quiche: implement Envoy Quic stream and connection #7721
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,23 @@ | ||
| #include "extensions/quic_listeners/quiche/codec_impl.h" | ||
|
|
||
| namespace Envoy { | ||
| namespace Quic { | ||
|
|
||
| void QuicHttpConnectionImplBase::goAway() { | ||
alyssawilk marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| quic_session_.SendGoAway(quic::QUIC_PEER_GOING_AWAY, "server shutdown imminent"); | ||
| } | ||
|
|
||
| bool QuicHttpConnectionImplBase::wantsToWrite() { return quic_session_.HasDataToWrite(); } | ||
|
|
||
| // TODO(danzh): modify QUIC stack to react based on aggregated bytes across all | ||
| // the streams. And call StreamCallbackHelper::runHighWatermarkCallbacks() for each stream. | ||
| void QuicHttpConnectionImplBase::onUnderlyingConnectionAboveWriteBufferHighWatermark() { | ||
| NOT_IMPLEMENTED_GCOVR_EXCL_LINE; | ||
| } | ||
|
|
||
| void QuicHttpConnectionImplBase::onUnderlyingConnectionBelowWriteBufferLowWatermark() { | ||
| NOT_IMPLEMENTED_GCOVR_EXCL_LINE; | ||
| } | ||
|
|
||
| } // namespace Quic | ||
| } // namespace Envoy | ||
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,58 @@ | ||
| #include "envoy/http/codec.h" | ||
|
|
||
| #include "common/common/assert.h" | ||
| #include "common/common/logger.h" | ||
|
|
||
| #include "extensions/quic_listeners/quiche/envoy_quic_server_session.h" | ||
|
|
||
| namespace Envoy { | ||
| namespace Quic { | ||
|
|
||
| // QuicHttpConnectionImplBase instance is a thin QUIC codec just providing quic interface to HCM. | ||
| // Owned by HCM and created during onNewConnection() if the network connection | ||
| // is a QUIC connection. | ||
| class QuicHttpConnectionImplBase : public virtual Http::Connection, | ||
| protected Logger::Loggable<Logger::Id::quic> { | ||
| public: | ||
| QuicHttpConnectionImplBase(EnvoyQuicServerSession& quic_session) : quic_session_(quic_session) {} | ||
|
|
||
| // Http::Connection | ||
| void dispatch(Buffer::Instance& /*data*/) override { | ||
|
There was a problem hiding this comment. hm, so I'd imagined that the HCM onData would be passed to the quic codec Dispatch. Do we pass directly to have the per-packet information persisted? There was a problem hiding this comment.
De-multiplexing is handled by QUIC stack, so HCM onData should never be called, so is dispatch() here.
What do you mean? HCM should only see request header, body and trailer, rather than UDP payload. |
||
| // Bypassed. QUIC connection already hands all data to streams. | ||
| NOT_REACHED_GCOVR_EXCL_LINE; | ||
|
There was a problem hiding this comment. sadly these don't quite work, and so add to our uncovered lines. Let's instead add quiche to COVERAGE_IGNORE_REGEX in test/run_envoy_bazel_coverage.sh and have a tracking item in one of the QUICHE bugs to fix up coverage before we land. |
||
| } | ||
| Http::Protocol protocol() override { | ||
| // From HCM's view, QUIC should behave the same as Http2, only the stats | ||
| // should be different. | ||
| // TODO(danzh) add Http3 enum value for QUIC. | ||
|
There was a problem hiding this comment. Q for my own understanding: Would we actually do this? Is HTTP/3 different from HTTP/2 in any substantial way at the app layer? I'm mainly wondering if it's worth it to make Envoy aware of HTTP/3 above the codec. There was a problem hiding this comment. Distinguish Http3 from Http2 traffic is more for monitoring. These two works the same at the app layer. The distinction should only exists in codec |
||
| return Http::Protocol::Http2; | ||
| } | ||
| void goAway() override; | ||
| // Returns true if the session has data to send but queued in connection or | ||
| // stream send buffer. | ||
| bool wantsToWrite() override; | ||
| void onUnderlyingConnectionAboveWriteBufferHighWatermark() override; | ||
| void onUnderlyingConnectionBelowWriteBufferLowWatermark() override; | ||
|
|
||
| protected: | ||
| EnvoyQuicServerSession& quic_session_; | ||
| }; | ||
|
|
||
| class QuicHttpServerConnectionImpl : public QuicHttpConnectionImplBase, | ||
| public Http::ServerConnection { | ||
| public: | ||
| QuicHttpServerConnectionImpl(EnvoyQuicServerSession& quic_session, | ||
| Http::ServerConnectionCallbacks& callbacks) | ||
| : QuicHttpConnectionImplBase(quic_session) { | ||
| quic_session.setHttpConnectionCallbacks(callbacks); | ||
| } | ||
|
|
||
| // Http::Connection | ||
| void shutdownNotice() override { | ||
| // TODO(danzh): Add double-GOAWAY support in QUIC. | ||
| ENVOY_CONN_LOG(error, "Shutdown notice is not propagated to QUIC.", quic_session_); | ||
| } | ||
| }; | ||
|
|
||
| } // namespace Quic | ||
| } // namespace Envoy | ||
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,59 @@ | ||
| #include "extensions/quic_listeners/quiche/envoy_quic_connection.h" | ||
|
|
||
| #include "common/network/listen_socket_impl.h" | ||
|
|
||
| #include "extensions/quic_listeners/quiche/envoy_quic_utils.h" | ||
| #include "extensions/quic_listeners/quiche/quic_io_handle_wrapper.h" | ||
| #include "extensions/transport_sockets/well_known_names.h" | ||
|
|
||
| namespace Envoy { | ||
| namespace Quic { | ||
|
|
||
| EnvoyQuicConnection::EnvoyQuicConnection( | ||
| const quic::QuicConnectionId& server_connection_id, | ||
| quic::QuicSocketAddress initial_peer_address, quic::QuicConnectionHelperInterface& helper, | ||
| quic::QuicAlarmFactory& alarm_factory, quic::QuicPacketWriter& writer, bool owns_writer, | ||
| quic::Perspective perspective, const quic::ParsedQuicVersionVector& supported_versions, | ||
| Network::ListenerConfig& listener_config, Server::ListenerStats& listener_stats) | ||
| : quic::QuicConnection(server_connection_id, initial_peer_address, &helper, &alarm_factory, | ||
| &writer, owns_writer, perspective, supported_versions), | ||
| listener_config_(listener_config), listener_stats_(listener_stats) {} | ||
|
|
||
| bool EnvoyQuicConnection::OnPacketHeader(const quic::QuicPacketHeader& header) { | ||
| if (quic::QuicConnection::OnPacketHeader(header) && connection_socket_ == nullptr) { | ||
| ASSERT(self_address().IsInitialized()); | ||
| // Self address should be initialized by now. It's time to install filters. | ||
|
There was a problem hiding this comment. unclear why it wasn't before? There was a problem hiding this comment. Because self_address is not initialized till this point. There was a problem hiding this comment. It should be possible to make self_address available to the connection earlier, as a parameter of QuicDispatcher::CreateQuicSession(), that way we don't need to do initialization work at here. Maybe add a TODO for that? There was a problem hiding this comment. Client connection is not possible. I would like to keep both side use same logic. There was a problem hiding this comment. To capture our offline discussion: Client connection in Enovy should also know how to initialize the filter chain even without knowing the self address. It'd be nice if we could initialize the filter chan in a more straightforward place, rather than after a packet is received. A TODO to do it later is totally fine. There was a problem hiding this comment. I added a TODO to investigate the possibility of this approach |
||
| Network::Address::InstanceConstSharedPtr local_addr = | ||
| quicAddressToEnvoyAddressInstance(self_address()); | ||
|
|
||
| Network::Address::InstanceConstSharedPtr remote_addr = | ||
| quicAddressToEnvoyAddressInstance(peer_address()); | ||
| connection_socket_ = std::make_unique<Network::ConnectionSocketImpl>( | ||
| // Wraps the real IoHandle instance so that if this socket gets closed, | ||
| // the real IoHandle won't be affected. | ||
| std::make_unique<QuicIoHandleWrapper>(listener_config_.socket().ioHandle()), | ||
| std::move(local_addr), std::move(remote_addr)); | ||
| connection_socket_->setDetectedTransportProtocol( | ||
| Extensions::TransportSockets::TransportSocketNames::get().Quic); | ||
|
|
||
| filter_chain_ = listener_config_.filterChainManager().findFilterChain(*connection_socket_); | ||
| if (filter_chain_ == nullptr) { | ||
| listener_stats_.no_filter_chain_match_.inc(); | ||
| CloseConnection(quic::QUIC_CRYPTO_INTERNAL_ERROR, | ||
| "closing connection: no matching filter chain found for handshake", | ||
| quic::ConnectionCloseBehavior::SEND_CONNECTION_CLOSE_PACKET); | ||
| return false; | ||
| } | ||
| const bool empty_filter_chain = !listener_config_.filterChainFactory().createNetworkFilterChain( | ||
|
There was a problem hiding this comment. are we validating somewhere that the only valid config is HCM, etc? There was a problem hiding this comment. Not right now, but I think it's easier to validate the config during filter factory creation in addListener() There was a problem hiding this comment. nit: no need to have empty_filter_chain. There was a problem hiding this comment. The meaning of the return value is not intuitive from the function name, so I added a temporary variable for readability. |
||
| *envoy_connection_, filter_chain_->networkFilterFactories()); | ||
| if (empty_filter_chain) { | ||
| CloseConnection(quic::QUIC_CRYPTO_INTERNAL_ERROR, "closing connection: filter chain is empty", | ||
|
There was a problem hiding this comment. this is an example of something we might want to unit test? There was a problem hiding this comment. added in envoy_quic_dispatcher_test.cc |
||
| quic::ConnectionCloseBehavior::SEND_CONNECTION_CLOSE_PACKET); | ||
| return false; | ||
| } | ||
| } | ||
| return true; | ||
| } | ||
|
|
||
| } // namespace Quic | ||
| } // namespace Envoy | ||
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,71 @@ | ||
| #pragma once | ||
|
|
||
| #pragma GCC diagnostic push | ||
| // QUICHE allows unused parameters. | ||
| #pragma GCC diagnostic ignored "-Wunused-parameter" | ||
| // QUICHE uses offsetof(). | ||
| #pragma GCC diagnostic ignored "-Winvalid-offsetof" | ||
|
|
||
| #include "quiche/quic/core/quic_connection.h" | ||
|
|
||
| #pragma GCC diagnostic pop | ||
|
|
||
| #include <memory> | ||
|
|
||
| #include "common/common/logger.h" | ||
| #include "envoy/network/connection.h" | ||
| #include "envoy/network/listener.h" | ||
| #include "server/connection_handler_impl.h" | ||
|
|
||
| namespace Envoy { | ||
| namespace Quic { | ||
|
|
||
| // Derived for network filter chain, stats and QoS. This is used on both client | ||
| // and server side. | ||
| class EnvoyQuicConnection : public quic::QuicConnection, | ||
|
There was a problem hiding this comment. Could this class work as a client connection? Could you add a comment for it? |
||
| protected Logger::Loggable<Logger::Id::connection> { | ||
| public: | ||
| EnvoyQuicConnection(const quic::QuicConnectionId& server_connection_id, | ||
| quic::QuicSocketAddress initial_peer_address, | ||
| quic::QuicConnectionHelperInterface& helper, | ||
| quic::QuicAlarmFactory& alarm_factory, quic::QuicPacketWriter& writer, | ||
| bool owns_writer, quic::Perspective perspective, | ||
| const quic::ParsedQuicVersionVector& supported_versions, | ||
| Network::ListenerConfig& listener_config, | ||
| Server::ListenerStats& listener_stats); | ||
|
|
||
| ~EnvoyQuicConnection() override = default; | ||
|
|
||
| // Called by EnvoyQuicSession::setConnectionStats(). | ||
| void setConnectionStats(const Network::Connection::ConnectionStats& stats) { | ||
| connection_stats_ = std::make_unique<Network::Connection::ConnectionStats>(stats); | ||
| } | ||
|
|
||
| // quic::QuicConnection | ||
| // Overridden to retrieve filter chain with initialized self address. | ||
| bool OnPacketHeader(const quic::QuicPacketHeader& header) override; | ||
|
|
||
| // Called in session Initialize(). | ||
| void setEnvoyConnection(Network::Connection& connection) { envoy_connection_ = &connection; } | ||
|
|
||
| const Network::ConnectionSocketPtr& connectionSocket() const { return connection_socket_; } | ||
|
|
||
| protected: | ||
| Network::Connection::ConnectionStats& connectionStats() const { return *connection_stats_; } | ||
|
|
||
| private: | ||
| // TODO(danzh): populate stats. | ||
| std::unique_ptr<Network::Connection::ConnectionStats> connection_stats_; | ||
| // Only initialized after self address is known. Must not own the underlying | ||
| // socket because UDP socket is shared among all connections. | ||
| Network::ConnectionSocketPtr connection_socket_; | ||
| Network::Connection* envoy_connection_{nullptr}; | ||
| Network::ListenerConfig& listener_config_; | ||
| Server::ListenerStats& listener_stats_; | ||
| // Latched to the corresponding quic FilterChain after connection_socket_ is | ||
| // initialized. | ||
| const Network::FilterChain* filter_chain_{nullptr}; | ||
| }; | ||
|
|
||
| } // namespace Quic | ||
| } // namespace Envoy | ||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If we can land this as a quic-only change I'll be way happier. If we opt to get rid of isQuic let's just split this out if it's the only other non-quic code in the PR
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Q: Why do we need this again? I remember this in a previous PR and we removed it. Shouldn't this never happen / be an assert somewhere?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good point! This was added because a test didn't mock out sys calls and previously there was an ASSERT in the
default:block. Now the test shouldn't crash since we down-graded the severity.