_mini_conn *conn = (struct ietf_mini_conn *) lconn; 507 struct lsquic_packet_out *packet_out; 508 struct lsquic_packet_in *packet_in; 509 struct stream_frame *frame; 510 511 while ((packet_out = TAILQ_FIRST(&conn->imc_packets_out))) 512 { 513 TAILQ_REMOVE(&conn->imc_packets_out, packet_out, po_next); 514 imico_destroy_packet(conn, packet_out); 515 } 516 while ((packet_in = TAILQ_FIRST(&conn->imc_app_packets))) 517 { 518 TAILQ_REMOVE(&conn->imc_app_packets, packet_in, pi_next); 519 lsquic_packet_in_put(&conn->imc_enpub->enp_mm, packet_in); 520 } 521 while ((frame = TAILQ_FIRST(&conn->imc_crypto_frames))) 522 { 523 TAILQ_REMOVE(&conn->imc_crypto_frames, frame, next_frame); 524 lsquic_packet_in_put(&conn->imc_enpub->enp_mm, frame->packet_in); 525 lsquic_malo_put(frame); 526 } 527 if (lconn->cn_enc_session) 528 lconn->cn_esf.i->esfi_destroy(lconn->cn_enc_session); 529 LSQ_DEBUG("ietf_mini_conn_ci_destroyed"); 530 lsquic_malo_put(conn); 531} 532 533 534static struct lsquic_engine * 535ietf_mini_conn_ci_get_engine (struct lsquic_conn *lconn) 536{ 537 struct ietf_mini_conn *conn = (struct ietf_mini_conn *) lconn; 538 return conn->imc_enpub->enp_engine; 539} 540 541 542static void 543ietf_mini_conn_ci_hsk_done (struct lsquic_conn *lconn, 544 enum lsquic_hsk_status status) 545{ 546 struct ietf_mini_conn *conn = (struct ietf_mini_conn *) lconn; 547 548 switch (status) 549 { 550 case LSQ_HSK_OK: 551 case LSQ_HSK_0RTT_OK: 552 conn->imc_flags |= IMC_HSK_OK; 553 conn->imc_conn.cn_flags |= LSCONN_HANDSHAKE_DONE; 554 LSQ_DEBUG("handshake OK"); 555 break; 556 default: 557 assert(0); 558 /* fall-through */ 559 case LSQ_HSK_FAIL: 560 conn->imc_flags |= IMC_HSK_FAILED|IMC_ERROR; 561 LSQ_INFO("handshake failed"); 562 break; 563 } 564} 565 566 567static void 568ietf_mini_conn_ci_tls_alert (struct lsquic_conn *lconn, uint8_t alert) 569{ 570 struct ietf_mini_conn *conn = (struct ietf_mini_conn *) lconn; 571 LSQ_DEBUG("got TLS alert %"PRIu8, alert); 572 conn->imc_flags |= IMC_ERROR|IMC_TLS_ALERT; 573 conn->imc_tls_alert = alert; 574} 575 576 577static int 578ietf_mini_conn_ci_is_tickable (struct lsquic_conn *lconn) 579{ 580 /* A mini connection is never tickable: Either there are incoming 581 * packets, in which case, the connection is going to be ticked, or 582 * there is an alarm pending, in which case it will be handled via 583 * the attq. 584 */ 585 return 0; 586} 587 588 589static int 590imico_can_send (const struct ietf_mini_conn *conn, size_t size) 591{ 592 return (conn->imc_flags & IMC_ADDR_VALIDATED) 593 || conn->imc_bytes_in * 3 >= conn->imc_bytes_out + size 594 ; 595} 596 597 598static struct lsquic_packet_out * 599ietf_mini_conn_ci_next_packet_to_send (struct lsquic_conn *lconn, size_t size) 600{ 601 struct ietf_mini_conn *conn = (struct ietf_mini_conn *) lconn; 602 struct lsquic_packet_out *packet_out; 603 size_t packet_size; 604 605 TAILQ_FOREACH(packet_out, &conn->imc_packets_out, po_next) 606 { 607 if (packet_out->po_flags & PO_SENT) 608 continue; 609 packet_size = lsquic_packet_out_total_sz(lconn, packet_out); 610 if (size == 0 || packet_size + size <= conn->imc_path.np_pack_size) 611 { 612 if (!imico_can_send(conn, packet_size + IQUIC_TAG_LEN)) 613 { 614 LSQ_DEBUG("cannot send packet %"PRIu64" of size %zu: client " 615 "address has not been validated", packet_out->po_packno, 616 packet_size + IQUIC_TAG_LEN); 617 return NULL; 618 } 619 packet_out->po_flags |= PO_SENT; 620 conn->imc_bytes_out += packet_size + IQUIC_TAG_LEN; 621 if (size == 0) 622 LSQ_DEBUG("packet_to_send: %"PRIu64, packet_out->po_packno); 623 else 624 LSQ_DEBUG("packet_to_send: %"PRIu64" (coalesced)", 625 packet_out->po_packno); 626 return packet_out; 627 } 628 else 629 return NULL; 630 } 631 632 return NULL; 633} 634 635 636static int 637imico_calc_retx_timeout (const struct ietf_mini_conn *conn) 638{ 639 lsquic_time_t to; 640 to = lsquic_rtt_stats_get_srtt(&conn->imc_rtt_stats); 641 if (to) 642 { 643 to += to / 2; 644 if (to < 10000) 645 to = 10000; 646 } 647 else 648 to = 300000; 649 return to << conn->imc_hsk_count; 650} 651 652 653static lsquic_time_t 654ietf_mini_conn_ci_next_tick_time (struct lsquic_conn *lconn, unsigned *why) 655{ 656 struct ietf_mini_conn *conn = (struct ietf_mini_conn *) lconn; 657 const struct lsquic_packet_out *packet_out; 658 lsquic_time_t exp_time, retx_time; 659 660 exp_time = conn->imc_created + 661 conn->imc_enpub->enp_settings.es_handshake_to; 662 663 TAILQ_FOREACH(packet_out, &conn->imc_packets_out, po_next) 664 if (packet_out->po_flags & PO_SENT) 665 { 666 retx_time = packet_out->po_sent + imico_calc_retx_timeout(conn); 667 if (retx_time < exp_time) 668 { 669 *why = N_AEWS + AL_RETX_HSK; 670 return retx_time; 671 } 672 else 673 { 674 *why = AEW_MINI_EXPIRE; 675 return exp_time; 676 } 677 } 678 679 *why = AEW_MINI_EXPIRE; 680 return exp_time; 681} 682 683 684#define IMICO_PROC_FRAME_ARGS \ 685 struct ietf_mini_conn *conn, struct lsquic_packet_in *packet_in, \ 686 const unsigned char *p, size_t len 687 688 689static void 690imico_dispatch_stream_events (struct ietf_mini_conn *conn) 691{ 692 enum enc_level i; 693 694 for (i = 0; i < N_ENC_LEVS; ++i) 695 if ((conn->imc_streams[i].mcs_flags & (MCS_CREATED|MCS_WANTREAD)) 696 == (MCS_CREATED|MCS_WANTREAD)) 697 { 698 LSQ_DEBUG("dispatch read events on level #%u", i); 699 lsquic_mini_cry_sm_if.on_read((void *) &conn->imc_streams[i], 700 conn->imc_conn.cn_enc_session); 701 } 702 703 for (i = 0; i < N_ENC_LEVS; ++i) 704 if ((conn->imc_streams[i].mcs_flags & (MCS_CREATED|MCS_WANTWRITE)) 705 == (MCS_CREATED|MCS_WANTWRITE)) 706 { 707 LSQ_DEBUG("dispatch write events on level #%u", i); 708 lsquic_mini_cry_sm_if.on_write((void *) &conn->imc_streams[i], 709 conn->imc_conn.cn_enc_session); 710 } 711} 712 713 714static int 715imico_stash_stream_frame (struct ietf_mini_conn *conn, 716 enum enc_level enc_level, struct lsquic_packet_in *packet_in, 717 const struct stream_frame *frame) 718{ 719 struct stream_frame *copy; 720 721 if (conn->imc_n_crypto_frames >= IMICO_MAX_STASHED_FRAMES) 722 { 723 LSQ_INFO("cannot stash more CRYPTO frames, at %hhu already, while max " 724 "is %u", conn->imc_n_crypto_frames, IMICO_MAX_STASHED_FRAMES); 725 return -1; 726 } 727 728 if (conn->imc_crypto_frames_sz + DF_SIZE(frame) > IMICO_MAX_BUFFERED_CRYPTO) 729 { 730 LSQ_INFO("cannot stash more than %u bytes of CRYPTO frames", 731 IMICO_MAX_BUFFERED_CRYPTO); 732 return -1; 733 } 734 735 copy = lsquic_malo_get(conn->imc_enpub->enp_mm.malo.stream_frame); 736 if (!copy) 737 { 738 LSQ_INFO("could not allocate stream frame for stashing"); 739 return -1; 740 } 741 742 *copy = *frame; 743 copy->packet_in = lsquic_packet_in_get(packet_in); 744 copy->stream_id = enc_level; 745 TAILQ_INSERT_TAIL(&conn->imc_crypto_frames, copy, next_frame); 746 ++conn->imc_n_crypto_frames; 747 conn->imc_crypto_frames_sz += DF_SIZE(frame); 748 return 0; 749} 750 751 752static unsigned 753imico_process_crypto_frame (IMICO_PROC_FRAME_ARGS) 754{ 755 int parsed_len; 756 enum enc_level enc_level, i; 757 struct stream_frame stream_frame; 758 const struct transport_params *params; 759 760 parsed_len = conn->imc_conn.cn_pf->pf_parse_crypto_frame(p, len, 761 &stream_frame); 762 if (parsed_len < 0) 763 { 764 conn->imc_flags |= IMC_PARSE_FAILED; 765 return 0; 766 } 767 768 enc_level = lsquic_packet_in_enc_level(packet_in); 769 EV_LOG_CRYPTO_FRAME_IN(LSQUIC_LOG_CONN_ID, &stream_frame, enc_level); 770 771 if (conn->imc_streams[enc_level].mcs_read_off >= DF_OFF(&stream_frame) 772 && conn->imc_streams[enc_level].mcs_read_off < DF_END(&stream_frame)) 773 LSQ_DEBUG("Got CRYPTO frame for enc level #%u", enc_level); 774 else if (conn->imc_streams[enc_level].mcs_read_off < DF_OFF(&stream_frame)) 775 { 776 LSQ_DEBUG("Can't read CRYPTO frame on enc level #%u at offset %"PRIu64 777 " yet -- stash", enc_level, DF_OFF(&stream_frame)); 778 if (0 == imico_stash_stream_frame(conn, enc_level, packet_in, 779 &stream_frame)) 780 return parsed_len; 781 else 782 return 0; 783 } 784 else 785 { 786 LSQ_DEBUG("Got duplicate CRYPTO frame for enc level #%u -- ignore", 787 enc_level); 788 return parsed_len; 789 } 790 791 if (!(conn->imc_flags & IMC_ENC_SESS_INITED)) 792 { 793 if (0 != conn->imc_conn.cn_esf.i->esfi_init_server( 794 conn->imc_conn.cn_enc_session)) 795 return -1; 796 conn->imc_flags |= IMC_ENC_SESS_INITED; 797 } 798 799 if (!(conn->imc_streams[enc_level].mcs_flags & MCS_CREATED)) 800 { 801 LSQ_DEBUG("creating stream on level #%u", enc_level); 802 conn->imc_streams[enc_level].mcs_flags |= MCS_CREATED; 803 lsquic_mini_cry_sm_if.on_new_stream(conn->imc_conn.cn_enc_session, 804 (void *) &conn->imc_streams[enc_level]); 805 } 806 807 /* Assume that receiving a CRYPTO frame at a higher level means that we 808 * no longer want to read from a lower level. 809 */ 810 for (i = 0; i < enc_level; ++i) 811 conn->imc_streams[i].mcs_flags &= ~MCS_WANTREAD; 812 813 conn->imc_last_in.frame = &stream_frame; 814 conn->imc_last_in.enc_level = enc_level; 815 imico_dispatch_stream_events(conn); 816 conn->imc_last_in.frame = NULL; 817 818 if (DF_ROFF(&stream_frame) < DF_END(&stream_frame)) 819 { 820 /* This is an odd condition, but let's handle it just in case */ 821 LSQ_DEBUG("New CRYPTO frame on enc level #%u not fully read -- stash", 822 enc_level); 823 if (0 != imico_stash_stream_frame(conn, enc_level, packet_in, 824 &stream_frame)) 825 return 0; 826 } 827 828 829 if (enc_level == ENC_LEV_CLEAR 830 && imico_chlo_has_been_consumed(conn) 831 && (conn->imc_flags & (IMC_ENC_SESS_INITED|IMC_HAVE_TP)) 832 == IMC_ENC_SESS_INITED) 833 { 834 params = conn->imc_conn.cn_esf.i->esfi_get_peer_transport_params( 835 conn->imc_conn.cn_enc_session); 836 if (params) 837 { 838 conn->imc_flags |= IMC_HAVE_TP; 839 conn->imc_ack_exp = params->tp_ack_delay_exponent; 840 } 841 else 842 { 843 conn->imc_flags |= IMC_BAD_TRANS_PARAMS; 844 return 0; 845 } 846 } 847 848 return parsed_len; 849} 850 851 852static ptrdiff_t 853imico_count_zero_bytes (const unsigned char *p, size_t len) 854{ 855 const unsigned char *const end = p + len; 856 while (p < end && 0 == *p) 857 ++p; 858 return len - (end - p); 859} 860 861 862static unsigned 863imico_process_padding_frame (IMICO_PROC_FRAME_ARGS) 864{ 865 len = (size_t) imico_count_zero_bytes(p, len); 866 EV_LOG_PADDING_FRAME_IN(LSQUIC_LOG_CONN_ID, len); 867 return len; 868} 869 870 871static void 872imico_take_rtt_sample (struct ietf_mini_conn *conn, 873 const struct lsquic_packet_out *packet_out, 874 lsquic_time_t now, lsquic_time_t lack_delta) 875{ 876 assert(packet_out->po_sent); 877 lsquic_time_t measured_rtt = now - packet_out->po_sent; 878 if (lack_delta < measured_rtt) 879 { 880 lsquic_rtt_stats_update(&conn->imc_rtt_stats, measured_rtt, lack_delta); 881 LSQ_DEBUG("srtt: %"PRIu64" usec, var: %"PRIu64, 882 lsquic_rtt_stats_get_srtt(&conn->imc_rtt_stats), 883 lsquic_rtt_stats_get_rttvar(&conn->imc_rtt_stats)); 884 } 885} 886 887 888static unsigned 889imico_process_ack_frame (IMICO_PROC_FRAME_ARGS) 890{ 891 int parsed_len; 892 unsigned n; 893 lsquic_packet_out_t *packet_out, *next; 894 struct ack_info *acki; 895 lsquic_packno_t packno; 896 lsquic_time_t warn_time; 897 packno_set_t acked; 898 enum packnum_space pns; 899 uint8_t ack_exp; 900 901 if (conn->imc_flags & IMC_HAVE_TP) 902 ack_exp = conn->imc_ack_exp; 903 else 904 ack_exp = TP_DEF_ACK_DELAY_EXP; /* Odd: no transport params yet? */ 905 acki = conn->imc_enpub->enp_mm.acki; 906 parsed_len = conn->imc_conn.cn_pf->pf_parse_ack_frame(p, len, acki, 907 ack_exp); 908 if (parsed_len < 0) 909 { 910 conn->imc_flags |= IMC_PARSE_FAILED; 911 return 0; 912 } 913 914 pns = lsquic_hety2pns[ packet_in->pi_header_type ]; 915 acked = 0; 916 917 for (n = 0; n < acki->n_ranges; ++n) 918 { 919 if (acki->ranges[n].high <= MAX_PACKETS) 920 { 921 acked |= (1ULL << acki->ranges[n].high) 922 | ((1ULL << acki->ranges[n].high) - 1); 923 acked &= ~((1ULL << acki->ranges[n].low) - 1); 924 } 925 else 926 { 927 packno = acki->ranges[n].high; 928 goto err_never_sent; 929 } 930 } 931 if (acked & ~conn->imc_sent_packnos) 932 { 933 packno = highest_bit_set(acked & ~conn->imc_sent_packnos); 934 goto err_never_sent; 935 } 936 937 EV_LOG_ACK_FRAME_IN(LSQUIC_LOG_CONN_ID, acki); 938 for (packet_out = TAILQ_FIRST(&conn->imc_packets_out); packet_out; 939 packet_out = next) 940 { 941 next = TAILQ_NEXT(packet_out, po_next); 942 if ((1ULL << packet_out->po_packno) & acked) 943 { 944 assert(lsquic_packet_out_pns(packet_out) == pns); 945 LSQ_DEBUG("Got ACK for packet %"PRIu64, packet_out->po_packno); 946 if (packet_out->po_packno == largest_acked(acki)) 947 imico_take_rtt_sample(conn, packet_out, 948 packet_in->pi_received, acki->lack_delta); 949 TAILQ_REMOVE(&conn->imc_packets_out, packet_out, po_next); 950 imico_destroy_packet(conn, packet_out); 951 } 952 } 953 954 if (conn->imc_sent_packnos & ~conn->imc_acked_packnos[pns] & acked) 955 { 956 LSQ_DEBUG("Newly acked packets, reset handshake count"); 957 conn->imc_hsk_count = 0; 958 } 959 960 conn->imc_acked_packnos[pns] |= acked; 961 962 return parsed_len; 963 964 err_never_sent: 965 warn_time = lsquic_time_now(); 966 if (0 == conn->imc_enpub->enp_last_warning[WT_ACKPARSE_MINI] 967 || conn->imc_enpub->enp_last_warning[WT_ACKPARSE_MINI] 968 + WARNING_INTERVAL < warn_time) 969 { 970 conn->imc_enpub->enp_last_warning[WT_ACKPARSE_MINI] = warn_time; 971 LSQ_WARN("packet %"PRIu64" (pns: %u) was never sent", packno, pns); 972 } 973 else 974 LSQ_DEBUG("packet %"PRIu64" (pns: %u) was never sent", packno, pns); 975 return 0; 976} 977 978 979static unsigned 980imico_process_ping_frame (IMICO_PROC_FRAME_ARGS) 981{ 982 LSQ_DEBUG("got a PING frame, do nothing"); 983 return 1; 984} 985 986 987static unsigned 988imico_process_connection_close_frame (IMICO_PROC_FRAME_ARGS) 989{ 990 struct lsquic_packet_out *packet_out; 991 uint64_t error_code; 992 uint16_t reason_len; 993 uint8_t reason_off; 994 int parsed_len, app_error; 995 996 while ((packet_out = TAILQ_FIRST(&conn->imc_packets_out))) 997 { 998 TAILQ_REMOVE(&conn->imc_packets_out, packet_out, po_next); 999 imico_destroy_packet(conn, packet_out); 1000 } 1001 conn->imc_flags |= IMC_CLOSE_RECVD; 1002 parsed_len = conn->imc_conn.cn_pf->pf_parse_connect_close_frame(p, len, 1003 &app_error, &error_code, &reason_len, &reason_off); 1004 if (parsed_len < 0) 1005 { 1006 conn->imc_flags |= IMC_PARSE_FAILED; 1007 return 0; 1008 } 1009 EV_LOG_CONNECTION_CLOSE_FRAME_IN(LSQUIC_LOG_CONN_ID, error_code, 1010 (int) reason_len, (const char *) p + reason_off); 1011 LSQ_INFO("Received CONNECTION_CLOSE frame (%s-level code: %"PRIu64"; " 1012 "reason: %.*s)", app_error ? "application" : "transport", 1013 error_code, (int) reason_len, (const char *) p + reason_off); 1014 return 0; /* This shuts down the connection */ 1015} 1016 1017 1018static unsigned 1019imico_process_invalid_frame (IMICO_PROC_FRAME_ARGS) 1020{ 1021 LSQ_DEBUG("invalid frame %u (%s)", p[0], 1022 frame_type_2_str[ conn->imc_conn.cn_pf->pf_parse_frame_type(p, len) ]); 1023 return 0; 1024} 1025 1026 1027static unsigned (*const imico_process_frames[N_QUIC_FRAMES]) 1028 (IMICO_PROC_FRAME_ARGS) = 1029{ 1030 [QUIC_FRAME_PADDING] = imico_process_padding_frame, 1031 [QUIC_FRAME_CRYPTO] = imico_process_crypto_frame, 1032 [QUIC_FRAME_ACK] = imico_process_ack_frame, 1033 [QUIC_FRAME_PING] = imico_process_ping_frame, 1034 [QUIC_FRAME_CONNECTION_CLOSE] = imico_process_connection_close_frame, 1035 /* Some of them are invalid, while others are unexpected. We treat 1036 * them the same: handshake cannot proceed. 1037 */ 1038 [QUIC_FRAME_RST_STREAM] = imico_process_invalid_frame, 1039 [QUIC_FRAME_MAX_DATA] = imico_process_invalid_frame, 1040 [QUIC_FRAME_MAX_STREAM_DATA] = imico_process_invalid_frame, 1041 [QUIC_FRAME_MAX_STREAMS] = imico_process_invalid_frame, 1042 [QUIC_FRAME_BLOCKED] = imico_process_invalid_frame, 1043 [QUIC_FRAME_STREAM_BLOCKED] = imico_process_invalid_frame, 1044 [QUIC_FRAME_STREAMS_BLOCKED] = imico_process_invalid_frame, 1045 [QUIC_FRAME_NEW_CONNECTION_ID] = imico_process_invalid_frame, 1046 [QUIC_FRAME_STOP_SENDING] = imico_process_invalid_frame, 1047 [QUIC_FRAME_PATH_CHALLENGE] = imico_process_invalid_frame, 1048 [QUIC_FRAME_PATH_RESPONSE] = imico_process_invalid_frame, 1049 /* STREAM frame can only come in the App PNS and we delay those packets: */ 1050 [QUIC_FRAME_STREAM] = imico_process_invalid_frame, 1051 [QUIC_FRAME_HANDSHAKE_DONE] = imico_process_invalid_frame, 1052}; 1053 1054 1055static unsigned 1056imico_process_packet_frame (struct ietf_mini_conn *conn, 1057 struct lsquic_packet_in *packet_in, const unsigned char *p, size_t len) 1058{ 1059 enum enc_level enc_level; 1060 enum quic_frame_type type; 1061 1062 enc_level = lsquic_packet_in_enc_level(packet_in); 1063 type = conn->imc_conn.cn_pf->pf_parse_frame_type(p, len); 1064 if (lsquic_legal_frames_by_level[enc_level] & (1 << type)) 1065 { 1066 packet_in->pi_frame_types |= 1 << type; 1067 return imico_process_frames[type](conn, packet_in, p, len); 1068 } 1069 else 1070 { 1071 LSQ_DEBUG("invalid frame %u at encryption level %s", type, 1072 lsquic_enclev2str[enc_level]); 1073 return 0; 1074 } 1075} 1076 1077 1078static int 1079imico_parse_regular_packet (struct ietf_mini_conn *conn, 1080 struct lsquic_packet_in *packet_in) 1081{ 1082 const unsigned char *p, *pend; 1083 unsigned len; 1084 1085 p = packet_in->pi_data + packet_in->pi_header_sz; 1086 pend = packet_in->pi_data + packet_in->pi_data_sz; 1087 1088 while (p < pend) 1089 { 1090 len = imico_process_packet_frame(conn, packet_in, p, pend - p); 1091 if (len > 0) 1092 p += len; 1093 else 1094 return -1; 1095 } 1096 1097 return 0; 1098} 1099 1100 1101static unsigned 1102highest_bit_set (unsigned long long sz) 1103{ 1104#if __GNUC__ 1105 unsigned clz = __builtin_clzll(sz); 1106 return 63 - clz; 1107#else 1108 unsigned long y; 1109 unsigned n; 1110 n = 64; 1111 y = sz >> 32; if (y) { n -= 32; sz = y; } 1112 y = sz >> 16; if (y) { n -= 16; sz = y; } 1113 y = sz >> 8; if (y) { n -= 8; sz = y; } 1114 y = sz >> 4; if (y) { n -= 4; sz = y; } 1115 y = sz >> 2; if (y) { n -= 2; sz = y; } 1116 y = sz >> 1; if (y) return 63 - n + 2; 1117 return 63 - n + sz; 1118#endif 1119} 1120 1121 1122static void 1123ignore_init (struct ietf_mini_conn *conn) 1124{ 1125 struct lsquic_packet_out *packet_out, *next; 1126 unsigned count; 1127 1128 conn->imc_flags |= IMC_IGNORE_INIT; 1129 conn->imc_flags &= ~(IMC_QUEUED_ACK_INIT << PNS_INIT); 1130 1131 count = 0; 1132 for (packet_out = TAILQ_FIRST(&conn->imc_packets_out); packet_out; 1133 packet_out = next) 1134 { 1135 next = TAILQ_NEXT(packet_out, po_next); 1136 if (PNS_INIT == lsquic_packet_out_pns(packet_out)) 1137 { 1138 TAILQ_REMOVE(&conn->imc_packets_out, packet_out, po_next); 1139 imico_destroy_packet(conn, packet_out); 1140 ++count; 1141 } 1142 } 1143 1144 LSQ_DEBUG("henceforth, no Initial packets shall be sent or received; " 1145 "destroyed %u packet%.*s", count, count != 1, "s"); 1146} 1147 1148 1149/* Only a single packet is supported */ 1150static void 1151ietf_mini_conn_ci_packet_in (struct lsquic_conn *lconn, 1152 struct lsquic_packet_in *packet_in) 1153{ 1154 struct ietf_mini_conn *conn = (struct ietf_mini_conn *) lconn; 1155 enum dec_packin dec_packin; 1156 enum packnum_space pns; 1157 1158 if (conn->imc_flags & IMC_ERROR) 1159 { 1160 LSQ_DEBUG("ignore incoming packet: connection is in error state"); 1161 return; 1162 } 1163 1164 pns = lsquic_hety2pns[ packet_in->pi_header_type ]; 1165 if (pns == PNS_INIT && (conn->imc_flags & IMC_IGNORE_INIT)) 1166 { 1167 LSQ_DEBUG("ignore init packet"); /* Don't bother decrypting */ 1168 return; 1169 } 1170 1171 dec_packin = lconn->cn_esf_c->esf_decrypt_packet(lconn->cn_enc_session, 1172 conn->imc_enpub, &conn->imc_conn, packet_in); 1173 if (dec_packin != DECPI_OK) 1174 { 1175 /* TODO: handle reordering perhaps? */ 1176 LSQ_DEBUG("could not decrypt packet"); 1177 return; 1178 } 1179 1180 EV_LOG_PACKET_IN(LSQUIC_LOG_CONN_ID, packet_in); 1181 conn->imc_bytes_in += packet_in->pi_data_sz + IQUIC_TAG_LEN; 1182 1183 if (pns == PNS_APP) 1184 { 1185 lsquic_packet_in_upref(packet_in); 1186 TAILQ_INSERT_TAIL(&conn->imc_app_packets, packet_in, pi_next); 1187 LSQ_DEBUG("delay processing of packet %"PRIu64" in pns %u", 1188 packet_in->pi_packno, pns); 1189 return; 1190 } 1191 else if (pns == PNS_HSK) 1192 conn->imc_flags |= IMC_ADDR_VALIDATED; 1193 1194 if (((conn->imc_flags >> IMCBIT_PNS_BIT_SHIFT) & 3) < pns) 1195 { 1196 conn->imc_flags &= ~(3 << IMCBIT_PNS_BIT_SHIFT); 1197 conn->imc_flags |= pns << IMCBIT_PNS_BIT_SHIFT; 1198 } 1199 1200 if (pns == PNS_HSK && !(conn->imc_flags & IMC_IGNORE_INIT)) 1201 ignore_init(conn); 1202 1203 if (conn->imc_recvd_packnos[pns] & (1ULL << packet_in->pi_packno)) 1204 { 1205 LSQ_DEBUG("duplicate packet %"PRIu64, packet_in->pi_packno); 1206 return; 1207 } 1208 1209 /* Update receive history before processing the packet: if there is an 1210 * error, the connection is terminated and recording this packet number 1211 * is helpful when it is printed along with other diagnostics in dtor. 1212 */ 1213 if (0 == conn->imc_recvd_packnos[pns] || 1214 packet_in->pi_packno > highest_bit_set(conn->imc_recvd_packnos[pns])) 1215 conn->imc_largest_recvd[pns] = packet_in->pi_received; 1216 conn->imc_recvd_packnos[pns] |= 1ULL << packet_in->pi_packno; 1217 1218 if (0 != imico_parse_regular_packet(conn, packet_in)) 1219 { 1220 LSQ_DEBUG("connection is now in error state"); 1221 conn->imc_flags |= IMC_ERROR; 1222 return; 1223 } 1224 1225 conn->imc_flags |= IMC_QUEUED_ACK_INIT << pns; 1226 ++conn->imc_ecn_counts_in[pns][ lsquic_packet_in_ecn(packet_in) ]; 1227 conn->imc_incoming_ecn <<= 1; 1228 conn->imc_incoming_ecn |= lsquic_packet_in_ecn(packet_in) != ECN_NOT_ECT; 1229} 1230 1231 1232static void 1233ietf_mini_conn_ci_packet_sent (struct lsquic_conn *lconn, 1234 struct lsquic_packet_out *packet_out) 1235{ 1236 struct ietf_mini_conn *conn = (struct ietf_mini_conn *) lconn; 1237 conn->imc_sent_packnos |= 1ULL << packet_out->po_packno; 1238 conn->imc_ecn_packnos |= !!lsquic_packet_out_ecn(packet_out) 1239 << packet_out->po_packno; 1240#if 0 1241 if (packet_out->po_frame_types & (1 << QUIC_FRAME_ACK)) 1242 { 1243 assert(mc->mc_flags & MC_UNSENT_ACK); 1244 mc->mc_flags &= ~MC_UNSENT_ACK; 1245 } 1246#endif 1247 ++conn->imc_ecn_counts_out[ lsquic_packet_out_pns(packet_out) ] 1248 [ lsquic_packet_out_ecn(packet_out) ]; 1249 if (packet_out->po_header_type == HETY_HANDSHAKE) 1250 conn->imc_flags |= IMC_HSK_PACKET_SENT; 1251 LSQ_DEBUG("%s: packet %"PRIu64" sent", __func__, packet_out->po_packno); 1252} 1253 1254 1255static void 1256ietf_mini_conn_ci_packet_not_sent (struct lsquic_conn *lconn, 1257 struct lsquic_packet_out *packet_out) 1258{ 1259 struct ietf_mini_conn *conn = (struct ietf_mini_conn *) lconn; 1260 size_t packet_size; 1261 1262 packet_out->po_flags &= ~PO_SENT; 1263 packet_size = lsquic_packet_out_total_sz(lconn, packet_out); 1264 conn->imc_bytes_out -= packet_size + IQUIC_TAG_LEN; 1265 LSQ_DEBUG("%s: packet %"PRIu64" not sent", __func__, packet_out->po_packno); 1266} 1267 1268 1269static void 1270imico_return_enc_data (struct ietf_mini_conn *conn, 1271 struct lsquic_packet_out *packet_out) 1272{ 1273 conn->imc_enpub->enp_pmi->pmi_return(conn->imc_enpub->enp_pmi_ctx, 1274 conn->imc_path.np_peer_ctx, packet_out->po_enc_data, 1275 lsquic_packet_out_ipv6(packet_out)); 1276 packet_out->po_flags &= ~PO_ENCRYPTED; 1277 packet_out->po_enc_data = NULL; 1278} 1279 1280 1281static int 1282imico_repackage_packet (struct ietf_mini_conn *conn, 1283 struct lsquic_packet_out *packet_out) 1284{ 1285 const lsquic_packno_t oldno = packet_out->po_packno; 1286 const lsquic_packno_t packno = conn->imc_next_packno++; 1287 if (packno > MAX_PACKETS) 1288 return -1; 1289 1290 LSQ_DEBUG("Packet %"PRIu64" repackaged for resending as packet %"PRIu64, 1291 oldno, packno); 1292 EV_LOG_CONN_EVENT(LSQUIC_LOG_CONN_ID, "packet %"PRIu64" repackaged for " 1293 "resending as packet %"PRIu64, oldno, packno); 1294 packet_out->po_packno = packno; 1295 packet_out->po_flags &= ~PO_SENT; 1296 lsquic_packet_out_set_ecn(packet_out, imico_get_ecn(conn)); 1297 if (packet_out->po_flags & PO_ENCRYPTED) 1298 imico_return_enc_data(conn, packet_out); 1299 TAILQ_INSERT_TAIL(&conn->imc_packets_out, packet_out, po_next); 1300 return 0; 1301} 1302 1303 1304static int 1305imico_handle_losses_and_have_unsent (struct ietf_mini_conn *conn, 1306 lsquic_time_t now) 1307{ 1308 TAILQ_HEAD(, lsquic_packet_out) lost_packets = 1309 TAILQ_HEAD_INITIALIZER(lost_packets); 1310 lsquic_packet_out_t *packet_out, *next; 1311 lsquic_time_t retx_to = 0; 1312 unsigned n_to_send = 0; 1313 1314 for (packet_out = TAILQ_FIRST(&conn->imc_packets_out); packet_out; 1315 packet_out = next) 1316 { 1317 next = TAILQ_NEXT(packet_out, po_next); 1318 if (packet_out->po_flags & PO_SENT) 1319 { 1320 if (0 == retx_to) 1321 retx_to = imico_calc_retx_timeout(conn); 1322 if (packet_out->po_sent + retx_to < now) 1323 { 1324 LSQ_DEBUG("packet %"PRIu64" has been lost (rto: %"PRIu64")", 1325 packet_out->po_packno, retx_to); 1326 TAILQ_REMOVE(&conn->imc_packets_out, packet_out, po_next); 1327 TAILQ_INSERT_TAIL(&lost_packets, packet_out, po_next); 1328 } 1329 } 1330 else 1331 ++n_to_send; 1332 } 1333 1334 conn->imc_hsk_count += !TAILQ_EMPTY(&lost_packets); 1335 1336 while ((packet_out = TAILQ_FIRST(&lost_packets))) 1337 { 1338 TAILQ_REMOVE(&lost_packets, packet_out, po_next); 1339 if ((packet_out->po_frame_types & IQUIC_FRAME_RETX_MASK) 1340 && 0 == imico_repackage_packet(conn, packet_out)) 1341 ++n_to_send; 1342 else 1343 imico_destroy_packet(conn, packet_out); 1344 } 1345 1346 return n_to_send > 0; 1347} 1348 1349 1350static int 1351imico_have_packets_to_send (struct ietf_mini_conn *conn, lsquic_time_t now) 1352{ 1353 return imico_handle_losses_and_have_unsent(conn, now); 1354} 1355 1356 1357struct ietf_mini_rechist 1358{ 1359 const struct ietf_mini_conn *conn; 1360 packno_set_t cur_set; 1361 struct lsquic_packno_range range; /* We return a pointer to this */ 1362 int cur_idx; 1363 enum packnum_space pns; 1364}; 1365 1366 1367static void 1368imico_rechist_init (struct ietf_mini_rechist *rechist, 1369 const struct ietf_mini_conn *conn, enum packnum_space pns) 1370{ 1371 rechist->conn = conn; 1372 rechist->pns = pns; 1373 rechist->cur_set = 0; 1374 rechist->cur_idx = 0; 1375} 1376 1377 1378static lsquic_time_t 1379imico_rechist_largest_recv (void *rechist_ctx) 1380{ 1381 struct ietf_mini_rechist *rechist = rechist_ctx; 1382 return rechist->conn->imc_largest_recvd[ rechist->pns ]; 1383} 1384 1385 1386static const struct lsquic_packno_range * 1387imico_rechist_next (void *rechist_ctx) 1388{ 1389 struct ietf_mini_rechist *rechist = rechist_ctx; 1390 const struct ietf_mini_conn *conn = rechist->conn; 1391 packno_set_t packnos; 1392 int i; 1393 1394 packnos = rechist->cur_set; 1395 if (0 == packnos) 1396 return NULL; 1397 1398 /* There may be a faster way to do this, but for now, we just want 1399 * correctness. 1400 */ 1401 for (i = rechist->cur_idx; i >= 0; --i) 1402 if (packnos & (1ULL << i)) 1403 { 1404 rechist->range.low = i; 1405 rechist->range.high = i; 1406 break; 1407 } 1408 assert(i >= 0); /* We must have hit at least one bit */ 1409 --i; 1410 for ( ; i >= 0 && (packnos & (1ULL << i)); --i) 1411 rechist->range.low = i; 1412 if (i >= 0) 1413 { 1414 rechist->cur_set = packnos & ((1ULL << i) - 1); 1415 rechist->cur_idx = i; 1416 } 1417 else 1418 rechist->cur_set = 0; 1419 LSQ_DEBUG("%s: return [%"PRIu64", %"PRIu64"]", __func__, 1420 rechist->range.low, rechist->range.high); 1421 return &rechist->range; 1422} 1423 1424 1425static const struct lsquic_packno_range * 1426imico_rechist_first (void *rechist_ctx) 1427{ 1428 struct ietf_mini_rechist *rechist = rechist_ctx; 1429 rechist->cur_set = rechist->conn->imc_recvd_packnos[ rechist->pns ]; 1430 rechist->cur_idx = highest_bit_set(rechist->cur_set); 1431 return imico_rechist_next(rechist_ctx); 1432} 1433 1434 1435static const enum header_type pns2hety[] = 1436{ 1437 [PNS_INIT] = HETY_INITIAL, 1438 [PNS_HSK] = HETY_HANDSHAKE, 1439 [PNS_APP] = HETY_NOT_SET, 1440}; 1441 1442 1443static int 1444imico_generate_ack (struct ietf_mini_conn *conn, enum packnum_space pns, 1445 lsquic_time_t now) 1446{ 1447 struct lsquic_packet_out *packet_out; 1448 enum header_type header_type; 1449 struct ietf_mini_rechist rechist; 1450 int not_used_has_missing, len; 1451 uint64_t ecn_counts_buf[4]; 1452 const uint64_t *ecn_counts; 1453 1454 header_type = pns2hety[pns]; 1455 1456 if (conn->imc_incoming_ecn) 1457 { 1458 ecn_counts_buf[0] = conn->imc_ecn_counts_in[pns][0]; 1459 ecn_counts_buf[1] = conn->imc_ecn_counts_in[pns][1]; 1460 ecn_counts_buf[2] = conn->imc_ecn_counts_in[pns][2]; 1461 ecn_counts_buf[3] = conn->imc_ecn_counts_in[pns][3]; 1462 ecn_counts = ecn_counts_buf; 1463 } 1464 else 1465 ecn_counts = NULL; 1466 1467 packet_out = imico_get_packet_out(conn, header_type, 0); 1468 if (!packet_out) 1469 return -1; 1470 1471 /* Generate ACK frame */ 1472 imico_rechist_init(&rechist, conn, pns); 1473 len = conn->imc_conn.cn_pf->pf_gen_ack_frame( 1474 packet_out->po_data + packet_out->po_data_sz, 1475 lsquic_packet_out_avail(packet_out), imico_rechist_first, 1476 imico_rechist_next, imico_rechist_largest_recv, &rechist, 1477 now, ¬_used_has_missing, &packet_out->po_ack2ed, ecn_counts); 1478 if (len < 0) 1479 { 1480 LSQ_WARN("could not generate ACK frame"); 1481 return -1; 1482 } 1483 EV_LOG_GENERATED_ACK_FRAME(LSQUIC_LOG_CONN_ID, conn->imc_conn.cn_pf, 1484 packet_out->po_data + packet_out->po_data_sz, len); 1485 packet_out->po_frame_types |= 1 << QUIC_FRAME_ACK; 1486 packet_out->po_data_sz += len; 1487 packet_out->po_regen_sz += len; 1488 conn->imc_flags &= ~(IMC_QUEUED_ACK_INIT << pns); 1489 LSQ_DEBUG("wrote ACK frame of size %d", len); 1490 return 0; 1491} 1492 1493 1494static int 1495imico_generate_acks (struct ietf_mini_conn *conn, lsquic_time_t now) 1496{ 1497 enum packnum_space pns; 1498 1499 for (pns = PNS_INIT; pns < N_PNS; ++pns) 1500 if (conn->imc_flags & (IMC_QUEUED_ACK_INIT << pns) 1501 && !(pns == PNS_INIT && (conn->imc_flags & IMC_IGNORE_INIT))) 1502 if (0 != imico_generate_ack(conn, pns, now)) 1503 return -1; 1504 1505 return 0; 1506} 1507 1508 1509static void 1510imico_generate_conn_close (struct ietf_mini_conn *conn) 1511{ 1512 struct lsquic_packet_out *packet_out; 1513 enum header_type header_type; 1514 enum packnum_space pns, pns_max; 1515 unsigned error_code; 1516 const char *reason; 1517 size_t need; 1518 int sz, rlen, is_app; 1519 char reason_buf[0x20]; 1520 1521 if (conn->imc_flags & IMC_ABORT_ERROR) 1522 { 1523 is_app = !!(conn->imc_flags & IMC_ABORT_ISAPP); 1524 error_code = conn->imc_error_code; 1525 reason = NULL; 1526 rlen = 0; 1527 } 1528 else if (conn->imc_flags & IMC_TLS_ALERT) 1529 { 1530 is_app = 0; 1531 error_code = 0x100 + conn->imc_tls_alert; 1532 if (ALERT_NO_APPLICATION_PROTOCOL == conn->imc_tls_alert) 1533 reason = "no suitable application protocol"; 1534 else 1535 { 1536 snprintf(reason_buf, sizeof(reason_buf), "TLS alert %"PRIu8, 1537 conn->imc_tls_alert); 1538 reason = reason_buf; 1539 } 1540 rlen = strlen(reason); 1541 } 1542 else if (conn->imc_flags & IMC_BAD_TRANS_PARAMS) 1543 { 1544 is_app = 0; 1545 error_code = TEC_NO_ERROR; 1546 reason = "bad transport parameters"; 1547 rlen = 24; 1548 } 1549 else if (conn->imc_flags & IMC_HSK_FAILED) 1550 { 1551 is_app = 0; 1552 error_code = TEC_NO_ERROR; 1553 reason = "handshake failed"; 1554 rlen = 16; 1555 } 1556 else if (conn->imc_flags & IMC_PARSE_FAILED) 1557 { 1558 is_app = 0; 1559 error_code = TEC_FRAME_ENCODING_ERROR; 1560 reason = "cannot decode frame"; 1561 rlen = 19; 1562 } 1563 else 1564 { 1565 is_app = 0; 1566 error_code = TEC_INTERNAL_ERROR; 1567 reason = NULL; 1568 rlen = 0; 1569 } 1570 1571 1572/* [draft-ietf-quic-transport-23] Section 12.2: 1573 * 1574 " A client will always know whether the server has Handshake keys (see 1575 " Section 17.2.2.1), but it is possible that a server does not know 1576 " whether the client has Handshake keys. Under these circumstances, a 1577 " server SHOULD send a CONNECTION_CLOSE frame in both Handshake and 1578 " Initial packets to ensure that at least one of them is processable by 1579 " the client. 1580 */ 1581 1582 pns = (conn->imc_flags >> IMCBIT_PNS_BIT_SHIFT) & 3; 1583 switch ((!!(conn->imc_flags & IMC_HSK_PACKET_SENT) << 1) 1584 | (pns == PNS_HSK) /* Handshake packet received */) 1585 { 1586 case (0 << 1) | 0: 1587 pns = PNS_INIT; 1588 pns_max = PNS_INIT; 1589 break; 1590 case (1 << 1) | 0: 1591 pns = PNS_INIT; 1592 pns_max = PNS_HSK; 1593 break; 1594 default: 1595 pns = PNS_HSK; 1596 pns_max = PNS_HSK; 1597 break; 1598 } 1599 1600 need = conn->imc_conn.cn_pf->pf_connect_close_frame_size(is_app, 1601 error_code, 0, rlen); 1602 LSQ_DEBUG("will generate %u CONNECTION_CLOSE frame%.*s", 1603 pns_max - pns + 1, pns_max > pns, "s"); 1604 do 1605 { 1606 header_type = pns2hety[pns]; 1607 packet_out = imico_get_packet_out(conn, header_type, need); 1608 if (!packet_out) 1609 return; 1610 sz = conn->imc_conn.cn_pf->pf_gen_connect_close_frame( 1611 packet_out->po_data + packet_out->po_data_sz, 1612 lsquic_packet_out_avail(packet_out), is_app, error_code, reason, 1613 rlen); 1614 if (sz >= 0) 1615 { 1616 packet_out->po_frame_types |= 1 << QUIC_FRAME_CONNECTION_CLOSE; 1617 packet_out->po_data_sz += sz; 1618 LSQ_DEBUG("generated CONNECTION_CLOSE frame"); 1619 } 1620 else 1621 LSQ_WARN("could not generate CONNECTION_CLOSE frame"); 1622 ++pns; 1623 } 1624 while (pns <= pns_max); 1625} 1626 1627 1628static int 1629imico_generate_handshake_done (struct ietf_mini_conn *conn) 1630{ 1631 struct lsquic_packet_out *packet_out; 1632 unsigned need; 1633 int sz; 1634 1635 need = conn->imc_conn.cn_pf->pf_handshake_done_frame_size(); 1636 packet_out = imico_get_packet_out(conn, HETY_NOT_SET, need); 1637 if (!packet_out) 1638 return -1; 1639 sz = conn->imc_conn.cn_pf->pf_gen_handshake_done_frame( 1640 packet_out->po_data + packet_out->po_data_sz, 1641 lsquic_packet_out_avail(packet_out)); 1642 if (sz < 0) 1643 { 1644 LSQ_WARN("could not generate HANDSHAKE_DONE frame"); 1645 return -1; 1646 } 1647 1648 packet_out->po_frame_types |= 1 << QUIC_FRAME_HANDSHAKE_DONE; 1649 packet_out->po_data_sz += sz; 1650 LSQ_DEBUG("generated HANDSHAKE_DONE frame"); 1651 conn->imc_flags |= IMC_HSK_DONE_SENT; 1652 1653 return 0; 1654} 1655 1656 1657static enum tick_st 1658ietf_mini_conn_ci_tick (struct lsquic_conn *lconn, lsquic_time_t now) 1659{ 1660 struct ietf_mini_conn *conn = (struct ietf_mini_conn *) lconn; 1661 enum tick_st tick; 1662 1663 if (conn->imc_created + conn->imc_enpub->enp_settings.es_handshake_to < now) 1664 { 1665 LSQ_DEBUG("connection expired: closing"); 1666 return TICK_CLOSE; 1667 } 1668 1669 1670 if (conn->imc_flags & 1671 (IMC_QUEUED_ACK_INIT|IMC_QUEUED_ACK_HSK|IMC_QUEUED_ACK_APP)) 1672 { 1673 if (0 != imico_generate_acks(conn, now)) 1674 { 1675 conn->imc_flags |= IMC_ERROR; 1676 return TICK_CLOSE; 1677 } 1678 } 1679 1680 1681 tick = 0; 1682 1683 if (conn->imc_flags & IMC_ERROR) 1684 { 1685 close_on_error: 1686 if (!(conn->imc_flags & IMC_CLOSE_RECVD)) 1687 imico_generate_conn_close(conn); 1688 tick |= TICK_CLOSE; 1689 } 1690 else if (conn->imc_flags & IMC_HSK_OK) 1691 { 1692 if (conn->imc_conn.cn_version > LSQVER_ID24) 1693 { 1694 if (lconn->cn_esf.i->esfi_in_init(lconn->cn_enc_session)) 1695 LSQ_DEBUG("still in init, defer HANDSHAKE_DONE"); 1696 else if (0 != imico_generate_handshake_done(conn)) 1697 goto close_on_error; 1698 } 1699 tick |= TICK_PROMOTE; 1700 } 1701 1702 if (imico_have_packets_to_send(conn, now)) 1703 tick |= TICK_SEND; 1704 else 1705 tick |= TICK_QUIET; 1706 1707 LSQ_DEBUG("Return TICK %d", tick); 1708 return tick; 1709} 1710 1711 1712static void 1713ietf_mini_conn_ci_internal_error (struct lsquic_conn *lconn, 1714 const char *format, ...) 1715{ 1716 struct ietf_mini_conn *conn = (struct ietf_mini_conn *) lconn; 1717 LSQ_INFO("internal error reported"); 1718 conn->imc_flags |= IMC_ERROR; 1719} 1720 1721 1722static void 1723ietf_mini_conn_ci_abort_error (struct lsquic_conn *lconn, int is_app, 1724 unsigned error_code, const char *fmt, ...) 1725{ 1726 struct ietf_mini_conn *conn = (struct ietf_mini_conn *) lconn; 1727 va_list ap; 1728 const char *err_str, *percent; 1729 char err_buf[0x100]; 1730 1731 percent = strchr(fmt, '%'); 1732 if (percent) 1733 { 1734 va_start(ap, fmt); 1735 vsnprintf(err_buf, sizeof(err_buf), fmt, ap); 1736 va_end(ap); 1737 err_str = err_buf; 1738 } 1739 else 1740 err_str = fmt; 1741 LSQ_INFO("abort error: is_app: %d; error code: %u; error str: %s", 1742 is_app, error_code, err_str); 1743 conn->imc_flags |= IMC_ERROR|IMC_ABORT_ERROR; 1744 if (is_app) 1745 conn->imc_flags |= IMC_ABORT_ISAPP; 1746 conn->imc_error_code = error_code; 1747} 1748 1749 1750static struct network_path * 1751ietf_mini_conn_ci_get_path (struct lsquic_conn *lconn, 1752 const struct sockaddr *sa) 1753{ 1754 struct ietf_mini_conn *conn = (struct ietf_mini_conn *) lconn; 1755 1756 return &conn->imc_path; 1757} 1758 1759 1760static const lsquic_cid_t * 1761ietf_mini_conn_ci_get_log_cid (const struct lsquic_conn *lconn) 1762{ 1763 struct ietf_mini_conn *conn = (struct ietf_mini_conn *) lconn; 1764 1765 if (conn->imc_path.np_dcid.len) 1766 return &conn->imc_path.np_dcid; 1767 else 1768 return CN_SCID(lconn); 1769} 1770 1771 1772static unsigned char 1773ietf_mini_conn_ci_record_addrs (struct lsquic_conn *lconn, void *peer_ctx, 1774 const struct sockaddr *local_sa, const struct sockaddr *peer_sa) 1775{ 1776 struct ietf_mini_conn *conn = (struct ietf_mini_conn *) lconn; 1777 const struct sockaddr *orig_peer_sa; 1778 struct lsquic_packet_out *packet_out; 1779 size_t len; 1780 char path_str[4][INET6_ADDRSTRLEN + sizeof(":65535")]; 1781 1782 if (NP_IS_IPv6(&conn->imc_path) != (AF_INET6 == peer_sa->sa_family)) 1783 TAILQ_FOREACH(packet_out, &conn->imc_packets_out, po_next) 1784 if ((packet_out->po_flags & (PO_SENT|PO_ENCRYPTED)) == PO_ENCRYPTED) 1785 imico_return_enc_data(conn, packet_out); 1786 1787 orig_peer_sa = NP_PEER_SA(&conn->imc_path); 1788 if (orig_peer_sa->sa_family == 0) 1789 LSQ_DEBUG("connection to %s from %s", SA2STR(local_sa, path_str[0]), 1790 SA2STR(peer_sa, path_str[1])); 1791 else if (!(lsquic_sockaddr_eq(NP_PEER_SA(&conn->imc_path), peer_sa) 1792 && lsquic_sockaddr_eq(NP_LOCAL_SA(&conn->imc_path), local_sa))) 1793 { 1794 LSQ_DEBUG("path changed from (%s - %s) to (%s - %s)", 1795 SA2STR(NP_LOCAL_SA(&conn->imc_path), path_str[0]), 1796 SA2STR(NP_PEER_SA(&conn->imc_path), path_str[1]), 1797 SA2STR(local_sa, path_str[2]), 1798 SA2STR(peer_sa, path_str[3])); 1799 conn->imc_flags |= IMC_PATH_CHANGED; 1800 } 1801 1802 len = local_sa->sa_family == AF_INET ? sizeof(struct sockaddr_in) 1803 : sizeof(struct sockaddr_in6); 1804 1805 memcpy(conn->imc_path.np_peer_addr, peer_sa, len); 1806 memcpy(conn->imc_path.np_local_addr, local_sa, len); 1807 conn->imc_path.np_peer_ctx = peer_ctx; 1808 return 0; 1809} 1810 1811 1812static const struct conn_iface mini_conn_ietf_iface = { 1813 .ci_abort_error = ietf_mini_conn_ci_abort_error, 1814 .ci_client_call_on_new = ietf_mini_conn_ci_client_call_on_new, 1815 .ci_destroy = ietf_mini_conn_ci_destroy, 1816 .ci_get_engine = ietf_mini_conn_ci_get_engine, 1817 .ci_get_log_cid = ietf_mini_conn_ci_get_log_cid, 1818 .ci_get_path = ietf_mini_conn_ci_get_path, 1819 .ci_hsk_done = ietf_mini_conn_ci_hsk_done, 1820 .ci_internal_error = ietf_mini_conn_ci_internal_error, 1821 .ci_is_tickable = ietf_mini_conn_ci_is_tickable, 1822 .ci_next_packet_to_send = ietf_mini_conn_ci_next_packet_to_send, 1823 .ci_next_tick_time = ietf_mini_conn_ci_next_tick_time, 1824 .ci_packet_in = ietf_mini_conn_ci_packet_in, 1825 .ci_packet_not_sent = ietf_mini_conn_ci_packet_not_sent, 1826 .ci_packet_sent = ietf_mini_conn_ci_packet_sent, 1827 .ci_record_addrs = ietf_mini_conn_ci_record_addrs, 1828 .ci_tick = ietf_mini_conn_ci_tick, 1829 .ci_tls_alert = ietf_mini_conn_ci_tls_alert, 1830}; 1831