From ad9d240425c09c16c903feeb67d3ae89da9b91c8 Mon Sep 17 00:00:00 2001 From: Anna Henningsen Date: Tue, 1 Oct 2019 21:58:12 +0200 Subject: [PATCH 001/110] src: allow unique_ptrs with custom deleter in memory tracker PR-URL: https://github.com/nodejs/quic/pull/145 Reviewed-By: James M Snell --- src/memory_tracker-inl.h | 4 ++-- src/memory_tracker.h | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/memory_tracker-inl.h b/src/memory_tracker-inl.h index 938aba1a7a..8436a00bf5 100644 --- a/src/memory_tracker-inl.h +++ b/src/memory_tracker-inl.h @@ -99,9 +99,9 @@ void MemoryTracker::TrackField(const char* edge_name, } } -template +template void MemoryTracker::TrackField(const char* edge_name, - const std::unique_ptr& value, + const std::unique_ptr& value, const char* node_name) { if (value.get() == nullptr) { return; diff --git a/src/memory_tracker.h b/src/memory_tracker.h index 7e39da5ecf..cd9bdfaa56 100644 --- a/src/memory_tracker.h +++ b/src/memory_tracker.h @@ -136,9 +136,9 @@ class MemoryTracker { size_t size, const char* node_name = nullptr); // Shortcut to extract the underlying object out of the smart pointer - template + template inline void TrackField(const char* edge_name, - const std::unique_ptr& value, + const std::unique_ptr& value, const char* node_name = nullptr); template From fefa469495f06cda377902059eed13608d3ea8ce Mon Sep 17 00:00:00 2001 From: Anna Henningsen Date: Mon, 12 Mar 2018 15:02:28 +0100 Subject: [PATCH 002/110] src: enable `StreamPipe` for generic `StreamBase`s PR-URL: https://github.com/nodejs/quic/pull/150 Reviewed-By: James M Snell --- src/stream_pipe.cc | 56 +++++++++++++++++++++++++++++++++++----------- src/stream_pipe.h | 7 +++--- 2 files changed, 47 insertions(+), 16 deletions(-) diff --git a/src/stream_pipe.cc b/src/stream_pipe.cc index d405c4d5cb..5f7514b1b8 100644 --- a/src/stream_pipe.cc +++ b/src/stream_pipe.cc @@ -25,7 +25,7 @@ StreamPipe::StreamPipe(StreamBase* source, source->PushStreamListener(&readable_listener_); sink->PushStreamListener(&writable_listener_); - CHECK(sink->HasWantsWrite()); + uses_wants_write_ = sink->HasWantsWrite(); // Set up links between this object and the source/sink objects. // In particular, this makes sure that they are garbage collected as a group, @@ -66,7 +66,8 @@ void StreamPipe::Unpipe(bool is_in_deletion) { is_closed_ = true; is_reading_ = false; source()->RemoveStreamListener(&readable_listener_); - sink()->RemoveStreamListener(&writable_listener_); + if (pending_writes_ == 0) + sink()->RemoveStreamListener(&writable_listener_); if (is_in_deletion) return; @@ -126,13 +127,16 @@ void StreamPipe::ReadableListener::OnStreamRead(ssize_t nread, // EOF or error; stop reading and pass the error to the previous listener // (which might end up in JS). pipe->is_eof_ = true; + // Cache `sink()` here because the previous listener might do things + // that eventually lead to an `Unpipe()` call. + StreamBase* sink = pipe->sink(); stream()->ReadStop(); CHECK_NOT_NULL(previous_listener_); previous_listener_->OnStreamRead(nread, uv_buf_init(nullptr, 0)); // If we’re not writing, close now. Otherwise, we’ll do that in // `OnStreamAfterWrite()`. - if (!pipe->is_writing_) { - pipe->ShutdownWritable(); + if (pipe->pending_writes_ == 0) { + sink->Shutdown(); pipe->Unpipe(); } return; @@ -142,12 +146,13 @@ void StreamPipe::ReadableListener::OnStreamRead(ssize_t nread, } void StreamPipe::ProcessData(size_t nread, AllocatedBuffer&& buf) { + CHECK(uses_wants_write_ || pending_writes_ == 0); uv_buf_t buffer = uv_buf_init(buf.data(), nread); StreamWriteResult res = sink()->Write(&buffer, 1); + pending_writes_++; if (!res.async) { writable_listener_.OnStreamAfterWrite(nullptr, res.err); } else { - is_writing_ = true; is_reading_ = false; res.wrap->SetAllocatedStorage(std::move(buf)); if (source() != nullptr) @@ -155,19 +160,26 @@ void StreamPipe::ProcessData(size_t nread, AllocatedBuffer&& buf) { } } -void StreamPipe::ShutdownWritable() { - sink()->Shutdown(); -} - void StreamPipe::WritableListener::OnStreamAfterWrite(WriteWrap* w, int status) { StreamPipe* pipe = ContainerOf(&StreamPipe::writable_listener_, this); - pipe->is_writing_ = false; + pipe->pending_writes_--; + if (pipe->is_closed_) { + if (pipe->pending_writes_ == 0) { + Environment* env = pipe->env(); + HandleScope handle_scope(env->isolate()); + Context::Scope context_scope(env->context()); + pipe->MakeCallback(env->oncomplete_string(), 0, nullptr).ToLocalChecked(); + stream()->RemoveStreamListener(this); + } + return; + } + if (pipe->is_eof_) { HandleScope handle_scope(pipe->env()->isolate()); InternalCallbackScope callback_scope(pipe, InternalCallbackScope::kSkipTaskQueues); - pipe->ShutdownWritable(); + pipe->sink()->Shutdown(); pipe->Unpipe(); return; } @@ -179,6 +191,10 @@ void StreamPipe::WritableListener::OnStreamAfterWrite(WriteWrap* w, prev->OnStreamAfterWrite(w, status); return; } + + if (!pipe->uses_wants_write_) { + OnStreamWantsWrite(65536); + } } void StreamPipe::WritableListener::OnStreamAfterShutdown(ShutdownWrap* w, @@ -202,6 +218,7 @@ void StreamPipe::WritableListener::OnStreamDestroy() { StreamPipe* pipe = ContainerOf(&StreamPipe::writable_listener_, this); pipe->sink_destroyed_ = true; pipe->is_eof_ = true; + pipe->pending_writes_ = 0; pipe->Unpipe(); } @@ -242,8 +259,7 @@ void StreamPipe::Start(const FunctionCallbackInfo& args) { StreamPipe* pipe; ASSIGN_OR_RETURN_UNWRAP(&pipe, args.Holder()); pipe->is_closed_ = false; - if (pipe->wanted_data_ > 0) - pipe->writable_listener_.OnStreamWantsWrite(pipe->wanted_data_); + pipe->writable_listener_.OnStreamWantsWrite(65536); } void StreamPipe::Unpipe(const FunctionCallbackInfo& args) { @@ -252,6 +268,18 @@ void StreamPipe::Unpipe(const FunctionCallbackInfo& args) { pipe->Unpipe(); } +void StreamPipe::IsClosed(const FunctionCallbackInfo& args) { + StreamPipe* pipe; + ASSIGN_OR_RETURN_UNWRAP(&pipe, args.Holder()); + args.GetReturnValue().Set(pipe->is_closed_); +} + +void StreamPipe::PendingWrites(const FunctionCallbackInfo& args) { + StreamPipe* pipe; + ASSIGN_OR_RETURN_UNWRAP(&pipe, args.Holder()); + args.GetReturnValue().Set(pipe->pending_writes_); +} + namespace { void InitializeStreamPipe(Local target, @@ -266,6 +294,8 @@ void InitializeStreamPipe(Local target, FIXED_ONE_BYTE_STRING(env->isolate(), "StreamPipe"); env->SetProtoMethod(pipe, "unpipe", StreamPipe::Unpipe); env->SetProtoMethod(pipe, "start", StreamPipe::Start); + env->SetProtoMethod(pipe, "isClosed", StreamPipe::IsClosed); + env->SetProtoMethod(pipe, "pendingWrites", StreamPipe::PendingWrites); pipe->Inherit(AsyncWrap::GetConstructorTemplate(env)); pipe->SetClassName(stream_pipe_string); pipe->InstanceTemplate()->SetInternalFieldCount(1); diff --git a/src/stream_pipe.h b/src/stream_pipe.h index 0e15500610..e22abab011 100644 --- a/src/stream_pipe.h +++ b/src/stream_pipe.h @@ -17,6 +17,8 @@ class StreamPipe : public AsyncWrap { static void New(const v8::FunctionCallbackInfo& args); static void Start(const v8::FunctionCallbackInfo& args); static void Unpipe(const v8::FunctionCallbackInfo& args); + static void IsClosed(const v8::FunctionCallbackInfo& args); + static void PendingWrites(const v8::FunctionCallbackInfo& args); SET_NO_MEMORY_INFO() SET_MEMORY_INFO_NAME(StreamPipe) @@ -26,14 +28,13 @@ class StreamPipe : public AsyncWrap { inline StreamBase* source(); inline StreamBase* sink(); - inline void ShutdownWritable(); - + int pending_writes_ = 0; bool is_reading_ = false; - bool is_writing_ = false; bool is_eof_ = false; bool is_closed_ = true; bool sink_destroyed_ = false; bool source_destroyed_ = false; + bool uses_wants_write_ = false; // Set a default value so that when we’re coming from Start(), we know // that we don’t want to read just yet. From de9a7417174f91dc0c24a80a115679e6c7ef0a65 Mon Sep 17 00:00:00 2001 From: Anna Henningsen Date: Wed, 9 Oct 2019 18:56:21 +0200 Subject: [PATCH 003/110] dgram: make UDPWrap more reusable Allow using the handle more directly for I/O in other parts of the codebase. PR-URL: https://github.com/nodejs/quic/pull/165 Reviewed-By: James M Snell Reviewed-By: Daniel Bevenius --- lib/dgram.js | 4 +- src/udp_wrap.cc | 196 +++++++++++++++++++++++++++++++++++------------- src/udp_wrap.h | 111 +++++++++++++++++++++++++-- 3 files changed, 254 insertions(+), 57 deletions(-) diff --git a/lib/dgram.js b/lib/dgram.js index 5f7e8f032c..a223cd23a1 100644 --- a/lib/dgram.js +++ b/lib/dgram.js @@ -232,7 +232,9 @@ Socket.prototype.bind = function(port_, address_ /* , callback */) { this.on('listening', onListening); } - if (port instanceof UDP) { + if (port !== null && + typeof port === 'object' && + typeof port.recvStart === 'function') { replaceHandle(this, port); startListening(this); return this; diff --git a/src/udp_wrap.cc b/src/udp_wrap.cc index 4a66ce0a1f..857983b9c3 100644 --- a/src/udp_wrap.cc +++ b/src/udp_wrap.cc @@ -69,18 +69,57 @@ SendWrap::SendWrap(Environment* env, } -inline bool SendWrap::have_callback() const { +bool SendWrap::have_callback() const { return have_callback_; } +UDPListener::~UDPListener() { + if (wrap_ != nullptr) + wrap_->set_listener(nullptr); +} + +UDPWrapBase::~UDPWrapBase() { + set_listener(nullptr); +} + +UDPListener* UDPWrapBase::listener() const { + CHECK_NOT_NULL(listener_); + return listener_; +} + +void UDPWrapBase::set_listener(UDPListener* listener) { + if (listener_ != nullptr) + listener_->wrap_ = nullptr; + listener_ = listener; + if (listener_ != nullptr) { + CHECK_NULL(listener_->wrap_); + listener_->wrap_ = this; + } +} + +UDPWrapBase* UDPWrapBase::FromObject(Local obj) { + CHECK_GT(obj->InternalFieldCount(), kUDPWrapBaseField); + return static_cast( + obj->GetAlignedPointerFromInternalField(kUDPWrapBaseField)); +} + +void UDPWrapBase::AddMethods(Environment* env, Local t) { + env->SetProtoMethod(t, "recvStart", RecvStart); + env->SetProtoMethod(t, "recvStop", RecvStop); +} UDPWrap::UDPWrap(Environment* env, Local object) : HandleWrap(env, object, reinterpret_cast(&handle_), AsyncWrap::PROVIDER_UDPWRAP) { + object->SetAlignedPointerInInternalField( + kUDPWrapBaseField, static_cast(this)); + int r = uv_udp_init(env->event_loop(), &handle_); CHECK_EQ(r, 0); // can't fail anyway + + set_listener(this); } @@ -91,7 +130,7 @@ void UDPWrap::Initialize(Local target, Environment* env = Environment::GetCurrent(context); Local t = env->NewFunctionTemplate(New); - t->InstanceTemplate()->SetInternalFieldCount(1); + t->InstanceTemplate()->SetInternalFieldCount(kUDPWrapBaseField + 1); Local udpString = FIXED_ONE_BYTE_STRING(env->isolate(), "UDP"); t->SetClassName(udpString); @@ -112,6 +151,7 @@ void UDPWrap::Initialize(Local target, Local(), attributes); + UDPWrapBase::AddMethods(env, t); env->SetProtoMethod(t, "open", Open); env->SetProtoMethod(t, "bind", Bind); env->SetProtoMethod(t, "connect", Connect); @@ -120,8 +160,6 @@ void UDPWrap::Initialize(Local target, env->SetProtoMethod(t, "connect6", Connect6); env->SetProtoMethod(t, "send6", Send6); env->SetProtoMethod(t, "disconnect", Disconnect); - env->SetProtoMethod(t, "recvStart", RecvStart); - env->SetProtoMethod(t, "recvStop", RecvStop); env->SetProtoMethod(t, "getpeername", GetSockOrPeerName); env->SetProtoMethod(t, "getsockname", @@ -220,6 +258,9 @@ void UDPWrap::DoBind(const FunctionCallbackInfo& args, int family) { flags); } + if (err == 0) + wrap->listener()->OnAfterBind(); + args.GetReturnValue().Set(err); } @@ -464,14 +505,14 @@ void UDPWrap::DoSend(const FunctionCallbackInfo& args, int family) { CHECK(args[3]->IsBoolean()); } - Local req_wrap_obj = args[0].As(); Local chunks = args[1].As(); // it is faster to fetch the length of the // array in js-land size_t count = args[2].As()->Value(); - const bool have_callback = sendto ? args[5]->IsTrue() : args[3]->IsTrue(); - size_t msg_size = 0; + wrap->current_send_req_wrap_ = args[0].As(); + wrap->current_send_has_callback_ = + sendto ? args[5]->IsTrue() : args[3]->IsTrue(); MaybeStackBuffer bufs(count); @@ -482,7 +523,6 @@ void UDPWrap::DoSend(const FunctionCallbackInfo& args, int family) { size_t length = Buffer::Length(chunk); bufs[i] = uv_buf_init(Buffer::Data(chunk), length); - msg_size += length; } int err = 0; @@ -497,9 +537,25 @@ void UDPWrap::DoSend(const FunctionCallbackInfo& args, int family) { } } - uv_buf_t* bufs_ptr = *bufs; - if (err == 0 && !UNLIKELY(env->options()->test_udp_no_try_send)) { - err = uv_udp_try_send(&wrap->handle_, bufs_ptr, count, addr); + if (err == 0) { + err = wrap->Send(*bufs, count, addr); + } + + args.GetReturnValue().Set(err); +} + +ssize_t UDPWrap::Send(uv_buf_t* bufs_ptr, + size_t count, + const sockaddr* addr) { + if (IsHandleClosing()) return UV_EBADF; + + size_t msg_size = 0; + for (size_t i = 0; i < count; i++) + msg_size += bufs_ptr[i].len; + + int err = 0; + if (!UNLIKELY(env()->options()->test_udp_no_try_send)) { + err = uv_udp_try_send(&handle_, bufs_ptr, count, addr); if (err == UV_ENOSYS || err == UV_EAGAIN) { err = 0; } else if (err >= 0) { @@ -517,28 +573,41 @@ void UDPWrap::DoSend(const FunctionCallbackInfo& args, int family) { CHECK_EQ(static_cast(err), msg_size); // + 1 so that the JS side can distinguish 0-length async sends from // 0-length sync sends. - args.GetReturnValue().Set(static_cast(msg_size) + 1); - return; + return msg_size + 1; } } } if (err == 0) { - AsyncHooks::DefaultTriggerAsyncIdScope trigger_scope(wrap); - SendWrap* req_wrap = new SendWrap(env, req_wrap_obj, have_callback); - req_wrap->msg_size = msg_size; - - err = req_wrap->Dispatch(uv_udp_send, - &wrap->handle_, - bufs_ptr, - count, - addr, - OnSend); + AsyncHooks::DefaultTriggerAsyncIdScope trigger_scope(this); + ReqWrap* req_wrap = listener()->CreateSendWrap(msg_size); + if (req_wrap == nullptr) return UV_ENOSYS; + + err = req_wrap->Dispatch( + uv_udp_send, + &handle_, + bufs_ptr, + count, + addr, + uv_udp_send_cb{[](uv_udp_send_t* req, int status) { + UDPWrap* self = ContainerOf(&UDPWrap::handle_, req->handle); + self->listener()->OnSendDone( + ReqWrap::from_req(req), status); + }}); if (err) delete req_wrap; } - args.GetReturnValue().Set(err); + return err; +} + + +ReqWrap* UDPWrap::CreateSendWrap(size_t msg_size) { + SendWrap* req_wrap = new SendWrap(env(), + current_send_req_wrap_, + current_send_has_callback_); + req_wrap->msg_size = msg_size; + return req_wrap; } @@ -552,31 +621,46 @@ void UDPWrap::Send6(const FunctionCallbackInfo& args) { } -void UDPWrap::RecvStart(const FunctionCallbackInfo& args) { - UDPWrap* wrap; - ASSIGN_OR_RETURN_UNWRAP(&wrap, - args.Holder(), - args.GetReturnValue().Set(UV_EBADF)); - int err = uv_udp_recv_start(&wrap->handle_, OnAlloc, OnRecv); +AsyncWrap* UDPWrap::GetAsyncWrap() { + return this; +} + +int UDPWrap::GetPeerName(sockaddr* name, int* namelen) { + return uv_udp_getpeername(&handle_, name, namelen); +} + +int UDPWrap::GetSockName(sockaddr* name, int* namelen) { + return uv_udp_getsockname(&handle_, name, namelen); +} + +void UDPWrapBase::RecvStart(const FunctionCallbackInfo& args) { + UDPWrapBase* wrap = UDPWrapBase::FromObject(args.Holder()); + args.GetReturnValue().Set(wrap == nullptr ? UV_EBADF : wrap->RecvStart()); +} + +int UDPWrap::RecvStart() { + if (IsHandleClosing()) return UV_EBADF; + int err = uv_udp_recv_start(&handle_, OnAlloc, OnRecv); // UV_EALREADY means that the socket is already bound but that's okay if (err == UV_EALREADY) err = 0; - args.GetReturnValue().Set(err); + return err; } -void UDPWrap::RecvStop(const FunctionCallbackInfo& args) { - UDPWrap* wrap; - ASSIGN_OR_RETURN_UNWRAP(&wrap, - args.Holder(), - args.GetReturnValue().Set(UV_EBADF)); - int r = uv_udp_recv_stop(&wrap->handle_); - args.GetReturnValue().Set(r); +void UDPWrapBase::RecvStop(const FunctionCallbackInfo& args) { + UDPWrapBase* wrap = UDPWrapBase::FromObject(args.Holder()); + args.GetReturnValue().Set(wrap == nullptr ? UV_EBADF : wrap->RecvStop()); +} + +int UDPWrap::RecvStop() { + if (IsHandleClosing()) return UV_EBADF; + return uv_udp_recv_stop(&handle_); } -void UDPWrap::OnSend(uv_udp_send_t* req, int status) { - std::unique_ptr req_wrap{static_cast(req->data)}; +void UDPWrap::OnSendDone(ReqWrap* req, int status) { + std::unique_ptr req_wrap{static_cast(req)}; if (req_wrap->have_callback()) { Environment* env = req_wrap->env(); HandleScope handle_scope(env->isolate()); @@ -593,19 +677,30 @@ void UDPWrap::OnSend(uv_udp_send_t* req, int status) { void UDPWrap::OnAlloc(uv_handle_t* handle, size_t suggested_size, uv_buf_t* buf) { - UDPWrap* wrap = static_cast(handle->data); - *buf = wrap->env()->AllocateManaged(suggested_size).release(); + UDPWrap* wrap = ContainerOf(&UDPWrap::handle_, + reinterpret_cast(handle)); + *buf = wrap->listener()->OnAlloc(suggested_size); +} + +uv_buf_t UDPWrap::OnAlloc(size_t suggested_size) { + return env()->AllocateManaged(suggested_size).release(); } void UDPWrap::OnRecv(uv_udp_t* handle, ssize_t nread, - const uv_buf_t* buf_, - const struct sockaddr* addr, + const uv_buf_t* buf, + const sockaddr* addr, unsigned int flags) { - UDPWrap* wrap = static_cast(handle->data); - Environment* env = wrap->env(); + UDPWrap* wrap = ContainerOf(&UDPWrap::handle_, handle); + wrap->listener()->OnRecv(nread, *buf, addr, flags); +} - AllocatedBuffer buf(env, *buf_); +void UDPWrap::OnRecv(ssize_t nread, + const uv_buf_t& buf_, + const sockaddr* addr, + unsigned int flags) { + Environment* env = this->env(); + AllocatedBuffer buf(env, buf_); if (nread == 0 && addr == nullptr) { return; } @@ -613,23 +708,22 @@ void UDPWrap::OnRecv(uv_udp_t* handle, HandleScope handle_scope(env->isolate()); Context::Scope context_scope(env->context()); - Local wrap_obj = wrap->object(); Local argv[] = { Integer::New(env->isolate(), nread), - wrap_obj, + object(), Undefined(env->isolate()), Undefined(env->isolate()) }; if (nread < 0) { - wrap->MakeCallback(env->onmessage_string(), arraysize(argv), argv); + MakeCallback(env->onmessage_string(), arraysize(argv), argv); return; } buf.Resize(nread); argv[2] = buf.ToBuffer().ToLocalChecked(); argv[3] = AddressToJS(env, addr); - wrap->MakeCallback(env->onmessage_string(), arraysize(argv), argv); + MakeCallback(env->onmessage_string(), arraysize(argv), argv); } MaybeLocal UDPWrap::Instantiate(Environment* env, diff --git a/src/udp_wrap.h b/src/udp_wrap.h index 2026dd1dee..2cfd6bfa36 100644 --- a/src/udp_wrap.h +++ b/src/udp_wrap.h @@ -30,9 +30,91 @@ namespace node { -class Environment; +class UDPWrapBase; -class UDPWrap: public HandleWrap { +// A listener that can be attached to an `UDPWrapBase` object and generally +// manages its I/O activity. This is similar to `StreamListener`. +class UDPListener { + public: + virtual ~UDPListener(); + + // Called right before data is received from the socket. Must return a + // buffer suitable for reading data into, that is then passed to OnRecv. + virtual uv_buf_t OnAlloc(size_t suggested_size) = 0; + + // Called right after data is received from the socket, and includes + // information about the source address. If `nread` is negative, an error + // has occurred, and it represents a libuv error code. + virtual void OnRecv(ssize_t nread, + const uv_buf_t& buf, + const sockaddr* addr, + unsigned int flags) = 0; + + // Called when an asynchronous request for writing data is created. + // The `msg_size` value contains the total size of the data to be sent, + // but may be ignored by the implementation of this Method. + // The return value is later passed to OnSendDone. + virtual ReqWrap* CreateSendWrap(size_t msg_size) = 0; + + // Called when an asynchronous request for writing data has finished. + // If status is negative, an error has occurred, and it represents a libuv + // error code. + virtual void OnSendDone(ReqWrap* wrap, int status) = 0; + + // Optional callback that is called after the socket has been bound. + virtual void OnAfterBind() {} + + inline UDPWrapBase* udp() const { return wrap_; } + + protected: + UDPWrapBase* wrap_ = nullptr; + + friend class UDPWrapBase; +}; + +class UDPWrapBase { + public: + static constexpr int kUDPWrapBaseField = 1; + + virtual ~UDPWrapBase(); + + // Start emitting OnAlloc() + OnRecv() events on the listener. + virtual int RecvStart() = 0; + + // Stop emitting OnAlloc() + OnRecv() events on the listener. + virtual int RecvStop() = 0; + + // Send a chunk of data over this socket. This may call CreateSendWrap() + // on the listener if an async transmission is necessary. + virtual ssize_t Send(uv_buf_t* bufs, + size_t nbufs, + const sockaddr* addr) = 0; + + // Stores the sockaddr for the peer in `name`. + virtual int GetPeerName(sockaddr* name, int* namelen) = 0; + + // Stores the sockaddr for the local socket in `name`. + virtual int GetSockName(sockaddr* name, int* namelen) = 0; + + // Returns an AsyncWrap object with the same lifetime as this object. + virtual AsyncWrap* GetAsyncWrap() = 0; + + void set_listener(UDPListener* listener); + UDPListener* listener() const; + + static UDPWrapBase* FromObject(v8::Local obj); + + static void RecvStart(const v8::FunctionCallbackInfo& args); + static void RecvStop(const v8::FunctionCallbackInfo& args); + static void AddMethods(Environment* env, v8::Local t); + + private: + UDPListener* listener_ = nullptr; +}; + +class UDPWrap final : public HandleWrap, + public UDPWrapBase, + public UDPListener { public: enum SocketType { SOCKET @@ -51,8 +133,6 @@ class UDPWrap: public HandleWrap { static void Connect6(const v8::FunctionCallbackInfo& args); static void Send6(const v8::FunctionCallbackInfo& args); static void Disconnect(const v8::FunctionCallbackInfo& args); - static void RecvStart(const v8::FunctionCallbackInfo& args); - static void RecvStop(const v8::FunctionCallbackInfo& args); static void AddMembership(const v8::FunctionCallbackInfo& args); static void DropMembership(const v8::FunctionCallbackInfo& args); static void AddSourceSpecificMembership( @@ -68,6 +148,25 @@ class UDPWrap: public HandleWrap { static void SetTTL(const v8::FunctionCallbackInfo& args); static void BufferSize(const v8::FunctionCallbackInfo& args); + // UDPListener implementation + uv_buf_t OnAlloc(size_t suggested_size) override; + void OnRecv(ssize_t nread, + const uv_buf_t& buf, + const sockaddr* addr, + unsigned int flags) override; + ReqWrap* CreateSendWrap(size_t msg_size) override; + void OnSendDone(ReqWrap* wrap, int status) override; + + // UDPWrapBase implementation + int RecvStart() override; + int RecvStop() override; + ssize_t Send(uv_buf_t* bufs, + size_t nbufs, + const sockaddr* addr) override; + int GetPeerName(sockaddr* name, int* namelen) override; + int GetSockName(sockaddr* name, int* namelen) override; + AsyncWrap* GetAsyncWrap() override; + static v8::MaybeLocal Instantiate(Environment* env, AsyncWrap* parent, SocketType type); @@ -99,7 +198,6 @@ class UDPWrap: public HandleWrap { static void OnAlloc(uv_handle_t* handle, size_t suggested_size, uv_buf_t* buf); - static void OnSend(uv_udp_send_t* req, int status); static void OnRecv(uv_udp_t* handle, ssize_t nread, const uv_buf_t* buf, @@ -107,6 +205,9 @@ class UDPWrap: public HandleWrap { unsigned int flags); uv_udp_t handle_; + + bool current_send_has_callback_; + v8::Local current_send_req_wrap_; }; } // namespace node From 57883dd4a2e1646cedc5c391800ed644432e8948 Mon Sep 17 00:00:00 2001 From: Daniel Bevenius Date: Thu, 31 Jan 2019 13:27:17 +0100 Subject: [PATCH 004/110] quic: initial protocol implementation MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Anna Henningsen Co-authored-by: Daniel Bevenius Co-authored-by: gengjiawen Co-authored-by: James M Snell Co-authored-by: Lucas Pardue Co-authored-by: Ouyang Yadong Co-authored-by: Juan José Arboleda Co-authored-by: Trivikram Kamat --- LICENSE | 26 + configure.py | 33 + deps/nghttp3/COPYING | 22 + deps/nghttp3/lib/includes/config.h | 39 + deps/nghttp3/lib/includes/nghttp3/nghttp3.h | 1747 ++++ deps/nghttp3/lib/includes/nghttp3/version.h | 46 + deps/nghttp3/lib/nghttp3_buf.c | 90 + deps/nghttp3/lib/nghttp3_buf.h | 74 + deps/nghttp3/lib/nghttp3_conn.c | 3572 +++++++ deps/nghttp3/lib/nghttp3_conn.h | 259 + deps/nghttp3/lib/nghttp3_conv.c | 130 + deps/nghttp3/lib/nghttp3_conv.h | 117 + deps/nghttp3/lib/nghttp3_debug.c | 61 + deps/nghttp3/lib/nghttp3_debug.h | 44 + deps/nghttp3/lib/nghttp3_err.c | 660 ++ deps/nghttp3/lib/nghttp3_err.h | 36 + deps/nghttp3/lib/nghttp3_frame.c | 243 + deps/nghttp3/lib/nghttp3_frame.h | 176 + deps/nghttp3/lib/nghttp3_gaptr.c | 131 + deps/nghttp3/lib/nghttp3_gaptr.h | 98 + deps/nghttp3/lib/nghttp3_http.c | 707 ++ deps/nghttp3/lib/nghttp3_http.h | 146 + deps/nghttp3/lib/nghttp3_idtr.c | 88 + deps/nghttp3/lib/nghttp3_idtr.h | 99 + deps/nghttp3/lib/nghttp3_ksl.c | 756 ++ deps/nghttp3/lib/nghttp3_ksl.h | 336 + deps/nghttp3/lib/nghttp3_macro.h | 47 + deps/nghttp3/lib/nghttp3_map.c | 213 + deps/nghttp3/lib/nghttp3_map.h | 147 + deps/nghttp3/lib/nghttp3_mem.c | 77 + deps/nghttp3/lib/nghttp3_mem.h | 45 + deps/nghttp3/lib/nghttp3_pq.c | 168 + deps/nghttp3/lib/nghttp3_pq.h | 129 + deps/nghttp3/lib/nghttp3_qpack.c | 3995 ++++++++ deps/nghttp3/lib/nghttp3_qpack.h | 957 ++ deps/nghttp3/lib/nghttp3_qpack_huffman.c | 174 + deps/nghttp3/lib/nghttp3_qpack_huffman.h | 106 + deps/nghttp3/lib/nghttp3_qpack_huffman_data.c | 4962 ++++++++++ deps/nghttp3/lib/nghttp3_range.c | 62 + deps/nghttp3/lib/nghttp3_range.h | 81 + deps/nghttp3/lib/nghttp3_rcbuf.c | 102 + deps/nghttp3/lib/nghttp3_rcbuf.h | 82 + deps/nghttp3/lib/nghttp3_ringbuf.c | 134 + deps/nghttp3/lib/nghttp3_ringbuf.h | 113 + deps/nghttp3/lib/nghttp3_str.c | 110 + deps/nghttp3/lib/nghttp3_str.h | 40 + deps/nghttp3/lib/nghttp3_stream.c | 1307 +++ deps/nghttp3/lib/nghttp3_stream.h | 437 + deps/nghttp3/lib/nghttp3_tnode.c | 334 + deps/nghttp3/lib/nghttp3_tnode.h | 156 + deps/nghttp3/lib/nghttp3_vec.c | 64 + deps/nghttp3/lib/nghttp3_vec.h | 35 + deps/nghttp3/nghttp3.gyp | 61 + deps/ngtcp2/COPYING | 22 + deps/ngtcp2/lib/includes/config.h | 39 + deps/ngtcp2/lib/includes/ngtcp2/ngtcp2.h | 2532 +++++ deps/ngtcp2/lib/includes/ngtcp2/version.h | 45 + deps/ngtcp2/lib/includes/ngtcp2/version.h.in | 45 + deps/ngtcp2/lib/ngtcp2_acktr.c | 332 + deps/ngtcp2/lib/ngtcp2_acktr.h | 218 + deps/ngtcp2/lib/ngtcp2_addr.c | 57 + deps/ngtcp2/lib/ngtcp2_addr.h | 60 + deps/ngtcp2/lib/ngtcp2_buf.c | 42 + deps/ngtcp2/lib/ngtcp2_buf.h | 73 + deps/ngtcp2/lib/ngtcp2_cc.c | 107 + deps/ngtcp2/lib/ngtcp2_cc.h | 87 + deps/ngtcp2/lib/ngtcp2_cid.c | 110 + deps/ngtcp2/lib/ngtcp2_cid.h | 135 + deps/ngtcp2/lib/ngtcp2_conn.c | 8628 +++++++++++++++++ deps/ngtcp2/lib/ngtcp2_conn.h | 691 ++ deps/ngtcp2/lib/ngtcp2_conv.c | 252 + deps/ngtcp2/lib/ngtcp2_conv.h | 197 + deps/ngtcp2/lib/ngtcp2_crypto.c | 573 ++ deps/ngtcp2/lib/ngtcp2_crypto.h | 87 + deps/ngtcp2/lib/ngtcp2_err.c | 133 + deps/ngtcp2/lib/ngtcp2_err.h | 34 + deps/ngtcp2/lib/ngtcp2_gaptr.c | 129 + deps/ngtcp2/lib/ngtcp2_gaptr.h | 97 + deps/ngtcp2/lib/ngtcp2_idtr.c | 86 + deps/ngtcp2/lib/ngtcp2_idtr.h | 96 + deps/ngtcp2/lib/ngtcp2_ksl.c | 754 ++ deps/ngtcp2/lib/ngtcp2_ksl.h | 334 + deps/ngtcp2/lib/ngtcp2_log.c | 707 ++ deps/ngtcp2/lib/ngtcp2_log.h | 99 + deps/ngtcp2/lib/ngtcp2_macro.h | 62 + deps/ngtcp2/lib/ngtcp2_map.c | 211 + deps/ngtcp2/lib/ngtcp2_map.h | 145 + deps/ngtcp2/lib/ngtcp2_mem.c | 75 + deps/ngtcp2/lib/ngtcp2_mem.h | 43 + deps/ngtcp2/lib/ngtcp2_net.h | 91 + deps/ngtcp2/lib/ngtcp2_path.c | 68 + deps/ngtcp2/lib/ngtcp2_path.h | 63 + deps/ngtcp2/lib/ngtcp2_pkt.c | 2144 ++++ deps/ngtcp2/lib/ngtcp2_pkt.h | 1039 ++ deps/ngtcp2/lib/ngtcp2_ppe.c | 213 + deps/ngtcp2/lib/ngtcp2_ppe.h | 135 + deps/ngtcp2/lib/ngtcp2_pq.c | 164 + deps/ngtcp2/lib/ngtcp2_pq.h | 126 + deps/ngtcp2/lib/ngtcp2_psl.c | 621 ++ deps/ngtcp2/lib/ngtcp2_psl.h | 231 + deps/ngtcp2/lib/ngtcp2_pv.c | 155 + deps/ngtcp2/lib/ngtcp2_pv.h | 170 + deps/ngtcp2/lib/ngtcp2_range.c | 61 + deps/ngtcp2/lib/ngtcp2_range.h | 80 + deps/ngtcp2/lib/ngtcp2_ringbuf.c | 107 + deps/ngtcp2/lib/ngtcp2_ringbuf.h | 110 + deps/ngtcp2/lib/ngtcp2_rob.c | 338 + deps/ngtcp2/lib/ngtcp2_rob.h | 198 + deps/ngtcp2/lib/ngtcp2_rtb.c | 650 ++ deps/ngtcp2/lib/ngtcp2_rtb.h | 306 + deps/ngtcp2/lib/ngtcp2_str.c | 98 + deps/ngtcp2/lib/ngtcp2_str.h | 79 + deps/ngtcp2/lib/ngtcp2_strm.c | 326 + deps/ngtcp2/lib/ngtcp2_strm.h | 219 + deps/ngtcp2/lib/ngtcp2_vec.c | 221 + deps/ngtcp2/lib/ngtcp2_vec.h | 96 + deps/ngtcp2/lib/ngtcp2_version.c | 39 + deps/ngtcp2/ngtcp2.gyp | 66 + doc/api/errors.md | 70 + doc/api/index.md | 1 + doc/api/quic.md | 1126 +++ lib/internal/errors.js | 47 + lib/internal/histogram.js | 70 + lib/internal/modules/cjs/helpers.js | 6 +- lib/internal/quic/core.js | 2443 +++++ lib/internal/quic/util.js | 400 + lib/internal/stream_base_commons.js | 24 +- lib/quic.js | 12 + node.gyp | 41 +- node.gypi | 6 + src/aliased_buffer.h | 25 + src/async_wrap.h | 4 + src/debug_utils.h | 16 + src/env-inl.h | 15 + src/env.h | 62 +- src/handle_wrap.cc | 4 + src/handle_wrap.h | 5 +- src/histogram-inl.h | 78 +- src/histogram.cc | 111 + src/histogram.h | 53 +- src/node_binding.cc | 7 + src/node_crypto.cc | 128 +- src/node_crypto.h | 44 + src/node_metadata.cc | 8 + src/node_metadata.h | 7 + src/node_native_module.cc | 5 + src/node_quic.cc | 285 + src/node_quic_buffer.h | 441 + src/node_quic_crypto.cc | 1808 ++++ src/node_quic_crypto.h | 374 + src/node_quic_session-inl.h | 79 + src/node_quic_session.cc | 3716 +++++++ src/node_quic_session.h | 1237 +++ src/node_quic_socket.cc | 1312 +++ src/node_quic_socket.h | 430 + src/node_quic_state.h | 54 + src/node_quic_stream.cc | 465 + src/node_quic_stream.h | 410 + src/node_quic_util.cc | 30 + src/node_quic_util.h | 443 + src/string_bytes.cc | 13 +- src/string_bytes.h | 9 + src/util.h | 10 + test/cctest/test_quic_buffer.cc | 352 + .../test_quic_verifyhostnameidentity.cc | 347 + test/common/index.js | 2 + test/parallel/test-module-cjs-helpers.js | 2 +- test/parallel/test-process-versions.js | 16 +- test/parallel/test-quic-binding.js | 17 + test/parallel/test-quic-client-server.js | 364 + test/parallel/test-quic-createsocket-err.js | 111 + test/parallel/test-quic-packetloss.js | 101 + test/parallel/test-quic-process-cleanup.js | 73 + test/parallel/test-quic-quicsocket.js | 148 + test/parallel/test-quic-serverbusy.js | 74 + test/parallel/test-quic-session-destroy.js | 73 + .../test-quic-simple-client-migrate.js | 118 + test/parallel/test-quic-socket-close.js | 30 + test/parallel/test-quic-stream-close-early.js | 141 + test/parallel/test-quic-stream-destroy.js | 91 + test/parallel/test-quic-stream-identifiers.js | 155 + test/sequential/test-async-wrap-getasyncid.js | 5 + tools/doc/type-parser.js | 3 + vcbuild.bat | 5 +- 184 files changed, 67486 insertions(+), 101 deletions(-) create mode 100644 deps/nghttp3/COPYING create mode 100644 deps/nghttp3/lib/includes/config.h create mode 100644 deps/nghttp3/lib/includes/nghttp3/nghttp3.h create mode 100644 deps/nghttp3/lib/includes/nghttp3/version.h create mode 100644 deps/nghttp3/lib/nghttp3_buf.c create mode 100644 deps/nghttp3/lib/nghttp3_buf.h create mode 100644 deps/nghttp3/lib/nghttp3_conn.c create mode 100644 deps/nghttp3/lib/nghttp3_conn.h create mode 100644 deps/nghttp3/lib/nghttp3_conv.c create mode 100644 deps/nghttp3/lib/nghttp3_conv.h create mode 100644 deps/nghttp3/lib/nghttp3_debug.c create mode 100644 deps/nghttp3/lib/nghttp3_debug.h create mode 100644 deps/nghttp3/lib/nghttp3_err.c create mode 100644 deps/nghttp3/lib/nghttp3_err.h create mode 100644 deps/nghttp3/lib/nghttp3_frame.c create mode 100644 deps/nghttp3/lib/nghttp3_frame.h create mode 100644 deps/nghttp3/lib/nghttp3_gaptr.c create mode 100644 deps/nghttp3/lib/nghttp3_gaptr.h create mode 100644 deps/nghttp3/lib/nghttp3_http.c create mode 100644 deps/nghttp3/lib/nghttp3_http.h create mode 100644 deps/nghttp3/lib/nghttp3_idtr.c create mode 100644 deps/nghttp3/lib/nghttp3_idtr.h create mode 100644 deps/nghttp3/lib/nghttp3_ksl.c create mode 100644 deps/nghttp3/lib/nghttp3_ksl.h create mode 100644 deps/nghttp3/lib/nghttp3_macro.h create mode 100644 deps/nghttp3/lib/nghttp3_map.c create mode 100644 deps/nghttp3/lib/nghttp3_map.h create mode 100644 deps/nghttp3/lib/nghttp3_mem.c create mode 100644 deps/nghttp3/lib/nghttp3_mem.h create mode 100644 deps/nghttp3/lib/nghttp3_pq.c create mode 100644 deps/nghttp3/lib/nghttp3_pq.h create mode 100644 deps/nghttp3/lib/nghttp3_qpack.c create mode 100644 deps/nghttp3/lib/nghttp3_qpack.h create mode 100644 deps/nghttp3/lib/nghttp3_qpack_huffman.c create mode 100644 deps/nghttp3/lib/nghttp3_qpack_huffman.h create mode 100644 deps/nghttp3/lib/nghttp3_qpack_huffman_data.c create mode 100644 deps/nghttp3/lib/nghttp3_range.c create mode 100644 deps/nghttp3/lib/nghttp3_range.h create mode 100644 deps/nghttp3/lib/nghttp3_rcbuf.c create mode 100644 deps/nghttp3/lib/nghttp3_rcbuf.h create mode 100644 deps/nghttp3/lib/nghttp3_ringbuf.c create mode 100644 deps/nghttp3/lib/nghttp3_ringbuf.h create mode 100644 deps/nghttp3/lib/nghttp3_str.c create mode 100644 deps/nghttp3/lib/nghttp3_str.h create mode 100644 deps/nghttp3/lib/nghttp3_stream.c create mode 100644 deps/nghttp3/lib/nghttp3_stream.h create mode 100644 deps/nghttp3/lib/nghttp3_tnode.c create mode 100644 deps/nghttp3/lib/nghttp3_tnode.h create mode 100644 deps/nghttp3/lib/nghttp3_vec.c create mode 100644 deps/nghttp3/lib/nghttp3_vec.h create mode 100644 deps/nghttp3/nghttp3.gyp create mode 100644 deps/ngtcp2/COPYING create mode 100644 deps/ngtcp2/lib/includes/config.h create mode 100644 deps/ngtcp2/lib/includes/ngtcp2/ngtcp2.h create mode 100644 deps/ngtcp2/lib/includes/ngtcp2/version.h create mode 100644 deps/ngtcp2/lib/includes/ngtcp2/version.h.in create mode 100644 deps/ngtcp2/lib/ngtcp2_acktr.c create mode 100644 deps/ngtcp2/lib/ngtcp2_acktr.h create mode 100644 deps/ngtcp2/lib/ngtcp2_addr.c create mode 100644 deps/ngtcp2/lib/ngtcp2_addr.h create mode 100644 deps/ngtcp2/lib/ngtcp2_buf.c create mode 100644 deps/ngtcp2/lib/ngtcp2_buf.h create mode 100644 deps/ngtcp2/lib/ngtcp2_cc.c create mode 100644 deps/ngtcp2/lib/ngtcp2_cc.h create mode 100644 deps/ngtcp2/lib/ngtcp2_cid.c create mode 100644 deps/ngtcp2/lib/ngtcp2_cid.h create mode 100644 deps/ngtcp2/lib/ngtcp2_conn.c create mode 100644 deps/ngtcp2/lib/ngtcp2_conn.h create mode 100644 deps/ngtcp2/lib/ngtcp2_conv.c create mode 100644 deps/ngtcp2/lib/ngtcp2_conv.h create mode 100644 deps/ngtcp2/lib/ngtcp2_crypto.c create mode 100644 deps/ngtcp2/lib/ngtcp2_crypto.h create mode 100644 deps/ngtcp2/lib/ngtcp2_err.c create mode 100644 deps/ngtcp2/lib/ngtcp2_err.h create mode 100644 deps/ngtcp2/lib/ngtcp2_gaptr.c create mode 100644 deps/ngtcp2/lib/ngtcp2_gaptr.h create mode 100644 deps/ngtcp2/lib/ngtcp2_idtr.c create mode 100644 deps/ngtcp2/lib/ngtcp2_idtr.h create mode 100644 deps/ngtcp2/lib/ngtcp2_ksl.c create mode 100644 deps/ngtcp2/lib/ngtcp2_ksl.h create mode 100644 deps/ngtcp2/lib/ngtcp2_log.c create mode 100644 deps/ngtcp2/lib/ngtcp2_log.h create mode 100644 deps/ngtcp2/lib/ngtcp2_macro.h create mode 100644 deps/ngtcp2/lib/ngtcp2_map.c create mode 100644 deps/ngtcp2/lib/ngtcp2_map.h create mode 100644 deps/ngtcp2/lib/ngtcp2_mem.c create mode 100644 deps/ngtcp2/lib/ngtcp2_mem.h create mode 100644 deps/ngtcp2/lib/ngtcp2_net.h create mode 100644 deps/ngtcp2/lib/ngtcp2_path.c create mode 100644 deps/ngtcp2/lib/ngtcp2_path.h create mode 100644 deps/ngtcp2/lib/ngtcp2_pkt.c create mode 100644 deps/ngtcp2/lib/ngtcp2_pkt.h create mode 100644 deps/ngtcp2/lib/ngtcp2_ppe.c create mode 100644 deps/ngtcp2/lib/ngtcp2_ppe.h create mode 100644 deps/ngtcp2/lib/ngtcp2_pq.c create mode 100644 deps/ngtcp2/lib/ngtcp2_pq.h create mode 100644 deps/ngtcp2/lib/ngtcp2_psl.c create mode 100644 deps/ngtcp2/lib/ngtcp2_psl.h create mode 100644 deps/ngtcp2/lib/ngtcp2_pv.c create mode 100644 deps/ngtcp2/lib/ngtcp2_pv.h create mode 100644 deps/ngtcp2/lib/ngtcp2_range.c create mode 100644 deps/ngtcp2/lib/ngtcp2_range.h create mode 100644 deps/ngtcp2/lib/ngtcp2_ringbuf.c create mode 100644 deps/ngtcp2/lib/ngtcp2_ringbuf.h create mode 100644 deps/ngtcp2/lib/ngtcp2_rob.c create mode 100644 deps/ngtcp2/lib/ngtcp2_rob.h create mode 100644 deps/ngtcp2/lib/ngtcp2_rtb.c create mode 100644 deps/ngtcp2/lib/ngtcp2_rtb.h create mode 100644 deps/ngtcp2/lib/ngtcp2_str.c create mode 100644 deps/ngtcp2/lib/ngtcp2_str.h create mode 100644 deps/ngtcp2/lib/ngtcp2_strm.c create mode 100644 deps/ngtcp2/lib/ngtcp2_strm.h create mode 100644 deps/ngtcp2/lib/ngtcp2_vec.c create mode 100644 deps/ngtcp2/lib/ngtcp2_vec.h create mode 100644 deps/ngtcp2/lib/ngtcp2_version.c create mode 100644 deps/ngtcp2/ngtcp2.gyp create mode 100644 doc/api/quic.md create mode 100644 lib/internal/histogram.js create mode 100644 lib/internal/quic/core.js create mode 100644 lib/internal/quic/util.js create mode 100644 lib/quic.js create mode 100644 src/histogram.cc create mode 100755 src/node_quic.cc create mode 100644 src/node_quic_buffer.h create mode 100644 src/node_quic_crypto.cc create mode 100644 src/node_quic_crypto.h create mode 100644 src/node_quic_session-inl.h create mode 100644 src/node_quic_session.cc create mode 100644 src/node_quic_session.h create mode 100644 src/node_quic_socket.cc create mode 100644 src/node_quic_socket.h create mode 100644 src/node_quic_state.h create mode 100644 src/node_quic_stream.cc create mode 100644 src/node_quic_stream.h create mode 100644 src/node_quic_util.cc create mode 100644 src/node_quic_util.h create mode 100644 test/cctest/test_quic_buffer.cc create mode 100644 test/cctest/test_quic_verifyhostnameidentity.cc create mode 100644 test/parallel/test-quic-binding.js create mode 100644 test/parallel/test-quic-client-server.js create mode 100644 test/parallel/test-quic-createsocket-err.js create mode 100644 test/parallel/test-quic-packetloss.js create mode 100644 test/parallel/test-quic-process-cleanup.js create mode 100644 test/parallel/test-quic-quicsocket.js create mode 100644 test/parallel/test-quic-serverbusy.js create mode 100644 test/parallel/test-quic-session-destroy.js create mode 100644 test/parallel/test-quic-simple-client-migrate.js create mode 100644 test/parallel/test-quic-socket-close.js create mode 100644 test/parallel/test-quic-stream-close-early.js create mode 100644 test/parallel/test-quic-stream-destroy.js create mode 100644 test/parallel/test-quic-stream-identifiers.js diff --git a/LICENSE b/LICENSE index 9d65fc76cb..de4e662622 100644 --- a/LICENSE +++ b/LICENSE @@ -1316,6 +1316,32 @@ The externally maintained libraries used by Node.js are: WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. """ +- ngtcp2, located at deps/ngtcp2, is licensed as follows: + """ + The MIT License + + Copyright (c) 2016 ngtcp2 contributors + + Permission is hereby granted, free of charge, to any person obtaining + a copy of this software and associated documentation files (the + "Software"), to deal in the Software without restriction, including + without limitation the rights to use, copy, modify, merge, publish, + distribute, sublicense, and/or sell copies of the Software, and to + permit persons to whom the Software is furnished to do so, subject to + the following conditions: + + The above copyright notice and this permission notice shall be + included in all copies or substantial portions of the Software. + + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + """ + - node-inspect, located at deps/node-inspect, is licensed as follows: """ Copyright Node.js contributors. All rights reserved. diff --git a/configure.py b/configure.py index 48624aba92..f9e5268c19 100755 --- a/configure.py +++ b/configure.py @@ -112,6 +112,11 @@ choices=valid_os, help='operating system to build for ({0})'.format(', '.join(valid_os))) +parser.add_option('--experimental-quic', + action='store_true', + dest='experimental_quic', + help='enable experimental quic support') + parser.add_option('--gdb', action='store_true', dest='gdb', @@ -254,6 +259,27 @@ dest='shared_nghttp2_libpath', help='a directory to search for the shared nghttp2 DLLs') +shared_optgroup.add_option('--shared-ngtcp2', + action='store_true', + dest='shared_ngtcp2', + help='link to a shared ngtcp2 DLL instead of static linking') + +shared_optgroup.add_option('--shared-ngtcp2-includes', + action='store', + dest='shared_ngtcp2_includes', + help='directory containing ngtcp2 header files') + +shared_optgroup.add_option('--shared-ngtcp2-libname', + action='store', + dest='shared_ngtcp2_libname', + default='ngtcp2', + help='alternative lib name to link to [default: %default]') + +shared_optgroup.add_option('--shared-ngtcp2-libpath', + action='store', + dest='shared_ngctp2_libpath', + help='a directory to search for the shared ngtcp2 DLLs') + shared_optgroup.add_option('--shared-openssl', action='store_true', dest='shared_openssl', @@ -1112,6 +1138,11 @@ def configure_node(o): else: o['variables']['debug_nghttp2'] = 'false' + if options.experimental_quic: + o['variables']['experimental_quic'] = 1 + else: + o['variables']['experimental_quic'] = 'false' + o['variables']['node_no_browser_globals'] = b(options.no_browser_globals) o['variables']['node_shared'] = b(options.shared) @@ -1230,6 +1261,8 @@ def without_ssl_error(option): without_ssl_error('--openssl-no-asm') if options.openssl_fips: without_ssl_error('--openssl-fips') + if options.experimental_quic: + without_ssl_error('--experimental-quic') return if options.use_openssl_ca_store: diff --git a/deps/nghttp3/COPYING b/deps/nghttp3/COPYING new file mode 100644 index 0000000000..37562ea58c --- /dev/null +++ b/deps/nghttp3/COPYING @@ -0,0 +1,22 @@ +The MIT License + +Copyright (c) 2019 nghttp3 contributors + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/deps/nghttp3/lib/includes/config.h b/deps/nghttp3/lib/includes/config.h new file mode 100644 index 0000000000..0aee7749ba --- /dev/null +++ b/deps/nghttp3/lib/includes/config.h @@ -0,0 +1,39 @@ + +/* Edited to match src/node.h. */ +#include + +#ifdef _WIN32 +#if !defined(_SSIZE_T_) && !defined(_SSIZE_T_DEFINED) +typedef intptr_t ssize_t; +# define _SSIZE_T_ +# define _SSIZE_T_DEFINED +#endif +#else // !_WIN32 +# include // size_t, ssize_t +#endif // _WIN32 + +#ifdef _MSC_VER +# include +# define __builtin_popcount __popcnt +#endif + +/* Define to 1 to enable debug output. */ +/* #undef DEBUGBUILD */ + +/* Define to 1 if you have the header file. */ +/* #undef HAVE_ARPA_INET_H */ + +/* Define to 1 if you have the header file. */ +#define HAVE_STDDEF_H 1 + +/* Define to 1 if you have the header file. */ +#define HAVE_STDINT_H 1 + +/* Define to 1 if you have the header file. */ +#define HAVE_STDLIB_H 1 + +/* Define to 1 if you have the header file. */ +#define HAVE_STRING_H 1 + +/* Define to 1 if you have the header file. */ +/* #undef HAVE_UNISTD_H */ diff --git a/deps/nghttp3/lib/includes/nghttp3/nghttp3.h b/deps/nghttp3/lib/includes/nghttp3/nghttp3.h new file mode 100644 index 0000000000..928ab26411 --- /dev/null +++ b/deps/nghttp3/lib/includes/nghttp3/nghttp3.h @@ -0,0 +1,1747 @@ +/* + * nghttp3 + * + * Copyright (c) 2018 nghttp3 contributors + * Copyright (c) 2017 ngtcp2 contributors + * Copyright (c) 2017 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGHTTP3_H +#define NGHTTP3_H + +/* Define WIN32 when build target is Win32 API (borrowed from + libcurl) */ +#if (defined(_WIN32) || defined(__WIN32__)) && !defined(WIN32) +# define WIN32 +#endif + +#ifdef __cplusplus +extern "C" { +#endif + +#include +#if defined(_MSC_VER) && (_MSC_VER < 1800) +/* MSVC < 2013 does not have inttypes.h because it is not C99 + compliant. See compiler macros and version number in + https://sourceforge.net/p/predef/wiki/Compilers/ */ +# include +#else /* !defined(_MSC_VER) || (_MSC_VER >= 1800) */ +# include +#endif /* !defined(_MSC_VER) || (_MSC_VER >= 1800) */ +#include +#include + +#include + +#ifdef NGHTTP3_STATICLIB +# define NGHTTP3_EXTERN +#elif defined(WIN32) +# ifdef BUILDING_NGHTTP3 +# define NGHTTP3_EXTERN __declspec(dllexport) +# else /* !BUILDING_NGHTTP3 */ +# define NGHTTP3_EXTERN __declspec(dllimport) +# endif /* !BUILDING_NGHTTP3 */ +#else /* !defined(WIN32) */ +# ifdef BUILDING_NGHTTP3 +# define NGHTTP3_EXTERN __attribute__((visibility("default"))) +# else /* !BUILDING_NGHTTP3 */ +# define NGHTTP3_EXTERN +# endif /* !BUILDING_NGHTTP3 */ +#endif /* !defined(WIN32) */ + +typedef enum { + NGHTTP3_ERR_INVALID_ARGUMENT = -101, + NGHTTP3_ERR_NOBUF = -102, + NGHTTP3_ERR_INVALID_STATE = -103, + NGHTTP3_ERR_WOULDBLOCK = -104, + NGHTTP3_ERR_STREAM_IN_USE = -105, + NGHTTP3_ERR_PUSH_ID_BLOCKED = -106, + NGHTTP3_ERR_MALFORMED_HTTP_HEADER = -107, + NGHTTP3_ERR_REMOVE_HTTP_HEADER = -108, + NGHTTP3_ERR_MALFORMED_HTTP_MESSAGING = -109, + NGHTTP3_ERR_TOO_LATE = -110, + NGHTTP3_ERR_QPACK_FATAL = -111, + NGHTTP3_ERR_QPACK_HEADER_TOO_LARGE = -112, + NGHTTP3_ERR_IGNORE_STREAM = -113, + NGHTTP3_ERR_HTTP_QPACK_DECOMPRESSION_FAILED = -402, + NGHTTP3_ERR_HTTP_QPACK_ENCODER_STREAM_ERROR = -403, + NGHTTP3_ERR_HTTP_QPACK_DECODER_STREAM_ERROR = -404, + NGHTTP3_ERR_HTTP_UNEXPECTED_FRAME = -408, + /* -409 through -664 are HTTP_MALFORMED_FRAME error -409-, where + represents frame type that causes this error. Frame types + greater than 0xfe is -664. */ + NGHTTP3_ERR_HTTP_MALFORMED_FRAME = -409, + NGHTTP3_ERR_HTTP_MISSING_SETTINGS = -665, + NGHTTP3_ERR_HTTP_WRONG_STREAM = -666, + NGHTTP3_ERR_HTTP_INTERNAL_ERROR = -667, + NGHTTP3_ERR_HTTP_CLOSED_CRITICAL_STREAM = -668, + NGHTTP3_ERR_HTTP_GENERAL_PROTOCOL_ERROR = -669, + NGHTTP3_ERR_HTTP_ID_ERROR = -670, + NGHTTP3_ERR_HTTP_SETTINGS_ERROR = -671, + NGHTTP3_ERR_HTTP_STREAM_CREATION_ERROR = -672, + NGHTTP3_ERR_FATAL = -900, + NGHTTP3_ERR_NOMEM = -901, + NGHTTP3_ERR_CALLBACK_FAILURE = -902 +} nghttp3_lib_error; + +typedef enum { + NGHTTP3_HTTP_NO_ERROR = 0x0000, + NGHTTP3_HTTP_GENERAL_PROTOCOL_ERROR = 0x0001, + NGHTTP3_HTTP_INTERNAL_ERROR = 0x0003, + NGHTTP3_HTTP_REQUEST_CANCELLED = 0x0005, + NGHTTP3_HTTP_INCOMPLETE_REQUEST = 0x0006, + NGHTTP3_HTTP_CONNECT_ERROR = 0x0007, + NGHTTP3_HTTP_EXCESSIVE_LOAD = 0x0008, + NGHTTP3_HTTP_VERSION_FALLBACK = 0x0009, + NGHTTP3_HTTP_WRONG_STREAM = 0x000a, + NGHTTP3_HTTP_ID_ERROR = 0x000b, + NGHTTP3_HTTP_STREAM_CREATION_ERROR = 0x000d, + NGHTTP3_HTTP_CLOSED_CRITICAL_STREAM = 0x000f, + NGHTTP3_HTTP_EARLY_RESPONSE = 0x0011, + NGHTTP3_HTTP_MISSING_SETTINGS = 0x0012, + NGHTTP3_HTTP_UNEXPECTED_FRAME = 0x0013, + NGHTTP3_HTTP_REQUEST_REJECTED = 0x0014, + NGHTTP3_HTTP_SETTINGS_ERROR = 0x00ff, + NGHTTP3_HTTP_MALFORMED_FRAME = 0x0100, + NGHTTP3_HTTP_QPACK_DECOMPRESSION_FAILED = 0x0200, + NGHTTP3_HTTP_QPACK_ENCODER_STREAM_ERROR = 0x0201, + NGHTTP3_HTTP_QPACK_DECODER_STREAM_ERROR = 0x0202 +} nghttp3_error; + +/** + * @functypedef + * + * Custom memory allocator to replace malloc(). The |mem_user_data| + * is the mem_user_data member of :type:`nghttp3_mem` structure. + */ +typedef void *(*nghttp3_malloc)(size_t size, void *mem_user_data); + +/** + * @functypedef + * + * Custom memory allocator to replace free(). The |mem_user_data| is + * the mem_user_data member of :type:`nghttp3_mem` structure. + */ +typedef void (*nghttp3_free)(void *ptr, void *mem_user_data); + +/** + * @functypedef + * + * Custom memory allocator to replace calloc(). The |mem_user_data| + * is the mem_user_data member of :type:`nghttp3_mem` structure. + */ +typedef void *(*nghttp3_calloc)(size_t nmemb, size_t size, void *mem_user_data); + +/** + * @functypedef + * + * Custom memory allocator to replace realloc(). The |mem_user_data| + * is the mem_user_data member of :type:`nghttp3_mem` structure. + */ +typedef void *(*nghttp3_realloc)(void *ptr, size_t size, void *mem_user_data); + +/** + * @struct + * + * Custom memory allocator functions and user defined pointer. The + * |mem_user_data| member is passed to each allocator function. This + * can be used, for example, to achieve per-session memory pool. + * + * In the following example code, ``my_malloc``, ``my_free``, + * ``my_calloc`` and ``my_realloc`` are the replacement of the + * standard allocators ``malloc``, ``free``, ``calloc`` and + * ``realloc`` respectively:: + * + * void *my_malloc_cb(size_t size, void *mem_user_data) { + * return my_malloc(size); + * } + * + * void my_free_cb(void *ptr, void *mem_user_data) { my_free(ptr); } + * + * void *my_calloc_cb(size_t nmemb, size_t size, void *mem_user_data) { + * return my_calloc(nmemb, size); + * } + * + * void *my_realloc_cb(void *ptr, size_t size, void *mem_user_data) { + * return my_realloc(ptr, size); + * } + * + * void conn_new() { + * nghttp3_mem mem = {NULL, my_malloc_cb, my_free_cb, my_calloc_cb, + * my_realloc_cb}; + * + * ... + * } + */ +typedef struct { + /** + * An arbitrary user supplied data. This is passed to each + * allocator function. + */ + void *mem_user_data; + /** + * Custom allocator function to replace malloc(). + */ + nghttp3_malloc malloc; + /** + * Custom allocator function to replace free(). + */ + nghttp3_free free; + /** + * Custom allocator function to replace calloc(). + */ + nghttp3_calloc calloc; + /** + * Custom allocator function to replace realloc(). + */ + nghttp3_realloc realloc; +} nghttp3_mem; + +/** + * @function + * + * `nghttp3_mem_default` returns the default memory allocator which + * uses malloc/calloc/realloc/free. + */ +NGHTTP3_EXTERN const nghttp3_mem *nghttp3_mem_default(void); + +/** + * @struct + * + * nghttp3_vec is struct iovec compatible structure to reference + * arbitrary array of bytes. + */ +typedef struct { + /** + * base points to the data. + */ + uint8_t *base; + /** + * len is the number of bytes which the buffer pointed by base + * contains. + */ + size_t len; +} nghttp3_vec; + +struct nghttp3_rcbuf; + +/** + * @struct + * + * :type:`nghttp3_rcbuf` is the object representing reference counted + * buffer. The details of this structure are intentionally hidden + * from the public API. + */ +typedef struct nghttp3_rcbuf nghttp3_rcbuf; + +/** + * @function + * + * `nghttp3_rcbuf_incref` increments the reference count of |rcbuf| by + * 1. + */ +NGHTTP3_EXTERN void nghttp3_rcbuf_incref(nghttp3_rcbuf *rcbuf); + +/** + * @function + * + * `nghttp3_rcbuf_decref` decrements the reference count of |rcbuf| by + * 1. If the reference count becomes zero, the object pointed by + * |rcbuf| will be freed. In this case, application must not use + * |rcbuf| again. + */ +NGHTTP3_EXTERN void nghttp3_rcbuf_decref(nghttp3_rcbuf *rcbuf); + +/** + * @function + * + * `nghttp3_rcbuf_get_buf` returns the underlying buffer managed by + * |rcbuf|. + */ +NGHTTP3_EXTERN nghttp3_vec nghttp3_rcbuf_get_buf(const nghttp3_rcbuf *rcbuf); + +/** + * @function + * + * `nghttp3_rcbuf_is_static` returns nonzero if the underlying buffer + * is statically allocated, and 0 otherwise. This can be useful for + * language bindings that wish to avoid creating duplicate strings for + * these buffers. + */ +NGHTTP3_EXTERN int nghttp3_rcbuf_is_static(const nghttp3_rcbuf *rcbuf); + +/** + * @struct + * + * :type:`nghttp3_buf` is the variable size buffer. + */ +typedef struct { + /** + * begin points to the beginning of the buffer. + */ + uint8_t *begin; + /** + * end points to the one beyond of the last byte of the buffer + */ + uint8_t *end; + /** + * pos pointers to the start of data. Typically, this points to the + * point that next data should be read. Initially, it points to + * |begin|. + */ + uint8_t *pos; + /** + * last points to the one beyond of the last data of the buffer. + * Typically, new data is written at this point. Initially, it + * points to |begin|. + */ + uint8_t *last; +} nghttp3_buf; + +/** + * @function + * + * `nghttp3_buf_init` initializes empty |buf|. + */ +NGHTTP3_EXTERN void nghttp3_buf_init(nghttp3_buf *buf); + +/** + * @function + * + * `nghttp3_buf_free` frees resources allocated for |buf| using |mem| + * as memory allocator. buf->begin must be a heap buffer allocated by + * |mem|. + */ +NGHTTP3_EXTERN void nghttp3_buf_free(nghttp3_buf *buf, const nghttp3_mem *mem); + +/** + * @function + * + * `nghttp3_buf_left` returns the number of additional bytes which can + * be written to the underlying buffer. In other words, it returns + * buf->end - buf->last. + */ +NGHTTP3_EXTERN size_t nghttp3_buf_left(const nghttp3_buf *buf); + +/** + * @function + * + * `nghttp3_buf_len` returns the number of bytes left to read. In + * other words, it returns buf->last - buf->pos. + */ +NGHTTP3_EXTERN size_t nghttp3_buf_len(const nghttp3_buf *buf); + +/** + * @function + * + * `nghttp3_buf_reset` sets buf->pos and buf->last to buf->begin. + */ +NGHTTP3_EXTERN void nghttp3_buf_reset(nghttp3_buf *buf); + +/** + * @enum + * + * :type:`nghttp3_nv_flag` is the flags for header field name/value + * pair. + */ +typedef enum { + /** + * :enum:`NGHTTP3_NV_FLAG_NONE` indicates no flag set. + */ + NGHTTP3_NV_FLAG_NONE = 0, + /** + * :enum:`NGHTTP3_NV_FLAG_NEVER_INDEX` indicates that this + * name/value pair must not be indexed. Other implementation calls + * this bit as "sensitive". + */ + NGHTTP3_NV_FLAG_NEVER_INDEX = 0x01, + /** + * :enum:`NGHTTP3_NV_FLAG_NO_COPY_NAME` is set solely by + * application. If this flag is set, the library does not make a + * copy of header field name. This could improve performance. + */ + NGHTTP3_NV_FLAG_NO_COPY_NAME = 0x02, + /** + * :enum:`NGHTTP3_NV_FLAG_NO_COPY_VALUE` is set solely by + * application. If this flag is set, the library does not make a + * copy of header field value. This could improve performance. + */ + NGHTTP3_NV_FLAG_NO_COPY_VALUE = 0x04 +} nghttp3_nv_flag; + +/** + * @struct + * + * :type:`nghttp3_nv` is the name/value pair, which mainly used to + * represent header fields. + */ +typedef struct { + /** + * name is the header field name. + */ + uint8_t *name; + /** + * value is the header field value. + */ + uint8_t *value; + /** + * namelen is the length of the |name|, excluding terminating NULL. + */ + size_t namelen; + /** + * valuelen is the length of the |value|, excluding terminating + * NULL. + */ + size_t valuelen; + /** + * flags is bitwise OR of one or more of :type:`nghttp3_nv_flag`. + */ + uint8_t flags; +} nghttp3_nv; + +/* Generated by mkstatichdtbl.py */ +typedef enum { + NGHTTP3_QPACK_TOKEN__AUTHORITY = 0, + NGHTTP3_QPACK_TOKEN__PATH = 8, + NGHTTP3_QPACK_TOKEN_AGE = 43, + NGHTTP3_QPACK_TOKEN_CONTENT_DISPOSITION = 52, + NGHTTP3_QPACK_TOKEN_CONTENT_LENGTH = 55, + NGHTTP3_QPACK_TOKEN_COOKIE = 68, + NGHTTP3_QPACK_TOKEN_DATE = 69, + NGHTTP3_QPACK_TOKEN_ETAG = 71, + NGHTTP3_QPACK_TOKEN_IF_MODIFIED_SINCE = 74, + NGHTTP3_QPACK_TOKEN_IF_NONE_MATCH = 75, + NGHTTP3_QPACK_TOKEN_LAST_MODIFIED = 77, + NGHTTP3_QPACK_TOKEN_LINK = 78, + NGHTTP3_QPACK_TOKEN_LOCATION = 79, + NGHTTP3_QPACK_TOKEN_REFERER = 83, + NGHTTP3_QPACK_TOKEN_SET_COOKIE = 85, + NGHTTP3_QPACK_TOKEN__METHOD = 1, + NGHTTP3_QPACK_TOKEN__SCHEME = 9, + NGHTTP3_QPACK_TOKEN__STATUS = 11, + NGHTTP3_QPACK_TOKEN_ACCEPT = 25, + NGHTTP3_QPACK_TOKEN_ACCEPT_ENCODING = 27, + NGHTTP3_QPACK_TOKEN_ACCEPT_RANGES = 29, + NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_ALLOW_HEADERS = 32, + NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_ALLOW_ORIGIN = 38, + NGHTTP3_QPACK_TOKEN_CACHE_CONTROL = 46, + NGHTTP3_QPACK_TOKEN_CONTENT_ENCODING = 53, + NGHTTP3_QPACK_TOKEN_CONTENT_TYPE = 57, + NGHTTP3_QPACK_TOKEN_RANGE = 82, + NGHTTP3_QPACK_TOKEN_STRICT_TRANSPORT_SECURITY = 86, + NGHTTP3_QPACK_TOKEN_VARY = 92, + NGHTTP3_QPACK_TOKEN_X_CONTENT_TYPE_OPTIONS = 94, + NGHTTP3_QPACK_TOKEN_X_XSS_PROTECTION = 98, + NGHTTP3_QPACK_TOKEN_ACCEPT_LANGUAGE = 28, + NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_ALLOW_CREDENTIALS = 30, + NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_ALLOW_METHODS = 35, + NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_EXPOSE_HEADERS = 39, + NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_REQUEST_HEADERS = 40, + NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_REQUEST_METHOD = 41, + NGHTTP3_QPACK_TOKEN_ALT_SVC = 44, + NGHTTP3_QPACK_TOKEN_AUTHORIZATION = 45, + NGHTTP3_QPACK_TOKEN_CONTENT_SECURITY_POLICY = 56, + NGHTTP3_QPACK_TOKEN_EARLY_DATA = 70, + NGHTTP3_QPACK_TOKEN_EXPECT_CT = 72, + NGHTTP3_QPACK_TOKEN_FORWARDED = 73, + NGHTTP3_QPACK_TOKEN_IF_RANGE = 76, + NGHTTP3_QPACK_TOKEN_ORIGIN = 80, + NGHTTP3_QPACK_TOKEN_PURPOSE = 81, + NGHTTP3_QPACK_TOKEN_SERVER = 84, + NGHTTP3_QPACK_TOKEN_TIMING_ALLOW_ORIGIN = 89, + NGHTTP3_QPACK_TOKEN_UPGRADE_INSECURE_REQUESTS = 90, + NGHTTP3_QPACK_TOKEN_USER_AGENT = 91, + NGHTTP3_QPACK_TOKEN_X_FORWARDED_FOR = 95, + NGHTTP3_QPACK_TOKEN_X_FRAME_OPTIONS = 96, + /* Additional header fields for HTTP messaging validation */ + NGHTTP3_QPACK_TOKEN_HOST = 1000, + NGHTTP3_QPACK_TOKEN_CONNECTION, + NGHTTP3_QPACK_TOKEN_KEEP_ALIVE, + NGHTTP3_QPACK_TOKEN_PROXY_CONNECTION, + NGHTTP3_QPACK_TOKEN_TRANSFER_ENCODING, + NGHTTP3_QPACK_TOKEN_UPGRADE, + NGHTTP3_QPACK_TOKEN_TE, + NGHTTP3_QPACK_TOKEN__PROTOCOL +} nghttp3_qpack_token; + +/** + * @struct + * + * nghttp3_qpack_nv represents header field name/value pair just like + * :type:`nghttp3_nv`. It is an extended version of + * :type:`nghttp3_nv` and has reference counted buffers and tokens + * which might be useful for applications. + */ +typedef struct { + /* The buffer containing header field name. NULL-termination is + guaranteed. */ + nghttp3_rcbuf *name; + /* The buffer containing header field value. NULL-termination is + guaranteed. */ + nghttp3_rcbuf *value; + /* nghttp3_qpack_token value for name. It could be -1 if we have no + token for that header field name. */ + int32_t token; + /* Bitwise OR of one or more of nghttp3_nv_flag. */ + uint8_t flags; +} nghttp3_qpack_nv; + +struct nghttp3_qpack_encoder; + +/** + * @struct + * + * :type:`nghttp3_qpack_encoder` is QPACK encoder. + */ +typedef struct nghttp3_qpack_encoder nghttp3_qpack_encoder; + +/** + * @function + * + * `nghttp3_qpack_encoder_new` initializes QPACK encoder. |pencoder| + * must be non-NULL pointer. |max_dtable_size| is the maximum dynamic + * table size. |max_blocked| is the maximum number of streams which + * can be blocked. |mem| is a memory allocator. This function + * allocates memory for :type:`nghttp3_qpack_encoder` itself and + * assigns its pointer to |*pencoder| if it succeeds. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * :enum:`NGHTTP3_ERR_NOMEM` + * Out of memory. + */ +NGHTTP3_EXTERN int nghttp3_qpack_encoder_new(nghttp3_qpack_encoder **pencoder, + size_t max_dtable_size, + size_t max_blocked, + const nghttp3_mem *mem); + +/** + * @function + * + * `nghttp3_qpack_encoder_del` frees memory allocated for |encoder|. + * This function frees memory pointed by |encoder| itself. + */ +NGHTTP3_EXTERN void nghttp3_qpack_encoder_del(nghttp3_qpack_encoder *encoder); + +/** + * @function + * + * `nghttp3_qpack_encoder_encode` encodes the list of header fields + * |nva|. |nvlen| is the length of |nva|. |stream_id| is the + * identifier of the stream which this header fields belong to. This + * function writes header block prefix, encoded header fields, and + * encoder stream to |pbuf|, |rbuf|, and |ebuf| respectively. The + * last field of nghttp3_buf will be adjusted when data is written. + * An application should write |pbuf| and |rbuf| to the request stream + * in this order. + * + * The buffer pointed by |pbuf|, |rbuf|, and |ebuf| can be empty + * buffer. It is fine to pass a buffer initialized by + * nghttp3_buf_init(buf). This function allocates memory for these + * buffers as necessary. In particular, it frees and expands buffer + * if the current capacity of buffer is not enough. If begin field of + * any buffer is not NULL, it must be allocated by the same memory + * allocator passed to `nghttp3_qpack_encoder_new()`. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * :enum:`NGHTTP3_ERR_NOMEM` + * Out of memory + * :enum:`NGHTTP3_ERR_QPACK_FATAL` + * |encoder| is in unrecoverable error state and cannot be used + * anymore. + */ +NGHTTP3_EXTERN int nghttp3_qpack_encoder_encode( + nghttp3_qpack_encoder *encoder, nghttp3_buf *pbuf, nghttp3_buf *rbuf, + nghttp3_buf *ebuf, int64_t stream_id, const nghttp3_nv *nva, size_t nvlen); + +/** + * @function + * + * `nghttp3_qpack_encoder_read_decoder` reads decoder stream. The + * buffer pointed by |src| of length |srclen| contains decoder stream. + * + * This function returns the number of bytes read, or one of the + * following negative error codes: + * + * :enum:`NGHTTP3_ERR_NOMEM` + * Out of memory + * :enum:`NGHTTP3_ERR_QPACK_FATAL` + * |encoder| is in unrecoverable error state and cannot be used + * anymore. + * :enum:`NGHTTP3_ERR_QPACK_DECODER_STREAM` + * |encoder| is unable to process input because it is malformed. + */ +NGHTTP3_EXTERN ssize_t nghttp3_qpack_encoder_read_decoder( + nghttp3_qpack_encoder *encoder, const uint8_t *src, size_t srclen); + +/** + * @function + * + * `nghttp3_qpack_encoder_set_max_dtable_size` sets max dynamic table + * size to |max_dtable_size|. + * + * This function returns the number of bytes read, or one of the + * following negative error codes: + * + * :enum:`NGHTTP3_ERR_INVALID_ARGUMENT` + * |max_dtable_size| exceeds the hard limit that decoder specifies. + */ +NGHTTP3_EXTERN int +nghttp3_qpack_encoder_set_max_dtable_size(nghttp3_qpack_encoder *encoder, + size_t max_dtable_size); + +/** + * @function + * + * `nghttp3_qpack_encoder_set_hard_max_dtable_size` sets hard maximum + * dynamic table size to |hard_max_dtable_size|. + * + * This function returns the number of bytes read, or one of the + * following negative error codes: + * + * TBD + */ +NGHTTP3_EXTERN int +nghttp3_qpack_encoder_set_hard_max_dtable_size(nghttp3_qpack_encoder *encoder, + size_t hard_max_dtable_size); + +/** + * @function + * + * `nghttp3_qpack_encoder_set_max_blocked` sets the number of streams + * which can be blocked to |max_blocked|. + * + * This function returns the number of bytes read, or one of the + * following negative error codes: + * + * TBD + */ +NGHTTP3_EXTERN int +nghttp3_qpack_encoder_set_max_blocked(nghttp3_qpack_encoder *encoder, + size_t max_blocked); + +/** + * @function + * + * `nghttp3_qpack_encoder_ack_header` tells |encoder| that header + * block for a stream denoted by |stream_id| was acknowledged by + * decoder. This function is provided for debugging purpose only. In + * HTTP/3, |encoder| knows acknowledgement of header block by reading + * decoder stream with `nghttp3_qpack_encoder_read_decoder()`. + */ +NGHTTP3_EXTERN void +nghttp3_qpack_encoder_ack_header(nghttp3_qpack_encoder *encoder, + int64_t stream_id); + +/** + * @function + * + * `nghttp3_qpack_encoder_add_insert_count` increments known received + * count of |encoder| by |n|. This function is provided for debugging + * purpose only. In HTTP/3, |encoder| increments known received count + * by reading decoder stream with + * `nghttp3_qpack_encoder_read_decoder()`. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * :enum:`NGHTTP3_ERR_NOMEM` + * Out of memory. + * :enum:`NGHTTP3_QPACK_DECODER_STREAM` + * |n| is too large. + */ +NGHTTP3_EXTERN int +nghttp3_qpack_encoder_add_insert_count(nghttp3_qpack_encoder *encoder, + size_t n); + +/** + * @function + * + * `nghttp3_qpack_encoder_ack_everything` tells |encoder| that all + * encoded header blocks are acknowledged. This function is provided + * for debugging purpose only. In HTTP/3, |encoder| knows this by + * reading decoder stream with `nghttp3_qpack_encoder_read_decoder()`. + */ +NGHTTP3_EXTERN void +nghttp3_qpack_encoder_ack_everything(nghttp3_qpack_encoder *encoder); + +/** + * @function + * + * `nghttp3_qpack_encoder_cancel_stream` tells |encoder| that stream + * denoted by |stream_id| is cancelled. This function is provided for + * debugging purpose only. In HTTP/3, |encoder| knows this by reading + * decoder stream with `nghttp3_qpack_encoder_read_decoder()`. + */ +NGHTTP3_EXTERN void +nghttp3_qpack_encoder_cancel_stream(nghttp3_qpack_encoder *encoder, + int64_t stream_id); + +/** + * @function + * + * `nghttp3_qpack_encoder_get_num_blocked` returns the number of + * streams which is potentially blocked at decoder side. + */ +NGHTTP3_EXTERN size_t +nghttp3_qpack_encoder_get_num_blocked(nghttp3_qpack_encoder *encoder); + +struct nghttp3_qpack_stream_context; + +/** + * @struct + * + * :type:`nghttp3_qpack_stream_context` is a decoder context for an + * individual stream. + */ +typedef struct nghttp3_qpack_stream_context nghttp3_qpack_stream_context; + +/** + * @function + * + * `nghttp3_qpack_stream_context_new` initializes stream context. + * |psctx| must be non-NULL pointer. |stream_id| is stream ID. |mem| + * is a memory allocator. This function allocates memory for + * :type:`nghttp3_qpack_stream_context` itself and assigns its pointer + * to |*psctx| if it succeeds. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * :enum:`NGHTTP3_ERR_NOMEM` + * Out of memory. + */ +NGHTTP3_EXTERN int +nghttp3_qpack_stream_context_new(nghttp3_qpack_stream_context **psctx, + int64_t stream_id, const nghttp3_mem *mem); + +/** + * @function + * + * `nghttp3_qpack_stream_context_del` frees memory allocated for + * |sctx|. This function frees memory pointed by |sctx| itself. + */ +NGHTTP3_EXTERN void +nghttp3_qpack_stream_context_del(nghttp3_qpack_stream_context *sctx); + +/** + * @function + * + * `nghttp3_qpack_stream_context_get_ricnt` returns required insert + * count. + */ +NGHTTP3_EXTERN size_t +nghttp3_qpack_stream_context_get_ricnt(nghttp3_qpack_stream_context *sctx); + +struct nghttp3_qpack_decoder; + +/** + * @struct + * + * `nghttp3_qpack_decoder` is QPACK decoder. + */ +typedef struct nghttp3_qpack_decoder nghttp3_qpack_decoder; + +/** + * @function + * + * `nghttp3_qpack_decoder_new` initializes QPACK decoder. |pdecoder| + * must be non-NULL pointer. |max_dtable_size| is the maximum dynamic + * table size. |max_blocked| is the maximum number of streams which + * can be blocked. |mem| is a memory allocator. This function + * allocates memory for :type:`nghttp3_qpack_decoder` itself and + * assigns its pointer to |*pdecoder| if it succeeds. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * :enum:`NGHTTP3_ERR_NOMEM` + * Out of memory. + */ +NGHTTP3_EXTERN int nghttp3_qpack_decoder_new(nghttp3_qpack_decoder **pdecoder, + size_t max_dtable_size, + size_t max_blocked, + const nghttp3_mem *mem); + +/** + * @function + * + * `nghttp3_qpack_decoder_del` frees memory allocated for |decoder|. + * This function frees memory pointed by |decoder| itself. + */ +NGHTTP3_EXTERN void nghttp3_qpack_decoder_del(nghttp3_qpack_decoder *decoder); + +/** + * @function + * + * `nghttp3_qpack_decoder_read_encoder` reads encoder stream. The + * buffer pointed by |src| of length |srclen| contains encoder stream. + * + * This function returns the number of bytes read, or one of the + * following negative error codes: + * + * :enum:`NGHTTP3_ERR_NOMEM` + * Out of memory. + * :enum:`NGHTTP3_ERR_QPACK_FATAL` + * |decoder| is in unrecoverable error state and cannot be used + * anymore. + * :enum:`NGHTTP3_ERR_QPACK_ENCODER_STREAM` + * Could not interpret encoder stream instruction. + */ +NGHTTP3_EXTERN ssize_t nghttp3_qpack_decoder_read_encoder( + nghttp3_qpack_decoder *decoder, const uint8_t *src, size_t srclen); + +/** + * @function + * + * `nghttp3_qpack_decoder_get_icnt` returns insert count. + */ +NGHTTP3_EXTERN size_t +nghttp3_qpack_decoder_get_icnt(const nghttp3_qpack_decoder *decoder); + +/** + * @enum + * + * :type:`nghttp3_qpack_decode_flag` is a set of flags for decoder. + */ +typedef enum { + /** + * :enum:`NGHTTP3_QPACK_DECODE_FLAG_NONE` indicates that no flag + * set. + */ + NGHTTP3_QPACK_DECODE_FLAG_NONE, + /** + * :enum:`NGHTTP3_QPACK_DECODE_FLAG_EMIT` indicates that a header + * field is successfully decoded. + */ + NGHTTP3_QPACK_DECODE_FLAG_EMIT = 0x01, + /** + * :enum:`NGHTTP3_QPACK_DECODE_FLAG_FINAL` indicates that all header + * fields have been decoded. + */ + NGHTTP3_QPACK_DECODE_FLAG_FINAL = 0x02, + /** + * :enum:`NGHTTP3_QPACK_DECODE_FLAG_BLOCKED` indicates that decoding + * has been blocked. + */ + NGHTTP3_QPACK_DECODE_FLAG_BLOCKED = 0x04 +} nghttp3_qpack_decode_flag; + +/** + * @function + * + * `nghttp3_qpack_decoder_read_request` reads request stream. The + * request stream is given as the buffer pointed by |src| of length + * |srclen|. |sctx| is the stream context and it must be initialized + * by `nghttp3_qpack_stream_context_init()`. |*pflags| must be + * non-NULL pointer. |nv| must be non-NULL pointer. + * + * If this function succeeds, it assigns flags to |*pflags|. If + * |*pflags| has :enum:`NGHTTP3_QPACK_DECODE_FLAG_EMIT` set, a decoded + * header field is assigned to |nv|. If |*pflags| has + * :enum:`NGHTTP3_QPACK_DECODE_FLAG_FINAL` set, all header fields have + * been successfully decoded. If |*pflags| has + * :enum:`NGHTTP3_QPACK_DECODE_FLAG_BLOCKED` set, decoding is blocked + * due to required insert count. + * + * When a header field is decoded, an application receives it in |nv|. + * nv->name and nv->value are reference counted buffer, and the their + * reference counts are already incremented for application use. + * Therefore, when application finishes processing the header field, + * it must call nghttp3_rcbuf_decref(nv->name) and + * nghttp3_rcbuf_decref(nv->value) or memory leak might occur. + * + * This function returns the number of bytes read, or one of the + * following negative error codes: + * + * :enum:`NGHTTP3_ERR_NOMEM` + * Out of memory. + * :enum:`NGHTTP3_ERR_QPACK_FATAL` + * |decoder| is in unrecoverable error state and cannot be used + * anymore. + * :enum:`NGHTTP3_ERR_QPACK_DECOMPRESSION_FAILED` + * Could not interpret header block instruction. + * :enum:`NGHTTP3_ERR_QPACK_HEADER_TOO_LARGE` + * Header field is too large. + */ +NGHTTP3_EXTERN ssize_t nghttp3_qpack_decoder_read_request( + nghttp3_qpack_decoder *decoder, nghttp3_qpack_stream_context *sctx, + nghttp3_qpack_nv *nv, uint8_t *pflags, const uint8_t *src, size_t srclen, + int fin); + +/** + * @function + * + * `nghttp3_qpack_decoder_write_decoder` writes decoder stream into + * |dbuf|. + * + * The buffer pointed by |dbuf| can be empty buffer. It is fine to + * pass a buffer initialized by nghttp3_buf_init(buf). This function + * allocates memory for these buffers as necessary. In particular, it + * frees and expands buffer if the current capacity of buffer is not + * enough. If begin field of any buffer is not NULL, it must be + * allocated by the same memory allocator passed to + * `nghttp3_qpack_encoder_new()`. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * :enum:`NGHTTP3_ERR_NOMEM` + * Out of memory + */ +NGHTTP3_EXTERN int +nghttp3_qpack_decoder_write_decoder(nghttp3_qpack_decoder *decoder, + nghttp3_buf *dbuf); + +/** + * @function + * + * `nghttp3_qpack_decoder_cancel_stream` cancels header decoding for + * stream denoted by |stream_id|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * :enum:`NGHTTP3_ERR_NOMEM` + * Out of memory. + */ +NGHTTP3_EXTERN int +nghttp3_qpack_decoder_cancel_stream(nghttp3_qpack_decoder *decoder, + int64_t stream_id); + +/** + * @function + * + * `nghttp3_qpack_decoder_set_dtable_cap` sets |cap| as maximum + * dynamic table size. Normally, the maximum capacity is communicated + * in encoder stream. This function is provided for debugging and + * testing purpose. + */ +NGHTTP3_EXTERN void +nghttp3_qpack_decoder_set_dtable_cap(nghttp3_qpack_decoder *decoder, + size_t cap); + +/** + * @function + * + * `nghttp3_strerror` returns textual representation of |liberr| which + * should be one of error codes defined in :type:`nghttp3_lib_error`. + */ +NGHTTP3_EXTERN const char *nghttp3_strerror(int liberr); + +/** + * @function + * + * `nghttp3_err_infer_quic_app_error_code` returns a QUIC application + * error code which corresponds to |liberr|. + */ +NGHTTP3_EXTERN uint64_t nghttp3_err_infer_quic_app_error_code(int liberr); + +/** + * @functypedef + * + * :type:`nghttp3_debug_vprintf_callback` is a callback function + * invoked when the library outputs debug logging. The function is + * called with arguments suitable for ``vfprintf(3)`` + * + * The debug output is only enabled if the library is built with + * ``DEBUGBUILD`` macro defined. + */ +typedef void (*nghttp3_debug_vprintf_callback)(const char *format, + va_list args); + +/** + * @function + * + * `nghttp3_set_debug_vprintf_callback` sets a debug output callback + * called by the library when built with ``DEBUGBUILD`` macro defined. + * If this option is not used, debug log is written into standard + * error output. + * + * For builds without ``DEBUGBUILD`` macro defined, this function is + * noop. + * + * Note that building with ``DEBUGBUILD`` may cause significant + * performance penalty to libnghttp3 because of extra processing. It + * should be used for debugging purpose only. + * + * .. Warning:: + * + * Building with ``DEBUGBUILD`` may cause significant performance + * penalty to libnghttp3 because of extra processing. It should be + * used for debugging purpose only. We write this two times because + * this is important. + */ +NGHTTP3_EXTERN void nghttp3_set_debug_vprintf_callback( + nghttp3_debug_vprintf_callback debug_vprintf_callback); + +struct nghttp3_conn; +typedef struct nghttp3_conn nghttp3_conn; + +/** + * @functypedef + * + * :type:`nghttp3_acked_stream_data` is a callback function which is + * invoked when data sent on stream denoted by |stream_id| supplied + * from application is acknowledged by remote endpoint. The number of + * bytes acknowledged is given in |datalen|. + * + * The implementation of this callback must return 0 if it succeeds. + * Returning :enum:`NGHTTP3_ERR_CALLBACK_FAILURE` will return to the + * caller immediately. Any values other than 0 is treated as + * :enum:`NGHTTP3_ERR_CALLBACK_FAILURE`. + */ +typedef int (*nghttp3_acked_stream_data)(nghttp3_conn *conn, int64_t stream_id, + size_t datalen, void *conn_user_data, + void *stream_user_data); + +/** + * @functypedef + * + * :type:`nghttp3_conn_stream_close` is a callback function which is + * invoked when a stream identified by |stream_id| is closed. + * |app_error_code| indicates the reason of this closure. + * + * The implementation of this callback must return 0 if it succeeds. + * Returning :enum:`NGHTTP3_ERR_CALLBACK_FAILURE` will return to the + * caller immediately. Any values other than 0 is treated as + * :enum:`NGHTTP3_ERR_CALLBACK_FAILURE`. + */ +typedef int (*nghttp3_stream_close)(nghttp3_conn *conn, int64_t stream_id, + uint64_t app_error_code, + void *conn_user_data, + void *stream_user_data); + +/** + * @functypedef + * + * :type:`nghttp3_recv_data` is a callback function which is invoked + * when a part of request or response body on stream identified by + * |stream_id| is received. |data| points to the received data and + * its length is |datalen|. + * + * The implementation of this callback must return 0 if it succeeds. + * Returning :enum:`NGHTTP3_ERR_CALLBACK_FAILURE` will return to the + * caller immediately. Any values other than 0 is treated as + * :enum:`NGHTTP3_ERR_CALLBACK_FAILURE`. + */ +typedef int (*nghttp3_recv_data)(nghttp3_conn *conn, int64_t stream_id, + const uint8_t *data, size_t datalen, + void *conn_user_data, void *stream_user_data); + +/** + * @functypedef + * + * :type:`nghttp3_deferred_consume` is a callback function which is + * invoked when the library consumed |consumed| bytes for a stream + * identified by |stream_id|. This callback is used to notify the + * consumed bytes for stream blocked by QPACK decoder. + * + * The implementation of this callback must return 0 if it succeeds. + * Returning :enum:`NGHTTP3_ERR_CALLBACK_FAILURE` will return to the + * caller immediately. Any values other than 0 is treated as + * :enum:`NGHTTP3_ERR_CALLBACK_FAILURE`. + */ +typedef int (*nghttp3_deferred_consume)(nghttp3_conn *conn, int64_t stream_id, + size_t consumed, void *conn_user_data, + void *stream_user_data); + +typedef int (*nghttp3_begin_headers)(nghttp3_conn *conn, int64_t stream_id, + void *conn_user_data, + void *stream_user_data); + +typedef int (*nghttp3_recv_header)(nghttp3_conn *conn, int64_t stream_id, + int32_t token, nghttp3_rcbuf *name, + nghttp3_rcbuf *value, uint8_t flags, + void *conn_user_data, + void *stream_user_data); + +typedef int (*nghttp3_end_headers)(nghttp3_conn *conn, int64_t stream_id, + void *conn_user_data, + void *stream_user_data); + +typedef int (*nghttp3_begin_push_promise)(nghttp3_conn *conn, int64_t stream_id, + int64_t push_id, void *conn_user_data, + void *stream_user_data); + +typedef int (*nghttp3_recv_push_promise)(nghttp3_conn *conn, int64_t stream_id, + int64_t push_id, int32_t token, + nghttp3_rcbuf *name, + nghttp3_rcbuf *value, uint8_t flags, + void *conn_user_data, + void *stream_user_data); + +typedef int (*nghttp3_end_push_promise)(nghttp3_conn *conn, int64_t stream_id, + int64_t push_id, void *conn_user_data, + void *stream_user_data); + +/** + * @functypedef + * + * :type:`nghttp3_end_stream` is a callback function which is invoked + * when the receiving side of stream is closed. For server, this + * callback function is invoked when HTTP request is received + * completely. For client, this callback function is invoked when + * HTTP response is received completely. + * + * The implementation of this callback must return 0 if it succeeds. + * Returning :enum:`NGHTTP3_ERR_CALLBACK_FAILURE` will return to the + * caller immediately. Any values other than 0 is treated as + * :enum:`NGHTTP3_ERR_CALLBACK_FAILURE`. + */ +typedef int (*nghttp3_end_stream)(nghttp3_conn *conn, int64_t stream_id, + void *conn_user_data, void *stream_user_data); + +/** + * @functypedef + * + * :type:`nghttp3_cancel_push` is a callback function which is invoked + * when the push identified by |push_id| is cancelled by remote + * endpoint. If a stream has been bound to the push ID, |stream_id| + * contains the stream ID and |stream_user_data| points to the stream + * user data. Otherwise, |stream_id| is -1 and |stream_user_data| is + * NULL. + * + * The implementation of this callback must return 0 if it succeeds. + * Returning :enum:`NGHTTP3_ERR_CALLBACK_FAILURE` will return to the + * caller immediately. Any values other than 0 is treated as + * :enum:`NGHTTP3_ERR_CALLBACK_FAILURE`. + */ +typedef int (*nghttp3_cancel_push)(nghttp3_conn *conn, int64_t push_id, + int64_t stream_id, void *conn_user_data, + void *stream_user_data); + +/** + * @functypedef + * + * :type:`nghttp3_send_stop_sending` is a callback function which is + * invoked when the library asks application to send STOP_SENDING to + * the stream identified by |stream_id|. |app_error_code| indicates + * the reason for this action. + * + * The implementation of this callback must return 0 if it succeeds. + * Returning :enum:`NGHTTP3_ERR_CALLBACK_FAILURE` will return to the + * caller immediately. Any values other than 0 is treated as + * :enum:`NGHTTP3_ERR_CALLBACK_FAILURE`. + */ +typedef int (*nghttp3_send_stop_sending)(nghttp3_conn *conn, int64_t stream_id, + uint64_t app_error_code, + void *conn_user_data, + void *stream_user_data); + +/** + * @functypedef + * + * :type:`nghttp3_push_stream` is a callback function which is invoked + * when a push stream identified by |stream_id| is opened with + * |push_id|. + * + * The implementation of this callback must return 0 if it succeeds. + * Returning :enum:`NGHTTP3_ERR_CALLBACK_FAILURE` will return to the + * caller immediately. Any values other than 0 is treated as + * :enum:`NGHTTP3_ERR_CALLBACK_FAILURE`. + */ +typedef int (*nghttp3_push_stream)(nghttp3_conn *conn, int64_t push_id, + int64_t stream_id, void *conn_user_data); + +typedef struct { + nghttp3_acked_stream_data acked_stream_data; + nghttp3_stream_close stream_close; + nghttp3_recv_data recv_data; + nghttp3_deferred_consume deferred_consume; + nghttp3_begin_headers begin_headers; + nghttp3_recv_header recv_header; + nghttp3_end_headers end_headers; + nghttp3_begin_headers begin_trailers; + nghttp3_recv_header recv_trailer; + nghttp3_end_headers end_trailers; + nghttp3_begin_push_promise begin_push_promise; + nghttp3_recv_push_promise recv_push_promise; + nghttp3_end_push_promise end_push_promise; + nghttp3_cancel_push cancel_push; + nghttp3_send_stop_sending send_stop_sending; + nghttp3_push_stream push_stream; + nghttp3_end_stream end_stream; +} nghttp3_conn_callbacks; + +typedef struct { + uint64_t max_header_list_size; + uint64_t num_placeholders; + uint64_t max_pushes; + uint64_t qpack_max_table_capacity; + uint64_t qpack_blocked_streams; +} nghttp3_conn_settings; + +NGHTTP3_EXTERN void +nghttp3_conn_settings_default(nghttp3_conn_settings *settings); + +NGHTTP3_EXTERN int +nghttp3_conn_client_new(nghttp3_conn **pconn, + const nghttp3_conn_callbacks *callbacks, + const nghttp3_conn_settings *settings, + const nghttp3_mem *mem, void *conn_user_data); + +NGHTTP3_EXTERN int +nghttp3_conn_server_new(nghttp3_conn **pconn, + const nghttp3_conn_callbacks *callbacks, + const nghttp3_conn_settings *settings, + const nghttp3_mem *mem, void *conn_user_data); + +NGHTTP3_EXTERN void nghttp3_conn_del(nghttp3_conn *conn); + +/** + * @function + * + * `nghttp3_conn_bind_control_stream` binds stream denoted by + * |stream_id| to outgoing unidirectional control stream. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * :enum:`NGHTTP3_ERR_INVALID_STATE` + * Control stream has already corresponding stream ID. + * TBD + */ +NGHTTP3_EXTERN int nghttp3_conn_bind_control_stream(nghttp3_conn *conn, + int64_t stream_id); + +/** + * @function + * + * `nghttp3_conn_bind_qpack_streams` binds stream denoted by + * |qenc_stream_id| to outgoing QPACK encoder stream and stream + * denoted by |qdec_stream_id| to outgoing QPACK encoder stream. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * :enum:`NGHTTP3_ERR_INVALID_STATE` + * QPACK encoder/decoder stream have already corresponding stream + * IDs. + * TBD + */ +NGHTTP3_EXTERN int nghttp3_conn_bind_qpack_streams(nghttp3_conn *conn, + int64_t qenc_stream_id, + int64_t qdec_stream_id); + +typedef enum { + NGHTTP3_FRAME_DATA = 0x00, + NGHTTP3_FRAME_HEADERS = 0x01, + NGHTTP3_FRAME_PRIORITY = 0x02, + NGHTTP3_FRAME_CANCEL_PUSH = 0x03, + NGHTTP3_FRAME_SETTINGS = 0x04, + NGHTTP3_FRAME_PUSH_PROMISE = 0x05, + NGHTTP3_FRAME_GOAWAY = 0x07, + NGHTTP3_FRAME_MAX_PUSH_ID = 0x0d, + NGHTTP3_FRAME_DUPLICATE_PUSH = 0x0e, +} nghttp3_frame_type; + +typedef struct { + int64_t type; + int64_t length; +} nghttp3_frame_hd; + +typedef struct { + nghttp3_frame_hd hd; +} nghttp3_frame_data; + +typedef struct { + nghttp3_frame_hd hd; + nghttp3_nv *nva; + size_t nvlen; +} nghttp3_frame_headers; + +typedef enum { + NGHTTP3_PRI_ELEM_TYPE_REQUEST = 0x00, + NGHTTP3_PRI_ELEM_TYPE_PUSH = 0x01, + NGHTTP3_PRI_ELEM_TYPE_PLACEHOLDER = 0x02 +} nghttp3_pri_elem_type; + +typedef enum { + NGHTTP3_ELEM_DEP_TYPE_REQUEST = 0x00, + NGHTTP3_ELEM_DEP_TYPE_PUSH = 0x01, + NGHTTP3_ELEM_DEP_TYPE_PLACEHOLDER = 0x02, + NGHTTP3_ELEM_DEP_TYPE_ROOT = 0x03 +} nghttp3_elem_dep_type; + +typedef struct { + nghttp3_frame_hd hd; + nghttp3_pri_elem_type pt; + nghttp3_elem_dep_type dt; + int64_t pri_elem_id; + int64_t elem_dep_id; + uint32_t weight; + uint8_t exclusive; +} nghttp3_frame_priority; + +typedef struct { + nghttp3_frame_hd hd; + int64_t push_id; +} nghttp3_frame_cancel_push; + +typedef enum { + NGHTTP3_SETTINGS_ID_MAX_HEADER_LIST_SIZE = 0x06, + NGHTTP3_SETTINGS_ID_NUM_PLACEHOLDERS = 0x09, + NGHTTP3_SETTINGS_ID_QPACK_MAX_TABLE_CAPACITY = 0x01, + NGHTTP3_SETTINGS_ID_QPACK_BLOCKED_STREAMS = 0x07, +} nghttp3_settings_id; + +typedef struct { + uint64_t id; + uint64_t value; +} nghttp3_settings_entry; + +typedef struct { + nghttp3_frame_hd hd; + size_t niv; + nghttp3_settings_entry iv[1]; +} nghttp3_frame_settings; + +typedef struct { + nghttp3_frame_hd hd; + nghttp3_nv *nva; + size_t nvlen; + int64_t push_id; +} nghttp3_frame_push_promise; + +typedef struct { + nghttp3_frame_hd hd; + int64_t stream_id; +} nghttp3_frame_goaway; + +typedef struct { + nghttp3_frame_hd hd; + int64_t push_id; +} nghttp3_frame_max_push_id; + +typedef struct { + nghttp3_frame_hd hd; + int64_t push_id; +} nghttp3_frame_duplicate_push; + +typedef union { + nghttp3_frame_hd hd; + nghttp3_frame_data data; + nghttp3_frame_headers headers; + nghttp3_frame_priority priority; + nghttp3_frame_cancel_push cancel_push; + nghttp3_frame_settings settings; + nghttp3_frame_push_promise push_promise; + nghttp3_frame_goaway goaway; + nghttp3_frame_max_push_id max_push_id; + nghttp3_frame_duplicate_push duplicate_push; +} nghttp3_frame; + +/** + * @function + * + * nghttp3_conn_read_stream reads data |src| of length |srclen| on + * stream identified by |stream_id|. It returns the number of bytes + * consumed. The "consumed" means that application can increase flow + * control credit (both stream and connection) of underlying QUIC + * connection by that amount. If |fin| is nonzero, this is the last + * data from remote endpoint in this stream. + */ +NGHTTP3_EXTERN ssize_t nghttp3_conn_read_stream(nghttp3_conn *conn, + int64_t stream_id, + const uint8_t *src, + size_t srclen, int fin); + +/** + * @function + * + * `nghttp3_conn_writev_stream` stores stream data to send to |vec| of + * length |veccnt| and returns the number of nghttp3_vec object in + * which it stored data. It stores stream ID to |*pstream_id|. An + * application has to call `nghttp3_conn_add_write_offset` to inform + * |conn| of the actual number of bytes that underlying QUIC stack + * accepted. |*pfin| will be nonzero if this is the last data to + * send. + */ +NGHTTP3_EXTERN ssize_t nghttp3_conn_writev_stream(nghttp3_conn *conn, + int64_t *pstream_id, + int *pfin, nghttp3_vec *vec, + size_t veccnt); + +/** + * @function + * + * `nghttp3_conn_add_write_offset` tells |conn| the number of bytes + * |n| for stream denoted by |stream_id| QUIC stack accepted. + * + * `nghttp3_conn_writev_stream` must be called before calling this + * function to get data to send, and those data must be fed into QUIC + * stack. + */ +NGHTTP3_EXTERN int nghttp3_conn_add_write_offset(nghttp3_conn *conn, + int64_t stream_id, size_t n); + +/** + * @function + * + * `nghttp3_conn_add_ack_offset` tells |conn| the number of bytes |n| + * for stream denoted by |stream_id| QUIC stack has acknowledged. + */ +NGHTTP3_EXTERN int nghttp3_conn_add_ack_offset(nghttp3_conn *conn, + int64_t stream_id, size_t n); + +/** + * @function + * + * `nghttp3_conn_block_stream` tells the library that stream + * identified by |stream_id| is blocked due to QUIC flow control. + */ +NGHTTP3_EXTERN int nghttp3_conn_block_stream(nghttp3_conn *conn, + int64_t stream_id); + +/** + * @function + * + * `nghttp3_conn_unblock_stream` tells the library that stream + * identified by |stream_id| which was blocked by QUIC flow control is + * unblocked. + */ +NGHTTP3_EXTERN int nghttp3_conn_unblock_stream(nghttp3_conn *conn, + int64_t stream_id); + +/** + * @function + * + * `nghttp3_conn_resume_stream` resumes stream identified by + * |stream_id| which was previously unable to provide data. + */ +NGHTTP3_EXTERN int nghttp3_conn_resume_stream(nghttp3_conn *conn, + int64_t stream_id); + +/** + * @function + * + * `nghttp3_conn_close_stream` closes stream identified by + * |stream_id|. |app_error_code| is the reason of the closure. + */ +NGHTTP3_EXTERN int nghttp3_conn_close_stream(nghttp3_conn *conn, + int64_t stream_id, + uint64_t app_error_code); + +/** + * @function + * + * `nghttp3_conn_reset_stream` must be called if stream identified by + * |stream_id| is reset by a remote endpoint. This is required in + * order to cancel QPACK stream. + */ +NGHTTP3_EXTERN int nghttp3_conn_reset_stream(nghttp3_conn *conn, + int64_t stream_id); + +typedef enum { + NGHTTP3_DATA_FLAG_NONE = 0x00, + /** + * ``NGHTTP3_DATA_FLAG_EOF`` indicates that all request or response + * body has been provided to the library. It also indicates that + * sending side of stream is closed unless + * :enum:`NGHTTP3_DATA_FLAG_NO_END_STREAM` is given at the same + * time. + */ + NGHTTP3_DATA_FLAG_EOF = 0x01, + /** + * ``NGHTTP3_DATA_FLAG_NO_END_STREAM`` indicates that sending side + * of stream is not closed even if NGHTTP3_DATA_FLAG_EOF is set. + * Usually this flag is used to send trailer fields with + * `nghttp3_conn_submit_trailers()`. If + * `nghttp3_conn_submit_trailers()` has been called, regardless of + * this flag, the submitted trailer fields are sent. + */ + NGHTTP3_DATA_FLAG_NO_END_STREAM = 0x02 +} nghttp3_data_flag; + +/** + * @function + * + * `nghttp3_conn_set_max_client_streams_bidi` tells |conn| the + * cumulative number of bidirectional streams that client can open. + */ +NGHTTP3_EXTERN void +nghttp3_conn_set_max_client_streams_bidi(nghttp3_conn *conn, + uint64_t max_streams); + +/** + * @functypedef + * + * :type:`nghttp3_read_data_callback` is a callback function invoked + * when the library asks an application to provide stream data for a + * stream denoted by |stream_id|. + * + * The application should store the pointer to data to |*pdata| and + * the data length to |*pdatalen|. They are initialized to NULL and 0 + * respectively. The application must retain data until they are safe + * to free. It is notified by :type:`nghttp3_acked_stream_data` + * callback. + * + * If this is the last data to send (or there is no data to send + * because all data have been sent already), set + * :enum:`NGHTTP3_DATA_FLAG_EOF` to |*pflags|. + * + * If the application is unable to provide data temporarily, return + * :enum:`NGHTTP3_ERR_WOULDBLOCK`. When it is ready to provide + * data, call `nghttp3_conn_resume_stream()`. + * + * The callback should return 0 if it succeeds, or + * :enum:`NGHTTP3_ERR_CALLBACK_FAILURE`. + * + * TODO Add NGHTTP3_ERR_TEMPORAL_CALLBACK_FAILURE to reset just this + * stream. + */ +typedef int (*nghttp3_read_data_callback)(nghttp3_conn *conn, int64_t stream_id, + const uint8_t **pdata, + size_t *pdatalen, uint32_t *pflags, + void *conn_user_data, + void *stream_user_data); + +/** + * @struct + * + * :type:`nghttp3_data_reader` specifies the way how to generate + * request or response body. + */ +typedef struct { + /** + * read_data is a callback function to generate body. + */ + nghttp3_read_data_callback read_data; +} nghttp3_data_reader; + +/** + * @function + * + * `nghttp3_conn_submit_request` submits HTTP request header fields + * and body on the stream identified by |stream_id|. |stream_id| must + * be a client initiated bidirectional stream. Only client can submit + * HTTP request. |nva| of length |nvlen| specifies HTTP request + * header fields. |dr| specifies a request body. If there is no + * request body, specify NULL. If |dr| is NULL, it implies the end of + * stream. |stream_user_data| is an opaque pointer attached to the + * stream. + */ +NGHTTP3_EXTERN int nghttp3_conn_submit_request( + nghttp3_conn *conn, int64_t stream_id, const nghttp3_nv *nva, size_t nvlen, + const nghttp3_data_reader *dr, void *stream_user_data); + +/** + * @function + * + * `nghttp3_conn_submit_push_promise` submits push promise on the + * stream identified by |stream_id|. |stream_id| must be a client + * initiated bidirectional stream. Only server can submit push + * promise. On success, a push ID is assigned to |*ppush_id|. |nva| + * of length |nvlen| specifies HTTP request header fields. In order + * to submit HTTP response, first call + * `nghttp3_conn_bind_push_stream()` and then + * `nghttp3_conn_submit_response()`. + */ +NGHTTP3_EXTERN int nghttp3_conn_submit_push_promise(nghttp3_conn *conn, + int64_t *ppush_id, + int64_t stream_id, + const nghttp3_nv *nva, + size_t nvlen); + +/** + * @function + * + * `nghttp3_conn_submit_info` submits HTTP non-final response header + * fields on the stream identified by |stream_id|. |nva| of length + * |nvlen| specifies HTTP response header fields. + */ +NGHTTP3_EXTERN int nghttp3_conn_submit_info(nghttp3_conn *conn, + int64_t stream_id, + const nghttp3_nv *nva, + size_t nvlen); + +/** + * @function + * + * `nghttp3_conn_submit_response` submits HTTP response header fields + * and body on the stream identified by |stream_id|. |nva| of length + * |nvlen| specifies HTTP response header fields. |dr| specifies a + * response body. If there is no response body, specify NULL. If + * |dr| is NULL, it implies the end of stream. + */ +NGHTTP3_EXTERN int nghttp3_conn_submit_response(nghttp3_conn *conn, + int64_t stream_id, + const nghttp3_nv *nva, + size_t nvlen, + const nghttp3_data_reader *dr); + +/** + * @function + * + * `nghttp3_conn_submit_trailers` submits HTTP trailer fields on the + * stream identified by |stream_id|. |nva| of length |nvlen| + * specifies HTTP trailer fields. Calling this function implies the + * end of stream. + */ +NGHTTP3_EXTERN int nghttp3_conn_submit_trailers(nghttp3_conn *conn, + int64_t stream_id, + const nghttp3_nv *nva, + size_t nvlen); + +/** + * @function + * + * `nghttp3_conn_bind_push_stream` binds the stream identified by + * |stream_id| to the push identified by |push_id|. |stream_id| must + * be a server initiated unidirectional stream. |push_id| must be + * obtained from `nghttp3_conn_submit_push_promise()`. To send + * response to this push, call `nghttp3_conn_submit_response()`. + */ +NGHTTP3_EXTERN int nghttp3_conn_bind_push_stream(nghttp3_conn *conn, + int64_t push_id, + int64_t stream_id); + +/** + * @function + * + * `nghttp3_conn_cancel_push` cancels the push identified by + * |push_id|. It is not possible to cancel the push after the + * response stream opens. In that case, send RESET_STREAM (if |conn| + * is server) or STOP_SENDING (if |conn| is client) on the underlying + * QUIC stream. + */ +NGHTTP3_EXTERN int nghttp3_conn_cancel_push(nghttp3_conn *conn, + int64_t push_id); + +/** + * @function + * + * `nghttp3_conn_submit_priority` submits priority change to the + * connection |conn|. |pt| specifies the type of ID |pri_elem_id|. + * |dt| specifies the type of ID |elem_dep_id|. |weight| must be [1, + * 256], inclusive. function can be called with client |conn|. This + * function makes node identified by |pri_elem_id| depend on another + * node identified by |elem_dep_id|. It is an error to attempt to + * make a dependency to itself. If |exclusive| is nonzero, this makes + * exclusive dependency. + * + * Before calling this function, control stream must be bound to a + * stream ID using `nghttp3_conn_bind_control_stream()`. + */ +NGHTTP3_EXTERN int nghttp3_conn_submit_priority(nghttp3_conn *conn, + nghttp3_pri_elem_type pt, + int64_t pri_elem_id, + nghttp3_elem_dep_type dt, + int64_t elem_dep_id, + uint32_t weight, int exclusive); + +/** + * @function + * + * `nghttp3_conn_set_stream_user_data` sets |stream_user_data| to the + * stream identified by |stream_id|. + */ +NGHTTP3_EXTERN int nghttp3_conn_set_stream_user_data(nghttp3_conn *conn, + int64_t stream_id, + void *stream_user_data); + +/** + * @function + * + * `nghttp3_conn_get_num_placeholders` returns the number of + * placeholders that remote endpoint permits. + */ +NGHTTP3_EXTERN uint64_t +nghttp3_conn_get_remote_num_placeholders(nghttp3_conn *conn); + +/** + * @function + * + * `nghttp3_conn_get_frame_payload_left` returns the number of bytes + * left to read current frame payload for a stream denoted by + * |stream_id|. If no such stream is found, it returns + * :enum:`NGHTTP3_ERR_INVALID_ARGUMENT`. + */ +NGHTTP3_EXTERN int64_t nghttp3_conn_get_frame_payload_left(nghttp3_conn *conn, + int64_t stream_id); + +/** + * @function + * + * `nghttp3_conn_is_remote_qpack_encoder_stream` returns nonzero if a + * stream denoted by |stream_id| is QPACK encoder stream of a remote + * endpoint. + */ +NGHTTP3_EXTERN int +nghttp3_conn_is_remote_qpack_encoder_stream(nghttp3_conn *conn, + int64_t stream_id); + +/** + * @function + * + * `nghttp3_vec_len` returns the sum of length in |vec| of |cnt| + * elements. + */ +NGHTTP3_EXTERN size_t nghttp3_vec_len(const nghttp3_vec *vec, size_t cnt); + +/** + * @function + * + * `nghttp3_vec_empty` returns nonzero if |vec| of |cnt| elements has + * 0 length data. + */ +NGHTTP3_EXTERN int nghttp3_vec_empty(const nghttp3_vec *vec, size_t cnt); + +/** + * @function + * + * `nghttp3_vec_consume` removes first |len| bytes from |*pvec| of + * |*pcnt| elements. The adjusted vector and number of elements are + * stored in |*pvec| and |*pcnt| respectively. + */ +NGHTTP3_EXTERN void nghttp3_vec_consume(nghttp3_vec **pvec, size_t *pcnt, + size_t len); + +/** + * @function + * + * `nghttp3_check_header_name` returns nonzero if HTTP header field + * name |name| of length |len| is valid according to + * http://tools.ietf.org/html/rfc7230#section-3.2 + * + * Because this is a header field name in HTTP/3, the upper cased + * alphabet is treated as error. + */ +NGHTTP3_EXTERN int nghttp3_check_header_name(const uint8_t *name, size_t len); + +/** + * @function + * + * `nghttp3_check_header_value` returns nonzero if HTTP header field + * value |value| of length |len| is valid according to + * http://tools.ietf.org/html/rfc7230#section-3.2 + */ +NGHTTP3_EXTERN int nghttp3_check_header_value(const uint8_t *value, size_t len); + +#ifdef __cplusplus +} +#endif + +#endif /* NGHTTP3_H */ diff --git a/deps/nghttp3/lib/includes/nghttp3/version.h b/deps/nghttp3/lib/includes/nghttp3/version.h new file mode 100644 index 0000000000..8f3108c95f --- /dev/null +++ b/deps/nghttp3/lib/includes/nghttp3/version.h @@ -0,0 +1,46 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2016 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGHTTP3_VERSION_H +#define NGHTTP3_VERSION_H + +/** + * @macro + * + * Version number of the nghttp3 library release. + */ +#define NGHTTP3_VERSION "0.1.90" + +/** + * @macro + * + * Numerical representation of the version number of the nghttp3 + * library release. This is a 24 bit number with 8 bits for major + * number, 8 bits for minor and 8 bits for patch. Version 1.2.3 + * becomes 0x010203. + */ +#define NGHTTP3_VERSION_NUM 0x00015a + +#endif /* NGHTTP3_VERSION_H */ diff --git a/deps/nghttp3/lib/nghttp3_buf.c b/deps/nghttp3/lib/nghttp3_buf.c new file mode 100644 index 0000000000..8679e28dd8 --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_buf.c @@ -0,0 +1,90 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "nghttp3_buf.h" + +void nghttp3_buf_init(nghttp3_buf *buf) { + buf->begin = buf->end = buf->pos = buf->last = NULL; +} + +void nghttp3_buf_wrap_init(nghttp3_buf *buf, uint8_t *src, size_t len) { + buf->begin = buf->pos = buf->last = src; + buf->end = buf->begin + len; +} + +void nghttp3_buf_free(nghttp3_buf *buf, const nghttp3_mem *mem) { + nghttp3_mem_free(mem, buf->begin); +} + +size_t nghttp3_buf_left(const nghttp3_buf *buf) { + return (size_t)(buf->end - buf->last); +} + +size_t nghttp3_buf_len(const nghttp3_buf *buf) { + return (size_t)(buf->last - buf->pos); +} + +size_t nghttp3_buf_cap(const nghttp3_buf *buf) { + return (size_t)(buf->end - buf->begin); +} + +void nghttp3_buf_reset(nghttp3_buf *buf) { buf->pos = buf->last = buf->begin; } + +int nghttp3_buf_reserve(nghttp3_buf *buf, size_t size, const nghttp3_mem *mem) { + uint8_t *p; + ssize_t pos_offset, last_offset; + + if ((size_t)(buf->end - buf->begin) >= size) { + return 0; + } + + pos_offset = buf->pos - buf->begin; + last_offset = buf->last - buf->begin; + + p = nghttp3_mem_realloc(mem, buf->begin, size); + if (p == NULL) { + return NGHTTP3_ERR_NOMEM; + } + + buf->begin = p; + buf->end = p + size; + buf->pos = p + pos_offset; + buf->last = p + last_offset; + + return 0; +} + +void nghttp3_buf_swap(nghttp3_buf *a, nghttp3_buf *b) { + nghttp3_buf c = *a; + + *a = *b; + *b = c; +} + +void nghttp3_typed_buf_init(nghttp3_typed_buf *tbuf, const nghttp3_buf *buf, + nghttp3_buf_type type) { + tbuf->buf = *buf; + tbuf->type = type; +} diff --git a/deps/nghttp3/lib/nghttp3_buf.h b/deps/nghttp3/lib/nghttp3_buf.h new file mode 100644 index 0000000000..493d81be31 --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_buf.h @@ -0,0 +1,74 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGHTTP3_BUF_H +#define NGHTTP3_BUF_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include "nghttp3_mem.h" + +void nghttp3_buf_wrap_init(nghttp3_buf *buf, uint8_t *src, size_t len); + +/* + * nghttp3_buf_cap returns the capacity of the buffer. In other + * words, it returns buf->end - buf->begin. + */ +size_t nghttp3_buf_cap(const nghttp3_buf *buf); + +int nghttp3_buf_reserve(nghttp3_buf *buf, size_t size, const nghttp3_mem *mem); + +/* + * nghttp3_buf_swap swaps |a| and |b|. + */ +void nghttp3_buf_swap(nghttp3_buf *a, nghttp3_buf *b); + +typedef enum { + /* NGHTTP3_BUF_TYPE_PRIVATE indicates that memory is allocated for + this buffer only and should be freed after its use. */ + NGHTTP3_BUF_TYPE_PRIVATE, + /* NGHTTP3_BUF_TYPE_SHARED indicates that buffer points to shared + memory. */ + NGHTTP3_BUF_TYPE_SHARED, + /* NGHTTP3_BUF_TYPE_ALIEN indicates that the buffer points to a + memory which comes from outside of the library. */ + NGHTTP3_BUF_TYPE_ALIEN, +} nghttp3_buf_type; + +typedef struct { + nghttp3_buf buf; + nghttp3_buf_type type; +} nghttp3_typed_buf; + +void nghttp3_typed_buf_init(nghttp3_typed_buf *tbuf, const nghttp3_buf *buf, + nghttp3_buf_type type); + +void nghttp3_typed_buf_free(nghttp3_typed_buf *tbuf); + +#endif /* NGHTTP3_BUF_H */ diff --git a/deps/nghttp3/lib/nghttp3_conn.c b/deps/nghttp3/lib/nghttp3_conn.c new file mode 100644 index 0000000000..342667abb3 --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_conn.c @@ -0,0 +1,3572 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "nghttp3_conn.h" + +#include +#include +#include + +#include "nghttp3_mem.h" +#include "nghttp3_macro.h" +#include "nghttp3_err.h" +#include "nghttp3_conv.h" +#include "nghttp3_http.h" + +/* + * conn_remote_stream_uni returns nonzero if |stream_id| is remote + * unidirectional stream ID. + */ +static int conn_remote_stream_uni(nghttp3_conn *conn, int64_t stream_id) { + if (conn->server) { + return (stream_id & 0x03) == 0x02; + } + return (stream_id & 0x03) == 0x03; +} + +static int conn_call_begin_headers(nghttp3_conn *conn, nghttp3_stream *stream) { + int rv; + + if (!conn->callbacks.begin_headers) { + return 0; + } + + rv = conn->callbacks.begin_headers(conn, stream->node.nid.id, conn->user_data, + stream->user_data); + if (rv != 0) { + /* TODO Allow ignore headers */ + return NGHTTP3_ERR_CALLBACK_FAILURE; + } + + return 0; +} + +static int conn_call_end_headers(nghttp3_conn *conn, nghttp3_stream *stream) { + int rv; + + if (!conn->callbacks.end_headers) { + return 0; + } + + rv = conn->callbacks.end_headers(conn, stream->node.nid.id, conn->user_data, + stream->user_data); + if (rv != 0) { + /* TODO Allow ignore headers */ + return NGHTTP3_ERR_CALLBACK_FAILURE; + } + + return 0; +} + +static int conn_call_begin_trailers(nghttp3_conn *conn, + nghttp3_stream *stream) { + int rv; + + if (!conn->callbacks.begin_trailers) { + return 0; + } + + rv = conn->callbacks.begin_trailers(conn, stream->node.nid.id, + conn->user_data, stream->user_data); + if (rv != 0) { + /* TODO Allow ignore headers */ + return NGHTTP3_ERR_CALLBACK_FAILURE; + } + + return 0; +} + +static int conn_call_end_trailers(nghttp3_conn *conn, nghttp3_stream *stream) { + int rv; + + if (!conn->callbacks.end_trailers) { + return 0; + } + + rv = conn->callbacks.end_trailers(conn, stream->node.nid.id, conn->user_data, + stream->user_data); + if (rv != 0) { + /* TODO Allow ignore headers */ + return NGHTTP3_ERR_CALLBACK_FAILURE; + } + + return 0; +} + +static int conn_call_begin_push_promise(nghttp3_conn *conn, + nghttp3_stream *stream, + int64_t push_id) { + int rv; + + if (!conn->callbacks.begin_push_promise) { + return 0; + } + + rv = conn->callbacks.begin_push_promise(conn, stream->node.nid.id, push_id, + conn->user_data, stream->user_data); + if (rv != 0) { + /* TODO Allow ignore headers */ + return NGHTTP3_ERR_CALLBACK_FAILURE; + } + + return 0; +} + +static int conn_call_end_push_promise(nghttp3_conn *conn, + nghttp3_stream *stream, int64_t push_id) { + int rv; + + if (!conn->callbacks.end_push_promise) { + return 0; + } + + rv = conn->callbacks.end_push_promise(conn, stream->node.nid.id, push_id, + conn->user_data, stream->user_data); + if (rv != 0) { + /* TODO Allow ignore headers */ + return NGHTTP3_ERR_CALLBACK_FAILURE; + } + + return 0; +} + +static int conn_call_end_stream(nghttp3_conn *conn, nghttp3_stream *stream) { + int rv; + + if (!conn->callbacks.end_stream) { + return 0; + } + + rv = conn->callbacks.end_stream(conn, stream->node.nid.id, conn->user_data, + stream->user_data); + if (rv != 0) { + return NGHTTP3_ERR_CALLBACK_FAILURE; + } + + return 0; +} + +static int conn_call_cancel_push(nghttp3_conn *conn, int64_t push_id, + nghttp3_stream *stream) { + int rv; + + if (!conn->callbacks.cancel_push) { + return 0; + } + + rv = conn->callbacks.cancel_push( + conn, push_id, stream ? stream->node.nid.id : -1, conn->user_data, + stream ? stream->user_data : NULL); + if (rv != 0) { + return NGHTTP3_ERR_CALLBACK_FAILURE; + } + + return 0; +} + +static int conn_call_send_stop_sending(nghttp3_conn *conn, + nghttp3_stream *stream, + uint64_t app_error_code) { + int rv; + + if (!conn->callbacks.send_stop_sending) { + return 0; + } + + rv = conn->callbacks.send_stop_sending(conn, stream->node.nid.id, + app_error_code, conn->user_data, + stream->user_data); + if (rv != 0) { + return NGHTTP3_ERR_CALLBACK_FAILURE; + } + + return 0; +} + +static int conn_call_push_stream(nghttp3_conn *conn, int64_t push_id, + nghttp3_stream *stream) { + int rv; + + if (!conn->callbacks.push_stream) { + return 0; + } + + rv = conn->callbacks.push_stream(conn, push_id, stream->node.nid.id, + conn->user_data); + if (rv != 0) { + return NGHTTP3_ERR_CALLBACK_FAILURE; + } + + return 0; +} + +static int conn_call_deferred_consume(nghttp3_conn *conn, + nghttp3_stream *stream, + size_t nconsumed) { + int rv; + + if (nconsumed == 0 || !conn->callbacks.deferred_consume) { + return 0; + } + + rv = conn->callbacks.deferred_consume(conn, stream->node.nid.id, nconsumed, + conn->user_data, stream->user_data); + if (rv != 0) { + return NGHTTP3_ERR_CALLBACK_FAILURE; + } + + return 0; +} + +static int ricnt_less(const nghttp3_pq_entry *lhsx, + const nghttp3_pq_entry *rhsx) { + nghttp3_stream *lhs = + nghttp3_struct_of(lhsx, nghttp3_stream, qpack_blocked_pe); + nghttp3_stream *rhs = + nghttp3_struct_of(rhsx, nghttp3_stream, qpack_blocked_pe); + + return lhs->qpack_sctx.ricnt < rhs->qpack_sctx.ricnt; +} + +static int conn_new(nghttp3_conn **pconn, int server, + const nghttp3_conn_callbacks *callbacks, + const nghttp3_conn_settings *settings, + const nghttp3_mem *mem, void *user_data) { + int rv; + nghttp3_conn *conn; + nghttp3_node_id nid; + + conn = nghttp3_mem_calloc(mem, 1, sizeof(nghttp3_conn)); + if (conn == NULL) { + return NGHTTP3_ERR_NOMEM; + } + + nghttp3_tnode_init(&conn->root, + nghttp3_node_id_init(&nid, NGHTTP3_NODE_ID_TYPE_ROOT, 0), + 0, NGHTTP3_DEFAULT_WEIGHT, NULL, mem); + + nghttp3_tnode_init(&conn->orphan_root, + nghttp3_node_id_init(&nid, NGHTTP3_NODE_ID_TYPE_ROOT, 1), + 0, NGHTTP3_DEFAULT_WEIGHT, NULL, mem); + + rv = nghttp3_map_init(&conn->streams, mem); + if (rv != 0) { + goto streams_init_fail; + } + + rv = nghttp3_map_init(&conn->placeholders, mem); + if (rv != 0) { + goto placeholders_init_fail; + } + + rv = nghttp3_map_init(&conn->pushes, mem); + if (rv != 0) { + goto pushes_init_fail; + } + + rv = nghttp3_qpack_decoder_init(&conn->qdec, + settings->qpack_max_table_capacity, + settings->qpack_blocked_streams, mem); + if (rv != 0) { + goto qdec_init_fail; + } + + rv = nghttp3_qpack_encoder_init(&conn->qenc, 0, 0, mem); + if (rv != 0) { + goto qenc_init_fail; + } + + nghttp3_pq_init(&conn->qpack_blocked_streams, ricnt_less, mem); + + rv = nghttp3_idtr_init(&conn->remote.bidi.idtr, server, mem); + if (rv != 0) { + goto remote_bidi_idtr_init_fail; + } + + rv = nghttp3_gaptr_init(&conn->remote.uni.push_idtr, mem); + if (rv != 0) { + goto push_idtr_init_fail; + } + + conn->callbacks = *callbacks; + conn->local.settings = *settings; + nghttp3_conn_settings_default(&conn->remote.settings); + conn->mem = mem; + conn->user_data = user_data; + conn->next_seq = 0; + conn->server = server; + + *pconn = conn; + + return 0; + +push_idtr_init_fail: + nghttp3_idtr_free(&conn->remote.bidi.idtr); +remote_bidi_idtr_init_fail: + nghttp3_qpack_encoder_free(&conn->qenc); +qenc_init_fail: + nghttp3_qpack_decoder_free(&conn->qdec); +qdec_init_fail: + nghttp3_map_free(&conn->pushes); +pushes_init_fail: + nghttp3_map_free(&conn->placeholders); +placeholders_init_fail: + nghttp3_map_free(&conn->streams); +streams_init_fail: + nghttp3_mem_free(mem, conn); + + return rv; +} + +int nghttp3_conn_client_new(nghttp3_conn **pconn, + const nghttp3_conn_callbacks *callbacks, + const nghttp3_conn_settings *settings, + const nghttp3_mem *mem, void *user_data) { + int rv; + + if (settings->num_placeholders) { + return NGHTTP3_ERR_INVALID_ARGUMENT; + } + + rv = conn_new(pconn, /* server = */ 0, callbacks, settings, mem, user_data); + if (rv != 0) { + return rv; + } + + (*pconn)->remote.uni.unsent_max_pushes = settings->max_pushes; + + return 0; +} + +int nghttp3_conn_server_new(nghttp3_conn **pconn, + const nghttp3_conn_callbacks *callbacks, + const nghttp3_conn_settings *settings, + const nghttp3_mem *mem, void *user_data) { + int rv; + + rv = conn_new(pconn, /* server = */ 1, callbacks, settings, mem, user_data); + if (rv != 0) { + return rv; + } + + return 0; +} + +static int free_push_promise(nghttp3_map_entry *ent, void *ptr) { + nghttp3_push_promise *pp = nghttp3_struct_of(ent, nghttp3_push_promise, me); + const nghttp3_mem *mem = ptr; + + nghttp3_push_promise_del(pp, mem); + + return 0; +} + +static int free_placeholder(nghttp3_map_entry *ent, void *ptr) { + nghttp3_placeholder *ph = nghttp3_struct_of(ent, nghttp3_placeholder, me); + const nghttp3_mem *mem = ptr; + + nghttp3_placeholder_del(ph, mem); + + return 0; +} + +static int free_stream(nghttp3_map_entry *ent, void *ptr) { + nghttp3_stream *stream = nghttp3_struct_of(ent, nghttp3_stream, me); + + (void)ptr; + + nghttp3_stream_del(stream); + + return 0; +} + +void nghttp3_conn_del(nghttp3_conn *conn) { + if (conn == NULL) { + return; + } + + nghttp3_gaptr_free(&conn->remote.uni.push_idtr); + + nghttp3_idtr_free(&conn->remote.bidi.idtr); + + nghttp3_pq_free(&conn->qpack_blocked_streams); + + nghttp3_qpack_encoder_free(&conn->qenc); + nghttp3_qpack_decoder_free(&conn->qdec); + + nghttp3_map_each_free(&conn->pushes, free_push_promise, (void *)conn->mem); + nghttp3_map_free(&conn->pushes); + + nghttp3_map_each_free(&conn->placeholders, free_placeholder, + (void *)conn->mem); + nghttp3_map_free(&conn->placeholders); + + nghttp3_map_each_free(&conn->streams, free_stream, NULL); + nghttp3_map_free(&conn->streams); + + nghttp3_tnode_free(&conn->orphan_root); + nghttp3_tnode_free(&conn->root); + + nghttp3_mem_free(conn->mem, conn); +} + +ssize_t nghttp3_conn_read_stream(nghttp3_conn *conn, int64_t stream_id, + const uint8_t *src, size_t srclen, int fin) { + nghttp3_stream *stream; + size_t bidi_nproc; + int rv; + + stream = nghttp3_conn_find_stream(conn, stream_id); + if (stream == NULL) { + /* TODO Assert idtr */ + /* QUIC transport ensures that this is new stream. */ + if (conn->server) { + if (nghttp3_client_stream_bidi(stream_id)) { + rv = nghttp3_idtr_open(&conn->remote.bidi.idtr, stream_id); + assert(rv == 0); + rv = nghttp3_conn_create_stream(conn, &stream, stream_id); + } else { + /* unidirectional stream */ + rv = nghttp3_conn_create_stream_dependency(conn, &stream, stream_id, 0, + NULL); + } + if (rv != 0) { + return rv; + } + + stream->rx.hstate = NGHTTP3_HTTP_STATE_REQ_INITIAL; + stream->tx.hstate = NGHTTP3_HTTP_STATE_REQ_INITIAL; + } else if (nghttp3_stream_uni(stream_id)) { + rv = nghttp3_conn_create_stream_dependency(conn, &stream, stream_id, 0, + NULL); + if (rv != 0) { + return rv; + } + + stream->rx.hstate = NGHTTP3_HTTP_STATE_RESP_INITIAL; + stream->tx.hstate = NGHTTP3_HTTP_STATE_RESP_INITIAL; + } else { + /* client doesn't expect to receive new bidirectional stream + from server. */ + return NGHTTP3_ERR_HTTP_STREAM_CREATION_ERROR; + } + } else if (conn->server) { + if (nghttp3_client_stream_bidi(stream_id)) { + if (stream->rx.hstate == NGHTTP3_HTTP_STATE_NONE) { + stream->rx.hstate = NGHTTP3_HTTP_STATE_REQ_INITIAL; + stream->tx.hstate = NGHTTP3_HTTP_STATE_REQ_INITIAL; + } + } + } else if (nghttp3_stream_uni(stream_id) && + stream->type == NGHTTP3_STREAM_TYPE_PUSH) { + if (stream->rx.hstate == NGHTTP3_HTTP_STATE_NONE) { + stream->rx.hstate = NGHTTP3_HTTP_STATE_RESP_INITIAL; + stream->tx.hstate = NGHTTP3_HTTP_STATE_RESP_INITIAL; + } + } + + if (srclen == 0 && !fin) { + return 0; + } + + if (nghttp3_stream_uni(stream_id)) { + return nghttp3_conn_read_uni(conn, stream, src, srclen, fin); + } + + if (fin) { + stream->flags |= NGHTTP3_STREAM_FLAG_READ_EOF; + } + return nghttp3_conn_read_bidi(conn, &bidi_nproc, stream, src, srclen, fin); +} + +static ssize_t conn_read_type(nghttp3_conn *conn, nghttp3_stream *stream, + const uint8_t *src, size_t srclen, int fin) { + nghttp3_stream_read_state *rstate = &stream->rstate; + nghttp3_varint_read_state *rvint = &rstate->rvint; + ssize_t nread; + int64_t stream_type; + + assert(srclen); + + nread = nghttp3_read_varint(rvint, src, srclen, fin); + if (nread < 0) { + return NGHTTP3_ERR_HTTP_GENERAL_PROTOCOL_ERROR; + } + + if (rvint->left) { + return nread; + } + + stream_type = rvint->acc; + nghttp3_varint_read_state_reset(rvint); + + switch (stream_type) { + case NGHTTP3_STREAM_TYPE_CONTROL: + if (conn->flags & NGHTTP3_CONN_FLAG_CONTROL_OPENED) { + return NGHTTP3_ERR_HTTP_STREAM_CREATION_ERROR; + } + conn->flags |= NGHTTP3_CONN_FLAG_CONTROL_OPENED; + stream->type = NGHTTP3_STREAM_TYPE_CONTROL; + rstate->state = NGHTTP3_CTRL_STREAM_STATE_FRAME_TYPE; + break; + case NGHTTP3_STREAM_TYPE_PUSH: + if (conn->server) { + return NGHTTP3_ERR_HTTP_STREAM_CREATION_ERROR; + } + stream->type = NGHTTP3_STREAM_TYPE_PUSH; + rstate->state = NGHTTP3_PUSH_STREAM_STATE_PUSH_ID; + break; + case NGHTTP3_STREAM_TYPE_QPACK_ENCODER: + if (conn->flags & NGHTTP3_CONN_FLAG_QPACK_ENCODER_OPENED) { + return NGHTTP3_ERR_HTTP_STREAM_CREATION_ERROR; + } + conn->flags |= NGHTTP3_CONN_FLAG_QPACK_ENCODER_OPENED; + stream->type = NGHTTP3_STREAM_TYPE_QPACK_ENCODER; + break; + case NGHTTP3_STREAM_TYPE_QPACK_DECODER: + if (conn->flags & NGHTTP3_CONN_FLAG_QPACK_DECODER_OPENED) { + return NGHTTP3_ERR_HTTP_STREAM_CREATION_ERROR; + } + conn->flags |= NGHTTP3_CONN_FLAG_QPACK_DECODER_OPENED; + stream->type = NGHTTP3_STREAM_TYPE_QPACK_DECODER; + break; + default: + stream->type = NGHTTP3_STREAM_TYPE_UNKNOWN; + break; + } + + stream->flags |= NGHTTP3_STREAM_FLAG_TYPE_IDENTIFIED; + + return nread; +} + +ssize_t nghttp3_conn_read_uni(nghttp3_conn *conn, nghttp3_stream *stream, + const uint8_t *src, size_t srclen, int fin) { + ssize_t nread = 0; + ssize_t nconsumed = 0; + size_t push_nproc; + int rv; + + assert(srclen); + + if (!(stream->flags & NGHTTP3_STREAM_FLAG_TYPE_IDENTIFIED)) { + nread = conn_read_type(conn, stream, src, srclen, fin); + if (nread < 0) { + return (int)nread; + } + if (!(stream->flags & NGHTTP3_STREAM_FLAG_TYPE_IDENTIFIED)) { + assert((size_t)nread == srclen); + return (ssize_t)srclen; + } + + src += nread; + srclen -= (size_t)nread; + + if (srclen == 0) { + return nread; + } + } + + switch (stream->type) { + case NGHTTP3_STREAM_TYPE_CONTROL: + if (fin) { + return NGHTTP3_ERR_HTTP_CLOSED_CRITICAL_STREAM; + } + nconsumed = nghttp3_conn_read_control(conn, stream, src, srclen); + break; + case NGHTTP3_STREAM_TYPE_PUSH: + if (fin) { + stream->flags |= NGHTTP3_STREAM_FLAG_READ_EOF; + } + nconsumed = + nghttp3_conn_read_push(conn, &push_nproc, stream, src, srclen, fin); + break; + case NGHTTP3_STREAM_TYPE_QPACK_ENCODER: + if (fin) { + return NGHTTP3_ERR_HTTP_CLOSED_CRITICAL_STREAM; + } + nconsumed = nghttp3_conn_read_qpack_encoder(conn, src, srclen); + break; + case NGHTTP3_STREAM_TYPE_QPACK_DECODER: + if (fin) { + return NGHTTP3_ERR_HTTP_CLOSED_CRITICAL_STREAM; + } + nconsumed = nghttp3_conn_read_qpack_decoder(conn, src, srclen); + break; + case NGHTTP3_STREAM_TYPE_UNKNOWN: + nconsumed = (ssize_t)srclen; + + rv = conn_call_send_stop_sending(conn, stream, + NGHTTP3_HTTP_STREAM_CREATION_ERROR); + if (rv != 0) { + return rv; + } + break; + default: + /* unreachable */ + assert(0); + } + + if (nconsumed < 0) { + return nconsumed; + } + + return nread + nconsumed; +} + +static int frame_fin(nghttp3_stream_read_state *rstate, size_t len) { + return (int64_t)len >= rstate->left; +} + +ssize_t nghttp3_conn_read_control(nghttp3_conn *conn, nghttp3_stream *stream, + const uint8_t *src, size_t srclen) { + const uint8_t *p = src, *end = src + srclen; + int rv; + nghttp3_stream_read_state *rstate = &stream->rstate; + nghttp3_varint_read_state *rvint = &rstate->rvint; + ssize_t nread; + size_t nconsumed = 0; + int busy = 0; + size_t len; + + assert(srclen); + + for (; p != end || busy;) { + busy = 0; + switch (rstate->state) { + case NGHTTP3_CTRL_STREAM_STATE_FRAME_TYPE: + assert(end - p > 0); + nread = nghttp3_read_varint(rvint, p, (size_t)(end - p), /* fin = */ 0); + if (nread < 0) { + return NGHTTP3_ERR_HTTP_GENERAL_PROTOCOL_ERROR; + } + + p += nread; + nconsumed += (size_t)nread; + if (rvint->left) { + return (ssize_t)nconsumed; + } + + rstate->fr.hd.type = rvint->acc; + nghttp3_varint_read_state_reset(rvint); + rstate->state = NGHTTP3_CTRL_STREAM_STATE_FRAME_LENGTH; + if (p == end) { + break; + } + /* Fall through */ + case NGHTTP3_CTRL_STREAM_STATE_FRAME_LENGTH: + assert(end - p > 0); + nread = nghttp3_read_varint(rvint, p, (size_t)(end - p), /* fin = */ 0); + if (nread < 0) { + return nghttp3_err_malformed_frame(rstate->fr.hd.type); + } + + p += nread; + nconsumed += (size_t)nread; + if (rvint->left) { + return (ssize_t)nconsumed; + } + + rstate->left = rstate->fr.hd.length = rvint->acc; + nghttp3_varint_read_state_reset(rvint); + + if (!(conn->flags & NGHTTP3_CONN_FLAG_SETTINGS_RECVED)) { + if (rstate->fr.hd.type != NGHTTP3_FRAME_SETTINGS) { + return NGHTTP3_ERR_HTTP_MISSING_SETTINGS; + } + conn->flags |= NGHTTP3_CONN_FLAG_SETTINGS_RECVED; + } else if (rstate->fr.hd.type == NGHTTP3_FRAME_SETTINGS) { + return NGHTTP3_ERR_HTTP_UNEXPECTED_FRAME; + } + + switch (rstate->fr.hd.type) { + case NGHTTP3_FRAME_PRIORITY: + if (!conn->server) { + return NGHTTP3_ERR_HTTP_UNEXPECTED_FRAME; + } + if (rstate->left < 3) { + return nghttp3_err_malformed_frame(NGHTTP3_FRAME_PRIORITY); + } + rstate->state = NGHTTP3_CTRL_STREAM_STATE_PRIORITY; + break; + case NGHTTP3_FRAME_CANCEL_PUSH: + if (rstate->left == 0) { + return nghttp3_err_malformed_frame(NGHTTP3_FRAME_CANCEL_PUSH); + } + rstate->state = NGHTTP3_CTRL_STREAM_STATE_CANCEL_PUSH; + break; + case NGHTTP3_FRAME_SETTINGS: + /* SETTINGS frame might be empty. */ + if (rstate->left == 0) { + nghttp3_stream_read_state_reset(rstate); + break; + } + rstate->state = NGHTTP3_CTRL_STREAM_STATE_SETTINGS; + break; + case NGHTTP3_FRAME_GOAWAY: + if (rstate->left == 0) { + return nghttp3_err_malformed_frame(NGHTTP3_FRAME_GOAWAY); + } + rstate->state = NGHTTP3_CTRL_STREAM_STATE_GOAWAY; + break; + case NGHTTP3_FRAME_MAX_PUSH_ID: + if (!conn->server) { + return NGHTTP3_ERR_HTTP_UNEXPECTED_FRAME; + } + if (rstate->left == 0) { + return nghttp3_err_malformed_frame(NGHTTP3_FRAME_MAX_PUSH_ID); + } + rstate->state = NGHTTP3_CTRL_STREAM_STATE_MAX_PUSH_ID; + break; + case NGHTTP3_FRAME_DATA: + case NGHTTP3_FRAME_HEADERS: + case NGHTTP3_FRAME_PUSH_PROMISE: + case NGHTTP3_FRAME_DUPLICATE_PUSH: + return NGHTTP3_ERR_HTTP_WRONG_STREAM; + default: + /* TODO Handle reserved frame type */ + busy = 1; + rstate->state = NGHTTP3_CTRL_STREAM_STATE_IGN_FRAME; + break; + } + break; + case NGHTTP3_CTRL_STREAM_STATE_PRIORITY: + switch (nghttp3_frame_pri_elem_type(*p)) { + case NGHTTP3_PRI_ELEM_TYPE_REQUEST: + case NGHTTP3_PRI_ELEM_TYPE_PUSH: + case NGHTTP3_PRI_ELEM_TYPE_PLACEHOLDER: + break; + default: + return nghttp3_err_malformed_frame(NGHTTP3_FRAME_PRIORITY); + } + rstate->fr.priority.pt = nghttp3_frame_pri_elem_type(*p); + rstate->fr.priority.dt = nghttp3_frame_elem_dep_type(*p); + rstate->fr.priority.exclusive = nghttp3_frame_pri_exclusive(*p); + + ++p; + ++nconsumed; + --rstate->left; + + rstate->state = NGHTTP3_CTRL_STREAM_STATE_PRIORITY_PRI_ELEM_ID; + if (p == end) { + return (ssize_t)nconsumed; + } + /* Fall through */ + case NGHTTP3_CTRL_STREAM_STATE_PRIORITY_PRI_ELEM_ID: + len = (size_t)nghttp3_min(rstate->left, (int64_t)(end - p)); + nread = nghttp3_read_varint(rvint, p, (size_t)(end - p), + (int64_t)len == rstate->left); + if (nread < 0) { + return nghttp3_err_malformed_frame(NGHTTP3_FRAME_PRIORITY); + } + + p += nread; + nconsumed += (size_t)nread; + rstate->left -= nread; + if (rvint->left) { + return (ssize_t)nconsumed; + } + + rstate->fr.priority.pri_elem_id = rvint->acc; + nghttp3_varint_read_state_reset(rvint); + + if (rstate->fr.priority.dt == NGHTTP3_ELEM_DEP_TYPE_ROOT) { + if (rstate->left != 1) { + return nghttp3_err_malformed_frame(NGHTTP3_FRAME_PRIORITY); + } + rstate->state = NGHTTP3_CTRL_STREAM_STATE_PRIORITY_WEIGHT; + break; + } + + if (rstate->left < 2) { + return nghttp3_err_malformed_frame(NGHTTP3_FRAME_PRIORITY); + } + + rstate->state = NGHTTP3_CTRL_STREAM_STATE_PRIORITY_ELEM_DEP_ID; + + if (p == end) { + return (ssize_t)nconsumed; + } + /* Fall through */ + case NGHTTP3_CTRL_STREAM_STATE_PRIORITY_ELEM_DEP_ID: + len = (size_t)nghttp3_min(rstate->left, (int64_t)(end - p)); + nread = nghttp3_read_varint(rvint, p, (size_t)(end - p), + (int64_t)len == rstate->left); + if (nread < 0) { + return nghttp3_err_malformed_frame(NGHTTP3_FRAME_PRIORITY); + } + + p += nread; + nconsumed += (size_t)nread; + rstate->left -= nread; + if (rvint->left) { + return (ssize_t)nconsumed; + } + + rstate->fr.priority.elem_dep_id = rvint->acc; + nghttp3_varint_read_state_reset(rvint); + + if (rstate->left != 1) { + return nghttp3_err_malformed_frame(NGHTTP3_FRAME_PRIORITY); + } + + rstate->state = NGHTTP3_CTRL_STREAM_STATE_PRIORITY_WEIGHT; + if (p == end) { + return (ssize_t)nconsumed; + } + /* Fall through */ + case NGHTTP3_CTRL_STREAM_STATE_PRIORITY_WEIGHT: + assert(p != end); + assert(rstate->left == 1); + + rstate->fr.priority.weight = (uint32_t)(*p) + 1; + + ++p; + ++nconsumed; + + rv = nghttp3_conn_on_control_priority(conn, &rstate->fr.priority); + if (rv != 0) { + return rv; + } + + nghttp3_stream_read_state_reset(rstate); + break; + case NGHTTP3_CTRL_STREAM_STATE_CANCEL_PUSH: + len = (size_t)nghttp3_min(rstate->left, (int64_t)(end - p)); + assert(len > 0); + nread = nghttp3_read_varint(rvint, p, len, frame_fin(rstate, len)); + if (nread < 0) { + return nghttp3_err_malformed_frame(NGHTTP3_FRAME_CANCEL_PUSH); + } + + p += nread; + nconsumed += (size_t)nread; + rstate->left -= nread; + if (rvint->left) { + return (ssize_t)nconsumed; + } + rstate->fr.cancel_push.push_id = rvint->acc; + nghttp3_varint_read_state_reset(rvint); + + if (conn->server) { + rv = nghttp3_conn_on_server_cancel_push(conn, &rstate->fr.cancel_push); + } else { + rv = nghttp3_conn_on_client_cancel_push(conn, &rstate->fr.cancel_push); + } + if (rv != 0) { + return rv; + } + + nghttp3_stream_read_state_reset(rstate); + break; + case NGHTTP3_CTRL_STREAM_STATE_SETTINGS: + for (; p != end;) { + if (rstate->left == 0) { + nghttp3_stream_read_state_reset(rstate); + break; + } + /* Read Identifier */ + len = (size_t)nghttp3_min(rstate->left, (int64_t)(end - p)); + assert(len > 0); + nread = nghttp3_read_varint(rvint, p, len, frame_fin(rstate, len)); + if (nread < 0) { + return nghttp3_err_malformed_frame(NGHTTP3_FRAME_SETTINGS); + } + + p += nread; + nconsumed += (size_t)nread; + rstate->left -= nread; + if (rvint->left) { + rstate->state = NGHTTP3_CTRL_STREAM_STATE_SETTINGS_ID; + return (ssize_t)nconsumed; + } + rstate->fr.settings.iv[0].id = (uint64_t)rvint->acc; + nghttp3_varint_read_state_reset(rvint); + + /* Read Value */ + if (rstate->left == 0) { + return nghttp3_err_malformed_frame(NGHTTP3_FRAME_SETTINGS); + } + + len -= (size_t)nread; + if (len == 0) { + rstate->state = NGHTTP3_CTRL_STREAM_STATE_SETTINGS_VALUE; + break; + } + + nread = nghttp3_read_varint(rvint, p, len, frame_fin(rstate, len)); + if (nread < 0) { + return nghttp3_err_malformed_frame(NGHTTP3_FRAME_SETTINGS); + } + + p += nread; + nconsumed += (size_t)nread; + rstate->left -= nread; + if (rvint->left) { + rstate->state = NGHTTP3_CTRL_STREAM_STATE_SETTINGS_VALUE; + return (ssize_t)nconsumed; + } + rstate->fr.settings.iv[0].value = (uint64_t)rvint->acc; + nghttp3_varint_read_state_reset(rvint); + + rv = + nghttp3_conn_on_settings_entry_received(conn, &rstate->fr.settings); + if (rv != 0) { + return rv; + } + } + break; + case NGHTTP3_CTRL_STREAM_STATE_SETTINGS_ID: + len = (size_t)nghttp3_min(rstate->left, (int64_t)(end - p)); + assert(len > 0); + nread = nghttp3_read_varint(rvint, p, len, frame_fin(rstate, len)); + if (nread < 0) { + return nghttp3_err_malformed_frame(NGHTTP3_FRAME_SETTINGS); + } + + p += nread; + nconsumed += (size_t)nread; + rstate->left -= nread; + if (rvint->left) { + return (ssize_t)nconsumed; + } + rstate->fr.settings.iv[0].id = (uint64_t)rvint->acc; + nghttp3_varint_read_state_reset(rvint); + + if (rstate->left == 0) { + return nghttp3_err_malformed_frame(NGHTTP3_FRAME_SETTINGS); + } + + rstate->state = NGHTTP3_CTRL_STREAM_STATE_SETTINGS_VALUE; + + if (p == end) { + return (ssize_t)nconsumed; + } + /* Fall through */ + case NGHTTP3_CTRL_STREAM_STATE_SETTINGS_VALUE: + len = (size_t)nghttp3_min(rstate->left, (int64_t)(end - p)); + assert(len > 0); + nread = nghttp3_read_varint(rvint, p, len, frame_fin(rstate, len)); + if (nread < 0) { + return nghttp3_err_malformed_frame(NGHTTP3_FRAME_SETTINGS); + } + + p += nread; + nconsumed += (size_t)nread; + rstate->left -= nread; + if (rvint->left) { + return (ssize_t)nconsumed; + } + rstate->fr.settings.iv[0].value = (uint64_t)rvint->acc; + nghttp3_varint_read_state_reset(rvint); + + rv = nghttp3_conn_on_settings_entry_received(conn, &rstate->fr.settings); + if (rv != 0) { + return rv; + } + + if (rstate->left) { + rstate->state = NGHTTP3_CTRL_STREAM_STATE_SETTINGS; + break; + } + + nghttp3_stream_read_state_reset(rstate); + break; + case NGHTTP3_CTRL_STREAM_STATE_GOAWAY: + /* TODO Not implemented yet */ + rstate->state = NGHTTP3_CTRL_STREAM_STATE_IGN_FRAME; + break; + case NGHTTP3_CTRL_STREAM_STATE_MAX_PUSH_ID: + /* server side only */ + len = (size_t)nghttp3_min(rstate->left, (int64_t)(end - p)); + assert(len > 0); + nread = nghttp3_read_varint(rvint, p, len, frame_fin(rstate, len)); + if (nread < 0) { + return nghttp3_err_malformed_frame(NGHTTP3_FRAME_MAX_PUSH_ID); + } + + p += nread; + nconsumed += (size_t)nread; + rstate->left -= nread; + if (rvint->left) { + return (ssize_t)nconsumed; + } + + if (conn->local.uni.max_pushes > (uint64_t)rvint->acc) { + return nghttp3_err_malformed_frame(NGHTTP3_FRAME_MAX_PUSH_ID); + } + + conn->local.uni.max_pushes = (uint64_t)rvint->acc; + nghttp3_varint_read_state_reset(rvint); + + nghttp3_stream_read_state_reset(rstate); + break; + case NGHTTP3_CTRL_STREAM_STATE_IGN_FRAME: + len = (size_t)nghttp3_min(rstate->left, (int64_t)(end - p)); + p += len; + nconsumed += len; + rstate->left -= (int64_t)len; + + if (rstate->left) { + return (ssize_t)nconsumed; + } + + nghttp3_stream_read_state_reset(rstate); + break; + default: + /* unreachable */ + assert(0); + } + } + + return (ssize_t)nconsumed; +} + +ssize_t nghttp3_conn_read_push(nghttp3_conn *conn, size_t *pnproc, + nghttp3_stream *stream, const uint8_t *src, + size_t srclen, int fin) { + const uint8_t *p = src, *end = src + srclen; + int rv; + nghttp3_stream_read_state *rstate = &stream->rstate; + nghttp3_varint_read_state *rvint = &rstate->rvint; + ssize_t nread; + size_t nconsumed = 0; + int busy = 0; + size_t len; + int64_t push_id; + + if (stream->pp && + (stream->pp->flags & NGHTTP3_PUSH_PROMISE_FLAG_SENT_CANCEL)) { + *pnproc = srclen; + return (ssize_t)srclen; + } + + if (stream->flags & (NGHTTP3_STREAM_FLAG_QPACK_DECODE_BLOCKED | + NGHTTP3_STREAM_FLAG_PUSH_PROMISE_BLOCKED)) { + *pnproc = 0; + + if (srclen == 0) { + return 0; + } + + rv = nghttp3_stream_buffer_data(stream, p, (size_t)(end - p)); + if (rv != 0) { + return rv; + } + return 0; + } + + for (; p != end || busy;) { + busy = 0; + switch (rstate->state) { + case NGHTTP3_PUSH_STREAM_STATE_PUSH_ID: + assert(end - p > 0); + nread = nghttp3_read_varint(rvint, p, (size_t)(end - p), fin); + if (nread < 0) { + return NGHTTP3_ERR_HTTP_GENERAL_PROTOCOL_ERROR; + } + + p += nread; + nconsumed += (size_t)nread; + if (rvint->left) { + goto almost_done; + } + + push_id = rvint->acc; + nghttp3_varint_read_state_reset(rvint); + + rv = nghttp3_conn_on_stream_push_id(conn, stream, push_id); + if (rv != 0) { + if (rv == NGHTTP3_ERR_IGNORE_STREAM) { + rstate->state = NGHTTP3_PUSH_STREAM_STATE_IGN_REST; + break; + } + return (ssize_t)rv; + } + + rstate->state = NGHTTP3_PUSH_STREAM_STATE_FRAME_TYPE; + + if (stream->flags & NGHTTP3_STREAM_FLAG_PUSH_PROMISE_BLOCKED) { + if (p != end) { + rv = nghttp3_stream_buffer_data(stream, p, (size_t)(end - p)); + if (rv != 0) { + return rv; + } + } + *pnproc = (size_t)(p - src); + return (ssize_t)nconsumed; + } + + if (end == p) { + goto almost_done; + } + + /* Fall through */ + case NGHTTP3_PUSH_STREAM_STATE_FRAME_TYPE: + assert(end - p > 0); + nread = nghttp3_read_varint(rvint, p, (size_t)(end - p), fin); + if (nread < 0) { + return NGHTTP3_ERR_HTTP_GENERAL_PROTOCOL_ERROR; + } + + p += nread; + nconsumed += (size_t)nread; + if (rvint->left) { + goto almost_done; + } + + rstate->fr.hd.type = rvint->acc; + nghttp3_varint_read_state_reset(rvint); + rstate->state = NGHTTP3_PUSH_STREAM_STATE_FRAME_LENGTH; + if (p == end) { + goto almost_done; + } + /* Fall through */ + case NGHTTP3_PUSH_STREAM_STATE_FRAME_LENGTH: + assert(end - p > 0); + nread = nghttp3_read_varint(rvint, p, (size_t)(end - p), fin); + if (nread < 0) { + return nghttp3_err_malformed_frame(rstate->fr.hd.type); + } + + p += nread; + nconsumed += (size_t)nread; + if (rvint->left) { + goto almost_done; + } + + rstate->left = rstate->fr.hd.length = rvint->acc; + nghttp3_varint_read_state_reset(rvint); + + switch (rstate->fr.hd.type) { + case NGHTTP3_FRAME_DATA: + rv = nghttp3_stream_transit_rx_http_state( + stream, NGHTTP3_HTTP_EVENT_DATA_BEGIN); + if (rv != 0) { + return rv; + } + /* DATA frame might be empty. */ + if (rstate->left == 0) { + rv = nghttp3_stream_transit_rx_http_state( + stream, NGHTTP3_HTTP_EVENT_DATA_END); + assert(0 == rv); + + nghttp3_stream_read_state_reset(rstate); + break; + } + rstate->state = NGHTTP3_PUSH_STREAM_STATE_DATA; + break; + case NGHTTP3_FRAME_HEADERS: + rv = nghttp3_stream_transit_rx_http_state( + stream, NGHTTP3_HTTP_EVENT_HEADERS_BEGIN); + if (rv != 0) { + return rv; + } + if (rstate->left == 0) { + rv = nghttp3_stream_empty_headers_allowed(stream); + if (rv != 0) { + return rv; + } + + rv = nghttp3_stream_transit_rx_http_state( + stream, NGHTTP3_HTTP_EVENT_HEADERS_END); + assert(0 == rv); + + nghttp3_stream_read_state_reset(rstate); + break; + } + + switch (stream->rx.hstate) { + case NGHTTP3_HTTP_STATE_RESP_HEADERS_BEGIN: + rv = conn_call_begin_headers(conn, stream); + break; + case NGHTTP3_HTTP_STATE_RESP_TRAILERS_BEGIN: + rv = conn_call_begin_trailers(conn, stream); + break; + default: + /* Unreachable */ + assert(0); + } + + if (rv != 0) { + return rv; + } + + rstate->state = NGHTTP3_PUSH_STREAM_STATE_HEADERS; + break; + case NGHTTP3_FRAME_PUSH_PROMISE: + case NGHTTP3_FRAME_DUPLICATE_PUSH: + case NGHTTP3_FRAME_PRIORITY: + case NGHTTP3_FRAME_CANCEL_PUSH: + case NGHTTP3_FRAME_SETTINGS: + case NGHTTP3_FRAME_GOAWAY: + case NGHTTP3_FRAME_MAX_PUSH_ID: + return NGHTTP3_ERR_HTTP_WRONG_STREAM; + default: + /* TODO Handle reserved frame type */ + busy = 1; + rstate->state = NGHTTP3_PUSH_STREAM_STATE_IGN_FRAME; + break; + } + break; + case NGHTTP3_PUSH_STREAM_STATE_DATA: + len = (size_t)nghttp3_min(rstate->left, (int64_t)(end - p)); + rv = nghttp3_conn_on_data(conn, stream, p, len); + if (rv != 0) { + return rv; + } + + p += len; + rstate->left -= (int64_t)len; + + if (rstate->left) { + goto almost_done; + } + + rv = nghttp3_stream_transit_rx_http_state(stream, + NGHTTP3_HTTP_EVENT_DATA_END); + assert(0 == rv); + + nghttp3_stream_read_state_reset(rstate); + break; + case NGHTTP3_PUSH_STREAM_STATE_HEADERS: + len = (size_t)nghttp3_min(rstate->left, (int64_t)(end - p)); + nread = nghttp3_conn_on_headers(conn, stream, NULL, p, len, + (int64_t)len == rstate->left); + if (nread < 0) { + return nread; + } + + p += nread; + nconsumed += (size_t)nread; + rstate->left -= nread; + + if (stream->flags & NGHTTP3_STREAM_FLAG_QPACK_DECODE_BLOCKED) { + if (p != end && nghttp3_stream_get_buffered_datalen(stream) == 0) { + rv = nghttp3_stream_buffer_data(stream, p, (size_t)(end - p)); + if (rv != 0) { + return rv; + } + } + *pnproc = (size_t)(p - src); + return (ssize_t)nconsumed; + } + + if (rstate->left) { + goto almost_done; + } + + switch (stream->rx.hstate) { + case NGHTTP3_HTTP_STATE_RESP_HEADERS_BEGIN: + rv = nghttp3_http_on_response_headers(&stream->rx.http); + if (rv != 0) { + return rv; + } + + rv = conn_call_end_headers(conn, stream); + break; + case NGHTTP3_HTTP_STATE_RESP_TRAILERS_BEGIN: + rv = conn_call_end_trailers(conn, stream); + break; + default: + /* Unreachable */ + assert(0); + } + + if (rv != 0) { + return rv; + } + + rv = nghttp3_stream_transit_rx_http_state(stream, + NGHTTP3_HTTP_EVENT_HEADERS_END); + assert(0 == rv); + + nghttp3_stream_read_state_reset(rstate); + break; + case NGHTTP3_PUSH_STREAM_STATE_IGN_FRAME: + len = (size_t)nghttp3_min(rstate->left, (int64_t)(end - p)); + p += len; + nconsumed += len; + rstate->left -= (int64_t)len; + + if (rstate->left) { + goto almost_done; + } + + nghttp3_stream_read_state_reset(rstate); + break; + case NGHTTP3_PUSH_STREAM_STATE_IGN_REST: + nconsumed += (size_t)(end - p); + *pnproc = (size_t)(p - src); + return (ssize_t)nconsumed; + } + } + +almost_done: + if (fin) { + switch (rstate->state) { + case NGHTTP3_PUSH_STREAM_STATE_FRAME_TYPE: + if (rvint->left) { + return NGHTTP3_ERR_HTTP_GENERAL_PROTOCOL_ERROR; + } + rv = nghttp3_stream_transit_rx_http_state(stream, + NGHTTP3_HTTP_EVENT_MSG_END); + if (rv != 0) { + return rv; + } + break; + case NGHTTP3_PUSH_STREAM_STATE_IGN_REST: + break; + default: + return nghttp3_err_malformed_frame(rstate->fr.hd.type); + } + } + + *pnproc = (size_t)(p - src); + return (ssize_t)nconsumed; +} + +static void conn_delete_push_promise(nghttp3_conn *conn, + nghttp3_push_promise *pp) { + int rv; + + rv = nghttp3_map_remove(&conn->pushes, (key_type)pp->node.nid.id); + assert(0 == rv); + + if (!conn->server && + !(pp->flags & NGHTTP3_PUSH_PROMISE_FLAG_PUSH_ID_RECLAIMED)) { + ++conn->remote.uni.unsent_max_pushes; + } + + nghttp3_push_promise_del(pp, conn->mem); +} + +static int conn_delete_stream(nghttp3_conn *conn, nghttp3_stream *stream) { + int rv; + + if (nghttp3_stream_bidi_or_push(stream)) { + rv = nghttp3_http_on_remote_end_stream(stream); + if (rv != 0) { + return rv; + } + } + + rv = conn_call_deferred_consume(conn, stream, + nghttp3_stream_get_buffered_datalen(stream)); + if (rv != 0) { + return rv; + } + + if (conn->callbacks.stream_close) { + rv = conn->callbacks.stream_close(conn, stream->node.nid.id, + stream->error_code, conn->user_data, + stream->user_data); + if (rv != 0) { + return NGHTTP3_ERR_CALLBACK_FAILURE; + } + } + + rv = nghttp3_map_remove(&conn->streams, (key_type)stream->node.nid.id); + + assert(0 == rv); + + if (stream->pp) { + assert(stream->type == NGHTTP3_STREAM_TYPE_PUSH); + + conn_delete_push_promise(conn, stream->pp); + } + + nghttp3_stream_del(stream); + + return 0; +} + +static int conn_process_blocked_stream_data(nghttp3_conn *conn, + nghttp3_stream *stream) { + nghttp3_buf *buf; + size_t nproc; + ssize_t nconsumed; + int rv; + size_t len; + + for (;;) { + len = nghttp3_ringbuf_len(&stream->inq); + if (len == 0) { + break; + } + buf = nghttp3_ringbuf_get(&stream->inq, 0); + if (nghttp3_stream_uni(stream->node.nid.id)) { + nconsumed = nghttp3_conn_read_push( + conn, &nproc, stream, buf->pos, nghttp3_buf_len(buf), + len == 1 && (stream->flags & NGHTTP3_STREAM_FLAG_READ_EOF)); + } else { + nconsumed = nghttp3_conn_read_bidi( + conn, &nproc, stream, buf->pos, nghttp3_buf_len(buf), + len == 1 && (stream->flags & NGHTTP3_STREAM_FLAG_READ_EOF)); + } + if (nconsumed < 0) { + return (int)nconsumed; + } + + buf->pos += nproc; + + rv = conn_call_deferred_consume(conn, stream, (size_t)nconsumed); + if (rv != 0) { + return 0; + } + + if (nghttp3_buf_len(buf) == 0) { + nghttp3_buf_free(buf, stream->mem); + nghttp3_ringbuf_pop_front(&stream->inq); + } + + if (stream->flags & NGHTTP3_STREAM_FLAG_QPACK_DECODE_BLOCKED) { + break; + } + } + + if (!(stream->flags & NGHTTP3_STREAM_FLAG_QPACK_DECODE_BLOCKED) && + (stream->flags & NGHTTP3_STREAM_FLAG_CLOSED)) { + assert(stream->qpack_blocked_pe.index == NGHTTP3_PQ_BAD_INDEX); + + rv = conn_delete_stream(conn, stream); + if (rv != 0) { + return rv; + } + } + + return 0; +} + +ssize_t nghttp3_conn_read_qpack_encoder(nghttp3_conn *conn, const uint8_t *src, + size_t srclen) { + ssize_t nconsumed = + nghttp3_qpack_decoder_read_encoder(&conn->qdec, src, srclen); + nghttp3_stream *stream; + int rv; + + if (nconsumed < 0) { + return nconsumed; + } + + for (; !nghttp3_pq_empty(&conn->qpack_blocked_streams);) { + stream = nghttp3_struct_of(nghttp3_pq_top(&conn->qpack_blocked_streams), + nghttp3_stream, qpack_blocked_pe); + if (nghttp3_qpack_stream_context_get_ricnt(&stream->qpack_sctx) > + nghttp3_qpack_decoder_get_icnt(&conn->qdec)) { + break; + } + + nghttp3_conn_qpack_blocked_streams_pop(conn); + stream->qpack_blocked_pe.index = NGHTTP3_PQ_BAD_INDEX; + stream->flags &= (uint16_t)~NGHTTP3_STREAM_FLAG_QPACK_DECODE_BLOCKED; + + rv = conn_process_blocked_stream_data(conn, stream); + if (rv != 0) { + return rv; + } + } + + return nconsumed; +} + +ssize_t nghttp3_conn_read_qpack_decoder(nghttp3_conn *conn, const uint8_t *src, + size_t srclen) { + return nghttp3_qpack_encoder_read_decoder(&conn->qenc, src, srclen); +} + +ssize_t nghttp3_conn_read_bidi(nghttp3_conn *conn, size_t *pnproc, + nghttp3_stream *stream, const uint8_t *src, + size_t srclen, int fin) { + const uint8_t *p = src, *end = src + srclen; + int rv; + nghttp3_stream_read_state *rstate = &stream->rstate; + nghttp3_varint_read_state *rvint = &rstate->rvint; + ssize_t nread; + size_t nconsumed = 0; + int busy = 0; + size_t len; + nghttp3_push_promise *pp; + + if (stream->flags & NGHTTP3_STREAM_FLAG_QPACK_DECODE_BLOCKED) { + *pnproc = 0; + + if (srclen == 0) { + return 0; + } + + rv = nghttp3_stream_buffer_data(stream, p, (size_t)(end - p)); + if (rv != 0) { + return rv; + } + return 0; + } + + for (; p != end || busy;) { + busy = 0; + switch (rstate->state) { + case NGHTTP3_REQ_STREAM_STATE_FRAME_TYPE: + assert(end - p > 0); + nread = nghttp3_read_varint(rvint, p, (size_t)(end - p), fin); + if (nread < 0) { + return NGHTTP3_ERR_HTTP_GENERAL_PROTOCOL_ERROR; + } + + p += nread; + nconsumed += (size_t)nread; + if (rvint->left) { + goto almost_done; + } + + rstate->fr.hd.type = rvint->acc; + nghttp3_varint_read_state_reset(rvint); + rstate->state = NGHTTP3_REQ_STREAM_STATE_FRAME_LENGTH; + if (p == end) { + goto almost_done; + } + /* Fall through */ + case NGHTTP3_REQ_STREAM_STATE_FRAME_LENGTH: + assert(end - p > 0); + nread = nghttp3_read_varint(rvint, p, (size_t)(end - p), fin); + if (nread < 0) { + return nghttp3_err_malformed_frame(rstate->fr.hd.type); + } + + p += nread; + nconsumed += (size_t)nread; + if (rvint->left) { + goto almost_done; + } + + rstate->left = rstate->fr.hd.length = rvint->acc; + nghttp3_varint_read_state_reset(rvint); + + /* TODO Verify that PRIORITY is only allowed at the beginning of + request stream */ + switch (rstate->fr.hd.type) { + case NGHTTP3_FRAME_DATA: + rv = nghttp3_stream_transit_rx_http_state( + stream, NGHTTP3_HTTP_EVENT_DATA_BEGIN); + if (rv != 0) { + return rv; + } + /* DATA frame might be empty. */ + if (rstate->left == 0) { + rv = nghttp3_stream_transit_rx_http_state( + stream, NGHTTP3_HTTP_EVENT_DATA_END); + assert(0 == rv); + + nghttp3_stream_read_state_reset(rstate); + break; + } + rstate->state = NGHTTP3_REQ_STREAM_STATE_DATA; + break; + case NGHTTP3_FRAME_HEADERS: + rv = nghttp3_stream_transit_rx_http_state( + stream, NGHTTP3_HTTP_EVENT_HEADERS_BEGIN); + if (rv != 0) { + return rv; + } + if (rstate->left == 0) { + rv = nghttp3_stream_empty_headers_allowed(stream); + if (rv != 0) { + return rv; + } + + rv = nghttp3_stream_transit_rx_http_state( + stream, NGHTTP3_HTTP_EVENT_HEADERS_END); + assert(0 == rv); + + nghttp3_stream_read_state_reset(rstate); + break; + } + + switch (stream->rx.hstate) { + case NGHTTP3_HTTP_STATE_REQ_HEADERS_BEGIN: + case NGHTTP3_HTTP_STATE_RESP_HEADERS_BEGIN: + rv = conn_call_begin_headers(conn, stream); + break; + case NGHTTP3_HTTP_STATE_REQ_TRAILERS_BEGIN: + case NGHTTP3_HTTP_STATE_RESP_TRAILERS_BEGIN: + rv = conn_call_begin_trailers(conn, stream); + break; + default: + /* Unreachable */ + assert(0); + } + + if (rv != 0) { + return rv; + } + + rstate->state = NGHTTP3_REQ_STREAM_STATE_HEADERS; + break; + case NGHTTP3_FRAME_PUSH_PROMISE: + if (conn->server) { + return NGHTTP3_ERR_HTTP_UNEXPECTED_FRAME; + } + + if (rstate->left == 0) { + return nghttp3_err_malformed_frame(NGHTTP3_FRAME_PUSH_PROMISE); + } + + /* No stream->rx.hstate change with PUSH_PROMISE */ + + rstate->state = NGHTTP3_REQ_STREAM_STATE_PUSH_PROMISE_PUSH_ID; + break; + case NGHTTP3_FRAME_DUPLICATE_PUSH: + if (conn->server) { + return NGHTTP3_ERR_HTTP_UNEXPECTED_FRAME; + } + + if (rstate->left == 0) { + return nghttp3_err_malformed_frame(NGHTTP3_FRAME_DUPLICATE_PUSH); + } + rstate->state = NGHTTP3_REQ_STREAM_STATE_DUPLICATE_PUSH; + break; + case NGHTTP3_FRAME_CANCEL_PUSH: + case NGHTTP3_FRAME_SETTINGS: + case NGHTTP3_FRAME_GOAWAY: + case NGHTTP3_FRAME_MAX_PUSH_ID: + case NGHTTP3_FRAME_PRIORITY: + return NGHTTP3_ERR_HTTP_WRONG_STREAM; + default: + /* TODO Handle reserved frame type */ + busy = 1; + rstate->state = NGHTTP3_REQ_STREAM_STATE_IGN_FRAME; + break; + } + break; + case NGHTTP3_REQ_STREAM_STATE_DATA: + len = (size_t)nghttp3_min(rstate->left, (int64_t)(end - p)); + rv = nghttp3_conn_on_data(conn, stream, p, len); + if (rv != 0) { + return rv; + } + p += len; + rstate->left -= (int64_t)len; + + if (rstate->left) { + goto almost_done; + } + + rv = nghttp3_stream_transit_rx_http_state(stream, + NGHTTP3_HTTP_EVENT_DATA_END); + assert(0 == rv); + + nghttp3_stream_read_state_reset(rstate); + break; + case NGHTTP3_REQ_STREAM_STATE_PUSH_PROMISE_PUSH_ID: + len = (size_t)nghttp3_min(rstate->left, (int64_t)(end - p)); + nread = nghttp3_read_varint(rvint, p, (size_t)(end - p), + (int64_t)len == rstate->left); + if (nread < 0) { + return nghttp3_err_malformed_frame(NGHTTP3_FRAME_PUSH_PROMISE); + } + + p += nread; + nconsumed += (size_t)nread; + rstate->left -= nread; + if (rvint->left) { + goto almost_done; + } + + rstate->fr.push_promise.push_id = rvint->acc; + nghttp3_varint_read_state_reset(rvint); + + if (rstate->left == 0) { + return nghttp3_err_malformed_frame(NGHTTP3_FRAME_PUSH_PROMISE); + } + + rv = nghttp3_conn_on_push_promise_push_id( + conn, rstate->fr.push_promise.push_id, stream); + if (rv != 0) { + return rv; + } + + rstate->state = NGHTTP3_REQ_STREAM_STATE_PUSH_PROMISE; + if (p == end) { + goto almost_done; + } + /* Fall through */ + case NGHTTP3_REQ_STREAM_STATE_PUSH_PROMISE: + pp = + nghttp3_conn_find_push_promise(conn, rstate->fr.push_promise.push_id); + + assert(pp); + + len = (size_t)nghttp3_min(rstate->left, (int64_t)(end - p)); + nread = nghttp3_conn_on_headers(conn, stream, pp, p, len, + (int64_t)len == rstate->left); + if (nread < 0) { + return nread; + } + + p += nread; + nconsumed += (size_t)nread; + rstate->left -= nread; + + if (stream->flags & NGHTTP3_STREAM_FLAG_QPACK_DECODE_BLOCKED) { + if (p != end && nghttp3_stream_get_buffered_datalen(stream) == 0) { + rv = nghttp3_stream_buffer_data(stream, p, (size_t)(end - p)); + if (rv != 0) { + return rv; + } + } + *pnproc = (size_t)(p - src); + return (ssize_t)nconsumed; + } + + if (rstate->left) { + goto almost_done; + } + + rv = nghttp3_http_on_request_headers(&pp->http); + if (rv != 0) { + return rv; + } + + pp->flags |= NGHTTP3_PUSH_PROMISE_FLAG_RECVED; + + rv = conn_call_end_push_promise(conn, stream, pp->node.nid.id); + if (rv != 0) { + return rv; + } + + if (!pp->stream && (pp->flags & NGHTTP3_PUSH_PROMISE_FLAG_CANCELLED)) { + if (pp->flags & NGHTTP3_PUSH_PROMISE_FLAG_RECV_CANCEL) { + rv = conn_call_cancel_push(conn, pp->node.nid.id, pp->stream); + if (rv != 0) { + return rv; + } + } + + conn_delete_push_promise(conn, pp); + + nghttp3_stream_read_state_reset(rstate); + break; + } + + if (pp->stream) { + ++conn->remote.uni.unsent_max_pushes; + pp->flags |= NGHTTP3_PUSH_PROMISE_FLAG_PUSH_ID_RECLAIMED; + + if (!(pp->flags & NGHTTP3_PUSH_PROMISE_FLAG_SENT_CANCEL)) { + assert(pp->stream->flags & NGHTTP3_STREAM_FLAG_PUSH_PROMISE_BLOCKED); + + rv = conn_call_push_stream(conn, pp->node.nid.id, pp->stream); + if (rv != 0) { + return rv; + } + + pp->stream->flags &= + (uint16_t)~NGHTTP3_STREAM_FLAG_PUSH_PROMISE_BLOCKED; + + rv = conn_process_blocked_stream_data(conn, pp->stream); + if (rv != 0) { + return rv; + } + } + } + + nghttp3_stream_read_state_reset(rstate); + break; + case NGHTTP3_REQ_STREAM_STATE_HEADERS: + len = (size_t)nghttp3_min(rstate->left, (int64_t)(end - p)); + nread = nghttp3_conn_on_headers(conn, stream, NULL, p, len, + (int64_t)len == rstate->left); + if (nread < 0) { + return nread; + } + + p += nread; + nconsumed += (size_t)nread; + rstate->left -= nread; + + if (stream->flags & NGHTTP3_STREAM_FLAG_QPACK_DECODE_BLOCKED) { + if (p != end && nghttp3_stream_get_buffered_datalen(stream) == 0) { + rv = nghttp3_stream_buffer_data(stream, p, (size_t)(end - p)); + if (rv != 0) { + return rv; + } + } + *pnproc = (size_t)(p - src); + return (ssize_t)nconsumed; + } + + if (rstate->left) { + goto almost_done; + } + + switch (stream->rx.hstate) { + case NGHTTP3_HTTP_STATE_REQ_HEADERS_BEGIN: + rv = nghttp3_http_on_request_headers(&stream->rx.http); + break; + case NGHTTP3_HTTP_STATE_RESP_HEADERS_BEGIN: + rv = nghttp3_http_on_response_headers(&stream->rx.http); + break; + default: + break; + } + + if (rv != 0) { + return rv; + } + + switch (stream->rx.hstate) { + case NGHTTP3_HTTP_STATE_REQ_HEADERS_BEGIN: + case NGHTTP3_HTTP_STATE_RESP_HEADERS_BEGIN: + rv = conn_call_end_headers(conn, stream); + break; + case NGHTTP3_HTTP_STATE_REQ_TRAILERS_BEGIN: + case NGHTTP3_HTTP_STATE_RESP_TRAILERS_BEGIN: + rv = conn_call_end_trailers(conn, stream); + break; + default: + /* Unreachable */ + assert(0); + } + + if (rv != 0) { + return rv; + } + + rv = nghttp3_stream_transit_rx_http_state(stream, + NGHTTP3_HTTP_EVENT_HEADERS_END); + assert(0 == rv); + + nghttp3_stream_read_state_reset(rstate); + break; + case NGHTTP3_REQ_STREAM_STATE_DUPLICATE_PUSH: + case NGHTTP3_REQ_STREAM_STATE_IGN_FRAME: + len = (size_t)nghttp3_min(rstate->left, (int64_t)(end - p)); + p += len; + nconsumed += len; + rstate->left -= (int64_t)len; + + if (rstate->left) { + goto almost_done; + } + + nghttp3_stream_read_state_reset(rstate); + break; + } + } + +almost_done: + if (fin) { + switch (rstate->state) { + case NGHTTP3_REQ_STREAM_STATE_FRAME_TYPE: + if (rvint->left) { + return NGHTTP3_ERR_HTTP_GENERAL_PROTOCOL_ERROR; + } + rv = nghttp3_stream_transit_rx_http_state(stream, + NGHTTP3_HTTP_EVENT_MSG_END); + if (rv != 0) { + return rv; + } + rv = conn_call_end_stream(conn, stream); + if (rv != 0) { + return rv; + } + break; + default: + return nghttp3_err_malformed_frame(rstate->fr.hd.type); + } + } + + *pnproc = (size_t)(p - src); + return (ssize_t)nconsumed; +} + +int nghttp3_conn_on_data(nghttp3_conn *conn, nghttp3_stream *stream, + const uint8_t *data, size_t datalen) { + int rv; + + rv = nghttp3_http_on_data_chunk(stream, datalen); + if (rv != 0) { + return rv; + } + + if (!conn->callbacks.recv_data) { + return 0; + } + + rv = conn->callbacks.recv_data(conn, stream->node.nid.id, data, datalen, + conn->user_data, stream->user_data); + if (rv != 0) { + return NGHTTP3_ERR_CALLBACK_FAILURE; + } + + return 0; +} + +static int conn_ensure_dependency(nghttp3_conn *conn, + nghttp3_tnode **pdep_tnode, + const nghttp3_node_id *dep_nid, + nghttp3_tnode *tnode) { + nghttp3_tnode *dep_tnode = NULL; + nghttp3_stream *dep_stream; + nghttp3_placeholder *dep_ph; + nghttp3_push_promise *dep_pp; + int rv; + + assert(conn->server); + + switch (dep_nid->type) { + case NGHTTP3_NODE_ID_TYPE_STREAM: + if (!nghttp3_client_stream_bidi(dep_nid->id)) { + return nghttp3_err_malformed_frame(NGHTTP3_FRAME_PRIORITY); + } + if (nghttp3_ord_stream_id(dep_nid->id) > + conn->remote.bidi.max_client_streams) { + return NGHTTP3_ERR_HTTP_ID_ERROR; + } + + dep_stream = nghttp3_conn_find_stream(conn, dep_nid->id); + if (dep_stream == NULL) { + rv = nghttp3_idtr_open(&conn->remote.bidi.idtr, dep_nid->id); + if (rv == NGHTTP3_ERR_STREAM_IN_USE) { + /* Stream has been closed; use orphan root instead. */ + dep_tnode = &conn->orphan_root; + break; + } + rv = nghttp3_conn_create_stream(conn, &dep_stream, dep_nid->id); + if (rv != 0) { + return rv; + } + } else if (tnode && nghttp3_tnode_find_ascendant(&dep_stream->node, + &tnode->nid) != NULL) { + nghttp3_tnode_remove(&dep_stream->node); + nghttp3_tnode_insert(&dep_stream->node, tnode->parent); + + if (nghttp3_stream_require_schedule(dep_stream)) { + rv = nghttp3_stream_schedule(dep_stream); + if (rv != 0) { + return rv; + } + } + } + dep_tnode = &dep_stream->node; + break; + case NGHTTP3_NODE_ID_TYPE_PUSH: + if (dep_nid->id >= conn->local.uni.next_push_id) { + return NGHTTP3_ERR_HTTP_ID_ERROR; + } + + dep_pp = nghttp3_conn_find_push_promise(conn, dep_nid->id); + if (dep_pp == NULL) { + /* Push has been closed; use root instead. */ + dep_tnode = &conn->orphan_root; + break; + } + + if (tnode && + nghttp3_tnode_find_ascendant(&dep_pp->node, &tnode->nid) != NULL) { + nghttp3_tnode_remove(&dep_pp->node); + nghttp3_tnode_insert(&dep_pp->node, tnode->parent); + + if (nghttp3_tnode_has_active_descendant(&dep_pp->node)) { + rv = nghttp3_tnode_schedule(&dep_pp->node, 0); + if (rv != 0) { + return rv; + } + } + } + dep_tnode = &dep_pp->node; + break; + case NGHTTP3_NODE_ID_TYPE_PLACEHOLDER: + if ((uint64_t)dep_nid->id >= conn->local.settings.num_placeholders) { + return NGHTTP3_ERR_HTTP_ID_ERROR; + } + + dep_ph = nghttp3_conn_find_placeholder(conn, dep_nid->id); + if (dep_ph == NULL) { + rv = nghttp3_conn_create_placeholder(conn, &dep_ph, dep_nid->id, + NGHTTP3_DEFAULT_WEIGHT, + &conn->orphan_root); + if (rv != 0) { + return rv; + } + } else if (tnode && nghttp3_tnode_find_ascendant(&dep_ph->node, + &tnode->nid) != NULL) { + nghttp3_tnode_remove(&dep_ph->node); + nghttp3_tnode_insert(&dep_ph->node, tnode->parent); + + if (nghttp3_tnode_has_active_descendant(&dep_ph->node)) { + rv = nghttp3_tnode_schedule(&dep_ph->node, 0); + if (rv != 0) { + return rv; + } + } + } + dep_tnode = &dep_ph->node; + break; + case NGHTTP3_NODE_ID_TYPE_ROOT: + dep_tnode = &conn->root; + break; + default: + /* Unreachable */ + assert(0); + } + + *pdep_tnode = dep_tnode; + + return 0; +} + +int nghttp3_conn_on_control_priority(nghttp3_conn *conn, + const nghttp3_frame_priority *fr) { + nghttp3_node_id nid, dep_nid; + nghttp3_tnode *dep_tnode = NULL, *tnode = NULL; + nghttp3_stream *stream; + nghttp3_placeholder *ph; + nghttp3_push_promise *pp; + int rv; + + assert(conn->server); + + nghttp3_node_id_init(&nid, (nghttp3_node_id_type)fr->pt, fr->pri_elem_id); + nghttp3_node_id_init(&dep_nid, (nghttp3_node_id_type)fr->dt, fr->elem_dep_id); + + switch (nid.type) { + case NGHTTP3_NODE_ID_TYPE_STREAM: + if (!nghttp3_client_stream_bidi(nid.id)) { + return nghttp3_err_malformed_frame(NGHTTP3_FRAME_PRIORITY); + } + if (nghttp3_ord_stream_id(nid.id) > conn->remote.bidi.max_client_streams) { + return NGHTTP3_ERR_HTTP_ID_ERROR; + } + stream = nghttp3_conn_find_stream(conn, nid.id); + if (stream) { + tnode = &stream->node; + } else if (nghttp3_idtr_is_open(&conn->remote.bidi.idtr, nid.id)) { + return 0; + } + break; + case NGHTTP3_NODE_ID_TYPE_PUSH: + if (nid.id >= conn->local.uni.next_push_id) { + return NGHTTP3_ERR_HTTP_ID_ERROR; + } + pp = nghttp3_conn_find_push_promise(conn, nid.id); + if (!pp) { + /* If push has already been closed, ignore this dependency + change. */ + return 0; + } + tnode = &pp->node; + break; + case NGHTTP3_NODE_ID_TYPE_PLACEHOLDER: + if ((uint64_t)nid.id >= conn->local.settings.num_placeholders) { + return NGHTTP3_ERR_HTTP_ID_ERROR; + } + ph = nghttp3_conn_find_placeholder(conn, nid.id); + if (ph) { + tnode = &ph->node; + } + break; + default: + /* Unreachable */ + assert(0); + } + + if (nghttp3_node_id_eq(&nid, &dep_nid)) { + return nghttp3_err_malformed_frame(NGHTTP3_FRAME_PRIORITY); + } + + if (tnode && tnode->weight == fr->weight && + nghttp3_node_id_eq(&tnode->parent->nid, &dep_nid)) { + if (fr->exclusive) { + if (tnode->parent->first_child == tnode && tnode->next_sibling == NULL) { + return 0; + } + } else { + return 0; + } + } + + rv = conn_ensure_dependency(conn, &dep_tnode, &dep_nid, tnode); + if (rv != 0) { + return rv; + } + + /* dep_tnode might not have dep_nid because already closed stream is + replaced with orphan root */ + + assert(dep_tnode != NULL); + + if (tnode == NULL) { + switch (nid.type) { + case NGHTTP3_NODE_ID_TYPE_STREAM: + rv = nghttp3_conn_create_stream_dependency(conn, &stream, nid.id, + fr->weight, dep_tnode); + if (rv != 0) { + return rv; + } + stream->flags |= NGHTTP3_STREAM_FLAG_CTRL_PRIORITY_APPLIED; + tnode = &stream->node; + break; + case NGHTTP3_NODE_ID_TYPE_PLACEHOLDER: + rv = nghttp3_conn_create_placeholder(conn, &ph, nid.id, fr->weight, + dep_tnode); + if (rv != 0) { + return rv; + } + tnode = &ph->node; + break; + default: + /* Unreachable */ + assert(0); + } + return 0; + } + + nghttp3_tnode_remove(tnode); + tnode->weight = fr->weight; + + if (fr->exclusive) { + rv = nghttp3_tnode_insert_exclusive(tnode, dep_tnode); + if (rv != 0) { + return rv; + } + } else { + nghttp3_tnode_insert(tnode, dep_tnode); + } + + switch (nid.type) { + case NGHTTP3_NODE_ID_TYPE_STREAM: + if (nghttp3_stream_require_schedule(stream)) { + rv = nghttp3_stream_schedule(stream); + if (rv != 0) { + return rv; + } + } + break; + case NGHTTP3_NODE_ID_TYPE_PLACEHOLDER: + case NGHTTP3_NODE_ID_TYPE_PUSH: + if (nghttp3_tnode_has_active_descendant(tnode)) { + rv = nghttp3_tnode_schedule(tnode, 0); + if (rv != 0) { + return rv; + } + } + break; + default: + /* Unreachable */ + assert(0); + } + + return 0; +} + +int nghttp3_conn_on_push_promise_push_id(nghttp3_conn *conn, int64_t push_id, + nghttp3_stream *stream) { + int rv; + nghttp3_gaptr *push_idtr = &conn->remote.uni.push_idtr; + nghttp3_push_promise *pp; + + if (conn->remote.uni.max_pushes <= (uint64_t)push_id) { + return nghttp3_err_malformed_frame(NGHTTP3_FRAME_PUSH_PROMISE); + } + + pp = nghttp3_conn_find_push_promise(conn, push_id); + if (pp) { + if (pp->stream) { + assert(pp->stream->flags & NGHTTP3_STREAM_FLAG_PUSH_PROMISE_BLOCKED); + /* Push unidirectional stream has already been received and + blocked */ + } else if (pp->flags & NGHTTP3_PUSH_PROMISE_FLAG_CANCELLED) { + /* We will call begin_push_promise callback even if push is + cancelled */ + } else { + return nghttp3_err_malformed_frame(NGHTTP3_FRAME_PUSH_PROMISE); + } + + if (!(pp->flags & NGHTTP3_PUSH_PROMISE_FLAG_CANCELLED) && + pp->node.parent == &conn->orphan_root) { + nghttp3_tnode_remove(&pp->node); + nghttp3_tnode_insert(&pp->node, &stream->node); + } + } else if (nghttp3_gaptr_is_pushed(push_idtr, (uint64_t)push_id, 1)) { + return nghttp3_err_malformed_frame(NGHTTP3_FRAME_PUSH_PROMISE); + } else { + rv = nghttp3_gaptr_push(push_idtr, (uint64_t)push_id, 1); + if (rv != 0) { + return rv; + } + + rv = nghttp3_conn_create_push_promise( + conn, &pp, push_id, NGHTTP3_DEFAULT_WEIGHT, &stream->node); + if (rv != 0) { + return rv; + } + } + + rv = conn_call_begin_push_promise(conn, stream, push_id); + if (rv != 0) { + return rv; + } + + return 0; +} + +int nghttp3_conn_on_client_cancel_push(nghttp3_conn *conn, + const nghttp3_frame_cancel_push *fr) { + nghttp3_push_promise *pp; + nghttp3_gaptr *push_idtr = &conn->remote.uni.push_idtr; + int rv; + + if (conn->remote.uni.max_pushes <= (uint64_t)fr->push_id) { + return NGHTTP3_ERR_HTTP_ID_ERROR; + } + + pp = nghttp3_conn_find_push_promise(conn, fr->push_id); + if (pp == NULL) { + if (nghttp3_gaptr_is_pushed(push_idtr, (uint64_t)fr->push_id, 1)) { + /* push is already cancelled or server is misbehaving */ + return 0; + } + + /* We have not received PUSH_PROMISE yet */ + rv = nghttp3_gaptr_push(push_idtr, (uint64_t)fr->push_id, 1); + if (rv != 0) { + return rv; + } + + rv = nghttp3_conn_create_push_promise( + conn, &pp, fr->push_id, NGHTTP3_DEFAULT_WEIGHT, &conn->orphan_root); + if (rv != 0) { + return rv; + } + + pp->flags |= NGHTTP3_PUSH_PROMISE_FLAG_RECV_CANCEL; + + /* cancel_push callback will be called after PUSH_PROMISE frame is + completely received. */ + + return 0; + } + + if (pp->stream) { + return 0; + } + + if (pp->flags & NGHTTP3_PUSH_PROMISE_FLAG_RECVED) { + rv = conn_call_cancel_push(conn, pp->node.nid.id, pp->stream); + if (rv != 0) { + return rv; + } + + conn_delete_push_promise(conn, pp); + + return 0; + } + + pp->flags |= NGHTTP3_PUSH_PROMISE_FLAG_RECV_CANCEL; + + return 0; +} + +int nghttp3_conn_on_server_cancel_push(nghttp3_conn *conn, + const nghttp3_frame_cancel_push *fr) { + nghttp3_push_promise *pp; + nghttp3_stream *stream; + int rv; + + if (conn->local.uni.next_push_id <= fr->push_id) { + return NGHTTP3_ERR_HTTP_ID_ERROR; + } + + pp = nghttp3_conn_find_push_promise(conn, fr->push_id); + if (pp == NULL) { + return 0; + } + + stream = pp->stream; + + rv = conn_call_cancel_push(conn, fr->push_id, stream); + if (rv != 0) { + return rv; + } + + if (stream) { + rv = nghttp3_conn_close_stream(conn, stream->node.nid.id, + NGHTTP3_HTTP_REQUEST_CANCELLED); + if (rv != 0) { + assert(NGHTTP3_ERR_INVALID_ARGUMENT != rv); + return rv; + } + return 0; + } + + rv = nghttp3_tnode_squash(&pp->node); + if (rv != 0) { + return rv; + } + + conn_delete_push_promise(conn, pp); + + return 0; +} + +int nghttp3_conn_on_stream_push_id(nghttp3_conn *conn, nghttp3_stream *stream, + int64_t push_id) { + nghttp3_push_promise *pp; + int rv; + + if (nghttp3_gaptr_is_pushed(&conn->remote.uni.push_idtr, (uint64_t)push_id, + 1)) { + pp = nghttp3_conn_find_push_promise(conn, push_id); + if (pp) { + if (pp->stream) { + return NGHTTP3_ERR_HTTP_ID_ERROR; + } + pp->stream = stream; + stream->pp = pp; + + assert(!(pp->flags & NGHTTP3_PUSH_PROMISE_FLAG_SENT_CANCEL)); + assert(!(pp->flags & NGHTTP3_PUSH_PROMISE_FLAG_RECV_CANCEL)); + + if (pp->flags & NGHTTP3_PUSH_PROMISE_FLAG_RECVED) { + ++conn->remote.uni.unsent_max_pushes; + pp->flags |= NGHTTP3_PUSH_PROMISE_FLAG_PUSH_ID_RECLAIMED; + + return conn_call_push_stream(conn, push_id, stream); + } + + stream->flags |= NGHTTP3_STREAM_FLAG_PUSH_PROMISE_BLOCKED; + + return 0; + } + + /* Push ID has been received, but pp is gone. This means that + push is cancelled or server is misbehaving. We have no + information to distinguish the two, so just cancel QPACK stream + just in case, and ask application to send STOP_SENDING and + ignore all frames in this stream. */ + rv = nghttp3_qpack_decoder_cancel_stream(&conn->qdec, stream->node.nid.id); + if (rv != 0) { + return rv; + } + rv = conn_call_send_stop_sending(conn, stream, + NGHTTP3_HTTP_REQUEST_CANCELLED); + if (rv != 0) { + return rv; + } + return NGHTTP3_ERR_IGNORE_STREAM; + } + + if (conn->remote.uni.max_pushes <= (uint64_t)push_id) { + return NGHTTP3_ERR_HTTP_ID_ERROR; + } + + rv = nghttp3_gaptr_push(&conn->remote.uni.push_idtr, (uint64_t)push_id, 1); + if (rv != 0) { + return rv; + } + + /* Don't know the associated stream of PUSH_PROMISE. It doesn't + matter because client sends nothing to this stream. */ + rv = nghttp3_conn_create_push_promise( + conn, &pp, push_id, NGHTTP3_DEFAULT_WEIGHT, &conn->orphan_root); + if (rv != 0) { + return rv; + } + + pp->stream = stream; + stream->pp = pp; + stream->flags |= NGHTTP3_STREAM_FLAG_PUSH_PROMISE_BLOCKED; + + return 0; +} + +static ssize_t conn_decode_headers(nghttp3_conn *conn, nghttp3_stream *stream, + nghttp3_push_promise *pp, const uint8_t *src, + size_t srclen, int fin) { + ssize_t nread; + int rv; + nghttp3_qpack_decoder *qdec = &conn->qdec; + nghttp3_qpack_nv nv; + uint8_t flags; + nghttp3_buf buf; + nghttp3_recv_header recv_header = NULL; + nghttp3_http_state *http; + int request = 0; + int trailers = 0; + + assert(srclen); + + if (pp) { + request = 1; + http = &pp->http; + } else { + switch (stream->rx.hstate) { + case NGHTTP3_HTTP_STATE_REQ_HEADERS_BEGIN: + request = 1; + /* Fall through */ + case NGHTTP3_HTTP_STATE_RESP_HEADERS_BEGIN: + recv_header = conn->callbacks.recv_header; + break; + case NGHTTP3_HTTP_STATE_REQ_TRAILERS_BEGIN: + request = 1; + /* Fall through */ + case NGHTTP3_HTTP_STATE_RESP_TRAILERS_BEGIN: + trailers = 1; + recv_header = conn->callbacks.recv_trailer; + break; + default: + /* Unreachable */ + assert(0); + } + http = &stream->rx.http; + } + + nghttp3_buf_wrap_init(&buf, (uint8_t *)src, srclen); + buf.last = buf.end; + + for (;;) { + nread = nghttp3_qpack_decoder_read_request(qdec, &stream->qpack_sctx, &nv, + &flags, buf.pos, + nghttp3_buf_len(&buf), fin); + + if (nread < 0) { + return (int)nread; + } + + buf.pos += nread; + + if (flags & NGHTTP3_QPACK_DECODE_FLAG_BLOCKED) { + if (conn->local.settings.qpack_blocked_streams <= + nghttp3_pq_size(&conn->qpack_blocked_streams)) { + return NGHTTP3_ERR_HTTP_QPACK_DECOMPRESSION_FAILED; + } + + stream->flags |= NGHTTP3_STREAM_FLAG_QPACK_DECODE_BLOCKED; + rv = nghttp3_conn_qpack_blocked_streams_push(conn, stream); + if (rv != 0) { + return rv; + } + break; + } + + if (flags & NGHTTP3_QPACK_DECODE_FLAG_FINAL) { + nghttp3_qpack_stream_context_reset(&stream->qpack_sctx); + break; + } + + if (nread == 0) { + break; + } + + if (flags & NGHTTP3_QPACK_DECODE_FLAG_EMIT) { + rv = nghttp3_http_on_header(http, stream->rstate.fr.hd.type, &nv, request, + trailers); + switch (rv) { + case NGHTTP3_ERR_MALFORMED_HTTP_HEADER: + break; + case NGHTTP3_ERR_REMOVE_HTTP_HEADER: + rv = 0; + break; + case 0: + if (pp) { + if (conn->callbacks.recv_push_promise) { + rv = conn->callbacks.recv_push_promise( + conn, stream->node.nid.id, pp->node.nid.id, nv.token, nv.name, + nv.value, nv.flags, conn->user_data, stream->user_data); + } + break; + } + if (recv_header) { + rv = recv_header(conn, stream->node.nid.id, nv.token, nv.name, + nv.value, nv.flags, conn->user_data, + stream->user_data); + } + break; + default: + /* Unreachable */ + assert(0); + } + + nghttp3_rcbuf_decref(nv.name); + nghttp3_rcbuf_decref(nv.value); + + if (rv != 0) { + return rv; + } + } + } + + return buf.pos - src; +} + +ssize_t nghttp3_conn_on_headers(nghttp3_conn *conn, nghttp3_stream *stream, + nghttp3_push_promise *pp, const uint8_t *src, + size_t srclen, int fin) { + if (srclen == 0 && !fin) { + return 0; + } + + return conn_decode_headers(conn, stream, pp, src, srclen, fin); +} + +int nghttp3_conn_on_settings_entry_received(nghttp3_conn *conn, + const nghttp3_frame_settings *fr) { + const nghttp3_settings_entry *ent = &fr->iv[0]; + nghttp3_conn_settings *dest = &conn->remote.settings; + int rv; + uint64_t max_table_capacity = NGHTTP3_QPACK_ENCODER_MAX_TABLE_CAPACITY; + uint64_t max_blocked_streams = NGHTTP3_QPACK_ENCODER_MAX_BLOCK_STREAMS; + + /* TODO Check for duplicates */ + switch (ent->id) { + case NGHTTP3_SETTINGS_ID_MAX_HEADER_LIST_SIZE: + dest->max_header_list_size = ent->value; + break; + case NGHTTP3_SETTINGS_ID_NUM_PLACEHOLDERS: + if (conn->server) { + return NGHTTP3_ERR_HTTP_SETTINGS_ERROR; + } + dest->num_placeholders = ent->value; + break; + case NGHTTP3_SETTINGS_ID_QPACK_MAX_TABLE_CAPACITY: + dest->qpack_max_table_capacity = ent->value; + max_table_capacity = + nghttp3_min(max_table_capacity, dest->qpack_max_table_capacity); + rv = nghttp3_qpack_encoder_set_hard_max_dtable_size(&conn->qenc, + max_table_capacity); + if (rv != 0) { + return rv; + } + rv = nghttp3_qpack_encoder_set_max_dtable_size(&conn->qenc, + max_table_capacity); + if (rv != 0) { + return rv; + } + break; + case NGHTTP3_SETTINGS_ID_QPACK_BLOCKED_STREAMS: + dest->qpack_blocked_streams = ent->value; + max_blocked_streams = + nghttp3_min(max_blocked_streams, dest->qpack_blocked_streams); + rv = + nghttp3_qpack_encoder_set_max_blocked(&conn->qenc, max_blocked_streams); + if (rv != 0) { + return rv; + } + break; + default: + /* Ignore unknown settings ID */ + break; + } + + return 0; +} + +static int conn_stream_acked_data(nghttp3_stream *stream, int64_t stream_id, + size_t datalen, void *user_data) { + nghttp3_conn *conn = stream->conn; + int rv; + + if (!conn->callbacks.acked_stream_data) { + return 0; + } + + rv = conn->callbacks.acked_stream_data(conn, stream_id, datalen, + conn->user_data, user_data); + if (rv != 0) { + return NGHTTP3_ERR_CALLBACK_FAILURE; + } + + return 0; +} + +int nghttp3_conn_create_stream(nghttp3_conn *conn, nghttp3_stream **pstream, + int64_t stream_id) { + return nghttp3_conn_create_stream_dependency( + conn, pstream, stream_id, NGHTTP3_DEFAULT_WEIGHT, &conn->orphan_root); +} + +int nghttp3_conn_create_stream_dependency(nghttp3_conn *conn, + nghttp3_stream **pstream, + int64_t stream_id, uint32_t weight, + nghttp3_tnode *parent) { + nghttp3_stream *stream; + int rv; + nghttp3_stream_callbacks callbacks = { + conn_stream_acked_data, + }; + + rv = nghttp3_stream_new(&stream, stream_id, conn->next_seq, weight, parent, + &callbacks, conn->mem); + if (rv != 0) { + return rv; + } + + stream->conn = conn; + + rv = nghttp3_map_insert(&conn->streams, &stream->me); + if (rv != 0) { + nghttp3_stream_del(stream); + return rv; + } + + ++conn->next_seq; + *pstream = stream; + + return 0; +} + +int nghttp3_conn_create_placeholder(nghttp3_conn *conn, + nghttp3_placeholder **pph, int64_t ph_id, + uint32_t weight, nghttp3_tnode *parent) { + nghttp3_placeholder *ph; + int rv; + + rv = nghttp3_placeholder_new(&ph, ph_id, conn->next_seq, weight, parent, + conn->mem); + if (rv != 0) { + return rv; + } + + rv = nghttp3_map_insert(&conn->placeholders, &ph->me); + if (rv != 0) { + nghttp3_placeholder_del(ph, conn->mem); + return rv; + } + + ++conn->next_seq; + *pph = ph; + + return 0; +} + +int nghttp3_conn_create_push_promise(nghttp3_conn *conn, + nghttp3_push_promise **ppp, + int64_t push_id, uint32_t weight, + nghttp3_tnode *parent) { + nghttp3_push_promise *pp; + int rv; + + rv = nghttp3_push_promise_new(&pp, push_id, conn->next_seq, weight, parent, + conn->mem); + if (rv != 0) { + return rv; + } + + rv = nghttp3_map_insert(&conn->pushes, &pp->me); + if (rv != 0) { + nghttp3_push_promise_del(pp, conn->mem); + return rv; + } + + ++conn->next_seq; + *ppp = pp; + + return 0; +} + +nghttp3_stream *nghttp3_conn_find_stream(nghttp3_conn *conn, + int64_t stream_id) { + nghttp3_map_entry *me; + + me = nghttp3_map_find(&conn->streams, (key_type)stream_id); + if (me == NULL) { + return NULL; + } + + return nghttp3_struct_of(me, nghttp3_stream, me); +} + +nghttp3_placeholder *nghttp3_conn_find_placeholder(nghttp3_conn *conn, + int64_t ph_id) { + nghttp3_map_entry *me; + + me = nghttp3_map_find(&conn->placeholders, (key_type)ph_id); + if (me == NULL) { + return NULL; + } + + return nghttp3_struct_of(me, nghttp3_placeholder, me); +} + +nghttp3_push_promise *nghttp3_conn_find_push_promise(nghttp3_conn *conn, + int64_t push_id) { + nghttp3_map_entry *me; + + me = nghttp3_map_find(&conn->pushes, (key_type)push_id); + if (me == NULL) { + return NULL; + } + + return nghttp3_struct_of(me, nghttp3_push_promise, me); +} + +int nghttp3_conn_bind_control_stream(nghttp3_conn *conn, int64_t stream_id) { + nghttp3_stream *stream; + nghttp3_frame_entry frent; + int rv; + + assert(!conn->server || nghttp3_server_stream_uni(stream_id)); + assert(conn->server || nghttp3_client_stream_uni(stream_id)); + + if (conn->tx.ctrl) { + return NGHTTP3_ERR_INVALID_STATE; + } + + rv = nghttp3_conn_create_stream_dependency(conn, &stream, stream_id, 0, NULL); + if (rv != 0) { + return rv; + } + + stream->type = NGHTTP3_STREAM_TYPE_CONTROL; + + conn->tx.ctrl = stream; + + rv = nghttp3_stream_write_stream_type(stream); + if (rv != 0) { + return rv; + } + + frent.fr.hd.type = NGHTTP3_FRAME_SETTINGS; + frent.aux.settings.local_settings = &conn->local.settings; + + return nghttp3_stream_frq_add(stream, &frent); +} + +int nghttp3_conn_bind_qpack_streams(nghttp3_conn *conn, int64_t qenc_stream_id, + int64_t qdec_stream_id) { + nghttp3_stream *stream; + int rv; + + assert(!conn->server || nghttp3_server_stream_uni(qenc_stream_id)); + assert(!conn->server || nghttp3_server_stream_uni(qdec_stream_id)); + assert(conn->server || nghttp3_client_stream_uni(qenc_stream_id)); + assert(conn->server || nghttp3_client_stream_uni(qdec_stream_id)); + + if (conn->tx.qenc || conn->tx.qdec) { + return NGHTTP3_ERR_INVALID_STATE; + } + + rv = nghttp3_conn_create_stream_dependency(conn, &stream, qenc_stream_id, 0, + NULL); + if (rv != 0) { + return rv; + } + + stream->type = NGHTTP3_STREAM_TYPE_QPACK_ENCODER; + + conn->tx.qenc = stream; + + rv = nghttp3_stream_write_stream_type(stream); + if (rv != 0) { + return rv; + } + + rv = nghttp3_conn_create_stream_dependency(conn, &stream, qdec_stream_id, 0, + NULL); + if (rv != 0) { + return rv; + } + + stream->type = NGHTTP3_STREAM_TYPE_QPACK_DECODER; + + conn->tx.qdec = stream; + + return nghttp3_stream_write_stream_type(stream); +} + +static ssize_t conn_writev_stream(nghttp3_conn *conn, int64_t *pstream_id, + int *pfin, nghttp3_vec *vec, size_t veccnt, + nghttp3_stream *stream) { + int rv; + ssize_t n; + + assert(veccnt > 0); + + rv = nghttp3_stream_fill_outq(stream); + if (rv != 0) { + return rv; + } + + if (!nghttp3_stream_uni(stream->node.nid.id) && conn->tx.qenc && + !nghttp3_stream_is_blocked(conn->tx.qenc)) { + n = nghttp3_stream_writev(conn->tx.qenc, pfin, vec, veccnt); + if (n < 0) { + return n; + } + if (n) { + *pstream_id = conn->tx.qenc->node.nid.id; + return n; + } + } + + n = nghttp3_stream_writev(stream, pfin, vec, veccnt); + if (n < 0) { + return n; + } + if (n == 0) { + return 0; + } + + *pstream_id = stream->node.nid.id; + + return n; +} + +ssize_t nghttp3_conn_writev_stream(nghttp3_conn *conn, int64_t *pstream_id, + int *pfin, nghttp3_vec *vec, size_t veccnt) { + ssize_t ncnt; + nghttp3_stream *stream; + int rv; + + *pfin = 0; + + if (veccnt == 0) { + return 0; + } + + if (conn->tx.ctrl && !nghttp3_stream_is_blocked(conn->tx.ctrl)) { + if (!(conn->flags & NGHTTP3_CONN_FLAG_MAX_PUSH_ID_QUEUED) && + conn->remote.uni.unsent_max_pushes > conn->remote.uni.max_pushes) { + rv = nghttp3_conn_submit_max_push_id(conn); + if (rv != 0) { + return rv; + } + } + + ncnt = + conn_writev_stream(conn, pstream_id, pfin, vec, veccnt, conn->tx.ctrl); + if (ncnt) { + return ncnt; + } + } + + if (conn->tx.qdec && !nghttp3_stream_is_blocked(conn->tx.qdec)) { + rv = nghttp3_stream_write_qpack_decoder_stream(conn->tx.qdec); + if (rv != 0) { + return rv; + } + + ncnt = + conn_writev_stream(conn, pstream_id, pfin, vec, veccnt, conn->tx.qdec); + if (ncnt) { + return ncnt; + } + } + + if (conn->tx.qenc && !nghttp3_stream_is_blocked(conn->tx.qenc)) { + ncnt = + conn_writev_stream(conn, pstream_id, pfin, vec, veccnt, conn->tx.qenc); + if (ncnt) { + return ncnt; + } + } + + stream = nghttp3_conn_get_next_tx_stream(conn); + if (stream == NULL) { + return 0; + } + + ncnt = conn_writev_stream(conn, pstream_id, pfin, vec, veccnt, stream); + if (ncnt < 0) { + return ncnt; + } + + if (nghttp3_stream_bidi_or_push(stream) && + !nghttp3_stream_require_schedule(stream)) { + nghttp3_stream_unschedule(stream); + } + + return ncnt; +} + +nghttp3_stream *nghttp3_conn_get_next_tx_stream(nghttp3_conn *conn) { + nghttp3_tnode *node = nghttp3_tnode_get_next(&conn->root); + + if (node == NULL) { + node = nghttp3_tnode_get_next(&conn->orphan_root); + if (node == NULL) { + return NULL; + } + } + + if (node->nid.type == NGHTTP3_NODE_ID_TYPE_PUSH) { + return nghttp3_struct_of(node, nghttp3_push_promise, node)->stream; + } + + return nghttp3_struct_of(node, nghttp3_stream, node); +} + +int nghttp3_conn_add_write_offset(nghttp3_conn *conn, int64_t stream_id, + size_t n) { + nghttp3_stream *stream = nghttp3_conn_find_stream(conn, stream_id); + int rv; + + if (stream == NULL) { + return NGHTTP3_ERR_INVALID_ARGUMENT; + } + + rv = nghttp3_stream_add_outq_offset(stream, n); + if (rv != 0) { + return rv; + } + + stream->unscheduled_nwrite += n; + if (nghttp3_stream_is_blocked(stream)) { + return 0; + } + + if (nghttp3_stream_bidi_or_push(stream)) { + if (nghttp3_stream_require_schedule(stream)) { + return nghttp3_stream_schedule(stream); + } + nghttp3_stream_unschedule(stream); + } + + return 0; +} + +int nghttp3_conn_add_ack_offset(nghttp3_conn *conn, int64_t stream_id, + size_t n) { + nghttp3_stream *stream = nghttp3_conn_find_stream(conn, stream_id); + + if (stream == NULL) { + return NGHTTP3_ERR_INVALID_ARGUMENT; + } + + return nghttp3_stream_add_ack_offset(stream, n); +} + +static int conn_submit_headers_data(nghttp3_conn *conn, nghttp3_stream *stream, + const nghttp3_nv *nva, size_t nvlen, + const nghttp3_data_reader *dr) { + int rv; + nghttp3_nv *nnva; + nghttp3_frame_entry frent; + + rv = nghttp3_nva_copy(&nnva, nva, nvlen, conn->mem); + if (rv != 0) { + return rv; + } + + frent.fr.hd.type = NGHTTP3_FRAME_HEADERS; + frent.fr.headers.nva = nnva; + frent.fr.headers.nvlen = nvlen; + + rv = nghttp3_stream_frq_add(stream, &frent); + if (rv != 0) { + nghttp3_nva_del(nnva, conn->mem); + return rv; + } + + if (dr) { + frent.fr.hd.type = NGHTTP3_FRAME_DATA; + frent.aux.data.dr = *dr; + + rv = nghttp3_stream_frq_add(stream, &frent); + if (rv != 0) { + return rv; + } + } + + if (nghttp3_stream_require_schedule(stream)) { + return nghttp3_stream_schedule(stream); + } + + return 0; +} + +int nghttp3_conn_submit_request(nghttp3_conn *conn, int64_t stream_id, + const nghttp3_nv *nva, size_t nvlen, + const nghttp3_data_reader *dr, + void *stream_user_data) { + nghttp3_stream *stream; + int rv; + + assert(!conn->server); + assert(conn->tx.qenc); + + assert(nghttp3_client_stream_bidi(stream_id)); + + /* TODO Should we check that stream_id is client stream_id? */ + /* TODO Check GOAWAY last stream ID */ + if (nghttp3_stream_uni(stream_id)) { + return NGHTTP3_ERR_INVALID_ARGUMENT; + } + + stream = nghttp3_conn_find_stream(conn, stream_id); + if (stream != NULL) { + return NGHTTP3_ERR_INVALID_ARGUMENT; + } + + rv = nghttp3_conn_create_stream(conn, &stream, stream_id); + if (rv != 0) { + return rv; + } + stream->rx.hstate = NGHTTP3_HTTP_STATE_RESP_INITIAL; + stream->tx.hstate = NGHTTP3_HTTP_STATE_REQ_END; + stream->user_data = stream_user_data; + + nghttp3_http_record_request_method(stream, nva, nvlen); + + if (dr == NULL) { + stream->flags |= NGHTTP3_STREAM_FLAG_WRITE_END_STREAM; + } + + return conn_submit_headers_data(conn, stream, nva, nvlen, dr); +} + +int nghttp3_conn_submit_info(nghttp3_conn *conn, int64_t stream_id, + const nghttp3_nv *nva, size_t nvlen) { + nghttp3_stream *stream; + + /* TODO Verify that it is allowed to send info (non-final response) + now. */ + assert(conn->server); + assert(conn->tx.qenc); + + stream = nghttp3_conn_find_stream(conn, stream_id); + if (stream == NULL) { + return NGHTTP3_ERR_INVALID_ARGUMENT; + } + + return conn_submit_headers_data(conn, stream, nva, nvlen, NULL); +} + +int nghttp3_conn_submit_response(nghttp3_conn *conn, int64_t stream_id, + const nghttp3_nv *nva, size_t nvlen, + const nghttp3_data_reader *dr) { + nghttp3_stream *stream; + + /* TODO Verify that it is allowed to send response now. */ + assert(conn->server); + assert(conn->tx.qenc); + + stream = nghttp3_conn_find_stream(conn, stream_id); + if (stream == NULL) { + return NGHTTP3_ERR_INVALID_ARGUMENT; + } + + if (dr == NULL) { + stream->flags |= NGHTTP3_STREAM_FLAG_WRITE_END_STREAM; + } + + return conn_submit_headers_data(conn, stream, nva, nvlen, dr); +} + +int nghttp3_conn_submit_trailers(nghttp3_conn *conn, int64_t stream_id, + const nghttp3_nv *nva, size_t nvlen) { + nghttp3_stream *stream; + + /* TODO Verify that it is allowed to send trailer now. */ + assert(conn->tx.qenc); + + stream = nghttp3_conn_find_stream(conn, stream_id); + if (stream == NULL) { + return NGHTTP3_ERR_INVALID_ARGUMENT; + } + + if (stream->flags & NGHTTP3_STREAM_FLAG_WRITE_END_STREAM) { + return NGHTTP3_ERR_INVALID_STATE; + } + + stream->flags |= NGHTTP3_STREAM_FLAG_WRITE_END_STREAM; + + return conn_submit_headers_data(conn, stream, nva, nvlen, NULL); +} + +int nghttp3_conn_submit_push_promise(nghttp3_conn *conn, int64_t *ppush_id, + int64_t stream_id, const nghttp3_nv *nva, + size_t nvlen) { + nghttp3_stream *stream; + int rv; + nghttp3_nv *nnva; + nghttp3_frame_entry frent; + int64_t push_id; + nghttp3_push_promise *pp; + + assert(conn->server); + assert(conn->tx.qenc); + assert(nghttp3_client_stream_bidi(stream_id)); + + stream = nghttp3_conn_find_stream(conn, stream_id); + if (stream == NULL) { + return NGHTTP3_ERR_INVALID_ARGUMENT; + } + + if (conn->local.uni.max_pushes <= (uint64_t)conn->local.uni.next_push_id) { + return NGHTTP3_ERR_PUSH_ID_BLOCKED; + } + + push_id = conn->local.uni.next_push_id; + + rv = nghttp3_conn_create_push_promise(conn, &pp, push_id, + NGHTTP3_DEFAULT_WEIGHT, &stream->node); + if (rv != 0) { + return rv; + } + + ++conn->local.uni.next_push_id; + + rv = nghttp3_nva_copy(&nnva, nva, nvlen, conn->mem); + if (rv != 0) { + return rv; + } + + frent.fr.hd.type = NGHTTP3_FRAME_PUSH_PROMISE; + frent.fr.push_promise.push_id = push_id; + frent.fr.push_promise.nva = nnva; + frent.fr.push_promise.nvlen = nvlen; + + rv = nghttp3_stream_frq_add(stream, &frent); + if (rv != 0) { + nghttp3_nva_del(nnva, conn->mem); + return rv; + } + + *ppush_id = push_id; + + if (nghttp3_stream_require_schedule(stream)) { + return nghttp3_stream_schedule(stream); + } + + return 0; +} + +int nghttp3_conn_bind_push_stream(nghttp3_conn *conn, int64_t push_id, + int64_t stream_id) { + nghttp3_push_promise *pp; + nghttp3_stream *stream; + int rv; + + assert(conn->server); + assert(nghttp3_server_stream_uni(stream_id)); + + pp = nghttp3_conn_find_push_promise(conn, push_id); + if (pp == NULL) { + return NGHTTP3_ERR_INVALID_ARGUMENT; + } + + assert(NULL == nghttp3_conn_find_stream(conn, stream_id)); + + /* Priority is held in nghttp3_push_promise. */ + rv = nghttp3_conn_create_stream_dependency(conn, &stream, stream_id, 0, NULL); + if (rv != 0) { + return rv; + } + + stream->type = NGHTTP3_STREAM_TYPE_PUSH; + stream->pp = pp; + + pp->stream = stream; + + rv = nghttp3_stream_write_stream_type_push_id(stream); + if (rv != 0) { + return rv; + } + + return 0; +} + +int nghttp3_conn_cancel_push(nghttp3_conn *conn, int64_t push_id) { + if (conn->server) { + return nghttp3_conn_server_cancel_push(conn, push_id); + } + return nghttp3_conn_client_cancel_push(conn, push_id); +} + +int nghttp3_conn_server_cancel_push(nghttp3_conn *conn, int64_t push_id) { + nghttp3_push_promise *pp; + nghttp3_frame_entry frent; + int rv; + + assert(conn->tx.ctrl); + + pp = nghttp3_conn_find_push_promise(conn, push_id); + if (pp == NULL) { + return NGHTTP3_ERR_INVALID_ARGUMENT; + } + + if (pp->stream) { + return NGHTTP3_ERR_TOO_LATE; + } + + frent.fr.hd.type = NGHTTP3_FRAME_CANCEL_PUSH; + frent.fr.cancel_push.push_id = push_id; + + rv = nghttp3_stream_frq_add(conn->tx.ctrl, &frent); + if (rv != 0) { + return rv; + } + + rv = nghttp3_tnode_squash(&pp->node); + if (rv != 0) { + return rv; + } + + conn_delete_push_promise(conn, pp); + + return 0; +} + +int nghttp3_conn_client_cancel_push(nghttp3_conn *conn, int64_t push_id) { + nghttp3_push_promise *pp; + nghttp3_frame_entry frent; + int rv; + + pp = nghttp3_conn_find_push_promise(conn, push_id); + if (pp == NULL) { + return NGHTTP3_ERR_INVALID_ARGUMENT; + } + + frent.fr.hd.type = NGHTTP3_FRAME_CANCEL_PUSH; + frent.fr.cancel_push.push_id = push_id; + + rv = nghttp3_stream_frq_add(conn->tx.ctrl, &frent); + if (rv != 0) { + return rv; + } + + if (!pp->stream && (pp->flags & NGHTTP3_PUSH_PROMISE_FLAG_RECVED)) { + conn_delete_push_promise(conn, pp); + return 0; + } + + pp->flags |= NGHTTP3_PUSH_PROMISE_FLAG_SENT_CANCEL; + + if (pp->stream) { + rv = conn_call_deferred_consume( + conn, pp->stream, nghttp3_stream_get_buffered_datalen(pp->stream)); + if (rv != 0) { + return rv; + } + nghttp3_stream_clear_buffered_data(pp->stream); + } + + return 0; +} + +int nghttp3_conn_block_stream(nghttp3_conn *conn, int64_t stream_id) { + nghttp3_stream *stream = nghttp3_conn_find_stream(conn, stream_id); + + if (stream == NULL) { + return NGHTTP3_ERR_INVALID_ARGUMENT; + } + + stream->flags |= NGHTTP3_STREAM_FLAG_FC_BLOCKED; + + if (nghttp3_stream_bidi_or_push(stream)) { + nghttp3_stream_unschedule(stream); + } + + return 0; +} + +int nghttp3_conn_unblock_stream(nghttp3_conn *conn, int64_t stream_id) { + nghttp3_stream *stream = nghttp3_conn_find_stream(conn, stream_id); + + if (stream == NULL) { + return NGHTTP3_ERR_INVALID_ARGUMENT; + } + + stream->flags &= (uint16_t)~NGHTTP3_STREAM_FLAG_FC_BLOCKED; + + if (nghttp3_stream_bidi_or_push(stream) && + nghttp3_stream_require_schedule(stream)) { + return nghttp3_stream_ensure_scheduled(stream); + } + + return 0; +} + +int nghttp3_conn_resume_stream(nghttp3_conn *conn, int64_t stream_id) { + nghttp3_stream *stream = nghttp3_conn_find_stream(conn, stream_id); + + if (stream == NULL) { + return NGHTTP3_ERR_INVALID_ARGUMENT; + } + + stream->flags &= (uint16_t)~NGHTTP3_STREAM_FLAG_READ_DATA_BLOCKED; + + if (nghttp3_stream_bidi_or_push(stream) && + nghttp3_stream_require_schedule(stream)) { + return nghttp3_stream_ensure_scheduled(stream); + } + + return 0; +} + +int nghttp3_conn_close_stream(nghttp3_conn *conn, int64_t stream_id, + uint64_t app_error_code) { + nghttp3_stream *stream = nghttp3_conn_find_stream(conn, stream_id); + int rv; + + if (stream == NULL) { + return NGHTTP3_ERR_INVALID_ARGUMENT; + } + + if (nghttp3_stream_uni(stream_id) && + stream->type != NGHTTP3_STREAM_TYPE_PUSH && + stream->type != NGHTTP3_STREAM_TYPE_UNKNOWN) { + return NGHTTP3_ERR_HTTP_CLOSED_CRITICAL_STREAM; + } + + stream->error_code = app_error_code; + + rv = nghttp3_stream_squash(stream); + if (rv != 0) { + return rv; + } + + if (stream->qpack_blocked_pe.index == NGHTTP3_PQ_BAD_INDEX && + (conn->server || !stream->pp || + (stream->pp->flags & NGHTTP3_PUSH_PROMISE_FLAG_RECVED))) { + return conn_delete_stream(conn, stream); + } + + stream->flags |= NGHTTP3_STREAM_FLAG_CLOSED; + return 0; +} + +int nghttp3_conn_reset_stream(nghttp3_conn *conn, int64_t stream_id) { + nghttp3_stream *stream; + + stream = nghttp3_conn_find_stream(conn, stream_id); + if (stream) { + stream->flags |= NGHTTP3_STREAM_FLAG_RESET; + } + return nghttp3_qpack_decoder_cancel_stream(&conn->qdec, stream_id); +} + +int nghttp3_conn_qpack_blocked_streams_push(nghttp3_conn *conn, + nghttp3_stream *stream) { + assert(stream->qpack_blocked_pe.index == NGHTTP3_PQ_BAD_INDEX); + + return nghttp3_pq_push(&conn->qpack_blocked_streams, + &stream->qpack_blocked_pe); +} + +void nghttp3_conn_qpack_blocked_streams_pop(nghttp3_conn *conn) { + assert(!nghttp3_pq_empty(&conn->qpack_blocked_streams)); + nghttp3_pq_pop(&conn->qpack_blocked_streams); +} + +void nghttp3_conn_set_max_client_streams_bidi(nghttp3_conn *conn, + uint64_t max_streams) { + assert(conn->server); + assert(conn->remote.bidi.max_client_streams <= max_streams); + + conn->remote.bidi.max_client_streams = max_streams; +} + +int nghttp3_conn_submit_priority(nghttp3_conn *conn, nghttp3_pri_elem_type pt, + int64_t pri_elem_id, nghttp3_elem_dep_type dt, + int64_t elem_dep_id, uint32_t weight, + int exclusive) { + nghttp3_frame_entry frent; + + assert(!conn->server); + + if (conn->tx.ctrl == NULL) { + return NGHTTP3_ERR_INVALID_STATE; + } + + if (pri_elem_id < 0 || elem_dep_id < 0) { + return NGHTTP3_ERR_INVALID_ARGUMENT; + } + + if (weight < 1 || 256 < weight) { + return NGHTTP3_ERR_INVALID_ARGUMENT; + } + + switch (pt) { + case NGHTTP3_PRI_ELEM_TYPE_REQUEST: + case NGHTTP3_PRI_ELEM_TYPE_PUSH: + break; + case NGHTTP3_PRI_ELEM_TYPE_PLACEHOLDER: + if ((uint64_t)pri_elem_id >= conn->remote.settings.num_placeholders) { + return NGHTTP3_ERR_INVALID_ARGUMENT; + } + break; + } + + switch (dt) { + case NGHTTP3_ELEM_DEP_TYPE_REQUEST: + case NGHTTP3_ELEM_DEP_TYPE_PUSH: + case NGHTTP3_ELEM_DEP_TYPE_ROOT: + break; + case NGHTTP3_PRI_ELEM_TYPE_PLACEHOLDER: + if ((uint64_t)elem_dep_id >= conn->remote.settings.num_placeholders) { + return NGHTTP3_ERR_INVALID_ARGUMENT; + } + break; + } + + if ((int)pt == (int)dt && pri_elem_id == elem_dep_id) { + return NGHTTP3_ERR_INVALID_ARGUMENT; + } + + frent.fr.hd.type = NGHTTP3_FRAME_PRIORITY; + frent.fr.priority.pt = pt; + frent.fr.priority.dt = dt; + frent.fr.priority.pri_elem_id = pri_elem_id; + frent.fr.priority.elem_dep_id = elem_dep_id; + frent.fr.priority.weight = weight; + frent.fr.priority.exclusive = exclusive != 0; + + return nghttp3_stream_frq_add(conn->tx.ctrl, &frent); +} + +int nghttp3_conn_submit_max_push_id(nghttp3_conn *conn) { + nghttp3_frame_entry frent; + int rv; + + assert(conn->tx.ctrl); + assert(!(conn->flags & NGHTTP3_CONN_FLAG_MAX_PUSH_ID_QUEUED)); + + frent.fr.hd.type = NGHTTP3_FRAME_MAX_PUSH_ID; + /* The acutal push_id is set when frame is serialized */ + + rv = nghttp3_stream_frq_add(conn->tx.ctrl, &frent); + if (rv != 0) { + return rv; + } + + conn->flags |= NGHTTP3_CONN_FLAG_MAX_PUSH_ID_QUEUED; + + return 0; +} + +int nghttp3_conn_set_stream_user_data(nghttp3_conn *conn, int64_t stream_id, + void *stream_user_data) { + nghttp3_stream *stream = nghttp3_conn_find_stream(conn, stream_id); + + if (stream == NULL) { + return NGHTTP3_ERR_INVALID_ARGUMENT; + } + + stream->user_data = stream_user_data; + + return 0; +} + +uint64_t nghttp3_conn_get_remote_num_placeholders(nghttp3_conn *conn) { + return conn->remote.settings.num_placeholders; +} + +int64_t nghttp3_conn_get_frame_payload_left(nghttp3_conn *conn, + int64_t stream_id) { + nghttp3_stream *stream = nghttp3_conn_find_stream(conn, stream_id); + + if (stream == NULL) { + return NGHTTP3_ERR_INVALID_ARGUMENT; + } + + return stream->rstate.left; +} + +int nghttp3_conn_is_remote_qpack_encoder_stream(nghttp3_conn *conn, + int64_t stream_id) { + nghttp3_stream *stream; + + if (!conn_remote_stream_uni(conn, stream_id)) { + return 0; + } + + stream = nghttp3_conn_find_stream(conn, stream_id); + return stream && stream->type == NGHTTP3_STREAM_TYPE_QPACK_ENCODER; +} + +void nghttp3_conn_settings_default(nghttp3_conn_settings *settings) { + memset(settings, 0, sizeof(nghttp3_conn_settings)); + settings->max_header_list_size = NGHTTP3_VARINT_MAX; +} + +int nghttp3_placeholder_new(nghttp3_placeholder **pph, int64_t ph_id, + uint64_t seq, uint32_t weight, + nghttp3_tnode *parent, const nghttp3_mem *mem) { + nghttp3_placeholder *ph; + nghttp3_node_id nid; + + ph = nghttp3_mem_calloc(mem, 1, sizeof(nghttp3_placeholder)); + if (ph == NULL) { + return NGHTTP3_ERR_NOMEM; + } + + nghttp3_tnode_init( + &ph->node, + nghttp3_node_id_init(&nid, NGHTTP3_NODE_ID_TYPE_PLACEHOLDER, ph_id), seq, + weight, parent, mem); + + ph->me.key = (key_type)ph_id; + + *pph = ph; + + return 0; +} + +void nghttp3_placeholder_del(nghttp3_placeholder *ph, const nghttp3_mem *mem) { + if (ph == NULL) { + return; + } + + nghttp3_tnode_free(&ph->node); + + nghttp3_mem_free(mem, ph); +} + +int nghttp3_push_promise_new(nghttp3_push_promise **ppp, int64_t push_id, + uint64_t seq, uint32_t weight, + nghttp3_tnode *parent, const nghttp3_mem *mem) { + nghttp3_push_promise *pp; + nghttp3_node_id nid; + + pp = nghttp3_mem_calloc(mem, 1, sizeof(nghttp3_push_promise)); + if (pp == NULL) { + return NGHTTP3_ERR_NOMEM; + } + + nghttp3_tnode_init( + &pp->node, nghttp3_node_id_init(&nid, NGHTTP3_NODE_ID_TYPE_PUSH, push_id), + seq, weight, parent, mem); + + pp->me.key = (key_type)push_id; + pp->node.nid.id = push_id; + pp->http.status_code = -1; + pp->http.content_length = -1; + + *ppp = pp; + + return 0; +} + +void nghttp3_push_promise_del(nghttp3_push_promise *pp, + const nghttp3_mem *mem) { + if (pp == NULL) { + return; + } + + nghttp3_tnode_free(&pp->node); + + nghttp3_mem_free(mem, pp); +} diff --git a/deps/nghttp3/lib/nghttp3_conn.h b/deps/nghttp3/lib/nghttp3_conn.h new file mode 100644 index 0000000000..5d78bfdbfc --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_conn.h @@ -0,0 +1,259 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGHTTP3_CONN_H +#define NGHTTP3_CONN_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include "nghttp3_stream.h" +#include "nghttp3_map.h" +#include "nghttp3_qpack.h" +#include "nghttp3_tnode.h" +#include "nghttp3_idtr.h" +#include "nghttp3_gaptr.h" + +#define NGHTTP3_VARINT_MAX ((1ull << 62) - 1) + +/* NGHTTP3_QPACK_ENCODER_MAX_TABLE_CAPACITY is the maximum dynamic + table size for QPACK encoder. */ +#define NGHTTP3_QPACK_ENCODER_MAX_TABLE_CAPACITY 16384 + +/* NGHTTP3_QPACK_ENCODER_MAX_BLOCK_STREAMS is the maximum number of + blocked streams for QPACK encoder. */ +#define NGHTTP3_QPACK_ENCODER_MAX_BLOCK_STREAMS 100 + +typedef struct { + nghttp3_map_entry me; + nghttp3_tnode node; +} nghttp3_placeholder; + +typedef enum { + NGHTTP3_PUSH_PROMISE_FLAG_NONE = 0x00, + /* NGHTTP3_PUSH_PROMISE_FLAG_RECVED is set when PUSH_PROMISE is + completely received. */ + NGHTTP3_PUSH_PROMISE_FLAG_RECVED = 0x01, + /* NGHTTP3_PUSH_PROMISE_FLAG_RECV_CANCEL is set when push is + cancelled by server before receiving PUSH_PROMISE completely. + This flag should have no effect if push stream has already + opened. */ + NGHTTP3_PUSH_PROMISE_FLAG_RECV_CANCEL = 0x02, + /* NGHTTP3_PUSH_PROMISE_FLAG_SENT_CANCEL is set when push is + canceled by client. */ + NGHTTP3_PUSH_PROMISE_FLAG_SENT_CANCEL = 0x04, + NGHTTP3_PUSH_PROMISE_FLAG_CANCELLED = NGHTTP3_PUSH_PROMISE_FLAG_RECV_CANCEL | + NGHTTP3_PUSH_PROMISE_FLAG_SENT_CANCEL, + /* NGHTTP3_PUSH_PROMISE_FLAG_PUSH_ID_RECLAIMED indicates that + unsent_max_pushes has been updated for this push ID. */ + NGHTTP3_PUSH_PROMISE_FLAG_PUSH_ID_RECLAIMED = 0x08, +} nghttp3_push_promise_flag; + +struct nghttp3_push_promise; +typedef struct nghttp3_push_promise nghttp3_push_promise; + +struct nghttp3_push_promise { + nghttp3_map_entry me; + nghttp3_tnode node; + nghttp3_http_state http; + /* stream is server initiated unidirectional stream which fulfils + the push promise. */ + nghttp3_stream *stream; + /* flags is bitwise OR of zero or more of + nghttp3_push_promise_flag. */ + uint8_t flags; +}; + +typedef enum { + NGHTTP3_CONN_FLAG_NONE = 0x0000, + NGHTTP3_CONN_FLAG_SETTINGS_RECVED = 0x0001, + NGHTTP3_CONN_FLAG_CONTROL_OPENED = 0x0002, + NGHTTP3_CONN_FLAG_QPACK_ENCODER_OPENED = 0x0004, + NGHTTP3_CONN_FLAG_QPACK_DECODER_OPENED = 0x0008, + /* NGHTTP3_CONN_FLAG_MAX_PUSH_ID_QUEUED indicates that MAX_PUSH_ID + has been queued to control stream. */ + NGHTTP3_CONN_FLAG_MAX_PUSH_ID_QUEUED = 0x0010, +} nghttp3_conn_flag; + +struct nghttp3_conn { + nghttp3_tnode root; + nghttp3_tnode orphan_root; + nghttp3_conn_callbacks callbacks; + nghttp3_map streams; + nghttp3_map placeholders; + nghttp3_map pushes; + nghttp3_qpack_decoder qdec; + nghttp3_qpack_encoder qenc; + nghttp3_pq qpack_blocked_streams; + const nghttp3_mem *mem; + void *user_data; + int server; + uint16_t flags; + uint64_t next_seq; + + struct { + nghttp3_conn_settings settings; + struct { + /* max_pushes is the number of push IDs that local endpoint can + issue. This field is used by server only. */ + uint64_t max_pushes; + /* next_push_id is the next push ID server uses. This field is + used by server only. */ + int64_t next_push_id; + } uni; + } local; + + struct { + struct { + nghttp3_idtr idtr; + /* max_client_streams is the cumulative number of client + initiated bidirectional stream ID the remote endpoint can + issue. This field is used on server side only. */ + uint64_t max_client_streams; + } bidi; + struct { + /* push_idtr tracks which push ID has been used by remote + server. This field is used by client only. */ + nghttp3_gaptr push_idtr; + /* unsent_max_pushes is the maximum number of push which the local + endpoint can accept. This limit is not yet notified to the + remote endpoint. This field is used by client only. */ + uint64_t unsent_max_pushes; + /* max_push is the maximum number of push which the local + endpoint can accept. This field is used by client only. */ + uint64_t max_pushes; + } uni; + nghttp3_conn_settings settings; + } remote; + + struct { + nghttp3_stream *ctrl; + nghttp3_stream *qenc; + nghttp3_stream *qdec; + } tx; +}; + +nghttp3_stream *nghttp3_conn_find_stream(nghttp3_conn *conn, int64_t stream_id); + +nghttp3_placeholder *nghttp3_conn_find_placeholder(nghttp3_conn *conn, + int64_t ph_id); + +nghttp3_push_promise *nghttp3_conn_find_push_promise(nghttp3_conn *conn, + int64_t push_id); + +int nghttp3_conn_create_stream(nghttp3_conn *conn, nghttp3_stream **pstream, + int64_t stream_id); + +int nghttp3_conn_create_stream_dependency(nghttp3_conn *conn, + nghttp3_stream **pstream, + int64_t stream_id, uint32_t weight, + nghttp3_tnode *parent); + +int nghttp3_conn_create_placeholder(nghttp3_conn *conn, + nghttp3_placeholder **pph, int64_t ph_id, + uint32_t weight, nghttp3_tnode *parent); + +int nghttp3_conn_create_push_promise(nghttp3_conn *conn, + nghttp3_push_promise **ppp, + int64_t push_id, uint32_t weight, + nghttp3_tnode *parent); + +ssize_t nghttp3_conn_read_bidi(nghttp3_conn *conn, size_t *pnproc, + nghttp3_stream *stream, const uint8_t *src, + size_t srclen, int fin); + +ssize_t nghttp3_conn_read_uni(nghttp3_conn *conn, nghttp3_stream *stream, + const uint8_t *src, size_t srclen, int fin); + +ssize_t nghttp3_conn_read_control(nghttp3_conn *conn, nghttp3_stream *stream, + const uint8_t *src, size_t srclen); + +ssize_t nghttp3_conn_read_push(nghttp3_conn *conn, size_t *pnproc, + nghttp3_stream *stream, const uint8_t *src, + size_t srclen, int fin); + +ssize_t nghttp3_conn_read_qpack_encoder(nghttp3_conn *conn, const uint8_t *src, + size_t srclen); + +ssize_t nghttp3_conn_read_qpack_decoder(nghttp3_conn *conn, const uint8_t *src, + size_t srclen); + +int nghttp3_conn_on_control_priority(nghttp3_conn *conn, + const nghttp3_frame_priority *fr); + +int nghttp3_conn_on_push_promise_push_id(nghttp3_conn *conn, int64_t push_id, + nghttp3_stream *stream); + +int nghttp3_conn_on_client_cancel_push(nghttp3_conn *conn, + const nghttp3_frame_cancel_push *fr); + +int nghttp3_conn_on_server_cancel_push(nghttp3_conn *conn, + const nghttp3_frame_cancel_push *fr); + +int nghttp3_conn_on_stream_push_id(nghttp3_conn *conn, nghttp3_stream *stream, + int64_t push_id); + +int nghttp3_conn_on_data(nghttp3_conn *conn, nghttp3_stream *stream, + const uint8_t *data, size_t datalen); + +ssize_t nghttp3_conn_on_headers(nghttp3_conn *conn, nghttp3_stream *stream, + nghttp3_push_promise *pp, const uint8_t *data, + size_t datalen, int fin); + +int nghttp3_conn_on_settings_entry_received(nghttp3_conn *conn, + const nghttp3_frame_settings *fr); + +int nghttp3_conn_qpack_blocked_streams_push(nghttp3_conn *conn, + nghttp3_stream *stream); + +void nghttp3_conn_qpack_blocked_streams_pop(nghttp3_conn *conn); + +int nghttp3_conn_server_cancel_push(nghttp3_conn *conn, int64_t push_id); + +int nghttp3_conn_client_cancel_push(nghttp3_conn *conn, int64_t push_id); + +int nghttp3_conn_submit_max_push_id(nghttp3_conn *conn); + +/* + * nghttp3_conn_get_next_tx_stream returns next stream to send. It + * returns NULL if there is no such stream. + */ +nghttp3_stream *nghttp3_conn_get_next_tx_stream(nghttp3_conn *conn); + +int nghttp3_placeholder_new(nghttp3_placeholder **pph, int64_t ph_id, + uint64_t seq, uint32_t weight, + nghttp3_tnode *parent, const nghttp3_mem *mem); + +void nghttp3_placeholder_del(nghttp3_placeholder *ph, const nghttp3_mem *mem); + +int nghttp3_push_promise_new(nghttp3_push_promise **ppp, int64_t push_id, + uint64_t seq, uint32_t weight, + nghttp3_tnode *parent, const nghttp3_mem *mem); + +void nghttp3_push_promise_del(nghttp3_push_promise *pp, const nghttp3_mem *mem); + +#endif /* NGHTTP3_CONN_H */ diff --git a/deps/nghttp3/lib/nghttp3_conv.c b/deps/nghttp3/lib/nghttp3_conv.c new file mode 100644 index 0000000000..2b513e20b8 --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_conv.c @@ -0,0 +1,130 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "nghttp3_conv.h" + +#include +#include + +#include "nghttp3_str.h" + +int64_t nghttp3_get_varint(size_t *plen, const uint8_t *p) { + union { + char b[8]; + uint16_t n16; + uint32_t n32; + uint64_t n64; + } n; + + *plen = 1u << (*p >> 6); + + switch (*plen) { + case 1: + return (int64_t)*p; + case 2: + memcpy(&n, p, 2); + n.b[0] &= 0x3f; + return (int64_t)ntohs(n.n16); + case 4: + memcpy(&n, p, 4); + n.b[0] &= 0x3f; + return (int64_t)ntohl(n.n32); + case 8: + memcpy(&n, p, 8); + n.b[0] &= 0x3f; + return (int64_t)bswap64(n.n64); + } + + assert(0); +} + +int64_t nghttp3_get_varint_fb(const uint8_t *p) { return *p & 0x3f; } + +size_t nghttp3_get_varint_len(const uint8_t *p) { return 1u << (*p >> 6); } + +uint8_t *nghttp3_put_uint64be(uint8_t *p, uint64_t n) { + n = bswap64(n); + return nghttp3_cpymem(p, (const uint8_t *)&n, sizeof(n)); +} + +uint8_t *nghttp3_put_uint48be(uint8_t *p, uint64_t n) { + n = bswap64(n); + return nghttp3_cpymem(p, ((const uint8_t *)&n) + 2, 6); +} + +uint8_t *nghttp3_put_uint32be(uint8_t *p, uint32_t n) { + n = htonl(n); + return nghttp3_cpymem(p, (const uint8_t *)&n, sizeof(n)); +} + +uint8_t *nghttp3_put_uint24be(uint8_t *p, uint32_t n) { + n = htonl(n); + return nghttp3_cpymem(p, ((const uint8_t *)&n) + 1, 3); +} + +uint8_t *nghttp3_put_uint16be(uint8_t *p, uint16_t n) { + n = htons(n); + return nghttp3_cpymem(p, (const uint8_t *)&n, sizeof(n)); +} + +uint8_t *nghttp3_put_varint(uint8_t *p, int64_t n) { + uint8_t *rv; + if (n < 64) { + *p++ = (uint8_t)n; + return p; + } + if (n < 16384) { + rv = nghttp3_put_uint16be(p, (uint16_t)n); + *p |= 0x40; + return rv; + } + if (n < 1073741824) { + rv = nghttp3_put_uint32be(p, (uint32_t)n); + *p |= 0x80; + return rv; + } + assert(n < 4611686018427387904LL); + rv = nghttp3_put_uint64be(p, (uint64_t)n); + *p |= 0xc0; + return rv; +} + +size_t nghttp3_put_varint_len(int64_t n) { + if (n < 64) { + return 1; + } + if (n < 16384) { + return 2; + } + if (n < 1073741824) { + return 4; + } + assert(n < 4611686018427387904LL); + return 8; +} + +uint64_t nghttp3_ord_stream_id(int64_t stream_id) { + return (uint64_t)(stream_id >> 2) + 1; +} diff --git a/deps/nghttp3/lib/nghttp3_conv.h b/deps/nghttp3/lib/nghttp3_conv.h new file mode 100644 index 0000000000..84b81e3a10 --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_conv.h @@ -0,0 +1,117 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGHTTP3_CONV_H +#define NGHTTP3_CONV_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#ifdef HAVE_ARPA_INET_H +# include +#endif /* HAVE_ARPA_INET_H */ + +#include + +#ifdef WORDS_BIGENDIAN +# define bswap64(N) (N) +#else /* !WORDS_BIGENDIAN */ +# define bswap64(N) \ + ((uint64_t)(ntohl((uint32_t)(N))) << 32 | ntohl((uint32_t)((N) >> 32))) +#endif /* !WORDS_BIGENDIAN */ + +/* + * nghttp3_get_varint reads variable-length integer from |p|, and + * returns it in host byte order. The number of bytes read is stored + * in |*plen|. + */ +int64_t nghttp3_get_varint(size_t *plen, const uint8_t *p); + +/* + * nghttp3_get_varint_fb reads first byte of encoded variable-length + * integer from |p|. + */ +int64_t nghttp3_get_varint_fb(const uint8_t *p); + +/* + * nghttp3_get_varint_len returns the required number of bytes to read + * variable-length integer starting at |p|. + */ +size_t nghttp3_get_varint_len(const uint8_t *p); + +/* + * nghttp3_put_uint64be writes |n| in host byte order in |p| in + * network byte order. It returns the one beyond of the last written + * position. + */ +uint8_t *nghttp3_put_uint64be(uint8_t *p, uint64_t n); + +/* + * nghttp3_put_uint48be writes |n| in host byte order in |p| in + * network byte order. It writes only least significant 48 bits. It + * returns the one beyond of the last written position. + */ +uint8_t *nghttp3_put_uint48be(uint8_t *p, uint64_t n); + +/* + * nghttp3_put_uint32be writes |n| in host byte order in |p| in + * network byte order. It returns the one beyond of the last written + * position. + */ +uint8_t *nghttp3_put_uint32be(uint8_t *p, uint32_t n); + +/* + * nghttp3_put_uint24be writes |n| in host byte order in |p| in + * network byte order. It writes only least significant 24 bits. It + * returns the one beyond of the last written position. + */ +uint8_t *nghttp3_put_uint24be(uint8_t *p, uint32_t n); + +/* + * nghttp3_put_uint16be writes |n| in host byte order in |p| in + * network byte order. It returns the one beyond of the last written + * position. + */ +uint8_t *nghttp3_put_uint16be(uint8_t *p, uint16_t n); + +/* + * nghttp3_put_varint writes |n| in |p| using variable-length integer + * encoding. It returns the one beyond of the last written position. + */ +uint8_t *nghttp3_put_varint(uint8_t *p, int64_t n); + +/* + * nghttp3_put_varint_len returns the required number of bytes to + * encode |n|. + */ +size_t nghttp3_put_varint_len(int64_t n); + +/* + * nghttp3_ord_stream_id returns the ordinal number of |stream_id|. + */ +uint64_t nghttp3_ord_stream_id(int64_t stream_id); + +#endif /* NGHTTP3_CONV_H */ diff --git a/deps/nghttp3/lib/nghttp3_debug.c b/deps/nghttp3/lib/nghttp3_debug.c new file mode 100644 index 0000000000..4021b0dc46 --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_debug.c @@ -0,0 +1,61 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2016 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "nghttp3_debug.h" + +#include + +#ifdef DEBUGBUILD + +static void nghttp3_default_debug_vfprintf_callback(const char *fmt, + va_list args) { + vfprintf(stderr, fmt, args); +} + +static nghttp3_debug_vprintf_callback static_debug_vprintf_callback = + nghttp3_default_debug_vfprintf_callback; + +void nghttp3_debug_vprintf(const char *format, ...) { + if (static_debug_vprintf_callback) { + va_list args; + va_start(args, format); + static_debug_vprintf_callback(format, args); + va_end(args); + } +} + +void nghttp3_set_debug_vprintf_callback( + nghttp3_debug_vprintf_callback debug_vprintf_callback) { + static_debug_vprintf_callback = debug_vprintf_callback; +} + +#else /* !DEBUGBUILD */ + +void nghttp3_set_debug_vprintf_callback( + nghttp3_debug_vprintf_callback debug_vprintf_callback) { + (void)debug_vprintf_callback; +} + +#endif /* !DEBUGBUILD */ diff --git a/deps/nghttp3/lib/nghttp3_debug.h b/deps/nghttp3/lib/nghttp3_debug.h new file mode 100644 index 0000000000..01ed918414 --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_debug.h @@ -0,0 +1,44 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2016 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGHTTP3_DEBUG_H +#define NGHTTP3_DEBUG_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#ifdef DEBUGBUILD +# define DEBUGF(...) nghttp3_debug_vprintf(__VA_ARGS__) +void nghttp3_debug_vprintf(const char *format, ...); +#else +# define DEBUGF(...) \ + do { \ + } while (0) +#endif + +#endif /* NGHTTP3_DEBUG_H */ diff --git a/deps/nghttp3/lib/nghttp3_err.c b/deps/nghttp3/lib/nghttp3_err.c new file mode 100644 index 0000000000..ccae4aa227 --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_err.c @@ -0,0 +1,660 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "nghttp3_err.h" + +const char *nghttp3_strerror(int liberr) { + switch (liberr) { + case NGHTTP3_ERR_INVALID_ARGUMENT: + return "ERR_INVALID_ARGUMENT"; + case NGHTTP3_ERR_NOBUF: + return "ERR_NOBUF"; + case NGHTTP3_ERR_INVALID_STATE: + return "ERR_INVALID_STATE"; + case NGHTTP3_ERR_WOULDBLOCK: + return "ERR_WOULDBLOCK"; + case NGHTTP3_ERR_STREAM_IN_USE: + return "ERR_STREAM_IN_USE"; + case NGHTTP3_ERR_PUSH_ID_BLOCKED: + return "ERR_PUSH_ID_BLOCKED"; + case NGHTTP3_ERR_MALFORMED_HTTP_HEADER: + return "ERR_MALFORMED_HTTP_HEADER"; + case NGHTTP3_ERR_REMOVE_HTTP_HEADER: + return "ERR_REMOVE_HTTP_HEADER"; + case NGHTTP3_ERR_MALFORMED_HTTP_MESSAGING: + return "ERR_MALFORMED_HTTP_MESSAGING"; + case NGHTTP3_ERR_TOO_LATE: + return "ERR_TOO_LATE"; + case NGHTTP3_ERR_QPACK_FATAL: + return "ERR_QPACK_FATAL"; + case NGHTTP3_ERR_QPACK_HEADER_TOO_LARGE: + return "ERR_QPACK_HEADER_TOO_LARGE"; + case NGHTTP3_ERR_IGNORE_STREAM: + return "ERR_IGNORE_STREAM"; + case NGHTTP3_ERR_HTTP_QPACK_DECOMPRESSION_FAILED: + return "ERR_HTTP_QPACK_DECOMPRESSION_FAILED"; + case NGHTTP3_ERR_HTTP_QPACK_ENCODER_STREAM_ERROR: + return "ERR_HTTP_QPACK_ENCODER_STREAM_ERROR"; + case NGHTTP3_ERR_HTTP_QPACK_DECODER_STREAM_ERROR: + return "ERR_HTTP_QPACK_DECODER_STREAM_ERROR"; + case NGHTTP3_ERR_HTTP_UNEXPECTED_FRAME: + return "ERR_HTTP_UNEXPECTED_FRAME"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - NGHTTP3_FRAME_DATA: + return "ERR_HTTP_MALFORMED_FRAME_DATA"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - NGHTTP3_FRAME_HEADERS: + return "ERR_HTTP_MALFORMED_FRAME_HEADERS"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - NGHTTP3_FRAME_PRIORITY: + return "ERR_HTTP_MALFORMED_FRAME_PRIORITY"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - NGHTTP3_FRAME_CANCEL_PUSH: + return "ERR_HTTP_MALFORMED_FRAME_CANCEL_PUSH"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - NGHTTP3_FRAME_SETTINGS: + return "ERR_HTTP_MALFORMED_FRAME_SETTINGS"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - NGHTTP3_FRAME_PUSH_PROMISE: + return "ERR_HTTP_MALFORMED_FRAME_PUSH_PROMISE"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - NGHTTP3_FRAME_GOAWAY: + return "ERR_HTTP_MALFORMED_FRAME_GOAWAY"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - NGHTTP3_FRAME_MAX_PUSH_ID: + return "ERR_HTTP_MALFORMED_FRAME_MAX_PUSH_ID"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - NGHTTP3_FRAME_DUPLICATE_PUSH: + return "ERR_HTTP_MALFORMED_FRAME_DUPLICATE_PUSH"; + /* Generated by genstrerror.py */ + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x06: + return "ERR_HTTP_MALFORMED_FRAME_0X06"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x08: + return "ERR_HTTP_MALFORMED_FRAME_0X08"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x09: + return "ERR_HTTP_MALFORMED_FRAME_0X09"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x0a: + return "ERR_HTTP_MALFORMED_FRAME_0X0A"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x0b: + return "ERR_HTTP_MALFORMED_FRAME_0X0B"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x0c: + return "ERR_HTTP_MALFORMED_FRAME_0X0C"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x0f: + return "ERR_HTTP_MALFORMED_FRAME_0X0F"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x10: + return "ERR_HTTP_MALFORMED_FRAME_0X10"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x11: + return "ERR_HTTP_MALFORMED_FRAME_0X11"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x12: + return "ERR_HTTP_MALFORMED_FRAME_0X12"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x13: + return "ERR_HTTP_MALFORMED_FRAME_0X13"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x14: + return "ERR_HTTP_MALFORMED_FRAME_0X14"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x15: + return "ERR_HTTP_MALFORMED_FRAME_0X15"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x16: + return "ERR_HTTP_MALFORMED_FRAME_0X16"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x17: + return "ERR_HTTP_MALFORMED_FRAME_0X17"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x18: + return "ERR_HTTP_MALFORMED_FRAME_0X18"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x19: + return "ERR_HTTP_MALFORMED_FRAME_0X19"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x1a: + return "ERR_HTTP_MALFORMED_FRAME_0X1A"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x1b: + return "ERR_HTTP_MALFORMED_FRAME_0X1B"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x1c: + return "ERR_HTTP_MALFORMED_FRAME_0X1C"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x1d: + return "ERR_HTTP_MALFORMED_FRAME_0X1D"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x1e: + return "ERR_HTTP_MALFORMED_FRAME_0X1E"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x1f: + return "ERR_HTTP_MALFORMED_FRAME_0X1F"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x20: + return "ERR_HTTP_MALFORMED_FRAME_0X20"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x21: + return "ERR_HTTP_MALFORMED_FRAME_0X21"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x22: + return "ERR_HTTP_MALFORMED_FRAME_0X22"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x23: + return "ERR_HTTP_MALFORMED_FRAME_0X23"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x24: + return "ERR_HTTP_MALFORMED_FRAME_0X24"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x25: + return "ERR_HTTP_MALFORMED_FRAME_0X25"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x26: + return "ERR_HTTP_MALFORMED_FRAME_0X26"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x27: + return "ERR_HTTP_MALFORMED_FRAME_0X27"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x28: + return "ERR_HTTP_MALFORMED_FRAME_0X28"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x29: + return "ERR_HTTP_MALFORMED_FRAME_0X29"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x2a: + return "ERR_HTTP_MALFORMED_FRAME_0X2A"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x2b: + return "ERR_HTTP_MALFORMED_FRAME_0X2B"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x2c: + return "ERR_HTTP_MALFORMED_FRAME_0X2C"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x2d: + return "ERR_HTTP_MALFORMED_FRAME_0X2D"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x2e: + return "ERR_HTTP_MALFORMED_FRAME_0X2E"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x2f: + return "ERR_HTTP_MALFORMED_FRAME_0X2F"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x30: + return "ERR_HTTP_MALFORMED_FRAME_0X30"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x31: + return "ERR_HTTP_MALFORMED_FRAME_0X31"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x32: + return "ERR_HTTP_MALFORMED_FRAME_0X32"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x33: + return "ERR_HTTP_MALFORMED_FRAME_0X33"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x34: + return "ERR_HTTP_MALFORMED_FRAME_0X34"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x35: + return "ERR_HTTP_MALFORMED_FRAME_0X35"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x36: + return "ERR_HTTP_MALFORMED_FRAME_0X36"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x37: + return "ERR_HTTP_MALFORMED_FRAME_0X37"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x38: + return "ERR_HTTP_MALFORMED_FRAME_0X38"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x39: + return "ERR_HTTP_MALFORMED_FRAME_0X39"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x3a: + return "ERR_HTTP_MALFORMED_FRAME_0X3A"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x3b: + return "ERR_HTTP_MALFORMED_FRAME_0X3B"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x3c: + return "ERR_HTTP_MALFORMED_FRAME_0X3C"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x3d: + return "ERR_HTTP_MALFORMED_FRAME_0X3D"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x3e: + return "ERR_HTTP_MALFORMED_FRAME_0X3E"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x3f: + return "ERR_HTTP_MALFORMED_FRAME_0X3F"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x40: + return "ERR_HTTP_MALFORMED_FRAME_0X40"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x41: + return "ERR_HTTP_MALFORMED_FRAME_0X41"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x42: + return "ERR_HTTP_MALFORMED_FRAME_0X42"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x43: + return "ERR_HTTP_MALFORMED_FRAME_0X43"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x44: + return "ERR_HTTP_MALFORMED_FRAME_0X44"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x45: + return "ERR_HTTP_MALFORMED_FRAME_0X45"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x46: + return "ERR_HTTP_MALFORMED_FRAME_0X46"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x47: + return "ERR_HTTP_MALFORMED_FRAME_0X47"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x48: + return "ERR_HTTP_MALFORMED_FRAME_0X48"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x49: + return "ERR_HTTP_MALFORMED_FRAME_0X49"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x4a: + return "ERR_HTTP_MALFORMED_FRAME_0X4A"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x4b: + return "ERR_HTTP_MALFORMED_FRAME_0X4B"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x4c: + return "ERR_HTTP_MALFORMED_FRAME_0X4C"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x4d: + return "ERR_HTTP_MALFORMED_FRAME_0X4D"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x4e: + return "ERR_HTTP_MALFORMED_FRAME_0X4E"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x4f: + return "ERR_HTTP_MALFORMED_FRAME_0X4F"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x50: + return "ERR_HTTP_MALFORMED_FRAME_0X50"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x51: + return "ERR_HTTP_MALFORMED_FRAME_0X51"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x52: + return "ERR_HTTP_MALFORMED_FRAME_0X52"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x53: + return "ERR_HTTP_MALFORMED_FRAME_0X53"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x54: + return "ERR_HTTP_MALFORMED_FRAME_0X54"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x55: + return "ERR_HTTP_MALFORMED_FRAME_0X55"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x56: + return "ERR_HTTP_MALFORMED_FRAME_0X56"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x57: + return "ERR_HTTP_MALFORMED_FRAME_0X57"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x58: + return "ERR_HTTP_MALFORMED_FRAME_0X58"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x59: + return "ERR_HTTP_MALFORMED_FRAME_0X59"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x5a: + return "ERR_HTTP_MALFORMED_FRAME_0X5A"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x5b: + return "ERR_HTTP_MALFORMED_FRAME_0X5B"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x5c: + return "ERR_HTTP_MALFORMED_FRAME_0X5C"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x5d: + return "ERR_HTTP_MALFORMED_FRAME_0X5D"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x5e: + return "ERR_HTTP_MALFORMED_FRAME_0X5E"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x5f: + return "ERR_HTTP_MALFORMED_FRAME_0X5F"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x60: + return "ERR_HTTP_MALFORMED_FRAME_0X60"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x61: + return "ERR_HTTP_MALFORMED_FRAME_0X61"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x62: + return "ERR_HTTP_MALFORMED_FRAME_0X62"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x63: + return "ERR_HTTP_MALFORMED_FRAME_0X63"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x64: + return "ERR_HTTP_MALFORMED_FRAME_0X64"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x65: + return "ERR_HTTP_MALFORMED_FRAME_0X65"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x66: + return "ERR_HTTP_MALFORMED_FRAME_0X66"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x67: + return "ERR_HTTP_MALFORMED_FRAME_0X67"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x68: + return "ERR_HTTP_MALFORMED_FRAME_0X68"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x69: + return "ERR_HTTP_MALFORMED_FRAME_0X69"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x6a: + return "ERR_HTTP_MALFORMED_FRAME_0X6A"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x6b: + return "ERR_HTTP_MALFORMED_FRAME_0X6B"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x6c: + return "ERR_HTTP_MALFORMED_FRAME_0X6C"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x6d: + return "ERR_HTTP_MALFORMED_FRAME_0X6D"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x6e: + return "ERR_HTTP_MALFORMED_FRAME_0X6E"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x6f: + return "ERR_HTTP_MALFORMED_FRAME_0X6F"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x70: + return "ERR_HTTP_MALFORMED_FRAME_0X70"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x71: + return "ERR_HTTP_MALFORMED_FRAME_0X71"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x72: + return "ERR_HTTP_MALFORMED_FRAME_0X72"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x73: + return "ERR_HTTP_MALFORMED_FRAME_0X73"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x74: + return "ERR_HTTP_MALFORMED_FRAME_0X74"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x75: + return "ERR_HTTP_MALFORMED_FRAME_0X75"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x76: + return "ERR_HTTP_MALFORMED_FRAME_0X76"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x77: + return "ERR_HTTP_MALFORMED_FRAME_0X77"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x78: + return "ERR_HTTP_MALFORMED_FRAME_0X78"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x79: + return "ERR_HTTP_MALFORMED_FRAME_0X79"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x7a: + return "ERR_HTTP_MALFORMED_FRAME_0X7A"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x7b: + return "ERR_HTTP_MALFORMED_FRAME_0X7B"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x7c: + return "ERR_HTTP_MALFORMED_FRAME_0X7C"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x7d: + return "ERR_HTTP_MALFORMED_FRAME_0X7D"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x7e: + return "ERR_HTTP_MALFORMED_FRAME_0X7E"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x7f: + return "ERR_HTTP_MALFORMED_FRAME_0X7F"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x80: + return "ERR_HTTP_MALFORMED_FRAME_0X80"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x81: + return "ERR_HTTP_MALFORMED_FRAME_0X81"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x82: + return "ERR_HTTP_MALFORMED_FRAME_0X82"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x83: + return "ERR_HTTP_MALFORMED_FRAME_0X83"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x84: + return "ERR_HTTP_MALFORMED_FRAME_0X84"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x85: + return "ERR_HTTP_MALFORMED_FRAME_0X85"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x86: + return "ERR_HTTP_MALFORMED_FRAME_0X86"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x87: + return "ERR_HTTP_MALFORMED_FRAME_0X87"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x88: + return "ERR_HTTP_MALFORMED_FRAME_0X88"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x89: + return "ERR_HTTP_MALFORMED_FRAME_0X89"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x8a: + return "ERR_HTTP_MALFORMED_FRAME_0X8A"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x8b: + return "ERR_HTTP_MALFORMED_FRAME_0X8B"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x8c: + return "ERR_HTTP_MALFORMED_FRAME_0X8C"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x8d: + return "ERR_HTTP_MALFORMED_FRAME_0X8D"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x8e: + return "ERR_HTTP_MALFORMED_FRAME_0X8E"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x8f: + return "ERR_HTTP_MALFORMED_FRAME_0X8F"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x90: + return "ERR_HTTP_MALFORMED_FRAME_0X90"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x91: + return "ERR_HTTP_MALFORMED_FRAME_0X91"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x92: + return "ERR_HTTP_MALFORMED_FRAME_0X92"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x93: + return "ERR_HTTP_MALFORMED_FRAME_0X93"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x94: + return "ERR_HTTP_MALFORMED_FRAME_0X94"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x95: + return "ERR_HTTP_MALFORMED_FRAME_0X95"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x96: + return "ERR_HTTP_MALFORMED_FRAME_0X96"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x97: + return "ERR_HTTP_MALFORMED_FRAME_0X97"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x98: + return "ERR_HTTP_MALFORMED_FRAME_0X98"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x99: + return "ERR_HTTP_MALFORMED_FRAME_0X99"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x9a: + return "ERR_HTTP_MALFORMED_FRAME_0X9A"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x9b: + return "ERR_HTTP_MALFORMED_FRAME_0X9B"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x9c: + return "ERR_HTTP_MALFORMED_FRAME_0X9C"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x9d: + return "ERR_HTTP_MALFORMED_FRAME_0X9D"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x9e: + return "ERR_HTTP_MALFORMED_FRAME_0X9E"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0x9f: + return "ERR_HTTP_MALFORMED_FRAME_0X9F"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xa0: + return "ERR_HTTP_MALFORMED_FRAME_0XA0"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xa1: + return "ERR_HTTP_MALFORMED_FRAME_0XA1"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xa2: + return "ERR_HTTP_MALFORMED_FRAME_0XA2"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xa3: + return "ERR_HTTP_MALFORMED_FRAME_0XA3"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xa4: + return "ERR_HTTP_MALFORMED_FRAME_0XA4"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xa5: + return "ERR_HTTP_MALFORMED_FRAME_0XA5"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xa6: + return "ERR_HTTP_MALFORMED_FRAME_0XA6"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xa7: + return "ERR_HTTP_MALFORMED_FRAME_0XA7"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xa8: + return "ERR_HTTP_MALFORMED_FRAME_0XA8"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xa9: + return "ERR_HTTP_MALFORMED_FRAME_0XA9"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xaa: + return "ERR_HTTP_MALFORMED_FRAME_0XAA"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xab: + return "ERR_HTTP_MALFORMED_FRAME_0XAB"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xac: + return "ERR_HTTP_MALFORMED_FRAME_0XAC"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xad: + return "ERR_HTTP_MALFORMED_FRAME_0XAD"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xae: + return "ERR_HTTP_MALFORMED_FRAME_0XAE"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xaf: + return "ERR_HTTP_MALFORMED_FRAME_0XAF"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xb0: + return "ERR_HTTP_MALFORMED_FRAME_0XB0"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xb1: + return "ERR_HTTP_MALFORMED_FRAME_0XB1"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xb2: + return "ERR_HTTP_MALFORMED_FRAME_0XB2"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xb3: + return "ERR_HTTP_MALFORMED_FRAME_0XB3"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xb4: + return "ERR_HTTP_MALFORMED_FRAME_0XB4"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xb5: + return "ERR_HTTP_MALFORMED_FRAME_0XB5"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xb6: + return "ERR_HTTP_MALFORMED_FRAME_0XB6"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xb7: + return "ERR_HTTP_MALFORMED_FRAME_0XB7"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xb8: + return "ERR_HTTP_MALFORMED_FRAME_0XB8"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xb9: + return "ERR_HTTP_MALFORMED_FRAME_0XB9"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xba: + return "ERR_HTTP_MALFORMED_FRAME_0XBA"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xbb: + return "ERR_HTTP_MALFORMED_FRAME_0XBB"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xbc: + return "ERR_HTTP_MALFORMED_FRAME_0XBC"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xbd: + return "ERR_HTTP_MALFORMED_FRAME_0XBD"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xbe: + return "ERR_HTTP_MALFORMED_FRAME_0XBE"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xbf: + return "ERR_HTTP_MALFORMED_FRAME_0XBF"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xc0: + return "ERR_HTTP_MALFORMED_FRAME_0XC0"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xc1: + return "ERR_HTTP_MALFORMED_FRAME_0XC1"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xc2: + return "ERR_HTTP_MALFORMED_FRAME_0XC2"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xc3: + return "ERR_HTTP_MALFORMED_FRAME_0XC3"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xc4: + return "ERR_HTTP_MALFORMED_FRAME_0XC4"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xc5: + return "ERR_HTTP_MALFORMED_FRAME_0XC5"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xc6: + return "ERR_HTTP_MALFORMED_FRAME_0XC6"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xc7: + return "ERR_HTTP_MALFORMED_FRAME_0XC7"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xc8: + return "ERR_HTTP_MALFORMED_FRAME_0XC8"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xc9: + return "ERR_HTTP_MALFORMED_FRAME_0XC9"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xca: + return "ERR_HTTP_MALFORMED_FRAME_0XCA"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xcb: + return "ERR_HTTP_MALFORMED_FRAME_0XCB"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xcc: + return "ERR_HTTP_MALFORMED_FRAME_0XCC"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xcd: + return "ERR_HTTP_MALFORMED_FRAME_0XCD"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xce: + return "ERR_HTTP_MALFORMED_FRAME_0XCE"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xcf: + return "ERR_HTTP_MALFORMED_FRAME_0XCF"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xd0: + return "ERR_HTTP_MALFORMED_FRAME_0XD0"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xd1: + return "ERR_HTTP_MALFORMED_FRAME_0XD1"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xd2: + return "ERR_HTTP_MALFORMED_FRAME_0XD2"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xd3: + return "ERR_HTTP_MALFORMED_FRAME_0XD3"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xd4: + return "ERR_HTTP_MALFORMED_FRAME_0XD4"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xd5: + return "ERR_HTTP_MALFORMED_FRAME_0XD5"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xd6: + return "ERR_HTTP_MALFORMED_FRAME_0XD6"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xd7: + return "ERR_HTTP_MALFORMED_FRAME_0XD7"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xd8: + return "ERR_HTTP_MALFORMED_FRAME_0XD8"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xd9: + return "ERR_HTTP_MALFORMED_FRAME_0XD9"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xda: + return "ERR_HTTP_MALFORMED_FRAME_0XDA"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xdb: + return "ERR_HTTP_MALFORMED_FRAME_0XDB"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xdc: + return "ERR_HTTP_MALFORMED_FRAME_0XDC"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xdd: + return "ERR_HTTP_MALFORMED_FRAME_0XDD"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xde: + return "ERR_HTTP_MALFORMED_FRAME_0XDE"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xdf: + return "ERR_HTTP_MALFORMED_FRAME_0XDF"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xe0: + return "ERR_HTTP_MALFORMED_FRAME_0XE0"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xe1: + return "ERR_HTTP_MALFORMED_FRAME_0XE1"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xe2: + return "ERR_HTTP_MALFORMED_FRAME_0XE2"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xe3: + return "ERR_HTTP_MALFORMED_FRAME_0XE3"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xe4: + return "ERR_HTTP_MALFORMED_FRAME_0XE4"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xe5: + return "ERR_HTTP_MALFORMED_FRAME_0XE5"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xe6: + return "ERR_HTTP_MALFORMED_FRAME_0XE6"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xe7: + return "ERR_HTTP_MALFORMED_FRAME_0XE7"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xe8: + return "ERR_HTTP_MALFORMED_FRAME_0XE8"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xe9: + return "ERR_HTTP_MALFORMED_FRAME_0XE9"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xea: + return "ERR_HTTP_MALFORMED_FRAME_0XEA"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xeb: + return "ERR_HTTP_MALFORMED_FRAME_0XEB"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xec: + return "ERR_HTTP_MALFORMED_FRAME_0XEC"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xed: + return "ERR_HTTP_MALFORMED_FRAME_0XED"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xee: + return "ERR_HTTP_MALFORMED_FRAME_0XEE"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xef: + return "ERR_HTTP_MALFORMED_FRAME_0XEF"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xf0: + return "ERR_HTTP_MALFORMED_FRAME_0XF0"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xf1: + return "ERR_HTTP_MALFORMED_FRAME_0XF1"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xf2: + return "ERR_HTTP_MALFORMED_FRAME_0XF2"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xf3: + return "ERR_HTTP_MALFORMED_FRAME_0XF3"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xf4: + return "ERR_HTTP_MALFORMED_FRAME_0XF4"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xf5: + return "ERR_HTTP_MALFORMED_FRAME_0XF5"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xf6: + return "ERR_HTTP_MALFORMED_FRAME_0XF6"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xf7: + return "ERR_HTTP_MALFORMED_FRAME_0XF7"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xf8: + return "ERR_HTTP_MALFORMED_FRAME_0XF8"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xf9: + return "ERR_HTTP_MALFORMED_FRAME_0XF9"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xfa: + return "ERR_HTTP_MALFORMED_FRAME_0XFA"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xfb: + return "ERR_HTTP_MALFORMED_FRAME_0XFB"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xfc: + return "ERR_HTTP_MALFORMED_FRAME_0XFC"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xfd: + return "ERR_HTTP_MALFORMED_FRAME_0XFD"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xfe: + return "ERR_HTTP_MALFORMED_FRAME_0XFE"; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xff: + return "ERR_HTTP_MALFORMED_FRAME_0XFF"; + case NGHTTP3_ERR_HTTP_MISSING_SETTINGS: + return "ERR_HTTP_MISSING_SETTINGS"; + case NGHTTP3_ERR_HTTP_WRONG_STREAM: + return "ERR_HTTP_WRONG_STREAM"; + case NGHTTP3_ERR_HTTP_INTERNAL_ERROR: + return "ERR_HTTP_INTERNAL_ERROR"; + case NGHTTP3_ERR_HTTP_CLOSED_CRITICAL_STREAM: + return "ERR_CLOSED_CRITICAL_STREAM"; + case NGHTTP3_ERR_HTTP_GENERAL_PROTOCOL_ERROR: + return "ERR_HTTP_GENERAL_PROTOCOL_ERROR"; + case NGHTTP3_ERR_HTTP_ID_ERROR: + return "ERR_HTTP_ID_ERROR"; + case NGHTTP3_ERR_HTTP_SETTINGS_ERROR: + return "ERR_HTTP_SETTINGS_ERROR"; + case NGHTTP3_ERR_HTTP_STREAM_CREATION_ERROR: + return "ERR_HTTP_STREAM_CREATION_ERROR"; + case NGHTTP3_ERR_NOMEM: + return "ERR_NOMEM"; + case NGHTTP3_ERR_CALLBACK_FAILURE: + return "ERR_CALLBACK_FAILURE"; + default: + return "(unknown)"; + } +} + +int nghttp3_err_malformed_frame(int64_t type) { + if (type > 0xfe) { + return NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 0xff; + } + return NGHTTP3_ERR_HTTP_MALFORMED_FRAME - (int)type; +} + +uint64_t nghttp3_err_infer_quic_app_error_code(int liberr) { + switch (liberr) { + case NGHTTP3_ERR_HTTP_QPACK_DECOMPRESSION_FAILED: + return NGHTTP3_HTTP_QPACK_DECOMPRESSION_FAILED; + case NGHTTP3_ERR_HTTP_QPACK_ENCODER_STREAM_ERROR: + return NGHTTP3_HTTP_QPACK_ENCODER_STREAM_ERROR; + case NGHTTP3_ERR_HTTP_QPACK_DECODER_STREAM_ERROR: + return NGHTTP3_HTTP_QPACK_DECODER_STREAM_ERROR; + case NGHTTP3_ERR_HTTP_UNEXPECTED_FRAME: + return NGHTTP3_HTTP_UNEXPECTED_FRAME; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - NGHTTP3_FRAME_DATA: + return NGHTTP3_HTTP_MALFORMED_FRAME + NGHTTP3_FRAME_DATA; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - NGHTTP3_FRAME_HEADERS: + return NGHTTP3_HTTP_MALFORMED_FRAME + NGHTTP3_FRAME_HEADERS; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - NGHTTP3_FRAME_PRIORITY: + return NGHTTP3_HTTP_MALFORMED_FRAME + NGHTTP3_FRAME_PRIORITY; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - NGHTTP3_FRAME_CANCEL_PUSH: + return NGHTTP3_HTTP_MALFORMED_FRAME + NGHTTP3_FRAME_CANCEL_PUSH; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - NGHTTP3_FRAME_SETTINGS: + return NGHTTP3_HTTP_MALFORMED_FRAME + NGHTTP3_FRAME_SETTINGS; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - NGHTTP3_FRAME_PUSH_PROMISE: + return NGHTTP3_HTTP_MALFORMED_FRAME + NGHTTP3_FRAME_PUSH_PROMISE; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - NGHTTP3_FRAME_GOAWAY: + return NGHTTP3_HTTP_MALFORMED_FRAME + NGHTTP3_FRAME_GOAWAY; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - NGHTTP3_FRAME_MAX_PUSH_ID: + return NGHTTP3_HTTP_MALFORMED_FRAME + NGHTTP3_FRAME_MAX_PUSH_ID; + case NGHTTP3_ERR_HTTP_MALFORMED_FRAME - NGHTTP3_FRAME_DUPLICATE_PUSH: + return NGHTTP3_HTTP_MALFORMED_FRAME + NGHTTP3_FRAME_DUPLICATE_PUSH; + case NGHTTP3_ERR_HTTP_MISSING_SETTINGS: + return NGHTTP3_HTTP_MISSING_SETTINGS; + case NGHTTP3_ERR_HTTP_WRONG_STREAM: + return NGHTTP3_HTTP_WRONG_STREAM; + case NGHTTP3_ERR_HTTP_INTERNAL_ERROR: + return NGHTTP3_HTTP_INTERNAL_ERROR; + case NGHTTP3_ERR_HTTP_CLOSED_CRITICAL_STREAM: + return NGHTTP3_HTTP_CLOSED_CRITICAL_STREAM; + case NGHTTP3_ERR_HTTP_GENERAL_PROTOCOL_ERROR: + return NGHTTP3_HTTP_GENERAL_PROTOCOL_ERROR; + case NGHTTP3_ERR_HTTP_ID_ERROR: + return NGHTTP3_HTTP_ID_ERROR; + case NGHTTP3_ERR_HTTP_SETTINGS_ERROR: + return NGHTTP3_HTTP_SETTINGS_ERROR; + case NGHTTP3_ERR_HTTP_STREAM_CREATION_ERROR: + return NGHTTP3_HTTP_STREAM_CREATION_ERROR; + default: + if (NGHTTP3_ERR_HTTP_MALFORMED_FRAME >= liberr && + liberr > NGHTTP3_ERR_HTTP_MALFORMED_FRAME - 256) { + return (uint64_t)(NGHTTP3_HTTP_MALFORMED_FRAME + + (NGHTTP3_ERR_HTTP_MALFORMED_FRAME - liberr)); + } + return NGHTTP3_HTTP_GENERAL_PROTOCOL_ERROR; + } +} diff --git a/deps/nghttp3/lib/nghttp3_err.h b/deps/nghttp3/lib/nghttp3_err.h new file mode 100644 index 0000000000..cf3762a692 --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_err.h @@ -0,0 +1,36 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGHTTP3_ERR_H +#define NGHTTP3_ERR_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +int nghttp3_err_malformed_frame(int64_t type); + +#endif /* NGHTTP3_ERR_H */ diff --git a/deps/nghttp3/lib/nghttp3_frame.c b/deps/nghttp3/lib/nghttp3_frame.c new file mode 100644 index 0000000000..7dbc9cab3a --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_frame.c @@ -0,0 +1,243 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2013 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "nghttp3_frame.h" + +#include + +#include "nghttp3_conv.h" +#include "nghttp3_str.h" + +uint8_t *nghttp3_frame_write_hd(uint8_t *p, const nghttp3_frame_hd *hd) { + p = nghttp3_put_varint(p, hd->type); + p = nghttp3_put_varint(p, hd->length); + return p; +} + +size_t nghttp3_frame_write_hd_len(const nghttp3_frame_hd *hd) { + return nghttp3_put_varint_len(hd->type) + nghttp3_put_varint_len(hd->length); +} + +uint8_t *nghttp3_frame_write_settings(uint8_t *p, + const nghttp3_frame_settings *fr) { + size_t i; + + p = nghttp3_frame_write_hd(p, &fr->hd); + + for (i = 0; i < fr->niv; ++i) { + p = nghttp3_put_varint(p, (int64_t)fr->iv[i].id); + p = nghttp3_put_varint(p, (int64_t)fr->iv[i].value); + } + + return p; +} + +size_t nghttp3_frame_write_settings_len(int64_t *ppayloadlen, + const nghttp3_frame_settings *fr) { + size_t payloadlen = 0; + size_t i; + + for (i = 0; i < fr->niv; ++i) { + payloadlen += nghttp3_put_varint_len((int64_t)fr->iv[i].id) + + nghttp3_put_varint_len((int64_t)fr->iv[i].value); + } + + *ppayloadlen = (int64_t)payloadlen; + + return nghttp3_put_varint_len(NGHTTP3_FRAME_SETTINGS) + + nghttp3_put_varint_len((int64_t)payloadlen) + payloadlen; +} + +uint8_t *nghttp3_frame_write_priority(uint8_t *p, + const nghttp3_frame_priority *fr) { + p = nghttp3_frame_write_hd(p, &fr->hd); + + *p++ = (uint8_t)((fr->pt << 6) | (fr->dt << 4) | + (uint8_t)((fr->exclusive & 0x1) << 3)); + p = nghttp3_put_varint(p, fr->pri_elem_id); + if (fr->dt != NGHTTP3_ELEM_DEP_TYPE_ROOT) { + p = nghttp3_put_varint(p, fr->elem_dep_id); + } + *p++ = (uint8_t)(fr->weight - 1); + + return p; +} + +size_t nghttp3_frame_write_priority_len(int64_t *ppayloadlen, + const nghttp3_frame_priority *fr) { + size_t payloadlen = 2 + nghttp3_put_varint_len(fr->pri_elem_id); + + switch (fr->dt) { + case NGHTTP3_ELEM_DEP_TYPE_REQUEST: + case NGHTTP3_ELEM_DEP_TYPE_PUSH: + case NGHTTP3_ELEM_DEP_TYPE_PLACEHOLDER: + payloadlen += nghttp3_put_varint_len(fr->elem_dep_id); + break; + case NGHTTP3_ELEM_DEP_TYPE_ROOT: + break; + } + + *ppayloadlen = (int64_t)payloadlen; + + return nghttp3_put_varint_len(NGHTTP3_FRAME_PRIORITY) + + nghttp3_put_varint_len((int64_t)payloadlen) + payloadlen; +} + +uint8_t *nghttp3_frame_write_cancel_push(uint8_t *p, + const nghttp3_frame_cancel_push *fr) { + p = nghttp3_frame_write_hd(p, &fr->hd); + p = nghttp3_put_varint(p, fr->push_id); + + return p; +} + +size_t +nghttp3_frame_write_cancel_push_len(int64_t *ppayloadlen, + const nghttp3_frame_cancel_push *fr) { + size_t payloadlen = nghttp3_put_varint_len(fr->push_id); + + *ppayloadlen = (int64_t)payloadlen; + + return nghttp3_put_varint_len(NGHTTP3_FRAME_CANCEL_PUSH) + + nghttp3_put_varint_len((int64_t)payloadlen) + payloadlen; +} + +uint8_t *nghttp3_frame_write_max_push_id(uint8_t *p, + const nghttp3_frame_max_push_id *fr) { + p = nghttp3_frame_write_hd(p, &fr->hd); + p = nghttp3_put_varint(p, fr->push_id); + + return p; +} + +size_t +nghttp3_frame_write_max_push_id_len(int64_t *ppayloadlen, + const nghttp3_frame_max_push_id *fr) { + size_t payloadlen = nghttp3_put_varint_len(fr->push_id); + + *ppayloadlen = (int64_t)payloadlen; + + return nghttp3_put_varint_len(NGHTTP3_FRAME_MAX_PUSH_ID) + + nghttp3_put_varint_len((int64_t)payloadlen) + payloadlen; +} + +int nghttp3_nva_copy(nghttp3_nv **pnva, const nghttp3_nv *nva, size_t nvlen, + const nghttp3_mem *mem) { + size_t i; + uint8_t *data = NULL; + size_t buflen = 0; + nghttp3_nv *p; + + if (nvlen == 0) { + *pnva = NULL; + + return 0; + } + + for (i = 0; i < nvlen; ++i) { + /* + 1 for null-termination */ + if ((nva[i].flags & NGHTTP3_NV_FLAG_NO_COPY_NAME) == 0) { + buflen += nva[i].namelen + 1; + } + if ((nva[i].flags & NGHTTP3_NV_FLAG_NO_COPY_VALUE) == 0) { + buflen += nva[i].valuelen + 1; + } + } + + buflen += sizeof(nghttp3_nv) * nvlen; + + *pnva = nghttp3_mem_malloc(mem, buflen); + + if (*pnva == NULL) { + return NGHTTP3_ERR_NOMEM; + } + + p = *pnva; + data = (uint8_t *)(*pnva) + sizeof(nghttp3_nv) * nvlen; + + for (i = 0; i < nvlen; ++i) { + p->flags = nva[i].flags; + + if (nva[i].flags & NGHTTP3_NV_FLAG_NO_COPY_NAME) { + p->name = nva[i].name; + p->namelen = nva[i].namelen; + } else { + if (nva[i].namelen) { + memcpy(data, nva[i].name, nva[i].namelen); + } + p->name = data; + p->namelen = nva[i].namelen; + data[p->namelen] = '\0'; + nghttp3_downcase(p->name, p->namelen); + data += nva[i].namelen + 1; + } + + if (nva[i].flags & NGHTTP3_NV_FLAG_NO_COPY_VALUE) { + p->value = nva[i].value; + p->valuelen = nva[i].valuelen; + } else { + if (nva[i].valuelen) { + memcpy(data, nva[i].value, nva[i].valuelen); + } + p->value = data; + p->valuelen = nva[i].valuelen; + data[p->valuelen] = '\0'; + data += nva[i].valuelen + 1; + } + + ++p; + } + return 0; +} + +void nghttp3_nva_del(nghttp3_nv *nva, const nghttp3_mem *mem) { + nghttp3_mem_free(mem, nva); +} + +void nghttp3_frame_headers_free(nghttp3_frame_headers *fr, + const nghttp3_mem *mem) { + if (fr == NULL) { + return; + } + + nghttp3_nva_del(fr->nva, mem); +} + +void nghttp3_frame_push_promise_free(nghttp3_frame_push_promise *fr, + const nghttp3_mem *mem) { + if (fr == NULL) { + return; + } + + nghttp3_nva_del(fr->nva, mem); +} + +nghttp3_pri_elem_type nghttp3_frame_pri_elem_type(uint8_t c) { return c >> 6; } + +nghttp3_elem_dep_type nghttp3_frame_elem_dep_type(uint8_t c) { + return (c >> 4) & 0x3; +} + +uint8_t nghttp3_frame_pri_exclusive(uint8_t c) { return (c & 0x8) != 0; } diff --git a/deps/nghttp3/lib/nghttp3_frame.h b/deps/nghttp3/lib/nghttp3_frame.h new file mode 100644 index 0000000000..e2bd7ac936 --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_frame.h @@ -0,0 +1,176 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2013 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGHTTP3_FRAME_H +#define NGHTTP3_FRAME_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include "nghttp3_buf.h" + +/* + * nghttp3_frame_write_hd writes frame header |hd| to |dest|. This + * function assumes that |dest| has enough space to write |hd|. + * + * This function returns |dest| plus the number of bytes written. + */ +uint8_t *nghttp3_frame_write_hd(uint8_t *dest, const nghttp3_frame_hd *hd); + +/* + * nghttp3_frame_write_hd_len returns the number of bytes required to + * write |hd|. hd->length must be set. + */ +size_t nghttp3_frame_write_hd_len(const nghttp3_frame_hd *hd); + +/* + * nghttp3_frame_write_settings writes SETTINGS frame |fr| to |dest|. + * This function assumes that |dest| has enough space to write |fr|. + * + * This function returns |dest| plus the number of bytes written. + */ +uint8_t *nghttp3_frame_write_settings(uint8_t *dest, + const nghttp3_frame_settings *fr); + +/* + * nghttp3_frame_write_settings_len returns the number of bytes + * required to write |fr|. fr->hd.length is ignored. This function + * stores payload length in |*ppayloadlen|. + */ +size_t nghttp3_frame_write_settings_len(int64_t *pppayloadlen, + const nghttp3_frame_settings *fr); + +/* + * nghttp3_frame_write_priority writes PRIORITY frame |fr| to |dest|. + * This function assumes that |dest| has enough space to write |fr|. + * + * This function returns |dest| plus the number of bytes written. + */ +uint8_t *nghttp3_frame_write_priority(uint8_t *dest, + const nghttp3_frame_priority *fr); + +/* + * nghttp3_frame_write_priority_len returns the number of bytes + * required to write |fr|. fr->hd.length is ignored. This function + * stores payload length in |*ppayloadlen|. + */ +size_t nghttp3_frame_write_priority_len(int64_t *ppayloadlen, + const nghttp3_frame_priority *fr); + +/* + * nghttp3_frame_write_cancel_push writes CANCEL_PUSH frame |fr| to + * |dest|. This function assumes that |dest| has enough space to + * write |fr|. + * + * This function returns |dest| plus the number of bytes written. + */ +uint8_t *nghttp3_frame_write_cancel_push(uint8_t *dest, + const nghttp3_frame_cancel_push *fr); + +/* + * nghttp3_frame_write_cancel_push_len returns the number of bytes + * required to write |fr|. fr->hd.length is ignored. This function + * stores payload length in |*ppayloadlen|. + */ +size_t nghttp3_frame_write_cancel_push_len(int64_t *ppayloadlen, + const nghttp3_frame_cancel_push *fr); + +/* + * nghttp3_frame_write_max_push_id writes MAX_PUSH_ID frame |fr| to + * |dest|. This function assumes that |dest| has enough space to + * write |fr|. + * + * This function returns |dest| plus the number of bytes written. + */ +uint8_t *nghttp3_frame_write_max_push_id(uint8_t *dest, + const nghttp3_frame_max_push_id *fr); + +/* + * nghttp3_frame_write_max_push_id_len returns the number of bytes + * required to write |fr|. fr->hd.length is ignored. This function + * stores payload length in |*ppayloadlen|. + */ +size_t nghttp3_frame_write_max_push_id_len(int64_t *ppayloadlen, + const nghttp3_frame_max_push_id *fr); + +/* + * nghttp3_nva_copy copies name/value pairs from |nva|, which contains + * |nvlen| pairs, to |*nva_ptr|, which is dynamically allocated so + * that all items can be stored. The resultant name and value in + * nghttp2_nv are guaranteed to be NULL-terminated even if the input + * is not null-terminated. + * + * The |*pnva| must be freed using nghttp3_nva_del(). + * + * This function returns 0 if it succeeds or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +int nghttp3_nva_copy(nghttp3_nv **pnva, const nghttp3_nv *nva, size_t nvlen, + const nghttp3_mem *mem); + +/* + * nghttp3_nva_del frees |nva|. + */ +void nghttp3_nva_del(nghttp3_nv *nva, const nghttp3_mem *mem); + +/* + * nghttp3_frame_headers_free frees memory allocated for |fr|. It + * assumes that fr->nva is created by nghttp3_nva_copy() or NULL. + */ +void nghttp3_frame_headers_free(nghttp3_frame_headers *fr, + const nghttp3_mem *mem); + +/* + * nghttp3_frame_push_promise_free frees memory allocated for |fr|. + * It assumes that fr->nva is created by nghttp3_nva_copy() or NULL. + */ +void nghttp3_frame_push_promise_free(nghttp3_frame_push_promise *fr, + const nghttp3_mem *mem); + +/* + * nghttp3_frame_pri_elem_type returns Prioritized Element Type from + * the first byte |c| of PRIORITY frame. + */ +nghttp3_pri_elem_type nghttp3_frame_pri_elem_type(uint8_t c); + +/* + * nghttp3_frame_elem_dep_type returns Element Dependency Type from + * the first byte |c| of PRIORITY frame. + */ +nghttp3_elem_dep_type nghttp3_frame_elem_dep_type(uint8_t c); + +/* + * nghttp3_frame_pri_exclusive returns exclusive bit from the first + * byte |c| of PRIORITY frame. + */ +uint8_t nghttp3_frame_pri_exclusive(uint8_t c); + +#endif /* NGHTTP3_FRAME_H */ diff --git a/deps/nghttp3/lib/nghttp3_gaptr.c b/deps/nghttp3/lib/nghttp3_gaptr.c new file mode 100644 index 0000000000..7057cfde2c --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_gaptr.c @@ -0,0 +1,131 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "nghttp3_gaptr.h" + +#include +#include + +#include "nghttp3_macro.h" + +int nghttp3_gaptr_init(nghttp3_gaptr *gaptr, const nghttp3_mem *mem) { + int rv; + nghttp3_range range = {0, UINT64_MAX}; + nghttp3_ksl_key key; + + rv = nghttp3_ksl_init(&gaptr->gap, nghttp3_ksl_range_compar, + sizeof(nghttp3_range), mem); + if (rv != 0) { + return rv; + } + + rv = nghttp3_ksl_insert(&gaptr->gap, NULL, nghttp3_ksl_key_ptr(&key, &range), + NULL); + if (rv != 0) { + nghttp3_ksl_free(&gaptr->gap); + return rv; + } + + gaptr->mem = mem; + + return 0; +} + +void nghttp3_gaptr_free(nghttp3_gaptr *gaptr) { + if (gaptr == NULL) { + return; + } + + nghttp3_ksl_free(&gaptr->gap); +} + +int nghttp3_gaptr_push(nghttp3_gaptr *gaptr, uint64_t offset, size_t datalen) { + int rv; + nghttp3_range k, m, l, r, q = {offset, offset + datalen}; + nghttp3_ksl_it it; + nghttp3_ksl_key key, old_key; + + it = + nghttp3_ksl_lower_bound_compar(&gaptr->gap, nghttp3_ksl_key_ptr(&key, &q), + nghttp3_ksl_range_exclusive_compar); + + for (; !nghttp3_ksl_it_end(&it);) { + k = *(nghttp3_range *)nghttp3_ksl_it_key(&it).ptr; + m = nghttp3_range_intersect(&q, &k); + if (!nghttp3_range_len(&m)) { + break; + } + + if (nghttp3_range_eq(&k, &m)) { + nghttp3_ksl_remove(&gaptr->gap, &it, nghttp3_ksl_key_ptr(&key, &k)); + continue; + } + nghttp3_range_cut(&l, &r, &k, &m); + if (nghttp3_range_len(&l)) { + nghttp3_ksl_update_key(&gaptr->gap, nghttp3_ksl_key_ptr(&old_key, &k), + nghttp3_ksl_key_ptr(&key, &l)); + + if (nghttp3_range_len(&r)) { + rv = nghttp3_ksl_insert(&gaptr->gap, &it, nghttp3_ksl_key_ptr(&key, &r), + NULL); + if (rv != 0) { + return rv; + } + } + } else if (nghttp3_range_len(&r)) { + nghttp3_ksl_update_key(&gaptr->gap, nghttp3_ksl_key_ptr(&old_key, &k), + nghttp3_ksl_key_ptr(&key, &r)); + } + nghttp3_ksl_it_next(&it); + } + return 0; +} + +uint64_t nghttp3_gaptr_first_gap_offset(nghttp3_gaptr *gaptr) { + nghttp3_ksl_it it = nghttp3_ksl_begin(&gaptr->gap); + nghttp3_range r = *(nghttp3_range *)nghttp3_ksl_it_key(&it).ptr; + return r.begin; +} + +nghttp3_ksl_it nghttp3_gaptr_get_first_gap_after(nghttp3_gaptr *gaptr, + uint64_t offset) { + nghttp3_range q = {offset, offset + 1}; + nghttp3_ksl_key key; + return nghttp3_ksl_lower_bound_compar(&gaptr->gap, + nghttp3_ksl_key_ptr(&key, &q), + nghttp3_ksl_range_exclusive_compar); +} + +int nghttp3_gaptr_is_pushed(nghttp3_gaptr *gaptr, uint64_t offset, + size_t datalen) { + nghttp3_ksl_key key; + nghttp3_range q = {offset, offset + datalen}; + nghttp3_ksl_it it = + nghttp3_ksl_lower_bound_compar(&gaptr->gap, nghttp3_ksl_key_ptr(&key, &q), + nghttp3_ksl_range_exclusive_compar); + nghttp3_range k = *(nghttp3_range *)nghttp3_ksl_it_key(&it).ptr; + nghttp3_range m = nghttp3_range_intersect(&q, &k); + return nghttp3_range_len(&m) == 0; +} diff --git a/deps/nghttp3/lib/nghttp3_gaptr.h b/deps/nghttp3/lib/nghttp3_gaptr.h new file mode 100644 index 0000000000..6972b40443 --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_gaptr.h @@ -0,0 +1,98 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGHTTP3_GAPTR_H +#define NGHTTP3_GAPTR_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include "nghttp3_mem.h" +#include "nghttp3_range.h" +#include "nghttp3_ksl.h" + +/* + * nghttp3_gaptr maintains the gap in the range [0, UINT64_MAX). + */ +typedef struct { + /* gap maintains the range of offset which is not received + yet. Initially, its range is [0, UINT64_MAX). */ + nghttp3_ksl gap; + /* mem is custom memory allocator */ + const nghttp3_mem *mem; +} nghttp3_gaptr; + +/* + * nghttp3_gaptr_init initializes |gaptr|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +int nghttp3_gaptr_init(nghttp3_gaptr *gaptr, const nghttp3_mem *mem); + +/* + * nghttp3_gaptr_free frees resources allocated for |gaptr|. + */ +void nghttp3_gaptr_free(nghttp3_gaptr *gaptr); + +/* + * nghttp3_gaptr_push adds new data of length |datalen| at the stream + * offset |offset|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory + */ +int nghttp3_gaptr_push(nghttp3_gaptr *gaptr, uint64_t offset, size_t datalen); + +/* + * nghttp3_gaptr_first_gap_offset returns the offset to the first gap. + * If there is no gap, it returns UINT64_MAX. + */ +uint64_t nghttp3_gaptr_first_gap_offset(nghttp3_gaptr *gaptr); + +/* + * nghttp3_gaptr_get_first_gap_after returns the iterator pointing to + * the first gap which overlaps or comes after |offset|. + */ +nghttp3_ksl_it nghttp3_gaptr_get_first_gap_after(nghttp3_gaptr *gaptr, + uint64_t offset); + +/* + * nghttp3_gaptr_is_pushed returns nonzero if range [offset, offset + + * datalen) is completely pushed into this object. + */ +int nghttp3_gaptr_is_pushed(nghttp3_gaptr *gaptr, uint64_t offset, + size_t datalen); + +#endif /* NGHTTP3_GAPTR_H */ diff --git a/deps/nghttp3/lib/nghttp3_http.c b/deps/nghttp3/lib/nghttp3_http.c new file mode 100644 index 0000000000..a2e1f69b50 --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_http.c @@ -0,0 +1,707 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2015 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "nghttp3_http.h" + +#include +#include + +#include "nghttp3_stream.h" +#include "nghttp3_macro.h" + +static uint8_t downcase(uint8_t c) { + return 'A' <= c && c <= 'Z' ? (uint8_t)(c - 'A' + 'a') : c; +} + +static int memieq(const void *a, const void *b, size_t n) { + size_t i; + const uint8_t *aa = a, *bb = b; + + for (i = 0; i < n; ++i) { + if (downcase(aa[i]) != downcase(bb[i])) { + return 0; + } + } + return 1; +} + +#define lstrieq(A, B, N) ((sizeof((A)) - 1) == (N) && memieq((A), (B), (N))) + +static int64_t parse_uint(const uint8_t *s, size_t len) { + int64_t n = 0; + size_t i; + if (len == 0) { + return -1; + } + for (i = 0; i < len; ++i) { + if ('0' <= s[i] && s[i] <= '9') { + if (n > INT64_MAX / 10) { + return -1; + } + n *= 10; + if (n > INT64_MAX - (s[i] - '0')) { + return -1; + } + n += s[i] - '0'; + continue; + } + return -1; + } + return n; +} + +static int lws(const uint8_t *s, size_t n) { + size_t i; + for (i = 0; i < n; ++i) { + if (s[i] != ' ' && s[i] != '\t') { + return 0; + } + } + return 1; +} + +static int check_pseudo_header(nghttp3_http_state *http, + const nghttp3_qpack_nv *nv, int flag) { + if (http->flags & flag) { + return 0; + } + if (lws(nv->value->base, nv->value->len)) { + return 0; + } + http->flags = (uint16_t)(http->flags | flag); + return 1; +} + +static int expect_response_body(nghttp3_http_state *http) { + return (http->flags & NGHTTP3_HTTP_FLAG_METH_HEAD) == 0 && + http->status_code / 100 != 1 && http->status_code != 304 && + http->status_code != 204; +} + +/* For "http" or "https" URIs, OPTIONS request may have "*" in :path + header field to represent system-wide OPTIONS request. Otherwise, + :path header field value must start with "/". This function must + be called after ":method" header field was received. This function + returns nonzero if path is valid.*/ +static int check_path(nghttp3_http_state *http) { + return (http->flags & NGHTTP3_HTTP_FLAG_SCHEME_HTTP) == 0 || + ((http->flags & NGHTTP3_HTTP_FLAG_PATH_REGULAR) || + ((http->flags & NGHTTP3_HTTP_FLAG_METH_OPTIONS) && + (http->flags & NGHTTP3_HTTP_FLAG_PATH_ASTERISK))); +} + +static int http_request_on_header(nghttp3_http_state *http, int64_t frame_type, + nghttp3_qpack_nv *nv, int trailers, + int connect_protocol) { + if (nv->name->base[0] == ':') { + if (trailers || + (http->flags & NGHTTP3_HTTP_FLAG_PSEUDO_HEADER_DISALLOWED)) { + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + } + } + + switch (nv->token) { + case NGHTTP3_QPACK_TOKEN__AUTHORITY: + if (!check_pseudo_header(http, nv, NGHTTP3_HTTP_FLAG__AUTHORITY)) { + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + } + break; + case NGHTTP3_QPACK_TOKEN__METHOD: + if (!check_pseudo_header(http, nv, NGHTTP3_HTTP_FLAG__METHOD)) { + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + } + switch (nv->value->len) { + case 4: + if (lstreq("HEAD", nv->value->base, nv->value->len)) { + http->flags |= NGHTTP3_HTTP_FLAG_METH_HEAD; + } + break; + case 7: + switch (nv->value->base[6]) { + case 'T': + if (lstreq("CONNECT", nv->value->base, nv->value->len)) { + if (frame_type == NGHTTP3_FRAME_PUSH_PROMISE) { + /* we won't allow CONNECT for push */ + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + } + http->flags |= NGHTTP3_HTTP_FLAG_METH_CONNECT; + } + break; + case 'S': + if (lstreq("OPTIONS", nv->value->base, nv->value->len)) { + http->flags |= NGHTTP3_HTTP_FLAG_METH_OPTIONS; + } + break; + } + break; + } + break; + case NGHTTP3_QPACK_TOKEN__PATH: + if (!check_pseudo_header(http, nv, NGHTTP3_HTTP_FLAG__PATH)) { + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + } + if (nv->value->base[0] == '/') { + http->flags |= NGHTTP3_HTTP_FLAG_PATH_REGULAR; + } else if (nv->value->len == 1 && nv->value->base[0] == '*') { + http->flags |= NGHTTP3_HTTP_FLAG_PATH_ASTERISK; + } + break; + case NGHTTP3_QPACK_TOKEN__SCHEME: + if (!check_pseudo_header(http, nv, NGHTTP3_HTTP_FLAG__SCHEME)) { + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + } + if ((nv->value->len == 4 && memieq("http", nv->value->base, 4)) || + (nv->value->len == 5 && memieq("https", nv->value->base, 5))) { + http->flags |= NGHTTP3_HTTP_FLAG_SCHEME_HTTP; + } + break; + case NGHTTP3_QPACK_TOKEN__PROTOCOL: + if (!connect_protocol) { + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + } + + if (!check_pseudo_header(http, nv, NGHTTP3_HTTP_FLAG__PROTOCOL)) { + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + } + break; + case NGHTTP3_QPACK_TOKEN_HOST: + if (!check_pseudo_header(http, nv, NGHTTP3_HTTP_FLAG_HOST)) { + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + } + break; + case NGHTTP3_QPACK_TOKEN_CONTENT_LENGTH: { + if (http->content_length != -1) { + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + } + http->content_length = parse_uint(nv->value->base, nv->value->len); + if (http->content_length == -1) { + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + } + break; + } + /* disallowed header fields */ + case NGHTTP3_QPACK_TOKEN_CONNECTION: + case NGHTTP3_QPACK_TOKEN_KEEP_ALIVE: + case NGHTTP3_QPACK_TOKEN_PROXY_CONNECTION: + case NGHTTP3_QPACK_TOKEN_TRANSFER_ENCODING: + case NGHTTP3_QPACK_TOKEN_UPGRADE: + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + case NGHTTP3_QPACK_TOKEN_TE: + if (!lstrieq("trailers", nv->value->base, nv->value->len)) { + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + } + break; + default: + if (nv->name->base[0] == ':') { + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + } + } + + if (nv->name->base[0] != ':') { + http->flags |= NGHTTP3_HTTP_FLAG_PSEUDO_HEADER_DISALLOWED; + } + + return 0; +} + +static int http_response_on_header(nghttp3_http_state *http, + nghttp3_qpack_nv *nv, int trailers) { + if (nv->name->base[0] == ':') { + if (trailers || + (http->flags & NGHTTP3_HTTP_FLAG_PSEUDO_HEADER_DISALLOWED)) { + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + } + } + + switch (nv->token) { + case NGHTTP3_QPACK_TOKEN__STATUS: { + if (!check_pseudo_header(http, nv, NGHTTP3_HTTP_FLAG__STATUS)) { + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + } + if (nv->value->len != 3) { + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + } + http->status_code = (int16_t)parse_uint(nv->value->base, nv->value->len); + if (http->status_code < 100 || http->status_code == 101) { + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + } + break; + } + case NGHTTP3_QPACK_TOKEN_CONTENT_LENGTH: { + if (http->status_code == 204) { + /* content-length header field in 204 response is prohibited by + RFC 7230. But some widely used servers send content-length: + 0. Until they get fixed, we ignore it. */ + if (http->content_length != -1) { + /* Found multiple content-length field */ + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + } + if (!lstrieq("0", nv->value->base, nv->value->len)) { + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + } + http->content_length = 0; + return NGHTTP3_ERR_REMOVE_HTTP_HEADER; + } + if (http->status_code / 100 == 1) { + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + } + /* https://tools.ietf.org/html/rfc7230#section-3.3.3 */ + if (http->status_code / 100 == 2 && + (http->flags & NGHTTP3_HTTP_FLAG_METH_CONNECT)) { + return NGHTTP3_ERR_REMOVE_HTTP_HEADER; + } + if (http->content_length != -1) { + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + } + http->content_length = parse_uint(nv->value->base, nv->value->len); + if (http->content_length == -1) { + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + } + break; + } + /* disallowed header fields */ + case NGHTTP3_QPACK_TOKEN_CONNECTION: + case NGHTTP3_QPACK_TOKEN_KEEP_ALIVE: + case NGHTTP3_QPACK_TOKEN_PROXY_CONNECTION: + case NGHTTP3_QPACK_TOKEN_TRANSFER_ENCODING: + case NGHTTP3_QPACK_TOKEN_UPGRADE: + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + case NGHTTP3_QPACK_TOKEN_TE: + if (!lstrieq("trailers", nv->value->base, nv->value->len)) { + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + } + break; + default: + if (nv->name->base[0] == ':') { + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + } + } + + if (nv->name->base[0] != ':') { + http->flags |= NGHTTP3_HTTP_FLAG_PSEUDO_HEADER_DISALLOWED; + } + + return 0; +} + +/* Generated by genauthroitychartbl.py */ +static char VALID_AUTHORITY_CHARS[] = { + 0 /* NUL */, 0 /* SOH */, 0 /* STX */, 0 /* ETX */, + 0 /* EOT */, 0 /* ENQ */, 0 /* ACK */, 0 /* BEL */, + 0 /* BS */, 0 /* HT */, 0 /* LF */, 0 /* VT */, + 0 /* FF */, 0 /* CR */, 0 /* SO */, 0 /* SI */, + 0 /* DLE */, 0 /* DC1 */, 0 /* DC2 */, 0 /* DC3 */, + 0 /* DC4 */, 0 /* NAK */, 0 /* SYN */, 0 /* ETB */, + 0 /* CAN */, 0 /* EM */, 0 /* SUB */, 0 /* ESC */, + 0 /* FS */, 0 /* GS */, 0 /* RS */, 0 /* US */, + 0 /* SPC */, 1 /* ! */, 0 /* " */, 0 /* # */, + 1 /* $ */, 1 /* % */, 1 /* & */, 1 /* ' */, + 1 /* ( */, 1 /* ) */, 1 /* * */, 1 /* + */, + 1 /* , */, 1 /* - */, 1 /* . */, 0 /* / */, + 1 /* 0 */, 1 /* 1 */, 1 /* 2 */, 1 /* 3 */, + 1 /* 4 */, 1 /* 5 */, 1 /* 6 */, 1 /* 7 */, + 1 /* 8 */, 1 /* 9 */, 1 /* : */, 1 /* ; */, + 0 /* < */, 1 /* = */, 0 /* > */, 0 /* ? */, + 1 /* @ */, 1 /* A */, 1 /* B */, 1 /* C */, + 1 /* D */, 1 /* E */, 1 /* F */, 1 /* G */, + 1 /* H */, 1 /* I */, 1 /* J */, 1 /* K */, + 1 /* L */, 1 /* M */, 1 /* N */, 1 /* O */, + 1 /* P */, 1 /* Q */, 1 /* R */, 1 /* S */, + 1 /* T */, 1 /* U */, 1 /* V */, 1 /* W */, + 1 /* X */, 1 /* Y */, 1 /* Z */, 1 /* [ */, + 0 /* \ */, 1 /* ] */, 0 /* ^ */, 1 /* _ */, + 0 /* ` */, 1 /* a */, 1 /* b */, 1 /* c */, + 1 /* d */, 1 /* e */, 1 /* f */, 1 /* g */, + 1 /* h */, 1 /* i */, 1 /* j */, 1 /* k */, + 1 /* l */, 1 /* m */, 1 /* n */, 1 /* o */, + 1 /* p */, 1 /* q */, 1 /* r */, 1 /* s */, + 1 /* t */, 1 /* u */, 1 /* v */, 1 /* w */, + 1 /* x */, 1 /* y */, 1 /* z */, 0 /* { */, + 0 /* | */, 0 /* } */, 1 /* ~ */, 0 /* DEL */, + 0 /* 0x80 */, 0 /* 0x81 */, 0 /* 0x82 */, 0 /* 0x83 */, + 0 /* 0x84 */, 0 /* 0x85 */, 0 /* 0x86 */, 0 /* 0x87 */, + 0 /* 0x88 */, 0 /* 0x89 */, 0 /* 0x8a */, 0 /* 0x8b */, + 0 /* 0x8c */, 0 /* 0x8d */, 0 /* 0x8e */, 0 /* 0x8f */, + 0 /* 0x90 */, 0 /* 0x91 */, 0 /* 0x92 */, 0 /* 0x93 */, + 0 /* 0x94 */, 0 /* 0x95 */, 0 /* 0x96 */, 0 /* 0x97 */, + 0 /* 0x98 */, 0 /* 0x99 */, 0 /* 0x9a */, 0 /* 0x9b */, + 0 /* 0x9c */, 0 /* 0x9d */, 0 /* 0x9e */, 0 /* 0x9f */, + 0 /* 0xa0 */, 0 /* 0xa1 */, 0 /* 0xa2 */, 0 /* 0xa3 */, + 0 /* 0xa4 */, 0 /* 0xa5 */, 0 /* 0xa6 */, 0 /* 0xa7 */, + 0 /* 0xa8 */, 0 /* 0xa9 */, 0 /* 0xaa */, 0 /* 0xab */, + 0 /* 0xac */, 0 /* 0xad */, 0 /* 0xae */, 0 /* 0xaf */, + 0 /* 0xb0 */, 0 /* 0xb1 */, 0 /* 0xb2 */, 0 /* 0xb3 */, + 0 /* 0xb4 */, 0 /* 0xb5 */, 0 /* 0xb6 */, 0 /* 0xb7 */, + 0 /* 0xb8 */, 0 /* 0xb9 */, 0 /* 0xba */, 0 /* 0xbb */, + 0 /* 0xbc */, 0 /* 0xbd */, 0 /* 0xbe */, 0 /* 0xbf */, + 0 /* 0xc0 */, 0 /* 0xc1 */, 0 /* 0xc2 */, 0 /* 0xc3 */, + 0 /* 0xc4 */, 0 /* 0xc5 */, 0 /* 0xc6 */, 0 /* 0xc7 */, + 0 /* 0xc8 */, 0 /* 0xc9 */, 0 /* 0xca */, 0 /* 0xcb */, + 0 /* 0xcc */, 0 /* 0xcd */, 0 /* 0xce */, 0 /* 0xcf */, + 0 /* 0xd0 */, 0 /* 0xd1 */, 0 /* 0xd2 */, 0 /* 0xd3 */, + 0 /* 0xd4 */, 0 /* 0xd5 */, 0 /* 0xd6 */, 0 /* 0xd7 */, + 0 /* 0xd8 */, 0 /* 0xd9 */, 0 /* 0xda */, 0 /* 0xdb */, + 0 /* 0xdc */, 0 /* 0xdd */, 0 /* 0xde */, 0 /* 0xdf */, + 0 /* 0xe0 */, 0 /* 0xe1 */, 0 /* 0xe2 */, 0 /* 0xe3 */, + 0 /* 0xe4 */, 0 /* 0xe5 */, 0 /* 0xe6 */, 0 /* 0xe7 */, + 0 /* 0xe8 */, 0 /* 0xe9 */, 0 /* 0xea */, 0 /* 0xeb */, + 0 /* 0xec */, 0 /* 0xed */, 0 /* 0xee */, 0 /* 0xef */, + 0 /* 0xf0 */, 0 /* 0xf1 */, 0 /* 0xf2 */, 0 /* 0xf3 */, + 0 /* 0xf4 */, 0 /* 0xf5 */, 0 /* 0xf6 */, 0 /* 0xf7 */, + 0 /* 0xf8 */, 0 /* 0xf9 */, 0 /* 0xfa */, 0 /* 0xfb */, + 0 /* 0xfc */, 0 /* 0xfd */, 0 /* 0xfe */, 0 /* 0xff */ +}; + +static int check_authority(const uint8_t *value, size_t len) { + const uint8_t *last; + for (last = value + len; value != last; ++value) { + if (!VALID_AUTHORITY_CHARS[*value]) { + return 0; + } + } + return 1; +} + +static int check_scheme(const uint8_t *value, size_t len) { + const uint8_t *last; + if (len == 0) { + return 0; + } + + if (!(('A' <= *value && *value <= 'Z') || ('a' <= *value && *value <= 'z'))) { + return 0; + } + + last = value + len; + ++value; + + for (; value != last; ++value) { + if (!(('A' <= *value && *value <= 'Z') || + ('a' <= *value && *value <= 'z') || + ('0' <= *value && *value <= '9') || *value == '+' || *value == '-' || + *value == '.')) { + return 0; + } + } + return 1; +} + +int nghttp3_http_on_header(nghttp3_http_state *http, int64_t frame_type, + nghttp3_qpack_nv *nv, int request, int trailers) { + int rv; + + if (!nghttp3_check_header_name(nv->name->base, nv->name->len)) { + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + } + + if (nv->token == NGHTTP3_QPACK_TOKEN__AUTHORITY || + nv->token == NGHTTP3_QPACK_TOKEN_HOST) { + rv = check_authority(nv->value->base, nv->value->len); + } else if (nv->token == NGHTTP3_QPACK_TOKEN__SCHEME) { + rv = check_scheme(nv->value->base, nv->value->len); + } else { + rv = nghttp3_check_header_value(nv->value->base, nv->value->len); + } + + if (rv == 0) { + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + } + + if (request) { + return http_request_on_header(http, frame_type, nv, trailers, + /* connect_protocol = */ 0); + } + + return http_response_on_header(http, nv, trailers); +} + +int nghttp3_http_on_request_headers(nghttp3_http_state *http) { + if (!(http->flags & NGHTTP3_HTTP_FLAG__PROTOCOL) && + (http->flags & NGHTTP3_HTTP_FLAG_METH_CONNECT)) { + if ((http->flags & (NGHTTP3_HTTP_FLAG__SCHEME | NGHTTP3_HTTP_FLAG__PATH)) || + (http->flags & NGHTTP3_HTTP_FLAG__AUTHORITY) == 0) { + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + } + http->content_length = -1; + } else { + if ((http->flags & NGHTTP3_HTTP_FLAG_REQ_HEADERS) != + NGHTTP3_HTTP_FLAG_REQ_HEADERS || + (http->flags & + (NGHTTP3_HTTP_FLAG__AUTHORITY | NGHTTP3_HTTP_FLAG_HOST)) == 0) { + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + } + if ((http->flags & NGHTTP3_HTTP_FLAG__PROTOCOL) && + ((http->flags & NGHTTP3_HTTP_FLAG_METH_CONNECT) == 0 || + (http->flags & NGHTTP3_HTTP_FLAG__AUTHORITY) == 0)) { + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + } + if (!check_path(http)) { + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + } + } + + return 0; +} + +int nghttp3_http_on_response_headers(nghttp3_http_state *http) { + if ((http->flags & NGHTTP3_HTTP_FLAG__STATUS) == 0) { + return NGHTTP3_ERR_MALFORMED_HTTP_HEADER; + } + + if (http->status_code / 100 == 1) { + /* non-final response */ + http->flags = (uint16_t)((http->flags & NGHTTP3_HTTP_FLAG_METH_ALL) | + NGHTTP3_HTTP_FLAG_EXPECT_FINAL_RESPONSE); + http->content_length = -1; + http->status_code = -1; + return 0; + } + + http->flags = + (uint16_t)(http->flags & ~NGHTTP3_HTTP_FLAG_EXPECT_FINAL_RESPONSE); + + if (!expect_response_body(http)) { + http->content_length = 0; + } else if (http->flags & NGHTTP3_HTTP_FLAG_METH_CONNECT) { + http->content_length = -1; + } + + return 0; +} + +int nghttp3_http_on_remote_end_stream(nghttp3_stream *stream) { + if (stream->flags & NGHTTP3_STREAM_FLAG_RESET) { + return 0; + } + if ((stream->rx.http.flags & NGHTTP3_HTTP_FLAG_EXPECT_FINAL_RESPONSE) || + (stream->rx.http.content_length != -1 && + stream->rx.http.content_length != stream->rx.http.recv_content_length)) { + return NGHTTP3_ERR_MALFORMED_HTTP_MESSAGING; + } + + return 0; +} + +int nghttp3_http_on_data_chunk(nghttp3_stream *stream, size_t n) { + stream->rx.http.recv_content_length += (int64_t)n; + + if ((stream->rx.http.flags & NGHTTP3_HTTP_FLAG_EXPECT_FINAL_RESPONSE) || + (stream->rx.http.content_length != -1 && + stream->rx.http.recv_content_length > stream->rx.http.content_length)) { + return NGHTTP3_ERR_MALFORMED_HTTP_MESSAGING; + } + + return 0; +} + +void nghttp3_http_record_request_method(nghttp3_stream *stream, + const nghttp3_nv *nva, size_t nvlen) { + size_t i; + const nghttp3_nv *nv; + + /* TODO we should do this strictly. */ + for (i = 0; i < nvlen; ++i) { + nv = &nva[i]; + if (!(nv->namelen == 7 && nv->name[6] == 'd' && + memcmp(":metho", nv->name, nv->namelen - 1) == 0)) { + continue; + } + if (lstreq("CONNECT", nv->value, nv->valuelen)) { + stream->rx.http.flags |= NGHTTP3_HTTP_FLAG_METH_CONNECT; + return; + } + if (lstreq("HEAD", nv->value, nv->valuelen)) { + stream->rx.http.flags |= NGHTTP3_HTTP_FLAG_METH_HEAD; + return; + } + return; + } +} + +/* Generated by gennmchartbl.py */ +static const int VALID_HD_NAME_CHARS[] = { + 0 /* NUL */, 0 /* SOH */, 0 /* STX */, 0 /* ETX */, + 0 /* EOT */, 0 /* ENQ */, 0 /* ACK */, 0 /* BEL */, + 0 /* BS */, 0 /* HT */, 0 /* LF */, 0 /* VT */, + 0 /* FF */, 0 /* CR */, 0 /* SO */, 0 /* SI */, + 0 /* DLE */, 0 /* DC1 */, 0 /* DC2 */, 0 /* DC3 */, + 0 /* DC4 */, 0 /* NAK */, 0 /* SYN */, 0 /* ETB */, + 0 /* CAN */, 0 /* EM */, 0 /* SUB */, 0 /* ESC */, + 0 /* FS */, 0 /* GS */, 0 /* RS */, 0 /* US */, + 0 /* SPC */, 1 /* ! */, 0 /* " */, 1 /* # */, + 1 /* $ */, 1 /* % */, 1 /* & */, 1 /* ' */, + 0 /* ( */, 0 /* ) */, 1 /* * */, 1 /* + */, + 0 /* , */, 1 /* - */, 1 /* . */, 0 /* / */, + 1 /* 0 */, 1 /* 1 */, 1 /* 2 */, 1 /* 3 */, + 1 /* 4 */, 1 /* 5 */, 1 /* 6 */, 1 /* 7 */, + 1 /* 8 */, 1 /* 9 */, 0 /* : */, 0 /* ; */, + 0 /* < */, 0 /* = */, 0 /* > */, 0 /* ? */, + 0 /* @ */, 0 /* A */, 0 /* B */, 0 /* C */, + 0 /* D */, 0 /* E */, 0 /* F */, 0 /* G */, + 0 /* H */, 0 /* I */, 0 /* J */, 0 /* K */, + 0 /* L */, 0 /* M */, 0 /* N */, 0 /* O */, + 0 /* P */, 0 /* Q */, 0 /* R */, 0 /* S */, + 0 /* T */, 0 /* U */, 0 /* V */, 0 /* W */, + 0 /* X */, 0 /* Y */, 0 /* Z */, 0 /* [ */, + 0 /* \ */, 0 /* ] */, 1 /* ^ */, 1 /* _ */, + 1 /* ` */, 1 /* a */, 1 /* b */, 1 /* c */, + 1 /* d */, 1 /* e */, 1 /* f */, 1 /* g */, + 1 /* h */, 1 /* i */, 1 /* j */, 1 /* k */, + 1 /* l */, 1 /* m */, 1 /* n */, 1 /* o */, + 1 /* p */, 1 /* q */, 1 /* r */, 1 /* s */, + 1 /* t */, 1 /* u */, 1 /* v */, 1 /* w */, + 1 /* x */, 1 /* y */, 1 /* z */, 0 /* { */, + 1 /* | */, 0 /* } */, 1 /* ~ */, 0 /* DEL */, + 0 /* 0x80 */, 0 /* 0x81 */, 0 /* 0x82 */, 0 /* 0x83 */, + 0 /* 0x84 */, 0 /* 0x85 */, 0 /* 0x86 */, 0 /* 0x87 */, + 0 /* 0x88 */, 0 /* 0x89 */, 0 /* 0x8a */, 0 /* 0x8b */, + 0 /* 0x8c */, 0 /* 0x8d */, 0 /* 0x8e */, 0 /* 0x8f */, + 0 /* 0x90 */, 0 /* 0x91 */, 0 /* 0x92 */, 0 /* 0x93 */, + 0 /* 0x94 */, 0 /* 0x95 */, 0 /* 0x96 */, 0 /* 0x97 */, + 0 /* 0x98 */, 0 /* 0x99 */, 0 /* 0x9a */, 0 /* 0x9b */, + 0 /* 0x9c */, 0 /* 0x9d */, 0 /* 0x9e */, 0 /* 0x9f */, + 0 /* 0xa0 */, 0 /* 0xa1 */, 0 /* 0xa2 */, 0 /* 0xa3 */, + 0 /* 0xa4 */, 0 /* 0xa5 */, 0 /* 0xa6 */, 0 /* 0xa7 */, + 0 /* 0xa8 */, 0 /* 0xa9 */, 0 /* 0xaa */, 0 /* 0xab */, + 0 /* 0xac */, 0 /* 0xad */, 0 /* 0xae */, 0 /* 0xaf */, + 0 /* 0xb0 */, 0 /* 0xb1 */, 0 /* 0xb2 */, 0 /* 0xb3 */, + 0 /* 0xb4 */, 0 /* 0xb5 */, 0 /* 0xb6 */, 0 /* 0xb7 */, + 0 /* 0xb8 */, 0 /* 0xb9 */, 0 /* 0xba */, 0 /* 0xbb */, + 0 /* 0xbc */, 0 /* 0xbd */, 0 /* 0xbe */, 0 /* 0xbf */, + 0 /* 0xc0 */, 0 /* 0xc1 */, 0 /* 0xc2 */, 0 /* 0xc3 */, + 0 /* 0xc4 */, 0 /* 0xc5 */, 0 /* 0xc6 */, 0 /* 0xc7 */, + 0 /* 0xc8 */, 0 /* 0xc9 */, 0 /* 0xca */, 0 /* 0xcb */, + 0 /* 0xcc */, 0 /* 0xcd */, 0 /* 0xce */, 0 /* 0xcf */, + 0 /* 0xd0 */, 0 /* 0xd1 */, 0 /* 0xd2 */, 0 /* 0xd3 */, + 0 /* 0xd4 */, 0 /* 0xd5 */, 0 /* 0xd6 */, 0 /* 0xd7 */, + 0 /* 0xd8 */, 0 /* 0xd9 */, 0 /* 0xda */, 0 /* 0xdb */, + 0 /* 0xdc */, 0 /* 0xdd */, 0 /* 0xde */, 0 /* 0xdf */, + 0 /* 0xe0 */, 0 /* 0xe1 */, 0 /* 0xe2 */, 0 /* 0xe3 */, + 0 /* 0xe4 */, 0 /* 0xe5 */, 0 /* 0xe6 */, 0 /* 0xe7 */, + 0 /* 0xe8 */, 0 /* 0xe9 */, 0 /* 0xea */, 0 /* 0xeb */, + 0 /* 0xec */, 0 /* 0xed */, 0 /* 0xee */, 0 /* 0xef */, + 0 /* 0xf0 */, 0 /* 0xf1 */, 0 /* 0xf2 */, 0 /* 0xf3 */, + 0 /* 0xf4 */, 0 /* 0xf5 */, 0 /* 0xf6 */, 0 /* 0xf7 */, + 0 /* 0xf8 */, 0 /* 0xf9 */, 0 /* 0xfa */, 0 /* 0xfb */, + 0 /* 0xfc */, 0 /* 0xfd */, 0 /* 0xfe */, 0 /* 0xff */ +}; + +int nghttp3_check_header_name(const uint8_t *name, size_t len) { + const uint8_t *last; + if (len == 0) { + return 0; + } + if (*name == ':') { + if (len == 1) { + return 0; + } + ++name; + --len; + } + for (last = name + len; name != last; ++name) { + if (!VALID_HD_NAME_CHARS[*name]) { + return 0; + } + } + return 1; +} + +/* Generated by genvchartbl.py */ +static const int VALID_HD_VALUE_CHARS[] = { + 0 /* NUL */, 0 /* SOH */, 0 /* STX */, 0 /* ETX */, + 0 /* EOT */, 0 /* ENQ */, 0 /* ACK */, 0 /* BEL */, + 0 /* BS */, 1 /* HT */, 0 /* LF */, 0 /* VT */, + 0 /* FF */, 0 /* CR */, 0 /* SO */, 0 /* SI */, + 0 /* DLE */, 0 /* DC1 */, 0 /* DC2 */, 0 /* DC3 */, + 0 /* DC4 */, 0 /* NAK */, 0 /* SYN */, 0 /* ETB */, + 0 /* CAN */, 0 /* EM */, 0 /* SUB */, 0 /* ESC */, + 0 /* FS */, 0 /* GS */, 0 /* RS */, 0 /* US */, + 1 /* SPC */, 1 /* ! */, 1 /* " */, 1 /* # */, + 1 /* $ */, 1 /* % */, 1 /* & */, 1 /* ' */, + 1 /* ( */, 1 /* ) */, 1 /* * */, 1 /* + */, + 1 /* , */, 1 /* - */, 1 /* . */, 1 /* / */, + 1 /* 0 */, 1 /* 1 */, 1 /* 2 */, 1 /* 3 */, + 1 /* 4 */, 1 /* 5 */, 1 /* 6 */, 1 /* 7 */, + 1 /* 8 */, 1 /* 9 */, 1 /* : */, 1 /* ; */, + 1 /* < */, 1 /* = */, 1 /* > */, 1 /* ? */, + 1 /* @ */, 1 /* A */, 1 /* B */, 1 /* C */, + 1 /* D */, 1 /* E */, 1 /* F */, 1 /* G */, + 1 /* H */, 1 /* I */, 1 /* J */, 1 /* K */, + 1 /* L */, 1 /* M */, 1 /* N */, 1 /* O */, + 1 /* P */, 1 /* Q */, 1 /* R */, 1 /* S */, + 1 /* T */, 1 /* U */, 1 /* V */, 1 /* W */, + 1 /* X */, 1 /* Y */, 1 /* Z */, 1 /* [ */, + 1 /* \ */, 1 /* ] */, 1 /* ^ */, 1 /* _ */, + 1 /* ` */, 1 /* a */, 1 /* b */, 1 /* c */, + 1 /* d */, 1 /* e */, 1 /* f */, 1 /* g */, + 1 /* h */, 1 /* i */, 1 /* j */, 1 /* k */, + 1 /* l */, 1 /* m */, 1 /* n */, 1 /* o */, + 1 /* p */, 1 /* q */, 1 /* r */, 1 /* s */, + 1 /* t */, 1 /* u */, 1 /* v */, 1 /* w */, + 1 /* x */, 1 /* y */, 1 /* z */, 1 /* { */, + 1 /* | */, 1 /* } */, 1 /* ~ */, 0 /* DEL */, + 1 /* 0x80 */, 1 /* 0x81 */, 1 /* 0x82 */, 1 /* 0x83 */, + 1 /* 0x84 */, 1 /* 0x85 */, 1 /* 0x86 */, 1 /* 0x87 */, + 1 /* 0x88 */, 1 /* 0x89 */, 1 /* 0x8a */, 1 /* 0x8b */, + 1 /* 0x8c */, 1 /* 0x8d */, 1 /* 0x8e */, 1 /* 0x8f */, + 1 /* 0x90 */, 1 /* 0x91 */, 1 /* 0x92 */, 1 /* 0x93 */, + 1 /* 0x94 */, 1 /* 0x95 */, 1 /* 0x96 */, 1 /* 0x97 */, + 1 /* 0x98 */, 1 /* 0x99 */, 1 /* 0x9a */, 1 /* 0x9b */, + 1 /* 0x9c */, 1 /* 0x9d */, 1 /* 0x9e */, 1 /* 0x9f */, + 1 /* 0xa0 */, 1 /* 0xa1 */, 1 /* 0xa2 */, 1 /* 0xa3 */, + 1 /* 0xa4 */, 1 /* 0xa5 */, 1 /* 0xa6 */, 1 /* 0xa7 */, + 1 /* 0xa8 */, 1 /* 0xa9 */, 1 /* 0xaa */, 1 /* 0xab */, + 1 /* 0xac */, 1 /* 0xad */, 1 /* 0xae */, 1 /* 0xaf */, + 1 /* 0xb0 */, 1 /* 0xb1 */, 1 /* 0xb2 */, 1 /* 0xb3 */, + 1 /* 0xb4 */, 1 /* 0xb5 */, 1 /* 0xb6 */, 1 /* 0xb7 */, + 1 /* 0xb8 */, 1 /* 0xb9 */, 1 /* 0xba */, 1 /* 0xbb */, + 1 /* 0xbc */, 1 /* 0xbd */, 1 /* 0xbe */, 1 /* 0xbf */, + 1 /* 0xc0 */, 1 /* 0xc1 */, 1 /* 0xc2 */, 1 /* 0xc3 */, + 1 /* 0xc4 */, 1 /* 0xc5 */, 1 /* 0xc6 */, 1 /* 0xc7 */, + 1 /* 0xc8 */, 1 /* 0xc9 */, 1 /* 0xca */, 1 /* 0xcb */, + 1 /* 0xcc */, 1 /* 0xcd */, 1 /* 0xce */, 1 /* 0xcf */, + 1 /* 0xd0 */, 1 /* 0xd1 */, 1 /* 0xd2 */, 1 /* 0xd3 */, + 1 /* 0xd4 */, 1 /* 0xd5 */, 1 /* 0xd6 */, 1 /* 0xd7 */, + 1 /* 0xd8 */, 1 /* 0xd9 */, 1 /* 0xda */, 1 /* 0xdb */, + 1 /* 0xdc */, 1 /* 0xdd */, 1 /* 0xde */, 1 /* 0xdf */, + 1 /* 0xe0 */, 1 /* 0xe1 */, 1 /* 0xe2 */, 1 /* 0xe3 */, + 1 /* 0xe4 */, 1 /* 0xe5 */, 1 /* 0xe6 */, 1 /* 0xe7 */, + 1 /* 0xe8 */, 1 /* 0xe9 */, 1 /* 0xea */, 1 /* 0xeb */, + 1 /* 0xec */, 1 /* 0xed */, 1 /* 0xee */, 1 /* 0xef */, + 1 /* 0xf0 */, 1 /* 0xf1 */, 1 /* 0xf2 */, 1 /* 0xf3 */, + 1 /* 0xf4 */, 1 /* 0xf5 */, 1 /* 0xf6 */, 1 /* 0xf7 */, + 1 /* 0xf8 */, 1 /* 0xf9 */, 1 /* 0xfa */, 1 /* 0xfb */, + 1 /* 0xfc */, 1 /* 0xfd */, 1 /* 0xfe */, 1 /* 0xff */ +}; + +int nghttp3_check_header_value(const uint8_t *value, size_t len) { + const uint8_t *last; + for (last = value + len; value != last; ++value) { + if (!VALID_HD_VALUE_CHARS[*value]) { + return 0; + } + } + return 1; +} diff --git a/deps/nghttp3/lib/nghttp3_http.h b/deps/nghttp3/lib/nghttp3_http.h new file mode 100644 index 0000000000..9b2c36dab3 --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_http.h @@ -0,0 +1,146 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2015 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGHTTP3_HTTP_H +#define NGHTTP3_HTTP_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +struct nghttp3_stream; +typedef struct nghttp3_stream nghttp3_stream; + +struct nghttp3_http_state; +typedef struct nghttp3_http_state nghttp3_http_state; + +/* HTTP related flags to enforce HTTP semantics */ +typedef enum { + NGHTTP3_HTTP_FLAG_NONE = 0, + /* header field seen so far */ + NGHTTP3_HTTP_FLAG__AUTHORITY = 1, + NGHTTP3_HTTP_FLAG__PATH = 1 << 1, + NGHTTP3_HTTP_FLAG__METHOD = 1 << 2, + NGHTTP3_HTTP_FLAG__SCHEME = 1 << 3, + /* host is not pseudo header, but we require either host or + :authority */ + NGHTTP3_HTTP_FLAG_HOST = 1 << 4, + NGHTTP3_HTTP_FLAG__STATUS = 1 << 5, + /* required header fields for HTTP request except for CONNECT + method. */ + NGHTTP3_HTTP_FLAG_REQ_HEADERS = NGHTTP3_HTTP_FLAG__METHOD | + NGHTTP3_HTTP_FLAG__PATH | + NGHTTP3_HTTP_FLAG__SCHEME, + NGHTTP3_HTTP_FLAG_PSEUDO_HEADER_DISALLOWED = 1 << 6, + /* HTTP method flags */ + NGHTTP3_HTTP_FLAG_METH_CONNECT = 1 << 7, + NGHTTP3_HTTP_FLAG_METH_HEAD = 1 << 8, + NGHTTP3_HTTP_FLAG_METH_OPTIONS = 1 << 9, + NGHTTP3_HTTP_FLAG_METH_ALL = NGHTTP3_HTTP_FLAG_METH_CONNECT | + NGHTTP3_HTTP_FLAG_METH_HEAD | + NGHTTP3_HTTP_FLAG_METH_OPTIONS, + /* :path category */ + /* path starts with "/" */ + NGHTTP3_HTTP_FLAG_PATH_REGULAR = 1 << 11, + /* path "*" */ + NGHTTP3_HTTP_FLAG_PATH_ASTERISK = 1 << 12, + /* scheme */ + /* "http" or "https" scheme */ + NGHTTP3_HTTP_FLAG_SCHEME_HTTP = 1 << 13, + /* set if final response is expected */ + NGHTTP3_HTTP_FLAG_EXPECT_FINAL_RESPONSE = 1 << 14, + NGHTTP3_HTTP_FLAG__PROTOCOL = 1 << 15, +} nghttp3_http_flag; + +/* + * This function is called when HTTP header field |nv| in a frame of type + * |frame_type| is received for |http|. This function will validate |nv| + * against the current state of stream. Pass nonzero if this is request + * headers. Pass nonzero to |trailers| if |nv| is included in trailers. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_MALFORMED_HTTP_HEADER + * Invalid HTTP header field was received. + * NGHTTP3_ERR_IGN_HTTP_HEADER + * Invalid HTTP header field was received but it can be treated as + * if it was not received because of compatibility reasons. + */ +int nghttp3_http_on_header(nghttp3_http_state *http, int64_t frame_type, + nghttp3_qpack_nv *nv, int request, int trailers); + +/* + * This function is called when request header is received. This + * function performs validation and returns 0 if it succeeds, or one + * of the following negative error codes: + * + * NGHTTP3_ERR_MALFORMED_HTTP_HEADER + * Required HTTP header field was not received; or an invalid + * header field was received. + */ +int nghttp3_http_on_request_headers(nghttp3_http_state *http); + +/* + * This function is called when response header is received. This + * function performs validation and returns 0 if it succeeds, or one + * of the following negative error codes: + * + * NGHTTP3_ERR_MALFORMED_HTTP_HEADER + * Required HTTP header field was not received; or an invalid + * header field was received. + */ +int nghttp3_http_on_response_headers(nghttp3_http_state *http); + +/* + * This function is called when read side stream is closed. This + * function performs validation and returns 0 if it succeeds, or one + * of the following negative error codes: + * + * NGHTTP3_ERR_MALFORMED_HTTP_MESSAGING + * HTTP messaging is violated. + */ +int nghttp3_http_on_remote_end_stream(nghttp3_stream *stream); + +/* + * This function is called when chunk of data is received. This + * function performs validation and returns 0 if it succeeds, or one + * of the following negative error codes: + * + * NGHTTP3_ERR_MALFORMED_HTTP_MESSAGING + * HTTP messaging is violated. + */ +int nghttp3_http_on_data_chunk(nghttp3_stream *stream, size_t n); + +/* + * This function inspects header fields in |nva| of length |nvlen| and + * records its method in stream->http_flags. + */ +void nghttp3_http_record_request_method(nghttp3_stream *stream, + const nghttp3_nv *nva, size_t nvlen); + +#endif /* NGHTTP3_HTTP_H */ diff --git a/deps/nghttp3/lib/nghttp3_idtr.c b/deps/nghttp3/lib/nghttp3_idtr.c new file mode 100644 index 0000000000..cd8fd82e6b --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_idtr.c @@ -0,0 +1,88 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "nghttp3_idtr.h" + +#include + +int nghttp3_idtr_init(nghttp3_idtr *idtr, int server, const nghttp3_mem *mem) { + int rv; + + rv = nghttp3_gaptr_init(&idtr->gap, mem); + if (rv != 0) { + return rv; + } + + idtr->server = server; + idtr->mem = mem; + + return 0; +} + +void nghttp3_idtr_free(nghttp3_idtr *idtr) { + if (idtr == NULL) { + return; + } + + nghttp3_gaptr_free(&idtr->gap); +} + +/* + * id_from_stream_id translates |stream_id| to id space used by + * nghttp3_idtr. + */ +static uint64_t id_from_stream_id(int64_t stream_id) { + return (uint64_t)(stream_id >> 2); +} + +int nghttp3_idtr_open(nghttp3_idtr *idtr, int64_t stream_id) { + uint64_t q; + + assert((idtr->server && (stream_id % 2)) || + (!idtr->server && (stream_id % 2)) == 0); + + q = id_from_stream_id(stream_id); + + if (nghttp3_gaptr_is_pushed(&idtr->gap, q, 1)) { + return NGHTTP3_ERR_STREAM_IN_USE; + } + + return nghttp3_gaptr_push(&idtr->gap, q, 1); +} + +int nghttp3_idtr_is_open(nghttp3_idtr *idtr, int64_t stream_id) { + uint64_t q; + + assert((idtr->server && (stream_id % 2)) || + (!idtr->server && (stream_id % 2)) == 0); + + q = id_from_stream_id(stream_id); + + return nghttp3_gaptr_is_pushed(&idtr->gap, q, 1); +} + +uint64_t nghttp3_idtr_first_gap(nghttp3_idtr *idtr) { + return nghttp3_gaptr_first_gap_offset(&idtr->gap); +} diff --git a/deps/nghttp3/lib/nghttp3_idtr.h b/deps/nghttp3/lib/nghttp3_idtr.h new file mode 100644 index 0000000000..ba2808a11f --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_idtr.h @@ -0,0 +1,99 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGHTTP3_IDTR_H +#define NGHTTP3_IDTR_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include "nghttp3_mem.h" +#include "nghttp3_gaptr.h" + +/* + * nghttp3_idtr tracks the usage of stream ID. + */ +typedef struct { + /* gap maintains the range of ID which is not used yet. Initially, + its range is [0, UINT64_MAX). */ + nghttp3_gaptr gap; + /* server is nonzero if this object records server initiated stream + ID. */ + int server; + /* mem is custom memory allocator */ + const nghttp3_mem *mem; +} nghttp3_idtr; + +/* + * nghttp3_idtr_init initializes |idtr|. |chunk| is the size of buffer + * per chunk. + * + * If this object records server initiated ID (even number), set + * |server| to nonzero. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +int nghttp3_idtr_init(nghttp3_idtr *idtr, int server, const nghttp3_mem *mem); + +/* + * nghttp3_idtr_free frees resources allocated for |idtr|. + */ +void nghttp3_idtr_free(nghttp3_idtr *idtr); + +/* + * nghttp3_idtr_open claims that |stream_id| is in used. + * + * It returns 0 if it succeeds, or one of the following negative error + * codes: + * + * NGHTTP3_ERR_STREAM_IN_USE + * ID has already been used. + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +int nghttp3_idtr_open(nghttp3_idtr *idtr, int64_t stream_id); + +/* + * nghttp3_idtr_open tells whether ID |stream_id| is in used or not. + * + * It returns nonzero if |stream_id| is used. + */ +int nghttp3_idtr_is_open(nghttp3_idtr *idtr, int64_t stream_id); + +/* + * nghttp3_idtr_first_gap returns the first id of first gap. If there + * is no gap, it returns UINT64_MAX. The returned id is an id space + * used in this object internally, and not stream ID. + */ +uint64_t nghttp3_idtr_first_gap(nghttp3_idtr *idtr); + +#endif /* NGHTTP3_IDTR_H */ diff --git a/deps/nghttp3/lib/nghttp3_ksl.c b/deps/nghttp3/lib/nghttp3_ksl.c new file mode 100644 index 0000000000..a57429448f --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_ksl.c @@ -0,0 +1,756 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2018 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "nghttp3_ksl.h" + +#include +#include +#include +#include + +#include "nghttp3_macro.h" +#include "nghttp3_mem.h" +#include "nghttp3_range.h" + +static size_t ksl_nodelen(size_t keylen) { + return (sizeof(nghttp3_ksl_node) + keylen - sizeof(uint64_t) + 0xf) & + (size_t)~0xf; +} + +static size_t ksl_blklen(size_t nodelen) { + return sizeof(nghttp3_ksl_blk) + nodelen * NGHTTP3_KSL_MAX_NBLK - + sizeof(uint64_t); +} + +/* + * ksl_node_set_key sets |key| to |node|. + */ +static void ksl_node_set_key(nghttp3_ksl *ksl, nghttp3_ksl_node *node, + const void *key) { + memcpy(&node->key, key, ksl->keylen); +} + +/* + * ksl_node_key assigns the pointer to key of |node| to key->ptr and + * returns |key|. + */ +static nghttp3_ksl_key *ksl_node_key(nghttp3_ksl_key *key, + nghttp3_ksl_node *node) { + key->ptr = &node->key; + return key; +} + +/* + * ksl_nth_node returns |n|th node under |blk|. + */ +static nghttp3_ksl_node *ksl_nth_node(const nghttp3_ksl *ksl, + nghttp3_ksl_blk *blk, size_t n) { + return (nghttp3_ksl_node *)(void *)(blk->nodes + ksl->nodelen * n); +} + +nghttp3_ksl_node *nghttp3_ksl_nth_node(nghttp3_ksl *ksl, nghttp3_ksl_blk *blk, + size_t n) { + return ksl_nth_node(ksl, blk, n); +} + +int nghttp3_ksl_init(nghttp3_ksl *ksl, nghttp3_ksl_compar compar, size_t keylen, + const nghttp3_mem *mem) { + size_t nodelen = ksl_nodelen(keylen); + size_t blklen = ksl_blklen(nodelen); + nghttp3_ksl_blk *head; + + ksl->head = nghttp3_mem_malloc(mem, blklen); + if (!ksl->head) { + return NGHTTP3_ERR_NOMEM; + } + ksl->front = ksl->back = ksl->head; + ksl->compar = compar; + ksl->keylen = keylen; + ksl->nodelen = nodelen; + ksl->n = 0; + ksl->mem = mem; + + head = ksl->head; + head->next = head->prev = NULL; + head->n = 0; + head->leaf = 1; + + return 0; +} + +/* + * ksl_free_blk frees |blk| recursively. + */ +static void ksl_free_blk(nghttp3_ksl *ksl, nghttp3_ksl_blk *blk) { + size_t i; + + if (!blk->leaf) { + for (i = 0; i < blk->n; ++i) { + ksl_free_blk(ksl, ksl_nth_node(ksl, blk, i)->blk); + } + } + + nghttp3_mem_free(ksl->mem, blk); +} + +void nghttp3_ksl_free(nghttp3_ksl *ksl) { + if (!ksl) { + return; + } + + ksl_free_blk(ksl, ksl->head); +} + +/* + * ksl_split_blk splits |blk| into 2 nghttp3_ksl_blk objects. The new + * nghttp3_ksl_blk is always the "right" block. + * + * It returns the pointer to the nghttp3_ksl_blk created which is the + * located at the right of |blk|, or NULL which indicates out of + * memory error. + */ +static nghttp3_ksl_blk *ksl_split_blk(nghttp3_ksl *ksl, nghttp3_ksl_blk *blk) { + nghttp3_ksl_blk *rblk; + + rblk = nghttp3_mem_malloc(ksl->mem, ksl_blklen(ksl->nodelen)); + if (rblk == NULL) { + return NULL; + } + + rblk->next = blk->next; + blk->next = rblk; + if (rblk->next) { + rblk->next->prev = rblk; + } else if (ksl->back == blk) { + ksl->back = rblk; + } + rblk->prev = blk; + rblk->leaf = blk->leaf; + + rblk->n = blk->n / 2; + + memcpy(rblk->nodes, blk->nodes + ksl->nodelen * (blk->n - rblk->n), + ksl->nodelen * rblk->n); + + blk->n -= rblk->n; + + assert(blk->n >= NGHTTP3_KSL_MIN_NBLK); + assert(rblk->n >= NGHTTP3_KSL_MIN_NBLK); + + return rblk; +} + +/* + * ksl_split_node splits a node included in |blk| at the position |i| + * into 2 adjacent nodes. The new node is always inserted at the + * position |i+1|. + * + * It returns 0 if it succeeds, or one of the following negative error + * codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +static int ksl_split_node(nghttp3_ksl *ksl, nghttp3_ksl_blk *blk, size_t i) { + nghttp3_ksl_node *node; + nghttp3_ksl_blk *lblk = ksl_nth_node(ksl, blk, i)->blk, *rblk; + + rblk = ksl_split_blk(ksl, lblk); + if (rblk == NULL) { + return NGHTTP3_ERR_NOMEM; + } + + memmove(blk->nodes + (i + 2) * ksl->nodelen, + blk->nodes + (i + 1) * ksl->nodelen, + ksl->nodelen * (blk->n - (i + 1))); + + node = ksl_nth_node(ksl, blk, i + 1); + node->blk = rblk; + ++blk->n; + ksl_node_set_key(ksl, node, &ksl_nth_node(ksl, rblk, rblk->n - 1)->key); + + node = ksl_nth_node(ksl, blk, i); + ksl_node_set_key(ksl, node, &ksl_nth_node(ksl, lblk, lblk->n - 1)->key); + + return 0; +} + +/* + * ksl_split_head splits a head (root) block. It increases the height + * of skip list by 1. + * + * It returns 0 if it succeeds, or one of the following negative error + * codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +static int ksl_split_head(nghttp3_ksl *ksl) { + nghttp3_ksl_blk *rblk = NULL, *lblk, *nhead = NULL; + nghttp3_ksl_node *node; + + rblk = ksl_split_blk(ksl, ksl->head); + if (rblk == NULL) { + return NGHTTP3_ERR_NOMEM; + } + + lblk = ksl->head; + + nhead = nghttp3_mem_malloc(ksl->mem, ksl_blklen(ksl->nodelen)); + if (nhead == NULL) { + nghttp3_mem_free(ksl->mem, rblk); + return NGHTTP3_ERR_NOMEM; + } + nhead->next = nhead->prev = NULL; + nhead->n = 2; + nhead->leaf = 0; + + node = ksl_nth_node(ksl, nhead, 0); + ksl_node_set_key(ksl, node, &ksl_nth_node(ksl, lblk, lblk->n - 1)->key); + node->blk = lblk; + + node = ksl_nth_node(ksl, nhead, 1); + ksl_node_set_key(ksl, node, &ksl_nth_node(ksl, rblk, rblk->n - 1)->key); + node->blk = rblk; + + ksl->head = nhead; + + return 0; +} + +/* + * insert_node inserts a node whose key is |key| with the associated + * |data| at the index of |i|. This function assumes that the number + * of nodes contained by |blk| is strictly less than + * NGHTTP3_KSL_MAX_NBLK. + */ +static void ksl_insert_node(nghttp3_ksl *ksl, nghttp3_ksl_blk *blk, size_t i, + const nghttp3_ksl_key *key, void *data) { + nghttp3_ksl_node *node; + + assert(blk->n < NGHTTP3_KSL_MAX_NBLK); + + memmove(blk->nodes + (i + 1) * ksl->nodelen, blk->nodes + i * ksl->nodelen, + ksl->nodelen * (blk->n - i)); + + node = ksl_nth_node(ksl, blk, i); + ksl_node_set_key(ksl, node, key->ptr); + node->data = data; + + ++blk->n; +} + +static size_t ksl_bsearch(nghttp3_ksl *ksl, nghttp3_ksl_blk *blk, + const nghttp3_ksl_key *key, + nghttp3_ksl_compar compar) { + ssize_t left = -1, right = (ssize_t)blk->n, mid; + nghttp3_ksl_node *node; + nghttp3_ksl_key node_key; + + while (right - left > 1) { + mid = (left + right) / 2; + node = ksl_nth_node(ksl, blk, (size_t)mid); + if (compar(ksl_node_key(&node_key, node), key)) { + left = mid; + } else { + right = mid; + } + } + + return (size_t)right; +} + +int nghttp3_ksl_insert(nghttp3_ksl *ksl, nghttp3_ksl_it *it, + const nghttp3_ksl_key *key, void *data) { + nghttp3_ksl_blk *blk = ksl->head; + nghttp3_ksl_node *node; + nghttp3_ksl_key node_key; + size_t i; + int rv; + + if (blk->n == NGHTTP3_KSL_MAX_NBLK) { + rv = ksl_split_head(ksl); + if (rv != 0) { + return rv; + } + blk = ksl->head; + } + + for (;;) { + i = ksl_bsearch(ksl, blk, key, ksl->compar); + + if (blk->leaf) { + ksl_insert_node(ksl, blk, i, key, data); + ++ksl->n; + if (it) { + nghttp3_ksl_it_init(it, ksl, blk, i); + } + return 0; + } + + if (i == blk->n) { + /* This insertion extends the largest key in this subtree. */ + for (; !blk->leaf;) { + node = ksl_nth_node(ksl, blk, blk->n - 1); + if (node->blk->n == NGHTTP3_KSL_MAX_NBLK) { + rv = ksl_split_node(ksl, blk, blk->n - 1); + if (rv != 0) { + return rv; + } + node = ksl_nth_node(ksl, blk, blk->n - 1); + } + ksl_node_set_key(ksl, node, key->ptr); + blk = node->blk; + } + ksl_insert_node(ksl, blk, blk->n, key, data); + ++ksl->n; + if (it) { + nghttp3_ksl_it_init(it, ksl, blk, blk->n - 1); + } + return 0; + } + + node = ksl_nth_node(ksl, blk, i); + + if (node->blk->n == NGHTTP3_KSL_MAX_NBLK) { + rv = ksl_split_node(ksl, blk, i); + if (rv != 0) { + return rv; + } + if (ksl->compar(ksl_node_key(&node_key, node), key)) { + node = ksl_nth_node(ksl, blk, i + 1); + if (ksl->compar(ksl_node_key(&node_key, node), key)) { + ksl_node_set_key(ksl, node, key->ptr); + } + } + } + + blk = node->blk; + } +} + +/* + * ksl_remove_node removes the node included in |blk| at the index of + * |i|. + */ +static void ksl_remove_node(nghttp3_ksl *ksl, nghttp3_ksl_blk *blk, size_t i) { + memmove(blk->nodes + i * ksl->nodelen, blk->nodes + (i + 1) * ksl->nodelen, + ksl->nodelen * (blk->n - (i + 1))); + + --blk->n; +} + +/* + * ksl_merge_node merges 2 nodes which are the nodes at the index of + * |i| and |i + 1|. + * + * If |blk| is the direct descendant of head (root) block and the head + * block contains just 2 nodes, the merged block becomes head block, + * which decreases the height of |ksl| by 1. + * + * This function returns the pointer to the merged block. + */ +static nghttp3_ksl_blk *ksl_merge_node(nghttp3_ksl *ksl, nghttp3_ksl_blk *blk, + size_t i) { + nghttp3_ksl_blk *lblk, *rblk; + + assert(i + 1 < blk->n); + + lblk = ksl_nth_node(ksl, blk, i)->blk; + rblk = ksl_nth_node(ksl, blk, i + 1)->blk; + + assert(lblk->n + rblk->n < NGHTTP3_KSL_MAX_NBLK); + + memcpy(lblk->nodes + ksl->nodelen * lblk->n, rblk->nodes, + ksl->nodelen * rblk->n); + + lblk->n += rblk->n; + lblk->next = rblk->next; + if (lblk->next) { + lblk->next->prev = lblk; + } else if (ksl->back == rblk) { + ksl->back = lblk; + } + + nghttp3_mem_free(ksl->mem, rblk); + + if (ksl->head == blk && blk->n == 2) { + nghttp3_mem_free(ksl->mem, ksl->head); + ksl->head = lblk; + } else { + ksl_remove_node(ksl, blk, i + 1); + ksl_node_set_key(ksl, ksl_nth_node(ksl, blk, i), + &ksl_nth_node(ksl, lblk, lblk->n - 1)->key); + } + + return lblk; +} + +/* + * ksl_shift_left moves the first node in blk->nodes[i]->blk->nodes to + * blk->nodes[i - 1]->blk->nodes. + */ +static void ksl_shift_left(nghttp3_ksl *ksl, nghttp3_ksl_blk *blk, size_t i) { + nghttp3_ksl_node *lnode, *rnode, *dest, *src; + + assert(i > 0); + + lnode = ksl_nth_node(ksl, blk, i - 1); + rnode = ksl_nth_node(ksl, blk, i); + + assert(lnode->blk->n < NGHTTP3_KSL_MAX_NBLK); + assert(rnode->blk->n > NGHTTP3_KSL_MIN_NBLK); + + dest = ksl_nth_node(ksl, lnode->blk, lnode->blk->n); + src = ksl_nth_node(ksl, rnode->blk, 0); + + memcpy(dest, src, ksl->nodelen); + ksl_node_set_key(ksl, lnode, &dest->key); + ++lnode->blk->n; + + --rnode->blk->n; + memmove(rnode->blk->nodes, rnode->blk->nodes + ksl->nodelen, + ksl->nodelen * rnode->blk->n); +} + +/* + * ksl_shift_right moves the last node in blk->nodes[i]->blk->nodes to + * blk->nodes[i + 1]->blk->nodes. + */ +static void ksl_shift_right(nghttp3_ksl *ksl, nghttp3_ksl_blk *blk, size_t i) { + nghttp3_ksl_node *lnode, *rnode, *dest, *src; + + assert(i < blk->n - 1); + + lnode = ksl_nth_node(ksl, blk, i); + rnode = ksl_nth_node(ksl, blk, i + 1); + + assert(lnode->blk->n > NGHTTP3_KSL_MIN_NBLK); + assert(rnode->blk->n < NGHTTP3_KSL_MAX_NBLK); + + memmove(rnode->blk->nodes + ksl->nodelen, rnode->blk->nodes, + ksl->nodelen * rnode->blk->n); + ++rnode->blk->n; + + dest = ksl_nth_node(ksl, rnode->blk, 0); + src = ksl_nth_node(ksl, lnode->blk, lnode->blk->n - 1); + + memcpy(dest, src, ksl->nodelen); + + --lnode->blk->n; + ksl_node_set_key(ksl, lnode, + &ksl_nth_node(ksl, lnode->blk, lnode->blk->n - 1)->key); +} + +/* + * key_equal returns nonzero if |lhs| and |rhs| are equal using the + * function |compar|. + */ +static int key_equal(nghttp3_ksl_compar compar, const nghttp3_ksl_key *lhs, + const nghttp3_ksl_key *rhs) { + return !compar(lhs, rhs) && !compar(rhs, lhs); +} + +void nghttp3_ksl_remove(nghttp3_ksl *ksl, nghttp3_ksl_it *it, + const nghttp3_ksl_key *key) { + nghttp3_ksl_blk *blk = ksl->head, *lblk, *rblk; + nghttp3_ksl_node *node; + size_t i; + + if (!blk->leaf && blk->n == 2 && + ksl_nth_node(ksl, blk, 0)->blk->n == NGHTTP3_KSL_MIN_NBLK && + ksl_nth_node(ksl, blk, 1)->blk->n == NGHTTP3_KSL_MIN_NBLK) { + blk = ksl_merge_node(ksl, ksl->head, 0); + } + + for (;;) { + i = ksl_bsearch(ksl, blk, key, ksl->compar); + + assert(i < blk->n); + + if (blk->leaf) { + assert(i < blk->n); + ksl_remove_node(ksl, blk, i); + --ksl->n; + if (it) { + if (blk->n == i && blk->next) { + nghttp3_ksl_it_init(it, ksl, blk->next, 0); + } else { + nghttp3_ksl_it_init(it, ksl, blk, i); + } + } + return; + } + + node = ksl_nth_node(ksl, blk, i); + + if (node->blk->n == NGHTTP3_KSL_MIN_NBLK) { + if (i > 0 && (lblk = ksl_nth_node(ksl, blk, i - 1)->blk)->n > + NGHTTP3_KSL_MIN_NBLK) { + ksl_shift_right(ksl, blk, i - 1); + } else if (i + 1 < blk->n && + (rblk = ksl_nth_node(ksl, blk, i + 1)->blk)->n > + NGHTTP3_KSL_MIN_NBLK) { + ksl_shift_left(ksl, blk, i + 1); + } else if (i > 0) { + assert(lblk); + assert(lblk->n + node->blk->n < NGHTTP3_KSL_MAX_NBLK); + blk = ksl_merge_node(ksl, blk, i - 1); + } else { + assert(i + 1 < blk->n); + assert(rblk); + assert(node->blk->n + rblk->n < NGHTTP3_KSL_MAX_NBLK); + blk = ksl_merge_node(ksl, blk, i); + } + } else { + blk = node->blk; + } + } +} + +nghttp3_ksl_it nghttp3_ksl_lower_bound(nghttp3_ksl *ksl, + const nghttp3_ksl_key *key) { + nghttp3_ksl_blk *blk = ksl->head; + nghttp3_ksl_it it; + size_t i; + + for (;;) { + i = ksl_bsearch(ksl, blk, key, ksl->compar); + + if (blk->leaf) { + if (i == blk->n && blk->next) { + blk = blk->next; + i = 0; + } + nghttp3_ksl_it_init(&it, ksl, blk, i); + return it; + } + + if (i == blk->n) { + /* This happens if descendant has smaller key. Fast forward to + find last node in this subtree. */ + for (; !blk->leaf; blk = ksl_nth_node(ksl, blk, blk->n - 1)->blk) + ; + if (blk->next) { + blk = blk->next; + i = 0; + } else { + i = blk->n; + } + nghttp3_ksl_it_init(&it, ksl, blk, i); + return it; + } + blk = ksl_nth_node(ksl, blk, i)->blk; + } +} + +nghttp3_ksl_it nghttp3_ksl_lower_bound_compar(nghttp3_ksl *ksl, + const nghttp3_ksl_key *key, + nghttp3_ksl_compar compar) { + nghttp3_ksl_blk *blk = ksl->head; + nghttp3_ksl_it it; + size_t i; + + for (;;) { + i = ksl_bsearch(ksl, blk, key, compar); + + if (blk->leaf) { + if (i == blk->n && blk->next) { + blk = blk->next; + i = 0; + } + nghttp3_ksl_it_init(&it, ksl, blk, i); + return it; + } + + if (i == blk->n) { + /* This happens if descendant has smaller key. Fast forward to + find last node in this subtree. */ + for (; !blk->leaf; blk = ksl_nth_node(ksl, blk, blk->n - 1)->blk) + ; + if (blk->next) { + blk = blk->next; + i = 0; + } else { + i = blk->n; + } + nghttp3_ksl_it_init(&it, ksl, blk, i); + return it; + } + blk = ksl_nth_node(ksl, blk, i)->blk; + } +} + +void nghttp3_ksl_update_key(nghttp3_ksl *ksl, const nghttp3_ksl_key *old_key, + const nghttp3_ksl_key *new_key) { + nghttp3_ksl_blk *blk = ksl->head; + nghttp3_ksl_node *node; + nghttp3_ksl_key node_key; + size_t i; + + for (;;) { + i = ksl_bsearch(ksl, blk, old_key, ksl->compar); + + assert(i < blk->n); + node = ksl_nth_node(ksl, blk, i); + + if (blk->leaf) { + assert(key_equal(ksl->compar, ksl_node_key(&node_key, node), old_key)); + ksl_node_set_key(ksl, node, new_key->ptr); + return; + } + + ksl_node_key(&node_key, node); + if (key_equal(ksl->compar, &node_key, old_key) || + ksl->compar(&node_key, new_key)) { + ksl_node_set_key(ksl, node, new_key->ptr); + } + + blk = node->blk; + } +} + +static void ksl_print(nghttp3_ksl *ksl, nghttp3_ksl_blk *blk, size_t level) { + size_t i; + nghttp3_ksl_node *node; + nghttp3_ksl_key node_key; + + fprintf(stderr, "LV=%zu n=%zu\n", level, blk->n); + + if (blk->leaf) { + for (i = 0; i < blk->n; ++i) { + node = ksl_nth_node(ksl, blk, i); + fprintf(stderr, " %" PRId64, *ksl_node_key(&node_key, node)->i); + } + fprintf(stderr, "\n"); + return; + } + + for (i = 0; i < blk->n; ++i) { + ksl_print(ksl, ksl_nth_node(ksl, blk, i)->blk, level + 1); + } +} + +size_t nghttp3_ksl_len(nghttp3_ksl *ksl) { return ksl->n; } + +void nghttp3_ksl_clear(nghttp3_ksl *ksl) { + size_t i; + nghttp3_ksl_blk *head; + + if (!ksl->head->leaf) { + for (i = 0; i < ksl->head->n; ++i) { + ksl_free_blk(ksl, ksl_nth_node(ksl, ksl->head, i)->blk); + } + } + + ksl->front = ksl->back = ksl->head; + ksl->n = 0; + + head = ksl->head; + + head->next = head->prev = NULL; + head->n = 0; + head->leaf = 1; +} + +void nghttp3_ksl_print(nghttp3_ksl *ksl) { ksl_print(ksl, ksl->head, 0); } + +nghttp3_ksl_it nghttp3_ksl_begin(const nghttp3_ksl *ksl) { + nghttp3_ksl_it it; + nghttp3_ksl_it_init(&it, ksl, ksl->front, 0); + return it; +} + +nghttp3_ksl_it nghttp3_ksl_end(const nghttp3_ksl *ksl) { + nghttp3_ksl_it it; + nghttp3_ksl_it_init(&it, ksl, ksl->back, ksl->back->n); + return it; +} + +void nghttp3_ksl_it_init(nghttp3_ksl_it *it, const nghttp3_ksl *ksl, + nghttp3_ksl_blk *blk, size_t i) { + it->ksl = ksl; + it->blk = blk; + it->i = i; +} + +void *nghttp3_ksl_it_get(const nghttp3_ksl_it *it) { + assert(it->i < it->blk->n); + return ksl_nth_node(it->ksl, it->blk, it->i)->data; +} + +void nghttp3_ksl_it_next(nghttp3_ksl_it *it) { + assert(!nghttp3_ksl_it_end(it)); + + if (++it->i == it->blk->n && it->blk->next) { + it->blk = it->blk->next; + it->i = 0; + } +} + +void nghttp3_ksl_it_prev(nghttp3_ksl_it *it) { + assert(!nghttp3_ksl_it_begin(it)); + + if (it->i == 0) { + it->blk = it->blk->prev; + it->i = it->blk->n - 1; + } else { + --it->i; + } +} + +int nghttp3_ksl_it_end(const nghttp3_ksl_it *it) { + return it->blk->n == it->i && it->blk->next == NULL; +} + +int nghttp3_ksl_it_begin(const nghttp3_ksl_it *it) { + return it->i == 0 && it->blk->prev == NULL; +} + +nghttp3_ksl_key nghttp3_ksl_it_key(const nghttp3_ksl_it *it) { + nghttp3_ksl_key node_key; + + assert(it->i < it->blk->n); + + return *ksl_node_key(&node_key, ksl_nth_node(it->ksl, it->blk, it->i)); +} + +nghttp3_ksl_key *nghttp3_ksl_key_ptr(nghttp3_ksl_key *key, const void *ptr) { + key->ptr = ptr; + return key; +} + +int nghttp3_ksl_range_compar(const nghttp3_ksl_key *lhs, + const nghttp3_ksl_key *rhs) { + const nghttp3_range *a = lhs->ptr, *b = rhs->ptr; + return a->begin < b->begin; +} + +int nghttp3_ksl_range_exclusive_compar(const nghttp3_ksl_key *lhs, + const nghttp3_ksl_key *rhs) { + const nghttp3_range *a = lhs->ptr, *b = rhs->ptr; + return a->begin < b->begin && + !(nghttp3_max(a->begin, b->begin) < nghttp3_min(a->end, b->end)); +} diff --git a/deps/nghttp3/lib/nghttp3_ksl.h b/deps/nghttp3/lib/nghttp3_ksl.h new file mode 100644 index 0000000000..89ca732aeb --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_ksl.h @@ -0,0 +1,336 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2018 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGHTTP3_KSL_H +#define NGHTTP3_KSL_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include + +/* + * Skip List using single key instead of range. + */ + +#define NGHTTP3_KSL_DEGR 8 +/* NGHTTP3_KSL_MAX_NBLK is the maximum number of nodes which a single + block can contain. */ +#define NGHTTP3_KSL_MAX_NBLK (2 * NGHTTP3_KSL_DEGR - 1) +/* NGHTTP3_KSL_MIN_NBLK is the minimum number of nodes which a single + block other than root must contains. */ +#define NGHTTP3_KSL_MIN_NBLK (NGHTTP3_KSL_DEGR - 1) + +/* + * nghttp3_ksl_key represents key in nghttp3_ksl. + */ +typedef union { + /* i is defined to retrieve int64_t key for convenience. */ + const int64_t *i; + /* ptr points to the key. */ + const void *ptr; +} nghttp3_ksl_key; + +struct nghttp3_ksl_node; +typedef struct nghttp3_ksl_node nghttp3_ksl_node; + +struct nghttp3_ksl_blk; +typedef struct nghttp3_ksl_blk nghttp3_ksl_blk; + +/* + * nghttp3_ksl_node is a node which contains either nghttp3_ksl_blk or + * opaque data. If a node is an internal node, it contains + * nghttp3_ksl_blk. Otherwise, it has data. The key is stored at the + * location starting at key. + */ +struct nghttp3_ksl_node { + union { + nghttp3_ksl_blk *blk; + void *data; + }; + union { + uint64_t align; + /* key is a buffer to include key associated to this node. + Because the length of key is unknown until nghttp3_ksl_init is + called, the actual buffer will be allocated after this + field. */ + uint8_t key[1]; + }; +}; + +/* + * nghttp3_ksl_blk contains nghttp3_ksl_node objects. + */ +struct nghttp3_ksl_blk { + /* next points to the next block if leaf field is nonzero. */ + nghttp3_ksl_blk *next; + /* prev points to the previous block if leaf field is nonzero. */ + nghttp3_ksl_blk *prev; + /* n is the number of nodes this object contains in nodes. */ + size_t n; + /* leaf is nonzero if this block contains leaf nodes. */ + int leaf; + union { + uint64_t align; + /* nodes is a buffer to contain NGHTTP3_KSL_MAX_NBLK + nghttp3_ksl_node objects. Because nghttp3_ksl_node object is + allocated along with the additional variable length key + storage, the size of buffer is unknown until nghttp3_ksl_init + is called. */ + uint8_t nodes[1]; + }; +}; + +/* + * nghttp3_ksl_compar is a function type which returns nonzero if key + * |lhs| should be placed before |rhs|. It returns 0 otherwise. + */ +typedef int (*nghttp3_ksl_compar)(const nghttp3_ksl_key *lhs, + const nghttp3_ksl_key *rhs); + +struct nghttp3_ksl; +typedef struct nghttp3_ksl nghttp3_ksl; + +struct nghttp3_ksl_it; +typedef struct nghttp3_ksl_it nghttp3_ksl_it; + +/* + * nghttp3_ksl_it is a forward iterator to iterate nodes. + */ +struct nghttp3_ksl_it { + const nghttp3_ksl *ksl; + nghttp3_ksl_blk *blk; + size_t i; +}; + +/* + * nghttp3_ksl is a deterministic paged skip list. + */ +struct nghttp3_ksl { + /* head points to the root block. */ + nghttp3_ksl_blk *head; + /* front points to the first leaf block. */ + nghttp3_ksl_blk *front; + /* back points to the last leaf block. */ + nghttp3_ksl_blk *back; + nghttp3_ksl_compar compar; + size_t n; + /* keylen is the size of key */ + size_t keylen; + /* nodelen is the actual size of nghttp3_ksl_node including key + storage. */ + size_t nodelen; + const nghttp3_mem *mem; +}; + +/* + * nghttp3_ksl_init initializes |ksl|. |compar| specifies compare + * function. |keylen| is the length of key. + * + * It returns 0 if it succeeds, or one of the following negative error + * codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +int nghttp3_ksl_init(nghttp3_ksl *ksl, nghttp3_ksl_compar compar, size_t keylen, + const nghttp3_mem *mem); + +/* + * nghttp3_ksl_free frees resources allocated for |ksl|. If |ksl| is + * NULL, this function does nothing. It does not free the memory + * region pointed by |ksl| itself. + */ +void nghttp3_ksl_free(nghttp3_ksl *ksl); + +/* + * nghttp3_ksl_insert inserts |key| with its associated |data|. On + * successful insertion, the iterator points to the inserted node is + * stored in |*it|. + * + * This function assumes that |key| does not exist in |ksl|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +int nghttp3_ksl_insert(nghttp3_ksl *ksl, nghttp3_ksl_it *it, + const nghttp3_ksl_key *key, void *data); + +/* + * nghttp3_ksl_remove removes the |key| from |ksl|. It assumes such + * the key is included in |ksl|. + * + * This function assigns the iterator to |*it|, which points to the + * node which is located at the right next of the removed node if |it| + * is not NULL. + */ +void nghttp3_ksl_remove(nghttp3_ksl *ksl, nghttp3_ksl_it *it, + const nghttp3_ksl_key *key); + +/* + * nghttp3_ksl_lower_bound returns the iterator which points to the + * first node which has the key which is equal to |key| or the last + * node which satisfies !compar(&node->key, key). If there is no such + * node, it returns the iterator which satisfies nghttp3_ksl_it_end(it) + * != 0. + */ +nghttp3_ksl_it nghttp3_ksl_lower_bound(nghttp3_ksl *ksl, + const nghttp3_ksl_key *key); + +/* + * nghttp3_ksl_lower_bound_compar works like nghttp3_ksl_lower_bound, + * but it takes custom function |compar| to do lower bound search. + */ +nghttp3_ksl_it nghttp3_ksl_lower_bound_compar(nghttp3_ksl *ksl, + const nghttp3_ksl_key *key, + nghttp3_ksl_compar compar); + +/* + * nghttp3_ksl_update_key replaces the key of nodes which has |old_key| + * with |new_key|. |new_key| must be strictly greater than the + * previous node and strictly smaller than the next node. + */ +void nghttp3_ksl_update_key(nghttp3_ksl *ksl, const nghttp3_ksl_key *old_key, + const nghttp3_ksl_key *new_key); + +/* + * nghttp3_ksl_begin returns the iterator which points to the first + * node. If there is no node in |ksl|, it returns the iterator which + * satisfies nghttp3_ksl_it_end(it) != 0. + */ +nghttp3_ksl_it nghttp3_ksl_begin(const nghttp3_ksl *ksl); + +/* + * nghttp3_ksl_end returns the iterator which points to the node + * following the last node. The returned object satisfies + * nghttp3_ksl_it_end(). If there is no node in |ksl|, it returns the + * iterator which satisfies nghttp3_ksl_it_begin(it) != 0. + */ +nghttp3_ksl_it nghttp3_ksl_end(const nghttp3_ksl *ksl); + +/* + * nghttp3_ksl_len returns the number of elements stored in |ksl|. + */ +size_t nghttp3_ksl_len(nghttp3_ksl *ksl); + +/* + * nghttp3_ksl_clear removes all elements stored in |ksl|. + */ +void nghttp3_ksl_clear(nghttp3_ksl *ksl); + +/* + * nghttp3_ksl_nth_node returns the |n|th node under |blk|. This + * function is provided for unit testing. + */ +nghttp3_ksl_node *nghttp3_ksl_nth_node(nghttp3_ksl *ksl, nghttp3_ksl_blk *blk, + size_t n); + +/* + * nghttp3_ksl_print prints its internal state in stderr. It assumes + * that the key is of type int64_t. This function should be used for + * the debugging purpose only. + */ +void nghttp3_ksl_print(nghttp3_ksl *ksl); + +/* + * nghttp3_ksl_it_init initializes |it|. + */ +void nghttp3_ksl_it_init(nghttp3_ksl_it *it, const nghttp3_ksl *ksl, + nghttp3_ksl_blk *blk, size_t i); + +/* + * nghttp3_ksl_it_get returns the data associated to the node which + * |it| points to. It is undefined to call this function when + * nghttp3_ksl_it_end(it) returns nonzero. + */ +void *nghttp3_ksl_it_get(const nghttp3_ksl_it *it); + +/* + * nghttp3_ksl_it_next advances the iterator by one. It is undefined + * if this function is called when nghttp3_ksl_it_end(it) returns + * nonzero. + */ +void nghttp3_ksl_it_next(nghttp3_ksl_it *it); + +/* + * nghttp3_ksl_it_prev moves backward the iterator by one. It is + * undefined if this function is called when nghttp3_ksl_it_begin(it) + * returns nonzero. + */ +void nghttp3_ksl_it_prev(nghttp3_ksl_it *it); + +/* + * nghttp3_ksl_it_end returns nonzero if |it| points to the beyond the + * last node. + */ +int nghttp3_ksl_it_end(const nghttp3_ksl_it *it); + +/* + * nghttp3_ksl_it_begin returns nonzero if |it| points to the first + * node. |it| might satisfy both nghttp3_ksl_it_begin(&it) and + * nghttp3_ksl_it_end(&it) if the skip list has no node. + */ +int nghttp3_ksl_it_begin(const nghttp3_ksl_it *it); + +/* + * nghttp3_ksl_key returns the key of the node which |it| points to. + * It is undefined to call this function when nghttp3_ksl_it_end(it) + * returns nonzero. + */ +nghttp3_ksl_key nghttp3_ksl_it_key(const nghttp3_ksl_it *it); + +/* + * nghttp3_ksl_key_ptr is a convenient function which initializes + * |key| with |ptr| and returns |key|. + */ +nghttp3_ksl_key *nghttp3_ksl_key_ptr(nghttp3_ksl_key *key, const void *ptr); + +/* + * nghttp3_ksl_range_compar is an implementation of + * nghttp3_ksl_compar. lhs->ptr and rhs->ptr must point to + * nghttp3_range object and the function returns nonzero if (const + * nghttp3_range *)(lhs->ptr)->begin < (const nghttp3_range + * *)(rhs->ptr)->begin. + */ +int nghttp3_ksl_range_compar(const nghttp3_ksl_key *lhs, + const nghttp3_ksl_key *rhs); + +/* + * nghttp3_ksl_range_exclusive_compar is an implementation of + * nghttp3_ksl_compar. lhs->ptr and rhs->ptr must point to + * nghttp3_range object and the function returns nonzero if (const + * nghttp3_range *)(lhs->ptr)->begin < (const nghttp3_range + * *)(rhs->ptr)->begin and the 2 ranges do not intersect. + */ +int nghttp3_ksl_range_exclusive_compar(const nghttp3_ksl_key *lhs, + const nghttp3_ksl_key *rhs); + +#endif /* NGHTTP3_KSL_H */ diff --git a/deps/nghttp3/lib/nghttp3_macro.h b/deps/nghttp3/lib/nghttp3_macro.h new file mode 100644 index 0000000000..6ee704cc47 --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_macro.h @@ -0,0 +1,47 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGHTTP3_MACRO_H +#define NGHTTP3_MACRO_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include + +#define nghttp3_min(A, B) ((A) < (B) ? (A) : (B)) +#define nghttp3_max(A, B) ((A) > (B) ? (A) : (B)) + +#define nghttp3_struct_of(ptr, type, member) \ + ((type *)(void *)((char *)(ptr)-offsetof(type, member))) + +#define nghttp3_arraylen(A) (sizeof(A) / sizeof(*(A))) + +#define lstreq(A, B, N) ((sizeof((A)) - 1) == (N) && memcmp((A), (B), (N)) == 0) + +#endif /* NGHTTP3_MACRO_H */ diff --git a/deps/nghttp3/lib/nghttp3_map.c b/deps/nghttp3/lib/nghttp3_map.c new file mode 100644 index 0000000000..7a087eb577 --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_map.c @@ -0,0 +1,213 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2017 ngtcp2 contributors + * Copyright (c) 2012 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "nghttp3_map.h" + +#include + +#include "nghttp3_conv.h" + +#define INITIAL_TABLE_LENGTH 256 + +int nghttp3_map_init(nghttp3_map *map, const nghttp3_mem *mem) { + map->mem = mem; + map->tablelen = INITIAL_TABLE_LENGTH; + map->table = + nghttp3_mem_calloc(mem, map->tablelen, sizeof(nghttp3_map_entry *)); + if (map->table == NULL) { + return NGHTTP3_ERR_NOMEM; + } + + map->size = 0; + + return 0; +} + +void nghttp3_map_free(nghttp3_map *map) { + nghttp3_mem_free(map->mem, map->table); +} + +void nghttp3_map_each_free(const nghttp3_map *map, + int (*func)(nghttp3_map_entry *entry, void *ptr), + void *ptr) { + uint32_t i; + for (i = 0; i < map->tablelen; ++i) { + nghttp3_map_entry *entry; + for (entry = map->table[i]; entry;) { + nghttp3_map_entry *next = entry->next; + func(entry, ptr); + entry = next; + } + map->table[i] = NULL; + } +} + +int nghttp3_map_each(const nghttp3_map *map, + int (*func)(nghttp3_map_entry *entry, void *ptr), + void *ptr) { + int rv; + uint32_t i; + for (i = 0; i < map->tablelen; ++i) { + nghttp3_map_entry *entry, *next; + for (entry = map->table[i]; entry;) { + next = entry->next; + rv = func(entry, ptr); + if (rv != 0) { + return rv; + } + entry = next; + } + } + return 0; +} + +void nghttp3_map_entry_init(nghttp3_map_entry *entry, key_type key) { + entry->key = key; + entry->next = NULL; +} + +/* FNV1a hash */ +static uint32_t hash(key_type key, uint32_t mod) { + uint8_t *p, *end; + uint32_t h = 0x811C9DC5u; + + key = bswap64(key); + p = (uint8_t *)&key; + end = p + sizeof(key_type); + + for (; p != end; ++p) { + h ^= *p; + h *= 0x01000193u; + } + + return h & (mod - 1); +} + +static int insert(nghttp3_map_entry **table, uint32_t tablelen, + nghttp3_map_entry *entry) { + uint32_t h = hash(entry->key, tablelen); + if (table[h] == NULL) { + table[h] = entry; + } else { + nghttp3_map_entry *p; + /* We won't allow duplicated key, so check it out. */ + for (p = table[h]; p; p = p->next) { + if (p->key == entry->key) { + return NGHTTP3_ERR_INVALID_ARGUMENT; + } + } + entry->next = table[h]; + table[h] = entry; + } + return 0; +} + +/* new_tablelen must be power of 2 */ +static int resize(nghttp3_map *map, uint32_t new_tablelen) { + uint32_t i; + nghttp3_map_entry **new_table; + + new_table = + nghttp3_mem_calloc(map->mem, new_tablelen, sizeof(nghttp3_map_entry *)); + if (new_table == NULL) { + return NGHTTP3_ERR_NOMEM; + } + + for (i = 0; i < map->tablelen; ++i) { + nghttp3_map_entry *entry; + for (entry = map->table[i]; entry;) { + nghttp3_map_entry *next = entry->next; + entry->next = NULL; + /* This function must succeed */ + insert(new_table, new_tablelen, entry); + entry = next; + } + } + nghttp3_mem_free(map->mem, map->table); + map->tablelen = new_tablelen; + map->table = new_table; + + return 0; +} + +int nghttp3_map_insert(nghttp3_map *map, nghttp3_map_entry *new_entry) { + int rv; + /* Load factor is 0.75 */ + if ((map->size + 1) * 4 > map->tablelen * 3) { + rv = resize(map, map->tablelen * 2); + if (rv != 0) { + return rv; + } + } + rv = insert(map->table, map->tablelen, new_entry); + if (rv != 0) { + return rv; + } + ++map->size; + return 0; +} + +nghttp3_map_entry *nghttp3_map_find(const nghttp3_map *map, key_type key) { + uint32_t h; + nghttp3_map_entry *entry; + h = hash(key, map->tablelen); + for (entry = map->table[h]; entry; entry = entry->next) { + if (entry->key == key) { + return entry; + } + } + return NULL; +} + +int nghttp3_map_remove(nghttp3_map *map, key_type key) { + uint32_t h; + nghttp3_map_entry **dst; + + h = hash(key, map->tablelen); + + for (dst = &map->table[h]; *dst; dst = &(*dst)->next) { + if ((*dst)->key != key) { + continue; + } + + *dst = (*dst)->next; + --map->size; + return 0; + } + return NGHTTP3_ERR_INVALID_ARGUMENT; +} + +void nghttp3_map_clear(nghttp3_map *map) { + uint32_t i; + + for (i = 0; i < map->tablelen; ++i) { + map->table[i] = NULL; + } + + map->size = 0; +} + +size_t nghttp3_map_size(const nghttp3_map *map) { return map->size; } diff --git a/deps/nghttp3/lib/nghttp3_map.h b/deps/nghttp3/lib/nghttp3_map.h new file mode 100644 index 0000000000..0b7c0d28c3 --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_map.h @@ -0,0 +1,147 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2017 ngtcp2 contributors + * Copyright (c) 2012 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGHTTP3_MAP_H +#define NGHTTP3_MAP_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include "nghttp3_mem.h" + +/* Implementation of unordered map */ + +typedef uint64_t key_type; + +typedef struct nghttp3_map_entry { + struct nghttp3_map_entry *next; + key_type key; +} nghttp3_map_entry; + +typedef struct { + nghttp3_map_entry **table; + const nghttp3_mem *mem; + size_t size; + uint32_t tablelen; +} nghttp3_map; + +/* + * Initializes the map |map|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory + */ +int nghttp3_map_init(nghttp3_map *map, const nghttp3_mem *mem); + +/* + * Deallocates any resources allocated for |map|. The stored entries + * are not freed by this function. Use nghttp3_map_each_free() to free + * each entries. + */ +void nghttp3_map_free(nghttp3_map *map); + +/* + * Deallocates each entries using |func| function and any resources + * allocated for |map|. The |func| function is responsible for freeing + * given the |entry| object. The |ptr| will be passed to the |func| as + * send argument. The return value of the |func| will be ignored. + */ +void nghttp3_map_each_free(const nghttp3_map *map, + int (*func)(nghttp3_map_entry *entry, void *ptr), + void *ptr); + +/* + * Initializes the |entry| with the |key|. All entries to be inserted + * to the map must be initialized with this function. + */ +void nghttp3_map_entry_init(nghttp3_map_entry *entry, key_type key); + +/* + * Inserts the new |entry| with the key |entry->key| to the map |map|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_INVALID_ARGUMENT + * The item associated by |key| already exists. + * NGHTTP3_ERR_NOMEM + * Out of memory + */ +int nghttp3_map_insert(nghttp3_map *map, nghttp3_map_entry *entry); + +/* + * Returns the entry associated by the key |key|. If there is no such + * entry, this function returns NULL. + */ +nghttp3_map_entry *nghttp3_map_find(const nghttp3_map *map, key_type key); + +/* + * Removes the entry associated by the key |key| from the |map|. The + * removed entry is not freed by this function. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_INVALID_ARGUMENT + * The entry associated by |key| does not exist. + */ +int nghttp3_map_remove(nghttp3_map *map, key_type key); + +/* + * Removes all entries from |map|. + */ +void nghttp3_map_clear(nghttp3_map *map); + +/* + * Returns the number of items stored in the map |map|. + */ +size_t nghttp3_map_size(const nghttp3_map *map); + +/* + * Applies the function |func| to each entry in the |map| with the + * optional user supplied pointer |ptr|. + * + * If the |func| returns 0, this function calls the |func| with the + * next entry. If the |func| returns nonzero, it will not call the + * |func| for further entries and return the return value of the + * |func| immediately. Thus, this function returns 0 if all the + * invocations of the |func| return 0, or nonzero value which the last + * invocation of |func| returns. + * + * Don't use this function to free each entry. Use + * nghttp3_map_each_free() instead. + */ +int nghttp3_map_each(const nghttp3_map *map, + int (*func)(nghttp3_map_entry *entry, void *ptr), + void *ptr); + +#endif /* NGHTTP3_MAP_H */ diff --git a/deps/nghttp3/lib/nghttp3_mem.c b/deps/nghttp3/lib/nghttp3_mem.c new file mode 100644 index 0000000000..e5f93f10bd --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_mem.c @@ -0,0 +1,77 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2017 ngtcp2 contributors + * Copyright (c) 2014 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "nghttp3_mem.h" + +static void *default_malloc(size_t size, void *mem_user_data) { + (void)mem_user_data; + + return malloc(size); +} + +static void default_free(void *ptr, void *mem_user_data) { + (void)mem_user_data; + + free(ptr); +} + +static void *default_calloc(size_t nmemb, size_t size, void *mem_user_data) { + (void)mem_user_data; + + return calloc(nmemb, size); +} + +static void *default_realloc(void *ptr, size_t size, void *mem_user_data) { + (void)mem_user_data; + + return realloc(ptr, size); +} + +static nghttp3_mem mem_default = {NULL, default_malloc, default_free, + default_calloc, default_realloc}; + +const nghttp3_mem *nghttp3_mem_default(void) { return &mem_default; } + +void *nghttp3_mem_malloc(const nghttp3_mem *mem, size_t size) { + return mem->malloc(size, mem->mem_user_data); +} + +void nghttp3_mem_free(const nghttp3_mem *mem, void *ptr) { + mem->free(ptr, mem->mem_user_data); +} + +void nghttp3_mem_free2(const nghttp3_free free_func, void *ptr, + void *mem_user_data) { + free_func(ptr, mem_user_data); +} + +void *nghttp3_mem_calloc(const nghttp3_mem *mem, size_t nmemb, size_t size) { + return mem->calloc(nmemb, size, mem->mem_user_data); +} + +void *nghttp3_mem_realloc(const nghttp3_mem *mem, void *ptr, size_t size) { + return mem->realloc(ptr, size, mem->mem_user_data); +} diff --git a/deps/nghttp3/lib/nghttp3_mem.h b/deps/nghttp3/lib/nghttp3_mem.h new file mode 100644 index 0000000000..55ef86b4f9 --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_mem.h @@ -0,0 +1,45 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2017 ngtcp2 contributors + * Copyright (c) 2014 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGHTTP3_MEM_H +#define NGHTTP3_MEM_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +/* Convenient wrapper functions to call allocator function in + |mem|. */ +void *nghttp3_mem_malloc(const nghttp3_mem *mem, size_t size); +void nghttp3_mem_free(const nghttp3_mem *mem, void *ptr); +void nghttp3_mem_free2(const nghttp3_free free_func, void *ptr, + void *mem_user_data); +void *nghttp3_mem_calloc(const nghttp3_mem *mem, size_t nmemb, size_t size); +void *nghttp3_mem_realloc(const nghttp3_mem *mem, void *ptr, size_t size); + +#endif /* NGHTTP3_MEM_H */ diff --git a/deps/nghttp3/lib/nghttp3_pq.c b/deps/nghttp3/lib/nghttp3_pq.c new file mode 100644 index 0000000000..5d09050ae6 --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_pq.c @@ -0,0 +1,168 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2017 ngtcp2 contributors + * Copyright (c) 2012 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "nghttp3_pq.h" + +#include + +#include "nghttp3_macro.h" + +void nghttp3_pq_init(nghttp3_pq *pq, nghttp3_less less, + const nghttp3_mem *mem) { + pq->mem = mem; + pq->capacity = 0; + pq->q = NULL; + pq->length = 0; + pq->less = less; +} + +void nghttp3_pq_free(nghttp3_pq *pq) { + nghttp3_mem_free(pq->mem, pq->q); + pq->q = NULL; +} + +static void swap(nghttp3_pq *pq, size_t i, size_t j) { + nghttp3_pq_entry *a = pq->q[i]; + nghttp3_pq_entry *b = pq->q[j]; + + pq->q[i] = b; + b->index = i; + pq->q[j] = a; + a->index = j; +} + +static void bubble_up(nghttp3_pq *pq, size_t index) { + size_t parent; + while (index != 0) { + parent = (index - 1) / 2; + if (!pq->less(pq->q[index], pq->q[parent])) { + return; + } + swap(pq, parent, index); + index = parent; + } +} + +int nghttp3_pq_push(nghttp3_pq *pq, nghttp3_pq_entry *item) { + if (pq->capacity <= pq->length) { + void *nq; + size_t ncapacity; + + ncapacity = nghttp3_max(4, (pq->capacity * 2)); + + nq = nghttp3_mem_realloc(pq->mem, pq->q, + ncapacity * sizeof(nghttp3_pq_entry *)); + if (nq == NULL) { + return NGHTTP3_ERR_NOMEM; + } + pq->capacity = ncapacity; + pq->q = nq; + } + pq->q[pq->length] = item; + item->index = pq->length; + ++pq->length; + bubble_up(pq, pq->length - 1); + return 0; +} + +nghttp3_pq_entry *nghttp3_pq_top(const nghttp3_pq *pq) { + assert(pq->length); + return pq->q[0]; +} + +static void bubble_down(nghttp3_pq *pq, size_t index) { + size_t i, j, minindex; + for (;;) { + j = index * 2 + 1; + minindex = index; + for (i = 0; i < 2; ++i, ++j) { + if (j >= pq->length) { + break; + } + if (pq->less(pq->q[j], pq->q[minindex])) { + minindex = j; + } + } + if (minindex == index) { + return; + } + swap(pq, index, minindex); + index = minindex; + } +} + +void nghttp3_pq_pop(nghttp3_pq *pq) { + if (pq->length > 0) { + pq->q[0] = pq->q[pq->length - 1]; + pq->q[0]->index = 0; + --pq->length; + bubble_down(pq, 0); + } +} + +void nghttp3_pq_remove(nghttp3_pq *pq, nghttp3_pq_entry *item) { + assert(pq->q[item->index] == item); + + if (item->index == 0) { + nghttp3_pq_pop(pq); + return; + } + + if (item->index == pq->length - 1) { + --pq->length; + return; + } + + pq->q[item->index] = pq->q[pq->length - 1]; + pq->q[item->index]->index = item->index; + --pq->length; + + if (pq->less(item, pq->q[item->index])) { + bubble_down(pq, item->index); + } else { + bubble_up(pq, item->index); + } +} + +int nghttp3_pq_empty(const nghttp3_pq *pq) { return pq->length == 0; } + +size_t nghttp3_pq_size(const nghttp3_pq *pq) { return pq->length; } + +int nghttp3_pq_each(const nghttp3_pq *pq, nghttp3_pq_item_cb fun, void *arg) { + size_t i; + + if (pq->length == 0) { + return 0; + } + for (i = 0; i < pq->length; ++i) { + if ((*fun)(pq->q[i], arg)) { + return 1; + } + } + return 0; +} + +void nghttp3_pq_clear(nghttp3_pq *pq) { pq->length = 0; } diff --git a/deps/nghttp3/lib/nghttp3_pq.h b/deps/nghttp3/lib/nghttp3_pq.h new file mode 100644 index 0000000000..e80b1bc43b --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_pq.h @@ -0,0 +1,129 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2017 ngtcp2 contributors + * Copyright (c) 2012 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGHTTP3_PQ_H +#define NGHTTP3_PQ_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include "nghttp3_mem.h" + +/* Implementation of priority queue */ + +/* NGHTTP3_PQ_BAD_INDEX is the priority queue index which indicates + that an entry is not queued. Assigning this value to + nghttp3_pq_entry.index can check that the entry is queued or not. */ +#define NGHTTP3_PQ_BAD_INDEX SIZE_MAX + +typedef struct { + size_t index; +} nghttp3_pq_entry; + +/* "less" function, return nonzero if |lhs| is less than |rhs|. */ +typedef int (*nghttp3_less)(const nghttp3_pq_entry *lhs, + const nghttp3_pq_entry *rhs); + +typedef struct { + /* The pointer to the pointer to the item stored */ + nghttp3_pq_entry **q; + /* Memory allocator */ + const nghttp3_mem *mem; + /* The number of items stored */ + size_t length; + /* The maximum number of items this pq can store. This is + automatically extended when length is reached to this value. */ + size_t capacity; + /* The less function between items */ + nghttp3_less less; +} nghttp3_pq; + +/* + * Initializes priority queue |pq| with compare function |cmp|. + */ +void nghttp3_pq_init(nghttp3_pq *pq, nghttp3_less less, const nghttp3_mem *mem); + +/* + * Deallocates any resources allocated for |pq|. The stored items are + * not freed by this function. + */ +void nghttp3_pq_free(nghttp3_pq *pq); + +/* + * Adds |item| to the priority queue |pq|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +int nghttp3_pq_push(nghttp3_pq *pq, nghttp3_pq_entry *item); + +/* + * Returns item at the top of the queue |pq|. It is undefined if the + * queue is empty. + */ +nghttp3_pq_entry *nghttp3_pq_top(const nghttp3_pq *pq); + +/* + * Pops item at the top of the queue |pq|. The popped item is not + * freed by this function. + */ +void nghttp3_pq_pop(nghttp3_pq *pq); + +/* + * Returns nonzero if the queue |pq| is empty. + */ +int nghttp3_pq_empty(const nghttp3_pq *pq); + +/* + * Returns the number of items in the queue |pq|. + */ +size_t nghttp3_pq_size(const nghttp3_pq *pq); + +typedef int (*nghttp3_pq_item_cb)(nghttp3_pq_entry *item, void *arg); + +/* + * Applys |fun| to each item in |pq|. The |arg| is passed as arg + * parameter to callback function. This function must not change the + * ordering key. If the return value from callback is nonzero, this + * function returns 1 immediately without iterating remaining items. + * Otherwise this function returns 0. + */ +int nghttp3_pq_each(const nghttp3_pq *pq, nghttp3_pq_item_cb fun, void *arg); + +/* + * Removes |item| from priority queue. + */ +void nghttp3_pq_remove(nghttp3_pq *pq, nghttp3_pq_entry *item); + +void nghttp3_pq_clear(nghttp3_pq *pq); + +#endif /* NGHTTP3_PQ_H */ diff --git a/deps/nghttp3/lib/nghttp3_qpack.c b/deps/nghttp3/lib/nghttp3_qpack.c new file mode 100644 index 0000000000..c34c993181 --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_qpack.c @@ -0,0 +1,3995 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2013 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "nghttp3_qpack.h" + +#include +#include +#include + +#include "nghttp3_str.h" +#include "nghttp3_macro.h" +#include "nghttp3_debug.h" + +/* NGHTTP3_QPACK_MAX_QPACK_STREAMS is the maximum number of concurrent + nghttp3_qpack_stream object to handle a client which never cancel + or acknowledge header block. After this limit, encoder stops using + dynamic table. */ +#define NGHTTP3_QPACK_MAX_QPACK_STREAMS 2000 + +/* Make scalar initialization form of nghttp3_qpack_static_entry */ +#define MAKE_STATIC_ENT(I, T, H) \ + { I, T, H } + +/* Generated by mkstatichdtbl.py */ +static nghttp3_qpack_static_entry token_stable[] = { + MAKE_STATIC_ENT(0, NGHTTP3_QPACK_TOKEN__AUTHORITY, 3153725150u), + MAKE_STATIC_ENT(15, NGHTTP3_QPACK_TOKEN__METHOD, 695666056u), + MAKE_STATIC_ENT(16, NGHTTP3_QPACK_TOKEN__METHOD, 695666056u), + MAKE_STATIC_ENT(17, NGHTTP3_QPACK_TOKEN__METHOD, 695666056u), + MAKE_STATIC_ENT(18, NGHTTP3_QPACK_TOKEN__METHOD, 695666056u), + MAKE_STATIC_ENT(19, NGHTTP3_QPACK_TOKEN__METHOD, 695666056u), + MAKE_STATIC_ENT(20, NGHTTP3_QPACK_TOKEN__METHOD, 695666056u), + MAKE_STATIC_ENT(21, NGHTTP3_QPACK_TOKEN__METHOD, 695666056u), + MAKE_STATIC_ENT(1, NGHTTP3_QPACK_TOKEN__PATH, 3292848686u), + MAKE_STATIC_ENT(22, NGHTTP3_QPACK_TOKEN__SCHEME, 2510477674u), + MAKE_STATIC_ENT(23, NGHTTP3_QPACK_TOKEN__SCHEME, 2510477674u), + MAKE_STATIC_ENT(24, NGHTTP3_QPACK_TOKEN__STATUS, 4000288983u), + MAKE_STATIC_ENT(25, NGHTTP3_QPACK_TOKEN__STATUS, 4000288983u), + MAKE_STATIC_ENT(26, NGHTTP3_QPACK_TOKEN__STATUS, 4000288983u), + MAKE_STATIC_ENT(27, NGHTTP3_QPACK_TOKEN__STATUS, 4000288983u), + MAKE_STATIC_ENT(28, NGHTTP3_QPACK_TOKEN__STATUS, 4000288983u), + MAKE_STATIC_ENT(63, NGHTTP3_QPACK_TOKEN__STATUS, 4000288983u), + MAKE_STATIC_ENT(64, NGHTTP3_QPACK_TOKEN__STATUS, 4000288983u), + MAKE_STATIC_ENT(65, NGHTTP3_QPACK_TOKEN__STATUS, 4000288983u), + MAKE_STATIC_ENT(66, NGHTTP3_QPACK_TOKEN__STATUS, 4000288983u), + MAKE_STATIC_ENT(67, NGHTTP3_QPACK_TOKEN__STATUS, 4000288983u), + MAKE_STATIC_ENT(68, NGHTTP3_QPACK_TOKEN__STATUS, 4000288983u), + MAKE_STATIC_ENT(69, NGHTTP3_QPACK_TOKEN__STATUS, 4000288983u), + MAKE_STATIC_ENT(70, NGHTTP3_QPACK_TOKEN__STATUS, 4000288983u), + MAKE_STATIC_ENT(71, NGHTTP3_QPACK_TOKEN__STATUS, 4000288983u), + MAKE_STATIC_ENT(29, NGHTTP3_QPACK_TOKEN_ACCEPT, 136609321u), + MAKE_STATIC_ENT(30, NGHTTP3_QPACK_TOKEN_ACCEPT, 136609321u), + MAKE_STATIC_ENT(31, NGHTTP3_QPACK_TOKEN_ACCEPT_ENCODING, 3379649177u), + MAKE_STATIC_ENT(72, NGHTTP3_QPACK_TOKEN_ACCEPT_LANGUAGE, 1979086614u), + MAKE_STATIC_ENT(32, NGHTTP3_QPACK_TOKEN_ACCEPT_RANGES, 1713753958u), + MAKE_STATIC_ENT(73, NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_ALLOW_CREDENTIALS, + 901040780u), + MAKE_STATIC_ENT(74, NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_ALLOW_CREDENTIALS, + 901040780u), + MAKE_STATIC_ENT(33, NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_ALLOW_HEADERS, + 1524311232u), + MAKE_STATIC_ENT(34, NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_ALLOW_HEADERS, + 1524311232u), + MAKE_STATIC_ENT(75, NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_ALLOW_HEADERS, + 1524311232u), + MAKE_STATIC_ENT(76, NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_ALLOW_METHODS, + 2175229868u), + MAKE_STATIC_ENT(77, NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_ALLOW_METHODS, + 2175229868u), + MAKE_STATIC_ENT(78, NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_ALLOW_METHODS, + 2175229868u), + MAKE_STATIC_ENT(35, NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_ALLOW_ORIGIN, + 2710797292u), + MAKE_STATIC_ENT(79, NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_EXPOSE_HEADERS, + 2449824425u), + MAKE_STATIC_ENT(80, NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_REQUEST_HEADERS, + 3599549072u), + MAKE_STATIC_ENT(81, NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_REQUEST_METHOD, + 2417078055u), + MAKE_STATIC_ENT(82, NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_REQUEST_METHOD, + 2417078055u), + MAKE_STATIC_ENT(2, NGHTTP3_QPACK_TOKEN_AGE, 742476188u), + MAKE_STATIC_ENT(83, NGHTTP3_QPACK_TOKEN_ALT_SVC, 2148877059u), + MAKE_STATIC_ENT(84, NGHTTP3_QPACK_TOKEN_AUTHORIZATION, 2436257726u), + MAKE_STATIC_ENT(36, NGHTTP3_QPACK_TOKEN_CACHE_CONTROL, 1355326669u), + MAKE_STATIC_ENT(37, NGHTTP3_QPACK_TOKEN_CACHE_CONTROL, 1355326669u), + MAKE_STATIC_ENT(38, NGHTTP3_QPACK_TOKEN_CACHE_CONTROL, 1355326669u), + MAKE_STATIC_ENT(39, NGHTTP3_QPACK_TOKEN_CACHE_CONTROL, 1355326669u), + MAKE_STATIC_ENT(40, NGHTTP3_QPACK_TOKEN_CACHE_CONTROL, 1355326669u), + MAKE_STATIC_ENT(41, NGHTTP3_QPACK_TOKEN_CACHE_CONTROL, 1355326669u), + MAKE_STATIC_ENT(3, NGHTTP3_QPACK_TOKEN_CONTENT_DISPOSITION, 3889184348u), + MAKE_STATIC_ENT(42, NGHTTP3_QPACK_TOKEN_CONTENT_ENCODING, 65203592u), + MAKE_STATIC_ENT(43, NGHTTP3_QPACK_TOKEN_CONTENT_ENCODING, 65203592u), + MAKE_STATIC_ENT(4, NGHTTP3_QPACK_TOKEN_CONTENT_LENGTH, 1308181789u), + MAKE_STATIC_ENT(85, NGHTTP3_QPACK_TOKEN_CONTENT_SECURITY_POLICY, + 1569039836u), + MAKE_STATIC_ENT(44, NGHTTP3_QPACK_TOKEN_CONTENT_TYPE, 4244048277u), + MAKE_STATIC_ENT(45, NGHTTP3_QPACK_TOKEN_CONTENT_TYPE, 4244048277u), + MAKE_STATIC_ENT(46, NGHTTP3_QPACK_TOKEN_CONTENT_TYPE, 4244048277u), + MAKE_STATIC_ENT(47, NGHTTP3_QPACK_TOKEN_CONTENT_TYPE, 4244048277u), + MAKE_STATIC_ENT(48, NGHTTP3_QPACK_TOKEN_CONTENT_TYPE, 4244048277u), + MAKE_STATIC_ENT(49, NGHTTP3_QPACK_TOKEN_CONTENT_TYPE, 4244048277u), + MAKE_STATIC_ENT(50, NGHTTP3_QPACK_TOKEN_CONTENT_TYPE, 4244048277u), + MAKE_STATIC_ENT(51, NGHTTP3_QPACK_TOKEN_CONTENT_TYPE, 4244048277u), + MAKE_STATIC_ENT(52, NGHTTP3_QPACK_TOKEN_CONTENT_TYPE, 4244048277u), + MAKE_STATIC_ENT(53, NGHTTP3_QPACK_TOKEN_CONTENT_TYPE, 4244048277u), + MAKE_STATIC_ENT(54, NGHTTP3_QPACK_TOKEN_CONTENT_TYPE, 4244048277u), + MAKE_STATIC_ENT(5, NGHTTP3_QPACK_TOKEN_COOKIE, 2007449791u), + MAKE_STATIC_ENT(6, NGHTTP3_QPACK_TOKEN_DATE, 3564297305u), + MAKE_STATIC_ENT(86, NGHTTP3_QPACK_TOKEN_EARLY_DATA, 4080895051u), + MAKE_STATIC_ENT(7, NGHTTP3_QPACK_TOKEN_ETAG, 113792960u), + MAKE_STATIC_ENT(87, NGHTTP3_QPACK_TOKEN_EXPECT_CT, 1183214960u), + MAKE_STATIC_ENT(88, NGHTTP3_QPACK_TOKEN_FORWARDED, 1485178027u), + MAKE_STATIC_ENT(8, NGHTTP3_QPACK_TOKEN_IF_MODIFIED_SINCE, 2213050793u), + MAKE_STATIC_ENT(9, NGHTTP3_QPACK_TOKEN_IF_NONE_MATCH, 2536202615u), + MAKE_STATIC_ENT(89, NGHTTP3_QPACK_TOKEN_IF_RANGE, 2340978238u), + MAKE_STATIC_ENT(10, NGHTTP3_QPACK_TOKEN_LAST_MODIFIED, 3226950251u), + MAKE_STATIC_ENT(11, NGHTTP3_QPACK_TOKEN_LINK, 232457833u), + MAKE_STATIC_ENT(12, NGHTTP3_QPACK_TOKEN_LOCATION, 200649126u), + MAKE_STATIC_ENT(90, NGHTTP3_QPACK_TOKEN_ORIGIN, 3649018447u), + MAKE_STATIC_ENT(91, NGHTTP3_QPACK_TOKEN_PURPOSE, 4212263681u), + MAKE_STATIC_ENT(55, NGHTTP3_QPACK_TOKEN_RANGE, 4208725202u), + MAKE_STATIC_ENT(13, NGHTTP3_QPACK_TOKEN_REFERER, 3969579366u), + MAKE_STATIC_ENT(92, NGHTTP3_QPACK_TOKEN_SERVER, 1085029842u), + MAKE_STATIC_ENT(14, NGHTTP3_QPACK_TOKEN_SET_COOKIE, 1848371000u), + MAKE_STATIC_ENT(56, NGHTTP3_QPACK_TOKEN_STRICT_TRANSPORT_SECURITY, + 4138147361u), + MAKE_STATIC_ENT(57, NGHTTP3_QPACK_TOKEN_STRICT_TRANSPORT_SECURITY, + 4138147361u), + MAKE_STATIC_ENT(58, NGHTTP3_QPACK_TOKEN_STRICT_TRANSPORT_SECURITY, + 4138147361u), + MAKE_STATIC_ENT(93, NGHTTP3_QPACK_TOKEN_TIMING_ALLOW_ORIGIN, 2432297564u), + MAKE_STATIC_ENT(94, NGHTTP3_QPACK_TOKEN_UPGRADE_INSECURE_REQUESTS, + 2479169413u), + MAKE_STATIC_ENT(95, NGHTTP3_QPACK_TOKEN_USER_AGENT, 606444526u), + MAKE_STATIC_ENT(59, NGHTTP3_QPACK_TOKEN_VARY, 1085005381u), + MAKE_STATIC_ENT(60, NGHTTP3_QPACK_TOKEN_VARY, 1085005381u), + MAKE_STATIC_ENT(61, NGHTTP3_QPACK_TOKEN_X_CONTENT_TYPE_OPTIONS, + 3644557769u), + MAKE_STATIC_ENT(96, NGHTTP3_QPACK_TOKEN_X_FORWARDED_FOR, 2914187656u), + MAKE_STATIC_ENT(97, NGHTTP3_QPACK_TOKEN_X_FRAME_OPTIONS, 3993834824u), + MAKE_STATIC_ENT(98, NGHTTP3_QPACK_TOKEN_X_FRAME_OPTIONS, 3993834824u), + MAKE_STATIC_ENT(62, NGHTTP3_QPACK_TOKEN_X_XSS_PROTECTION, 2501058888u), +}; + +/* Make scalar initialization form of nghttp3_qpack_static_entry */ +#define MAKE_STATIC_HD(N, V, T) \ + { \ + {NULL, NULL, (uint8_t *)(N), sizeof((N)) - 1, -1}, \ + {NULL, NULL, (uint8_t *)(V), sizeof((V)) - 1, -1}, T \ + } + +static nghttp3_qpack_static_header stable[] = { + MAKE_STATIC_HD(":authority", "", NGHTTP3_QPACK_TOKEN__AUTHORITY), + MAKE_STATIC_HD(":path", "/", NGHTTP3_QPACK_TOKEN__PATH), + MAKE_STATIC_HD("age", "0", NGHTTP3_QPACK_TOKEN_AGE), + MAKE_STATIC_HD("content-disposition", "", + NGHTTP3_QPACK_TOKEN_CONTENT_DISPOSITION), + MAKE_STATIC_HD("content-length", "0", NGHTTP3_QPACK_TOKEN_CONTENT_LENGTH), + MAKE_STATIC_HD("cookie", "", NGHTTP3_QPACK_TOKEN_COOKIE), + MAKE_STATIC_HD("date", "", NGHTTP3_QPACK_TOKEN_DATE), + MAKE_STATIC_HD("etag", "", NGHTTP3_QPACK_TOKEN_ETAG), + MAKE_STATIC_HD("if-modified-since", "", + NGHTTP3_QPACK_TOKEN_IF_MODIFIED_SINCE), + MAKE_STATIC_HD("if-none-match", "", NGHTTP3_QPACK_TOKEN_IF_NONE_MATCH), + MAKE_STATIC_HD("last-modified", "", NGHTTP3_QPACK_TOKEN_LAST_MODIFIED), + MAKE_STATIC_HD("link", "", NGHTTP3_QPACK_TOKEN_LINK), + MAKE_STATIC_HD("location", "", NGHTTP3_QPACK_TOKEN_LOCATION), + MAKE_STATIC_HD("referer", "", NGHTTP3_QPACK_TOKEN_REFERER), + MAKE_STATIC_HD("set-cookie", "", NGHTTP3_QPACK_TOKEN_SET_COOKIE), + MAKE_STATIC_HD(":method", "CONNECT", NGHTTP3_QPACK_TOKEN__METHOD), + MAKE_STATIC_HD(":method", "DELETE", NGHTTP3_QPACK_TOKEN__METHOD), + MAKE_STATIC_HD(":method", "GET", NGHTTP3_QPACK_TOKEN__METHOD), + MAKE_STATIC_HD(":method", "HEAD", NGHTTP3_QPACK_TOKEN__METHOD), + MAKE_STATIC_HD(":method", "OPTIONS", NGHTTP3_QPACK_TOKEN__METHOD), + MAKE_STATIC_HD(":method", "POST", NGHTTP3_QPACK_TOKEN__METHOD), + MAKE_STATIC_HD(":method", "PUT", NGHTTP3_QPACK_TOKEN__METHOD), + MAKE_STATIC_HD(":scheme", "http", NGHTTP3_QPACK_TOKEN__SCHEME), + MAKE_STATIC_HD(":scheme", "https", NGHTTP3_QPACK_TOKEN__SCHEME), + MAKE_STATIC_HD(":status", "103", NGHTTP3_QPACK_TOKEN__STATUS), + MAKE_STATIC_HD(":status", "200", NGHTTP3_QPACK_TOKEN__STATUS), + MAKE_STATIC_HD(":status", "304", NGHTTP3_QPACK_TOKEN__STATUS), + MAKE_STATIC_HD(":status", "404", NGHTTP3_QPACK_TOKEN__STATUS), + MAKE_STATIC_HD(":status", "503", NGHTTP3_QPACK_TOKEN__STATUS), + MAKE_STATIC_HD("accept", "*/*", NGHTTP3_QPACK_TOKEN_ACCEPT), + MAKE_STATIC_HD("accept", "application/dns-message", + NGHTTP3_QPACK_TOKEN_ACCEPT), + MAKE_STATIC_HD("accept-encoding", "gzip, deflate, br", + NGHTTP3_QPACK_TOKEN_ACCEPT_ENCODING), + MAKE_STATIC_HD("accept-ranges", "bytes", NGHTTP3_QPACK_TOKEN_ACCEPT_RANGES), + MAKE_STATIC_HD("access-control-allow-headers", "cache-control", + NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_ALLOW_HEADERS), + MAKE_STATIC_HD("access-control-allow-headers", "content-type", + NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_ALLOW_HEADERS), + MAKE_STATIC_HD("access-control-allow-origin", "*", + NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_ALLOW_ORIGIN), + MAKE_STATIC_HD("cache-control", "max-age=0", + NGHTTP3_QPACK_TOKEN_CACHE_CONTROL), + MAKE_STATIC_HD("cache-control", "max-age=2592000", + NGHTTP3_QPACK_TOKEN_CACHE_CONTROL), + MAKE_STATIC_HD("cache-control", "max-age=604800", + NGHTTP3_QPACK_TOKEN_CACHE_CONTROL), + MAKE_STATIC_HD("cache-control", "no-cache", + NGHTTP3_QPACK_TOKEN_CACHE_CONTROL), + MAKE_STATIC_HD("cache-control", "no-store", + NGHTTP3_QPACK_TOKEN_CACHE_CONTROL), + MAKE_STATIC_HD("cache-control", "public, max-age=31536000", + NGHTTP3_QPACK_TOKEN_CACHE_CONTROL), + MAKE_STATIC_HD("content-encoding", "br", + NGHTTP3_QPACK_TOKEN_CONTENT_ENCODING), + MAKE_STATIC_HD("content-encoding", "gzip", + NGHTTP3_QPACK_TOKEN_CONTENT_ENCODING), + MAKE_STATIC_HD("content-type", "application/dns-message", + NGHTTP3_QPACK_TOKEN_CONTENT_TYPE), + MAKE_STATIC_HD("content-type", "application/javascript", + NGHTTP3_QPACK_TOKEN_CONTENT_TYPE), + MAKE_STATIC_HD("content-type", "application/json", + NGHTTP3_QPACK_TOKEN_CONTENT_TYPE), + MAKE_STATIC_HD("content-type", "application/x-www-form-urlencoded", + NGHTTP3_QPACK_TOKEN_CONTENT_TYPE), + MAKE_STATIC_HD("content-type", "image/gif", + NGHTTP3_QPACK_TOKEN_CONTENT_TYPE), + MAKE_STATIC_HD("content-type", "image/jpeg", + NGHTTP3_QPACK_TOKEN_CONTENT_TYPE), + MAKE_STATIC_HD("content-type", "image/png", + NGHTTP3_QPACK_TOKEN_CONTENT_TYPE), + MAKE_STATIC_HD("content-type", "text/css", + NGHTTP3_QPACK_TOKEN_CONTENT_TYPE), + MAKE_STATIC_HD("content-type", "text/html; charset=utf-8", + NGHTTP3_QPACK_TOKEN_CONTENT_TYPE), + MAKE_STATIC_HD("content-type", "text/plain", + NGHTTP3_QPACK_TOKEN_CONTENT_TYPE), + MAKE_STATIC_HD("content-type", "text/plain;charset=utf-8", + NGHTTP3_QPACK_TOKEN_CONTENT_TYPE), + MAKE_STATIC_HD("range", "bytes=0-", NGHTTP3_QPACK_TOKEN_RANGE), + MAKE_STATIC_HD("strict-transport-security", "max-age=31536000", + NGHTTP3_QPACK_TOKEN_STRICT_TRANSPORT_SECURITY), + MAKE_STATIC_HD("strict-transport-security", + "max-age=31536000; includesubdomains", + NGHTTP3_QPACK_TOKEN_STRICT_TRANSPORT_SECURITY), + MAKE_STATIC_HD("strict-transport-security", + "max-age=31536000; includesubdomains; preload", + NGHTTP3_QPACK_TOKEN_STRICT_TRANSPORT_SECURITY), + MAKE_STATIC_HD("vary", "accept-encoding", NGHTTP3_QPACK_TOKEN_VARY), + MAKE_STATIC_HD("vary", "origin", NGHTTP3_QPACK_TOKEN_VARY), + MAKE_STATIC_HD("x-content-type-options", "nosniff", + NGHTTP3_QPACK_TOKEN_X_CONTENT_TYPE_OPTIONS), + MAKE_STATIC_HD("x-xss-protection", "1; mode=block", + NGHTTP3_QPACK_TOKEN_X_XSS_PROTECTION), + MAKE_STATIC_HD(":status", "100", NGHTTP3_QPACK_TOKEN__STATUS), + MAKE_STATIC_HD(":status", "204", NGHTTP3_QPACK_TOKEN__STATUS), + MAKE_STATIC_HD(":status", "206", NGHTTP3_QPACK_TOKEN__STATUS), + MAKE_STATIC_HD(":status", "302", NGHTTP3_QPACK_TOKEN__STATUS), + MAKE_STATIC_HD(":status", "400", NGHTTP3_QPACK_TOKEN__STATUS), + MAKE_STATIC_HD(":status", "403", NGHTTP3_QPACK_TOKEN__STATUS), + MAKE_STATIC_HD(":status", "421", NGHTTP3_QPACK_TOKEN__STATUS), + MAKE_STATIC_HD(":status", "425", NGHTTP3_QPACK_TOKEN__STATUS), + MAKE_STATIC_HD(":status", "500", NGHTTP3_QPACK_TOKEN__STATUS), + MAKE_STATIC_HD("accept-language", "", NGHTTP3_QPACK_TOKEN_ACCEPT_LANGUAGE), + MAKE_STATIC_HD("access-control-allow-credentials", "FALSE", + NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_ALLOW_CREDENTIALS), + MAKE_STATIC_HD("access-control-allow-credentials", "TRUE", + NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_ALLOW_CREDENTIALS), + MAKE_STATIC_HD("access-control-allow-headers", "*", + NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_ALLOW_HEADERS), + MAKE_STATIC_HD("access-control-allow-methods", "get", + NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_ALLOW_METHODS), + MAKE_STATIC_HD("access-control-allow-methods", "get, post, options", + NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_ALLOW_METHODS), + MAKE_STATIC_HD("access-control-allow-methods", "options", + NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_ALLOW_METHODS), + MAKE_STATIC_HD("access-control-expose-headers", "content-length", + NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_EXPOSE_HEADERS), + MAKE_STATIC_HD("access-control-request-headers", "content-type", + NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_REQUEST_HEADERS), + MAKE_STATIC_HD("access-control-request-method", "get", + NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_REQUEST_METHOD), + MAKE_STATIC_HD("access-control-request-method", "post", + NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_REQUEST_METHOD), + MAKE_STATIC_HD("alt-svc", "clear", NGHTTP3_QPACK_TOKEN_ALT_SVC), + MAKE_STATIC_HD("authorization", "", NGHTTP3_QPACK_TOKEN_AUTHORIZATION), + MAKE_STATIC_HD("content-security-policy", + "script-src 'none'; object-src 'none'; base-uri 'none'", + NGHTTP3_QPACK_TOKEN_CONTENT_SECURITY_POLICY), + MAKE_STATIC_HD("early-data", "1", NGHTTP3_QPACK_TOKEN_EARLY_DATA), + MAKE_STATIC_HD("expect-ct", "", NGHTTP3_QPACK_TOKEN_EXPECT_CT), + MAKE_STATIC_HD("forwarded", "", NGHTTP3_QPACK_TOKEN_FORWARDED), + MAKE_STATIC_HD("if-range", "", NGHTTP3_QPACK_TOKEN_IF_RANGE), + MAKE_STATIC_HD("origin", "", NGHTTP3_QPACK_TOKEN_ORIGIN), + MAKE_STATIC_HD("purpose", "prefetch", NGHTTP3_QPACK_TOKEN_PURPOSE), + MAKE_STATIC_HD("server", "", NGHTTP3_QPACK_TOKEN_SERVER), + MAKE_STATIC_HD("timing-allow-origin", "*", + NGHTTP3_QPACK_TOKEN_TIMING_ALLOW_ORIGIN), + MAKE_STATIC_HD("upgrade-insecure-requests", "1", + NGHTTP3_QPACK_TOKEN_UPGRADE_INSECURE_REQUESTS), + MAKE_STATIC_HD("user-agent", "", NGHTTP3_QPACK_TOKEN_USER_AGENT), + MAKE_STATIC_HD("x-forwarded-for", "", NGHTTP3_QPACK_TOKEN_X_FORWARDED_FOR), + MAKE_STATIC_HD("x-frame-options", "deny", + NGHTTP3_QPACK_TOKEN_X_FRAME_OPTIONS), + MAKE_STATIC_HD("x-frame-options", "sameorigin", + NGHTTP3_QPACK_TOKEN_X_FRAME_OPTIONS), +}; + +static int memeq(const void *s1, const void *s2, size_t n) { + return n == 0 || memcmp(s1, s2, n) == 0; +} + +/* Generated by genlibtokenlookup.py */ +static int32_t qpack_lookup_token(const uint8_t *name, size_t namelen) { + switch (namelen) { + case 2: + switch (name[1]) { + case 'e': + if (memeq("t", name, 1)) { + return NGHTTP3_QPACK_TOKEN_TE; + } + break; + } + break; + case 3: + switch (name[2]) { + case 'e': + if (memeq("ag", name, 2)) { + return NGHTTP3_QPACK_TOKEN_AGE; + } + break; + } + break; + case 4: + switch (name[3]) { + case 'e': + if (memeq("dat", name, 3)) { + return NGHTTP3_QPACK_TOKEN_DATE; + } + break; + case 'g': + if (memeq("eta", name, 3)) { + return NGHTTP3_QPACK_TOKEN_ETAG; + } + break; + case 'k': + if (memeq("lin", name, 3)) { + return NGHTTP3_QPACK_TOKEN_LINK; + } + break; + case 't': + if (memeq("hos", name, 3)) { + return NGHTTP3_QPACK_TOKEN_HOST; + } + break; + case 'y': + if (memeq("var", name, 3)) { + return NGHTTP3_QPACK_TOKEN_VARY; + } + break; + } + break; + case 5: + switch (name[4]) { + case 'e': + if (memeq("rang", name, 4)) { + return NGHTTP3_QPACK_TOKEN_RANGE; + } + break; + case 'h': + if (memeq(":pat", name, 4)) { + return NGHTTP3_QPACK_TOKEN__PATH; + } + break; + } + break; + case 6: + switch (name[5]) { + case 'e': + if (memeq("cooki", name, 5)) { + return NGHTTP3_QPACK_TOKEN_COOKIE; + } + break; + case 'n': + if (memeq("origi", name, 5)) { + return NGHTTP3_QPACK_TOKEN_ORIGIN; + } + break; + case 'r': + if (memeq("serve", name, 5)) { + return NGHTTP3_QPACK_TOKEN_SERVER; + } + break; + case 't': + if (memeq("accep", name, 5)) { + return NGHTTP3_QPACK_TOKEN_ACCEPT; + } + break; + } + break; + case 7: + switch (name[6]) { + case 'c': + if (memeq("alt-sv", name, 6)) { + return NGHTTP3_QPACK_TOKEN_ALT_SVC; + } + break; + case 'd': + if (memeq(":metho", name, 6)) { + return NGHTTP3_QPACK_TOKEN__METHOD; + } + break; + case 'e': + if (memeq(":schem", name, 6)) { + return NGHTTP3_QPACK_TOKEN__SCHEME; + } + if (memeq("purpos", name, 6)) { + return NGHTTP3_QPACK_TOKEN_PURPOSE; + } + if (memeq("upgrad", name, 6)) { + return NGHTTP3_QPACK_TOKEN_UPGRADE; + } + break; + case 'r': + if (memeq("refere", name, 6)) { + return NGHTTP3_QPACK_TOKEN_REFERER; + } + break; + case 's': + if (memeq(":statu", name, 6)) { + return NGHTTP3_QPACK_TOKEN__STATUS; + } + break; + } + break; + case 8: + switch (name[7]) { + case 'e': + if (memeq("if-rang", name, 7)) { + return NGHTTP3_QPACK_TOKEN_IF_RANGE; + } + break; + case 'n': + if (memeq("locatio", name, 7)) { + return NGHTTP3_QPACK_TOKEN_LOCATION; + } + break; + } + break; + case 9: + switch (name[8]) { + case 'd': + if (memeq("forwarde", name, 8)) { + return NGHTTP3_QPACK_TOKEN_FORWARDED; + } + break; + case 'l': + if (memeq(":protoco", name, 8)) { + return NGHTTP3_QPACK_TOKEN__PROTOCOL; + } + break; + case 't': + if (memeq("expect-c", name, 8)) { + return NGHTTP3_QPACK_TOKEN_EXPECT_CT; + } + break; + } + break; + case 10: + switch (name[9]) { + case 'a': + if (memeq("early-dat", name, 9)) { + return NGHTTP3_QPACK_TOKEN_EARLY_DATA; + } + break; + case 'e': + if (memeq("keep-aliv", name, 9)) { + return NGHTTP3_QPACK_TOKEN_KEEP_ALIVE; + } + if (memeq("set-cooki", name, 9)) { + return NGHTTP3_QPACK_TOKEN_SET_COOKIE; + } + break; + case 'n': + if (memeq("connectio", name, 9)) { + return NGHTTP3_QPACK_TOKEN_CONNECTION; + } + break; + case 't': + if (memeq("user-agen", name, 9)) { + return NGHTTP3_QPACK_TOKEN_USER_AGENT; + } + break; + case 'y': + if (memeq(":authorit", name, 9)) { + return NGHTTP3_QPACK_TOKEN__AUTHORITY; + } + break; + } + break; + case 12: + switch (name[11]) { + case 'e': + if (memeq("content-typ", name, 11)) { + return NGHTTP3_QPACK_TOKEN_CONTENT_TYPE; + } + break; + } + break; + case 13: + switch (name[12]) { + case 'd': + if (memeq("last-modifie", name, 12)) { + return NGHTTP3_QPACK_TOKEN_LAST_MODIFIED; + } + break; + case 'h': + if (memeq("if-none-matc", name, 12)) { + return NGHTTP3_QPACK_TOKEN_IF_NONE_MATCH; + } + break; + case 'l': + if (memeq("cache-contro", name, 12)) { + return NGHTTP3_QPACK_TOKEN_CACHE_CONTROL; + } + break; + case 'n': + if (memeq("authorizatio", name, 12)) { + return NGHTTP3_QPACK_TOKEN_AUTHORIZATION; + } + break; + case 's': + if (memeq("accept-range", name, 12)) { + return NGHTTP3_QPACK_TOKEN_ACCEPT_RANGES; + } + break; + } + break; + case 14: + switch (name[13]) { + case 'h': + if (memeq("content-lengt", name, 13)) { + return NGHTTP3_QPACK_TOKEN_CONTENT_LENGTH; + } + break; + } + break; + case 15: + switch (name[14]) { + case 'e': + if (memeq("accept-languag", name, 14)) { + return NGHTTP3_QPACK_TOKEN_ACCEPT_LANGUAGE; + } + break; + case 'g': + if (memeq("accept-encodin", name, 14)) { + return NGHTTP3_QPACK_TOKEN_ACCEPT_ENCODING; + } + break; + case 'r': + if (memeq("x-forwarded-fo", name, 14)) { + return NGHTTP3_QPACK_TOKEN_X_FORWARDED_FOR; + } + break; + case 's': + if (memeq("x-frame-option", name, 14)) { + return NGHTTP3_QPACK_TOKEN_X_FRAME_OPTIONS; + } + break; + } + break; + case 16: + switch (name[15]) { + case 'g': + if (memeq("content-encodin", name, 15)) { + return NGHTTP3_QPACK_TOKEN_CONTENT_ENCODING; + } + break; + case 'n': + if (memeq("proxy-connectio", name, 15)) { + return NGHTTP3_QPACK_TOKEN_PROXY_CONNECTION; + } + if (memeq("x-xss-protectio", name, 15)) { + return NGHTTP3_QPACK_TOKEN_X_XSS_PROTECTION; + } + break; + } + break; + case 17: + switch (name[16]) { + case 'e': + if (memeq("if-modified-sinc", name, 16)) { + return NGHTTP3_QPACK_TOKEN_IF_MODIFIED_SINCE; + } + break; + case 'g': + if (memeq("transfer-encodin", name, 16)) { + return NGHTTP3_QPACK_TOKEN_TRANSFER_ENCODING; + } + break; + } + break; + case 19: + switch (name[18]) { + case 'n': + if (memeq("content-dispositio", name, 18)) { + return NGHTTP3_QPACK_TOKEN_CONTENT_DISPOSITION; + } + if (memeq("timing-allow-origi", name, 18)) { + return NGHTTP3_QPACK_TOKEN_TIMING_ALLOW_ORIGIN; + } + break; + } + break; + case 22: + switch (name[21]) { + case 's': + if (memeq("x-content-type-option", name, 21)) { + return NGHTTP3_QPACK_TOKEN_X_CONTENT_TYPE_OPTIONS; + } + break; + } + break; + case 23: + switch (name[22]) { + case 'y': + if (memeq("content-security-polic", name, 22)) { + return NGHTTP3_QPACK_TOKEN_CONTENT_SECURITY_POLICY; + } + break; + } + break; + case 25: + switch (name[24]) { + case 's': + if (memeq("upgrade-insecure-request", name, 24)) { + return NGHTTP3_QPACK_TOKEN_UPGRADE_INSECURE_REQUESTS; + } + break; + case 'y': + if (memeq("strict-transport-securit", name, 24)) { + return NGHTTP3_QPACK_TOKEN_STRICT_TRANSPORT_SECURITY; + } + break; + } + break; + case 27: + switch (name[26]) { + case 'n': + if (memeq("access-control-allow-origi", name, 26)) { + return NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_ALLOW_ORIGIN; + } + break; + } + break; + case 28: + switch (name[27]) { + case 's': + if (memeq("access-control-allow-header", name, 27)) { + return NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_ALLOW_HEADERS; + } + if (memeq("access-control-allow-method", name, 27)) { + return NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_ALLOW_METHODS; + } + break; + } + break; + case 29: + switch (name[28]) { + case 'd': + if (memeq("access-control-request-metho", name, 28)) { + return NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_REQUEST_METHOD; + } + break; + case 's': + if (memeq("access-control-expose-header", name, 28)) { + return NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_EXPOSE_HEADERS; + } + break; + } + break; + case 30: + switch (name[29]) { + case 's': + if (memeq("access-control-request-header", name, 29)) { + return NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_REQUEST_HEADERS; + } + break; + } + break; + case 32: + switch (name[31]) { + case 's': + if (memeq("access-control-allow-credential", name, 31)) { + return NGHTTP3_QPACK_TOKEN_ACCESS_CONTROL_ALLOW_CREDENTIALS; + } + break; + } + break; + } + return -1; +} + +static size_t table_space(size_t namelen, size_t valuelen) { + return NGHTTP3_QPACK_ENTRY_OVERHEAD + namelen + valuelen; +} + +static int qpack_nv_name_eq(const nghttp3_qpack_nv *a, const nghttp3_nv *b) { + return a->name->len == b->namelen && + memeq(a->name->base, b->name, b->namelen); +} + +static int qpack_nv_value_eq(const nghttp3_qpack_nv *a, const nghttp3_nv *b) { + return a->value->len == b->valuelen && + memeq(a->value->base, b->value, b->valuelen); +} + +static void qpack_map_init(nghttp3_qpack_map *map) { + memset(map, 0, sizeof(nghttp3_qpack_map)); +} + +static void qpack_map_insert(nghttp3_qpack_map *map, nghttp3_qpack_entry *ent) { + nghttp3_qpack_entry **bucket; + + bucket = &map->table[ent->hash & (NGHTTP3_QPACK_MAP_SIZE - 1)]; + + if (*bucket == NULL) { + *bucket = ent; + return; + } + + /* larger absidx is linked near the root */ + ent->map_next = *bucket; + *bucket = ent; +} + +static void qpack_map_remove(nghttp3_qpack_map *map, nghttp3_qpack_entry *ent) { + nghttp3_qpack_entry **dst; + + dst = &map->table[ent->hash & (NGHTTP3_QPACK_MAP_SIZE - 1)]; + + for (; *dst; dst = &(*dst)->map_next) { + if (*dst != ent) { + continue; + } + + *dst = ent->map_next; + ent->map_next = NULL; + return; + } +} + +/* + * qpack_context_can_reference returns nonzero if dynamic table entry + * at |absidx| can be referenced. In other words, it is within + * ctx->max_dtable_size. + */ +static int qpack_context_can_reference(nghttp3_qpack_context *ctx, + size_t absidx) { + nghttp3_qpack_entry *ent = nghttp3_qpack_context_dtable_get(ctx, absidx); + return ctx->dtable_sum - ent->sum <= ctx->max_dtable_size; +} + +/* |*ppb_match| (post-base match), if it is not NULL, is always exact + match. */ +static void encoder_qpack_map_find(nghttp3_qpack_encoder *encoder, + int *exact_match, + nghttp3_qpack_entry **pmatch, + nghttp3_qpack_entry **ppb_match, + const nghttp3_nv *nv, int32_t token, + uint32_t hash, size_t krcnt, + int allow_blocking, int name_only) { + nghttp3_qpack_entry *p; + + *exact_match = 0; + *pmatch = NULL; + *ppb_match = NULL; + + for (p = encoder->dtable_map.table[hash & (NGHTTP3_QPACK_MAP_SIZE - 1)]; p; + p = p->map_next) { + if (token != p->nv.token || + (token == -1 && (hash != p->hash || !qpack_nv_name_eq(&p->nv, nv))) || + !qpack_context_can_reference(&encoder->ctx, p->absidx)) { + continue; + } + if (allow_blocking || p->absidx + 1 <= krcnt) { + if (!*pmatch) { + *pmatch = p; + if (name_only) { + return; + } + } + if (qpack_nv_value_eq(&p->nv, nv)) { + *pmatch = p; + *exact_match = 1; + return; + } + } else if (!*ppb_match && qpack_nv_value_eq(&p->nv, nv)) { + *ppb_match = p; + } + } +} + +/* + * qpack_context_init initializes |ctx|. |max_dtable_size| is the + * maximum size of dynamic table. |mem| is a memory allocator. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +static int qpack_context_init(nghttp3_qpack_context *ctx, + size_t max_dtable_size, size_t max_blocked, + const nghttp3_mem *mem) { + int rv; + size_t len = 4096 / NGHTTP3_QPACK_ENTRY_OVERHEAD; + size_t len2; + + for (len2 = 1; len2 < len; len2 <<= 1) + ; + + rv = nghttp3_ringbuf_init(&ctx->dtable, len2, sizeof(nghttp3_qpack_entry *), + mem); + if (rv != 0) { + return rv; + } + + ctx->mem = mem; + ctx->dtable_size = 0; + ctx->dtable_sum = 0; + ctx->hard_max_dtable_size = max_dtable_size; + ctx->max_dtable_size = 0; + ctx->max_blocked = max_blocked; + ctx->next_absidx = 0; + ctx->bad = 0; + + return 0; +} + +static void qpack_context_free(nghttp3_qpack_context *ctx) { + nghttp3_qpack_entry *ent; + size_t i, len = nghttp3_ringbuf_len(&ctx->dtable); + + for (i = 0; i < len; ++i) { + ent = *(nghttp3_qpack_entry **)nghttp3_ringbuf_get(&ctx->dtable, i); + nghttp3_qpack_entry_free(ent); + nghttp3_mem_free(ctx->mem, ent); + } + nghttp3_ringbuf_free(&ctx->dtable); +} + +static int ref_min_cnt_less(const nghttp3_pq_entry *lhsx, + const nghttp3_pq_entry *rhsx) { + nghttp3_qpack_header_block_ref *lhs = + nghttp3_struct_of(lhsx, nghttp3_qpack_header_block_ref, min_cnts_pe); + nghttp3_qpack_header_block_ref *rhs = + nghttp3_struct_of(rhsx, nghttp3_qpack_header_block_ref, min_cnts_pe); + + return lhs->min_cnt < rhs->min_cnt; +} + +typedef struct { + size_t max_cnt; + uint64_t id; +} nghttp3_blocked_streams_key; + +static int max_cnt_greater(const nghttp3_ksl_key *lhs, + const nghttp3_ksl_key *rhs) { + const nghttp3_blocked_streams_key *a = lhs->ptr; + const nghttp3_blocked_streams_key *b = rhs->ptr; + return a->max_cnt > b->max_cnt || (a->max_cnt == b->max_cnt && a->id < b->id); +} + +int nghttp3_qpack_encoder_init(nghttp3_qpack_encoder *encoder, + size_t max_dtable_size, size_t max_blocked, + const nghttp3_mem *mem) { + int rv; + + rv = qpack_context_init(&encoder->ctx, max_dtable_size, max_blocked, mem); + if (rv != 0) { + return rv; + } + + rv = nghttp3_map_init(&encoder->streams, mem); + if (rv != 0) { + goto streams_init_fail; + } + + rv = nghttp3_ksl_init(&encoder->blocked_streams, max_cnt_greater, + sizeof(nghttp3_blocked_streams_key), mem); + if (rv != 0) { + goto blocked_streams_init_fail; + } + + qpack_map_init(&encoder->dtable_map); + nghttp3_pq_init(&encoder->min_cnts, ref_min_cnt_less, mem); + + encoder->krcnt = 0; + encoder->state = NGHTTP3_QPACK_DS_STATE_OPCODE; + encoder->opcode = 0; + encoder->min_dtable_update = NGHTTP3_QPACK_INT_MAX; + encoder->last_max_dtable_update = 0; + encoder->flags = NGHTTP3_QPACK_ENCODER_FLAG_NONE; + + nghttp3_qpack_read_state_reset(&encoder->rstate); + + return 0; + +blocked_streams_init_fail: + nghttp3_map_free(&encoder->streams); +streams_init_fail: + qpack_context_free(&encoder->ctx); + + return rv; +} + +static int map_stream_free(nghttp3_map_entry *entry, void *ptr) { + const nghttp3_mem *mem = ptr; + nghttp3_qpack_stream *stream = + nghttp3_struct_of(entry, nghttp3_qpack_stream, me); + nghttp3_qpack_stream_del(stream, mem); + return 0; +} + +void nghttp3_qpack_encoder_free(nghttp3_qpack_encoder *encoder) { + nghttp3_pq_free(&encoder->min_cnts); + nghttp3_ksl_free(&encoder->blocked_streams); + nghttp3_map_each_free(&encoder->streams, map_stream_free, + (void *)encoder->ctx.mem); + nghttp3_map_free(&encoder->streams); + qpack_context_free(&encoder->ctx); +} + +int nghttp3_qpack_encoder_set_max_dtable_size(nghttp3_qpack_encoder *encoder, + size_t max_dtable_size) { + if (encoder->ctx.hard_max_dtable_size < max_dtable_size) { + return NGHTTP3_ERR_INVALID_ARGUMENT; + } + + if (encoder->ctx.max_dtable_size == max_dtable_size) { + return 0; + } + + encoder->flags |= NGHTTP3_QPACK_ENCODER_FLAG_PENDING_SET_DTABLE_CAP; + + if (encoder->min_dtable_update > max_dtable_size) { + encoder->min_dtable_update = max_dtable_size; + encoder->ctx.max_dtable_size = max_dtable_size; + } + encoder->last_max_dtable_update = max_dtable_size; + + return 0; +} + +int nghttp3_qpack_encoder_set_hard_max_dtable_size( + nghttp3_qpack_encoder *encoder, size_t hard_max_dtable_size) { + /* TODO This is not ideal. */ + if (encoder->ctx.hard_max_dtable_size) { + return NGHTTP3_ERR_INVALID_STATE; + } + + encoder->ctx.hard_max_dtable_size = hard_max_dtable_size; + + return 0; +} + +int nghttp3_qpack_encoder_set_max_blocked(nghttp3_qpack_encoder *encoder, + size_t max_blocked) { + /* TODO This is not ideal. */ + if (encoder->ctx.max_blocked) { + return NGHTTP3_ERR_INVALID_STATE; + } + + encoder->ctx.max_blocked = max_blocked; + + return 0; +} + +size_t nghttp3_qpack_encoder_get_min_cnt(nghttp3_qpack_encoder *encoder) { + assert(!nghttp3_pq_empty(&encoder->min_cnts)); + + return nghttp3_struct_of(nghttp3_pq_top(&encoder->min_cnts), + nghttp3_qpack_header_block_ref, min_cnts_pe) + ->min_cnt; +} + +void nghttp3_qpack_encoder_shrink_dtable(nghttp3_qpack_encoder *encoder) { + nghttp3_ringbuf *dtable = &encoder->ctx.dtable; + const nghttp3_mem *mem = encoder->ctx.mem; + size_t min_cnt = SIZE_MAX; + size_t len; + nghttp3_qpack_entry *ent; + + if (encoder->ctx.dtable_size <= encoder->ctx.max_dtable_size) { + return; + } + + if (!nghttp3_pq_empty(&encoder->min_cnts)) { + min_cnt = nghttp3_qpack_encoder_get_min_cnt(encoder); + } + + for (; encoder->ctx.dtable_size > encoder->ctx.max_dtable_size;) { + len = nghttp3_ringbuf_len(dtable); + ent = *(nghttp3_qpack_entry **)nghttp3_ringbuf_get(dtable, len - 1); + if (ent->absidx + 1 == min_cnt) { + return; + } + + encoder->ctx.dtable_size -= + table_space(ent->nv.name->len, ent->nv.value->len); + + nghttp3_ringbuf_pop_back(dtable); + qpack_map_remove(&encoder->dtable_map, ent); + + nghttp3_qpack_entry_free(ent); + nghttp3_mem_free(mem, ent); + } +} + +/* + * qpack_encoder_add_stream_ref adds another dynamic table reference + * to a stream denoted by |stream_id|. |max_cnt| and |min_cnt| is the + * maximum and minimum insert count it references respectively. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +static int qpack_encoder_add_stream_ref(nghttp3_qpack_encoder *encoder, + int64_t stream_id, size_t max_cnt, + size_t min_cnt) { + nghttp3_qpack_stream *stream = + nghttp3_qpack_encoder_find_stream(encoder, stream_id); + nghttp3_qpack_header_block_ref *ref; + const nghttp3_mem *mem = encoder->ctx.mem; + size_t prev_max_cnt = 0; + int rv; + + if (stream == NULL) { + rv = nghttp3_qpack_stream_new(&stream, stream_id, mem); + if (rv != 0) { + assert(rv == NGHTTP3_ERR_NOMEM); + return rv; + } + rv = nghttp3_map_insert(&encoder->streams, &stream->me); + if (rv != 0) { + assert(rv == NGHTTP3_ERR_NOMEM); + nghttp3_qpack_stream_del(stream, mem); + return rv; + } + } else { + prev_max_cnt = nghttp3_qpack_stream_get_max_cnt(stream); + if (nghttp3_qpack_encoder_stream_is_blocked(encoder, stream) && + max_cnt > prev_max_cnt) { + nghttp3_qpack_encoder_unblock_stream(encoder, stream); + } + } + + rv = nghttp3_qpack_header_block_ref_new(&ref, max_cnt, min_cnt, mem); + if (rv != 0) { + return rv; + } + + rv = nghttp3_qpack_stream_add_ref(stream, ref); + if (rv != 0) { + nghttp3_qpack_header_block_ref_del(ref, mem); + return rv; + } + + if (max_cnt > prev_max_cnt && + nghttp3_qpack_encoder_stream_is_blocked(encoder, stream)) { + rv = nghttp3_qpack_encoder_block_stream(encoder, stream); + if (rv != 0) { + return rv; + } + } + + return nghttp3_pq_push(&encoder->min_cnts, &ref->min_cnts_pe); +} + +static void qpack_encoder_remove_stream(nghttp3_qpack_encoder *encoder, + nghttp3_qpack_stream *stream) { + size_t i, len; + nghttp3_qpack_header_block_ref *ref; + + nghttp3_map_remove(&encoder->streams, stream->me.key); + + len = nghttp3_ringbuf_len(&stream->refs); + for (i = 0; i < len; ++i) { + ref = *(nghttp3_qpack_header_block_ref **)nghttp3_ringbuf_get(&stream->refs, + i); + + assert(ref->min_cnts_pe.index != NGHTTP3_PQ_BAD_INDEX); + + nghttp3_pq_remove(&encoder->min_cnts, &ref->min_cnts_pe); + } +} + +/* + * reserve_buf ensures that |buf| contains at least |extra_size| of + * free space. In other words, if this function succeeds, + * nghttp2_buf_left(buf) >= extra_size holds. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +static int reserve_buf(nghttp3_buf *buf, size_t extra_size, + const nghttp3_mem *mem) { + size_t left = nghttp3_buf_left(buf); + size_t n = 4096, need; + + if (left >= extra_size) { + return 0; + } + + need = nghttp3_buf_cap(buf) + extra_size - left; + + for (; n < need; n *= 2) + ; + + return nghttp3_buf_reserve(buf, n, mem); +} + +int nghttp3_qpack_encoder_encode(nghttp3_qpack_encoder *encoder, + nghttp3_buf *pbuf, nghttp3_buf *rbuf, + nghttp3_buf *ebuf, int64_t stream_id, + const nghttp3_nv *nva, size_t nvlen) { + size_t i, base, max_cnt = 0, min_cnt = SIZE_MAX; + int rv = 0; + int allow_blocking; + int blocked_stream; + nghttp3_qpack_stream *stream; + + if (encoder->ctx.bad) { + return NGHTTP3_ERR_QPACK_FATAL; + } + + rv = nghttp3_qpack_encoder_process_dtable_update(encoder, ebuf); + if (rv != 0) { + goto fail; + } + + base = encoder->ctx.next_absidx; + + stream = nghttp3_qpack_encoder_find_stream(encoder, stream_id); + blocked_stream = + stream && nghttp3_qpack_encoder_stream_is_blocked(encoder, stream); + allow_blocking = + blocked_stream || + encoder->ctx.max_blocked > nghttp3_ksl_len(&encoder->blocked_streams); + + DEBUGF("qpack::encode: stream %ld blocked=%d allow_blocking=%d\n", stream_id, + blocked_stream, allow_blocking); + + for (i = 0; i < nvlen; ++i) { + rv = nghttp3_qpack_encoder_encode_nv(encoder, &max_cnt, &min_cnt, rbuf, + ebuf, &nva[i], base, allow_blocking); + if (rv != 0) { + goto fail; + } + } + + nghttp3_qpack_encoder_write_header_block_prefix(encoder, pbuf, max_cnt, base); + + /* TODO If max_cnt == 0, no reference is made to dtable. */ + if (!max_cnt) { + return 0; + } + + rv = qpack_encoder_add_stream_ref(encoder, stream_id, max_cnt, min_cnt); + if (rv != 0) { + goto fail; + } + + return 0; + +fail: + encoder->ctx.bad = 1; + return rv; +} + +/* + * qpack_write_number writes variable integer to |rbuf|. |num| is an + * integer to write. |prefix| is a prefix of variable integer + * encoding. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +static int qpack_write_number(nghttp3_buf *rbuf, uint8_t fb, uint64_t num, + size_t prefix, const nghttp3_mem *mem) { + int rv; + size_t len = nghttp3_qpack_put_varint_len(num, prefix); + uint8_t *p; + + rv = reserve_buf(rbuf, len, mem); + if (rv != 0) { + return rv; + } + + p = rbuf->last; + + *p = fb; + p = nghttp3_qpack_put_varint(p, num, prefix); + + assert((size_t)(p - rbuf->last) == len); + + rbuf->last = p; + + return 0; +} + +int nghttp3_qpack_encoder_process_dtable_update(nghttp3_qpack_encoder *encoder, + nghttp3_buf *ebuf) { + int rv; + + nghttp3_qpack_encoder_shrink_dtable(encoder); + + if (encoder->ctx.max_dtable_size < encoder->ctx.dtable_size || + !(encoder->flags & NGHTTP3_QPACK_ENCODER_FLAG_PENDING_SET_DTABLE_CAP)) { + return 0; + } + + if (encoder->min_dtable_update < encoder->last_max_dtable_update) { + rv = nghttp3_qpack_encoder_write_set_dtable_cap(encoder, ebuf, + encoder->min_dtable_update); + if (rv != 0) { + return rv; + } + } + + rv = nghttp3_qpack_encoder_write_set_dtable_cap( + encoder, ebuf, encoder->last_max_dtable_update); + if (rv != 0) { + return rv; + } + + encoder->flags &= (uint8_t)~NGHTTP3_QPACK_ENCODER_FLAG_PENDING_SET_DTABLE_CAP; + encoder->min_dtable_update = NGHTTP3_QPACK_INT_MAX; + encoder->ctx.max_dtable_size = encoder->last_max_dtable_update; + + return 0; +} + +int nghttp3_qpack_encoder_write_set_dtable_cap(nghttp3_qpack_encoder *encoder, + nghttp3_buf *ebuf, size_t cap) { + DEBUGF("qpack::encode: Set Dynamic Table Capacity capacity=%zu\n", cap); + return qpack_write_number(ebuf, 0x20, cap, 5, encoder->ctx.mem); +} + +nghttp3_qpack_stream * +nghttp3_qpack_encoder_find_stream(nghttp3_qpack_encoder *encoder, + int64_t stream_id) { + nghttp3_map_entry *me = + nghttp3_map_find(&encoder->streams, (uint64_t)stream_id); + return me == NULL ? NULL : nghttp3_struct_of(me, nghttp3_qpack_stream, me); +} + +int nghttp3_qpack_encoder_stream_is_blocked(nghttp3_qpack_encoder *encoder, + nghttp3_qpack_stream *stream) { + return stream && encoder->krcnt < nghttp3_qpack_stream_get_max_cnt(stream); +} + +static uint32_t qpack_hash_name(const nghttp3_nv *nv) { + /* 32 bit FNV-1a: http://isthe.com/chongo/tech/comp/fnv/ */ + uint32_t h = 2166136261u; + size_t i; + + for (i = 0; i < nv->namelen; ++i) { + h ^= nv->name[i]; + h += (h << 1) + (h << 4) + (h << 7) + (h << 8) + (h << 24); + } + + return h; +} + +/* + * qpack_encoder_decide_indexing_mode determines and returns indexing + * mode for header field |nv|. |token| is a token of header field + * name. + */ +static nghttp3_qpack_indexing_mode +qpack_encoder_decide_indexing_mode(nghttp3_qpack_encoder *encoder, + const nghttp3_nv *nv, int32_t token) { + if (nv->flags & NGHTTP3_NV_FLAG_NEVER_INDEX) { + return NGHTTP3_QPACK_INDEXING_MODE_NEVER; + } + + switch (token) { + case NGHTTP3_QPACK_TOKEN_AUTHORIZATION: + return NGHTTP3_QPACK_INDEXING_MODE_NEVER; + case NGHTTP3_QPACK_TOKEN_COOKIE: + if (nv->valuelen < 20) { + return NGHTTP3_QPACK_INDEXING_MODE_NEVER; + } + break; + case NGHTTP3_QPACK_TOKEN__PATH: + case NGHTTP3_QPACK_TOKEN_AGE: + case NGHTTP3_QPACK_TOKEN_CONTENT_LENGTH: + case NGHTTP3_QPACK_TOKEN_ETAG: + case NGHTTP3_QPACK_TOKEN_IF_MODIFIED_SINCE: + case NGHTTP3_QPACK_TOKEN_IF_NONE_MATCH: + case NGHTTP3_QPACK_TOKEN_LOCATION: + case NGHTTP3_QPACK_TOKEN_SET_COOKIE: + return NGHTTP3_QPACK_INDEXING_MODE_LITERAL; + } + + if (table_space(nv->namelen, nv->valuelen) > + encoder->ctx.max_dtable_size * 3 / 4) { + return NGHTTP3_QPACK_INDEXING_MODE_LITERAL; + } + + return NGHTTP3_QPACK_INDEXING_MODE_STORE; +} + +/* + * qpack_encoder_can_index returns nonzero if an entry which occupies + * |need| bytes can be inserted into dynamic table. |min_cnt| is the + * minimum insert count which blocked stream requires. + */ +static int qpack_encoder_can_index(nghttp3_qpack_encoder *encoder, size_t need, + size_t min_cnt) { + size_t avail = 0; + size_t len; + size_t gmin_cnt; + nghttp3_qpack_entry *min_ent, *last_ent; + nghttp3_ringbuf *dtable = &encoder->ctx.dtable; + + if (encoder->ctx.max_dtable_size > encoder->ctx.dtable_size) { + avail = encoder->ctx.max_dtable_size - encoder->ctx.dtable_size; + if (need <= avail) { + return 1; + } + } + + if (!nghttp3_pq_empty(&encoder->min_cnts)) { + gmin_cnt = nghttp3_qpack_encoder_get_min_cnt(encoder); + min_cnt = nghttp3_min(min_cnt, gmin_cnt); + } + + if (min_cnt == SIZE_MAX) { + return encoder->ctx.max_dtable_size >= need; + } + + min_ent = nghttp3_qpack_context_dtable_get(&encoder->ctx, min_cnt - 1); + + len = nghttp3_ringbuf_len(&encoder->ctx.dtable); + assert(len); + last_ent = *(nghttp3_qpack_entry **)nghttp3_ringbuf_get(dtable, len - 1); + + if (min_ent == last_ent) { + return 0; + } + + return avail + min_ent->sum - last_ent->sum >= need; +} + +/* + * qpack_encoder_can_index_nv returns nonzero if header field |nv| can + * be inserted into dynamic table. |min_cnt| is the minimum insert + * count which blocked stream requires. + */ +static int qpack_encoder_can_index_nv(nghttp3_qpack_encoder *encoder, + const nghttp3_nv *nv, size_t min_cnt) { + return qpack_encoder_can_index( + encoder, table_space(nv->namelen, nv->valuelen), min_cnt); +} + +/* + * qpack_encoder_can_index_duplicate returns nonzero if an entry at + * |absidx| in dynamic table can be inserted to dynamic table as + * duplicate. |min_cnt| is the minimum insert count which blocked + * stream requires. + */ +static int qpack_encoder_can_index_duplicate(nghttp3_qpack_encoder *encoder, + size_t absidx, size_t min_cnt) { + nghttp3_qpack_entry *ent = + nghttp3_qpack_context_dtable_get(&encoder->ctx, absidx); + + return qpack_encoder_can_index( + encoder, table_space(ent->nv.name->len, ent->nv.value->len), min_cnt); +} + +/* + * qpack_context_check_draining returns nonzero if an entry at + * |absidx| in dynamic table is one of draining entries. + */ +static int qpack_context_check_draining(nghttp3_qpack_context *ctx, + size_t absidx) { + const size_t safe = + ctx->max_dtable_size - nghttp3_min(512, ctx->max_dtable_size * 1 / 8); + nghttp3_qpack_entry *ent = nghttp3_qpack_context_dtable_get(ctx, absidx); + + return ctx->dtable_sum - ent->sum > safe; +} + +int nghttp3_qpack_encoder_encode_nv(nghttp3_qpack_encoder *encoder, + size_t *pmax_cnt, size_t *pmin_cnt, + nghttp3_buf *rbuf, nghttp3_buf *ebuf, + const nghttp3_nv *nv, size_t base, + int allow_blocking) { + uint32_t hash = 0; + int32_t token; + nghttp3_qpack_indexing_mode indexing_mode; + nghttp3_qpack_lookup_result sres = {-1, 0, -1}, dres = {-1, 0, -1}; + nghttp3_qpack_entry *new_ent = NULL; + int static_entry; + int just_index = 0; + int rv; + + token = qpack_lookup_token(nv->name, nv->namelen); + static_entry = token != -1 && (size_t)token < nghttp3_arraylen(token_stable); + if (static_entry) { + hash = token_stable[token].hash; + } else { + hash = qpack_hash_name(nv); + } + + indexing_mode = qpack_encoder_decide_indexing_mode(encoder, nv, token); + + if (static_entry) { + sres = nghttp3_qpack_lookup_stable(nv, token, indexing_mode); + if (sres.index != -1 && sres.name_value_match) { + return nghttp3_qpack_encoder_write_static_indexed(encoder, rbuf, + (size_t)sres.index); + } + } + + if (nghttp3_map_size(&encoder->streams) < NGHTTP3_QPACK_MAX_QPACK_STREAMS) { + dres = nghttp3_qpack_encoder_lookup_dtable(encoder, nv, token, hash, + indexing_mode, encoder->krcnt, + allow_blocking); + just_index = indexing_mode == NGHTTP3_QPACK_INDEXING_MODE_STORE && + dres.pb_index == -1; + } + + if (dres.index != -1 && dres.name_value_match) { + if (allow_blocking && + qpack_context_check_draining(&encoder->ctx, (size_t)dres.index) && + qpack_encoder_can_index_duplicate(encoder, (size_t)dres.index, + *pmin_cnt)) { + rv = nghttp3_qpack_encoder_write_duplicate_insert(encoder, ebuf, + (size_t)dres.index); + if (rv != 0) { + return rv; + } + rv = nghttp3_qpack_encoder_dtable_duplicate_add(encoder, + (size_t)dres.index); + if (rv != 0) { + return rv; + } + + new_ent = nghttp3_qpack_context_dtable_top(&encoder->ctx); + dres.index = (ssize_t)new_ent->absidx; + } + *pmax_cnt = nghttp3_max(*pmax_cnt, (size_t)(dres.index + 1)); + *pmin_cnt = nghttp3_min(*pmin_cnt, (size_t)(dres.index + 1)); + + return nghttp3_qpack_encoder_write_dynamic_indexed( + encoder, rbuf, (size_t)dres.index, base); + } + + if (sres.index != -1) { + if (just_index && qpack_encoder_can_index_nv(encoder, nv, *pmin_cnt)) { + rv = nghttp3_qpack_encoder_write_static_insert(encoder, ebuf, + (size_t)sres.index, nv); + if (rv != 0) { + return rv; + } + rv = nghttp3_qpack_encoder_dtable_static_add(encoder, (size_t)sres.index, + nv, hash); + if (rv != 0) { + return rv; + } + if (allow_blocking) { + new_ent = nghttp3_qpack_context_dtable_top(&encoder->ctx); + *pmax_cnt = nghttp3_max(*pmax_cnt, new_ent->absidx + 1); + *pmin_cnt = nghttp3_min(*pmin_cnt, new_ent->absidx + 1); + + return nghttp3_qpack_encoder_write_dynamic_indexed( + encoder, rbuf, new_ent->absidx, base); + } + } + + return nghttp3_qpack_encoder_write_static_indexed_name( + encoder, rbuf, (size_t)sres.index, nv); + } + + if (dres.index != -1) { + if (just_index && + qpack_encoder_can_index_nv( + encoder, nv, + allow_blocking ? *pmin_cnt + : nghttp3_min((size_t)dres.index + 1, *pmin_cnt))) { + rv = nghttp3_qpack_encoder_write_dynamic_insert(encoder, ebuf, + (size_t)dres.index, nv); + if (rv != 0) { + return rv; + } + + if (!allow_blocking) { + *pmin_cnt = nghttp3_min(*pmin_cnt, (size_t)dres.index + 1); + } + + rv = nghttp3_qpack_encoder_dtable_dynamic_add(encoder, (size_t)dres.index, + nv, hash); + if (rv != 0) { + return rv; + } + + if (allow_blocking) { + new_ent = nghttp3_qpack_context_dtable_top(&encoder->ctx); + *pmax_cnt = nghttp3_max(*pmax_cnt, new_ent->absidx + 1); + *pmin_cnt = nghttp3_min(*pmin_cnt, new_ent->absidx + 1); + + return nghttp3_qpack_encoder_write_dynamic_indexed( + encoder, rbuf, new_ent->absidx, base); + } + } + + *pmax_cnt = nghttp3_max(*pmax_cnt, (size_t)(dres.index + 1)); + *pmin_cnt = nghttp3_min(*pmin_cnt, (size_t)(dres.index + 1)); + + return nghttp3_qpack_encoder_write_dynamic_indexed_name( + encoder, rbuf, (size_t)dres.index, base, nv); + } + + if (just_index && qpack_encoder_can_index_nv(encoder, nv, *pmin_cnt)) { + rv = nghttp3_qpack_encoder_dtable_literal_add(encoder, nv, token, hash); + if (rv != 0) { + return rv; + } + rv = nghttp3_qpack_encoder_write_literal_insert(encoder, ebuf, nv); + if (rv != 0) { + return rv; + } + if (allow_blocking) { + new_ent = nghttp3_qpack_context_dtable_top(&encoder->ctx); + *pmax_cnt = nghttp3_max(*pmax_cnt, new_ent->absidx + 1); + *pmin_cnt = nghttp3_min(*pmin_cnt, new_ent->absidx + 1); + + return nghttp3_qpack_encoder_write_dynamic_indexed(encoder, rbuf, + new_ent->absidx, base); + } + } + + return nghttp3_qpack_encoder_write_literal(encoder, rbuf, nv); +} + +nghttp3_qpack_lookup_result +nghttp3_qpack_lookup_stable(const nghttp3_nv *nv, int32_t token, + nghttp3_qpack_indexing_mode indexing_mode) { + nghttp3_qpack_lookup_result res = {(ssize_t)token_stable[token].absidx, 0, + -1}; + nghttp3_qpack_static_entry *ent; + nghttp3_qpack_static_header *hdr; + size_t i; + + assert(token >= 0); + + if (indexing_mode == NGHTTP3_QPACK_INDEXING_MODE_NEVER) { + return res; + } + + for (i = (size_t)token; + i < nghttp3_arraylen(token_stable) && token_stable[i].token == token; + ++i) { + ent = &token_stable[i]; + hdr = &stable[ent->absidx]; + if (hdr->value.len == nv->valuelen && + memeq(hdr->value.base, nv->value, nv->valuelen)) { + res.index = (ssize_t)ent->absidx; + res.name_value_match = 1; + return res; + } + } + return res; +} + +nghttp3_qpack_lookup_result nghttp3_qpack_encoder_lookup_dtable( + nghttp3_qpack_encoder *encoder, const nghttp3_nv *nv, int32_t token, + uint32_t hash, nghttp3_qpack_indexing_mode indexing_mode, size_t krcnt, + int allow_blocking) { + nghttp3_qpack_lookup_result res = {-1, 0, -1}; + int exact_match = 0; + nghttp3_qpack_entry *match, *pb_match; + + encoder_qpack_map_find(encoder, &exact_match, &match, &pb_match, nv, token, + hash, krcnt, allow_blocking, + indexing_mode == NGHTTP3_QPACK_INDEXING_MODE_NEVER); + if (match) { + res.index = (ssize_t)match->absidx; + res.name_value_match = exact_match; + } + if (pb_match) { + res.pb_index = (ssize_t)pb_match->absidx; + } + + return res; +} + +int nghttp3_qpack_header_block_ref_new(nghttp3_qpack_header_block_ref **pref, + size_t max_cnt, size_t min_cnt, + const nghttp3_mem *mem) { + nghttp3_qpack_header_block_ref *ref = + nghttp3_mem_malloc(mem, sizeof(nghttp3_qpack_header_block_ref)); + + if (ref == NULL) { + return NGHTTP3_ERR_NOMEM; + } + + ref->max_cnts_pe.index = NGHTTP3_PQ_BAD_INDEX; + ref->min_cnts_pe.index = NGHTTP3_PQ_BAD_INDEX; + ref->max_cnt = max_cnt; + ref->min_cnt = min_cnt; + + *pref = ref; + + return 0; +} + +void nghttp3_qpack_header_block_ref_del(nghttp3_qpack_header_block_ref *ref, + const nghttp3_mem *mem) { + nghttp3_mem_free(mem, ref); +} + +static int ref_max_cnt_greater(const nghttp3_pq_entry *lhsx, + const nghttp3_pq_entry *rhsx) { + const nghttp3_qpack_header_block_ref *lhs = + nghttp3_struct_of(lhsx, nghttp3_qpack_header_block_ref, max_cnts_pe); + const nghttp3_qpack_header_block_ref *rhs = + nghttp3_struct_of(rhsx, nghttp3_qpack_header_block_ref, max_cnts_pe); + + return lhs->max_cnt > rhs->max_cnt; +} + +int nghttp3_qpack_stream_new(nghttp3_qpack_stream **pstream, int64_t stream_id, + const nghttp3_mem *mem) { + int rv; + nghttp3_qpack_stream *stream; + + stream = nghttp3_mem_malloc(mem, sizeof(nghttp3_qpack_stream)); + if (stream == NULL) { + return NGHTTP3_ERR_NOMEM; + } + + rv = nghttp3_ringbuf_init(&stream->refs, 4, + sizeof(nghttp3_qpack_header_block_ref *), mem); + if (rv != 0) { + nghttp3_mem_free(mem, stream); + return rv; + } + + nghttp3_pq_init(&stream->max_cnts, ref_max_cnt_greater, mem); + + stream->me.next = NULL; + stream->me.key = (uint64_t)stream_id; + + *pstream = stream; + + return 0; +} + +void nghttp3_qpack_stream_del(nghttp3_qpack_stream *stream, + const nghttp3_mem *mem) { + nghttp3_qpack_header_block_ref *ref; + size_t i, len; + + if (stream == NULL) { + return; + } + + nghttp3_pq_free(&stream->max_cnts); + + len = nghttp3_ringbuf_len(&stream->refs); + for (i = 0; i < len; ++i) { + ref = *(nghttp3_qpack_header_block_ref **)nghttp3_ringbuf_get(&stream->refs, + i); + nghttp3_qpack_header_block_ref_del(ref, mem); + } + + nghttp3_ringbuf_free(&stream->refs); + + nghttp3_mem_free(mem, stream); +} + +size_t nghttp3_qpack_stream_get_max_cnt(const nghttp3_qpack_stream *stream) { + nghttp3_qpack_header_block_ref *ref; + + if (nghttp3_pq_empty(&stream->max_cnts)) { + return 0; + } + + ref = nghttp3_struct_of(nghttp3_pq_top(&stream->max_cnts), + nghttp3_qpack_header_block_ref, max_cnts_pe); + return ref->max_cnt; +} + +int nghttp3_qpack_stream_add_ref(nghttp3_qpack_stream *stream, + nghttp3_qpack_header_block_ref *ref) { + nghttp3_qpack_header_block_ref **dest; + int rv; + + if (nghttp3_ringbuf_full(&stream->refs)) { + rv = nghttp3_ringbuf_reserve(&stream->refs, + nghttp3_ringbuf_len(&stream->refs) * 2); + if (rv != 0) { + return rv; + } + } + + dest = nghttp3_ringbuf_push_back(&stream->refs); + *dest = ref; + + return nghttp3_pq_push(&stream->max_cnts, &ref->max_cnts_pe); +} + +void nghttp3_qpack_stream_pop_ref(nghttp3_qpack_stream *stream) { + nghttp3_qpack_header_block_ref *ref; + + assert(nghttp3_ringbuf_len(&stream->refs)); + + ref = + *(nghttp3_qpack_header_block_ref **)nghttp3_ringbuf_get(&stream->refs, 0); + + assert(ref->max_cnts_pe.index != NGHTTP3_PQ_BAD_INDEX); + + nghttp3_pq_remove(&stream->max_cnts, &ref->max_cnts_pe); + + nghttp3_ringbuf_pop_front(&stream->refs); +} + +int nghttp3_qpack_encoder_write_static_indexed(nghttp3_qpack_encoder *encoder, + nghttp3_buf *rbuf, + size_t absidx) { + DEBUGF("qpack::encode: Indexed Header Field (static) absidx=%zu\n", absidx); + return qpack_write_number(rbuf, 0xc0, absidx, 6, encoder->ctx.mem); +} + +int nghttp3_qpack_encoder_write_dynamic_indexed(nghttp3_qpack_encoder *encoder, + nghttp3_buf *rbuf, + size_t absidx, size_t base) { + DEBUGF("qpack::encode: Indexed Header Field (dynamic) absidx=%zu base=%zu\n", + absidx, base); + + if (absidx < base) { + return qpack_write_number(rbuf, 0x80, base - absidx - 1, 6, + encoder->ctx.mem); + } + + return qpack_write_number(rbuf, 0x10, absidx - base, 4, encoder->ctx.mem); +} + +/* + * qpack_encoder_write_indexed_name writes generic indexed name. |fb| + * is the first byte. |nameidx| is an index of referenced name. + * |prefix| is a prefix of variable integer encoding. |nv| is a + * header field to encode. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +static int qpack_encoder_write_indexed_name(nghttp3_qpack_encoder *encoder, + nghttp3_buf *buf, uint8_t fb, + size_t nameidx, size_t prefix, + const nghttp3_nv *nv) { + int rv; + size_t len = nghttp3_qpack_put_varint_len(nameidx, prefix); + uint8_t *p; + size_t hlen; + int h = 0; + + hlen = nghttp3_qpack_huffman_encode_count(nv->value, nv->valuelen); + if (hlen < nv->valuelen) { + h = 1; + len += nghttp3_qpack_put_varint_len(hlen, 7) + hlen; + } else { + len += nghttp3_qpack_put_varint_len(nv->valuelen, 7) + nv->valuelen; + } + + rv = reserve_buf(buf, len, encoder->ctx.mem); + if (rv != 0) { + return rv; + } + + p = buf->last; + + *p = fb; + p = nghttp3_qpack_put_varint(p, nameidx, prefix); + + if (h) { + *p = 0x80; + p = nghttp3_qpack_put_varint(p, hlen, 7); + p = nghttp3_qpack_huffman_encode(p, nv->value, nv->valuelen); + } else { + *p = 0; + p = nghttp3_qpack_put_varint(p, nv->valuelen, 7); + p = nghttp3_cpymem(p, nv->value, nv->valuelen); + } + + assert((size_t)(p - buf->last) == len); + + buf->last = p; + + return 0; +} + +int nghttp3_qpack_encoder_write_static_indexed_name( + nghttp3_qpack_encoder *encoder, nghttp3_buf *rbuf, size_t absidx, + const nghttp3_nv *nv) { + uint8_t fb = + (uint8_t)(0x50 | ((nv->flags & NGHTTP3_NV_FLAG_NEVER_INDEX) ? 0x20 : 0)); + + DEBUGF("qpack::encode: Literal Header Field With Name Reference (static) " + "absidx=%zu never=%d\n", + absidx, (nv->flags & NGHTTP3_NV_FLAG_NEVER_INDEX) != 0); + return qpack_encoder_write_indexed_name(encoder, rbuf, fb, absidx, 4, nv); +} + +int nghttp3_qpack_encoder_write_dynamic_indexed_name( + nghttp3_qpack_encoder *encoder, nghttp3_buf *rbuf, size_t absidx, + size_t base, const nghttp3_nv *nv) { + uint8_t fb; + + DEBUGF("qpack::encode: Literal Header Field With Name Reference (dynamic) " + "absidx=%zu base=%zu never=%d\n", + absidx, base, (nv->flags & NGHTTP3_NV_FLAG_NEVER_INDEX) != 0); + + if (absidx < base) { + fb = (uint8_t)(0x40 | + ((nv->flags & NGHTTP3_NV_FLAG_NEVER_INDEX) ? 0x20 : 0)); + return qpack_encoder_write_indexed_name(encoder, rbuf, fb, + base - absidx - 1, 4, nv); + } + + fb = (nv->flags & NGHTTP3_NV_FLAG_NEVER_INDEX) ? 0x08 : 0; + return qpack_encoder_write_indexed_name(encoder, rbuf, fb, absidx - base, 3, + nv); +} + +/* + * qpack_encoder_write_literal writes generic literal header field + * representation. |fb| is a first byte. |prefix| is a prefix of + * variable integer encoding for name length. |nv| is a header field + * to encode. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +static int qpack_encoder_write_literal(nghttp3_qpack_encoder *encoder, + nghttp3_buf *buf, uint8_t fb, + size_t prefix, const nghttp3_nv *nv) { + int rv; + size_t len; + uint8_t *p; + size_t nhlen, vhlen; + int nh = 0, vh = 0; + + nhlen = nghttp3_qpack_huffman_encode_count(nv->name, nv->namelen); + if (nhlen < nv->namelen) { + nh = 1; + len = nghttp3_qpack_put_varint_len(nhlen, prefix) + nhlen; + } else { + len = nghttp3_qpack_put_varint_len(nv->namelen, prefix) + nv->namelen; + } + + vhlen = nghttp3_qpack_huffman_encode_count(nv->value, nv->valuelen); + if (vhlen < nv->valuelen) { + vh = 1; + len += nghttp3_qpack_put_varint_len(vhlen, 7) + vhlen; + } else { + len += nghttp3_qpack_put_varint_len(nv->valuelen, 7) + nv->valuelen; + } + + rv = reserve_buf(buf, len, encoder->ctx.mem); + if (rv != 0) { + return rv; + } + + p = buf->last; + + *p = fb; + if (nh) { + *p |= (uint8_t)(1 << prefix); + p = nghttp3_qpack_put_varint(p, nhlen, prefix); + p = nghttp3_qpack_huffman_encode(p, nv->name, nv->namelen); + } else { + p = nghttp3_qpack_put_varint(p, nv->namelen, prefix); + p = nghttp3_cpymem(p, nv->name, nv->namelen); + } + + *p = 0; + + if (vh) { + *p |= 0x80; + p = nghttp3_qpack_put_varint(p, vhlen, 7); + p = nghttp3_qpack_huffman_encode(p, nv->value, nv->valuelen); + } else { + p = nghttp3_qpack_put_varint(p, nv->valuelen, 7); + p = nghttp3_cpymem(p, nv->value, nv->valuelen); + } + + assert((size_t)(p - buf->last) == len); + + buf->last = p; + + return 0; +} + +int nghttp3_qpack_encoder_write_literal(nghttp3_qpack_encoder *encoder, + nghttp3_buf *rbuf, + const nghttp3_nv *nv) { + uint8_t fb = + (uint8_t)(0x20 | ((nv->flags & NGHTTP3_NV_FLAG_NEVER_INDEX) ? 0x10 : 0)); + + DEBUGF("qpack::encode: Literal Header Field Without Name Reference\n"); + return qpack_encoder_write_literal(encoder, rbuf, fb, 3, nv); +} + +int nghttp3_qpack_encoder_write_static_insert(nghttp3_qpack_encoder *encoder, + nghttp3_buf *ebuf, size_t absidx, + const nghttp3_nv *nv) { + DEBUGF("qpack::encode: Insert With Name Reference (static) absidx=%zu\n", + absidx); + return qpack_encoder_write_indexed_name(encoder, ebuf, 0xc0, absidx, 6, nv); +} + +int nghttp3_qpack_encoder_write_dynamic_insert(nghttp3_qpack_encoder *encoder, + nghttp3_buf *ebuf, size_t absidx, + const nghttp3_nv *nv) { + DEBUGF("qpack::encode: Insert With Name Reference (dynamic) absidx=%zu\n", + absidx); + return qpack_encoder_write_indexed_name( + encoder, ebuf, 0x80, encoder->ctx.next_absidx - absidx - 1, 6, nv); +} + +int nghttp3_qpack_encoder_write_duplicate_insert(nghttp3_qpack_encoder *encoder, + nghttp3_buf *ebuf, + size_t absidx) { + size_t idx = encoder->ctx.next_absidx - absidx - 1; + size_t len = nghttp3_qpack_put_varint_len(idx, 5); + uint8_t *p; + int rv; + + DEBUGF("qpack::encode: Insert duplicate absidx=%zu\n", absidx); + + rv = reserve_buf(ebuf, len, encoder->ctx.mem); + if (rv != 0) { + return rv; + } + + p = ebuf->last; + + *p = 0; + p = nghttp3_qpack_put_varint(p, idx, 5); + + assert((size_t)(p - ebuf->last) == len); + + ebuf->last = p; + + return 0; +} + +int nghttp3_qpack_encoder_write_literal_insert(nghttp3_qpack_encoder *encoder, + nghttp3_buf *ebuf, + const nghttp3_nv *nv) { + DEBUGF("qpack::encode: Insert Without Name Reference\n"); + return qpack_encoder_write_literal(encoder, ebuf, 0x40, 5, nv); +} + +int nghttp3_qpack_context_dtable_add(nghttp3_qpack_context *ctx, + nghttp3_qpack_nv *qnv, + nghttp3_qpack_map *dtable_map, + uint32_t hash) { + nghttp3_qpack_entry *new_ent, **p, *ent; + const nghttp3_mem *mem = ctx->mem; + size_t space; + size_t i; + int rv; + + mem = ctx->mem; + space = table_space(qnv->name->len, qnv->value->len); + + assert(space <= ctx->max_dtable_size); + + while (ctx->dtable_size + space > ctx->max_dtable_size) { + i = nghttp3_ringbuf_len(&ctx->dtable); + assert(i); + ent = *(nghttp3_qpack_entry **)nghttp3_ringbuf_get(&ctx->dtable, i - 1); + + ctx->dtable_size -= table_space(ent->nv.name->len, ent->nv.value->len); + + nghttp3_ringbuf_pop_back(&ctx->dtable); + if (dtable_map) { + qpack_map_remove(dtable_map, ent); + } + + nghttp3_qpack_entry_free(ent); + nghttp3_mem_free(mem, ent); + } + + new_ent = nghttp3_mem_malloc(mem, sizeof(nghttp3_qpack_entry)); + if (new_ent == NULL) { + return NGHTTP3_ERR_NOMEM; + } + + nghttp3_qpack_entry_init(new_ent, qnv, ctx->dtable_sum, ctx->next_absidx++, + hash); + + if (nghttp3_ringbuf_full(&ctx->dtable)) { + rv = nghttp3_ringbuf_reserve(&ctx->dtable, + nghttp3_ringbuf_len(&ctx->dtable) * 2); + if (rv != 0) { + goto fail; + } + } + + p = nghttp3_ringbuf_push_front(&ctx->dtable); + *p = new_ent; + + if (dtable_map) { + qpack_map_insert(dtable_map, new_ent); + } + + ctx->dtable_size += space; + ctx->dtable_sum += space; + + return 0; + +fail: + nghttp3_qpack_entry_free(new_ent); + nghttp3_mem_free(mem, new_ent); + + return rv; +} + +int nghttp3_qpack_encoder_dtable_static_add(nghttp3_qpack_encoder *encoder, + size_t absidx, const nghttp3_nv *nv, + uint32_t hash) { + const nghttp3_qpack_static_header *shd; + nghttp3_qpack_nv qnv; + const nghttp3_mem *mem = encoder->ctx.mem; + int rv; + + rv = nghttp3_rcbuf_new2(&qnv.value, nv->value, nv->valuelen, mem); + if (rv != 0) { + return rv; + } + + assert(nghttp3_arraylen(stable) > absidx); + + shd = &stable[absidx]; + + qnv.name = (nghttp3_rcbuf *)&shd->name; + qnv.token = shd->token; + qnv.flags = NGHTTP3_NV_FLAG_NONE; + + rv = nghttp3_qpack_context_dtable_add(&encoder->ctx, &qnv, + &encoder->dtable_map, hash); + + nghttp3_rcbuf_decref(qnv.value); + + return rv; +} + +int nghttp3_qpack_encoder_dtable_dynamic_add(nghttp3_qpack_encoder *encoder, + size_t absidx, + const nghttp3_nv *nv, + uint32_t hash) { + nghttp3_qpack_nv qnv; + nghttp3_qpack_entry *ent; + const nghttp3_mem *mem = encoder->ctx.mem; + int rv; + + rv = nghttp3_rcbuf_new2(&qnv.value, nv->value, nv->valuelen, mem); + if (rv != 0) { + return rv; + } + + ent = nghttp3_qpack_context_dtable_get(&encoder->ctx, absidx); + + qnv.name = ent->nv.name; + qnv.token = ent->nv.token; + qnv.flags = NGHTTP3_NV_FLAG_NONE; + + nghttp3_rcbuf_incref(qnv.name); + + rv = nghttp3_qpack_context_dtable_add(&encoder->ctx, &qnv, + &encoder->dtable_map, hash); + + nghttp3_rcbuf_decref(qnv.value); + nghttp3_rcbuf_decref(qnv.name); + + return rv; +} + +int nghttp3_qpack_encoder_dtable_duplicate_add(nghttp3_qpack_encoder *encoder, + size_t absidx) { + nghttp3_qpack_nv qnv; + nghttp3_qpack_entry *ent; + int rv; + + ent = nghttp3_qpack_context_dtable_get(&encoder->ctx, absidx); + + qnv = ent->nv; + nghttp3_rcbuf_incref(qnv.name); + nghttp3_rcbuf_incref(qnv.value); + + rv = nghttp3_qpack_context_dtable_add(&encoder->ctx, &qnv, + &encoder->dtable_map, ent->hash); + + nghttp3_rcbuf_decref(qnv.name); + nghttp3_rcbuf_decref(qnv.value); + + return rv; +} + +int nghttp3_qpack_encoder_dtable_literal_add(nghttp3_qpack_encoder *encoder, + const nghttp3_nv *nv, + int32_t token, uint32_t hash) { + nghttp3_qpack_nv qnv; + const nghttp3_mem *mem = encoder->ctx.mem; + int rv; + + rv = nghttp3_rcbuf_new2(&qnv.name, nv->name, nv->namelen, mem); + if (rv != 0) { + return rv; + } + + rv = nghttp3_rcbuf_new2(&qnv.value, nv->value, nv->valuelen, mem); + if (rv != 0) { + nghttp3_rcbuf_decref(qnv.name); + return rv; + } + + qnv.token = token; + qnv.flags = NGHTTP3_NV_FLAG_NONE; + + rv = nghttp3_qpack_context_dtable_add(&encoder->ctx, &qnv, + &encoder->dtable_map, hash); + + nghttp3_rcbuf_decref(qnv.value); + nghttp3_rcbuf_decref(qnv.name); + + return rv; +} + +nghttp3_qpack_entry * +nghttp3_qpack_context_dtable_get(nghttp3_qpack_context *ctx, size_t absidx) { + size_t relidx; + + assert(ctx->next_absidx > absidx); + + relidx = ctx->next_absidx - absidx - 1; + + return *(nghttp3_qpack_entry **)nghttp3_ringbuf_get(&ctx->dtable, relidx); +} + +nghttp3_qpack_entry * +nghttp3_qpack_context_dtable_top(nghttp3_qpack_context *ctx) { + assert(nghttp3_ringbuf_len(&ctx->dtable)); + return *(nghttp3_qpack_entry **)nghttp3_ringbuf_get(&ctx->dtable, 0); +} + +void nghttp3_qpack_entry_init(nghttp3_qpack_entry *ent, nghttp3_qpack_nv *qnv, + size_t sum, size_t absidx, uint32_t hash) { + ent->nv = *qnv; + ent->map_next = NULL; + ent->sum = sum; + ent->absidx = absidx; + ent->hash = hash; + + nghttp3_rcbuf_incref(ent->nv.name); + nghttp3_rcbuf_incref(ent->nv.value); +} + +void nghttp3_qpack_entry_free(nghttp3_qpack_entry *ent) { + nghttp3_rcbuf_decref(ent->nv.value); + nghttp3_rcbuf_decref(ent->nv.name); +} + +int nghttp3_qpack_encoder_block_stream(nghttp3_qpack_encoder *encoder, + nghttp3_qpack_stream *stream) { + nghttp3_blocked_streams_key bsk = { + nghttp3_struct_of(nghttp3_pq_top(&stream->max_cnts), + nghttp3_qpack_header_block_ref, max_cnts_pe) + ->max_cnt, + stream->me.key}; + nghttp3_ksl_key key; + + return nghttp3_ksl_insert(&encoder->blocked_streams, NULL, + nghttp3_ksl_key_ptr(&key, &bsk), stream); +} + +void nghttp3_qpack_encoder_unblock_stream(nghttp3_qpack_encoder *encoder, + nghttp3_qpack_stream *stream) { + nghttp3_blocked_streams_key bsk = { + nghttp3_struct_of(nghttp3_pq_top(&stream->max_cnts), + nghttp3_qpack_header_block_ref, max_cnts_pe) + ->max_cnt, + stream->me.key}; + nghttp3_ksl_key key; + nghttp3_ksl_it it; + + /* This is purely debugging purpose only */ + it = nghttp3_ksl_lower_bound(&encoder->blocked_streams, + nghttp3_ksl_key_ptr(&key, &bsk)); + + assert(!nghttp3_ksl_it_end(&it)); + assert(nghttp3_ksl_it_get(&it) == stream); + + nghttp3_ksl_remove(&encoder->blocked_streams, NULL, &key); +} + +void nghttp3_qpack_encoder_unblock(nghttp3_qpack_encoder *encoder, + size_t max_cnt) { + nghttp3_blocked_streams_key bsk = {max_cnt, 0}; + nghttp3_ksl_key key; + nghttp3_ksl_it it; + + it = nghttp3_ksl_lower_bound(&encoder->blocked_streams, + nghttp3_ksl_key_ptr(&key, &bsk)); + + for (; !nghttp3_ksl_it_end(&it);) { + bsk = *(nghttp3_blocked_streams_key *)nghttp3_ksl_it_key(&it).ptr; + nghttp3_ksl_remove(&encoder->blocked_streams, &it, + nghttp3_ksl_key_ptr(&key, &bsk)); + } +} + +void nghttp3_qpack_encoder_ack_header(nghttp3_qpack_encoder *encoder, + int64_t stream_id) { + nghttp3_qpack_stream *stream = + nghttp3_qpack_encoder_find_stream(encoder, stream_id); + const nghttp3_mem *mem = encoder->ctx.mem; + nghttp3_qpack_header_block_ref *ref; + + if (stream == NULL) { + /* This might be NGHTTP3_ERR_QPACK_DECODER_STREAM_ERROR, but we + don't create stream which does not use dynamic table. */ + return; + } + + assert(nghttp3_ringbuf_len(&stream->refs)); + + ref = + *(nghttp3_qpack_header_block_ref **)nghttp3_ringbuf_get(&stream->refs, 0); + + DEBUGF("qpack::encoder: Header acknowledgement stream=%ld ricnt=%zu " + "krcnt=%zu\n", + stream_id, ref->max_cnt, encoder->krcnt); + + if (encoder->krcnt < ref->max_cnt) { + encoder->krcnt = ref->max_cnt; + + nghttp3_qpack_encoder_unblock(encoder, ref->max_cnt); + } + + nghttp3_qpack_stream_pop_ref(stream); + + assert(ref->min_cnts_pe.index != NGHTTP3_PQ_BAD_INDEX); + + nghttp3_pq_remove(&encoder->min_cnts, &ref->min_cnts_pe); + + nghttp3_qpack_header_block_ref_del(ref, mem); + + if (nghttp3_ringbuf_len(&stream->refs)) { + return; + } + + qpack_encoder_remove_stream(encoder, stream); + + nghttp3_qpack_stream_del(stream, mem); +} + +int nghttp3_qpack_encoder_add_insert_count(nghttp3_qpack_encoder *encoder, + size_t n) { + if (encoder->ctx.next_absidx < encoder->krcnt + n) { + return NGHTTP3_ERR_HTTP_QPACK_DECODER_STREAM_ERROR; + } + encoder->krcnt += n; + + nghttp3_qpack_encoder_unblock(encoder, encoder->krcnt); + + return 0; +} + +void nghttp3_qpack_encoder_ack_everything(nghttp3_qpack_encoder *encoder) { + encoder->krcnt = encoder->ctx.next_absidx; + + nghttp3_ksl_clear(&encoder->blocked_streams); + nghttp3_pq_clear(&encoder->min_cnts); + nghttp3_map_each_free(&encoder->streams, map_stream_free, + (void *)encoder->ctx.mem); +} + +void nghttp3_qpack_encoder_cancel_stream(nghttp3_qpack_encoder *encoder, + int64_t stream_id) { + nghttp3_qpack_stream *stream = + nghttp3_qpack_encoder_find_stream(encoder, stream_id); + const nghttp3_mem *mem = encoder->ctx.mem; + + if (stream == NULL) { + return; + } + + if (nghttp3_qpack_encoder_stream_is_blocked(encoder, stream)) { + nghttp3_qpack_encoder_unblock_stream(encoder, stream); + } + + qpack_encoder_remove_stream(encoder, stream); + + nghttp3_qpack_stream_del(stream, mem); +} + +size_t nghttp3_qpack_encoder_get_num_blocked(nghttp3_qpack_encoder *encoder) { + return nghttp3_ksl_len(&encoder->blocked_streams); +} + +int nghttp3_qpack_encoder_write_header_block_prefix( + nghttp3_qpack_encoder *encoder, nghttp3_buf *pbuf, size_t ricnt, + size_t base) { + size_t max_ents = + encoder->ctx.hard_max_dtable_size / NGHTTP3_QPACK_ENTRY_OVERHEAD; + size_t encricnt = ricnt == 0 ? 0 : (ricnt % (2 * max_ents)) + 1; + int sign = base < ricnt; + size_t delta_base = sign ? ricnt - base - 1 : base - ricnt; + size_t len = nghttp3_qpack_put_varint_len(encricnt, 8) + + nghttp3_qpack_put_varint_len(delta_base, 7); + uint8_t *p; + int rv; + + DEBUGF("qpack::encode: ricnt=%zu base=%zu icnt=%zu\n", ricnt, base, + encoder->ctx.next_absidx); + + rv = reserve_buf(pbuf, len, encoder->ctx.mem); + if (rv != 0) { + return rv; + } + + p = pbuf->last; + + p = nghttp3_qpack_put_varint(p, encricnt, 8); + if (sign) { + *p = 0x80; + } else { + *p = 0; + } + p = nghttp3_qpack_put_varint(p, delta_base, 7); + + assert((size_t)(p - pbuf->last) == len); + + pbuf->last = p; + + return 0; +} + +/* + * qpack_read_varint reads |rstate->prefix| prefixed integer stored + * from |in|. The |last| represents the 1 beyond the last of the + * valid contiguous memory region from |in|. The decoded integer must + * be less than or equal to NGHTTP3_QPACK_INT_MAX. + * + * If the |rstate->left| is nonzero, it is used as a initial value, + * and this function assumes the |in| starts with intermediate data. + * |rstate->shift| is used as initial integer shift. + * + * If an entire integer is decoded successfully, the |*fin| is set to + * nonzero. + * + * This function stores the decoded integer in |*dest| if it succeeds, + * including partial decoding (in this case, number of shift to make + * in the next call will be stored in |rstate->shift|) and returns + * number of bytes processed, or returns negative error code + * NGHTTP3_ERR_QPACK_FATAL, indicating decoding error. + */ +static ssize_t qpack_read_varint(int *fin, nghttp3_qpack_read_state *rstate, + const uint8_t *begin, const uint8_t *end) { + uint64_t k = (uint8_t)((1 << rstate->prefix) - 1); + uint64_t n = rstate->left; + uint64_t add; + const uint8_t *p = begin; + size_t shift = rstate->shift; + + rstate->shift = 0; + *fin = 0; + + if (n == 0) { + if (((*p) & k) != k) { + rstate->left = (*p) & k; + *fin = 1; + return 1; + } + + n = k; + + if (++p == end) { + rstate->left = n; + return (ssize_t)(p - begin); + } + } + + for (; p != end; ++p, shift += 7) { + add = (*p) & 0x7f; + + if (shift > 62) { + return NGHTTP3_ERR_QPACK_FATAL; + } + + if ((NGHTTP3_QPACK_INT_MAX >> shift) < add) { + return NGHTTP3_ERR_QPACK_FATAL; + } + + add <<= shift; + + if (NGHTTP3_QPACK_INT_MAX - add < n) { + return NGHTTP3_ERR_QPACK_FATAL; + } + + n += add; + + if (((*p) & (1 << 7)) == 0) { + break; + } + } + + rstate->shift = shift; + + if (p == end) { + rstate->left = n; + return (ssize_t)(p - begin); + } + + rstate->left = n; + *fin = 1; + return (ssize_t)(p + 1 - begin); +} + +ssize_t nghttp3_qpack_encoder_read_decoder(nghttp3_qpack_encoder *encoder, + const uint8_t *src, size_t srclen) { + const uint8_t *p = src, *end = src + srclen; + int rv; + ssize_t nread; + int rfin; + + if (encoder->ctx.bad) { + return NGHTTP3_ERR_QPACK_FATAL; + } + + for (; p != end;) { + switch (encoder->state) { + case NGHTTP3_QPACK_DS_STATE_OPCODE: + if ((*p) & 0x80) { + DEBUGF("qpack::encode: OPCODE_HEADER_ACK\n"); + encoder->opcode = NGHTTP3_QPACK_DS_OPCODE_HEADER_ACK; + encoder->rstate.prefix = 7; + } else if ((*p) & 0x40) { + DEBUGF("qpack::encode: OPCODE_STREAM_CANCEL\n"); + encoder->opcode = NGHTTP3_QPACK_DS_OPCODE_STREAM_CANCEL; + encoder->rstate.prefix = 6; + } else { + DEBUGF("qpack::encode: OPCODE_ICNT_INCREMENT\n"); + encoder->opcode = NGHTTP3_QPACK_DS_OPCODE_ICNT_INCREMENT; + encoder->rstate.prefix = 6; + } + encoder->state = NGHTTP3_QPACK_DS_STATE_READ_NUMBER; + /* fall through */ + case NGHTTP3_QPACK_DS_STATE_READ_NUMBER: + nread = qpack_read_varint(&rfin, &encoder->rstate, p, end); + if (nread < 0) { + assert(nread == NGHTTP3_ERR_QPACK_FATAL); + rv = NGHTTP3_ERR_HTTP_QPACK_DECODER_STREAM_ERROR; + goto fail; + } + + p += nread; + + if (!rfin) { + return p - src; + } + + switch (encoder->opcode) { + case NGHTTP3_QPACK_DS_OPCODE_ICNT_INCREMENT: + rv = nghttp3_qpack_encoder_add_insert_count(encoder, + encoder->rstate.left); + if (rv != 0) { + goto fail; + } + break; + case NGHTTP3_QPACK_DS_OPCODE_HEADER_ACK: + nghttp3_qpack_encoder_ack_header(encoder, + (int64_t)encoder->rstate.left); + break; + case NGHTTP3_QPACK_DS_OPCODE_STREAM_CANCEL: + nghttp3_qpack_encoder_cancel_stream(encoder, + (int64_t)encoder->rstate.left); + break; + default: + /* unreachable */ + assert(0); + break; + } + + encoder->state = NGHTTP3_QPACK_DS_STATE_OPCODE; + nghttp3_qpack_read_state_reset(&encoder->rstate); + break; + default: + /* unreachable */ + assert(0); + break; + } + } + + return p - src; + +fail: + encoder->ctx.bad = 1; + return rv; +} + +size_t nghttp3_qpack_put_varint_len(uint64_t n, size_t prefix) { + size_t k = (size_t)((1 << prefix) - 1); + size_t len = 0; + + if (n < k) { + return 1; + } + + n -= k; + ++len; + + for (; n >= 128; n >>= 7, ++len) + ; + + return len + 1; +} + +uint8_t *nghttp3_qpack_put_varint(uint8_t *buf, uint64_t n, size_t prefix) { + size_t k = (size_t)((1 << prefix) - 1); + + *buf = (uint8_t)(*buf & ~k); + + if (n < k) { + *buf = (uint8_t)(*buf | n); + return buf + 1; + } + + *buf = (uint8_t)(*buf | k); + ++buf; + + n -= k; + + for (; n >= 128; n >>= 7) { + *buf++ = (uint8_t)((1 << 7) | (n & 0x7f)); + } + + *buf++ = (uint8_t)n; + + return buf; +} + +void nghttp3_qpack_read_state_free(nghttp3_qpack_read_state *rstate) { + nghttp3_rcbuf_decref(rstate->value); + nghttp3_rcbuf_decref(rstate->name); +} + +void nghttp3_qpack_read_state_reset(nghttp3_qpack_read_state *rstate) { + rstate->name = NULL; + rstate->value = NULL; + nghttp3_buf_init(&rstate->namebuf); + nghttp3_buf_init(&rstate->valuebuf); + rstate->left = 0; + rstate->prefix = 0; + rstate->shift = 0; + rstate->absidx = 0; + rstate->never = 0; + rstate->dynamic = 0; + rstate->huffman_encoded = 0; +} + +int nghttp3_qpack_decoder_init(nghttp3_qpack_decoder *decoder, + size_t max_dtable_size, size_t max_blocked, + const nghttp3_mem *mem) { + int rv; + + rv = qpack_context_init(&decoder->ctx, max_dtable_size, max_blocked, mem); + if (rv != 0) { + return rv; + } + + decoder->state = NGHTTP3_QPACK_ES_STATE_OPCODE; + decoder->opcode = 0; + decoder->written_icnt = 0; + + nghttp3_qpack_read_state_reset(&decoder->rstate); + nghttp3_buf_init(&decoder->dbuf); + + return 0; +} + +void nghttp3_qpack_decoder_free(nghttp3_qpack_decoder *decoder) { + nghttp3_buf_free(&decoder->dbuf, decoder->ctx.mem); + nghttp3_qpack_read_state_free(&decoder->rstate); + qpack_context_free(&decoder->ctx); +} + +/* + * qpack_read_huffman_string decodes huffman string in buffer [begin, + * end) and writes the decoded string to |dest|. This function + * assumes the buffer pointed by |dest| has enough space. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_QPACK_FATAL + * Could not decode huffman string. + */ +static ssize_t qpack_read_huffman_string(nghttp3_qpack_read_state *rstate, + nghttp3_buf *dest, + const uint8_t *begin, + const uint8_t *end) { + ssize_t nwrite; + size_t len = (size_t)(end - begin); + int fin = 0; + + if (len >= rstate->left) { + len = rstate->left; + end = begin + rstate->left; + fin = 1; + } + + nwrite = nghttp3_qpack_huffman_decode(&rstate->huffman_ctx, dest->last, begin, + len, fin); + if (nwrite < 0) { + return nwrite; + } + + dest->last += nwrite; + rstate->left -= len; + return (ssize_t)len; +} + +static ssize_t qpack_read_string(nghttp3_qpack_read_state *rstate, + nghttp3_buf *dest, const uint8_t *begin, + const uint8_t *end) { + size_t len = (size_t)(end - begin); + size_t n = nghttp3_min(len, rstate->left); + + dest->last = nghttp3_cpymem(dest->last, begin, n); + + rstate->left -= n; + return (ssize_t)n; +} + +/* + * qpack_decoder_validate_index checks rstate->absidx is acceptable. + * + * It returns 0 if it suceeds, or one of the following negative error + * codes: + * + * NGHTTP3_ERR_QPACK_FATAL + * rstate->absidx is invalid. + */ +static int qpack_decoder_validate_index(nghttp3_qpack_decoder *decoder, + nghttp3_qpack_read_state *rstate) { + if (rstate->dynamic) { + return rstate->absidx < decoder->ctx.next_absidx && + decoder->ctx.next_absidx - rstate->absidx - 1 < + nghttp3_ringbuf_len(&decoder->ctx.dtable) + ? 0 + : NGHTTP3_ERR_QPACK_FATAL; + } + return rstate->absidx < nghttp3_arraylen(stable) ? 0 + : NGHTTP3_ERR_QPACK_FATAL; +} + +static void qpack_read_state_check_huffman(nghttp3_qpack_read_state *rstate, + const uint8_t b) { + rstate->huffman_encoded = (b & (1 << rstate->prefix)) != 0; +} + +static void qpack_read_state_terminate_name(nghttp3_qpack_read_state *rstate) { + *rstate->namebuf.last = '\0'; + rstate->name->len = nghttp3_buf_len(&rstate->namebuf); +} + +static void qpack_read_state_terminate_value(nghttp3_qpack_read_state *rstate) { + *rstate->valuebuf.last = '\0'; + rstate->value->len = nghttp3_buf_len(&rstate->valuebuf); +} + +ssize_t nghttp3_qpack_decoder_read_encoder(nghttp3_qpack_decoder *decoder, + const uint8_t *src, size_t srclen) { + const uint8_t *p = src, *end = src + srclen; + int rv; + int busy = 0; + const nghttp3_mem *mem = decoder->ctx.mem; + ssize_t nread; + int rfin; + + if (decoder->ctx.bad) { + return NGHTTP3_ERR_QPACK_FATAL; + } + + for (; p != end || busy;) { + busy = 0; + switch (decoder->state) { + case NGHTTP3_QPACK_ES_STATE_OPCODE: + if ((*p) & 0x80) { + DEBUGF("qpack::decode: OPCODE_INSERT_INDEXED\n"); + decoder->opcode = NGHTTP3_QPACK_ES_OPCODE_INSERT_INDEXED; + decoder->rstate.dynamic = !((*p) & 0x40); + decoder->rstate.prefix = 6; + decoder->state = NGHTTP3_QPACK_ES_STATE_READ_INDEX; + } else if ((*p) & 0x40) { + DEBUGF("qpack::decode: OPCODE_INSERT\n"); + decoder->opcode = NGHTTP3_QPACK_ES_OPCODE_INSERT; + decoder->rstate.dynamic = 0; + decoder->rstate.prefix = 5; + decoder->state = NGHTTP3_QPACK_ES_STATE_CHECK_NAME_HUFFMAN; + } else if ((*p) & 0x20) { + DEBUGF("qpack::decode: OPCODE_SET_DTABLE_TABLE_CAP\n"); + decoder->opcode = NGHTTP3_QPACK_ES_OPCODE_SET_DTABLE_CAP; + decoder->rstate.prefix = 5; + decoder->state = NGHTTP3_QPACK_ES_STATE_READ_INDEX; + } else if (!((*p) & 0x20)) { + DEBUGF("qpack::decode: OPCODE_DUPLICATE\n"); + decoder->opcode = NGHTTP3_QPACK_ES_OPCODE_DUPLICATE; + decoder->rstate.dynamic = 1; + decoder->rstate.prefix = 5; + decoder->state = NGHTTP3_QPACK_ES_STATE_READ_INDEX; + } else { + DEBUGF("qpack::decode: unknown opcode %02x\n", *p); + rv = NGHTTP3_ERR_HTTP_QPACK_ENCODER_STREAM_ERROR; + goto fail; + } + break; + case NGHTTP3_QPACK_ES_STATE_READ_INDEX: + nread = qpack_read_varint(&rfin, &decoder->rstate, p, end); + if (nread < 0) { + assert(NGHTTP3_ERR_QPACK_FATAL == nread); + rv = NGHTTP3_ERR_HTTP_QPACK_ENCODER_STREAM_ERROR; + goto fail; + } + + p += nread; + + if (!rfin) { + return p - src; + } + + if (decoder->opcode == NGHTTP3_QPACK_ES_OPCODE_SET_DTABLE_CAP) { + if (decoder->rstate.left > decoder->ctx.hard_max_dtable_size) { + rv = NGHTTP3_ERR_HTTP_QPACK_ENCODER_STREAM_ERROR; + goto fail; + } + DEBUGF("qpack::decode: Set dtable capacity to %zu\n", + decoder->rstate.left); + nghttp3_qpack_decoder_set_dtable_cap(decoder, decoder->rstate.left); + + decoder->state = NGHTTP3_QPACK_ES_STATE_OPCODE; + nghttp3_qpack_read_state_reset(&decoder->rstate); + break; + } + + rv = nghttp3_qpack_decoder_rel2abs(decoder, &decoder->rstate); + if (rv < 0) { + goto fail; + } + + if (decoder->opcode == NGHTTP3_QPACK_ES_OPCODE_DUPLICATE) { + rv = nghttp3_qpack_decoder_dtable_duplicate_add(decoder); + if (rv != 0) { + goto fail; + } + decoder->state = NGHTTP3_QPACK_ES_STATE_OPCODE; + nghttp3_qpack_read_state_reset(&decoder->rstate); + break; + } + + if (decoder->opcode == NGHTTP3_QPACK_ES_OPCODE_INSERT_INDEXED) { + decoder->rstate.prefix = 7; + decoder->state = NGHTTP3_QPACK_ES_STATE_CHECK_VALUE_HUFFMAN; + break; + } + + /* Unreachable */ + assert(0); + break; + case NGHTTP3_QPACK_ES_STATE_CHECK_NAME_HUFFMAN: + qpack_read_state_check_huffman(&decoder->rstate, *p); + decoder->state = NGHTTP3_QPACK_ES_STATE_READ_NAMELEN; + decoder->rstate.left = 0; + decoder->rstate.shift = 0; + /* Fall through */ + case NGHTTP3_QPACK_ES_STATE_READ_NAMELEN: + nread = qpack_read_varint(&rfin, &decoder->rstate, p, end); + if (nread < 0) { + assert(NGHTTP3_ERR_QPACK_FATAL == nread); + rv = NGHTTP3_ERR_HTTP_QPACK_ENCODER_STREAM_ERROR; + goto fail; + } + + p += nread; + + if (!rfin) { + return p - src; + } + + if (decoder->rstate.huffman_encoded) { + decoder->state = NGHTTP3_QPACK_ES_STATE_READ_NAME_HUFFMAN; + nghttp3_qpack_huffman_decode_context_init(&decoder->rstate.huffman_ctx); + rv = nghttp3_rcbuf_new(&decoder->rstate.name, + decoder->rstate.left * 2 + 1, mem); + } else { + decoder->state = NGHTTP3_QPACK_ES_STATE_READ_NAME; + rv = nghttp3_rcbuf_new(&decoder->rstate.name, decoder->rstate.left + 1, + mem); + } + if (rv != 0) { + goto fail; + } + + nghttp3_buf_wrap_init(&decoder->rstate.namebuf, + decoder->rstate.name->base, + decoder->rstate.name->len); + break; + case NGHTTP3_QPACK_ES_STATE_READ_NAME_HUFFMAN: + nread = qpack_read_huffman_string(&decoder->rstate, + &decoder->rstate.namebuf, p, end); + if (nread < 0) { + assert(NGHTTP3_ERR_QPACK_FATAL == nread); + rv = NGHTTP3_ERR_HTTP_QPACK_ENCODER_STREAM_ERROR; + goto fail; + } + + p += nread; + + if (decoder->rstate.left) { + return p - src; + } + + qpack_read_state_terminate_name(&decoder->rstate); + + decoder->state = NGHTTP3_QPACK_ES_STATE_CHECK_VALUE_HUFFMAN; + decoder->rstate.prefix = 7; + break; + case NGHTTP3_QPACK_ES_STATE_READ_NAME: + nread = + qpack_read_string(&decoder->rstate, &decoder->rstate.namebuf, p, end); + if (nread < 0) { + rv = (int)nread; + goto fail; + } + + p += nread; + + if (decoder->rstate.left) { + return p - src; + } + + qpack_read_state_terminate_name(&decoder->rstate); + + decoder->state = NGHTTP3_QPACK_ES_STATE_CHECK_VALUE_HUFFMAN; + break; + case NGHTTP3_QPACK_ES_STATE_CHECK_VALUE_HUFFMAN: + qpack_read_state_check_huffman(&decoder->rstate, *p); + decoder->state = NGHTTP3_QPACK_ES_STATE_READ_VALUELEN; + decoder->rstate.left = 0; + decoder->rstate.shift = 0; + /* Fall through */ + case NGHTTP3_QPACK_ES_STATE_READ_VALUELEN: + nread = qpack_read_varint(&rfin, &decoder->rstate, p, end); + if (nread < 0) { + assert(NGHTTP3_ERR_QPACK_FATAL == nread); + rv = NGHTTP3_ERR_HTTP_QPACK_ENCODER_STREAM_ERROR; + goto fail; + } + + p += nread; + + if (!rfin) { + return p - src; + } + + if (decoder->rstate.huffman_encoded) { + decoder->state = NGHTTP3_QPACK_ES_STATE_READ_VALUE_HUFFMAN; + nghttp3_qpack_huffman_decode_context_init(&decoder->rstate.huffman_ctx); + rv = nghttp3_rcbuf_new(&decoder->rstate.value, + decoder->rstate.left * 2 + 1, mem); + } else { + decoder->state = NGHTTP3_QPACK_ES_STATE_READ_VALUE; + rv = nghttp3_rcbuf_new(&decoder->rstate.value, decoder->rstate.left + 1, + mem); + } + if (rv != 0) { + goto fail; + } + + nghttp3_buf_wrap_init(&decoder->rstate.valuebuf, + decoder->rstate.value->base, + decoder->rstate.value->len); + + /* value might be 0 length */ + busy = 1; + break; + case NGHTTP3_QPACK_ES_STATE_READ_VALUE_HUFFMAN: + nread = qpack_read_huffman_string(&decoder->rstate, + &decoder->rstate.valuebuf, p, end); + if (nread < 0) { + assert(NGHTTP3_ERR_QPACK_FATAL == nread); + rv = NGHTTP3_ERR_HTTP_QPACK_ENCODER_STREAM_ERROR; + goto fail; + } + + p += nread; + + if (decoder->rstate.left) { + return p - src; + } + + qpack_read_state_terminate_value(&decoder->rstate); + + switch (decoder->opcode) { + case NGHTTP3_QPACK_ES_OPCODE_INSERT_INDEXED: + rv = nghttp3_qpack_decoder_dtable_indexed_add(decoder); + break; + case NGHTTP3_QPACK_ES_OPCODE_INSERT: + rv = nghttp3_qpack_decoder_dtable_literal_add(decoder); + break; + default: + /* Unreachable */ + assert(0); + } + if (rv != 0) { + goto fail; + } + + decoder->state = NGHTTP3_QPACK_ES_STATE_OPCODE; + nghttp3_qpack_read_state_reset(&decoder->rstate); + break; + case NGHTTP3_QPACK_ES_STATE_READ_VALUE: + nread = qpack_read_string(&decoder->rstate, &decoder->rstate.valuebuf, p, + end); + if (nread < 0) { + rv = (int)nread; + goto fail; + } + + p += nread; + + if (decoder->rstate.left) { + return p - src; + } + + qpack_read_state_terminate_value(&decoder->rstate); + + switch (decoder->opcode) { + case NGHTTP3_QPACK_ES_OPCODE_INSERT_INDEXED: + rv = nghttp3_qpack_decoder_dtable_indexed_add(decoder); + break; + case NGHTTP3_QPACK_ES_OPCODE_INSERT: + rv = nghttp3_qpack_decoder_dtable_literal_add(decoder); + break; + default: + /* Unreachable */ + assert(0); + } + if (rv != 0) { + goto fail; + } + + decoder->state = NGHTTP3_QPACK_ES_STATE_OPCODE; + nghttp3_qpack_read_state_reset(&decoder->rstate); + break; + } + } + + return p - src; + +fail: + decoder->ctx.bad = 1; + return rv; +} + +void nghttp3_qpack_decoder_set_dtable_cap(nghttp3_qpack_decoder *decoder, + size_t cap) { + nghttp3_qpack_entry *ent; + size_t i; + nghttp3_qpack_context *ctx = &decoder->ctx; + const nghttp3_mem *mem = ctx->mem; + + ctx->max_dtable_size = cap; + + while (ctx->dtable_size > cap) { + i = nghttp3_ringbuf_len(&ctx->dtable); + assert(i); + ent = *(nghttp3_qpack_entry **)nghttp3_ringbuf_get(&ctx->dtable, i - 1); + + ctx->dtable_size -= table_space(ent->nv.name->len, ent->nv.value->len); + + nghttp3_ringbuf_pop_back(&ctx->dtable); + nghttp3_qpack_entry_free(ent); + nghttp3_mem_free(mem, ent); + } +} + +int nghttp3_qpack_decoder_dtable_indexed_add(nghttp3_qpack_decoder *decoder) { + DEBUGF("qpack::decode: Insert With Name Reference (%s) absidx=%zu: " + "value=%*s\n", + decoder->rstate.dynamic ? "dynamic" : "static", decoder->rstate.absidx, + (int)decoder->rstate.value->len, decoder->rstate.value->base); + + if (decoder->rstate.dynamic) { + return nghttp3_qpack_decoder_dtable_dynamic_add(decoder); + } + + return nghttp3_qpack_decoder_dtable_static_add(decoder); +} + +int nghttp3_qpack_decoder_dtable_static_add(nghttp3_qpack_decoder *decoder) { + nghttp3_qpack_nv qnv; + int rv; + const nghttp3_qpack_static_header *shd; + + shd = &stable[decoder->rstate.absidx]; + + if (table_space(shd->name.len, decoder->rstate.value->len) > + decoder->ctx.max_dtable_size) { + return NGHTTP3_ERR_HTTP_QPACK_ENCODER_STREAM_ERROR; + } + + qnv.name = (nghttp3_rcbuf *)&shd->name; + qnv.value = decoder->rstate.value; + qnv.token = shd->token; + qnv.flags = NGHTTP3_NV_FLAG_NONE; + + rv = nghttp3_qpack_context_dtable_add(&decoder->ctx, &qnv, NULL, 0); + + nghttp3_rcbuf_decref(qnv.value); + + return rv; +} + +int nghttp3_qpack_decoder_dtable_dynamic_add(nghttp3_qpack_decoder *decoder) { + nghttp3_qpack_nv qnv; + int rv; + nghttp3_qpack_entry *ent; + + ent = nghttp3_qpack_context_dtable_get(&decoder->ctx, decoder->rstate.absidx); + + if (table_space(ent->nv.name->len, decoder->rstate.value->len) > + decoder->ctx.max_dtable_size) { + return NGHTTP3_ERR_HTTP_QPACK_ENCODER_STREAM_ERROR; + } + + qnv.name = ent->nv.name; + qnv.value = decoder->rstate.value; + qnv.token = ent->nv.token; + qnv.flags = NGHTTP3_NV_FLAG_NONE; + + nghttp3_rcbuf_incref(qnv.name); + + rv = nghttp3_qpack_context_dtable_add(&decoder->ctx, &qnv, NULL, 0); + + nghttp3_rcbuf_decref(qnv.value); + nghttp3_rcbuf_decref(qnv.name); + + return rv; +} + +int nghttp3_qpack_decoder_dtable_duplicate_add(nghttp3_qpack_decoder *decoder) { + int rv; + nghttp3_qpack_entry *ent; + nghttp3_qpack_nv qnv; + + DEBUGF("qpack::decode: Insert duplicate absidx=%zu\n", + decoder->rstate.absidx); + + ent = nghttp3_qpack_context_dtable_get(&decoder->ctx, decoder->rstate.absidx); + + if (table_space(ent->nv.name->len, ent->nv.value->len) > + decoder->ctx.max_dtable_size) { + return NGHTTP3_ERR_HTTP_QPACK_ENCODER_STREAM_ERROR; + } + + qnv = ent->nv; + nghttp3_rcbuf_incref(qnv.name); + nghttp3_rcbuf_incref(qnv.value); + + rv = nghttp3_qpack_context_dtable_add(&decoder->ctx, &qnv, NULL, 0); + + nghttp3_rcbuf_decref(qnv.value); + nghttp3_rcbuf_decref(qnv.name); + + return rv; +} + +int nghttp3_qpack_decoder_dtable_literal_add(nghttp3_qpack_decoder *decoder) { + nghttp3_qpack_nv qnv; + int rv; + + DEBUGF("qpack::decode: Insert Without Name Reference: name=%*s value=%*s\n", + (int)decoder->rstate.name->len, decoder->rstate.name->base, + (int)decoder->rstate.value->len, decoder->rstate.value->base); + + if (table_space(decoder->rstate.name->len, decoder->rstate.value->len) > + decoder->ctx.max_dtable_size) { + return NGHTTP3_ERR_HTTP_QPACK_ENCODER_STREAM_ERROR; + } + + qnv.name = decoder->rstate.name; + qnv.value = decoder->rstate.value; + qnv.token = qpack_lookup_token(qnv.name->base, qnv.name->len); + qnv.flags = NGHTTP3_NV_FLAG_NONE; + + rv = nghttp3_qpack_context_dtable_add(&decoder->ctx, &qnv, NULL, 0); + + nghttp3_rcbuf_decref(qnv.value); + nghttp3_rcbuf_decref(qnv.name); + + return rv; +} + +void nghttp3_qpack_stream_context_init(nghttp3_qpack_stream_context *sctx, + int64_t stream_id, + const nghttp3_mem *mem) { + nghttp3_qpack_read_state_reset(&sctx->rstate); + + sctx->mem = mem; + sctx->rstate.prefix = 8; + sctx->state = NGHTTP3_QPACK_RS_STATE_RICNT; + sctx->opcode = 0; + sctx->stream_id = stream_id; + sctx->ricnt = 0; + sctx->dbase_sign = 0; + sctx->base = 0; +} + +void nghttp3_qpack_stream_context_free(nghttp3_qpack_stream_context *sctx) { + nghttp3_qpack_read_state_free(&sctx->rstate); +} + +void nghttp3_qpack_stream_context_reset(nghttp3_qpack_stream_context *sctx) { + nghttp3_qpack_stream_context_init(sctx, sctx->stream_id, sctx->mem); +} + +size_t +nghttp3_qpack_stream_context_get_ricnt(nghttp3_qpack_stream_context *sctx) { + return sctx->ricnt; +} + +ssize_t nghttp3_qpack_decoder_read_request(nghttp3_qpack_decoder *decoder, + nghttp3_qpack_stream_context *sctx, + nghttp3_qpack_nv *nv, + uint8_t *pflags, const uint8_t *src, + size_t srclen, int fin) { + const uint8_t *p = src, *end = src + srclen; + int rv; + int busy = 0; + ssize_t nread; + int rfin; + const nghttp3_mem *mem = decoder->ctx.mem; + + if (decoder->ctx.bad) { + return NGHTTP3_ERR_QPACK_FATAL; + } + + *pflags = NGHTTP3_QPACK_DECODE_FLAG_NONE; + + for (; p != end || busy;) { + busy = 0; + switch (sctx->state) { + case NGHTTP3_QPACK_RS_STATE_RICNT: + nread = qpack_read_varint(&rfin, &sctx->rstate, p, end); + if (nread < 0) { + assert(NGHTTP3_ERR_QPACK_FATAL == nread); + rv = NGHTTP3_ERR_HTTP_QPACK_DECOMPRESSION_FAILED; + goto fail; + } + + p += nread; + + if (!rfin) { + goto almost_ok; + } + + rv = nghttp3_qpack_decoder_reconstruct_ricnt(decoder, &sctx->ricnt, + sctx->rstate.left); + if (rv != 0) { + goto fail; + } + + sctx->state = NGHTTP3_QPACK_RS_STATE_DBASE_SIGN; + break; + case NGHTTP3_QPACK_RS_STATE_DBASE_SIGN: + if ((*p) & 0x80) { + sctx->dbase_sign = 1; + } + sctx->state = NGHTTP3_QPACK_RS_STATE_DBASE; + sctx->rstate.left = 0; + sctx->rstate.prefix = 7; + sctx->rstate.shift = 0; + /* Fall through */ + case NGHTTP3_QPACK_RS_STATE_DBASE: + nread = qpack_read_varint(&rfin, &sctx->rstate, p, end); + if (nread < 0) { + assert(NGHTTP3_ERR_QPACK_FATAL == nread); + rv = NGHTTP3_ERR_HTTP_QPACK_DECOMPRESSION_FAILED; + goto fail; + } + + p += nread; + + if (!rfin) { + goto almost_ok; + } + + if (sctx->dbase_sign) { + if (sctx->ricnt < sctx->rstate.left) { + rv = NGHTTP3_ERR_HTTP_QPACK_DECOMPRESSION_FAILED; + goto fail; + } + sctx->base = sctx->ricnt - sctx->rstate.left - 1; + } else { + sctx->base = sctx->ricnt + sctx->rstate.left; + } + + DEBUGF("qpack::decode: ricnt=%zu base=%zu icnt=%zu\n", sctx->ricnt, + sctx->base, decoder->ctx.next_absidx); + + if (sctx->ricnt > decoder->ctx.next_absidx) { + DEBUGF("qpack::decode: stream blocked\n"); + sctx->state = NGHTTP3_QPACK_RS_STATE_BLOCKED; + *pflags |= NGHTTP3_QPACK_DECODE_FLAG_BLOCKED; + return p - src; + } + + sctx->state = NGHTTP3_QPACK_RS_STATE_OPCODE; + sctx->rstate.left = 0; + sctx->rstate.shift = 0; + break; + case NGHTTP3_QPACK_RS_STATE_OPCODE: + assert(sctx->rstate.left == 0); + assert(sctx->rstate.shift == 0); + if ((*p) & 0x80) { + DEBUGF("qpack::decode: OPCODE_INDEXED\n"); + sctx->opcode = NGHTTP3_QPACK_RS_OPCODE_INDEXED; + sctx->rstate.dynamic = !((*p) & 0x40); + sctx->rstate.prefix = 6; + sctx->state = NGHTTP3_QPACK_RS_STATE_READ_INDEX; + } else if ((*p) & 0x40) { + DEBUGF("qpack::decode: OPCODE_INDEXED_NAME\n"); + sctx->opcode = NGHTTP3_QPACK_RS_OPCODE_INDEXED_NAME; + sctx->rstate.never = (*p) & 0x20; + sctx->rstate.dynamic = !((*p) & 0x10); + sctx->rstate.prefix = 4; + sctx->state = NGHTTP3_QPACK_RS_STATE_READ_INDEX; + } else if ((*p) & 0x20) { + DEBUGF("qpack::decode: OPCODE_LITERAL\n"); + sctx->opcode = NGHTTP3_QPACK_RS_OPCODE_LITERAL; + sctx->rstate.never = (*p) & 0x10; + sctx->rstate.dynamic = 0; + sctx->rstate.prefix = 3; + sctx->state = NGHTTP3_QPACK_RS_STATE_CHECK_NAME_HUFFMAN; + } else if ((*p) & 0x10) { + DEBUGF("qpack::decode: OPCODE_INDEXED_PB\n"); + sctx->opcode = NGHTTP3_QPACK_RS_OPCODE_INDEXED_PB; + sctx->rstate.dynamic = 1; + sctx->rstate.prefix = 4; + sctx->state = NGHTTP3_QPACK_RS_STATE_READ_INDEX; + } else { + DEBUGF("qpack::decode: OPCODE_INDEXED_NAME_PB\n"); + sctx->opcode = NGHTTP3_QPACK_RS_OPCODE_INDEXED_NAME_PB; + sctx->rstate.never = (*p) & 0x08; + sctx->rstate.dynamic = 1; + sctx->rstate.prefix = 3; + sctx->state = NGHTTP3_QPACK_RS_STATE_READ_INDEX; + } + break; + case NGHTTP3_QPACK_RS_STATE_READ_INDEX: + nread = qpack_read_varint(&rfin, &sctx->rstate, p, end); + if (nread < 0) { + assert(NGHTTP3_ERR_QPACK_FATAL == nread); + rv = NGHTTP3_ERR_HTTP_QPACK_DECOMPRESSION_FAILED; + goto fail; + } + + p += nread; + + if (!rfin) { + goto almost_ok; + } + + switch (sctx->opcode) { + case NGHTTP3_QPACK_RS_OPCODE_INDEXED: + rv = nghttp3_qpack_decoder_brel2abs(decoder, sctx); + if (rv != 0) { + goto fail; + } + nghttp3_qpack_decoder_emit_indexed(decoder, sctx, nv); + *pflags |= NGHTTP3_QPACK_DECODE_FLAG_EMIT; + + sctx->state = NGHTTP3_QPACK_RS_STATE_OPCODE; + nghttp3_qpack_read_state_reset(&sctx->rstate); + + return p - src; + case NGHTTP3_QPACK_RS_OPCODE_INDEXED_PB: + rv = nghttp3_qpack_decoder_pbrel2abs(decoder, sctx); + if (rv != 0) { + goto fail; + } + nghttp3_qpack_decoder_emit_indexed(decoder, sctx, nv); + *pflags |= NGHTTP3_QPACK_DECODE_FLAG_EMIT; + + sctx->state = NGHTTP3_QPACK_RS_STATE_OPCODE; + nghttp3_qpack_read_state_reset(&sctx->rstate); + + return p - src; + case NGHTTP3_QPACK_RS_OPCODE_INDEXED_NAME: + rv = nghttp3_qpack_decoder_brel2abs(decoder, sctx); + if (rv != 0) { + goto fail; + } + sctx->rstate.prefix = 7; + sctx->state = NGHTTP3_QPACK_RS_STATE_CHECK_VALUE_HUFFMAN; + break; + case NGHTTP3_QPACK_RS_OPCODE_INDEXED_NAME_PB: + rv = nghttp3_qpack_decoder_pbrel2abs(decoder, sctx); + if (rv != 0) { + goto fail; + } + sctx->rstate.prefix = 7; + sctx->state = NGHTTP3_QPACK_RS_STATE_CHECK_VALUE_HUFFMAN; + break; + default: + /* Unreachable */ + assert(0); + } + break; + case NGHTTP3_QPACK_RS_STATE_CHECK_NAME_HUFFMAN: + qpack_read_state_check_huffman(&sctx->rstate, *p); + sctx->state = NGHTTP3_QPACK_RS_STATE_READ_NAMELEN; + sctx->rstate.left = 0; + sctx->rstate.shift = 0; + /* Fall through */ + case NGHTTP3_QPACK_RS_STATE_READ_NAMELEN: + nread = qpack_read_varint(&rfin, &sctx->rstate, p, end); + if (nread < 0) { + assert(NGHTTP3_ERR_QPACK_FATAL == nread); + rv = NGHTTP3_ERR_HTTP_QPACK_DECOMPRESSION_FAILED; + goto fail; + } + + p += nread; + + if (!rfin) { + goto almost_ok; + } + + if (decoder->rstate.left > NGHTTP3_QPACK_MAX_NAMELEN) { + rv = NGHTTP3_ERR_QPACK_HEADER_TOO_LARGE; + goto fail; + } + + if (sctx->rstate.huffman_encoded) { + sctx->state = NGHTTP3_QPACK_RS_STATE_READ_NAME_HUFFMAN; + nghttp3_qpack_huffman_decode_context_init(&sctx->rstate.huffman_ctx); + rv = nghttp3_rcbuf_new(&sctx->rstate.name, sctx->rstate.left * 2 + 1, + mem); + } else { + sctx->state = NGHTTP3_QPACK_RS_STATE_READ_NAME; + rv = nghttp3_rcbuf_new(&sctx->rstate.name, sctx->rstate.left + 1, mem); + } + if (rv != 0) { + goto fail; + } + + nghttp3_buf_wrap_init(&sctx->rstate.namebuf, sctx->rstate.name->base, + sctx->rstate.name->len); + break; + case NGHTTP3_QPACK_RS_STATE_READ_NAME_HUFFMAN: + nread = qpack_read_huffman_string(&sctx->rstate, &sctx->rstate.namebuf, p, + end); + if (nread < 0) { + assert(NGHTTP3_ERR_QPACK_FATAL == nread); + rv = NGHTTP3_ERR_HTTP_QPACK_DECOMPRESSION_FAILED; + goto fail; + } + + p += nread; + + if (sctx->rstate.left) { + goto almost_ok; + } + + qpack_read_state_terminate_name(&sctx->rstate); + + sctx->state = NGHTTP3_QPACK_RS_STATE_CHECK_VALUE_HUFFMAN; + sctx->rstate.prefix = 7; + break; + case NGHTTP3_QPACK_RS_STATE_READ_NAME: + nread = qpack_read_string(&sctx->rstate, &sctx->rstate.namebuf, p, end); + if (nread < 0) { + rv = (int)nread; + goto fail; + } + + p += nread; + + if (sctx->rstate.left) { + goto almost_ok; + } + + qpack_read_state_terminate_name(&sctx->rstate); + + sctx->state = NGHTTP3_QPACK_RS_STATE_CHECK_VALUE_HUFFMAN; + sctx->rstate.prefix = 7; + break; + case NGHTTP3_QPACK_RS_STATE_CHECK_VALUE_HUFFMAN: + qpack_read_state_check_huffman(&sctx->rstate, *p); + sctx->state = NGHTTP3_QPACK_RS_STATE_READ_VALUELEN; + sctx->rstate.left = 0; + sctx->rstate.shift = 0; + /* Fall through */ + case NGHTTP3_QPACK_RS_STATE_READ_VALUELEN: + nread = qpack_read_varint(&rfin, &sctx->rstate, p, end); + if (nread < 0) { + assert(NGHTTP3_ERR_QPACK_FATAL == nread); + rv = NGHTTP3_ERR_HTTP_QPACK_DECOMPRESSION_FAILED; + goto fail; + } + + p += nread; + + if (!rfin) { + goto almost_ok; + } + + if (decoder->rstate.left > NGHTTP3_QPACK_MAX_VALUELEN) { + rv = NGHTTP3_ERR_QPACK_HEADER_TOO_LARGE; + goto fail; + } + + if (sctx->rstate.huffman_encoded) { + sctx->state = NGHTTP3_QPACK_RS_STATE_READ_VALUE_HUFFMAN; + nghttp3_qpack_huffman_decode_context_init(&sctx->rstate.huffman_ctx); + rv = nghttp3_rcbuf_new(&sctx->rstate.value, sctx->rstate.left * 2 + 1, + mem); + } else { + sctx->state = NGHTTP3_QPACK_RS_STATE_READ_VALUE; + rv = nghttp3_rcbuf_new(&sctx->rstate.value, sctx->rstate.left + 1, mem); + } + if (rv != 0) { + goto fail; + } + + nghttp3_buf_wrap_init(&sctx->rstate.valuebuf, sctx->rstate.value->base, + sctx->rstate.value->len); + + /* value might be 0 length */ + busy = 1; + break; + case NGHTTP3_QPACK_RS_STATE_READ_VALUE_HUFFMAN: + nread = qpack_read_huffman_string(&sctx->rstate, &sctx->rstate.valuebuf, + p, end); + if (nread < 0) { + assert(NGHTTP3_ERR_QPACK_FATAL == nread); + rv = NGHTTP3_ERR_HTTP_QPACK_DECOMPRESSION_FAILED; + goto fail; + } + + p += nread; + + if (sctx->rstate.left) { + goto almost_ok; + } + + qpack_read_state_terminate_value(&sctx->rstate); + + switch (sctx->opcode) { + case NGHTTP3_QPACK_RS_OPCODE_INDEXED_NAME: + case NGHTTP3_QPACK_RS_OPCODE_INDEXED_NAME_PB: + nghttp3_qpack_decoder_emit_indexed_name(decoder, sctx, nv); + break; + case NGHTTP3_QPACK_RS_OPCODE_LITERAL: + nghttp3_qpack_decoder_emit_literal(decoder, sctx, nv); + break; + default: + /* Unreachable */ + assert(0); + } + + *pflags |= NGHTTP3_QPACK_DECODE_FLAG_EMIT; + + sctx->state = NGHTTP3_QPACK_RS_STATE_OPCODE; + nghttp3_qpack_read_state_reset(&sctx->rstate); + + return p - src; + case NGHTTP3_QPACK_RS_STATE_READ_VALUE: + nread = qpack_read_string(&sctx->rstate, &sctx->rstate.valuebuf, p, end); + if (nread < 0) { + rv = (int)nread; + goto fail; + } + + p += nread; + + if (sctx->rstate.left) { + goto almost_ok; + } + + qpack_read_state_terminate_value(&sctx->rstate); + + switch (sctx->opcode) { + case NGHTTP3_QPACK_RS_OPCODE_INDEXED_NAME: + case NGHTTP3_QPACK_RS_OPCODE_INDEXED_NAME_PB: + nghttp3_qpack_decoder_emit_indexed_name(decoder, sctx, nv); + break; + case NGHTTP3_QPACK_RS_OPCODE_LITERAL: + nghttp3_qpack_decoder_emit_literal(decoder, sctx, nv); + break; + default: + /* Unreachable */ + assert(0); + } + + *pflags |= NGHTTP3_QPACK_DECODE_FLAG_EMIT; + + sctx->state = NGHTTP3_QPACK_RS_STATE_OPCODE; + nghttp3_qpack_read_state_reset(&sctx->rstate); + + return p - src; + case NGHTTP3_QPACK_RS_STATE_BLOCKED: + if (sctx->ricnt > decoder->ctx.next_absidx) { + DEBUGF("qpack::decode: stream still blocked\n"); + *pflags |= NGHTTP3_QPACK_DECODE_FLAG_BLOCKED; + return p - src; + } + sctx->state = NGHTTP3_QPACK_RS_STATE_OPCODE; + nghttp3_qpack_read_state_reset(&sctx->rstate); + break; + } + } + +almost_ok: + if (fin) { + if (sctx->state != NGHTTP3_QPACK_RS_STATE_OPCODE) { + rv = NGHTTP3_ERR_HTTP_QPACK_DECOMPRESSION_FAILED; + goto fail; + } + + *pflags |= NGHTTP3_QPACK_DECODE_FLAG_FINAL; + + if (sctx->ricnt) { + rv = + nghttp3_qpack_decoder_write_header_ack(decoder, &decoder->dbuf, sctx); + if (rv != 0) { + goto fail; + } + } + } + + return p - src; + +fail: + decoder->ctx.bad = 1; + return rv; +} + +int nghttp3_qpack_decoder_write_header_ack( + nghttp3_qpack_decoder *decoder, nghttp3_buf *dbuf, + const nghttp3_qpack_stream_context *sctx) { + uint8_t *p; + int rv; + + rv = reserve_buf(dbuf, + nghttp3_qpack_put_varint_len((uint64_t)sctx->stream_id, 7), + decoder->ctx.mem); + if (rv != 0) { + return rv; + } + + p = dbuf->last; + *p = 0x80; + dbuf->last = nghttp3_qpack_put_varint(p, (uint64_t)sctx->stream_id, 7); + + if (decoder->written_icnt < sctx->ricnt) { + decoder->written_icnt = sctx->ricnt; + } + + return 0; +} + +int nghttp3_qpack_decoder_write_decoder(nghttp3_qpack_decoder *decoder, + nghttp3_buf *dbuf) { + uint8_t *p; + size_t n = 0; + size_t len = 0; + int rv; + + if (decoder->written_icnt < decoder->ctx.next_absidx) { + n = decoder->ctx.next_absidx - decoder->written_icnt; + len = nghttp3_qpack_put_varint_len(n, 6); + } + + if (nghttp3_buf_len(dbuf)) { + rv = reserve_buf(dbuf, nghttp3_buf_len(&decoder->dbuf) + len, + decoder->ctx.mem); + if (rv != 0) { + return rv; + } + dbuf->last = nghttp3_cpymem(dbuf->last, decoder->dbuf.pos, + nghttp3_buf_len(&decoder->dbuf)); + nghttp3_buf_reset(&decoder->dbuf); + } else { + rv = reserve_buf(&decoder->dbuf, len, decoder->ctx.mem); + if (rv != 0) { + return rv; + } + + nghttp3_buf_swap(dbuf, &decoder->dbuf); + } + + if (n) { + p = dbuf->last; + *p = 0; + dbuf->last = nghttp3_qpack_put_varint(p, n, 6); + + decoder->written_icnt = decoder->ctx.next_absidx; + } + + return 0; +} + +int nghttp3_qpack_decoder_cancel_stream(nghttp3_qpack_decoder *decoder, + int64_t stream_id) { + uint8_t *p; + int rv; + + rv = reserve_buf(&decoder->dbuf, + nghttp3_qpack_put_varint_len((uint64_t)stream_id, 6), + decoder->ctx.mem); + if (rv != 0) { + return rv; + } + + p = decoder->dbuf.last; + *p = 0x40; + decoder->dbuf.last = nghttp3_qpack_put_varint(p, (uint64_t)stream_id, 6); + + return 0; +} + +int nghttp3_qpack_decoder_reconstruct_ricnt(nghttp3_qpack_decoder *decoder, + size_t *dest, size_t encricnt) { + uint64_t max_ents, full, max, max_wrapped, ricnt; + + if (encricnt == 0) { + *dest = 0; + return 0; + } + + max_ents = decoder->ctx.hard_max_dtable_size / NGHTTP3_QPACK_ENTRY_OVERHEAD; + full = 2 * max_ents; + + if (encricnt > full) { + return NGHTTP3_ERR_HTTP_QPACK_DECOMPRESSION_FAILED; + } + + max = decoder->ctx.next_absidx + max_ents; + max_wrapped = max / full * full; + ricnt = max_wrapped + encricnt - 1; + + if (ricnt > max) { + if (ricnt < full) { + return NGHTTP3_ERR_HTTP_QPACK_DECOMPRESSION_FAILED; + } + ricnt -= full; + } + + *dest = ricnt; + + return 0; +} + +int nghttp3_qpack_decoder_rel2abs(nghttp3_qpack_decoder *decoder, + nghttp3_qpack_read_state *rstate) { + DEBUGF("qpack::decode: dynamic=%d relidx=%zu icnt=%zu\n", rstate->dynamic, + rstate->left, decoder->ctx.next_absidx); + + if (rstate->dynamic) { + if (decoder->ctx.next_absidx < rstate->left + 1) { + return NGHTTP3_ERR_HTTP_QPACK_ENCODER_STREAM_ERROR; + } + rstate->absidx = decoder->ctx.next_absidx - rstate->left - 1; + } else { + rstate->absidx = rstate->left; + } + if (qpack_decoder_validate_index(decoder, rstate) != 0) { + return NGHTTP3_ERR_HTTP_QPACK_ENCODER_STREAM_ERROR; + } + return 0; +} + +int nghttp3_qpack_decoder_brel2abs(nghttp3_qpack_decoder *decoder, + nghttp3_qpack_stream_context *sctx) { + nghttp3_qpack_read_state *rstate = &sctx->rstate; + + DEBUGF("qpack::decode: dynamic=%d relidx=%zu base=%zu icnt=%zu\n", + rstate->dynamic, rstate->left, sctx->base, decoder->ctx.next_absidx); + + if (rstate->dynamic) { + if (sctx->base < rstate->left + 1) { + return NGHTTP3_ERR_HTTP_QPACK_DECOMPRESSION_FAILED; + } + rstate->absidx = sctx->base - rstate->left - 1; + + if (rstate->absidx >= sctx->ricnt) { + return NGHTTP3_ERR_HTTP_QPACK_DECOMPRESSION_FAILED; + } + } else { + rstate->absidx = rstate->left; + } + + if (qpack_decoder_validate_index(decoder, rstate) != 0) { + return NGHTTP3_ERR_HTTP_QPACK_DECOMPRESSION_FAILED; + } + return 0; +} + +int nghttp3_qpack_decoder_pbrel2abs(nghttp3_qpack_decoder *decoder, + nghttp3_qpack_stream_context *sctx) { + nghttp3_qpack_read_state *rstate = &sctx->rstate; + + DEBUGF("qpack::decode: pbidx=%zu base=%zu icnt=%zu\n", rstate->left, + sctx->base, decoder->ctx.next_absidx); + + assert(rstate->dynamic); + + rstate->absidx = rstate->left + sctx->base; + + if (rstate->absidx >= sctx->ricnt) { + return NGHTTP3_ERR_HTTP_QPACK_DECOMPRESSION_FAILED; + } + + if (qpack_decoder_validate_index(decoder, rstate) != 0) { + return NGHTTP3_ERR_HTTP_QPACK_DECOMPRESSION_FAILED; + } + return 0; +} + +static void +qpack_decoder_emit_static_indexed(nghttp3_qpack_decoder *decoder, + nghttp3_qpack_stream_context *sctx, + nghttp3_qpack_nv *nv) { + const nghttp3_qpack_static_header *shd = &stable[sctx->rstate.absidx]; + (void)decoder; + + nv->name = (nghttp3_rcbuf *)&shd->name; + nv->value = (nghttp3_rcbuf *)&shd->value; + nv->token = shd->token; + nv->flags = NGHTTP3_NV_FLAG_NONE; +} + +static void +qpack_decoder_emit_dynamic_indexed(nghttp3_qpack_decoder *decoder, + nghttp3_qpack_stream_context *sctx, + nghttp3_qpack_nv *nv) { + nghttp3_qpack_entry *ent = + nghttp3_qpack_context_dtable_get(&decoder->ctx, sctx->rstate.absidx); + + *nv = ent->nv; + + nghttp3_rcbuf_incref(nv->name); + nghttp3_rcbuf_incref(nv->value); +} + +void nghttp3_qpack_decoder_emit_indexed(nghttp3_qpack_decoder *decoder, + nghttp3_qpack_stream_context *sctx, + nghttp3_qpack_nv *nv) { + DEBUGF("qpack::decode: Indexed (%s) absidx=%zu\n", + sctx->rstate.dynamic ? "dynamic" : "static", sctx->rstate.absidx); + + if (sctx->rstate.dynamic) { + qpack_decoder_emit_dynamic_indexed(decoder, sctx, nv); + } else { + qpack_decoder_emit_static_indexed(decoder, sctx, nv); + } +} + +static void +qpack_decoder_emit_static_indexed_name(nghttp3_qpack_decoder *decoder, + nghttp3_qpack_stream_context *sctx, + nghttp3_qpack_nv *nv) { + const nghttp3_qpack_static_header *shd = &stable[sctx->rstate.absidx]; + (void)decoder; + + nv->name = (nghttp3_rcbuf *)&shd->name; + nv->value = sctx->rstate.value; + nv->token = shd->token; + nv->flags = + sctx->rstate.never ? NGHTTP3_NV_FLAG_NEVER_INDEX : NGHTTP3_NV_FLAG_NONE; + + sctx->rstate.value = NULL; +} + +static void +qpack_decoder_emit_dynamic_indexed_name(nghttp3_qpack_decoder *decoder, + nghttp3_qpack_stream_context *sctx, + nghttp3_qpack_nv *nv) { + nghttp3_qpack_entry *ent = + nghttp3_qpack_context_dtable_get(&decoder->ctx, sctx->rstate.absidx); + (void)decoder; + + nv->name = ent->nv.name; + nv->value = sctx->rstate.value; + nv->token = ent->nv.token; + nv->flags = + sctx->rstate.never ? NGHTTP3_NV_FLAG_NEVER_INDEX : NGHTTP3_NV_FLAG_NONE; + + nghttp3_rcbuf_incref(nv->name); + + sctx->rstate.value = NULL; +} + +void nghttp3_qpack_decoder_emit_indexed_name(nghttp3_qpack_decoder *decoder, + nghttp3_qpack_stream_context *sctx, + nghttp3_qpack_nv *nv) { + (void)decoder; + + DEBUGF("qpack::decode: Indexed name (%s) absidx=%zu value=%*s\n", + sctx->rstate.dynamic ? "dynamic" : "static", sctx->rstate.absidx, + (int)sctx->rstate.value->len, sctx->rstate.value->base); + + if (sctx->rstate.dynamic) { + qpack_decoder_emit_dynamic_indexed_name(decoder, sctx, nv); + } else { + qpack_decoder_emit_static_indexed_name(decoder, sctx, nv); + } +} + +void nghttp3_qpack_decoder_emit_literal(nghttp3_qpack_decoder *decoder, + nghttp3_qpack_stream_context *sctx, + nghttp3_qpack_nv *nv) { + (void)decoder; + + DEBUGF("qpack::decode: Emit literal name=%*s value=%*s\n", + (int)sctx->rstate.name->len, sctx->rstate.name->base, + (int)sctx->rstate.value->len, sctx->rstate.value->base); + + nv->name = sctx->rstate.name; + nv->value = sctx->rstate.value; + nv->token = qpack_lookup_token(nv->name->base, nv->name->len); + nv->flags = + sctx->rstate.never ? NGHTTP3_NV_FLAG_NEVER_INDEX : NGHTTP3_NV_FLAG_NONE; + + sctx->rstate.name = NULL; + sctx->rstate.value = NULL; +} + +int nghttp3_qpack_encoder_new(nghttp3_qpack_encoder **pencoder, + size_t max_dtable_size, size_t max_blocked, + const nghttp3_mem *mem) { + int rv; + nghttp3_qpack_encoder *p; + + p = nghttp3_mem_malloc(mem, sizeof(nghttp3_qpack_encoder)); + if (p == NULL) { + return NGHTTP3_ERR_NOMEM; + } + + rv = nghttp3_qpack_encoder_init(p, max_dtable_size, max_blocked, mem); + if (rv != 0) { + return rv; + } + + *pencoder = p; + + return 0; +} + +void nghttp3_qpack_encoder_del(nghttp3_qpack_encoder *encoder) { + const nghttp3_mem *mem; + + if (encoder == NULL) { + return; + } + + mem = encoder->ctx.mem; + + nghttp3_qpack_encoder_free(encoder); + nghttp3_mem_free(mem, encoder); +} + +int nghttp3_qpack_stream_context_new(nghttp3_qpack_stream_context **psctx, + int64_t stream_id, + const nghttp3_mem *mem) { + nghttp3_qpack_stream_context *p; + + p = nghttp3_mem_malloc(mem, sizeof(nghttp3_qpack_stream_context)); + if (p == NULL) { + return NGHTTP3_ERR_NOMEM; + } + + nghttp3_qpack_stream_context_init(p, stream_id, mem); + + *psctx = p; + + return 0; +} + +void nghttp3_qpack_stream_context_del(nghttp3_qpack_stream_context *sctx) { + const nghttp3_mem *mem; + + if (sctx == NULL) { + return; + } + + mem = sctx->mem; + + nghttp3_qpack_stream_context_free(sctx); + nghttp3_mem_free(mem, sctx); +} + +int nghttp3_qpack_decoder_new(nghttp3_qpack_decoder **pdecoder, + size_t max_dtable_size, size_t max_blocked, + const nghttp3_mem *mem) { + int rv; + nghttp3_qpack_decoder *p; + + p = nghttp3_mem_malloc(mem, sizeof(nghttp3_qpack_decoder)); + if (p == NULL) { + return NGHTTP3_ERR_NOMEM; + } + + rv = nghttp3_qpack_decoder_init(p, max_dtable_size, max_blocked, mem); + if (rv != 0) { + return rv; + } + + *pdecoder = p; + + return 0; +} + +void nghttp3_qpack_decoder_del(nghttp3_qpack_decoder *decoder) { + const nghttp3_mem *mem; + + if (decoder == NULL) { + return; + } + + mem = decoder->ctx.mem; + + nghttp3_qpack_decoder_free(decoder); + nghttp3_mem_free(mem, decoder); +} + +size_t nghttp3_qpack_decoder_get_icnt(const nghttp3_qpack_decoder *decoder) { + return decoder->ctx.next_absidx; +} diff --git a/deps/nghttp3/lib/nghttp3_qpack.h b/deps/nghttp3/lib/nghttp3_qpack.h new file mode 100644 index 0000000000..4e58f62149 --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_qpack.h @@ -0,0 +1,957 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2013 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGHTTP3_QPACK_H +#define NGHTTP3_QPACK_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include "nghttp3_rcbuf.h" +#include "nghttp3_map.h" +#include "nghttp3_pq.h" +#include "nghttp3_ringbuf.h" +#include "nghttp3_buf.h" +#include "nghttp3_ksl.h" +#include "nghttp3_qpack_huffman.h" + +#define NGHTTP3_QPACK_INT_MAX ((1ull << 62) - 1) + +/* NGHTTP3_QPACK_MAX_NAMELEN is the maximum (compressed) length of + header name this library can decode. */ +#define NGHTTP3_QPACK_MAX_NAMELEN 256 +/* NGHTTP3_QPACK_MAX_VALUELEN is the maximum (compressed) length of + header value this library can decode. */ +#define NGHTTP3_QPACK_MAX_VALUELEN 65536 + +/* nghttp3_qpack_indexing_mode is a indexing strategy. */ +typedef enum { + /* NGHTTP3_QPACK_INDEXING_MODE_LITERAL means that header field + should not be inserted into dynamic table. */ + NGHTTP3_QPACK_INDEXING_MODE_LITERAL, + /* NGHTTP3_QPACK_INDEXING_MODE_STORE means that header field can be + inserted into dynamic table. */ + NGHTTP3_QPACK_INDEXING_MODE_STORE, + /* NGHTTP3_QPACK_INDEXING_MODE_NEVER means that header field should + not be inserted into dynamic table and this must be true for all + forwarding paths. */ + NGHTTP3_QPACK_INDEXING_MODE_NEVER, +} nghttp3_qpack_indexing_mode; + +struct nghttp3_qpack_entry; +typedef struct nghttp3_qpack_entry nghttp3_qpack_entry; + +struct nghttp3_qpack_entry { + /* The header field name/value pair */ + nghttp3_qpack_nv nv; + /* map_next points to the entry which shares same bucket in hash + table. */ + nghttp3_qpack_entry *map_next; + /* sum is the sum of all entries inserted up to this entry. This + value does not contain the space required for this entry. */ + size_t sum; + /* absidx is the absolute index of this entry. */ + size_t absidx; + /* The hash value for header name (nv.name). */ + uint32_t hash; +}; + +/* The entry used for static table. */ +typedef struct { + size_t absidx; + int32_t token; + uint32_t hash; +} nghttp3_qpack_static_entry; + +typedef struct { + nghttp3_rcbuf name; + nghttp3_rcbuf value; + int32_t token; +} nghttp3_qpack_static_header; + +/* + * nghttp3_qpack_header_block_ref is created per encoded header block + * and includes the required insert count and the minimum insert count + * of dynamic table entry it refers to. + */ +typedef struct { + nghttp3_pq_entry max_cnts_pe; + nghttp3_pq_entry min_cnts_pe; + /* max_cnt is the required insert count. */ + size_t max_cnt; + /* min_cnt is the minimum insert count of dynamic table entry it + refers to. In other words, this is the minimum absolute index of + dynamic header table entry this encoded block refers to plus + 1. */ + size_t min_cnt; +} nghttp3_qpack_header_block_ref; + +int nghttp3_qpack_header_block_ref_new(nghttp3_qpack_header_block_ref **pref, + size_t max_cnt, size_t min_cnt, + const nghttp3_mem *mem); + +void nghttp3_qpack_header_block_ref_del(nghttp3_qpack_header_block_ref *ref, + const nghttp3_mem *mem); + +typedef struct { + nghttp3_map_entry me; + /* refs is an array of pointer to nghttp3_qpack_header_block_ref in + the order of the time they are encoded. HTTP/3 allows multiple + header blocks (e.g., non-final response headers, final response + headers, trailers, and push promises) per stream. */ + nghttp3_ringbuf refs; + /* max_cnts is a priority queue sorted by descending order of + max_cnt of nghttp3_qpack_header_block_ref. */ + nghttp3_pq max_cnts; +} nghttp3_qpack_stream; + +int nghttp3_qpack_stream_new(nghttp3_qpack_stream **pstream, int64_t stream_id, + const nghttp3_mem *mem); + +void nghttp3_qpack_stream_del(nghttp3_qpack_stream *stream, + const nghttp3_mem *mem); + +size_t nghttp3_qpack_stream_get_max_cnt(const nghttp3_qpack_stream *stream); + +int nghttp3_qpack_stream_add_ref(nghttp3_qpack_stream *stream, + nghttp3_qpack_header_block_ref *ref); + +void nghttp3_qpack_stream_pop_ref(nghttp3_qpack_stream *stream); + +#define NGHTTP3_QPACK_ENTRY_OVERHEAD 32 + +typedef struct { + /* dtable is a dynamic table */ + nghttp3_ringbuf dtable; + /* mem is memory allocator */ + const nghttp3_mem *mem; + /* dtable_size is abstracted buffer size of dtable as described in + the spec. This is the sum of length of name/value in dtable + + NGHTTP3_QPACK_ENTRY_OVERHEAD bytes overhead per each entry. */ + size_t dtable_size; + size_t dtable_sum; + /* hard_max_dtable_size is the maximum size of dynamic table. In + HTTP/3, it is notified by decoder as + SETTINGS_QPACK_MAX_TABLE_CAPACITY. Any value lower than or equal + to SETTINGS_QPACK_MAX_TABLE_CAPACITY is OK because encoder has + the authority to decide how many entries are inserted into + dynamic table. */ + size_t hard_max_dtable_size; + /* dtable_size is the effective maximum size of dynamic table. */ + size_t max_dtable_size; + /* max_blocked is the maximum number of stream which can be + blocked. */ + size_t max_blocked; + /* next_absidx is the next absolute index for nghttp3_qpack_entry. + It is equivalent to insert count. */ + size_t next_absidx; + /* If inflate/deflate error occurred, this value is set to 1 and + further invocation of inflate/deflate will fail with + NGHTTP3_ERR_QPACK_FATAL. */ + uint8_t bad; +} nghttp3_qpack_context; + +typedef struct { + nghttp3_qpack_huffman_decode_context huffman_ctx; + nghttp3_buf namebuf; + nghttp3_buf valuebuf; + nghttp3_rcbuf *name; + nghttp3_rcbuf *value; + uint64_t left; + size_t prefix; + size_t shift; + size_t absidx; + int never; + int dynamic; + int huffman_encoded; +} nghttp3_qpack_read_state; + +void nghttp3_qpack_read_state_free(nghttp3_qpack_read_state *rstate); + +void nghttp3_qpack_read_state_reset(nghttp3_qpack_read_state *rstate); + +#define NGHTTP3_QPACK_MAP_SIZE 128 + +typedef struct { + nghttp3_qpack_entry *table[NGHTTP3_QPACK_MAP_SIZE]; +} nghttp3_qpack_map; + +/* nghttp3_qpack_decoder_stream_state is a set of states when decoding + decoder stream. */ +typedef enum { + NGHTTP3_QPACK_DS_STATE_OPCODE, + NGHTTP3_QPACK_DS_STATE_READ_NUMBER, +} nghttp3_qpack_decoder_stream_state; + +/* nghttp3_qpack_decoder_stream_opcode is opcode used in decoder + stream. */ +typedef enum { + NGHTTP3_QPACK_DS_OPCODE_ICNT_INCREMENT, + NGHTTP3_QPACK_DS_OPCODE_HEADER_ACK, + NGHTTP3_QPACK_DS_OPCODE_STREAM_CANCEL, +} nghttp3_qpack_decoder_stream_opcode; + +/* nghttp3_qpack_encoder_flag is a set of flags used by + nghttp3_qpack_encoder. */ +typedef enum { + NGHTTP3_QPACK_ENCODER_FLAG_NONE = 0x00, + /* NGHTTP3_QPACK_ENCODER_FLAG_PENDING_SET_DTABLE_CAP indicates that + Set Dynamic Table Capacity is required. */ + NGHTTP3_QPACK_ENCODER_FLAG_PENDING_SET_DTABLE_CAP = 0x01, +} nghttp3_qpack_encoder_flag; + +struct nghttp3_qpack_encoder { + nghttp3_qpack_context ctx; + /* dtable_map is a map of hash to nghttp3_qpack_entry to provide + fast access to an entry in dynamic table. */ + nghttp3_qpack_map dtable_map; + /* streams is a map of stream ID to nghttp3_qpack_stream to keep + track of unacknowledged streams. */ + nghttp3_map streams; + /* blocked_streams is an ordered list of nghttp3_qpack_stream, in + descending order of max_cnt, to search the unblocked streams by + received known count. */ + nghttp3_ksl blocked_streams; + /* min_cnts is a priority queue of nghttp3_qpack_header_block_ref + sorted by ascending order of min_cnt to know that an entry can be + evicted from dynamic table. */ + nghttp3_pq min_cnts; + /* krcnt is Known Received Count. */ + size_t krcnt; + /* state is a current state of reading decoder stream. */ + nghttp3_qpack_decoder_stream_state state; + /* opcode is a decoder stream opcode being processed. */ + nghttp3_qpack_decoder_stream_opcode opcode; + /* rstate is a set of intermediate state which are used to process + decoder stream. */ + nghttp3_qpack_read_state rstate; + /* min_dtable_update is the minimum dynamic table size required. */ + size_t min_dtable_update; + /* last_max_dtable_update is the dynamic table size last + requested. */ + size_t last_max_dtable_update; + /* flags is bitwise OR of zero or more of + nghttp3_qpack_encoder_flag. */ + uint8_t flags; +}; + +/* + * nghttp3_qpack_encoder_init initializes |encoder|. + * |max_dtable_size| is the maximum size of dynamic table. + * |max_blocked| is the maximum number of stream which can be blocked. + * |mem| is a memory allocator. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +int nghttp3_qpack_encoder_init(nghttp3_qpack_encoder *encoder, + size_t max_dtable_size, size_t max_blocked, + const nghttp3_mem *mem); + +/* + * nghttp3_qpack_encoder_free frees memory allocated for |encoder|. + * This function does not free memory pointed by |encoder|. + */ +void nghttp3_qpack_encoder_free(nghttp3_qpack_encoder *encoder); + +/* + * nghttp3_qpack_encoder_encode_nv encodes |nv|. It writes request + * stream into |rbuf| and writes encoder stream into |ebuf|. |nv| is + * a header field to encode. |base| is base. |allow_blocking| is + * nonzero if this stream can be blocked (or it has been blocked + * already). + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +int nghttp3_qpack_encoder_encode_nv(nghttp3_qpack_encoder *encoder, + size_t *pmax_cnt, size_t *pmin_cnt, + nghttp3_buf *rbuf, nghttp3_buf *ebuf, + const nghttp3_nv *nv, size_t base, + int allow_blocking); + +/* nghttp3_qpack_lookup_result stores a result of table lookup. */ +typedef struct { + /* index is an index of matched entry. -1 if no match is made. */ + ssize_t index; + /* name_value_match is nonzero if both name and value are + matched. */ + int name_value_match; + /* pb_index is the absolute index of matched post-based dynamic + table entry. -1 if no such entry exists. */ + ssize_t pb_index; +} nghttp3_qpack_lookup_result; + +/* + * nghttp3_qpack_lookup_stable searches |nv| in static table. |token| + * is a token of nv->name and it is -1 if there is no corresponding + * token defined. |indexing_mode| provides indexing strategy. + */ +nghttp3_qpack_lookup_result +nghttp3_qpack_lookup_stable(const nghttp3_nv *nv, int32_t token, + nghttp3_qpack_indexing_mode indexing_mode); + +/* + * nghttp3_qpack_encoder_lookup_dtable searches |nv| in dynamic table. + * |token| is a token of nv->name and it is -1 if there is no + * corresponding token defined. |hash| is a hash of nv->name. + * |indexing_mode| provides indexing strategy. |krcnt| is Known + * Received Count. |allow_blocking| is nonzero if this stream can be + * blocked (or it has been blocked already). + */ +nghttp3_qpack_lookup_result nghttp3_qpack_encoder_lookup_dtable( + nghttp3_qpack_encoder *encoder, const nghttp3_nv *nv, int32_t token, + uint32_t hash, nghttp3_qpack_indexing_mode indexing_mode, size_t krcnt, + int allow_blocking); + +/* + * nghttp3_qpack_encoder_write_header_block_prefix writes Header Block + * Prefix into |pbuf|. |ricnt| is Required Insert Count. |base| is + * Base. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +int nghttp3_qpack_encoder_write_header_block_prefix( + nghttp3_qpack_encoder *encoder, nghttp3_buf *pbuf, size_t ricnt, + size_t base); + +/* + * nghttp3_qpack_encoder_write_static_indexed writes Indexed Header + * Field to |rbuf|. |absidx| is an absolute index into static table. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +int nghttp3_qpack_encoder_write_static_indexed(nghttp3_qpack_encoder *encoder, + nghttp3_buf *rbuf, + size_t absidx); + +/* + * nghttp3_qpack_encoder_write_dynamic_indexed writes Indexed Header + * Field to |rbuf|. |absidx| is an absolute index into dynamic table. + * |base| is base. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +int nghttp3_qpack_encoder_write_dynamic_indexed(nghttp3_qpack_encoder *encoder, + nghttp3_buf *rbuf, + size_t absidx, size_t base); + +/* + * nghttp3_qpack_encoder_write_static_indexed writes Literal Header + * Field With Name Reference to |rbuf|. |absidx| is an absolute index + * into static table to reference a name. |nv| is a header field to + * encode. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +int nghttp3_qpack_encoder_write_static_indexed_name( + nghttp3_qpack_encoder *encoder, nghttp3_buf *rbuf, size_t absidx, + const nghttp3_nv *nv); + +/* + * nghttp3_qpack_encoder_write_dynamic_indexed writes Literal Header + * Field With Name Reference to |rbuf|. |absidx| is an absolute index + * into dynamic table to reference a name. |base| is a base. |nv| is + * a header field to encode. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +int nghttp3_qpack_encoder_write_dynamic_indexed_name( + nghttp3_qpack_encoder *encoder, nghttp3_buf *rbuf, size_t absidx, + size_t base, const nghttp3_nv *nv); + +/* + * nghttp3_qpack_encoder_write_literal writes Literal Header Field + * Without Name Reference to |rbuf|. |nv| is a header field to + * encode. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +int nghttp3_qpack_encoder_write_literal(nghttp3_qpack_encoder *encoder, + nghttp3_buf *rbuf, + const nghttp3_nv *nv); + +/* + * nghttp3_qpack_encoder_write_static_insert writes Insert With Name + * Reference to |ebuf|. |absidx| is an absolute index into static + * table to reference a name. |nv| is a header field to insert. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +int nghttp3_qpack_encoder_write_static_insert(nghttp3_qpack_encoder *encoder, + nghttp3_buf *ebuf, size_t absidx, + const nghttp3_nv *nv); + +/* + * nghttp3_qpack_encoder_write_dynamic_insert writes Insert With Name + * Reference to |ebuf|. |absidx| is an absolute index into dynamic + * table to reference a name. |nv| is a header field to insert. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +int nghttp3_qpack_encoder_write_dynamic_insert(nghttp3_qpack_encoder *encoder, + nghttp3_buf *ebuf, size_t absidx, + const nghttp3_nv *nv); + +/* + * nghttp3_qpack_encoder_write_duplicate_insert writes Duplicate to + * |ebuf|. |absidx| is an absolute index into dynamic table to + * reference an entry. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +int nghttp3_qpack_encoder_write_duplicate_insert(nghttp3_qpack_encoder *encoder, + nghttp3_buf *ebuf, + size_t absidx); + +/* + * nghttp3_qpack_encoder_write_literal_insert writes Insert Without + * Name Reference to |ebuf|. |nv| is a header field to insert. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +int nghttp3_qpack_encoder_write_literal_insert(nghttp3_qpack_encoder *encoder, + nghttp3_buf *ebuf, + const nghttp3_nv *nv); + +int nghttp3_qpack_encoder_stream_is_blocked(nghttp3_qpack_encoder *encoder, + nghttp3_qpack_stream *stream); + +/* + * nghttp3_qpack_encoder_block_stream blocks |stream|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +int nghttp3_qpack_encoder_block_stream(nghttp3_qpack_encoder *encoder, + nghttp3_qpack_stream *stream); + +/* + * nghttp3_qpack_encoder_unblock_stream unblocks |stream|. + */ +void nghttp3_qpack_encoder_unblock_stream(nghttp3_qpack_encoder *encoder, + nghttp3_qpack_stream *stream); + +/* + * nghttp3_qpack_encoder_unblock unblocks stream whose max_cnt is less + * than or equal to |max_cnt|. + */ +void nghttp3_qpack_encoder_unblock(nghttp3_qpack_encoder *encoder, + size_t max_cnt); + +/* + * nghttp3_qpack_encoder_find_stream returns stream whose stream ID is + * |stream_id|. This function returns NULL if there is no such + * stream. + */ +nghttp3_qpack_stream * +nghttp3_qpack_encoder_find_stream(nghttp3_qpack_encoder *encoder, + int64_t stream_id); + +size_t nghttp3_qpack_encoder_get_min_cnt(nghttp3_qpack_encoder *encoder); + +/* + * nghttp3_qpack_encoder_shrink_dtable shrinks dynamic table so that + * the dynamic table size is less than or equal to maximum size. + */ +void nghttp3_qpack_encoder_shrink_dtable(nghttp3_qpack_encoder *encoder); + +/* + * nghttp3_qpack_encoder_process_dtable_update processes pending + * dynamic table size update. It might write encoder stream into + * |ebuf|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +int nghttp3_qpack_encoder_process_dtable_update(nghttp3_qpack_encoder *encoder, + nghttp3_buf *ebuf); + +/* + * nghttp3_qpack_encoder_write_set_dtable_cap writes Set Dynamic Table + * Capacity. to |ebuf|. |cap| is the capacity of dynamic table. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +int nghttp3_qpack_encoder_write_set_dtable_cap(nghttp3_qpack_encoder *encoder, + nghttp3_buf *ebuf, size_t cap); + +/* + * nghttp3_qpack_context_dtable_add adds |qnv| to dynamic table. If + * |ctx| is a part of encoder, |dtable_map| is not NULL. |hash| is a + * hash value of name. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +int nghttp3_qpack_context_dtable_add(nghttp3_qpack_context *ctx, + nghttp3_qpack_nv *qnv, + nghttp3_qpack_map *dtable_map, + uint32_t hash); + +/* + * nghttp3_qpack_encoder_dtable_static_add adds |nv| to dynamic table + * by referencing static table entry at an absolute index |absidx|. + * The hash of name is given as |hash|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +int nghttp3_qpack_encoder_dtable_static_add(nghttp3_qpack_encoder *encoder, + size_t absidx, const nghttp3_nv *nv, + uint32_t hash); + +/* + * nghttp3_qpack_encoder_dtable_dynamic_add adds |nv| to dynamic table + * by referencing dynamic table entry at an absolute index |absidx|. + * The hash of name is given as |hash|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +int nghttp3_qpack_encoder_dtable_dynamic_add(nghttp3_qpack_encoder *encoder, + size_t absidx, + const nghttp3_nv *nv, + uint32_t hash); + +/* + * nghttp3_qpack_encoder_dtable_duplicate_add duplicates dynamic table + * entry at an absolute index |absidx|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +int nghttp3_qpack_encoder_dtable_duplicate_add(nghttp3_qpack_encoder *encoder, + size_t absidx); + +/* + * nghttp3_qpack_encoder_dtable_literal_add adds |nv| to dynamic + * table. |token| is a token of name and is -1 if it has no token + * value defined. |hash| is a hash of name. + * + * NGHTTP3_ERR_NOMEM Out of memory. + */ +int nghttp3_qpack_encoder_dtable_literal_add(nghttp3_qpack_encoder *encoder, + const nghttp3_nv *nv, + int32_t token, uint32_t hash); + +/* + * nghttp3_qpack_context_dtable_get returns dynamic table entry whose + * absolute index is |absidx|. This function assumes that such entry + * exists. + */ +nghttp3_qpack_entry * +nghttp3_qpack_context_dtable_get(nghttp3_qpack_context *ctx, size_t absidx); + +/* + * nghttp3_qpack_context_dtable_top returns latest dynamic table + * entry. This function assumes dynamic table is not empty. + */ +nghttp3_qpack_entry * +nghttp3_qpack_context_dtable_top(nghttp3_qpack_context *ctx); + +/* + * nghttp3_qpack_entry_init initializes |ent|. |qnv| is a header + * field. |sum| is the sum of table space occupied by all entries + * inserted so far. It does not include this entry. |absidx| is an + * absolute index of this entry. |hash| is a hash of header field + * name. This function increases reference count of qnv->nv.name and + * qnv->nv.value. + */ +void nghttp3_qpack_entry_init(nghttp3_qpack_entry *ent, nghttp3_qpack_nv *qnv, + size_t sum, size_t absidx, uint32_t hash); + +/* + * nghttp3_qpack_entry_free frees memory allocated for |ent|. + */ +void nghttp3_qpack_entry_free(nghttp3_qpack_entry *ent); + +/* + * nghttp3_qpack_put_varint_len returns the required number of bytes + * to encode |n| with |prefix| bits. + */ +size_t nghttp3_qpack_put_varint_len(uint64_t n, size_t prefix); + +/* + * nghttp3_qpack_put_varint encodes |n| using variable integer + * encoding with |prefix| bits into |buf|. This function assumes the + * buffer pointed by |buf| has enough space. This function returns + * the one byte beyond the last write (buf + + * nghttp3_qpack_put_varint_len(n, prefix)). + */ +uint8_t *nghttp3_qpack_put_varint(uint8_t *buf, uint64_t n, size_t prefix); + +/* nghttp3_qpack_encoder_stream_state is a set of states for encoder + stream decoding. */ +typedef enum { + NGHTTP3_QPACK_ES_STATE_OPCODE, + NGHTTP3_QPACK_ES_STATE_READ_INDEX, + NGHTTP3_QPACK_ES_STATE_CHECK_NAME_HUFFMAN, + NGHTTP3_QPACK_ES_STATE_READ_NAMELEN, + NGHTTP3_QPACK_ES_STATE_READ_NAME_HUFFMAN, + NGHTTP3_QPACK_ES_STATE_READ_NAME, + NGHTTP3_QPACK_ES_STATE_CHECK_VALUE_HUFFMAN, + NGHTTP3_QPACK_ES_STATE_READ_VALUELEN, + NGHTTP3_QPACK_ES_STATE_READ_VALUE_HUFFMAN, + NGHTTP3_QPACK_ES_STATE_READ_VALUE, +} nghttp3_qpack_encoder_stream_state; + +/* nghttp3_qpack_encoder_stream_opcode is a set of opcodes used in + encoder stream. */ +typedef enum { + NGHTTP3_QPACK_ES_OPCODE_INSERT_INDEXED, + NGHTTP3_QPACK_ES_OPCODE_INSERT, + NGHTTP3_QPACK_ES_OPCODE_DUPLICATE, + NGHTTP3_QPACK_ES_OPCODE_SET_DTABLE_CAP, +} nghttp3_qpack_encoder_stream_opcode; + +/* nghttp3_qpack_request_stream_state is a set of states for request + stream decoding. */ +typedef enum { + NGHTTP3_QPACK_RS_STATE_RICNT, + NGHTTP3_QPACK_RS_STATE_DBASE_SIGN, + NGHTTP3_QPACK_RS_STATE_DBASE, + NGHTTP3_QPACK_RS_STATE_OPCODE, + NGHTTP3_QPACK_RS_STATE_READ_INDEX, + NGHTTP3_QPACK_RS_STATE_CHECK_NAME_HUFFMAN, + NGHTTP3_QPACK_RS_STATE_READ_NAMELEN, + NGHTTP3_QPACK_RS_STATE_READ_NAME_HUFFMAN, + NGHTTP3_QPACK_RS_STATE_READ_NAME, + NGHTTP3_QPACK_RS_STATE_CHECK_VALUE_HUFFMAN, + NGHTTP3_QPACK_RS_STATE_READ_VALUELEN, + NGHTTP3_QPACK_RS_STATE_READ_VALUE_HUFFMAN, + NGHTTP3_QPACK_RS_STATE_READ_VALUE, + NGHTTP3_QPACK_RS_STATE_BLOCKED, +} nghttp3_qpack_request_stream_state; + +/* nghttp3_qpack_request_stream_opcode is a set of opcodes used in + request stream. */ +typedef enum { + NGHTTP3_QPACK_RS_OPCODE_INDEXED, + NGHTTP3_QPACK_RS_OPCODE_INDEXED_PB, + NGHTTP3_QPACK_RS_OPCODE_INDEXED_NAME, + NGHTTP3_QPACK_RS_OPCODE_INDEXED_NAME_PB, + NGHTTP3_QPACK_RS_OPCODE_LITERAL, +} nghttp3_qpack_request_stream_opcode; + +struct nghttp3_qpack_decoder { + nghttp3_qpack_context ctx; + /* state is a current state of reading encoder stream. */ + nghttp3_qpack_encoder_stream_state state; + /* opcode is an encoder stream opcode being processed. */ + nghttp3_qpack_encoder_stream_opcode opcode; + /* rstate is a set of intermediate state which are used to process + encoder stream. */ + nghttp3_qpack_read_state rstate; + /* dbuf is decoder stream. */ + nghttp3_buf dbuf; + /* written_icnt is Insert Count written to decoder stream so far. */ + size_t written_icnt; +}; + +/* + * nghttp3_qpack_decoder_init initializes |decoder|. + * |max_dtable_size| is the maximum size of dynamic table. + * |max_blocked| is the maximum number of stream which can be blocked. + * |mem| is a memory allocator. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +int nghttp3_qpack_decoder_init(nghttp3_qpack_decoder *decoder, + size_t max_dtable_size, size_t max_blocked, + const nghttp3_mem *mem); + +/* + * nghttp3_qpack_decoder_free frees memory allocated for |decoder|. + * This function does not free memory pointed by |decoder|. + */ +void nghttp3_qpack_decoder_free(nghttp3_qpack_decoder *decoder); + +/* + * nghttp3_qpack_decoder_dtable_indexed_add adds entry received in + * Insert With Name Reference to dynamic table. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + * NGHTTP3_ERR_QPACK_ENCODER_STREAM + * Space required for a decoded entry exceeds max dynamic table + * size. + */ +int nghttp3_qpack_decoder_dtable_indexed_add(nghttp3_qpack_decoder *decoder); + +/* + * nghttp3_qpack_decoder_dtable_static_add adds entry received in + * Insert With Name Reference (static) to dynamic table. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + * NGHTTP3_ERR_QPACK_ENCODER_STREAM + * Space required for a decoded entry exceeds max dynamic table + * size. + */ +int nghttp3_qpack_decoder_dtable_static_add(nghttp3_qpack_decoder *decoder); + +/* + * nghttp3_qpack_decoder_dtable_dynamic_add adds entry received in + * Insert With Name Reference (dynamic) to dynamic table. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + * NGHTTP3_ERR_QPACK_ENCODER_STREAM + * Space required for a decoded entry exceeds max dynamic table + * size. + */ +int nghttp3_qpack_decoder_dtable_dynamic_add(nghttp3_qpack_decoder *decoder); + +/* + * nghttp3_qpack_decoder_dtable_duplicate_add adds entry received in + * Duplicate to dynamic table. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + * NGHTTP3_ERR_QPACK_ENCODER_STREAM + * Space required for a decoded entry exceeds max dynamic table + * size. + */ +int nghttp3_qpack_decoder_dtable_duplicate_add(nghttp3_qpack_decoder *decoder); + +/* + * nghttp3_qpack_decoder_dtable_literal_add adds entry received in + * Insert Without Name Reference to dynamic table. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + * NGHTTP3_ERR_QPACK_ENCODER_STREAM + * Space required for a decoded entry exceeds max dynamic table + * size. + */ +int nghttp3_qpack_decoder_dtable_literal_add(nghttp3_qpack_decoder *decoder); + +struct nghttp3_qpack_stream_context { + /* state is a current state of reading request stream. */ + nghttp3_qpack_request_stream_state state; + /* rstate is a set of intermediate state which are used to process + request stream. */ + nghttp3_qpack_read_state rstate; + const nghttp3_mem *mem; + /* opcode is a request stream opcode being processed. */ + nghttp3_qpack_request_stream_opcode opcode; + int64_t stream_id; + /* ricnt is Required Insert Count to decode this header block. */ + size_t ricnt; + /* base is Base in Header Block Prefix. */ + size_t base; + /* dbase_sign is the delta base sign in Header Block Prefix. */ + int dbase_sign; +}; + +/* + * nghttp3_qpack_stream_context_init initializes |sctx|. + */ +void nghttp3_qpack_stream_context_init(nghttp3_qpack_stream_context *sctx, + int64_t stream_id, + const nghttp3_mem *mem); + +/* + * nghttp3_qpack_stream_context_free frees memory allocated for + * |sctx|. This function does not free memory pointed by |sctx|. + */ +void nghttp3_qpack_stream_context_free(nghttp3_qpack_stream_context *sctx); + +void nghttp3_qpack_stream_context_reset(nghttp3_qpack_stream_context *sctx); + +/* + * nghttp3_qpack_decoder_reconstruct_ricnt reconstructs Required + * Insert Count from the encoded form |encricnt| and stores Required + * Insert Count in |*dest|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_QPACK_DECOMPRESSION_FAILED + * Unable to reconstruct Required Insert Count. + */ +int nghttp3_qpack_decoder_reconstruct_ricnt(nghttp3_qpack_decoder *decoder, + size_t *dest, size_t encricnt); + +/* + * nghttp3_qpack_decoder_rel2abs converts relative index rstate->left + * received in encoder stream to absolute index and stores it in + * rstate->absidx. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_QPACK_ENCODER_STREAM + * Relative index is invalid. + */ +int nghttp3_qpack_decoder_rel2abs(nghttp3_qpack_decoder *decoder, + nghttp3_qpack_read_state *rstate); + +/* + * nghttp3_qpack_decoder_brel2abs converts Base relative index + * rstate->left received in request stream to absolute index and + * stores it in rstate->absidx. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_QPACK_DECOMPRESSION_FAILED + * Base relative index is invalid. + */ +int nghttp3_qpack_decoder_brel2abs(nghttp3_qpack_decoder *decoder, + nghttp3_qpack_stream_context *sctx); + +/* + * nghttp3_qpack_decoder_pbrel2abs converts Post-Base relative index + * rstate->left received in request stream to absolute index and + * stores it in rstate->absidx. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_QPACK_DECOMPRESSION_FAILED + * Post-Base relative index is invalid. + */ +int nghttp3_qpack_decoder_pbrel2abs(nghttp3_qpack_decoder *decoder, + nghttp3_qpack_stream_context *sctx); + +void nghttp3_qpack_decoder_emit_indexed(nghttp3_qpack_decoder *decoder, + nghttp3_qpack_stream_context *sctx, + nghttp3_qpack_nv *nv); + +void nghttp3_qpack_decoder_emit_indexed_name(nghttp3_qpack_decoder *decoder, + nghttp3_qpack_stream_context *sctx, + nghttp3_qpack_nv *nv); + +void nghttp3_qpack_decoder_emit_literal(nghttp3_qpack_decoder *decoder, + nghttp3_qpack_stream_context *sctx, + nghttp3_qpack_nv *nv); + +/* + * nghttp3_qpack_decoder_write_header_ack writes Header + * Acknowledgement to |dbuf|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +int nghttp3_qpack_decoder_write_header_ack( + nghttp3_qpack_decoder *decoder, nghttp3_buf *dbuf, + const nghttp3_qpack_stream_context *sctx); + +#endif /* NGHTTP3_QPACK_H */ diff --git a/deps/nghttp3/lib/nghttp3_qpack_huffman.c b/deps/nghttp3/lib/nghttp3_qpack_huffman.c new file mode 100644 index 0000000000..53d52d3976 --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_qpack_huffman.c @@ -0,0 +1,174 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2013 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "nghttp3_qpack_huffman.h" + +#include +#include +#include + +/* + * Encodes huffman code |sym| into |*dest_ptr|, whose least |rembits| + * bits are not filled yet. The |rembits| must be in range [1, 8], + * inclusive. At the end of the process, the |*dest_ptr| is updated + * and points where next output should be placed. The number of + * unfilled bits in the pointed location is returned. + */ +static uint8_t *huffman_encode_sym(uint8_t *dest, size_t *prembits, + const nghttp3_qpack_huffman_sym *sym) { + size_t nbits = sym->nbits; + size_t rembits = *prembits; + uint32_t code = sym->code; + + /* We assume that sym->nbits <= 32 */ + if (rembits > nbits) { + *dest |= (uint8_t)(code << (rembits - nbits)); + *prembits = rembits - nbits; + return dest; + } + + if (rembits == nbits) { + *dest++ |= (uint8_t)code; + *prembits = 8; + return dest; + } + + *dest++ |= (uint8_t)(code >> (nbits - rembits)); + + nbits -= rembits; + if (nbits & 0x7) { + /* align code to MSB byte boundary */ + code <<= 8 - (nbits & 0x7); + } + + /* fast path, since most code is less than 8 */ + if (nbits < 8) { + *dest = (uint8_t)code; + *prembits = 8 - nbits; + return dest; + } + + /* handle longer code path */ + if (nbits > 24) { + *dest++ = (uint8_t)(code >> 24); + nbits -= 8; + } + + if (nbits > 16) { + *dest++ = (uint8_t)(code >> 16); + nbits -= 8; + } + + if (nbits > 8) { + *dest++ = (uint8_t)(code >> 8); + nbits -= 8; + } + + if (nbits == 8) { + *dest++ = (uint8_t)code; + *prembits = 8; + return dest; + } + + *dest = (uint8_t)code; + *prembits = 8 - nbits; + return dest; +} + +size_t nghttp3_qpack_huffman_encode_count(const uint8_t *src, size_t len) { + size_t i; + size_t nbits = 0; + + for (i = 0; i < len; ++i) { + nbits += huffman_sym_table[src[i]].nbits; + } + /* pad the prefix of EOS (256) */ + return (nbits + 7) / 8; +} + +uint8_t *nghttp3_qpack_huffman_encode(uint8_t *dest, const uint8_t *src, + size_t srclen) { + size_t rembits = 8; + size_t i; + const nghttp3_qpack_huffman_sym *sym; + + for (i = 0; i < srclen; ++i) { + sym = &huffman_sym_table[src[i]]; + if (rembits == 8) { + *dest = 0; + } + dest = huffman_encode_sym(dest, &rembits, sym); + } + /* 256 is special terminal symbol, pad with its prefix */ + if (rembits < 8) { + /* if rembits < 8, we should have at least 1 buffer space + available */ + sym = &huffman_sym_table[256]; + *dest++ |= (uint8_t)(sym->code >> (sym->nbits - rembits)); + } + + return dest; +} + +void nghttp3_qpack_huffman_decode_context_init( + nghttp3_qpack_huffman_decode_context *ctx) { + ctx->state = 0; + ctx->accept = 1; +} + +ssize_t nghttp3_qpack_huffman_decode(nghttp3_qpack_huffman_decode_context *ctx, + uint8_t *dest, const uint8_t *src, + size_t srclen, int fin) { + uint8_t *p = dest; + size_t i; + const nghttp3_qpack_huffman_decode_node *t; + + /* We use the decoding algorithm described in + http://graphics.ics.uci.edu/pub/Prefix.pdf */ + for (i = 0; i < srclen; ++i) { + t = &qpack_huffman_decode_table[ctx->state][src[i] >> 4]; + if (t->flags & NGHTTP3_QPACK_HUFFMAN_FAIL) { + return NGHTTP3_ERR_QPACK_FATAL; + } + if (t->flags & NGHTTP3_QPACK_HUFFMAN_SYM) { + *p++ = t->sym; + } + + t = &qpack_huffman_decode_table[t->state][src[i] & 0xf]; + if (t->flags & NGHTTP3_QPACK_HUFFMAN_FAIL) { + return NGHTTP3_ERR_QPACK_FATAL; + } + if (t->flags & NGHTTP3_QPACK_HUFFMAN_SYM) { + *p++ = t->sym; + } + + ctx->state = t->state; + ctx->accept = (t->flags & NGHTTP3_QPACK_HUFFMAN_ACCEPTED) != 0; + } + if (fin && !ctx->accept) { + return NGHTTP3_ERR_QPACK_FATAL; + } + return p - dest; +} diff --git a/deps/nghttp3/lib/nghttp3_qpack_huffman.h b/deps/nghttp3/lib/nghttp3_qpack_huffman.h new file mode 100644 index 0000000000..81c829fc53 --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_qpack_huffman.h @@ -0,0 +1,106 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2013 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGHTTP3_QPACK_HUFFMAN_H +#define NGHTTP3_QPACK_HUFFMAN_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +typedef struct { + /* The number of bits in this code */ + uint32_t nbits; + /* Huffman code aligned to LSB */ + uint32_t code; +} nghttp3_qpack_huffman_sym; + +extern const nghttp3_qpack_huffman_sym huffman_sym_table[]; + +size_t nghttp3_qpack_huffman_encode_count(const uint8_t *src, size_t len); + +uint8_t *nghttp3_qpack_huffman_encode(uint8_t *dest, const uint8_t *src, + size_t srclen); + +typedef enum { + /* FSA accepts this state as the end of huffman encoding + sequence. */ + NGHTTP3_QPACK_HUFFMAN_ACCEPTED = 1, + /* This state emits symbol */ + NGHTTP3_QPACK_HUFFMAN_SYM = (1 << 1), + /* If state machine reaches this state, decoding fails. */ + NGHTTP3_QPACK_HUFFMAN_FAIL = (1 << 2) +} nghttp3_qpack_huffman_decode_flag; + +typedef struct { + /* huffman decoding state, which is actually the node ID of internal + huffman tree. We have 257 leaf nodes, but they are identical to + root node other than emitting a symbol, so we have 256 internal + nodes [1..255], inclusive. */ + uint8_t state; + /* bitwise OR of zero or more of the + nghttp3_qpack_huffman_decode_flag */ + uint8_t flags; + /* symbol if NGHTTP3_QPACK_HUFFMAN_SYM flag set */ + uint8_t sym; +} nghttp3_qpack_huffman_decode_node; + +typedef struct { + /* Current huffman decoding state. We stripped leaf nodes, so the + value range is [0..255], inclusive. */ + uint8_t state; + /* nonzero if we can say that the decoding process succeeds at this + state */ + uint8_t accept; +} nghttp3_qpack_huffman_decode_context; + +extern const nghttp3_qpack_huffman_decode_node qpack_huffman_decode_table[][16]; + +void nghttp3_qpack_huffman_decode_context_init( + nghttp3_qpack_huffman_decode_context *ctx); + +/* + * nghttp3_qpack_huffman_decode decodes huffman encoded byte string + * stored in |src| of length |srclen|. |ctx| is a decoding context. + * |ctx| remembers the decoding state, and caller can call this + * function multiple times to feed each chunk of huffman encoded + * substring. |fin| must be nonzero if |src| contains the last chunk + * of huffman string. The decoded string is written to the buffer + * pointed by |dest|. This function assumes that the buffer pointed + * by |dest| contains enough memory to store decoded byte string. + * + * This function returns the number of bytes written to |dest|, or one + * of the following negative error codes: + * + * NGHTTP3_ERR_QPACK_FATAL + * Could not decode huffman string. + */ +ssize_t nghttp3_qpack_huffman_decode(nghttp3_qpack_huffman_decode_context *ctx, + uint8_t *dest, const uint8_t *src, + size_t srclen, int fin); + +#endif /* NGHTTP3_QPACK_HUFFMAN_H */ diff --git a/deps/nghttp3/lib/nghttp3_qpack_huffman_data.c b/deps/nghttp3/lib/nghttp3_qpack_huffman_data.c new file mode 100644 index 0000000000..eb16e7b358 --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_qpack_huffman_data.c @@ -0,0 +1,4962 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2013 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "nghttp3_qpack_huffman.h" + +/* Generated by mkhufftbl.py */ + +const nghttp3_qpack_huffman_sym huffman_sym_table[] = { + {13, 0x1ff8u}, {23, 0x7fffd8u}, {28, 0xfffffe2u}, {28, 0xfffffe3u}, + {28, 0xfffffe4u}, {28, 0xfffffe5u}, {28, 0xfffffe6u}, {28, 0xfffffe7u}, + {28, 0xfffffe8u}, {24, 0xffffeau}, {30, 0x3ffffffcu}, {28, 0xfffffe9u}, + {28, 0xfffffeau}, {30, 0x3ffffffdu}, {28, 0xfffffebu}, {28, 0xfffffecu}, + {28, 0xfffffedu}, {28, 0xfffffeeu}, {28, 0xfffffefu}, {28, 0xffffff0u}, + {28, 0xffffff1u}, {28, 0xffffff2u}, {30, 0x3ffffffeu}, {28, 0xffffff3u}, + {28, 0xffffff4u}, {28, 0xffffff5u}, {28, 0xffffff6u}, {28, 0xffffff7u}, + {28, 0xffffff8u}, {28, 0xffffff9u}, {28, 0xffffffau}, {28, 0xffffffbu}, + {6, 0x14u}, {10, 0x3f8u}, {10, 0x3f9u}, {12, 0xffau}, + {13, 0x1ff9u}, {6, 0x15u}, {8, 0xf8u}, {11, 0x7fau}, + {10, 0x3fau}, {10, 0x3fbu}, {8, 0xf9u}, {11, 0x7fbu}, + {8, 0xfau}, {6, 0x16u}, {6, 0x17u}, {6, 0x18u}, + {5, 0x0u}, {5, 0x1u}, {5, 0x2u}, {6, 0x19u}, + {6, 0x1au}, {6, 0x1bu}, {6, 0x1cu}, {6, 0x1du}, + {6, 0x1eu}, {6, 0x1fu}, {7, 0x5cu}, {8, 0xfbu}, + {15, 0x7ffcu}, {6, 0x20u}, {12, 0xffbu}, {10, 0x3fcu}, + {13, 0x1ffau}, {6, 0x21u}, {7, 0x5du}, {7, 0x5eu}, + {7, 0x5fu}, {7, 0x60u}, {7, 0x61u}, {7, 0x62u}, + {7, 0x63u}, {7, 0x64u}, {7, 0x65u}, {7, 0x66u}, + {7, 0x67u}, {7, 0x68u}, {7, 0x69u}, {7, 0x6au}, + {7, 0x6bu}, {7, 0x6cu}, {7, 0x6du}, {7, 0x6eu}, + {7, 0x6fu}, {7, 0x70u}, {7, 0x71u}, {7, 0x72u}, + {8, 0xfcu}, {7, 0x73u}, {8, 0xfdu}, {13, 0x1ffbu}, + {19, 0x7fff0u}, {13, 0x1ffcu}, {14, 0x3ffcu}, {6, 0x22u}, + {15, 0x7ffdu}, {5, 0x3u}, {6, 0x23u}, {5, 0x4u}, + {6, 0x24u}, {5, 0x5u}, {6, 0x25u}, {6, 0x26u}, + {6, 0x27u}, {5, 0x6u}, {7, 0x74u}, {7, 0x75u}, + {6, 0x28u}, {6, 0x29u}, {6, 0x2au}, {5, 0x7u}, + {6, 0x2bu}, {7, 0x76u}, {6, 0x2cu}, {5, 0x8u}, + {5, 0x9u}, {6, 0x2du}, {7, 0x77u}, {7, 0x78u}, + {7, 0x79u}, {7, 0x7au}, {7, 0x7bu}, {15, 0x7ffeu}, + {11, 0x7fcu}, {14, 0x3ffdu}, {13, 0x1ffdu}, {28, 0xffffffcu}, + {20, 0xfffe6u}, {22, 0x3fffd2u}, {20, 0xfffe7u}, {20, 0xfffe8u}, + {22, 0x3fffd3u}, {22, 0x3fffd4u}, {22, 0x3fffd5u}, {23, 0x7fffd9u}, + {22, 0x3fffd6u}, {23, 0x7fffdau}, {23, 0x7fffdbu}, {23, 0x7fffdcu}, + {23, 0x7fffddu}, {23, 0x7fffdeu}, {24, 0xffffebu}, {23, 0x7fffdfu}, + {24, 0xffffecu}, {24, 0xffffedu}, {22, 0x3fffd7u}, {23, 0x7fffe0u}, + {24, 0xffffeeu}, {23, 0x7fffe1u}, {23, 0x7fffe2u}, {23, 0x7fffe3u}, + {23, 0x7fffe4u}, {21, 0x1fffdcu}, {22, 0x3fffd8u}, {23, 0x7fffe5u}, + {22, 0x3fffd9u}, {23, 0x7fffe6u}, {23, 0x7fffe7u}, {24, 0xffffefu}, + {22, 0x3fffdau}, {21, 0x1fffddu}, {20, 0xfffe9u}, {22, 0x3fffdbu}, + {22, 0x3fffdcu}, {23, 0x7fffe8u}, {23, 0x7fffe9u}, {21, 0x1fffdeu}, + {23, 0x7fffeau}, {22, 0x3fffddu}, {22, 0x3fffdeu}, {24, 0xfffff0u}, + {21, 0x1fffdfu}, {22, 0x3fffdfu}, {23, 0x7fffebu}, {23, 0x7fffecu}, + {21, 0x1fffe0u}, {21, 0x1fffe1u}, {22, 0x3fffe0u}, {21, 0x1fffe2u}, + {23, 0x7fffedu}, {22, 0x3fffe1u}, {23, 0x7fffeeu}, {23, 0x7fffefu}, + {20, 0xfffeau}, {22, 0x3fffe2u}, {22, 0x3fffe3u}, {22, 0x3fffe4u}, + {23, 0x7ffff0u}, {22, 0x3fffe5u}, {22, 0x3fffe6u}, {23, 0x7ffff1u}, + {26, 0x3ffffe0u}, {26, 0x3ffffe1u}, {20, 0xfffebu}, {19, 0x7fff1u}, + {22, 0x3fffe7u}, {23, 0x7ffff2u}, {22, 0x3fffe8u}, {25, 0x1ffffecu}, + {26, 0x3ffffe2u}, {26, 0x3ffffe3u}, {26, 0x3ffffe4u}, {27, 0x7ffffdeu}, + {27, 0x7ffffdfu}, {26, 0x3ffffe5u}, {24, 0xfffff1u}, {25, 0x1ffffedu}, + {19, 0x7fff2u}, {21, 0x1fffe3u}, {26, 0x3ffffe6u}, {27, 0x7ffffe0u}, + {27, 0x7ffffe1u}, {26, 0x3ffffe7u}, {27, 0x7ffffe2u}, {24, 0xfffff2u}, + {21, 0x1fffe4u}, {21, 0x1fffe5u}, {26, 0x3ffffe8u}, {26, 0x3ffffe9u}, + {28, 0xffffffdu}, {27, 0x7ffffe3u}, {27, 0x7ffffe4u}, {27, 0x7ffffe5u}, + {20, 0xfffecu}, {24, 0xfffff3u}, {20, 0xfffedu}, {21, 0x1fffe6u}, + {22, 0x3fffe9u}, {21, 0x1fffe7u}, {21, 0x1fffe8u}, {23, 0x7ffff3u}, + {22, 0x3fffeau}, {22, 0x3fffebu}, {25, 0x1ffffeeu}, {25, 0x1ffffefu}, + {24, 0xfffff4u}, {24, 0xfffff5u}, {26, 0x3ffffeau}, {23, 0x7ffff4u}, + {26, 0x3ffffebu}, {27, 0x7ffffe6u}, {26, 0x3ffffecu}, {26, 0x3ffffedu}, + {27, 0x7ffffe7u}, {27, 0x7ffffe8u}, {27, 0x7ffffe9u}, {27, 0x7ffffeau}, + {27, 0x7ffffebu}, {28, 0xffffffeu}, {27, 0x7ffffecu}, {27, 0x7ffffedu}, + {27, 0x7ffffeeu}, {27, 0x7ffffefu}, {27, 0x7fffff0u}, {26, 0x3ffffeeu}, + {30, 0x3fffffffu}}; + +const nghttp3_qpack_huffman_decode_node qpack_huffman_decode_table[][16] = { + /* 0 */ + { + {4, 0x00, 0}, + {5, 0x00, 0}, + {7, 0x00, 0}, + {8, 0x00, 0}, + {11, 0x00, 0}, + {12, 0x00, 0}, + {16, 0x00, 0}, + {19, 0x00, 0}, + {25, 0x00, 0}, + {28, 0x00, 0}, + {32, 0x00, 0}, + {35, 0x00, 0}, + {42, 0x00, 0}, + {49, 0x00, 0}, + {57, 0x00, 0}, + {64, 0x01, 0}, + }, + /* 1 */ + { + {0, 0x03, 48}, + {0, 0x03, 49}, + {0, 0x03, 50}, + {0, 0x03, 97}, + {0, 0x03, 99}, + {0, 0x03, 101}, + {0, 0x03, 105}, + {0, 0x03, 111}, + {0, 0x03, 115}, + {0, 0x03, 116}, + {13, 0x00, 0}, + {14, 0x00, 0}, + {17, 0x00, 0}, + {18, 0x00, 0}, + {20, 0x00, 0}, + {21, 0x00, 0}, + }, + /* 2 */ + { + {1, 0x02, 48}, + {22, 0x03, 48}, + {1, 0x02, 49}, + {22, 0x03, 49}, + {1, 0x02, 50}, + {22, 0x03, 50}, + {1, 0x02, 97}, + {22, 0x03, 97}, + {1, 0x02, 99}, + {22, 0x03, 99}, + {1, 0x02, 101}, + {22, 0x03, 101}, + {1, 0x02, 105}, + {22, 0x03, 105}, + {1, 0x02, 111}, + {22, 0x03, 111}, + }, + /* 3 */ + { + {2, 0x02, 48}, + {9, 0x02, 48}, + {23, 0x02, 48}, + {40, 0x03, 48}, + {2, 0x02, 49}, + {9, 0x02, 49}, + {23, 0x02, 49}, + {40, 0x03, 49}, + {2, 0x02, 50}, + {9, 0x02, 50}, + {23, 0x02, 50}, + {40, 0x03, 50}, + {2, 0x02, 97}, + {9, 0x02, 97}, + {23, 0x02, 97}, + {40, 0x03, 97}, + }, + /* 4 */ + { + {3, 0x02, 48}, + {6, 0x02, 48}, + {10, 0x02, 48}, + {15, 0x02, 48}, + {24, 0x02, 48}, + {31, 0x02, 48}, + {41, 0x02, 48}, + {56, 0x03, 48}, + {3, 0x02, 49}, + {6, 0x02, 49}, + {10, 0x02, 49}, + {15, 0x02, 49}, + {24, 0x02, 49}, + {31, 0x02, 49}, + {41, 0x02, 49}, + {56, 0x03, 49}, + }, + /* 5 */ + { + {3, 0x02, 50}, + {6, 0x02, 50}, + {10, 0x02, 50}, + {15, 0x02, 50}, + {24, 0x02, 50}, + {31, 0x02, 50}, + {41, 0x02, 50}, + {56, 0x03, 50}, + {3, 0x02, 97}, + {6, 0x02, 97}, + {10, 0x02, 97}, + {15, 0x02, 97}, + {24, 0x02, 97}, + {31, 0x02, 97}, + {41, 0x02, 97}, + {56, 0x03, 97}, + }, + /* 6 */ + { + {2, 0x02, 99}, + {9, 0x02, 99}, + {23, 0x02, 99}, + {40, 0x03, 99}, + {2, 0x02, 101}, + {9, 0x02, 101}, + {23, 0x02, 101}, + {40, 0x03, 101}, + {2, 0x02, 105}, + {9, 0x02, 105}, + {23, 0x02, 105}, + {40, 0x03, 105}, + {2, 0x02, 111}, + {9, 0x02, 111}, + {23, 0x02, 111}, + {40, 0x03, 111}, + }, + /* 7 */ + { + {3, 0x02, 99}, + {6, 0x02, 99}, + {10, 0x02, 99}, + {15, 0x02, 99}, + {24, 0x02, 99}, + {31, 0x02, 99}, + {41, 0x02, 99}, + {56, 0x03, 99}, + {3, 0x02, 101}, + {6, 0x02, 101}, + {10, 0x02, 101}, + {15, 0x02, 101}, + {24, 0x02, 101}, + {31, 0x02, 101}, + {41, 0x02, 101}, + {56, 0x03, 101}, + }, + /* 8 */ + { + {3, 0x02, 105}, + {6, 0x02, 105}, + {10, 0x02, 105}, + {15, 0x02, 105}, + {24, 0x02, 105}, + {31, 0x02, 105}, + {41, 0x02, 105}, + {56, 0x03, 105}, + {3, 0x02, 111}, + {6, 0x02, 111}, + {10, 0x02, 111}, + {15, 0x02, 111}, + {24, 0x02, 111}, + {31, 0x02, 111}, + {41, 0x02, 111}, + {56, 0x03, 111}, + }, + /* 9 */ + { + {1, 0x02, 115}, + {22, 0x03, 115}, + {1, 0x02, 116}, + {22, 0x03, 116}, + {0, 0x03, 32}, + {0, 0x03, 37}, + {0, 0x03, 45}, + {0, 0x03, 46}, + {0, 0x03, 47}, + {0, 0x03, 51}, + {0, 0x03, 52}, + {0, 0x03, 53}, + {0, 0x03, 54}, + {0, 0x03, 55}, + {0, 0x03, 56}, + {0, 0x03, 57}, + }, + /* 10 */ + { + {2, 0x02, 115}, + {9, 0x02, 115}, + {23, 0x02, 115}, + {40, 0x03, 115}, + {2, 0x02, 116}, + {9, 0x02, 116}, + {23, 0x02, 116}, + {40, 0x03, 116}, + {1, 0x02, 32}, + {22, 0x03, 32}, + {1, 0x02, 37}, + {22, 0x03, 37}, + {1, 0x02, 45}, + {22, 0x03, 45}, + {1, 0x02, 46}, + {22, 0x03, 46}, + }, + /* 11 */ + { + {3, 0x02, 115}, + {6, 0x02, 115}, + {10, 0x02, 115}, + {15, 0x02, 115}, + {24, 0x02, 115}, + {31, 0x02, 115}, + {41, 0x02, 115}, + {56, 0x03, 115}, + {3, 0x02, 116}, + {6, 0x02, 116}, + {10, 0x02, 116}, + {15, 0x02, 116}, + {24, 0x02, 116}, + {31, 0x02, 116}, + {41, 0x02, 116}, + {56, 0x03, 116}, + }, + /* 12 */ + { + {2, 0x02, 32}, + {9, 0x02, 32}, + {23, 0x02, 32}, + {40, 0x03, 32}, + {2, 0x02, 37}, + {9, 0x02, 37}, + {23, 0x02, 37}, + {40, 0x03, 37}, + {2, 0x02, 45}, + {9, 0x02, 45}, + {23, 0x02, 45}, + {40, 0x03, 45}, + {2, 0x02, 46}, + {9, 0x02, 46}, + {23, 0x02, 46}, + {40, 0x03, 46}, + }, + /* 13 */ + { + {3, 0x02, 32}, + {6, 0x02, 32}, + {10, 0x02, 32}, + {15, 0x02, 32}, + {24, 0x02, 32}, + {31, 0x02, 32}, + {41, 0x02, 32}, + {56, 0x03, 32}, + {3, 0x02, 37}, + {6, 0x02, 37}, + {10, 0x02, 37}, + {15, 0x02, 37}, + {24, 0x02, 37}, + {31, 0x02, 37}, + {41, 0x02, 37}, + {56, 0x03, 37}, + }, + /* 14 */ + { + {3, 0x02, 45}, + {6, 0x02, 45}, + {10, 0x02, 45}, + {15, 0x02, 45}, + {24, 0x02, 45}, + {31, 0x02, 45}, + {41, 0x02, 45}, + {56, 0x03, 45}, + {3, 0x02, 46}, + {6, 0x02, 46}, + {10, 0x02, 46}, + {15, 0x02, 46}, + {24, 0x02, 46}, + {31, 0x02, 46}, + {41, 0x02, 46}, + {56, 0x03, 46}, + }, + /* 15 */ + { + {1, 0x02, 47}, + {22, 0x03, 47}, + {1, 0x02, 51}, + {22, 0x03, 51}, + {1, 0x02, 52}, + {22, 0x03, 52}, + {1, 0x02, 53}, + {22, 0x03, 53}, + {1, 0x02, 54}, + {22, 0x03, 54}, + {1, 0x02, 55}, + {22, 0x03, 55}, + {1, 0x02, 56}, + {22, 0x03, 56}, + {1, 0x02, 57}, + {22, 0x03, 57}, + }, + /* 16 */ + { + {2, 0x02, 47}, + {9, 0x02, 47}, + {23, 0x02, 47}, + {40, 0x03, 47}, + {2, 0x02, 51}, + {9, 0x02, 51}, + {23, 0x02, 51}, + {40, 0x03, 51}, + {2, 0x02, 52}, + {9, 0x02, 52}, + {23, 0x02, 52}, + {40, 0x03, 52}, + {2, 0x02, 53}, + {9, 0x02, 53}, + {23, 0x02, 53}, + {40, 0x03, 53}, + }, + /* 17 */ + { + {3, 0x02, 47}, + {6, 0x02, 47}, + {10, 0x02, 47}, + {15, 0x02, 47}, + {24, 0x02, 47}, + {31, 0x02, 47}, + {41, 0x02, 47}, + {56, 0x03, 47}, + {3, 0x02, 51}, + {6, 0x02, 51}, + {10, 0x02, 51}, + {15, 0x02, 51}, + {24, 0x02, 51}, + {31, 0x02, 51}, + {41, 0x02, 51}, + {56, 0x03, 51}, + }, + /* 18 */ + { + {3, 0x02, 52}, + {6, 0x02, 52}, + {10, 0x02, 52}, + {15, 0x02, 52}, + {24, 0x02, 52}, + {31, 0x02, 52}, + {41, 0x02, 52}, + {56, 0x03, 52}, + {3, 0x02, 53}, + {6, 0x02, 53}, + {10, 0x02, 53}, + {15, 0x02, 53}, + {24, 0x02, 53}, + {31, 0x02, 53}, + {41, 0x02, 53}, + {56, 0x03, 53}, + }, + /* 19 */ + { + {2, 0x02, 54}, + {9, 0x02, 54}, + {23, 0x02, 54}, + {40, 0x03, 54}, + {2, 0x02, 55}, + {9, 0x02, 55}, + {23, 0x02, 55}, + {40, 0x03, 55}, + {2, 0x02, 56}, + {9, 0x02, 56}, + {23, 0x02, 56}, + {40, 0x03, 56}, + {2, 0x02, 57}, + {9, 0x02, 57}, + {23, 0x02, 57}, + {40, 0x03, 57}, + }, + /* 20 */ + { + {3, 0x02, 54}, + {6, 0x02, 54}, + {10, 0x02, 54}, + {15, 0x02, 54}, + {24, 0x02, 54}, + {31, 0x02, 54}, + {41, 0x02, 54}, + {56, 0x03, 54}, + {3, 0x02, 55}, + {6, 0x02, 55}, + {10, 0x02, 55}, + {15, 0x02, 55}, + {24, 0x02, 55}, + {31, 0x02, 55}, + {41, 0x02, 55}, + {56, 0x03, 55}, + }, + /* 21 */ + { + {3, 0x02, 56}, + {6, 0x02, 56}, + {10, 0x02, 56}, + {15, 0x02, 56}, + {24, 0x02, 56}, + {31, 0x02, 56}, + {41, 0x02, 56}, + {56, 0x03, 56}, + {3, 0x02, 57}, + {6, 0x02, 57}, + {10, 0x02, 57}, + {15, 0x02, 57}, + {24, 0x02, 57}, + {31, 0x02, 57}, + {41, 0x02, 57}, + {56, 0x03, 57}, + }, + /* 22 */ + { + {26, 0x00, 0}, + {27, 0x00, 0}, + {29, 0x00, 0}, + {30, 0x00, 0}, + {33, 0x00, 0}, + {34, 0x00, 0}, + {36, 0x00, 0}, + {37, 0x00, 0}, + {43, 0x00, 0}, + {46, 0x00, 0}, + {50, 0x00, 0}, + {53, 0x00, 0}, + {58, 0x00, 0}, + {61, 0x00, 0}, + {65, 0x00, 0}, + {68, 0x01, 0}, + }, + /* 23 */ + { + {0, 0x03, 61}, + {0, 0x03, 65}, + {0, 0x03, 95}, + {0, 0x03, 98}, + {0, 0x03, 100}, + {0, 0x03, 102}, + {0, 0x03, 103}, + {0, 0x03, 104}, + {0, 0x03, 108}, + {0, 0x03, 109}, + {0, 0x03, 110}, + {0, 0x03, 112}, + {0, 0x03, 114}, + {0, 0x03, 117}, + {38, 0x00, 0}, + {39, 0x00, 0}, + }, + /* 24 */ + { + {1, 0x02, 61}, + {22, 0x03, 61}, + {1, 0x02, 65}, + {22, 0x03, 65}, + {1, 0x02, 95}, + {22, 0x03, 95}, + {1, 0x02, 98}, + {22, 0x03, 98}, + {1, 0x02, 100}, + {22, 0x03, 100}, + {1, 0x02, 102}, + {22, 0x03, 102}, + {1, 0x02, 103}, + {22, 0x03, 103}, + {1, 0x02, 104}, + {22, 0x03, 104}, + }, + /* 25 */ + { + {2, 0x02, 61}, + {9, 0x02, 61}, + {23, 0x02, 61}, + {40, 0x03, 61}, + {2, 0x02, 65}, + {9, 0x02, 65}, + {23, 0x02, 65}, + {40, 0x03, 65}, + {2, 0x02, 95}, + {9, 0x02, 95}, + {23, 0x02, 95}, + {40, 0x03, 95}, + {2, 0x02, 98}, + {9, 0x02, 98}, + {23, 0x02, 98}, + {40, 0x03, 98}, + }, + /* 26 */ + { + {3, 0x02, 61}, + {6, 0x02, 61}, + {10, 0x02, 61}, + {15, 0x02, 61}, + {24, 0x02, 61}, + {31, 0x02, 61}, + {41, 0x02, 61}, + {56, 0x03, 61}, + {3, 0x02, 65}, + {6, 0x02, 65}, + {10, 0x02, 65}, + {15, 0x02, 65}, + {24, 0x02, 65}, + {31, 0x02, 65}, + {41, 0x02, 65}, + {56, 0x03, 65}, + }, + /* 27 */ + { + {3, 0x02, 95}, + {6, 0x02, 95}, + {10, 0x02, 95}, + {15, 0x02, 95}, + {24, 0x02, 95}, + {31, 0x02, 95}, + {41, 0x02, 95}, + {56, 0x03, 95}, + {3, 0x02, 98}, + {6, 0x02, 98}, + {10, 0x02, 98}, + {15, 0x02, 98}, + {24, 0x02, 98}, + {31, 0x02, 98}, + {41, 0x02, 98}, + {56, 0x03, 98}, + }, + /* 28 */ + { + {2, 0x02, 100}, + {9, 0x02, 100}, + {23, 0x02, 100}, + {40, 0x03, 100}, + {2, 0x02, 102}, + {9, 0x02, 102}, + {23, 0x02, 102}, + {40, 0x03, 102}, + {2, 0x02, 103}, + {9, 0x02, 103}, + {23, 0x02, 103}, + {40, 0x03, 103}, + {2, 0x02, 104}, + {9, 0x02, 104}, + {23, 0x02, 104}, + {40, 0x03, 104}, + }, + /* 29 */ + { + {3, 0x02, 100}, + {6, 0x02, 100}, + {10, 0x02, 100}, + {15, 0x02, 100}, + {24, 0x02, 100}, + {31, 0x02, 100}, + {41, 0x02, 100}, + {56, 0x03, 100}, + {3, 0x02, 102}, + {6, 0x02, 102}, + {10, 0x02, 102}, + {15, 0x02, 102}, + {24, 0x02, 102}, + {31, 0x02, 102}, + {41, 0x02, 102}, + {56, 0x03, 102}, + }, + /* 30 */ + { + {3, 0x02, 103}, + {6, 0x02, 103}, + {10, 0x02, 103}, + {15, 0x02, 103}, + {24, 0x02, 103}, + {31, 0x02, 103}, + {41, 0x02, 103}, + {56, 0x03, 103}, + {3, 0x02, 104}, + {6, 0x02, 104}, + {10, 0x02, 104}, + {15, 0x02, 104}, + {24, 0x02, 104}, + {31, 0x02, 104}, + {41, 0x02, 104}, + {56, 0x03, 104}, + }, + /* 31 */ + { + {1, 0x02, 108}, + {22, 0x03, 108}, + {1, 0x02, 109}, + {22, 0x03, 109}, + {1, 0x02, 110}, + {22, 0x03, 110}, + {1, 0x02, 112}, + {22, 0x03, 112}, + {1, 0x02, 114}, + {22, 0x03, 114}, + {1, 0x02, 117}, + {22, 0x03, 117}, + {0, 0x03, 58}, + {0, 0x03, 66}, + {0, 0x03, 67}, + {0, 0x03, 68}, + }, + /* 32 */ + { + {2, 0x02, 108}, + {9, 0x02, 108}, + {23, 0x02, 108}, + {40, 0x03, 108}, + {2, 0x02, 109}, + {9, 0x02, 109}, + {23, 0x02, 109}, + {40, 0x03, 109}, + {2, 0x02, 110}, + {9, 0x02, 110}, + {23, 0x02, 110}, + {40, 0x03, 110}, + {2, 0x02, 112}, + {9, 0x02, 112}, + {23, 0x02, 112}, + {40, 0x03, 112}, + }, + /* 33 */ + { + {3, 0x02, 108}, + {6, 0x02, 108}, + {10, 0x02, 108}, + {15, 0x02, 108}, + {24, 0x02, 108}, + {31, 0x02, 108}, + {41, 0x02, 108}, + {56, 0x03, 108}, + {3, 0x02, 109}, + {6, 0x02, 109}, + {10, 0x02, 109}, + {15, 0x02, 109}, + {24, 0x02, 109}, + {31, 0x02, 109}, + {41, 0x02, 109}, + {56, 0x03, 109}, + }, + /* 34 */ + { + {3, 0x02, 110}, + {6, 0x02, 110}, + {10, 0x02, 110}, + {15, 0x02, 110}, + {24, 0x02, 110}, + {31, 0x02, 110}, + {41, 0x02, 110}, + {56, 0x03, 110}, + {3, 0x02, 112}, + {6, 0x02, 112}, + {10, 0x02, 112}, + {15, 0x02, 112}, + {24, 0x02, 112}, + {31, 0x02, 112}, + {41, 0x02, 112}, + {56, 0x03, 112}, + }, + /* 35 */ + { + {2, 0x02, 114}, + {9, 0x02, 114}, + {23, 0x02, 114}, + {40, 0x03, 114}, + {2, 0x02, 117}, + {9, 0x02, 117}, + {23, 0x02, 117}, + {40, 0x03, 117}, + {1, 0x02, 58}, + {22, 0x03, 58}, + {1, 0x02, 66}, + {22, 0x03, 66}, + {1, 0x02, 67}, + {22, 0x03, 67}, + {1, 0x02, 68}, + {22, 0x03, 68}, + }, + /* 36 */ + { + {3, 0x02, 114}, + {6, 0x02, 114}, + {10, 0x02, 114}, + {15, 0x02, 114}, + {24, 0x02, 114}, + {31, 0x02, 114}, + {41, 0x02, 114}, + {56, 0x03, 114}, + {3, 0x02, 117}, + {6, 0x02, 117}, + {10, 0x02, 117}, + {15, 0x02, 117}, + {24, 0x02, 117}, + {31, 0x02, 117}, + {41, 0x02, 117}, + {56, 0x03, 117}, + }, + /* 37 */ + { + {2, 0x02, 58}, + {9, 0x02, 58}, + {23, 0x02, 58}, + {40, 0x03, 58}, + {2, 0x02, 66}, + {9, 0x02, 66}, + {23, 0x02, 66}, + {40, 0x03, 66}, + {2, 0x02, 67}, + {9, 0x02, 67}, + {23, 0x02, 67}, + {40, 0x03, 67}, + {2, 0x02, 68}, + {9, 0x02, 68}, + {23, 0x02, 68}, + {40, 0x03, 68}, + }, + /* 38 */ + { + {3, 0x02, 58}, + {6, 0x02, 58}, + {10, 0x02, 58}, + {15, 0x02, 58}, + {24, 0x02, 58}, + {31, 0x02, 58}, + {41, 0x02, 58}, + {56, 0x03, 58}, + {3, 0x02, 66}, + {6, 0x02, 66}, + {10, 0x02, 66}, + {15, 0x02, 66}, + {24, 0x02, 66}, + {31, 0x02, 66}, + {41, 0x02, 66}, + {56, 0x03, 66}, + }, + /* 39 */ + { + {3, 0x02, 67}, + {6, 0x02, 67}, + {10, 0x02, 67}, + {15, 0x02, 67}, + {24, 0x02, 67}, + {31, 0x02, 67}, + {41, 0x02, 67}, + {56, 0x03, 67}, + {3, 0x02, 68}, + {6, 0x02, 68}, + {10, 0x02, 68}, + {15, 0x02, 68}, + {24, 0x02, 68}, + {31, 0x02, 68}, + {41, 0x02, 68}, + {56, 0x03, 68}, + }, + /* 40 */ + { + {44, 0x00, 0}, + {45, 0x00, 0}, + {47, 0x00, 0}, + {48, 0x00, 0}, + {51, 0x00, 0}, + {52, 0x00, 0}, + {54, 0x00, 0}, + {55, 0x00, 0}, + {59, 0x00, 0}, + {60, 0x00, 0}, + {62, 0x00, 0}, + {63, 0x00, 0}, + {66, 0x00, 0}, + {67, 0x00, 0}, + {69, 0x00, 0}, + {72, 0x01, 0}, + }, + /* 41 */ + { + {0, 0x03, 69}, + {0, 0x03, 70}, + {0, 0x03, 71}, + {0, 0x03, 72}, + {0, 0x03, 73}, + {0, 0x03, 74}, + {0, 0x03, 75}, + {0, 0x03, 76}, + {0, 0x03, 77}, + {0, 0x03, 78}, + {0, 0x03, 79}, + {0, 0x03, 80}, + {0, 0x03, 81}, + {0, 0x03, 82}, + {0, 0x03, 83}, + {0, 0x03, 84}, + }, + /* 42 */ + { + {1, 0x02, 69}, + {22, 0x03, 69}, + {1, 0x02, 70}, + {22, 0x03, 70}, + {1, 0x02, 71}, + {22, 0x03, 71}, + {1, 0x02, 72}, + {22, 0x03, 72}, + {1, 0x02, 73}, + {22, 0x03, 73}, + {1, 0x02, 74}, + {22, 0x03, 74}, + {1, 0x02, 75}, + {22, 0x03, 75}, + {1, 0x02, 76}, + {22, 0x03, 76}, + }, + /* 43 */ + { + {2, 0x02, 69}, + {9, 0x02, 69}, + {23, 0x02, 69}, + {40, 0x03, 69}, + {2, 0x02, 70}, + {9, 0x02, 70}, + {23, 0x02, 70}, + {40, 0x03, 70}, + {2, 0x02, 71}, + {9, 0x02, 71}, + {23, 0x02, 71}, + {40, 0x03, 71}, + {2, 0x02, 72}, + {9, 0x02, 72}, + {23, 0x02, 72}, + {40, 0x03, 72}, + }, + /* 44 */ + { + {3, 0x02, 69}, + {6, 0x02, 69}, + {10, 0x02, 69}, + {15, 0x02, 69}, + {24, 0x02, 69}, + {31, 0x02, 69}, + {41, 0x02, 69}, + {56, 0x03, 69}, + {3, 0x02, 70}, + {6, 0x02, 70}, + {10, 0x02, 70}, + {15, 0x02, 70}, + {24, 0x02, 70}, + {31, 0x02, 70}, + {41, 0x02, 70}, + {56, 0x03, 70}, + }, + /* 45 */ + { + {3, 0x02, 71}, + {6, 0x02, 71}, + {10, 0x02, 71}, + {15, 0x02, 71}, + {24, 0x02, 71}, + {31, 0x02, 71}, + {41, 0x02, 71}, + {56, 0x03, 71}, + {3, 0x02, 72}, + {6, 0x02, 72}, + {10, 0x02, 72}, + {15, 0x02, 72}, + {24, 0x02, 72}, + {31, 0x02, 72}, + {41, 0x02, 72}, + {56, 0x03, 72}, + }, + /* 46 */ + { + {2, 0x02, 73}, + {9, 0x02, 73}, + {23, 0x02, 73}, + {40, 0x03, 73}, + {2, 0x02, 74}, + {9, 0x02, 74}, + {23, 0x02, 74}, + {40, 0x03, 74}, + {2, 0x02, 75}, + {9, 0x02, 75}, + {23, 0x02, 75}, + {40, 0x03, 75}, + {2, 0x02, 76}, + {9, 0x02, 76}, + {23, 0x02, 76}, + {40, 0x03, 76}, + }, + /* 47 */ + { + {3, 0x02, 73}, + {6, 0x02, 73}, + {10, 0x02, 73}, + {15, 0x02, 73}, + {24, 0x02, 73}, + {31, 0x02, 73}, + {41, 0x02, 73}, + {56, 0x03, 73}, + {3, 0x02, 74}, + {6, 0x02, 74}, + {10, 0x02, 74}, + {15, 0x02, 74}, + {24, 0x02, 74}, + {31, 0x02, 74}, + {41, 0x02, 74}, + {56, 0x03, 74}, + }, + /* 48 */ + { + {3, 0x02, 75}, + {6, 0x02, 75}, + {10, 0x02, 75}, + {15, 0x02, 75}, + {24, 0x02, 75}, + {31, 0x02, 75}, + {41, 0x02, 75}, + {56, 0x03, 75}, + {3, 0x02, 76}, + {6, 0x02, 76}, + {10, 0x02, 76}, + {15, 0x02, 76}, + {24, 0x02, 76}, + {31, 0x02, 76}, + {41, 0x02, 76}, + {56, 0x03, 76}, + }, + /* 49 */ + { + {1, 0x02, 77}, + {22, 0x03, 77}, + {1, 0x02, 78}, + {22, 0x03, 78}, + {1, 0x02, 79}, + {22, 0x03, 79}, + {1, 0x02, 80}, + {22, 0x03, 80}, + {1, 0x02, 81}, + {22, 0x03, 81}, + {1, 0x02, 82}, + {22, 0x03, 82}, + {1, 0x02, 83}, + {22, 0x03, 83}, + {1, 0x02, 84}, + {22, 0x03, 84}, + }, + /* 50 */ + { + {2, 0x02, 77}, + {9, 0x02, 77}, + {23, 0x02, 77}, + {40, 0x03, 77}, + {2, 0x02, 78}, + {9, 0x02, 78}, + {23, 0x02, 78}, + {40, 0x03, 78}, + {2, 0x02, 79}, + {9, 0x02, 79}, + {23, 0x02, 79}, + {40, 0x03, 79}, + {2, 0x02, 80}, + {9, 0x02, 80}, + {23, 0x02, 80}, + {40, 0x03, 80}, + }, + /* 51 */ + { + {3, 0x02, 77}, + {6, 0x02, 77}, + {10, 0x02, 77}, + {15, 0x02, 77}, + {24, 0x02, 77}, + {31, 0x02, 77}, + {41, 0x02, 77}, + {56, 0x03, 77}, + {3, 0x02, 78}, + {6, 0x02, 78}, + {10, 0x02, 78}, + {15, 0x02, 78}, + {24, 0x02, 78}, + {31, 0x02, 78}, + {41, 0x02, 78}, + {56, 0x03, 78}, + }, + /* 52 */ + { + {3, 0x02, 79}, + {6, 0x02, 79}, + {10, 0x02, 79}, + {15, 0x02, 79}, + {24, 0x02, 79}, + {31, 0x02, 79}, + {41, 0x02, 79}, + {56, 0x03, 79}, + {3, 0x02, 80}, + {6, 0x02, 80}, + {10, 0x02, 80}, + {15, 0x02, 80}, + {24, 0x02, 80}, + {31, 0x02, 80}, + {41, 0x02, 80}, + {56, 0x03, 80}, + }, + /* 53 */ + { + {2, 0x02, 81}, + {9, 0x02, 81}, + {23, 0x02, 81}, + {40, 0x03, 81}, + {2, 0x02, 82}, + {9, 0x02, 82}, + {23, 0x02, 82}, + {40, 0x03, 82}, + {2, 0x02, 83}, + {9, 0x02, 83}, + {23, 0x02, 83}, + {40, 0x03, 83}, + {2, 0x02, 84}, + {9, 0x02, 84}, + {23, 0x02, 84}, + {40, 0x03, 84}, + }, + /* 54 */ + { + {3, 0x02, 81}, + {6, 0x02, 81}, + {10, 0x02, 81}, + {15, 0x02, 81}, + {24, 0x02, 81}, + {31, 0x02, 81}, + {41, 0x02, 81}, + {56, 0x03, 81}, + {3, 0x02, 82}, + {6, 0x02, 82}, + {10, 0x02, 82}, + {15, 0x02, 82}, + {24, 0x02, 82}, + {31, 0x02, 82}, + {41, 0x02, 82}, + {56, 0x03, 82}, + }, + /* 55 */ + { + {3, 0x02, 83}, + {6, 0x02, 83}, + {10, 0x02, 83}, + {15, 0x02, 83}, + {24, 0x02, 83}, + {31, 0x02, 83}, + {41, 0x02, 83}, + {56, 0x03, 83}, + {3, 0x02, 84}, + {6, 0x02, 84}, + {10, 0x02, 84}, + {15, 0x02, 84}, + {24, 0x02, 84}, + {31, 0x02, 84}, + {41, 0x02, 84}, + {56, 0x03, 84}, + }, + /* 56 */ + { + {0, 0x03, 85}, + {0, 0x03, 86}, + {0, 0x03, 87}, + {0, 0x03, 89}, + {0, 0x03, 106}, + {0, 0x03, 107}, + {0, 0x03, 113}, + {0, 0x03, 118}, + {0, 0x03, 119}, + {0, 0x03, 120}, + {0, 0x03, 121}, + {0, 0x03, 122}, + {70, 0x00, 0}, + {71, 0x00, 0}, + {73, 0x00, 0}, + {74, 0x01, 0}, + }, + /* 57 */ + { + {1, 0x02, 85}, + {22, 0x03, 85}, + {1, 0x02, 86}, + {22, 0x03, 86}, + {1, 0x02, 87}, + {22, 0x03, 87}, + {1, 0x02, 89}, + {22, 0x03, 89}, + {1, 0x02, 106}, + {22, 0x03, 106}, + {1, 0x02, 107}, + {22, 0x03, 107}, + {1, 0x02, 113}, + {22, 0x03, 113}, + {1, 0x02, 118}, + {22, 0x03, 118}, + }, + /* 58 */ + { + {2, 0x02, 85}, + {9, 0x02, 85}, + {23, 0x02, 85}, + {40, 0x03, 85}, + {2, 0x02, 86}, + {9, 0x02, 86}, + {23, 0x02, 86}, + {40, 0x03, 86}, + {2, 0x02, 87}, + {9, 0x02, 87}, + {23, 0x02, 87}, + {40, 0x03, 87}, + {2, 0x02, 89}, + {9, 0x02, 89}, + {23, 0x02, 89}, + {40, 0x03, 89}, + }, + /* 59 */ + { + {3, 0x02, 85}, + {6, 0x02, 85}, + {10, 0x02, 85}, + {15, 0x02, 85}, + {24, 0x02, 85}, + {31, 0x02, 85}, + {41, 0x02, 85}, + {56, 0x03, 85}, + {3, 0x02, 86}, + {6, 0x02, 86}, + {10, 0x02, 86}, + {15, 0x02, 86}, + {24, 0x02, 86}, + {31, 0x02, 86}, + {41, 0x02, 86}, + {56, 0x03, 86}, + }, + /* 60 */ + { + {3, 0x02, 87}, + {6, 0x02, 87}, + {10, 0x02, 87}, + {15, 0x02, 87}, + {24, 0x02, 87}, + {31, 0x02, 87}, + {41, 0x02, 87}, + {56, 0x03, 87}, + {3, 0x02, 89}, + {6, 0x02, 89}, + {10, 0x02, 89}, + {15, 0x02, 89}, + {24, 0x02, 89}, + {31, 0x02, 89}, + {41, 0x02, 89}, + {56, 0x03, 89}, + }, + /* 61 */ + { + {2, 0x02, 106}, + {9, 0x02, 106}, + {23, 0x02, 106}, + {40, 0x03, 106}, + {2, 0x02, 107}, + {9, 0x02, 107}, + {23, 0x02, 107}, + {40, 0x03, 107}, + {2, 0x02, 113}, + {9, 0x02, 113}, + {23, 0x02, 113}, + {40, 0x03, 113}, + {2, 0x02, 118}, + {9, 0x02, 118}, + {23, 0x02, 118}, + {40, 0x03, 118}, + }, + /* 62 */ + { + {3, 0x02, 106}, + {6, 0x02, 106}, + {10, 0x02, 106}, + {15, 0x02, 106}, + {24, 0x02, 106}, + {31, 0x02, 106}, + {41, 0x02, 106}, + {56, 0x03, 106}, + {3, 0x02, 107}, + {6, 0x02, 107}, + {10, 0x02, 107}, + {15, 0x02, 107}, + {24, 0x02, 107}, + {31, 0x02, 107}, + {41, 0x02, 107}, + {56, 0x03, 107}, + }, + /* 63 */ + { + {3, 0x02, 113}, + {6, 0x02, 113}, + {10, 0x02, 113}, + {15, 0x02, 113}, + {24, 0x02, 113}, + {31, 0x02, 113}, + {41, 0x02, 113}, + {56, 0x03, 113}, + {3, 0x02, 118}, + {6, 0x02, 118}, + {10, 0x02, 118}, + {15, 0x02, 118}, + {24, 0x02, 118}, + {31, 0x02, 118}, + {41, 0x02, 118}, + {56, 0x03, 118}, + }, + /* 64 */ + { + {1, 0x02, 119}, + {22, 0x03, 119}, + {1, 0x02, 120}, + {22, 0x03, 120}, + {1, 0x02, 121}, + {22, 0x03, 121}, + {1, 0x02, 122}, + {22, 0x03, 122}, + {0, 0x03, 38}, + {0, 0x03, 42}, + {0, 0x03, 44}, + {0, 0x03, 59}, + {0, 0x03, 88}, + {0, 0x03, 90}, + {75, 0x00, 0}, + {78, 0x00, 0}, + }, + /* 65 */ + { + {2, 0x02, 119}, + {9, 0x02, 119}, + {23, 0x02, 119}, + {40, 0x03, 119}, + {2, 0x02, 120}, + {9, 0x02, 120}, + {23, 0x02, 120}, + {40, 0x03, 120}, + {2, 0x02, 121}, + {9, 0x02, 121}, + {23, 0x02, 121}, + {40, 0x03, 121}, + {2, 0x02, 122}, + {9, 0x02, 122}, + {23, 0x02, 122}, + {40, 0x03, 122}, + }, + /* 66 */ + { + {3, 0x02, 119}, + {6, 0x02, 119}, + {10, 0x02, 119}, + {15, 0x02, 119}, + {24, 0x02, 119}, + {31, 0x02, 119}, + {41, 0x02, 119}, + {56, 0x03, 119}, + {3, 0x02, 120}, + {6, 0x02, 120}, + {10, 0x02, 120}, + {15, 0x02, 120}, + {24, 0x02, 120}, + {31, 0x02, 120}, + {41, 0x02, 120}, + {56, 0x03, 120}, + }, + /* 67 */ + { + {3, 0x02, 121}, + {6, 0x02, 121}, + {10, 0x02, 121}, + {15, 0x02, 121}, + {24, 0x02, 121}, + {31, 0x02, 121}, + {41, 0x02, 121}, + {56, 0x03, 121}, + {3, 0x02, 122}, + {6, 0x02, 122}, + {10, 0x02, 122}, + {15, 0x02, 122}, + {24, 0x02, 122}, + {31, 0x02, 122}, + {41, 0x02, 122}, + {56, 0x03, 122}, + }, + /* 68 */ + { + {1, 0x02, 38}, + {22, 0x03, 38}, + {1, 0x02, 42}, + {22, 0x03, 42}, + {1, 0x02, 44}, + {22, 0x03, 44}, + {1, 0x02, 59}, + {22, 0x03, 59}, + {1, 0x02, 88}, + {22, 0x03, 88}, + {1, 0x02, 90}, + {22, 0x03, 90}, + {76, 0x00, 0}, + {77, 0x00, 0}, + {79, 0x00, 0}, + {81, 0x00, 0}, + }, + /* 69 */ + { + {2, 0x02, 38}, + {9, 0x02, 38}, + {23, 0x02, 38}, + {40, 0x03, 38}, + {2, 0x02, 42}, + {9, 0x02, 42}, + {23, 0x02, 42}, + {40, 0x03, 42}, + {2, 0x02, 44}, + {9, 0x02, 44}, + {23, 0x02, 44}, + {40, 0x03, 44}, + {2, 0x02, 59}, + {9, 0x02, 59}, + {23, 0x02, 59}, + {40, 0x03, 59}, + }, + /* 70 */ + { + {3, 0x02, 38}, + {6, 0x02, 38}, + {10, 0x02, 38}, + {15, 0x02, 38}, + {24, 0x02, 38}, + {31, 0x02, 38}, + {41, 0x02, 38}, + {56, 0x03, 38}, + {3, 0x02, 42}, + {6, 0x02, 42}, + {10, 0x02, 42}, + {15, 0x02, 42}, + {24, 0x02, 42}, + {31, 0x02, 42}, + {41, 0x02, 42}, + {56, 0x03, 42}, + }, + /* 71 */ + { + {3, 0x02, 44}, + {6, 0x02, 44}, + {10, 0x02, 44}, + {15, 0x02, 44}, + {24, 0x02, 44}, + {31, 0x02, 44}, + {41, 0x02, 44}, + {56, 0x03, 44}, + {3, 0x02, 59}, + {6, 0x02, 59}, + {10, 0x02, 59}, + {15, 0x02, 59}, + {24, 0x02, 59}, + {31, 0x02, 59}, + {41, 0x02, 59}, + {56, 0x03, 59}, + }, + /* 72 */ + { + {2, 0x02, 88}, + {9, 0x02, 88}, + {23, 0x02, 88}, + {40, 0x03, 88}, + {2, 0x02, 90}, + {9, 0x02, 90}, + {23, 0x02, 90}, + {40, 0x03, 90}, + {0, 0x03, 33}, + {0, 0x03, 34}, + {0, 0x03, 40}, + {0, 0x03, 41}, + {0, 0x03, 63}, + {80, 0x00, 0}, + {82, 0x00, 0}, + {84, 0x00, 0}, + }, + /* 73 */ + { + {3, 0x02, 88}, + {6, 0x02, 88}, + {10, 0x02, 88}, + {15, 0x02, 88}, + {24, 0x02, 88}, + {31, 0x02, 88}, + {41, 0x02, 88}, + {56, 0x03, 88}, + {3, 0x02, 90}, + {6, 0x02, 90}, + {10, 0x02, 90}, + {15, 0x02, 90}, + {24, 0x02, 90}, + {31, 0x02, 90}, + {41, 0x02, 90}, + {56, 0x03, 90}, + }, + /* 74 */ + { + {1, 0x02, 33}, + {22, 0x03, 33}, + {1, 0x02, 34}, + {22, 0x03, 34}, + {1, 0x02, 40}, + {22, 0x03, 40}, + {1, 0x02, 41}, + {22, 0x03, 41}, + {1, 0x02, 63}, + {22, 0x03, 63}, + {0, 0x03, 39}, + {0, 0x03, 43}, + {0, 0x03, 124}, + {83, 0x00, 0}, + {85, 0x00, 0}, + {88, 0x00, 0}, + }, + /* 75 */ + { + {2, 0x02, 33}, + {9, 0x02, 33}, + {23, 0x02, 33}, + {40, 0x03, 33}, + {2, 0x02, 34}, + {9, 0x02, 34}, + {23, 0x02, 34}, + {40, 0x03, 34}, + {2, 0x02, 40}, + {9, 0x02, 40}, + {23, 0x02, 40}, + {40, 0x03, 40}, + {2, 0x02, 41}, + {9, 0x02, 41}, + {23, 0x02, 41}, + {40, 0x03, 41}, + }, + /* 76 */ + { + {3, 0x02, 33}, + {6, 0x02, 33}, + {10, 0x02, 33}, + {15, 0x02, 33}, + {24, 0x02, 33}, + {31, 0x02, 33}, + {41, 0x02, 33}, + {56, 0x03, 33}, + {3, 0x02, 34}, + {6, 0x02, 34}, + {10, 0x02, 34}, + {15, 0x02, 34}, + {24, 0x02, 34}, + {31, 0x02, 34}, + {41, 0x02, 34}, + {56, 0x03, 34}, + }, + /* 77 */ + { + {3, 0x02, 40}, + {6, 0x02, 40}, + {10, 0x02, 40}, + {15, 0x02, 40}, + {24, 0x02, 40}, + {31, 0x02, 40}, + {41, 0x02, 40}, + {56, 0x03, 40}, + {3, 0x02, 41}, + {6, 0x02, 41}, + {10, 0x02, 41}, + {15, 0x02, 41}, + {24, 0x02, 41}, + {31, 0x02, 41}, + {41, 0x02, 41}, + {56, 0x03, 41}, + }, + /* 78 */ + { + {2, 0x02, 63}, + {9, 0x02, 63}, + {23, 0x02, 63}, + {40, 0x03, 63}, + {1, 0x02, 39}, + {22, 0x03, 39}, + {1, 0x02, 43}, + {22, 0x03, 43}, + {1, 0x02, 124}, + {22, 0x03, 124}, + {0, 0x03, 35}, + {0, 0x03, 62}, + {86, 0x00, 0}, + {87, 0x00, 0}, + {89, 0x00, 0}, + {90, 0x00, 0}, + }, + /* 79 */ + { + {3, 0x02, 63}, + {6, 0x02, 63}, + {10, 0x02, 63}, + {15, 0x02, 63}, + {24, 0x02, 63}, + {31, 0x02, 63}, + {41, 0x02, 63}, + {56, 0x03, 63}, + {2, 0x02, 39}, + {9, 0x02, 39}, + {23, 0x02, 39}, + {40, 0x03, 39}, + {2, 0x02, 43}, + {9, 0x02, 43}, + {23, 0x02, 43}, + {40, 0x03, 43}, + }, + /* 80 */ + { + {3, 0x02, 39}, + {6, 0x02, 39}, + {10, 0x02, 39}, + {15, 0x02, 39}, + {24, 0x02, 39}, + {31, 0x02, 39}, + {41, 0x02, 39}, + {56, 0x03, 39}, + {3, 0x02, 43}, + {6, 0x02, 43}, + {10, 0x02, 43}, + {15, 0x02, 43}, + {24, 0x02, 43}, + {31, 0x02, 43}, + {41, 0x02, 43}, + {56, 0x03, 43}, + }, + /* 81 */ + { + {2, 0x02, 124}, + {9, 0x02, 124}, + {23, 0x02, 124}, + {40, 0x03, 124}, + {1, 0x02, 35}, + {22, 0x03, 35}, + {1, 0x02, 62}, + {22, 0x03, 62}, + {0, 0x03, 0}, + {0, 0x03, 36}, + {0, 0x03, 64}, + {0, 0x03, 91}, + {0, 0x03, 93}, + {0, 0x03, 126}, + {91, 0x00, 0}, + {92, 0x00, 0}, + }, + /* 82 */ + { + {3, 0x02, 124}, + {6, 0x02, 124}, + {10, 0x02, 124}, + {15, 0x02, 124}, + {24, 0x02, 124}, + {31, 0x02, 124}, + {41, 0x02, 124}, + {56, 0x03, 124}, + {2, 0x02, 35}, + {9, 0x02, 35}, + {23, 0x02, 35}, + {40, 0x03, 35}, + {2, 0x02, 62}, + {9, 0x02, 62}, + {23, 0x02, 62}, + {40, 0x03, 62}, + }, + /* 83 */ + { + {3, 0x02, 35}, + {6, 0x02, 35}, + {10, 0x02, 35}, + {15, 0x02, 35}, + {24, 0x02, 35}, + {31, 0x02, 35}, + {41, 0x02, 35}, + {56, 0x03, 35}, + {3, 0x02, 62}, + {6, 0x02, 62}, + {10, 0x02, 62}, + {15, 0x02, 62}, + {24, 0x02, 62}, + {31, 0x02, 62}, + {41, 0x02, 62}, + {56, 0x03, 62}, + }, + /* 84 */ + { + {1, 0x02, 0}, + {22, 0x03, 0}, + {1, 0x02, 36}, + {22, 0x03, 36}, + {1, 0x02, 64}, + {22, 0x03, 64}, + {1, 0x02, 91}, + {22, 0x03, 91}, + {1, 0x02, 93}, + {22, 0x03, 93}, + {1, 0x02, 126}, + {22, 0x03, 126}, + {0, 0x03, 94}, + {0, 0x03, 125}, + {93, 0x00, 0}, + {94, 0x00, 0}, + }, + /* 85 */ + { + {2, 0x02, 0}, + {9, 0x02, 0}, + {23, 0x02, 0}, + {40, 0x03, 0}, + {2, 0x02, 36}, + {9, 0x02, 36}, + {23, 0x02, 36}, + {40, 0x03, 36}, + {2, 0x02, 64}, + {9, 0x02, 64}, + {23, 0x02, 64}, + {40, 0x03, 64}, + {2, 0x02, 91}, + {9, 0x02, 91}, + {23, 0x02, 91}, + {40, 0x03, 91}, + }, + /* 86 */ + { + {3, 0x02, 0}, + {6, 0x02, 0}, + {10, 0x02, 0}, + {15, 0x02, 0}, + {24, 0x02, 0}, + {31, 0x02, 0}, + {41, 0x02, 0}, + {56, 0x03, 0}, + {3, 0x02, 36}, + {6, 0x02, 36}, + {10, 0x02, 36}, + {15, 0x02, 36}, + {24, 0x02, 36}, + {31, 0x02, 36}, + {41, 0x02, 36}, + {56, 0x03, 36}, + }, + /* 87 */ + { + {3, 0x02, 64}, + {6, 0x02, 64}, + {10, 0x02, 64}, + {15, 0x02, 64}, + {24, 0x02, 64}, + {31, 0x02, 64}, + {41, 0x02, 64}, + {56, 0x03, 64}, + {3, 0x02, 91}, + {6, 0x02, 91}, + {10, 0x02, 91}, + {15, 0x02, 91}, + {24, 0x02, 91}, + {31, 0x02, 91}, + {41, 0x02, 91}, + {56, 0x03, 91}, + }, + /* 88 */ + { + {2, 0x02, 93}, + {9, 0x02, 93}, + {23, 0x02, 93}, + {40, 0x03, 93}, + {2, 0x02, 126}, + {9, 0x02, 126}, + {23, 0x02, 126}, + {40, 0x03, 126}, + {1, 0x02, 94}, + {22, 0x03, 94}, + {1, 0x02, 125}, + {22, 0x03, 125}, + {0, 0x03, 60}, + {0, 0x03, 96}, + {0, 0x03, 123}, + {95, 0x00, 0}, + }, + /* 89 */ + { + {3, 0x02, 93}, + {6, 0x02, 93}, + {10, 0x02, 93}, + {15, 0x02, 93}, + {24, 0x02, 93}, + {31, 0x02, 93}, + {41, 0x02, 93}, + {56, 0x03, 93}, + {3, 0x02, 126}, + {6, 0x02, 126}, + {10, 0x02, 126}, + {15, 0x02, 126}, + {24, 0x02, 126}, + {31, 0x02, 126}, + {41, 0x02, 126}, + {56, 0x03, 126}, + }, + /* 90 */ + { + {2, 0x02, 94}, + {9, 0x02, 94}, + {23, 0x02, 94}, + {40, 0x03, 94}, + {2, 0x02, 125}, + {9, 0x02, 125}, + {23, 0x02, 125}, + {40, 0x03, 125}, + {1, 0x02, 60}, + {22, 0x03, 60}, + {1, 0x02, 96}, + {22, 0x03, 96}, + {1, 0x02, 123}, + {22, 0x03, 123}, + {96, 0x00, 0}, + {110, 0x00, 0}, + }, + /* 91 */ + { + {3, 0x02, 94}, + {6, 0x02, 94}, + {10, 0x02, 94}, + {15, 0x02, 94}, + {24, 0x02, 94}, + {31, 0x02, 94}, + {41, 0x02, 94}, + {56, 0x03, 94}, + {3, 0x02, 125}, + {6, 0x02, 125}, + {10, 0x02, 125}, + {15, 0x02, 125}, + {24, 0x02, 125}, + {31, 0x02, 125}, + {41, 0x02, 125}, + {56, 0x03, 125}, + }, + /* 92 */ + { + {2, 0x02, 60}, + {9, 0x02, 60}, + {23, 0x02, 60}, + {40, 0x03, 60}, + {2, 0x02, 96}, + {9, 0x02, 96}, + {23, 0x02, 96}, + {40, 0x03, 96}, + {2, 0x02, 123}, + {9, 0x02, 123}, + {23, 0x02, 123}, + {40, 0x03, 123}, + {97, 0x00, 0}, + {101, 0x00, 0}, + {111, 0x00, 0}, + {133, 0x00, 0}, + }, + /* 93 */ + { + {3, 0x02, 60}, + {6, 0x02, 60}, + {10, 0x02, 60}, + {15, 0x02, 60}, + {24, 0x02, 60}, + {31, 0x02, 60}, + {41, 0x02, 60}, + {56, 0x03, 60}, + {3, 0x02, 96}, + {6, 0x02, 96}, + {10, 0x02, 96}, + {15, 0x02, 96}, + {24, 0x02, 96}, + {31, 0x02, 96}, + {41, 0x02, 96}, + {56, 0x03, 96}, + }, + /* 94 */ + { + {3, 0x02, 123}, + {6, 0x02, 123}, + {10, 0x02, 123}, + {15, 0x02, 123}, + {24, 0x02, 123}, + {31, 0x02, 123}, + {41, 0x02, 123}, + {56, 0x03, 123}, + {98, 0x00, 0}, + {99, 0x00, 0}, + {102, 0x00, 0}, + {105, 0x00, 0}, + {112, 0x00, 0}, + {119, 0x00, 0}, + {134, 0x00, 0}, + {153, 0x00, 0}, + }, + /* 95 */ + { + {0, 0x03, 92}, + {0, 0x03, 195}, + {0, 0x03, 208}, + {100, 0x00, 0}, + {103, 0x00, 0}, + {104, 0x00, 0}, + {106, 0x00, 0}, + {107, 0x00, 0}, + {113, 0x00, 0}, + {116, 0x00, 0}, + {120, 0x00, 0}, + {126, 0x00, 0}, + {135, 0x00, 0}, + {142, 0x00, 0}, + {154, 0x00, 0}, + {169, 0x00, 0}, + }, + /* 96 */ + { + {1, 0x02, 92}, + {22, 0x03, 92}, + {1, 0x02, 195}, + {22, 0x03, 195}, + {1, 0x02, 208}, + {22, 0x03, 208}, + {0, 0x03, 128}, + {0, 0x03, 130}, + {0, 0x03, 131}, + {0, 0x03, 162}, + {0, 0x03, 184}, + {0, 0x03, 194}, + {0, 0x03, 224}, + {0, 0x03, 226}, + {108, 0x00, 0}, + {109, 0x00, 0}, + }, + /* 97 */ + { + {2, 0x02, 92}, + {9, 0x02, 92}, + {23, 0x02, 92}, + {40, 0x03, 92}, + {2, 0x02, 195}, + {9, 0x02, 195}, + {23, 0x02, 195}, + {40, 0x03, 195}, + {2, 0x02, 208}, + {9, 0x02, 208}, + {23, 0x02, 208}, + {40, 0x03, 208}, + {1, 0x02, 128}, + {22, 0x03, 128}, + {1, 0x02, 130}, + {22, 0x03, 130}, + }, + /* 98 */ + { + {3, 0x02, 92}, + {6, 0x02, 92}, + {10, 0x02, 92}, + {15, 0x02, 92}, + {24, 0x02, 92}, + {31, 0x02, 92}, + {41, 0x02, 92}, + {56, 0x03, 92}, + {3, 0x02, 195}, + {6, 0x02, 195}, + {10, 0x02, 195}, + {15, 0x02, 195}, + {24, 0x02, 195}, + {31, 0x02, 195}, + {41, 0x02, 195}, + {56, 0x03, 195}, + }, + /* 99 */ + { + {3, 0x02, 208}, + {6, 0x02, 208}, + {10, 0x02, 208}, + {15, 0x02, 208}, + {24, 0x02, 208}, + {31, 0x02, 208}, + {41, 0x02, 208}, + {56, 0x03, 208}, + {2, 0x02, 128}, + {9, 0x02, 128}, + {23, 0x02, 128}, + {40, 0x03, 128}, + {2, 0x02, 130}, + {9, 0x02, 130}, + {23, 0x02, 130}, + {40, 0x03, 130}, + }, + /* 100 */ + { + {3, 0x02, 128}, + {6, 0x02, 128}, + {10, 0x02, 128}, + {15, 0x02, 128}, + {24, 0x02, 128}, + {31, 0x02, 128}, + {41, 0x02, 128}, + {56, 0x03, 128}, + {3, 0x02, 130}, + {6, 0x02, 130}, + {10, 0x02, 130}, + {15, 0x02, 130}, + {24, 0x02, 130}, + {31, 0x02, 130}, + {41, 0x02, 130}, + {56, 0x03, 130}, + }, + /* 101 */ + { + {1, 0x02, 131}, + {22, 0x03, 131}, + {1, 0x02, 162}, + {22, 0x03, 162}, + {1, 0x02, 184}, + {22, 0x03, 184}, + {1, 0x02, 194}, + {22, 0x03, 194}, + {1, 0x02, 224}, + {22, 0x03, 224}, + {1, 0x02, 226}, + {22, 0x03, 226}, + {0, 0x03, 153}, + {0, 0x03, 161}, + {0, 0x03, 167}, + {0, 0x03, 172}, + }, + /* 102 */ + { + {2, 0x02, 131}, + {9, 0x02, 131}, + {23, 0x02, 131}, + {40, 0x03, 131}, + {2, 0x02, 162}, + {9, 0x02, 162}, + {23, 0x02, 162}, + {40, 0x03, 162}, + {2, 0x02, 184}, + {9, 0x02, 184}, + {23, 0x02, 184}, + {40, 0x03, 184}, + {2, 0x02, 194}, + {9, 0x02, 194}, + {23, 0x02, 194}, + {40, 0x03, 194}, + }, + /* 103 */ + { + {3, 0x02, 131}, + {6, 0x02, 131}, + {10, 0x02, 131}, + {15, 0x02, 131}, + {24, 0x02, 131}, + {31, 0x02, 131}, + {41, 0x02, 131}, + {56, 0x03, 131}, + {3, 0x02, 162}, + {6, 0x02, 162}, + {10, 0x02, 162}, + {15, 0x02, 162}, + {24, 0x02, 162}, + {31, 0x02, 162}, + {41, 0x02, 162}, + {56, 0x03, 162}, + }, + /* 104 */ + { + {3, 0x02, 184}, + {6, 0x02, 184}, + {10, 0x02, 184}, + {15, 0x02, 184}, + {24, 0x02, 184}, + {31, 0x02, 184}, + {41, 0x02, 184}, + {56, 0x03, 184}, + {3, 0x02, 194}, + {6, 0x02, 194}, + {10, 0x02, 194}, + {15, 0x02, 194}, + {24, 0x02, 194}, + {31, 0x02, 194}, + {41, 0x02, 194}, + {56, 0x03, 194}, + }, + /* 105 */ + { + {2, 0x02, 224}, + {9, 0x02, 224}, + {23, 0x02, 224}, + {40, 0x03, 224}, + {2, 0x02, 226}, + {9, 0x02, 226}, + {23, 0x02, 226}, + {40, 0x03, 226}, + {1, 0x02, 153}, + {22, 0x03, 153}, + {1, 0x02, 161}, + {22, 0x03, 161}, + {1, 0x02, 167}, + {22, 0x03, 167}, + {1, 0x02, 172}, + {22, 0x03, 172}, + }, + /* 106 */ + { + {3, 0x02, 224}, + {6, 0x02, 224}, + {10, 0x02, 224}, + {15, 0x02, 224}, + {24, 0x02, 224}, + {31, 0x02, 224}, + {41, 0x02, 224}, + {56, 0x03, 224}, + {3, 0x02, 226}, + {6, 0x02, 226}, + {10, 0x02, 226}, + {15, 0x02, 226}, + {24, 0x02, 226}, + {31, 0x02, 226}, + {41, 0x02, 226}, + {56, 0x03, 226}, + }, + /* 107 */ + { + {2, 0x02, 153}, + {9, 0x02, 153}, + {23, 0x02, 153}, + {40, 0x03, 153}, + {2, 0x02, 161}, + {9, 0x02, 161}, + {23, 0x02, 161}, + {40, 0x03, 161}, + {2, 0x02, 167}, + {9, 0x02, 167}, + {23, 0x02, 167}, + {40, 0x03, 167}, + {2, 0x02, 172}, + {9, 0x02, 172}, + {23, 0x02, 172}, + {40, 0x03, 172}, + }, + /* 108 */ + { + {3, 0x02, 153}, + {6, 0x02, 153}, + {10, 0x02, 153}, + {15, 0x02, 153}, + {24, 0x02, 153}, + {31, 0x02, 153}, + {41, 0x02, 153}, + {56, 0x03, 153}, + {3, 0x02, 161}, + {6, 0x02, 161}, + {10, 0x02, 161}, + {15, 0x02, 161}, + {24, 0x02, 161}, + {31, 0x02, 161}, + {41, 0x02, 161}, + {56, 0x03, 161}, + }, + /* 109 */ + { + {3, 0x02, 167}, + {6, 0x02, 167}, + {10, 0x02, 167}, + {15, 0x02, 167}, + {24, 0x02, 167}, + {31, 0x02, 167}, + {41, 0x02, 167}, + {56, 0x03, 167}, + {3, 0x02, 172}, + {6, 0x02, 172}, + {10, 0x02, 172}, + {15, 0x02, 172}, + {24, 0x02, 172}, + {31, 0x02, 172}, + {41, 0x02, 172}, + {56, 0x03, 172}, + }, + /* 110 */ + { + {114, 0x00, 0}, + {115, 0x00, 0}, + {117, 0x00, 0}, + {118, 0x00, 0}, + {121, 0x00, 0}, + {123, 0x00, 0}, + {127, 0x00, 0}, + {130, 0x00, 0}, + {136, 0x00, 0}, + {139, 0x00, 0}, + {143, 0x00, 0}, + {146, 0x00, 0}, + {155, 0x00, 0}, + {162, 0x00, 0}, + {170, 0x00, 0}, + {180, 0x00, 0}, + }, + /* 111 */ + { + {0, 0x03, 176}, + {0, 0x03, 177}, + {0, 0x03, 179}, + {0, 0x03, 209}, + {0, 0x03, 216}, + {0, 0x03, 217}, + {0, 0x03, 227}, + {0, 0x03, 229}, + {0, 0x03, 230}, + {122, 0x00, 0}, + {124, 0x00, 0}, + {125, 0x00, 0}, + {128, 0x00, 0}, + {129, 0x00, 0}, + {131, 0x00, 0}, + {132, 0x00, 0}, + }, + /* 112 */ + { + {1, 0x02, 176}, + {22, 0x03, 176}, + {1, 0x02, 177}, + {22, 0x03, 177}, + {1, 0x02, 179}, + {22, 0x03, 179}, + {1, 0x02, 209}, + {22, 0x03, 209}, + {1, 0x02, 216}, + {22, 0x03, 216}, + {1, 0x02, 217}, + {22, 0x03, 217}, + {1, 0x02, 227}, + {22, 0x03, 227}, + {1, 0x02, 229}, + {22, 0x03, 229}, + }, + /* 113 */ + { + {2, 0x02, 176}, + {9, 0x02, 176}, + {23, 0x02, 176}, + {40, 0x03, 176}, + {2, 0x02, 177}, + {9, 0x02, 177}, + {23, 0x02, 177}, + {40, 0x03, 177}, + {2, 0x02, 179}, + {9, 0x02, 179}, + {23, 0x02, 179}, + {40, 0x03, 179}, + {2, 0x02, 209}, + {9, 0x02, 209}, + {23, 0x02, 209}, + {40, 0x03, 209}, + }, + /* 114 */ + { + {3, 0x02, 176}, + {6, 0x02, 176}, + {10, 0x02, 176}, + {15, 0x02, 176}, + {24, 0x02, 176}, + {31, 0x02, 176}, + {41, 0x02, 176}, + {56, 0x03, 176}, + {3, 0x02, 177}, + {6, 0x02, 177}, + {10, 0x02, 177}, + {15, 0x02, 177}, + {24, 0x02, 177}, + {31, 0x02, 177}, + {41, 0x02, 177}, + {56, 0x03, 177}, + }, + /* 115 */ + { + {3, 0x02, 179}, + {6, 0x02, 179}, + {10, 0x02, 179}, + {15, 0x02, 179}, + {24, 0x02, 179}, + {31, 0x02, 179}, + {41, 0x02, 179}, + {56, 0x03, 179}, + {3, 0x02, 209}, + {6, 0x02, 209}, + {10, 0x02, 209}, + {15, 0x02, 209}, + {24, 0x02, 209}, + {31, 0x02, 209}, + {41, 0x02, 209}, + {56, 0x03, 209}, + }, + /* 116 */ + { + {2, 0x02, 216}, + {9, 0x02, 216}, + {23, 0x02, 216}, + {40, 0x03, 216}, + {2, 0x02, 217}, + {9, 0x02, 217}, + {23, 0x02, 217}, + {40, 0x03, 217}, + {2, 0x02, 227}, + {9, 0x02, 227}, + {23, 0x02, 227}, + {40, 0x03, 227}, + {2, 0x02, 229}, + {9, 0x02, 229}, + {23, 0x02, 229}, + {40, 0x03, 229}, + }, + /* 117 */ + { + {3, 0x02, 216}, + {6, 0x02, 216}, + {10, 0x02, 216}, + {15, 0x02, 216}, + {24, 0x02, 216}, + {31, 0x02, 216}, + {41, 0x02, 216}, + {56, 0x03, 216}, + {3, 0x02, 217}, + {6, 0x02, 217}, + {10, 0x02, 217}, + {15, 0x02, 217}, + {24, 0x02, 217}, + {31, 0x02, 217}, + {41, 0x02, 217}, + {56, 0x03, 217}, + }, + /* 118 */ + { + {3, 0x02, 227}, + {6, 0x02, 227}, + {10, 0x02, 227}, + {15, 0x02, 227}, + {24, 0x02, 227}, + {31, 0x02, 227}, + {41, 0x02, 227}, + {56, 0x03, 227}, + {3, 0x02, 229}, + {6, 0x02, 229}, + {10, 0x02, 229}, + {15, 0x02, 229}, + {24, 0x02, 229}, + {31, 0x02, 229}, + {41, 0x02, 229}, + {56, 0x03, 229}, + }, + /* 119 */ + { + {1, 0x02, 230}, + {22, 0x03, 230}, + {0, 0x03, 129}, + {0, 0x03, 132}, + {0, 0x03, 133}, + {0, 0x03, 134}, + {0, 0x03, 136}, + {0, 0x03, 146}, + {0, 0x03, 154}, + {0, 0x03, 156}, + {0, 0x03, 160}, + {0, 0x03, 163}, + {0, 0x03, 164}, + {0, 0x03, 169}, + {0, 0x03, 170}, + {0, 0x03, 173}, + }, + /* 120 */ + { + {2, 0x02, 230}, + {9, 0x02, 230}, + {23, 0x02, 230}, + {40, 0x03, 230}, + {1, 0x02, 129}, + {22, 0x03, 129}, + {1, 0x02, 132}, + {22, 0x03, 132}, + {1, 0x02, 133}, + {22, 0x03, 133}, + {1, 0x02, 134}, + {22, 0x03, 134}, + {1, 0x02, 136}, + {22, 0x03, 136}, + {1, 0x02, 146}, + {22, 0x03, 146}, + }, + /* 121 */ + { + {3, 0x02, 230}, + {6, 0x02, 230}, + {10, 0x02, 230}, + {15, 0x02, 230}, + {24, 0x02, 230}, + {31, 0x02, 230}, + {41, 0x02, 230}, + {56, 0x03, 230}, + {2, 0x02, 129}, + {9, 0x02, 129}, + {23, 0x02, 129}, + {40, 0x03, 129}, + {2, 0x02, 132}, + {9, 0x02, 132}, + {23, 0x02, 132}, + {40, 0x03, 132}, + }, + /* 122 */ + { + {3, 0x02, 129}, + {6, 0x02, 129}, + {10, 0x02, 129}, + {15, 0x02, 129}, + {24, 0x02, 129}, + {31, 0x02, 129}, + {41, 0x02, 129}, + {56, 0x03, 129}, + {3, 0x02, 132}, + {6, 0x02, 132}, + {10, 0x02, 132}, + {15, 0x02, 132}, + {24, 0x02, 132}, + {31, 0x02, 132}, + {41, 0x02, 132}, + {56, 0x03, 132}, + }, + /* 123 */ + { + {2, 0x02, 133}, + {9, 0x02, 133}, + {23, 0x02, 133}, + {40, 0x03, 133}, + {2, 0x02, 134}, + {9, 0x02, 134}, + {23, 0x02, 134}, + {40, 0x03, 134}, + {2, 0x02, 136}, + {9, 0x02, 136}, + {23, 0x02, 136}, + {40, 0x03, 136}, + {2, 0x02, 146}, + {9, 0x02, 146}, + {23, 0x02, 146}, + {40, 0x03, 146}, + }, + /* 124 */ + { + {3, 0x02, 133}, + {6, 0x02, 133}, + {10, 0x02, 133}, + {15, 0x02, 133}, + {24, 0x02, 133}, + {31, 0x02, 133}, + {41, 0x02, 133}, + {56, 0x03, 133}, + {3, 0x02, 134}, + {6, 0x02, 134}, + {10, 0x02, 134}, + {15, 0x02, 134}, + {24, 0x02, 134}, + {31, 0x02, 134}, + {41, 0x02, 134}, + {56, 0x03, 134}, + }, + /* 125 */ + { + {3, 0x02, 136}, + {6, 0x02, 136}, + {10, 0x02, 136}, + {15, 0x02, 136}, + {24, 0x02, 136}, + {31, 0x02, 136}, + {41, 0x02, 136}, + {56, 0x03, 136}, + {3, 0x02, 146}, + {6, 0x02, 146}, + {10, 0x02, 146}, + {15, 0x02, 146}, + {24, 0x02, 146}, + {31, 0x02, 146}, + {41, 0x02, 146}, + {56, 0x03, 146}, + }, + /* 126 */ + { + {1, 0x02, 154}, + {22, 0x03, 154}, + {1, 0x02, 156}, + {22, 0x03, 156}, + {1, 0x02, 160}, + {22, 0x03, 160}, + {1, 0x02, 163}, + {22, 0x03, 163}, + {1, 0x02, 164}, + {22, 0x03, 164}, + {1, 0x02, 169}, + {22, 0x03, 169}, + {1, 0x02, 170}, + {22, 0x03, 170}, + {1, 0x02, 173}, + {22, 0x03, 173}, + }, + /* 127 */ + { + {2, 0x02, 154}, + {9, 0x02, 154}, + {23, 0x02, 154}, + {40, 0x03, 154}, + {2, 0x02, 156}, + {9, 0x02, 156}, + {23, 0x02, 156}, + {40, 0x03, 156}, + {2, 0x02, 160}, + {9, 0x02, 160}, + {23, 0x02, 160}, + {40, 0x03, 160}, + {2, 0x02, 163}, + {9, 0x02, 163}, + {23, 0x02, 163}, + {40, 0x03, 163}, + }, + /* 128 */ + { + {3, 0x02, 154}, + {6, 0x02, 154}, + {10, 0x02, 154}, + {15, 0x02, 154}, + {24, 0x02, 154}, + {31, 0x02, 154}, + {41, 0x02, 154}, + {56, 0x03, 154}, + {3, 0x02, 156}, + {6, 0x02, 156}, + {10, 0x02, 156}, + {15, 0x02, 156}, + {24, 0x02, 156}, + {31, 0x02, 156}, + {41, 0x02, 156}, + {56, 0x03, 156}, + }, + /* 129 */ + { + {3, 0x02, 160}, + {6, 0x02, 160}, + {10, 0x02, 160}, + {15, 0x02, 160}, + {24, 0x02, 160}, + {31, 0x02, 160}, + {41, 0x02, 160}, + {56, 0x03, 160}, + {3, 0x02, 163}, + {6, 0x02, 163}, + {10, 0x02, 163}, + {15, 0x02, 163}, + {24, 0x02, 163}, + {31, 0x02, 163}, + {41, 0x02, 163}, + {56, 0x03, 163}, + }, + /* 130 */ + { + {2, 0x02, 164}, + {9, 0x02, 164}, + {23, 0x02, 164}, + {40, 0x03, 164}, + {2, 0x02, 169}, + {9, 0x02, 169}, + {23, 0x02, 169}, + {40, 0x03, 169}, + {2, 0x02, 170}, + {9, 0x02, 170}, + {23, 0x02, 170}, + {40, 0x03, 170}, + {2, 0x02, 173}, + {9, 0x02, 173}, + {23, 0x02, 173}, + {40, 0x03, 173}, + }, + /* 131 */ + { + {3, 0x02, 164}, + {6, 0x02, 164}, + {10, 0x02, 164}, + {15, 0x02, 164}, + {24, 0x02, 164}, + {31, 0x02, 164}, + {41, 0x02, 164}, + {56, 0x03, 164}, + {3, 0x02, 169}, + {6, 0x02, 169}, + {10, 0x02, 169}, + {15, 0x02, 169}, + {24, 0x02, 169}, + {31, 0x02, 169}, + {41, 0x02, 169}, + {56, 0x03, 169}, + }, + /* 132 */ + { + {3, 0x02, 170}, + {6, 0x02, 170}, + {10, 0x02, 170}, + {15, 0x02, 170}, + {24, 0x02, 170}, + {31, 0x02, 170}, + {41, 0x02, 170}, + {56, 0x03, 170}, + {3, 0x02, 173}, + {6, 0x02, 173}, + {10, 0x02, 173}, + {15, 0x02, 173}, + {24, 0x02, 173}, + {31, 0x02, 173}, + {41, 0x02, 173}, + {56, 0x03, 173}, + }, + /* 133 */ + { + {137, 0x00, 0}, + {138, 0x00, 0}, + {140, 0x00, 0}, + {141, 0x00, 0}, + {144, 0x00, 0}, + {145, 0x00, 0}, + {147, 0x00, 0}, + {150, 0x00, 0}, + {156, 0x00, 0}, + {159, 0x00, 0}, + {163, 0x00, 0}, + {166, 0x00, 0}, + {171, 0x00, 0}, + {174, 0x00, 0}, + {181, 0x00, 0}, + {190, 0x00, 0}, + }, + /* 134 */ + { + {0, 0x03, 178}, + {0, 0x03, 181}, + {0, 0x03, 185}, + {0, 0x03, 186}, + {0, 0x03, 187}, + {0, 0x03, 189}, + {0, 0x03, 190}, + {0, 0x03, 196}, + {0, 0x03, 198}, + {0, 0x03, 228}, + {0, 0x03, 232}, + {0, 0x03, 233}, + {148, 0x00, 0}, + {149, 0x00, 0}, + {151, 0x00, 0}, + {152, 0x00, 0}, + }, + /* 135 */ + { + {1, 0x02, 178}, + {22, 0x03, 178}, + {1, 0x02, 181}, + {22, 0x03, 181}, + {1, 0x02, 185}, + {22, 0x03, 185}, + {1, 0x02, 186}, + {22, 0x03, 186}, + {1, 0x02, 187}, + {22, 0x03, 187}, + {1, 0x02, 189}, + {22, 0x03, 189}, + {1, 0x02, 190}, + {22, 0x03, 190}, + {1, 0x02, 196}, + {22, 0x03, 196}, + }, + /* 136 */ + { + {2, 0x02, 178}, + {9, 0x02, 178}, + {23, 0x02, 178}, + {40, 0x03, 178}, + {2, 0x02, 181}, + {9, 0x02, 181}, + {23, 0x02, 181}, + {40, 0x03, 181}, + {2, 0x02, 185}, + {9, 0x02, 185}, + {23, 0x02, 185}, + {40, 0x03, 185}, + {2, 0x02, 186}, + {9, 0x02, 186}, + {23, 0x02, 186}, + {40, 0x03, 186}, + }, + /* 137 */ + { + {3, 0x02, 178}, + {6, 0x02, 178}, + {10, 0x02, 178}, + {15, 0x02, 178}, + {24, 0x02, 178}, + {31, 0x02, 178}, + {41, 0x02, 178}, + {56, 0x03, 178}, + {3, 0x02, 181}, + {6, 0x02, 181}, + {10, 0x02, 181}, + {15, 0x02, 181}, + {24, 0x02, 181}, + {31, 0x02, 181}, + {41, 0x02, 181}, + {56, 0x03, 181}, + }, + /* 138 */ + { + {3, 0x02, 185}, + {6, 0x02, 185}, + {10, 0x02, 185}, + {15, 0x02, 185}, + {24, 0x02, 185}, + {31, 0x02, 185}, + {41, 0x02, 185}, + {56, 0x03, 185}, + {3, 0x02, 186}, + {6, 0x02, 186}, + {10, 0x02, 186}, + {15, 0x02, 186}, + {24, 0x02, 186}, + {31, 0x02, 186}, + {41, 0x02, 186}, + {56, 0x03, 186}, + }, + /* 139 */ + { + {2, 0x02, 187}, + {9, 0x02, 187}, + {23, 0x02, 187}, + {40, 0x03, 187}, + {2, 0x02, 189}, + {9, 0x02, 189}, + {23, 0x02, 189}, + {40, 0x03, 189}, + {2, 0x02, 190}, + {9, 0x02, 190}, + {23, 0x02, 190}, + {40, 0x03, 190}, + {2, 0x02, 196}, + {9, 0x02, 196}, + {23, 0x02, 196}, + {40, 0x03, 196}, + }, + /* 140 */ + { + {3, 0x02, 187}, + {6, 0x02, 187}, + {10, 0x02, 187}, + {15, 0x02, 187}, + {24, 0x02, 187}, + {31, 0x02, 187}, + {41, 0x02, 187}, + {56, 0x03, 187}, + {3, 0x02, 189}, + {6, 0x02, 189}, + {10, 0x02, 189}, + {15, 0x02, 189}, + {24, 0x02, 189}, + {31, 0x02, 189}, + {41, 0x02, 189}, + {56, 0x03, 189}, + }, + /* 141 */ + { + {3, 0x02, 190}, + {6, 0x02, 190}, + {10, 0x02, 190}, + {15, 0x02, 190}, + {24, 0x02, 190}, + {31, 0x02, 190}, + {41, 0x02, 190}, + {56, 0x03, 190}, + {3, 0x02, 196}, + {6, 0x02, 196}, + {10, 0x02, 196}, + {15, 0x02, 196}, + {24, 0x02, 196}, + {31, 0x02, 196}, + {41, 0x02, 196}, + {56, 0x03, 196}, + }, + /* 142 */ + { + {1, 0x02, 198}, + {22, 0x03, 198}, + {1, 0x02, 228}, + {22, 0x03, 228}, + {1, 0x02, 232}, + {22, 0x03, 232}, + {1, 0x02, 233}, + {22, 0x03, 233}, + {0, 0x03, 1}, + {0, 0x03, 135}, + {0, 0x03, 137}, + {0, 0x03, 138}, + {0, 0x03, 139}, + {0, 0x03, 140}, + {0, 0x03, 141}, + {0, 0x03, 143}, + }, + /* 143 */ + { + {2, 0x02, 198}, + {9, 0x02, 198}, + {23, 0x02, 198}, + {40, 0x03, 198}, + {2, 0x02, 228}, + {9, 0x02, 228}, + {23, 0x02, 228}, + {40, 0x03, 228}, + {2, 0x02, 232}, + {9, 0x02, 232}, + {23, 0x02, 232}, + {40, 0x03, 232}, + {2, 0x02, 233}, + {9, 0x02, 233}, + {23, 0x02, 233}, + {40, 0x03, 233}, + }, + /* 144 */ + { + {3, 0x02, 198}, + {6, 0x02, 198}, + {10, 0x02, 198}, + {15, 0x02, 198}, + {24, 0x02, 198}, + {31, 0x02, 198}, + {41, 0x02, 198}, + {56, 0x03, 198}, + {3, 0x02, 228}, + {6, 0x02, 228}, + {10, 0x02, 228}, + {15, 0x02, 228}, + {24, 0x02, 228}, + {31, 0x02, 228}, + {41, 0x02, 228}, + {56, 0x03, 228}, + }, + /* 145 */ + { + {3, 0x02, 232}, + {6, 0x02, 232}, + {10, 0x02, 232}, + {15, 0x02, 232}, + {24, 0x02, 232}, + {31, 0x02, 232}, + {41, 0x02, 232}, + {56, 0x03, 232}, + {3, 0x02, 233}, + {6, 0x02, 233}, + {10, 0x02, 233}, + {15, 0x02, 233}, + {24, 0x02, 233}, + {31, 0x02, 233}, + {41, 0x02, 233}, + {56, 0x03, 233}, + }, + /* 146 */ + { + {1, 0x02, 1}, + {22, 0x03, 1}, + {1, 0x02, 135}, + {22, 0x03, 135}, + {1, 0x02, 137}, + {22, 0x03, 137}, + {1, 0x02, 138}, + {22, 0x03, 138}, + {1, 0x02, 139}, + {22, 0x03, 139}, + {1, 0x02, 140}, + {22, 0x03, 140}, + {1, 0x02, 141}, + {22, 0x03, 141}, + {1, 0x02, 143}, + {22, 0x03, 143}, + }, + /* 147 */ + { + {2, 0x02, 1}, + {9, 0x02, 1}, + {23, 0x02, 1}, + {40, 0x03, 1}, + {2, 0x02, 135}, + {9, 0x02, 135}, + {23, 0x02, 135}, + {40, 0x03, 135}, + {2, 0x02, 137}, + {9, 0x02, 137}, + {23, 0x02, 137}, + {40, 0x03, 137}, + {2, 0x02, 138}, + {9, 0x02, 138}, + {23, 0x02, 138}, + {40, 0x03, 138}, + }, + /* 148 */ + { + {3, 0x02, 1}, + {6, 0x02, 1}, + {10, 0x02, 1}, + {15, 0x02, 1}, + {24, 0x02, 1}, + {31, 0x02, 1}, + {41, 0x02, 1}, + {56, 0x03, 1}, + {3, 0x02, 135}, + {6, 0x02, 135}, + {10, 0x02, 135}, + {15, 0x02, 135}, + {24, 0x02, 135}, + {31, 0x02, 135}, + {41, 0x02, 135}, + {56, 0x03, 135}, + }, + /* 149 */ + { + {3, 0x02, 137}, + {6, 0x02, 137}, + {10, 0x02, 137}, + {15, 0x02, 137}, + {24, 0x02, 137}, + {31, 0x02, 137}, + {41, 0x02, 137}, + {56, 0x03, 137}, + {3, 0x02, 138}, + {6, 0x02, 138}, + {10, 0x02, 138}, + {15, 0x02, 138}, + {24, 0x02, 138}, + {31, 0x02, 138}, + {41, 0x02, 138}, + {56, 0x03, 138}, + }, + /* 150 */ + { + {2, 0x02, 139}, + {9, 0x02, 139}, + {23, 0x02, 139}, + {40, 0x03, 139}, + {2, 0x02, 140}, + {9, 0x02, 140}, + {23, 0x02, 140}, + {40, 0x03, 140}, + {2, 0x02, 141}, + {9, 0x02, 141}, + {23, 0x02, 141}, + {40, 0x03, 141}, + {2, 0x02, 143}, + {9, 0x02, 143}, + {23, 0x02, 143}, + {40, 0x03, 143}, + }, + /* 151 */ + { + {3, 0x02, 139}, + {6, 0x02, 139}, + {10, 0x02, 139}, + {15, 0x02, 139}, + {24, 0x02, 139}, + {31, 0x02, 139}, + {41, 0x02, 139}, + {56, 0x03, 139}, + {3, 0x02, 140}, + {6, 0x02, 140}, + {10, 0x02, 140}, + {15, 0x02, 140}, + {24, 0x02, 140}, + {31, 0x02, 140}, + {41, 0x02, 140}, + {56, 0x03, 140}, + }, + /* 152 */ + { + {3, 0x02, 141}, + {6, 0x02, 141}, + {10, 0x02, 141}, + {15, 0x02, 141}, + {24, 0x02, 141}, + {31, 0x02, 141}, + {41, 0x02, 141}, + {56, 0x03, 141}, + {3, 0x02, 143}, + {6, 0x02, 143}, + {10, 0x02, 143}, + {15, 0x02, 143}, + {24, 0x02, 143}, + {31, 0x02, 143}, + {41, 0x02, 143}, + {56, 0x03, 143}, + }, + /* 153 */ + { + {157, 0x00, 0}, + {158, 0x00, 0}, + {160, 0x00, 0}, + {161, 0x00, 0}, + {164, 0x00, 0}, + {165, 0x00, 0}, + {167, 0x00, 0}, + {168, 0x00, 0}, + {172, 0x00, 0}, + {173, 0x00, 0}, + {175, 0x00, 0}, + {177, 0x00, 0}, + {182, 0x00, 0}, + {185, 0x00, 0}, + {191, 0x00, 0}, + {207, 0x00, 0}, + }, + /* 154 */ + { + {0, 0x03, 147}, + {0, 0x03, 149}, + {0, 0x03, 150}, + {0, 0x03, 151}, + {0, 0x03, 152}, + {0, 0x03, 155}, + {0, 0x03, 157}, + {0, 0x03, 158}, + {0, 0x03, 165}, + {0, 0x03, 166}, + {0, 0x03, 168}, + {0, 0x03, 174}, + {0, 0x03, 175}, + {0, 0x03, 180}, + {0, 0x03, 182}, + {0, 0x03, 183}, + }, + /* 155 */ + { + {1, 0x02, 147}, + {22, 0x03, 147}, + {1, 0x02, 149}, + {22, 0x03, 149}, + {1, 0x02, 150}, + {22, 0x03, 150}, + {1, 0x02, 151}, + {22, 0x03, 151}, + {1, 0x02, 152}, + {22, 0x03, 152}, + {1, 0x02, 155}, + {22, 0x03, 155}, + {1, 0x02, 157}, + {22, 0x03, 157}, + {1, 0x02, 158}, + {22, 0x03, 158}, + }, + /* 156 */ + { + {2, 0x02, 147}, + {9, 0x02, 147}, + {23, 0x02, 147}, + {40, 0x03, 147}, + {2, 0x02, 149}, + {9, 0x02, 149}, + {23, 0x02, 149}, + {40, 0x03, 149}, + {2, 0x02, 150}, + {9, 0x02, 150}, + {23, 0x02, 150}, + {40, 0x03, 150}, + {2, 0x02, 151}, + {9, 0x02, 151}, + {23, 0x02, 151}, + {40, 0x03, 151}, + }, + /* 157 */ + { + {3, 0x02, 147}, + {6, 0x02, 147}, + {10, 0x02, 147}, + {15, 0x02, 147}, + {24, 0x02, 147}, + {31, 0x02, 147}, + {41, 0x02, 147}, + {56, 0x03, 147}, + {3, 0x02, 149}, + {6, 0x02, 149}, + {10, 0x02, 149}, + {15, 0x02, 149}, + {24, 0x02, 149}, + {31, 0x02, 149}, + {41, 0x02, 149}, + {56, 0x03, 149}, + }, + /* 158 */ + { + {3, 0x02, 150}, + {6, 0x02, 150}, + {10, 0x02, 150}, + {15, 0x02, 150}, + {24, 0x02, 150}, + {31, 0x02, 150}, + {41, 0x02, 150}, + {56, 0x03, 150}, + {3, 0x02, 151}, + {6, 0x02, 151}, + {10, 0x02, 151}, + {15, 0x02, 151}, + {24, 0x02, 151}, + {31, 0x02, 151}, + {41, 0x02, 151}, + {56, 0x03, 151}, + }, + /* 159 */ + { + {2, 0x02, 152}, + {9, 0x02, 152}, + {23, 0x02, 152}, + {40, 0x03, 152}, + {2, 0x02, 155}, + {9, 0x02, 155}, + {23, 0x02, 155}, + {40, 0x03, 155}, + {2, 0x02, 157}, + {9, 0x02, 157}, + {23, 0x02, 157}, + {40, 0x03, 157}, + {2, 0x02, 158}, + {9, 0x02, 158}, + {23, 0x02, 158}, + {40, 0x03, 158}, + }, + /* 160 */ + { + {3, 0x02, 152}, + {6, 0x02, 152}, + {10, 0x02, 152}, + {15, 0x02, 152}, + {24, 0x02, 152}, + {31, 0x02, 152}, + {41, 0x02, 152}, + {56, 0x03, 152}, + {3, 0x02, 155}, + {6, 0x02, 155}, + {10, 0x02, 155}, + {15, 0x02, 155}, + {24, 0x02, 155}, + {31, 0x02, 155}, + {41, 0x02, 155}, + {56, 0x03, 155}, + }, + /* 161 */ + { + {3, 0x02, 157}, + {6, 0x02, 157}, + {10, 0x02, 157}, + {15, 0x02, 157}, + {24, 0x02, 157}, + {31, 0x02, 157}, + {41, 0x02, 157}, + {56, 0x03, 157}, + {3, 0x02, 158}, + {6, 0x02, 158}, + {10, 0x02, 158}, + {15, 0x02, 158}, + {24, 0x02, 158}, + {31, 0x02, 158}, + {41, 0x02, 158}, + {56, 0x03, 158}, + }, + /* 162 */ + { + {1, 0x02, 165}, + {22, 0x03, 165}, + {1, 0x02, 166}, + {22, 0x03, 166}, + {1, 0x02, 168}, + {22, 0x03, 168}, + {1, 0x02, 174}, + {22, 0x03, 174}, + {1, 0x02, 175}, + {22, 0x03, 175}, + {1, 0x02, 180}, + {22, 0x03, 180}, + {1, 0x02, 182}, + {22, 0x03, 182}, + {1, 0x02, 183}, + {22, 0x03, 183}, + }, + /* 163 */ + { + {2, 0x02, 165}, + {9, 0x02, 165}, + {23, 0x02, 165}, + {40, 0x03, 165}, + {2, 0x02, 166}, + {9, 0x02, 166}, + {23, 0x02, 166}, + {40, 0x03, 166}, + {2, 0x02, 168}, + {9, 0x02, 168}, + {23, 0x02, 168}, + {40, 0x03, 168}, + {2, 0x02, 174}, + {9, 0x02, 174}, + {23, 0x02, 174}, + {40, 0x03, 174}, + }, + /* 164 */ + { + {3, 0x02, 165}, + {6, 0x02, 165}, + {10, 0x02, 165}, + {15, 0x02, 165}, + {24, 0x02, 165}, + {31, 0x02, 165}, + {41, 0x02, 165}, + {56, 0x03, 165}, + {3, 0x02, 166}, + {6, 0x02, 166}, + {10, 0x02, 166}, + {15, 0x02, 166}, + {24, 0x02, 166}, + {31, 0x02, 166}, + {41, 0x02, 166}, + {56, 0x03, 166}, + }, + /* 165 */ + { + {3, 0x02, 168}, + {6, 0x02, 168}, + {10, 0x02, 168}, + {15, 0x02, 168}, + {24, 0x02, 168}, + {31, 0x02, 168}, + {41, 0x02, 168}, + {56, 0x03, 168}, + {3, 0x02, 174}, + {6, 0x02, 174}, + {10, 0x02, 174}, + {15, 0x02, 174}, + {24, 0x02, 174}, + {31, 0x02, 174}, + {41, 0x02, 174}, + {56, 0x03, 174}, + }, + /* 166 */ + { + {2, 0x02, 175}, + {9, 0x02, 175}, + {23, 0x02, 175}, + {40, 0x03, 175}, + {2, 0x02, 180}, + {9, 0x02, 180}, + {23, 0x02, 180}, + {40, 0x03, 180}, + {2, 0x02, 182}, + {9, 0x02, 182}, + {23, 0x02, 182}, + {40, 0x03, 182}, + {2, 0x02, 183}, + {9, 0x02, 183}, + {23, 0x02, 183}, + {40, 0x03, 183}, + }, + /* 167 */ + { + {3, 0x02, 175}, + {6, 0x02, 175}, + {10, 0x02, 175}, + {15, 0x02, 175}, + {24, 0x02, 175}, + {31, 0x02, 175}, + {41, 0x02, 175}, + {56, 0x03, 175}, + {3, 0x02, 180}, + {6, 0x02, 180}, + {10, 0x02, 180}, + {15, 0x02, 180}, + {24, 0x02, 180}, + {31, 0x02, 180}, + {41, 0x02, 180}, + {56, 0x03, 180}, + }, + /* 168 */ + { + {3, 0x02, 182}, + {6, 0x02, 182}, + {10, 0x02, 182}, + {15, 0x02, 182}, + {24, 0x02, 182}, + {31, 0x02, 182}, + {41, 0x02, 182}, + {56, 0x03, 182}, + {3, 0x02, 183}, + {6, 0x02, 183}, + {10, 0x02, 183}, + {15, 0x02, 183}, + {24, 0x02, 183}, + {31, 0x02, 183}, + {41, 0x02, 183}, + {56, 0x03, 183}, + }, + /* 169 */ + { + {0, 0x03, 188}, + {0, 0x03, 191}, + {0, 0x03, 197}, + {0, 0x03, 231}, + {0, 0x03, 239}, + {176, 0x00, 0}, + {178, 0x00, 0}, + {179, 0x00, 0}, + {183, 0x00, 0}, + {184, 0x00, 0}, + {186, 0x00, 0}, + {187, 0x00, 0}, + {192, 0x00, 0}, + {199, 0x00, 0}, + {208, 0x00, 0}, + {223, 0x00, 0}, + }, + /* 170 */ + { + {1, 0x02, 188}, + {22, 0x03, 188}, + {1, 0x02, 191}, + {22, 0x03, 191}, + {1, 0x02, 197}, + {22, 0x03, 197}, + {1, 0x02, 231}, + {22, 0x03, 231}, + {1, 0x02, 239}, + {22, 0x03, 239}, + {0, 0x03, 9}, + {0, 0x03, 142}, + {0, 0x03, 144}, + {0, 0x03, 145}, + {0, 0x03, 148}, + {0, 0x03, 159}, + }, + /* 171 */ + { + {2, 0x02, 188}, + {9, 0x02, 188}, + {23, 0x02, 188}, + {40, 0x03, 188}, + {2, 0x02, 191}, + {9, 0x02, 191}, + {23, 0x02, 191}, + {40, 0x03, 191}, + {2, 0x02, 197}, + {9, 0x02, 197}, + {23, 0x02, 197}, + {40, 0x03, 197}, + {2, 0x02, 231}, + {9, 0x02, 231}, + {23, 0x02, 231}, + {40, 0x03, 231}, + }, + /* 172 */ + { + {3, 0x02, 188}, + {6, 0x02, 188}, + {10, 0x02, 188}, + {15, 0x02, 188}, + {24, 0x02, 188}, + {31, 0x02, 188}, + {41, 0x02, 188}, + {56, 0x03, 188}, + {3, 0x02, 191}, + {6, 0x02, 191}, + {10, 0x02, 191}, + {15, 0x02, 191}, + {24, 0x02, 191}, + {31, 0x02, 191}, + {41, 0x02, 191}, + {56, 0x03, 191}, + }, + /* 173 */ + { + {3, 0x02, 197}, + {6, 0x02, 197}, + {10, 0x02, 197}, + {15, 0x02, 197}, + {24, 0x02, 197}, + {31, 0x02, 197}, + {41, 0x02, 197}, + {56, 0x03, 197}, + {3, 0x02, 231}, + {6, 0x02, 231}, + {10, 0x02, 231}, + {15, 0x02, 231}, + {24, 0x02, 231}, + {31, 0x02, 231}, + {41, 0x02, 231}, + {56, 0x03, 231}, + }, + /* 174 */ + { + {2, 0x02, 239}, + {9, 0x02, 239}, + {23, 0x02, 239}, + {40, 0x03, 239}, + {1, 0x02, 9}, + {22, 0x03, 9}, + {1, 0x02, 142}, + {22, 0x03, 142}, + {1, 0x02, 144}, + {22, 0x03, 144}, + {1, 0x02, 145}, + {22, 0x03, 145}, + {1, 0x02, 148}, + {22, 0x03, 148}, + {1, 0x02, 159}, + {22, 0x03, 159}, + }, + /* 175 */ + { + {3, 0x02, 239}, + {6, 0x02, 239}, + {10, 0x02, 239}, + {15, 0x02, 239}, + {24, 0x02, 239}, + {31, 0x02, 239}, + {41, 0x02, 239}, + {56, 0x03, 239}, + {2, 0x02, 9}, + {9, 0x02, 9}, + {23, 0x02, 9}, + {40, 0x03, 9}, + {2, 0x02, 142}, + {9, 0x02, 142}, + {23, 0x02, 142}, + {40, 0x03, 142}, + }, + /* 176 */ + { + {3, 0x02, 9}, + {6, 0x02, 9}, + {10, 0x02, 9}, + {15, 0x02, 9}, + {24, 0x02, 9}, + {31, 0x02, 9}, + {41, 0x02, 9}, + {56, 0x03, 9}, + {3, 0x02, 142}, + {6, 0x02, 142}, + {10, 0x02, 142}, + {15, 0x02, 142}, + {24, 0x02, 142}, + {31, 0x02, 142}, + {41, 0x02, 142}, + {56, 0x03, 142}, + }, + /* 177 */ + { + {2, 0x02, 144}, + {9, 0x02, 144}, + {23, 0x02, 144}, + {40, 0x03, 144}, + {2, 0x02, 145}, + {9, 0x02, 145}, + {23, 0x02, 145}, + {40, 0x03, 145}, + {2, 0x02, 148}, + {9, 0x02, 148}, + {23, 0x02, 148}, + {40, 0x03, 148}, + {2, 0x02, 159}, + {9, 0x02, 159}, + {23, 0x02, 159}, + {40, 0x03, 159}, + }, + /* 178 */ + { + {3, 0x02, 144}, + {6, 0x02, 144}, + {10, 0x02, 144}, + {15, 0x02, 144}, + {24, 0x02, 144}, + {31, 0x02, 144}, + {41, 0x02, 144}, + {56, 0x03, 144}, + {3, 0x02, 145}, + {6, 0x02, 145}, + {10, 0x02, 145}, + {15, 0x02, 145}, + {24, 0x02, 145}, + {31, 0x02, 145}, + {41, 0x02, 145}, + {56, 0x03, 145}, + }, + /* 179 */ + { + {3, 0x02, 148}, + {6, 0x02, 148}, + {10, 0x02, 148}, + {15, 0x02, 148}, + {24, 0x02, 148}, + {31, 0x02, 148}, + {41, 0x02, 148}, + {56, 0x03, 148}, + {3, 0x02, 159}, + {6, 0x02, 159}, + {10, 0x02, 159}, + {15, 0x02, 159}, + {24, 0x02, 159}, + {31, 0x02, 159}, + {41, 0x02, 159}, + {56, 0x03, 159}, + }, + /* 180 */ + { + {0, 0x03, 171}, + {0, 0x03, 206}, + {0, 0x03, 215}, + {0, 0x03, 225}, + {0, 0x03, 236}, + {0, 0x03, 237}, + {188, 0x00, 0}, + {189, 0x00, 0}, + {193, 0x00, 0}, + {196, 0x00, 0}, + {200, 0x00, 0}, + {203, 0x00, 0}, + {209, 0x00, 0}, + {216, 0x00, 0}, + {224, 0x00, 0}, + {238, 0x00, 0}, + }, + /* 181 */ + { + {1, 0x02, 171}, + {22, 0x03, 171}, + {1, 0x02, 206}, + {22, 0x03, 206}, + {1, 0x02, 215}, + {22, 0x03, 215}, + {1, 0x02, 225}, + {22, 0x03, 225}, + {1, 0x02, 236}, + {22, 0x03, 236}, + {1, 0x02, 237}, + {22, 0x03, 237}, + {0, 0x03, 199}, + {0, 0x03, 207}, + {0, 0x03, 234}, + {0, 0x03, 235}, + }, + /* 182 */ + { + {2, 0x02, 171}, + {9, 0x02, 171}, + {23, 0x02, 171}, + {40, 0x03, 171}, + {2, 0x02, 206}, + {9, 0x02, 206}, + {23, 0x02, 206}, + {40, 0x03, 206}, + {2, 0x02, 215}, + {9, 0x02, 215}, + {23, 0x02, 215}, + {40, 0x03, 215}, + {2, 0x02, 225}, + {9, 0x02, 225}, + {23, 0x02, 225}, + {40, 0x03, 225}, + }, + /* 183 */ + { + {3, 0x02, 171}, + {6, 0x02, 171}, + {10, 0x02, 171}, + {15, 0x02, 171}, + {24, 0x02, 171}, + {31, 0x02, 171}, + {41, 0x02, 171}, + {56, 0x03, 171}, + {3, 0x02, 206}, + {6, 0x02, 206}, + {10, 0x02, 206}, + {15, 0x02, 206}, + {24, 0x02, 206}, + {31, 0x02, 206}, + {41, 0x02, 206}, + {56, 0x03, 206}, + }, + /* 184 */ + { + {3, 0x02, 215}, + {6, 0x02, 215}, + {10, 0x02, 215}, + {15, 0x02, 215}, + {24, 0x02, 215}, + {31, 0x02, 215}, + {41, 0x02, 215}, + {56, 0x03, 215}, + {3, 0x02, 225}, + {6, 0x02, 225}, + {10, 0x02, 225}, + {15, 0x02, 225}, + {24, 0x02, 225}, + {31, 0x02, 225}, + {41, 0x02, 225}, + {56, 0x03, 225}, + }, + /* 185 */ + { + {2, 0x02, 236}, + {9, 0x02, 236}, + {23, 0x02, 236}, + {40, 0x03, 236}, + {2, 0x02, 237}, + {9, 0x02, 237}, + {23, 0x02, 237}, + {40, 0x03, 237}, + {1, 0x02, 199}, + {22, 0x03, 199}, + {1, 0x02, 207}, + {22, 0x03, 207}, + {1, 0x02, 234}, + {22, 0x03, 234}, + {1, 0x02, 235}, + {22, 0x03, 235}, + }, + /* 186 */ + { + {3, 0x02, 236}, + {6, 0x02, 236}, + {10, 0x02, 236}, + {15, 0x02, 236}, + {24, 0x02, 236}, + {31, 0x02, 236}, + {41, 0x02, 236}, + {56, 0x03, 236}, + {3, 0x02, 237}, + {6, 0x02, 237}, + {10, 0x02, 237}, + {15, 0x02, 237}, + {24, 0x02, 237}, + {31, 0x02, 237}, + {41, 0x02, 237}, + {56, 0x03, 237}, + }, + /* 187 */ + { + {2, 0x02, 199}, + {9, 0x02, 199}, + {23, 0x02, 199}, + {40, 0x03, 199}, + {2, 0x02, 207}, + {9, 0x02, 207}, + {23, 0x02, 207}, + {40, 0x03, 207}, + {2, 0x02, 234}, + {9, 0x02, 234}, + {23, 0x02, 234}, + {40, 0x03, 234}, + {2, 0x02, 235}, + {9, 0x02, 235}, + {23, 0x02, 235}, + {40, 0x03, 235}, + }, + /* 188 */ + { + {3, 0x02, 199}, + {6, 0x02, 199}, + {10, 0x02, 199}, + {15, 0x02, 199}, + {24, 0x02, 199}, + {31, 0x02, 199}, + {41, 0x02, 199}, + {56, 0x03, 199}, + {3, 0x02, 207}, + {6, 0x02, 207}, + {10, 0x02, 207}, + {15, 0x02, 207}, + {24, 0x02, 207}, + {31, 0x02, 207}, + {41, 0x02, 207}, + {56, 0x03, 207}, + }, + /* 189 */ + { + {3, 0x02, 234}, + {6, 0x02, 234}, + {10, 0x02, 234}, + {15, 0x02, 234}, + {24, 0x02, 234}, + {31, 0x02, 234}, + {41, 0x02, 234}, + {56, 0x03, 234}, + {3, 0x02, 235}, + {6, 0x02, 235}, + {10, 0x02, 235}, + {15, 0x02, 235}, + {24, 0x02, 235}, + {31, 0x02, 235}, + {41, 0x02, 235}, + {56, 0x03, 235}, + }, + /* 190 */ + { + {194, 0x00, 0}, + {195, 0x00, 0}, + {197, 0x00, 0}, + {198, 0x00, 0}, + {201, 0x00, 0}, + {202, 0x00, 0}, + {204, 0x00, 0}, + {205, 0x00, 0}, + {210, 0x00, 0}, + {213, 0x00, 0}, + {217, 0x00, 0}, + {220, 0x00, 0}, + {225, 0x00, 0}, + {231, 0x00, 0}, + {239, 0x00, 0}, + {246, 0x00, 0}, + }, + /* 191 */ + { + {0, 0x03, 192}, + {0, 0x03, 193}, + {0, 0x03, 200}, + {0, 0x03, 201}, + {0, 0x03, 202}, + {0, 0x03, 205}, + {0, 0x03, 210}, + {0, 0x03, 213}, + {0, 0x03, 218}, + {0, 0x03, 219}, + {0, 0x03, 238}, + {0, 0x03, 240}, + {0, 0x03, 242}, + {0, 0x03, 243}, + {0, 0x03, 255}, + {206, 0x00, 0}, + }, + /* 192 */ + { + {1, 0x02, 192}, + {22, 0x03, 192}, + {1, 0x02, 193}, + {22, 0x03, 193}, + {1, 0x02, 200}, + {22, 0x03, 200}, + {1, 0x02, 201}, + {22, 0x03, 201}, + {1, 0x02, 202}, + {22, 0x03, 202}, + {1, 0x02, 205}, + {22, 0x03, 205}, + {1, 0x02, 210}, + {22, 0x03, 210}, + {1, 0x02, 213}, + {22, 0x03, 213}, + }, + /* 193 */ + { + {2, 0x02, 192}, + {9, 0x02, 192}, + {23, 0x02, 192}, + {40, 0x03, 192}, + {2, 0x02, 193}, + {9, 0x02, 193}, + {23, 0x02, 193}, + {40, 0x03, 193}, + {2, 0x02, 200}, + {9, 0x02, 200}, + {23, 0x02, 200}, + {40, 0x03, 200}, + {2, 0x02, 201}, + {9, 0x02, 201}, + {23, 0x02, 201}, + {40, 0x03, 201}, + }, + /* 194 */ + { + {3, 0x02, 192}, + {6, 0x02, 192}, + {10, 0x02, 192}, + {15, 0x02, 192}, + {24, 0x02, 192}, + {31, 0x02, 192}, + {41, 0x02, 192}, + {56, 0x03, 192}, + {3, 0x02, 193}, + {6, 0x02, 193}, + {10, 0x02, 193}, + {15, 0x02, 193}, + {24, 0x02, 193}, + {31, 0x02, 193}, + {41, 0x02, 193}, + {56, 0x03, 193}, + }, + /* 195 */ + { + {3, 0x02, 200}, + {6, 0x02, 200}, + {10, 0x02, 200}, + {15, 0x02, 200}, + {24, 0x02, 200}, + {31, 0x02, 200}, + {41, 0x02, 200}, + {56, 0x03, 200}, + {3, 0x02, 201}, + {6, 0x02, 201}, + {10, 0x02, 201}, + {15, 0x02, 201}, + {24, 0x02, 201}, + {31, 0x02, 201}, + {41, 0x02, 201}, + {56, 0x03, 201}, + }, + /* 196 */ + { + {2, 0x02, 202}, + {9, 0x02, 202}, + {23, 0x02, 202}, + {40, 0x03, 202}, + {2, 0x02, 205}, + {9, 0x02, 205}, + {23, 0x02, 205}, + {40, 0x03, 205}, + {2, 0x02, 210}, + {9, 0x02, 210}, + {23, 0x02, 210}, + {40, 0x03, 210}, + {2, 0x02, 213}, + {9, 0x02, 213}, + {23, 0x02, 213}, + {40, 0x03, 213}, + }, + /* 197 */ + { + {3, 0x02, 202}, + {6, 0x02, 202}, + {10, 0x02, 202}, + {15, 0x02, 202}, + {24, 0x02, 202}, + {31, 0x02, 202}, + {41, 0x02, 202}, + {56, 0x03, 202}, + {3, 0x02, 205}, + {6, 0x02, 205}, + {10, 0x02, 205}, + {15, 0x02, 205}, + {24, 0x02, 205}, + {31, 0x02, 205}, + {41, 0x02, 205}, + {56, 0x03, 205}, + }, + /* 198 */ + { + {3, 0x02, 210}, + {6, 0x02, 210}, + {10, 0x02, 210}, + {15, 0x02, 210}, + {24, 0x02, 210}, + {31, 0x02, 210}, + {41, 0x02, 210}, + {56, 0x03, 210}, + {3, 0x02, 213}, + {6, 0x02, 213}, + {10, 0x02, 213}, + {15, 0x02, 213}, + {24, 0x02, 213}, + {31, 0x02, 213}, + {41, 0x02, 213}, + {56, 0x03, 213}, + }, + /* 199 */ + { + {1, 0x02, 218}, + {22, 0x03, 218}, + {1, 0x02, 219}, + {22, 0x03, 219}, + {1, 0x02, 238}, + {22, 0x03, 238}, + {1, 0x02, 240}, + {22, 0x03, 240}, + {1, 0x02, 242}, + {22, 0x03, 242}, + {1, 0x02, 243}, + {22, 0x03, 243}, + {1, 0x02, 255}, + {22, 0x03, 255}, + {0, 0x03, 203}, + {0, 0x03, 204}, + }, + /* 200 */ + { + {2, 0x02, 218}, + {9, 0x02, 218}, + {23, 0x02, 218}, + {40, 0x03, 218}, + {2, 0x02, 219}, + {9, 0x02, 219}, + {23, 0x02, 219}, + {40, 0x03, 219}, + {2, 0x02, 238}, + {9, 0x02, 238}, + {23, 0x02, 238}, + {40, 0x03, 238}, + {2, 0x02, 240}, + {9, 0x02, 240}, + {23, 0x02, 240}, + {40, 0x03, 240}, + }, + /* 201 */ + { + {3, 0x02, 218}, + {6, 0x02, 218}, + {10, 0x02, 218}, + {15, 0x02, 218}, + {24, 0x02, 218}, + {31, 0x02, 218}, + {41, 0x02, 218}, + {56, 0x03, 218}, + {3, 0x02, 219}, + {6, 0x02, 219}, + {10, 0x02, 219}, + {15, 0x02, 219}, + {24, 0x02, 219}, + {31, 0x02, 219}, + {41, 0x02, 219}, + {56, 0x03, 219}, + }, + /* 202 */ + { + {3, 0x02, 238}, + {6, 0x02, 238}, + {10, 0x02, 238}, + {15, 0x02, 238}, + {24, 0x02, 238}, + {31, 0x02, 238}, + {41, 0x02, 238}, + {56, 0x03, 238}, + {3, 0x02, 240}, + {6, 0x02, 240}, + {10, 0x02, 240}, + {15, 0x02, 240}, + {24, 0x02, 240}, + {31, 0x02, 240}, + {41, 0x02, 240}, + {56, 0x03, 240}, + }, + /* 203 */ + { + {2, 0x02, 242}, + {9, 0x02, 242}, + {23, 0x02, 242}, + {40, 0x03, 242}, + {2, 0x02, 243}, + {9, 0x02, 243}, + {23, 0x02, 243}, + {40, 0x03, 243}, + {2, 0x02, 255}, + {9, 0x02, 255}, + {23, 0x02, 255}, + {40, 0x03, 255}, + {1, 0x02, 203}, + {22, 0x03, 203}, + {1, 0x02, 204}, + {22, 0x03, 204}, + }, + /* 204 */ + { + {3, 0x02, 242}, + {6, 0x02, 242}, + {10, 0x02, 242}, + {15, 0x02, 242}, + {24, 0x02, 242}, + {31, 0x02, 242}, + {41, 0x02, 242}, + {56, 0x03, 242}, + {3, 0x02, 243}, + {6, 0x02, 243}, + {10, 0x02, 243}, + {15, 0x02, 243}, + {24, 0x02, 243}, + {31, 0x02, 243}, + {41, 0x02, 243}, + {56, 0x03, 243}, + }, + /* 205 */ + { + {3, 0x02, 255}, + {6, 0x02, 255}, + {10, 0x02, 255}, + {15, 0x02, 255}, + {24, 0x02, 255}, + {31, 0x02, 255}, + {41, 0x02, 255}, + {56, 0x03, 255}, + {2, 0x02, 203}, + {9, 0x02, 203}, + {23, 0x02, 203}, + {40, 0x03, 203}, + {2, 0x02, 204}, + {9, 0x02, 204}, + {23, 0x02, 204}, + {40, 0x03, 204}, + }, + /* 206 */ + { + {3, 0x02, 203}, + {6, 0x02, 203}, + {10, 0x02, 203}, + {15, 0x02, 203}, + {24, 0x02, 203}, + {31, 0x02, 203}, + {41, 0x02, 203}, + {56, 0x03, 203}, + {3, 0x02, 204}, + {6, 0x02, 204}, + {10, 0x02, 204}, + {15, 0x02, 204}, + {24, 0x02, 204}, + {31, 0x02, 204}, + {41, 0x02, 204}, + {56, 0x03, 204}, + }, + /* 207 */ + { + {211, 0x00, 0}, + {212, 0x00, 0}, + {214, 0x00, 0}, + {215, 0x00, 0}, + {218, 0x00, 0}, + {219, 0x00, 0}, + {221, 0x00, 0}, + {222, 0x00, 0}, + {226, 0x00, 0}, + {228, 0x00, 0}, + {232, 0x00, 0}, + {235, 0x00, 0}, + {240, 0x00, 0}, + {243, 0x00, 0}, + {247, 0x00, 0}, + {250, 0x00, 0}, + }, + /* 208 */ + { + {0, 0x03, 211}, + {0, 0x03, 212}, + {0, 0x03, 214}, + {0, 0x03, 221}, + {0, 0x03, 222}, + {0, 0x03, 223}, + {0, 0x03, 241}, + {0, 0x03, 244}, + {0, 0x03, 245}, + {0, 0x03, 246}, + {0, 0x03, 247}, + {0, 0x03, 248}, + {0, 0x03, 250}, + {0, 0x03, 251}, + {0, 0x03, 252}, + {0, 0x03, 253}, + }, + /* 209 */ + { + {1, 0x02, 211}, + {22, 0x03, 211}, + {1, 0x02, 212}, + {22, 0x03, 212}, + {1, 0x02, 214}, + {22, 0x03, 214}, + {1, 0x02, 221}, + {22, 0x03, 221}, + {1, 0x02, 222}, + {22, 0x03, 222}, + {1, 0x02, 223}, + {22, 0x03, 223}, + {1, 0x02, 241}, + {22, 0x03, 241}, + {1, 0x02, 244}, + {22, 0x03, 244}, + }, + /* 210 */ + { + {2, 0x02, 211}, + {9, 0x02, 211}, + {23, 0x02, 211}, + {40, 0x03, 211}, + {2, 0x02, 212}, + {9, 0x02, 212}, + {23, 0x02, 212}, + {40, 0x03, 212}, + {2, 0x02, 214}, + {9, 0x02, 214}, + {23, 0x02, 214}, + {40, 0x03, 214}, + {2, 0x02, 221}, + {9, 0x02, 221}, + {23, 0x02, 221}, + {40, 0x03, 221}, + }, + /* 211 */ + { + {3, 0x02, 211}, + {6, 0x02, 211}, + {10, 0x02, 211}, + {15, 0x02, 211}, + {24, 0x02, 211}, + {31, 0x02, 211}, + {41, 0x02, 211}, + {56, 0x03, 211}, + {3, 0x02, 212}, + {6, 0x02, 212}, + {10, 0x02, 212}, + {15, 0x02, 212}, + {24, 0x02, 212}, + {31, 0x02, 212}, + {41, 0x02, 212}, + {56, 0x03, 212}, + }, + /* 212 */ + { + {3, 0x02, 214}, + {6, 0x02, 214}, + {10, 0x02, 214}, + {15, 0x02, 214}, + {24, 0x02, 214}, + {31, 0x02, 214}, + {41, 0x02, 214}, + {56, 0x03, 214}, + {3, 0x02, 221}, + {6, 0x02, 221}, + {10, 0x02, 221}, + {15, 0x02, 221}, + {24, 0x02, 221}, + {31, 0x02, 221}, + {41, 0x02, 221}, + {56, 0x03, 221}, + }, + /* 213 */ + { + {2, 0x02, 222}, + {9, 0x02, 222}, + {23, 0x02, 222}, + {40, 0x03, 222}, + {2, 0x02, 223}, + {9, 0x02, 223}, + {23, 0x02, 223}, + {40, 0x03, 223}, + {2, 0x02, 241}, + {9, 0x02, 241}, + {23, 0x02, 241}, + {40, 0x03, 241}, + {2, 0x02, 244}, + {9, 0x02, 244}, + {23, 0x02, 244}, + {40, 0x03, 244}, + }, + /* 214 */ + { + {3, 0x02, 222}, + {6, 0x02, 222}, + {10, 0x02, 222}, + {15, 0x02, 222}, + {24, 0x02, 222}, + {31, 0x02, 222}, + {41, 0x02, 222}, + {56, 0x03, 222}, + {3, 0x02, 223}, + {6, 0x02, 223}, + {10, 0x02, 223}, + {15, 0x02, 223}, + {24, 0x02, 223}, + {31, 0x02, 223}, + {41, 0x02, 223}, + {56, 0x03, 223}, + }, + /* 215 */ + { + {3, 0x02, 241}, + {6, 0x02, 241}, + {10, 0x02, 241}, + {15, 0x02, 241}, + {24, 0x02, 241}, + {31, 0x02, 241}, + {41, 0x02, 241}, + {56, 0x03, 241}, + {3, 0x02, 244}, + {6, 0x02, 244}, + {10, 0x02, 244}, + {15, 0x02, 244}, + {24, 0x02, 244}, + {31, 0x02, 244}, + {41, 0x02, 244}, + {56, 0x03, 244}, + }, + /* 216 */ + { + {1, 0x02, 245}, + {22, 0x03, 245}, + {1, 0x02, 246}, + {22, 0x03, 246}, + {1, 0x02, 247}, + {22, 0x03, 247}, + {1, 0x02, 248}, + {22, 0x03, 248}, + {1, 0x02, 250}, + {22, 0x03, 250}, + {1, 0x02, 251}, + {22, 0x03, 251}, + {1, 0x02, 252}, + {22, 0x03, 252}, + {1, 0x02, 253}, + {22, 0x03, 253}, + }, + /* 217 */ + { + {2, 0x02, 245}, + {9, 0x02, 245}, + {23, 0x02, 245}, + {40, 0x03, 245}, + {2, 0x02, 246}, + {9, 0x02, 246}, + {23, 0x02, 246}, + {40, 0x03, 246}, + {2, 0x02, 247}, + {9, 0x02, 247}, + {23, 0x02, 247}, + {40, 0x03, 247}, + {2, 0x02, 248}, + {9, 0x02, 248}, + {23, 0x02, 248}, + {40, 0x03, 248}, + }, + /* 218 */ + { + {3, 0x02, 245}, + {6, 0x02, 245}, + {10, 0x02, 245}, + {15, 0x02, 245}, + {24, 0x02, 245}, + {31, 0x02, 245}, + {41, 0x02, 245}, + {56, 0x03, 245}, + {3, 0x02, 246}, + {6, 0x02, 246}, + {10, 0x02, 246}, + {15, 0x02, 246}, + {24, 0x02, 246}, + {31, 0x02, 246}, + {41, 0x02, 246}, + {56, 0x03, 246}, + }, + /* 219 */ + { + {3, 0x02, 247}, + {6, 0x02, 247}, + {10, 0x02, 247}, + {15, 0x02, 247}, + {24, 0x02, 247}, + {31, 0x02, 247}, + {41, 0x02, 247}, + {56, 0x03, 247}, + {3, 0x02, 248}, + {6, 0x02, 248}, + {10, 0x02, 248}, + {15, 0x02, 248}, + {24, 0x02, 248}, + {31, 0x02, 248}, + {41, 0x02, 248}, + {56, 0x03, 248}, + }, + /* 220 */ + { + {2, 0x02, 250}, + {9, 0x02, 250}, + {23, 0x02, 250}, + {40, 0x03, 250}, + {2, 0x02, 251}, + {9, 0x02, 251}, + {23, 0x02, 251}, + {40, 0x03, 251}, + {2, 0x02, 252}, + {9, 0x02, 252}, + {23, 0x02, 252}, + {40, 0x03, 252}, + {2, 0x02, 253}, + {9, 0x02, 253}, + {23, 0x02, 253}, + {40, 0x03, 253}, + }, + /* 221 */ + { + {3, 0x02, 250}, + {6, 0x02, 250}, + {10, 0x02, 250}, + {15, 0x02, 250}, + {24, 0x02, 250}, + {31, 0x02, 250}, + {41, 0x02, 250}, + {56, 0x03, 250}, + {3, 0x02, 251}, + {6, 0x02, 251}, + {10, 0x02, 251}, + {15, 0x02, 251}, + {24, 0x02, 251}, + {31, 0x02, 251}, + {41, 0x02, 251}, + {56, 0x03, 251}, + }, + /* 222 */ + { + {3, 0x02, 252}, + {6, 0x02, 252}, + {10, 0x02, 252}, + {15, 0x02, 252}, + {24, 0x02, 252}, + {31, 0x02, 252}, + {41, 0x02, 252}, + {56, 0x03, 252}, + {3, 0x02, 253}, + {6, 0x02, 253}, + {10, 0x02, 253}, + {15, 0x02, 253}, + {24, 0x02, 253}, + {31, 0x02, 253}, + {41, 0x02, 253}, + {56, 0x03, 253}, + }, + /* 223 */ + { + {0, 0x03, 254}, + {227, 0x00, 0}, + {229, 0x00, 0}, + {230, 0x00, 0}, + {233, 0x00, 0}, + {234, 0x00, 0}, + {236, 0x00, 0}, + {237, 0x00, 0}, + {241, 0x00, 0}, + {242, 0x00, 0}, + {244, 0x00, 0}, + {245, 0x00, 0}, + {248, 0x00, 0}, + {249, 0x00, 0}, + {251, 0x00, 0}, + {252, 0x00, 0}, + }, + /* 224 */ + { + {1, 0x02, 254}, + {22, 0x03, 254}, + {0, 0x03, 2}, + {0, 0x03, 3}, + {0, 0x03, 4}, + {0, 0x03, 5}, + {0, 0x03, 6}, + {0, 0x03, 7}, + {0, 0x03, 8}, + {0, 0x03, 11}, + {0, 0x03, 12}, + {0, 0x03, 14}, + {0, 0x03, 15}, + {0, 0x03, 16}, + {0, 0x03, 17}, + {0, 0x03, 18}, + }, + /* 225 */ + { + {2, 0x02, 254}, + {9, 0x02, 254}, + {23, 0x02, 254}, + {40, 0x03, 254}, + {1, 0x02, 2}, + {22, 0x03, 2}, + {1, 0x02, 3}, + {22, 0x03, 3}, + {1, 0x02, 4}, + {22, 0x03, 4}, + {1, 0x02, 5}, + {22, 0x03, 5}, + {1, 0x02, 6}, + {22, 0x03, 6}, + {1, 0x02, 7}, + {22, 0x03, 7}, + }, + /* 226 */ + { + {3, 0x02, 254}, + {6, 0x02, 254}, + {10, 0x02, 254}, + {15, 0x02, 254}, + {24, 0x02, 254}, + {31, 0x02, 254}, + {41, 0x02, 254}, + {56, 0x03, 254}, + {2, 0x02, 2}, + {9, 0x02, 2}, + {23, 0x02, 2}, + {40, 0x03, 2}, + {2, 0x02, 3}, + {9, 0x02, 3}, + {23, 0x02, 3}, + {40, 0x03, 3}, + }, + /* 227 */ + { + {3, 0x02, 2}, + {6, 0x02, 2}, + {10, 0x02, 2}, + {15, 0x02, 2}, + {24, 0x02, 2}, + {31, 0x02, 2}, + {41, 0x02, 2}, + {56, 0x03, 2}, + {3, 0x02, 3}, + {6, 0x02, 3}, + {10, 0x02, 3}, + {15, 0x02, 3}, + {24, 0x02, 3}, + {31, 0x02, 3}, + {41, 0x02, 3}, + {56, 0x03, 3}, + }, + /* 228 */ + { + {2, 0x02, 4}, + {9, 0x02, 4}, + {23, 0x02, 4}, + {40, 0x03, 4}, + {2, 0x02, 5}, + {9, 0x02, 5}, + {23, 0x02, 5}, + {40, 0x03, 5}, + {2, 0x02, 6}, + {9, 0x02, 6}, + {23, 0x02, 6}, + {40, 0x03, 6}, + {2, 0x02, 7}, + {9, 0x02, 7}, + {23, 0x02, 7}, + {40, 0x03, 7}, + }, + /* 229 */ + { + {3, 0x02, 4}, + {6, 0x02, 4}, + {10, 0x02, 4}, + {15, 0x02, 4}, + {24, 0x02, 4}, + {31, 0x02, 4}, + {41, 0x02, 4}, + {56, 0x03, 4}, + {3, 0x02, 5}, + {6, 0x02, 5}, + {10, 0x02, 5}, + {15, 0x02, 5}, + {24, 0x02, 5}, + {31, 0x02, 5}, + {41, 0x02, 5}, + {56, 0x03, 5}, + }, + /* 230 */ + { + {3, 0x02, 6}, + {6, 0x02, 6}, + {10, 0x02, 6}, + {15, 0x02, 6}, + {24, 0x02, 6}, + {31, 0x02, 6}, + {41, 0x02, 6}, + {56, 0x03, 6}, + {3, 0x02, 7}, + {6, 0x02, 7}, + {10, 0x02, 7}, + {15, 0x02, 7}, + {24, 0x02, 7}, + {31, 0x02, 7}, + {41, 0x02, 7}, + {56, 0x03, 7}, + }, + /* 231 */ + { + {1, 0x02, 8}, + {22, 0x03, 8}, + {1, 0x02, 11}, + {22, 0x03, 11}, + {1, 0x02, 12}, + {22, 0x03, 12}, + {1, 0x02, 14}, + {22, 0x03, 14}, + {1, 0x02, 15}, + {22, 0x03, 15}, + {1, 0x02, 16}, + {22, 0x03, 16}, + {1, 0x02, 17}, + {22, 0x03, 17}, + {1, 0x02, 18}, + {22, 0x03, 18}, + }, + /* 232 */ + { + {2, 0x02, 8}, + {9, 0x02, 8}, + {23, 0x02, 8}, + {40, 0x03, 8}, + {2, 0x02, 11}, + {9, 0x02, 11}, + {23, 0x02, 11}, + {40, 0x03, 11}, + {2, 0x02, 12}, + {9, 0x02, 12}, + {23, 0x02, 12}, + {40, 0x03, 12}, + {2, 0x02, 14}, + {9, 0x02, 14}, + {23, 0x02, 14}, + {40, 0x03, 14}, + }, + /* 233 */ + { + {3, 0x02, 8}, + {6, 0x02, 8}, + {10, 0x02, 8}, + {15, 0x02, 8}, + {24, 0x02, 8}, + {31, 0x02, 8}, + {41, 0x02, 8}, + {56, 0x03, 8}, + {3, 0x02, 11}, + {6, 0x02, 11}, + {10, 0x02, 11}, + {15, 0x02, 11}, + {24, 0x02, 11}, + {31, 0x02, 11}, + {41, 0x02, 11}, + {56, 0x03, 11}, + }, + /* 234 */ + { + {3, 0x02, 12}, + {6, 0x02, 12}, + {10, 0x02, 12}, + {15, 0x02, 12}, + {24, 0x02, 12}, + {31, 0x02, 12}, + {41, 0x02, 12}, + {56, 0x03, 12}, + {3, 0x02, 14}, + {6, 0x02, 14}, + {10, 0x02, 14}, + {15, 0x02, 14}, + {24, 0x02, 14}, + {31, 0x02, 14}, + {41, 0x02, 14}, + {56, 0x03, 14}, + }, + /* 235 */ + { + {2, 0x02, 15}, + {9, 0x02, 15}, + {23, 0x02, 15}, + {40, 0x03, 15}, + {2, 0x02, 16}, + {9, 0x02, 16}, + {23, 0x02, 16}, + {40, 0x03, 16}, + {2, 0x02, 17}, + {9, 0x02, 17}, + {23, 0x02, 17}, + {40, 0x03, 17}, + {2, 0x02, 18}, + {9, 0x02, 18}, + {23, 0x02, 18}, + {40, 0x03, 18}, + }, + /* 236 */ + { + {3, 0x02, 15}, + {6, 0x02, 15}, + {10, 0x02, 15}, + {15, 0x02, 15}, + {24, 0x02, 15}, + {31, 0x02, 15}, + {41, 0x02, 15}, + {56, 0x03, 15}, + {3, 0x02, 16}, + {6, 0x02, 16}, + {10, 0x02, 16}, + {15, 0x02, 16}, + {24, 0x02, 16}, + {31, 0x02, 16}, + {41, 0x02, 16}, + {56, 0x03, 16}, + }, + /* 237 */ + { + {3, 0x02, 17}, + {6, 0x02, 17}, + {10, 0x02, 17}, + {15, 0x02, 17}, + {24, 0x02, 17}, + {31, 0x02, 17}, + {41, 0x02, 17}, + {56, 0x03, 17}, + {3, 0x02, 18}, + {6, 0x02, 18}, + {10, 0x02, 18}, + {15, 0x02, 18}, + {24, 0x02, 18}, + {31, 0x02, 18}, + {41, 0x02, 18}, + {56, 0x03, 18}, + }, + /* 238 */ + { + {0, 0x03, 19}, + {0, 0x03, 20}, + {0, 0x03, 21}, + {0, 0x03, 23}, + {0, 0x03, 24}, + {0, 0x03, 25}, + {0, 0x03, 26}, + {0, 0x03, 27}, + {0, 0x03, 28}, + {0, 0x03, 29}, + {0, 0x03, 30}, + {0, 0x03, 31}, + {0, 0x03, 127}, + {0, 0x03, 220}, + {0, 0x03, 249}, + {253, 0x00, 0}, + }, + /* 239 */ + { + {1, 0x02, 19}, + {22, 0x03, 19}, + {1, 0x02, 20}, + {22, 0x03, 20}, + {1, 0x02, 21}, + {22, 0x03, 21}, + {1, 0x02, 23}, + {22, 0x03, 23}, + {1, 0x02, 24}, + {22, 0x03, 24}, + {1, 0x02, 25}, + {22, 0x03, 25}, + {1, 0x02, 26}, + {22, 0x03, 26}, + {1, 0x02, 27}, + {22, 0x03, 27}, + }, + /* 240 */ + { + {2, 0x02, 19}, + {9, 0x02, 19}, + {23, 0x02, 19}, + {40, 0x03, 19}, + {2, 0x02, 20}, + {9, 0x02, 20}, + {23, 0x02, 20}, + {40, 0x03, 20}, + {2, 0x02, 21}, + {9, 0x02, 21}, + {23, 0x02, 21}, + {40, 0x03, 21}, + {2, 0x02, 23}, + {9, 0x02, 23}, + {23, 0x02, 23}, + {40, 0x03, 23}, + }, + /* 241 */ + { + {3, 0x02, 19}, + {6, 0x02, 19}, + {10, 0x02, 19}, + {15, 0x02, 19}, + {24, 0x02, 19}, + {31, 0x02, 19}, + {41, 0x02, 19}, + {56, 0x03, 19}, + {3, 0x02, 20}, + {6, 0x02, 20}, + {10, 0x02, 20}, + {15, 0x02, 20}, + {24, 0x02, 20}, + {31, 0x02, 20}, + {41, 0x02, 20}, + {56, 0x03, 20}, + }, + /* 242 */ + { + {3, 0x02, 21}, + {6, 0x02, 21}, + {10, 0x02, 21}, + {15, 0x02, 21}, + {24, 0x02, 21}, + {31, 0x02, 21}, + {41, 0x02, 21}, + {56, 0x03, 21}, + {3, 0x02, 23}, + {6, 0x02, 23}, + {10, 0x02, 23}, + {15, 0x02, 23}, + {24, 0x02, 23}, + {31, 0x02, 23}, + {41, 0x02, 23}, + {56, 0x03, 23}, + }, + /* 243 */ + { + {2, 0x02, 24}, + {9, 0x02, 24}, + {23, 0x02, 24}, + {40, 0x03, 24}, + {2, 0x02, 25}, + {9, 0x02, 25}, + {23, 0x02, 25}, + {40, 0x03, 25}, + {2, 0x02, 26}, + {9, 0x02, 26}, + {23, 0x02, 26}, + {40, 0x03, 26}, + {2, 0x02, 27}, + {9, 0x02, 27}, + {23, 0x02, 27}, + {40, 0x03, 27}, + }, + /* 244 */ + { + {3, 0x02, 24}, + {6, 0x02, 24}, + {10, 0x02, 24}, + {15, 0x02, 24}, + {24, 0x02, 24}, + {31, 0x02, 24}, + {41, 0x02, 24}, + {56, 0x03, 24}, + {3, 0x02, 25}, + {6, 0x02, 25}, + {10, 0x02, 25}, + {15, 0x02, 25}, + {24, 0x02, 25}, + {31, 0x02, 25}, + {41, 0x02, 25}, + {56, 0x03, 25}, + }, + /* 245 */ + { + {3, 0x02, 26}, + {6, 0x02, 26}, + {10, 0x02, 26}, + {15, 0x02, 26}, + {24, 0x02, 26}, + {31, 0x02, 26}, + {41, 0x02, 26}, + {56, 0x03, 26}, + {3, 0x02, 27}, + {6, 0x02, 27}, + {10, 0x02, 27}, + {15, 0x02, 27}, + {24, 0x02, 27}, + {31, 0x02, 27}, + {41, 0x02, 27}, + {56, 0x03, 27}, + }, + /* 246 */ + { + {1, 0x02, 28}, + {22, 0x03, 28}, + {1, 0x02, 29}, + {22, 0x03, 29}, + {1, 0x02, 30}, + {22, 0x03, 30}, + {1, 0x02, 31}, + {22, 0x03, 31}, + {1, 0x02, 127}, + {22, 0x03, 127}, + {1, 0x02, 220}, + {22, 0x03, 220}, + {1, 0x02, 249}, + {22, 0x03, 249}, + {254, 0x00, 0}, + {255, 0x00, 0}, + }, + /* 247 */ + { + {2, 0x02, 28}, + {9, 0x02, 28}, + {23, 0x02, 28}, + {40, 0x03, 28}, + {2, 0x02, 29}, + {9, 0x02, 29}, + {23, 0x02, 29}, + {40, 0x03, 29}, + {2, 0x02, 30}, + {9, 0x02, 30}, + {23, 0x02, 30}, + {40, 0x03, 30}, + {2, 0x02, 31}, + {9, 0x02, 31}, + {23, 0x02, 31}, + {40, 0x03, 31}, + }, + /* 248 */ + { + {3, 0x02, 28}, + {6, 0x02, 28}, + {10, 0x02, 28}, + {15, 0x02, 28}, + {24, 0x02, 28}, + {31, 0x02, 28}, + {41, 0x02, 28}, + {56, 0x03, 28}, + {3, 0x02, 29}, + {6, 0x02, 29}, + {10, 0x02, 29}, + {15, 0x02, 29}, + {24, 0x02, 29}, + {31, 0x02, 29}, + {41, 0x02, 29}, + {56, 0x03, 29}, + }, + /* 249 */ + { + {3, 0x02, 30}, + {6, 0x02, 30}, + {10, 0x02, 30}, + {15, 0x02, 30}, + {24, 0x02, 30}, + {31, 0x02, 30}, + {41, 0x02, 30}, + {56, 0x03, 30}, + {3, 0x02, 31}, + {6, 0x02, 31}, + {10, 0x02, 31}, + {15, 0x02, 31}, + {24, 0x02, 31}, + {31, 0x02, 31}, + {41, 0x02, 31}, + {56, 0x03, 31}, + }, + /* 250 */ + { + {2, 0x02, 127}, + {9, 0x02, 127}, + {23, 0x02, 127}, + {40, 0x03, 127}, + {2, 0x02, 220}, + {9, 0x02, 220}, + {23, 0x02, 220}, + {40, 0x03, 220}, + {2, 0x02, 249}, + {9, 0x02, 249}, + {23, 0x02, 249}, + {40, 0x03, 249}, + {0, 0x03, 10}, + {0, 0x03, 13}, + {0, 0x03, 22}, + {0, 0x04, 0}, + }, + /* 251 */ + { + {3, 0x02, 127}, + {6, 0x02, 127}, + {10, 0x02, 127}, + {15, 0x02, 127}, + {24, 0x02, 127}, + {31, 0x02, 127}, + {41, 0x02, 127}, + {56, 0x03, 127}, + {3, 0x02, 220}, + {6, 0x02, 220}, + {10, 0x02, 220}, + {15, 0x02, 220}, + {24, 0x02, 220}, + {31, 0x02, 220}, + {41, 0x02, 220}, + {56, 0x03, 220}, + }, + /* 252 */ + { + {3, 0x02, 249}, + {6, 0x02, 249}, + {10, 0x02, 249}, + {15, 0x02, 249}, + {24, 0x02, 249}, + {31, 0x02, 249}, + {41, 0x02, 249}, + {56, 0x03, 249}, + {1, 0x02, 10}, + {22, 0x03, 10}, + {1, 0x02, 13}, + {22, 0x03, 13}, + {1, 0x02, 22}, + {22, 0x03, 22}, + {0, 0x04, 0}, + {0, 0x04, 0}, + }, + /* 253 */ + { + {2, 0x02, 10}, + {9, 0x02, 10}, + {23, 0x02, 10}, + {40, 0x03, 10}, + {2, 0x02, 13}, + {9, 0x02, 13}, + {23, 0x02, 13}, + {40, 0x03, 13}, + {2, 0x02, 22}, + {9, 0x02, 22}, + {23, 0x02, 22}, + {40, 0x03, 22}, + {0, 0x04, 0}, + {0, 0x04, 0}, + {0, 0x04, 0}, + {0, 0x04, 0}, + }, + /* 254 */ + { + {3, 0x02, 10}, + {6, 0x02, 10}, + {10, 0x02, 10}, + {15, 0x02, 10}, + {24, 0x02, 10}, + {31, 0x02, 10}, + {41, 0x02, 10}, + {56, 0x03, 10}, + {3, 0x02, 13}, + {6, 0x02, 13}, + {10, 0x02, 13}, + {15, 0x02, 13}, + {24, 0x02, 13}, + {31, 0x02, 13}, + {41, 0x02, 13}, + {56, 0x03, 13}, + }, + /* 255 */ + { + {3, 0x02, 22}, + {6, 0x02, 22}, + {10, 0x02, 22}, + {15, 0x02, 22}, + {24, 0x02, 22}, + {31, 0x02, 22}, + {41, 0x02, 22}, + {56, 0x03, 22}, + {0, 0x04, 0}, + {0, 0x04, 0}, + {0, 0x04, 0}, + {0, 0x04, 0}, + {0, 0x04, 0}, + {0, 0x04, 0}, + {0, 0x04, 0}, + {0, 0x04, 0}, + }, +}; diff --git a/deps/nghttp3/lib/nghttp3_range.c b/deps/nghttp3/lib/nghttp3_range.c new file mode 100644 index 0000000000..0ce71480d7 --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_range.c @@ -0,0 +1,62 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "nghttp3_range.h" +#include "nghttp3_macro.h" + +void nghttp3_range_init(nghttp3_range *r, uint64_t begin, uint64_t end) { + r->begin = begin; + r->end = end; +} + +nghttp3_range nghttp3_range_intersect(const nghttp3_range *a, + const nghttp3_range *b) { + nghttp3_range r = {0, 0}; + uint64_t begin = nghttp3_max(a->begin, b->begin); + uint64_t end = nghttp3_min(a->end, b->end); + if (begin < end) { + nghttp3_range_init(&r, begin, end); + } + return r; +} + +uint64_t nghttp3_range_len(const nghttp3_range *r) { return r->end - r->begin; } + +int nghttp3_range_eq(const nghttp3_range *a, const nghttp3_range *b) { + return a->begin == b->begin && a->end == b->end; +} + +void nghttp3_range_cut(nghttp3_range *left, nghttp3_range *right, + const nghttp3_range *a, const nghttp3_range *b) { + /* Assume that b is included in a */ + left->begin = a->begin; + left->end = b->begin; + right->begin = b->end; + right->end = a->end; +} + +int nghttp3_range_not_after(const nghttp3_range *a, const nghttp3_range *b) { + return a->end <= b->end; +} diff --git a/deps/nghttp3/lib/nghttp3_range.h b/deps/nghttp3/lib/nghttp3_range.h new file mode 100644 index 0000000000..e65dd14835 --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_range.h @@ -0,0 +1,81 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGHTTP3_RANGE_H +#define NGHTTP3_RANGE_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +/* + * nghttp3_range represents half-closed range [begin, end). + */ +typedef struct { + uint64_t begin; + uint64_t end; +} nghttp3_range; + +/* + * nghttp3_range_init initializes |r| with the range [|begin|, |end|). + */ +void nghttp3_range_init(nghttp3_range *r, uint64_t begin, uint64_t end); + +/* + * nghttp3_range_intersect returns the intersection of |a| and |b|. + * If they do not overlap, it returns empty range. + */ +nghttp3_range nghttp3_range_intersect(const nghttp3_range *a, + const nghttp3_range *b); + +/* + * nghttp3_range_len returns the length of |r|. + */ +uint64_t nghttp3_range_len(const nghttp3_range *r); + +/* + * nghttp3_range_eq returns nonzero if |a| equals |b|, such that + * a->begin == b->begin, and a->end == b->end hold. + */ +int nghttp3_range_eq(const nghttp3_range *a, const nghttp3_range *b); + +/* + * nghttp3_range_cut returns the left and right range after removing + * |b| from |a|. This function assumes that |a| completely includes + * |b|. In other words, a->begin <= b->begin and b->end <= a->end + * hold. + */ +void nghttp3_range_cut(nghttp3_range *left, nghttp3_range *right, + const nghttp3_range *a, const nghttp3_range *b); + +/* + * nghttp3_range_not_after returns nonzero if the right edge of |a| + * does not go beyond of the right edge of |b|. + */ +int nghttp3_range_not_after(const nghttp3_range *a, const nghttp3_range *b); + +#endif /* NGHTTP3_RANGE_H */ diff --git a/deps/nghttp3/lib/nghttp3_rcbuf.c b/deps/nghttp3/lib/nghttp3_rcbuf.c new file mode 100644 index 0000000000..79b0e6d7af --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_rcbuf.c @@ -0,0 +1,102 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2016 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "nghttp3_rcbuf.h" + +#include + +#include "nghttp3_mem.h" +#include "nghttp3_str.h" + +int nghttp3_rcbuf_new(nghttp3_rcbuf **rcbuf_ptr, size_t size, + const nghttp3_mem *mem) { + uint8_t *p; + + p = nghttp3_mem_malloc(mem, sizeof(nghttp3_rcbuf) + size); + if (p == NULL) { + return NGHTTP3_ERR_NOMEM; + } + + *rcbuf_ptr = (void *)p; + + (*rcbuf_ptr)->mem_user_data = mem->mem_user_data; + (*rcbuf_ptr)->free = mem->free; + (*rcbuf_ptr)->base = p + sizeof(nghttp3_rcbuf); + (*rcbuf_ptr)->len = size; + (*rcbuf_ptr)->ref = 1; + + return 0; +} + +int nghttp3_rcbuf_new2(nghttp3_rcbuf **rcbuf_ptr, const uint8_t *src, + size_t srclen, const nghttp3_mem *mem) { + int rv; + + rv = nghttp3_rcbuf_new(rcbuf_ptr, srclen + 1, mem); + if (rv != 0) { + return rv; + } + + (*rcbuf_ptr)->len = srclen; + *nghttp3_cpymem((*rcbuf_ptr)->base, src, srclen) = '\0'; + + return 0; +} + +/* + * Frees |rcbuf| itself, regardless of its reference cout. + */ +void nghttp3_rcbuf_del(nghttp3_rcbuf *rcbuf) { + nghttp3_mem_free2(rcbuf->free, rcbuf, rcbuf->mem_user_data); +} + +void nghttp3_rcbuf_incref(nghttp3_rcbuf *rcbuf) { + if (rcbuf->ref == -1) { + return; + } + + ++rcbuf->ref; +} + +void nghttp3_rcbuf_decref(nghttp3_rcbuf *rcbuf) { + if (rcbuf == NULL || rcbuf->ref == -1) { + return; + } + + assert(rcbuf->ref > 0); + + if (--rcbuf->ref == 0) { + nghttp3_rcbuf_del(rcbuf); + } +} + +nghttp3_vec nghttp3_rcbuf_get_buf(const nghttp3_rcbuf *rcbuf) { + nghttp3_vec res = {rcbuf->base, rcbuf->len}; + return res; +} + +int nghttp3_rcbuf_is_static(const nghttp3_rcbuf *rcbuf) { + return rcbuf->ref == -1; +} diff --git a/deps/nghttp3/lib/nghttp3_rcbuf.h b/deps/nghttp3/lib/nghttp3_rcbuf.h new file mode 100644 index 0000000000..feea804000 --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_rcbuf.h @@ -0,0 +1,82 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2016 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGHTTP3_RCBUF_H +#define NGHTTP3_RCBUF_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +struct nghttp3_rcbuf { + /* custom memory allocator belongs to the mem parameter when + creating this object. */ + void *mem_user_data; + nghttp3_free free; + /* The pointer to the underlying buffer */ + uint8_t *base; + /* Size of buffer pointed by |base|. */ + size_t len; + /* Reference count */ + int32_t ref; +}; + +/* + * Allocates nghttp3_rcbuf object with |size| as initial buffer size. + * When the function succeeds, the reference count becomes 1. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM: + * Out of memory. + */ +int nghttp3_rcbuf_new(nghttp3_rcbuf **rcbuf_ptr, size_t size, + const nghttp3_mem *mem); + +/* + * Like nghttp3_rcbuf_new(), but initializes the buffer with |src| of + * length |srclen|. This function allocates additional byte at the + * end and puts '\0' into it, so that the resulting buffer could be + * used as NULL-terminated string. Still (*rcbuf_ptr)->len equals to + * |srclen|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM: + * Out of memory. + */ +int nghttp3_rcbuf_new2(nghttp3_rcbuf **rcbuf_ptr, const uint8_t *src, + size_t srclen, const nghttp3_mem *mem); + +/* + * Frees |rcbuf| itself, regardless of its reference cout. + */ +void nghttp3_rcbuf_del(nghttp3_rcbuf *rcbuf); + +#endif /* NGHTTP3_RCBUF_H */ diff --git a/deps/nghttp3/lib/nghttp3_ringbuf.c b/deps/nghttp3/lib/nghttp3_ringbuf.c new file mode 100644 index 0000000000..df0cb9e6d9 --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_ringbuf.c @@ -0,0 +1,134 @@ +/* + * ngtcp2 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "nghttp3_ringbuf.h" + +#include +#include + +#include "nghttp3_macro.h" + +int nghttp3_ringbuf_init(nghttp3_ringbuf *rb, size_t nmemb, size_t size, + const nghttp3_mem *mem) { + assert(1 == __builtin_popcount((unsigned int)nmemb)); + + rb->buf = nghttp3_mem_malloc(mem, nmemb * size); + if (rb->buf == NULL) { + return NGHTTP3_ERR_NOMEM; + } + + rb->mem = mem; + rb->nmemb = nmemb; + rb->size = size; + rb->first = 0; + rb->len = 0; + + return 0; +} + +void nghttp3_ringbuf_free(nghttp3_ringbuf *rb) { + if (rb == NULL) { + return; + } + + nghttp3_mem_free(rb->mem, rb->buf); +} + +void *nghttp3_ringbuf_push_front(nghttp3_ringbuf *rb) { + rb->first = (rb->first - 1) & (rb->nmemb - 1); + rb->len = nghttp3_min(rb->nmemb, rb->len + 1); + + return (void *)&rb->buf[rb->first * rb->size]; +} + +void *nghttp3_ringbuf_push_back(nghttp3_ringbuf *rb) { + size_t offset = (rb->first + rb->len) & (rb->nmemb - 1); + + if (rb->len == rb->nmemb) { + rb->first = (rb->first + 1) & (rb->nmemb - 1); + } else { + ++rb->len; + } + + return (void *)&rb->buf[offset * rb->size]; +} + +void nghttp3_ringbuf_pop_front(nghttp3_ringbuf *rb) { + rb->first = (rb->first + 1) & (rb->nmemb - 1); + --rb->len; +} + +void nghttp3_ringbuf_pop_back(nghttp3_ringbuf *rb) { + assert(rb->len); + --rb->len; +} + +void nghttp3_ringbuf_resize(nghttp3_ringbuf *rb, size_t len) { + assert(len <= rb->nmemb); + rb->len = len; +} + +void *nghttp3_ringbuf_get(nghttp3_ringbuf *rb, size_t offset) { + assert(offset < rb->len); + offset = (rb->first + offset) & (rb->nmemb - 1); + return &rb->buf[offset * rb->size]; +} + +size_t nghttp3_ringbuf_len(nghttp3_ringbuf *rb) { return rb->len; } + +int nghttp3_ringbuf_full(nghttp3_ringbuf *rb) { return rb->len == rb->nmemb; } + +int nghttp3_ringbuf_reserve(nghttp3_ringbuf *rb, size_t nmemb) { + uint8_t *buf; + + assert(1 == __builtin_popcount((unsigned int)nmemb)); + + if (rb->nmemb >= nmemb) { + return 0; + } + + buf = nghttp3_mem_malloc(rb->mem, nmemb * rb->size); + if (buf == NULL) { + return NGHTTP3_ERR_NOMEM; + } + + if (rb->first + rb->len <= rb->nmemb) { + memcpy(buf, rb->buf + rb->first * rb->size, rb->len * rb->size); + rb->first = 0; + } else { + memcpy(buf, rb->buf + rb->first * rb->size, + (rb->nmemb - rb->first) * rb->size); + memcpy(buf + (rb->nmemb - rb->first) * rb->size, rb->buf, + (rb->len - (rb->nmemb - rb->first)) * rb->size); + rb->first = 0; + } + + nghttp3_mem_free(rb->mem, rb->buf); + + rb->buf = buf; + rb->nmemb = nmemb; + + return 0; +} diff --git a/deps/nghttp3/lib/nghttp3_ringbuf.h b/deps/nghttp3/lib/nghttp3_ringbuf.h new file mode 100644 index 0000000000..d11bb2b031 --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_ringbuf.h @@ -0,0 +1,113 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGHTTP3_RINGBUF_H +#define NGHTTP3_RINGBUF_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include "nghttp3_mem.h" + +typedef struct { + /* buf points to the underlying buffer. */ + uint8_t *buf; + const nghttp3_mem *mem; + /* nmemb is the number of elements that can be stored in this ring + buffer. */ + size_t nmemb; + /* size is the size of each element. */ + size_t size; + /* first is the offset to the first element. */ + size_t first; + /* len is the number of elements actually stored. */ + size_t len; +} nghttp3_ringbuf; + +/* + * nghttp3_ringbuf_init initializes |rb|. |nmemb| is the number of + * elements that can be stored in this buffer. |size| is the size of + * each element. |size| must be power of 2. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGHTTP3_ERR_NOMEM + * Out of memory. + */ +int nghttp3_ringbuf_init(nghttp3_ringbuf *rb, size_t nmemb, size_t size, + const nghttp3_mem *mem); + +/* + * nghttp3_ringbuf_free frees resources allocated for |rb|. This + * function does not free the memory pointed by |rb|. + */ +void nghttp3_ringbuf_free(nghttp3_ringbuf *rb); + +/* nghttp3_ringbuf_push_front moves the offset to the first element in + the buffer backward, and returns the pointer to the element. + Caller can store data to the buffer pointed by the returned + pointer. If this action exceeds the capacity of the ring buffer, + the last element is silently overwritten, and rb->len remains + unchanged. */ +void *nghttp3_ringbuf_push_front(nghttp3_ringbuf *rb); + +/* nghttp3_ringbuf_push_back moves the offset to the last element in + the buffer forward, and returns the pointer to the element. Caller + can store data to the buffer pointed by the returned pointer. If + this action exceeds the capacity of the ring buffer, the first + element is silently overwritten, and rb->len remains unchanged. */ +void *nghttp3_ringbuf_push_back(nghttp3_ringbuf *rb); + +/* + * nghttp3_ringbuf_pop_front removes first element in |rb|. + */ +void nghttp3_ringbuf_pop_front(nghttp3_ringbuf *rb); + +/* + * nghttp3_ringbuf_pop_back removes the last element in |rb|. + */ +void nghttp3_ringbuf_pop_back(nghttp3_ringbuf *rb); + +/* nghttp3_ringbuf_resize changes the number of elements stored. This + does not change the capacity of the underlying buffer. */ +void nghttp3_ringbuf_resize(nghttp3_ringbuf *rb, size_t len); + +/* nghttp3_ringbuf_get returns the pointer to the element at + |offset|. */ +void *nghttp3_ringbuf_get(nghttp3_ringbuf *rb, size_t offset); + +/* nghttp3_ringbuf_len returns the number of elements stored. */ +size_t nghttp3_ringbuf_len(nghttp3_ringbuf *rb); + +/* nghttp3_ringbuf_full returns nonzero if |rb| is full. */ +int nghttp3_ringbuf_full(nghttp3_ringbuf *rb); + +int nghttp3_ringbuf_reserve(nghttp3_ringbuf *rb, size_t nmemb); + +#endif /* NGHTTP3_RINGBUF_H */ diff --git a/deps/nghttp3/lib/nghttp3_str.c b/deps/nghttp3/lib/nghttp3_str.c new file mode 100644 index 0000000000..3782aa72cd --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_str.c @@ -0,0 +1,110 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2017 ngtcp2 contributors + * Copyright (c) 2012 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "nghttp3_str.h" + +#include +#include + +uint8_t *nghttp3_cpymem(uint8_t *dest, const uint8_t *src, size_t n) { + memcpy(dest, src, n); + return dest + n; +} + +/* Generated by gendowncasetbl.py */ +static const uint8_t DOWNCASE_TBL[] = { + 0 /* NUL */, 1 /* SOH */, 2 /* STX */, 3 /* ETX */, + 4 /* EOT */, 5 /* ENQ */, 6 /* ACK */, 7 /* BEL */, + 8 /* BS */, 9 /* HT */, 10 /* LF */, 11 /* VT */, + 12 /* FF */, 13 /* CR */, 14 /* SO */, 15 /* SI */, + 16 /* DLE */, 17 /* DC1 */, 18 /* DC2 */, 19 /* DC3 */, + 20 /* DC4 */, 21 /* NAK */, 22 /* SYN */, 23 /* ETB */, + 24 /* CAN */, 25 /* EM */, 26 /* SUB */, 27 /* ESC */, + 28 /* FS */, 29 /* GS */, 30 /* RS */, 31 /* US */, + 32 /* SPC */, 33 /* ! */, 34 /* " */, 35 /* # */, + 36 /* $ */, 37 /* % */, 38 /* & */, 39 /* ' */, + 40 /* ( */, 41 /* ) */, 42 /* * */, 43 /* + */, + 44 /* , */, 45 /* - */, 46 /* . */, 47 /* / */, + 48 /* 0 */, 49 /* 1 */, 50 /* 2 */, 51 /* 3 */, + 52 /* 4 */, 53 /* 5 */, 54 /* 6 */, 55 /* 7 */, + 56 /* 8 */, 57 /* 9 */, 58 /* : */, 59 /* ; */, + 60 /* < */, 61 /* = */, 62 /* > */, 63 /* ? */, + 64 /* @ */, 97 /* A */, 98 /* B */, 99 /* C */, + 100 /* D */, 101 /* E */, 102 /* F */, 103 /* G */, + 104 /* H */, 105 /* I */, 106 /* J */, 107 /* K */, + 108 /* L */, 109 /* M */, 110 /* N */, 111 /* O */, + 112 /* P */, 113 /* Q */, 114 /* R */, 115 /* S */, + 116 /* T */, 117 /* U */, 118 /* V */, 119 /* W */, + 120 /* X */, 121 /* Y */, 122 /* Z */, 91 /* [ */, + 92 /* \ */, 93 /* ] */, 94 /* ^ */, 95 /* _ */, + 96 /* ` */, 97 /* a */, 98 /* b */, 99 /* c */, + 100 /* d */, 101 /* e */, 102 /* f */, 103 /* g */, + 104 /* h */, 105 /* i */, 106 /* j */, 107 /* k */, + 108 /* l */, 109 /* m */, 110 /* n */, 111 /* o */, + 112 /* p */, 113 /* q */, 114 /* r */, 115 /* s */, + 116 /* t */, 117 /* u */, 118 /* v */, 119 /* w */, + 120 /* x */, 121 /* y */, 122 /* z */, 123 /* { */, + 124 /* | */, 125 /* } */, 126 /* ~ */, 127 /* DEL */, + 128 /* 0x80 */, 129 /* 0x81 */, 130 /* 0x82 */, 131 /* 0x83 */, + 132 /* 0x84 */, 133 /* 0x85 */, 134 /* 0x86 */, 135 /* 0x87 */, + 136 /* 0x88 */, 137 /* 0x89 */, 138 /* 0x8a */, 139 /* 0x8b */, + 140 /* 0x8c */, 141 /* 0x8d */, 142 /* 0x8e */, 143 /* 0x8f */, + 144 /* 0x90 */, 145 /* 0x91 */, 146 /* 0x92 */, 147 /* 0x93 */, + 148 /* 0x94 */, 149 /* 0x95 */, 150 /* 0x96 */, 151 /* 0x97 */, + 152 /* 0x98 */, 153 /* 0x99 */, 154 /* 0x9a */, 155 /* 0x9b */, + 156 /* 0x9c */, 157 /* 0x9d */, 158 /* 0x9e */, 159 /* 0x9f */, + 160 /* 0xa0 */, 161 /* 0xa1 */, 162 /* 0xa2 */, 163 /* 0xa3 */, + 164 /* 0xa4 */, 165 /* 0xa5 */, 166 /* 0xa6 */, 167 /* 0xa7 */, + 168 /* 0xa8 */, 169 /* 0xa9 */, 170 /* 0xaa */, 171 /* 0xab */, + 172 /* 0xac */, 173 /* 0xad */, 174 /* 0xae */, 175 /* 0xaf */, + 176 /* 0xb0 */, 177 /* 0xb1 */, 178 /* 0xb2 */, 179 /* 0xb3 */, + 180 /* 0xb4 */, 181 /* 0xb5 */, 182 /* 0xb6 */, 183 /* 0xb7 */, + 184 /* 0xb8 */, 185 /* 0xb9 */, 186 /* 0xba */, 187 /* 0xbb */, + 188 /* 0xbc */, 189 /* 0xbd */, 190 /* 0xbe */, 191 /* 0xbf */, + 192 /* 0xc0 */, 193 /* 0xc1 */, 194 /* 0xc2 */, 195 /* 0xc3 */, + 196 /* 0xc4 */, 197 /* 0xc5 */, 198 /* 0xc6 */, 199 /* 0xc7 */, + 200 /* 0xc8 */, 201 /* 0xc9 */, 202 /* 0xca */, 203 /* 0xcb */, + 204 /* 0xcc */, 205 /* 0xcd */, 206 /* 0xce */, 207 /* 0xcf */, + 208 /* 0xd0 */, 209 /* 0xd1 */, 210 /* 0xd2 */, 211 /* 0xd3 */, + 212 /* 0xd4 */, 213 /* 0xd5 */, 214 /* 0xd6 */, 215 /* 0xd7 */, + 216 /* 0xd8 */, 217 /* 0xd9 */, 218 /* 0xda */, 219 /* 0xdb */, + 220 /* 0xdc */, 221 /* 0xdd */, 222 /* 0xde */, 223 /* 0xdf */, + 224 /* 0xe0 */, 225 /* 0xe1 */, 226 /* 0xe2 */, 227 /* 0xe3 */, + 228 /* 0xe4 */, 229 /* 0xe5 */, 230 /* 0xe6 */, 231 /* 0xe7 */, + 232 /* 0xe8 */, 233 /* 0xe9 */, 234 /* 0xea */, 235 /* 0xeb */, + 236 /* 0xec */, 237 /* 0xed */, 238 /* 0xee */, 239 /* 0xef */, + 240 /* 0xf0 */, 241 /* 0xf1 */, 242 /* 0xf2 */, 243 /* 0xf3 */, + 244 /* 0xf4 */, 245 /* 0xf5 */, 246 /* 0xf6 */, 247 /* 0xf7 */, + 248 /* 0xf8 */, 249 /* 0xf9 */, 250 /* 0xfa */, 251 /* 0xfb */, + 252 /* 0xfc */, 253 /* 0xfd */, 254 /* 0xfe */, 255 /* 0xff */, +}; + +void nghttp3_downcase(uint8_t *s, size_t len) { + size_t i; + for (i = 0; i < len; ++i) { + s[i] = DOWNCASE_TBL[s[i]]; + } +} diff --git a/deps/nghttp3/lib/nghttp3_str.h b/deps/nghttp3/lib/nghttp3_str.h new file mode 100644 index 0000000000..19c1d2c71b --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_str.h @@ -0,0 +1,40 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2017 ngtcp2 contributors + * Copyright (c) 2012 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGHTTP3_STR_H +#define NGHTTP3_STR_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +uint8_t *nghttp3_cpymem(uint8_t *dest, const uint8_t *src, size_t n); + +void nghttp3_downcase(uint8_t *s, size_t len); + +#endif /* NGHTTP3_STR_H */ diff --git a/deps/nghttp3/lib/nghttp3_stream.c b/deps/nghttp3/lib/nghttp3_stream.c new file mode 100644 index 0000000000..5ed2789201 --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_stream.c @@ -0,0 +1,1307 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "nghttp3_stream.h" + +#include +#include +#include + +#include "nghttp3_conv.h" +#include "nghttp3_macro.h" +#include "nghttp3_frame.h" +#include "nghttp3_conn.h" +#include "nghttp3_str.h" +#include "nghttp3_http.h" + +int nghttp3_stream_new(nghttp3_stream **pstream, int64_t stream_id, + uint64_t seq, uint32_t weight, nghttp3_tnode *parent, + const nghttp3_stream_callbacks *callbacks, + const nghttp3_mem *mem) { + int rv; + nghttp3_stream *stream = nghttp3_mem_calloc(mem, 1, sizeof(nghttp3_stream)); + nghttp3_node_id nid; + + if (stream == NULL) { + return NGHTTP3_ERR_NOMEM; + } + + nghttp3_tnode_init( + &stream->node, + nghttp3_node_id_init(&nid, NGHTTP3_NODE_ID_TYPE_STREAM, stream_id), seq, + weight, parent, mem); + + rv = nghttp3_ringbuf_init(&stream->frq, 16, sizeof(nghttp3_frame_entry), mem); + if (rv != 0) { + goto frq_init_fail; + } + + rv = nghttp3_ringbuf_init(&stream->chunks, 16, sizeof(nghttp3_buf), mem); + if (rv != 0) { + goto chunks_init_fail; + } + + rv = nghttp3_ringbuf_init(&stream->outq, 16, sizeof(nghttp3_typed_buf), mem); + if (rv != 0) { + goto outq_init_fail; + } + + rv = nghttp3_ringbuf_init(&stream->inq, 16, sizeof(nghttp3_buf), mem); + if (rv != 0) { + goto inq_init_fail; + } + + nghttp3_qpack_stream_context_init(&stream->qpack_sctx, stream_id, mem); + + stream->me.key = (key_type)stream_id; + stream->qpack_blocked_pe.index = NGHTTP3_PQ_BAD_INDEX; + stream->mem = mem; + stream->rx.http.status_code = -1; + stream->rx.http.content_length = -1; + + if (callbacks) { + stream->callbacks = *callbacks; + } + + *pstream = stream; + + return 0; + +inq_init_fail: + nghttp3_ringbuf_free(&stream->outq); +outq_init_fail: + nghttp3_ringbuf_free(&stream->chunks); +chunks_init_fail: + nghttp3_ringbuf_free(&stream->frq); +frq_init_fail: + nghttp3_mem_free(mem, stream); + + return rv; +} + +static void delete_outq(nghttp3_ringbuf *outq, const nghttp3_mem *mem) { + nghttp3_typed_buf *tbuf; + size_t i, len = nghttp3_ringbuf_len(outq); + + for (i = 0; i < len; ++i) { + tbuf = nghttp3_ringbuf_get(outq, i); + if (tbuf->type == NGHTTP3_BUF_TYPE_PRIVATE) { + nghttp3_buf_free(&tbuf->buf, mem); + } + } + + nghttp3_ringbuf_free(outq); +} + +static void delete_chunks(nghttp3_ringbuf *chunks, const nghttp3_mem *mem) { + nghttp3_buf *buf; + size_t i, len = nghttp3_ringbuf_len(chunks); + + for (i = 0; i < len; ++i) { + buf = nghttp3_ringbuf_get(chunks, i); + nghttp3_buf_free(buf, mem); + } + + nghttp3_ringbuf_free(chunks); +} + +static void delete_frq(nghttp3_ringbuf *frq, const nghttp3_mem *mem) { + nghttp3_frame_entry *frent; + size_t i, len = nghttp3_ringbuf_len(frq); + + for (i = 0; i < len; ++i) { + frent = nghttp3_ringbuf_get(frq, i); + switch (frent->fr.hd.type) { + case NGHTTP3_FRAME_HEADERS: + nghttp3_frame_headers_free(&frent->fr.headers, mem); + break; + case NGHTTP3_FRAME_PUSH_PROMISE: + nghttp3_frame_push_promise_free(&frent->fr.push_promise, mem); + break; + default: + break; + } + } + + nghttp3_ringbuf_free(frq); +} + +void nghttp3_stream_del(nghttp3_stream *stream) { + if (stream == NULL) { + return; + } + + nghttp3_qpack_stream_context_free(&stream->qpack_sctx); + delete_chunks(&stream->inq, stream->mem); + delete_outq(&stream->outq, stream->mem); + delete_chunks(&stream->chunks, stream->mem); + delete_frq(&stream->frq, stream->mem); + nghttp3_tnode_free(&stream->node); + + nghttp3_mem_free(stream->mem, stream); +} + +void nghttp3_varint_read_state_reset(nghttp3_varint_read_state *rvint) { + memset(rvint, 0, sizeof(*rvint)); +} + +void nghttp3_stream_read_state_reset(nghttp3_stream_read_state *rstate) { + memset(rstate, 0, sizeof(*rstate)); +} + +ssize_t nghttp3_read_varint(nghttp3_varint_read_state *rvint, + const uint8_t *src, size_t srclen, int fin) { + size_t nread = 0; + size_t n; + size_t i; + + assert(srclen > 0); + + if (rvint->left == 0) { + assert(rvint->acc == 0); + + rvint->left = nghttp3_get_varint_len(src); + if (rvint->left <= srclen) { + rvint->acc = nghttp3_get_varint(&nread, src); + rvint->left = 0; + return (ssize_t)nread; + } + + if (fin) { + return NGHTTP3_ERR_INVALID_ARGUMENT; + } + + rvint->acc = nghttp3_get_varint_fb(src); + nread = 1; + ++src; + --srclen; + --rvint->left; + } + + n = nghttp3_min(rvint->left, srclen); + + for (i = 0; i < n; ++i) { + rvint->acc = (rvint->acc << 8) + src[i]; + } + + rvint->left -= n; + nread += n; + + if (fin && rvint->left) { + return NGHTTP3_ERR_INVALID_ARGUMENT; + } + + return (ssize_t)nread; +} + +int nghttp3_stream_frq_add(nghttp3_stream *stream, + const nghttp3_frame_entry *frent) { + nghttp3_ringbuf *frq = &stream->frq; + nghttp3_frame_entry *dest; + int rv; + + if (nghttp3_ringbuf_full(frq)) { + rv = nghttp3_ringbuf_reserve(frq, nghttp3_ringbuf_len(frq) * 2); + if (rv != 0) { + return rv; + } + } + + dest = nghttp3_ringbuf_push_back(frq); + *dest = *frent; + + return 0; +} + +int nghttp3_stream_fill_outq(nghttp3_stream *stream) { + nghttp3_ringbuf *frq = &stream->frq; + nghttp3_frame_entry *frent; + int data_eof; + int rv; + + for (; nghttp3_ringbuf_len(frq) && !nghttp3_stream_outq_is_full(stream) && + stream->unsent_bytes < NGHTTP3_MIN_UNSENT_BYTES;) { + frent = nghttp3_ringbuf_get(frq, 0); + + switch (frent->fr.hd.type) { + case NGHTTP3_FRAME_SETTINGS: + rv = nghttp3_stream_write_settings(stream, frent); + if (rv != 0) { + return rv; + } + break; + case NGHTTP3_FRAME_PRIORITY: + rv = nghttp3_stream_write_priority(stream, frent); + if (rv != 0) { + return rv; + } + break; + case NGHTTP3_FRAME_HEADERS: + rv = nghttp3_stream_write_headers(stream, frent); + if (rv != 0) { + return rv; + } + nghttp3_frame_headers_free(&frent->fr.headers, stream->mem); + break; + case NGHTTP3_FRAME_PUSH_PROMISE: + rv = nghttp3_stream_write_push_promise(stream, frent); + if (rv != 0) { + return rv; + } + nghttp3_frame_push_promise_free(&frent->fr.push_promise, stream->mem); + break; + case NGHTTP3_FRAME_CANCEL_PUSH: + rv = nghttp3_stream_write_cancel_push(stream, frent); + if (rv != 0) { + return rv; + } + break; + case NGHTTP3_FRAME_DATA: + rv = nghttp3_stream_write_data(stream, &data_eof, frent); + if (rv != 0) { + return rv; + } + if (stream->flags & NGHTTP3_STREAM_FLAG_READ_DATA_BLOCKED) { + return 0; + } + if (!data_eof) { + return 0; + } + break; + case NGHTTP3_FRAME_MAX_PUSH_ID: + rv = nghttp3_stream_write_max_push_id(stream, frent); + if (rv != 0) { + return rv; + } + break; + default: + /* TODO Not implemented */ + break; + } + + nghttp3_ringbuf_pop_front(frq); + } + + return 0; +} + +static void typed_buf_shared_init(nghttp3_typed_buf *tbuf, + const nghttp3_buf *chunk) { + nghttp3_typed_buf_init(tbuf, chunk, NGHTTP3_BUF_TYPE_SHARED); + tbuf->buf.pos = tbuf->buf.last; +} + +int nghttp3_stream_write_stream_type(nghttp3_stream *stream) { + size_t len = nghttp3_put_varint_len((int64_t)stream->type); + nghttp3_buf *chunk; + nghttp3_typed_buf tbuf; + int rv; + + rv = nghttp3_stream_ensure_chunk(stream, len); + if (rv != 0) { + return rv; + } + + chunk = nghttp3_stream_get_chunk(stream); + typed_buf_shared_init(&tbuf, chunk); + + chunk->last = nghttp3_put_varint(chunk->last, (int64_t)stream->type); + tbuf.buf.last = chunk->last; + + return nghttp3_stream_outq_add(stream, &tbuf); +} + +int nghttp3_stream_write_stream_type_push_id(nghttp3_stream *stream) { + size_t len; + nghttp3_buf *chunk; + nghttp3_typed_buf tbuf; + int rv; + nghttp3_push_promise *pp = stream->pp; + + assert(stream->type == NGHTTP3_STREAM_TYPE_PUSH); + assert(pp); + + len = nghttp3_put_varint_len((int64_t)stream->type) + + nghttp3_put_varint_len(pp->node.nid.id); + + rv = nghttp3_stream_ensure_chunk(stream, len); + if (rv != 0) { + return rv; + } + + chunk = nghttp3_stream_get_chunk(stream); + typed_buf_shared_init(&tbuf, chunk); + + chunk->last = nghttp3_put_varint(chunk->last, (int64_t)stream->type); + chunk->last = nghttp3_put_varint(chunk->last, pp->node.nid.id); + tbuf.buf.last = chunk->last; + + return nghttp3_stream_outq_add(stream, &tbuf); +} + +int nghttp3_stream_write_settings(nghttp3_stream *stream, + nghttp3_frame_entry *frent) { + size_t len; + int rv; + nghttp3_buf *chunk; + nghttp3_typed_buf tbuf; + struct { + nghttp3_frame_settings settings; + nghttp3_settings_entry iv[15]; + } fr; + nghttp3_settings_entry *iv; + nghttp3_conn_settings *local_settings = frent->aux.settings.local_settings; + + fr.settings.hd.type = NGHTTP3_FRAME_SETTINGS; + fr.settings.niv = 0; + iv = fr.settings.iv; + + if (local_settings->max_header_list_size) { + iv[fr.settings.niv].id = NGHTTP3_SETTINGS_ID_MAX_HEADER_LIST_SIZE; + iv[fr.settings.niv].value = local_settings->max_header_list_size; + ++fr.settings.niv; + } + if (local_settings->num_placeholders) { + iv[fr.settings.niv].id = NGHTTP3_SETTINGS_ID_NUM_PLACEHOLDERS; + iv[fr.settings.niv].value = local_settings->num_placeholders; + ++fr.settings.niv; + } + if (local_settings->qpack_max_table_capacity) { + iv[fr.settings.niv].id = NGHTTP3_SETTINGS_ID_QPACK_MAX_TABLE_CAPACITY; + iv[fr.settings.niv].value = local_settings->qpack_max_table_capacity; + ++fr.settings.niv; + } + if (local_settings->qpack_blocked_streams) { + iv[fr.settings.niv].id = NGHTTP3_SETTINGS_ID_QPACK_BLOCKED_STREAMS; + iv[fr.settings.niv].value = local_settings->qpack_blocked_streams; + ++fr.settings.niv; + } + + len = nghttp3_frame_write_settings_len(&fr.settings.hd.length, &fr.settings); + + rv = nghttp3_stream_ensure_chunk(stream, len); + if (rv != 0) { + return rv; + } + + chunk = nghttp3_stream_get_chunk(stream); + typed_buf_shared_init(&tbuf, chunk); + + chunk->last = nghttp3_frame_write_settings(chunk->last, &fr.settings); + + tbuf.buf.last = chunk->last; + + return nghttp3_stream_outq_add(stream, &tbuf); +} + +int nghttp3_stream_write_priority(nghttp3_stream *stream, + nghttp3_frame_entry *frent) { + nghttp3_frame_priority *fr = &frent->fr.priority; + size_t len; + int rv; + nghttp3_buf *chunk; + nghttp3_typed_buf tbuf; + + len = nghttp3_frame_write_priority_len(&fr->hd.length, fr); + + rv = nghttp3_stream_ensure_chunk(stream, len); + if (rv != 0) { + return rv; + } + + chunk = nghttp3_stream_get_chunk(stream); + typed_buf_shared_init(&tbuf, chunk); + + chunk->last = nghttp3_frame_write_priority(chunk->last, fr); + + tbuf.buf.last = chunk->last; + + return nghttp3_stream_outq_add(stream, &tbuf); +} + +int nghttp3_stream_write_cancel_push(nghttp3_stream *stream, + nghttp3_frame_entry *frent) { + nghttp3_frame_cancel_push *fr = &frent->fr.cancel_push; + size_t len; + int rv; + nghttp3_buf *chunk; + nghttp3_typed_buf tbuf; + + len = nghttp3_frame_write_cancel_push_len(&fr->hd.length, fr); + + rv = nghttp3_stream_ensure_chunk(stream, len); + if (rv != 0) { + return rv; + } + + chunk = nghttp3_stream_get_chunk(stream); + typed_buf_shared_init(&tbuf, chunk); + + chunk->last = nghttp3_frame_write_cancel_push(chunk->last, fr); + + tbuf.buf.last = chunk->last; + + return nghttp3_stream_outq_add(stream, &tbuf); +} + +int nghttp3_stream_write_max_push_id(nghttp3_stream *stream, + nghttp3_frame_entry *frent) { + nghttp3_frame_max_push_id *fr = &frent->fr.max_push_id; + nghttp3_conn *conn = stream->conn; + size_t len; + int rv; + nghttp3_buf *chunk; + nghttp3_typed_buf tbuf; + + assert(conn); + assert(conn->flags & NGHTTP3_CONN_FLAG_MAX_PUSH_ID_QUEUED); + + fr->push_id = (int64_t)conn->remote.uni.unsent_max_pushes - 1; + conn->remote.uni.max_pushes = conn->remote.uni.unsent_max_pushes; + conn->flags &= (uint16_t)~NGHTTP3_CONN_FLAG_MAX_PUSH_ID_QUEUED; + + len = nghttp3_frame_write_max_push_id_len(&fr->hd.length, fr); + + rv = nghttp3_stream_ensure_chunk(stream, len); + if (rv != 0) { + return rv; + } + + chunk = nghttp3_stream_get_chunk(stream); + typed_buf_shared_init(&tbuf, chunk); + + chunk->last = nghttp3_frame_write_max_push_id(chunk->last, fr); + + tbuf.buf.last = chunk->last; + + return nghttp3_stream_outq_add(stream, &tbuf); +} + +int nghttp3_stream_write_headers(nghttp3_stream *stream, + nghttp3_frame_entry *frent) { + nghttp3_frame_headers *fr = &frent->fr.headers; + nghttp3_conn *conn = stream->conn; + + assert(conn); + + return nghttp3_stream_write_header_block(stream, &conn->qenc, conn->tx.qenc, + NGHTTP3_FRAME_HEADERS, 0, fr->nva, + fr->nvlen); +} + +int nghttp3_stream_write_push_promise(nghttp3_stream *stream, + nghttp3_frame_entry *frent) { + nghttp3_frame_push_promise *fr = &frent->fr.push_promise; + nghttp3_conn *conn = stream->conn; + + assert(conn); + + return nghttp3_stream_write_header_block(stream, &conn->qenc, conn->tx.qenc, + NGHTTP3_FRAME_PUSH_PROMISE, + fr->push_id, fr->nva, fr->nvlen); +} + +int nghttp3_stream_write_header_block(nghttp3_stream *stream, + nghttp3_qpack_encoder *qenc, + nghttp3_stream *qenc_stream, + int64_t frame_type, int64_t push_id, + const nghttp3_nv *nva, size_t nvlen) { + nghttp3_buf pbuf, rbuf, ebuf; + int rv; + size_t len; + nghttp3_buf *chunk; + nghttp3_typed_buf tbuf; + nghttp3_frame_hd hd; + size_t push_idlen = 0; + + nghttp3_buf_init(&pbuf); + nghttp3_buf_init(&rbuf); + nghttp3_buf_init(&ebuf); + + rv = nghttp3_qpack_encoder_encode(qenc, &pbuf, &rbuf, &ebuf, + stream->node.nid.id, nva, nvlen); + if (rv != 0) { + goto fail; + } + + if (frame_type == NGHTTP3_FRAME_PUSH_PROMISE) { + push_idlen = nghttp3_put_varint_len(push_id); + } + + hd.type = frame_type; + hd.length = + (int64_t)(nghttp3_buf_len(&pbuf) + nghttp3_buf_len(&rbuf) + push_idlen); + + len = nghttp3_frame_write_hd_len(&hd) + push_idlen; + + rv = nghttp3_stream_ensure_chunk(stream, len); + if (rv != 0) { + goto fail; + } + + chunk = nghttp3_stream_get_chunk(stream); + typed_buf_shared_init(&tbuf, chunk); + + chunk->last = nghttp3_frame_write_hd(chunk->last, &hd); + + if (push_idlen) { + chunk->last = nghttp3_put_varint(chunk->last, push_id); + } + + tbuf.buf.last = chunk->last; + + rv = nghttp3_stream_outq_add(stream, &tbuf); + if (rv != 0) { + goto fail; + } + + nghttp3_typed_buf_init(&tbuf, &pbuf, NGHTTP3_BUF_TYPE_PRIVATE); + rv = nghttp3_stream_outq_add(stream, &tbuf); + if (rv != 0) { + goto fail; + } + nghttp3_buf_init(&pbuf); + + if (nghttp3_buf_len(&rbuf)) { + nghttp3_typed_buf_init(&tbuf, &rbuf, NGHTTP3_BUF_TYPE_PRIVATE); + rv = nghttp3_stream_outq_add(stream, &tbuf); + if (rv != 0) { + goto fail; + } + nghttp3_buf_init(&rbuf); + } + + if (nghttp3_buf_len(&ebuf)) { + assert(qenc_stream); + + nghttp3_typed_buf_init(&tbuf, &ebuf, NGHTTP3_BUF_TYPE_PRIVATE); + rv = nghttp3_stream_outq_add(qenc_stream, &tbuf); + if (rv != 0) { + nghttp3_buf_free(&ebuf, stream->mem); + return rv; + } + nghttp3_buf_init(&ebuf); + } + + assert(0 == nghttp3_buf_len(&pbuf)); + assert(0 == nghttp3_buf_len(&rbuf)); + assert(0 == nghttp3_buf_len(&ebuf)); + + return 0; + +fail: + nghttp3_buf_free(&ebuf, stream->mem); + nghttp3_buf_free(&rbuf, stream->mem); + nghttp3_buf_free(&pbuf, stream->mem); + + return rv; +} + +int nghttp3_stream_write_data(nghttp3_stream *stream, int *peof, + nghttp3_frame_entry *frent) { + int rv; + size_t len; + nghttp3_typed_buf tbuf; + nghttp3_buf buf; + nghttp3_buf *chunk; + nghttp3_read_data_callback read_data = frent->aux.data.dr.read_data; + nghttp3_conn *conn = stream->conn; + const uint8_t *data = NULL; + size_t datalen = 0; + uint32_t flags = 0; + nghttp3_frame_hd hd; + + assert(!(stream->flags & NGHTTP3_STREAM_FLAG_READ_DATA_BLOCKED)); + assert(read_data); + assert(conn); + + *peof = 0; + + rv = read_data(conn, stream->node.nid.id, &data, &datalen, &flags, + conn->user_data, stream->user_data); + if (rv != 0) { + if (rv == NGHTTP3_ERR_WOULDBLOCK) { + stream->flags |= NGHTTP3_STREAM_FLAG_READ_DATA_BLOCKED; + return 0; + } + return NGHTTP3_ERR_CALLBACK_FAILURE; + } + + assert(datalen || flags & NGHTTP3_DATA_FLAG_EOF); + + if (flags & NGHTTP3_DATA_FLAG_EOF) { + *peof = 1; + if (!(flags & NGHTTP3_DATA_FLAG_NO_END_STREAM)) { + stream->flags |= NGHTTP3_STREAM_FLAG_WRITE_END_STREAM; + } + } + + hd.type = NGHTTP3_FRAME_DATA; + hd.length = (int64_t)datalen; + + len = nghttp3_frame_write_hd_len(&hd); + + rv = nghttp3_stream_ensure_chunk(stream, len); + if (rv != 0) { + return rv; + } + + chunk = nghttp3_stream_get_chunk(stream); + typed_buf_shared_init(&tbuf, chunk); + + chunk->last = nghttp3_frame_write_hd(chunk->last, &hd); + + tbuf.buf.last = chunk->last; + + rv = nghttp3_stream_outq_add(stream, &tbuf); + if (rv != 0) { + return rv; + } + + if (datalen) { + nghttp3_buf_wrap_init(&buf, (uint8_t *)data, datalen); + buf.last = buf.end; + nghttp3_typed_buf_init(&tbuf, &buf, NGHTTP3_BUF_TYPE_ALIEN); + rv = nghttp3_stream_outq_add(stream, &tbuf); + if (rv != 0) { + return rv; + } + } + + return 0; +} + +int nghttp3_stream_write_qpack_decoder_stream(nghttp3_stream *stream) { + nghttp3_qpack_decoder *qdec; + nghttp3_buf dbuf; + int rv; + nghttp3_typed_buf tbuf; + + assert(stream->conn); + assert(stream->conn->tx.qdec == stream); + + qdec = &stream->conn->qdec; + + assert(qdec); + + nghttp3_buf_init(&dbuf); + + rv = nghttp3_qpack_decoder_write_decoder(qdec, &dbuf); + if (rv != 0) { + return rv; + } + + if (nghttp3_buf_len(&dbuf) == 0) { + return 0; + } + + nghttp3_typed_buf_init(&tbuf, &dbuf, NGHTTP3_BUF_TYPE_PRIVATE); + rv = nghttp3_stream_outq_add(stream, &tbuf); + if (rv != 0) { + nghttp3_buf_free(&dbuf, stream->mem); + return rv; + } + + return 0; +} + +int nghttp3_stream_outq_is_full(nghttp3_stream *stream) { + /* TODO Verify that the limit is reasonable. */ + return nghttp3_ringbuf_len(&stream->outq) >= 1024; +} + +int nghttp3_stream_outq_add(nghttp3_stream *stream, + const nghttp3_typed_buf *tbuf) { + nghttp3_ringbuf *outq = &stream->outq; + int rv; + nghttp3_typed_buf *dest; + size_t len = nghttp3_ringbuf_len(outq); + + stream->unsent_bytes += nghttp3_buf_len(&tbuf->buf); + + if (len) { + dest = nghttp3_ringbuf_get(outq, len - 1); + if (dest->type == tbuf->type && dest->type == NGHTTP3_BUF_TYPE_SHARED && + dest->buf.begin == tbuf->buf.begin && dest->buf.last == tbuf->buf.pos) { + dest->buf.last = tbuf->buf.last; + dest->buf.end = tbuf->buf.end; + return 0; + } + } + + if (nghttp3_ringbuf_full(outq)) { + rv = nghttp3_ringbuf_reserve(outq, len * 2); + if (rv != 0) { + return rv; + } + } + + dest = nghttp3_ringbuf_push_back(outq); + *dest = *tbuf; + + return 0; +} + +int nghttp3_stream_ensure_chunk(nghttp3_stream *stream, size_t need) { + nghttp3_ringbuf *chunks = &stream->chunks; + nghttp3_buf *chunk; + size_t len = nghttp3_ringbuf_len(chunks); + uint8_t *p; + int rv; + + if (len) { + chunk = nghttp3_ringbuf_get(chunks, len - 1); + if (nghttp3_buf_left(chunk) >= need) { + return 0; + } + } + + assert(NGHTTP3_STREAM_CHUNK_SIZE >= need); + + p = nghttp3_mem_malloc(stream->mem, NGHTTP3_STREAM_CHUNK_SIZE); + if (p == NULL) { + return NGHTTP3_ERR_NOMEM; + } + + if (nghttp3_ringbuf_full(chunks)) { + rv = nghttp3_ringbuf_reserve(chunks, len * 2); + if (rv != 0) { + return rv; + } + } + + chunk = nghttp3_ringbuf_push_back(chunks); + nghttp3_buf_wrap_init(chunk, p, NGHTTP3_STREAM_CHUNK_SIZE); + + return 0; +} + +nghttp3_buf *nghttp3_stream_get_chunk(nghttp3_stream *stream) { + nghttp3_ringbuf *chunks = &stream->chunks; + size_t len = nghttp3_ringbuf_len(chunks); + + assert(len); + + return nghttp3_ringbuf_get(chunks, len - 1); +} + +int nghttp3_stream_is_blocked(nghttp3_stream *stream) { + return (stream->flags & NGHTTP3_STREAM_FLAG_FC_BLOCKED) || + (stream->flags & NGHTTP3_STREAM_FLAG_READ_DATA_BLOCKED); +} + +int nghttp3_stream_is_active(nghttp3_stream *stream) { + return (!nghttp3_stream_outq_write_done(stream) || + nghttp3_ringbuf_len(&stream->frq)) && + !nghttp3_stream_is_blocked(stream); +} + +int nghttp3_stream_require_schedule(nghttp3_stream *stream) { + return nghttp3_stream_is_active(stream) || + nghttp3_tnode_has_active_descendant(&stream->node); +} + +ssize_t nghttp3_stream_writev(nghttp3_stream *stream, int *pfin, + nghttp3_vec *vec, size_t veccnt) { + nghttp3_ringbuf *outq = &stream->outq; + size_t len = nghttp3_ringbuf_len(outq); + size_t i; + size_t offset = stream->outq_offset; + size_t buflen; + nghttp3_vec *vbegin = vec, *vend = vec + veccnt; + nghttp3_typed_buf *tbuf; + + assert(veccnt > 0); + + for (i = stream->outq_idx; i < len; ++i) { + tbuf = nghttp3_ringbuf_get(outq, i); + buflen = nghttp3_buf_len(&tbuf->buf); + if (offset >= buflen) { + offset -= buflen; + continue; + } + + vec->base = tbuf->buf.pos + offset; + vec->len = buflen - offset; + ++vec; + ++i; + break; + } + + for (; i < len && vec != vend; ++i, ++vec) { + tbuf = nghttp3_ringbuf_get(outq, i); + vec->base = tbuf->buf.pos; + vec->len = nghttp3_buf_len(&tbuf->buf); + } + + /* TODO Rework this if we have finished implementing HTTP + messaging */ + *pfin = nghttp3_ringbuf_len(&stream->frq) == 0 && i == len && + (stream->flags & NGHTTP3_STREAM_FLAG_WRITE_END_STREAM); + + return vec - vbegin; +} + +int nghttp3_stream_add_outq_offset(nghttp3_stream *stream, size_t n) { + nghttp3_ringbuf *outq = &stream->outq; + size_t i; + size_t len = nghttp3_ringbuf_len(outq); + size_t offset = stream->outq_offset + n; + size_t buflen; + nghttp3_typed_buf *tbuf; + + for (i = stream->outq_idx; i < len; ++i) { + tbuf = nghttp3_ringbuf_get(outq, i); + buflen = nghttp3_buf_len(&tbuf->buf); + if (offset >= buflen) { + offset -= buflen; + continue; + } + + break; + } + + assert(i < len || offset == 0); + + stream->unsent_bytes -= n; + stream->outq_idx = i; + stream->outq_offset = offset; + + return 0; +} + +int nghttp3_stream_outq_write_done(nghttp3_stream *stream) { + nghttp3_ringbuf *outq = &stream->outq; + size_t len = nghttp3_ringbuf_len(outq); + + return len == 0 || stream->outq_idx >= len; +} + +static int stream_pop_outq_entry(nghttp3_stream *stream, + nghttp3_typed_buf *tbuf) { + nghttp3_ringbuf *chunks = &stream->chunks; + nghttp3_buf *chunk; + + switch (tbuf->type) { + case NGHTTP3_BUF_TYPE_PRIVATE: + nghttp3_buf_free(&tbuf->buf, stream->mem); + break; + case NGHTTP3_BUF_TYPE_ALIEN: + break; + default: + assert(nghttp3_ringbuf_len(chunks)); + + chunk = nghttp3_ringbuf_get(chunks, 0); + + assert(chunk->begin == tbuf->buf.begin); + assert(chunk->end == tbuf->buf.end); + + if (chunk->last == tbuf->buf.last) { + nghttp3_buf_free(chunk, stream->mem); + nghttp3_ringbuf_pop_front(chunks); + } + }; + + nghttp3_ringbuf_pop_front(&stream->outq); + + return 0; +} + +int nghttp3_stream_add_ack_offset(nghttp3_stream *stream, size_t n) { + nghttp3_ringbuf *outq = &stream->outq; + size_t offset = stream->ack_offset + n; + size_t buflen; + size_t npopped = 0; + size_t nack; + nghttp3_typed_buf *tbuf; + int rv; + + for (; nghttp3_ringbuf_len(outq);) { + tbuf = nghttp3_ringbuf_get(outq, 0); + buflen = nghttp3_buf_len(&tbuf->buf); + + if (tbuf->type == NGHTTP3_BUF_TYPE_ALIEN) { + nack = nghttp3_min(offset, buflen) - stream->ack_done; + if (stream->callbacks.acked_data) { + rv = stream->callbacks.acked_data(stream, stream->node.nid.id, nack, + stream->user_data); + if (rv != 0) { + return NGHTTP3_ERR_CALLBACK_FAILURE; + } + } + stream->ack_done += nack; + } + + if (offset >= buflen) { + rv = stream_pop_outq_entry(stream, tbuf); + if (rv != 0) { + return rv; + } + + offset -= buflen; + ++npopped; + stream->ack_done = 0; + + if (stream->outq_idx + 1 == npopped) { + stream->outq_offset = 0; + break; + } + + continue; + } + + break; + } + + assert(stream->outq_idx + 1 >= npopped); + if (stream->outq_idx >= npopped) { + stream->outq_idx -= npopped; + } else { + stream->outq_idx = 0; + } + + stream->ack_offset = offset; + + return 0; +} + +static nghttp3_tnode *stream_get_dependency_node(nghttp3_stream *stream) { + if (stream->pp) { + assert(stream->type == NGHTTP3_STREAM_TYPE_PUSH); + return &stream->pp->node; + } + + return &stream->node; +} + +int nghttp3_stream_schedule(nghttp3_stream *stream) { + int rv; + + rv = nghttp3_tnode_schedule(stream_get_dependency_node(stream), + stream->unscheduled_nwrite); + if (rv != 0) { + return rv; + } + + stream->unscheduled_nwrite = 0; + + return 0; +} + +int nghttp3_stream_ensure_scheduled(nghttp3_stream *stream) { + if (nghttp3_tnode_is_scheduled(stream_get_dependency_node(stream))) { + return 0; + } + + return nghttp3_stream_schedule(stream); +} + +void nghttp3_stream_unschedule(nghttp3_stream *stream) { + nghttp3_tnode_unschedule(stream_get_dependency_node(stream)); +} + +int nghttp3_stream_squash(nghttp3_stream *stream) { + nghttp3_tnode *node = stream_get_dependency_node(stream); + + if (!node->parent) { + return 0; + } + return nghttp3_tnode_squash(stream_get_dependency_node(stream)); +} + +int nghttp3_stream_buffer_data(nghttp3_stream *stream, const uint8_t *data, + size_t datalen) { + nghttp3_ringbuf *inq = &stream->inq; + size_t len = nghttp3_ringbuf_len(inq); + nghttp3_buf *buf; + size_t nwrite; + uint8_t *rawbuf; + size_t bufleft; + int rv; + + if (len) { + buf = nghttp3_ringbuf_get(inq, len - 1); + bufleft = nghttp3_buf_left(buf); + nwrite = nghttp3_min(datalen, bufleft); + buf->last = nghttp3_cpymem(buf->last, data, nwrite); + data += nwrite; + datalen -= nwrite; + if (len == 0) { + return 0; + } + } + + for (; datalen;) { + if (nghttp3_ringbuf_full(inq)) { + rv = nghttp3_ringbuf_reserve(inq, nghttp3_ringbuf_len(inq) * 2); + if (rv != 0) { + return rv; + } + } + + rawbuf = nghttp3_mem_malloc(stream->mem, 16384); + if (rawbuf == NULL) { + return NGHTTP3_ERR_NOMEM; + } + + buf = nghttp3_ringbuf_push_back(inq); + nghttp3_buf_wrap_init(buf, rawbuf, 16384); + bufleft = nghttp3_buf_left(buf); + nwrite = nghttp3_min(datalen, bufleft); + buf->last = nghttp3_cpymem(buf->last, data, nwrite); + data += nwrite; + datalen -= nwrite; + } + + return 0; +} + +size_t nghttp3_stream_get_buffered_datalen(nghttp3_stream *stream) { + nghttp3_ringbuf *inq = &stream->inq; + size_t len = nghttp3_ringbuf_len(inq); + size_t i, n = 0; + nghttp3_buf *buf; + + for (i = 0; i < len; ++i) { + buf = nghttp3_ringbuf_get(inq, i); + n += nghttp3_buf_len(buf); + } + + return n; +} + +void nghttp3_stream_clear_buffered_data(nghttp3_stream *stream) { + nghttp3_ringbuf *inq = &stream->inq; + nghttp3_buf *buf; + + for (; nghttp3_ringbuf_len(inq);) { + buf = nghttp3_ringbuf_get(inq, 0); + nghttp3_buf_free(buf, stream->mem); + nghttp3_ringbuf_pop_front(inq); + } +} + +int nghttp3_stream_transit_rx_http_state(nghttp3_stream *stream, + nghttp3_stream_http_event event) { + int rv; + + switch (stream->rx.hstate) { + case NGHTTP3_HTTP_STATE_NONE: + return NGHTTP3_ERR_HTTP_INTERNAL_ERROR; + case NGHTTP3_HTTP_STATE_REQ_INITIAL: + switch (event) { + case NGHTTP3_HTTP_EVENT_HEADERS_BEGIN: + stream->rx.hstate = NGHTTP3_HTTP_STATE_REQ_HEADERS_BEGIN; + return 0; + default: + return NGHTTP3_ERR_HTTP_UNEXPECTED_FRAME; + } + case NGHTTP3_HTTP_STATE_REQ_HEADERS_BEGIN: + if (event != NGHTTP3_HTTP_EVENT_HEADERS_END) { + return NGHTTP3_ERR_HTTP_GENERAL_PROTOCOL_ERROR; + } + stream->rx.hstate = NGHTTP3_HTTP_STATE_REQ_HEADERS_END; + return 0; + case NGHTTP3_HTTP_STATE_REQ_HEADERS_END: + switch (event) { + case NGHTTP3_HTTP_EVENT_HEADERS_BEGIN: + /* TODO Better to check status code */ + if (stream->rx.http.flags & NGHTTP3_HTTP_FLAG_METH_CONNECT) { + return NGHTTP3_ERR_HTTP_UNEXPECTED_FRAME; + } + rv = nghttp3_http_on_remote_end_stream(stream); + if (rv != 0) { + return rv; + } + stream->rx.hstate = NGHTTP3_HTTP_STATE_REQ_TRAILERS_BEGIN; + return 0; + case NGHTTP3_HTTP_EVENT_DATA_BEGIN: + stream->rx.hstate = NGHTTP3_HTTP_STATE_REQ_DATA_BEGIN; + return 0; + case NGHTTP3_HTTP_EVENT_MSG_END: + stream->rx.hstate = NGHTTP3_HTTP_STATE_REQ_END; + return 0; + default: + return NGHTTP3_ERR_HTTP_UNEXPECTED_FRAME; + } + case NGHTTP3_HTTP_STATE_REQ_DATA_BEGIN: + if (event != NGHTTP3_HTTP_EVENT_DATA_END) { + return NGHTTP3_ERR_HTTP_GENERAL_PROTOCOL_ERROR; + } + stream->rx.hstate = NGHTTP3_HTTP_STATE_REQ_DATA_END; + return 0; + case NGHTTP3_HTTP_STATE_REQ_DATA_END: + switch (event) { + case NGHTTP3_HTTP_EVENT_DATA_BEGIN: + stream->rx.hstate = NGHTTP3_HTTP_STATE_REQ_DATA_BEGIN; + return 0; + case NGHTTP3_HTTP_EVENT_HEADERS_BEGIN: + /* TODO Better to check status code */ + if (stream->rx.http.flags & NGHTTP3_HTTP_FLAG_METH_CONNECT) { + return NGHTTP3_ERR_HTTP_UNEXPECTED_FRAME; + } + rv = nghttp3_http_on_remote_end_stream(stream); + if (rv != 0) { + return rv; + } + stream->rx.hstate = NGHTTP3_HTTP_STATE_REQ_TRAILERS_BEGIN; + return 0; + case NGHTTP3_HTTP_EVENT_MSG_END: + stream->rx.hstate = NGHTTP3_HTTP_STATE_REQ_END; + return 0; + default: + return NGHTTP3_ERR_HTTP_UNEXPECTED_FRAME; + } + case NGHTTP3_HTTP_STATE_REQ_TRAILERS_BEGIN: + if (event != NGHTTP3_HTTP_EVENT_HEADERS_END) { + return NGHTTP3_ERR_HTTP_GENERAL_PROTOCOL_ERROR; + } + stream->rx.hstate = NGHTTP3_HTTP_STATE_REQ_TRAILERS_END; + return 0; + case NGHTTP3_HTTP_STATE_REQ_TRAILERS_END: + if (event != NGHTTP3_HTTP_EVENT_MSG_END) { + /* TODO Should ignore unexpected frame in this state as per + spec. */ + return NGHTTP3_ERR_HTTP_UNEXPECTED_FRAME; + } + stream->rx.hstate = NGHTTP3_HTTP_STATE_REQ_END; + return 0; + case NGHTTP3_HTTP_STATE_REQ_END: + return NGHTTP3_ERR_HTTP_GENERAL_PROTOCOL_ERROR; + case NGHTTP3_HTTP_STATE_RESP_INITIAL: + if (event != NGHTTP3_HTTP_EVENT_HEADERS_BEGIN) { + return NGHTTP3_ERR_HTTP_UNEXPECTED_FRAME; + } + stream->rx.hstate = NGHTTP3_HTTP_STATE_RESP_HEADERS_BEGIN; + return 0; + case NGHTTP3_HTTP_STATE_RESP_HEADERS_BEGIN: + if (event != NGHTTP3_HTTP_EVENT_HEADERS_END) { + return NGHTTP3_ERR_HTTP_GENERAL_PROTOCOL_ERROR; + } + stream->rx.hstate = NGHTTP3_HTTP_STATE_RESP_HEADERS_END; + return 0; + case NGHTTP3_HTTP_STATE_RESP_HEADERS_END: + switch (event) { + case NGHTTP3_HTTP_EVENT_HEADERS_BEGIN: + if (stream->rx.http.status_code == -1) { + stream->rx.hstate = NGHTTP3_HTTP_STATE_RESP_HEADERS_BEGIN; + return 0; + } + if ((stream->rx.http.flags & NGHTTP3_HTTP_FLAG_METH_CONNECT) && + stream->rx.http.status_code / 100 == 2) { + return NGHTTP3_ERR_HTTP_UNEXPECTED_FRAME; + } + rv = nghttp3_http_on_remote_end_stream(stream); + if (rv != 0) { + return rv; + } + stream->rx.hstate = NGHTTP3_HTTP_STATE_RESP_TRAILERS_BEGIN; + return 0; + case NGHTTP3_HTTP_EVENT_DATA_BEGIN: + if (stream->rx.http.flags & NGHTTP3_HTTP_FLAG_EXPECT_FINAL_RESPONSE) { + return NGHTTP3_ERR_HTTP_UNEXPECTED_FRAME; + } + stream->rx.hstate = NGHTTP3_HTTP_STATE_RESP_DATA_BEGIN; + return 0; + case NGHTTP3_HTTP_EVENT_MSG_END: + stream->rx.hstate = NGHTTP3_HTTP_STATE_RESP_END; + return 0; + default: + return NGHTTP3_ERR_HTTP_UNEXPECTED_FRAME; + } + case NGHTTP3_HTTP_STATE_RESP_DATA_BEGIN: + if (event != NGHTTP3_HTTP_EVENT_DATA_END) { + return NGHTTP3_ERR_HTTP_GENERAL_PROTOCOL_ERROR; + } + stream->rx.hstate = NGHTTP3_HTTP_STATE_RESP_DATA_END; + return 0; + case NGHTTP3_HTTP_STATE_RESP_DATA_END: + switch (event) { + case NGHTTP3_HTTP_EVENT_DATA_BEGIN: + stream->rx.hstate = NGHTTP3_HTTP_STATE_RESP_DATA_BEGIN; + return 0; + case NGHTTP3_HTTP_EVENT_HEADERS_BEGIN: + if ((stream->rx.http.flags & NGHTTP3_HTTP_FLAG_METH_CONNECT) && + stream->rx.http.status_code / 100 == 2) { + return NGHTTP3_ERR_HTTP_UNEXPECTED_FRAME; + } + rv = nghttp3_http_on_remote_end_stream(stream); + if (rv != 0) { + return rv; + } + stream->rx.hstate = NGHTTP3_HTTP_STATE_RESP_TRAILERS_BEGIN; + return 0; + case NGHTTP3_HTTP_EVENT_MSG_END: + stream->rx.hstate = NGHTTP3_HTTP_STATE_RESP_END; + return 0; + default: + return NGHTTP3_ERR_HTTP_UNEXPECTED_FRAME; + } + case NGHTTP3_HTTP_STATE_RESP_TRAILERS_BEGIN: + if (event != NGHTTP3_HTTP_EVENT_HEADERS_END) { + return NGHTTP3_ERR_HTTP_GENERAL_PROTOCOL_ERROR; + } + stream->rx.hstate = NGHTTP3_HTTP_STATE_RESP_TRAILERS_END; + return 0; + case NGHTTP3_HTTP_STATE_RESP_TRAILERS_END: + if (event != NGHTTP3_HTTP_EVENT_MSG_END) { + return NGHTTP3_ERR_HTTP_GENERAL_PROTOCOL_ERROR; + } + stream->rx.hstate = NGHTTP3_HTTP_STATE_RESP_END; + return 0; + case NGHTTP3_HTTP_STATE_RESP_END: + return NGHTTP3_ERR_HTTP_GENERAL_PROTOCOL_ERROR; + default: + assert(0); + } +} + +int nghttp3_stream_empty_headers_allowed(nghttp3_stream *stream) { + switch (stream->rx.hstate) { + case NGHTTP3_HTTP_STATE_REQ_TRAILERS_BEGIN: + case NGHTTP3_HTTP_STATE_RESP_TRAILERS_BEGIN: + return 0; + default: + return NGHTTP3_ERR_HTTP_GENERAL_PROTOCOL_ERROR; + } +} + +int nghttp3_stream_bidi_or_push(nghttp3_stream *stream) { + return (!nghttp3_stream_uni(stream->node.nid.id) || + stream->type == NGHTTP3_STREAM_TYPE_PUSH); +} + +int nghttp3_stream_uni(int64_t stream_id) { return (stream_id & 0x2) != 0; } + +int nghttp3_client_stream_bidi(int64_t stream_id) { + return (stream_id & 0x3) == 0; +} + +int nghttp3_client_stream_uni(int64_t stream_id) { + return (stream_id & 0x3) == 0x2; +} + +int nghttp3_server_stream_uni(int64_t stream_id) { + return (stream_id & 0x3) == 0x3; +} diff --git a/deps/nghttp3/lib/nghttp3_stream.h b/deps/nghttp3/lib/nghttp3_stream.h new file mode 100644 index 0000000000..50681bd2fb --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_stream.h @@ -0,0 +1,437 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGHTTP3_STREAM_H +#define NGHTTP3_STREAM_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include "nghttp3_map.h" +#include "nghttp3_tnode.h" +#include "nghttp3_ringbuf.h" +#include "nghttp3_buf.h" +#include "nghttp3_frame.h" +#include "nghttp3_qpack.h" + +#define NGHTTP3_STREAM_CHUNK_SIZE (16 * 1024) + +/* NGHTTP3_MIN_UNSENT_BYTES is the minimum unsent bytes which is large + enough to fill outgoing single QUIC packet. */ +#define NGHTTP3_MIN_UNSENT_BYTES 4096 + +/* nghttp3_stream_type is unidirectional stream type. */ +typedef enum { + NGHTTP3_STREAM_TYPE_CONTROL = 0x00, + NGHTTP3_STREAM_TYPE_PUSH = 0x01, + NGHTTP3_STREAM_TYPE_QPACK_ENCODER = 0x02, + NGHTTP3_STREAM_TYPE_QPACK_DECODER = 0x03, + NGHTTP3_STREAM_TYPE_UNKNOWN = UINT64_MAX, +} nghttp3_stream_type; + +typedef enum { + NGHTTP3_CTRL_STREAM_STATE_FRAME_TYPE, + NGHTTP3_CTRL_STREAM_STATE_FRAME_LENGTH, + NGHTTP3_CTRL_STREAM_STATE_PRIORITY, + NGHTTP3_CTRL_STREAM_STATE_PRIORITY_PRI_ELEM_ID, + NGHTTP3_CTRL_STREAM_STATE_PRIORITY_ELEM_DEP_ID, + NGHTTP3_CTRL_STREAM_STATE_PRIORITY_WEIGHT, + NGHTTP3_CTRL_STREAM_STATE_CANCEL_PUSH, + NGHTTP3_CTRL_STREAM_STATE_SETTINGS, + NGHTTP3_CTRL_STREAM_STATE_GOAWAY, + NGHTTP3_CTRL_STREAM_STATE_MAX_PUSH_ID, + NGHTTP3_CTRL_STREAM_STATE_IGN_FRAME, + NGHTTP3_CTRL_STREAM_STATE_SETTINGS_ID, + NGHTTP3_CTRL_STREAM_STATE_SETTINGS_VALUE, +} nghttp3_ctrl_stream_state; + +typedef enum { + NGHTTP3_REQ_STREAM_STATE_FRAME_TYPE, + NGHTTP3_REQ_STREAM_STATE_FRAME_LENGTH, + NGHTTP3_REQ_STREAM_STATE_DATA, + NGHTTP3_REQ_STREAM_STATE_HEADERS, + NGHTTP3_REQ_STREAM_STATE_PUSH_PROMISE_PUSH_ID, + NGHTTP3_REQ_STREAM_STATE_PUSH_PROMISE, + NGHTTP3_REQ_STREAM_STATE_DUPLICATE_PUSH, + NGHTTP3_REQ_STREAM_STATE_IGN_FRAME, +} nghttp3_req_stream_state; + +typedef enum { + NGHTTP3_PUSH_STREAM_STATE_FRAME_TYPE, + NGHTTP3_PUSH_STREAM_STATE_FRAME_LENGTH, + NGHTTP3_PUSH_STREAM_STATE_DATA, + NGHTTP3_PUSH_STREAM_STATE_HEADERS, + NGHTTP3_PUSH_STREAM_STATE_IGN_FRAME, + NGHTTP3_PUSH_STREAM_STATE_PUSH_ID, + NGHTTP3_PUSH_STREAM_STATE_IGN_REST, +} nghttp3_push_stream_state; + +typedef struct { + int64_t acc; + size_t left; +} nghttp3_varint_read_state; + +typedef struct { + nghttp3_varint_read_state rvint; + nghttp3_frame fr; + int state; + int64_t left; +} nghttp3_stream_read_state; + +typedef enum { + NGHTTP3_STREAM_FLAG_NONE = 0x0000, + NGHTTP3_STREAM_FLAG_TYPE_IDENTIFIED = 0x0001, + /* NGHTTP3_STREAM_FLAG_FC_BLOCKED indicates that stream is + blocked by QUIC flow control. */ + NGHTTP3_STREAM_FLAG_FC_BLOCKED = 0x0002, + /* NGHTTP3_STREAM_FLAG_READ_DATA_BLOCKED indicates that application + is temporarily unable to provide data. */ + NGHTTP3_STREAM_FLAG_READ_DATA_BLOCKED = 0x0004, + /* NGHTTP3_STREAM_FLAG_WRITE_END_STREAM indicates that application + finished to feed outgoing data. */ + NGHTTP3_STREAM_FLAG_WRITE_END_STREAM = 0x0008, + /* NGHTTP3_STREAM_FLAG_QPACK_DECODE_BLOCKED indicates that stream is + blocked due to QPACK decoding. */ + NGHTTP3_STREAM_FLAG_QPACK_DECODE_BLOCKED = 0x0010, + /* NGHTTP3_STREAM_FLAG_READ_EOF indicates that remote endpoint sent + fin. */ + NGHTTP3_STREAM_FLAG_READ_EOF = 0x0020, + /* NGHTTP3_STREAM_FLAG_CLOSED indicates that QUIC stream was closed. + nghttp3_stream object can still alive because it might be blocked + by QPACK decoder. */ + NGHTTP3_STREAM_FLAG_CLOSED = 0x0040, + /* NGHTTP3_STREAM_FLAG_PUSH_PROMISE_BLOCKED indicates that stream is + blocked because the corresponding PUSH_PROMISE has not been + received yet. */ + NGHTTP3_STREAM_FLAG_PUSH_PROMISE_BLOCKED = 0x0080, + /* NGHTTP3_STREAM_FLAG_CTRL_PRIORITY_APPLIED indicates that stream + has been prioritized by PRIORITY frame received in control + stream. */ + NGHTTP3_STREAM_FLAG_CTRL_PRIORITY_APPLIED = 0x0100, + /* NGHTTP3_STREAM_FLAG_RESET indicates that stream is reset. */ + NGHTTP3_STREAM_FLAG_RESET = 0x0200, +} nghttp3_stream_flag; + +typedef enum { + NGHTTP3_HTTP_STATE_NONE, + NGHTTP3_HTTP_STATE_REQ_INITIAL, + NGHTTP3_HTTP_STATE_REQ_BEGIN, + NGHTTP3_HTTP_STATE_REQ_PRIORITY_BEGIN, + NGHTTP3_HTTP_STATE_REQ_PRIORITY_END, + NGHTTP3_HTTP_STATE_REQ_HEADERS_BEGIN, + NGHTTP3_HTTP_STATE_REQ_HEADERS_END, + NGHTTP3_HTTP_STATE_REQ_DATA_BEGIN, + NGHTTP3_HTTP_STATE_REQ_DATA_END, + NGHTTP3_HTTP_STATE_REQ_TRAILERS_BEGIN, + NGHTTP3_HTTP_STATE_REQ_TRAILERS_END, + NGHTTP3_HTTP_STATE_REQ_END, + NGHTTP3_HTTP_STATE_RESP_INITIAL, + NGHTTP3_HTTP_STATE_RESP_BEGIN, + NGHTTP3_HTTP_STATE_RESP_HEADERS_BEGIN, + NGHTTP3_HTTP_STATE_RESP_HEADERS_END, + NGHTTP3_HTTP_STATE_RESP_DATA_BEGIN, + NGHTTP3_HTTP_STATE_RESP_DATA_END, + NGHTTP3_HTTP_STATE_RESP_TRAILERS_BEGIN, + NGHTTP3_HTTP_STATE_RESP_TRAILERS_END, + NGHTTP3_HTTP_STATE_RESP_END, +} nghttp3_stream_http_state; + +typedef enum { + NGHTTP3_HTTP_EVENT_DATA_BEGIN, + NGHTTP3_HTTP_EVENT_DATA_END, + NGHTTP3_HTTP_EVENT_HEADERS_BEGIN, + NGHTTP3_HTTP_EVENT_HEADERS_END, + NGHTTP3_HTTP_EVENT_PUSH_PROMISE_BEGIN, + NGHTTP3_HTTP_EVENT_PUSH_PROMISE_END, + NGHTTP3_HTTP_EVENT_MSG_END, +} nghttp3_stream_http_event; + +struct nghttp3_stream; +typedef struct nghttp3_stream nghttp3_stream; + +struct nghttp3_push_promise; +typedef struct nghttp3_push_promise nghttp3_push_promise; + +/* + * nghttp3_stream_acked_data is a callback function which is invoked + * when data sent on stream denoted by |stream_id| supplied from + * application is acknowledged by remote endpoint. The number of + * bytes acknowledged is given in |datalen|. + * + * The implementation of this callback must return 0 if it succeeds. + * Returning NGHTTP3_ERR_CALLBACK_FAILURE will return to the caller + * immediately. Any values other than 0 is treated as + * NGHTTP3_ERR_CALLBACK_FAILURE. + */ +typedef int (*nghttp3_stream_acked_data)(nghttp3_stream *stream, + int64_t stream_id, size_t datalen, + void *user_data); + +typedef struct { + nghttp3_stream_acked_data acked_data; +} nghttp3_stream_callbacks; + +struct nghttp3_http_state { + /* status_code is HTTP status code received. This field is used + if connection is initialized as client. */ + int32_t status_code; + /* content_length is the value of received content-length header + field. */ + int64_t content_length; + /* recv_content_length is the number of body bytes received so + far. */ + int64_t recv_content_length; + uint16_t flags; +}; + +typedef struct nghttp3_http_state nghttp3_http_state; + +struct nghttp3_stream { + const nghttp3_mem *mem; + nghttp3_map_entry me; + /* node is a node in dependency tree. For server initiated + unidirectional stream (push), scheduling is done via + corresponding nghttp3_push_promise object pointed by pp. */ + nghttp3_tnode node; + nghttp3_pq_entry qpack_blocked_pe; + nghttp3_stream_callbacks callbacks; + nghttp3_ringbuf frq; + nghttp3_ringbuf chunks; + nghttp3_ringbuf outq; + /* inq stores the stream raw data which cannot be read because + stream is blocked by QPACK decoder. */ + nghttp3_ringbuf inq; + nghttp3_qpack_stream_context qpack_sctx; + /* conn is a reference to underlying connection. It could be NULL + if stream is not a request/push stream. */ + nghttp3_conn *conn; + void *user_data; + /* unsent_bytes is the number of bytes in outq not written yet */ + size_t unsent_bytes; + /* outq_idx is an index into outq where next write is made. */ + size_t outq_idx; + /* outq_offset is write offset relative to the element at outq_idx + in outq. */ + size_t outq_offset; + /* ack_offset is offset acknowledged by peer relative to the first + element in outq. */ + size_t ack_offset; + /* ack_done is the number of bytes notified to an application that + they are acknowledged inside the first outq element if it is of + type NGHTTP3_BUF_TYPE_ALIEN. */ + size_t ack_done; + size_t unscheduled_nwrite; + nghttp3_stream_type type; + nghttp3_stream_read_state rstate; + /* pp is nghttp3_push_promise that this stream fulfills. */ + nghttp3_push_promise *pp; + /* error_code indicates the reason of closure of this stream. */ + uint64_t error_code; + + struct { + nghttp3_stream_http_state hstate; + } tx; + + struct { + nghttp3_stream_http_state hstate; + nghttp3_http_state http; + } rx; + + uint16_t flags; +}; + +typedef struct { + nghttp3_frame fr; + union { + struct { + nghttp3_conn_settings *local_settings; + } settings; + struct { + nghttp3_data_reader dr; + } data; + } aux; +} nghttp3_frame_entry; + +int nghttp3_stream_new(nghttp3_stream **pstream, int64_t stream_id, + uint64_t seq, uint32_t weight, nghttp3_tnode *parent, + const nghttp3_stream_callbacks *callbacks, + const nghttp3_mem *mem); + +void nghttp3_stream_del(nghttp3_stream *stream); + +void nghttp3_varint_read_state_reset(nghttp3_varint_read_state *rvint); + +void nghttp3_stream_read_state_reset(nghttp3_stream_read_state *rstate); + +ssize_t nghttp3_read_varint(nghttp3_varint_read_state *rvint, + const uint8_t *src, size_t srclen, int fin); + +int nghttp3_stream_frq_add(nghttp3_stream *stream, + const nghttp3_frame_entry *frent); + +int nghttp3_stream_fill_outq(nghttp3_stream *stream); + +int nghttp3_stream_write_stream_type(nghttp3_stream *stream); + +int nghttp3_stream_write_stream_type_push_id(nghttp3_stream *stream); + +ssize_t nghttp3_stream_writev(nghttp3_stream *stream, int *pfin, + nghttp3_vec *vec, size_t veccnt); + +int nghttp3_stream_write_qpack_decoder_stream(nghttp3_stream *stream); + +int nghttp3_stream_outq_is_full(nghttp3_stream *stream); + +int nghttp3_stream_outq_add(nghttp3_stream *stream, + const nghttp3_typed_buf *tbuf); + +int nghttp3_stream_write_headers(nghttp3_stream *stream, + nghttp3_frame_entry *frent); + +int nghttp3_stream_write_push_promise(nghttp3_stream *stream, + nghttp3_frame_entry *frent); + +int nghttp3_stream_write_header_block(nghttp3_stream *stream, + nghttp3_qpack_encoder *qenc, + nghttp3_stream *qenc_stream, + int64_t frame_type, int64_t push_id, + const nghttp3_nv *nva, size_t nvlen); + +int nghttp3_stream_write_data(nghttp3_stream *stream, int *peof, + nghttp3_frame_entry *frent); + +int nghttp3_stream_write_settings(nghttp3_stream *stream, + nghttp3_frame_entry *frent); + +int nghttp3_stream_write_priority(nghttp3_stream *stream, + nghttp3_frame_entry *frent); + +int nghttp3_stream_write_cancel_push(nghttp3_stream *stream, + nghttp3_frame_entry *frent); + +int nghttp3_stream_write_max_push_id(nghttp3_stream *stream, + nghttp3_frame_entry *frent); + +int nghttp3_stream_ensure_chunk(nghttp3_stream *stream, size_t need); + +nghttp3_buf *nghttp3_stream_get_chunk(nghttp3_stream *stream); + +int nghttp3_stream_is_blocked(nghttp3_stream *stream); + +int nghttp3_stream_add_outq_offset(nghttp3_stream *stream, size_t n); + +/* + * nghttp3_stream_outq_write_done returns nonzero if all contents in + * outq have been written. + */ +int nghttp3_stream_outq_write_done(nghttp3_stream *stream); + +int nghttp3_stream_add_ack_offset(nghttp3_stream *stream, size_t n); + +/* + * nghttp3_stream_is_active returns nonzero if |stream| is active. In + * other words, it has something to send. This function does not take + * into account its descendants. + */ +int nghttp3_stream_is_active(nghttp3_stream *stream); + +/* + * nghttp3_stream_require_schedule returns nonzero if |stream| should + * be scheduled. In other words, |stream| or its descendants have + * something to send. + */ +int nghttp3_stream_require_schedule(nghttp3_stream *stream); + +/* + * nghttp3_stream_schedule schedules |stream|. This function works + * whether |stream| has already been scheduled or not. If it has been + * scheduled already, it is rescheduled by delaying its pending + * penalty. + */ +int nghttp3_stream_schedule(nghttp3_stream *stream); + +/* + * nghttp3_stream_ensure_scheduled schedules |stream| if it has not + * been scheduled. + */ +int nghttp3_stream_ensure_scheduled(nghttp3_stream *stream); + +void nghttp3_stream_unschedule(nghttp3_stream *stream); + +/* + * nghttp3_stream_squash unschedules |stream| and removes it from + * dependency tree. + */ +int nghttp3_stream_squash(nghttp3_stream *stream); + +int nghttp3_stream_buffer_data(nghttp3_stream *stream, const uint8_t *src, + size_t srclen); + +size_t nghttp3_stream_get_buffered_datalen(nghttp3_stream *stream); + +void nghttp3_stream_clear_buffered_data(nghttp3_stream *stream); + +int nghttp3_stream_ensure_qpack_stream_context(nghttp3_stream *stream); + +void nghttp3_stream_delete_qpack_stream_context(nghttp3_stream *stream); + +int nghttp3_stream_transit_rx_http_state(nghttp3_stream *stream, + nghttp3_stream_http_event event); + +int nghttp3_stream_empty_headers_allowed(nghttp3_stream *stream); + +/* + * nghttp3_stream_bidi_or_push returns nonzero if |stream| is + * bidirectional or push stream. + */ +int nghttp3_stream_bidi_or_push(nghttp3_stream *stream); + +/* + * nghttp3_stream_uni returns nonzero if stream identified by + * |stream_id| is unidirectional. + */ +int nghttp3_stream_uni(int64_t stream_id); + +/* + * nghttp3_client_stream_bidi returns nonzero if stream identified by + * |stream_id| is client initiated bidirectional stream. + */ +int nghttp3_client_stream_bidi(int64_t stream_id); + +/* + * nghttp3_client_stream_uni returns nonzero if stream identified by + * |stream_id| is client initiated unidirectional stream. + */ +int nghttp3_client_stream_uni(int64_t stream_id); + +/* + * nghttp3_server_stream_uni returns nonzero if stream identified by + * |stream_id| is server initiated unidirectional stream. + */ +int nghttp3_server_stream_uni(int64_t stream_id); + +#endif /* NGHTTP3_STREAM_H */ diff --git a/deps/nghttp3/lib/nghttp3_tnode.c b/deps/nghttp3/lib/nghttp3_tnode.c new file mode 100644 index 0000000000..6c42086bf7 --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_tnode.c @@ -0,0 +1,334 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "nghttp3_tnode.h" + +#include + +#include "nghttp3_macro.h" +#include "nghttp3_stream.h" +#include "nghttp3_conn.h" + +nghttp3_node_id *nghttp3_node_id_init(nghttp3_node_id *nid, + nghttp3_node_id_type type, int64_t id) { + nid->type = type; + nid->id = id; + return nid; +} + +int nghttp3_node_id_eq(const nghttp3_node_id *a, const nghttp3_node_id *b) { + return a->type == b->type && a->id == b->id; +} + +static int cycle_less(const nghttp3_pq_entry *lhsx, + const nghttp3_pq_entry *rhsx) { + const nghttp3_tnode *lhs = nghttp3_struct_of(lhsx, nghttp3_tnode, pe); + const nghttp3_tnode *rhs = nghttp3_struct_of(rhsx, nghttp3_tnode, pe); + + if (lhs->cycle == rhs->cycle) { + return lhs->seq < rhs->seq; + } + + return rhs->cycle - lhs->cycle <= NGHTTP3_TNODE_MAX_CYCLE_GAP; +} + +void nghttp3_tnode_init(nghttp3_tnode *tnode, const nghttp3_node_id *nid, + uint64_t seq, uint32_t weight, nghttp3_tnode *parent, + const nghttp3_mem *mem) { + nghttp3_pq_init(&tnode->pq, cycle_less, mem); + + tnode->pe.index = NGHTTP3_PQ_BAD_INDEX; + tnode->nid = *nid; + tnode->seq = seq; + tnode->cycle = 0; + tnode->pending_penalty = 0; + tnode->weight = weight; + tnode->parent = parent; + tnode->first_child = NULL; + tnode->num_children = 0; + tnode->active = 0; + + if (parent) { + tnode->next_sibling = parent->first_child; + parent->first_child = tnode; + ++parent->num_children; + } else { + tnode->next_sibling = NULL; + } +} + +void nghttp3_tnode_free(nghttp3_tnode *tnode) { nghttp3_pq_free(&tnode->pq); } + +int nghttp3_tnode_is_active(nghttp3_tnode *tnode) { + nghttp3_push_promise *pp; + + switch (tnode->nid.type) { + case NGHTTP3_NODE_ID_TYPE_STREAM: + return nghttp3_stream_is_active( + nghttp3_struct_of(tnode, nghttp3_stream, node)); + case NGHTTP3_NODE_ID_TYPE_PUSH: + pp = nghttp3_struct_of(tnode, nghttp3_push_promise, node); + return pp->stream && nghttp3_stream_is_active(pp->stream); + case NGHTTP3_NODE_ID_TYPE_UT: + /* For unit test */ + return tnode->active; + default: + return 0; + } +} + +static void tnode_unschedule(nghttp3_tnode *tnode) { + nghttp3_tnode *parent = tnode->parent; + + for (parent = tnode->parent; parent; tnode = parent, parent = tnode->parent) { + assert(tnode->pe.index != NGHTTP3_PQ_BAD_INDEX); + + nghttp3_pq_remove(&parent->pq, &tnode->pe); + tnode->pe.index = NGHTTP3_PQ_BAD_INDEX; + + if (nghttp3_tnode_is_active(parent) || !nghttp3_pq_empty(&parent->pq)) { + return; + } + } +} + +void nghttp3_tnode_unschedule(nghttp3_tnode *tnode) { + if (tnode->pe.index == NGHTTP3_PQ_BAD_INDEX || + !nghttp3_pq_empty(&tnode->pq)) { + return; + } + + tnode_unschedule(tnode); +} + +void nghttp3_tnode_unschedule_detach(nghttp3_tnode *tnode) { + if (tnode->pe.index == NGHTTP3_PQ_BAD_INDEX) { + return; + } + + tnode_unschedule(tnode); +} + +static int tnode_schedule(nghttp3_tnode *tnode, nghttp3_tnode *parent, + uint64_t base_cycle, size_t nwrite) { + uint64_t penalty = + (uint64_t)nwrite * NGHTTP3_MAX_WEIGHT + tnode->pending_penalty; + + tnode->cycle = base_cycle + penalty / tnode->weight; + tnode->pending_penalty = (uint32_t)(penalty % tnode->weight); + + return nghttp3_pq_push(&parent->pq, &tnode->pe); +} + +static uint64_t tnode_get_first_cycle(nghttp3_tnode *tnode) { + nghttp3_tnode *top; + + if (nghttp3_pq_empty(&tnode->pq)) { + return 0; + } + + top = nghttp3_struct_of(nghttp3_pq_top(&tnode->pq), nghttp3_tnode, pe); + return top->cycle; +} + +int nghttp3_tnode_schedule(nghttp3_tnode *tnode, size_t nwrite) { + nghttp3_tnode *parent; + uint64_t cycle; + int rv; + + for (parent = tnode->parent; parent; tnode = parent, parent = tnode->parent) { + if (tnode->pe.index == NGHTTP3_PQ_BAD_INDEX) { + cycle = tnode_get_first_cycle(parent); + } else if (nwrite != 0) { + cycle = tnode->cycle; + nghttp3_pq_remove(&parent->pq, &tnode->pe); + tnode->pe.index = NGHTTP3_PQ_BAD_INDEX; + } else { + return 0; + } + + rv = tnode_schedule(tnode, parent, cycle, nwrite); + if (rv != 0) { + return rv; + } + } + + return 0; +} + +int nghttp3_tnode_is_scheduled(nghttp3_tnode *tnode) { + return tnode->pe.index != NGHTTP3_PQ_BAD_INDEX; +} + +nghttp3_tnode *nghttp3_tnode_get_next(nghttp3_tnode *tnode) { + if (nghttp3_pq_empty(&tnode->pq)) { + return NULL; + } + + tnode = nghttp3_struct_of(nghttp3_pq_top(&tnode->pq), nghttp3_tnode, pe); + + for (;;) { + if (nghttp3_tnode_is_active(tnode)) { + return tnode; + } + assert(!nghttp3_pq_empty(&tnode->pq)); + tnode = nghttp3_struct_of(nghttp3_pq_top(&tnode->pq), nghttp3_tnode, pe); + assert(tnode); + } +} + +void nghttp3_tnode_insert(nghttp3_tnode *tnode, nghttp3_tnode *parent) { + assert(tnode->parent == NULL); + assert(tnode->next_sibling == NULL); + assert(tnode->pe.index == NGHTTP3_PQ_BAD_INDEX); + + tnode->next_sibling = parent->first_child; + parent->first_child = tnode; + tnode->parent = parent; + ++parent->num_children; +} + +int nghttp3_tnode_insert_exclusive(nghttp3_tnode *tnode, + nghttp3_tnode *parent) { + nghttp3_tnode **p, *node; + int rv; + + for (node = parent->first_child; node; node = node->next_sibling) { + node->parent = tnode; + + if (node->pe.index == NGHTTP3_PQ_BAD_INDEX) { + continue; + } + + nghttp3_pq_remove(&parent->pq, &node->pe); + node->pe.index = NGHTTP3_PQ_BAD_INDEX; + } + + for (p = &tnode->first_child; *p; p = &(*p)->next_sibling) + ; + + *p = parent->first_child; + parent->first_child = NULL; + tnode->num_children += parent->num_children; + parent->num_children = 0; + + nghttp3_tnode_insert(tnode, parent); + + for (node = *p; node; node = node->next_sibling) { + if (nghttp3_tnode_is_active(node) || + nghttp3_tnode_has_active_descendant(node)) { + rv = nghttp3_tnode_schedule(node, 0); + if (rv != 0) { + return rv; + } + } + } + + return 0; +} + +void nghttp3_tnode_remove(nghttp3_tnode *tnode) { + nghttp3_tnode *parent = tnode->parent, **p; + + assert(parent); + + if (tnode->pe.index != NGHTTP3_PQ_BAD_INDEX) { + nghttp3_tnode_unschedule_detach(tnode); + } + + for (p = &parent->first_child; *p != tnode; p = &(*p)->next_sibling) + ; + + *p = tnode->next_sibling; + --parent->num_children; + tnode->parent = tnode->next_sibling = NULL; +} + +int nghttp3_tnode_squash(nghttp3_tnode *tnode) { + nghttp3_tnode *parent = tnode->parent, *node, **p, *first, *end; + int rv; + + assert(parent); + + for (p = &parent->first_child; *p != tnode; p = &(*p)->next_sibling) + ; + + *p = tnode->first_child; + + for (; *p; p = &(*p)->next_sibling) { + node = *p; + node->parent = parent; + node->weight = + (uint32_t)(node->weight * tnode->weight / tnode->num_children); + if (node->weight == 0) { + node->weight = 1; + } + + if (node->pe.index == NGHTTP3_PQ_BAD_INDEX) { + continue; + } + + nghttp3_pq_remove(&tnode->pq, &node->pe); + node->pe.index = NGHTTP3_PQ_BAD_INDEX; + } + + *p = tnode->next_sibling; + + first = tnode->first_child; + end = tnode->next_sibling; + + if (tnode->pe.index != NGHTTP3_PQ_BAD_INDEX) { + nghttp3_tnode_unschedule(tnode); + assert(tnode->pe.index == NGHTTP3_PQ_BAD_INDEX); + } + + parent->num_children += tnode->num_children; + tnode->num_children = 0; + tnode->parent = tnode->next_sibling = tnode->first_child = NULL; + + for (node = first; node && node != end; node = node->next_sibling) { + if (nghttp3_tnode_is_active(node) || + nghttp3_tnode_has_active_descendant(node)) { + rv = nghttp3_tnode_schedule(node, 0); + if (rv != 0) { + return rv; + } + } + } + + return 0; +} + +nghttp3_tnode *nghttp3_tnode_find_ascendant(nghttp3_tnode *tnode, + const nghttp3_node_id *nid) { + for (tnode = tnode->parent; tnode && !nghttp3_node_id_eq(nid, &tnode->nid); + tnode = tnode->parent) + ; + + return tnode; +} + +int nghttp3_tnode_has_active_descendant(nghttp3_tnode *tnode) { + return !nghttp3_pq_empty(&tnode->pq); +} diff --git a/deps/nghttp3/lib/nghttp3_tnode.h b/deps/nghttp3/lib/nghttp3_tnode.h new file mode 100644 index 0000000000..238d5782fd --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_tnode.h @@ -0,0 +1,156 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGHTTP3_TNODE_H +#define NGHTTP3_TNODE_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include "nghttp3_pq.h" + +#define NGHTTP3_DEFAULT_WEIGHT 16 +#define NGHTTP3_MAX_WEIGHT 256 +#define NGHTTP3_TNODE_MAX_CYCLE_GAP ((1llu << 24) * 256 + 255) + +typedef enum { + /* Use the same value with nghttp3_elem_dep_type. */ + NGHTTP3_NODE_ID_TYPE_STREAM = NGHTTP3_ELEM_DEP_TYPE_REQUEST, + NGHTTP3_NODE_ID_TYPE_PUSH = NGHTTP3_ELEM_DEP_TYPE_PUSH, + NGHTTP3_NODE_ID_TYPE_PLACEHOLDER = NGHTTP3_ELEM_DEP_TYPE_PLACEHOLDER, + NGHTTP3_NODE_ID_TYPE_ROOT = NGHTTP3_ELEM_DEP_TYPE_ROOT, + /* NGHTTP3_NODE_ID_TYPE_UT is defined for unit test */ + NGHTTP3_NODE_ID_TYPE_UT = 0xff, +} nghttp3_node_id_type; + +typedef struct { + nghttp3_node_id_type type; + int64_t id; +} nghttp3_node_id; + +nghttp3_node_id *nghttp3_node_id_init(nghttp3_node_id *nid, + nghttp3_node_id_type type, int64_t id); + +int nghttp3_node_id_eq(const nghttp3_node_id *a, const nghttp3_node_id *b); + +struct nghttp3_tnode; +typedef struct nghttp3_tnode nghttp3_tnode; + +struct nghttp3_tnode { + nghttp3_pq_entry pe; + nghttp3_pq pq; + nghttp3_tnode *parent; + nghttp3_tnode *first_child; + nghttp3_tnode *next_sibling; + size_t num_children; + nghttp3_node_id nid; + uint64_t seq; + uint64_t cycle; + uint32_t pending_penalty; + uint32_t weight; + /* active is defined for unit test and is nonzero if this node is + active. */ + int active; +}; + +void nghttp3_tnode_init(nghttp3_tnode *tnode, const nghttp3_node_id *nid, + uint64_t seq, uint32_t weight, nghttp3_tnode *parent, + const nghttp3_mem *mem); + +void nghttp3_tnode_free(nghttp3_tnode *tnode); + +/* + * nghttp3_tnode_is_active returns nonzero if |tnode| is active. Only + * NGHTTP3_NODE_ID_TYPE_STREAM and NGHTTP3_NODE_ID_TYPE_PUSH (and + * NGHTTP3_NODE_ID_TYPE_UT for unit test) can become active. + */ +int nghttp3_tnode_is_active(nghttp3_tnode *tnode); + +void nghttp3_tnode_unschedule(nghttp3_tnode *tnode); + +/* + * nghttp3_tnode_unschedule_detach works like + * nghttp3_tnode_unschedule, but it removes |tnode| even if tnode->pq + * is not empty. + */ +void nghttp3_tnode_unschedule_detach(nghttp3_tnode *tnode); + +/* + * nghttp3_tnode_schedule schedules |tnode| using |nwrite| as penalty. + * If |tnode| has already been scheduled, it is rescheduled by the + * amount of |nwrite|. + */ +int nghttp3_tnode_schedule(nghttp3_tnode *tnode, size_t nwrite); + +/* + * nghttp3_tnode_is_scheduled returns nonzero if |tnode| is scheduled. + */ +int nghttp3_tnode_is_scheduled(nghttp3_tnode *tnode); + +/* + * nghttp3_tnode_get_next returns node which has highest priority. + * This function returns NULL if there is no node. + */ +nghttp3_tnode *nghttp3_tnode_get_next(nghttp3_tnode *node); + +/* + * nghttp3_tnode_insert inserts |tnode| as a first child of |parent|. + * |tnode| might have its descendants. + */ +void nghttp3_tnode_insert(nghttp3_tnode *tnode, nghttp3_tnode *parent); + +/* + * nghttp3_tnode_insert_exclusive inserts |tnode| to |parent| as a + * distinct child. The existing direct children of |parent| become + * the children of |tnode|. + */ +int nghttp3_tnode_insert_exclusive(nghttp3_tnode *tnode, nghttp3_tnode *parent); + +/* + * nghttp3_tnode_remove removes |tnode| along with its subtree from + * its parent. + */ +void nghttp3_tnode_remove(nghttp3_tnode *tnode); + +/* + * nghttp3_tnode_squash removes |tnode| from its parent. The weight + * of |tnode| is distributed to the direct descendants of |tnode|. + * They are inserted to the former parent of |tnode|. + */ +int nghttp3_tnode_squash(nghttp3_tnode *tnode); + +/* + * nghttp3_tnode_find_ascendant returns an ascendant of |tnode| whose + * node ID is |nid|. If no such node exists, this function returns + * NULL. + */ +nghttp3_tnode *nghttp3_tnode_find_ascendant(nghttp3_tnode *tnode, + const nghttp3_node_id *nid); + +int nghttp3_tnode_has_active_descendant(nghttp3_tnode *tnode); + +#endif /* NGHTTP3_TNODE_H */ diff --git a/deps/nghttp3/lib/nghttp3_vec.c b/deps/nghttp3/lib/nghttp3_vec.c new file mode 100644 index 0000000000..8d530a060d --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_vec.c @@ -0,0 +1,64 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2018 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "nghttp3_vec.h" +#include "nghttp3_macro.h" + +size_t nghttp3_vec_len(const nghttp3_vec *vec, size_t n) { + size_t i; + size_t res = 0; + + for (i = 0; i < n; ++i) { + res += vec[i].len; + } + + return res; +} + +int nghttp3_vec_empty(const nghttp3_vec *vec, size_t cnt) { + size_t i; + + for (i = 0; i < cnt && vec[i].len == 0; ++i) + ; + + return i == cnt; +} + +void nghttp3_vec_consume(nghttp3_vec **pvec, size_t *pcnt, size_t len) { + nghttp3_vec *v = *pvec; + size_t cnt = *pcnt; + + for (; cnt > 0; --cnt, ++v) { + if (v->len > len) { + v->len -= len; + v->base += len; + break; + } + len -= v->len; + } + + *pvec = v; + *pcnt = cnt; +} diff --git a/deps/nghttp3/lib/nghttp3_vec.h b/deps/nghttp3/lib/nghttp3_vec.h new file mode 100644 index 0000000000..c1a928e3e1 --- /dev/null +++ b/deps/nghttp3/lib/nghttp3_vec.h @@ -0,0 +1,35 @@ +/* + * nghttp3 + * + * Copyright (c) 2019 nghttp3 contributors + * Copyright (c) 2018 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGHTTP3_VEC_H +#define NGHTTP3_VEC_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#endif /* NGHTTP3_VEC_H */ diff --git a/deps/nghttp3/nghttp3.gyp b/deps/nghttp3/nghttp3.gyp new file mode 100644 index 0000000000..693e4f5688 --- /dev/null +++ b/deps/nghttp3/nghttp3.gyp @@ -0,0 +1,61 @@ +{ + 'target_defaults': { + 'defines': [ + '_U_=' + ] + }, + 'targets': [ + { + 'target_name': 'nghttp3', + 'type': 'static_library', + 'include_dirs': ['lib/includes'], + 'defines': [ + 'BUILDING_NGHTTP3', + 'NGHTTP3_STATICLIB', + ], + 'conditions': [ + ['OS=="win"', { + 'defines': [ + 'WIN32', + '_WINDOWS', + 'HAVE_CONFIG_H', + ], + 'msvs_settings': { + 'VCCLCompilerTool': { + 'CompileAs': '1' + }, + }, + }], + ], + 'direct_dependent_settings': { + 'defines': [ 'NGHTTP3_STATICLIB' ], + 'include_dirs': [ 'lib/includes' ] + }, + 'sources': [ + 'lib/nghttp3_buf.c', + 'lib/nghttp3_conv.c', + 'lib/nghttp3_err.c', + 'lib/nghttp3_gaptr.c', + 'lib/nghttp3_idtr.c', + 'lib/nghttp3_map.c', + 'lib/nghttp3_pq.c', + 'lib/nghttp3_qpack_huffman.c', + 'lib/nghttp3_range.c', + 'lib/nghttp3_ringbuf.c', + 'lib/nghttp3_stream.c', + 'lib/nghttp3_vec.c', + 'lib/nghttp3_conn.c', + 'lib/nghttp3_debug.c', + 'lib/nghttp3_frame.c', + 'lib/nghttp3_http.c', + 'lib/nghttp3_ksl.c', + 'lib/nghttp3_mem.c', + 'lib/nghttp3_qpack.c', + 'lib/nghttp3_qpack_huffman_data.c', + 'lib/nghttp3_rcbuf.c', + 'lib/nghttp3_str.c', + 'lib/nghttp3_tnode.c', + ] + } + ] +} diff --git a/deps/ngtcp2/COPYING b/deps/ngtcp2/COPYING new file mode 100644 index 0000000000..9b367cdce7 --- /dev/null +++ b/deps/ngtcp2/COPYING @@ -0,0 +1,22 @@ +The MIT License + +Copyright (c) 2016 ngtcp2 contributors + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/deps/ngtcp2/lib/includes/config.h b/deps/ngtcp2/lib/includes/config.h new file mode 100644 index 0000000000..0aee7749ba --- /dev/null +++ b/deps/ngtcp2/lib/includes/config.h @@ -0,0 +1,39 @@ + +/* Edited to match src/node.h. */ +#include + +#ifdef _WIN32 +#if !defined(_SSIZE_T_) && !defined(_SSIZE_T_DEFINED) +typedef intptr_t ssize_t; +# define _SSIZE_T_ +# define _SSIZE_T_DEFINED +#endif +#else // !_WIN32 +# include // size_t, ssize_t +#endif // _WIN32 + +#ifdef _MSC_VER +# include +# define __builtin_popcount __popcnt +#endif + +/* Define to 1 to enable debug output. */ +/* #undef DEBUGBUILD */ + +/* Define to 1 if you have the header file. */ +/* #undef HAVE_ARPA_INET_H */ + +/* Define to 1 if you have the header file. */ +#define HAVE_STDDEF_H 1 + +/* Define to 1 if you have the header file. */ +#define HAVE_STDINT_H 1 + +/* Define to 1 if you have the header file. */ +#define HAVE_STDLIB_H 1 + +/* Define to 1 if you have the header file. */ +#define HAVE_STRING_H 1 + +/* Define to 1 if you have the header file. */ +/* #undef HAVE_UNISTD_H */ diff --git a/deps/ngtcp2/lib/includes/ngtcp2/ngtcp2.h b/deps/ngtcp2/lib/includes/ngtcp2/ngtcp2.h new file mode 100644 index 0000000000..77c36b85f6 --- /dev/null +++ b/deps/ngtcp2/lib/includes/ngtcp2/ngtcp2.h @@ -0,0 +1,2532 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * Copyright (c) 2017 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGTCP2_H +#define NGTCP2_H + +/* Define WIN32 when build target is Win32 API (borrowed from + libcurl) */ +#if (defined(_WIN32) || defined(__WIN32__)) && !defined(WIN32) +# define WIN32 +#endif + +#ifdef __cplusplus +extern "C" { +#endif + +#include +#if defined(_MSC_VER) && (_MSC_VER < 1800) +/* MSVC < 2013 does not have inttypes.h because it is not C99 + compliant. See compiler macros and version number in + https://sourceforge.net/p/predef/wiki/Compilers/ */ +# include +#else /* !defined(_MSC_VER) || (_MSC_VER >= 1800) */ +# include +#endif /* !defined(_MSC_VER) || (_MSC_VER >= 1800) */ +#include +#include + +#include + +#ifdef NGTCP2_STATICLIB +# define NGTCP2_EXTERN +#elif defined(WIN32) +# ifdef BUILDING_NGTCP2 +# define NGTCP2_EXTERN __declspec(dllexport) +# else /* !BUILDING_NGTCP2 */ +# define NGTCP2_EXTERN __declspec(dllimport) +# endif /* !BUILDING_NGTCP2 */ +#else /* !defined(WIN32) */ +# ifdef BUILDING_NGTCP2 +# define NGTCP2_EXTERN __attribute__((visibility("default"))) +# else /* !BUILDING_NGTCP2 */ +# define NGTCP2_EXTERN +# endif /* !BUILDING_NGTCP2 */ +#endif /* !defined(WIN32) */ + +/** + * @functypedef + * + * Custom memory allocator to replace malloc(). The |mem_user_data| + * is the mem_user_data member of :type:`ngtcp2_mem` structure. + */ +typedef void *(*ngtcp2_malloc)(size_t size, void *mem_user_data); + +/** + * @functypedef + * + * Custom memory allocator to replace free(). The |mem_user_data| is + * the mem_user_data member of :type:`ngtcp2_mem` structure. + */ +typedef void (*ngtcp2_free)(void *ptr, void *mem_user_data); + +/** + * @functypedef + * + * Custom memory allocator to replace calloc(). The |mem_user_data| + * is the mem_user_data member of :type:`ngtcp2_mem` structure. + */ +typedef void *(*ngtcp2_calloc)(size_t nmemb, size_t size, void *mem_user_data); + +/** + * @functypedef + * + * Custom memory allocator to replace realloc(). The |mem_user_data| + * is the mem_user_data member of :type:`ngtcp2_mem` structure. + */ +typedef void *(*ngtcp2_realloc)(void *ptr, size_t size, void *mem_user_data); + +/** + * @struct + * + * Custom memory allocator functions and user defined pointer. The + * |mem_user_data| member is passed to each allocator function. This + * can be used, for example, to achieve per-session memory pool. + * + * In the following example code, ``my_malloc``, ``my_free``, + * ``my_calloc`` and ``my_realloc`` are the replacement of the + * standard allocators ``malloc``, ``free``, ``calloc`` and + * ``realloc`` respectively:: + * + * void *my_malloc_cb(size_t size, void *mem_user_data) { + * return my_malloc(size); + * } + * + * void my_free_cb(void *ptr, void *mem_user_data) { my_free(ptr); } + * + * void *my_calloc_cb(size_t nmemb, size_t size, void *mem_user_data) { + * return my_calloc(nmemb, size); + * } + * + * void *my_realloc_cb(void *ptr, size_t size, void *mem_user_data) { + * return my_realloc(ptr, size); + * } + * + * void conn_new() { + * ngtcp2_mem mem = {NULL, my_malloc_cb, my_free_cb, my_calloc_cb, + * my_realloc_cb}; + * + * ... + * } + */ +typedef struct { + /** + * An arbitrary user supplied data. This is passed to each + * allocator function. + */ + void *mem_user_data; + /** + * Custom allocator function to replace malloc(). + */ + ngtcp2_malloc malloc; + /** + * Custom allocator function to replace free(). + */ + ngtcp2_free free; + /** + * Custom allocator function to replace calloc(). + */ + ngtcp2_calloc calloc; + /** + * Custom allocator function to replace realloc(). + */ + ngtcp2_realloc realloc; +} ngtcp2_mem; + +/* NGTCP2_PROTO_VER is the supported QUIC protocol version. */ +#define NGTCP2_PROTO_VER 0xff000016u +/* NGTCP2_PROTO_VER_MAX is the highest QUIC version the library + supports. */ +#define NGTCP2_PROTO_VER_MAX NGTCP2_PROTO_VER + +/* NGTCP2_ALPN_H3 is a serialized form of HTTP/3 ALPN protocol + identifier this library supports. Notice that the first byte is + the length of the following protocol identifier. */ +#define NGTCP2_ALPN_H3 "\x5h3-22" + +#define NGTCP2_MAX_PKTLEN_IPV4 1252 +#define NGTCP2_MAX_PKTLEN_IPV6 1232 + +/* NGTCP2_MIN_INITIAL_PKTLEN is the minimum UDP packet size for a + packet sent by client which contains its first Initial packet. */ +#define NGTCP2_MIN_INITIAL_PKTLEN 1200 + +/* NGTCP2_STATELESS_RESET_TOKENLEN is the length of Stateless Reset + Token. */ +#define NGTCP2_STATELESS_RESET_TOKENLEN 16 + +/* NGTCP2_MIN_STATELESS_RESET_RANDLEN is the minimum length of random + bytes in Stateless Retry packet */ +#define NGTCP2_MIN_STATELESS_RESET_RANDLEN 25 + +/* NGTCP2_INITIAL_SALT is a salt value which is used to derive initial + secret. */ +#define NGTCP2_INITIAL_SALT \ + "\x7f\xbc\xdb\x0e\x7c\x66\xbb\xe9\x19\x3a\x96\xcd\x21\x51\x9e\xbd\x7a\x02" \ + "\x64\x4a" + +/* NGTCP2_HP_MASKLEN is the length of header protection mask. */ +#define NGTCP2_HP_MASKLEN 5 + +/* NGTCP2_DURATION_TICK is a count of tick per second. */ +#define NGTCP2_DURATION_TICK 1000000000ULL + +/* NGTCP2_SECONDS is a count of tick which corresponds to 1 second. */ +#define NGTCP2_SECONDS 1000000000ULL + +/* NGTCP2_MILLISECONDS is a count of tick which corresponds to 1 + millisecond. */ +#define NGTCP2_MILLISECONDS 1000000ULL + +/* NGTCP2_MICROSECONDS is a count of tick which corresponds to 1 + microsecond. */ +#define NGTCP2_MICROSECONDS 1000ULL + +/* NGTCP2_NANOSECONDS is a count of tick which corresponds to 1 + nanosecond. */ +#define NGTCP2_NANOSECONDS 1ULL + +#if defined(__cplusplus) && __cplusplus >= 201103L +typedef enum ngtcp2_lib_error : int { +#else +typedef enum ngtcp2_lib_error { +#endif + NGTCP2_ERR_INVALID_ARGUMENT = -201, + NGTCP2_ERR_UNKNOWN_PKT_TYPE = -202, + NGTCP2_ERR_NOBUF = -203, + NGTCP2_ERR_PROTO = -205, + NGTCP2_ERR_INVALID_STATE = -206, + NGTCP2_ERR_ACK_FRAME = -207, + NGTCP2_ERR_STREAM_ID_BLOCKED = -208, + NGTCP2_ERR_STREAM_IN_USE = -209, + NGTCP2_ERR_STREAM_DATA_BLOCKED = -210, + NGTCP2_ERR_FLOW_CONTROL = -211, + NGTCP2_ERR_STREAM_LIMIT = -213, + NGTCP2_ERR_FINAL_SIZE = -214, + NGTCP2_ERR_CRYPTO = -215, + NGTCP2_ERR_PKT_NUM_EXHAUSTED = -216, + NGTCP2_ERR_REQUIRED_TRANSPORT_PARAM = -217, + NGTCP2_ERR_MALFORMED_TRANSPORT_PARAM = -218, + NGTCP2_ERR_FRAME_ENCODING = -219, + NGTCP2_ERR_TLS_DECRYPT = -220, + NGTCP2_ERR_STREAM_SHUT_WR = -221, + NGTCP2_ERR_STREAM_NOT_FOUND = -222, + NGTCP2_ERR_STREAM_STATE = -226, + NGTCP2_ERR_NOKEY = -227, + NGTCP2_ERR_EARLY_DATA_REJECTED = -228, + NGTCP2_ERR_RECV_VERSION_NEGOTIATION = -229, + NGTCP2_ERR_CLOSING = -230, + NGTCP2_ERR_DRAINING = -231, + NGTCP2_ERR_TRANSPORT_PARAM = -234, + NGTCP2_ERR_DISCARD_PKT = -235, + NGTCP2_ERR_PATH_VALIDATION_FAILED = -236, + NGTCP2_ERR_CONN_ID_BLOCKED = -237, + NGTCP2_ERR_INTERNAL = -238, + NGTCP2_ERR_CRYPTO_BUFFER_EXCEEDED = -239, + NGTCP2_ERR_WRITE_STREAM_MORE = -240, + NGTCP2_ERR_FATAL = -500, + NGTCP2_ERR_NOMEM = -501, + NGTCP2_ERR_CALLBACK_FAILURE = -502, +} ngtcp2_lib_error; + +typedef enum { + NGTCP2_PKT_FLAG_NONE = 0, + NGTCP2_PKT_FLAG_LONG_FORM = 0x01, + NGTCP2_PKT_FLAG_KEY_PHASE = 0x04 +} ngtcp2_pkt_flag; + +#if defined(__cplusplus) && __cplusplus >= 201103L +typedef enum ngtcp2_pkt_type : int { +#else +typedef enum ngtcp2_pkt_type { +#endif + /* NGTCP2_PKT_VERSION_NEGOTIATION is defined by libngtcp2 for + convenience. */ + NGTCP2_PKT_VERSION_NEGOTIATION = 0xf0, + NGTCP2_PKT_INITIAL = 0x0, + NGTCP2_PKT_0RTT = 0x1, + NGTCP2_PKT_HANDSHAKE = 0x2, + NGTCP2_PKT_RETRY = 0x3, + /* NGTCP2_PKT_SHORT is defined by libngtcp2 for convenience. */ + NGTCP2_PKT_SHORT = 0x70 +} ngtcp2_pkt_type; + +#if defined(__cplusplus) && __cplusplus >= 201103L +typedef enum ngtcp2_transport_error : int { +#else +typedef enum ngtcp2_transport_error { +#endif + NGTCP2_NO_ERROR = 0x0u, + NGTCP2_INTERNAL_ERROR = 0x1u, + NGTCP2_SERVER_BUSY = 0x2u, + NGTCP2_FLOW_CONTROL_ERROR = 0x3u, + NGTCP2_STREAM_LIMIT_ERROR = 0x4u, + NGTCP2_STREAM_STATE_ERROR = 0x5u, + NGTCP2_FINAL_SIZE_ERROR = 0x6u, + NGTCP2_FRAME_ENCODING_ERROR = 0x7u, + NGTCP2_TRANSPORT_PARAMETER_ERROR = 0x8u, + NGTCP2_PROTOCOL_VIOLATION = 0xau, + NGTCP2_INVALID_MIGRATION = 0xcu, + NGTCP2_CRYPTO_BUFFER_EXCEEDED = 0xdu, + NGTCP2_CRYPTO_ERROR = 0x100u +} ngtcp2_transport_error; + +#if defined(__cplusplus) && __cplusplus >= 201103L +typedef enum ngtcp2_path_validation_result : int { +#else +typedef enum ngtcp2_path_validation_result { +#endif + NGTCP2_PATH_VALIDATION_RESULT_SUCCESS, + NGTCP2_PATH_VALIDATION_RESULT_FAILURE, +} ngtcp2_path_validation_result; + +/* + * ngtcp2_tstamp is a timestamp with NGTCP2_DURATION_TICK resolution. + */ +typedef uint64_t ngtcp2_tstamp; + +/* + * ngtcp2_duration is a period of time in NGTCP2_DURATION_TICK + * resolution. + */ +typedef uint64_t ngtcp2_duration; + +/* NGTCP2_MAX_CIDLEN is the maximum length of Connection ID. */ +#define NGTCP2_MAX_CIDLEN 20 +/* NGTCP2_MIN_CIDLEN is the minimum length of Connection ID. */ +#define NGTCP2_MIN_CIDLEN 1 + +/** + * @struct + * + * ngtcp2_cid holds a Connection ID. + */ +typedef struct ngtcp2_cid { + size_t datalen; + uint8_t data[NGTCP2_MAX_CIDLEN]; +} ngtcp2_cid; + +/** + * @struct + * + * ngtcp2_vec is struct iovec compatible structure to reference + * arbitrary array of bytes. + */ +typedef struct { + /* base points to the data. */ + uint8_t *base; + /* len is the number of bytes which the buffer pointed by base + contains. */ + size_t len; +} ngtcp2_vec; + +/** + * @function + * + * `ngtcp2_cid_init` initializes Connection ID |cid| with the byte + * string pointed by |data| and its length is |datalen|. |datalen| + * must be at least :enum:`NGTCP2_MIN_CDLEN`, and at most + * :enum:`NGTCP2_MAX_CDLEN`. + */ +NGTCP2_EXTERN void ngtcp2_cid_init(ngtcp2_cid *cid, const uint8_t *data, + size_t datalen); + +typedef struct ngtcp2_pkt_hd { + ngtcp2_cid dcid; + ngtcp2_cid scid; + int64_t pkt_num; + uint8_t *token; + size_t tokenlen; + /** + * pkt_numlen is the number of bytes spent to encode pkt_num. + */ + size_t pkt_numlen; + /** + * len is the sum of pkt_numlen and the length of QUIC packet + * payload. + */ + size_t len; + uint32_t version; + uint8_t type; + uint8_t flags; +} ngtcp2_pkt_hd; + +typedef struct ngtcp2_pkt_stateless_reset { + const uint8_t *stateless_reset_token; + const uint8_t *rand; + size_t randlen; +} ngtcp2_pkt_stateless_reset; + +typedef struct ngtcp2_pkt_retry { + ngtcp2_cid odcid; + const uint8_t *token; + size_t tokenlen; +} ngtcp2_pkt_retry; + +#if defined(__cplusplus) && __cplusplus >= 201103L +typedef enum ngtcp2_transport_param_id : uint16_t { +#else +typedef enum ngtcp2_transport_param_id { +#endif + NGTCP2_TRANSPORT_PARAM_ORIGINAL_CONNECTION_ID = 0x0000, + NGTCP2_TRANSPORT_PARAM_IDLE_TIMEOUT = 0x0001, + NGTCP2_TRANSPORT_PARAM_STATELESS_RESET_TOKEN = 0x0002, + NGTCP2_TRANSPORT_PARAM_MAX_PACKET_SIZE = 0x0003, + NGTCP2_TRANSPORT_PARAM_INITIAL_MAX_DATA = 0x0004, + NGTCP2_TRANSPORT_PARAM_INITIAL_MAX_STREAM_DATA_BIDI_LOCAL = 0x0005, + NGTCP2_TRANSPORT_PARAM_INITIAL_MAX_STREAM_DATA_BIDI_REMOTE = 0x0006, + NGTCP2_TRANSPORT_PARAM_INITIAL_MAX_STREAM_DATA_UNI = 0x0007, + NGTCP2_TRANSPORT_PARAM_INITIAL_MAX_STREAMS_BIDI = 0x0008, + NGTCP2_TRANSPORT_PARAM_INITIAL_MAX_STREAMS_UNI = 0x0009, + NGTCP2_TRANSPORT_PARAM_ACK_DELAY_EXPONENT = 0x000a, + NGTCP2_TRANSPORT_PARAM_MAX_ACK_DELAY = 0x000b, + NGTCP2_TRANSPORT_PARAM_DISABLE_MIGRATION = 0x000c, + NGTCP2_TRANSPORT_PARAM_PREFERRED_ADDRESS = 0x000d, + NGTCP2_TRANSPORT_PARAM_ACTIVE_CONNECTION_ID_LIMIT = 0x000e, + NGTCP2_TRANSPORT_PARAM_ID_MAX = UINT16_MAX +} ngtcp2_transport_param_id; + +#if defined(__cplusplus) && __cplusplus >= 201103L +typedef enum ngtcp2_transport_params_type : int { +#else +typedef enum ngtcp2_transport_params_type { +#endif + NGTCP2_TRANSPORT_PARAMS_TYPE_CLIENT_HELLO, + NGTCP2_TRANSPORT_PARAMS_TYPE_ENCRYPTED_EXTENSIONS +} ngtcp2_transport_params_type; + +/** + * @enum + * + * ngtcp2_rand_ctx is a context where generated random value is used. + */ +#if defined(__cplusplus) && __cplusplus >= 201103L +typedef enum ngtcp2_rand_ctx : int { +#else +typedef enum ngtcp2_rand_ctx { +#endif + NGTCP2_RAND_CTX_NONE, + /** + * NGTCP2_RAND_CTX_PATH_CHALLENGE indicates that random value is + * used for PATH_CHALLENGE. + */ + NGTCP2_RAND_CTX_PATH_CHALLENGE +} ngtcp2_rand_ctx; + +#define NGTCP2_MAX_PKT_SIZE 65527 + +/** + * @macro + * + * NGTCP2_DEFAULT_ACK_DELAY_EXPONENT is a default value of scaling + * factor of ACK Delay field in ACK frame. + */ +#define NGTCP2_DEFAULT_ACK_DELAY_EXPONENT 3 + +/** + * @macro + * + * NGTCP2_DEFAULT_MAX_ACK_DELAY is a default value of the maximum + * amount of time in nanoseconds by which endpoint delays sending + * acknowledgement. + */ +#define NGTCP2_DEFAULT_MAX_ACK_DELAY (25 * NGTCP2_MILLISECONDS) + +/** + * @macro + * + * NGTCP2_TLSEXT_QUIC_TRANSPORT_PARAMETERS is TLS extension type of + * quic_transport_parameters. + */ +#define NGTCP2_TLSEXT_QUIC_TRANSPORT_PARAMETERS 0xffa5u + +typedef struct ngtcp2_preferred_addr { + ngtcp2_cid cid; + uint16_t ipv4_port; + uint16_t ipv6_port; + uint8_t ipv4_addr[4]; + uint8_t ipv6_addr[16]; + uint8_t stateless_reset_token[NGTCP2_STATELESS_RESET_TOKENLEN]; +} ngtcp2_preferred_addr; + +typedef struct { + ngtcp2_preferred_addr preferred_address; + ngtcp2_cid original_connection_id; + uint64_t initial_max_stream_data_bidi_local; + uint64_t initial_max_stream_data_bidi_remote; + uint64_t initial_max_stream_data_uni; + uint64_t initial_max_data; + uint64_t initial_max_streams_bidi; + uint64_t initial_max_streams_uni; + uint64_t idle_timeout; + uint64_t max_packet_size; + uint64_t active_connection_id_limit; + uint8_t stateless_reset_token[NGTCP2_STATELESS_RESET_TOKENLEN]; + uint8_t stateless_reset_token_present; + uint64_t ack_delay_exponent; + uint8_t disable_migration; + uint8_t original_connection_id_present; + ngtcp2_duration max_ack_delay; + uint8_t preferred_address_present; +} ngtcp2_transport_params; + +/* user_data is the same object passed to ngtcp2_conn_client_new or + ngtcp2_conn_server_new. */ +typedef void (*ngtcp2_printf)(void *user_data, const char *format, ...); + +typedef struct { + ngtcp2_preferred_addr preferred_address; + ngtcp2_tstamp initial_ts; + /* log_printf is a function that the library uses to write logs. + NULL means no logging output. */ + ngtcp2_printf log_printf; + uint64_t max_stream_data_bidi_local; + uint64_t max_stream_data_bidi_remote; + uint64_t max_stream_data_uni; + uint64_t max_data; + uint64_t max_streams_bidi; + uint64_t max_streams_uni; + /* idle_timeout is specified in millisecond resolution */ + uint64_t idle_timeout; + uint64_t max_packet_size; + uint64_t active_connection_id_limit; + uint8_t stateless_reset_token[NGTCP2_STATELESS_RESET_TOKENLEN]; + uint8_t stateless_reset_token_present; + uint64_t ack_delay_exponent; + uint8_t disable_migration; + ngtcp2_duration max_ack_delay; + uint8_t preferred_address_present; +} ngtcp2_settings; + +/** + * @struct + * + * ngtcp2_rcvry_stat holds various statistics, and computed data for + * recovery from packet loss. + * + * Everything is NGTCP2_DURATION_TICK resolution. + */ +typedef struct { + ngtcp2_duration latest_rtt; + ngtcp2_duration min_rtt; + double smoothed_rtt; + double rttvar; + size_t pto_count; + size_t crypto_count; + /* probe_pkt_left is the number of probe packet to sent */ + size_t probe_pkt_left; + ngtcp2_tstamp loss_detection_timer; + /* last_tx_pkt_ts corresponds to + time_of_last_sent_ack_eliciting_packet in + draft-ietf-quic-recovery-17. */ + ngtcp2_tstamp last_tx_pkt_ts; + /* last_hs_tx_pkt_ts corresponds to + time_of_last_sent_handshake_packet. */ + ngtcp2_tstamp last_hs_tx_pkt_ts; +} ngtcp2_rcvry_stat; + +/** + * @struct + * + * ngtcp2_addr is the endpoint address. + */ +typedef struct ngtcp2_addr { + /* len is the length of addr. */ + size_t addrlen; + /* addr points to the buffer which contains endpoint address. It is + opaque to the ngtcp2 library. */ + uint8_t *addr; + /* user_data is an arbitrary data and opaque to the library. */ + void *user_data; +} ngtcp2_addr; + +/** + * @struct + * + * ngtcp2_path is the network endpoints where a packet is sent and + * received. + */ +typedef struct ngtcp2_path { + /* local is the address of local endpoint. */ + ngtcp2_addr local; + /* remote is the address of remote endpoint. */ + ngtcp2_addr remote; +} ngtcp2_path; + +/** + * @struct + * + * ngtcp2_path_storage is a convenient struct to have buffers to store + * the longest addresses. + */ +typedef struct { + uint8_t local_addrbuf[128]; + uint8_t remote_addrbuf[128]; + ngtcp2_path path; +} ngtcp2_path_storage; + +/** + * @function + * + * `ngtcp2_encode_transport_params` encodes |params| in |dest| of + * length |destlen|. + * + * This function returns the number of written, or one of the + * following negative error codes: + * + * :enum:`NGTCP2_ERR_NOBUF` + * Buffer is too small. + * :enum:`NGTCP2_ERR_INVALID_ARGUMENT`: + * |exttype| is invalid. + */ +NGTCP2_EXTERN ssize_t +ngtcp2_encode_transport_params(uint8_t *dest, size_t destlen, uint8_t exttype, + const ngtcp2_transport_params *params); + +/** + * @function + * + * `ngtcp2_decode_transport_params` decodes transport parameters in + * |data| of length |datalen|, and stores the result in the object + * pointed by |params|. + * + * If the optional parameters are missing, the default value is + * assigned. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * :enum:`NGTCP2_ERR_REQUIRED_TRANSPORT_PARAM` + * The required parameter is missing. + * :enum:`NGTCP2_ERR_MALFORMED_TRANSPORT_PARAM` + * The input is malformed. + * :enum:`NGTCP2_ERR_INVALID_ARGUMENT`: + * |exttype| is invalid. + */ +NGTCP2_EXTERN int +ngtcp2_decode_transport_params(ngtcp2_transport_params *params, uint8_t exttype, + const uint8_t *data, size_t datalen); + +/** + * @function + * + * `ngtcp2_pkt_decode_version_cid` extracts QUIC version, Destination + * Connection ID and Source Connection ID from the packet pointed by + * |data| of length |datalen|. This function can handle Connection ID + * up to 255 bytes unlike `ngtcp2_pkt_decode_hd_long` or + * `ngtcp2_pkt_decode_hd_short` which are only capable of handling + * Connection ID less than or equal to :macro:`NGTCP2_MAX_CIDLEN`. + * Longer Connection ID is only valid if the version is unsupported + * QUIC version. + * + * If the given packet is Long packet, this function extracts the + * version from the packet and assigns it to |*pversion|. It also + * extracts the pointer to the Destination Connection ID and its + * length and assigns them to |*pdcid| and |*pdcidlen| respectively. + * Similarly, it extracts the pointer to the Source Connection ID and + * its length and assigns them to |*pscid| and |*pscidlen| + * respectively. + * + * If the given packet is Short packet, |*pversion| will be + * :macro:`NGTCP2_PROTO_VER`, |*pscid| will be NULL, and |*pscidlen| + * will be 0. Because the Short packet does not have the length of + * Destination Connection ID, the caller has to pass the length in + * |short_dcidlen|. This function extracts the pointer to the + * Destination Connection ID and assigns it to |*pdcid|. + * |short_dcidlen| is assigned to |*pdcidlen|. + * + * This function returns 0 or 1 if it succeeds. It returns 1 if + * Version Negotiation packet should be sent. Otherwise, one of the + * following negative error code: + * + * :enum:`NGTCP2_ERR_INVALID_ARGUMENT` + * The function could not decode the packet header. + */ +NGTCP2_EXTERN int +ngtcp2_pkt_decode_version_cid(uint32_t *pversion, const uint8_t **pdcid, + size_t *pdcidlen, const uint8_t **pscid, + size_t *pscidlen, const uint8_t *data, + size_t datalen, size_t short_dcidlen); + +/** + * @function + * + * `ngtcp2_pkt_decode_hd_long` decodes QUIC long packet header in + * |pkt| of length |pktlen|. This function only parses the input just + * before packet number field. + * + * This function does not verify that length field is correct. In + * other words, this function succeeds even if length > |pktlen|. + * + * This function can handle Connection ID up to + * :enum:`NGTCP2_MAX_CIDLEN`. Consider to use + * `ngtcp2_pkt_decode_version_cid` to get longer Connection ID. + * + * This function handles Version Negotiation specially. If version + * field is 0, |pkt| must contain Version Negotiation packet. Version + * Negotiation packet has random type in wire format. For + * convenience, this function sets + * :enum:`NGTCP2_PKT_VERSION_NEGOTIATION` to dest->type, and set + * dest->payloadlen and dest->pkt_num to 0. Version Negotiation + * packet occupies a single packet. + * + * It stores the result in the object pointed by |dest|, and returns + * the number of bytes decoded to read the packet header if it + * succeeds, or one of the following error codes: + * + * :enum:`NGTCP2_ERR_INVALID_ARGUMENT` + * Packet is too short; or it is not a long header + * :enum:`NGTCP2_ERR_UNKNOWN_PKT_TYPE` + * Packet type is unknown + */ +NGTCP2_EXTERN ssize_t ngtcp2_pkt_decode_hd_long(ngtcp2_pkt_hd *dest, + const uint8_t *pkt, + size_t pktlen); + +/** + * @function + * + * `ngtcp2_pkt_decode_hd_short` decodes QUIC short packet header in + * |pkt| of length |pktlen|. |dcidlen| is the length of DCID in + * packet header. Short packet does not encode the length of + * connection ID, thus we need the input from the outside. This + * function only parses the input just before packet number field. + * This function can handle Connection ID up to + * :enum:`NGTCP2_MAX_CIDLEN`. Consider to use + * `ngtcp2_pkt_decode_version_cid` to get longer Connection ID. It + * stores the result in the object pointed by |dest|, and returns the + * number of bytes decoded to read the packet header if it succeeds, + * or one of the following error codes: + * + * :enum:`NGTCP2_ERR_INVALID_ARGUMENT` + * Packet is too short; or it is not a short header + * :enum:`NGTCP2_ERR_UNKNOWN_PKT_TYPE` + * Packet type is unknown + */ +NGTCP2_EXTERN ssize_t ngtcp2_pkt_decode_hd_short(ngtcp2_pkt_hd *dest, + const uint8_t *pkt, + size_t pktlen, size_t dcidlen); + +/** + * @function + * + * `ngtcp2_pkt_write_stateless_reset` writes Stateless Reset packet in + * the buffer pointed by |dest| whose length is |destlen|. + * |stateless_reset_token| is a pointer to the Stateless Reset Token, + * and its length must be :macro:`NGTCP2_STATELESS_RESET_TOKENLEN` + * bytes long. |rand| specifies the random octets preceding Stateless + * Reset Token. The length of |rand| is specified by |randlen| which + * must be at least :macro:`NGTCP2_MIN_STATELESS_RETRY_RANDLEN` bytes + * long. + * + * If |randlen| is too long to write them all in the buffer, |rand| is + * written to the buffer as much as possible, and is truncated. + * + * This function returns the number of bytes written to the buffer, or + * one of the following negative error codes: + * + * :enum:`NGTCP2_ERR_NOBUF` + * Buffer is too small. + * :enum:`NGTCP2_ERR_INVALID_ARGUMENT` + * |randlen| is strictly less than + * :macro:`NGTCP2_MIN_STATELESS_RETRY_RANDLEN`. + */ +NGTCP2_EXTERN ssize_t ngtcp2_pkt_write_stateless_reset( + uint8_t *dest, size_t destlen, uint8_t *stateless_reset_token, + uint8_t *rand, size_t randlen); + +/** + * @function + * + * `ngtcp2_pkt_write_retry` writes Retry packet in the buffer pointed + * by |dest| whose length is |destlen|. |hd| must be long packet + * header, and its type must be :enum:`NGTCP2_PKT_RETRY`. |odcid| + * specifies Original Destination Connection ID. |token| specifies + * Retry Token, and |tokenlen| specifies its length. + * + * This function returns the number of bytes written to the buffer, or + * one of the following negative error codes: + * + * :enum:`NGTCP2_ERR_NOBUF` + * Buffer is too small. + */ +NGTCP2_EXTERN ssize_t ngtcp2_pkt_write_retry(uint8_t *dest, size_t destlen, + const ngtcp2_pkt_hd *hd, + const ngtcp2_cid *odcid, + const uint8_t *token, + size_t tokenlen); + +/** + * @function + * + * `ngtcp2_pkt_write_version_negotiation` writes Version Negotiation + * packet in the buffer pointed by |dest| whose length is |destlen|. + * |unused_random| should be generated randomly. |dcid| is the + * destination connection ID which appears in a packet as a source + * connection ID sent by client which caused version negotiation. + * Similarly, |scid| is the source connection ID which appears in a + * packet as a destination connection ID sent by client. |sv| is a + * list of supported versions, and |nsv| specifies the number of + * supported versions included in |sv|. + * + * This function returns the number of bytes written to the buffer, or + * one of the following negative error codes: + * + * :enum:`NGTCP2_ERR_NOBUF` + * Buffer is too small. + */ +NGTCP2_EXTERN ssize_t ngtcp2_pkt_write_version_negotiation( + uint8_t *dest, size_t destlen, uint8_t unused_random, const uint8_t *dcid, + size_t dcidlen, const uint8_t *scid, size_t scidlen, const uint32_t *sv, + size_t nsv); + +/** + * @function + * + * `ngtcp2_pkt_get_type_long` returns the long packet type. |c| is + * the first byte of Long packet header. + */ +NGTCP2_EXTERN uint8_t ngtcp2_pkt_get_type_long(uint8_t c); + +struct ngtcp2_conn; + +typedef struct ngtcp2_conn ngtcp2_conn; + +/** + * @functypedef + * + * :type:`ngtcp2_client_initial` is invoked when client application + * asks TLS stack to produce first TLS cryptographic handshake data. + * + * This implementation of this callback must get the first handshake + * data from TLS stack and pass it to ngtcp2 library using + * `ngtcp2_conn_submit_crypto_data` function. Make sure that before + * calling `ngtcp2_conn_submit_crypto_data` function, client + * application must create initial packet protection keys and IVs, and + * provide them to ngtcp2 library using + * `ngtcp2_conn_set_initial_tx_keys` and + * `ngtcp2_conn_set_initial_rx_keys`. + * + * This callback function must return 0 if it succeeds, or + * :enum:`NGTCP2_ERR_CALLBACK_FAILURE` which makes the library call + * return immediately. + * + * TODO: Define error code for TLS stack failure. Suggestion: + * NGTCP2_ERR_CRYPTO. + */ +typedef int (*ngtcp2_client_initial)(ngtcp2_conn *conn, void *user_data); + +/** + * @functypedef + * + * :type:`ngtcp2_recv_client_initial` is invoked when server receives + * Initial packet from client. An server application must implement + * this callback, and generate initial keys and IVs for both + * transmission and reception. Install them using + * `ngtcp2_conn_set_initial_tx_keys` and + * `ngtcp2_conn_set_initial_rx_keys. |dcid| is the destination + * connection ID which client generated randomly. It is used to + * derive initial packet protection keys. + * + * The callback function must return 0 if it succeeds. If an error + * occurs, return :enum:`NGTCP2_ERR_CALLBACK_FAILURE` which makes the + * library call return immediately. + * + * TODO: Define error code for TLS stack failure. Suggestion: + * NGTCP2_ERR_CRYPTO. + */ +typedef int (*ngtcp2_recv_client_initial)(ngtcp2_conn *conn, + const ngtcp2_cid *dcid, + void *user_data); + +/** + * @enum + * + * ngtcp2_crypto_level is encryption level. + */ +#if defined(__cplusplus) && __cplusplus >= 201103L +typedef enum ngtcp2_crypto_level : int { +#else +typedef enum ngtcp2_crypto_level { +#endif + /** + * NGTCP2_CRYPTO_LEVEL_INITIAL is Initial Keys encryption level. + */ + NGTCP2_CRYPTO_LEVEL_INITIAL, + /** + * NGTCP2_CRYPTO_LEVEL_HANDSHAKE is Handshake Keys encryption level. + */ + NGTCP2_CRYPTO_LEVEL_HANDSHAKE, + /** + * NGTCP2_CRYPTO_LEVEL_APP is Application Data (1-RTT) Keys + * encryption level. + */ + NGTCP2_CRYPTO_LEVEL_APP, + /** + * NGTCP2_CRYPTO_LEVEL_EARLY is Early Data (0-RTT) Keys encryption + * level. + */ + NGTCP2_CRYPTO_LEVEL_EARLY +} ngtcp2_crypto_level; + +/** + * @functypedef + * + * :type`ngtcp2_recv_crypto_data` is invoked when crypto data are + * received. The received data are pointed by |data|, and its length + * is |datalen|. The |offset| specifies the offset where |data| is + * positioned. |user_data| is the arbitrary pointer passed to + * `ngtcp2_conn_client_new` or `ngtcp2_conn_server_new`. The ngtcp2 + * library ensures that the crypto data is passed to the application + * in the increasing order of |offset|. |datalen| is always strictly + * greater than 0. |crypto_level| indicates the encryption level + * where this data is received. Crypto data never be received in + * :enum:`NGTCP2_CRYPTO_LEVEL_EARLY`. + * + * The application should provide the given data to TLS stack. + * + * The callback function must return 0 if it succeeds. If TLS stack + * reported error, return :enum:`NGTCP2_ERR_CRYPTO`. If application + * encounters fatal error, return :enum:`NGTCP2_ERR_CALLBACK_FAILURE` + * which makes the library call return immediately. If the other + * value is returned, it is treated as + * :enum:`NGTCP2_ERR_CALLBACK_FAILURE`. + */ +typedef int (*ngtcp2_recv_crypto_data)(ngtcp2_conn *conn, + ngtcp2_crypto_level crypto_level, + uint64_t offset, const uint8_t *data, + size_t datalen, void *user_data); + +/** + * @functypedef + * + * :type:`ngtcp2_handshake_completed` is invoked when QUIC + * cryptographic handshake has completed. + * + * The callback function must return 0 if it succeeds. Returning + * :enum:`NGTCP2_ERR_CALLBACK_FAILURE` makes the library call return + * immediately. + */ +typedef int (*ngtcp2_handshake_completed)(ngtcp2_conn *conn, void *user_data); + +/** + * @functypedef + * + * :type:`ngtcp2_recv_version_negotiation` is invoked when Version + * Negotiation packet is received. |hd| is the pointer to the QUIC + * packet header object. The vector |sv| of |nsv| elements contains + * the QUIC version the server supports. Since Version Negotiation is + * only sent by server, this callback function is used by client only. + * + * The callback function must return 0 if it succeeds, or + * :enum:`NGTCP2_ERR_CALLBACK_FAILURE` which makes the library call + * return immediately. + */ +typedef int (*ngtcp2_recv_version_negotiation)(ngtcp2_conn *conn, + const ngtcp2_pkt_hd *hd, + const uint32_t *sv, size_t nsv, + void *user_data); + +/** + * @functypedef + * + * :type:`ngtcp2_recv_retry` is invoked when Retry packet is received. + * This callback is client only. + * + * Application must regenerate packet protection key, IV, and header + * protection key for Initial packets using the destination connection + * ID obtained by `ngtcp2_conn_get_dcid()` and install them by calling + * `ngtcp2_conn_install_initial_tx_keys()` and + * `ngtcp2_conn_install_initial_rx_keys()`. + * + * 0-RTT data accepted by the ngtcp2 library will be retransmitted by + * the library automatically. + * + * The callback function must return 0 if it succeeds. Returning + * :enum:`NGTCP2_ERR_CALLBACK_FAILURE` makes the library call return + * immediately. + */ +typedef int (*ngtcp2_recv_retry)(ngtcp2_conn *conn, const ngtcp2_pkt_hd *hd, + const ngtcp2_pkt_retry *retry, + void *user_data); + +/** + * @functypedef + * + * :type:`ngtcp2_encrypt` is invoked when the ngtcp2 library asks the + * application to encrypt packet payload. The packet payload to + * encrypt is passed as |plaintext| of length |plaintextlen|. The + * encryption key is passed as |key| of length |keylen|. The nonce is + * passed as |nonce| of length |noncelen|. The ad, Additional Data to + * AEAD, is passed as |ad| of length |adlen|. + * + * The implementation of this callback must encrypt |plaintext| using + * the negotiated cipher suite and write the ciphertext into the + * buffer pointed by |dest| of length |destlen|. + * + * |dest| and |plaintext| may point to the same buffer. + * + * The callback function must return the number of bytes written to + * |dest|, or :enum:`NGTCP2_ERR_CALLBACK_FAILURE` which makes the + * library call return immediately. + */ +typedef ssize_t (*ngtcp2_encrypt)(ngtcp2_conn *conn, uint8_t *dest, + size_t destlen, const uint8_t *plaintext, + size_t plaintextlen, const uint8_t *key, + size_t keylen, const uint8_t *nonce, + size_t noncelen, const uint8_t *ad, + size_t adlen, void *user_data); + +/** + * @functypedef + * + * :type:`ngtcp2_decrypt` is invoked when the ngtcp2 library asks the + * application to decrypt packet payload. The packet payload to + * decrypt is passed as |ciphertext| of length |ciphertextlen|. The + * decryption key is passed as |key| of length |keylen|. The nonce is + * passed as |nonce| of length |noncelen|. The ad, Additional Data to + * AEAD, is passed as |ad| of length |adlen|. + * + * The implementation of this callback must decrypt |ciphertext| using + * the negotiated cipher suite and write the ciphertext into the + * buffer pointed by |dest| of length |destlen|. + * + * |dest| and |ciphertext| may point to the same buffer. + * + * The callback function must return the number of bytes written to + * |dest|. If TLS stack fails to decrypt data, return + * :enum:`NGTCP2_ERR_TLS_DECRYPT`. For any other errors, return + * :enum:`NGTCP2_ERR_CALLBACK_FAILURE` which makes the library call + * return immediately. + */ +typedef ssize_t (*ngtcp2_decrypt)(ngtcp2_conn *conn, uint8_t *dest, + size_t destlen, const uint8_t *ciphertext, + size_t ciphertextlen, const uint8_t *key, + size_t keylen, const uint8_t *nonce, + size_t noncelen, const uint8_t *ad, + size_t adlen, void *user_data); + +/** + * @functypedef + * + * :type:`ngtcp2_hp_mask` is invoked when the ngtcp2 library asks the + * application to produce mask to encrypt or decrypt packet header. + * The key is passed as |key| of length |keylen|. The sample is + * passed as |sample| of length |samplelen|. + * + * The implementation of this callback must produce a mask using the + * header protection cipher suite specified by QUIC specification and + * write the result into the buffer pointed by |dest| of length + * |destlen|. The length of mask must be at least + * :macro:`NGTCP2_HP_MASKLEN`. The library ensures that |destlen| is + * at least :macro:`NGTCP2_HP_MASKLEN`. + * + * The callback function must return the number of bytes written to + * |dest|, or :enum:`NGTCP2_ERR_CALLBACK_FAILURE` which makes the + * library call return immediately. + */ +typedef ssize_t (*ngtcp2_hp_mask)(ngtcp2_conn *conn, uint8_t *dest, + size_t destlen, const uint8_t *key, + size_t keylen, const uint8_t *sample, + size_t samplelen, void *user_data); + +/** + * @functypedef + * + * :type:`ngtcp2_recv_stream_data` is invoked when stream data is + * received. The stream is specified by |stream_id|. If |fin| is + * nonzero, this portion of the data is the last data in this stream. + * |offset| is the offset where this data begins. The library ensures + * that data is passed to the application in the non-decreasing order + * of |offset|. The data is passed as |data| of length |datalen|. + * |datalen| may be 0 if and only if |fin| is nonzero. + * + * The callback function must return 0 if it succeeds, or + * :enum:`NGTCP2_ERR_CALLBACK_FAILURE` which makes the library return + * immediately. + */ +typedef int (*ngtcp2_recv_stream_data)(ngtcp2_conn *conn, int64_t stream_id, + int fin, uint64_t offset, + const uint8_t *data, size_t datalen, + void *user_data, void *stream_user_data); + +/** + * @functypedef + * + * :type:`ngtcp2_stream_open` is a callback function which is called + * when remote stream is opened by peer. This function is not called + * if stream is opened by implicitly (we might reconsider this + * behaviour). + * + * The implementation of this callback should return 0 if it succeeds. + * Returning :enum:`NGTCP2_ERR_CALLBACK_FAILURE` makes the library + * call return immediately. + */ +typedef int (*ngtcp2_stream_open)(ngtcp2_conn *conn, int64_t stream_id, + void *user_data); + +/** + * @functypedef + * + * :type:`ngtcp2_stream_close` is invoked when a stream is closed. + * This callback is not called when QUIC connection is closed before + * existing streams are closed. |app_error_code| indicates the error + * code of this closure. + * + * The implementation of this callback should return 0 if it succeeds. + * Returning :enum:`NGTCP2_ERR_CALLBACK_FAILURE` makes the library + * call return immediately. + */ +typedef int (*ngtcp2_stream_close)(ngtcp2_conn *conn, int64_t stream_id, + uint64_t app_error_code, void *user_data, + void *stream_user_data); + +/** + * @functypedef + * + * :type:`ngtcp2_stream_reset` is invoked when a stream identified by + * |stream_id| is reset by a remote endpoint. + * + * The implementation of this callback should return 0 if it succeeds. + * Returning :enum:`NGTCP2_ERR_CALLBACK_FAILURE` makes the library + * call return immediately. + */ +typedef int (*ngtcp2_stream_reset)(ngtcp2_conn *conn, int64_t stream_id, + uint64_t final_size, uint64_t app_error_code, + void *user_data, void *stream_user_data); + +/** + * @functypedef + * + * :type:`ngtcp2_acked_stream_data_offset` is a callback function + * which is called when stream data is acked, and application can free + * the data. The acked range of data is [offset, offset + datalen). + * For a given stream_id, this callback is called sequentially in + * increasing order of |offset|. |datalen| is normally strictly + * greater than 0. One exception is that when a packet which includes + * STREAM frame which has fin flag set, and 0 length data, this + * callback is invoked with 0 passed as |datalen|. + * + * If a stream is closed prematurely and stream data is still + * in-flight, this callback function is not called for those data. + * + * The implementation of this callback should return 0 if it succeeds. + * Returning :enum:`NGTCP2_ERR_CALLBACK_FAILURE` makes the library + * call return immediately. + */ +typedef int (*ngtcp2_acked_stream_data_offset)(ngtcp2_conn *conn, + int64_t stream_id, + uint64_t offset, size_t datalen, + void *user_data, + void *stream_user_data); + +/** + * @functypedef + * + * :type:`ngtcp2_acked_crypto_offset` is a callback function which is + * called when crypto stream data is acknowledged, and application can + * free the data. |crypto_level| indicates the encryption level where + * this data was sent. Crypto data never be sent in + * :enum:`NGTCP2_CRYPTO_LEVEL_EARLY`. This works like + * :type:`ngtcp2_acked_stream_data_offset` but crypto stream has no + * stream_id and stream_user_data, and |datalen| never become 0. + * + * The implementation of this callback should return 0 if it succeeds. + * Returning :enum:`NGTCP2_ERR_CALLBACK_FAILURE` makes the library + * call return immediately. + */ +typedef int (*ngtcp2_acked_crypto_offset)(ngtcp2_conn *conn, + ngtcp2_crypto_level crypto_level, + uint64_t offset, size_t datalen, + void *user_data); + +/** + * @functypedef + * + * :type:`ngtcp2_recv_stateless_reset` is a callback function which is + * called when Stateless Reset packet is received. The stateless + * reset details are given in |sr|. + * + * The implementation of this callback should return 0 if it succeeds. + * Returning :enum:`NGTCP2_ERR_CALLBACK_FAILURE` makes the library + * call return immediately. + */ +typedef int (*ngtcp2_recv_stateless_reset)(ngtcp2_conn *conn, + const ngtcp2_pkt_stateless_reset *sr, + void *user_data); + +/** + * @functypedef + * + * :type:`ngtcp2_extend_max_streams` is a callback function which is + * called every time max stream ID is strictly extended. + * |max_streams| is the cumulative number of streams which an endpoint + * can open. + * + * The callback function must return 0 if it succeeds. Returning + * :enum:`NGTCP2_ERR_CALLBACK_FAILURE` makes the library call return + * immediately. + */ +typedef int (*ngtcp2_extend_max_streams)(ngtcp2_conn *conn, + uint64_t max_streams, void *user_data); + +/** + * @functypedef + * + * :type:`ngtcp2_extend_max_stream_data` is a callback function which + * is invoked when max stream data is extended. |stream_id| + * identifies the stream. |max_data| is a cumulative number of bytes + * the endpoint can send on this stream. + * + * The callback function must return 0 if it succeeds. Returning + * :enum:`NGTCP2_ERR_CALLBACK_FAILURE` makes the library call return + * immediately. + */ +typedef int (*ngtcp2_extend_max_stream_data)(ngtcp2_conn *conn, + int64_t stream_id, + uint64_t max_data, void *user_data, + void *stream_user_data); + +/** + * @functypedef + * + * :type:`ngtcp2_rand` is a callback function to get randomized byte + * string from application. Application must fill random |destlen| + * bytes to the buffer pointed by |dest|. |ctx| provides the context + * how the provided random byte string is used. + * + * The callback function must return 0 if it succeeds. Returning + * :enum:`NGTCP2_ERR_CALLBACK_FAILURE` makes the library call return + * immediately. + */ +typedef int (*ngtcp2_rand)(ngtcp2_conn *conn, uint8_t *dest, size_t destlen, + ngtcp2_rand_ctx ctx, void *user_data); + +/** + * @functypedef + * + * :type:`ngtcp2_get_new_connection_id` is a callback function to ask + * an application for new connection ID. Application must generate + * new unused connection ID with the exact |cidlen| bytes and store it + * in |cid|. It also has to generate stateless reset token into + * |token|. The length of stateless reset token is + * :macro:`NGTCP2_STATELESS_RESET_TOKENLEN` and it is guaranteed that + * the buffer pointed by |cid| has the sufficient space to store the + * token. + * + * The callback function must return 0 if it succeeds. Returning + * :enum:`NGTCP2_ERR_CALLBACK_FAILURE` makes the library call return + * immediately. + */ +typedef int (*ngtcp2_get_new_connection_id)(ngtcp2_conn *conn, ngtcp2_cid *cid, + uint8_t *token, size_t cidlen, + void *user_data); + +/** + * @functypedef + * + * :type:`ngtcp2_remove_connection_id` is a callback function which + * notifies the application that connection ID |cid| is no longer used + * by remote endpoint. + * + * The callback function must return 0 if it succeeds. Returning + * :enum:`NGTCP2_ERR_CALLBACK_FAILURE` makes the library call return + * immediately. + */ +typedef int (*ngtcp2_remove_connection_id)(ngtcp2_conn *conn, + const ngtcp2_cid *cid, + void *user_data); + +/** + * @functypedef + * + * :type:`ngtcp2_update_key` is a callback function which tells the + * application that it should update and install new keys. + * + * In the callback function, the application has to generate new keys + * for both encryption and decryption, and install them to |conn| + * using `ngtcp2_conn_update_tx_key` and `ngtcp2_conn_update_rx_key`. + * + * The callback function must return 0 if it succeeds. Returning + * :enum:`NGTCP2_ERR_CALLBACK_FAILURE` makes the library call return + * immediately. + */ +typedef int (*ngtcp2_update_key)(ngtcp2_conn *conn, void *user_data); + +/** + * @functypedef + * + * :type:`ngtcp2_path_validation` is a callback function which tells + * the application the outcome of path validation. |path| is the path + * that was validated. If |res| is + * :enum:`NGTCP2_PATH_VALIDATION_RESULT_SUCCESS`, the path validation + * succeeded. If |res| is + * :enum:`NGTCP2_PATH_VALIDATION_RESULT_FAILURE`, the path validation + * failed. + * + * The callback function must return 0 if it succeeds. Returning + * :enum:`NGTCP2_ERR_CALLBACK_FAILURE` makes the library call return + * immediately. + */ +typedef int (*ngtcp2_path_validation)(ngtcp2_conn *conn, + const ngtcp2_path *path, + ngtcp2_path_validation_result res, + void *user_data); + +/** + * @functypedef + * + * :type:`ngtcp2_select_preferred_addr` is a callback function which + * asks a client application to choose server address from preferred + * addresses |paddr| received from server. An application should + * write preferred address in |dest|. If an application denies the + * preferred addresses, just leave |dest| unmodified (or set dest->len + * to 0) and return 0. + * + * The callback function must return 0 if it succeeds. Returning + * :enum:`NGTCP2_ERR_CALLBACK_FAILURE` makes the library call return + * immediately. + */ +typedef int (*ngtcp2_select_preferred_addr)(ngtcp2_conn *conn, + ngtcp2_addr *dest, + const ngtcp2_preferred_addr *paddr, + void *user_data); + +typedef struct { + ngtcp2_client_initial client_initial; + ngtcp2_recv_client_initial recv_client_initial; + ngtcp2_recv_crypto_data recv_crypto_data; + ngtcp2_handshake_completed handshake_completed; + ngtcp2_recv_version_negotiation recv_version_negotiation; + /** + * in_encrypt is a callback function which is invoked to encrypt + * Initial packets. + */ + ngtcp2_encrypt in_encrypt; + /** + * in_decrypt is a callback function which is invoked to decrypt + * Initial packets. + */ + ngtcp2_decrypt in_decrypt; + /** + * encrypt is a callback function which is invoked to encrypt + * packets other than Initial packets. + */ + ngtcp2_encrypt encrypt; + /** + * decrypt is a callback function which is invoked to decrypt + * packets other than Initial packets. + */ + ngtcp2_decrypt decrypt; + /** + * in_hp_mask is a callback function which is invoked to get mask to + * encrypt or decrypt Initial packet header. + */ + ngtcp2_hp_mask in_hp_mask; + /** + * hp_mask is a callback function which is invoked to get mask to + * encrypt or decrypt packet header other than Initial packets. + */ + ngtcp2_hp_mask hp_mask; + ngtcp2_recv_stream_data recv_stream_data; + ngtcp2_acked_crypto_offset acked_crypto_offset; + ngtcp2_acked_stream_data_offset acked_stream_data_offset; + ngtcp2_stream_open stream_open; + ngtcp2_stream_close stream_close; + ngtcp2_recv_stateless_reset recv_stateless_reset; + ngtcp2_recv_retry recv_retry; + ngtcp2_extend_max_streams extend_max_local_streams_bidi; + ngtcp2_extend_max_streams extend_max_local_streams_uni; + ngtcp2_rand rand; + ngtcp2_get_new_connection_id get_new_connection_id; + ngtcp2_remove_connection_id remove_connection_id; + ngtcp2_update_key update_key; + ngtcp2_path_validation path_validation; + ngtcp2_select_preferred_addr select_preferred_addr; + ngtcp2_stream_reset stream_reset; + ngtcp2_extend_max_streams extend_max_remote_streams_bidi; + ngtcp2_extend_max_streams extend_max_remote_streams_uni; + ngtcp2_extend_max_stream_data extend_max_stream_data; +} ngtcp2_conn_callbacks; + +/* + * `ngtcp2_accept` is used by server implementation, and decides + * whether packet |pkt| of length |pktlen| is acceptable for initial + * packet from client. + * + * If it is acceptable, it returns 0. If it is not acceptable, and + * Version Negotiation packet is required to send, it returns 1. + * Otherwise, it returns -1. + * + * If |dest| is not NULL, and the return value is 0 or 1, the decoded + * packet header is stored to the object pointed by |dest|. + */ +NGTCP2_EXTERN int ngtcp2_accept(ngtcp2_pkt_hd *dest, const uint8_t *pkt, + size_t pktlen); + +/** + * @function + * + * `ngtcp2_conn_client_new` creates new :type:`ngtcp2_conn`, and + * initializes it as client. |dcid| is randomized destination + * connection ID. |scid| is source connection ID. |version| is a + * QUIC version to use. |path| is the network path where this QUIC + * connection is being established and must not be NULL. |callbacks|, + * and |settings| must not be NULL, and the function make a copy of + * each of them. |user_data| is the arbitrary pointer which is passed + * to the user-defined callback functions. If |mem| is NULL, the + * memory allocator returned by `ngtcp2_mem_default()` is used. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * :enum:`NGTCP2_ERR_NOMEM` + * Out of memory. + */ +NGTCP2_EXTERN int +ngtcp2_conn_client_new(ngtcp2_conn **pconn, const ngtcp2_cid *dcid, + const ngtcp2_cid *scid, const ngtcp2_path *path, + uint32_t version, const ngtcp2_conn_callbacks *callbacks, + const ngtcp2_settings *settings, const ngtcp2_mem *mem, + void *user_data); + +/** + * @function + * + * `ngtcp2_conn_server_new` creates new :type:`ngtcp2_conn`, and + * initializes it as server. |dcid| is a destination connection ID. + * |scid| is a source connection ID. |path| is the network path where + * this QUIC connection is being established and must not be NULL. + * |version| is a QUIC version to use. |callbacks|, and |settings| + * must not be NULL, and the function make a copy of each of them. + * |user_data| is the arbitrary pointer which is passed to the + * user-defined callback functions. If |mem| is NULL, the memory + * allocator returned by `ngtcp2_mem_default()` is used. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * :enum:`NGTCP2_ERR_NOMEM` + * Out of memory. + */ +NGTCP2_EXTERN int +ngtcp2_conn_server_new(ngtcp2_conn **pconn, const ngtcp2_cid *dcid, + const ngtcp2_cid *scid, const ngtcp2_path *path, + uint32_t version, const ngtcp2_conn_callbacks *callbacks, + const ngtcp2_settings *settings, const ngtcp2_mem *mem, + void *user_data); + +/** + * @function + * + * `ngtcp2_conn_del` frees resources allocated for |conn|. It also + * frees memory pointed by |conn|. + */ +NGTCP2_EXTERN void ngtcp2_conn_del(ngtcp2_conn *conn); + +/** + * @function + * + * `ngtcp2_conn_read_pkt` decrypts QUIC packet given in |pkt| of + * length |pktlen| and processes it. |path| is the network path the + * packet is delivered and must not be NULL. This function performs + * QUIC handshake as well. + * + * This function must not be called from inside the callback + * functions. + * + * This function returns 0 if it succeeds, or negative error codes. + * In general, if the error code which satisfies + * ngtcp2_erro_is_fatal(err) != 0 is returned, the application should + * just close the connection by calling + * `ngtcp2_conn_write_connection_close` or just delete the QUIC + * connection using `ngtcp2_conn_del`. It is undefined to call the + * other library functions. + */ +NGTCP2_EXTERN int ngtcp2_conn_read_pkt(ngtcp2_conn *conn, + const ngtcp2_path *path, + const uint8_t *pkt, size_t pktlen, + ngtcp2_tstamp ts); + +/** + * @function + * + * `ngtcp2_conn_write_pkt` is equivalent to calling + * `ngtcp2_conn_writev_stream` without specifying stream data and + * :enum:`NGTCP2_WRITE_STREAM_FLAG_NONE` as flags. + */ +NGTCP2_EXTERN ssize_t ngtcp2_conn_write_pkt(ngtcp2_conn *conn, + ngtcp2_path *path, uint8_t *dest, + size_t destlen, ngtcp2_tstamp ts); + +/** + * @function + * + * `ngtcp2_conn_handshake_completed` tells |conn| that the QUIC + * handshake has completed. + */ +NGTCP2_EXTERN void ngtcp2_conn_handshake_completed(ngtcp2_conn *conn); + +/** + * @function + * + * `ngtcp2_conn_get_handshake_completed` returns nonzero if handshake + * has completed. + */ +NGTCP2_EXTERN int ngtcp2_conn_get_handshake_completed(ngtcp2_conn *conn); + +/** + * @function + * + * `ngtcp2_conn_install_initial_tx_keys` installs packet protection + * key |key| of length |keylen| and IV |iv| of length |ivlen|, and + * packet header protection key |hp| of length |hplen| to encrypt + * outgoing Initial packets. If they have already been set, they are + * overwritten. + * + * After receiving Retry packet, the DCID most likely changes. In + * that case, client application must generate these keying materials + * again based on new DCID and install them again. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * :enum:`NGTCP2_ERR_NOMEM` + * Out of memory. + */ +NGTCP2_EXTERN int ngtcp2_conn_install_initial_tx_keys( + ngtcp2_conn *conn, const uint8_t *key, size_t keylen, const uint8_t *iv, + size_t ivlen, const uint8_t *hp, size_t hplen); + +/** + * @function + * + * `ngtcp2_conn_install_initial_rx_keys` installs packet protection + * key |key| of length |keylen| and IV |iv| of length |ivlen|, and + * packet header protection key |hp| of length |hplen| to decrypt + * incoming Initial packets. If they have already been set, they are + * overwritten. + * + * After receiving Retry packet, the DCID most likely changes. In + * that case, client application must generate these keying materials + * again based on new DCID and install them again. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * :enum:`NGTCP2_ERR_NOMEM` + * Out of memory. + */ +NGTCP2_EXTERN int ngtcp2_conn_install_initial_rx_keys( + ngtcp2_conn *conn, const uint8_t *key, size_t keylen, const uint8_t *iv, + size_t ivlen, const uint8_t *hp, size_t hplen); + +/** + * @function + * + * `ngtcp2_conn_install_handshake_tx_keys` installs packet protection + * key |key| of length |keylen| and IV |iv| of length |ivlen|, and + * packet header protection key |hp| of length |hplen| to encrypt + * outgoing Handshake packets. + * + * TLS stack generates the packet protection key and IV, and therefore + * application don't have to generate them. For client, they are + * derived from client_handshake_traffic_secret. For server, they are + * derived from server_handshake_traffic_secret. The packet number + * encryption key must be generated using the method described in QUIC + * specification. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * :enum:`NGTCP2_ERR_NOMEM` + * Out of memory. + */ +NGTCP2_EXTERN int ngtcp2_conn_install_handshake_tx_keys( + ngtcp2_conn *conn, const uint8_t *key, size_t keylen, const uint8_t *iv, + size_t ivlen, const uint8_t *hp, size_t hplen); + +/** + * @function + * + * `ngtcp2_conn_install_handshake_rx_keys` installs packet protection + * key |key| of length |keylen| and IV |iv| of length |ivlen|, and + * packet header protection key |hp| of length |hplen| to decrypt + * incoming Handshake packets. + * + * TLS stack generates the packet protection key and IV, and therefore + * application don't have to generate them. For client, they are + * derived from server_handshake_traffic_secret. For server, they are + * derived from client_handshake_traffic_secret. The packet number + * encryption key must be generated using the method described in QUIC + * specification. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * :enum:`NGTCP2_ERR_NOMEM` + * Out of memory. + */ +NGTCP2_EXTERN int ngtcp2_conn_install_handshake_rx_keys( + ngtcp2_conn *conn, const uint8_t *key, size_t keylen, const uint8_t *iv, + size_t ivlen, const uint8_t *hp, size_t hplen); + +/** + * @function + * + * `ngtcp2_conn_set_aead_overhead` tells the ngtcp2 library the length + * of AEAD tag which the negotiated cipher suites defines. This + * function must be called before encrypting or decrypting the + * incoming packets other than Initial packets. + */ +NGTCP2_EXTERN void ngtcp2_conn_set_aead_overhead(ngtcp2_conn *conn, + size_t aead_overhead); + +/** + * @function + * + * `ngtcp2_conn_get_aead_overhead` returns the aead overhead passed to + * `ngtcp2_conn_set_aead_overhead`. If `ngtcp2_conn_set_aead_overhead` hasn't + * been called yet this function returns 0. + */ +NGTCP2_EXTERN size_t ngtcp2_conn_get_aead_overhead(ngtcp2_conn *conn); + +/** + * @function + * + * `ngtcp2_conn_install_early_rx_keys` installs packet protection key + * |key| of length |keylen| and IV |iv| of length |ivlen|, and packet + * header protection key |hp| of length |hplen| to encrypt or decrypt + * 0RTT packets. + * + * TLS stack generates the packet protection key and IV, and therefore + * application don't have to generate them. They are derived from + * client_early_traffic_secret. The packet number encryption key must + * be generated using the method described in QUIC specification. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * :enum:`NGTCP2_ERR_NOMEM` + * Out of memory. + */ +NGTCP2_EXTERN int +ngtcp2_conn_install_early_keys(ngtcp2_conn *conn, const uint8_t *key, + size_t keylen, const uint8_t *iv, size_t ivlen, + const uint8_t *hp, size_t hplen); + +/** + * @function + * + * `ngtcp2_conn_install_tx_keys` installs packet protection key |key| + * of length |keylen| and IV |iv| of length |ivlen|, and packet header + * protection key |hp| of length |hplen| to encrypt outgoing Short + * packets. + * + * TLS stack generates the packet protection key and IV, and therefore + * application don't have to generate them. For client, they are + * derived from client_application_traffic_secret. For server, they + * are derived from server_application_traffic_secret. The packet + * number encryption key must be generated using the method described + * in QUIC specification. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * :enum:`NGTCP2_ERR_NOMEM` + * Out of memory. + */ +NGTCP2_EXTERN int ngtcp2_conn_install_tx_keys(ngtcp2_conn *conn, + const uint8_t *key, size_t keylen, + const uint8_t *iv, size_t ivlen, + const uint8_t *hp, size_t hplen); + +/** + * @function + * + * `ngtcp2_conn_install_rx_keys` installs packet protection key |key| + * of length |keylen| and IV |iv| of length |ivlen|, and packet header + * protection key |hp| of length |hplen| to decrypt incoming Short + * packets. + * + * TLS stack generates the packet protection key and IV, and therefore + * application don't have to generate them. For client, they are + * derived from server_application_traffic_secret. For server, they + * are derived from client_application_traffic_secret. The packet + * number encryption key must be generated using the method described + * in QUIC specification. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * :enum:`NGTCP2_ERR_NOMEM` + * Out of memory. + */ +NGTCP2_EXTERN int ngtcp2_conn_install_rx_keys(ngtcp2_conn *conn, + const uint8_t *key, size_t keylen, + const uint8_t *iv, size_t ivlen, + const uint8_t *hp, size_t hplen); + +/** + * @function + * + * `ngtcp2_conn_update_tx_key` installs the updated packet protection + * key |key| of length |keylen| and IV |iv| of length |ivlen|. They + * are used to encrypt an outgoing packet. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * :enum:`NGTCP2_ERR_NOMEM` + * Out of memory. + * :enum:`NGTCP2_ERR_INVALID_STATE` + * The updated keying materials have not been synchronized yet. + */ +NGTCP2_EXTERN int ngtcp2_conn_update_tx_key(ngtcp2_conn *conn, + const uint8_t *key, size_t keylen, + const uint8_t *iv, size_t ivlen); + +/** + * @function + * + * `ngtcp2_conn_update_rx_key` installs the updated packet protection + * key |key| of length |keylen| and IV |iv| of length |ivlen|. They + * are used to decrypt an incoming packet. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * :enum:`NGTCP2_ERR_NOMEM` + * Out of memory. + * :enum:`NGTCP2_ERR_INVALID_STATE` + * The updated keying materials have not been synchronized yet. + */ +NGTCP2_EXTERN int ngtcp2_conn_update_rx_key(ngtcp2_conn *conn, + const uint8_t *key, size_t keylen, + const uint8_t *iv, size_t ivlen); + +/** + * @function + * + * `ngtcp2_conn_initiate_key_update` initiates the key update. Prior + * to calling this function, the application has to install updated + * keys using `ngtcp2_conn_update_tx_key` and + * `ngtcp2_conn_update_rx_key`. + * + * Do not call this function if the local endpoint updates key in + * response to the key update of the remote endpoint. In other words, + * don't call this function inside :type:`ngtcp2_update_key` callback + * function. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * :enum:`NGTCP2_ERR_INVALID_STATE` + * The updated keying materials have not been synchronized yet; or + * updated keys are not available. + */ +NGTCP2_EXTERN int ngtcp2_conn_initiate_key_update(ngtcp2_conn *conn); + +/** + * @function + * + * `ngtcp2_conn_loss_detection_expiry` returns the expiry time point + * of loss detection timer. Application should call + * `ngtcp2_conn_on_loss_detection_timer` and `ngtcp2_conn_write_pkt` + * (or `ngtcp2_conn_writev_stream`) when it expires. It returns + * UINT64_MAX if loss detection timer is not armed. + */ +NGTCP2_EXTERN ngtcp2_tstamp +ngtcp2_conn_loss_detection_expiry(ngtcp2_conn *conn); + +/** + * @function + * + * `ngtcp2_conn_ack_delay_expiry` returns the expiry time point of + * delayed protected ACK. Application should call + * ngtcp2_conn_cancel_expired_ack_delay_timer() and + * `ngtcp2_conn_write_pkt` (or `ngtcp2_conn_writev_stream`) when it + * expires. It returns UINT64_MAX if there is no expiry. + */ +NGTCP2_EXTERN ngtcp2_tstamp ngtcp2_conn_ack_delay_expiry(ngtcp2_conn *conn); + +/** + * @function + * + * `ngtcp2_conn_get_expiry` returns the next expiry time. This + * function returns the timestamp such that + * min(ngtcp2_conn_loss_detection_expiry(conn), + * ngtcp2_conn_ack_delay_expiry(conn), other timers in |conn|). + * + * Call `ngtcp2_conn_handle_expiry()` and `ngtcp2_conn_write_pkt` (or + * `ngtcp2_conn_writev_stream`) if expiry time is passed. + */ +NGTCP2_EXTERN ngtcp2_tstamp ngtcp2_conn_get_expiry(ngtcp2_conn *conn); + +/** + * @function + * + * `ngtcp2_conn_handle_expiry` handles expired timer. It do nothing + * if timer is not expired. + */ +NGTCP2_EXTERN int ngtcp2_conn_handle_expiry(ngtcp2_conn *conn, + ngtcp2_tstamp ts); + +/** + * @function + * + * `ngtcp2_conn_cancel_expired_ack_delay_timer` stops expired ACK + * delay timer. |ts| is the current time. This function must be + * called when ngtcp2_conn_ack_delay_expiry() <= ts. + */ +NGTCP2_EXTERN void ngtcp2_conn_cancel_expired_ack_delay_timer(ngtcp2_conn *conn, + ngtcp2_tstamp ts); + +/** + * @function + * + * `ngtcp2_conn_get_idle_timeout` returns the current idle timeout. + * If idle timeout is disabled, this function returns UINT64_MAX. + */ +NGTCP2_EXTERN ngtcp2_duration ngtcp2_conn_get_idle_timeout(ngtcp2_conn *conn); + +/** + * @function + * + * `ngtcp2_conn_get_pto` returns Probe Timeout (PTO). + */ +NGTCP2_EXTERN ngtcp2_duration ngtcp2_conn_get_pto(ngtcp2_conn *conn); + +/** + * @function + * + * `ngtcp2_conn_set_remote_transport_params` sets transport parameter + * |params| to |conn|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * :enum:`NGTCP2_ERR_PROTO` + * If |conn| is server, and negotiated_version field is not the + * same as the used version. + */ +NGTCP2_EXTERN int +ngtcp2_conn_set_remote_transport_params(ngtcp2_conn *conn, + const ngtcp2_transport_params *params); + +/** + * @function + * + * `ngtcp2_conn_set_early_remote_transport_params` sets |params| as + * transport parameter previously received from a server. The + * parameters are used to send 0-RTT data. QUIC requires that client + * application should remember transport parameter as well as session + * ticket. + * + * At least following fields must be set: + * + * * initial_max_stream_id_bidi + * * initial_max_stream_id_uni + * * initial_max_stream_data_bidi_local + * * initial_max_stream_data_bidi_remote + * * initial_max_stream_data_uni + * * initial_max_data + */ +NGTCP2_EXTERN void ngtcp2_conn_set_early_remote_transport_params( + ngtcp2_conn *conn, const ngtcp2_transport_params *params); + +/** + * @function + * + * `ngtcp2_conn_get_local_transport_params` fills settings values in + * |params|. + */ +NGTCP2_EXTERN void +ngtcp2_conn_get_local_transport_params(ngtcp2_conn *conn, + ngtcp2_transport_params *params); + +/** + * @function + * + * `ngtcp2_conn_open_bidi_stream` opens new bidirectional stream. The + * |stream_user_data| is the user data specific to the stream. The + * open stream ID is stored in |*pstream_id|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * :enum:`NGTCP2_ERR_NOMEM` + * Out of memory + * :enum:`NGTCP2_ERR_STREAM_ID_BLOCKED` + * The remote peer does not allow |stream_id| yet. + */ +NGTCP2_EXTERN int ngtcp2_conn_open_bidi_stream(ngtcp2_conn *conn, + int64_t *pstream_id, + void *stream_user_data); + +/** + * @function + * + * `ngtcp2_conn_open_uni_stream` opens new unidirectional stream. The + * |stream_user_data| is the user data specific to the stream. The + * open stream ID is stored in |*pstream_id|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * :enum:`NGTCP2_ERR_NOMEM` + * Out of memory + * :enum:`NGTCP2_ERR_STREAM_ID_BLOCKED` + * The remote peer does not allow |stream_id| yet. + */ +NGTCP2_EXTERN int ngtcp2_conn_open_uni_stream(ngtcp2_conn *conn, + int64_t *pstream_id, + void *stream_user_data); + +/** + * @function + * + * `ngtcp2_conn_shutdown_stream` closes stream denoted by |stream_id| + * abruptly. |app_error_code| is one of application error codes, and + * indicates the reason of shutdown. Successful call of this function + * does not immediately erase the state of the stream. The actual + * deletion is done when the remote endpoint sends acknowledgement. + * Calling this function is equivalent to call + * `ngtcp2_conn_shutdown_stream_read`, and + * `ngtcp2_conn_shutdown_stream_write` sequentially. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * :enum:`NGTCP2_ERR_NOMEM` + * Out of memory + * :enum:`NGTCP2_ERR_STREAM_NOT_FOUND` + * Stream does not exist + */ +NGTCP2_EXTERN int ngtcp2_conn_shutdown_stream(ngtcp2_conn *conn, + int64_t stream_id, + uint64_t app_error_code); + +/** + * @function + * + * `ngtcp2_conn_shutdown_stream_write` closes write-side of stream + * denoted by |stream_id| abruptly. |app_error_code| is one of + * application error codes, and indicates the reason of shutdown. If + * this function succeeds, no application data is sent to the remote + * endpoint. It discards all data which has not been acknowledged + * yet. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * :enum:`NGTCP2_ERR_NOMEM` + * Out of memory + * :enum:`NGTCP2_ERR_STREAM_NOT_FOUND` + * Stream does not exist + */ +NGTCP2_EXTERN int ngtcp2_conn_shutdown_stream_write(ngtcp2_conn *conn, + int64_t stream_id, + uint64_t app_error_code); + +/** + * @function + * + * `ngtcp2_conn_shutdown_stream_read` closes read-side of stream + * denoted by |stream_id| abruptly. |app_error_code| is one of + * application error codes, and indicates the reason of shutdown. If + * this function succeeds, no application data is forwarded to an + * application layer. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * :enum:`NGTCP2_ERR_NOMEM` + * Out of memory + * :enum:`NGTCP2_ERR_STREAM_NOT_FOUND` + * Stream does not exist + */ +NGTCP2_EXTERN int ngtcp2_conn_shutdown_stream_read(ngtcp2_conn *conn, + int64_t stream_id, + uint64_t app_error_code); + +/** + * @enum + * + * ngtcp2_write_stream_flag defines extra behaviour for + * `ngtcp2_conn_writev_stream()`. + */ +typedef enum { + NGTCP2_WRITE_STREAM_FLAG_NONE = 0x00, + /** + * NGTCP2_WRITE_STREAM_FLAG_MORE indicates that more stream data may + * come and should be coalesced into the same packet if possible. + */ + NGTCP2_WRITE_STREAM_FLAG_MORE = 0x01 +} ngtcp2_write_stream_flag; + +/** + * @function + * + * `ngtcp2_conn_write_stream` is just like + * `ngtcp2_conn_writev_stream`. The only difference is that it + * conveniently accepts a single buffer. + */ +NGTCP2_EXTERN ssize_t ngtcp2_conn_write_stream( + ngtcp2_conn *conn, ngtcp2_path *path, uint8_t *dest, size_t destlen, + ssize_t *pdatalen, uint32_t flags, int64_t stream_id, int fin, + const uint8_t *data, size_t datalen, ngtcp2_tstamp ts); + +/** + * @function + * + * `ngtcp2_conn_writev_stream` writes a packet containing stream data + * of stream denoted by |stream_id|. The buffer of the packet is + * pointed by |dest| of length |destlen|. This function performs QUIC + * handshake as well. + * + * Specifying -1 to |stream_id| means no new stream data to send. + * + * If |path| is not NULL, this function stores the network path with + * which the packet should be sent. Each addr field must point to the + * buffer which is at least 128 bytes. ``sizeof(struct + * sockaddr_storage)`` is enough. The assignment might not be done if + * nothing is written to |dest|. + * + * If the all given data is encoded as STREAM frame in |dest|, and if + * |fin| is nonzero, fin flag is set in outgoing STREAM frame. + * Otherwise, fin flag in STREAM frame is not set. + * + * This packet may contain frames other than STREAM frame. The packet + * might not contain STREAM frame if other frames occupy the packet. + * In that case, |*pdatalen| would be -1 if |pdatalen| is not NULL. + * + * If |fin| is nonzero, and 0 length STREAM frame is successfully + * serialized, |*pdatalen| would be 0. + * + * The number of data encoded in STREAM frame is stored in |*pdatalen| + * if it is not NULL. The caller must keep the portion of data + * covered by |*pdatalen| bytes in tact until + * :type:`ngtcp2_acked_stream_data_offset` indicates that they are + * acknowledged by a remote endpoint or the stream is closed. + * + * If |flags| equals to :enum:`NGTCP2_WRITE_STREAM_FLAG_NONE`, this + * function produces a single payload of UDP packet. If the given + * stream data is small (e.g., few bytes), the packet might be + * severely under filled. Too many small packet might increase + * overall packet processing costs. Unless there are retransmissions, + * by default, application can only send 1 STREAM frame in one QUIC + * packet. In order to include more than 1 STREAM frame in one QUIC + * packet, specify :enum:`NGTCP2_WRITE_STREAM_FLAG_MORE` in |flags|. + * This is analogous to ``MSG_MORE`` flag in ``send(2)``. If the + * :enum:`NGTCP2_WRITE_STREAM_FLAG_MORE` is used, there are 4 + * outcomes: + * + * - The function returns the written length of packet just like + * without :enum:`NGTCP2_WRITE_STREAM_FLAG_MORE`. This is because + * packet is nearly full and the library decided to make a complete + * packet. + * + * - The function returns :enum:`NGTCP2_ERR_WRITE_STREAM_MORE`. This + * indicates that application can call this function with different + * stream data to pack them into the same packet. Application has + * to specify the same |conn|, |path|, |dest|, |destlen|, + * |pdatalen|, and |ts| parameters, otherwise the behaviour is + * undefined. The application can change |flags|. + * + * - The function returns :enum:`NGTCP2_ERR_STREAM_DATA_BLOCKED` which + * indicates that stream is blocked because of flow control. + * + * - The other error might be returned just like without + * :enum:`NGTCP2_WRITE_STREAM_FLAG_MORE`. + * + * When application sees :enum:`NGTCP2_ERR_WRITE_STREAM_MORE`, it must + * not call other ngtcp2 API functions (application can still call + * `ngtcp2_conn_write_connection_close` or + * `ngtcp2_conn_write_application_close` to handle error from this + * function). Just keep calling `ngtcp2_conn_writev_stream` or + * `ngtcp2_conn_write_pkt` until it returns a positive number (which + * indicates a complete packet is ready). + * + * This function returns 0 if it cannot write any frame because buffer + * is too small, or packet is congestion limited. Application should + * keep reading and wait for congestion window to grow. + * + * This function must not be called from inside the callback + * functions. + * + * This function returns the number of bytes written in |dest| if it + * succeeds, or one of the following negative error codes: + * + * :enum:`NGTCP2_ERR_NOMEM` + * Out of memory + * :enum:`NGTCP2_ERR_STREAM_NOT_FOUND` + * Stream does not exist + * :enum:`NGTCP2_ERR_STREAM_SHUT_WR` + * Stream is half closed (local); or stream is being reset. + * :enum:`NGTCP2_ERR_PKT_NUM_EXHAUSTED` + * Packet number is exhausted, and cannot send any more packet. + * :enum:`NGTCP2_ERR_CALLBACK_FAILURE` + * User callback failed + * :enum:`NGTCP2_ERR_NOKEY` + * No encryption key is available. + * :enum:`NGTCP2_ERR_EARLY_DATA_REJECTED` + * Early data was rejected by server. + * :enum:`NGTCP2_ERR_STREAM_DATA_BLOCKED` + * Stream is blocked because of flow control. + * :enum:`NGTCP2_ERR_WRITE_STREAM_MORE` + * (Only when :enum:`NGTCP2_WRITE_STREAM_FLAG_MORE` is specified) + * Application can call this function to pack more stream data + * into the same packet. See above to know how it works. + * + * In general, if the error code which satisfies + * ngtcp2_err_is_fatal(err) != 0 is returned, the application should + * just close the connection by calling + * `ngtcp2_conn_write_connection_close` or just delete the QUIC + * connection using `ngtcp2_conn_del`. It is undefined to call the + * other library functions. + */ +NGTCP2_EXTERN ssize_t ngtcp2_conn_writev_stream( + ngtcp2_conn *conn, ngtcp2_path *path, uint8_t *dest, size_t destlen, + ssize_t *pdatalen, uint32_t flags, int64_t stream_id, int fin, + const ngtcp2_vec *datav, size_t datavcnt, ngtcp2_tstamp ts); + +/** + * @function + * + * `ngtcp2_conn_write_connection_close` writes a packet which contains + * a CONNECTION_CLOSE frame in the buffer pointed by |dest| whose + * capacity is |datalen|. + * + * If |path| is not NULL, this function stores the network path with + * which the packet should be sent. Each addr field must point to the + * buffer which is at least 128 bytes. ``sizeof(struct + * sockaddr_storage)`` is enough. The assignment might not be done if + * nothing is written to |dest|. + * + * This function must not be called from inside the callback + * functions. + * + * At the moment, successful call to this function makes connection + * close. We may change this behaviour in the future to allow + * graceful shutdown. + * + * :enum:`NGTCP2_ERR_NOMEM` + * Out of memory + * :enum:`NGTCP2_ERR_NOBUF` + * Buffer is too small + * :enum:`NGTCP2_ERR_INVALID_STATE` + * The current state does not allow sending CONNECTION_CLOSE. + * :enum:`NGTCP2_ERR_PKT_NUM_EXHAUSTED` + * Packet number is exhausted, and cannot send any more packet. + * :enum:`NGTCP2_ERR_CALLBACK_FAILURE` + * User callback failed + */ +NGTCP2_EXTERN ssize_t ngtcp2_conn_write_connection_close( + ngtcp2_conn *conn, ngtcp2_path *path, uint8_t *dest, size_t destlen, + uint64_t error_code, ngtcp2_tstamp ts); + +/** + * @function + * + * `ngtcp2_conn_write_application_close` writes a packet which + * contains a APPLICATION_CLOSE frame in the buffer pointed by |dest| + * whose capacity is |datalen|. + * + * If |path| is not NULL, this function stores the network path with + * which the packet should be sent. Each addr field must point to the + * buffer which is at least 128 bytes. ``sizeof(struct + * sockaddr_storage)`` is enough. The assignment might not be done if + * nothing is written to |dest|. + * + * This function must not be called from inside the callback + * functions. + * + * At the moment, successful call to this function makes connection + * close. We may change this behaviour in the future to allow + * graceful shutdown. + * + * :enum:`NGTCP2_ERR_NOMEM` + * Out of memory + * :enum:`NGTCP2_ERR_NOBUF` + * Buffer is too small + * :enum:`NGTCP2_ERR_INVALID_STATE` + * The current state does not allow sending APPLICATION_CLOSE. + * :enum:`NGTCP2_ERR_PKT_NUM_EXHAUSTED` + * Packet number is exhausted, and cannot send any more packet. + * :enum:`NGTCP2_ERR_CALLBACK_FAILURE` + * User callback failed + */ +NGTCP2_EXTERN ssize_t ngtcp2_conn_write_application_close( + ngtcp2_conn *conn, ngtcp2_path *path, uint8_t *dest, size_t destlen, + uint64_t app_error_code, ngtcp2_tstamp ts); + +/** + * @function + * + * `ngtcp2_conn_is_in_closing_period` returns nonzero if |conn| is in + * closing period. + */ +NGTCP2_EXTERN int ngtcp2_conn_is_in_closing_period(ngtcp2_conn *conn); + +/** + * @function + * + * `ngtcp2_conn_is_in_draining_period` returns nonzero if |conn| is in + * draining period. + */ +NGTCP2_EXTERN int ngtcp2_conn_is_in_draining_period(ngtcp2_conn *conn); + +/** + * @function + * + * `ngtcp2_conn_extend_max_stream_offset` extends stream's max stream + * data value by |datalen|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * :enum:`NGTCP2_ERR_STREAM_NOT_FOUND` + * Stream was not found + */ +NGTCP2_EXTERN int ngtcp2_conn_extend_max_stream_offset(ngtcp2_conn *conn, + int64_t stream_id, + size_t datalen); + +/** + * @function + * + * `ngtcp2_conn_extend_max_offset` extends max data offset by + * |datalen|. + */ +NGTCP2_EXTERN void ngtcp2_conn_extend_max_offset(ngtcp2_conn *conn, + size_t datalen); + +/** + * @function + * + * `ngtcp2_conn_get_bytes_in_flight` returns the number of bytes which + * is the sum of outgoing QUIC packet length in flight. This does not + * include a packet which only includes ACK frames. + */ +NGTCP2_EXTERN size_t ngtcp2_conn_get_bytes_in_flight(ngtcp2_conn *conn); + +/** + * @function + * + * `ngtcp2_conn_get_dcid` returns the non-NULL pointer to destination + * connection ID. If no destination connection ID is present, the + * return value is not ``NULL``, and its datalen field is 0. + */ +NGTCP2_EXTERN const ngtcp2_cid *ngtcp2_conn_get_dcid(ngtcp2_conn *conn); + +/** + * @function + * + * `ngtcp2_conn_get_num_scid` returns the number of source connection + * IDs which the local endpoint has provided to the peer and have not + * retired. + */ +NGTCP2_EXTERN size_t ngtcp2_conn_get_num_scid(ngtcp2_conn *conn); + +/** + * @function + * + * `ngtcp2_conn_get_scid` writes the all source connection IDs which + * the local endpoint has provided to the peer and have not retired in + * |dest|. The buffer pointed by |dest| must have + * ``sizeof(ngtcp2_cid) * n`` bytes available, where n is the return + * value of `ngtcp2_conn_get_num_scid()`. + */ +NGTCP2_EXTERN size_t ngtcp2_conn_get_scid(ngtcp2_conn *conn, ngtcp2_cid *dest); + +/** + * @function + * + * `ngtcp2_conn_get_negotiated_version` returns the negotiated version. + */ +NGTCP2_EXTERN uint32_t ngtcp2_conn_get_negotiated_version(ngtcp2_conn *conn); + +/** + * @function + * + * `ngtcp2_conn_early_data_rejected` tells |conn| that 0-RTT data was + * rejected by a server. + */ +NGTCP2_EXTERN int ngtcp2_conn_early_data_rejected(ngtcp2_conn *conn); + +/** + * @function + * + * `ngtcp2_conn_get_rcvry_stat` stores recovery information in the + * object pointed by |rcs|. + */ +NGTCP2_EXTERN void ngtcp2_conn_get_rcvry_stat(ngtcp2_conn *conn, + ngtcp2_rcvry_stat *rcs); + +/** + * @struct + * + * ngtcp2_iovec is a struct compatible to standard struct iovec. + */ +typedef struct { + void *iov_base; + size_t iov_len; +} ngtcp2_iovec; + +/** + * @function + * + * `ngtcp2_conn_on_loss_detection_timer` should be called when a timer + * returned from `ngtcp2_conn_earliest_expiry` fires. + * + * Application should call `ngtcp2_conn_handshake` if handshake has + * not completed, otherwise `ngtcp2_conn_write_pkt` (or + * `ngtcp2_conn_write_stream` if it has data to send) to send TLP/RTO + * probe packets. + * + * This function must not be called from inside the callback + * functions. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * :enum:`NGTCP2_ERR_NOMEM` + * Out of memory + */ +NGTCP2_EXTERN int ngtcp2_conn_on_loss_detection_timer(ngtcp2_conn *conn, + ngtcp2_tstamp ts); + +/** + * @function + * + * `ngtcp2_conn_submit_crypto_data` submits crypto stream data |data| + * of length |datalen| to the library for transmission. The + * encryption level is given in |crypto_level|. + * + * Application should keep the buffer pointed by |data| alive until + * the data is acknowledged. The acknowledgement is notified by + * :type:`ngtcp2_acked_crypto_offset` callback. + */ +NGTCP2_EXTERN int +ngtcp2_conn_submit_crypto_data(ngtcp2_conn *conn, + ngtcp2_crypto_level crypto_level, + const uint8_t *data, const size_t datalen); + +/** + * @function + * + * `ngtcp2_conn_set_retry_ocid` tells |conn| that application as a + * server received |ocid| included in token from client. |ocid| will + * be sent in transport parameter. + */ +NGTCP2_EXTERN void ngtcp2_conn_set_retry_ocid(ngtcp2_conn *conn, + const ngtcp2_cid *ocid); + +/** + * @function + * + * `ngtcp2_conn_set_local_addr` sets local endpoint address |addr| to + * |conn|. + */ +NGTCP2_EXTERN void ngtcp2_conn_set_local_addr(ngtcp2_conn *conn, + const ngtcp2_addr *addr); + +/** + * @function + * + * `ngtcp2_conn_set_remote_addr` sets remote endpoint address |addr| + * to |conn|. + */ +NGTCP2_EXTERN void ngtcp2_conn_set_remote_addr(ngtcp2_conn *conn, + const ngtcp2_addr *addr); + +/** + * @function + * + * `ngtcp2_conn_get_remote_addr` returns the remote endpoint address + * set in |conn|. + */ +NGTCP2_EXTERN const ngtcp2_addr *ngtcp2_conn_get_remote_addr(ngtcp2_conn *conn); + +/** + * @function + * + * `ngtcp2_conn_initiate_migration` starts connection migration to the + * given |path| which must not be NULL. Only client can initiate + * migration. This function does immediate migration; it does not + * probe peer reachability from a new local address. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * :enum:`NGTCP2_ERR_INVALID_STATE` + * Migration is disabled. + * :enum:`NGTCP2_ERR_CONN_ID_BLOCKED` + * No unused connection ID is available. + * :enum:`NGTCP2_ERR_INVALID_ARGUMENT` + * |path| equals the current path. + * :enum:`NGTCP2_ERR_NOMEM` + * Out of memory + */ +NGTCP2_EXTERN int ngtcp2_conn_initiate_migration(ngtcp2_conn *conn, + const ngtcp2_path *path, + ngtcp2_tstamp ts); + +/** + * @function + * + * `ngtcp2_conn_get_max_local_streams_uni` returns the cumulative + * number of streams which local endpoint can open. + */ +NGTCP2_EXTERN uint64_t ngtcp2_conn_get_max_local_streams_uni(ngtcp2_conn *conn); + +/** + * @function + * + * `ngtcp2_conn_get_max_data_left` returns the number of bytes that + * this local endpoint can send in this connection. + */ +NGTCP2_EXTERN uint64_t ngtcp2_conn_get_max_data_left(ngtcp2_conn *conn); + +/** + * @function + * + * `ngtcp2_strerror` returns the text representation of |liberr|. + */ +NGTCP2_EXTERN const char *ngtcp2_strerror(int liberr); + +/** + * @function + * + * `ngtcp2_err_is_fatal` returns nonzero if |liberr| is a fatal error. + */ +NGTCP2_EXTERN int ngtcp2_err_is_fatal(int liberr); + +/** + * @function + * + * `ngtcp2_err_infer_quic_transport_error_code` returns a QUIC + * transport error code which corresponds to |liberr|. + */ +NGTCP2_EXTERN uint64_t ngtcp2_err_infer_quic_transport_error_code(int liberr); + +/** + * @function + * + * `ngtcp2_addr_init` initializes |dest| with the given arguments and + * returns |dest|. + */ +NGTCP2_EXTERN ngtcp2_addr *ngtcp2_addr_init(ngtcp2_addr *dest, const void *addr, + size_t addrlen, void *user_data); + +/** + * @function + * + * `ngtcp2_path_storage_init` initializes |ps| with the given + * arguments. This function copies |local_addr| and |remote_addr|. + */ +NGTCP2_EXTERN void +ngtcp2_path_storage_init(ngtcp2_path_storage *ps, const void *local_addr, + size_t local_addrlen, void *local_user_data, + const void *remote_addr, size_t remote_addrlen, + void *remote_user_data); + +/** + * @function + * + * `ngtcp2_path_storage_zero` initializes |ps| with the zero length + * addresses. + */ +NGTCP2_EXTERN void ngtcp2_path_storage_zero(ngtcp2_path_storage *ps); + +/** + * @function + * + * `ngtcp2_settings_default` initializes |settings| with the default + * values. First this function fills |settings| with 0 and set the + * default value to the following fields: + * + * * max_packet_size = NGTCP2_MAX_PKT_SIZE + * * ack_delay_component = NGTCP2_DEFAULT_ACK_DELAY_EXPONENT + * * max_ack_delay = NGTCP2_DEFAULT_MAX_ACK_DELAY + */ +NGTCP2_EXTERN void ngtcp2_settings_default(ngtcp2_settings *settings); + +/* + * @function + * + * `ngtcp2_mem_default` returns the default, system standard memory + * allocator. + */ +NGTCP2_EXTERN const ngtcp2_mem *ngtcp2_mem_default(void); + +/** + * @macro + * + * The age of :type:`ngtcp2_info` + */ +#define NGTCP2_VERSION_AGE 1 + +/** + * @struct + * + * This struct is what `ngtcp2_version()` returns. It holds + * information about the particular ngtcp2 version. + */ +typedef struct { + /** + * Age of this struct. This instance of ngtcp2 sets it to + * :macro:`NGTCP2_VERSION_AGE` but a future version may bump it and + * add more struct fields at the bottom + */ + int age; + /** + * the :macro:`NGTCP2_VERSION_NUM` number (since age ==1) + */ + int version_num; + /** + * points to the :macro:`NGTCP2_VERSION` string (since age ==1) + */ + const char *version_str; + /* -------- the above fields all exist when age == 1 */ +} ngtcp2_info; + +/** + * @function + * + * Returns a pointer to a ngtcp2_info struct with version information + * about the run-time library in use. The |least_version| argument + * can be set to a 24 bit numerical value for the least accepted + * version number and if the condition is not met, this function will + * return a ``NULL``. Pass in 0 to skip the version checking. + */ +NGTCP2_EXTERN ngtcp2_info *ngtcp2_version(int least_version); + +#ifdef __cplusplus +} +#endif + +#endif /* NGTCP2_H */ diff --git a/deps/ngtcp2/lib/includes/ngtcp2/version.h b/deps/ngtcp2/lib/includes/ngtcp2/version.h new file mode 100644 index 0000000000..85850725bf --- /dev/null +++ b/deps/ngtcp2/lib/includes/ngtcp2/version.h @@ -0,0 +1,45 @@ +/* + * ngtcp2 + * + * Copyright (c) 2016 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef VERSION_H +#define VERSION_H + +/** + * @macro + * + * Version number of the ngtcp2 library release. + */ +#define NGTCP2_VERSION "0.1.90" + +/** + * @macro + * + * Numerical representation of the version number of the ngtcp2 + * library release. This is a 24 bit number with 8 bits for major + * number, 8 bits for minor and 8 bits for patch. Version 1.2.3 + * becomes 0x010203. + */ +#define NGTCP2_VERSION_NUM 0x00015a + +#endif /* VERSION_H */ diff --git a/deps/ngtcp2/lib/includes/ngtcp2/version.h.in b/deps/ngtcp2/lib/includes/ngtcp2/version.h.in new file mode 100644 index 0000000000..fc7459636d --- /dev/null +++ b/deps/ngtcp2/lib/includes/ngtcp2/version.h.in @@ -0,0 +1,45 @@ +/* + * ngtcp2 + * + * Copyright (c) 2016 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef VERSION_H +#define VERSION_H + +/** + * @macro + * + * Version number of the ngtcp2 library release. + */ +#define NGTCP2_VERSION "@PACKAGE_VERSION@" + +/** + * @macro + * + * Numerical representation of the version number of the ngtcp2 + * library release. This is a 24 bit number with 8 bits for major + * number, 8 bits for minor and 8 bits for patch. Version 1.2.3 + * becomes 0x010203. + */ +#define NGTCP2_VERSION_NUM @PACKAGE_VERSION_NUM@ + +#endif /* VERSION_H */ diff --git a/deps/ngtcp2/lib/ngtcp2_acktr.c b/deps/ngtcp2/lib/ngtcp2_acktr.c new file mode 100644 index 0000000000..494e4cd616 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_acktr.c @@ -0,0 +1,332 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "ngtcp2_acktr.h" + +#include + +#include "ngtcp2_macro.h" + +int ngtcp2_acktr_entry_new(ngtcp2_acktr_entry **ent, int64_t pkt_num, + ngtcp2_tstamp tstamp, const ngtcp2_mem *mem) { + *ent = ngtcp2_mem_malloc(mem, sizeof(ngtcp2_acktr_entry)); + if (*ent == NULL) { + return NGTCP2_ERR_NOMEM; + } + + (*ent)->pkt_num = pkt_num; + (*ent)->len = 1; + (*ent)->tstamp = tstamp; + + return 0; +} + +void ngtcp2_acktr_entry_del(ngtcp2_acktr_entry *ent, const ngtcp2_mem *mem) { + ngtcp2_mem_free(mem, ent); +} + +static int greater(const ngtcp2_ksl_key *lhs, const ngtcp2_ksl_key *rhs) { + return *lhs->i > *rhs->i; +} + +int ngtcp2_acktr_init(ngtcp2_acktr *acktr, ngtcp2_log *log, + const ngtcp2_mem *mem) { + int rv; + + rv = ngtcp2_ringbuf_init(&acktr->acks, 128, sizeof(ngtcp2_acktr_ack_entry), + mem); + if (rv != 0) { + return rv; + } + + rv = ngtcp2_ksl_init(&acktr->ents, greater, sizeof(int64_t), mem); + if (rv != 0) { + ngtcp2_ringbuf_free(&acktr->acks); + return rv; + } + + acktr->log = log; + acktr->mem = mem; + acktr->flags = NGTCP2_ACKTR_FLAG_NONE; + acktr->first_unacked_ts = UINT64_MAX; + acktr->rx_npkt = 0; + + return 0; +} + +void ngtcp2_acktr_free(ngtcp2_acktr *acktr) { + ngtcp2_ksl_it it; + + if (acktr == NULL) { + return; + } + + for (it = ngtcp2_ksl_begin(&acktr->ents); !ngtcp2_ksl_it_end(&it); + ngtcp2_ksl_it_next(&it)) { + ngtcp2_acktr_entry_del(ngtcp2_ksl_it_get(&it), acktr->mem); + } + ngtcp2_ksl_free(&acktr->ents); + + ngtcp2_ringbuf_free(&acktr->acks); +} + +int ngtcp2_acktr_add(ngtcp2_acktr *acktr, int64_t pkt_num, int active_ack, + ngtcp2_tstamp ts) { + ngtcp2_ksl_it it; + ngtcp2_acktr_entry *ent, *prev_ent, *delent; + int rv; + int added = 0; + ngtcp2_ksl_key key, old_key; + + if (ngtcp2_ksl_len(&acktr->ents)) { + it = ngtcp2_ksl_lower_bound(&acktr->ents, + ngtcp2_ksl_key_ptr(&key, &pkt_num)); + if (ngtcp2_ksl_it_end(&it)) { + ngtcp2_ksl_it_prev(&it); + ent = ngtcp2_ksl_it_get(&it); + + assert(ent->pkt_num >= pkt_num + (int64_t)ent->len); + + if (ent->pkt_num == pkt_num + (int64_t)ent->len) { + ++ent->len; + added = 1; + } + } else { + ent = ngtcp2_ksl_it_get(&it); + + assert(ent->pkt_num != pkt_num); + + if (ngtcp2_ksl_it_begin(&it)) { + if (ent->pkt_num + 1 == pkt_num) { + ngtcp2_ksl_update_key(&acktr->ents, + ngtcp2_ksl_key_ptr(&key, &ent->pkt_num), + ngtcp2_ksl_key_ptr(&old_key, &pkt_num)); + ent->pkt_num = pkt_num; + ent->tstamp = ts; + ++ent->len; + added = 1; + } + } else { + ngtcp2_ksl_it_prev(&it); + prev_ent = ngtcp2_ksl_it_get(&it); + + assert(prev_ent->pkt_num >= pkt_num + (int64_t)prev_ent->len); + + if (ent->pkt_num + 1 == pkt_num) { + if (prev_ent->pkt_num == pkt_num + (int64_t)prev_ent->len) { + prev_ent->len += ent->len + 1; + ngtcp2_ksl_remove(&acktr->ents, NULL, + ngtcp2_ksl_key_ptr(&key, &ent->pkt_num)); + ngtcp2_acktr_entry_del(ent, acktr->mem); + added = 1; + } else { + ngtcp2_ksl_update_key(&acktr->ents, + ngtcp2_ksl_key_ptr(&key, &ent->pkt_num), + ngtcp2_ksl_key_ptr(&old_key, &pkt_num)); + ent->pkt_num = pkt_num; + ent->tstamp = ts; + ++ent->len; + added = 1; + } + } else if (prev_ent->pkt_num == pkt_num + (int64_t)prev_ent->len) { + ++prev_ent->len; + added = 1; + } + } + } + } + + if (!added) { + rv = ngtcp2_acktr_entry_new(&ent, pkt_num, ts, acktr->mem); + if (rv != 0) { + return rv; + } + rv = ngtcp2_ksl_insert(&acktr->ents, NULL, + ngtcp2_ksl_key_ptr(&key, &ent->pkt_num), ent); + if (rv != 0) { + ngtcp2_acktr_entry_del(ent, acktr->mem); + return rv; + } + } + + if (active_ack) { + acktr->flags |= NGTCP2_ACKTR_FLAG_ACTIVE_ACK; + if (acktr->first_unacked_ts == UINT64_MAX) { + acktr->first_unacked_ts = ts; + } + } + + if (ngtcp2_ksl_len(&acktr->ents) > NGTCP2_ACKTR_MAX_ENT) { + it = ngtcp2_ksl_end(&acktr->ents); + ngtcp2_ksl_it_prev(&it); + delent = ngtcp2_ksl_it_get(&it); + ngtcp2_ksl_remove(&acktr->ents, NULL, + ngtcp2_ksl_key_ptr(&key, &delent->pkt_num)); + ngtcp2_acktr_entry_del(delent, acktr->mem); + } + + return 0; +} + +void ngtcp2_acktr_forget(ngtcp2_acktr *acktr, ngtcp2_acktr_entry *ent) { + ngtcp2_ksl_it it; + ngtcp2_ksl_key key; + + it = ngtcp2_ksl_lower_bound(&acktr->ents, + ngtcp2_ksl_key_ptr(&key, &ent->pkt_num)); + assert(*ngtcp2_ksl_it_key(&it).i == (int64_t)ent->pkt_num); + + for (; !ngtcp2_ksl_it_end(&it);) { + ent = ngtcp2_ksl_it_get(&it); + ngtcp2_ksl_remove(&acktr->ents, &it, + ngtcp2_ksl_key_ptr(&key, &ent->pkt_num)); + ngtcp2_acktr_entry_del(ent, acktr->mem); + } +} + +ngtcp2_ksl_it ngtcp2_acktr_get(ngtcp2_acktr *acktr) { + return ngtcp2_ksl_begin(&acktr->ents); +} + +ngtcp2_acktr_ack_entry *ngtcp2_acktr_add_ack(ngtcp2_acktr *acktr, + int64_t pkt_num, + int64_t largest_ack) { + ngtcp2_acktr_ack_entry *ent = ngtcp2_ringbuf_push_front(&acktr->acks); + + ent->largest_ack = largest_ack; + ent->pkt_num = pkt_num; + + return ent; +} + +/* + * acktr_remove removes |ent| from |acktr|. The iterator which points + * to the entry next to |ent| is assigned to |it|. + */ +static void acktr_remove(ngtcp2_acktr *acktr, ngtcp2_ksl_it *it, + ngtcp2_acktr_entry *ent) { + ngtcp2_ksl_key key; + + ngtcp2_ksl_remove(&acktr->ents, it, ngtcp2_ksl_key_ptr(&key, &ent->pkt_num)); + ngtcp2_acktr_entry_del(ent, acktr->mem); +} + +static void acktr_on_ack(ngtcp2_acktr *acktr, ngtcp2_ringbuf *rb, + size_t ack_ent_offset) { + ngtcp2_acktr_ack_entry *ack_ent; + ngtcp2_acktr_entry *ent; + ngtcp2_ksl_it it; + ngtcp2_ksl_key key; + + assert(ngtcp2_ringbuf_len(rb)); + + ack_ent = ngtcp2_ringbuf_get(rb, ack_ent_offset); + + /* Assume that ngtcp2_pkt_validate_ack(fr) returns 0 */ + it = ngtcp2_ksl_lower_bound(&acktr->ents, + ngtcp2_ksl_key_ptr(&key, &ack_ent->largest_ack)); + for (; !ngtcp2_ksl_it_end(&it);) { + ent = ngtcp2_ksl_it_get(&it); + acktr_remove(acktr, &it, ent); + } + + if (ngtcp2_ksl_len(&acktr->ents)) { + assert(ngtcp2_ksl_it_end(&it)); + + ngtcp2_ksl_it_prev(&it); + ent = ngtcp2_ksl_it_get(&it); + if (ent->pkt_num > ack_ent->largest_ack && + ack_ent->largest_ack >= ent->pkt_num - (int64_t)(ent->len - 1)) { + ent->len = (size_t)(ent->pkt_num - ack_ent->largest_ack); + } + } + + ngtcp2_ringbuf_resize(rb, ack_ent_offset); +} + +void ngtcp2_acktr_recv_ack(ngtcp2_acktr *acktr, const ngtcp2_ack *fr) { + ngtcp2_acktr_ack_entry *ent; + int64_t largest_ack = fr->largest_ack, min_ack; + size_t i, j; + ngtcp2_ringbuf *rb = &acktr->acks; + size_t nacks = ngtcp2_ringbuf_len(rb); + + /* Assume that ngtcp2_pkt_validate_ack(fr) returns 0 */ + for (j = 0; j < nacks; ++j) { + ent = ngtcp2_ringbuf_get(rb, j); + if (largest_ack >= ent->pkt_num) { + break; + } + } + if (j == nacks) { + return; + } + + min_ack = largest_ack - (int64_t)fr->first_ack_blklen; + + if (min_ack <= ent->pkt_num && ent->pkt_num <= largest_ack) { + acktr_on_ack(acktr, rb, j); + return; + } + + for (i = 0; i < fr->num_blks && j < nacks; ++i) { + largest_ack = min_ack - (int64_t)fr->blks[i].gap - 2; + min_ack = largest_ack - (int64_t)fr->blks[i].blklen; + + for (;;) { + if (ent->pkt_num > largest_ack) { + ++j; + if (j == nacks) { + return; + } + ent = ngtcp2_ringbuf_get(rb, j); + continue; + } + if (ent->pkt_num < min_ack) { + break; + } + acktr_on_ack(acktr, rb, j); + return; + } + } + + return; +} + +void ngtcp2_acktr_commit_ack(ngtcp2_acktr *acktr) { + acktr->flags &= (uint16_t) ~(NGTCP2_ACKTR_FLAG_ACTIVE_ACK | + NGTCP2_ACKTR_FLAG_IMMEDIATE_ACK | + NGTCP2_ACKTR_FLAG_CANCEL_TIMER); + acktr->first_unacked_ts = UINT64_MAX; + acktr->rx_npkt = 0; +} + +int ngtcp2_acktr_require_active_ack(ngtcp2_acktr *acktr, uint64_t max_ack_delay, + ngtcp2_tstamp ts) { + return acktr->first_unacked_ts <= ts - max_ack_delay; +} + +void ngtcp2_acktr_immediate_ack(ngtcp2_acktr *acktr) { + acktr->flags |= NGTCP2_ACKTR_FLAG_IMMEDIATE_ACK; +} diff --git a/deps/ngtcp2/lib/ngtcp2_acktr.h b/deps/ngtcp2/lib/ngtcp2_acktr.h new file mode 100644 index 0000000000..d72b621466 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_acktr.h @@ -0,0 +1,218 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGTCP2_ACKTR_H +#define NGTCP2_ACKTR_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include "ngtcp2_mem.h" +#include "ngtcp2_ringbuf.h" +#include "ngtcp2_ksl.h" +#include "ngtcp2_pkt.h" + +/* NGTCP2_ACKTR_MAX_ENT is the maximum number of ngtcp2_acktr_entry + which ngtcp2_acktr stores. */ +#define NGTCP2_ACKTR_MAX_ENT 1024 + +/* NGTCP2_NUM_IMMEDIATE_ACK_PKT is the maximum number of received + packets which triggers the immediate ACK. */ +#define NGTCP2_NUM_IMMEDIATE_ACK_PKT 2 + +struct ngtcp2_acktr_entry; +typedef struct ngtcp2_acktr_entry ngtcp2_acktr_entry; + +struct ngtcp2_log; +typedef struct ngtcp2_log ngtcp2_log; + +/* + * ngtcp2_acktr_entry is a range of packets which need to be acked. + */ +struct ngtcp2_acktr_entry { + /* pkt_num is the largest packet number to acknowledge in this + range. */ + int64_t pkt_num; + /* len is the consecutive packets started from pkt_num which + includes pkt_num itself counting in decreasing order. So pkt_num + = 987 and len = 2, this entry includes packet 987 and 986. */ + size_t len; + /* tstamp is the timestamp when a packet denoted by pkt_num is + received. */ + ngtcp2_tstamp tstamp; +}; + +/* + * ngtcp2_acktr_entry_new allocates memory for ent, and initializes it + * with the given parameters. The pointer to the allocated object is + * stored to |*ent|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +int ngtcp2_acktr_entry_new(ngtcp2_acktr_entry **ent, int64_t pkt_num, + ngtcp2_tstamp tstamp, const ngtcp2_mem *mem); + +/* + * ngtcp2_acktr_entry_del deallocates memory allocated for |ent|. It + * deallocates memory pointed by |ent|. + */ +void ngtcp2_acktr_entry_del(ngtcp2_acktr_entry *ent, const ngtcp2_mem *mem); + +typedef struct { + /* largest_ack is the largest packet number in outgoing ACK frame */ + int64_t largest_ack; + /* pkt_num is the packet number that ACK frame is included. */ + int64_t pkt_num; +} ngtcp2_acktr_ack_entry; + +typedef enum { + NGTCP2_ACKTR_FLAG_NONE = 0x00, + /* NGTCP2_ACKTR_FLAG_IMMEDIATE_ACK indicates that immediate + acknowledgement is required. */ + NGTCP2_ACKTR_FLAG_IMMEDIATE_ACK = 0x01, + /* NGTCP2_ACKTR_FLAG_ACTIVE_ACK indicates that there are + pending protected packet to be acknowledged. */ + NGTCP2_ACKTR_FLAG_ACTIVE_ACK = 0x02, + /* NGTCP2_ACKTR_FLAG_PENDING_ACK_FINISHED is set when server + received TLSv1.3 Finished message, and its acknowledgement is + pending. */ + NGTCP2_ACKTR_FLAG_PENDING_FINISHED_ACK = 0x40, + /* NGTCP2_ACKTR_FLAG_ACK_FINISHED_ACK is set when server received + acknowledgement for ACK which acknowledges the last handshake + packet from client (which contains TLSv1.3 Finished message). */ + NGTCP2_ACKTR_FLAG_ACK_FINISHED_ACK = 0x80, + /* NGTCP2_ACKTR_FLAG_CANCEL_TIMER is set when ACK delay timer is + expired and canceled. */ + NGTCP2_ACKTR_FLAG_CANCEL_TIMER = 0x0100, +} ngtcp2_acktr_flag; + +/* + * ngtcp2_acktr tracks received packets which we have to send ack. + */ +typedef struct { + ngtcp2_ringbuf acks; + /* ents includes ngtcp2_acktr_entry sorted by decreasing order of + packet number. */ + ngtcp2_ksl ents; + ngtcp2_log *log; + const ngtcp2_mem *mem; + /* flags is bitwise OR of zero, or more of ngtcp2_ack_flag. */ + uint16_t flags; + /* first_unacked_ts is timestamp when ngtcp2_acktr_entry is added + first time after the last outgoing ACK frame. */ + ngtcp2_tstamp first_unacked_ts; + /* rx_npkt is the number of packets received without sending ACK. */ + size_t rx_npkt; +} ngtcp2_acktr; + +/* + * ngtcp2_acktr_init initializes |acktr|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +int ngtcp2_acktr_init(ngtcp2_acktr *acktr, ngtcp2_log *log, + const ngtcp2_mem *mem); + +/* + * ngtcp2_acktr_free frees resources allocated for |acktr|. It frees + * any ngtcp2_acktr_entry added to |acktr|. + */ +void ngtcp2_acktr_free(ngtcp2_acktr *acktr); + +/* + * ngtcp2_acktr_add adds packet number |pkt_num| to |acktr|. + * |active_ack| is nonzero if |pkt_num| is retransmittable packet. + * + * This function assumes that |acktr| does not contain |pkt_num|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * OUt of memory. + */ +int ngtcp2_acktr_add(ngtcp2_acktr *acktr, int64_t pkt_num, int active_ack, + ngtcp2_tstamp ts); + +/* + * ngtcp2_acktr_forget removes all entries which have the packet + * number that is equal to or less than ent->pkt_num. This function + * assumes that |acktr| includes |ent|. + */ +void ngtcp2_acktr_forget(ngtcp2_acktr *acktr, ngtcp2_acktr_entry *ent); + +/* + * ngtcp2_acktr_get returns the pointer to pointer to the entry which + * has the largest packet number to be acked. If there is no entry, + * returned value satisfies ngtcp2_ksl_it_end(&it) != 0. + */ +ngtcp2_ksl_it ngtcp2_acktr_get(ngtcp2_acktr *acktr); + +/* + * ngtcp2_acktr_add_ack records outgoing ACK frame whose largest + * acknowledged packet number is |largest_ack|. |pkt_num| is the + * packet number of a packet in which ACK frame is included. This + * function returns a pointer to the object it adds. + */ +ngtcp2_acktr_ack_entry * +ngtcp2_acktr_add_ack(ngtcp2_acktr *acktr, int64_t pkt_num, int64_t largest_ack); + +/* + * ngtcp2_acktr_recv_ack processes the incoming ACK frame |fr|. + * |pkt_num| is a packet number which includes |fr|. If we receive + * ACK which acknowledges the ACKs added by ngtcp2_acktr_add_ack, + * ngtcp2_acktr_entry which the outgoing ACK acknowledges is removed. + */ +void ngtcp2_acktr_recv_ack(ngtcp2_acktr *acktr, const ngtcp2_ack *fr); + +/* + * ngtcp2_acktr_commit_ack tells |acktr| that ACK frame is generated. + */ +void ngtcp2_acktr_commit_ack(ngtcp2_acktr *acktr); + +/* + * ngtcp2_acktr_require_active_ack returns nonzero if ACK frame should + * be generated actively. + */ +int ngtcp2_acktr_require_active_ack(ngtcp2_acktr *acktr, uint64_t max_ack_delay, + ngtcp2_tstamp ts); + +/* + * ngtcp2_acktr_immediate_ack tells |acktr| that immediate + * acknowledgement is required. + */ +void ngtcp2_acktr_immediate_ack(ngtcp2_acktr *acktr); + +#endif /* NGTCP2_ACKTR_H */ diff --git a/deps/ngtcp2/lib/ngtcp2_addr.c b/deps/ngtcp2/lib/ngtcp2_addr.c new file mode 100644 index 0000000000..13a787bdea --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_addr.c @@ -0,0 +1,57 @@ +/* + * ngtcp2 + * + * Copyright (c) 2019 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "ngtcp2_addr.h" + +#include + +ngtcp2_addr *ngtcp2_addr_init(ngtcp2_addr *dest, const void *addr, + size_t addrlen, void *user_data) { + dest->addrlen = addrlen; + dest->addr = (uint8_t *)addr; + dest->user_data = user_data; + return dest; +} + +void ngtcp2_addr_copy(ngtcp2_addr *dest, const ngtcp2_addr *src) { + dest->addrlen = src->addrlen; + if (src->addrlen) { + memcpy(dest->addr, src->addr, src->addrlen); + } + dest->user_data = src->user_data; +} + +void ngtcp2_addr_copy_byte(ngtcp2_addr *dest, const void *addr, + size_t addrlen) { + dest->addrlen = addrlen; + if (addrlen) { + memcpy(dest->addr, addr, addrlen); + } +} + +int ngtcp2_addr_eq(const ngtcp2_addr *a, const ngtcp2_addr *b) { + return a->addrlen == b->addrlen && memcmp(a->addr, b->addr, a->addrlen) == 0; +} + +int ngtcp2_addr_empty(const ngtcp2_addr *addr) { return addr->addrlen == 0; } diff --git a/deps/ngtcp2/lib/ngtcp2_addr.h b/deps/ngtcp2/lib/ngtcp2_addr.h new file mode 100644 index 0000000000..db8b714408 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_addr.h @@ -0,0 +1,60 @@ +/* + * ngtcp2 + * + * Copyright (c) 2019 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGTCP2_ADDR_H +#define NGTCP2_ADDR_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +/* + * ngtcp2_addr_copy copies |src| to |dest|. This function assumes + * that dest->addr points to a buffer which have sufficient size to + * store the copy. + */ +void ngtcp2_addr_copy(ngtcp2_addr *dest, const ngtcp2_addr *src); + +/* + * ngtcp2_addr_copy_byte copies |addr| of length |addrlen| into the + * buffer pointed by dest->addr. dest->len is updated to have + * |addrlen|. This function assumes that dest->addr points to a + * buffer which have sufficient size to store the copy. + */ +void ngtcp2_addr_copy_byte(ngtcp2_addr *dest, const void *addr, size_t addrlen); + +/* + * ngtcp2_addr_eq returns nonzero if |a| equals |b|. + */ +int ngtcp2_addr_eq(const ngtcp2_addr *a, const ngtcp2_addr *b); + +/* + * ngtcp2_addr_empty returns nonzero if |addr| has zero length + * address. + */ +int ngtcp2_addr_empty(const ngtcp2_addr *addr); + +#endif /* NGTCP2_ADDR_H */ diff --git a/deps/ngtcp2/lib/ngtcp2_buf.c b/deps/ngtcp2/lib/ngtcp2_buf.c new file mode 100644 index 0000000000..a8180a3c85 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_buf.c @@ -0,0 +1,42 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "ngtcp2_buf.h" + +void ngtcp2_buf_init(ngtcp2_buf *buf, uint8_t *begin, size_t len) { + buf->begin = buf->pos = buf->last = begin; + buf->end = begin + len; +} + +size_t ngtcp2_buf_left(ngtcp2_buf *buf) { + return (size_t)(buf->end - buf->last); +} + +size_t ngtcp2_buf_len(ngtcp2_buf *buf) { + return (size_t)(buf->last - buf->pos); +} + +size_t ngtcp2_buf_cap(ngtcp2_buf *buf) { + return (size_t)(buf->end - buf->begin); +} diff --git a/deps/ngtcp2/lib/ngtcp2_buf.h b/deps/ngtcp2/lib/ngtcp2_buf.h new file mode 100644 index 0000000000..ca45a94579 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_buf.h @@ -0,0 +1,73 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGTCP2_BUF_H +#define NGTCP2_BUF_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +typedef struct { + /* begin points to the beginning of the buffer. */ + uint8_t *begin; + /* end points to the one beyond of the last byte of the buffer */ + uint8_t *end; + /* pos pointers to the start of data. Typically, this points to the + point that next data should be read. Initially, it points to + |begin|. */ + uint8_t *pos; + /* last points to the one beyond of the last data of the buffer. + Typically, new data is written at this point. Initially, it + points to |begin|. */ + uint8_t *last; +} ngtcp2_buf; + +/* + * ngtcp2_buf_init initializes |buf| with the given buffer. + */ +void ngtcp2_buf_init(ngtcp2_buf *buf, uint8_t *begin, size_t len); + +/* + * ngtcp2_buf_left returns the number of additional bytes which can be + * written to the underlying buffer. In other words, it returns + * buf->end - buf->last. + */ +size_t ngtcp2_buf_left(ngtcp2_buf *buf); + +/* + * ngtcp2_buf_len returns the number of bytes left to read. In other + * words, it returns buf->last - buf->pos. + */ +size_t ngtcp2_buf_len(ngtcp2_buf *buf); + +/* + * ngtcp2_buf_cap returns the capacity of the buffer. In other words, + * it returns buf->end - buf->begin. + */ +size_t ngtcp2_buf_cap(ngtcp2_buf *buf); + +#endif /* NGTCP2_BUF_H */ diff --git a/deps/ngtcp2/lib/ngtcp2_cc.c b/deps/ngtcp2/lib/ngtcp2_cc.c new file mode 100644 index 0000000000..61aafa0089 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_cc.c @@ -0,0 +1,107 @@ +/* + * ngtcp2 + * + * Copyright (c) 2018 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "ngtcp2_cc.h" + +#include + +#include "ngtcp2_log.h" +#include "ngtcp2_macro.h" + +ngtcp2_cc_pkt *ngtcp2_cc_pkt_init(ngtcp2_cc_pkt *pkt, int64_t pkt_num, + size_t pktlen, ngtcp2_tstamp ts_sent) { + pkt->pkt_num = pkt_num; + pkt->pktlen = pktlen; + pkt->ts_sent = ts_sent; + + return pkt; +} + +void ngtcp2_default_cc_init(ngtcp2_default_cc *cc, ngtcp2_cc_stat *ccs, + ngtcp2_log *log) { + cc->log = log; + cc->ccs = ccs; +} + +void ngtcp2_default_cc_free(ngtcp2_default_cc *cc) { (void)cc; } + +static int default_cc_in_congestion_recovery(ngtcp2_default_cc *cc, + ngtcp2_tstamp sent_time) { + return sent_time <= cc->ccs->congestion_recovery_start_time; +} + +void ngtcp2_default_cc_on_pkt_acked(ngtcp2_default_cc *cc, + const ngtcp2_cc_pkt *pkt) { + ngtcp2_cc_stat *ccs = cc->ccs; + + if (default_cc_in_congestion_recovery(cc, pkt->ts_sent)) { + return; + } + + /* TODO Do something if "app limited" */ + + if (ccs->cwnd < ccs->ssthresh) { + ccs->cwnd += pkt->pktlen; + ngtcp2_log_info(cc->log, NGTCP2_LOG_EVENT_RCV, + "pkn=%" PRId64 " acked, slow start cwnd=%lu", pkt->pkt_num, + ccs->cwnd); + return; + } + + ccs->cwnd += NGTCP2_MAX_DGRAM_SIZE * pkt->pktlen / ccs->cwnd; +} + +void ngtcp2_default_cc_congestion_event(ngtcp2_default_cc *cc, + ngtcp2_tstamp ts_sent, + ngtcp2_tstamp ts) { + ngtcp2_cc_stat *ccs = cc->ccs; + + if (!default_cc_in_congestion_recovery(cc, ts_sent)) { + return; + } + ccs->congestion_recovery_start_time = ts; + ccs->cwnd = (uint64_t)((double)ccs->cwnd * NGTCP2_LOSS_REDUCTION_FACTOR); + ccs->cwnd = ngtcp2_max(ccs->cwnd, NGTCP2_MIN_CWND); + ccs->ssthresh = ccs->cwnd; + + ngtcp2_log_info(cc->log, NGTCP2_LOG_EVENT_RCV, + "reduce cwnd because of packet loss cwnd=%lu", ccs->cwnd); +} + +void ngtcp2_default_cc_handle_persistent_congestion(ngtcp2_default_cc *cc, + ngtcp2_duration loss_window, + ngtcp2_duration pto) { + ngtcp2_cc_stat *ccs = cc->ccs; + ngtcp2_duration congestion_period = + pto * NGTCP2_PERSISTENT_CONGESTION_THRESHOLD; + + if (loss_window >= congestion_period) { + ngtcp2_log_info(cc->log, NGTCP2_LOG_EVENT_RCV, + "persistent congestion loss_window=%" PRIu64 + " congestion_period=%" PRIu64, + loss_window, congestion_period); + + ccs->cwnd = NGTCP2_MIN_CWND; + } +} diff --git a/deps/ngtcp2/lib/ngtcp2_cc.h b/deps/ngtcp2/lib/ngtcp2_cc.h new file mode 100644 index 0000000000..c6637a0168 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_cc.h @@ -0,0 +1,87 @@ +/* + * ngtcp2 + * + * Copyright (c) 2018 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGTCP2_CC_H +#define NGTCP2_CC_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#define NGTCP2_MAX_DGRAM_SIZE 1200 +#define NGTCP2_MIN_CWND (2 * NGTCP2_MAX_DGRAM_SIZE) +#define NGTCP2_LOSS_REDUCTION_FACTOR 0.5 +#define NGTCP2_PERSISTENT_CONGESTION_THRESHOLD 3 + +struct ngtcp2_log; +typedef struct ngtcp2_log ngtcp2_log; + +typedef struct { + uint64_t cwnd; + uint64_t ssthresh; + uint64_t congestion_recovery_start_time; + uint64_t bytes_in_flight; +} ngtcp2_cc_stat; + +/* ngtcp2_cc_pkt is a convenient structure to include acked/lost/sent + packet. */ +typedef struct { + /* pkt_num is the packet number */ + int64_t pkt_num; + /* pktlen is the length of packet. */ + size_t pktlen; + /* ts_sent is the timestamp when packet is sent. */ + ngtcp2_tstamp ts_sent; +} ngtcp2_cc_pkt; + +ngtcp2_cc_pkt *ngtcp2_cc_pkt_init(ngtcp2_cc_pkt *pkt, int64_t pkt_num, + size_t pktlen, ngtcp2_tstamp ts_sent); + +/* ngtcp2_default_cc is the default congestion controller. */ +struct ngtcp2_default_cc { + ngtcp2_log *log; + ngtcp2_cc_stat *ccs; +}; + +typedef struct ngtcp2_default_cc ngtcp2_default_cc; + +void ngtcp2_default_cc_init(ngtcp2_default_cc *cc, ngtcp2_cc_stat *ccs, + ngtcp2_log *log); + +void ngtcp2_default_cc_free(ngtcp2_default_cc *cc); + +void ngtcp2_default_cc_on_pkt_acked(ngtcp2_default_cc *cc, + const ngtcp2_cc_pkt *pkt); + +void ngtcp2_default_cc_congestion_event(ngtcp2_default_cc *cc, + ngtcp2_tstamp ts_sent, + ngtcp2_tstamp ts); + +void ngtcp2_default_cc_handle_persistent_congestion(ngtcp2_default_cc *cc, + ngtcp2_duration loss_window, + ngtcp2_duration pto); + +#endif /* NGTCP2_CC_H */ diff --git a/deps/ngtcp2/lib/ngtcp2_cid.c b/deps/ngtcp2/lib/ngtcp2_cid.c new file mode 100644 index 0000000000..c53a61f99a --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_cid.c @@ -0,0 +1,110 @@ +/* + * ngtcp2 + * + * Copyright (c) 2018 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "ngtcp2_cid.h" + +#include +#include + +#include "ngtcp2_path.h" +#include "ngtcp2_str.h" + +void ngtcp2_cid_zero(ngtcp2_cid *cid) { cid->datalen = 0; } + +void ngtcp2_cid_init(ngtcp2_cid *cid, const uint8_t *data, size_t datalen) { + assert(datalen <= NGTCP2_MAX_CIDLEN); + + cid->datalen = datalen; + if (datalen) { + ngtcp2_cpymem(cid->data, data, datalen); + } +} + +int ngtcp2_cid_eq(const ngtcp2_cid *cid, const ngtcp2_cid *other) { + return cid->datalen == other->datalen && + 0 == memcmp(cid->data, other->data, cid->datalen); +} + +int ngtcp2_cid_less(const ngtcp2_cid *lhs, const ngtcp2_cid *rhs) { + int s = lhs->datalen < rhs->datalen; + size_t n = s ? lhs->datalen : rhs->datalen; + int c = memcmp(lhs->data, rhs->data, n); + + return c < 0 || (c == 0 && s); +} + +int ngtcp2_cid_empty(const ngtcp2_cid *cid) { return cid->datalen == 0; } + +void ngtcp2_scid_init(ngtcp2_scid *scid, uint64_t seq, const ngtcp2_cid *cid, + const uint8_t *token) { + scid->pe.index = NGTCP2_PQ_BAD_INDEX; + scid->seq = seq; + scid->cid = *cid; + scid->ts_retired = UINT64_MAX; + scid->flags = NGTCP2_SCID_FLAG_NONE; + if (token) { + memcpy(scid->token, token, NGTCP2_STATELESS_RESET_TOKENLEN); + } else { + memset(scid->token, 0, NGTCP2_STATELESS_RESET_TOKENLEN); + } +} + +void ngtcp2_scid_copy(ngtcp2_scid *dest, const ngtcp2_scid *src) { + ngtcp2_scid_init(dest, src->seq, &src->cid, src->token); + dest->ts_retired = src->ts_retired; + dest->flags = src->flags; +} + +void ngtcp2_dcid_init(ngtcp2_dcid *dcid, uint64_t seq, const ngtcp2_cid *cid, + const uint8_t *token) { + dcid->seq = seq; + dcid->cid = *cid; + if (token) { + memcpy(dcid->token, token, NGTCP2_STATELESS_RESET_TOKENLEN); + } else { + memset(dcid->token, 0, NGTCP2_STATELESS_RESET_TOKENLEN); + } + ngtcp2_path_storage_zero(&dcid->ps); + dcid->ts_retired = UINT64_MAX; +} + +void ngtcp2_dcid_copy(ngtcp2_dcid *dest, const ngtcp2_dcid *src) { + ngtcp2_dcid_init(dest, src->seq, &src->cid, src->token); + ngtcp2_path_copy(&dest->ps.path, &src->ps.path); + dest->ts_retired = src->ts_retired; +} + +int ngtcp2_dcid_verify_uniqueness(ngtcp2_dcid *dcid, uint64_t seq, + const ngtcp2_cid *cid, const uint8_t *token) { + + if (dcid->seq == seq) { + return ngtcp2_cid_eq(&dcid->cid, cid) && + memcmp(dcid->token, token, + NGTCP2_STATELESS_RESET_TOKENLEN) == 0 + ? 0 + : NGTCP2_ERR_PROTO; + } + + return !ngtcp2_cid_eq(&dcid->cid, cid) ? 0 : NGTCP2_ERR_PROTO; +} diff --git a/deps/ngtcp2/lib/ngtcp2_cid.h b/deps/ngtcp2/lib/ngtcp2_cid.h new file mode 100644 index 0000000000..4598ee1cc7 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_cid.h @@ -0,0 +1,135 @@ +/* + * ngtcp2 + * + * Copyright (c) 2018 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGTCP2_CID_H +#define NGTCP2_CID_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include "ngtcp2_pq.h" +#include "ngtcp2_path.h" + +typedef enum { + NGTCP2_SCID_FLAG_NONE, + NGTCP2_SCID_FLAG_USED = 0x01, + NGTCP2_SCID_FLAG_RETIRED = 0x02, + /* NGTCP2_SCID_FLAG_INITIAL_CID indicates that this Connection ID is + provided during handshake (initial Connection ID or in + preferred_address transport parameter). */ + NGTCP2_SCID_FLAG_INITIAL_CID = 0x04, +} ngtcp2_scid_flag; + +typedef struct { + ngtcp2_pq_entry pe; + /* seq is the sequence number associated to the CID. */ + uint64_t seq; + /* cid is a connection ID */ + ngtcp2_cid cid; + /* ts_retired is the timestamp when peer tells that this CID is + retired. */ + ngtcp2_tstamp ts_retired; + /* flags is the bitwise OR of zero or more of ngtcp2_scid_flag. */ + uint8_t flags; + /* token is a stateless reset token associated to this CID. + Actually, the stateless reset token is tied to the connection, + not to the particular connection ID. */ + uint8_t token[NGTCP2_STATELESS_RESET_TOKENLEN]; +} ngtcp2_scid; + +typedef struct { + /* seq is the sequence number associated to the CID. */ + uint64_t seq; + /* cid is a connection ID */ + ngtcp2_cid cid; + /* path is a path which cid is bound to. The addresses are zero + length if cid has not been bound to a particular path yet. */ + ngtcp2_path_storage ps; + /* ts_retired is the timestamp when peer tells that this CID is + retired. */ + ngtcp2_tstamp ts_retired; + /* token is a stateless reset token associated to this CID. + Actually, the stateless reset token is tied to the connection, + not to the particular connection ID. */ + uint8_t token[NGTCP2_STATELESS_RESET_TOKENLEN]; +} ngtcp2_dcid; + +/* ngtcp2_cid_zero makes |cid| zero-length. */ +void ngtcp2_cid_zero(ngtcp2_cid *cid); + +/* + * ngtcp2_cid_eq returns nonzero if |cid| and |other| share the same + * connection ID. + */ +int ngtcp2_cid_eq(const ngtcp2_cid *cid, const ngtcp2_cid *other); + +/* + * ngtcp2_cid_less returns nonzero if |lhs| is lexicographical smaller + * than |rhs|. + */ +int ngtcp2_cid_less(const ngtcp2_cid *lhs, const ngtcp2_cid *rhs); + +/* + * ngtcp2_cid_empty returns nonzero if |cid| includes empty connection + * ID. + */ +int ngtcp2_cid_empty(const ngtcp2_cid *cid); + +/* + * ngtcp2_scid_init initializes |scid| with the given parameters. If + * |token| is NULL, the function fills scid->token it with 0. |token| + * must be NGTCP2_STATELESS_RESET_TOKENLEN bytes long. + */ +void ngtcp2_scid_init(ngtcp2_scid *scid, uint64_t seq, const ngtcp2_cid *cid, + const uint8_t *token); + +/* + * ngtcp2_scid_copy copies |src| into |dest|. + */ +void ngtcp2_scid_copy(ngtcp2_scid *dest, const ngtcp2_scid *src); + +/* + * ngtcp2_dcid_init initializes |dcid| with the given parameters. If + * |token| is NULL, the function fills dcid->token it with 0. |token| + * must be NGTCP2_STATELESS_RESET_TOKENLEN bytes long. + */ +void ngtcp2_dcid_init(ngtcp2_dcid *dcid, uint64_t seq, const ngtcp2_cid *cid, + const uint8_t *token); + +/* + * ngtcp2_dcid_copy copies |src| into |dest|. + */ +void ngtcp2_dcid_copy(ngtcp2_dcid *dest, const ngtcp2_dcid *src); + +/* + * ngtcp2_dcid_verify_uniqueness verifies uniqueness of (|seq|, |cid|, + * |token|) tuple against |dcid|. + */ +int ngtcp2_dcid_verify_uniqueness(ngtcp2_dcid *dcid, uint64_t seq, + const ngtcp2_cid *cid, const uint8_t *token); + +#endif /* NGTCP2_CID_H */ diff --git a/deps/ngtcp2/lib/ngtcp2_conn.c b/deps/ngtcp2/lib/ngtcp2_conn.c new file mode 100644 index 0000000000..7d305fa1cf --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_conn.c @@ -0,0 +1,8628 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "ngtcp2_conn.h" + +#include +#include +#include + +#include "ngtcp2_macro.h" +#include "ngtcp2_log.h" +#include "ngtcp2_cid.h" +#include "ngtcp2_conv.h" +#include "ngtcp2_vec.h" +#include "ngtcp2_addr.h" +#include "ngtcp2_path.h" + +/* + * conn_local_stream returns nonzero if |stream_id| indicates that it + * is the stream initiated by local endpoint. + */ +static int conn_local_stream(ngtcp2_conn *conn, int64_t stream_id) { + return (uint8_t)(stream_id & 1) == conn->server; +} + +/* + * bidi_stream returns nonzero if |stream_id| is a bidirectional + * stream ID. + */ +static int bidi_stream(int64_t stream_id) { return (stream_id & 0x2) == 0; } + +static int conn_call_recv_client_initial(ngtcp2_conn *conn, + const ngtcp2_cid *dcid) { + int rv; + + assert(conn->callbacks.recv_client_initial); + + rv = conn->callbacks.recv_client_initial(conn, dcid, conn->user_data); + if (rv != 0) { + return NGTCP2_ERR_CALLBACK_FAILURE; + } + + return 0; +} + +static int conn_call_handshake_completed(ngtcp2_conn *conn) { + int rv; + + if (!conn->callbacks.handshake_completed) { + return 0; + } + + rv = conn->callbacks.handshake_completed(conn, conn->user_data); + if (rv != 0) { + return NGTCP2_ERR_CALLBACK_FAILURE; + } + + return 0; +} + +static int conn_call_recv_stream_data(ngtcp2_conn *conn, ngtcp2_strm *strm, + int fin, uint64_t offset, + const uint8_t *data, size_t datalen) { + int rv; + + if (!conn->callbacks.recv_stream_data) { + return 0; + } + + rv = conn->callbacks.recv_stream_data(conn, strm->stream_id, fin, offset, + data, datalen, conn->user_data, + strm->stream_user_data); + if (rv != 0) { + return NGTCP2_ERR_CALLBACK_FAILURE; + } + + return 0; +} + +static int conn_call_recv_crypto_data(ngtcp2_conn *conn, + ngtcp2_crypto_level crypto_level, + uint64_t offset, const uint8_t *data, + size_t datalen) { + int rv; + + rv = conn->callbacks.recv_crypto_data(conn, crypto_level, offset, data, + datalen, conn->user_data); + switch (rv) { + case 0: + case NGTCP2_ERR_CRYPTO: + case NGTCP2_ERR_PROTO: + case NGTCP2_ERR_CALLBACK_FAILURE: + return rv; + default: + return NGTCP2_ERR_CALLBACK_FAILURE; + } +} + +static int conn_call_stream_open(ngtcp2_conn *conn, ngtcp2_strm *strm) { + int rv; + + if (!conn->callbacks.stream_open) { + return 0; + } + + rv = conn->callbacks.stream_open(conn, strm->stream_id, conn->user_data); + if (rv != 0) { + return NGTCP2_ERR_CALLBACK_FAILURE; + } + + return 0; +} + +static int conn_call_stream_close(ngtcp2_conn *conn, ngtcp2_strm *strm, + uint64_t app_error_code) { + int rv; + + if (!conn->callbacks.stream_close) { + return 0; + } + + rv = conn->callbacks.stream_close(conn, strm->stream_id, app_error_code, + conn->user_data, strm->stream_user_data); + if (rv != 0) { + return NGTCP2_ERR_CALLBACK_FAILURE; + } + + return 0; +} + +static int conn_call_stream_reset(ngtcp2_conn *conn, int64_t stream_id, + uint64_t final_size, uint64_t app_error_code, + void *stream_user_data) { + int rv; + + if (!conn->callbacks.stream_reset) { + return 0; + } + + rv = conn->callbacks.stream_reset(conn, stream_id, final_size, app_error_code, + conn->user_data, stream_user_data); + if (rv != 0) { + return NGTCP2_ERR_CALLBACK_FAILURE; + } + + return 0; +} + +static int conn_call_extend_max_local_streams_bidi(ngtcp2_conn *conn, + uint64_t max_streams) { + int rv; + + if (!conn->callbacks.extend_max_local_streams_bidi) { + return 0; + } + + rv = conn->callbacks.extend_max_local_streams_bidi(conn, max_streams, + conn->user_data); + if (rv != 0) { + return NGTCP2_ERR_CALLBACK_FAILURE; + } + + return 0; +} + +static int conn_call_extend_max_local_streams_uni(ngtcp2_conn *conn, + uint64_t max_streams) { + int rv; + + if (!conn->callbacks.extend_max_local_streams_uni) { + return 0; + } + + rv = conn->callbacks.extend_max_local_streams_uni(conn, max_streams, + conn->user_data); + if (rv != 0) { + return NGTCP2_ERR_CALLBACK_FAILURE; + } + + return 0; +} + +static int conn_call_get_new_connection_id(ngtcp2_conn *conn, ngtcp2_cid *cid, + uint8_t *token, size_t cidlen) { + int rv; + + assert(conn->callbacks.get_new_connection_id); + + rv = conn->callbacks.get_new_connection_id(conn, cid, token, cidlen, + conn->user_data); + if (rv != 0) { + return NGTCP2_ERR_CALLBACK_FAILURE; + } + + return 0; +} + +static int conn_call_remove_connection_id(ngtcp2_conn *conn, + const ngtcp2_cid *cid) { + int rv; + + if (!conn->callbacks.remove_connection_id) { + return 0; + } + + rv = conn->callbacks.remove_connection_id(conn, cid, conn->user_data); + if (rv != 0) { + return NGTCP2_ERR_CALLBACK_FAILURE; + } + + return 0; +} + +static int conn_call_path_validation(ngtcp2_conn *conn, const ngtcp2_path *path, + ngtcp2_path_validation_result res) { + int rv; + + if (!conn->callbacks.path_validation) { + return 0; + } + + rv = conn->callbacks.path_validation(conn, path, res, conn->user_data); + if (rv != 0) { + return NGTCP2_ERR_CALLBACK_FAILURE; + } + + return 0; +} + +static int conn_call_select_preferred_addr(ngtcp2_conn *conn, + ngtcp2_addr *dest) { + int rv; + + if (!conn->callbacks.select_preferred_addr) { + return 0; + } + + assert(conn->remote.settings.preferred_address_present); + + rv = conn->callbacks.select_preferred_addr( + conn, dest, &conn->remote.settings.preferred_address, conn->user_data); + if (rv != 0) { + return NGTCP2_ERR_CALLBACK_FAILURE; + } + + return 0; +} + +static int conn_call_extend_max_remote_streams_bidi(ngtcp2_conn *conn, + uint64_t max_streams) { + int rv; + + if (!conn->callbacks.extend_max_remote_streams_bidi) { + return 0; + } + + rv = conn->callbacks.extend_max_remote_streams_bidi(conn, max_streams, + conn->user_data); + if (rv != 0) { + return NGTCP2_ERR_CALLBACK_FAILURE; + } + + return 0; +} + +static int conn_call_extend_max_remote_streams_uni(ngtcp2_conn *conn, + uint64_t max_streams) { + int rv; + + if (!conn->callbacks.extend_max_remote_streams_uni) { + return 0; + } + + rv = conn->callbacks.extend_max_remote_streams_uni(conn, max_streams, + conn->user_data); + if (rv != 0) { + return NGTCP2_ERR_CALLBACK_FAILURE; + } + + return 0; +} + +static int conn_call_extend_max_stream_data(ngtcp2_conn *conn, + ngtcp2_strm *strm, + int64_t stream_id, + uint64_t datalen) { + int rv; + + if (!conn->callbacks.extend_max_stream_data) { + return 0; + } + + rv = conn->callbacks.extend_max_stream_data( + conn, stream_id, datalen, conn->user_data, strm->stream_user_data); + if (rv != 0) { + return NGTCP2_ERR_CALLBACK_FAILURE; + } + + return 0; +} + +/* + * bw_reset resets |bw| to the initial state. + */ +static void bw_reset(ngtcp2_bw *bw) { + bw->first_ts = 0; + bw->last_ts = 0; + bw->datalen = 0; + bw->value = 0.; +} + +static int crypto_offset_less(const ngtcp2_ksl_key *lhs, + const ngtcp2_ksl_key *rhs) { + return *lhs->i < *rhs->i; +} + +static int pktns_init(ngtcp2_pktns *pktns, ngtcp2_crypto_level crypto_level, + ngtcp2_default_cc *cc, ngtcp2_log *log, + const ngtcp2_mem *mem) { + int rv; + + rv = ngtcp2_gaptr_init(&pktns->rx.pngap, mem); + if (rv != 0) { + return rv; + } + + pktns->tx.last_pkt_num = -1; + pktns->rx.max_pkt_num = -1; + + rv = ngtcp2_acktr_init(&pktns->acktr, log, mem); + if (rv != 0) { + goto fail_acktr_init; + } + + rv = ngtcp2_strm_init(&pktns->crypto.strm, 0, NGTCP2_STRM_FLAG_NONE, 0, 0, + NULL, mem); + if (rv != 0) { + goto fail_crypto_init; + } + + rv = ngtcp2_ksl_init(&pktns->crypto.tx.frq, crypto_offset_less, + sizeof(uint64_t), mem); + if (rv != 0) { + goto fail_tx_frq_init; + } + + ngtcp2_rtb_init(&pktns->rtb, crypto_level, &pktns->crypto.strm, cc, log, mem); + + return 0; + +fail_tx_frq_init: + ngtcp2_strm_free(&pktns->crypto.strm); +fail_crypto_init: + ngtcp2_acktr_free(&pktns->acktr); +fail_acktr_init: + ngtcp2_gaptr_free(&pktns->rx.pngap); + + return rv; +} + +static int cycle_less(const ngtcp2_pq_entry *lhs, const ngtcp2_pq_entry *rhs) { + ngtcp2_strm *ls = ngtcp2_struct_of(lhs, ngtcp2_strm, pe); + ngtcp2_strm *rs = ngtcp2_struct_of(rhs, ngtcp2_strm, pe); + + if (ls->cycle < rs->cycle) { + return rs->cycle - ls->cycle <= 1; + } + + return ls->cycle - rs->cycle > 1; +} + +static void delete_buffed_pkts(ngtcp2_pkt_chain *pc, const ngtcp2_mem *mem) { + ngtcp2_pkt_chain *next; + + for (; pc;) { + next = pc->next; + ngtcp2_pkt_chain_del(pc, mem); + pc = next; + } +} + +static void pktns_free(ngtcp2_pktns *pktns, const ngtcp2_mem *mem) { + ngtcp2_frame_chain *frc; + ngtcp2_ksl_it it; + + delete_buffed_pkts(pktns->rx.buffed_pkts, mem); + + ngtcp2_frame_chain_list_del(pktns->tx.frq, mem); + + ngtcp2_vec_del(pktns->crypto.rx.hp, mem); + ngtcp2_vec_del(pktns->crypto.tx.hp, mem); + + ngtcp2_crypto_km_del(pktns->crypto.rx.ckm, mem); + ngtcp2_crypto_km_del(pktns->crypto.tx.ckm, mem); + + for (it = ngtcp2_ksl_begin(&pktns->crypto.tx.frq); !ngtcp2_ksl_it_end(&it); + ngtcp2_ksl_it_next(&it)) { + frc = ngtcp2_ksl_it_get(&it); + ngtcp2_frame_chain_del(frc, mem); + } + + ngtcp2_ksl_free(&pktns->crypto.tx.frq); + ngtcp2_rtb_free(&pktns->rtb); + ngtcp2_strm_free(&pktns->crypto.strm); + ngtcp2_acktr_free(&pktns->acktr); + ngtcp2_gaptr_free(&pktns->rx.pngap); +} + +static int cid_less(const ngtcp2_ksl_key *lhs, const ngtcp2_ksl_key *rhs) { + return ngtcp2_cid_less(lhs->ptr, rhs->ptr); +} + +static int ts_retired_less(const ngtcp2_pq_entry *lhs, + const ngtcp2_pq_entry *rhs) { + const ngtcp2_scid *a = ngtcp2_struct_of(lhs, ngtcp2_scid, pe); + const ngtcp2_scid *b = ngtcp2_struct_of(rhs, ngtcp2_scid, pe); + + return a->ts_retired < b->ts_retired; +} + +static void rcvry_stat_reset(ngtcp2_rcvry_stat *rcs) { + memset(rcs, 0, sizeof(*rcs)); + rcs->min_rtt = UINT64_MAX; +} + +static void cc_stat_reset(ngtcp2_cc_stat *ccs) { + memset(ccs, 0, sizeof(*ccs)); + ccs->cwnd = ngtcp2_min(10 * NGTCP2_MAX_DGRAM_SIZE, + ngtcp2_max(2 * NGTCP2_MAX_DGRAM_SIZE, 14720)); + ccs->ssthresh = UINT64_MAX; +} + +static void delete_scid(ngtcp2_ksl *scids, const ngtcp2_mem *mem) { + ngtcp2_ksl_it it; + + for (it = ngtcp2_ksl_begin(scids); !ngtcp2_ksl_it_end(&it); + ngtcp2_ksl_it_next(&it)) { + ngtcp2_mem_free(mem, ngtcp2_ksl_it_get(&it)); + } +} + +static int conn_new(ngtcp2_conn **pconn, const ngtcp2_cid *dcid, + const ngtcp2_cid *scid, const ngtcp2_path *path, + uint32_t version, const ngtcp2_conn_callbacks *callbacks, + const ngtcp2_settings *settings, const ngtcp2_mem *mem, + void *user_data, int server) { + int rv; + ngtcp2_scid *scident; + ngtcp2_ksl_key key; + + if (mem == NULL) { + mem = ngtcp2_mem_default(); + } + + *pconn = ngtcp2_mem_calloc(mem, 1, sizeof(ngtcp2_conn)); + if (*pconn == NULL) { + rv = NGTCP2_ERR_NOMEM; + goto fail_conn; + } + + rv = ngtcp2_ringbuf_init(&(*pconn)->dcid.unused, NGTCP2_MAX_DCID_POOL_SIZE, + sizeof(ngtcp2_dcid), mem); + if (rv != 0) { + goto fail_dcid_unused_init; + } + + rv = + ngtcp2_ringbuf_init(&(*pconn)->dcid.retired, NGTCP2_MAX_DCID_RETIRED_SIZE, + sizeof(ngtcp2_dcid), mem); + if (rv != 0) { + goto fail_dcid_retired_init; + } + + rv = ngtcp2_ksl_init(&(*pconn)->scid.set, cid_less, sizeof(ngtcp2_cid), mem); + if (rv != 0) { + goto fail_scid_set_init; + } + + ngtcp2_pq_init(&(*pconn)->scid.used, ts_retired_less, mem); + + rv = ngtcp2_map_init(&(*pconn)->strms, mem); + if (rv != 0) { + goto fail_strms_init; + } + + ngtcp2_pq_init(&(*pconn)->tx.strmq, cycle_less, mem); + + rv = ngtcp2_idtr_init(&(*pconn)->remote.bidi.idtr, !server, mem); + if (rv != 0) { + goto fail_remote_bidi_idtr_init; + } + + rv = ngtcp2_idtr_init(&(*pconn)->remote.uni.idtr, !server, mem); + if (rv != 0) { + goto fail_remote_uni_idtr_init; + } + + rv = ngtcp2_ringbuf_init(&(*pconn)->rx.path_challenge, 4, + sizeof(ngtcp2_path_challenge_entry), mem); + if (rv != 0) { + goto fail_rx_path_challenge_init; + } + + ngtcp2_log_init(&(*pconn)->log, scid, settings->log_printf, + settings->initial_ts, user_data); + + ngtcp2_default_cc_init(&(*pconn)->cc, &(*pconn)->ccs, &(*pconn)->log); + + rv = pktns_init(&(*pconn)->in_pktns, NGTCP2_CRYPTO_LEVEL_INITIAL, + &(*pconn)->cc, &(*pconn)->log, mem); + if (rv != 0) { + goto fail_in_pktns_init; + } + + rv = pktns_init(&(*pconn)->hs_pktns, NGTCP2_CRYPTO_LEVEL_HANDSHAKE, + &(*pconn)->cc, &(*pconn)->log, mem); + if (rv != 0) { + goto fail_hs_pktns_init; + } + + rv = pktns_init(&(*pconn)->pktns, NGTCP2_CRYPTO_LEVEL_APP, &(*pconn)->cc, + &(*pconn)->log, mem); + if (rv != 0) { + goto fail_pktns_init; + } + + scident = ngtcp2_mem_malloc(mem, sizeof(*scident)); + if (scident == NULL) { + rv = NGTCP2_ERR_NOMEM; + goto fail_scident; + } + + ngtcp2_scid_init(scident, 0, scid, + settings->stateless_reset_token_present + ? settings->stateless_reset_token + : NULL); + scident->flags |= NGTCP2_SCID_FLAG_INITIAL_CID; + + rv = ngtcp2_ksl_insert(&(*pconn)->scid.set, NULL, + ngtcp2_ksl_key_ptr(&key, &scident->cid), scident); + if (rv != 0) { + goto fail_scid_set_insert; + } + + scident = NULL; + + (*pconn)->scid.num_initial_id = 1; + + if (server && settings->preferred_address_present) { + scident = ngtcp2_mem_malloc(mem, sizeof(*scident)); + if (scid == NULL) { + rv = NGTCP2_ERR_NOMEM; + goto fail_scident; + } + + ngtcp2_scid_init(scident, 1, &settings->preferred_address.cid, + settings->preferred_address.stateless_reset_token); + scident->flags |= NGTCP2_SCID_FLAG_INITIAL_CID; + + rv = ngtcp2_ksl_insert(&(*pconn)->scid.set, NULL, + ngtcp2_ksl_key_ptr(&key, &scident->cid), scident); + if (rv != 0) { + goto fail_scid_set_insert; + } + + scident = NULL; + + (*pconn)->scid.last_seq = 1; + ++(*pconn)->scid.num_initial_id; + } + + ngtcp2_dcid_init(&(*pconn)->dcid.current, 0, dcid, NULL); + ngtcp2_path_copy(&(*pconn)->dcid.current.ps.path, path); + + (*pconn)->oscid = *scid; + (*pconn)->callbacks = *callbacks; + (*pconn)->version = version; + (*pconn)->mem = mem; + (*pconn)->user_data = user_data; + (*pconn)->local.settings = *settings; + (*pconn)->rx.unsent_max_offset = (*pconn)->rx.max_offset = settings->max_data; + + rcvry_stat_reset(&(*pconn)->rcs); + cc_stat_reset(&(*pconn)->ccs); + + return 0; + +fail_scid_set_insert: + ngtcp2_mem_free(mem, scident); +fail_scident: + pktns_free(&(*pconn)->pktns, mem); +fail_pktns_init: + pktns_free(&(*pconn)->hs_pktns, mem); +fail_hs_pktns_init: + pktns_free(&(*pconn)->in_pktns, mem); +fail_in_pktns_init: + ngtcp2_default_cc_free(&(*pconn)->cc); + ngtcp2_ringbuf_free(&(*pconn)->rx.path_challenge); +fail_rx_path_challenge_init: + ngtcp2_idtr_free(&(*pconn)->remote.uni.idtr); +fail_remote_uni_idtr_init: + ngtcp2_idtr_free(&(*pconn)->remote.bidi.idtr); +fail_remote_bidi_idtr_init: + ngtcp2_map_free(&(*pconn)->strms); +fail_strms_init: + delete_scid(&(*pconn)->scid.set, mem); + ngtcp2_ksl_free(&(*pconn)->scid.set); +fail_scid_set_init: + ngtcp2_ringbuf_free(&(*pconn)->dcid.retired); +fail_dcid_retired_init: + ngtcp2_ringbuf_free(&(*pconn)->dcid.unused); +fail_dcid_unused_init: + ngtcp2_mem_free(mem, *pconn); +fail_conn: + return rv; +} + +int ngtcp2_conn_client_new(ngtcp2_conn **pconn, const ngtcp2_cid *dcid, + const ngtcp2_cid *scid, const ngtcp2_path *path, + uint32_t version, + const ngtcp2_conn_callbacks *callbacks, + const ngtcp2_settings *settings, + const ngtcp2_mem *mem, void *user_data) { + int rv; + rv = conn_new(pconn, dcid, scid, path, version, callbacks, settings, mem, + user_data, 0); + if (rv != 0) { + return rv; + } + (*pconn)->rcid = *dcid; + (*pconn)->remote.bidi.unsent_max_streams = (*pconn)->remote.bidi.max_streams = + settings->max_streams_bidi; + + (*pconn)->remote.uni.unsent_max_streams = (*pconn)->remote.uni.max_streams = + settings->max_streams_uni; + + (*pconn)->state = NGTCP2_CS_CLIENT_INITIAL; + (*pconn)->local.bidi.next_stream_id = 0; + (*pconn)->local.uni.next_stream_id = 2; + return 0; +} + +int ngtcp2_conn_server_new(ngtcp2_conn **pconn, const ngtcp2_cid *dcid, + const ngtcp2_cid *scid, const ngtcp2_path *path, + uint32_t version, + const ngtcp2_conn_callbacks *callbacks, + const ngtcp2_settings *settings, + const ngtcp2_mem *mem, void *user_data) { + int rv; + rv = conn_new(pconn, dcid, scid, path, version, callbacks, settings, mem, + user_data, 1); + if (rv != 0) { + return rv; + } + (*pconn)->server = 1; + (*pconn)->remote.bidi.unsent_max_streams = (*pconn)->remote.bidi.max_streams = + settings->max_streams_bidi; + + (*pconn)->remote.uni.unsent_max_streams = (*pconn)->remote.uni.max_streams = + settings->max_streams_uni; + + (*pconn)->state = NGTCP2_CS_SERVER_INITIAL; + (*pconn)->local.bidi.next_stream_id = 1; + (*pconn)->local.uni.next_stream_id = 3; + return 0; +} + +/* + * conn_fc_credits returns the number of bytes allowed to be sent to + * the given stream. Both connection and stream level flow control + * credits are considered. + */ +static size_t conn_fc_credits(ngtcp2_conn *conn, ngtcp2_strm *strm) { + return ngtcp2_min(strm->tx.max_offset - strm->tx.offset, + conn->tx.max_offset - conn->tx.offset); +} + +/* + * conn_enforce_flow_control returns the number of bytes allowed to be + * sent to the given stream. |len| might be shorted because of + * available flow control credits. + */ +static size_t conn_enforce_flow_control(ngtcp2_conn *conn, ngtcp2_strm *strm, + size_t len) { + size_t fc_credits = conn_fc_credits(conn, strm); + return ngtcp2_min(len, fc_credits); +} + +static int delete_strms_each(ngtcp2_map_entry *ent, void *ptr) { + const ngtcp2_mem *mem = ptr; + ngtcp2_strm *s = ngtcp2_struct_of(ent, ngtcp2_strm, me); + + ngtcp2_strm_free(s); + ngtcp2_mem_free(mem, s); + + return 0; +} + +void ngtcp2_conn_del(ngtcp2_conn *conn) { + if (conn == NULL) { + return; + } + + ngtcp2_mem_free(conn->mem, conn->token.begin); + ngtcp2_mem_free(conn->mem, conn->crypto.decrypt_buf.base); + + ngtcp2_crypto_km_del(conn->crypto.key_update.old_rx_ckm, conn->mem); + ngtcp2_crypto_km_del(conn->crypto.key_update.new_rx_ckm, conn->mem); + ngtcp2_crypto_km_del(conn->crypto.key_update.new_tx_ckm, conn->mem); + ngtcp2_vec_del(conn->early.hp, conn->mem); + ngtcp2_crypto_km_del(conn->early.ckm, conn->mem); + + pktns_free(&conn->pktns, conn->mem); + pktns_free(&conn->hs_pktns, conn->mem); + pktns_free(&conn->in_pktns, conn->mem); + + ngtcp2_default_cc_free(&conn->cc); + + ngtcp2_ringbuf_free(&conn->rx.path_challenge); + + ngtcp2_pv_del(conn->pv); + + ngtcp2_idtr_free(&conn->remote.uni.idtr); + ngtcp2_idtr_free(&conn->remote.bidi.idtr); + ngtcp2_pq_free(&conn->tx.strmq); + ngtcp2_map_each_free(&conn->strms, delete_strms_each, (void *)conn->mem); + ngtcp2_map_free(&conn->strms); + + ngtcp2_pq_free(&conn->scid.used); + delete_scid(&conn->scid.set, conn->mem); + ngtcp2_ksl_free(&conn->scid.set); + ngtcp2_ringbuf_free(&conn->dcid.retired); + ngtcp2_ringbuf_free(&conn->dcid.unused); + + ngtcp2_mem_free(conn->mem, conn); +} + +/* + * conn_ensure_ack_blks makes sure that |(*pfr)->ack.blks| can contain + * at least |n| ngtcp2_ack_blk. |*pfr| points to the ngtcp2_frame + * object. |*pnum_blks_max| is the number of ngtpc2_ack_blk which + * |*pfr| can contain. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +static int conn_ensure_ack_blks(ngtcp2_conn *conn, ngtcp2_frame **pfr, + size_t *pnum_blks_max, size_t n) { + ngtcp2_frame *fr; + + if (n <= *pnum_blks_max) { + return 0; + } + + *pnum_blks_max *= 2; + fr = ngtcp2_mem_realloc(conn->mem, *pfr, + sizeof(ngtcp2_ack) + + sizeof(ngtcp2_ack_blk) * (*pnum_blks_max - 1)); + if (fr == NULL) { + return NGTCP2_ERR_NOMEM; + } + + *pfr = fr; + + return 0; +} + +/* + * conn_compute_ack_delay computes ACK delay for outgoing protected + * ACK. + */ +static ngtcp2_duration conn_compute_ack_delay(ngtcp2_conn *conn) { + ngtcp2_duration initial_delay = conn->local.settings.max_ack_delay; + + if (conn->rcs.smoothed_rtt < 1e-9) { + return initial_delay; + } + + return ngtcp2_min(initial_delay, + (ngtcp2_duration)(conn->rcs.smoothed_rtt / 8)); +} + +/* + * conn_create_ack_frame creates ACK frame, and assigns its pointer to + * |*pfr| if there are any received packets to acknowledge. If there + * are no packets to acknowledge, this function returns 0, and |*pfr| + * is untouched. The caller is advised to set |*pfr| to NULL before + * calling this function, and check it after this function returns. + * If |nodelay| is nonzero, delayed ACK timer is ignored. + * + * The memory for ACK frame is dynamically allocated by this function. + * A caller is responsible to free it. + * + * Call ngtcp2_acktr_commit_ack after a created ACK frame is + * successfully serialized into a packet. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +static int conn_create_ack_frame(ngtcp2_conn *conn, ngtcp2_frame **pfr, + ngtcp2_acktr *acktr, uint8_t type, + ngtcp2_tstamp ts, uint64_t ack_delay, + uint64_t ack_delay_exponent) { + int64_t last_pkt_num; + ngtcp2_ack_blk *blk; + ngtcp2_ksl_it it; + ngtcp2_acktr_entry *rpkt; + ngtcp2_frame *fr; + ngtcp2_ack *ack; + /* TODO Measure an actual size of ACK bloks to find the best default + value. */ + size_t num_blks_max = 8; + size_t blk_idx; + int rv; + + if (acktr->flags & NGTCP2_ACKTR_FLAG_IMMEDIATE_ACK) { + ack_delay = 0; + } + + if (!ngtcp2_acktr_require_active_ack(acktr, ack_delay, ts)) { + return 0; + } + + it = ngtcp2_acktr_get(acktr); + if (ngtcp2_ksl_it_end(&it)) { + ngtcp2_acktr_commit_ack(acktr); + return 0; + } + + fr = ngtcp2_mem_malloc(conn->mem, sizeof(ngtcp2_ack) + + sizeof(ngtcp2_ack_blk) * num_blks_max); + if (fr == NULL) { + return NGTCP2_ERR_NOMEM; + } + + ack = &fr->ack; + + rpkt = ngtcp2_ksl_it_get(&it); + last_pkt_num = rpkt->pkt_num - (int64_t)(rpkt->len - 1); + ack->type = NGTCP2_FRAME_ACK; + ack->largest_ack = rpkt->pkt_num; + ack->first_ack_blklen = rpkt->len - 1; + if (type == NGTCP2_PKT_SHORT) { + ack->ack_delay_unscaled = ts - rpkt->tstamp; + ack->ack_delay = ack->ack_delay_unscaled / + (NGTCP2_DURATION_TICK / NGTCP2_MICROSECONDS) / + (1UL << ack_delay_exponent); + } else { + ack->ack_delay_unscaled = 0; + ack->ack_delay = 0; + } + ack->num_blks = 0; + + ngtcp2_ksl_it_next(&it); + + for (; !ngtcp2_ksl_it_end(&it); ngtcp2_ksl_it_next(&it)) { + rpkt = ngtcp2_ksl_it_get(&it); + + blk_idx = ack->num_blks++; + rv = conn_ensure_ack_blks(conn, &fr, &num_blks_max, ack->num_blks); + if (rv != 0) { + ngtcp2_mem_free(conn->mem, fr); + return rv; + } + ack = &fr->ack; + blk = &ack->blks[blk_idx]; + blk->gap = (uint64_t)(last_pkt_num - rpkt->pkt_num - 2); + blk->blklen = rpkt->len - 1; + + last_pkt_num = rpkt->pkt_num - (int64_t)(rpkt->len - 1); + + if (ack->num_blks == NGTCP2_MAX_ACK_BLKS) { + break; + } + } + + /* TODO Just remove entries which cannot fit into a single ACK frame + for now. */ + if (!ngtcp2_ksl_it_end(&it)) { + ngtcp2_acktr_forget(acktr, ngtcp2_ksl_it_get(&it)); + } + + *pfr = fr; + + return 0; +} + +/* + * conn_ppe_write_frame writes |fr| to |ppe|. If |hd_logged| is not + * NULL and |*hd_logged| is zero, packet header is logged, and 1 is + * assigned to |*hd_logged|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOBUF + * Buffer is too small. + */ +static int conn_ppe_write_frame_hd_log(ngtcp2_conn *conn, ngtcp2_ppe *ppe, + int *hd_logged, const ngtcp2_pkt_hd *hd, + ngtcp2_frame *fr) { + int rv; + + rv = ngtcp2_ppe_encode_frame(ppe, fr); + if (rv != 0) { + assert(NGTCP2_ERR_NOBUF == rv); + return rv; + } + + if (hd_logged && !*hd_logged) { + *hd_logged = 1; + ngtcp2_log_tx_pkt_hd(&conn->log, hd); + } + + ngtcp2_log_tx_fr(&conn->log, hd, fr); + + return 0; +} + +/* + * conn_ppe_write_frame writes |fr| to |ppe|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOBUF + * Buffer is too small. + */ +static int conn_ppe_write_frame(ngtcp2_conn *conn, ngtcp2_ppe *ppe, + const ngtcp2_pkt_hd *hd, ngtcp2_frame *fr) { + return conn_ppe_write_frame_hd_log(conn, ppe, NULL, hd, fr); +} + +/* + * conn_on_pkt_sent is called when new retransmittable packet is sent. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory + */ +static int conn_on_pkt_sent(ngtcp2_conn *conn, ngtcp2_rtb *rtb, + ngtcp2_rtb_entry *ent) { + int rv; + + /* This function implements OnPacketSent, but it handles only + retransmittable packet (non-ACK only packet). */ + rv = ngtcp2_rtb_add(rtb, ent); + if (rv != 0) { + return rv; + } + + if (ent->flags & NGTCP2_RTB_FLAG_CRYPTO_PKT) { + assert(ent->hd.flags & NGTCP2_PKT_FLAG_LONG_FORM); + conn->rcs.last_hs_tx_pkt_ts = ent->ts; + } + if (ent->flags & NGTCP2_RTB_FLAG_ACK_ELICITING) { + conn->rcs.last_tx_pkt_ts = ent->ts; + } + ngtcp2_conn_set_loss_detection_timer(conn); + + return 0; +} + +/* + * pktns_select_pkt_numlen selects shortest packet number encoding for + * the next packet number based on the largest acknowledged packet + * number. It returns the number of bytes to encode the packet + * number. + */ +static size_t pktns_select_pkt_numlen(ngtcp2_pktns *pktns) { + int64_t pkt_num = pktns->tx.last_pkt_num + 1; + ngtcp2_rtb *rtb = &pktns->rtb; + int64_t n = pkt_num - rtb->largest_acked_tx_pkt_num; + + if (NGTCP2_MAX_PKT_NUM / 2 <= pkt_num) { + return 4; + } + + n = n * 2 + 1; + + if (n > 0xffffff) { + return 4; + } + if (n > 0xffff) { + return 3; + } + if (n > 0xff) { + return 2; + } + return 1; +} + +/* + * conn_cwnd_left returns the number of bytes the local endpoint can + * sent at this time. + */ +static uint64_t conn_cwnd_left(ngtcp2_conn *conn) { + uint64_t bytes_in_flight = ngtcp2_conn_get_bytes_in_flight(conn); + uint64_t cwnd = + conn->pv && (conn->pv->flags & NGTCP2_PV_FLAG_FALLBACK_ON_FAILURE) + ? NGTCP2_MIN_CWND + : conn->ccs.cwnd; + + /* We might send more than bytes_in_flight if probe packets are + involved. */ + if (bytes_in_flight >= cwnd) { + return 0; + } + return cwnd - bytes_in_flight; +} + +/* + * conn_retry_early_payloadlen returns the estimated wire length of + * the first STREAM frame of 0-RTT packet which should be + * retransmitted due to Retry frame + */ +static size_t conn_retry_early_payloadlen(ngtcp2_conn *conn) { + ngtcp2_frame_chain *frc; + ngtcp2_strm *strm; + + for (; !ngtcp2_pq_empty(&conn->tx.strmq);) { + strm = ngtcp2_conn_tx_strmq_top(conn); + if (ngtcp2_strm_streamfrq_empty(strm)) { + ngtcp2_conn_tx_strmq_pop(conn); + continue; + } + + frc = ngtcp2_strm_streamfrq_top(strm); + return ngtcp2_vec_len(frc->fr.stream.data, frc->fr.stream.datacnt) + + NGTCP2_STREAM_OVERHEAD; + } + + return 0; +} + +/* + * conn_cryptofrq_top returns the element which sits on top of the + * queue. The queue must not be empty. + */ +static ngtcp2_frame_chain *conn_cryptofrq_top(ngtcp2_conn *conn, + ngtcp2_pktns *pktns) { + ngtcp2_ksl_it it; + (void)conn; + + assert(ngtcp2_ksl_len(&pktns->crypto.tx.frq)); + + it = ngtcp2_ksl_begin(&pktns->crypto.tx.frq); + return ngtcp2_ksl_it_get(&it); +} + +static int conn_cryptofrq_unacked_pop(ngtcp2_conn *conn, ngtcp2_pktns *pktns, + ngtcp2_frame_chain **pfrc) { + ngtcp2_frame_chain *frc, *nfrc; + ngtcp2_crypto *fr, *nfr; + uint64_t offset, end_offset; + size_t idx, end_idx; + size_t base_offset, end_base_offset; + ngtcp2_ksl_it gapit; + ngtcp2_range gap; + ngtcp2_rtb *rtb = &pktns->rtb; + ngtcp2_vec *v; + int rv; + ngtcp2_ksl_it it; + ngtcp2_ksl_key key; + + *pfrc = NULL; + + for (it = ngtcp2_ksl_begin(&pktns->crypto.tx.frq); !ngtcp2_ksl_it_end(&it);) { + frc = ngtcp2_ksl_it_get(&it); + fr = &frc->fr.crypto; + + ngtcp2_ksl_remove(&pktns->crypto.tx.frq, &it, + ngtcp2_ksl_key_ptr(&key, &fr->offset)); + + idx = 0; + offset = fr->offset; + base_offset = 0; + + gapit = + ngtcp2_gaptr_get_first_gap_after(&rtb->crypto->tx.acked_offset, offset); + gap = *(ngtcp2_range *)ngtcp2_ksl_it_key(&gapit).ptr; + if (gap.begin < offset) { + gap.begin = offset; + } + + for (; idx < fr->datacnt && offset < gap.begin; ++idx) { + v = &fr->data[idx]; + if (offset + v->len > gap.begin) { + base_offset = gap.begin - offset; + break; + } + + offset += v->len; + } + + if (idx == fr->datacnt) { + ngtcp2_frame_chain_del(frc, conn->mem); + continue; + } + + assert(gap.begin == offset + base_offset); + + end_idx = idx; + end_offset = offset; + end_base_offset = 0; + + for (; end_idx < fr->datacnt; ++end_idx) { + v = &fr->data[end_idx]; + if (end_offset + v->len > gap.end) { + end_base_offset = gap.end - end_offset; + break; + } + + end_offset += v->len; + } + + if (fr->offset == offset && base_offset == 0 && fr->datacnt == end_idx) { + *pfrc = frc; + return 0; + } + + if (fr->datacnt == end_idx) { + memmove(fr->data, fr->data + idx, sizeof(fr->data[0]) * (end_idx - idx)); + + assert(fr->data[0].len > base_offset); + + fr->offset = offset + base_offset; + fr->datacnt = end_idx - idx; + fr->data[0].base += base_offset; + fr->data[0].len -= base_offset; + + *pfrc = frc; + return 0; + } + + rv = ngtcp2_frame_chain_crypto_datacnt_new(&nfrc, fr->datacnt - end_idx, + conn->mem); + if (rv != 0) { + ngtcp2_frame_chain_del(frc, conn->mem); + return rv; + } + + nfr = &nfrc->fr.crypto; + memcpy(nfr->data, fr->data + end_idx, + sizeof(nfr->data[0]) * (fr->datacnt - end_idx)); + + assert(nfr->data[0].len > end_base_offset); + + nfr->offset = end_offset + end_base_offset; + nfr->datacnt = fr->datacnt - end_idx; + nfr->data[0].base += end_base_offset; + nfr->data[0].len -= end_base_offset; + + rv = ngtcp2_ksl_insert(&pktns->crypto.tx.frq, NULL, + ngtcp2_ksl_key_ptr(&key, &nfr->offset), nfrc); + if (rv != 0) { + assert(ngtcp2_err_is_fatal(rv)); + ngtcp2_frame_chain_del(nfrc, conn->mem); + ngtcp2_frame_chain_del(frc, conn->mem); + return rv; + } + + memmove(fr->data, fr->data + idx, sizeof(fr->data[0]) * (end_idx - idx)); + + assert(fr->data[0].len > base_offset); + + fr->offset = offset + base_offset; + fr->datacnt = end_idx - idx; + fr->data[0].base += base_offset; + fr->data[0].len -= base_offset; + + *pfrc = frc; + return 0; + } + + return 0; +} +static int conn_cryptofrq_pop(ngtcp2_conn *conn, ngtcp2_frame_chain **pfrc, + ngtcp2_pktns *pktns, size_t left) { + ngtcp2_crypto *fr, *nfr; + ngtcp2_frame_chain *frc, *nfrc; + int rv; + size_t nmerged; + size_t datalen; + ngtcp2_vec a[NGTCP2_MAX_CRYPTO_DATACNT]; + ngtcp2_vec b[NGTCP2_MAX_CRYPTO_DATACNT]; + size_t acnt, bcnt; + ngtcp2_ksl_it it; + ngtcp2_ksl_key key; + + rv = conn_cryptofrq_unacked_pop(conn, pktns, &frc); + if (rv != 0) { + return rv; + } + if (frc == NULL) { + *pfrc = NULL; + return 0; + } + + fr = &frc->fr.crypto; + datalen = ngtcp2_vec_len(fr->data, fr->datacnt); + + if (datalen > left) { + ngtcp2_vec_clone(a, fr->data, fr->datacnt); + acnt = fr->datacnt; + + bcnt = 0; + ngtcp2_vec_split(a, &acnt, b, &bcnt, left, NGTCP2_MAX_CRYPTO_DATACNT); + + assert(acnt > 0); + assert(bcnt > 0); + + rv = ngtcp2_frame_chain_crypto_datacnt_new(&nfrc, bcnt, conn->mem); + if (rv != 0) { + assert(ngtcp2_err_is_fatal(rv)); + ngtcp2_frame_chain_del(frc, conn->mem); + return rv; + } + + nfr = &nfrc->fr.crypto; + nfr->type = NGTCP2_FRAME_CRYPTO; + nfr->offset = fr->offset + left; + nfr->datacnt = bcnt; + ngtcp2_vec_clone(nfr->data, b, bcnt); + + rv = ngtcp2_ksl_insert(&pktns->crypto.tx.frq, NULL, + ngtcp2_ksl_key_ptr(&key, &nfr->offset), nfrc); + if (rv != 0) { + assert(ngtcp2_err_is_fatal(rv)); + ngtcp2_frame_chain_del(nfrc, conn->mem); + ngtcp2_frame_chain_del(frc, conn->mem); + return rv; + } + + rv = ngtcp2_frame_chain_crypto_datacnt_new(&nfrc, acnt, conn->mem); + if (rv != 0) { + assert(ngtcp2_err_is_fatal(rv)); + ngtcp2_frame_chain_del(frc, conn->mem); + return rv; + } + + nfr = &nfrc->fr.crypto; + *nfr = *fr; + nfr->datacnt = acnt; + ngtcp2_vec_clone(nfr->data, a, acnt); + + ngtcp2_frame_chain_del(frc, conn->mem); + + *pfrc = nfrc; + + return 0; + } + + left -= datalen; + + ngtcp2_vec_clone(a, fr->data, fr->datacnt); + acnt = fr->datacnt; + + for (; left && ngtcp2_ksl_len(&pktns->crypto.tx.frq);) { + it = ngtcp2_ksl_begin(&pktns->crypto.tx.frq); + nfrc = ngtcp2_ksl_it_get(&it); + nfr = &nfrc->fr.crypto; + + if (nfr->offset != fr->offset + datalen) { + assert(fr->offset + datalen < nfr->offset); + break; + } + + rv = conn_cryptofrq_unacked_pop(conn, pktns, &nfrc); + if (rv != 0) { + assert(ngtcp2_err_is_fatal(rv)); + ngtcp2_frame_chain_del(frc, conn->mem); + return rv; + } + nfr = &nfrc->fr.crypto; + + nmerged = ngtcp2_vec_merge(a, &acnt, nfr->data, &nfr->datacnt, left, + NGTCP2_MAX_CRYPTO_DATACNT); + if (nmerged == 0) { + rv = ngtcp2_ksl_insert(&pktns->crypto.tx.frq, NULL, + ngtcp2_ksl_key_ptr(&key, &nfr->offset), nfrc); + if (rv != 0) { + assert(ngtcp2_err_is_fatal(rv)); + ngtcp2_frame_chain_del(nfrc, conn->mem); + ngtcp2_frame_chain_del(frc, conn->mem); + return rv; + } + break; + } + + datalen += nmerged; + left -= nmerged; + + if (nfr->datacnt == 0) { + ngtcp2_frame_chain_del(nfrc, conn->mem); + continue; + } + + nfr->offset += nmerged; + + rv = ngtcp2_ksl_insert(&pktns->crypto.tx.frq, NULL, + ngtcp2_ksl_key_ptr(&key, &nfr->offset), nfrc); + if (rv != 0) { + ngtcp2_frame_chain_del(nfrc, conn->mem); + ngtcp2_frame_chain_del(frc, conn->mem); + return rv; + } + + break; + } + + if (acnt == fr->datacnt) { + assert(acnt > 0); + fr->data[acnt - 1] = a[acnt - 1]; + + *pfrc = frc; + return 0; + } + + assert(acnt > fr->datacnt); + + rv = ngtcp2_frame_chain_crypto_datacnt_new(&nfrc, acnt, conn->mem); + if (rv != 0) { + ngtcp2_frame_chain_del(frc, conn->mem); + return rv; + } + + nfr = &nfrc->fr.crypto; + *nfr = *fr; + nfr->datacnt = acnt; + ngtcp2_vec_clone(nfr->data, a, acnt); + + ngtcp2_frame_chain_del(frc, conn->mem); + + *pfrc = nfrc; + + return 0; +} + +/* + * conn_verify_dcid verifies that destination connection ID in |hd| is + * valid for the connection. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + * NGTCP2_ERR_INVALID_ARGUMENT + * |dcid| is not known to the local endpoint. + */ +static int conn_verify_dcid(ngtcp2_conn *conn, const ngtcp2_pkt_hd *hd) { + ngtcp2_ksl_key key; + ngtcp2_ksl_it it; + ngtcp2_scid *scid; + int rv; + + it = ngtcp2_ksl_lower_bound(&conn->scid.set, + ngtcp2_ksl_key_ptr(&key, &hd->dcid)); + if (ngtcp2_ksl_it_end(&it)) { + return NGTCP2_ERR_INVALID_ARGUMENT; + } + + scid = ngtcp2_ksl_it_get(&it); + if (!ngtcp2_cid_eq(&scid->cid, &hd->dcid)) { + return NGTCP2_ERR_INVALID_ARGUMENT; + } + + if (!(scid->flags & NGTCP2_SCID_FLAG_USED)) { + scid->flags |= NGTCP2_SCID_FLAG_USED; + + if (scid->pe.index == NGTCP2_PQ_BAD_INDEX) { + rv = ngtcp2_pq_push(&conn->scid.used, &scid->pe); + if (rv != 0) { + return rv; + } + } + } + + return 0; +} + +/* + * conn_should_pad_pkt returns nonzero if the packet should be padded. + * |type| is the type of packet. |left| is the space left in packet + * buffer. |early_datalen| is the number of bytes which will be sent + * in the next, coalesced 0-RTT packet. + */ +static int conn_should_pad_pkt(ngtcp2_conn *conn, uint8_t type, size_t left, + size_t early_datalen) { + size_t min_payloadlen; + + if (conn->server || conn->hs_pktns.crypto.tx.ckm) { + return 0; + } + + if (type != NGTCP2_PKT_INITIAL) { + return 0; + } + + if (!conn->early.ckm || early_datalen == 0) { + return 1; + } + min_payloadlen = ngtcp2_min(early_datalen, 128); + + return left < + /* TODO Assuming that pkt_num is encoded in 1 byte. */ + NGTCP2_MIN_LONG_HEADERLEN + conn->dcid.current.cid.datalen + + conn->oscid.datalen + 1 /* payloadlen bytes - 1 */ + + min_payloadlen + NGTCP2_MAX_AEAD_OVERHEAD; +} + +/* + * conn_write_handshake_pkt writes handshake packet in the buffer + * pointed by |dest| whose length is |destlen|. |type| specifies long + * packet type. It should be either NGTCP2_PKT_INITIAL or + * NGTCP2_PKT_HANDSHAKE_PKT. + * + * This function returns the number of bytes written in |dest| if it + * succeeds, or one of the following negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + * NGTCP2_ERR_CALLBACK_FAILURE + * User-defined callback function failed. + */ +static ssize_t conn_write_handshake_pkt(ngtcp2_conn *conn, uint8_t *dest, + size_t destlen, uint8_t type, + size_t early_datalen, + ngtcp2_tstamp ts) { + int rv; + ngtcp2_ppe ppe; + ngtcp2_pkt_hd hd; + ngtcp2_frame_chain *frq = NULL, **pfrc = &frq; + ngtcp2_frame_chain *nfrc; + ngtcp2_frame *ackfr = NULL, lfr; + ssize_t spktlen; + ngtcp2_crypto_ctx ctx; + ngtcp2_rtb_entry *rtbent; + ngtcp2_pktns *pktns; + size_t left; + uint8_t flags = NGTCP2_RTB_FLAG_NONE; + int pkt_empty = 1; + int padded = 0; + int hd_logged = 0; + + switch (type) { + case NGTCP2_PKT_INITIAL: + if (!conn->in_pktns.crypto.tx.ckm) { + return 0; + } + pktns = &conn->in_pktns; + ctx.ckm = pktns->crypto.tx.ckm; + ctx.hp = pktns->crypto.tx.hp; + ctx.aead_overhead = NGTCP2_INITIAL_AEAD_OVERHEAD; + ctx.encrypt = conn->callbacks.in_encrypt; + ctx.hp_mask = conn->callbacks.in_hp_mask; + break; + case NGTCP2_PKT_HANDSHAKE: + if (!conn->hs_pktns.crypto.tx.ckm) { + return 0; + } + pktns = &conn->hs_pktns; + ctx.ckm = pktns->crypto.tx.ckm; + ctx.hp = pktns->crypto.tx.hp; + ctx.aead_overhead = conn->crypto.aead_overhead; + ctx.encrypt = conn->callbacks.encrypt; + ctx.hp_mask = conn->callbacks.hp_mask; + ctx.user_data = conn; + break; + default: + assert(0); + } + + ngtcp2_pkt_hd_init(&hd, NGTCP2_PKT_FLAG_LONG_FORM, type, + &conn->dcid.current.cid, &conn->oscid, + pktns->tx.last_pkt_num + 1, pktns_select_pkt_numlen(pktns), + conn->version, 0); + + if (type == NGTCP2_PKT_INITIAL && ngtcp2_buf_len(&conn->token)) { + hd.token = conn->token.pos; + hd.tokenlen = ngtcp2_buf_len(&conn->token); + } + + ctx.user_data = conn; + + if (ngtcp2_ksl_len(&pktns->crypto.tx.frq) == 0) { + return 0; + } + + ngtcp2_ppe_init(&ppe, dest, destlen, &ctx); + + rv = ngtcp2_ppe_encode_hd(&ppe, &hd); + if (rv != 0) { + assert(NGTCP2_ERR_NOBUF == rv); + return 0; + } + + if (!ngtcp2_ppe_ensure_hp_sample(&ppe)) { + return 0; + } + + for (; ngtcp2_ksl_len(&pktns->crypto.tx.frq);) { + left = ngtcp2_ppe_left(&ppe); + left = ngtcp2_pkt_crypto_max_datalen( + conn_cryptofrq_top(conn, pktns)->fr.crypto.offset, left, left); + + if (left == (size_t)-1) { + break; + } + + rv = conn_cryptofrq_pop(conn, &nfrc, pktns, left); + if (rv != 0) { + assert(ngtcp2_err_is_fatal(rv)); + ngtcp2_frame_chain_list_del(frq, conn->mem); + return rv; + } + + if (nfrc == NULL) { + break; + } + + rv = conn_ppe_write_frame_hd_log(conn, &ppe, &hd_logged, &hd, &nfrc->fr); + if (rv != 0) { + assert(0); + } + + *pfrc = nfrc; + pfrc = &(*pfrc)->next; + + pkt_empty = 0; + flags |= NGTCP2_RTB_FLAG_ACK_ELICITING | NGTCP2_RTB_FLAG_CRYPTO_PKT; + } + + if (pkt_empty) { + ngtcp2_frame_chain_list_del(frq, conn->mem); + return 0; + } + + rv = conn_create_ack_frame(conn, &ackfr, &pktns->acktr, type, ts, + 0 /* ack_delay */, + NGTCP2_DEFAULT_ACK_DELAY_EXPONENT); + if (rv != 0) { + ngtcp2_frame_chain_list_del(frq, conn->mem); + return rv; + } + + if (ackfr) { + rv = conn_ppe_write_frame_hd_log(conn, &ppe, &hd_logged, &hd, ackfr); + if (rv != 0) { + assert(NGTCP2_ERR_NOBUF == rv); + } else { + ngtcp2_acktr_commit_ack(&pktns->acktr); + ngtcp2_acktr_add_ack(&pktns->acktr, hd.pkt_num, ackfr->ack.largest_ack); + pkt_empty = 0; + } + ngtcp2_mem_free(conn->mem, ackfr); + ackfr = NULL; + } + + /* If we cannot write another packet, then we need to add padding to + Initial here. */ + if (conn_should_pad_pkt(conn, type, ngtcp2_ppe_left(&ppe), early_datalen)) { + lfr.type = NGTCP2_FRAME_PADDING; + lfr.padding.len = ngtcp2_ppe_padding(&ppe); + if (lfr.padding.len > 0) { + ngtcp2_log_tx_fr(&conn->log, &hd, &lfr); + } + padded = 1; + } else { + lfr.type = NGTCP2_FRAME_PADDING; + lfr.padding.len = ngtcp2_ppe_padding_hp_sample(&ppe); + if (lfr.padding.len) { + ngtcp2_log_tx_fr(&conn->log, &hd, &lfr); + } + } + + spktlen = ngtcp2_ppe_final(&ppe, NULL); + if (spktlen < 0) { + assert(ngtcp2_err_is_fatal((int)spktlen)); + ngtcp2_frame_chain_list_del(frq, conn->mem); + return spktlen; + } + + if (*pfrc != frq || padded) { + rv = ngtcp2_rtb_entry_new(&rtbent, &hd, frq, ts, (size_t)spktlen, flags, + conn->mem); + if (rv != 0) { + assert(ngtcp2_err_is_fatal(rv)); + ngtcp2_frame_chain_list_del(frq, conn->mem); + return rv; + } + + rv = conn_on_pkt_sent(conn, &pktns->rtb, rtbent); + if (rv != 0) { + ngtcp2_rtb_entry_del(rtbent, conn->mem); + return rv; + } + } + + ++pktns->tx.last_pkt_num; + + return spktlen; +} + +/* + * conn_write_handshake_ack_pkt writes unprotected QUIC packet in the + * buffer pointed by |dest| whose length is |destlen|. The packet + * only includes ACK frame if any ack is required. + * + * This function might send PADDING only packet if it has no ACK frame + * to send under certain condition. + * + * This function returns the number of bytes written in |dest| if it + * succeeds, or one of the following negative error codes: + * + * NGTCP2_ERR_CALLBACK_FAILURE + * User-defined callback function failed. + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +static ssize_t conn_write_handshake_ack_pkt(ngtcp2_conn *conn, uint8_t *dest, + size_t destlen, uint8_t type, + int require_padding, + ngtcp2_tstamp ts) { + int rv; + ngtcp2_ppe ppe; + ngtcp2_pkt_hd hd; + ngtcp2_frame *ackfr, lfr; + ngtcp2_crypto_ctx ctx; + ngtcp2_pktns *pktns; + ngtcp2_rtb_entry *rtbent; + ssize_t spktlen; + int force_send; + int immediate_ack = 0; + + switch (type) { + case NGTCP2_PKT_INITIAL: + pktns = &conn->in_pktns; + ctx.aead_overhead = NGTCP2_INITIAL_AEAD_OVERHEAD; + ctx.encrypt = conn->callbacks.in_encrypt; + ctx.hp_mask = conn->callbacks.in_hp_mask; + immediate_ack = conn->hs_pktns.crypto.tx.ckm != NULL; + break; + case NGTCP2_PKT_HANDSHAKE: + pktns = &conn->hs_pktns; + ctx.aead_overhead = conn->crypto.aead_overhead; + ctx.encrypt = conn->callbacks.encrypt; + ctx.hp_mask = conn->callbacks.hp_mask; + immediate_ack = conn->pktns.crypto.tx.ckm != NULL; + break; + default: + assert(0); + } + + if (!pktns->crypto.tx.ckm) { + return 0; + } + + force_send = (conn->flags & NGTCP2_CONN_FLAG_FORCE_SEND_HANDSHAKE); + + if (immediate_ack) { + ngtcp2_acktr_immediate_ack(&pktns->acktr); + } + + ackfr = NULL; + rv = conn_create_ack_frame(conn, &ackfr, &pktns->acktr, type, ts, + NGTCP2_HS_ACK_DELAY, + NGTCP2_DEFAULT_ACK_DELAY_EXPONENT); + if (rv != 0) { + return rv; + } + if (!ackfr && !force_send) { + return 0; + } + + ngtcp2_pkt_hd_init(&hd, NGTCP2_PKT_FLAG_LONG_FORM, type, + &conn->dcid.current.cid, &conn->oscid, + pktns->tx.last_pkt_num + 1, pktns_select_pkt_numlen(pktns), + conn->version, 0); + + ctx.ckm = pktns->crypto.tx.ckm; + ctx.hp = pktns->crypto.tx.hp; + ctx.user_data = conn; + + ngtcp2_ppe_init(&ppe, dest, destlen, &ctx); + + rv = ngtcp2_ppe_encode_hd(&ppe, &hd); + if (rv != 0) { + assert(NGTCP2_ERR_NOBUF == rv); + ngtcp2_mem_free(conn->mem, ackfr); + return 0; + } + + if (!ngtcp2_ppe_ensure_hp_sample(&ppe)) { + ngtcp2_mem_free(conn->mem, ackfr); + return 0; + } + + ngtcp2_log_tx_pkt_hd(&conn->log, &hd); + + if (ackfr) { + rv = conn_ppe_write_frame(conn, &ppe, &hd, ackfr); + if (rv != 0) { + assert(NGTCP2_ERR_NOBUF == rv); + } else { + ngtcp2_acktr_commit_ack(&pktns->acktr); + ngtcp2_acktr_add_ack(&pktns->acktr, hd.pkt_num, ackfr->ack.largest_ack); + } + ngtcp2_mem_free(conn->mem, ackfr); + ackfr = NULL; + } + + if (require_padding || force_send) { + lfr.type = NGTCP2_FRAME_PADDING; + lfr.padding.len = ngtcp2_ppe_padding(&ppe); + if (lfr.padding.len > 0) { + ngtcp2_log_tx_fr(&conn->log, &hd, &lfr); + } + + spktlen = ngtcp2_ppe_final(&ppe, NULL); + if (spktlen < 0) { + return spktlen; + } + + rv = ngtcp2_rtb_entry_new(&rtbent, &hd, NULL, ts, (size_t)spktlen, + NGTCP2_RTB_FLAG_NONE, conn->mem); + if (rv != 0) { + assert(ngtcp2_err_is_fatal(rv)); + return rv; + } + + rv = conn_on_pkt_sent(conn, &pktns->rtb, rtbent); + if (rv != 0) { + ngtcp2_rtb_entry_del(rtbent, conn->mem); + return rv; + } + } else { + lfr.type = NGTCP2_FRAME_PADDING; + lfr.padding.len = ngtcp2_ppe_padding_hp_sample(&ppe); + if (lfr.padding.len) { + ngtcp2_log_tx_fr(&conn->log, &hd, &lfr); + } + + spktlen = ngtcp2_ppe_final(&ppe, NULL); + if (spktlen < 0) { + return spktlen; + } + } + + conn->flags &= (uint16_t)~NGTCP2_CONN_FLAG_FORCE_SEND_HANDSHAKE; + + ++pktns->tx.last_pkt_num; + + return spktlen; +} + +/* + * conn_write_handshake_ack_pkts writes packets which contain ACK + * frame only. This function writes at most 2 packets for each + * Initial and Handshake packet. + */ +static ssize_t conn_write_handshake_ack_pkts(ngtcp2_conn *conn, uint8_t *dest, + size_t destlen, ngtcp2_tstamp ts) { + ssize_t res = 0, nwrite = 0; + int require_padding; + + if (conn->hs_pktns.crypto.tx.ckm) { + nwrite = + conn_write_handshake_ack_pkt(conn, dest, destlen, NGTCP2_PKT_HANDSHAKE, + /* require_padding = */ 0, ts); + if (nwrite < 0) { + assert(nwrite != NGTCP2_ERR_NOBUF); + return nwrite; + } + + res += nwrite; + dest += nwrite; + destlen -= (size_t)nwrite; + } + + require_padding = !conn->server && res == 0; + + if (require_padding) { + /* PADDING frame counts toward bytes_in_flight, thus destlen is + constrained to cwnd */ + destlen = ngtcp2_min(destlen, conn_cwnd_left(conn)); + } + + nwrite = conn_write_handshake_ack_pkt(conn, dest, destlen, NGTCP2_PKT_INITIAL, + require_padding, ts); + if (nwrite < 0) { + assert(nwrite != NGTCP2_ERR_NOBUF); + return nwrite; + } + + return res + nwrite; +} + +/* + * conn_write_client_initial writes Initial packet in the buffer + * pointed by |dest| whose length is |destlen|. + * + * This function returns the number of bytes written in |dest| if it + * succeeds, or one of the following negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + * NGTCP2_ERR_CALLBACK_FAILURE + * User-defined callback function failed. + */ +static ssize_t conn_write_client_initial(ngtcp2_conn *conn, uint8_t *dest, + size_t destlen, size_t early_datalen, + ngtcp2_tstamp ts) { + int rv; + + rv = conn->callbacks.client_initial(conn, conn->user_data); + if (rv != 0) { + return NGTCP2_ERR_CALLBACK_FAILURE; + } + + return conn_write_handshake_pkt(conn, dest, destlen, NGTCP2_PKT_INITIAL, + early_datalen, ts); +} + +/* + * conn_write_handshake_pkts writes Initial and Handshake packets in + * the buffer pointed by |dest| whose length is |destlen|. + * + * This function returns the number of bytes written in |dest| if it + * succeeds, or one of the following negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + * NGTCP2_ERR_CALLBACK_FAILURE + * User-defined callback function failed. + */ +static ssize_t conn_write_handshake_pkts(ngtcp2_conn *conn, uint8_t *dest, + size_t destlen, size_t early_datalen, + ngtcp2_tstamp ts) { + ssize_t nwrite; + ssize_t res = 0; + + nwrite = conn_write_handshake_pkt(conn, dest, destlen, NGTCP2_PKT_INITIAL, + early_datalen, ts); + if (nwrite < 0) { + assert(nwrite != NGTCP2_ERR_NOBUF); + return nwrite; + } + + res += nwrite; + dest += nwrite; + destlen -= (size_t)nwrite; + + nwrite = conn_write_handshake_pkt(conn, dest, destlen, NGTCP2_PKT_HANDSHAKE, + 0, ts); + if (nwrite < 0) { + assert(nwrite != NGTCP2_ERR_NOBUF); + return nwrite; + } + + res += nwrite; + dest += nwrite; + destlen -= (size_t)nwrite; + + return res; +} + +static ssize_t conn_write_protected_ack_pkt(ngtcp2_conn *conn, uint8_t *dest, + size_t destlen, ngtcp2_tstamp ts); + +static ssize_t conn_write_server_handshake(ngtcp2_conn *conn, uint8_t *dest, + size_t destlen, ngtcp2_tstamp ts) { + ssize_t nwrite; + ssize_t res = 0; + + nwrite = conn_write_handshake_pkts(conn, dest, destlen, 0, ts); + if (nwrite < 0) { + assert(nwrite != NGTCP2_ERR_NOBUF); + return nwrite; + } + + res += nwrite; + dest += nwrite; + destlen -= (size_t)nwrite; + + /* Acknowledge 0-RTT packet here. */ + if (conn->pktns.crypto.tx.ckm) { + nwrite = conn_write_protected_ack_pkt(conn, dest, destlen, ts); + if (nwrite < 0) { + assert(nwrite != NGTCP2_ERR_NOBUF); + return nwrite; + } + + res += nwrite; + dest += nwrite; + destlen -= (size_t)nwrite; + } + + return res; +} + +/* + * conn_initial_stream_rx_offset returns the initial maximum offset of + * data for a stream denoted by |stream_id|. + */ +static uint64_t conn_initial_stream_rx_offset(ngtcp2_conn *conn, + int64_t stream_id) { + int local_stream = conn_local_stream(conn, stream_id); + + if (bidi_stream(stream_id)) { + if (local_stream) { + return conn->local.settings.max_stream_data_bidi_local; + } + return conn->local.settings.max_stream_data_bidi_remote; + } + + if (local_stream) { + return 0; + } + return conn->local.settings.max_stream_data_uni; +} + +/* + * conn_should_send_max_stream_data returns nonzero if MAX_STREAM_DATA + * frame should be send for |strm|. + */ +static int conn_should_send_max_stream_data(ngtcp2_conn *conn, + ngtcp2_strm *strm) { + return conn_initial_stream_rx_offset(conn, strm->stream_id) / 2 < + strm->rx.unsent_max_offset - strm->rx.max_offset; +} + +/* + * conn_should_send_max_data returns nonzero if MAX_DATA frame should + * be sent. + */ +static int conn_should_send_max_data(ngtcp2_conn *conn) { + return conn->local.settings.max_data / 2 < + conn->rx.unsent_max_offset - conn->rx.max_offset || + 2 * conn->rx.bw.value * conn->rcs.smoothed_rtt >= + conn->rx.max_offset - conn->rx.offset; +} + +/* + * conn_required_num_new_connection_id returns the number of + * additional connection ID the local endpoint has to provide to the + * remote endpoint. + */ +static size_t conn_required_num_new_connection_id(ngtcp2_conn *conn) { + size_t n, left; + + if (ngtcp2_ksl_len(&conn->scid.set) >= NGTCP2_MAX_SCID_POOL_SIZE) { + return 0; + } + + left = NGTCP2_MAX_SCID_POOL_SIZE - ngtcp2_ksl_len(&conn->scid.set); + + assert(ngtcp2_ksl_len(&conn->scid.set) >= + conn->scid.num_initial_id + conn->scid.num_retired); + + n = ngtcp2_ksl_len(&conn->scid.set) - conn->scid.num_initial_id - + conn->scid.num_retired; + + assert(conn->remote.settings.active_connection_id_limit >= n); + + n = conn->remote.settings.active_connection_id_limit - n; + + return ngtcp2_min(n, left); +} + +/* + * conn_enqueue_new_connection_id generates additional connection IDs + * and prepares to send them to the remote endpoint. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + * NGTCP2_ERR_CALLBACK_FAILURE + * User-defined callback function failed. + */ +static int conn_enqueue_new_connection_id(ngtcp2_conn *conn) { + size_t i, need = conn_required_num_new_connection_id(conn); + size_t cidlen = conn->oscid.datalen; + ngtcp2_cid cid; + uint64_t seq; + int rv; + uint8_t token[NGTCP2_STATELESS_RESET_TOKENLEN]; + ngtcp2_frame_chain *nfrc; + ngtcp2_pktns *pktns = &conn->pktns; + ngtcp2_scid *scid; + ngtcp2_ksl_key key; + ngtcp2_ksl_it it; + + for (i = 0; i < need; ++i) { + rv = conn_call_get_new_connection_id(conn, &cid, token, cidlen); + if (rv != 0) { + return rv; + } + + if (cid.datalen != cidlen) { + return NGTCP2_ERR_CALLBACK_FAILURE; + } + + /* Assert uniqueness */ + it = + ngtcp2_ksl_lower_bound(&conn->scid.set, ngtcp2_ksl_key_ptr(&key, &cid)); + if (!ngtcp2_ksl_it_end(&it) && + ngtcp2_cid_eq(ngtcp2_ksl_it_key(&it).ptr, &cid)) { + return NGTCP2_ERR_CALLBACK_FAILURE; + } + + seq = ++conn->scid.last_seq; + + scid = ngtcp2_mem_malloc(conn->mem, sizeof(*scid)); + if (scid == NULL) { + return NGTCP2_ERR_NOMEM; + } + + ngtcp2_scid_init(scid, seq, &cid, token); + + rv = ngtcp2_ksl_insert(&conn->scid.set, NULL, + ngtcp2_ksl_key_ptr(&key, &scid->cid), scid); + if (rv != 0) { + ngtcp2_mem_free(conn->mem, scid); + return rv; + } + + rv = ngtcp2_frame_chain_new(&nfrc, conn->mem); + if (rv != 0) { + return rv; + } + + nfrc->fr.type = NGTCP2_FRAME_NEW_CONNECTION_ID; + nfrc->fr.new_connection_id.seq = seq; + nfrc->fr.new_connection_id.retire_prior_to = 0; + nfrc->fr.new_connection_id.cid = cid; + memcpy(nfrc->fr.new_connection_id.stateless_reset_token, token, + sizeof(token)); + nfrc->next = pktns->tx.frq; + pktns->tx.frq = nfrc; + } + + return 0; +} + +/* + * conn_compute_pto computes the current PTO. + */ +static ngtcp2_duration conn_compute_pto(ngtcp2_conn *conn) { + ngtcp2_rcvry_stat *rcs = &conn->rcs; + double var = ngtcp2_max(4 * rcs->rttvar, NGTCP2_GRANULARITY); + ngtcp2_duration max_ack_delay = + (conn->flags & NGTCP2_CONN_FLAG_HANDSHAKE_COMPLETED) + ? conn->remote.settings.max_ack_delay + : NGTCP2_DEFAULT_MAX_ACK_DELAY; + ngtcp2_duration timeout = + (ngtcp2_duration)(rcs->smoothed_rtt + var + (double)max_ack_delay); + timeout *= (ngtcp2_duration)(1ULL << rcs->pto_count); + + return timeout; +} + +/* + * conn_remove_retired_connection_id removes the already retired + * connection ID. It waits RTT * 2 before actually removing a + * connection ID after it receives RETIRE_CONNECTION_ID from peer to + * catch reordered packets. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + * NGTCP2_ERR_CALLBACK_FAILURE + * User-defined callback function failed. + */ +static int conn_remove_retired_connection_id(ngtcp2_conn *conn, + ngtcp2_tstamp ts) { + ngtcp2_duration timeout = conn_compute_pto(conn); + ngtcp2_scid *scid; + ngtcp2_ksl_key key; + ngtcp2_dcid *dcid; + int rv; + + for (; !ngtcp2_pq_empty(&conn->scid.used);) { + scid = ngtcp2_struct_of(ngtcp2_pq_top(&conn->scid.used), ngtcp2_scid, pe); + + if (scid->ts_retired == UINT64_MAX || scid->ts_retired + timeout >= ts) { + return 0; + } + + assert(scid->flags & NGTCP2_SCID_FLAG_RETIRED); + + rv = conn_call_remove_connection_id(conn, &scid->cid); + if (rv != 0) { + return rv; + } + + ngtcp2_ksl_remove(&conn->scid.set, NULL, + ngtcp2_ksl_key_ptr(&key, &scid->cid)); + ngtcp2_pq_pop(&conn->scid.used); + ngtcp2_mem_free(conn->mem, scid); + + assert(conn->scid.num_retired); + --conn->scid.num_retired; + } + + for (; ngtcp2_ringbuf_len(&conn->dcid.retired);) { + dcid = ngtcp2_ringbuf_get(&conn->dcid.retired, 0); + if (dcid->ts_retired + timeout >= ts) { + break; + } + ngtcp2_ringbuf_pop_front(&conn->dcid.retired); + } + + return 0; +} + +typedef enum { + NGTCP2_WRITE_PKT_FLAG_NONE = 0x00, + /* NGTCP2_WRITE_PKT_FLAG_REQUIRE_PADDING indicates that packet + should be padded */ + NGTCP2_WRITE_PKT_FLAG_REQUIRE_PADDING = 0x01, + /* NGTCP2_WRITE_PKT_FLAG_STREAM_MORE indicates that more stream DATA + may come and it should be encoded into the current packet. */ + NGTCP2_WRITE_PKT_FLAG_STREAM_MORE = 0x02, +} ngtcp2_write_pkt_flag; + +/* + * conn_write_pkt writes a protected packet in the buffer pointed by + * |dest| whose length if |destlen|. |type| specifies the type of + * packet. It can be NGTCP2_PKT_SHORT or NGTCP2_PKT_0RTT. + * + * This function can send new stream data. In order to send stream + * data, specify the underlying stream to |data_strm|. If |fin| is + * set to nonzero, it signals that the given data is the final portion + * of the stream. |datav| vector of length |datavcnt| specify stream + * data to send. If no stream data to send, set |strm| to NULL. The + * number of bytes sent to the stream is assigned to |*pdatalen|. If + * 0 length STREAM data is sent, 0 is assigned to |*pdatalen|. The + * caller should initialize |*pdatalen| to -1. + * + * If |require_padding| is nonzero, padding bytes are added to occupy + * the remaining packet payload. + * + * This function returns the number of bytes written in |dest| if it + * succeeds, or one of the following negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + * NGTCP2_ERR_CALLBACK_FAILURE + * User-defined callback function failed. + * NGTCP2_ERR_STREAM_DATA_BLOCKED + * Stream data could not be written because of flow control. + */ +static ssize_t conn_write_pkt(ngtcp2_conn *conn, uint8_t *dest, size_t destlen, + ssize_t *pdatalen, uint8_t type, + ngtcp2_strm *data_strm, int fin, + const ngtcp2_vec *datav, size_t datavcnt, + uint8_t flags, ngtcp2_tstamp ts) { + int rv; + ngtcp2_crypto_ctx *ctx = &conn->pkt.ctx; + ngtcp2_ppe *ppe = &conn->pkt.ppe; + ngtcp2_pkt_hd *hd = &conn->pkt.hd; + ngtcp2_frame *ackfr = NULL, lfr; + ssize_t nwrite; + ngtcp2_frame_chain **pfrc, *nfrc, *frc; + ngtcp2_rtb_entry *ent; + ngtcp2_strm *strm; + int pkt_empty = 1; + size_t ndatalen = 0; + int send_stream = 0; + int stream_blocked = 0; + ngtcp2_pktns *pktns = &conn->pktns; + size_t left; + size_t datalen = ngtcp2_vec_len(datav, datavcnt); + ngtcp2_vec data[NGTCP2_MAX_STREAM_DATACNT]; + size_t datacnt; + uint8_t rtb_entry_flags = NGTCP2_RTB_FLAG_NONE; + int hd_logged = 0; + ngtcp2_path_challenge_entry *pcent; + uint8_t hd_flags; + int require_padding = (flags & NGTCP2_WRITE_PKT_FLAG_REQUIRE_PADDING) != 0; + int stream_more = (flags & NGTCP2_WRITE_PKT_FLAG_STREAM_MORE) != 0; + int ppe_pending = (conn->flags & NGTCP2_CONN_FLAG_PPE_PENDING) != 0; + + if (data_strm) { + ndatalen = conn_enforce_flow_control(conn, data_strm, datalen); + /* 0 length STREAM frame is allowed */ + if (ndatalen || datalen == 0) { + send_stream = 1; + } else { + stream_blocked = 1; + } + } + + if (conn->oscid.datalen) { + rv = conn_enqueue_new_connection_id(conn); + if (rv != 0) { + return rv; + } + } + + if (!ppe_pending) { + switch (type) { + case NGTCP2_PKT_SHORT: + hd_flags = + (pktns->crypto.tx.ckm->flags & NGTCP2_CRYPTO_KM_FLAG_KEY_PHASE_ONE) + ? NGTCP2_PKT_FLAG_KEY_PHASE + : NGTCP2_PKT_FLAG_NONE; + ctx->ckm = pktns->crypto.tx.ckm; + ctx->hp = pktns->crypto.tx.hp; + break; + case NGTCP2_PKT_0RTT: + assert(!conn->server); + if (!conn->early.ckm) { + return 0; + } + hd_flags = NGTCP2_PKT_FLAG_LONG_FORM; + ctx->ckm = conn->early.ckm; + ctx->hp = conn->early.hp; + break; + default: + /* Unreachable */ + assert(0); + } + + ctx->aead_overhead = conn->crypto.aead_overhead; + ctx->encrypt = conn->callbacks.encrypt; + ctx->hp_mask = conn->callbacks.hp_mask; + ctx->user_data = conn; + + /* TODO Take into account stream frames */ + if ((pktns->tx.frq || send_stream || + ngtcp2_ringbuf_len(&conn->rx.path_challenge) || + conn_should_send_max_data(conn)) && + conn->rx.unsent_max_offset > conn->rx.max_offset) { + rv = ngtcp2_frame_chain_new(&nfrc, conn->mem); + if (rv != 0) { + return rv; + } + nfrc->fr.type = NGTCP2_FRAME_MAX_DATA; + nfrc->fr.max_data.max_data = conn->rx.unsent_max_offset; + nfrc->next = pktns->tx.frq; + pktns->tx.frq = nfrc; + + conn->rx.max_offset = conn->rx.unsent_max_offset; + } + + ngtcp2_pkt_hd_init(hd, hd_flags, type, &conn->dcid.current.cid, + &conn->oscid, pktns->tx.last_pkt_num + 1, + pktns_select_pkt_numlen(pktns), conn->version, 0); + + ngtcp2_ppe_init(ppe, dest, destlen, ctx); + + rv = ngtcp2_ppe_encode_hd(ppe, hd); + if (rv != 0) { + assert(NGTCP2_ERR_NOBUF == rv); + return 0; + } + + if (!ngtcp2_ppe_ensure_hp_sample(ppe)) { + return 0; + } + + for (; ngtcp2_ringbuf_len(&conn->rx.path_challenge);) { + pcent = ngtcp2_ringbuf_get(&conn->rx.path_challenge, 0); + + lfr.type = NGTCP2_FRAME_PATH_RESPONSE; + memcpy(lfr.path_response.data, pcent->data, + sizeof(lfr.path_response.data)); + + rv = conn_ppe_write_frame_hd_log(conn, ppe, &hd_logged, hd, &lfr); + if (rv != 0) { + assert(NGTCP2_ERR_NOBUF == rv); + break; + } + + ngtcp2_ringbuf_pop_front(&conn->rx.path_challenge); + + pkt_empty = 0; + rtb_entry_flags |= NGTCP2_RTB_FLAG_ACK_ELICITING; + /* We don't retransmit PATH_RESPONSE. */ + break; + } + + rv = conn_create_ack_frame(conn, &ackfr, &pktns->acktr, type, ts, + conn_compute_ack_delay(conn), + conn->local.settings.ack_delay_exponent); + if (rv != 0) { + assert(ngtcp2_err_is_fatal(rv)); + return rv; + } + + if (ackfr) { + rv = conn_ppe_write_frame_hd_log(conn, ppe, &hd_logged, hd, ackfr); + if (rv != 0) { + assert(NGTCP2_ERR_NOBUF == rv); + } else { + ngtcp2_acktr_commit_ack(&pktns->acktr); + ngtcp2_acktr_add_ack(&pktns->acktr, hd->pkt_num, + ackfr->ack.largest_ack); + pkt_empty = 0; + } + ngtcp2_mem_free(conn->mem, ackfr); + ackfr = NULL; + } + + for (pfrc = &pktns->tx.frq; *pfrc;) { + switch ((*pfrc)->fr.type) { + case NGTCP2_FRAME_STOP_SENDING: + strm = + ngtcp2_conn_find_stream(conn, (*pfrc)->fr.stop_sending.stream_id); + if (strm == NULL || (strm->flags & NGTCP2_STRM_FLAG_SHUT_RD)) { + frc = *pfrc; + *pfrc = (*pfrc)->next; + ngtcp2_frame_chain_del(frc, conn->mem); + continue; + } + break; + case NGTCP2_FRAME_STREAM: + assert(0); + break; + case NGTCP2_FRAME_MAX_STREAMS_BIDI: + if ((*pfrc)->fr.max_streams.max_streams < + conn->remote.bidi.max_streams) { + frc = *pfrc; + *pfrc = (*pfrc)->next; + ngtcp2_frame_chain_del(frc, conn->mem); + continue; + } + break; + case NGTCP2_FRAME_MAX_STREAMS_UNI: + if ((*pfrc)->fr.max_streams.max_streams < + conn->remote.uni.max_streams) { + frc = *pfrc; + *pfrc = (*pfrc)->next; + ngtcp2_frame_chain_del(frc, conn->mem); + continue; + } + break; + case NGTCP2_FRAME_MAX_STREAM_DATA: + strm = ngtcp2_conn_find_stream(conn, + (*pfrc)->fr.max_stream_data.stream_id); + if (strm == NULL || (strm->flags & NGTCP2_STRM_FLAG_SHUT_RD) || + (*pfrc)->fr.max_stream_data.max_stream_data < strm->rx.max_offset) { + frc = *pfrc; + *pfrc = (*pfrc)->next; + ngtcp2_frame_chain_del(frc, conn->mem); + continue; + } + break; + case NGTCP2_FRAME_MAX_DATA: + if ((*pfrc)->fr.max_data.max_data < conn->rx.max_offset) { + frc = *pfrc; + *pfrc = (*pfrc)->next; + ngtcp2_frame_chain_del(frc, conn->mem); + continue; + } + break; + case NGTCP2_FRAME_CRYPTO: + assert(0); + break; + } + + rv = conn_ppe_write_frame_hd_log(conn, ppe, &hd_logged, hd, &(*pfrc)->fr); + if (rv != 0) { + assert(NGTCP2_ERR_NOBUF == rv); + break; + } + + pkt_empty = 0; + rtb_entry_flags |= NGTCP2_RTB_FLAG_ACK_ELICITING; + pfrc = &(*pfrc)->next; + } + + if (rv != NGTCP2_ERR_NOBUF) { + for (; ngtcp2_ksl_len(&pktns->crypto.tx.frq);) { + left = ngtcp2_ppe_left(ppe); + + left = ngtcp2_pkt_crypto_max_datalen( + conn_cryptofrq_top(conn, pktns)->fr.crypto.offset, left, left); + + if (left == (size_t)-1) { + break; + } + + rv = conn_cryptofrq_pop(conn, &nfrc, pktns, left); + if (rv != 0) { + assert(ngtcp2_err_is_fatal(rv)); + return rv; + } + + if (nfrc == NULL) { + break; + } + + rv = conn_ppe_write_frame_hd_log(conn, ppe, &hd_logged, hd, &nfrc->fr); + if (rv != 0) { + assert(0); + } + + *pfrc = nfrc; + pfrc = &(*pfrc)->next; + + pkt_empty = 0; + rtb_entry_flags |= NGTCP2_RTB_FLAG_ACK_ELICITING; + } + } + + /* Write MAX_STREAM_ID after RESET_STREAM so that we can extend stream + ID space in one packet. */ + if (rv != NGTCP2_ERR_NOBUF && *pfrc == NULL && + conn->remote.bidi.unsent_max_streams > conn->remote.bidi.max_streams) { + rv = conn_call_extend_max_remote_streams_bidi( + conn, conn->remote.bidi.unsent_max_streams); + if (rv != 0) { + assert(ngtcp2_err_is_fatal(rv)); + return rv; + } + + rv = ngtcp2_frame_chain_new(&nfrc, conn->mem); + if (rv != 0) { + assert(ngtcp2_err_is_fatal(rv)); + return rv; + } + nfrc->fr.type = NGTCP2_FRAME_MAX_STREAMS_BIDI; + nfrc->fr.max_streams.max_streams = conn->remote.bidi.unsent_max_streams; + *pfrc = nfrc; + + conn->remote.bidi.max_streams = conn->remote.bidi.unsent_max_streams; + + rv = conn_ppe_write_frame_hd_log(conn, ppe, &hd_logged, hd, &(*pfrc)->fr); + if (rv != 0) { + assert(NGTCP2_ERR_NOBUF == rv); + } else { + pkt_empty = 0; + rtb_entry_flags |= NGTCP2_RTB_FLAG_ACK_ELICITING; + pfrc = &(*pfrc)->next; + } + } + + if (rv != NGTCP2_ERR_NOBUF && *pfrc == NULL) { + if (conn->remote.uni.unsent_max_streams > conn->remote.uni.max_streams) { + rv = conn_call_extend_max_remote_streams_uni( + conn, conn->remote.uni.unsent_max_streams); + if (rv != 0) { + assert(ngtcp2_err_is_fatal(rv)); + return rv; + } + + rv = ngtcp2_frame_chain_new(&nfrc, conn->mem); + if (rv != 0) { + assert(ngtcp2_err_is_fatal(rv)); + return rv; + } + nfrc->fr.type = NGTCP2_FRAME_MAX_STREAMS_UNI; + nfrc->fr.max_streams.max_streams = conn->remote.uni.unsent_max_streams; + *pfrc = nfrc; + + conn->remote.uni.max_streams = conn->remote.uni.unsent_max_streams; + + rv = conn_ppe_write_frame_hd_log(conn, ppe, &hd_logged, hd, + &(*pfrc)->fr); + if (rv != 0) { + assert(NGTCP2_ERR_NOBUF == rv); + } else { + pkt_empty = 0; + rtb_entry_flags |= NGTCP2_RTB_FLAG_ACK_ELICITING; + pfrc = &(*pfrc)->next; + } + } + } + + if (rv != NGTCP2_ERR_NOBUF) { + for (; !ngtcp2_pq_empty(&conn->tx.strmq);) { + strm = ngtcp2_conn_tx_strmq_top(conn); + + if (!(strm->flags & NGTCP2_STRM_FLAG_SHUT_RD) && + strm->rx.max_offset < strm->rx.unsent_max_offset) { + rv = ngtcp2_frame_chain_new(&nfrc, conn->mem); + if (rv != 0) { + assert(ngtcp2_err_is_fatal(rv)); + return rv; + } + nfrc->fr.type = NGTCP2_FRAME_MAX_STREAM_DATA; + nfrc->fr.max_stream_data.stream_id = strm->stream_id; + nfrc->fr.max_stream_data.max_stream_data = strm->rx.unsent_max_offset; + ngtcp2_list_insert(nfrc, pfrc); + + rv = + conn_ppe_write_frame_hd_log(conn, ppe, &hd_logged, hd, &nfrc->fr); + if (rv != 0) { + assert(NGTCP2_ERR_NOBUF == rv); + break; + } + + pkt_empty = 0; + rtb_entry_flags |= NGTCP2_RTB_FLAG_ACK_ELICITING; + pfrc = &(*pfrc)->next; + strm->rx.max_offset = strm->rx.unsent_max_offset; + } + + if (ngtcp2_strm_streamfrq_empty(strm)) { + ngtcp2_conn_tx_strmq_pop(conn); + continue; + } + + left = ngtcp2_ppe_left(ppe); + + left = ngtcp2_pkt_stream_max_datalen( + strm->stream_id, ngtcp2_strm_streamfrq_top(strm)->fr.stream.offset, + left, left); + + if (left == (size_t)-1) { + break; + } + + rv = ngtcp2_strm_streamfrq_pop(strm, &nfrc, left); + if (rv != 0) { + assert(ngtcp2_err_is_fatal(rv)); + return rv; + } + + if (nfrc == NULL) { + /* TODO Why? */ + break; + } + + rv = conn_ppe_write_frame_hd_log(conn, ppe, &hd_logged, hd, &nfrc->fr); + if (rv != 0) { + assert(0); + } + + *pfrc = nfrc; + pfrc = &(*pfrc)->next; + + pkt_empty = 0; + rtb_entry_flags |= NGTCP2_RTB_FLAG_ACK_ELICITING; + + if (ngtcp2_strm_streamfrq_empty(strm)) { + ngtcp2_conn_tx_strmq_pop(conn); + continue; + } + + ngtcp2_conn_tx_strmq_pop(conn); + ++strm->cycle; + rv = ngtcp2_conn_tx_strmq_push(conn, strm); + if (rv != 0) { + assert(ngtcp2_err_is_fatal(rv)); + return rv; + } + } + } + } else { + pfrc = conn->pkt.pfrc; + rtb_entry_flags |= conn->pkt.rtb_entry_flags; + pkt_empty = conn->pkt.pkt_empty; + } + + left = ngtcp2_ppe_left(ppe); + + if (rv != NGTCP2_ERR_NOBUF && send_stream && *pfrc == NULL && + (ndatalen = ngtcp2_pkt_stream_max_datalen(data_strm->stream_id, + data_strm->tx.offset, ndatalen, + left)) != (size_t)-1 && + (ndatalen || datalen == 0)) { + datacnt = ngtcp2_vec_copy(data, &ndatalen, NGTCP2_MAX_STREAM_DATACNT, datav, + datavcnt, ndatalen); + + rv = ngtcp2_frame_chain_stream_datacnt_new(&nfrc, datacnt, conn->mem); + if (rv != 0) { + assert(ngtcp2_err_is_fatal(rv)); + return rv; + } + + nfrc->fr.stream.type = NGTCP2_FRAME_STREAM; + nfrc->fr.stream.flags = 0; + nfrc->fr.stream.stream_id = data_strm->stream_id; + nfrc->fr.stream.offset = data_strm->tx.offset; + nfrc->fr.stream.datacnt = datacnt; + ngtcp2_vec_clone(nfrc->fr.stream.data, data, datacnt); + + fin = fin && ndatalen == datalen; + nfrc->fr.stream.fin = (uint8_t)fin; + + rv = conn_ppe_write_frame_hd_log(conn, ppe, &hd_logged, hd, &nfrc->fr); + if (rv != 0) { + assert(0); + } + + *pfrc = nfrc; + pfrc = &(*pfrc)->next; + + pkt_empty = 0; + rtb_entry_flags |= NGTCP2_RTB_FLAG_ACK_ELICITING; + + data_strm->tx.offset += ndatalen; + conn->tx.offset += ndatalen; + + if (fin) { + ngtcp2_strm_shutdown(data_strm, NGTCP2_STRM_FLAG_SHUT_WR); + } + + if (pdatalen) { + *pdatalen = (ssize_t)ndatalen; + } + } else { + send_stream = 0; + } + + if (pkt_empty) { + assert(rv == 0 || NGTCP2_ERR_NOBUF == rv); + if (rv == 0 && stream_blocked) { + return NGTCP2_ERR_STREAM_DATA_BLOCKED; + } + return 0; + } + + if (stream_more) { + conn->pkt.pfrc = pfrc; + conn->pkt.pkt_empty = pkt_empty; + conn->pkt.rtb_entry_flags = rtb_entry_flags; + conn->flags |= NGTCP2_CONN_FLAG_PPE_PENDING; + + if (stream_blocked) { + return NGTCP2_ERR_STREAM_DATA_BLOCKED; + } + if (send_stream) { + return NGTCP2_ERR_WRITE_STREAM_MORE; + } + } + + /* TODO Push STREAM frame back to ngtcp2_strm if there is an error + before ngtcp2_rtb_entry is safely created and added. */ + if ((require_padding || + (type == NGTCP2_PKT_0RTT && conn->state == NGTCP2_CS_CLIENT_INITIAL)) && + ngtcp2_ppe_left(ppe)) { + lfr.type = NGTCP2_FRAME_PADDING; + lfr.padding.len = ngtcp2_ppe_padding(ppe); + ngtcp2_log_tx_fr(&conn->log, hd, &lfr); + } else { + lfr.type = NGTCP2_FRAME_PADDING; + lfr.padding.len = ngtcp2_ppe_padding_hp_sample(ppe); + if (lfr.padding.len) { + ngtcp2_log_tx_fr(&conn->log, hd, &lfr); + } + } + + nwrite = ngtcp2_ppe_final(ppe, NULL); + if (nwrite < 0) { + assert(ngtcp2_err_is_fatal((int)nwrite)); + return nwrite; + } + + if (*pfrc != pktns->tx.frq) { + rv = ngtcp2_rtb_entry_new(&ent, hd, NULL, ts, (size_t)nwrite, + rtb_entry_flags, conn->mem); + if (rv != 0) { + assert(ngtcp2_err_is_fatal((int)nwrite)); + return rv; + } + + ent->frc = pktns->tx.frq; + pktns->tx.frq = *pfrc; + *pfrc = NULL; + + rv = conn_on_pkt_sent(conn, &pktns->rtb, ent); + if (rv != 0) { + assert(ngtcp2_err_is_fatal(rv)); + ngtcp2_rtb_entry_del(ent, conn->mem); + return rv; + } + } + + conn->flags &= (uint16_t)~NGTCP2_CONN_FLAG_PPE_PENDING; + + ++pktns->tx.last_pkt_num; + + return nwrite; +} + +/* + * conn_write_single_frame_pkt writes a packet which contains |fr| + * frame only in the buffer pointed by |dest| whose length if + * |destlen|. |type| is a long packet type to send. If |type| is 0, + * Short packet is used. |dcid| is used as a destination connection + * ID. + * + * The packet written by this function will not be retransmitted. + * + * This function returns the number of bytes written in |dest| if it + * succeeds, or one of the following negative error codes: + * + * NGTCP2_ERR_CALLBACK_FAILURE + * User-defined callback function failed. + */ +static ssize_t conn_write_single_frame_pkt(ngtcp2_conn *conn, uint8_t *dest, + size_t destlen, uint8_t type, + const ngtcp2_cid *dcid, + ngtcp2_frame *fr, uint8_t rtb_flags, + ngtcp2_tstamp ts) { + int rv; + ngtcp2_ppe ppe; + ngtcp2_pkt_hd hd; + ngtcp2_frame lfr; + ssize_t nwrite; + ngtcp2_crypto_ctx ctx; + ngtcp2_pktns *pktns; + uint8_t flags; + ngtcp2_rtb_entry *rtbent; + + switch (type) { + case NGTCP2_PKT_INITIAL: + pktns = &conn->in_pktns; + ctx.aead_overhead = NGTCP2_INITIAL_AEAD_OVERHEAD; + ctx.encrypt = conn->callbacks.in_encrypt; + ctx.hp_mask = conn->callbacks.in_hp_mask; + flags = NGTCP2_PKT_FLAG_LONG_FORM; + break; + case NGTCP2_PKT_HANDSHAKE: + pktns = &conn->hs_pktns; + ctx.aead_overhead = conn->crypto.aead_overhead; + ctx.encrypt = conn->callbacks.encrypt; + ctx.hp_mask = conn->callbacks.hp_mask; + flags = NGTCP2_PKT_FLAG_LONG_FORM; + break; + case NGTCP2_PKT_SHORT: + /* 0 means Short packet. */ + pktns = &conn->pktns; + ctx.aead_overhead = conn->crypto.aead_overhead; + ctx.encrypt = conn->callbacks.encrypt; + ctx.hp_mask = conn->callbacks.hp_mask; + flags = (pktns->crypto.tx.ckm->flags & NGTCP2_CRYPTO_KM_FLAG_KEY_PHASE_ONE) + ? NGTCP2_PKT_FLAG_KEY_PHASE + : NGTCP2_PKT_FLAG_NONE; + break; + default: + /* We don't support 0-RTT packet in this function. */ + assert(0); + } + + ctx.ckm = pktns->crypto.tx.ckm; + ctx.hp = pktns->crypto.tx.hp; + ctx.user_data = conn; + + ngtcp2_pkt_hd_init(&hd, flags, type, dcid, &conn->oscid, + pktns->tx.last_pkt_num + 1, pktns_select_pkt_numlen(pktns), + conn->version, 0); + + ngtcp2_ppe_init(&ppe, dest, destlen, &ctx); + + rv = ngtcp2_ppe_encode_hd(&ppe, &hd); + if (rv != 0) { + assert(NGTCP2_ERR_NOBUF == rv); + return 0; + } + + if (!ngtcp2_ppe_ensure_hp_sample(&ppe)) { + return 0; + } + + ngtcp2_log_tx_pkt_hd(&conn->log, &hd); + + rv = conn_ppe_write_frame(conn, &ppe, &hd, fr); + if (rv != 0) { + assert(NGTCP2_ERR_NOBUF == rv); + return 0; + } + + lfr.type = NGTCP2_FRAME_PADDING; + lfr.padding.len = ngtcp2_ppe_padding_hp_sample(&ppe); + if (lfr.padding.len) { + ngtcp2_log_tx_fr(&conn->log, &hd, &lfr); + } + + nwrite = ngtcp2_ppe_final(&ppe, NULL); + if (nwrite < 0) { + return nwrite; + } + + /* Do this when we are sure that there is no error. */ + if (fr->type == NGTCP2_FRAME_ACK) { + ngtcp2_acktr_commit_ack(&pktns->acktr); + ngtcp2_acktr_add_ack(&pktns->acktr, hd.pkt_num, fr->ack.largest_ack); + } + + if (rtb_flags & NGTCP2_RTB_FLAG_ACK_ELICITING) { + rv = ngtcp2_rtb_entry_new(&rtbent, &hd, NULL, ts, (size_t)nwrite, rtb_flags, + conn->mem); + if (rv != 0) { + return rv; + } + + rv = conn_on_pkt_sent(conn, &pktns->rtb, rtbent); + if (rv != 0) { + ngtcp2_rtb_entry_del(rtbent, conn->mem); + return rv; + } + } + + ++pktns->tx.last_pkt_num; + + return nwrite; +} + +/* + * conn_write_protected_ack_pkt writes QUIC Short packet which only + * includes ACK frame in the buffer pointed by |dest| whose length is + * |destlen|. + * + * This function returns the number of bytes written in |dest| if it + * succeeds, or one of the following negative error codes: + * + * NGTCP2_ERR_CALLBACK_FAILURE + * User-defined callback function failed. + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +static ssize_t conn_write_protected_ack_pkt(ngtcp2_conn *conn, uint8_t *dest, + size_t destlen, ngtcp2_tstamp ts) { + int rv; + ssize_t spktlen; + ngtcp2_frame *ackfr; + ngtcp2_acktr *acktr = &conn->pktns.acktr; + + assert(!(conn->flags & NGTCP2_CONN_FLAG_PPE_PENDING)); + + ackfr = NULL; + rv = conn_create_ack_frame(conn, &ackfr, acktr, NGTCP2_PKT_SHORT, ts, + conn_compute_ack_delay(conn), + conn->local.settings.ack_delay_exponent); + if (rv != 0) { + return rv; + } + + if (!ackfr) { + return 0; + } + + spktlen = conn_write_single_frame_pkt(conn, dest, destlen, NGTCP2_PKT_SHORT, + &conn->dcid.current.cid, ackfr, + NGTCP2_RTB_FLAG_NONE, ts); + ngtcp2_mem_free(conn->mem, ackfr); + if (spktlen < 0) { + return spktlen; + } + + return spktlen; +} + +/* + * conn_process_early_rtb makes any pending 0RTT packet Short packet. + */ +static void conn_process_early_rtb(ngtcp2_conn *conn) { + ngtcp2_rtb_entry *ent; + ngtcp2_rtb *rtb = &conn->pktns.rtb; + ngtcp2_ksl_it it; + + for (it = ngtcp2_rtb_head(rtb); !ngtcp2_ksl_it_end(&it); + ngtcp2_ksl_it_next(&it)) { + ent = ngtcp2_ksl_it_get(&it); + + if ((ent->hd.flags & NGTCP2_PKT_FLAG_LONG_FORM) == 0 || + ent->hd.type != NGTCP2_PKT_0RTT) { + continue; + } + + /* 0-RTT packet is retransmitted as a Short packet. */ + ent->hd.flags &= (uint8_t)~NGTCP2_PKT_FLAG_LONG_FORM; + ent->hd.type = NGTCP2_PKT_SHORT; + } +} + +/* + * conn_write_probe_ping writes probe packet containing PING frame + * (and optionally ACK frame) to the buffer pointed by |dest| of + * length |destlen|. Probe packet is always Short packet. This + * function might return 0 if it cannot write packet (e.g., |destlen| + * is too small). + * + * This function returns the number of bytes written to |dest|, or one + * of the following negative error codes: + * + * NGTCP2_ERR_CALLBACK_FAILURE + * User-defined callback function failed. + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +static ssize_t conn_write_probe_ping(ngtcp2_conn *conn, uint8_t *dest, + size_t destlen, ngtcp2_tstamp ts) { + ngtcp2_ppe ppe; + ngtcp2_pkt_hd hd; + ngtcp2_pktns *pktns = &conn->pktns; + ngtcp2_crypto_ctx ctx; + ngtcp2_frame_chain *frc = NULL; + ngtcp2_rtb_entry *ent; + ngtcp2_frame *ackfr = NULL, lfr; + int rv; + ssize_t nwrite; + + assert(pktns->crypto.tx.ckm); + + ctx.aead_overhead = conn->crypto.aead_overhead; + ctx.encrypt = conn->callbacks.encrypt; + ctx.hp_mask = conn->callbacks.hp_mask; + ctx.ckm = pktns->crypto.tx.ckm; + ctx.hp = pktns->crypto.tx.hp; + ctx.user_data = conn; + + ngtcp2_pkt_hd_init( + &hd, + (pktns->crypto.tx.ckm->flags & NGTCP2_CRYPTO_KM_FLAG_KEY_PHASE_ONE) + ? NGTCP2_PKT_FLAG_KEY_PHASE + : NGTCP2_PKT_FLAG_NONE, + NGTCP2_PKT_SHORT, &conn->dcid.current.cid, NULL, + pktns->tx.last_pkt_num + 1, pktns_select_pkt_numlen(pktns), conn->version, + 0); + + ngtcp2_ppe_init(&ppe, dest, destlen, &ctx); + + rv = ngtcp2_ppe_encode_hd(&ppe, &hd); + if (rv != 0) { + assert(NGTCP2_ERR_NOBUF == rv); + return 0; + } + + if (!ngtcp2_ppe_ensure_hp_sample(&ppe)) { + return 0; + } + + ngtcp2_log_tx_pkt_hd(&conn->log, &hd); + + rv = ngtcp2_frame_chain_new(&frc, conn->mem); + if (rv != 0) { + return rv; + } + + frc->fr.type = NGTCP2_FRAME_PING; + + rv = conn_ppe_write_frame(conn, &ppe, &hd, &frc->fr); + if (rv != 0) { + assert(NGTCP2_ERR_NOBUF == rv); + rv = 0; + goto fail; + } + + rv = conn_create_ack_frame(conn, &ackfr, &pktns->acktr, NGTCP2_PKT_SHORT, ts, + conn_compute_ack_delay(conn), + conn->local.settings.ack_delay_exponent); + if (rv != 0) { + goto fail; + } + + if (ackfr) { + rv = conn_ppe_write_frame(conn, &ppe, &hd, ackfr); + if (rv != 0) { + assert(NGTCP2_ERR_NOBUF == rv); + } else { + ngtcp2_acktr_commit_ack(&pktns->acktr); + ngtcp2_acktr_add_ack(&pktns->acktr, hd.pkt_num, ackfr->ack.largest_ack); + } + ngtcp2_mem_free(conn->mem, ackfr); + ackfr = NULL; + } + + lfr.type = NGTCP2_FRAME_PADDING; + lfr.padding.len = ngtcp2_ppe_padding_hp_sample(&ppe); + if (lfr.padding.len) { + ngtcp2_log_tx_fr(&conn->log, &hd, &lfr); + } + + nwrite = ngtcp2_ppe_final(&ppe, NULL); + if (nwrite < 0) { + rv = (int)nwrite; + goto fail; + } + + rv = ngtcp2_rtb_entry_new( + &ent, &hd, frc, ts, (size_t)nwrite, + NGTCP2_RTB_FLAG_PROBE | NGTCP2_RTB_FLAG_ACK_ELICITING, conn->mem); + if (rv != 0) { + goto fail; + } + + rv = conn_on_pkt_sent(conn, &pktns->rtb, ent); + if (rv != 0) { + ngtcp2_rtb_entry_del(ent, conn->mem); + return rv; + } + + ++pktns->tx.last_pkt_num; + + return nwrite; + +fail: + ngtcp2_frame_chain_del(frc, conn->mem); + + return rv; +} + +/* + * conn_write_probe_pkt writes a QUIC Short packet as probe packet. + * The packet is written to the buffer pointed by |dest| of length + * |destlen|. This function can send new stream data. In order to + * send stream data, specify the underlying stream to |strm|. If + * |fin| is set to nonzero, it signals that the given data is the + * final portion of the stream. |datav| vector of length |datavcnt| + * specify stream data to send. If no stream data to send, set |strm| + * to NULL. The number of bytes sent to the stream is assigned to + * |*pdatalen|. If 0 length STREAM data is sent, 0 is assigned to + * |*pdatalen|. The caller should initialize |*pdatalen| to -1. + * + * This function returns the number of bytes written to the buffer + * pointed by |dest|, or one of the following negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + * NGTCP2_ERR_CALLBACK_FAILURE + * User-defined callback function failed. + * NGTCP2_ERR_STREAM_DATA_BLOCKED + * Stream data could not be written because of flow control. + */ +static ssize_t conn_write_probe_pkt(ngtcp2_conn *conn, uint8_t *dest, + size_t destlen, ssize_t *pdatalen, + ngtcp2_strm *strm, int fin, + const ngtcp2_vec *datav, size_t datavcnt, + ngtcp2_tstamp ts) { + ssize_t nwrite; + + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_CON, + "transmit probe pkt left=%zu", conn->rcs.probe_pkt_left); + + /* a probe packet is not blocked by cwnd. */ + nwrite = conn_write_pkt(conn, dest, destlen, pdatalen, NGTCP2_PKT_SHORT, strm, + fin, datav, datavcnt, NGTCP2_WRITE_PKT_FLAG_NONE, ts); + if (nwrite == 0 || nwrite == NGTCP2_ERR_STREAM_DATA_BLOCKED) { + nwrite = conn_write_probe_ping(conn, dest, destlen, ts); + } + if (nwrite <= 0) { + return nwrite; + } + + --conn->rcs.probe_pkt_left; + + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_CON, "probe pkt size=%zd", + nwrite); + + return nwrite; +} + +/* + * conn_handshake_remnants_left returns nonzero if there may be + * handshake packets the local endpoint has to send, including new + * packets and lost ones. + */ +static int conn_handshake_remnants_left(ngtcp2_conn *conn) { + return !(conn->flags & NGTCP2_CONN_FLAG_HANDSHAKE_COMPLETED) || + ngtcp2_rtb_num_ack_eliciting(&conn->in_pktns.rtb) || + ngtcp2_rtb_num_ack_eliciting(&conn->hs_pktns.rtb) || + ngtcp2_ksl_len(&conn->in_pktns.crypto.tx.frq) || + ngtcp2_ksl_len(&conn->hs_pktns.crypto.tx.frq); +} + +/* + * conn_retire_dcid retires |dcid|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory + */ +static int conn_retire_dcid(ngtcp2_conn *conn, const ngtcp2_dcid *dcid, + ngtcp2_tstamp ts) { + ngtcp2_pktns *pktns = &conn->pktns; + ngtcp2_frame_chain *nfrc; + ngtcp2_ringbuf *rb = &conn->dcid.retired; + ngtcp2_dcid *dest; + int rv; + + if (ngtcp2_ringbuf_full(rb)) { + ngtcp2_ringbuf_pop_front(rb); + } + + dest = ngtcp2_ringbuf_push_back(rb); + ngtcp2_dcid_copy(dest, dcid); + dest->ts_retired = ts; + + rv = ngtcp2_frame_chain_new(&nfrc, conn->mem); + if (rv != 0) { + return rv; + } + + nfrc->fr.type = NGTCP2_FRAME_RETIRE_CONNECTION_ID; + nfrc->fr.retire_connection_id.seq = dcid->seq; + nfrc->next = pktns->tx.frq; + pktns->tx.frq = nfrc; + + return 0; +} + +/* + * conn_stop_pv stops the path validation which is currently running. + * This function does nothing if no path validation is currently being + * performed. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory + */ +static int conn_stop_pv(ngtcp2_conn *conn, ngtcp2_tstamp ts) { + int rv = 0; + ngtcp2_pv *pv = conn->pv; + + if (pv == NULL) { + return 0; + } + + if (pv->flags & NGTCP2_PV_FLAG_RETIRE_DCID_ON_FINISH) { + rv = conn_retire_dcid(conn, &pv->dcid, ts); + } + + ngtcp2_pv_del(pv); + conn->pv = NULL; + + return rv; +} + +/* + * conn_on_path_validation_failed is called when path validation + * fails. This function may delete |pv|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory + * NGTCP2_ERR_CALLBACK_FAILURE + * User-defined callback function failed. + */ +static int conn_on_path_validation_failed(ngtcp2_conn *conn, ngtcp2_pv *pv, + ngtcp2_tstamp ts) { + int rv; + + /* If path validation fails, the bound DCID is no longer + necessary. Retire it. */ + pv->flags |= NGTCP2_PV_FLAG_RETIRE_DCID_ON_FINISH; + + if (!(pv->flags & NGTCP2_PV_FLAG_DONT_CARE)) { + rv = conn_call_path_validation(conn, &pv->dcid.ps.path, + NGTCP2_PATH_VALIDATION_RESULT_FAILURE); + if (rv != 0) { + return rv; + } + } + + if (pv->flags & NGTCP2_PV_FLAG_FALLBACK_ON_FAILURE) { + ngtcp2_dcid_copy(&conn->dcid.current, &pv->fallback_dcid); + } + + return conn_stop_pv(conn, ts); +} + +/* + * conn_write_path_challenge writes a packet which includes + * PATH_CHALLENGE frame into |dest| of length |destlen|. + * + * This function returns the number of bytes written to |dest|, or one + * of the following negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory + * NGTCP2_ERR_CALLBACK_FAILURE + * User-defined callback function failed. + */ +static ssize_t conn_write_path_challenge(ngtcp2_conn *conn, ngtcp2_path *path, + uint8_t *dest, size_t destlen, + ngtcp2_tstamp ts) { + int rv; + ngtcp2_tstamp expiry; + ngtcp2_pv *pv = conn->pv; + ngtcp2_frame lfr; + + ngtcp2_pv_ensure_start(pv, ts); + + if (ngtcp2_pv_validation_timed_out(pv, ts)) { + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PTV, + "path validation was timed out"); + return conn_on_path_validation_failed(conn, pv, ts); + } + + ngtcp2_pv_handle_entry_expiry(pv, ts); + + if (ngtcp2_pv_full(pv)) { + return 0; + } + + if (path) { + ngtcp2_path_copy(path, &pv->dcid.ps.path); + } + + assert(conn->callbacks.rand); + rv = conn->callbacks.rand(conn, lfr.path_challenge.data, + sizeof(lfr.path_challenge.data), + NGTCP2_RAND_CTX_PATH_CHALLENGE, conn->user_data); + if (rv != 0) { + return NGTCP2_ERR_CALLBACK_FAILURE; + } + + lfr.type = NGTCP2_FRAME_PATH_CHALLENGE; + + /* TODO reconsider this. This might get larger pretty quickly than + validation timeout which is just around 3*PTO. */ + expiry = ts + 6ULL * NGTCP2_DEFAULT_INITIAL_RTT * (1ULL << pv->loss_count); + + ngtcp2_pv_add_entry(pv, lfr.path_challenge.data, expiry); + + return conn_write_single_frame_pkt(conn, dest, destlen, NGTCP2_PKT_SHORT, + &pv->dcid.cid, &lfr, + NGTCP2_RTB_FLAG_ACK_ELICITING, ts); +} + +ssize_t ngtcp2_conn_write_pkt(ngtcp2_conn *conn, ngtcp2_path *path, + uint8_t *dest, size_t destlen, ngtcp2_tstamp ts) { + return ngtcp2_conn_writev_stream( + conn, path, dest, destlen, + /* pdatalen = */ NULL, NGTCP2_WRITE_STREAM_FLAG_NONE, + /* stream_id = */ -1, + /* fin = */ 0, /* datav = */ NULL, /* datavcnt = */ 0, ts); +} + +/* + * conn_on_version_negotiation is called when Version Negotiation + * packet is received. The function decodes the data in the buffer + * pointed by |payload| whose length is |payloadlen| as Version + * Negotiation packet payload. The packet header is given in |hd|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + * NGTCP2_ERR_CALLBACK_FAILURE + * User-defined callback function failed. + * NGTCP2_ERR_INVALID_ARGUMENT + * Packet payload is badly formatted. + */ +static int conn_on_version_negotiation(ngtcp2_conn *conn, + const ngtcp2_pkt_hd *hd, + const uint8_t *payload, + size_t payloadlen) { + uint32_t sv[16]; + uint32_t *p; + int rv = 0; + size_t nsv; + + if (payloadlen % sizeof(uint32_t)) { + return NGTCP2_ERR_INVALID_ARGUMENT; + } + + if (payloadlen > sizeof(sv)) { + p = ngtcp2_mem_malloc(conn->mem, payloadlen); + if (p == NULL) { + return NGTCP2_ERR_NOMEM; + } + } else { + p = sv; + } + + /* TODO Just move to the terminal state for now in order not to send + CONNECTION_CLOSE frame. */ + conn->state = NGTCP2_CS_DRAINING; + + nsv = ngtcp2_pkt_decode_version_negotiation(p, payload, payloadlen); + + ngtcp2_log_rx_vn(&conn->log, hd, sv, nsv); + + if (conn->callbacks.recv_version_negotiation) { + rv = conn->callbacks.recv_version_negotiation(conn, hd, sv, nsv, + conn->user_data); + } + + if (p != sv) { + ngtcp2_mem_free(conn->mem, p); + } + + if (rv != 0) { + return NGTCP2_ERR_CALLBACK_FAILURE; + } + + return 0; +} + +/* + * conn_resched_frames reschedules frames linked from |*pfrc| for + * retransmission. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +static int conn_resched_frames(ngtcp2_conn *conn, ngtcp2_pktns *pktns, + ngtcp2_frame_chain **pfrc) { + ngtcp2_frame_chain **first = pfrc; + ngtcp2_frame_chain *frc; + ngtcp2_stream *sfr; + ngtcp2_strm *strm; + ngtcp2_ksl_key key; + int rv; + + if (*pfrc == NULL) { + return 0; + } + + for (; *pfrc;) { + switch ((*pfrc)->fr.type) { + case NGTCP2_FRAME_STREAM: + frc = *pfrc; + + *pfrc = frc->next; + frc->next = NULL; + sfr = &frc->fr.stream; + + strm = ngtcp2_conn_find_stream(conn, sfr->stream_id); + if (!strm) { + ngtcp2_frame_chain_del(frc, conn->mem); + break; + } + rv = ngtcp2_strm_streamfrq_push(strm, frc); + if (rv != 0) { + ngtcp2_frame_chain_del(frc, conn->mem); + return rv; + } + if (!ngtcp2_strm_is_tx_queued(strm)) { + rv = ngtcp2_conn_tx_strmq_push(conn, strm); + if (rv != 0) { + return rv; + } + } + break; + case NGTCP2_FRAME_CRYPTO: + frc = *pfrc; + + *pfrc = frc->next; + frc->next = NULL; + + rv = ngtcp2_ksl_insert(&pktns->crypto.tx.frq, NULL, + ngtcp2_ksl_key_ptr(&key, &frc->fr.crypto.offset), + frc); + if (rv != 0) { + assert(ngtcp2_err_is_fatal(rv)); + ngtcp2_frame_chain_del(frc, conn->mem); + return rv; + } + break; + default: + pfrc = &(*pfrc)->next; + } + } + + *pfrc = pktns->tx.frq; + pktns->tx.frq = *first; + + return 0; +} + +/* + * conn_on_retry is called when Retry packet is received. The + * function decodes the data in the buffer pointed by |payload| whose + * length is |payloadlen| as Retry packet payload. The packet header + * is given in |hd|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + * NGTCP2_ERR_CALLBACK_FAILURE + * User-defined callback function failed. + * NGTCP2_ERR_INVALID_ARGUMENT + * Packet payload is badly formatted. + * NGTCP2_ERR_PROTO + * ODCID does not match; or Token is empty. + */ +static int conn_on_retry(ngtcp2_conn *conn, const ngtcp2_pkt_hd *hd, + const uint8_t *payload, size_t payloadlen) { + int rv; + ngtcp2_pkt_retry retry; + uint8_t *p; + ngtcp2_rtb *rtb = &conn->pktns.rtb; + ngtcp2_rtb *in_rtb = &conn->in_pktns.rtb; + uint8_t cidbuf[sizeof(retry.odcid.data) * 2 + 1]; + ngtcp2_frame_chain *frc = NULL; + + if (conn->flags & NGTCP2_CONN_FLAG_RECV_RETRY) { + return 0; + } + + rv = ngtcp2_pkt_decode_retry(&retry, payload, payloadlen); + if (rv != 0) { + return rv; + } + + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, "odcid=0x%s", + (const char *)ngtcp2_encode_hex(cidbuf, retry.odcid.data, + retry.odcid.datalen)); + + if (!ngtcp2_cid_eq(&conn->dcid.current.cid, &retry.odcid) || + retry.tokenlen == 0) { + return NGTCP2_ERR_PROTO; + } + + /* DCID must be updated before invoking callback because client + generates new initial keys there. */ + conn->dcid.current.cid = hd->scid; + + conn->flags |= NGTCP2_CONN_FLAG_RECV_RETRY; + + assert(conn->callbacks.recv_retry); + + rv = conn->callbacks.recv_retry(conn, hd, &retry, conn->user_data); + if (rv != 0) { + return NGTCP2_ERR_CALLBACK_FAILURE; + } + + conn->state = NGTCP2_CS_CLIENT_INITIAL; + + /* Just freeing memory is dangerous because we might free twice. */ + + ngtcp2_rtb_remove_all(rtb, &frc); + + rv = conn_resched_frames(conn, &conn->pktns, &frc); + if (rv != 0) { + assert(ngtcp2_err_is_fatal(rv)); + ngtcp2_frame_chain_list_del(frc, conn->mem); + return rv; + } + + frc = NULL; + ngtcp2_rtb_remove_all(in_rtb, &frc); + + rv = conn_resched_frames(conn, &conn->in_pktns, &frc); + if (rv != 0) { + assert(ngtcp2_err_is_fatal(rv)); + ngtcp2_frame_chain_list_del(frc, conn->mem); + return rv; + } + + assert(conn->token.begin == NULL); + + p = ngtcp2_mem_malloc(conn->mem, retry.tokenlen); + if (p == NULL) { + return NGTCP2_ERR_NOMEM; + } + ngtcp2_buf_init(&conn->token, p, retry.tokenlen); + + ngtcp2_cpymem(conn->token.begin, retry.token, retry.tokenlen); + conn->token.pos = conn->token.begin; + conn->token.last = conn->token.pos + retry.tokenlen; + + return 0; +} + +int ngtcp2_conn_detect_lost_pkt(ngtcp2_conn *conn, ngtcp2_pktns *pktns, + ngtcp2_rcvry_stat *rcs, ngtcp2_tstamp ts) { + ngtcp2_frame_chain *frc = NULL; + int rv; + ngtcp2_duration pto = conn_compute_pto(conn); + + ngtcp2_rtb_detect_lost_pkt(&pktns->rtb, &frc, rcs, pto, ts); + + rv = conn_resched_frames(conn, pktns, &frc); + if (rv != 0) { + ngtcp2_frame_chain_list_del(frc, conn->mem); + return rv; + } + + return 0; +} + +/* + * conn_recv_ack processes received ACK frame |fr|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory + * NGTCP2_ERR_ACK_FRAME + * ACK frame is malformed. + * NGTCP2_ERR_CALLBACK_FAILURE + * User callback failed. + */ +static int conn_recv_ack(ngtcp2_conn *conn, ngtcp2_pktns *pktns, ngtcp2_ack *fr, + ngtcp2_tstamp ts) { + int rv; + ngtcp2_frame_chain *frc = NULL; + ngtcp2_rcvry_stat *rcs = &conn->rcs; + ssize_t num_acked; + + rv = ngtcp2_pkt_validate_ack(fr); + if (rv != 0) { + return rv; + } + + ngtcp2_acktr_recv_ack(&pktns->acktr, fr); + + num_acked = ngtcp2_rtb_recv_ack(&pktns->rtb, fr, conn, ts); + if (num_acked < 0) { + /* TODO assert this */ + assert(ngtcp2_err_is_fatal((int)num_acked)); + ngtcp2_frame_chain_list_del(frc, conn->mem); + return (int)num_acked; + } + + if (num_acked == 0) { + return 0; + } + + rv = ngtcp2_conn_detect_lost_pkt(conn, pktns, &conn->rcs, ts); + if (rv != 0) { + return rv; + } + + rcs->crypto_count = 0; + rcs->pto_count = 0; + rcs->probe_pkt_left = 0; + + ngtcp2_conn_set_loss_detection_timer(conn); + + return 0; +} + +/* + * conn_assign_recved_ack_delay_unscaled assigns + * fr->ack_delay_unscaled. + */ +static void assign_recved_ack_delay_unscaled(ngtcp2_ack *fr, + uint64_t ack_delay_exponent) { + fr->ack_delay_unscaled = fr->ack_delay * (1UL << ack_delay_exponent) * + (NGTCP2_DURATION_TICK / NGTCP2_MICROSECONDS); +} + +/* + * conn_recv_max_stream_data processes received MAX_STREAM_DATA frame + * |fr|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_STREAM_STATE + * Stream ID indicates that it is a local stream, and the local + * endpoint has not initiated it; or stream is peer initiated + * unidirectional stream. + * NGTCP2_ERR_STREAM_LIMIT + * Stream ID exceeds allowed limit. + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +static int conn_recv_max_stream_data(ngtcp2_conn *conn, + const ngtcp2_max_stream_data *fr) { + ngtcp2_strm *strm; + ngtcp2_idtr *idtr; + int local_stream = conn_local_stream(conn, fr->stream_id); + int bidi = bidi_stream(fr->stream_id); + int rv; + + if (bidi) { + if (local_stream) { + if (conn->local.bidi.next_stream_id <= fr->stream_id) { + return NGTCP2_ERR_STREAM_STATE; + } + } else if (conn->remote.bidi.max_streams < + ngtcp2_ord_stream_id(fr->stream_id)) { + return NGTCP2_ERR_STREAM_LIMIT; + } + + idtr = &conn->remote.bidi.idtr; + } else { + if (!local_stream || conn->local.uni.next_stream_id <= fr->stream_id) { + return NGTCP2_ERR_STREAM_STATE; + } + + idtr = &conn->remote.uni.idtr; + } + + strm = ngtcp2_conn_find_stream(conn, fr->stream_id); + if (strm == NULL) { + if (local_stream) { + /* Stream has been closed. */ + return 0; + } + + rv = ngtcp2_idtr_open(idtr, fr->stream_id); + if (rv != 0) { + if (ngtcp2_err_is_fatal(rv)) { + return rv; + } + assert(rv == NGTCP2_ERR_STREAM_IN_USE); + /* Stream has been closed. */ + return 0; + } + + strm = ngtcp2_mem_malloc(conn->mem, sizeof(ngtcp2_strm)); + if (strm == NULL) { + return NGTCP2_ERR_NOMEM; + } + rv = ngtcp2_conn_init_stream(conn, strm, fr->stream_id, NULL); + if (rv != 0) { + ngtcp2_mem_free(conn->mem, strm); + return rv; + } + } + + if (strm->tx.max_offset < fr->max_stream_data) { + strm->tx.max_offset = fr->max_stream_data; + + /* Don't call callback if stream is half-closed local */ + if (strm->flags & NGTCP2_STRM_FLAG_SHUT_WR) { + return 0; + } + + rv = conn_call_extend_max_stream_data(conn, strm, fr->stream_id, + fr->max_stream_data); + if (rv != 0) { + return rv; + } + } + + return 0; +} + +/* + * conn_recv_max_data processes received MAX_DATA frame |fr|. + */ +static void conn_recv_max_data(ngtcp2_conn *conn, const ngtcp2_max_data *fr) { + conn->tx.max_offset = ngtcp2_max(conn->tx.max_offset, fr->max_data); +} + +/* + * conn_buffer_pkt buffers |pkt| of length |pktlen|, chaining it from + * |*ppc|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +static int conn_buffer_pkt(ngtcp2_conn *conn, ngtcp2_pktns *pktns, + const ngtcp2_path *path, const uint8_t *pkt, + size_t pktlen, ngtcp2_tstamp ts) { + int rv; + ngtcp2_pkt_chain **ppc = &pktns->rx.buffed_pkts, *pc; + size_t i; + for (i = 0; *ppc && i < NGTCP2_MAX_NUM_BUFFED_RX_PKTS; + ppc = &(*ppc)->next, ++i) + ; + + if (i == NGTCP2_MAX_NUM_BUFFED_RX_PKTS) { + return 0; + } + + rv = ngtcp2_pkt_chain_new(&pc, path, pkt, pktlen, ts, conn->mem); + if (rv != 0) { + return rv; + } + + *ppc = pc; + + return 0; +} + +/* + * conn_ensure_decrypt_buffer ensures that conn->crypto.decrypt_buf + * has at least |n| bytes space. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +static int conn_ensure_decrypt_buffer(ngtcp2_conn *conn, size_t n) { + uint8_t *nbuf; + size_t len; + ngtcp2_array *decrypt_buf = &conn->crypto.decrypt_buf; + + if (decrypt_buf->len >= n) { + return 0; + } + + len = decrypt_buf->len == 0 ? 2048 : decrypt_buf->len * 2; + for (; len < n; len *= 2) + ; + nbuf = ngtcp2_mem_realloc(conn->mem, decrypt_buf->base, len); + if (nbuf == NULL) { + return NGTCP2_ERR_NOMEM; + } + decrypt_buf->base = nbuf; + decrypt_buf->len = len; + + return 0; +} + +/* + * conn_decrypt_pkt decrypts the data pointed by |payload| whose + * length is |payloadlen|, and writes plaintext data to the buffer + * pointed by |dest| whose capacity is |destlen|. The buffer pointed + * by |ad| is the Additional Data, and its length is |adlen|. + * |pkt_num| is used to create a nonce. |ckm| is the cryptographic + * key, and iv to use. |decrypt| is a callback function which + * actually decrypts a packet. + * + * This function returns the number of bytes written in |dest| if it + * succeeds, or one of the following negative error codes: + * + * NGTCP2_ERR_CALLBACK_FAILURE + * User callback failed. + * NGTCP2_ERR_TLS_DECRYPT + * TLS backend failed to decrypt data. + */ +static ssize_t conn_decrypt_pkt(ngtcp2_conn *conn, uint8_t *dest, + size_t destlen, const uint8_t *payload, + size_t payloadlen, const uint8_t *ad, + size_t adlen, int64_t pkt_num, + ngtcp2_crypto_km *ckm, ngtcp2_decrypt decrypt) { + /* TODO nonce is limited to 64 bytes. */ + uint8_t nonce[64]; + ssize_t nwrite; + + assert(sizeof(nonce) >= ckm->iv.len); + + ngtcp2_crypto_create_nonce(nonce, ckm->iv.base, ckm->iv.len, pkt_num); + + nwrite = + decrypt(conn, dest, destlen, payload, payloadlen, ckm->key.base, + ckm->key.len, nonce, ckm->iv.len, ad, adlen, conn->user_data); + + if (nwrite < 0) { + if (nwrite == NGTCP2_ERR_TLS_DECRYPT) { + return nwrite; + } + return NGTCP2_ERR_CALLBACK_FAILURE; + } + + return nwrite; +} + +/* + * conn_decrypt_hp decryptes packet header. The packet number starts + * at |pkt| + |pkt_num_offset|. The entire plaintext QUIC packer + * header will be written to the buffer pointed by |dest| whose + * capacity is |destlen|. + * + * This function returns the number of bytes written to |dest|, or one + * of the following negative error codes: + * + * NGTCP2_ERR_PROTO + * Packet is badly formatted + * NGTCP2_ERR_CALLBACK_FAILURE + * User-defined callback function failed; or it does not return + * expected result. + */ +static ssize_t conn_decrypt_hp(ngtcp2_conn *conn, ngtcp2_pkt_hd *hd, + uint8_t *dest, size_t destlen, + const uint8_t *pkt, size_t pktlen, + size_t pkt_num_offset, ngtcp2_crypto_km *ckm, + const ngtcp2_vec *hp, ngtcp2_hp_mask hp_mask, + size_t aead_overhead) { + ssize_t nwrite; + size_t sample_offset; + uint8_t *p = dest; + uint8_t mask[NGTCP2_HP_SAMPLELEN]; + size_t i; + + assert(hp_mask); + assert(ckm); + assert(aead_overhead >= NGTCP2_HP_SAMPLELEN); + assert(destlen >= pkt_num_offset + 4); + + if (pkt_num_offset + NGTCP2_HP_SAMPLELEN > pktlen) { + return NGTCP2_ERR_PROTO; + } + + p = ngtcp2_cpymem(p, pkt, pkt_num_offset); + + sample_offset = pkt_num_offset + 4; + + nwrite = hp_mask(conn, mask, sizeof(mask), hp->base, hp->len, + pkt + sample_offset, NGTCP2_HP_SAMPLELEN, conn->user_data); + if (nwrite < NGTCP2_HP_MASKLEN) { + return NGTCP2_ERR_CALLBACK_FAILURE; + } + + if (hd->flags & NGTCP2_PKT_FLAG_LONG_FORM) { + dest[0] = (uint8_t)(dest[0] ^ (mask[0] & 0x0f)); + } else { + dest[0] = (uint8_t)(dest[0] ^ (mask[0] & 0x1f)); + if (dest[0] & NGTCP2_SHORT_KEY_PHASE_BIT) { + hd->flags |= NGTCP2_PKT_FLAG_KEY_PHASE; + } + } + + hd->pkt_numlen = (size_t)((dest[0] & NGTCP2_PKT_NUMLEN_MASK) + 1); + + for (i = 0; i < hd->pkt_numlen; ++i) { + *p++ = *(pkt + pkt_num_offset + i) ^ mask[i + 1]; + } + + hd->pkt_num = ngtcp2_get_pkt_num(p - hd->pkt_numlen, hd->pkt_numlen); + + return p - dest; +} + +/* + * conn_emit_pending_crypto_data delivers pending stream data to the + * application due to packet reordering. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_CALLBACK_FAILURE + * User callback failed + * NGTCP2_ERR_CRYPTO + * TLS backend reported error + */ +static int conn_emit_pending_crypto_data(ngtcp2_conn *conn, + ngtcp2_crypto_level crypto_level, + ngtcp2_strm *strm, + uint64_t rx_offset) { + size_t datalen; + const uint8_t *data; + int rv; + uint64_t offset; + + for (;;) { + datalen = ngtcp2_rob_data_at(&strm->rx.rob, &data, rx_offset); + if (datalen == 0) { + assert(rx_offset == ngtcp2_strm_rx_offset(strm)); + return 0; + } + + offset = rx_offset; + rx_offset += datalen; + + rv = conn_call_recv_crypto_data(conn, crypto_level, offset, data, datalen); + if (rv != 0) { + return rv; + } + + ngtcp2_rob_pop(&strm->rx.rob, rx_offset - datalen, datalen); + } +} + +/* + * conn_recv_connection_close is called when CONNECTION_CLOSE or + * APPLICATION_CLOSE frame is received. + */ +static void conn_recv_connection_close(ngtcp2_conn *conn) { + conn->state = NGTCP2_CS_DRAINING; +} + +static void conn_recv_path_challenge(ngtcp2_conn *conn, + ngtcp2_path_challenge *fr) { + ngtcp2_path_challenge_entry *ent; + + ent = ngtcp2_ringbuf_push_front(&conn->rx.path_challenge); + ngtcp2_path_challenge_entry_init(ent, fr->data); +} + +static int conn_recv_path_response(ngtcp2_conn *conn, ngtcp2_path_response *fr, + ngtcp2_tstamp ts) { + int rv; + ngtcp2_pv *pv = conn->pv, *npv = NULL; + + if (!pv) { + return 0; + } + + rv = ngtcp2_pv_validate(pv, fr->data); + if (rv != 0) { + if (rv == NGTCP2_ERR_PATH_VALIDATION_FAILED) { + return conn_on_path_validation_failed(conn, pv, ts); + } + return 0; + } + + /* If validation succeeds, we don't have to throw DCID away. */ + pv->flags &= (uint8_t)~NGTCP2_PV_FLAG_RETIRE_DCID_ON_FINISH; + + if (pv->flags & NGTCP2_PV_FLAG_FALLBACK_ON_FAILURE) { + rv = conn_retire_dcid(conn, &pv->fallback_dcid, ts); + if (rv != 0) { + return rv; + } + } + + /* TODO Retire all DCIDs in conn->bound_dcid */ + + if (!(pv->flags & NGTCP2_PV_FLAG_DONT_CARE)) { + if (!(pv->flags & NGTCP2_PV_FLAG_FALLBACK_ON_FAILURE)) { + rv = conn_retire_dcid(conn, &conn->dcid.current, ts); + if (rv != 0) { + goto fail; + } + ngtcp2_dcid_copy(&conn->dcid.current, &pv->dcid); + } + + rv = conn_call_path_validation(conn, &pv->dcid.ps.path, + NGTCP2_PATH_VALIDATION_RESULT_SUCCESS); + if (rv != 0) { + goto fail; + } + } + + rv = conn_stop_pv(conn, ts); + if (rv != 0) { + goto fail; + } + + conn->pv = npv; + + return 0; + +fail: + ngtcp2_pv_del(npv); + + return rv; +} + +/* + * conn_update_rx_bw updates rx bandwidth. + */ +static void conn_update_rx_bw(ngtcp2_conn *conn, size_t datalen, + ngtcp2_tstamp ts) { + /* Reset bandwidth measurement after 1 second idle time. */ + if (conn->rx.bw.last_ts == 0 || ts - conn->rx.bw.last_ts > NGTCP2_SECONDS) { + conn->rx.bw.first_ts = ts; + conn->rx.bw.last_ts = ts; + conn->rx.bw.datalen = datalen; + conn->rx.bw.value = 0.; + return; + } + + conn->rx.bw.last_ts = ts; + conn->rx.bw.datalen += datalen; + + if (ts - conn->rx.bw.first_ts >= 25 * NGTCP2_MILLISECONDS) { + conn->rx.bw.value = + (double)conn->rx.bw.datalen / (double)(ts - conn->rx.bw.first_ts); + + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_CON, "rx_bw=%.02fBs", + conn->rx.bw.value * NGTCP2_DURATION_TICK); + } +} + +/* + * pkt_num_bits returns the number of bits available when packet + * number is encoded in |pkt_numlen| bytes. + */ +static size_t pkt_num_bits(size_t pkt_numlen) { + switch (pkt_numlen) { + case 1: + return 8; + case 2: + return 16; + case 3: + return 24; + case 4: + return 32; + default: + assert(0); + } +} + +/* + * pktns_pkt_num_is_duplicate returns nonzero if |pkt_num| is + * duplicated packet number. + */ +static int pktns_pkt_num_is_duplicate(ngtcp2_pktns *pktns, int64_t pkt_num) { + return ngtcp2_gaptr_is_pushed(&pktns->rx.pngap, (uint64_t)pkt_num, 1); +} + +/* + * pktns_commit_recv_pkt_num marks packet number |pkt_num| as + * received. + */ +static int pktns_commit_recv_pkt_num(ngtcp2_pktns *pktns, int64_t pkt_num) { + int rv; + ngtcp2_ksl_it it; + ngtcp2_ksl_key key; + ngtcp2_range range; + + if (pktns->rx.max_pkt_num + 1 != pkt_num) { + ngtcp2_acktr_immediate_ack(&pktns->acktr); + } + if (pktns->rx.max_pkt_num < pkt_num) { + pktns->rx.max_pkt_num = pkt_num; + } + + rv = ngtcp2_gaptr_push(&pktns->rx.pngap, (uint64_t)pkt_num, 1); + if (rv != 0) { + return rv; + } + + if (ngtcp2_ksl_len(&pktns->rx.pngap.gap) > 256) { + it = ngtcp2_ksl_begin(&pktns->rx.pngap.gap); + range = *(ngtcp2_range *)ngtcp2_ksl_it_key(&it).ptr; + ngtcp2_ksl_remove(&pktns->rx.pngap.gap, NULL, + ngtcp2_ksl_key_ptr(&key, &range)); + } + + return 0; +} + +/* + * conn_discard_initial_key discards Initial packet protection keys. + */ +static void conn_discard_initial_key(ngtcp2_conn *conn) { + ngtcp2_pktns *pktns = &conn->in_pktns; + + if (conn->flags & NGTCP2_CONN_FLAG_INITIAL_KEY_DISCARDED) { + return; + } + + conn->flags |= NGTCP2_CONN_FLAG_INITIAL_KEY_DISCARDED; + + ngtcp2_crypto_km_del(pktns->crypto.tx.ckm, conn->mem); + ngtcp2_crypto_km_del(pktns->crypto.rx.ckm, conn->mem); + + pktns->crypto.tx.ckm = NULL; + pktns->crypto.rx.ckm = NULL; + + ngtcp2_rtb_clear(&pktns->rtb); + ngtcp2_acktr_commit_ack(&pktns->acktr); +} + +static int conn_recv_crypto(ngtcp2_conn *conn, ngtcp2_crypto_level crypto_level, + ngtcp2_strm *strm, const ngtcp2_crypto *fr); + +static ssize_t conn_recv_pkt(ngtcp2_conn *conn, const ngtcp2_path *path, + const uint8_t *pkt, size_t pktlen, + ngtcp2_tstamp ts); + +static int conn_process_buffered_protected_pkt(ngtcp2_conn *conn, + ngtcp2_pktns *pktns, + ngtcp2_tstamp ts); + +/* + * conn_recv_handshake_pkt processes received packet |pkt| whose + * length is |pktlen| during handshake period. The buffer pointed by + * |pkt| might contain multiple packets. This function only processes + * one packet. + * + * This function returns the number of bytes it reads if it succeeds, + * or one of the following negative error codes: + * + * NGTCP2_ERR_RECV_VERSION_NEGOTIATION + * Version Negotiation packet is received. + * NGTCP2_ERR_NOMEM + * Out of memory. + * NGTCP2_ERR_CALLBACK_FAILURE + * User-defined callback function failed. + * NGTCP2_ERR_DISCARD_PKT + * Packet was discarded because plain text header was malformed; + * or its payload could not be decrypted. + * NGTCP2_ERR_FRAME_FORMAT + * Frame is badly formatted + * NGTCP2_ERR_ACK_FRAME + * ACK frame is malformed. + * NGTCP2_ERR_CRYPTO + * TLS stack reported error. + * NGTCP2_ERR_PROTO + * Generic QUIC protocol error. + * + * In addition to the above error codes, error codes returned from + * conn_recv_pkt are also returned. + */ +static ssize_t conn_recv_handshake_pkt(ngtcp2_conn *conn, + const ngtcp2_path *path, + const uint8_t *pkt, size_t pktlen, + ngtcp2_tstamp ts) { + ssize_t nread; + ngtcp2_pkt_hd hd; + ngtcp2_max_frame mfr; + ngtcp2_frame *fr = &mfr.fr; + int rv; + int require_ack = 0; + size_t hdpktlen; + const uint8_t *payload; + size_t payloadlen; + ssize_t nwrite; + uint8_t plain_hdpkt[1500]; + ngtcp2_crypto_km *ckm; + const ngtcp2_vec *hp; + ngtcp2_hp_mask hp_mask; + ngtcp2_decrypt decrypt; + size_t aead_overhead; + ngtcp2_pktns *pktns; + ngtcp2_strm *crypto; + ngtcp2_crypto_level crypto_level; + int invalid_reserved_bits = 0; + + if (pktlen == 0) { + return 0; + } + + if (!(pkt[0] & NGTCP2_HEADER_FORM_BIT)) { + if (conn->state == NGTCP2_CS_SERVER_INITIAL) { + /* Ignore Short packet unless server's first Handshake packet + has been transmitted. */ + return (ssize_t)pktlen; + } + + if (!conn->server && conn->pktns.crypto.rx.ckm) { + rv = conn_process_buffered_protected_pkt(conn, &conn->pktns, ts); + if (rv != 0) { + return rv; + } + return conn_recv_pkt(conn, &conn->dcid.current.ps.path, pkt, pktlen, ts); + } + + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_CON, + "buffering Short packet len=%zu", pktlen); + + rv = conn_buffer_pkt(conn, &conn->hs_pktns, path, pkt, pktlen, ts); + if (rv != 0) { + assert(ngtcp2_err_is_fatal(rv)); + return rv; + } + return (ssize_t)pktlen; + } + + nread = ngtcp2_pkt_decode_hd_long(&hd, pkt, pktlen); + if (nread < 0) { + return NGTCP2_ERR_DISCARD_PKT; + } + + switch (hd.type) { + case NGTCP2_PKT_VERSION_NEGOTIATION: + hdpktlen = (size_t)nread; + + ngtcp2_log_rx_pkt_hd(&conn->log, &hd); + + if (conn->server) { + return NGTCP2_ERR_DISCARD_PKT; + } + + /* Receiving Version Negotiation packet after getting Handshake + packet from server is invalid. */ + if (conn->flags & NGTCP2_CONN_FLAG_CONN_ID_NEGOTIATED) { + return NGTCP2_ERR_DISCARD_PKT; + } + + /* TODO Do not change state here? */ + rv = conn_verify_dcid(conn, &hd); + if (rv != 0) { + if (ngtcp2_err_is_fatal(rv)) { + return rv; + } + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, + "packet was ignored because of mismatched DCID"); + return NGTCP2_ERR_DISCARD_PKT; + } + + if (!ngtcp2_cid_eq(&conn->dcid.current.cid, &hd.scid)) { + /* Just discard invalid Version Negotiation packet */ + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, + "packet was ignored because of mismatched SCID"); + return NGTCP2_ERR_DISCARD_PKT; + } + rv = conn_on_version_negotiation(conn, &hd, pkt + hdpktlen, + pktlen - hdpktlen); + if (rv != 0) { + if (ngtcp2_err_is_fatal(rv)) { + return rv; + } + return NGTCP2_ERR_DISCARD_PKT; + } + return NGTCP2_ERR_RECV_VERSION_NEGOTIATION; + case NGTCP2_PKT_RETRY: + hdpktlen = (size_t)nread; + + ngtcp2_log_rx_pkt_hd(&conn->log, &hd); + + if (conn->server) { + return NGTCP2_ERR_DISCARD_PKT; + } + + /* Receiving Retry packet after getting Initial packet from server + is invalid. */ + if (conn->flags & NGTCP2_CONN_FLAG_CONN_ID_NEGOTIATED) { + return NGTCP2_ERR_DISCARD_PKT; + } + + rv = conn_on_retry(conn, &hd, pkt + hdpktlen, pktlen - hdpktlen); + if (rv != 0) { + if (ngtcp2_err_is_fatal(rv)) { + return rv; + } + return NGTCP2_ERR_DISCARD_PKT; + } + return (ssize_t)pktlen; + } + + if (pktlen < (size_t)nread + hd.len) { + return NGTCP2_ERR_DISCARD_PKT; + } + + pktlen = (size_t)nread + hd.len; + + if (conn->version != hd.version) { + return NGTCP2_ERR_DISCARD_PKT; + } + + /* Quoted from spec: if subsequent packets of those types include a + different Source Connection ID, they MUST be discarded. */ + if ((conn->flags & NGTCP2_CONN_FLAG_CONN_ID_NEGOTIATED) && + !ngtcp2_cid_eq(&conn->dcid.current.cid, &hd.scid)) { + ngtcp2_log_rx_pkt_hd(&conn->log, &hd); + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, + "packet was ignored because of mismatched SCID"); + return NGTCP2_ERR_DISCARD_PKT; + } + + switch (hd.type) { + case NGTCP2_PKT_0RTT: + if (!conn->server) { + return NGTCP2_ERR_DISCARD_PKT; + } + if (conn->flags & NGTCP2_CONN_FLAG_CONN_ID_NEGOTIATED) { + if (conn->early.ckm) { + ssize_t nread2; + /* TODO Avoid to parse header twice. */ + nread2 = + conn_recv_pkt(conn, &conn->dcid.current.ps.path, pkt, pktlen, ts); + if (nread2 < 0) { + return nread2; + } + } + + /* Discard 0-RTT packet if we don't have a key to decrypt it. */ + return (ssize_t)pktlen; + } + + /* Buffer re-ordered 0-RTT packet. */ + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_CON, + "buffering 0-RTT packet len=%zu", pktlen); + + rv = conn_buffer_pkt(conn, &conn->in_pktns, path, pkt, pktlen, ts); + if (rv != 0) { + assert(ngtcp2_err_is_fatal(rv)); + return rv; + } + + return (ssize_t)pktlen; + case NGTCP2_PKT_INITIAL: + if (conn->flags & NGTCP2_CONN_FLAG_INITIAL_KEY_DISCARDED) { + ngtcp2_log_info( + &conn->log, NGTCP2_LOG_EVENT_PKT, + "Initial packet is discarded because keys have been discarded"); + return (ssize_t)pktlen; + } + + if (conn->server) { + if ((conn->flags & NGTCP2_CONN_FLAG_CONN_ID_NEGOTIATED) == 0) { + rv = conn_call_recv_client_initial(conn, &hd.dcid); + if (rv != 0) { + return rv; + } + } + } else if (hd.tokenlen != 0) { + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, + "packet was ignored because token is not empty"); + return NGTCP2_ERR_DISCARD_PKT; + } + + pktns = &conn->in_pktns; + hp_mask = conn->callbacks.in_hp_mask; + decrypt = conn->callbacks.in_decrypt; + aead_overhead = NGTCP2_INITIAL_AEAD_OVERHEAD; + crypto = &conn->in_pktns.crypto.strm; + crypto_level = NGTCP2_CRYPTO_LEVEL_INITIAL; + + break; + case NGTCP2_PKT_HANDSHAKE: + if (!conn->hs_pktns.crypto.rx.ckm) { + if (conn->server) { + ngtcp2_log_info( + &conn->log, NGTCP2_LOG_EVENT_PKT, + "Handshake packet at this point is unexpected and discarded"); + return (ssize_t)pktlen; + } + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_CON, + "buffering Handshake packet len=%zu", pktlen); + + rv = conn_buffer_pkt(conn, &conn->in_pktns, path, pkt, pktlen, ts); + if (rv != 0) { + assert(ngtcp2_err_is_fatal(rv)); + return rv; + } + return (ssize_t)pktlen; + } + + pktns = &conn->hs_pktns; + hp_mask = conn->callbacks.hp_mask; + decrypt = conn->callbacks.decrypt; + aead_overhead = conn->crypto.aead_overhead; + crypto = &conn->hs_pktns.crypto.strm; + crypto_level = NGTCP2_CRYPTO_LEVEL_HANDSHAKE; + + break; + default: + /* unknown packet type */ + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, + "packet was ignored because of unknown packet type"); + return (ssize_t)pktlen; + } + + ckm = pktns->crypto.rx.ckm; + hp = pktns->crypto.rx.hp; + + assert(ckm); + assert(hp_mask); + assert(decrypt); + + nwrite = + conn_decrypt_hp(conn, &hd, plain_hdpkt, sizeof(plain_hdpkt), pkt, pktlen, + (size_t)nread, ckm, hp, hp_mask, aead_overhead); + if (nwrite < 0) { + if (ngtcp2_err_is_fatal((int)nwrite)) { + return nwrite; + } + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, + "could not decrypt packet number"); + return NGTCP2_ERR_DISCARD_PKT; + } + + hdpktlen = (size_t)nwrite; + payload = pkt + hdpktlen; + payloadlen = hd.len - hd.pkt_numlen; + + hd.pkt_num = ngtcp2_pkt_adjust_pkt_num(pktns->rx.max_pkt_num, hd.pkt_num, + pkt_num_bits(hd.pkt_numlen)); + if (hd.pkt_num > NGTCP2_MAX_PKT_NUM) { + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, + "pkn=%" PRId64 " is greater than maximum pkn", hd.pkt_num); + return NGTCP2_ERR_DISCARD_PKT; + } + + ngtcp2_log_rx_pkt_hd(&conn->log, &hd); + + rv = ngtcp2_pkt_verify_reserved_bits(plain_hdpkt[0]); + if (rv != 0) { + invalid_reserved_bits = 1; + + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, + "packet has incorrect reserved bits"); + + /* Will return error after decrypting payload */ + } + + if (pktns_pkt_num_is_duplicate(pktns, hd.pkt_num)) { + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, + "packet was discarded because of duplicated packet number"); + return NGTCP2_ERR_DISCARD_PKT; + } + + rv = conn_ensure_decrypt_buffer(conn, payloadlen); + if (rv != 0) { + return rv; + } + + nwrite = conn_decrypt_pkt(conn, conn->crypto.decrypt_buf.base, payloadlen, + payload, payloadlen, plain_hdpkt, hdpktlen, + hd.pkt_num, ckm, decrypt); + if (nwrite < 0) { + if (ngtcp2_err_is_fatal((int)nwrite)) { + return nwrite; + } + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, + "could not decrypt packet payload"); + return NGTCP2_ERR_DISCARD_PKT; + } + + if (invalid_reserved_bits) { + return NGTCP2_ERR_PROTO; + } + + payload = conn->crypto.decrypt_buf.base; + payloadlen = (size_t)nwrite; + + switch (hd.type) { + case NGTCP2_PKT_INITIAL: + if (!conn->server || ((conn->flags & NGTCP2_CONN_FLAG_CONN_ID_NEGOTIATED) && + !ngtcp2_cid_eq(&conn->rcid, &hd.dcid))) { + rv = conn_verify_dcid(conn, &hd); + if (rv != 0) { + if (ngtcp2_err_is_fatal(rv)) { + return rv; + } + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, + "packet was ignored because of mismatched DCID"); + return NGTCP2_ERR_DISCARD_PKT; + } + } + break; + case NGTCP2_PKT_HANDSHAKE: + rv = conn_verify_dcid(conn, &hd); + if (rv != 0) { + if (ngtcp2_err_is_fatal(rv)) { + return rv; + } + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, + "packet was ignored because of mismatched DCID"); + return NGTCP2_ERR_DISCARD_PKT; + } + break; + default: + assert(0); + } + + if (payloadlen == 0) { + /* QUIC packet must contain at least one frame */ + return NGTCP2_ERR_DISCARD_PKT; + } + + if (hd.type == NGTCP2_PKT_INITIAL && + !(conn->flags & NGTCP2_CONN_FLAG_CONN_ID_NEGOTIATED)) { + conn->flags |= NGTCP2_CONN_FLAG_CONN_ID_NEGOTIATED; + if (conn->server) { + conn->rcid = hd.dcid; + } else { + conn->dcid.current.cid = hd.scid; + } + conn->odcid = hd.scid; + } + + for (; payloadlen;) { + nread = ngtcp2_pkt_decode_frame(fr, payload, payloadlen); + if (nread < 0) { + return (int)nread; + } + + payload += nread; + payloadlen -= (size_t)nread; + + if (fr->type == NGTCP2_FRAME_ACK) { + fr->ack.ack_delay = 0; + fr->ack.ack_delay_unscaled = 0; + } + + ngtcp2_log_rx_fr(&conn->log, &hd, fr); + + switch (fr->type) { + case NGTCP2_FRAME_ACK: + case NGTCP2_FRAME_ACK_ECN: + rv = conn_recv_ack(conn, pktns, &fr->ack, ts); + if (rv != 0) { + return rv; + } + break; + case NGTCP2_FRAME_PADDING: + break; + case NGTCP2_FRAME_CRYPTO: + rv = conn_recv_crypto(conn, crypto_level, crypto, &fr->crypto); + if (rv != 0) { + return rv; + } + require_ack = 1; + break; + case NGTCP2_FRAME_CONNECTION_CLOSE: + conn_recv_connection_close(conn); + break; + case NGTCP2_FRAME_CONNECTION_CLOSE_APP: + if (fr->type != NGTCP2_PKT_HANDSHAKE) { + return NGTCP2_ERR_PROTO; + } + conn_recv_connection_close(conn); + break; + default: + return NGTCP2_ERR_PROTO; + } + } + + if (conn->server) { + switch (hd.type) { + case NGTCP2_PKT_INITIAL: + if (ngtcp2_rob_first_gap_offset(&crypto->rx.rob) == 0) { + return NGTCP2_ERR_PROTO; + } + break; + case NGTCP2_PKT_HANDSHAKE: + if (conn->server && hd.type == NGTCP2_PKT_HANDSHAKE) { + /* Successful processing of Handshake packet from client verifies + source address. */ + conn->flags |= NGTCP2_CONN_FLAG_SADDR_VERIFIED; + } + break; + } + } + + rv = pktns_commit_recv_pkt_num(pktns, hd.pkt_num); + if (rv != 0) { + return rv; + } + + if (require_ack && ++pktns->acktr.rx_npkt >= NGTCP2_NUM_IMMEDIATE_ACK_PKT) { + ngtcp2_acktr_immediate_ack(&pktns->acktr); + } + + rv = ngtcp2_conn_sched_ack(conn, &pktns->acktr, hd.pkt_num, require_ack, ts); + if (rv != 0) { + return rv; + } + + return conn->state == NGTCP2_CS_DRAINING ? NGTCP2_ERR_DRAINING + : (ssize_t)pktlen; +} + +/* + * conn_recv_handshake_cpkt processes compound packet during + * handshake. The buffer pointed by |pkt| might contain multiple + * packets. The Short packet must be the last one because it does not + * have payload length field. + * + * This function returns the same error code returned by + * conn_recv_handshake_pkt. + */ +static int conn_recv_handshake_cpkt(ngtcp2_conn *conn, const ngtcp2_path *path, + const uint8_t *pkt, size_t pktlen, + ngtcp2_tstamp ts) { + ssize_t nread; + size_t origlen = pktlen; + + while (pktlen) { + nread = conn_recv_handshake_pkt(conn, path, pkt, pktlen, ts); + if (nread < 0) { + if (ngtcp2_err_is_fatal((int)nread)) { + return (int)nread; + } + if (nread == NGTCP2_ERR_DISCARD_PKT) { + goto fin; + } + if (nread != NGTCP2_ERR_CRYPTO && (pkt[0] & NGTCP2_HEADER_FORM_BIT) && + ngtcp2_pkt_get_type_long(pkt[0]) == NGTCP2_PKT_INITIAL) { + goto fin; + } + return (int)nread; + } + + assert(pktlen >= (size_t)nread); + pkt += nread; + pktlen -= (size_t)nread; + + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, + "read packet %zd left %zu", nread, pktlen); + } + + conn->hs_recved += origlen; + +fin: + switch (conn->state) { + case NGTCP2_CS_CLOSING: + return NGTCP2_ERR_CLOSING; + case NGTCP2_CS_DRAINING: + return NGTCP2_ERR_DRAINING; + } + + return 0; +} + +int ngtcp2_conn_init_stream(ngtcp2_conn *conn, ngtcp2_strm *strm, + int64_t stream_id, void *stream_user_data) { + int rv; + uint64_t max_rx_offset; + uint64_t max_tx_offset; + int local_stream = conn_local_stream(conn, stream_id); + + if (bidi_stream(stream_id)) { + if (local_stream) { + max_rx_offset = conn->local.settings.max_stream_data_bidi_local; + max_tx_offset = conn->remote.settings.max_stream_data_bidi_remote; + } else { + max_rx_offset = conn->local.settings.max_stream_data_bidi_remote; + max_tx_offset = conn->remote.settings.max_stream_data_bidi_local; + } + } else if (local_stream) { + max_rx_offset = 0; + max_tx_offset = conn->remote.settings.max_stream_data_uni; + } else { + max_rx_offset = conn->local.settings.max_stream_data_uni; + max_tx_offset = 0; + } + + rv = ngtcp2_strm_init(strm, stream_id, NGTCP2_STRM_FLAG_NONE, max_rx_offset, + max_tx_offset, stream_user_data, conn->mem); + if (rv != 0) { + return rv; + } + + rv = ngtcp2_map_insert(&conn->strms, &strm->me); + if (rv != 0) { + assert(rv != NGTCP2_ERR_INVALID_ARGUMENT); + goto fail; + } + + if (!conn_local_stream(conn, stream_id)) { + rv = conn_call_stream_open(conn, strm); + if (rv != 0) { + goto fail; + } + } + + return 0; + +fail: + ngtcp2_strm_free(strm); + return rv; +} + +/* + * conn_emit_pending_stream_data passes buffered ordered stream data + * to the application. |rx_offset| is the first offset to deliver to + * the application. This function assumes that the data up to + * |rx_offset| has been delivered already. This function only passes + * the ordered data without any gap. If there is a gap, it stops + * providing the data to the application, and returns. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_CALLBACK_FAILURE + * User callback failed. + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +static int conn_emit_pending_stream_data(ngtcp2_conn *conn, ngtcp2_strm *strm, + uint64_t rx_offset) { + size_t datalen; + const uint8_t *data; + int rv; + uint64_t offset; + + for (;;) { + /* Stop calling callback if application has called + ngtcp2_conn_shutdown_stream_read() inside the callback. + Because it doubly counts connection window. */ + if (strm->flags & (NGTCP2_STRM_FLAG_STOP_SENDING)) { + return 0; + } + + datalen = ngtcp2_rob_data_at(&strm->rx.rob, &data, rx_offset); + if (datalen == 0) { + assert(rx_offset == ngtcp2_strm_rx_offset(strm)); + return 0; + } + + offset = rx_offset; + rx_offset += datalen; + + rv = conn_call_recv_stream_data(conn, strm, + (strm->flags & NGTCP2_STRM_FLAG_SHUT_RD) && + rx_offset == strm->rx.last_offset, + offset, data, datalen); + if (rv != 0) { + return rv; + } + + ngtcp2_rob_pop(&strm->rx.rob, rx_offset - datalen, datalen); + } +} + +/* + * conn_recv_crypto is called when CRYPTO frame |fr| is received. + * |rx_offset_base| is the offset in the entire TLS handshake stream. + * fr->offset specifies the offset in each encryption level. + * |max_rx_offset| is, if it is nonzero, the maximum offset in the + * entire TLS handshake stream that |fr| can carry. |crypto_level| is + * the encryption level where this data is received. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_PROTO + * CRYPTO frame has invalid offset. + * NGTCP2_ERR_NOMEM + * Out of memory. + * NGTCP2_ERR_CRYPTO + * TLS stack reported error. + * NGTCP2_ERR_CALLBACK_FAILURE + * User-defined callback function failed. + */ +static int conn_recv_crypto(ngtcp2_conn *conn, ngtcp2_crypto_level crypto_level, + ngtcp2_strm *crypto, const ngtcp2_crypto *fr) { + uint64_t fr_end_offset; + uint64_t rx_offset; + int rv; + + if (fr->datacnt == 0) { + return 0; + } + + fr_end_offset = fr->offset + fr->data[0].len; + + if (NGTCP2_MAX_VARINT < fr_end_offset) { + return NGTCP2_ERR_PROTO; + } + + rx_offset = ngtcp2_strm_rx_offset(crypto); + + if (fr_end_offset <= rx_offset) { + return 0; + } + + crypto->rx.last_offset = ngtcp2_max(crypto->rx.last_offset, fr_end_offset); + + /* TODO Before dispatching incoming data to TLS stack, make sure + that previous data in previous encryption level has been + completely sent to TLS stack. Usually, if data is left, it is an + error because key is generated after consuming all data in the + previous encryption level. */ + if (fr->offset <= rx_offset) { + size_t ncut = rx_offset - fr->offset; + const uint8_t *data = fr->data[0].base + ncut; + size_t datalen = fr->data[0].len - ncut; + uint64_t offset = rx_offset; + + rx_offset += datalen; + rv = ngtcp2_rob_remove_prefix(&crypto->rx.rob, rx_offset); + if (rv != 0) { + return rv; + } + + rv = conn_call_recv_crypto_data(conn, crypto_level, offset, data, datalen); + if (rv != 0) { + return rv; + } + + rv = conn_emit_pending_crypto_data(conn, crypto_level, crypto, rx_offset); + if (rv != 0) { + return rv; + } + } else if (fr_end_offset - rx_offset > NGTCP2_MAX_REORDERED_CRYPTO_DATA) { + return NGTCP2_ERR_CRYPTO_BUFFER_EXCEEDED; + } else { + rv = ngtcp2_strm_recv_reordering(crypto, fr->data[0].base, fr->data[0].len, + fr->offset); + if (rv != 0) { + return rv; + } + } + + return 0; +} + +/* + * conn_max_data_violated returns nonzero if receiving |datalen| + * violates connection flow control on local endpoint. + */ +static int conn_max_data_violated(ngtcp2_conn *conn, size_t datalen) { + return conn->rx.max_offset - conn->rx.offset < datalen; +} + +/* + * conn_recv_stream is called when STREAM frame |fr| is received. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_STREAM_STATE + * STREAM frame is received for a local stream which is not + * initiated; or STREAM frame is received for a local + * unidirectional stream + * NGTCP2_ERR_STREAM_LIMIT + * STREAM frame has remote stream ID which is strictly greater + * than the allowed limit. + * NGTCP2_ERR_NOMEM + * Out of memory. + * NGTCP2_ERR_CALLBACK_FAILURE + * User-defined callback function failed. + * NGTCP2_ERR_FLOW_CONTROL + * Flow control limit is violated; or the end offset of stream + * data is beyond the NGTCP2_MAX_VARINT. + * NGTCP2_ERR_FINAL_SIZE + * STREAM frame has strictly larger end offset than it is + * permitted. + */ +static int conn_recv_stream(ngtcp2_conn *conn, const ngtcp2_stream *fr) { + int rv; + ngtcp2_strm *strm; + ngtcp2_idtr *idtr; + uint64_t rx_offset, fr_end_offset; + int local_stream; + int bidi; + size_t datalen = ngtcp2_vec_len(fr->data, fr->datacnt); + + local_stream = conn_local_stream(conn, fr->stream_id); + bidi = bidi_stream(fr->stream_id); + + if (bidi) { + if (local_stream) { + if (conn->local.bidi.next_stream_id <= fr->stream_id) { + return NGTCP2_ERR_STREAM_STATE; + } + } else if (conn->remote.bidi.max_streams < + ngtcp2_ord_stream_id(fr->stream_id)) { + return NGTCP2_ERR_STREAM_LIMIT; + } + + idtr = &conn->remote.bidi.idtr; + } else { + if (local_stream) { + return NGTCP2_ERR_STREAM_STATE; + } + if (conn->remote.uni.max_streams < ngtcp2_ord_stream_id(fr->stream_id)) { + return NGTCP2_ERR_STREAM_LIMIT; + } + + idtr = &conn->remote.uni.idtr; + } + + if (NGTCP2_MAX_VARINT - datalen < fr->offset) { + return NGTCP2_ERR_FLOW_CONTROL; + } + + strm = ngtcp2_conn_find_stream(conn, fr->stream_id); + if (strm == NULL) { + if (local_stream) { + /* TODO The stream has been closed. This should be responded + with RESET_STREAM, or simply ignored. */ + return 0; + } + + rv = ngtcp2_idtr_open(idtr, fr->stream_id); + if (rv != 0) { + if (ngtcp2_err_is_fatal(rv)) { + return rv; + } + assert(rv == NGTCP2_ERR_STREAM_IN_USE); + /* TODO The stream has been closed. This should be responded + with RESET_STREAM, or simply ignored. */ + return 0; + } + + strm = ngtcp2_mem_malloc(conn->mem, sizeof(ngtcp2_strm)); + if (strm == NULL) { + return NGTCP2_ERR_NOMEM; + } + /* TODO Perhaps, call new_stream callback? */ + rv = ngtcp2_conn_init_stream(conn, strm, fr->stream_id, NULL); + if (rv != 0) { + ngtcp2_mem_free(conn->mem, strm); + return rv; + } + if (!bidi) { + ngtcp2_strm_shutdown(strm, NGTCP2_STRM_FLAG_SHUT_WR); + } + } + + fr_end_offset = fr->offset + datalen; + + if (strm->rx.max_offset < fr_end_offset) { + return NGTCP2_ERR_FLOW_CONTROL; + } + + if (strm->rx.last_offset < fr_end_offset) { + size_t len = fr_end_offset - strm->rx.last_offset; + + if (conn_max_data_violated(conn, len)) { + return NGTCP2_ERR_FLOW_CONTROL; + } + + conn->rx.offset += len; + + if (strm->flags & NGTCP2_STRM_FLAG_STOP_SENDING) { + ngtcp2_conn_extend_max_offset(conn, len); + } + } + + rx_offset = ngtcp2_strm_rx_offset(strm); + + if (fr->fin) { + if (strm->flags & NGTCP2_STRM_FLAG_SHUT_RD) { + if (strm->rx.last_offset != fr_end_offset) { + return NGTCP2_ERR_FINAL_SIZE; + } + + if (strm->flags & + (NGTCP2_STRM_FLAG_STOP_SENDING | NGTCP2_STRM_FLAG_RECV_RST)) { + return 0; + } + + if (rx_offset == fr_end_offset) { + return 0; + } + } else if (strm->rx.last_offset > fr_end_offset) { + return NGTCP2_ERR_FINAL_SIZE; + } else { + strm->rx.last_offset = fr_end_offset; + + ngtcp2_strm_shutdown(strm, NGTCP2_STRM_FLAG_SHUT_RD); + + if (strm->flags & NGTCP2_STRM_FLAG_STOP_SENDING) { + return ngtcp2_conn_close_stream_if_shut_rdwr(conn, strm, + strm->app_error_code); + } + + if (fr_end_offset == rx_offset) { + rv = conn_call_recv_stream_data(conn, strm, 1, rx_offset, NULL, 0); + if (rv != 0) { + return rv; + } + return ngtcp2_conn_close_stream_if_shut_rdwr(conn, strm, + NGTCP2_NO_ERROR); + } + } + } else { + if ((strm->flags & NGTCP2_STRM_FLAG_SHUT_RD) && + strm->rx.last_offset < fr_end_offset) { + return NGTCP2_ERR_FINAL_SIZE; + } + + strm->rx.last_offset = ngtcp2_max(strm->rx.last_offset, fr_end_offset); + + if (fr_end_offset <= rx_offset) { + return 0; + } + + if (strm->flags & + (NGTCP2_STRM_FLAG_STOP_SENDING | NGTCP2_STRM_FLAG_RECV_RST)) { + return 0; + } + } + + if (fr->offset <= rx_offset) { + size_t ncut = rx_offset - fr->offset; + uint64_t offset = rx_offset; + const uint8_t *data; + int fin; + + if (fr->datacnt) { + data = fr->data[0].base + ncut; + datalen -= ncut; + + rx_offset += datalen; + rv = ngtcp2_rob_remove_prefix(&strm->rx.rob, rx_offset); + if (rv != 0) { + return rv; + } + } else { + data = NULL; + datalen = 0; + } + + fin = (strm->flags & NGTCP2_STRM_FLAG_SHUT_RD) && + rx_offset == strm->rx.last_offset; + + if (fin || datalen) { + rv = conn_call_recv_stream_data(conn, strm, fin, offset, data, datalen); + if (rv != 0) { + return rv; + } + + rv = conn_emit_pending_stream_data(conn, strm, rx_offset); + if (rv != 0) { + return rv; + } + } + } else if (fr->datacnt) { + rv = ngtcp2_strm_recv_reordering(strm, fr->data[0].base, fr->data[0].len, + fr->offset); + if (rv != 0) { + return rv; + } + } + return ngtcp2_conn_close_stream_if_shut_rdwr(conn, strm, NGTCP2_NO_ERROR); +} + +/* + * conn_reset_stream adds RESET_STREAM frame to the transmission + * queue. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +static int conn_reset_stream(ngtcp2_conn *conn, ngtcp2_strm *strm, + uint64_t app_error_code) { + int rv; + ngtcp2_frame_chain *frc; + ngtcp2_pktns *pktns = &conn->pktns; + + rv = ngtcp2_frame_chain_new(&frc, conn->mem); + if (rv != 0) { + return rv; + } + + frc->fr.type = NGTCP2_FRAME_RESET_STREAM; + frc->fr.reset_stream.stream_id = strm->stream_id; + frc->fr.reset_stream.app_error_code = app_error_code; + frc->fr.reset_stream.final_size = strm->tx.offset; + + /* TODO This prepends RESET_STREAM to pktns->tx.frq. */ + frc->next = pktns->tx.frq; + pktns->tx.frq = frc; + + return 0; +} + +/* + * conn_stop_sending adds STOP_SENDING frame to the transmission + * queue. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +static int conn_stop_sending(ngtcp2_conn *conn, ngtcp2_strm *strm, + uint64_t app_error_code) { + int rv; + ngtcp2_frame_chain *frc; + ngtcp2_pktns *pktns = &conn->pktns; + + rv = ngtcp2_frame_chain_new(&frc, conn->mem); + if (rv != 0) { + return rv; + } + + frc->fr.type = NGTCP2_FRAME_STOP_SENDING; + frc->fr.stop_sending.stream_id = strm->stream_id; + frc->fr.stop_sending.app_error_code = app_error_code; + + /* TODO This prepends STOP_SENDING to pktns->tx.frq. */ + frc->next = pktns->tx.frq; + pktns->tx.frq = frc; + + return 0; +} + +/* + * handle_max_remote_streams_extension extends + * |*punsent_max_remote_streams| if a condition allows it. + */ +static void +handle_max_remote_streams_extension(uint64_t *punsent_max_remote_streams) { + if (*punsent_max_remote_streams < NGTCP2_MAX_STREAMS) { + ++(*punsent_max_remote_streams); + } +} + +/* + * conn_recv_reset_stream is called when RESET_STREAM |fr| is + * received. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_STREAM_STATE + * RESET_STREAM frame is received to the local stream which is not + * initiated. + * NGTCP2_ERR_STREAM_LIMIT + * RESET_STREAM frame has remote stream ID which is strictly + * greater than the allowed limit. + * NGTCP2_ERR_PROTO + * RESET_STREAM frame is received to the local unidirectional + * stream + * NGTCP2_ERR_NOMEM + * Out of memory. + * NGTCP2_ERR_CALLBACK_FAILURE + * User-defined callback function failed. + * NGTCP2_ERR_FLOW_CONTROL + * Flow control limit is violated; or the final size is beyond the + * NGTCP2_MAX_VARINT. + * NGTCP2_ERR_FINAL_SIZE + * The final offset is strictly larger than it is permitted. + */ +static int conn_recv_reset_stream(ngtcp2_conn *conn, + const ngtcp2_reset_stream *fr) { + ngtcp2_strm *strm; + int local_stream = conn_local_stream(conn, fr->stream_id); + int bidi = bidi_stream(fr->stream_id); + uint64_t datalen; + ngtcp2_idtr *idtr; + int rv; + + /* TODO share this piece of code */ + if (bidi) { + if (local_stream) { + if (conn->local.bidi.next_stream_id <= fr->stream_id) { + return NGTCP2_ERR_STREAM_STATE; + } + } else if (conn->remote.bidi.max_streams < + ngtcp2_ord_stream_id(fr->stream_id)) { + return NGTCP2_ERR_STREAM_LIMIT; + } + + idtr = &conn->remote.bidi.idtr; + } else { + if (local_stream) { + return NGTCP2_ERR_PROTO; + } + if (conn->remote.uni.max_streams < ngtcp2_ord_stream_id(fr->stream_id)) { + return NGTCP2_ERR_STREAM_LIMIT; + } + + idtr = &conn->remote.uni.idtr; + } + + if (NGTCP2_MAX_VARINT < fr->final_size) { + return NGTCP2_ERR_FLOW_CONTROL; + } + + strm = ngtcp2_conn_find_stream(conn, fr->stream_id); + if (strm == NULL) { + if (local_stream) { + return 0; + } + + if (conn_initial_stream_rx_offset(conn, fr->stream_id) < fr->final_size || + conn_max_data_violated(conn, fr->final_size)) { + return NGTCP2_ERR_FLOW_CONTROL; + } + rv = ngtcp2_idtr_open(idtr, fr->stream_id); + if (rv != 0) { + if (ngtcp2_err_is_fatal(rv)) { + return rv; + } + assert(rv == NGTCP2_ERR_STREAM_IN_USE); + return 0; + } + + /* Stream is reset before we create ngtcp2_strm object. */ + conn->rx.offset += fr->final_size; + ngtcp2_conn_extend_max_offset(conn, fr->final_size); + + rv = conn_call_stream_reset(conn, fr->stream_id, fr->final_size, + fr->app_error_code, NULL); + if (rv != 0) { + return rv; + } + + /* There will be no activity in this stream because we got + RESET_STREAM and don't write stream data any further. This + effectively allows another new stream for peer. */ + if (bidi) { + handle_max_remote_streams_extension( + &conn->remote.bidi.unsent_max_streams); + } else { + handle_max_remote_streams_extension(&conn->remote.uni.unsent_max_streams); + } + + return 0; + } + + if ((strm->flags & NGTCP2_STRM_FLAG_SHUT_RD)) { + if (strm->rx.last_offset != fr->final_size) { + return NGTCP2_ERR_FINAL_SIZE; + } + } else if (strm->rx.last_offset > fr->final_size) { + return NGTCP2_ERR_FINAL_SIZE; + } + + datalen = fr->final_size - strm->rx.last_offset; + + if (strm->rx.max_offset < fr->final_size || + conn_max_data_violated(conn, datalen)) { + return NGTCP2_ERR_FLOW_CONTROL; + } + + if (!(strm->flags & NGTCP2_STRM_FLAG_RECV_RST)) { + rv = conn_call_stream_reset(conn, fr->stream_id, fr->final_size, + fr->app_error_code, strm->stream_user_data); + if (rv != 0) { + return rv; + } + + /* Extend connection flow control window for the amount of data + which are not passed to application. */ + if (!(strm->flags & NGTCP2_STRM_FLAG_STOP_SENDING)) { + ngtcp2_conn_extend_max_offset(conn, strm->rx.last_offset - + ngtcp2_strm_rx_offset(strm)); + } + } + + conn->rx.offset += datalen; + ngtcp2_conn_extend_max_offset(conn, datalen); + + strm->rx.last_offset = fr->final_size; + strm->flags |= NGTCP2_STRM_FLAG_SHUT_RD | NGTCP2_STRM_FLAG_RECV_RST; + + return ngtcp2_conn_close_stream_if_shut_rdwr(conn, strm, fr->app_error_code); +} + +/* + * conn_recv_stop_sending is called when STOP_SENDING |fr| is received. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_STREAM_STATE + * STOP_SENDING frame is received for a local stream which is not + * initiated; or STOP_SENDING frame is received for a local + * unidirectional stream. + * NGTCP2_ERR_STREAM_LIMIT + * STOP_SENDING frame has remote stream ID which is strictly + * greater than the allowed limit. + * NGTCP2_ERR_NOMEM + * Out of memory. + * NGTCP2_ERR_CALLBACK_FAILURE + * User-defined callback function failed. + */ +static int conn_recv_stop_sending(ngtcp2_conn *conn, + const ngtcp2_stop_sending *fr) { + int rv; + ngtcp2_strm *strm; + ngtcp2_idtr *idtr; + int local_stream = conn_local_stream(conn, fr->stream_id); + int bidi = bidi_stream(fr->stream_id); + + if (bidi) { + if (local_stream) { + if (conn->local.bidi.next_stream_id <= fr->stream_id) { + return NGTCP2_ERR_STREAM_STATE; + } + } else if (conn->remote.bidi.max_streams < + ngtcp2_ord_stream_id(fr->stream_id)) { + return NGTCP2_ERR_STREAM_LIMIT; + } + + idtr = &conn->remote.bidi.idtr; + } else { + if (!local_stream || conn->local.uni.next_stream_id <= fr->stream_id) { + return NGTCP2_ERR_STREAM_STATE; + } + + idtr = &conn->remote.uni.idtr; + } + + strm = ngtcp2_conn_find_stream(conn, fr->stream_id); + if (strm == NULL) { + if (local_stream) { + return 0; + } + rv = ngtcp2_idtr_open(idtr, fr->stream_id); + if (rv != 0) { + if (ngtcp2_err_is_fatal(rv)) { + return rv; + } + assert(rv == NGTCP2_ERR_STREAM_IN_USE); + return 0; + } + + /* Frame is received reset before we create ngtcp2_strm + object. */ + strm = ngtcp2_mem_malloc(conn->mem, sizeof(ngtcp2_strm)); + if (strm == NULL) { + return NGTCP2_ERR_NOMEM; + } + rv = ngtcp2_conn_init_stream(conn, strm, fr->stream_id, NULL); + if (rv != 0) { + ngtcp2_mem_free(conn->mem, strm); + return rv; + } + } + + /* No RESET_STREAM is required if we have sent FIN and all data have + been acknowledged. */ + if ((strm->flags & NGTCP2_STRM_FLAG_SHUT_WR) && + ngtcp2_strm_is_all_tx_data_acked(strm)) { + return 0; + } + + rv = conn_reset_stream(conn, strm, fr->app_error_code); + if (rv != 0) { + return rv; + } + + strm->flags |= NGTCP2_STRM_FLAG_SHUT_WR | NGTCP2_STRM_FLAG_SENT_RST; + + ngtcp2_strm_streamfrq_clear(strm); + + return ngtcp2_conn_close_stream_if_shut_rdwr(conn, strm, fr->app_error_code); +} + +/* + * conn_on_stateless_reset decodes Stateless Reset from the buffer + * pointed by |payload| whose length is |payloadlen|. |payload| + * should start after first byte of packet. + * + * If Stateless Reset is decoded, and the Stateless Reset Token is + * validated, the connection is closed. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_INVALID_ARGUMENT + * Could not decode Stateless Reset; or Stateless Reset Token does + * not match; or No stateless reset token is available. + * NGTCP2_ERR_CALLBACK_FAILURE + * User callback failed. + */ +static int conn_on_stateless_reset(ngtcp2_conn *conn, const uint8_t *payload, + size_t payloadlen) { + int rv = 1; + ngtcp2_pkt_stateless_reset sr; + + rv = ngtcp2_pkt_decode_stateless_reset(&sr, payload, payloadlen); + if (rv != 0) { + return rv; + } + + if (ngtcp2_verify_stateless_retry_token(conn->dcid.current.token, + sr.stateless_reset_token) != 0 && + (!conn->pv || !(conn->pv->flags & NGTCP2_PV_FLAG_FALLBACK_ON_FAILURE) || + ngtcp2_verify_stateless_retry_token(conn->pv->fallback_dcid.token, + sr.stateless_reset_token) != 0)) { + return NGTCP2_ERR_INVALID_ARGUMENT; + } + + conn->state = NGTCP2_CS_DRAINING; + + ngtcp2_log_rx_sr(&conn->log, &sr); + + if (!conn->callbacks.recv_stateless_reset) { + return 0; + } + + rv = conn->callbacks.recv_stateless_reset(conn, &sr, conn->user_data); + if (rv != 0) { + return NGTCP2_ERR_CALLBACK_FAILURE; + } + + return 0; +} + +/* + * conn_recv_delayed_handshake_pkt processes the received Handshake + * packet which is received after handshake completed. This function + * does the minimal job, and its purpose is send acknowledgement of + * this packet to the peer. We assume that hd->type is one of + * Initial, or Handshake. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_CALLBACK_FAILURE + * User callback failed. + * NGTCP2_ERR_FRAME_ENCODING + * Frame is badly formatted; or frame type is unknown. + * NGTCP2_ERR_NOMEM + * Out of memory + * NGTCP2_ERR_DISCARD_PKT + * Packet was discarded. + * NGTCP2_ERR_ACK_FRAME + * ACK frame is malformed. + * NGTCP2_ERR_PROTO + * APPLICATION_CLOSE frame is included in Initial packet. + */ +static int conn_recv_delayed_handshake_pkt(ngtcp2_conn *conn, + const ngtcp2_pkt_hd *hd, + const uint8_t *payload, + size_t payloadlen, + ngtcp2_tstamp ts) { + ssize_t nread; + ngtcp2_max_frame mfr; + ngtcp2_frame *fr = &mfr.fr; + int rv; + int require_ack = 0; + ngtcp2_pktns *pktns; + + switch (hd->type) { + case NGTCP2_PKT_HANDSHAKE: + pktns = &conn->hs_pktns; + break; + default: + assert(0); + } + + if (payloadlen == 0) { + /* QUIC packet must contain at least one frame */ + return NGTCP2_ERR_DISCARD_PKT; + } + + for (; payloadlen;) { + nread = ngtcp2_pkt_decode_frame(fr, payload, payloadlen); + if (nread < 0) { + return (int)nread; + } + + payload += nread; + payloadlen -= (size_t)nread; + + if (fr->type == NGTCP2_FRAME_ACK) { + fr->ack.ack_delay = 0; + fr->ack.ack_delay_unscaled = 0; + } + + ngtcp2_log_rx_fr(&conn->log, hd, fr); + + switch (fr->type) { + case NGTCP2_FRAME_ACK: + case NGTCP2_FRAME_ACK_ECN: + rv = conn_recv_ack(conn, pktns, &fr->ack, ts); + if (rv != 0) { + return rv; + } + break; + case NGTCP2_FRAME_PADDING: + break; + case NGTCP2_FRAME_CONNECTION_CLOSE: + case NGTCP2_FRAME_CONNECTION_CLOSE_APP: + if (hd->type != NGTCP2_PKT_HANDSHAKE) { + break; + } + conn_recv_connection_close(conn); + break; + case NGTCP2_FRAME_CRYPTO: + require_ack = 1; + break; + default: + return NGTCP2_ERR_PROTO; + } + } + + rv = pktns_commit_recv_pkt_num(pktns, hd->pkt_num); + if (rv != 0) { + return rv; + } + + if (require_ack && ++pktns->acktr.rx_npkt >= NGTCP2_NUM_IMMEDIATE_ACK_PKT) { + ngtcp2_acktr_immediate_ack(&pktns->acktr); + } + + return ngtcp2_conn_sched_ack(conn, &pktns->acktr, hd->pkt_num, require_ack, + ts); +} + +/* + * conn_recv_max_streams processes the incoming MAX_STREAMS frame + * |fr|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_CALLBACK_FAILURE + * User callback failed. + */ +static int conn_recv_max_streams(ngtcp2_conn *conn, + const ngtcp2_max_streams *fr) { + uint64_t n; + + if (fr->max_streams > NGTCP2_MAX_STREAMS) { + return NGTCP2_ERR_STREAM_LIMIT; + } + + n = ngtcp2_min(fr->max_streams, NGTCP2_MAX_STREAMS); + + if (fr->type == NGTCP2_FRAME_MAX_STREAMS_BIDI) { + if (conn->local.bidi.max_streams < n) { + conn->local.bidi.max_streams = n; + return conn_call_extend_max_local_streams_bidi(conn, n); + } + return 0; + } + + if (conn->local.uni.max_streams < n) { + conn->local.uni.max_streams = n; + return conn_call_extend_max_local_streams_uni(conn, n); + } + return 0; +} + +static int conn_retire_dcid_prior_to(ngtcp2_conn *conn, ngtcp2_ringbuf *rb, + uint64_t retire_prior_to, + ngtcp2_tstamp ts) { + size_t i; + ngtcp2_dcid *dcid, *last; + int rv; + + for (i = 0; i < ngtcp2_ringbuf_len(rb);) { + dcid = ngtcp2_ringbuf_get(rb, i); + if (dcid->seq >= retire_prior_to) { + ++i; + continue; + } + + rv = conn_retire_dcid(conn, dcid, ts); + if (rv != 0) { + return rv; + } + if (i == 0) { + ngtcp2_ringbuf_pop_front(rb); + } else if (i == ngtcp2_ringbuf_len(rb) - 1) { + ngtcp2_ringbuf_pop_back(rb); + break; + } else { + last = ngtcp2_ringbuf_get(rb, ngtcp2_ringbuf_len(rb) - 1); + ngtcp2_dcid_copy(dcid, last); + ngtcp2_ringbuf_pop_back(rb); + } + } + + return 0; +} + +/* + * conn_recv_new_connection_id processes the incoming + * NEW_CONNECTION_ID frame |fr|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_PROTO + * |fr| has the duplicated sequence number with different CID or + * token; or DCID is zero-length. + */ +static int conn_recv_new_connection_id(ngtcp2_conn *conn, + const ngtcp2_new_connection_id *fr, + ngtcp2_tstamp ts) { + size_t i, len, max; + ngtcp2_dcid *dcid; + ngtcp2_pv *pv = conn->pv; + int rv; + + if (conn->dcid.current.cid.datalen == 0 || fr->retire_prior_to > fr->seq) { + return NGTCP2_ERR_PROTO; + } + + rv = ngtcp2_dcid_verify_uniqueness(&conn->dcid.current, fr->seq, &fr->cid, + fr->stateless_reset_token); + if (rv != 0) { + return rv; + } + if (ngtcp2_cid_eq(&conn->dcid.current.cid, &fr->cid)) { + return 0; + } + + if (pv) { + rv = ngtcp2_dcid_verify_uniqueness(&pv->dcid, fr->seq, &fr->cid, + fr->stateless_reset_token); + if (rv != 0) { + return rv; + } + if (ngtcp2_cid_eq(&pv->dcid.cid, &fr->cid)) { + return 0; + } + } + + len = ngtcp2_ringbuf_len(&conn->dcid.unused); + + for (i = 0; i < len; ++i) { + dcid = ngtcp2_ringbuf_get(&conn->dcid.unused, i); + rv = ngtcp2_dcid_verify_uniqueness(dcid, fr->seq, &fr->cid, + fr->stateless_reset_token); + if (rv != 0) { + return NGTCP2_ERR_PROTO; + } + if (ngtcp2_cid_eq(&dcid->cid, &fr->cid)) { + return 0; + } + } + + rv = conn_retire_dcid_prior_to(conn, &conn->dcid.unused, fr->retire_prior_to, + ts); + if (rv != 0) { + return rv; + } + + max = ngtcp2_min(conn->local.settings.active_connection_id_limit, + NGTCP2_MAX_DCID_POOL_SIZE); + if (len >= max) { + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_CON, "too many connection ID"); + /* If active_connection_id_limit is 0, and no unused DCID is + present, we are going to keep current DCID even if it is under + retire_prior_to. This is violation of peer because we + advertised active_connection_id_limit = 0. */ + return 0; + } + + dcid = ngtcp2_ringbuf_push_back(&conn->dcid.unused); + ngtcp2_dcid_init(dcid, fr->seq, &fr->cid, fr->stateless_reset_token); + + if (conn->dcid.current.seq < fr->retire_prior_to) { + rv = conn_retire_dcid(conn, &conn->dcid.current, ts); + if (rv != 0) { + return rv; + } + + dcid = ngtcp2_ringbuf_get(&conn->dcid.unused, 0); + ngtcp2_dcid_copy(&conn->dcid.current, dcid); + ngtcp2_ringbuf_pop_front(&conn->dcid.unused); + } + + return 0; +} + +/* + * conn_recv_retire_connection_id processes the incoming + * RETIRE_CONNECTION_ID frame |fr|. |hd| is a packet header which + * |fr| is included. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + * NGTCP2_ERR_PROTO + * SCID is zero-length. + */ +static int conn_recv_retire_connection_id(ngtcp2_conn *conn, + const ngtcp2_pkt_hd *hd, + const ngtcp2_retire_connection_id *fr, + ngtcp2_tstamp ts) { + ngtcp2_ksl_it it; + ngtcp2_scid *scid; + + if (conn->oscid.datalen == 0) { + return NGTCP2_ERR_PROTO; + } + + for (it = ngtcp2_ksl_begin(&conn->scid.set); !ngtcp2_ksl_it_end(&it); + ngtcp2_ksl_it_next(&it)) { + scid = ngtcp2_ksl_it_get(&it); + if (scid->seq == fr->seq) { + if (ngtcp2_cid_eq(&scid->cid, &hd->dcid)) { + return NGTCP2_ERR_PROTO; + } + + if (!(scid->flags & NGTCP2_SCID_FLAG_RETIRED)) { + scid->flags |= NGTCP2_SCID_FLAG_RETIRED; + ++conn->scid.num_retired; + if (scid->flags & NGTCP2_SCID_FLAG_INITIAL_CID) { + --conn->scid.num_initial_id; + } + } + + if (scid->pe.index != NGTCP2_PQ_BAD_INDEX) { + ngtcp2_pq_remove(&conn->scid.used, &scid->pe); + scid->pe.index = NGTCP2_PQ_BAD_INDEX; + } + + scid->ts_retired = ts; + + return ngtcp2_pq_push(&conn->scid.used, &scid->pe); + } + } + + return 0; +} + +/* + * conn_key_phase_changed returns nonzero if |hd| indicates that the + * key phase has unexpected value. + */ +static int conn_key_phase_changed(ngtcp2_conn *conn, const ngtcp2_pkt_hd *hd) { + ngtcp2_pktns *pktns = &conn->pktns; + + return !(pktns->crypto.rx.ckm->flags & NGTCP2_CRYPTO_KM_FLAG_KEY_PHASE_ONE) ^ + !(hd->flags & NGTCP2_PKT_FLAG_KEY_PHASE); +} + +/* + * conn_prepare_key_update installs new updated keys. + */ +static int conn_prepare_key_update(ngtcp2_conn *conn) { + int rv; + + if (conn->crypto.key_update.new_rx_ckm || + conn->crypto.key_update.new_tx_ckm) { + assert(conn->crypto.key_update.new_rx_ckm); + assert(conn->crypto.key_update.new_tx_ckm); + return 0; + } + + assert(conn->callbacks.update_key); + + /* application is supposed to call ngtcp2_conn_update_tx_key and + * ngtcp2_conn_update_rx_key during execution of callback. + */ + rv = conn->callbacks.update_key(conn, conn->user_data); + if (rv != 0) { + return NGTCP2_ERR_CALLBACK_FAILURE; + } + + assert(conn->crypto.key_update.new_rx_ckm); + assert(conn->crypto.key_update.new_tx_ckm); + + return 0; +} + +/* + * conn_commit_key_update rotates keys. The current key moves to old + * key, and new key moves to the current key. + */ +static void conn_commit_key_update(ngtcp2_conn *conn, int64_t pkt_num) { + ngtcp2_pktns *pktns = &conn->pktns; + + assert(conn->crypto.key_update.new_rx_ckm); + assert(conn->crypto.key_update.new_tx_ckm); + + ngtcp2_crypto_km_del(conn->crypto.key_update.old_rx_ckm, conn->mem); + conn->crypto.key_update.old_rx_ckm = pktns->crypto.rx.ckm; + + pktns->crypto.rx.ckm = conn->crypto.key_update.new_rx_ckm; + conn->crypto.key_update.new_rx_ckm = NULL; + pktns->crypto.rx.ckm->pkt_num = pkt_num; + + ngtcp2_crypto_km_del(pktns->crypto.tx.ckm, conn->mem); + pktns->crypto.tx.ckm = conn->crypto.key_update.new_tx_ckm; + conn->crypto.key_update.new_tx_ckm = NULL; + pktns->crypto.tx.ckm->pkt_num = pktns->tx.last_pkt_num + 1; +} + +/* + * conn_path_validation_in_progress returns nonzero if path validation + * against |path| is underway. + */ +static int conn_path_validation_in_progress(ngtcp2_conn *conn, + const ngtcp2_path *path) { + ngtcp2_pv *pv = conn->pv; + + return pv && !(pv->flags & NGTCP2_PV_FLAG_DONT_CARE) && + ngtcp2_path_eq(&pv->dcid.ps.path, path); +} + +/* + * conn_reset_congestion_state resets congestion state. + */ +static void conn_reset_congestion_state(ngtcp2_conn *conn) { + uint64_t bytes_in_flight; + + bw_reset(&conn->rx.bw); + rcvry_stat_reset(&conn->rcs); + /* Keep bytes_in_flight because we have to take care of packets + in flight. */ + bytes_in_flight = conn->ccs.bytes_in_flight; + cc_stat_reset(&conn->ccs); + conn->ccs.bytes_in_flight = bytes_in_flight; +} + +/* + * conn_recv_non_probing_pkt_on_new_path is called when non-probing + * packet is received via new path. It starts path validation against + * the new path. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_CONN_ID_BLOCKED + * No DCID is available + * NGTCP2_ERR_NOMEM + * Out of memory + */ +static int conn_recv_non_probing_pkt_on_new_path(ngtcp2_conn *conn, + const ngtcp2_path *path, + ngtcp2_tstamp ts) { + + ngtcp2_dcid *dcid; + ngtcp2_pv *pv; + int rv; + ngtcp2_duration timeout; + + assert(conn->server); + + if (conn->pv && (conn->pv->flags & NGTCP2_PV_FLAG_FALLBACK_ON_FAILURE) && + ngtcp2_path_eq(&conn->pv->fallback_dcid.ps.path, path)) { + /* If new path equals fallback path, that means connection + migrated back to the original path. Fallback path is + considered to be validated. */ + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PTV, + "path is migrated back to the original path"); + ngtcp2_dcid_copy(&conn->dcid.current, &conn->pv->fallback_dcid); + rv = conn_stop_pv(conn, ts); + if (rv != 0) { + return rv; + } + return 0; + } + + if (ngtcp2_ringbuf_len(&conn->dcid.unused) == 0) { + return NGTCP2_ERR_CONN_ID_BLOCKED; + } + + dcid = ngtcp2_ringbuf_get(&conn->dcid.unused, 0); + + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_CON, + "non-probing packet was received from new remote address"); + + conn_reset_congestion_state(conn); + + timeout = conn_compute_pto(conn); + timeout = + ngtcp2_max(timeout, (ngtcp2_duration)(6ULL * NGTCP2_DEFAULT_INITIAL_RTT)); + + rv = ngtcp2_pv_new(&pv, dcid, timeout, + NGTCP2_PV_FLAG_FALLBACK_ON_FAILURE | + NGTCP2_PV_FLAG_RETIRE_DCID_ON_FINISH, + &conn->log, conn->mem); + if (rv != 0) { + return rv; + } + + ngtcp2_path_copy(&pv->dcid.ps.path, path); + if (conn->pv && (conn->pv->flags & NGTCP2_PV_FLAG_FALLBACK_ON_FAILURE)) { + ngtcp2_dcid_copy(&pv->fallback_dcid, &conn->pv->fallback_dcid); + } else { + ngtcp2_dcid_copy(&pv->fallback_dcid, &conn->dcid.current); + } + ngtcp2_dcid_copy(&conn->dcid.current, &pv->dcid); + + if (conn->pv) { + ngtcp2_log_info( + &conn->log, NGTCP2_LOG_EVENT_PTV, + "path migration is aborted because new migration has started"); + rv = conn_stop_pv(conn, ts); + if (rv != 0) { + ngtcp2_pv_del(pv); + return rv; + } + } + + conn->pv = pv; + + ngtcp2_ringbuf_pop_front(&conn->dcid.unused); + + return 0; +} + +/* + * conn_recv_pkt processes a packet contained in the buffer pointed by + * |pkt| of length |pktlen|. |pkt| may contain multiple QUIC packets. + * This function only processes the first packet. + * + * This function returns the number of bytes processed if it succeeds, + * or one of the following negative error codes: + * + * NGTCP2_ERR_DISCARD_PKT + * Packet was discarded because plain text header was malformed; + * or its payload could not be decrypted. + * NGTCP2_ERR_PROTO + * Packet is badly formatted; or 0RTT packet contains other than + * PADDING or STREAM frames; or other QUIC protocol violation is + * found. + * NGTCP2_ERR_CALLBACK_FAILURE + * User-defined callback function failed. + * NGTCP2_ERR_NOMEM + * Out of memory. + * NGTCP2_ERR_FRAME_ENCODING + * Frame is badly formatted; or frame type is unknown. + * NGTCP2_ERR_ACK_FRAME + * ACK frame is malformed. + * NGTCP2_ERR_STREAM_STATE + * Frame is received to the local stream which is not initiated. + * NGTCP2_ERR_STREAM_LIMIT + * Frame has remote stream ID which is strictly greater than the + * allowed limit. + * NGTCP2_ERR_FLOW_CONTROL + * Flow control limit is violated. + * NGTCP2_ERR_FINAL_SIZE + * Frame has strictly larger end offset than it is permitted. + */ +static ssize_t conn_recv_pkt(ngtcp2_conn *conn, const ngtcp2_path *path, + const uint8_t *pkt, size_t pktlen, + ngtcp2_tstamp ts) { + ngtcp2_pkt_hd hd; + int rv = 0; + size_t hdpktlen; + const uint8_t *payload; + size_t payloadlen; + ssize_t nread, nwrite; + ngtcp2_max_frame mfr; + ngtcp2_frame *fr = &mfr.fr; + int require_ack = 0; + ngtcp2_crypto_km *ckm; + const ngtcp2_vec *hp; + uint8_t plain_hdpkt[1500]; + ngtcp2_hp_mask hp_mask; + ngtcp2_decrypt decrypt; + size_t aead_overhead; + ngtcp2_pktns *pktns; + int non_probing_pkt = 0; + int key_phase_bit_changed = 0; + int force_decrypt_failure = 0; + int invalid_reserved_bits = 0; + + if (pkt[0] & NGTCP2_HEADER_FORM_BIT) { + nread = ngtcp2_pkt_decode_hd_long(&hd, pkt, pktlen); + if (nread < 0) { + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, + "could not decode long header"); + return NGTCP2_ERR_DISCARD_PKT; + } + + if (pktlen < (size_t)nread + hd.len || conn->version != hd.version) { + return NGTCP2_ERR_DISCARD_PKT; + } + + pktlen = (size_t)nread + hd.len; + + /* Quoted from spec: if subsequent packets of those types include + a different Source Connection ID, they MUST be discarded. */ + if (!ngtcp2_cid_eq(&conn->odcid, &hd.scid)) { + ngtcp2_log_rx_pkt_hd(&conn->log, &hd); + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, + "packet was ignored because of mismatched SCID"); + return NGTCP2_ERR_DISCARD_PKT; + } + + switch (hd.type) { + case NGTCP2_PKT_INITIAL: + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, + "delayed Initial packet was discarded"); + return (ssize_t)pktlen; + case NGTCP2_PKT_HANDSHAKE: + pktns = &conn->hs_pktns; + ckm = pktns->crypto.rx.ckm; + hp = pktns->crypto.rx.hp; + hp_mask = conn->callbacks.hp_mask; + decrypt = conn->callbacks.decrypt; + aead_overhead = conn->crypto.aead_overhead; + break; + case NGTCP2_PKT_0RTT: + if (!conn->server || !conn->early.ckm) { + return NGTCP2_ERR_DISCARD_PKT; + } + + pktns = &conn->pktns; + ckm = conn->early.ckm; + hp = conn->early.hp; + hp_mask = conn->callbacks.hp_mask; + decrypt = conn->callbacks.decrypt; + aead_overhead = conn->crypto.aead_overhead; + break; + default: + ngtcp2_log_rx_pkt_hd(&conn->log, &hd); + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, + "packet type 0x%02x was ignored", hd.type); + return (ssize_t)pktlen; + } + } else { + nread = ngtcp2_pkt_decode_hd_short(&hd, pkt, pktlen, conn->oscid.datalen); + if (nread < 0) { + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, + "could not decode short header"); + return NGTCP2_ERR_DISCARD_PKT; + } + + pktns = &conn->pktns; + ckm = pktns->crypto.rx.ckm; + hp = pktns->crypto.rx.hp; + hp_mask = conn->callbacks.hp_mask; + decrypt = conn->callbacks.decrypt; + aead_overhead = conn->crypto.aead_overhead; + } + + nwrite = + conn_decrypt_hp(conn, &hd, plain_hdpkt, sizeof(plain_hdpkt), pkt, pktlen, + (size_t)nread, ckm, hp, hp_mask, aead_overhead); + if (nwrite < 0) { + if (ngtcp2_err_is_fatal((int)nwrite)) { + return nwrite; + } + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, + "could not decrypt packet number"); + return NGTCP2_ERR_DISCARD_PKT; + } + + hdpktlen = (size_t)nwrite; + payload = pkt + hdpktlen; + payloadlen = pktlen - hdpktlen; + + hd.pkt_num = ngtcp2_pkt_adjust_pkt_num(pktns->rx.max_pkt_num, hd.pkt_num, + pkt_num_bits(hd.pkt_numlen)); + if (hd.pkt_num > NGTCP2_MAX_PKT_NUM) { + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, + "pkn=%" PRId64 " is greater than maximum pkn", hd.pkt_num); + return NGTCP2_ERR_DISCARD_PKT; + } + + ngtcp2_log_rx_pkt_hd(&conn->log, &hd); + + if (hd.flags & NGTCP2_PKT_FLAG_LONG_FORM) { + switch (hd.type) { + case NGTCP2_PKT_HANDSHAKE: + rv = conn_verify_dcid(conn, &hd); + if (rv != 0) { + if (ngtcp2_err_is_fatal(rv)) { + return rv; + } + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, + "packet was ignored because of mismatched DCID"); + return NGTCP2_ERR_DISCARD_PKT; + } + break; + case NGTCP2_PKT_0RTT: + if (!ngtcp2_cid_eq(&conn->rcid, &hd.dcid)) { + rv = conn_verify_dcid(conn, &hd); + if (rv != 0) { + if (ngtcp2_err_is_fatal(rv)) { + return rv; + } + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, + "packet was ignored because of mismatched DCID"); + return NGTCP2_ERR_DISCARD_PKT; + } + } + break; + } + } else { + rv = conn_verify_dcid(conn, &hd); + if (rv != 0) { + if (ngtcp2_err_is_fatal(rv)) { + return rv; + } + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, + "packet was ignored because of mismatched DCID"); + return NGTCP2_ERR_DISCARD_PKT; + } + } + + rv = ngtcp2_pkt_verify_reserved_bits(plain_hdpkt[0]); + if (rv != 0) { + invalid_reserved_bits = 1; + + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, + "packet has incorrect reserved bits"); + + /* Will return error after decrypting payload */ + } + + if (pktns_pkt_num_is_duplicate(pktns, hd.pkt_num)) { + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, + "packet was discarded because of duplicated packet number"); + return NGTCP2_ERR_DISCARD_PKT; + } + + if (hd.type == NGTCP2_PKT_SHORT) { + key_phase_bit_changed = conn_key_phase_changed(conn, &hd); + } + + rv = conn_ensure_decrypt_buffer(conn, payloadlen); + if (rv != 0) { + return rv; + } + + if (key_phase_bit_changed) { + assert(hd.type == NGTCP2_PKT_SHORT); + + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, "unexpected KEY_PHASE"); + + if (ckm->pkt_num > hd.pkt_num) { + if (conn->crypto.key_update.old_rx_ckm) { + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, + "decrypting with old key"); + ckm = conn->crypto.key_update.old_rx_ckm; + } else { + force_decrypt_failure = 1; + } + } else if (pktns->rx.max_pkt_num < hd.pkt_num) { + assert(ckm->pkt_num < hd.pkt_num); + if (!conn->crypto.key_update.new_rx_ckm) { + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, "preparing new key"); + rv = conn_prepare_key_update(conn); + if (rv != 0) { + return rv; + } + } + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, + "decrypting with new key"); + ckm = conn->crypto.key_update.new_rx_ckm; + } else { + force_decrypt_failure = 1; + } + } + + nwrite = conn_decrypt_pkt(conn, conn->crypto.decrypt_buf.base, payloadlen, + payload, payloadlen, plain_hdpkt, hdpktlen, + hd.pkt_num, ckm, decrypt); + + if (force_decrypt_failure) { + nwrite = NGTCP2_ERR_TLS_DECRYPT; + } + + if (nwrite < 0) { + if (ngtcp2_err_is_fatal((int)nwrite)) { + return nwrite; + } + + assert(NGTCP2_ERR_TLS_DECRYPT == nwrite); + + if (hd.flags & NGTCP2_PKT_FLAG_LONG_FORM) { + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, + "could not decrypt packet payload"); + return NGTCP2_ERR_DISCARD_PKT; + } + + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, + "could not decrypt packet payload"); + return NGTCP2_ERR_DISCARD_PKT; + } + + if (invalid_reserved_bits) { + return NGTCP2_ERR_PROTO; + } + + payload = conn->crypto.decrypt_buf.base; + payloadlen = (size_t)nwrite; + + if (payloadlen == 0) { + /* QUIC packet must contain at least one frame */ + return NGTCP2_ERR_DISCARD_PKT; + } + + if (hd.flags & NGTCP2_PKT_FLAG_LONG_FORM) { + if (hd.type == NGTCP2_PKT_HANDSHAKE) { + /* TODO find a way when to ignore incoming handshake packet */ + rv = conn_recv_delayed_handshake_pkt(conn, &hd, payload, payloadlen, ts); + if (rv < 0) { + if (ngtcp2_err_is_fatal(rv)) { + return rv; + } + return (ssize_t)rv; + } + return (ssize_t)pktlen; + } + } else { + conn->flags |= NGTCP2_CONN_FLAG_RECV_PROTECTED_PKT; + } + + for (; payloadlen;) { + nread = ngtcp2_pkt_decode_frame(fr, payload, payloadlen); + if (nread < 0) { + return (int)nread; + } + + payload += nread; + payloadlen -= (size_t)nread; + + if (fr->type == NGTCP2_FRAME_ACK) { + if ((hd.flags & NGTCP2_PKT_FLAG_LONG_FORM) && + hd.type == NGTCP2_PKT_0RTT) { + return NGTCP2_ERR_PROTO; + } + assign_recved_ack_delay_unscaled( + &fr->ack, conn->remote.settings.ack_delay_exponent); + } + + ngtcp2_log_rx_fr(&conn->log, &hd, fr); + + if (hd.type == NGTCP2_PKT_0RTT) { + switch (fr->type) { + case NGTCP2_FRAME_PADDING: + case NGTCP2_FRAME_PING: + case NGTCP2_FRAME_RESET_STREAM: + case NGTCP2_FRAME_STOP_SENDING: + case NGTCP2_FRAME_STREAM: + case NGTCP2_FRAME_MAX_DATA: + case NGTCP2_FRAME_MAX_STREAM_DATA: + case NGTCP2_FRAME_MAX_STREAMS_BIDI: + case NGTCP2_FRAME_MAX_STREAMS_UNI: + case NGTCP2_FRAME_DATA_BLOCKED: + case NGTCP2_FRAME_STREAM_DATA_BLOCKED: + case NGTCP2_FRAME_STREAMS_BLOCKED_BIDI: + case NGTCP2_FRAME_STREAMS_BLOCKED_UNI: + case NGTCP2_FRAME_NEW_CONNECTION_ID: + case NGTCP2_FRAME_PATH_CHALLENGE: + break; + default: + return NGTCP2_ERR_PROTO; + } + } + + switch (fr->type) { + case NGTCP2_FRAME_ACK: + case NGTCP2_FRAME_ACK_ECN: + case NGTCP2_FRAME_PADDING: + case NGTCP2_FRAME_CONNECTION_CLOSE: + case NGTCP2_FRAME_CONNECTION_CLOSE_APP: + break; + default: + require_ack = 1; + } + + switch (fr->type) { + case NGTCP2_FRAME_ACK: + case NGTCP2_FRAME_ACK_ECN: + rv = conn_recv_ack(conn, pktns, &fr->ack, ts); + if (rv != 0) { + return rv; + } + non_probing_pkt = 1; + break; + case NGTCP2_FRAME_STREAM: + rv = conn_recv_stream(conn, &fr->stream); + if (rv != 0) { + return rv; + } + non_probing_pkt = 1; + conn_update_rx_bw( + conn, ngtcp2_vec_len(fr->stream.data, fr->stream.datacnt), ts); + break; + case NGTCP2_FRAME_CRYPTO: + rv = conn_recv_crypto(conn, NGTCP2_CRYPTO_LEVEL_APP, &pktns->crypto.strm, + &fr->crypto); + if (rv != 0) { + return rv; + } + non_probing_pkt = 1; + break; + case NGTCP2_FRAME_RESET_STREAM: + rv = conn_recv_reset_stream(conn, &fr->reset_stream); + if (rv != 0) { + return rv; + } + non_probing_pkt = 1; + break; + case NGTCP2_FRAME_STOP_SENDING: + rv = conn_recv_stop_sending(conn, &fr->stop_sending); + if (rv != 0) { + return rv; + } + non_probing_pkt = 1; + break; + case NGTCP2_FRAME_MAX_STREAM_DATA: + rv = conn_recv_max_stream_data(conn, &fr->max_stream_data); + if (rv != 0) { + return rv; + } + non_probing_pkt = 1; + break; + case NGTCP2_FRAME_MAX_DATA: + conn_recv_max_data(conn, &fr->max_data); + non_probing_pkt = 1; + break; + case NGTCP2_FRAME_MAX_STREAMS_BIDI: + case NGTCP2_FRAME_MAX_STREAMS_UNI: + rv = conn_recv_max_streams(conn, &fr->max_streams); + if (rv != 0) { + return rv; + } + non_probing_pkt = 1; + break; + case NGTCP2_FRAME_CONNECTION_CLOSE: + case NGTCP2_FRAME_CONNECTION_CLOSE_APP: + conn_recv_connection_close(conn); + break; + case NGTCP2_FRAME_PING: + non_probing_pkt = 1; + break; + case NGTCP2_FRAME_PATH_CHALLENGE: + conn_recv_path_challenge(conn, &fr->path_challenge); + break; + case NGTCP2_FRAME_PATH_RESPONSE: + rv = conn_recv_path_response(conn, &fr->path_response, ts); + if (rv != 0) { + return rv; + } + break; + case NGTCP2_FRAME_NEW_CONNECTION_ID: + rv = conn_recv_new_connection_id(conn, &fr->new_connection_id, ts); + if (rv != 0) { + return rv; + } + break; + case NGTCP2_FRAME_RETIRE_CONNECTION_ID: + rv = conn_recv_retire_connection_id(conn, &hd, &fr->retire_connection_id, + ts); + if (rv != 0) { + return rv; + } + non_probing_pkt = 1; + break; + case NGTCP2_FRAME_DATA_BLOCKED: + case NGTCP2_FRAME_STREAMS_BLOCKED_BIDI: + case NGTCP2_FRAME_STREAMS_BLOCKED_UNI: + case NGTCP2_FRAME_NEW_TOKEN: + /* TODO Not implemented yet */ + non_probing_pkt = 1; + break; + } + } + + if (conn->server && hd.type == NGTCP2_PKT_SHORT && non_probing_pkt && + pktns->rx.max_pkt_num < hd.pkt_num && + !ngtcp2_path_eq(&conn->dcid.current.ps.path, path) && + !conn_path_validation_in_progress(conn, path)) { + rv = conn_recv_non_probing_pkt_on_new_path(conn, path, ts); + if (rv != 0) { + if (ngtcp2_err_is_fatal(rv)) { + return rv; + } + + /* DCID is not available. Just continue. */ + assert(NGTCP2_ERR_CONN_ID_BLOCKED == rv); + } + } + + if (hd.type == NGTCP2_PKT_SHORT) { + if (ckm == conn->crypto.key_update.new_rx_ckm) { + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_CON, "commit new key"); + conn_commit_key_update(conn, hd.pkt_num); + } else { + if (ckm == pktns->crypto.rx.ckm && + (conn->flags & NGTCP2_CONN_FLAG_WAIT_FOR_REMOTE_KEY_UPDATE)) { + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_CON, + "key synchronization completed"); + conn->flags &= (uint16_t)~NGTCP2_CONN_FLAG_WAIT_FOR_REMOTE_KEY_UPDATE; + } + if (ckm->pkt_num > hd.pkt_num) { + ckm->pkt_num = hd.pkt_num; + } + } + } + + rv = pktns_commit_recv_pkt_num(pktns, hd.pkt_num); + if (rv != 0) { + return rv; + } + + if (require_ack && ++pktns->acktr.rx_npkt >= NGTCP2_NUM_IMMEDIATE_ACK_PKT) { + ngtcp2_acktr_immediate_ack(&pktns->acktr); + } + + rv = ngtcp2_conn_sched_ack(conn, &pktns->acktr, hd.pkt_num, require_ack, ts); + if (rv != 0) { + return rv; + } + + return (ssize_t)pktlen; +} + +/* + * conn_process_buffered_protected_pkt processes buffered 0RTT or + * Short packets. + * + * This function returns 0 if it succeeds, or the same negative error + * codes from conn_recv_pkt. + */ +static int conn_process_buffered_protected_pkt(ngtcp2_conn *conn, + ngtcp2_pktns *pktns, + ngtcp2_tstamp ts) { + ssize_t nread; + ngtcp2_pkt_chain **ppc, *next; + int rv; + + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_CON, + "processing buffered protected packet"); + + for (ppc = &pktns->rx.buffed_pkts; *ppc;) { + next = (*ppc)->next; + nread = conn_recv_pkt(conn, &(*ppc)->path.path, (*ppc)->pkt, (*ppc)->pktlen, + ts); + if (nread < 0 && !ngtcp2_err_is_fatal((int)nread)) { + rv = conn_on_stateless_reset(conn, (*ppc)->pkt, (*ppc)->pktlen); + if (rv == 0) { + ngtcp2_pkt_chain_del(*ppc, conn->mem); + *ppc = next; + return 0; + } + } + + ngtcp2_pkt_chain_del(*ppc, conn->mem); + *ppc = next; + if (nread < 0) { + if (nread == NGTCP2_ERR_DISCARD_PKT) { + continue; + } + return (int)nread; + } + } + + return 0; +} + +/* + * conn_process_buffered_handshake_pkt processes buffered Handshake + * packets. + * + * This function returns 0 if it succeeds, or the same negative error + * codes from conn_recv_handshake_pkt. + */ +static int conn_process_buffered_handshake_pkt(ngtcp2_conn *conn, + ngtcp2_tstamp ts) { + ngtcp2_pktns *pktns = &conn->in_pktns; + ssize_t nread; + ngtcp2_pkt_chain **ppc, *next; + + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_CON, + "processing buffered handshake packet"); + + for (ppc = &pktns->rx.buffed_pkts; *ppc;) { + next = (*ppc)->next; + nread = conn_recv_handshake_pkt(conn, &(*ppc)->path.path, (*ppc)->pkt, + (*ppc)->pktlen, ts); + ngtcp2_pkt_chain_del(*ppc, conn->mem); + *ppc = next; + if (nread < 0) { + if (nread == NGTCP2_ERR_DISCARD_PKT) { + continue; + } + return (int)nread; + } + } + + return 0; +} + +static void conn_sync_stream_id_limit(ngtcp2_conn *conn) { + conn->local.bidi.max_streams = conn->remote.settings.max_streams_bidi; + conn->local.uni.max_streams = conn->remote.settings.max_streams_uni; +} + +/* + * conn_handshake_completed is called once cryptographic handshake has + * completed. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_CALLBACK_FAILURE + * User callback failed. + */ +static int conn_handshake_completed(ngtcp2_conn *conn) { + int rv; + + conn->flags |= NGTCP2_CONN_FLAG_HANDSHAKE_COMPLETED_HANDLED; + + rv = conn_call_handshake_completed(conn); + if (rv != 0) { + return rv; + } + + if (conn->local.bidi.max_streams > 0) { + rv = conn_call_extend_max_local_streams_bidi(conn, + conn->local.bidi.max_streams); + if (rv != 0) { + return rv; + } + } + if (conn->local.uni.max_streams > 0) { + rv = conn_call_extend_max_local_streams_uni(conn, + conn->local.uni.max_streams); + if (rv != 0) { + return rv; + } + } + + return 0; +} + +/* + * conn_recv_cpkt processes compound packet after handshake. The + * buffer pointed by |pkt| might contain multiple packets. The Short + * packet must be the last one because it does not have payload length + * field. + * + * This function returns 0 if it succeeds, or the same negative error + * codes from conn_recv_pkt except for NGTCP2_ERR_DISCARD_PKT. + */ +static int conn_recv_cpkt(ngtcp2_conn *conn, const ngtcp2_path *path, + const uint8_t *pkt, size_t pktlen, ngtcp2_tstamp ts) { + ssize_t nread; + int rv; + const uint8_t *origpkt = pkt; + size_t origpktlen = pktlen; + + while (pktlen) { + nread = conn_recv_pkt(conn, path, pkt, pktlen, ts); + if (nread < 0) { + if (ngtcp2_err_is_fatal((int)nread)) { + return (int)nread; + } + rv = conn_on_stateless_reset(conn, origpkt, origpktlen); + if (rv == 0) { + return 0; + } + if (nread == NGTCP2_ERR_DISCARD_PKT) { + return 0; + } + return (int)nread; + } + + assert(pktlen >= (size_t)nread); + pkt += nread; + pktlen -= (size_t)nread; + + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_PKT, + "read packet %zd left %zu", nread, pktlen); + } + + return 0; +} + +/* + * conn_is_retired_path returns nonzero if |path| is inclued in + * retired path list. + */ +static int conn_is_retired_path(ngtcp2_conn *conn, const ngtcp2_path *path) { + size_t i, len = ngtcp2_ringbuf_len(&conn->dcid.retired); + ngtcp2_dcid *dcid; + + for (i = 0; i < len; ++i) { + dcid = ngtcp2_ringbuf_get(&conn->dcid.retired, i); + if (ngtcp2_path_eq(&dcid->ps.path, path)) { + return 1; + } + } + + return 0; +} + +int ngtcp2_conn_read_pkt(ngtcp2_conn *conn, const ngtcp2_path *path, + const uint8_t *pkt, size_t pktlen, ngtcp2_tstamp ts) { + int rv = 0; + + conn->log.last_ts = ts; + + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_CON, "recv packet len=%zu", + pktlen); + + if (pktlen == 0) { + return NGTCP2_ERR_INVALID_ARGUMENT; + } + + /* client does not expect a packet from unknown path. */ + if (!conn->server && !ngtcp2_path_eq(&conn->dcid.current.ps.path, path) && + (!conn->pv || !ngtcp2_path_eq(&conn->pv->dcid.ps.path, path)) && + !conn_is_retired_path(conn, path)) { + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_CON, + "ignore packet from unknown path"); + return 0; + } + + switch (conn->state) { + case NGTCP2_CS_CLIENT_INITIAL: + case NGTCP2_CS_CLIENT_WAIT_HANDSHAKE: + case NGTCP2_CS_CLIENT_TLS_HANDSHAKE_FAILED: + case NGTCP2_CS_SERVER_INITIAL: + case NGTCP2_CS_SERVER_WAIT_HANDSHAKE: + case NGTCP2_CS_SERVER_TLS_HANDSHAKE_FAILED: + return ngtcp2_conn_read_handshake(conn, path, pkt, pktlen, ts); + case NGTCP2_CS_CLOSING: + return NGTCP2_ERR_CLOSING; + case NGTCP2_CS_DRAINING: + return NGTCP2_ERR_DRAINING; + case NGTCP2_CS_POST_HANDSHAKE: + rv = conn_recv_cpkt(conn, path, pkt, pktlen, ts); + if (rv != 0) { + break; + } + if (conn->state == NGTCP2_CS_DRAINING) { + return NGTCP2_ERR_DRAINING; + } + break; + } + + return rv; +} + +/* + * conn_check_pkt_num_exhausted returns nonzero if packet number is + * exhausted in at least one of packet number space. + */ +static int conn_check_pkt_num_exhausted(ngtcp2_conn *conn) { + return conn->in_pktns.tx.last_pkt_num == NGTCP2_MAX_PKT_NUM || + conn->hs_pktns.tx.last_pkt_num == NGTCP2_MAX_PKT_NUM || + conn->pktns.tx.last_pkt_num == NGTCP2_MAX_PKT_NUM; +} + +/* + * conn_server_hs_tx_left returns the maximum number of bytes that + * server is allowed to send during handshake. + */ +static size_t conn_server_hs_tx_left(ngtcp2_conn *conn) { + if (conn->flags & NGTCP2_CONN_FLAG_SADDR_VERIFIED) { + return SIZE_MAX; + } + /* From QUIC spec: Prior to validating the client address, servers + MUST NOT send more than three times as many bytes as the number + of bytes they have received. */ + return conn->hs_recved * 3 - conn->hs_sent; +} + +int ngtcp2_conn_read_handshake(ngtcp2_conn *conn, const ngtcp2_path *path, + const uint8_t *pkt, size_t pktlen, + ngtcp2_tstamp ts) { + int rv; + ngtcp2_pktns *hs_pktns = &conn->hs_pktns; + + switch (conn->state) { + case NGTCP2_CS_CLIENT_INITIAL: + /* TODO Better to log something when we ignore input */ + return 0; + case NGTCP2_CS_CLIENT_WAIT_HANDSHAKE: + rv = conn_recv_handshake_cpkt(conn, path, pkt, pktlen, ts); + if (rv < 0) { + return rv; + } + + if (conn->state == NGTCP2_CS_CLIENT_INITIAL) { + /* Retry packet was received */ + return 0; + } + + if (hs_pktns->crypto.rx.ckm) { + rv = conn_process_buffered_handshake_pkt(conn, ts); + if (rv != 0) { + return rv; + } + } + + return 0; + case NGTCP2_CS_SERVER_INITIAL: + rv = conn_recv_handshake_cpkt(conn, path, pkt, pktlen, ts); + if (rv < 0) { + return rv; + } + + /* TODO Attacker can send a fake 0RTT packet to create pending + connection and it makes server waste memory. Might be better + not to buffer 0RTT packet. */ + /* The first packet from client has CRYPTO data but in case of + HRR, server does not get Handshake packet. Ideally, we need to + get a signal from TLS stack that it sends HRR or not. If not + HRR, then not having Handshake key is an error. If server + receives re-ordered 0RTT before Initial, it should be + buffered. */ + if (ngtcp2_rob_first_gap_offset(&conn->in_pktns.crypto.strm.rx.rob) == 0) { + if (!conn->in_pktns.rx.buffed_pkts) { + return NGTCP2_ERR_PROTO; + } + return 0; + } + + /* Process re-ordered 0-RTT packets which were arrived before + Initial packet. */ + if (conn->early.ckm) { + rv = conn_process_buffered_protected_pkt(conn, &conn->in_pktns, ts); + if (rv != 0) { + return rv; + } + } else { + delete_buffed_pkts(conn->in_pktns.rx.buffed_pkts, conn->mem); + conn->in_pktns.rx.buffed_pkts = NULL; + } + + return 0; + case NGTCP2_CS_SERVER_WAIT_HANDSHAKE: + rv = conn_recv_handshake_cpkt(conn, path, pkt, pktlen, ts); + if (rv < 0) { + return rv; + } + + if (hs_pktns->crypto.rx.ckm) { + rv = conn_process_buffered_handshake_pkt(conn, ts); + if (rv != 0) { + return rv; + } + } + + if (conn->hs_pktns.rx.max_pkt_num != -1) { + conn_discard_initial_key(conn); + } + + if (!(conn->flags & NGTCP2_CONN_FLAG_HANDSHAKE_COMPLETED)) { + return 0; + } + + if (!(conn->flags & NGTCP2_CONN_FLAG_TRANSPORT_PARAM_RECVED)) { + return NGTCP2_ERR_REQUIRED_TRANSPORT_PARAM; + } + + rv = conn_handshake_completed(conn); + if (rv != 0) { + return rv; + } + conn->state = NGTCP2_CS_POST_HANDSHAKE; + + rv = conn_process_buffered_protected_pkt(conn, &conn->hs_pktns, ts); + if (rv != 0) { + return rv; + } + + conn->hs_pktns.acktr.flags |= NGTCP2_ACKTR_FLAG_PENDING_FINISHED_ACK; + + return 0; + case NGTCP2_CS_CLOSING: + return NGTCP2_ERR_CLOSING; + case NGTCP2_CS_DRAINING: + return NGTCP2_ERR_DRAINING; + default: + return 0; + } +} + +/* + * conn_select_preferred_addr asks a client application to select a + * server address from preferred addresses received from server. If a + * client chooses the address, path validation will start. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + * NGTCP2_ERR_CALLBACK_FAILURE + * User-defined callback function failed. + */ +static int conn_select_preferred_addr(ngtcp2_conn *conn) { + uint8_t buf[128]; + ngtcp2_addr addr; + int rv; + ngtcp2_duration timeout; + ngtcp2_pv *pv; + ngtcp2_dcid dcid; + + ngtcp2_addr_init(&addr, buf, 0, NULL); + + rv = conn_call_select_preferred_addr(conn, &addr); + if (rv != 0) { + return rv; + } + + if (addr.addrlen == 0 || + ngtcp2_addr_eq(&conn->dcid.current.ps.path.remote, &addr)) { + return 0; + } + + ngtcp2_dcid_init( + &dcid, 1, &conn->remote.settings.preferred_address.cid, + conn->remote.settings.preferred_address.stateless_reset_token); + + assert(conn->pv == NULL); + + timeout = conn_compute_pto(conn); + timeout = + ngtcp2_max(timeout, (ngtcp2_duration)(6ULL * NGTCP2_DEFAULT_INITIAL_RTT)); + + rv = ngtcp2_pv_new(&pv, &dcid, timeout, NGTCP2_PV_FLAG_RETIRE_DCID_ON_FINISH, + &conn->log, conn->mem); + if (rv != 0) { + /* TODO Call ngtcp2_dcid_free here if it is introduced */ + return rv; + } + + conn->pv = pv; + + ngtcp2_addr_copy(&pv->dcid.ps.path.local, &conn->dcid.current.ps.path.local); + ngtcp2_addr_copy(&pv->dcid.ps.path.remote, &addr); + + conn_reset_congestion_state(conn); + + return 0; +} + +/* + * conn_retransmit_retry_early retransmits 0RTT packet after Retry is + * received from server. + */ +static ssize_t conn_retransmit_retry_early(ngtcp2_conn *conn, uint8_t *dest, + size_t destlen, ngtcp2_tstamp ts) { + return conn_write_pkt(conn, dest, destlen, NULL, NGTCP2_PKT_0RTT, NULL, 0, + NULL, 0, NGTCP2_WRITE_PKT_FLAG_NONE, ts); +} + +/* + * conn_write_handshake writes QUIC handshake packets to the buffer + * pointed by |dest| of length |destlen|. |early_datalen| specifies + * the expected length of early data to send. Specify 0 to + * |early_datalen| if there is no early data. + * + * This function returns the number of bytes written to the buffer, or + * one of the following negative error codes: + * + * NGTCP2_ERR_PKT_NUM_EXHAUSTED + * Packet number is exhausted. + * NGTCP2_ERR_NOMEM + * Out of memory + * NGTCP2_ERR_REQUIRED_TRANSPORT_PARAM + * Required transport parameter is missing. + * NGTCP2_CS_CLOSING + * Connection is in closing state. + * NGTCP2_CS_DRAINING + * Connection is in draining state. + * + * In addition to the above negative error codes, the same error codes + * from conn_recv_pkt may also be returned. + */ +static ssize_t conn_write_handshake(ngtcp2_conn *conn, uint8_t *dest, + size_t destlen, size_t early_datalen, + ngtcp2_tstamp ts) { + int rv; + ssize_t res = 0, nwrite = 0, early_spktlen = 0; + uint64_t cwnd; + size_t origlen = destlen; + size_t server_hs_tx_left; + ngtcp2_rcvry_stat *rcs = &conn->rcs; + size_t pending_early_datalen; + + cwnd = conn_cwnd_left(conn); + destlen = ngtcp2_min(destlen, cwnd); + + switch (conn->state) { + case NGTCP2_CS_CLIENT_INITIAL: + pending_early_datalen = conn_retry_early_payloadlen(conn); + if (pending_early_datalen) { + early_datalen = pending_early_datalen; + } + + if (!(conn->flags & NGTCP2_CONN_FLAG_RECV_RETRY)) { + nwrite = + conn_write_client_initial(conn, dest, destlen, early_datalen, ts); + if (nwrite <= 0) { + return nwrite; + } + } else { + nwrite = conn_write_handshake_pkt(conn, dest, destlen, NGTCP2_PKT_INITIAL, + early_datalen, ts); + if (nwrite < 0) { + return nwrite; + } + } + + if (pending_early_datalen) { + early_spktlen = conn_retransmit_retry_early(conn, dest + nwrite, + destlen - (size_t)nwrite, ts); + + if (early_spktlen < 0) { + assert(ngtcp2_err_is_fatal((int)early_spktlen)); + return early_spktlen; + } + } + + conn->state = NGTCP2_CS_CLIENT_WAIT_HANDSHAKE; + + return nwrite + early_spktlen; + case NGTCP2_CS_CLIENT_WAIT_HANDSHAKE: + if (!(conn->flags & NGTCP2_CONN_FLAG_HANDSHAKE_COMPLETED_HANDLED)) { + pending_early_datalen = conn_retry_early_payloadlen(conn); + if (pending_early_datalen) { + early_datalen = pending_early_datalen; + } + } + + nwrite = conn_write_handshake_pkts(conn, dest, destlen, early_datalen, ts); + if (nwrite < 0) { + return nwrite; + } + + if (conn->hs_pktns.tx.last_pkt_num != -1) { + conn_discard_initial_key(conn); + } + + res += nwrite; + dest += nwrite; + destlen -= (size_t)nwrite; + + if (!(conn->flags & NGTCP2_CONN_FLAG_HANDSHAKE_COMPLETED)) { + nwrite = conn_retransmit_retry_early(conn, dest, destlen, ts); + if (nwrite < 0) { + return nwrite; + } + + res += nwrite; + + if (res == 0) { + /* This might send PADDING only Initial packet if client has + nothing to send and does not have client handshake traffic + key to prevent server from deadlocking. */ + nwrite = conn_write_handshake_ack_pkts(conn, dest, destlen, ts); + if (nwrite < 0) { + return nwrite; + } + res = nwrite; + } + if (res) { + conn->flags &= (uint16_t)~NGTCP2_CONN_FLAG_FORCE_SEND_HANDSHAKE; + } + return res; + } + + if (!(conn->flags & NGTCP2_CONN_FLAG_TRANSPORT_PARAM_RECVED)) { + return NGTCP2_ERR_REQUIRED_TRANSPORT_PARAM; + } + + rv = conn_handshake_completed(conn); + if (rv != 0) { + return (ssize_t)rv; + } + + conn->state = NGTCP2_CS_POST_HANDSHAKE; + + if (conn->remote.settings.stateless_reset_token_present) { + memcpy(conn->dcid.current.token, + conn->remote.settings.stateless_reset_token, + sizeof(conn->dcid.current.token)); + } + + conn_process_early_rtb(conn); + + rv = conn_process_buffered_protected_pkt(conn, &conn->hs_pktns, ts); + if (rv != 0) { + return (ssize_t)rv; + } + + if (conn->remote.settings.preferred_address_present) { + /* TODO Starting path validation against preferred address must + be done after dropping Handshake key which is impossible at + draft-18. */ + /* TODO And client has to send NEW_CONNECTION_ID before starting + path validation */ + rv = conn_select_preferred_addr(conn); + if (rv != 0) { + return (ssize_t)rv; + } + } + + return res; + case NGTCP2_CS_SERVER_INITIAL: + nwrite = conn_write_server_handshake(conn, dest, destlen, ts); + if (nwrite < 0) { + return nwrite; + } + + if (nwrite) { + conn->state = NGTCP2_CS_SERVER_WAIT_HANDSHAKE; + conn->hs_sent += (size_t)nwrite; + } + + return nwrite; + case NGTCP2_CS_SERVER_WAIT_HANDSHAKE: + if (!(conn->flags & NGTCP2_CONN_FLAG_HANDSHAKE_COMPLETED)) { + server_hs_tx_left = conn_server_hs_tx_left(conn); + if (server_hs_tx_left == 0) { + if (rcs->loss_detection_timer) { + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_RCV, + "loss detection timer canceled"); + rcs->loss_detection_timer = 0; + } + return 0; + } + + destlen = ngtcp2_min(destlen, server_hs_tx_left); + nwrite = conn_write_server_handshake(conn, dest, destlen, ts); + if (nwrite < 0) { + return nwrite; + } + + /* TODO Write 1RTT ACK packet if we have received 0RTT packet */ + + res += nwrite; + dest += nwrite; + destlen -= (size_t)nwrite; + + nwrite = conn_write_handshake_ack_pkts( + conn, dest, + res == 0 ? ngtcp2_min(origlen, server_hs_tx_left) : destlen, ts); + if (nwrite < 0) { + return nwrite; + } + + res += nwrite; + conn->hs_sent += (size_t)res; + return res; + } + + return 0; + case NGTCP2_CS_CLOSING: + return NGTCP2_ERR_CLOSING; + case NGTCP2_CS_DRAINING: + return NGTCP2_ERR_DRAINING; + default: + return 0; + } +} + +ssize_t ngtcp2_conn_write_handshake(ngtcp2_conn *conn, uint8_t *dest, + size_t destlen, ngtcp2_tstamp ts) { + return conn_write_handshake(conn, dest, destlen, 0, ts); +} + +ssize_t ngtcp2_conn_client_write_handshake(ngtcp2_conn *conn, uint8_t *dest, + size_t destlen, ssize_t *pdatalen, + uint32_t flags, int64_t stream_id, + int fin, const ngtcp2_vec *datav, + size_t datavcnt, ngtcp2_tstamp ts) { + ngtcp2_strm *strm = NULL; + int send_stream = 0; + ssize_t spktlen, early_spktlen; + uint64_t cwnd; + int was_client_initial; + size_t datalen = ngtcp2_vec_len(datav, datavcnt); + size_t early_datalen = 0; + uint8_t wflags = NGTCP2_WRITE_PKT_FLAG_NONE; + int ppe_pending = (conn->flags & NGTCP2_CONN_FLAG_PPE_PENDING) != 0; + + assert(!conn->server); + + /* conn->early.ckm might be created in the first call of + conn_handshake(). Check it later. */ + if (stream_id != -1 && + !(conn->flags & NGTCP2_CONN_FLAG_EARLY_DATA_REJECTED)) { + strm = ngtcp2_conn_find_stream(conn, stream_id); + if (strm == NULL) { + return NGTCP2_ERR_STREAM_NOT_FOUND; + } + + if (strm->flags & NGTCP2_STRM_FLAG_SHUT_WR) { + return NGTCP2_ERR_STREAM_SHUT_WR; + } + + send_stream = conn_retry_early_payloadlen(conn) == 0 && + /* 0 length STREAM frame is allowed */ + (datalen == 0 || + (datalen > 0 && (strm->tx.max_offset - strm->tx.offset) && + (conn->tx.max_offset - conn->tx.offset))); + if (send_stream) { + early_datalen = + ngtcp2_min(datalen, strm->tx.max_offset - strm->tx.offset); + early_datalen = + ngtcp2_min(early_datalen, conn->tx.max_offset - conn->tx.offset) + + NGTCP2_STREAM_OVERHEAD; + } + } + + if (!ppe_pending) { + was_client_initial = conn->state == NGTCP2_CS_CLIENT_INITIAL; + spktlen = conn_write_handshake(conn, dest, destlen, early_datalen, ts); + + if (spktlen < 0) { + return spktlen; + } + + if (conn->pktns.crypto.tx.ckm || !conn->early.ckm || !send_stream) { + return spktlen; + } + } else { + assert(!conn->pktns.crypto.tx.ckm); + assert(conn->early.ckm); + + was_client_initial = conn->pkt.was_client_initial; + spktlen = conn->pkt.hs_spktlen; + } + + /* If spktlen > 0, we are making a compound packet. If Initial + packet is written, we have to pad bytes to 0-RTT packet. */ + + if (spktlen && was_client_initial) { + wflags |= NGTCP2_WRITE_PKT_FLAG_REQUIRE_PADDING; + } + if (flags & NGTCP2_WRITE_STREAM_FLAG_MORE) { + wflags |= NGTCP2_WRITE_PKT_FLAG_STREAM_MORE; + } + + cwnd = conn_cwnd_left(conn); + + dest += spktlen; + destlen -= (size_t)spktlen; + destlen = ngtcp2_min(destlen, cwnd); + + early_spktlen = conn_write_pkt(conn, dest, destlen, pdatalen, NGTCP2_PKT_0RTT, + strm, fin, datav, datavcnt, wflags, ts); + + if (early_spktlen < 0) { + switch (early_spktlen) { + case NGTCP2_ERR_STREAM_DATA_BLOCKED: + return spktlen; + case NGTCP2_ERR_WRITE_STREAM_MORE: + conn->pkt.was_client_initial = was_client_initial; + conn->pkt.hs_spktlen = spktlen; + break; + } + return early_spktlen; + } + + return spktlen + early_spktlen; +} + +void ngtcp2_conn_handshake_completed(ngtcp2_conn *conn) { + conn->flags |= NGTCP2_CONN_FLAG_HANDSHAKE_COMPLETED; +} + +int ngtcp2_conn_get_handshake_completed(ngtcp2_conn *conn) { + return (conn->flags & NGTCP2_CONN_FLAG_HANDSHAKE_COMPLETED) && + (conn->flags & NGTCP2_CONN_FLAG_HANDSHAKE_COMPLETED_HANDLED); +} + +int ngtcp2_conn_sched_ack(ngtcp2_conn *conn, ngtcp2_acktr *acktr, + int64_t pkt_num, int active_ack, ngtcp2_tstamp ts) { + int rv; + (void)conn; + + rv = ngtcp2_acktr_add(acktr, pkt_num, active_ack, ts); + if (rv != 0) { + assert(rv != NGTCP2_ERR_INVALID_ARGUMENT); + return rv; + } + + return 0; +} + +int ngtcp2_accept(ngtcp2_pkt_hd *dest, const uint8_t *pkt, size_t pktlen) { + ssize_t nread; + ngtcp2_pkt_hd hd, *p; + + if (dest) { + p = dest; + } else { + p = &hd; + } + + if (pktlen == 0 || (pkt[0] & NGTCP2_HEADER_FORM_BIT) == 0) { + return -1; + } + + nread = ngtcp2_pkt_decode_hd_long(p, pkt, pktlen); + if (nread < 0) { + return -1; + } + + switch (p->type) { + case NGTCP2_PKT_INITIAL: + if (pktlen < NGTCP2_MIN_INITIAL_PKTLEN) { + return -1; + } + if (p->tokenlen == 0 && p->dcid.datalen < 8) { + return -1; + } + break; + case NGTCP2_PKT_0RTT: + /* 0-RTT packet may arrive before Initial packet due to + re-ordering. */ + break; + default: + return -1; + } + + switch (p->version) { + case NGTCP2_PROTO_VER: + break; + default: + return 1; + } + + return 0; +} + +void ngtcp2_conn_set_aead_overhead(ngtcp2_conn *conn, size_t aead_overhead) { + conn->crypto.aead_overhead = aead_overhead; +} + +size_t ngtcp2_conn_get_aead_overhead(ngtcp2_conn *conn) { + return conn->crypto.aead_overhead; +} + +int ngtcp2_conn_install_initial_tx_keys(ngtcp2_conn *conn, const uint8_t *key, + size_t keylen, const uint8_t *iv, + size_t ivlen, const uint8_t *pn, + size_t pnlen) { + ngtcp2_pktns *pktns = &conn->in_pktns; + int rv; + + if (pktns->crypto.tx.hp) { + ngtcp2_vec_del(pktns->crypto.tx.hp, conn->mem); + pktns->crypto.tx.hp = NULL; + } + if (pktns->crypto.tx.ckm) { + ngtcp2_crypto_km_del(pktns->crypto.tx.ckm, conn->mem); + pktns->crypto.tx.ckm = NULL; + } + + rv = ngtcp2_crypto_km_new(&pktns->crypto.tx.ckm, key, keylen, iv, ivlen, + conn->mem); + if (rv != 0) { + return rv; + } + + return ngtcp2_vec_new(&pktns->crypto.tx.hp, pn, pnlen, conn->mem); +} + +int ngtcp2_conn_install_initial_rx_keys(ngtcp2_conn *conn, const uint8_t *key, + size_t keylen, const uint8_t *iv, + size_t ivlen, const uint8_t *pn, + size_t pnlen) { + ngtcp2_pktns *pktns = &conn->in_pktns; + int rv; + + if (pktns->crypto.rx.hp) { + ngtcp2_vec_del(pktns->crypto.rx.hp, conn->mem); + pktns->crypto.rx.hp = NULL; + } + if (pktns->crypto.rx.ckm) { + ngtcp2_crypto_km_del(pktns->crypto.rx.ckm, conn->mem); + pktns->crypto.rx.ckm = NULL; + } + + rv = ngtcp2_crypto_km_new(&pktns->crypto.rx.ckm, key, keylen, iv, ivlen, + conn->mem); + if (rv != 0) { + return rv; + } + + return ngtcp2_vec_new(&pktns->crypto.rx.hp, pn, pnlen, conn->mem); +} + +int ngtcp2_conn_install_handshake_tx_keys(ngtcp2_conn *conn, const uint8_t *key, + size_t keylen, const uint8_t *iv, + size_t ivlen, const uint8_t *pn, + size_t pnlen) { + ngtcp2_pktns *pktns = &conn->hs_pktns; + int rv; + + assert(!pktns->crypto.tx.hp && !pktns->crypto.tx.ckm); + + rv = ngtcp2_crypto_km_new(&pktns->crypto.tx.ckm, key, keylen, iv, ivlen, + conn->mem); + if (rv != 0) { + return rv; + } + + return ngtcp2_vec_new(&pktns->crypto.tx.hp, pn, pnlen, conn->mem); +} + +int ngtcp2_conn_install_handshake_rx_keys(ngtcp2_conn *conn, const uint8_t *key, + size_t keylen, const uint8_t *iv, + size_t ivlen, const uint8_t *pn, + size_t pnlen) { + ngtcp2_pktns *pktns = &conn->hs_pktns; + int rv; + + assert(!pktns->crypto.rx.hp && !pktns->crypto.rx.ckm); + + rv = ngtcp2_crypto_km_new(&pktns->crypto.rx.ckm, key, keylen, iv, ivlen, + conn->mem); + if (rv != 0) { + return rv; + } + + return ngtcp2_vec_new(&pktns->crypto.rx.hp, pn, pnlen, conn->mem); +} + +int ngtcp2_conn_install_early_keys(ngtcp2_conn *conn, const uint8_t *key, + size_t keylen, const uint8_t *iv, + size_t ivlen, const uint8_t *pn, + size_t pnlen) { + int rv; + + assert(!conn->early.hp && !conn->early.ckm); + + rv = + ngtcp2_crypto_km_new(&conn->early.ckm, key, keylen, iv, ivlen, conn->mem); + if (rv != 0) { + return rv; + } + + return ngtcp2_vec_new(&conn->early.hp, pn, pnlen, conn->mem); +} + +int ngtcp2_conn_install_tx_keys(ngtcp2_conn *conn, const uint8_t *key, + size_t keylen, const uint8_t *iv, size_t ivlen, + const uint8_t *pn, size_t pnlen) { + ngtcp2_pktns *pktns = &conn->pktns; + int rv; + + assert(!pktns->crypto.tx.hp && !pktns->crypto.tx.ckm); + + rv = ngtcp2_crypto_km_new(&pktns->crypto.tx.ckm, key, keylen, iv, ivlen, + conn->mem); + if (rv != 0) { + return rv; + } + + return ngtcp2_vec_new(&pktns->crypto.tx.hp, pn, pnlen, conn->mem); +} + +int ngtcp2_conn_install_rx_keys(ngtcp2_conn *conn, const uint8_t *key, + size_t keylen, const uint8_t *iv, size_t ivlen, + const uint8_t *pn, size_t pnlen) { + ngtcp2_pktns *pktns = &conn->pktns; + int rv; + + assert(!pktns->crypto.rx.hp && !pktns->crypto.rx.ckm); + + rv = ngtcp2_crypto_km_new(&pktns->crypto.rx.ckm, key, keylen, iv, ivlen, + conn->mem); + if (rv != 0) { + return rv; + } + + rv = ngtcp2_vec_new(&pktns->crypto.rx.hp, pn, pnlen, conn->mem); + if (rv != 0) { + return rv; + } + + conn->remote.settings = conn->remote.pending_settings; + conn_sync_stream_id_limit(conn); + conn->tx.max_offset = conn->remote.settings.max_data; + + return 0; +} + +int ngtcp2_conn_update_tx_key(ngtcp2_conn *conn, const uint8_t *key, + size_t keylen, const uint8_t *iv, size_t ivlen) { + ngtcp2_pktns *pktns = &conn->pktns; + int rv; + + if ((conn->flags & NGTCP2_CONN_FLAG_WAIT_FOR_REMOTE_KEY_UPDATE) || + conn->crypto.key_update.new_tx_ckm) { + return NGTCP2_ERR_INVALID_STATE; + } + + rv = ngtcp2_crypto_km_new(&conn->crypto.key_update.new_tx_ckm, key, keylen, + iv, ivlen, conn->mem); + if (rv != 0) { + return rv; + } + + if (!(pktns->crypto.tx.ckm->flags & NGTCP2_CRYPTO_KM_FLAG_KEY_PHASE_ONE)) { + conn->crypto.key_update.new_tx_ckm->flags |= + NGTCP2_CRYPTO_KM_FLAG_KEY_PHASE_ONE; + } + + return 0; +} + +int ngtcp2_conn_update_rx_key(ngtcp2_conn *conn, const uint8_t *key, + size_t keylen, const uint8_t *iv, size_t ivlen) { + ngtcp2_pktns *pktns = &conn->pktns; + int rv; + + if ((conn->flags & NGTCP2_CONN_FLAG_WAIT_FOR_REMOTE_KEY_UPDATE) || + conn->crypto.key_update.new_rx_ckm) { + return NGTCP2_ERR_INVALID_STATE; + } + + rv = ngtcp2_crypto_km_new(&conn->crypto.key_update.new_rx_ckm, key, keylen, + iv, ivlen, conn->mem); + if (rv != 0) { + return rv; + } + + if (!(pktns->crypto.rx.ckm->flags & NGTCP2_CRYPTO_KM_FLAG_KEY_PHASE_ONE)) { + conn->crypto.key_update.new_rx_ckm->flags |= + NGTCP2_CRYPTO_KM_FLAG_KEY_PHASE_ONE; + } + + return 0; +} + +int ngtcp2_conn_initiate_key_update(ngtcp2_conn *conn) { + if ((conn->flags & NGTCP2_CONN_FLAG_WAIT_FOR_REMOTE_KEY_UPDATE) || + !conn->crypto.key_update.new_tx_ckm || + !conn->crypto.key_update.new_rx_ckm) { + return NGTCP2_ERR_INVALID_STATE; + } + + conn_commit_key_update(conn, NGTCP2_MAX_PKT_NUM); + + conn->flags |= NGTCP2_CONN_FLAG_WAIT_FOR_REMOTE_KEY_UPDATE; + + return 0; +} + +ngtcp2_tstamp ngtcp2_conn_loss_detection_expiry(ngtcp2_conn *conn) { + if (conn->rcs.loss_detection_timer) { + return conn->rcs.loss_detection_timer; + } + return UINT64_MAX; +} + +ngtcp2_tstamp ngtcp2_conn_internal_expiry(ngtcp2_conn *conn) { + ngtcp2_tstamp res = UINT64_MAX; + ngtcp2_duration pto = conn_compute_pto(conn); + ngtcp2_scid *scid; + + if (conn->pv) { + res = ngtcp2_pv_next_expiry(conn->pv); + } + + if (!ngtcp2_pq_empty(&conn->scid.used)) { + scid = ngtcp2_struct_of(ngtcp2_pq_top(&conn->scid.used), ngtcp2_scid, pe); + if (scid->ts_retired != UINT64_MAX) { + res = ngtcp2_min(res, scid->ts_retired + pto); + } + } + + return res; +} + +ngtcp2_tstamp ngtcp2_conn_ack_delay_expiry(ngtcp2_conn *conn) { + ngtcp2_acktr *in_acktr = &conn->in_pktns.acktr; + ngtcp2_acktr *hs_acktr = &conn->hs_pktns.acktr; + ngtcp2_acktr *acktr = &conn->pktns.acktr; + ngtcp2_tstamp ts = UINT64_MAX, t; + + if (!(in_acktr->flags & NGTCP2_ACKTR_FLAG_CANCEL_TIMER) && + in_acktr->first_unacked_ts != UINT64_MAX) { + t = in_acktr->first_unacked_ts + NGTCP2_HS_ACK_DELAY; + ts = ngtcp2_min(ts, t); + } + if (!(hs_acktr->flags & NGTCP2_ACKTR_FLAG_CANCEL_TIMER) && + hs_acktr->first_unacked_ts != UINT64_MAX) { + t = hs_acktr->first_unacked_ts + NGTCP2_HS_ACK_DELAY; + ts = ngtcp2_min(ts, t); + } + if (!(acktr->flags & NGTCP2_ACKTR_FLAG_CANCEL_TIMER) && + acktr->first_unacked_ts != UINT64_MAX) { + t = acktr->first_unacked_ts + conn_compute_ack_delay(conn); + ts = ngtcp2_min(ts, t); + } + return ts; +} + +ngtcp2_tstamp ngtcp2_conn_get_expiry(ngtcp2_conn *conn) { + ngtcp2_tstamp t1 = ngtcp2_conn_loss_detection_expiry(conn); + ngtcp2_tstamp t2 = ngtcp2_conn_ack_delay_expiry(conn); + ngtcp2_tstamp t3 = ngtcp2_conn_internal_expiry(conn); + ngtcp2_tstamp res = ngtcp2_min(t1, t2); + return ngtcp2_min(res, t3); +} + +int ngtcp2_conn_handle_expiry(ngtcp2_conn *conn, ngtcp2_tstamp ts) { + int rv; + + ngtcp2_conn_cancel_expired_ack_delay_timer(conn, ts); + + if (ngtcp2_conn_loss_detection_expiry(conn) <= ts) { + rv = ngtcp2_conn_on_loss_detection_timer(conn, ts); + if (rv != 0) { + return rv; + } + } + + return 0; +} + +static void acktr_cancel_expired_ack_delay_timer(ngtcp2_acktr *acktr, + ngtcp2_tstamp ts) { + if (!(acktr->flags & NGTCP2_ACKTR_FLAG_CANCEL_TIMER) && + acktr->first_unacked_ts <= ts) { + acktr->flags |= NGTCP2_ACKTR_FLAG_CANCEL_TIMER; + } +} + +void ngtcp2_conn_cancel_expired_ack_delay_timer(ngtcp2_conn *conn, + ngtcp2_tstamp ts) { + acktr_cancel_expired_ack_delay_timer(&conn->in_pktns.acktr, ts); + acktr_cancel_expired_ack_delay_timer(&conn->hs_pktns.acktr, ts); + acktr_cancel_expired_ack_delay_timer(&conn->pktns.acktr, ts); +} + +/* + * settings_copy_from_transport_params translates + * ngtcp2_transport_params to ngtcp2_settings. + */ +static void +settings_copy_from_transport_params(ngtcp2_settings *dest, + const ngtcp2_transport_params *src) { + dest->max_stream_data_bidi_local = src->initial_max_stream_data_bidi_local; + dest->max_stream_data_bidi_remote = src->initial_max_stream_data_bidi_remote; + dest->max_stream_data_uni = src->initial_max_stream_data_uni; + dest->max_data = src->initial_max_data; + dest->max_streams_bidi = src->initial_max_streams_bidi; + dest->max_streams_uni = src->initial_max_streams_uni; + dest->idle_timeout = src->idle_timeout; + dest->max_packet_size = src->max_packet_size; + dest->stateless_reset_token_present = src->stateless_reset_token_present; + if (src->stateless_reset_token_present) { + memcpy(dest->stateless_reset_token, src->stateless_reset_token, + sizeof(dest->stateless_reset_token)); + } else { + memset(dest->stateless_reset_token, 0, sizeof(dest->stateless_reset_token)); + } + dest->ack_delay_exponent = src->ack_delay_exponent; + dest->disable_migration = src->disable_migration; + dest->max_ack_delay = src->max_ack_delay; + dest->preferred_address_present = src->preferred_address_present; + if (src->preferred_address_present) { + dest->preferred_address = src->preferred_address; + } + dest->active_connection_id_limit = src->active_connection_id_limit; +} + +/* + * transport_params_copy_from_settings translates ngtcp2_settings to + * ngtcp2_transport_params. + */ +static void transport_params_copy_from_settings(ngtcp2_transport_params *dest, + const ngtcp2_settings *src) { + dest->initial_max_stream_data_bidi_local = src->max_stream_data_bidi_local; + dest->initial_max_stream_data_bidi_remote = src->max_stream_data_bidi_remote; + dest->initial_max_stream_data_uni = src->max_stream_data_uni; + dest->initial_max_data = src->max_data; + dest->initial_max_streams_bidi = src->max_streams_bidi; + dest->initial_max_streams_uni = src->max_streams_uni; + dest->idle_timeout = src->idle_timeout; + dest->max_packet_size = src->max_packet_size; + dest->stateless_reset_token_present = src->stateless_reset_token_present; + if (src->stateless_reset_token_present) { + memcpy(dest->stateless_reset_token, src->stateless_reset_token, + sizeof(dest->stateless_reset_token)); + } else { + memset(dest->stateless_reset_token, 0, sizeof(dest->stateless_reset_token)); + } + dest->ack_delay_exponent = src->ack_delay_exponent; + dest->disable_migration = src->disable_migration; + dest->max_ack_delay = src->max_ack_delay; + dest->preferred_address_present = src->preferred_address_present; + if (src->preferred_address_present) { + dest->preferred_address = src->preferred_address; + } + dest->active_connection_id_limit = src->active_connection_id_limit; +} + +/* + * conn_client_validate_transport_params validates |params| as client. + * |params| must be sent with Encrypted Extensions. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_TRANSPORT_PARAM + * Transport parameters are invalid. + */ +static int +conn_client_validate_transport_params(ngtcp2_conn *conn, + const ngtcp2_transport_params *params) { + if (conn->flags & NGTCP2_CONN_FLAG_RECV_RETRY) { + if (!params->original_connection_id_present) { + return NGTCP2_ERR_TRANSPORT_PARAM; + } + if (!ngtcp2_cid_eq(&conn->rcid, ¶ms->original_connection_id)) { + return NGTCP2_ERR_TRANSPORT_PARAM; + } + } + + return 0; +} + +int ngtcp2_conn_set_remote_transport_params( + ngtcp2_conn *conn, const ngtcp2_transport_params *params) { + int rv; + + if (!conn->server) { + rv = conn_client_validate_transport_params(conn, params); + if (rv != 0) { + return rv; + } + } + + ngtcp2_log_remote_tp(&conn->log, + conn->server + ? NGTCP2_TRANSPORT_PARAMS_TYPE_CLIENT_HELLO + : NGTCP2_TRANSPORT_PARAMS_TYPE_ENCRYPTED_EXTENSIONS, + params); + + if (conn->pktns.crypto.rx.ckm) { + settings_copy_from_transport_params(&conn->remote.settings, params); + conn_sync_stream_id_limit(conn); + conn->tx.max_offset = conn->remote.settings.max_data; + } else { + settings_copy_from_transport_params(&conn->remote.pending_settings, params); + } + + conn->flags |= NGTCP2_CONN_FLAG_TRANSPORT_PARAM_RECVED; + + return 0; +} + +void ngtcp2_conn_set_early_remote_transport_params( + ngtcp2_conn *conn, const ngtcp2_transport_params *params) { + ngtcp2_transport_params p; + + memset(&p, 0, sizeof(p)); + + p.initial_max_streams_bidi = params->initial_max_streams_bidi; + p.initial_max_streams_uni = params->initial_max_streams_uni; + p.initial_max_stream_data_bidi_local = + params->initial_max_stream_data_bidi_local; + p.initial_max_stream_data_bidi_remote = + params->initial_max_stream_data_bidi_remote; + p.initial_max_stream_data_uni = params->initial_max_stream_data_uni; + p.initial_max_data = params->initial_max_data; + + settings_copy_from_transport_params(&conn->remote.settings, &p); + conn_sync_stream_id_limit(conn); + + conn->tx.max_offset = conn->remote.settings.max_data; +} + +void ngtcp2_conn_get_local_transport_params(ngtcp2_conn *conn, + ngtcp2_transport_params *params) { + transport_params_copy_from_settings(params, &conn->local.settings); + if (conn->server && (conn->flags & NGTCP2_CONN_FLAG_OCID_PRESENT)) { + ngtcp2_cid_init(¶ms->original_connection_id, conn->ocid.data, + conn->ocid.datalen); + params->original_connection_id_present = 1; + } else { + params->original_connection_id_present = 0; + } +} + +int ngtcp2_conn_open_bidi_stream(ngtcp2_conn *conn, int64_t *pstream_id, + void *stream_user_data) { + int rv; + ngtcp2_strm *strm; + + if (ngtcp2_ord_stream_id(conn->local.bidi.next_stream_id) > + conn->local.bidi.max_streams) { + return NGTCP2_ERR_STREAM_ID_BLOCKED; + } + + strm = ngtcp2_mem_malloc(conn->mem, sizeof(ngtcp2_strm)); + if (strm == NULL) { + return NGTCP2_ERR_NOMEM; + } + + rv = ngtcp2_conn_init_stream(conn, strm, conn->local.bidi.next_stream_id, + stream_user_data); + if (rv != 0) { + ngtcp2_mem_free(conn->mem, strm); + return rv; + } + + *pstream_id = conn->local.bidi.next_stream_id; + conn->local.bidi.next_stream_id += 4; + + return 0; +} + +int ngtcp2_conn_open_uni_stream(ngtcp2_conn *conn, int64_t *pstream_id, + void *stream_user_data) { + int rv; + ngtcp2_strm *strm; + + if (ngtcp2_ord_stream_id(conn->local.uni.next_stream_id) > + conn->local.uni.max_streams) { + return NGTCP2_ERR_STREAM_ID_BLOCKED; + } + + strm = ngtcp2_mem_malloc(conn->mem, sizeof(ngtcp2_strm)); + if (strm == NULL) { + return NGTCP2_ERR_NOMEM; + } + + rv = ngtcp2_conn_init_stream(conn, strm, conn->local.uni.next_stream_id, + stream_user_data); + if (rv != 0) { + ngtcp2_mem_free(conn->mem, strm); + return rv; + } + ngtcp2_strm_shutdown(strm, NGTCP2_STRM_FLAG_SHUT_RD); + + *pstream_id = conn->local.uni.next_stream_id; + conn->local.uni.next_stream_id += 4; + + return 0; +} + +ngtcp2_strm *ngtcp2_conn_find_stream(ngtcp2_conn *conn, int64_t stream_id) { + ngtcp2_map_entry *me; + + me = ngtcp2_map_find(&conn->strms, (uint64_t)stream_id); + if (me == NULL) { + return NULL; + } + + return ngtcp2_struct_of(me, ngtcp2_strm, me); +} + +ssize_t ngtcp2_conn_write_stream(ngtcp2_conn *conn, ngtcp2_path *path, + uint8_t *dest, size_t destlen, + ssize_t *pdatalen, uint32_t flags, + int64_t stream_id, int fin, + const uint8_t *data, size_t datalen, + ngtcp2_tstamp ts) { + ngtcp2_vec datav; + + datav.len = datalen; + datav.base = (uint8_t *)data; + + return ngtcp2_conn_writev_stream(conn, path, dest, destlen, pdatalen, flags, + stream_id, fin, &datav, 1, ts); +} + +ssize_t ngtcp2_conn_writev_stream(ngtcp2_conn *conn, ngtcp2_path *path, + uint8_t *dest, size_t destlen, + ssize_t *pdatalen, uint32_t flags, + int64_t stream_id, int fin, + const ngtcp2_vec *datav, size_t datavcnt, + ngtcp2_tstamp ts) { + ngtcp2_strm *strm = NULL; + ssize_t nwrite; + uint64_t cwnd; + ngtcp2_pktns *pktns = &conn->pktns; + size_t origlen = destlen; + size_t server_hs_tx_left; + ngtcp2_rcvry_stat *rcs = &conn->rcs; + int rv; + uint8_t wflags = NGTCP2_WRITE_PKT_FLAG_NONE; + int ppe_pending = (conn->flags & NGTCP2_CONN_FLAG_PPE_PENDING) != 0; + + conn->log.last_ts = ts; + + if (pdatalen) { + *pdatalen = -1; + } + + switch (conn->state) { + case NGTCP2_CS_CLIENT_INITIAL: + case NGTCP2_CS_CLIENT_WAIT_HANDSHAKE: + case NGTCP2_CS_CLIENT_TLS_HANDSHAKE_FAILED: + if (path) { + ngtcp2_path_copy(path, &conn->dcid.current.ps.path); + } + return ngtcp2_conn_client_write_handshake(conn, dest, destlen, pdatalen, + flags, stream_id, fin, datav, + datavcnt, ts); + case NGTCP2_CS_SERVER_INITIAL: + case NGTCP2_CS_SERVER_WAIT_HANDSHAKE: + case NGTCP2_CS_SERVER_TLS_HANDSHAKE_FAILED: + if (path) { + ngtcp2_path_copy(path, &conn->dcid.current.ps.path); + } + if (!ppe_pending) { + nwrite = ngtcp2_conn_write_handshake(conn, dest, destlen, ts); + if (nwrite) { + return nwrite; + } + } + if (conn->state != NGTCP2_CS_POST_HANDSHAKE && + conn->pktns.crypto.tx.ckm == NULL) { + return 0; + } + break; + case NGTCP2_CS_POST_HANDSHAKE: + break; + case NGTCP2_CS_CLOSING: + return NGTCP2_ERR_CLOSING; + case NGTCP2_CS_DRAINING: + return NGTCP2_ERR_DRAINING; + default: + return 0; + } + + if (conn_check_pkt_num_exhausted(conn)) { + return NGTCP2_ERR_PKT_NUM_EXHAUSTED; + } + + rv = conn_remove_retired_connection_id(conn, ts); + if (rv != 0) { + return rv; + } + + if (stream_id != -1) { + strm = ngtcp2_conn_find_stream(conn, stream_id); + if (strm == NULL) { + return NGTCP2_ERR_STREAM_NOT_FOUND; + } + + if (strm->flags & NGTCP2_STRM_FLAG_SHUT_WR) { + return NGTCP2_ERR_STREAM_SHUT_WR; + } + } + + if (path) { + ngtcp2_path_copy(path, &conn->dcid.current.ps.path); + } + + if (!ppe_pending && conn->pv) { + nwrite = conn_write_path_challenge(conn, path, dest, destlen, ts); + if (nwrite) { + return nwrite; + } + } + + cwnd = conn_cwnd_left(conn); + destlen = ngtcp2_min(destlen, cwnd); + + if (conn->server) { + server_hs_tx_left = conn_server_hs_tx_left(conn); + if (server_hs_tx_left == 0) { + assert(!ppe_pending); + if (rcs->loss_detection_timer) { + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_RCV, + "loss detection timer canceled"); + rcs->loss_detection_timer = 0; + } + return 0; + } + destlen = ngtcp2_min(destlen, server_hs_tx_left); + } + + if (!ppe_pending) { + if (conn_handshake_remnants_left(conn)) { + nwrite = conn_write_handshake_pkts(conn, dest, destlen, 0, ts); + if (nwrite) { + return nwrite; + } + } + nwrite = conn_write_handshake_ack_pkts(conn, dest, origlen, ts); + if (nwrite) { + return nwrite; + } + } + + if (flags & NGTCP2_WRITE_STREAM_FLAG_MORE) { + wflags |= NGTCP2_WRITE_PKT_FLAG_STREAM_MORE; + } + + assert(pktns->crypto.tx.ckm); + + if (ppe_pending) { + return conn_write_pkt(conn, dest, destlen, pdatalen, NGTCP2_PKT_SHORT, strm, + fin, datav, datavcnt, wflags, ts); + } + + if (conn->rcs.probe_pkt_left) { + return conn_write_probe_pkt(conn, dest, origlen, pdatalen, strm, fin, datav, + datavcnt, ts); + } + + nwrite = conn_write_pkt(conn, dest, destlen, pdatalen, NGTCP2_PKT_SHORT, strm, + fin, datav, datavcnt, wflags, ts); + if (nwrite < 0) { + assert(nwrite != NGTCP2_ERR_NOBUF); + return nwrite; + } + if (!ppe_pending && nwrite == 0) { + return conn_write_protected_ack_pkt(conn, dest, origlen, ts); + } + return nwrite; +} + +ssize_t ngtcp2_conn_write_connection_close(ngtcp2_conn *conn, ngtcp2_path *path, + uint8_t *dest, size_t destlen, + uint64_t error_code, + ngtcp2_tstamp ts) { + ssize_t res, nwrite; + ngtcp2_frame fr; + uint8_t pkt_type; + + conn->log.last_ts = ts; + + if (conn_check_pkt_num_exhausted(conn)) { + return NGTCP2_ERR_PKT_NUM_EXHAUSTED; + } + + switch (conn->state) { + case NGTCP2_CS_CLOSING: + case NGTCP2_CS_DRAINING: + return NGTCP2_ERR_INVALID_STATE; + } + + if (path) { + ngtcp2_path_copy(path, &conn->dcid.current.ps.path); + } + + fr.type = NGTCP2_FRAME_CONNECTION_CLOSE; + fr.connection_close.error_code = error_code; + fr.connection_close.frame_type = 0; + fr.connection_close.reasonlen = 0; + fr.connection_close.reason = NULL; + + if (conn->state == NGTCP2_CS_POST_HANDSHAKE) { + pkt_type = NGTCP2_PKT_SHORT; + } else if (conn->hs_pktns.crypto.tx.ckm) { + pkt_type = NGTCP2_PKT_HANDSHAKE; + } else if (conn->in_pktns.crypto.tx.ckm) { + pkt_type = NGTCP2_PKT_INITIAL; + } else { + /* This branch is taken if server has not read any Initial packet + from client. */ + return NGTCP2_ERR_INVALID_STATE; + } + + nwrite = conn_write_single_frame_pkt(conn, dest, destlen, pkt_type, + &conn->dcid.current.cid, &fr, + NGTCP2_RTB_FLAG_NONE, ts); + + if (nwrite <= 0) { + return nwrite; + } + + res = nwrite; + + if (conn->server && pkt_type == NGTCP2_PKT_HANDSHAKE && + conn->in_pktns.crypto.tx.ckm) { + nwrite = conn_write_single_frame_pkt( + conn, dest + nwrite, destlen - (size_t)nwrite, NGTCP2_PKT_INITIAL, + &conn->dcid.current.cid, &fr, NGTCP2_RTB_FLAG_NONE, ts); + if (nwrite < 0) { + return nwrite; + } + res += nwrite; + } + + conn->state = NGTCP2_CS_CLOSING; + + return res; +} + +ssize_t ngtcp2_conn_write_application_close(ngtcp2_conn *conn, + ngtcp2_path *path, uint8_t *dest, + size_t destlen, + uint64_t app_error_code, + ngtcp2_tstamp ts) { + ssize_t nwrite; + ngtcp2_frame fr; + + conn->log.last_ts = ts; + + if (conn_check_pkt_num_exhausted(conn)) { + return NGTCP2_ERR_PKT_NUM_EXHAUSTED; + } + + switch (conn->state) { + case NGTCP2_CS_POST_HANDSHAKE: + break; + default: + return NGTCP2_ERR_INVALID_STATE; + } + + if (path) { + ngtcp2_path_copy(path, &conn->dcid.current.ps.path); + } + + fr.type = NGTCP2_FRAME_CONNECTION_CLOSE_APP; + fr.connection_close.error_code = app_error_code; + fr.connection_close.frame_type = 0; + fr.connection_close.reasonlen = 0; + fr.connection_close.reason = NULL; + + nwrite = conn_write_single_frame_pkt(conn, dest, destlen, NGTCP2_PKT_SHORT, + &conn->dcid.current.cid, &fr, + NGTCP2_RTB_FLAG_NONE, ts); + + if (nwrite > 0) { + conn->state = NGTCP2_CS_CLOSING; + } + + return nwrite; +} + +int ngtcp2_conn_is_in_closing_period(ngtcp2_conn *conn) { + return conn->state == NGTCP2_CS_CLOSING; +} + +int ngtcp2_conn_is_in_draining_period(ngtcp2_conn *conn) { + return conn->state == NGTCP2_CS_DRAINING; +} + +int ngtcp2_conn_close_stream(ngtcp2_conn *conn, ngtcp2_strm *strm, + uint64_t app_error_code) { + int rv; + + if (!strm->app_error_code) { + app_error_code = strm->app_error_code; + } + + rv = ngtcp2_map_remove(&conn->strms, strm->me.key); + if (rv != 0) { + assert(rv != NGTCP2_ERR_INVALID_ARGUMENT); + return rv; + } + + rv = conn_call_stream_close(conn, strm, app_error_code); + if (rv != 0) { + goto fin; + } + + if (!conn_local_stream(conn, strm->stream_id)) { + if (bidi_stream(strm->stream_id)) { + handle_max_remote_streams_extension( + &conn->remote.bidi.unsent_max_streams); + } else { + handle_max_remote_streams_extension(&conn->remote.uni.unsent_max_streams); + } + } + + if (ngtcp2_strm_is_tx_queued(strm)) { + ngtcp2_pq_remove(&conn->tx.strmq, &strm->pe); + } + +fin: + ngtcp2_strm_free(strm); + ngtcp2_mem_free(conn->mem, strm); + + return rv; +} + +int ngtcp2_conn_close_stream_if_shut_rdwr(ngtcp2_conn *conn, ngtcp2_strm *strm, + uint64_t app_error_code) { + if ((strm->flags & NGTCP2_STRM_FLAG_SHUT_RDWR) == + NGTCP2_STRM_FLAG_SHUT_RDWR && + ((strm->flags & NGTCP2_STRM_FLAG_RECV_RST) || + ngtcp2_rob_first_gap_offset(&strm->rx.rob) == strm->rx.last_offset) && + (((strm->flags & NGTCP2_STRM_FLAG_SENT_RST) && + (strm->flags & NGTCP2_STRM_FLAG_RST_ACKED)) || + (!(strm->flags & NGTCP2_STRM_FLAG_SENT_RST) && + ngtcp2_strm_is_all_tx_data_acked(strm)))) { + return ngtcp2_conn_close_stream(conn, strm, app_error_code); + } + return 0; +} + +/* + * conn_shutdown_stream_write closes send stream with error code + * |app_error_code|. RESET_STREAM frame is scheduled. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +static int conn_shutdown_stream_write(ngtcp2_conn *conn, ngtcp2_strm *strm, + uint64_t app_error_code) { + if (strm->flags & NGTCP2_STRM_FLAG_SENT_RST) { + return 0; + } + + /* Set this flag so that we don't accidentally send DATA to this + stream. */ + strm->flags |= NGTCP2_STRM_FLAG_SHUT_WR | NGTCP2_STRM_FLAG_SENT_RST; + strm->app_error_code = app_error_code; + + ngtcp2_strm_streamfrq_clear(strm); + + return conn_reset_stream(conn, strm, app_error_code); +} + +/* + * conn_shutdown_stream_read closes read stream with error code + * |app_error_code|. STOP_SENDING frame is scheduled. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +static int conn_shutdown_stream_read(ngtcp2_conn *conn, ngtcp2_strm *strm, + uint64_t app_error_code) { + if (strm->flags & NGTCP2_STRM_FLAG_STOP_SENDING) { + return 0; + } + if ((strm->flags & NGTCP2_STRM_FLAG_SHUT_RD) && + ngtcp2_strm_rx_offset(strm) == strm->rx.last_offset) { + return 0; + } + + /* Extend connection flow control window for the amount of data + which are not passed to application. */ + if (!(strm->flags & + (NGTCP2_STRM_FLAG_STOP_SENDING | NGTCP2_STRM_FLAG_RECV_RST))) { + ngtcp2_conn_extend_max_offset(conn, strm->rx.last_offset - + ngtcp2_strm_rx_offset(strm)); + } + + strm->flags |= NGTCP2_STRM_FLAG_STOP_SENDING; + strm->app_error_code = app_error_code; + + return conn_stop_sending(conn, strm, app_error_code); +} + +int ngtcp2_conn_shutdown_stream(ngtcp2_conn *conn, int64_t stream_id, + uint64_t app_error_code) { + int rv; + ngtcp2_strm *strm; + + strm = ngtcp2_conn_find_stream(conn, stream_id); + if (strm == NULL) { + return NGTCP2_ERR_STREAM_NOT_FOUND; + } + + rv = conn_shutdown_stream_read(conn, strm, app_error_code); + if (rv != 0) { + return rv; + } + + rv = conn_shutdown_stream_write(conn, strm, app_error_code); + if (rv != 0) { + return rv; + } + + return 0; +} + +int ngtcp2_conn_shutdown_stream_write(ngtcp2_conn *conn, int64_t stream_id, + uint64_t app_error_code) { + ngtcp2_strm *strm; + + strm = ngtcp2_conn_find_stream(conn, stream_id); + if (strm == NULL) { + return NGTCP2_ERR_STREAM_NOT_FOUND; + } + + return conn_shutdown_stream_write(conn, strm, app_error_code); +} + +int ngtcp2_conn_shutdown_stream_read(ngtcp2_conn *conn, int64_t stream_id, + uint64_t app_error_code) { + ngtcp2_strm *strm; + + strm = ngtcp2_conn_find_stream(conn, stream_id); + if (strm == NULL) { + return NGTCP2_ERR_STREAM_NOT_FOUND; + } + + return conn_shutdown_stream_read(conn, strm, app_error_code); +} + +/* + * conn_extend_max_stream_offset extends stream level flow control + * window by |datalen| of the stream denoted by |strm|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +static int conn_extend_max_stream_offset(ngtcp2_conn *conn, ngtcp2_strm *strm, + size_t datalen) { + ngtcp2_strm *top; + + if (strm->rx.unsent_max_offset <= NGTCP2_MAX_VARINT - datalen) { + strm->rx.unsent_max_offset += datalen; + } + + if (!(strm->flags & + (NGTCP2_STRM_FLAG_SHUT_RD | NGTCP2_STRM_FLAG_STOP_SENDING)) && + !ngtcp2_strm_is_tx_queued(strm) && + conn_should_send_max_stream_data(conn, strm)) { + if (!ngtcp2_pq_empty(&conn->tx.strmq)) { + top = ngtcp2_conn_tx_strmq_top(conn); + strm->cycle = top->cycle; + } + return ngtcp2_conn_tx_strmq_push(conn, strm); + } + + return 0; +} + +int ngtcp2_conn_extend_max_stream_offset(ngtcp2_conn *conn, int64_t stream_id, + size_t datalen) { + ngtcp2_strm *strm; + + strm = ngtcp2_conn_find_stream(conn, stream_id); + if (strm == NULL) { + return NGTCP2_ERR_STREAM_NOT_FOUND; + } + + return conn_extend_max_stream_offset(conn, strm, datalen); +} + +void ngtcp2_conn_extend_max_offset(ngtcp2_conn *conn, size_t datalen) { + if (NGTCP2_MAX_VARINT < (uint64_t)datalen || + conn->rx.unsent_max_offset > NGTCP2_MAX_VARINT - datalen) { + conn->rx.unsent_max_offset = NGTCP2_MAX_VARINT; + return; + } + + conn->rx.unsent_max_offset += datalen; +} + +size_t ngtcp2_conn_get_bytes_in_flight(ngtcp2_conn *conn) { + return conn->ccs.bytes_in_flight; +} + +const ngtcp2_cid *ngtcp2_conn_get_dcid(ngtcp2_conn *conn) { + return &conn->dcid.current.cid; +} + +uint32_t ngtcp2_conn_get_negotiated_version(ngtcp2_conn *conn) { + return conn->version; +} + +int ngtcp2_conn_early_data_rejected(ngtcp2_conn *conn) { + ngtcp2_pktns *pktns = &conn->pktns; + ngtcp2_rtb *rtb = &conn->pktns.rtb; + ngtcp2_frame_chain *frc = NULL; + int rv; + + conn->flags |= NGTCP2_CONN_FLAG_EARLY_DATA_REJECTED; + + ngtcp2_rtb_remove_all(rtb, &frc); + + rv = conn_resched_frames(conn, pktns, &frc); + if (rv != 0) { + assert(ngtcp2_err_is_fatal(rv)); + ngtcp2_frame_chain_list_del(frc, conn->mem); + return rv; + } + + return rv; +} + +void ngtcp2_conn_update_rtt(ngtcp2_conn *conn, uint64_t rtt, + uint64_t ack_delay) { + ngtcp2_rcvry_stat *rcs = &conn->rcs; + + rcs->latest_rtt = rtt; + + if (rcs->smoothed_rtt < 1e-9) { + rcs->min_rtt = rtt; + rcs->smoothed_rtt = (double)rtt; + rcs->rttvar = (double)rtt / 2; + return; + } + + rcs->min_rtt = ngtcp2_min(rcs->min_rtt, rtt); + if (conn->flags & NGTCP2_CONN_FLAG_HANDSHAKE_COMPLETED) { + ack_delay = ngtcp2_min(ack_delay, conn->remote.settings.max_ack_delay); + } else { + ack_delay = ngtcp2_min(ack_delay, NGTCP2_DEFAULT_MAX_ACK_DELAY); + } + if (rtt > rcs->min_rtt + ack_delay) { + rtt -= ack_delay; + } + + rcs->rttvar = rcs->rttvar * 3 / 4 + fabs(rcs->smoothed_rtt - (double)rtt) / 4; + rcs->smoothed_rtt = rcs->smoothed_rtt * 7 / 8 + (double)rtt / 8; + + ngtcp2_log_info( + &conn->log, NGTCP2_LOG_EVENT_RCV, + "latest_rtt=%" PRIu64 " min_rtt=%" PRIu64 + " smoothed_rtt=%.3f rttvar=%.3f ack_delay=%" PRIu64, + rcs->latest_rtt / NGTCP2_MILLISECONDS, rcs->min_rtt / NGTCP2_MILLISECONDS, + rcs->smoothed_rtt / NGTCP2_MILLISECONDS, + rcs->rttvar / NGTCP2_MILLISECONDS, ack_delay / NGTCP2_MILLISECONDS); +} + +void ngtcp2_conn_get_rcvry_stat(ngtcp2_conn *conn, ngtcp2_rcvry_stat *rcs) { + *rcs = conn->rcs; +} + +static ngtcp2_pktns *conn_get_earliest_loss_time_pktns(ngtcp2_conn *conn) { + ngtcp2_pktns *in_pktns = &conn->in_pktns; + ngtcp2_pktns *hs_pktns = &conn->hs_pktns; + ngtcp2_pktns *pktns = &conn->pktns; + ngtcp2_pktns *res = in_pktns; + + if (res->rtb.loss_time == 0 || + (hs_pktns->rtb.loss_time && + hs_pktns->rtb.loss_time < res->rtb.loss_time)) { + res = hs_pktns; + } + if (res->rtb.loss_time == 0 || + (pktns->rtb.loss_time && pktns->rtb.loss_time < res->rtb.loss_time)) { + res = pktns; + } + + return res; +} + +void ngtcp2_conn_set_loss_detection_timer(ngtcp2_conn *conn) { + ngtcp2_rcvry_stat *rcs = &conn->rcs; + ngtcp2_duration timeout; + ngtcp2_pktns *in_pktns = &conn->in_pktns; + ngtcp2_pktns *hs_pktns = &conn->hs_pktns; + ngtcp2_pktns *pktns = &conn->pktns; + ngtcp2_pktns *loss_pktns = conn_get_earliest_loss_time_pktns(conn); + + if (loss_pktns->rtb.loss_time) { + rcs->loss_detection_timer = loss_pktns->rtb.loss_time; + + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_RCV, + "loss_detection_timer=%" PRIu64 " nonzero crypto loss time", + rcs->loss_detection_timer); + return; + } + + if (ngtcp2_rtb_num_ack_eliciting(&in_pktns->rtb) || + ngtcp2_rtb_num_ack_eliciting(&hs_pktns->rtb) || + (!conn->server && !conn->pktns.crypto.tx.ckm)) { + if (rcs->smoothed_rtt < 1e-09) { + timeout = 2 * NGTCP2_DEFAULT_INITIAL_RTT; + } else { + timeout = (ngtcp2_duration)(2 * rcs->smoothed_rtt); + } + + timeout = ngtcp2_max(timeout, NGTCP2_GRANULARITY); + timeout *= 1ULL << rcs->crypto_count; + + rcs->loss_detection_timer = rcs->last_hs_tx_pkt_ts + timeout; + + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_RCV, + "loss_detection_timer=%" PRIu64 + " last_hs_tx_pkt_ts=%" PRIu64 " timeout=%" PRIu64, + rcs->loss_detection_timer, rcs->last_hs_tx_pkt_ts, + timeout / NGTCP2_MILLISECONDS); + return; + } + + if (ngtcp2_rtb_num_ack_eliciting(&pktns->rtb) == 0) { + if (rcs->loss_detection_timer) { + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_RCV, + "loss detection timer canceled"); + rcs->loss_detection_timer = 0; + } + return; + } + + rcs->loss_detection_timer = rcs->last_tx_pkt_ts + conn_compute_pto(conn); +} + +/* + * conn_handshake_pkt_lost is called when handshake packets which + * belong to |pktns| are lost. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +static int conn_on_crypto_timeout(ngtcp2_conn *conn, ngtcp2_pktns *pktns) { + ngtcp2_frame_chain *frc = NULL; + int rv; + + rv = ngtcp2_rtb_on_crypto_timeout(&pktns->rtb, &frc); + if (rv != 0) { + assert(ngtcp2_err_is_fatal(rv)); + ngtcp2_frame_chain_list_del(frc, conn->mem); + return rv; + } + + rv = conn_resched_frames(conn, pktns, &frc); + if (rv != 0) { + ngtcp2_frame_chain_list_del(frc, conn->mem); + return rv; + } + + return 0; +} + +int ngtcp2_conn_on_loss_detection_timer(ngtcp2_conn *conn, ngtcp2_tstamp ts) { + ngtcp2_rcvry_stat *rcs = &conn->rcs; + int rv; + ngtcp2_pktns *in_pktns = &conn->in_pktns; + ngtcp2_pktns *hs_pktns = &conn->hs_pktns; + ngtcp2_pktns *loss_pktns = conn_get_earliest_loss_time_pktns(conn); + + conn->log.last_ts = ts; + + switch (conn->state) { + case NGTCP2_CS_CLOSING: + case NGTCP2_CS_DRAINING: + rcs->loss_detection_timer = 0; + return 0; + } + + if (!rcs->loss_detection_timer) { + return 0; + } + + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_RCV, + "loss detection timer fired"); + + if (loss_pktns->rtb.loss_time) { + rv = ngtcp2_conn_detect_lost_pkt(conn, loss_pktns, rcs, ts); + if (rv != 0) { + return rv; + } + } else if (ngtcp2_rtb_num_ack_eliciting(&in_pktns->rtb) || + ngtcp2_rtb_num_ack_eliciting(&hs_pktns->rtb)) { + rv = conn_on_crypto_timeout(conn, in_pktns); + if (rv != 0) { + return rv; + } + rv = conn_on_crypto_timeout(conn, hs_pktns); + if (rv != 0) { + return rv; + } + if (!conn->server && !conn->hs_pktns.crypto.tx.ckm) { + conn->flags |= NGTCP2_CONN_FLAG_FORCE_SEND_HANDSHAKE; + } + ++rcs->crypto_count; + } else if (!conn->server && !conn->pktns.crypto.tx.ckm) { + conn->flags |= NGTCP2_CONN_FLAG_FORCE_SEND_HANDSHAKE; + ++rcs->crypto_count; + } else { + rcs->probe_pkt_left = 2; + ++rcs->pto_count; + } + + ngtcp2_log_info(&conn->log, NGTCP2_LOG_EVENT_RCV, + "crypto_count=%zu pto_count=%zu", rcs->crypto_count, + rcs->pto_count); + + ngtcp2_conn_set_loss_detection_timer(conn); + + return 0; +} + +int ngtcp2_conn_submit_crypto_data(ngtcp2_conn *conn, + ngtcp2_crypto_level crypto_level, + const uint8_t *data, const size_t datalen) { + ngtcp2_pktns *pktns; + ngtcp2_frame_chain *frc; + ngtcp2_crypto *fr; + ngtcp2_ksl_key key; + int rv; + + if (datalen == 0) { + return 0; + } + + switch (crypto_level) { + case NGTCP2_CRYPTO_LEVEL_INITIAL: + pktns = &conn->in_pktns; + break; + case NGTCP2_CRYPTO_LEVEL_HANDSHAKE: + pktns = &conn->hs_pktns; + break; + case NGTCP2_CRYPTO_LEVEL_APP: + pktns = &conn->pktns; + break; + default: + return NGTCP2_ERR_INVALID_ARGUMENT; + } + + rv = ngtcp2_frame_chain_new(&frc, conn->mem); + if (rv != 0) { + return rv; + } + + fr = &frc->fr.crypto; + + fr->type = NGTCP2_FRAME_CRYPTO; + fr->offset = pktns->crypto.tx.offset; + fr->datacnt = 1; + fr->data[0].len = datalen; + fr->data[0].base = (uint8_t *)data; + + rv = ngtcp2_ksl_insert(&pktns->crypto.tx.frq, NULL, + ngtcp2_ksl_key_ptr(&key, &fr->offset), frc); + if (rv != 0) { + ngtcp2_frame_chain_del(frc, conn->mem); + return rv; + } + + pktns->crypto.strm.tx.offset += datalen; + pktns->crypto.tx.offset += datalen; + + return 0; +} + +void ngtcp2_conn_set_retry_ocid(ngtcp2_conn *conn, const ngtcp2_cid *ocid) { + assert(conn->server); + + conn->flags |= NGTCP2_CONN_FLAG_OCID_PRESENT; + conn->ocid = *ocid; +} + +ngtcp2_strm *ngtcp2_conn_tx_strmq_top(ngtcp2_conn *conn) { + assert(!ngtcp2_pq_empty(&conn->tx.strmq)); + return ngtcp2_struct_of(ngtcp2_pq_top(&conn->tx.strmq), ngtcp2_strm, pe); +} + +void ngtcp2_conn_tx_strmq_pop(ngtcp2_conn *conn) { + ngtcp2_strm *strm = ngtcp2_conn_tx_strmq_top(conn); + assert(strm); + ngtcp2_pq_pop(&conn->tx.strmq); + strm->pe.index = NGTCP2_PQ_BAD_INDEX; +} + +int ngtcp2_conn_tx_strmq_push(ngtcp2_conn *conn, ngtcp2_strm *strm) { + return ngtcp2_pq_push(&conn->tx.strmq, &strm->pe); +} + +size_t ngtcp2_conn_get_num_scid(ngtcp2_conn *conn) { + return ngtcp2_ksl_len(&conn->scid.set); +} + +size_t ngtcp2_conn_get_scid(ngtcp2_conn *conn, ngtcp2_cid *dest) { + ngtcp2_ksl_it it; + ngtcp2_scid *scid; + + for (it = ngtcp2_ksl_begin(&conn->scid.set); !ngtcp2_ksl_it_end(&it); + ngtcp2_ksl_it_next(&it)) { + scid = ngtcp2_ksl_it_get(&it); + *dest++ = scid->cid; + } + + return ngtcp2_ksl_len(&conn->scid.set); +} + +void ngtcp2_conn_set_local_addr(ngtcp2_conn *conn, const ngtcp2_addr *addr) { + ngtcp2_addr *dest = &conn->dcid.current.ps.path.local; + + assert(addr->addrlen <= sizeof(conn->dcid.current.ps.local_addrbuf)); + ngtcp2_addr_copy(dest, addr); +} + +void ngtcp2_conn_set_remote_addr(ngtcp2_conn *conn, const ngtcp2_addr *addr) { + ngtcp2_addr *dest = &conn->dcid.current.ps.path.remote; + + assert(addr->addrlen <= sizeof(conn->dcid.current.ps.remote_addrbuf)); + ngtcp2_addr_copy(dest, addr); +} + +const ngtcp2_addr *ngtcp2_conn_get_remote_addr(ngtcp2_conn *conn) { + return &conn->dcid.current.ps.path.remote; +} + +int ngtcp2_conn_initiate_migration(ngtcp2_conn *conn, const ngtcp2_path *path, + ngtcp2_tstamp ts) { + int rv; + ngtcp2_dcid *dcid; + + assert(!conn->server); + + conn->log.last_ts = ts; + + if (conn->remote.settings.disable_migration) { + return NGTCP2_ERR_INVALID_STATE; + } + if (ngtcp2_ringbuf_len(&conn->dcid.unused) == 0) { + return NGTCP2_ERR_CONN_ID_BLOCKED; + } + + if (ngtcp2_path_eq(&conn->dcid.current.ps.path, path)) { + return NGTCP2_ERR_INVALID_ARGUMENT; + } + + dcid = ngtcp2_ringbuf_get(&conn->dcid.unused, 0); + + rv = conn_stop_pv(conn, ts); + if (rv != 0) { + return rv; + } + + rv = conn_retire_dcid(conn, &conn->dcid.current, ts); + if (rv != 0) { + return rv; + } + + ngtcp2_dcid_copy(&conn->dcid.current, dcid); + ngtcp2_path_copy(&conn->dcid.current.ps.path, path); + ngtcp2_ringbuf_pop_front(&conn->dcid.unused); + + conn_reset_congestion_state(conn); + + return 0; +} + +uint64_t ngtcp2_conn_get_max_local_streams_uni(ngtcp2_conn *conn) { + return conn->local.uni.max_streams; +} + +uint64_t ngtcp2_conn_get_max_data_left(ngtcp2_conn *conn) { + return conn->tx.max_offset - conn->tx.offset; +} + +ngtcp2_duration ngtcp2_conn_get_idle_timeout(ngtcp2_conn *conn) { + ngtcp2_duration trpto; + + if (conn->local.settings.idle_timeout == 0) { + return UINT64_MAX; + } + + trpto = 3 * conn_compute_pto(conn); + + return ngtcp2_max(conn->local.settings.idle_timeout * NGTCP2_MILLISECONDS, + trpto); +} + +ngtcp2_duration ngtcp2_conn_get_pto(ngtcp2_conn *conn) { + return conn_compute_pto(conn); +} + +void ngtcp2_path_challenge_entry_init(ngtcp2_path_challenge_entry *pcent, + const uint8_t *data) { + memcpy(pcent->data, data, sizeof(pcent->data)); +} + +void ngtcp2_settings_default(ngtcp2_settings *settings) { + memset(settings, 0, sizeof(*settings)); + settings->max_packet_size = NGTCP2_MAX_PKT_SIZE; + settings->ack_delay_exponent = NGTCP2_DEFAULT_ACK_DELAY_EXPONENT; + settings->max_ack_delay = NGTCP2_DEFAULT_MAX_ACK_DELAY; +} diff --git a/deps/ngtcp2/lib/ngtcp2_conn.h b/deps/ngtcp2/lib/ngtcp2_conn.h new file mode 100644 index 0000000000..558df834e8 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_conn.h @@ -0,0 +1,691 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGTCP2_CONN_H +#define NGTCP2_CONN_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include "ngtcp2_mem.h" +#include "ngtcp2_crypto.h" +#include "ngtcp2_acktr.h" +#include "ngtcp2_rtb.h" +#include "ngtcp2_strm.h" +#include "ngtcp2_mem.h" +#include "ngtcp2_idtr.h" +#include "ngtcp2_str.h" +#include "ngtcp2_pkt.h" +#include "ngtcp2_log.h" +#include "ngtcp2_pq.h" +#include "ngtcp2_cc.h" +#include "ngtcp2_pv.h" +#include "ngtcp2_cid.h" +#include "ngtcp2_buf.h" +#include "ngtcp2_ppe.h" + +typedef enum { + /* Client specific handshake states */ + NGTCP2_CS_CLIENT_INITIAL, + NGTCP2_CS_CLIENT_WAIT_HANDSHAKE, + NGTCP2_CS_CLIENT_TLS_HANDSHAKE_FAILED, + /* Server specific handshake states */ + NGTCP2_CS_SERVER_INITIAL, + NGTCP2_CS_SERVER_WAIT_HANDSHAKE, + NGTCP2_CS_SERVER_TLS_HANDSHAKE_FAILED, + /* Shared by both client and server */ + NGTCP2_CS_POST_HANDSHAKE, + NGTCP2_CS_CLOSING, + NGTCP2_CS_DRAINING, +} ngtcp2_conn_state; + +/* NGTCP2_MAX_STREAMS is the maximum number of streams. */ +#define NGTCP2_MAX_STREAMS (1LL << 60) + +/* NGTCP2_MAX_NUM_BUFFED_RX_PKTS is the maximum number of buffered + reordered packets. */ +#define NGTCP2_MAX_NUM_BUFFED_RX_PKTS 16 + +/* NGTCP2_MAX_REORDERED_CRYPTO_DATA is the maximum offset of crypto + data which is not continuous. In other words, there is a gap of + unreceived data. */ +#define NGTCP2_MAX_REORDERED_CRYPTO_DATA 65536 + +/* NGTCP2_PKT_THRESHOLD is kPacketThreshold described in + draft-ietf-quic-recovery-22. */ +#define NGTCP2_PKT_THRESHOLD 3 + +/* NGTCP2_GRANULARITY is kGranularity described in + draft-ietf-quic-recovery-17. */ +#define NGTCP2_GRANULARITY NGTCP2_MILLISECONDS + +#define NGTCP2_DEFAULT_INITIAL_RTT (500 * NGTCP2_MILLISECONDS) + +/* NGTCP2_MAX_RX_INITIAL_CRYPTO_DATA is the maximum offset of received + crypto stream in Initial packet. We set this hard limit here + because crypto stream is unbounded. */ +#define NGTCP2_MAX_RX_INITIAL_CRYPTO_DATA 65536 +/* NGTCP2_MAX_RX_HANDSHAKE_CRYPTO_DATA is the maximum offset of + received crypto stream in Handshake packet. We set this hard limit + here because crypto stream is unbounded. */ +#define NGTCP2_MAX_RX_HANDSHAKE_CRYPTO_DATA 65536 + +/* NGTCP2_MAX_RETRIES is the number of Retry packet which client can + accept. */ +#define NGTCP2_MAX_RETRIES 3 + +/* NGTCP2_HS_ACK_DELAY is the ACK delay for Initial and Handshake + packets. */ +#define NGTCP2_HS_ACK_DELAY NGTCP2_MILLISECONDS + +/* NGTCP2_MAX_DCID_POOL_SIZE is the maximum number of destination + connection ID the remote endpoint provides to store. It must be + the power of 2. */ +#define NGTCP2_MAX_DCID_POOL_SIZE 8 +/* NGTCP2_MAX_DCID_RETIRED_SIZE is the maximum number of retired DCID + kept to catch in-flight packet on retired path. */ +#define NGTCP2_MAX_DCID_RETIRED_SIZE 2 +/* NGTCP2_MAX_SCID_POOL_SIZE is the maximum number of source + connection ID the local endpoint provides in NEW_CONNECTION_ID to + the remote endpoint. The chosen value was described in old draft. + Now a remote endpoint tells the maximum value. The value can be + quite large, and we have to put the sane limit.*/ +#define NGTCP2_MAX_SCID_POOL_SIZE 8 + +/* + * ngtcp2_max_frame is defined so that it covers the largest ACK + * frame. + */ +typedef union { + ngtcp2_frame fr; + struct { + ngtcp2_ack ack; + /* ack includes 1 ngtcp2_ack_blk. */ + ngtcp2_ack_blk blks[NGTCP2_MAX_ACK_BLKS - 1]; + } ackfr; +} ngtcp2_max_frame; + +typedef struct { + uint8_t data[8]; +} ngtcp2_path_challenge_entry; + +void ngtcp2_path_challenge_entry_init(ngtcp2_path_challenge_entry *pcent, + const uint8_t *data); + +typedef enum { + NGTCP2_CONN_FLAG_NONE = 0x00, + /* NGTCP2_CONN_FLAG_HANDSHAKE_COMPLETED is set if handshake + completed. */ + NGTCP2_CONN_FLAG_HANDSHAKE_COMPLETED = 0x01, + /* NGTCP2_CONN_FLAG_CONN_ID_NEGOTIATED is set if connection ID is + negotiated. This is only used for client. */ + NGTCP2_CONN_FLAG_CONN_ID_NEGOTIATED = 0x02, + /* NGTCP2_CONN_FLAG_TRANSPORT_PARAM_RECVED is set if transport + parameters are received. */ + NGTCP2_CONN_FLAG_TRANSPORT_PARAM_RECVED = 0x04, + /* NGTCP2_CONN_FLAG_RECV_PROTECTED_PKT is set when a protected + packet is received, and decrypted successfully. This flag is + used to stop retransmitting handshake packets. It might be + replaced with an another mechanism when we implement key + update. */ + NGTCP2_CONN_FLAG_RECV_PROTECTED_PKT = 0x08, + /* NGTCP2_CONN_FLAG_RECV_RETRY is set when a client receives Retry + packet. */ + NGTCP2_CONN_FLAG_RECV_RETRY = 0x10, + /* NGTCP2_CONN_FLAG_EARLY_DATA_REJECTED is set when 0-RTT packet is + rejected by a peer. */ + NGTCP2_CONN_FLAG_EARLY_DATA_REJECTED = 0x20, + /* NGTCP2_CONN_FLAG_SADDR_VERIFIED is set when source address is + verified. */ + NGTCP2_CONN_FLAG_SADDR_VERIFIED = 0x40, + /* NGTCP2_CONN_FLAG_OCID_PRESENT is set when ocid field of + ngtcp2_conn is set. */ + NGTCP2_CONN_FLAG_OCID_PRESENT = 0x80, + /* NGTCP2_CONN_FLAG_HANDSHAKE_COMPLETED_HANDLED is set when the + library transitions its state to "post handshake". */ + NGTCP2_CONN_FLAG_HANDSHAKE_COMPLETED_HANDLED = 0x0100, + /* NGTCP2_CONN_FLAG_FORCE_SEND_HANDSHAKE is set when client has to + send Initial or Handshake packets even if it has nothing to + send. */ + NGTCP2_CONN_FLAG_FORCE_SEND_HANDSHAKE = 0x0200, + /* NGTCP2_CONN_FLAG_INITIAL_KEY_DISCARDED is set when Initial keys + have been discarded. */ + NGTCP2_CONN_FLAG_INITIAL_KEY_DISCARDED = 0x0400, + /* NGTCP2_CONN_FLAG_WAIT_FOR_REMOTE_KEY_UPDATE is set when local + endpoint has initiated key update and waits for the remote + endpoint to update key. */ + NGTCP2_CONN_FLAG_WAIT_FOR_REMOTE_KEY_UPDATE = 0x0800, + /* NGTCP2_CONN_FLAG_PPE_PENDING is set when + NGTCP2_WRITE_STREAM_FLAG_MORE is used and the intermediate state + of ngtcp2_ppe is stored in pkt struct of ngtcp2_conn. */ + NGTCP2_CONN_FLAG_PPE_PENDING = 0x1000, +} ngtcp2_conn_flag; + +typedef struct { + ngtcp2_buf buf; + /* pkt_type is the type of packet to send data in buf. If it is 0, + it must be sent in Short packet. Otherwise, it is sent the long + packet type denoted by pkt_type. */ + uint8_t pkt_type; +} ngtcp2_crypto_data; + +/* + * ngtcp2_bw measures bandwidth. + */ +typedef struct { + /* first_ts is a timestamp when bandwidth measurement is + started. */ + ngtcp2_tstamp first_ts; + /* last_ts is a timestamp when bandwidth measurement was last + updated. */ + ngtcp2_tstamp last_ts; + /* datalen is the length of STREAM data received for bandwidth + measurement. */ + uint64_t datalen; + /* value is receiver side bandwidth. */ + double value; +} ngtcp2_bw; + +typedef struct { + struct { + /* last_pkt_num is the packet number which the local endpoint sent + last time.*/ + int64_t last_pkt_num; + ngtcp2_frame_chain *frq; + } tx; + + struct { + /* pngap tracks received packet number in order to suppress + duplicated packet number. */ + ngtcp2_gaptr pngap; + /* max_pkt_num is the largest packet number received so far. */ + int64_t max_pkt_num; + /* + * buffed_pkts is buffered packets which cannot be decrypted with + * the current encryption level. + * + * In server Initial encryption level, 0-RTT packet may be buffered. + * In server Handshake encryption level, Short packet may be buffered. + * + * In client Initial encryption level, Handshake or Short packet may + * be buffered. In client Handshake encryption level, Short packet + * may be buffered. + * + * - 0-RTT packet is only buffered in server Initial encryption + * level ngtcp2_pktns. + * + * - Handshake packet is only buffered in client Initial encryption + * level ngtcp2_pktns. + * + * - Short packet is only buffered in Handshake encryption level + * ngtcp2_pktns. + */ + ngtcp2_pkt_chain *buffed_pkts; + } rx; + + struct { + struct { + /* frq contains crypto data sorted by their offset. */ + ngtcp2_ksl frq; + /* offset is the offset of crypto stream in this packet number + space. */ + uint64_t offset; + /* ckm is a cryptographic key, and iv to encrypt outgoing + packets. */ + ngtcp2_crypto_km *ckm; + /* hp is header protection key. */ + ngtcp2_vec *hp; + } tx; + + struct { + /* ckm is a cryptographic key, and iv to decrypt incoming + packets. */ + ngtcp2_crypto_km *ckm; + /* hp is header protection key. */ + ngtcp2_vec *hp; + } rx; + + ngtcp2_strm strm; + } crypto; + + ngtcp2_acktr acktr; + ngtcp2_rtb rtb; +} ngtcp2_pktns; + +struct ngtcp2_conn { + int state; + ngtcp2_conn_callbacks callbacks; + /* rcid is a connection ID present in Initial or 0-RTT packet from + client as destination connection ID. Server uses this field to + check that duplicated Initial or 0-RTT packet are indeed sent to + this connection. Client uses this field to validate + original_connection_id transport parameter. */ + ngtcp2_cid rcid; + /* ocid is a connection ID sent as original destination connection + ID in Retry packet. Only server uses this field to send this CID + to client in original_connection_id transport parameter. */ + ngtcp2_cid ocid; + /* oscid is the source connection ID initially used by the local + endpoint. */ + ngtcp2_cid oscid; + /* odcid is the destination connection ID initially negotiated + during handshake. It is used to receive late handshake packets + after handshake completion. */ + ngtcp2_cid odcid; + ngtcp2_pktns in_pktns; + ngtcp2_pktns hs_pktns; + ngtcp2_pktns pktns; + + struct { + /* current is the current destination connection ID. */ + ngtcp2_dcid current; + /* unused is a set of unused CID received from peer. */ + ngtcp2_ringbuf unused; + /* retired is a set of CID retired by local endpoint. Keep them + in 3*PTO to catch packets in flight along the old path. */ + ngtcp2_ringbuf retired; + } dcid; + + struct { + /* set is a set of CID sent to peer. The peer can use any CIDs in + this set. This includes used CID as well as unused ones. */ + ngtcp2_ksl set; + /* used is a set of CID used by peer. The sort function of this + priority queue takes timestamp when CID is retired and sorts + them in ascending order. */ + ngtcp2_pq used; + /* last_seq is the last sequence number of connection ID. */ + uint64_t last_seq; + /* num_initial_id is the number of Connection ID initially offered + to the remote endpoint and is not retired yet. It includes the + initial Connection ID used during handshake and the one in + preferred_address transport parameter. */ + size_t num_initial_id; + /* num_retired is the number of retired Connection ID still + included in set. */ + size_t num_retired; + } scid; + + struct { + /* strmq contains ngtcp2_strm which has frames to send. */ + ngtcp2_pq strmq; + /* offset is the offset the local endpoint has sent to the remote + endpoint. */ + uint64_t offset; + /* max_offset is the maximum offset that local endpoint can + send. */ + uint64_t max_offset; + } tx; + + struct { + /* unsent_max_offset is the maximum offset that remote endpoint + can send without extending MAX_DATA. This limit is not yet + notified to the remote endpoint. */ + uint64_t unsent_max_offset; + /* offset is the cumulative sum of stream data received for this + connection. */ + uint64_t offset; + /* max_offset is the maximum offset that remote endpoint can + send. */ + uint64_t max_offset; + /* bw is STREAM data bandwidth */ + ngtcp2_bw bw; + /* path_challenge stores received PATH_CHALLENGE data. */ + ngtcp2_ringbuf path_challenge; + } rx; + + struct { + ngtcp2_crypto_km *ckm; + ngtcp2_vec *hp; + } early; + + struct { + ngtcp2_settings settings; + struct { + /* max_streams is the maximum number of bidirectional streams which + the local endpoint can open. */ + uint64_t max_streams; + /* next_stream_id is the bidirectional stream ID which the local + endpoint opens next. */ + int64_t next_stream_id; + } bidi; + + struct { + /* max_streams is the maximum number of unidirectional streams + which the local endpoint can open. */ + uint64_t max_streams; + /* next_stream_id is the unidirectional stream ID which the + local endpoint opens next. */ + int64_t next_stream_id; + } uni; + } local; + + struct { + ngtcp2_settings settings; + /* pending_settings is received transport parameters during + handshake. It is copied to settings when 1RTT key is + available. */ + ngtcp2_settings pending_settings; + struct { + ngtcp2_idtr idtr; + /* unsent_max_streams is the maximum number of streams of peer + initiated bidirectional stream which the local endpoint can + accept. This limit is not yet notified to the remote + endpoint. */ + uint64_t unsent_max_streams; + /* max_streams is the maximum number of streams of peer + initiated bidirectional stream which the local endpoint can + accept. */ + uint64_t max_streams; + } bidi; + + struct { + ngtcp2_idtr idtr; + /* unsent_max_streams is the maximum number of streams of peer + initiated unidirectional stream which the local endpoint can + accept. This limit is not yet notified to the remote + endpoint. */ + uint64_t unsent_max_streams; + /* max_streams is the maximum number of streams of peer + initiated unidirectional stream which the local endpoint can + accept. */ + uint64_t max_streams; + } uni; + } remote; + + struct { + struct { + /* new_tx_ckm is a new sender 1RTT key which has not been + used. */ + ngtcp2_crypto_km *new_tx_ckm; + /* new_rx_ckm is a new receiver 1RTT key which has not + successfully decrypted incoming packet yet. */ + ngtcp2_crypto_km *new_rx_ckm; + /* old_rx_ckm is an old receiver 1RTT key. */ + ngtcp2_crypto_km *old_rx_ckm; + } key_update; + + size_t aead_overhead; + /* decrypt_buf is a buffer which is used to write decrypted data. */ + ngtcp2_array decrypt_buf; + } crypto; + + /* pkt contains the packet intermediate construction data to support + NGTCP2_WRITE_STREAM_FLAG_MORE */ + struct { + ngtcp2_crypto_ctx ctx; + ngtcp2_pkt_hd hd; + ngtcp2_ppe ppe; + ngtcp2_frame_chain **pfrc; + int pkt_empty; + uint8_t rtb_entry_flags; + int was_client_initial; + ssize_t hs_spktlen; + } pkt; + + ngtcp2_map strms; + ngtcp2_rcvry_stat rcs; + ngtcp2_cc_stat ccs; + ngtcp2_pv *pv; + ngtcp2_log log; + ngtcp2_default_cc cc; + /* token is an address validation token received from server. */ + ngtcp2_buf token; + /* hs_recved is the number of bytes received from client before its + address is validated. This field is only used by server to + ensure "3 times received data" rule. */ + size_t hs_recved; + /* hs_sent is the number of bytes sent from server during handshake. + This field is only used by server to ensure "3 times received + data" rule. */ + size_t hs_sent; + const ngtcp2_mem *mem; + void *user_data; + uint32_t version; + /* flags is bitwise OR of zero or more of ngtcp2_conn_flag. */ + uint16_t flags; + int server; +}; + +/** + * @function + * + * `ngtcp2_conn_read_handshake` performs QUIC cryptographic handshake + * by reading given data. |pkt| points to the buffer to read and + * |pktlen| is the length of the buffer. |path| is the network path. + * + * The application should call `ngtcp2_conn_write_handshake` (or + * `ngtcp2_conn_client_write_handshake` for client session) to make + * handshake go forward after calling this function. + * + * Application should call this function until + * `ngtcp2_conn_get_handshake_completed` returns nonzero. After the + * completion of handshake, `ngtcp2_conn_read_pkt` and + * `ngtcp2_conn_write_pkt` should be called instead. + * + * This function must not be called from inside the callback + * functions. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: (TBD). + */ +int ngtcp2_conn_read_handshake(ngtcp2_conn *conn, const ngtcp2_path *path, + const uint8_t *pkt, size_t pktlen, + ngtcp2_tstamp ts); + +/** + * @function + * + * `ngtcp2_conn_write_handshake` performs QUIC cryptographic handshake + * by writing handshake packets. It may write a packet in the given + * buffer pointed by |dest| whose capacity is given as |destlen|. + * Application must ensure that the buffer pointed by |dest| is not + * empty. + * + * Application should keep calling this function repeatedly until it + * returns zero, or negative error code. + * + * Application should call this function until + * `ngtcp2_conn_get_handshake_completed` returns nonzero. After the + * completion of handshake, `ngtcp2_conn_read_pkt` and + * `ngtcp2_conn_write_pkt` should be called instead. + * + * During handshake, application can send 0-RTT data (or its response) + * using `ngtcp2_conn_write_stream`. + * `ngtcp2_conn_client_write_handshake` is generally efficient because + * it can coalesce Handshake packet and 0-RTT packet into one UDP + * packet. + * + * This function returns 0 if it cannot write any frame because buffer + * is too small, or packet is congestion limited. Application should + * keep reading and wait for congestion window to grow. + * + * This function must not be called from inside the callback + * functions. + * + * This function returns the number of bytes written to the buffer + * pointed by |dest| if it succeeds, or one of the following negative + * error codes: (TBD). + */ +ssize_t ngtcp2_conn_write_handshake(ngtcp2_conn *conn, uint8_t *dest, + size_t destlen, ngtcp2_tstamp ts); + +/** + * @function + * + * `ngtcp2_conn_client_write_handshake` is just like + * `ngtcp2_conn_write_handshake`, but it is for client only, and can + * write 0-RTT data. This function can coalesce handshake packet and + * 0-RTT packet into single UDP packet, thus it is generally more + * efficient than the combination of `ngtcp2_conn_write_handshake` and + * `ngtcp2_conn_write_stream`. + * + * |stream_id|, |fin|, |datav|, and |datavcnt| are stream identifier + * to which 0-RTT data is sent, whether it is a last data chunk in + * this stream, a vector of 0-RTT data, and its number of elements + * respectively. If there is no 0RTT data to send, pass negative + * integer to |stream_id|. The amount of 0RTT data sent is assigned + * to |*pdatalen|. If no data is sent, -1 is assigned. Note that 0 + * length STREAM frame is allowed in QUIC, so 0 might be assigned to + * |*pdatalen|. + * + * This function returns 0 if it cannot write any frame because buffer + * is too small, or packet is congestion limited. Application should + * keep reading and wait for congestion window to grow. + * + * This function returns the number of bytes written to the buffer + * pointed by |dest| if it succeeds, or one of the following negative + * error codes: (TBD). + */ +ssize_t ngtcp2_conn_client_write_handshake(ngtcp2_conn *conn, uint8_t *dest, + size_t destlen, ssize_t *pdatalen, + uint32_t flags, int64_t stream_id, + int fin, const ngtcp2_vec *datav, + size_t datavcnt, ngtcp2_tstamp ts); + +/* + * ngtcp2_conn_sched_ack stores packet number |pkt_num| and its + * reception timestamp |ts| in order to send its ACK. + * + * It returns 0 if it succeeds, or one of the following negative error + * codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory + * NGTCP2_ERR_PROTO + * Same packet number has already been added. + */ +int ngtcp2_conn_sched_ack(ngtcp2_conn *conn, ngtcp2_acktr *acktr, + int64_t pkt_num, int active_ack, ngtcp2_tstamp ts); + +/* + * ngtcp2_conn_find_stream returns a stream whose stream ID is + * |stream_id|. If no such stream is found, it returns NULL. + */ +ngtcp2_strm *ngtcp2_conn_find_stream(ngtcp2_conn *conn, int64_t stream_id); + +/* + * conn_init_stream initializes |strm|. Its stream ID is |stream_id|. + * This function adds |strm| to conn->strms. |strm| must be allocated + * by the caller. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory + * NGTCP2_ERR_CALLBACK_FAILURE + * User-callback function failed. + */ +int ngtcp2_conn_init_stream(ngtcp2_conn *conn, ngtcp2_strm *strm, + int64_t stream_id, void *stream_user_data); + +/* + * ngtcp2_conn_close_stream closes stream |strm|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_INVALID_ARGUMENT + * Stream is not found. + * NGTCP2_ERR_CALLBACK_FAILURE + * User-defined callback function failed. + */ +int ngtcp2_conn_close_stream(ngtcp2_conn *conn, ngtcp2_strm *strm, + uint64_t app_error_code); + +/* + * ngtcp2_conn_close_stream closes stream |strm| if no further + * transmission and reception are allowed, and all reordered incoming + * data are emitted to the application, and the transmitted data are + * acked. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_INVALID_ARGUMENT + * Stream is not found. + * NGTCP2_ERR_CALLBACK_FAILURE + * User-defined callback function failed. + */ +int ngtcp2_conn_close_stream_if_shut_rdwr(ngtcp2_conn *conn, ngtcp2_strm *strm, + uint64_t app_error_code); + +/* + * ngtcp2_conn_update_rtt updates RTT measurements. |rtt| is a latest + * RTT which is not adjusted by ack delay. |ack_delay| is unscaled + * ack_delay included in ACK frame. |ack_delay| is actually tainted + * (sent by peer), so don't assume that |ack_delay| is always smaller + * than, or equals to |rtt|. + */ +void ngtcp2_conn_update_rtt(ngtcp2_conn *conn, uint64_t rtt, + uint64_t ack_delay); + +void ngtcp2_conn_set_loss_detection_timer(ngtcp2_conn *conn); + +/* + * ngtcp2_conn_detect_lost_pkt detects lost packets. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +int ngtcp2_conn_detect_lost_pkt(ngtcp2_conn *conn, ngtcp2_pktns *pktns, + ngtcp2_rcvry_stat *rcs, ngtcp2_tstamp ts); + +/* + * ngtcp2_conn_tx_strmq_top returns the ngtcp2_strm which sits on the + * top of queue. tx_strmq must not be empty. + */ +ngtcp2_strm *ngtcp2_conn_tx_strmq_top(ngtcp2_conn *conn); + +/* + * ngtcp2_conn_tx_strmq_pop pops the ngtcp2_strm from the queue. + * tx_strmq must not be empty. + */ +void ngtcp2_conn_tx_strmq_pop(ngtcp2_conn *conn); + +/* + * ngtcp2_conn_tx_strmq_push pushes |strm| into tx_strmq. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +int ngtcp2_conn_tx_strmq_push(ngtcp2_conn *conn, ngtcp2_strm *strm); + +/* + * ngtcp2_conn_internal_expiry returns the minimum expiry time among + * all timers in |conn|. + */ +ngtcp2_tstamp ngtcp2_conn_internal_expiry(ngtcp2_conn *conn); + +#endif /* NGTCP2_CONN_H */ diff --git a/deps/ngtcp2/lib/ngtcp2_conv.c b/deps/ngtcp2/lib/ngtcp2_conv.c new file mode 100644 index 0000000000..319dd14a9b --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_conv.c @@ -0,0 +1,252 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "ngtcp2_conv.h" + +#include +#include + +#include "ngtcp2_str.h" +#include "ngtcp2_net.h" +#include "ngtcp2_pkt.h" + +uint64_t ngtcp2_get_uint64(const uint8_t *p) { + uint64_t n; + memcpy(&n, p, 8); + return bswap64(n); +} + +uint64_t ngtcp2_get_uint48(const uint8_t *p) { + uint64_t n = 0; + memcpy(((uint8_t *)&n) + 2, p, 6); + return bswap64(n); +} + +uint32_t ngtcp2_get_uint32(const uint8_t *p) { + uint32_t n; + memcpy(&n, p, 4); + return ntohl(n); +} + +uint32_t ngtcp2_get_uint24(const uint8_t *p) { + uint32_t n = 0; + memcpy(((uint8_t *)&n) + 1, p, 3); + return ntohl(n); +} + +uint16_t ngtcp2_get_uint16(const uint8_t *p) { + uint16_t n; + memcpy(&n, p, 2); + return ntohs(n); +} + +uint64_t ngtcp2_get_varint(size_t *plen, const uint8_t *p) { + union { + char b[8]; + uint16_t n16; + uint32_t n32; + uint64_t n64; + } n; + + *plen = 1u << (*p >> 6); + + switch (*plen) { + case 1: + return *p; + case 2: + memcpy(&n, p, 2); + n.b[0] &= 0x3f; + return ntohs(n.n16); + case 4: + memcpy(&n, p, 4); + n.b[0] &= 0x3f; + return ntohl(n.n32); + case 8: + memcpy(&n, p, 8); + n.b[0] &= 0x3f; + return bswap64(n.n64); + } + + assert(0); +} + +int64_t ngtcp2_get_pkt_num(const uint8_t *p, size_t pkt_numlen) { + switch (pkt_numlen) { + case 1: + return *p; + case 2: + return (int64_t)ngtcp2_get_uint16(p); + case 3: + return (int64_t)ngtcp2_get_uint24(p); + case 4: + return (int64_t)ngtcp2_get_uint32(p); + default: + assert(0); + } +} + +uint8_t *ngtcp2_put_uint64be(uint8_t *p, uint64_t n) { + n = bswap64(n); + return ngtcp2_cpymem(p, (const uint8_t *)&n, sizeof(n)); +} + +uint8_t *ngtcp2_put_uint48be(uint8_t *p, uint64_t n) { + n = bswap64(n); + return ngtcp2_cpymem(p, ((const uint8_t *)&n) + 2, 6); +} + +uint8_t *ngtcp2_put_uint32be(uint8_t *p, uint32_t n) { + n = htonl(n); + return ngtcp2_cpymem(p, (const uint8_t *)&n, sizeof(n)); +} + +uint8_t *ngtcp2_put_uint24be(uint8_t *p, uint32_t n) { + n = htonl(n); + return ngtcp2_cpymem(p, ((const uint8_t *)&n) + 1, 3); +} + +uint8_t *ngtcp2_put_uint16be(uint8_t *p, uint16_t n) { + n = htons(n); + return ngtcp2_cpymem(p, (const uint8_t *)&n, sizeof(n)); +} + +uint8_t *ngtcp2_put_varint(uint8_t *p, uint64_t n) { + uint8_t *rv; + if (n < 64) { + *p++ = (uint8_t)n; + return p; + } + if (n < 16384) { + rv = ngtcp2_put_uint16be(p, (uint16_t)n); + *p |= 0x40; + return rv; + } + if (n < 1073741824) { + rv = ngtcp2_put_uint32be(p, (uint32_t)n); + *p |= 0x80; + return rv; + } + assert(n < 4611686018427387904ULL); + rv = ngtcp2_put_uint64be(p, n); + *p |= 0xc0; + return rv; +} + +uint8_t *ngtcp2_put_varint14(uint8_t *p, uint16_t n) { + uint8_t *rv; + + assert(n < 16384); + + rv = ngtcp2_put_uint16be(p, n); + *p |= 0x40; + + return rv; +} + +uint8_t *ngtcp2_put_pkt_num(uint8_t *p, int64_t pkt_num, size_t len) { + switch (len) { + case 1: + *p++ = (uint8_t)pkt_num; + return p; + case 2: + ngtcp2_put_uint16be(p, (uint16_t)pkt_num); + return p + 2; + case 3: + ngtcp2_put_uint24be(p, (uint32_t)pkt_num); + return p + 3; + case 4: + ngtcp2_put_uint32be(p, (uint32_t)pkt_num); + return p + 4; + default: + assert(0); + } +} + +size_t ngtcp2_get_varint_len(const uint8_t *p) { return 1u << (*p >> 6); } + +size_t ngtcp2_put_varint_len(uint64_t n) { + if (n < 64) { + return 1; + } + if (n < 16384) { + return 2; + } + if (n < 1073741824) { + return 4; + } + assert(n < 4611686018427387904ULL); + return 8; +} + +int64_t ngtcp2_nth_server_bidi_id(uint64_t n) { + if (n == 0) { + return 0; + } + + if ((NGTCP2_MAX_VARINT >> 2) < n - 1) { + return NGTCP2_MAX_SERVER_STREAM_ID_BIDI; + } + + return (int64_t)(((n - 1) << 2) | 0x01); +} + +int64_t ngtcp2_nth_client_bidi_id(uint64_t n) { + if (n == 0) { + return 0; + } + + if ((NGTCP2_MAX_VARINT >> 2) < n - 1) { + return NGTCP2_MAX_CLIENT_STREAM_ID_BIDI; + } + + return (int64_t)((n - 1) << 2); +} + +int64_t ngtcp2_nth_server_uni_id(uint64_t n) { + if (n == 0) { + return 0; + } + + if ((NGTCP2_MAX_VARINT >> 2) < n - 1) { + return NGTCP2_MAX_SERVER_STREAM_ID_UNI; + } + + return (int64_t)(((n - 1) << 2) | 0x03); +} + +int64_t ngtcp2_nth_client_uni_id(uint64_t n) { + if (n == 0) { + return 0; + } + + if ((NGTCP2_MAX_VARINT >> 2) < n - 1) { + return NGTCP2_MAX_CLIENT_STREAM_ID_UNI; + } + + return (int64_t)(((n - 1) << 2) | 0x02); +} + +uint64_t ngtcp2_ord_stream_id(int64_t stream_id) { + return (uint64_t)(stream_id >> 2) + 1; +} diff --git a/deps/ngtcp2/lib/ngtcp2_conv.h b/deps/ngtcp2/lib/ngtcp2_conv.h new file mode 100644 index 0000000000..c70d42cfc4 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_conv.h @@ -0,0 +1,197 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGTCP2_CONV_H +#define NGTCP2_CONV_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#ifdef HAVE_ARPA_INET_H +# include +#endif /* HAVE_ARPA_INET_H */ + +#include + +#ifdef WORDS_BIGENDIAN +# define bswap64(N) (N) +#else /* !WORDS_BIGENDIAN */ +# define bswap64(N) \ + ((uint64_t)(ntohl((uint32_t)(N))) << 32 | ntohl((uint32_t)((N) >> 32))) +#endif /* !WORDS_BIGENDIAN */ + +/* + * ngtcp2_get_uint64 reads 8 bytes from |p| as 64 bits unsigned + * integer encoded as network byte order, and returns it in host byte + * order. + */ +uint64_t ngtcp2_get_uint64(const uint8_t *p); + +/* + * ngtcp2_get_uint48 reads 6 bytes from |p| as 48 bits unsigned + * integer encoded as network byte order, and returns it in host byte + * order. + */ +uint64_t ngtcp2_get_uint48(const uint8_t *p); + +/* + * ngtcp2_get_uint32 reads 4 bytes from |p| as 32 bits unsigned + * integer encoded as network byte order, and returns it in host byte + * order. + */ +uint32_t ngtcp2_get_uint32(const uint8_t *p); + +/* + * ngtcp2_get_uint24 reads 3 bytes from |p| as 24 bits unsigned + * integer encoded as network byte order, and returns it in host byte + * order. + */ +uint32_t ngtcp2_get_uint24(const uint8_t *p); + +/* + * ngtcp2_get_uint16 reads 2 bytes from |p| as 16 bits unsigned + * integer encoded as network byte order, and returns it in host byte + * order. + */ +uint16_t ngtcp2_get_uint16(const uint8_t *p); + +/* + * ngtcp2_get_varint reads variable-length integer from |p|, and + * returns it in host byte order. The number of bytes read is stored + * in |*plen|. + */ +uint64_t ngtcp2_get_varint(size_t *plen, const uint8_t *p); + +/* + * ngtcp2_get_pkt_num reads encoded packet number from |p|. The + * packet number is encoed in |pkt_numlen| bytes. + */ +int64_t ngtcp2_get_pkt_num(const uint8_t *p, size_t pkt_numlen); + +/* + * ngtcp2_put_uint64be writes |n| in host byte order in |p| in network + * byte order. It returns the one beyond of the last written + * position. + */ +uint8_t *ngtcp2_put_uint64be(uint8_t *p, uint64_t n); + +/* + * ngtcp2_put_uint48be writes |n| in host byte order in |p| in network + * byte order. It writes only least significant 48 bits. It returns + * the one beyond of the last written position. + */ +uint8_t *ngtcp2_put_uint48be(uint8_t *p, uint64_t n); + +/* + * ngtcp2_put_uint32be writes |n| in host byte order in |p| in network + * byte order. It returns the one beyond of the last written + * position. + */ +uint8_t *ngtcp2_put_uint32be(uint8_t *p, uint32_t n); + +/* + * ngtcp2_put_uint24be writes |n| in host byte order in |p| in network + * byte order. It writes only least significant 24 bits. It returns + * the one beyond of the last written position. + */ +uint8_t *ngtcp2_put_uint24be(uint8_t *p, uint32_t n); + +/* + * ngtcp2_put_uint16be writes |n| in host byte order in |p| in network + * byte order. It returns the one beyond of the last written + * position. + */ +uint8_t *ngtcp2_put_uint16be(uint8_t *p, uint16_t n); + +/* + * ngtcp2_put_varint writes |n| in |p| using variable-length integer + * encoding. It returns the one beyond of the last written position. + */ +uint8_t *ngtcp2_put_varint(uint8_t *p, uint64_t n); + +/* + * ngtcp2_put_varint14 writes |n| in |p| using variable-length integer + * encoding. |n| must be strictly less than 16384. The function + * always encodes |n| in 2 bytes. It returns the one beyond of the + * last written position. + */ +uint8_t *ngtcp2_put_varint14(uint8_t *p, uint16_t n); + +/* + * ngtcp2_put_pkt_num encodes |pkt_num| using |len| bytes. It + * returns the one beyond of the last written position. + */ +uint8_t *ngtcp2_put_pkt_num(uint8_t *p, int64_t pkt_num, size_t len); + +/* + * ngtcp2_get_varint_len returns the required number of bytes to read + * variable-length integer starting at |p|. + */ +size_t ngtcp2_get_varint_len(const uint8_t *p); + +/* + * ngtcp2_put_varint_len returns the required number of bytes to + * encode |n|. + */ +size_t ngtcp2_put_varint_len(uint64_t n); + +/* + * ngtcp2_nth_server_bidi_id returns |n|-th server bidirectional + * stream ID. If |n| is 0, it returns 0. If the |n|-th stream ID is + * larger than NGTCP2_MAX_SERVER_STREAM_ID_BIDI, this function returns + * NGTCP2_MAX_SERVER_STREAM_ID_BIDI. + */ +int64_t ngtcp2_nth_server_bidi_id(uint64_t n); + +/* + * ngtcp2_nth_client_bidi_id returns |n|-th client bidirectional + * stream ID. If |n| is 0, it returns 0. If the |n|-th stream ID is + * larger than NGTCP2_MAX_CLIENT_STREAM_ID_BIDI, this function returns + * NGTCP2_MAX_CLIENT_STREAM_ID_BIDI. + */ +int64_t ngtcp2_nth_client_bidi_id(uint64_t n); + +/* + * ngtcp2_nth_server_uni_id returns |n|-th server unidirectional + * stream ID. If |n| is 0, it returns 0. If the |n|-th stream ID is + * larger than NGTCP2_MAX_SERVER_STREAM_ID_UNI, this function returns + * NGTCP2_MAX_SERVER_STREAM_ID_UNI. + */ +int64_t ngtcp2_nth_server_uni_id(uint64_t n); + +/* + * ngtcp2_nth_client_uni_id returns |n|-th client unidirectional + * stream ID. If |n| is 0, it returns 0. If the |n|-th stream ID is + * larger than NGTCP2_MAX_CLIENT_STREAM_ID_UNI, this function returns + * NGTCP2_MAX_CLIENT_STREAM_ID_UNI. + */ +int64_t ngtcp2_nth_client_uni_id(uint64_t n); + +/* + * ngtcp2_ord_stream_id returns the ordinal number of |stream_id|. + */ +uint64_t ngtcp2_ord_stream_id(int64_t stream_id); + +#endif /* NGTCP2_CONV_H */ diff --git a/deps/ngtcp2/lib/ngtcp2_crypto.c b/deps/ngtcp2/lib/ngtcp2_crypto.c new file mode 100644 index 0000000000..de9dd1cf4b --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_crypto.c @@ -0,0 +1,573 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "ngtcp2_crypto.h" + +#include +#include + +#include "ngtcp2_str.h" +#include "ngtcp2_conv.h" +#include "ngtcp2_net.h" +#include "ngtcp2_conn.h" + +int ngtcp2_crypto_km_new(ngtcp2_crypto_km **pckm, const uint8_t *key, + size_t keylen, const uint8_t *iv, size_t ivlen, + const ngtcp2_mem *mem) { + size_t len; + uint8_t *p; + + len = sizeof(ngtcp2_crypto_km) + keylen + ivlen; + + *pckm = ngtcp2_mem_malloc(mem, len); + if (*pckm == NULL) { + return NGTCP2_ERR_NOMEM; + } + + p = (uint8_t *)(*pckm) + sizeof(ngtcp2_crypto_km); + (*pckm)->key.base = p; + (*pckm)->key.len = keylen; + p = ngtcp2_cpymem(p, key, keylen); + (*pckm)->iv.base = p; + (*pckm)->iv.len = ivlen; + /* p = */ ngtcp2_cpymem(p, iv, ivlen); + (*pckm)->pkt_num = -1; + (*pckm)->flags = NGTCP2_CRYPTO_KM_FLAG_NONE; + + return 0; +} + +void ngtcp2_crypto_km_del(ngtcp2_crypto_km *ckm, const ngtcp2_mem *mem) { + if (ckm == NULL) { + return; + } + + ngtcp2_mem_free(mem, ckm); +} + +void ngtcp2_crypto_create_nonce(uint8_t *dest, const uint8_t *iv, size_t ivlen, + int64_t pkt_num) { + size_t i; + uint64_t n; + + memcpy(dest, iv, ivlen); + n = bswap64((uint64_t)pkt_num); + + for (i = 0; i < 8; ++i) { + dest[ivlen - 8 + i] ^= ((uint8_t *)&n)[i]; + } +} + +ssize_t ngtcp2_encode_transport_params(uint8_t *dest, size_t destlen, + uint8_t exttype, + const ngtcp2_transport_params *params) { + uint8_t *p; + size_t len = sizeof(uint16_t); + /* For some reason, gcc 7.3.0 requires this initialization. */ + size_t preferred_addrlen = 0; + + switch (exttype) { + case NGTCP2_TRANSPORT_PARAMS_TYPE_CLIENT_HELLO: + break; + case NGTCP2_TRANSPORT_PARAMS_TYPE_ENCRYPTED_EXTENSIONS: + if (params->stateless_reset_token_present) { + len += 20; + } + if (params->preferred_address_present) { + assert(params->preferred_address.cid.datalen == 0 || + params->preferred_address.cid.datalen >= NGTCP2_MIN_CIDLEN); + assert(params->preferred_address.cid.datalen <= NGTCP2_MAX_CIDLEN); + preferred_addrlen = 4 /* ipv4Address */ + 2 /* ipv4Port */ + + 16 /* ipv6Address */ + 2 /* ipv6Port */ + + 1 + + params->preferred_address.cid.datalen /* CID */ + + NGTCP2_STATELESS_RESET_TOKENLEN; + len += 4 + preferred_addrlen; + } + if (params->original_connection_id_present) { + len += 4 + params->original_connection_id.datalen; + } + break; + default: + return NGTCP2_ERR_INVALID_ARGUMENT; + } + + if (params->initial_max_stream_data_bidi_local) { + len += + 4 + ngtcp2_put_varint_len(params->initial_max_stream_data_bidi_local); + } + if (params->initial_max_stream_data_bidi_remote) { + len += + 4 + ngtcp2_put_varint_len(params->initial_max_stream_data_bidi_remote); + } + if (params->initial_max_stream_data_uni) { + len += 4 + ngtcp2_put_varint_len(params->initial_max_stream_data_uni); + } + if (params->initial_max_data) { + len += 4 + ngtcp2_put_varint_len(params->initial_max_data); + } + if (params->initial_max_streams_bidi) { + len += 4 + ngtcp2_put_varint_len(params->initial_max_streams_bidi); + } + if (params->initial_max_streams_uni) { + len += 4 + ngtcp2_put_varint_len(params->initial_max_streams_uni); + } + if (params->max_packet_size != NGTCP2_MAX_PKT_SIZE) { + len += 4 + ngtcp2_put_varint_len(params->max_packet_size); + } + if (params->ack_delay_exponent != NGTCP2_DEFAULT_ACK_DELAY_EXPONENT) { + len += 4 + ngtcp2_put_varint_len(params->ack_delay_exponent); + } + if (params->disable_migration) { + len += 4; + } + if (params->max_ack_delay != NGTCP2_DEFAULT_MAX_ACK_DELAY) { + len += + 4 + ngtcp2_put_varint_len(params->max_ack_delay / NGTCP2_MILLISECONDS); + } + if (params->idle_timeout) { + len += 4 + ngtcp2_put_varint_len(params->idle_timeout); + } + if (params->active_connection_id_limit) { + len += 4 + ngtcp2_put_varint_len(params->active_connection_id_limit); + } + + if (destlen < len) { + return NGTCP2_ERR_NOBUF; + } + + p = dest; + p = ngtcp2_put_uint16be(p, (uint16_t)(len - sizeof(uint16_t))); + + if (exttype == NGTCP2_TRANSPORT_PARAMS_TYPE_ENCRYPTED_EXTENSIONS) { + if (params->stateless_reset_token_present) { + p = ngtcp2_put_uint16be(p, NGTCP2_TRANSPORT_PARAM_STATELESS_RESET_TOKEN); + p = ngtcp2_put_uint16be(p, sizeof(params->stateless_reset_token)); + p = ngtcp2_cpymem(p, params->stateless_reset_token, + sizeof(params->stateless_reset_token)); + } + if (params->preferred_address_present) { + p = ngtcp2_put_uint16be(p, NGTCP2_TRANSPORT_PARAM_PREFERRED_ADDRESS); + p = ngtcp2_put_uint16be(p, (uint16_t)preferred_addrlen); + + p = ngtcp2_cpymem(p, params->preferred_address.ipv4_addr, + sizeof(params->preferred_address.ipv4_addr)); + p = ngtcp2_put_uint16be(p, params->preferred_address.ipv4_port); + + p = ngtcp2_cpymem(p, params->preferred_address.ipv6_addr, + sizeof(params->preferred_address.ipv6_addr)); + p = ngtcp2_put_uint16be(p, params->preferred_address.ipv6_port); + + *p++ = (uint8_t)params->preferred_address.cid.datalen; + if (params->preferred_address.cid.datalen) { + p = ngtcp2_cpymem(p, params->preferred_address.cid.data, + params->preferred_address.cid.datalen); + } + p = ngtcp2_cpymem( + p, params->preferred_address.stateless_reset_token, + sizeof(params->preferred_address.stateless_reset_token)); + } + if (params->original_connection_id_present) { + p = ngtcp2_put_uint16be(p, NGTCP2_TRANSPORT_PARAM_ORIGINAL_CONNECTION_ID); + p = ngtcp2_put_uint16be(p, + (uint16_t)params->original_connection_id.datalen); + p = ngtcp2_cpymem(p, params->original_connection_id.data, + params->original_connection_id.datalen); + } + } + + if (params->initial_max_stream_data_bidi_local) { + p = ngtcp2_put_uint16be( + p, NGTCP2_TRANSPORT_PARAM_INITIAL_MAX_STREAM_DATA_BIDI_LOCAL); + p = ngtcp2_put_uint16be(p, (uint16_t)ngtcp2_put_varint_len( + params->initial_max_stream_data_bidi_local)); + p = ngtcp2_put_varint(p, params->initial_max_stream_data_bidi_local); + } + + if (params->initial_max_stream_data_bidi_remote) { + p = ngtcp2_put_uint16be( + p, NGTCP2_TRANSPORT_PARAM_INITIAL_MAX_STREAM_DATA_BIDI_REMOTE); + p = ngtcp2_put_uint16be(p, + (uint16_t)ngtcp2_put_varint_len( + params->initial_max_stream_data_bidi_remote)); + p = ngtcp2_put_varint(p, params->initial_max_stream_data_bidi_remote); + } + + if (params->initial_max_stream_data_uni) { + p = ngtcp2_put_uint16be(p, + NGTCP2_TRANSPORT_PARAM_INITIAL_MAX_STREAM_DATA_UNI); + p = ngtcp2_put_uint16be(p, (uint16_t)ngtcp2_put_varint_len( + params->initial_max_stream_data_uni)); + p = ngtcp2_put_varint(p, params->initial_max_stream_data_uni); + } + + if (params->initial_max_data) { + p = ngtcp2_put_uint16be(p, NGTCP2_TRANSPORT_PARAM_INITIAL_MAX_DATA); + p = ngtcp2_put_uint16be( + p, (uint16_t)ngtcp2_put_varint_len(params->initial_max_data)); + p = ngtcp2_put_varint(p, params->initial_max_data); + } + + if (params->initial_max_streams_bidi) { + p = ngtcp2_put_uint16be(p, NGTCP2_TRANSPORT_PARAM_INITIAL_MAX_STREAMS_BIDI); + p = ngtcp2_put_uint16be( + p, (uint16_t)ngtcp2_put_varint_len(params->initial_max_streams_bidi)); + p = ngtcp2_put_varint(p, params->initial_max_streams_bidi); + } + + if (params->initial_max_streams_uni) { + p = ngtcp2_put_uint16be(p, NGTCP2_TRANSPORT_PARAM_INITIAL_MAX_STREAMS_UNI); + p = ngtcp2_put_uint16be( + p, (uint16_t)ngtcp2_put_varint_len(params->initial_max_streams_uni)); + p = ngtcp2_put_varint(p, params->initial_max_streams_uni); + } + + if (params->max_packet_size != NGTCP2_MAX_PKT_SIZE) { + p = ngtcp2_put_uint16be(p, NGTCP2_TRANSPORT_PARAM_MAX_PACKET_SIZE); + p = ngtcp2_put_uint16be( + p, (uint16_t)ngtcp2_put_varint_len(params->max_packet_size)); + p = ngtcp2_put_varint(p, params->max_packet_size); + } + + if (params->ack_delay_exponent != NGTCP2_DEFAULT_ACK_DELAY_EXPONENT) { + p = ngtcp2_put_uint16be(p, NGTCP2_TRANSPORT_PARAM_ACK_DELAY_EXPONENT); + p = ngtcp2_put_uint16be( + p, (uint16_t)ngtcp2_put_varint_len(params->ack_delay_exponent)); + p = ngtcp2_put_varint(p, params->ack_delay_exponent); + } + + if (params->disable_migration) { + p = ngtcp2_put_uint16be(p, NGTCP2_TRANSPORT_PARAM_DISABLE_MIGRATION); + p = ngtcp2_put_uint16be(p, 0); + } + + if (params->max_ack_delay != NGTCP2_DEFAULT_MAX_ACK_DELAY) { + p = ngtcp2_put_uint16be(p, NGTCP2_TRANSPORT_PARAM_MAX_ACK_DELAY); + p = ngtcp2_put_uint16be(p, + (uint16_t)ngtcp2_put_varint_len( + params->max_ack_delay / NGTCP2_MILLISECONDS)); + p = ngtcp2_put_varint(p, params->max_ack_delay / NGTCP2_MILLISECONDS); + } + + if (params->idle_timeout) { + p = ngtcp2_put_uint16be(p, NGTCP2_TRANSPORT_PARAM_IDLE_TIMEOUT); + p = ngtcp2_put_uint16be( + p, (uint16_t)ngtcp2_put_varint_len(params->idle_timeout)); + p = ngtcp2_put_varint(p, params->idle_timeout); + } + + if (params->active_connection_id_limit) { + p = ngtcp2_put_uint16be(p, + NGTCP2_TRANSPORT_PARAM_ACTIVE_CONNECTION_ID_LIMIT); + p = ngtcp2_put_uint16be( + p, (uint16_t)ngtcp2_put_varint_len(params->active_connection_id_limit)); + p = ngtcp2_put_varint(p, params->active_connection_id_limit); + } + + assert((size_t)(p - dest) == len); + + return (ssize_t)len; +} + +static ssize_t decode_varint(uint64_t *pdest, const uint8_t *p, + const uint8_t *end) { + uint16_t len = ngtcp2_get_uint16(p); + size_t n; + + p += sizeof(uint16_t); + + switch (len) { + case 1: + case 2: + case 4: + case 8: + break; + default: + return -1; + } + + if ((size_t)(end - p) < len) { + return -1; + } + + n = ngtcp2_get_varint_len(p); + if (n != len) { + return -1; + } + + *pdest = ngtcp2_get_varint(&n, p); + + return (ssize_t)(sizeof(uint16_t) + len); +} + +int ngtcp2_decode_transport_params(ngtcp2_transport_params *params, + uint8_t exttype, const uint8_t *data, + size_t datalen) { + const uint8_t *p, *end; + size_t len; + size_t tplen; + uint16_t param_type; + size_t valuelen; + ssize_t nread; + uint8_t scb[8192]; + size_t scb_idx; + size_t scb_shift; + + if (datalen < sizeof(uint16_t)) { + return NGTCP2_ERR_MALFORMED_TRANSPORT_PARAM; + } + + p = data; + end = data + datalen; + + tplen = ngtcp2_get_uint16(p); + p += sizeof(uint16_t); + + if (sizeof(uint16_t) + tplen != datalen) { + return NGTCP2_ERR_MALFORMED_TRANSPORT_PARAM; + } + + /* Set default values */ + params->initial_max_streams_bidi = 0; + params->initial_max_streams_uni = 0; + params->initial_max_stream_data_bidi_local = 0; + params->initial_max_stream_data_bidi_remote = 0; + params->initial_max_stream_data_uni = 0; + params->max_packet_size = NGTCP2_MAX_PKT_SIZE; + params->ack_delay_exponent = NGTCP2_DEFAULT_ACK_DELAY_EXPONENT; + params->stateless_reset_token_present = 0; + params->preferred_address_present = 0; + memset(¶ms->preferred_address, 0, sizeof(params->preferred_address)); + params->disable_migration = 0; + params->max_ack_delay = NGTCP2_DEFAULT_MAX_ACK_DELAY; + params->idle_timeout = 0; + params->active_connection_id_limit = 0; + params->original_connection_id_present = 0; + + memset(scb, 0, sizeof(scb)); + + for (; (size_t)(end - p) >= sizeof(uint16_t) * 2;) { + param_type = ngtcp2_get_uint16(p); + p += sizeof(uint16_t); + + scb_idx = param_type / 8; + scb_shift = param_type % 8; + + if (scb[scb_idx] & (1 << scb_shift)) { + return NGTCP2_ERR_MALFORMED_TRANSPORT_PARAM; + } + scb[scb_idx] |= (uint8_t)(1 << scb_shift); + switch (param_type) { + case NGTCP2_TRANSPORT_PARAM_INITIAL_MAX_STREAM_DATA_BIDI_LOCAL: + nread = + decode_varint(¶ms->initial_max_stream_data_bidi_local, p, end); + if (nread < 0) { + return NGTCP2_ERR_MALFORMED_TRANSPORT_PARAM; + } + p += nread; + break; + case NGTCP2_TRANSPORT_PARAM_INITIAL_MAX_STREAM_DATA_BIDI_REMOTE: + nread = + decode_varint(¶ms->initial_max_stream_data_bidi_remote, p, end); + if (nread < 0) { + return NGTCP2_ERR_MALFORMED_TRANSPORT_PARAM; + } + p += nread; + break; + case NGTCP2_TRANSPORT_PARAM_INITIAL_MAX_STREAM_DATA_UNI: + nread = decode_varint(¶ms->initial_max_stream_data_uni, p, end); + if (nread < 0) { + return NGTCP2_ERR_MALFORMED_TRANSPORT_PARAM; + } + p += nread; + break; + case NGTCP2_TRANSPORT_PARAM_INITIAL_MAX_DATA: + nread = decode_varint(¶ms->initial_max_data, p, end); + if (nread < 0) { + return NGTCP2_ERR_MALFORMED_TRANSPORT_PARAM; + } + p += nread; + break; + case NGTCP2_TRANSPORT_PARAM_INITIAL_MAX_STREAMS_BIDI: + nread = decode_varint(¶ms->initial_max_streams_bidi, p, end); + if (nread < 0) { + return NGTCP2_ERR_MALFORMED_TRANSPORT_PARAM; + } + if (params->initial_max_streams_bidi > NGTCP2_MAX_STREAMS) { + return NGTCP2_ERR_STREAM_LIMIT; + } + p += nread; + break; + case NGTCP2_TRANSPORT_PARAM_INITIAL_MAX_STREAMS_UNI: + nread = decode_varint(¶ms->initial_max_streams_uni, p, end); + if (nread < 0) { + return NGTCP2_ERR_MALFORMED_TRANSPORT_PARAM; + } + if (params->initial_max_streams_uni > NGTCP2_MAX_STREAMS) { + return NGTCP2_ERR_STREAM_LIMIT; + } + p += nread; + break; + case NGTCP2_TRANSPORT_PARAM_IDLE_TIMEOUT: + nread = decode_varint(¶ms->idle_timeout, p, end); + if (nread < 0) { + return NGTCP2_ERR_MALFORMED_TRANSPORT_PARAM; + } + p += nread; + break; + case NGTCP2_TRANSPORT_PARAM_MAX_PACKET_SIZE: + nread = decode_varint(¶ms->max_packet_size, p, end); + if (nread < 0) { + return NGTCP2_ERR_MALFORMED_TRANSPORT_PARAM; + } + p += nread; + break; + case NGTCP2_TRANSPORT_PARAM_STATELESS_RESET_TOKEN: + if (exttype != NGTCP2_TRANSPORT_PARAMS_TYPE_ENCRYPTED_EXTENSIONS) { + return NGTCP2_ERR_MALFORMED_TRANSPORT_PARAM; + } + if (ngtcp2_get_uint16(p) != sizeof(params->stateless_reset_token)) { + return NGTCP2_ERR_MALFORMED_TRANSPORT_PARAM; + } + p += sizeof(uint16_t); + if ((size_t)(end - p) < sizeof(params->stateless_reset_token)) { + return NGTCP2_ERR_MALFORMED_TRANSPORT_PARAM; + } + + memcpy(params->stateless_reset_token, p, + sizeof(params->stateless_reset_token)); + params->stateless_reset_token_present = 1; + + p += sizeof(params->stateless_reset_token); + break; + case NGTCP2_TRANSPORT_PARAM_ACK_DELAY_EXPONENT: + nread = decode_varint(¶ms->ack_delay_exponent, p, end); + if (nread < 0 || params->ack_delay_exponent > 20) { + return NGTCP2_ERR_MALFORMED_TRANSPORT_PARAM; + } + p += nread; + break; + case NGTCP2_TRANSPORT_PARAM_PREFERRED_ADDRESS: + if (exttype != NGTCP2_TRANSPORT_PARAMS_TYPE_ENCRYPTED_EXTENSIONS) { + return NGTCP2_ERR_MALFORMED_TRANSPORT_PARAM; + } + valuelen = ngtcp2_get_uint16(p); + p += sizeof(uint16_t); + if ((size_t)(end - p) < valuelen) { + return NGTCP2_ERR_MALFORMED_TRANSPORT_PARAM; + } + len = 4 /* ipv4Address */ + 2 /* ipv4Port */ + 16 /* ipv6Address */ + + 2 /* ipv6Port */ + + 1 /* cid length */ + NGTCP2_STATELESS_RESET_TOKENLEN; + if (valuelen < len) { + return NGTCP2_ERR_MALFORMED_TRANSPORT_PARAM; + } + + memcpy(params->preferred_address.ipv4_addr, p, + sizeof(params->preferred_address.ipv4_addr)); + p += sizeof(params->preferred_address.ipv4_addr); + params->preferred_address.ipv4_port = ngtcp2_get_uint16(p); + p += sizeof(uint16_t); + + memcpy(params->preferred_address.ipv6_addr, p, + sizeof(params->preferred_address.ipv6_addr)); + p += sizeof(params->preferred_address.ipv6_addr); + params->preferred_address.ipv6_port = ngtcp2_get_uint16(p); + p += sizeof(uint16_t); + + /* cid */ + params->preferred_address.cid.datalen = *p++; + len += params->preferred_address.cid.datalen; + if (valuelen != len || + params->preferred_address.cid.datalen > NGTCP2_MAX_CIDLEN || + (params->preferred_address.cid.datalen != 0 && + params->preferred_address.cid.datalen < NGTCP2_MIN_CIDLEN)) { + return NGTCP2_ERR_MALFORMED_TRANSPORT_PARAM; + } + if (params->preferred_address.cid.datalen) { + memcpy(params->preferred_address.cid.data, p, + params->preferred_address.cid.datalen); + p += params->preferred_address.cid.datalen; + } + + /* stateless reset token */ + memcpy(params->preferred_address.stateless_reset_token, p, + sizeof(params->preferred_address.stateless_reset_token)); + p += sizeof(params->preferred_address.stateless_reset_token); + params->preferred_address_present = 1; + break; + case NGTCP2_TRANSPORT_PARAM_DISABLE_MIGRATION: + if (ngtcp2_get_uint16(p) != 0) { + return NGTCP2_ERR_MALFORMED_TRANSPORT_PARAM; + } + p += sizeof(uint16_t); + params->disable_migration = 1; + break; + case NGTCP2_TRANSPORT_PARAM_ORIGINAL_CONNECTION_ID: + if (exttype != NGTCP2_TRANSPORT_PARAMS_TYPE_ENCRYPTED_EXTENSIONS) { + return NGTCP2_ERR_MALFORMED_TRANSPORT_PARAM; + } + len = ngtcp2_get_uint16(p); + p += sizeof(uint16_t); + if (len < NGTCP2_MIN_CIDLEN || len > NGTCP2_MAX_CIDLEN || + (size_t)(end - p) < len) { + return NGTCP2_ERR_MALFORMED_TRANSPORT_PARAM; + } + ngtcp2_cid_init(¶ms->original_connection_id, p, len); + params->original_connection_id_present = 1; + p += len; + break; + case NGTCP2_TRANSPORT_PARAM_MAX_ACK_DELAY: + nread = decode_varint(¶ms->max_ack_delay, p, end); + if (nread < 0 || params->max_ack_delay >= 16384) { + return NGTCP2_ERR_MALFORMED_TRANSPORT_PARAM; + } + params->max_ack_delay *= NGTCP2_MILLISECONDS; + p += nread; + break; + case NGTCP2_TRANSPORT_PARAM_ACTIVE_CONNECTION_ID_LIMIT: + nread = decode_varint(¶ms->active_connection_id_limit, p, end); + if (nread < 0) { + return NGTCP2_ERR_MALFORMED_TRANSPORT_PARAM; + } + p += nread; + break; + default: + /* Ignore unknown parameter */ + valuelen = ngtcp2_get_uint16(p); + p += sizeof(uint16_t); + if ((size_t)(end - p) < valuelen) { + return NGTCP2_ERR_MALFORMED_TRANSPORT_PARAM; + } + p += valuelen; + break; + } + } + + if (end - p != 0) { + return NGTCP2_ERR_MALFORMED_TRANSPORT_PARAM; + } + + return 0; +} diff --git a/deps/ngtcp2/lib/ngtcp2_crypto.h b/deps/ngtcp2/lib/ngtcp2_crypto.h new file mode 100644 index 0000000000..0ee97dde98 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_crypto.h @@ -0,0 +1,87 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGTCP2_CRYPTO_H +#define NGTCP2_CRYPTO_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include "ngtcp2_mem.h" + +/* NGTCP2_INITIAL_AEAD_OVERHEAD is an overhead of AEAD used by Initial + packets. Because QUIC uses AEAD_AES_128_GCM, the overhead is 16 + bytes. */ +#define NGTCP2_INITIAL_AEAD_OVERHEAD 16 + +/* NGTCP2_MAX_AEAD_OVERHEAD is expected maximum AEAD overhead. */ +#define NGTCP2_MAX_AEAD_OVERHEAD 16 + +/* NGTCP2_HP_SAMPLELEN is the number bytes sampled when encrypting a + packet header. */ +#define NGTCP2_HP_SAMPLELEN 16 + +typedef enum { + NGTCP2_CRYPTO_KM_FLAG_NONE, + /* NGTCP2_CRYPTO_KM_FLAG_KEY_PHASE_ONE is set if key phase bit is + set. */ + NGTCP2_CRYPTO_KM_FLAG_KEY_PHASE_ONE = 0x01, +} ngtcp2_crypto_km_flag; + +typedef struct { + ngtcp2_vec key; + ngtcp2_vec iv; + /* pkt_num is a packet number of a packet which uses this keying + material. For encryption key, it is the lowest packet number of + a packet. For decryption key, it is the lowest packet number of + a packet which can be decrypted with this keying material. */ + int64_t pkt_num; + /* flags is the bitwise OR of zero or more of + ngtcp2_crypto_km_flag. */ + uint8_t flags; +} ngtcp2_crypto_km; + +int ngtcp2_crypto_km_new(ngtcp2_crypto_km **pckm, const uint8_t *key, + size_t keylen, const uint8_t *iv, size_t ivlen, + const ngtcp2_mem *mem); + +void ngtcp2_crypto_km_del(ngtcp2_crypto_km *ckm, const ngtcp2_mem *mem); + +typedef struct { + const ngtcp2_crypto_km *ckm; + const ngtcp2_vec *hp; + size_t aead_overhead; + ngtcp2_encrypt encrypt; + ngtcp2_decrypt decrypt; + ngtcp2_hp_mask hp_mask; + void *user_data; +} ngtcp2_crypto_ctx; + +void ngtcp2_crypto_create_nonce(uint8_t *dest, const uint8_t *iv, size_t ivlen, + int64_t pkt_num); + +#endif /* NGTCP2_CRYPTO_H */ diff --git a/deps/ngtcp2/lib/ngtcp2_err.c b/deps/ngtcp2/lib/ngtcp2_err.c new file mode 100644 index 0000000000..a40fa9eecc --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_err.c @@ -0,0 +1,133 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "ngtcp2_err.h" + +const char *ngtcp2_strerror(int liberr) { + switch (liberr) { + case 0: + return "NO_ERROR"; + case NGTCP2_ERR_INVALID_ARGUMENT: + return "ERR_INVALID_ARGUMENT"; + case NGTCP2_ERR_UNKNOWN_PKT_TYPE: + return "ERR_UNKNOWN_PKT_TYPE"; + case NGTCP2_ERR_NOBUF: + return "ERR_NOBUF"; + case NGTCP2_ERR_PROTO: + return "ERR_PROTO"; + case NGTCP2_ERR_INVALID_STATE: + return "ERR_INVALID_STATE"; + case NGTCP2_ERR_ACK_FRAME: + return "ERR_ACK_FRAME"; + case NGTCP2_ERR_STREAM_ID_BLOCKED: + return "ERR_STREAM_ID_BLOCKED"; + case NGTCP2_ERR_STREAM_IN_USE: + return "ERR_STREAM_IN_USE"; + case NGTCP2_ERR_STREAM_DATA_BLOCKED: + return "ERR_STREAM_DATA_BLOCKED"; + case NGTCP2_ERR_FLOW_CONTROL: + return "ERR_FLOW_CONTROL"; + case NGTCP2_ERR_STREAM_LIMIT: + return "ERR_STREAM_LIMIT"; + case NGTCP2_ERR_FINAL_SIZE: + return "ERR_FINAL_SIZE"; + case NGTCP2_ERR_CRYPTO: + return "ERR_CRYPTO"; + case NGTCP2_ERR_PKT_NUM_EXHAUSTED: + return "ERR_PKT_NUM_EXHAUSTED"; + case NGTCP2_ERR_NOMEM: + return "ERR_NOMEM"; + case NGTCP2_ERR_REQUIRED_TRANSPORT_PARAM: + return "ERR_REQUIRED_TRANSPORT_PARAM"; + case NGTCP2_ERR_MALFORMED_TRANSPORT_PARAM: + return "ERR_MALFORMED_TRANSPORT_PARAM"; + case NGTCP2_ERR_FRAME_ENCODING: + return "ERR_FRAME_ENCODING"; + case NGTCP2_ERR_TLS_DECRYPT: + return "ERR_TLS_DECRYPT"; + case NGTCP2_ERR_STREAM_SHUT_WR: + return "ERR_STREAM_SHUT_WR"; + case NGTCP2_ERR_STREAM_NOT_FOUND: + return "ERR_STREAM_NOT_FOUND"; + case NGTCP2_ERR_STREAM_STATE: + return "ERR_STREAM_STATE"; + case NGTCP2_ERR_NOKEY: + return "ERR_NOKEY"; + case NGTCP2_ERR_EARLY_DATA_REJECTED: + return "ERR_EARLY_DATA_REJECTED"; + case NGTCP2_ERR_RECV_VERSION_NEGOTIATION: + return "ERR_RECV_VERSION_NEGOTIATION"; + case NGTCP2_ERR_CLOSING: + return "ERR_CLOSING"; + case NGTCP2_ERR_DRAINING: + return "ERR_DRAINING"; + case NGTCP2_ERR_TRANSPORT_PARAM: + return "ERR_TRANSPORT_PARAM"; + case NGTCP2_ERR_DISCARD_PKT: + return "ERR_DISCARD_PKT"; + case NGTCP2_ERR_PATH_VALIDATION_FAILED: + return "ERR_PATH_VALIDATION_FAILED"; + case NGTCP2_ERR_CONN_ID_BLOCKED: + return "ERR_CONN_ID_BLOCKED"; + case NGTCP2_ERR_CALLBACK_FAILURE: + return "ERR_CALLBACK_FAILURE"; + case NGTCP2_ERR_INTERNAL: + return "ERR_INTERNAL"; + case NGTCP2_ERR_CRYPTO_BUFFER_EXCEEDED: + return "ERR_CRYPTO_BUFFER_EXCEEDED"; + case NGTCP2_ERR_WRITE_STREAM_MORE: + return "ERR_WRITE_STREAM_MORE"; + default: + return "(unknown)"; + } +} + +int ngtcp2_err_is_fatal(int liberr) { return liberr < NGTCP2_ERR_FATAL; } + +uint64_t ngtcp2_err_infer_quic_transport_error_code(int liberr) { + switch (liberr) { + case 0: + return NGTCP2_NO_ERROR; + case NGTCP2_ERR_ACK_FRAME: + case NGTCP2_ERR_FRAME_ENCODING: + return NGTCP2_FRAME_ENCODING_ERROR; + case NGTCP2_ERR_FLOW_CONTROL: + return NGTCP2_FLOW_CONTROL_ERROR; + case NGTCP2_ERR_STREAM_LIMIT: + return NGTCP2_STREAM_LIMIT_ERROR; + case NGTCP2_ERR_FINAL_SIZE: + return NGTCP2_FINAL_SIZE_ERROR; + case NGTCP2_ERR_REQUIRED_TRANSPORT_PARAM: + case NGTCP2_ERR_MALFORMED_TRANSPORT_PARAM: + return NGTCP2_TRANSPORT_PARAMETER_ERROR; + case NGTCP2_ERR_INVALID_ARGUMENT: + return NGTCP2_INTERNAL_ERROR; + case NGTCP2_ERR_STREAM_STATE: + return NGTCP2_STREAM_STATE_ERROR; + case NGTCP2_ERR_CRYPTO_BUFFER_EXCEEDED: + return NGTCP2_CRYPTO_BUFFER_EXCEEDED; + default: + return NGTCP2_PROTOCOL_VIOLATION; + } +} diff --git a/deps/ngtcp2/lib/ngtcp2_err.h b/deps/ngtcp2/lib/ngtcp2_err.h new file mode 100644 index 0000000000..9229f5425a --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_err.h @@ -0,0 +1,34 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGTCP2_ERR_H +#define NGTCP2_ERR_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#endif /* NGTCP2_ERR_H */ diff --git a/deps/ngtcp2/lib/ngtcp2_gaptr.c b/deps/ngtcp2/lib/ngtcp2_gaptr.c new file mode 100644 index 0000000000..cdbecd1df1 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_gaptr.c @@ -0,0 +1,129 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "ngtcp2_gaptr.h" + +#include +#include + +#include "ngtcp2_macro.h" + +int ngtcp2_gaptr_init(ngtcp2_gaptr *gaptr, const ngtcp2_mem *mem) { + int rv; + ngtcp2_range range = {0, UINT64_MAX}; + ngtcp2_ksl_key key; + + rv = ngtcp2_ksl_init(&gaptr->gap, ngtcp2_ksl_range_compar, + sizeof(ngtcp2_range), mem); + if (rv != 0) { + return rv; + } + + rv = ngtcp2_ksl_insert(&gaptr->gap, NULL, ngtcp2_ksl_key_ptr(&key, &range), + NULL); + if (rv != 0) { + ngtcp2_ksl_free(&gaptr->gap); + return rv; + } + + gaptr->mem = mem; + + return 0; +} + +void ngtcp2_gaptr_free(ngtcp2_gaptr *gaptr) { + if (gaptr == NULL) { + return; + } + + ngtcp2_ksl_free(&gaptr->gap); +} + +int ngtcp2_gaptr_push(ngtcp2_gaptr *gaptr, uint64_t offset, size_t datalen) { + int rv; + ngtcp2_range k, m, l, r, q = {offset, offset + datalen}; + ngtcp2_ksl_it it; + ngtcp2_ksl_key key, old_key; + + it = ngtcp2_ksl_lower_bound_compar(&gaptr->gap, ngtcp2_ksl_key_ptr(&key, &q), + ngtcp2_ksl_range_exclusive_compar); + + for (; !ngtcp2_ksl_it_end(&it);) { + k = *(ngtcp2_range *)ngtcp2_ksl_it_key(&it).ptr; + m = ngtcp2_range_intersect(&q, &k); + if (!ngtcp2_range_len(&m)) { + break; + } + + if (ngtcp2_range_eq(&k, &m)) { + ngtcp2_ksl_remove(&gaptr->gap, &it, ngtcp2_ksl_key_ptr(&key, &k)); + continue; + } + ngtcp2_range_cut(&l, &r, &k, &m); + if (ngtcp2_range_len(&l)) { + ngtcp2_ksl_update_key(&gaptr->gap, ngtcp2_ksl_key_ptr(&old_key, &k), + ngtcp2_ksl_key_ptr(&key, &l)); + + if (ngtcp2_range_len(&r)) { + rv = ngtcp2_ksl_insert(&gaptr->gap, &it, ngtcp2_ksl_key_ptr(&key, &r), + NULL); + if (rv != 0) { + return rv; + } + } + } else if (ngtcp2_range_len(&r)) { + ngtcp2_ksl_update_key(&gaptr->gap, ngtcp2_ksl_key_ptr(&old_key, &k), + ngtcp2_ksl_key_ptr(&key, &r)); + } + ngtcp2_ksl_it_next(&it); + } + return 0; +} + +uint64_t ngtcp2_gaptr_first_gap_offset(ngtcp2_gaptr *gaptr) { + ngtcp2_ksl_it it = ngtcp2_ksl_begin(&gaptr->gap); + ngtcp2_range r = *(ngtcp2_range *)ngtcp2_ksl_it_key(&it).ptr; + return r.begin; +} + +ngtcp2_ksl_it ngtcp2_gaptr_get_first_gap_after(ngtcp2_gaptr *gaptr, + uint64_t offset) { + ngtcp2_range q = {offset, offset + 1}; + ngtcp2_ksl_key key; + return ngtcp2_ksl_lower_bound_compar(&gaptr->gap, + ngtcp2_ksl_key_ptr(&key, &q), + ngtcp2_ksl_range_exclusive_compar); +} + +int ngtcp2_gaptr_is_pushed(ngtcp2_gaptr *gaptr, uint64_t offset, + size_t datalen) { + ngtcp2_ksl_key key; + ngtcp2_range q = {offset, offset + datalen}; + ngtcp2_ksl_it it = + ngtcp2_ksl_lower_bound_compar(&gaptr->gap, ngtcp2_ksl_key_ptr(&key, &q), + ngtcp2_ksl_range_exclusive_compar); + ngtcp2_range k = *(ngtcp2_range *)ngtcp2_ksl_it_key(&it).ptr; + ngtcp2_range m = ngtcp2_range_intersect(&q, &k); + return ngtcp2_range_len(&m) == 0; +} diff --git a/deps/ngtcp2/lib/ngtcp2_gaptr.h b/deps/ngtcp2/lib/ngtcp2_gaptr.h new file mode 100644 index 0000000000..1affbb7e8b --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_gaptr.h @@ -0,0 +1,97 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGTCP2_GAPTR_H +#define NGTCP2_GAPTR_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include "ngtcp2_mem.h" +#include "ngtcp2_range.h" +#include "ngtcp2_ksl.h" + +/* + * ngtcp2_gaptr maintains the gap in the range [0, UINT64_MAX). + */ +typedef struct { + /* gap maintains the range of offset which is not received + yet. Initially, its range is [0, UINT64_MAX). */ + ngtcp2_ksl gap; + /* mem is custom memory allocator */ + const ngtcp2_mem *mem; +} ngtcp2_gaptr; + +/* + * ngtcp2_gaptr_init initializes |gaptr|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +int ngtcp2_gaptr_init(ngtcp2_gaptr *gaptr, const ngtcp2_mem *mem); + +/* + * ngtcp2_gaptr_free frees resources allocated for |gaptr|. + */ +void ngtcp2_gaptr_free(ngtcp2_gaptr *gaptr); + +/* + * ngtcp2_gaptr_push adds new data of length |datalen| at the stream + * offset |offset|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory + */ +int ngtcp2_gaptr_push(ngtcp2_gaptr *gaptr, uint64_t offset, size_t datalen); + +/* + * ngtcp2_gaptr_first_gap_offset returns the offset to the first gap. + * If there is no gap, it returns UINT64_MAX. + */ +uint64_t ngtcp2_gaptr_first_gap_offset(ngtcp2_gaptr *gaptr); + +/* + * ngtcp2_gaptr_get_first_gap_after returns the iterator pointing to + * the first gap which overlaps or comes after |offset|. + */ +ngtcp2_ksl_it ngtcp2_gaptr_get_first_gap_after(ngtcp2_gaptr *gaptr, + uint64_t offset); + +/* + * ngtcp2_gaptr_is_pushed returns nonzero if range [offset, offset + + * datalen) is completely pushed into this object. + */ +int ngtcp2_gaptr_is_pushed(ngtcp2_gaptr *gaptr, uint64_t offset, + size_t datalen); + +#endif /* NGTCP2_GAPTR_H */ diff --git a/deps/ngtcp2/lib/ngtcp2_idtr.c b/deps/ngtcp2/lib/ngtcp2_idtr.c new file mode 100644 index 0000000000..f04806b4a8 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_idtr.c @@ -0,0 +1,86 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "ngtcp2_idtr.h" + +#include + +int ngtcp2_idtr_init(ngtcp2_idtr *idtr, int server, const ngtcp2_mem *mem) { + int rv; + + rv = ngtcp2_gaptr_init(&idtr->gap, mem); + if (rv != 0) { + return rv; + } + + idtr->server = server; + + return 0; +} + +void ngtcp2_idtr_free(ngtcp2_idtr *idtr) { + if (idtr == NULL) { + return; + } + + ngtcp2_gaptr_free(&idtr->gap); +} + +/* + * id_from_stream_id translates |stream_id| to id space used by + * ngtcp2_idtr. + */ +static uint64_t id_from_stream_id(int64_t stream_id) { + return (uint64_t)(stream_id >> 2); +} + +int ngtcp2_idtr_open(ngtcp2_idtr *idtr, int64_t stream_id) { + uint64_t q; + + assert((idtr->server && (stream_id % 2)) || + (!idtr->server && (stream_id % 2)) == 0); + + q = id_from_stream_id(stream_id); + + if (ngtcp2_gaptr_is_pushed(&idtr->gap, q, 1)) { + return NGTCP2_ERR_STREAM_IN_USE; + } + + return ngtcp2_gaptr_push(&idtr->gap, q, 1); +} + +int ngtcp2_idtr_is_open(ngtcp2_idtr *idtr, int64_t stream_id) { + uint64_t q; + + assert((idtr->server && (stream_id % 2)) || + (!idtr->server && (stream_id % 2)) == 0); + + q = id_from_stream_id(stream_id); + + return ngtcp2_gaptr_is_pushed(&idtr->gap, q, 1); +} + +uint64_t ngtcp2_idtr_first_gap(ngtcp2_idtr *idtr) { + return ngtcp2_gaptr_first_gap_offset(&idtr->gap); +} diff --git a/deps/ngtcp2/lib/ngtcp2_idtr.h b/deps/ngtcp2/lib/ngtcp2_idtr.h new file mode 100644 index 0000000000..86f2272401 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_idtr.h @@ -0,0 +1,96 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGTCP2_IDTR_H +#define NGTCP2_IDTR_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include "ngtcp2_mem.h" +#include "ngtcp2_gaptr.h" + +/* + * ngtcp2_idtr tracks the usage of stream ID. + */ +typedef struct { + /* gap maintains the range of ID which is not used yet. Initially, + its range is [0, UINT64_MAX). */ + ngtcp2_gaptr gap; + /* server is nonzero if this object records server initiated stream + ID. */ + int server; +} ngtcp2_idtr; + +/* + * ngtcp2_idtr_init initializes |idtr|. |chunk| is the size of buffer + * per chunk. + * + * If this object records server initiated ID (even number), set + * |server| to nonzero. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +int ngtcp2_idtr_init(ngtcp2_idtr *idtr, int server, const ngtcp2_mem *mem); + +/* + * ngtcp2_idtr_free frees resources allocated for |idtr|. + */ +void ngtcp2_idtr_free(ngtcp2_idtr *idtr); + +/* + * ngtcp2_idtr_open claims that |stream_id| is in used. + * + * It returns 0 if it succeeds, or one of the following negative error + * codes: + * + * NGTCP2_ERR_STREAM_IN_USE + * ID has already been used. + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +int ngtcp2_idtr_open(ngtcp2_idtr *idtr, int64_t stream_id); + +/* + * ngtcp2_idtr_open tells whether ID |stream_id| is in used or not. + * + * It returns nonzero if |stream_id| is used. + */ +int ngtcp2_idtr_is_open(ngtcp2_idtr *idtr, int64_t stream_id); + +/* + * ngtcp2_idtr_first_gap returns the first id of first gap. If there + * is no gap, it returns UINT64_MAX. The returned id is an id space + * used in this object internally, and not stream ID. + */ +uint64_t ngtcp2_idtr_first_gap(ngtcp2_idtr *idtr); + +#endif /* NGTCP2_IDTR_H */ diff --git a/deps/ngtcp2/lib/ngtcp2_ksl.c b/deps/ngtcp2/lib/ngtcp2_ksl.c new file mode 100644 index 0000000000..6af35eac67 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_ksl.c @@ -0,0 +1,754 @@ +/* + * ngtcp2 + * + * Copyright (c) 2018 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "ngtcp2_ksl.h" + +#include +#include +#include +#include + +#include "ngtcp2_macro.h" +#include "ngtcp2_mem.h" +#include "ngtcp2_range.h" + +static size_t ksl_nodelen(size_t keylen) { + return (sizeof(ngtcp2_ksl_node) + keylen - sizeof(uint64_t) + 0xf) & + (size_t)~0xf; +} + +static size_t ksl_blklen(size_t nodelen) { + return sizeof(ngtcp2_ksl_blk) + nodelen * NGTCP2_KSL_MAX_NBLK - + sizeof(uint64_t); +} + +/* + * ksl_node_set_key sets |key| to |node|. + */ +static void ksl_node_set_key(ngtcp2_ksl *ksl, ngtcp2_ksl_node *node, + const void *key) { + memcpy(&node->key, key, ksl->keylen); +} + +/* + * ksl_node_key assigns the pointer to key of |node| to key->ptr and + * returns |key|. + */ +static ngtcp2_ksl_key *ksl_node_key(ngtcp2_ksl_key *key, + ngtcp2_ksl_node *node) { + key->ptr = &node->key; + return key; +} + +/* + * ksl_nth_node returns |n|th node under |blk|. + */ +static ngtcp2_ksl_node *ksl_nth_node(const ngtcp2_ksl *ksl, ngtcp2_ksl_blk *blk, + size_t n) { + return (ngtcp2_ksl_node *)(void *)(blk->nodes + ksl->nodelen * n); +} + +ngtcp2_ksl_node *ngtcp2_ksl_nth_node(ngtcp2_ksl *ksl, ngtcp2_ksl_blk *blk, + size_t n) { + return ksl_nth_node(ksl, blk, n); +} + +int ngtcp2_ksl_init(ngtcp2_ksl *ksl, ngtcp2_ksl_compar compar, size_t keylen, + const ngtcp2_mem *mem) { + size_t nodelen = ksl_nodelen(keylen); + size_t blklen = ksl_blklen(nodelen); + ngtcp2_ksl_blk *head; + + ksl->head = ngtcp2_mem_malloc(mem, blklen); + if (!ksl->head) { + return NGTCP2_ERR_NOMEM; + } + ksl->front = ksl->back = ksl->head; + ksl->compar = compar; + ksl->keylen = keylen; + ksl->nodelen = nodelen; + ksl->n = 0; + ksl->mem = mem; + + head = ksl->head; + head->next = head->prev = NULL; + head->n = 0; + head->leaf = 1; + + return 0; +} + +/* + * ksl_free_blk frees |blk| recursively. + */ +static void ksl_free_blk(ngtcp2_ksl *ksl, ngtcp2_ksl_blk *blk) { + size_t i; + + if (!blk->leaf) { + for (i = 0; i < blk->n; ++i) { + ksl_free_blk(ksl, ksl_nth_node(ksl, blk, i)->blk); + } + } + + ngtcp2_mem_free(ksl->mem, blk); +} + +void ngtcp2_ksl_free(ngtcp2_ksl *ksl) { + if (!ksl) { + return; + } + + ksl_free_blk(ksl, ksl->head); +} + +/* + * ksl_split_blk splits |blk| into 2 ngtcp2_ksl_blk objects. The new + * ngtcp2_ksl_blk is always the "right" block. + * + * It returns the pointer to the ngtcp2_ksl_blk created which is the + * located at the right of |blk|, or NULL which indicates out of + * memory error. + */ +static ngtcp2_ksl_blk *ksl_split_blk(ngtcp2_ksl *ksl, ngtcp2_ksl_blk *blk) { + ngtcp2_ksl_blk *rblk; + + rblk = ngtcp2_mem_malloc(ksl->mem, ksl_blklen(ksl->nodelen)); + if (rblk == NULL) { + return NULL; + } + + rblk->next = blk->next; + blk->next = rblk; + if (rblk->next) { + rblk->next->prev = rblk; + } else if (ksl->back == blk) { + ksl->back = rblk; + } + rblk->prev = blk; + rblk->leaf = blk->leaf; + + rblk->n = blk->n / 2; + + memcpy(rblk->nodes, blk->nodes + ksl->nodelen * (blk->n - rblk->n), + ksl->nodelen * rblk->n); + + blk->n -= rblk->n; + + assert(blk->n >= NGTCP2_KSL_MIN_NBLK); + assert(rblk->n >= NGTCP2_KSL_MIN_NBLK); + + return rblk; +} + +/* + * ksl_split_node splits a node included in |blk| at the position |i| + * into 2 adjacent nodes. The new node is always inserted at the + * position |i+1|. + * + * It returns 0 if it succeeds, or one of the following negative error + * codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +static int ksl_split_node(ngtcp2_ksl *ksl, ngtcp2_ksl_blk *blk, size_t i) { + ngtcp2_ksl_node *node; + ngtcp2_ksl_blk *lblk = ksl_nth_node(ksl, blk, i)->blk, *rblk; + + rblk = ksl_split_blk(ksl, lblk); + if (rblk == NULL) { + return NGTCP2_ERR_NOMEM; + } + + memmove(blk->nodes + (i + 2) * ksl->nodelen, + blk->nodes + (i + 1) * ksl->nodelen, + ksl->nodelen * (blk->n - (i + 1))); + + node = ksl_nth_node(ksl, blk, i + 1); + node->blk = rblk; + ++blk->n; + ksl_node_set_key(ksl, node, &ksl_nth_node(ksl, rblk, rblk->n - 1)->key); + + node = ksl_nth_node(ksl, blk, i); + ksl_node_set_key(ksl, node, &ksl_nth_node(ksl, lblk, lblk->n - 1)->key); + + return 0; +} + +/* + * ksl_split_head splits a head (root) block. It increases the height + * of skip list by 1. + * + * It returns 0 if it succeeds, or one of the following negative error + * codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +static int ksl_split_head(ngtcp2_ksl *ksl) { + ngtcp2_ksl_blk *rblk = NULL, *lblk, *nhead = NULL; + ngtcp2_ksl_node *node; + + rblk = ksl_split_blk(ksl, ksl->head); + if (rblk == NULL) { + return NGTCP2_ERR_NOMEM; + } + + lblk = ksl->head; + + nhead = ngtcp2_mem_malloc(ksl->mem, ksl_blklen(ksl->nodelen)); + if (nhead == NULL) { + ngtcp2_mem_free(ksl->mem, rblk); + return NGTCP2_ERR_NOMEM; + } + nhead->next = nhead->prev = NULL; + nhead->n = 2; + nhead->leaf = 0; + + node = ksl_nth_node(ksl, nhead, 0); + ksl_node_set_key(ksl, node, &ksl_nth_node(ksl, lblk, lblk->n - 1)->key); + node->blk = lblk; + + node = ksl_nth_node(ksl, nhead, 1); + ksl_node_set_key(ksl, node, &ksl_nth_node(ksl, rblk, rblk->n - 1)->key); + node->blk = rblk; + + ksl->head = nhead; + + return 0; +} + +/* + * insert_node inserts a node whose key is |key| with the associated + * |data| at the index of |i|. This function assumes that the number + * of nodes contained by |blk| is strictly less than + * NGTCP2_KSL_MAX_NBLK. + */ +static void ksl_insert_node(ngtcp2_ksl *ksl, ngtcp2_ksl_blk *blk, size_t i, + const ngtcp2_ksl_key *key, void *data) { + ngtcp2_ksl_node *node; + + assert(blk->n < NGTCP2_KSL_MAX_NBLK); + + memmove(blk->nodes + (i + 1) * ksl->nodelen, blk->nodes + i * ksl->nodelen, + ksl->nodelen * (blk->n - i)); + + node = ksl_nth_node(ksl, blk, i); + ksl_node_set_key(ksl, node, key->ptr); + node->data = data; + + ++blk->n; +} + +static size_t ksl_bsearch(ngtcp2_ksl *ksl, ngtcp2_ksl_blk *blk, + const ngtcp2_ksl_key *key, ngtcp2_ksl_compar compar) { + ssize_t left = -1, right = (ssize_t)blk->n, mid; + ngtcp2_ksl_node *node; + ngtcp2_ksl_key node_key; + + while (right - left > 1) { + mid = (left + right) / 2; + node = ksl_nth_node(ksl, blk, (size_t)mid); + if (compar(ksl_node_key(&node_key, node), key)) { + left = mid; + } else { + right = mid; + } + } + + return (size_t)right; +} + +int ngtcp2_ksl_insert(ngtcp2_ksl *ksl, ngtcp2_ksl_it *it, + const ngtcp2_ksl_key *key, void *data) { + ngtcp2_ksl_blk *blk = ksl->head; + ngtcp2_ksl_node *node; + ngtcp2_ksl_key node_key; + size_t i; + int rv; + + if (blk->n == NGTCP2_KSL_MAX_NBLK) { + rv = ksl_split_head(ksl); + if (rv != 0) { + return rv; + } + blk = ksl->head; + } + + for (;;) { + i = ksl_bsearch(ksl, blk, key, ksl->compar); + + if (blk->leaf) { + ksl_insert_node(ksl, blk, i, key, data); + ++ksl->n; + if (it) { + ngtcp2_ksl_it_init(it, ksl, blk, i); + } + return 0; + } + + if (i == blk->n) { + /* This insertion extends the largest key in this subtree. */ + for (; !blk->leaf;) { + node = ksl_nth_node(ksl, blk, blk->n - 1); + if (node->blk->n == NGTCP2_KSL_MAX_NBLK) { + rv = ksl_split_node(ksl, blk, blk->n - 1); + if (rv != 0) { + return rv; + } + node = ksl_nth_node(ksl, blk, blk->n - 1); + } + ksl_node_set_key(ksl, node, key->ptr); + blk = node->blk; + } + ksl_insert_node(ksl, blk, blk->n, key, data); + ++ksl->n; + if (it) { + ngtcp2_ksl_it_init(it, ksl, blk, blk->n - 1); + } + return 0; + } + + node = ksl_nth_node(ksl, blk, i); + + if (node->blk->n == NGTCP2_KSL_MAX_NBLK) { + rv = ksl_split_node(ksl, blk, i); + if (rv != 0) { + return rv; + } + if (ksl->compar(ksl_node_key(&node_key, node), key)) { + node = ksl_nth_node(ksl, blk, i + 1); + if (ksl->compar(ksl_node_key(&node_key, node), key)) { + ksl_node_set_key(ksl, node, key->ptr); + } + } + } + + blk = node->blk; + } +} + +/* + * ksl_remove_node removes the node included in |blk| at the index of + * |i|. + */ +static void ksl_remove_node(ngtcp2_ksl *ksl, ngtcp2_ksl_blk *blk, size_t i) { + memmove(blk->nodes + i * ksl->nodelen, blk->nodes + (i + 1) * ksl->nodelen, + ksl->nodelen * (blk->n - (i + 1))); + + --blk->n; +} + +/* + * ksl_merge_node merges 2 nodes which are the nodes at the index of + * |i| and |i + 1|. + * + * If |blk| is the direct descendant of head (root) block and the head + * block contains just 2 nodes, the merged block becomes head block, + * which decreases the height of |ksl| by 1. + * + * This function returns the pointer to the merged block. + */ +static ngtcp2_ksl_blk *ksl_merge_node(ngtcp2_ksl *ksl, ngtcp2_ksl_blk *blk, + size_t i) { + ngtcp2_ksl_blk *lblk, *rblk; + + assert(i + 1 < blk->n); + + lblk = ksl_nth_node(ksl, blk, i)->blk; + rblk = ksl_nth_node(ksl, blk, i + 1)->blk; + + assert(lblk->n + rblk->n < NGTCP2_KSL_MAX_NBLK); + + memcpy(lblk->nodes + ksl->nodelen * lblk->n, rblk->nodes, + ksl->nodelen * rblk->n); + + lblk->n += rblk->n; + lblk->next = rblk->next; + if (lblk->next) { + lblk->next->prev = lblk; + } else if (ksl->back == rblk) { + ksl->back = lblk; + } + + ngtcp2_mem_free(ksl->mem, rblk); + + if (ksl->head == blk && blk->n == 2) { + ngtcp2_mem_free(ksl->mem, ksl->head); + ksl->head = lblk; + } else { + ksl_remove_node(ksl, blk, i + 1); + ksl_node_set_key(ksl, ksl_nth_node(ksl, blk, i), + &ksl_nth_node(ksl, lblk, lblk->n - 1)->key); + } + + return lblk; +} + +/* + * ksl_shift_left moves the first node in blk->nodes[i]->blk->nodes to + * blk->nodes[i - 1]->blk->nodes. + */ +static void ksl_shift_left(ngtcp2_ksl *ksl, ngtcp2_ksl_blk *blk, size_t i) { + ngtcp2_ksl_node *lnode, *rnode, *dest, *src; + + assert(i > 0); + + lnode = ksl_nth_node(ksl, blk, i - 1); + rnode = ksl_nth_node(ksl, blk, i); + + assert(lnode->blk->n < NGTCP2_KSL_MAX_NBLK); + assert(rnode->blk->n > NGTCP2_KSL_MIN_NBLK); + + dest = ksl_nth_node(ksl, lnode->blk, lnode->blk->n); + src = ksl_nth_node(ksl, rnode->blk, 0); + + memcpy(dest, src, ksl->nodelen); + ksl_node_set_key(ksl, lnode, &dest->key); + ++lnode->blk->n; + + --rnode->blk->n; + memmove(rnode->blk->nodes, rnode->blk->nodes + ksl->nodelen, + ksl->nodelen * rnode->blk->n); +} + +/* + * ksl_shift_right moves the last node in blk->nodes[i]->blk->nodes to + * blk->nodes[i + 1]->blk->nodes. + */ +static void ksl_shift_right(ngtcp2_ksl *ksl, ngtcp2_ksl_blk *blk, size_t i) { + ngtcp2_ksl_node *lnode, *rnode, *dest, *src; + + assert(i < blk->n - 1); + + lnode = ksl_nth_node(ksl, blk, i); + rnode = ksl_nth_node(ksl, blk, i + 1); + + assert(lnode->blk->n > NGTCP2_KSL_MIN_NBLK); + assert(rnode->blk->n < NGTCP2_KSL_MAX_NBLK); + + memmove(rnode->blk->nodes + ksl->nodelen, rnode->blk->nodes, + ksl->nodelen * rnode->blk->n); + ++rnode->blk->n; + + dest = ksl_nth_node(ksl, rnode->blk, 0); + src = ksl_nth_node(ksl, lnode->blk, lnode->blk->n - 1); + + memcpy(dest, src, ksl->nodelen); + + --lnode->blk->n; + ksl_node_set_key(ksl, lnode, + &ksl_nth_node(ksl, lnode->blk, lnode->blk->n - 1)->key); +} + +/* + * key_equal returns nonzero if |lhs| and |rhs| are equal using the + * function |compar|. + */ +static int key_equal(ngtcp2_ksl_compar compar, const ngtcp2_ksl_key *lhs, + const ngtcp2_ksl_key *rhs) { + return !compar(lhs, rhs) && !compar(rhs, lhs); +} + +void ngtcp2_ksl_remove(ngtcp2_ksl *ksl, ngtcp2_ksl_it *it, + const ngtcp2_ksl_key *key) { + ngtcp2_ksl_blk *blk = ksl->head, *lblk, *rblk; + ngtcp2_ksl_node *node; + size_t i; + + if (!blk->leaf && blk->n == 2 && + ksl_nth_node(ksl, blk, 0)->blk->n == NGTCP2_KSL_MIN_NBLK && + ksl_nth_node(ksl, blk, 1)->blk->n == NGTCP2_KSL_MIN_NBLK) { + blk = ksl_merge_node(ksl, ksl->head, 0); + } + + for (;;) { + i = ksl_bsearch(ksl, blk, key, ksl->compar); + + assert(i < blk->n); + + if (blk->leaf) { + assert(i < blk->n); + ksl_remove_node(ksl, blk, i); + --ksl->n; + if (it) { + if (blk->n == i && blk->next) { + ngtcp2_ksl_it_init(it, ksl, blk->next, 0); + } else { + ngtcp2_ksl_it_init(it, ksl, blk, i); + } + } + return; + } + + node = ksl_nth_node(ksl, blk, i); + + if (node->blk->n == NGTCP2_KSL_MIN_NBLK) { + if (i > 0 && (lblk = ksl_nth_node(ksl, blk, i - 1)->blk)->n > + NGTCP2_KSL_MIN_NBLK) { + ksl_shift_right(ksl, blk, i - 1); + } else if (i + 1 < blk->n && + (rblk = ksl_nth_node(ksl, blk, i + 1)->blk)->n > + NGTCP2_KSL_MIN_NBLK) { + ksl_shift_left(ksl, blk, i + 1); + } else if (i > 0) { + assert(lblk); + assert(lblk->n + node->blk->n < NGTCP2_KSL_MAX_NBLK); + blk = ksl_merge_node(ksl, blk, i - 1); + } else { + assert(i + 1 < blk->n); + assert(rblk); + assert(node->blk->n + rblk->n < NGTCP2_KSL_MAX_NBLK); + blk = ksl_merge_node(ksl, blk, i); + } + } else { + blk = node->blk; + } + } +} + +ngtcp2_ksl_it ngtcp2_ksl_lower_bound(ngtcp2_ksl *ksl, + const ngtcp2_ksl_key *key) { + ngtcp2_ksl_blk *blk = ksl->head; + ngtcp2_ksl_it it; + size_t i; + + for (;;) { + i = ksl_bsearch(ksl, blk, key, ksl->compar); + + if (blk->leaf) { + if (i == blk->n && blk->next) { + blk = blk->next; + i = 0; + } + ngtcp2_ksl_it_init(&it, ksl, blk, i); + return it; + } + + if (i == blk->n) { + /* This happens if descendant has smaller key. Fast forward to + find last node in this subtree. */ + for (; !blk->leaf; blk = ksl_nth_node(ksl, blk, blk->n - 1)->blk) + ; + if (blk->next) { + blk = blk->next; + i = 0; + } else { + i = blk->n; + } + ngtcp2_ksl_it_init(&it, ksl, blk, i); + return it; + } + blk = ksl_nth_node(ksl, blk, i)->blk; + } +} + +ngtcp2_ksl_it ngtcp2_ksl_lower_bound_compar(ngtcp2_ksl *ksl, + const ngtcp2_ksl_key *key, + ngtcp2_ksl_compar compar) { + ngtcp2_ksl_blk *blk = ksl->head; + ngtcp2_ksl_it it; + size_t i; + + for (;;) { + i = ksl_bsearch(ksl, blk, key, compar); + + if (blk->leaf) { + if (i == blk->n && blk->next) { + blk = blk->next; + i = 0; + } + ngtcp2_ksl_it_init(&it, ksl, blk, i); + return it; + } + + if (i == blk->n) { + /* This happens if descendant has smaller key. Fast forward to + find last node in this subtree. */ + for (; !blk->leaf; blk = ksl_nth_node(ksl, blk, blk->n - 1)->blk) + ; + if (blk->next) { + blk = blk->next; + i = 0; + } else { + i = blk->n; + } + ngtcp2_ksl_it_init(&it, ksl, blk, i); + return it; + } + blk = ksl_nth_node(ksl, blk, i)->blk; + } +} + +void ngtcp2_ksl_update_key(ngtcp2_ksl *ksl, const ngtcp2_ksl_key *old_key, + const ngtcp2_ksl_key *new_key) { + ngtcp2_ksl_blk *blk = ksl->head; + ngtcp2_ksl_node *node; + ngtcp2_ksl_key node_key; + size_t i; + + for (;;) { + i = ksl_bsearch(ksl, blk, old_key, ksl->compar); + + assert(i < blk->n); + node = ksl_nth_node(ksl, blk, i); + + if (blk->leaf) { + assert(key_equal(ksl->compar, ksl_node_key(&node_key, node), old_key)); + ksl_node_set_key(ksl, node, new_key->ptr); + return; + } + + ksl_node_key(&node_key, node); + if (key_equal(ksl->compar, &node_key, old_key) || + ksl->compar(&node_key, new_key)) { + ksl_node_set_key(ksl, node, new_key->ptr); + } + + blk = node->blk; + } +} + +static void ksl_print(ngtcp2_ksl *ksl, ngtcp2_ksl_blk *blk, size_t level) { + size_t i; + ngtcp2_ksl_node *node; + ngtcp2_ksl_key node_key; + + fprintf(stderr, "LV=%zu n=%zu\n", level, blk->n); + + if (blk->leaf) { + for (i = 0; i < blk->n; ++i) { + node = ksl_nth_node(ksl, blk, i); + fprintf(stderr, " %" PRId64, *ksl_node_key(&node_key, node)->i); + } + fprintf(stderr, "\n"); + return; + } + + for (i = 0; i < blk->n; ++i) { + ksl_print(ksl, ksl_nth_node(ksl, blk, i)->blk, level + 1); + } +} + +size_t ngtcp2_ksl_len(ngtcp2_ksl *ksl) { return ksl->n; } + +void ngtcp2_ksl_clear(ngtcp2_ksl *ksl) { + size_t i; + ngtcp2_ksl_blk *head; + + if (!ksl->head->leaf) { + for (i = 0; i < ksl->head->n; ++i) { + ksl_free_blk(ksl, ksl_nth_node(ksl, ksl->head, i)->blk); + } + } + + ksl->front = ksl->back = ksl->head; + ksl->n = 0; + + head = ksl->head; + + head->next = head->prev = NULL; + head->n = 0; + head->leaf = 1; +} + +void ngtcp2_ksl_print(ngtcp2_ksl *ksl) { ksl_print(ksl, ksl->head, 0); } + +ngtcp2_ksl_it ngtcp2_ksl_begin(const ngtcp2_ksl *ksl) { + ngtcp2_ksl_it it; + ngtcp2_ksl_it_init(&it, ksl, ksl->front, 0); + return it; +} + +ngtcp2_ksl_it ngtcp2_ksl_end(const ngtcp2_ksl *ksl) { + ngtcp2_ksl_it it; + ngtcp2_ksl_it_init(&it, ksl, ksl->back, ksl->back->n); + return it; +} + +void ngtcp2_ksl_it_init(ngtcp2_ksl_it *it, const ngtcp2_ksl *ksl, + ngtcp2_ksl_blk *blk, size_t i) { + it->ksl = ksl; + it->blk = blk; + it->i = i; +} + +void *ngtcp2_ksl_it_get(const ngtcp2_ksl_it *it) { + assert(it->i < it->blk->n); + return ksl_nth_node(it->ksl, it->blk, it->i)->data; +} + +void ngtcp2_ksl_it_next(ngtcp2_ksl_it *it) { + assert(!ngtcp2_ksl_it_end(it)); + + if (++it->i == it->blk->n && it->blk->next) { + it->blk = it->blk->next; + it->i = 0; + } +} + +void ngtcp2_ksl_it_prev(ngtcp2_ksl_it *it) { + assert(!ngtcp2_ksl_it_begin(it)); + + if (it->i == 0) { + it->blk = it->blk->prev; + it->i = it->blk->n - 1; + } else { + --it->i; + } +} + +int ngtcp2_ksl_it_end(const ngtcp2_ksl_it *it) { + return it->blk->n == it->i && it->blk->next == NULL; +} + +int ngtcp2_ksl_it_begin(const ngtcp2_ksl_it *it) { + return it->i == 0 && it->blk->prev == NULL; +} + +ngtcp2_ksl_key ngtcp2_ksl_it_key(const ngtcp2_ksl_it *it) { + ngtcp2_ksl_key node_key; + + assert(it->i < it->blk->n); + + return *ksl_node_key(&node_key, ksl_nth_node(it->ksl, it->blk, it->i)); +} + +ngtcp2_ksl_key *ngtcp2_ksl_key_ptr(ngtcp2_ksl_key *key, const void *ptr) { + key->ptr = ptr; + return key; +} + +int ngtcp2_ksl_range_compar(const ngtcp2_ksl_key *lhs, + const ngtcp2_ksl_key *rhs) { + const ngtcp2_range *a = lhs->ptr, *b = rhs->ptr; + return a->begin < b->begin; +} + +int ngtcp2_ksl_range_exclusive_compar(const ngtcp2_ksl_key *lhs, + const ngtcp2_ksl_key *rhs) { + const ngtcp2_range *a = lhs->ptr, *b = rhs->ptr; + return a->begin < b->begin && + !(ngtcp2_max(a->begin, b->begin) < ngtcp2_min(a->end, b->end)); +} diff --git a/deps/ngtcp2/lib/ngtcp2_ksl.h b/deps/ngtcp2/lib/ngtcp2_ksl.h new file mode 100644 index 0000000000..c9ce128a22 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_ksl.h @@ -0,0 +1,334 @@ +/* + * ngtcp2 + * + * Copyright (c) 2018 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGTCP2_KSL_H +#define NGTCP2_KSL_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include + +/* + * Skip List using single key instead of range. + */ + +#define NGTCP2_KSL_DEGR 8 +/* NGTCP2_KSL_MAX_NBLK is the maximum number of nodes which a single + block can contain. */ +#define NGTCP2_KSL_MAX_NBLK (2 * NGTCP2_KSL_DEGR - 1) +/* NGTCP2_KSL_MIN_NBLK is the minimum number of nodes which a single + block other than root must contains. */ +#define NGTCP2_KSL_MIN_NBLK (NGTCP2_KSL_DEGR - 1) + +/* + * ngtcp2_ksl_key represents key in ngtcp2_ksl. + */ +typedef union { + /* i is defined to retrieve int64_t key for convenience. */ + const int64_t *i; + /* ptr points to the key. */ + const void *ptr; +} ngtcp2_ksl_key; + +struct ngtcp2_ksl_node; +typedef struct ngtcp2_ksl_node ngtcp2_ksl_node; + +struct ngtcp2_ksl_blk; +typedef struct ngtcp2_ksl_blk ngtcp2_ksl_blk; + +/* + * ngtcp2_ksl_node is a node which contains either ngtcp2_ksl_blk or + * opaque data. If a node is an internal node, it contains + * ngtcp2_ksl_blk. Otherwise, it has data. The key is stored at the + * location starting at key. + */ +struct ngtcp2_ksl_node { + union { + ngtcp2_ksl_blk *blk; + void *data; + }; + union { + uint64_t align; + /* key is a buffer to include key associated to this node. + Because the length of key is unknown until ngtcp2_ksl_init is + called, the actual buffer will be allocated after this + field. */ + uint8_t key[1]; + }; +}; + +/* + * ngtcp2_ksl_blk contains ngtcp2_ksl_node objects. + */ +struct ngtcp2_ksl_blk { + /* next points to the next block if leaf field is nonzero. */ + ngtcp2_ksl_blk *next; + /* prev points to the previous block if leaf field is nonzero. */ + ngtcp2_ksl_blk *prev; + /* n is the number of nodes this object contains in nodes. */ + size_t n; + /* leaf is nonzero if this block contains leaf nodes. */ + int leaf; + union { + uint64_t align; + /* nodes is a buffer to contain NGTCP2_KSL_MAX_NBLK + ngtcp2_ksl_node objects. Because ngtcp2_ksl_node object is + allocated along with the additional variable length key + storage, the size of buffer is unknown until ngtcp2_ksl_init is + called. */ + uint8_t nodes[1]; + }; +}; + +/* + * ngtcp2_ksl_compar is a function type which returns nonzero if key + * |lhs| should be placed before |rhs|. It returns 0 otherwise. + */ +typedef int (*ngtcp2_ksl_compar)(const ngtcp2_ksl_key *lhs, + const ngtcp2_ksl_key *rhs); + +struct ngtcp2_ksl; +typedef struct ngtcp2_ksl ngtcp2_ksl; + +struct ngtcp2_ksl_it; +typedef struct ngtcp2_ksl_it ngtcp2_ksl_it; + +/* + * ngtcp2_ksl_it is a forward iterator to iterate nodes. + */ +struct ngtcp2_ksl_it { + const ngtcp2_ksl *ksl; + ngtcp2_ksl_blk *blk; + size_t i; +}; + +/* + * ngtcp2_ksl is a deterministic paged skip list. + */ +struct ngtcp2_ksl { + /* head points to the root block. */ + ngtcp2_ksl_blk *head; + /* front points to the first leaf block. */ + ngtcp2_ksl_blk *front; + /* back points to the last leaf block. */ + ngtcp2_ksl_blk *back; + ngtcp2_ksl_compar compar; + size_t n; + /* keylen is the size of key */ + size_t keylen; + /* nodelen is the actual size of ngtcp2_ksl_node including key + storage. */ + size_t nodelen; + const ngtcp2_mem *mem; +}; + +/* + * ngtcp2_ksl_init initializes |ksl|. |compar| specifies compare + * function. |keylen| is the length of key. + * + * It returns 0 if it succeeds, or one of the following negative error + * codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +int ngtcp2_ksl_init(ngtcp2_ksl *ksl, ngtcp2_ksl_compar compar, size_t keylen, + const ngtcp2_mem *mem); + +/* + * ngtcp2_ksl_free frees resources allocated for |ksl|. If |ksl| is + * NULL, this function does nothing. It does not free the memory + * region pointed by |ksl| itself. + */ +void ngtcp2_ksl_free(ngtcp2_ksl *ksl); + +/* + * ngtcp2_ksl_insert inserts |key| with its associated |data|. On + * successful insertion, the iterator points to the inserted node is + * stored in |*it|. + * + * This function assumes that |key| does not exist in |ksl|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +int ngtcp2_ksl_insert(ngtcp2_ksl *ksl, ngtcp2_ksl_it *it, + const ngtcp2_ksl_key *key, void *data); + +/* + * ngtcp2_ksl_remove removes the |key| from |ksl|. It assumes such + * the key is included in |ksl|. + * + * This function assigns the iterator to |*it|, which points to the + * node which is located at the right next of the removed node if |it| + * is not NULL. + */ +void ngtcp2_ksl_remove(ngtcp2_ksl *ksl, ngtcp2_ksl_it *it, + const ngtcp2_ksl_key *key); + +/* + * ngtcp2_ksl_lower_bound returns the iterator which points to the + * first node which has the key which is equal to |key| or the last + * node which satisfies !compar(&node->key, key). If there is no such + * node, it returns the iterator which satisfies ngtcp2_ksl_it_end(it) + * != 0. + */ +ngtcp2_ksl_it ngtcp2_ksl_lower_bound(ngtcp2_ksl *ksl, + const ngtcp2_ksl_key *key); + +/* + * ngtcp2_ksl_lower_bound_compar works like ngtcp2_ksl_lower_bound, + * but it takes custom function |compar| to do lower bound search. + */ +ngtcp2_ksl_it ngtcp2_ksl_lower_bound_compar(ngtcp2_ksl *ksl, + const ngtcp2_ksl_key *key, + ngtcp2_ksl_compar compar); + +/* + * ngtcp2_ksl_update_key replaces the key of nodes which has |old_key| + * with |new_key|. |new_key| must be strictly greater than the + * previous node and strictly smaller than the next node. + */ +void ngtcp2_ksl_update_key(ngtcp2_ksl *ksl, const ngtcp2_ksl_key *old_key, + const ngtcp2_ksl_key *new_key); + +/* + * ngtcp2_ksl_begin returns the iterator which points to the first + * node. If there is no node in |ksl|, it returns the iterator which + * satisfies ngtcp2_ksl_it_end(it) != 0. + */ +ngtcp2_ksl_it ngtcp2_ksl_begin(const ngtcp2_ksl *ksl); + +/* + * ngtcp2_ksl_end returns the iterator which points to the node + * following the last node. The returned object satisfies + * ngtcp2_ksl_it_end(). If there is no node in |ksl|, it returns the + * iterator which satisfies ngtcp2_ksl_it_begin(it) != 0. + */ +ngtcp2_ksl_it ngtcp2_ksl_end(const ngtcp2_ksl *ksl); + +/* + * ngtcp2_ksl_len returns the number of elements stored in |ksl|. + */ +size_t ngtcp2_ksl_len(ngtcp2_ksl *ksl); + +/* + * ngtcp2_ksl_clear removes all elements stored in |ksl|. + */ +void ngtcp2_ksl_clear(ngtcp2_ksl *ksl); + +/* + * ngtcp2_ksl_nth_node returns the |n|th node under |blk|. This + * function is provided for unit testing. + */ +ngtcp2_ksl_node *ngtcp2_ksl_nth_node(ngtcp2_ksl *ksl, ngtcp2_ksl_blk *blk, + size_t n); + +/* + * ngtcp2_ksl_print prints its internal state in stderr. It assumes + * that the key is of type int64_t. This function should be used for + * the debugging purpose only. + */ +void ngtcp2_ksl_print(ngtcp2_ksl *ksl); + +/* + * ngtcp2_ksl_it_init initializes |it|. + */ +void ngtcp2_ksl_it_init(ngtcp2_ksl_it *it, const ngtcp2_ksl *ksl, + ngtcp2_ksl_blk *blk, size_t i); + +/* + * ngtcp2_ksl_it_get returns the data associated to the node which + * |it| points to. It is undefined to call this function when + * ngtcp2_ksl_it_end(it) returns nonzero. + */ +void *ngtcp2_ksl_it_get(const ngtcp2_ksl_it *it); + +/* + * ngtcp2_ksl_it_next advances the iterator by one. It is undefined + * if this function is called when ngtcp2_ksl_it_end(it) returns + * nonzero. + */ +void ngtcp2_ksl_it_next(ngtcp2_ksl_it *it); + +/* + * ngtcp2_ksl_it_prev moves backward the iterator by one. It is + * undefined if this function is called when ngtcp2_ksl_it_begin(it) + * returns nonzero. + */ +void ngtcp2_ksl_it_prev(ngtcp2_ksl_it *it); + +/* + * ngtcp2_ksl_it_end returns nonzero if |it| points to the beyond the + * last node. + */ +int ngtcp2_ksl_it_end(const ngtcp2_ksl_it *it); + +/* + * ngtcp2_ksl_it_begin returns nonzero if |it| points to the first + * node. |it| might satisfy both ngtcp2_ksl_it_begin(&it) and + * ngtcp2_ksl_it_end(&it) if the skip list has no node. + */ +int ngtcp2_ksl_it_begin(const ngtcp2_ksl_it *it); + +/* + * ngtcp2_ksl_key returns the key of the node which |it| points to. + * It is undefined to call this function when ngtcp2_ksl_it_end(it) + * returns nonzero. + */ +ngtcp2_ksl_key ngtcp2_ksl_it_key(const ngtcp2_ksl_it *it); + +/* + * ngtcp2_ksl_key_ptr is a convenient function which initializes |key| + * with |ptr| and returns |key|. + */ +ngtcp2_ksl_key *ngtcp2_ksl_key_ptr(ngtcp2_ksl_key *key, const void *ptr); + +/* + * ngtcp2_ksl_range_compar is an implementation of ngtcp2_ksl_compar. + * lhs->ptr and rhs->ptr must point to ngtcp2_range object and the + * function returns nonzero if (const ngtcp2_range *)(lhs->ptr)->begin + * < (const ngtcp2_range *)(rhs->ptr)->begin. + */ +int ngtcp2_ksl_range_compar(const ngtcp2_ksl_key *lhs, + const ngtcp2_ksl_key *rhs); + +/* + * ngtcp2_ksl_range_exclusive_compar is an implementation of + * ngtcp2_ksl_compar. lhs->ptr and rhs->ptr must point to + * ngtcp2_range object and the function returns nonzero if (const + * ngtcp2_range *)(lhs->ptr)->begin < (const ngtcp2_range + * *)(rhs->ptr)->begin and the 2 ranges do not intersect. + */ +int ngtcp2_ksl_range_exclusive_compar(const ngtcp2_ksl_key *lhs, + const ngtcp2_ksl_key *rhs); + +#endif /* NGTCP2_KSL_H */ diff --git a/deps/ngtcp2/lib/ngtcp2_log.c b/deps/ngtcp2/lib/ngtcp2_log.c new file mode 100644 index 0000000000..3966c55a7a --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_log.c @@ -0,0 +1,707 @@ +/* + * ngtcp2 + * + * Copyright (c) 2018 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "ngtcp2_log.h" + +#include +#ifdef HAVE_UNISTD_H +# include +#endif +#include +#include +#include + +#include "ngtcp2_str.h" +#include "ngtcp2_vec.h" +#include "ngtcp2_macro.h" + +void ngtcp2_log_init(ngtcp2_log *log, const ngtcp2_cid *scid, + ngtcp2_printf log_printf, ngtcp2_tstamp ts, + void *user_data) { + if (scid) { + ngtcp2_encode_hex(log->scid, scid->data, scid->datalen); + } else { + log->scid[0] = '\0'; + } + log->log_printf = log_printf; + log->ts = log->last_ts = ts; + log->user_data = user_data; +} + +/* + * # Log header + * + * + * + * : + * Log level. I=Info, W=Warning, E=Error + * + * : + * Timestamp relative to ngtcp2_log.ts field in milliseconds + * resolution. + * + * : + * Source Connection ID in hex string. + * + * : + * Event. pkt=packet, frm=frame, rcv=recovery, cry=crypto, + * con=connection(catch all) + * + * # Frame event + * + * () () + * + * : + * Flow direction. tx=transmission, rx=reception + * + * : + * Packet number. + * + * : + * Packet name. (e.g., Initial, Handshake, S01) + * + * : + * Packet type in hex string. + * + * : + * Frame name. (e.g., STREAM, ACK, PING) + * + * : + * Frame type in hex string. + */ + +#define NGTCP2_LOG_BUFLEN 4096 + +/* TODO Split second and remaining fraction with comma */ +#define NGTCP2_LOG_HD "I%08" PRIu64 " 0x%s %s" +#define NGTCP2_LOG_PKT NGTCP2_LOG_HD " %s %" PRId64 " %s(0x%02x)" +#define NGTCP2_LOG_TP NGTCP2_LOG_HD " remote transport_parameters" + +#define NGTCP2_LOG_FRM_HD_FIELDS(DIR) \ + timestamp_cast(log->last_ts - log->ts), (const char *)log->scid, "frm", \ + (DIR), hd->pkt_num, strpkttype(hd), hd->type + +#define NGTCP2_LOG_PKT_HD_FIELDS(DIR) \ + timestamp_cast(log->last_ts - log->ts), (const char *)log->scid, "pkt", \ + (DIR), hd->pkt_num, strpkttype(hd), hd->type + +#define NGTCP2_LOG_TP_HD_FIELDS \ + timestamp_cast(log->last_ts - log->ts), (const char *)log->scid, "cry" + +static const char *strerrorcode(uint64_t error_code) { + switch (error_code) { + case NGTCP2_NO_ERROR: + return "NO_ERROR"; + case NGTCP2_INTERNAL_ERROR: + return "INTERNAL_ERROR"; + case NGTCP2_SERVER_BUSY: + return "SERVER_BUSY"; + case NGTCP2_FLOW_CONTROL_ERROR: + return "FLOW_CONTROL_ERROR"; + case NGTCP2_STREAM_LIMIT_ERROR: + return "STREAM_LIMIT_ERROR"; + case NGTCP2_STREAM_STATE_ERROR: + return "STREAM_STATE_ERROR"; + case NGTCP2_FINAL_SIZE_ERROR: + return "FINAL_SIZE_ERROR"; + case NGTCP2_FRAME_ENCODING_ERROR: + return "FRAME_ENCODING_ERROR"; + case NGTCP2_TRANSPORT_PARAMETER_ERROR: + return "TRANSPORT_PARAMETER_ERROR"; + case NGTCP2_PROTOCOL_VIOLATION: + return "PROTOCOL_VIOLATION"; + case NGTCP2_INVALID_MIGRATION: + return "INVALID_MIGRATION"; + default: + if (0x100u <= error_code && error_code <= 0x1ffu) { + return "CRYPTO_ERROR"; + } + return "(unknown)"; + } +} + +static const char *strapperrorcode(uint64_t app_error_code) { + (void)app_error_code; + return "(unknown)"; +} + +static const char *strpkttype_long(uint8_t type) { + switch (type) { + case NGTCP2_PKT_VERSION_NEGOTIATION: + return "VN"; + case NGTCP2_PKT_INITIAL: + return "Initial"; + case NGTCP2_PKT_RETRY: + return "Retry"; + case NGTCP2_PKT_HANDSHAKE: + return "Handshake"; + case NGTCP2_PKT_0RTT: + return "0RTT"; + default: + return "(unknown)"; + } +} + +static const char *strpkttype(const ngtcp2_pkt_hd *hd) { + if (hd->flags & NGTCP2_PKT_FLAG_LONG_FORM) { + return strpkttype_long(hd->type); + } + return "Short"; +} + +static const char *strevent(ngtcp2_log_event ev) { + switch (ev) { + case NGTCP2_LOG_EVENT_CON: + return "con"; + case NGTCP2_LOG_EVENT_PKT: + return "pkt"; + case NGTCP2_LOG_EVENT_FRM: + return "frm"; + case NGTCP2_LOG_EVENT_RCV: + return "rcv"; + case NGTCP2_LOG_EVENT_CRY: + return "cry"; + case NGTCP2_LOG_EVENT_PTV: + return "ptv"; + case NGTCP2_LOG_EVENT_NONE: + default: + return "non"; + } +} + +static uint64_t timestamp_cast(uint64_t ns) { return ns / NGTCP2_MILLISECONDS; } + +static void log_fr_stream(ngtcp2_log *log, const ngtcp2_pkt_hd *hd, + const ngtcp2_stream *fr, const char *dir) { + log->log_printf( + log->user_data, + (NGTCP2_LOG_PKT " STREAM(0x%02x) id=0x%" PRIx64 " fin=%d offset=%" PRIu64 + " len=%" PRIu64 " uni=%d"), + NGTCP2_LOG_FRM_HD_FIELDS(dir), fr->type | fr->flags, fr->stream_id, + fr->fin, fr->offset, ngtcp2_vec_len(fr->data, fr->datacnt), + (fr->stream_id & 0x2) != 0); +} + +static void log_fr_ack(ngtcp2_log *log, const ngtcp2_pkt_hd *hd, + const ngtcp2_ack *fr, const char *dir) { + int64_t largest_ack, min_ack; + size_t i; + + log->log_printf(log->user_data, + (NGTCP2_LOG_PKT " ACK(0x%02x) largest_ack=%" PRId64 + " ack_delay=%" PRIu64 "(%" PRIu64 + ") ack_block_count=%zu"), + NGTCP2_LOG_FRM_HD_FIELDS(dir), fr->type, fr->largest_ack, + fr->ack_delay_unscaled / NGTCP2_MILLISECONDS, fr->ack_delay, + fr->num_blks); + + largest_ack = fr->largest_ack; + min_ack = fr->largest_ack - (int64_t)fr->first_ack_blklen; + + log->log_printf(log->user_data, + (NGTCP2_LOG_PKT " ACK(0x%02x) block=[%" PRId64 "..%" PRId64 + "] block_count=%" PRIu64), + NGTCP2_LOG_FRM_HD_FIELDS(dir), fr->type, largest_ack, min_ack, + fr->first_ack_blklen); + + for (i = 0; i < fr->num_blks; ++i) { + const ngtcp2_ack_blk *blk = &fr->blks[i]; + largest_ack = min_ack - (int64_t)blk->gap - 2; + min_ack = largest_ack - (int64_t)blk->blklen; + log->log_printf(log->user_data, + (NGTCP2_LOG_PKT " ACK(0x%02x) block=[%" PRId64 "..%" PRId64 + "] gap=%" PRIu64 " block_count=%" PRIu64), + NGTCP2_LOG_FRM_HD_FIELDS(dir), fr->type, largest_ack, + min_ack, blk->gap, blk->blklen); + } +} + +static void log_fr_padding(ngtcp2_log *log, const ngtcp2_pkt_hd *hd, + const ngtcp2_padding *fr, const char *dir) { + log->log_printf(log->user_data, + (NGTCP2_LOG_PKT " PADDING(0x%02x) len=%" PRIu64), + NGTCP2_LOG_FRM_HD_FIELDS(dir), fr->type, fr->len); +} + +static void log_fr_reset_stream(ngtcp2_log *log, const ngtcp2_pkt_hd *hd, + const ngtcp2_reset_stream *fr, + const char *dir) { + log->log_printf( + log->user_data, + (NGTCP2_LOG_PKT " RESET_STREAM(0x%02x) id=0x%" PRIx64 + " app_error_code=%s(0x%" PRIx64 ") final_size=%" PRIu64), + NGTCP2_LOG_FRM_HD_FIELDS(dir), fr->type, fr->stream_id, + strapperrorcode(fr->app_error_code), fr->app_error_code, fr->final_size); +} + +static void log_fr_connection_close(ngtcp2_log *log, const ngtcp2_pkt_hd *hd, + const ngtcp2_connection_close *fr, + const char *dir) { + char reason[256]; + size_t reasonlen = ngtcp2_min(sizeof(reason) - 1, fr->reasonlen); + + log->log_printf(log->user_data, + (NGTCP2_LOG_PKT + " CONNECTION_CLOSE(0x%02x) error_code=%s(0x%" PRIx64 ") " + "frame_type=%" PRIx64 " reason_len=%" PRIu64 " reason=[%s]"), + NGTCP2_LOG_FRM_HD_FIELDS(dir), fr->type, + fr->type == NGTCP2_FRAME_CONNECTION_CLOSE + ? strerrorcode(fr->error_code) + : strapperrorcode(fr->error_code), + fr->error_code, fr->frame_type, fr->reasonlen, + ngtcp2_encode_printable_ascii(reason, fr->reason, reasonlen)); +} + +static void log_fr_max_data(ngtcp2_log *log, const ngtcp2_pkt_hd *hd, + const ngtcp2_max_data *fr, const char *dir) { + log->log_printf(log->user_data, + (NGTCP2_LOG_PKT " MAX_DATA(0x%02x) max_data=%" PRIu64), + NGTCP2_LOG_FRM_HD_FIELDS(dir), fr->type, fr->max_data); +} + +static void log_fr_max_stream_data(ngtcp2_log *log, const ngtcp2_pkt_hd *hd, + const ngtcp2_max_stream_data *fr, + const char *dir) { + log->log_printf(log->user_data, + (NGTCP2_LOG_PKT " MAX_STREAM_DATA(0x%02x) id=0x%" PRIx64 + " max_stream_data=%" PRIu64), + NGTCP2_LOG_FRM_HD_FIELDS(dir), fr->type, fr->stream_id, + fr->max_stream_data); +} + +static void log_fr_max_streams(ngtcp2_log *log, const ngtcp2_pkt_hd *hd, + const ngtcp2_max_streams *fr, const char *dir) { + log->log_printf(log->user_data, + (NGTCP2_LOG_PKT " MAX_STREAMS(0x%02x) max_streams=%" PRIu64), + NGTCP2_LOG_FRM_HD_FIELDS(dir), fr->type, fr->max_streams); +} + +static void log_fr_ping(ngtcp2_log *log, const ngtcp2_pkt_hd *hd, + const ngtcp2_ping *fr, const char *dir) { + log->log_printf(log->user_data, (NGTCP2_LOG_PKT " PING(0x%02x)"), + NGTCP2_LOG_FRM_HD_FIELDS(dir), fr->type); +} + +static void log_fr_data_blocked(ngtcp2_log *log, const ngtcp2_pkt_hd *hd, + const ngtcp2_data_blocked *fr, + const char *dir) { + log->log_printf(log->user_data, + (NGTCP2_LOG_PKT " DATA_BLOCKED(0x%02x) offset=%" PRIu64), + NGTCP2_LOG_FRM_HD_FIELDS(dir), fr->type, fr->offset); +} + +static void log_fr_stream_data_blocked(ngtcp2_log *log, const ngtcp2_pkt_hd *hd, + const ngtcp2_stream_data_blocked *fr, + const char *dir) { + log->log_printf(log->user_data, + (NGTCP2_LOG_PKT " STREAM_DATA_BLOCKED(0x%02x) id=0x%" PRIx64 + " offset=%" PRIu64), + NGTCP2_LOG_FRM_HD_FIELDS(dir), fr->stream_id, fr->offset); +} + +static void log_fr_streams_blocked(ngtcp2_log *log, const ngtcp2_pkt_hd *hd, + const ngtcp2_streams_blocked *fr, + const char *dir) { + log->log_printf( + log->user_data, + (NGTCP2_LOG_PKT " STREAMS_BLOCKED(0x%02x) stream_limit=%" PRIu64), + NGTCP2_LOG_FRM_HD_FIELDS(dir), fr->type, fr->stream_limit); +} + +static void log_fr_new_connection_id(ngtcp2_log *log, const ngtcp2_pkt_hd *hd, + const ngtcp2_new_connection_id *fr, + const char *dir) { + uint8_t buf[sizeof(fr->stateless_reset_token) * 2 + 1]; + uint8_t cid[sizeof(fr->cid.data) * 2 + 1]; + + log->log_printf( + log->user_data, + (NGTCP2_LOG_PKT " NEW_CONNECTION_ID(0x%02x) seq=%" PRIu64 " cid=0x%s " + "stateless_reset_token=0x%s"), + NGTCP2_LOG_FRM_HD_FIELDS(dir), fr->type, fr->seq, + (const char *)ngtcp2_encode_hex(cid, fr->cid.data, fr->cid.datalen), + (const char *)ngtcp2_encode_hex(buf, fr->stateless_reset_token, + sizeof(fr->stateless_reset_token))); +} + +static void log_fr_stop_sending(ngtcp2_log *log, const ngtcp2_pkt_hd *hd, + const ngtcp2_stop_sending *fr, + const char *dir) { + log->log_printf(log->user_data, + (NGTCP2_LOG_PKT " STOP_SENDING(0x%02x) id=0x%" PRIx64 + " app_error_code=%s(0x%" PRIx64 ")"), + NGTCP2_LOG_FRM_HD_FIELDS(dir), fr->type, fr->stream_id, + strapperrorcode(fr->app_error_code), fr->app_error_code); +} + +static void log_fr_path_challenge(ngtcp2_log *log, const ngtcp2_pkt_hd *hd, + const ngtcp2_path_challenge *fr, + const char *dir) { + uint8_t buf[sizeof(fr->data) * 2 + 1]; + + log->log_printf( + log->user_data, (NGTCP2_LOG_PKT " PATH_CHALLENGE(0x%02x) data=0x%s"), + NGTCP2_LOG_FRM_HD_FIELDS(dir), fr->type, + (const char *)ngtcp2_encode_hex(buf, fr->data, sizeof(fr->data))); +} + +static void log_fr_path_response(ngtcp2_log *log, const ngtcp2_pkt_hd *hd, + const ngtcp2_path_response *fr, + const char *dir) { + uint8_t buf[sizeof(fr->data) * 2 + 1]; + + log->log_printf( + log->user_data, (NGTCP2_LOG_PKT " PATH_RESPONSE(0x%02x) data=0x%s"), + NGTCP2_LOG_FRM_HD_FIELDS(dir), fr->type, + (const char *)ngtcp2_encode_hex(buf, fr->data, sizeof(fr->data))); +} + +static void log_fr_crypto(ngtcp2_log *log, const ngtcp2_pkt_hd *hd, + const ngtcp2_crypto *fr, const char *dir) { + size_t datalen = 0; + size_t i; + + for (i = 0; i < fr->datacnt; ++i) { + datalen += fr->data[i].len; + } + + log->log_printf( + log->user_data, + (NGTCP2_LOG_PKT " CRYPTO(0x%02x) offset=%" PRIu64 " len=%" PRIu64), + NGTCP2_LOG_FRM_HD_FIELDS(dir), fr->type, fr->offset, datalen); +} + +static void log_fr_new_token(ngtcp2_log *log, const ngtcp2_pkt_hd *hd, + const ngtcp2_new_token *fr, const char *dir) { + /* Show at most first 64 bytes of token. If token is longer than 64 + bytes, log first 64 bytes and then append "*" */ + uint8_t buf[128 + 1 + 1]; + uint8_t *p; + + if (fr->tokenlen > 64) { + p = ngtcp2_encode_hex(buf, fr->token, 64); + p[128] = '*'; + p[129] = '\0'; + } else { + p = ngtcp2_encode_hex(buf, fr->token, fr->tokenlen); + } + log->log_printf( + log->user_data, + (NGTCP2_LOG_PKT " NEW_TOKEN(0x%02x) token=0x%s token_len=%zu"), + NGTCP2_LOG_FRM_HD_FIELDS(dir), fr->type, (const char *)p, fr->tokenlen); +} + +static void log_fr_retire_connection_id(ngtcp2_log *log, + const ngtcp2_pkt_hd *hd, + const ngtcp2_retire_connection_id *fr, + const char *dir) { + log->log_printf(log->user_data, + (NGTCP2_LOG_PKT " RETIRE_CONNECTION_ID(0x%02x) seq=%" PRIu64), + NGTCP2_LOG_FRM_HD_FIELDS(dir), fr->type, fr->seq); +} + +static void log_fr(ngtcp2_log *log, const ngtcp2_pkt_hd *hd, + const ngtcp2_frame *fr, const char *dir) { + switch (fr->type) { + case NGTCP2_FRAME_STREAM: + log_fr_stream(log, hd, &fr->stream, dir); + break; + case NGTCP2_FRAME_ACK: + case NGTCP2_FRAME_ACK_ECN: + log_fr_ack(log, hd, &fr->ack, dir); + break; + case NGTCP2_FRAME_PADDING: + log_fr_padding(log, hd, &fr->padding, dir); + break; + case NGTCP2_FRAME_RESET_STREAM: + log_fr_reset_stream(log, hd, &fr->reset_stream, dir); + break; + case NGTCP2_FRAME_CONNECTION_CLOSE: + case NGTCP2_FRAME_CONNECTION_CLOSE_APP: + log_fr_connection_close(log, hd, &fr->connection_close, dir); + break; + case NGTCP2_FRAME_MAX_DATA: + log_fr_max_data(log, hd, &fr->max_data, dir); + break; + case NGTCP2_FRAME_MAX_STREAM_DATA: + log_fr_max_stream_data(log, hd, &fr->max_stream_data, dir); + break; + case NGTCP2_FRAME_MAX_STREAMS_BIDI: + case NGTCP2_FRAME_MAX_STREAMS_UNI: + log_fr_max_streams(log, hd, &fr->max_streams, dir); + break; + case NGTCP2_FRAME_PING: + log_fr_ping(log, hd, &fr->ping, dir); + break; + case NGTCP2_FRAME_DATA_BLOCKED: + log_fr_data_blocked(log, hd, &fr->data_blocked, dir); + break; + case NGTCP2_FRAME_STREAM_DATA_BLOCKED: + log_fr_stream_data_blocked(log, hd, &fr->stream_data_blocked, dir); + break; + case NGTCP2_FRAME_STREAMS_BLOCKED_BIDI: + case NGTCP2_FRAME_STREAMS_BLOCKED_UNI: + log_fr_streams_blocked(log, hd, &fr->streams_blocked, dir); + break; + case NGTCP2_FRAME_NEW_CONNECTION_ID: + log_fr_new_connection_id(log, hd, &fr->new_connection_id, dir); + break; + case NGTCP2_FRAME_STOP_SENDING: + log_fr_stop_sending(log, hd, &fr->stop_sending, dir); + break; + case NGTCP2_FRAME_PATH_CHALLENGE: + log_fr_path_challenge(log, hd, &fr->path_challenge, dir); + break; + case NGTCP2_FRAME_PATH_RESPONSE: + log_fr_path_response(log, hd, &fr->path_response, dir); + break; + case NGTCP2_FRAME_CRYPTO: + log_fr_crypto(log, hd, &fr->crypto, dir); + break; + case NGTCP2_FRAME_NEW_TOKEN: + log_fr_new_token(log, hd, &fr->new_token, dir); + break; + case NGTCP2_FRAME_RETIRE_CONNECTION_ID: + log_fr_retire_connection_id(log, hd, &fr->retire_connection_id, dir); + break; + default: + assert(0); + } +} + +void ngtcp2_log_rx_fr(ngtcp2_log *log, const ngtcp2_pkt_hd *hd, + const ngtcp2_frame *fr) { + if (!log->log_printf) { + return; + } + + log_fr(log, hd, fr, "rx"); +} + +void ngtcp2_log_tx_fr(ngtcp2_log *log, const ngtcp2_pkt_hd *hd, + const ngtcp2_frame *fr) { + if (!log->log_printf) { + return; + } + + log_fr(log, hd, fr, "tx"); +} + +void ngtcp2_log_rx_vn(ngtcp2_log *log, const ngtcp2_pkt_hd *hd, + const uint32_t *sv, size_t nsv) { + size_t i; + + if (!log->log_printf) { + return; + } + + for (i = 0; i < nsv; ++i) { + log->log_printf(log->user_data, (NGTCP2_LOG_PKT " v=0x%08x"), + NGTCP2_LOG_PKT_HD_FIELDS("rx"), sv[i]); + } +} + +void ngtcp2_log_rx_sr(ngtcp2_log *log, const ngtcp2_pkt_stateless_reset *sr) { + uint8_t buf[sizeof(sr->stateless_reset_token) * 2 + 1]; + ngtcp2_pkt_hd shd; + ngtcp2_pkt_hd *hd = &shd; + + if (!log->log_printf) { + return; + } + + memset(&shd, 0, sizeof(shd)); + + log->log_printf( + log->user_data, (NGTCP2_LOG_PKT " token=0x%s randlen=%zu"), + NGTCP2_LOG_PKT_HD_FIELDS("rx"), + (const char *)ngtcp2_encode_hex(buf, sr->stateless_reset_token, + sizeof(sr->stateless_reset_token)), + sr->randlen); +} + +void ngtcp2_log_remote_tp(ngtcp2_log *log, uint8_t exttype, + const ngtcp2_transport_params *params) { + uint8_t token[NGTCP2_STATELESS_RESET_TOKENLEN * 2 + 1]; + uint8_t addr[16 * 2 + 1]; + uint8_t cid[NGTCP2_MAX_CIDLEN * 2 + 1]; + + if (!log->log_printf) { + return; + } + + if (exttype == NGTCP2_TRANSPORT_PARAMS_TYPE_ENCRYPTED_EXTENSIONS) { + if (params->stateless_reset_token_present) { + log->log_printf(log->user_data, + (NGTCP2_LOG_TP " stateless_reset_token=0x%s"), + NGTCP2_LOG_TP_HD_FIELDS, + (const char *)ngtcp2_encode_hex( + token, params->stateless_reset_token, + sizeof(params->stateless_reset_token))); + } + + if (params->preferred_address_present) { + log->log_printf(log->user_data, + (NGTCP2_LOG_TP " preferred_address.ipv4_addr=0x%s"), + NGTCP2_LOG_TP_HD_FIELDS, + (const char *)ngtcp2_encode_hex( + addr, params->preferred_address.ipv4_addr, + sizeof(params->preferred_address.ipv4_addr))); + log->log_printf( + log->user_data, (NGTCP2_LOG_TP " preferred_address.ipv4_port=%u"), + NGTCP2_LOG_TP_HD_FIELDS, params->preferred_address.ipv4_port); + + log->log_printf(log->user_data, + (NGTCP2_LOG_TP " preferred_address.ipv6_addr=0x%s"), + NGTCP2_LOG_TP_HD_FIELDS, + (const char *)ngtcp2_encode_hex( + addr, params->preferred_address.ipv6_addr, + sizeof(params->preferred_address.ipv6_addr))); + log->log_printf( + log->user_data, (NGTCP2_LOG_TP " preferred_address.ipv6_port=%u"), + NGTCP2_LOG_TP_HD_FIELDS, params->preferred_address.ipv6_port); + + log->log_printf(log->user_data, + (NGTCP2_LOG_TP " preferred_address.cid=0x%s"), + NGTCP2_LOG_TP_HD_FIELDS, + (const char *)ngtcp2_encode_hex( + cid, params->preferred_address.cid.data, + params->preferred_address.cid.datalen)); + log->log_printf( + log->user_data, + (NGTCP2_LOG_TP " preferred_address.stateless_reset_token=0x%s"), + NGTCP2_LOG_TP_HD_FIELDS, + (const char *)ngtcp2_encode_hex( + token, params->preferred_address.stateless_reset_token, + sizeof(params->preferred_address.stateless_reset_token))); + } + + if (params->original_connection_id_present) { + log->log_printf(log->user_data, + (NGTCP2_LOG_TP " original_connection_id=0x%s"), + NGTCP2_LOG_TP_HD_FIELDS, + (const char *)ngtcp2_encode_hex( + cid, params->original_connection_id.data, + params->original_connection_id.datalen)); + } + } + + log->log_printf( + log->user_data, (NGTCP2_LOG_TP " initial_max_stream_data_bidi_local=%u"), + NGTCP2_LOG_TP_HD_FIELDS, params->initial_max_stream_data_bidi_local); + log->log_printf( + log->user_data, (NGTCP2_LOG_TP " initial_max_stream_data_bidi_remote=%u"), + NGTCP2_LOG_TP_HD_FIELDS, params->initial_max_stream_data_bidi_remote); + log->log_printf(log->user_data, + (NGTCP2_LOG_TP " initial_max_stream_data_uni=%u"), + NGTCP2_LOG_TP_HD_FIELDS, params->initial_max_stream_data_uni); + log->log_printf(log->user_data, (NGTCP2_LOG_TP " initial_max_data=%u"), + NGTCP2_LOG_TP_HD_FIELDS, params->initial_max_data); + log->log_printf(log->user_data, + (NGTCP2_LOG_TP " initial_max_bidi_streams=%u"), + NGTCP2_LOG_TP_HD_FIELDS, params->initial_max_streams_bidi); + log->log_printf(log->user_data, (NGTCP2_LOG_TP " initial_max_uni_streams=%u"), + NGTCP2_LOG_TP_HD_FIELDS, params->initial_max_streams_uni); + log->log_printf(log->user_data, (NGTCP2_LOG_TP " idle_timeout=%u"), + NGTCP2_LOG_TP_HD_FIELDS, params->idle_timeout); + log->log_printf(log->user_data, (NGTCP2_LOG_TP " max_packet_size=%u"), + NGTCP2_LOG_TP_HD_FIELDS, params->max_packet_size); + log->log_printf(log->user_data, (NGTCP2_LOG_TP " ack_delay_exponent=%u"), + NGTCP2_LOG_TP_HD_FIELDS, params->ack_delay_exponent); + log->log_printf(log->user_data, (NGTCP2_LOG_TP " max_ack_delay=%u"), + NGTCP2_LOG_TP_HD_FIELDS, params->max_ack_delay); + log->log_printf(log->user_data, + (NGTCP2_LOG_TP " active_connection_id_limit=%" PRIu64), + NGTCP2_LOG_TP_HD_FIELDS, params->active_connection_id_limit); +} + +void ngtcp2_log_pkt_lost(ngtcp2_log *log, int64_t pkt_num, uint8_t type, + uint8_t flags, ngtcp2_tstamp sent_ts) { + if (!log->log_printf) { + return; + } + + ngtcp2_log_info( + log, NGTCP2_LOG_EVENT_RCV, + "pkn=%" PRId64 " lost type=%s(0x%02x) sent_ts=%" PRIu64, pkt_num, + (flags & NGTCP2_PKT_FLAG_LONG_FORM) ? strpkttype_long(type) : "Short", + type, sent_ts); +} + +static void log_pkt_hd(ngtcp2_log *log, const ngtcp2_pkt_hd *hd, + const char *dir) { + uint8_t dcid[sizeof(hd->dcid.data) * 2 + 1]; + uint8_t scid[sizeof(hd->scid.data) * 2 + 1]; + + if (!log->log_printf) { + return; + } + + ngtcp2_log_info( + log, NGTCP2_LOG_EVENT_PKT, + "%s pkn=%" PRId64 " dcid=0x%s scid=0x%s type=%s(0x%02x) len=%zu k=%d", + dir, hd->pkt_num, + (const char *)ngtcp2_encode_hex(dcid, hd->dcid.data, hd->dcid.datalen), + (const char *)ngtcp2_encode_hex(scid, hd->scid.data, hd->scid.datalen), + (hd->flags & NGTCP2_PKT_FLAG_LONG_FORM) ? strpkttype_long(hd->type) + : "Short", + hd->type, hd->len, (hd->flags & NGTCP2_PKT_FLAG_KEY_PHASE) != 0); +} + +void ngtcp2_log_rx_pkt_hd(ngtcp2_log *log, const ngtcp2_pkt_hd *hd) { + log_pkt_hd(log, hd, "rx"); +} + +void ngtcp2_log_tx_pkt_hd(ngtcp2_log *log, const ngtcp2_pkt_hd *hd) { + log_pkt_hd(log, hd, "tx"); +} + +void ngtcp2_log_info(ngtcp2_log *log, ngtcp2_log_event ev, const char *fmt, + ...) { + va_list ap; + int n; + char buf[NGTCP2_LOG_BUFLEN]; + + if (!log->log_printf) { + return; + } + + va_start(ap, fmt); + n = vsnprintf(buf, sizeof(buf), fmt, ap); + va_end(ap); + + if (n < 0 || (size_t)n >= sizeof(buf)) { + return; + } + + log->log_printf(log->user_data, (NGTCP2_LOG_HD " %s"), + timestamp_cast(log->last_ts - log->ts), log->scid, + strevent(ev), buf); +} + +void ngtcp2_log_tx_cancel(ngtcp2_log *log, const ngtcp2_pkt_hd *hd) { + ngtcp2_log_info(log, NGTCP2_LOG_EVENT_PKT, + "cancel tx pkn=%" PRId64 " type=%s(0x%02x)", hd->pkt_num, + strpkttype(hd), hd->type); +} diff --git a/deps/ngtcp2/lib/ngtcp2_log.h b/deps/ngtcp2/lib/ngtcp2_log.h new file mode 100644 index 0000000000..bb9737e354 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_log.h @@ -0,0 +1,99 @@ +/* + * ngtcp2 + * + * Copyright (c) 2018 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGTCP2_LOG_H +#define NGTCP2_LOG_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include "ngtcp2_pkt.h" + +typedef enum { + NGTCP2_LOG_EVENT_NONE, + /* connection (catch-all) event */ + NGTCP2_LOG_EVENT_CON, + /* packet event */ + NGTCP2_LOG_EVENT_PKT, + /* frame event */ + NGTCP2_LOG_EVENT_FRM, + /* recovery event */ + NGTCP2_LOG_EVENT_RCV, + /* crypto event */ + NGTCP2_LOG_EVENT_CRY, + /* path validation event */ + NGTCP2_LOG_EVENT_PTV, +} ngtcp2_log_event; + +struct ngtcp2_log { + /* log_printf is a sink to write log. NULL means no logging + output. */ + ngtcp2_printf log_printf; + /* ts is the time point used to write time delta in the log. */ + ngtcp2_tstamp ts; + /* last_ts is the most recent time point that this object is + told. */ + ngtcp2_tstamp last_ts; + /* user_data is user-defined opaque data which is passed to + log_pritnf. */ + void *user_data; + /* scid is SCID encoded as NULL-terminated hex string. */ + uint8_t scid[NGTCP2_MAX_CIDLEN * 2 + 1]; +}; + +typedef struct ngtcp2_log ngtcp2_log; + +void ngtcp2_log_init(ngtcp2_log *log, const ngtcp2_cid *scid, + ngtcp2_printf log_printf, ngtcp2_tstamp ts, + void *user_data); + +void ngtcp2_log_rx_fr(ngtcp2_log *log, const ngtcp2_pkt_hd *hd, + const ngtcp2_frame *fr); +void ngtcp2_log_tx_fr(ngtcp2_log *log, const ngtcp2_pkt_hd *hd, + const ngtcp2_frame *fr); + +void ngtcp2_log_info(ngtcp2_log *log, ngtcp2_log_event ev, const char *fmt, + ...); + +void ngtcp2_log_rx_vn(ngtcp2_log *log, const ngtcp2_pkt_hd *hd, + const uint32_t *sv, size_t nsv); + +void ngtcp2_log_rx_sr(ngtcp2_log *log, const ngtcp2_pkt_stateless_reset *sr); + +void ngtcp2_log_remote_tp(ngtcp2_log *log, uint8_t exttype, + const ngtcp2_transport_params *params); + +void ngtcp2_log_pkt_lost(ngtcp2_log *log, int64_t pkt_num, uint8_t type, + uint8_t flags, ngtcp2_tstamp sent_ts); + +void ngtcp2_log_rx_pkt_hd(ngtcp2_log *log, const ngtcp2_pkt_hd *hd); + +void ngtcp2_log_tx_pkt_hd(ngtcp2_log *log, const ngtcp2_pkt_hd *hd); + +void ngtcp2_log_tx_cancel(ngtcp2_log *log, const ngtcp2_pkt_hd *hd); + +#endif /* NGTCP2_LOG_H */ diff --git a/deps/ngtcp2/lib/ngtcp2_macro.h b/deps/ngtcp2/lib/ngtcp2_macro.h new file mode 100644 index 0000000000..e6dac23351 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_macro.h @@ -0,0 +1,62 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGTCP2_MACRO_H +#define NGTCP2_MACRO_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include + +#define ngtcp2_min(A, B) ((A) < (B) ? (A) : (B)) +#define ngtcp2_max(A, B) ((A) > (B) ? (A) : (B)) + +#define ngtcp2_struct_of(ptr, type, member) \ + ((type *)(void *)((char *)(ptr)-offsetof(type, member))) + +/* ngtcp2_list_insert inserts |T| before |*PD|. The contract is that + this is singly linked list, and the next element is pointed by next + field of the previous element. |PD| must be a pointer to the + pointer to the next field of the previous element of |*PD|: if C is + the previous element of |PD|, PD = &C->next. */ +#define ngtcp2_list_insert(T, PD) \ + do { \ + (T)->next = *(PD); \ + *(PD) = (T); \ + } while (0) + +/* ngtcp2_list_remove removes |*PT| from singly linked list. The + contract is the same as ngtcp2_list_insert. |PT| must be a pointer + to the pointer to the next field of the previous element of |*PT|. + Please be aware that |*PT|->next is not modified by this macro. */ +#define ngtcp2_list_remove(PT) \ + do { \ + *(PT) = (*(PT))->next; \ + } while (0) + +#endif /* NGTCP2_MACRO_H */ diff --git a/deps/ngtcp2/lib/ngtcp2_map.c b/deps/ngtcp2/lib/ngtcp2_map.c new file mode 100644 index 0000000000..fd4757dbb6 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_map.c @@ -0,0 +1,211 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * Copyright (c) 2012 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "ngtcp2_map.h" + +#include + +#include "ngtcp2_conv.h" +#include "ngtcp2_net.h" + +#define INITIAL_TABLE_LENGTH 256 + +int ngtcp2_map_init(ngtcp2_map *map, const ngtcp2_mem *mem) { + map->mem = mem; + map->tablelen = INITIAL_TABLE_LENGTH; + map->table = + ngtcp2_mem_calloc(mem, map->tablelen, sizeof(ngtcp2_map_entry *)); + if (map->table == NULL) { + return NGTCP2_ERR_NOMEM; + } + + map->size = 0; + + return 0; +} + +void ngtcp2_map_free(ngtcp2_map *map) { ngtcp2_mem_free(map->mem, map->table); } + +void ngtcp2_map_each_free(ngtcp2_map *map, + int (*func)(ngtcp2_map_entry *entry, void *ptr), + void *ptr) { + uint32_t i; + for (i = 0; i < map->tablelen; ++i) { + ngtcp2_map_entry *entry; + for (entry = map->table[i]; entry;) { + ngtcp2_map_entry *next = entry->next; + func(entry, ptr); + entry = next; + } + map->table[i] = NULL; + } +} + +int ngtcp2_map_each(ngtcp2_map *map, + int (*func)(ngtcp2_map_entry *entry, void *ptr), + void *ptr) { + int rv; + uint32_t i; + for (i = 0; i < map->tablelen; ++i) { + ngtcp2_map_entry *entry, *next; + for (entry = map->table[i]; entry;) { + next = entry->next; + rv = func(entry, ptr); + if (rv != 0) { + return rv; + } + entry = next; + } + } + return 0; +} + +void ngtcp2_map_entry_init(ngtcp2_map_entry *entry, key_type key) { + entry->key = key; + entry->next = NULL; +} + +/* FNV1a hash */ +static uint32_t hash(key_type key, uint32_t mod) { + uint8_t *p, *end; + uint32_t h = 0x811C9DC5u; + + key = bswap64(key); + p = (uint8_t *)&key; + end = p + sizeof(key_type); + + for (; p != end; ++p) { + h ^= *p; + h *= 0x01000193u; + } + + return h & (mod - 1); +} + +static int insert(ngtcp2_map_entry **table, uint32_t tablelen, + ngtcp2_map_entry *entry) { + uint32_t h = hash(entry->key, tablelen); + if (table[h] == NULL) { + table[h] = entry; + } else { + ngtcp2_map_entry *p; + /* We won't allow duplicated key, so check it out. */ + for (p = table[h]; p; p = p->next) { + if (p->key == entry->key) { + return NGTCP2_ERR_INVALID_ARGUMENT; + } + } + entry->next = table[h]; + table[h] = entry; + } + return 0; +} + +/* new_tablelen must be power of 2 */ +static int resize(ngtcp2_map *map, uint32_t new_tablelen) { + uint32_t i; + ngtcp2_map_entry **new_table; + + new_table = + ngtcp2_mem_calloc(map->mem, new_tablelen, sizeof(ngtcp2_map_entry *)); + if (new_table == NULL) { + return NGTCP2_ERR_NOMEM; + } + + for (i = 0; i < map->tablelen; ++i) { + ngtcp2_map_entry *entry; + for (entry = map->table[i]; entry;) { + ngtcp2_map_entry *next = entry->next; + entry->next = NULL; + /* This function must succeed */ + insert(new_table, new_tablelen, entry); + entry = next; + } + } + ngtcp2_mem_free(map->mem, map->table); + map->tablelen = new_tablelen; + map->table = new_table; + + return 0; +} + +int ngtcp2_map_insert(ngtcp2_map *map, ngtcp2_map_entry *new_entry) { + int rv; + /* Load factor is 0.75 */ + if ((map->size + 1) * 4 > map->tablelen * 3) { + rv = resize(map, map->tablelen * 2); + if (rv != 0) { + return rv; + } + } + rv = insert(map->table, map->tablelen, new_entry); + if (rv != 0) { + return rv; + } + ++map->size; + return 0; +} + +ngtcp2_map_entry *ngtcp2_map_find(ngtcp2_map *map, key_type key) { + uint32_t h; + ngtcp2_map_entry *entry; + h = hash(key, map->tablelen); + for (entry = map->table[h]; entry; entry = entry->next) { + if (entry->key == key) { + return entry; + } + } + return NULL; +} + +int ngtcp2_map_remove(ngtcp2_map *map, key_type key) { + uint32_t h; + ngtcp2_map_entry **dst; + + h = hash(key, map->tablelen); + + for (dst = &map->table[h]; *dst; dst = &(*dst)->next) { + if ((*dst)->key != key) { + continue; + } + + *dst = (*dst)->next; + --map->size; + return 0; + } + return NGTCP2_ERR_INVALID_ARGUMENT; +} + +void ngtcp2_map_clear(ngtcp2_map *map) { + uint32_t i; + + for (i = 0; i < map->tablelen; ++i) { + map->table[i] = NULL; + } + + map->size = 0; +} + +size_t ngtcp2_map_size(ngtcp2_map *map) { return map->size; } diff --git a/deps/ngtcp2/lib/ngtcp2_map.h b/deps/ngtcp2/lib/ngtcp2_map.h new file mode 100644 index 0000000000..86f23a16a7 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_map.h @@ -0,0 +1,145 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * Copyright (c) 2012 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGTCP2_MAP_H +#define NGTCP2_MAP_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include "ngtcp2_mem.h" + +/* Implementation of unordered map */ + +typedef uint64_t key_type; + +typedef struct ngtcp2_map_entry { + struct ngtcp2_map_entry *next; + key_type key; +} ngtcp2_map_entry; + +typedef struct { + ngtcp2_map_entry **table; + const ngtcp2_mem *mem; + size_t size; + uint32_t tablelen; +} ngtcp2_map; + +/* + * Initializes the map |map|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory + */ +int ngtcp2_map_init(ngtcp2_map *map, const ngtcp2_mem *mem); + +/* + * Deallocates any resources allocated for |map|. The stored entries + * are not freed by this function. Use ngtcp2_map_each_free() to free + * each entries. + */ +void ngtcp2_map_free(ngtcp2_map *map); + +/* + * Deallocates each entries using |func| function and any resources + * allocated for |map|. The |func| function is responsible for freeing + * given the |entry| object. The |ptr| will be passed to the |func| as + * send argument. The return value of the |func| will be ignored. + */ +void ngtcp2_map_each_free(ngtcp2_map *map, + int (*func)(ngtcp2_map_entry *entry, void *ptr), + void *ptr); + +/* + * Initializes the |entry| with the |key|. All entries to be inserted + * to the map must be initialized with this function. + */ +void ngtcp2_map_entry_init(ngtcp2_map_entry *entry, key_type key); + +/* + * Inserts the new |entry| with the key |entry->key| to the map |map|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_INVALID_ARGUMENT + * The item associated by |key| already exists. + * NGTCP2_ERR_NOMEM + * Out of memory + */ +int ngtcp2_map_insert(ngtcp2_map *map, ngtcp2_map_entry *entry); + +/* + * Returns the entry associated by the key |key|. If there is no such + * entry, this function returns NULL. + */ +ngtcp2_map_entry *ngtcp2_map_find(ngtcp2_map *map, key_type key); + +/* + * Removes the entry associated by the key |key| from the |map|. The + * removed entry is not freed by this function. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_INVALID_ARGUMENT + * The entry associated by |key| does not exist. + */ +int ngtcp2_map_remove(ngtcp2_map *map, key_type key); + +/* + * Removes all entries from |map|. + */ +void ngtcp2_map_clear(ngtcp2_map *map); + +/* + * Returns the number of items stored in the map |map|. + */ +size_t ngtcp2_map_size(ngtcp2_map *map); + +/* + * Applies the function |func| to each entry in the |map| with the + * optional user supplied pointer |ptr|. + * + * If the |func| returns 0, this function calls the |func| with the + * next entry. If the |func| returns nonzero, it will not call the + * |func| for further entries and return the return value of the + * |func| immediately. Thus, this function returns 0 if all the + * invocations of the |func| return 0, or nonzero value which the last + * invocation of |func| returns. + * + * Don't use this function to free each entry. Use + * ngtcp2_map_each_free() instead. + */ +int ngtcp2_map_each(ngtcp2_map *map, + int (*func)(ngtcp2_map_entry *entry, void *ptr), void *ptr); + +#endif /* NGTCP2_MAP_H */ diff --git a/deps/ngtcp2/lib/ngtcp2_mem.c b/deps/ngtcp2/lib/ngtcp2_mem.c new file mode 100644 index 0000000000..2c036ad163 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_mem.c @@ -0,0 +1,75 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * Copyright (c) 2014 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "ngtcp2_mem.h" + +static void *default_malloc(size_t size, void *mem_user_data) { + (void)mem_user_data; + + return malloc(size); +} + +static void default_free(void *ptr, void *mem_user_data) { + (void)mem_user_data; + + free(ptr); +} + +static void *default_calloc(size_t nmemb, size_t size, void *mem_user_data) { + (void)mem_user_data; + + return calloc(nmemb, size); +} + +static void *default_realloc(void *ptr, size_t size, void *mem_user_data) { + (void)mem_user_data; + + return realloc(ptr, size); +} + +static const ngtcp2_mem mem_default = {NULL, default_malloc, default_free, + default_calloc, default_realloc}; + +const ngtcp2_mem *ngtcp2_mem_default(void) { return &mem_default; } + +void *ngtcp2_mem_malloc(const ngtcp2_mem *mem, size_t size) { + return mem->malloc(size, mem->mem_user_data); +} + +void ngtcp2_mem_free(const ngtcp2_mem *mem, void *ptr) { + mem->free(ptr, mem->mem_user_data); +} + +void ngtcp2_mem_free2(ngtcp2_free free_func, void *ptr, void *mem_user_data) { + free_func(ptr, mem_user_data); +} + +void *ngtcp2_mem_calloc(const ngtcp2_mem *mem, size_t nmemb, size_t size) { + return mem->calloc(nmemb, size, mem->mem_user_data); +} + +void *ngtcp2_mem_realloc(const ngtcp2_mem *mem, void *ptr, size_t size) { + return mem->realloc(ptr, size, mem->mem_user_data); +} diff --git a/deps/ngtcp2/lib/ngtcp2_mem.h b/deps/ngtcp2/lib/ngtcp2_mem.h new file mode 100644 index 0000000000..cdecf8763a --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_mem.h @@ -0,0 +1,43 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * Copyright (c) 2014 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGTCP2_MEM_H +#define NGTCP2_MEM_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +/* Convenient wrapper functions to call allocator function in + |mem|. */ +void *ngtcp2_mem_malloc(const ngtcp2_mem *mem, size_t size); +void ngtcp2_mem_free(const ngtcp2_mem *mem, void *ptr); +void ngtcp2_mem_free2(ngtcp2_free free_func, void *ptr, void *mem_user_data); +void *ngtcp2_mem_calloc(const ngtcp2_mem *mem, size_t nmemb, size_t size); +void *ngtcp2_mem_realloc(const ngtcp2_mem *mem, void *ptr, size_t size); + +#endif /* NGTCP2_MEM_H */ diff --git a/deps/ngtcp2/lib/ngtcp2_net.h b/deps/ngtcp2/lib/ngtcp2_net.h new file mode 100644 index 0000000000..9c121ea7f2 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_net.h @@ -0,0 +1,91 @@ +/* + * ngtcp2 + * + * Copyright (c) 2019 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGTCP2_NET_H +#define NGTCP2_NET_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#ifdef HAVE_ARPA_INET_H +# include +#endif /* HAVE_ARPA_INET_H */ + +#ifdef HAVE_NETINET_IN_H +# include +#endif /* HAVE_NETINET_IN_H */ + +#include + +#if defined(WIN32) +/* Windows requires ws2_32 library for ntonl family functions. We + define inline functions for those function so that we don't have + dependeny on that lib. */ + +# ifdef _MSC_VER +# define STIN static __inline +# else +# define STIN static inline +# endif + +STIN uint32_t htonl(uint32_t hostlong) { + uint32_t res; + unsigned char *p = (unsigned char *)&res; + *p++ = hostlong >> 24; + *p++ = (hostlong >> 16) & 0xffu; + *p++ = (hostlong >> 8) & 0xffu; + *p = hostlong & 0xffu; + return res; +} + +STIN uint16_t htons(uint16_t hostshort) { + uint16_t res; + unsigned char *p = (unsigned char *)&res; + *p++ = hostshort >> 8; + *p = hostshort & 0xffu; + return res; +} + +STIN uint32_t ntohl(uint32_t netlong) { + uint32_t res; + unsigned char *p = (unsigned char *)&netlong; + res = *p++ << 24; + res += *p++ << 16; + res += *p++ << 8; + res += *p; + return res; +} + +STIN uint16_t ntohs(uint16_t netshort) { + uint16_t res; + unsigned char *p = (unsigned char *)&netshort; + res = *p++ << 8; + res += *p; + return res; +} + +#endif /* WIN32 */ + +#endif /* NGTCP2_NET_H */ diff --git a/deps/ngtcp2/lib/ngtcp2_path.c b/deps/ngtcp2/lib/ngtcp2_path.c new file mode 100644 index 0000000000..ebda947c6d --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_path.c @@ -0,0 +1,68 @@ +/* + * ngtcp2 + * + * Copyright (c) 2019 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "ngtcp2_path.h" + +#include + +#include "ngtcp2_addr.h" + +void ngtcp2_path_init(ngtcp2_path *path, const ngtcp2_addr *local, + const ngtcp2_addr *remote) { + path->local = *local; + path->remote = *remote; +} + +void ngtcp2_path_copy(ngtcp2_path *dest, const ngtcp2_path *src) { + ngtcp2_addr_copy(&dest->local, &src->local); + ngtcp2_addr_copy(&dest->remote, &src->remote); +} + +int ngtcp2_path_eq(const ngtcp2_path *a, const ngtcp2_path *b) { + return ngtcp2_addr_eq(&a->local, &b->local) && + ngtcp2_addr_eq(&a->remote, &b->remote); +} + +void ngtcp2_path_storage_init(ngtcp2_path_storage *ps, const void *local_addr, + size_t local_addrlen, void *local_user_data, + const void *remote_addr, size_t remote_addrlen, + void *remote_user_data) { + ngtcp2_addr_init(&ps->path.local, ps->local_addrbuf, 0, local_user_data); + ngtcp2_addr_init(&ps->path.remote, ps->remote_addrbuf, 0, remote_user_data); + + ngtcp2_addr_copy_byte(&ps->path.local, local_addr, local_addrlen); + ngtcp2_addr_copy_byte(&ps->path.remote, remote_addr, remote_addrlen); +} + +void ngtcp2_path_storage_init2(ngtcp2_path_storage *ps, + const ngtcp2_path *path) { + ngtcp2_path_storage_init(ps, path->local.addr, path->local.addrlen, + path->local.user_data, path->remote.addr, + path->remote.addrlen, path->remote.user_data); +} + +void ngtcp2_path_storage_zero(ngtcp2_path_storage *ps) { + ngtcp2_addr_init(&ps->path.local, ps->local_addrbuf, 0, NULL); + ngtcp2_addr_init(&ps->path.remote, ps->remote_addrbuf, 0, NULL); +} diff --git a/deps/ngtcp2/lib/ngtcp2_path.h b/deps/ngtcp2/lib/ngtcp2_path.h new file mode 100644 index 0000000000..1b2e2f87c8 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_path.h @@ -0,0 +1,63 @@ +/* + * ngtcp2 + * + * Copyright (c) 2019 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGTCP2_PATH_H +#define NGTCP2_PATH_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +/* + * ngtcp2_path_init initializes |path| with the given addresses. Note + * that the buffer pointed by local->addr and remote->addr are not + * copied. Their pointer values are assigned instead. + */ +void ngtcp2_path_init(ngtcp2_path *path, const ngtcp2_addr *local, + const ngtcp2_addr *remote); + +/* + * ngtcp2_path_copy copies |src| into |dest|. This function assumes + * that |dest| has enough buffer to store the deep copy of src->local + * and src->remote. + */ +void ngtcp2_path_copy(ngtcp2_path *dest, const ngtcp2_path *src); + +/* + * ngtcp2_path_eq returns nonzero if |a| equals |b| such that + * ngtcp2_addr_eq(&a->local, &b->local) && ngtcp2_addr_eq(&a->remote, + * &b->remote) is true. + */ +int ngtcp2_path_eq(const ngtcp2_path *a, const ngtcp2_path *b); + +/* + * ngtcp2_path_storage_init2 initializes |ps| using |path| as initial + * data. + */ +void ngtcp2_path_storage_init2(ngtcp2_path_storage *ps, + const ngtcp2_path *path); + +#endif /* NGTCP2_PATH_H */ diff --git a/deps/ngtcp2/lib/ngtcp2_pkt.c b/deps/ngtcp2/lib/ngtcp2_pkt.c new file mode 100644 index 0000000000..7dc310f162 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_pkt.c @@ -0,0 +1,2144 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "ngtcp2_pkt.h" + +#include +#include +#include + +#include "ngtcp2_conv.h" +#include "ngtcp2_str.h" +#include "ngtcp2_macro.h" +#include "ngtcp2_cid.h" +#include "ngtcp2_mem.h" + +int ngtcp2_pkt_chain_new(ngtcp2_pkt_chain **ppc, const ngtcp2_path *path, + const uint8_t *pkt, size_t pktlen, ngtcp2_tstamp ts, + const ngtcp2_mem *mem) { + *ppc = ngtcp2_mem_malloc(mem, sizeof(ngtcp2_pkt_chain) + pktlen); + if (*ppc == NULL) { + return NGTCP2_ERR_NOMEM; + } + + ngtcp2_path_storage_init2(&(*ppc)->path, path); + (*ppc)->next = NULL; + (*ppc)->pkt = (uint8_t *)(*ppc) + sizeof(ngtcp2_pkt_chain); + (*ppc)->pktlen = pktlen; + (*ppc)->ts = ts; + + memcpy((*ppc)->pkt, pkt, pktlen); + + return 0; +} + +void ngtcp2_pkt_chain_del(ngtcp2_pkt_chain *pc, const ngtcp2_mem *mem) { + ngtcp2_mem_free(mem, pc); +} + +int ngtcp2_pkt_decode_version_cid(uint32_t *pversion, const uint8_t **pdcid, + size_t *pdcidlen, const uint8_t **pscid, + size_t *pscidlen, const uint8_t *data, + size_t datalen, size_t short_dcidlen) { + size_t len; + uint32_t version; + size_t dcidlen, scidlen; + + assert(datalen); + + if (data[0] & NGTCP2_HEADER_FORM_BIT) { + len = 1 + 4 + 1 + 1; + if (datalen < len) { + return NGTCP2_ERR_INVALID_ARGUMENT; + } + + dcidlen = data[5]; + len += dcidlen; + if (datalen < len) { + return NGTCP2_ERR_INVALID_ARGUMENT; + } + scidlen = data[5 + 1 + dcidlen]; + len += scidlen; + if (datalen < len) { + return NGTCP2_ERR_INVALID_ARGUMENT; + } + + version = ngtcp2_get_uint32(&data[1]); + + if ((version == 0 || version == NGTCP2_PROTO_VER) && + (dcidlen > NGTCP2_MAX_CIDLEN || scidlen > NGTCP2_MAX_CIDLEN)) { + return NGTCP2_ERR_INVALID_ARGUMENT; + } + + *pversion = version; + *pdcid = &data[6]; + *pdcidlen = dcidlen; + *pscid = &data[6 + dcidlen + 1]; + *pscidlen = scidlen; + + if (version && version != NGTCP2_PROTO_VER) { + return 1; + } + return 0; + } + + assert(short_dcidlen <= NGTCP2_MAX_CIDLEN); + + len = 1 + short_dcidlen; + if (datalen < len) { + return NGTCP2_ERR_INVALID_ARGUMENT; + } + + *pversion = NGTCP2_PROTO_VER; + *pdcid = &data[1]; + *pdcidlen = short_dcidlen; + *pscid = NULL; + *pscidlen = 0; + + return 0; +} + +void ngtcp2_pkt_hd_init(ngtcp2_pkt_hd *hd, uint8_t flags, uint8_t type, + const ngtcp2_cid *dcid, const ngtcp2_cid *scid, + int64_t pkt_num, size_t pkt_numlen, uint32_t version, + size_t len) { + hd->flags = flags; + hd->type = type; + if (dcid) { + hd->dcid = *dcid; + } else { + ngtcp2_cid_zero(&hd->dcid); + } + if (scid) { + hd->scid = *scid; + } else { + ngtcp2_cid_zero(&hd->scid); + } + hd->pkt_num = pkt_num; + hd->token = NULL; + hd->tokenlen = 0; + hd->pkt_numlen = pkt_numlen; + hd->version = version; + hd->len = len; +} + +static int has_mask(uint8_t b, uint8_t mask) { return (b & mask) == mask; } + +ssize_t ngtcp2_pkt_decode_hd_long(ngtcp2_pkt_hd *dest, const uint8_t *pkt, + size_t pktlen) { + uint8_t type; + uint32_t version; + size_t dcil, scil; + const uint8_t *p; + size_t len = 0; + size_t n; + size_t ntokenlen = 0; + const uint8_t *token = NULL; + size_t tokenlen = 0; + + if (pktlen < 5) { + return NGTCP2_ERR_INVALID_ARGUMENT; + } + + if (!(pkt[0] & NGTCP2_HEADER_FORM_BIT)) { + return NGTCP2_ERR_INVALID_ARGUMENT; + } + + version = ngtcp2_get_uint32(&pkt[1]); + + if (version == 0) { + type = NGTCP2_PKT_VERSION_NEGOTIATION; + /* This must be Version Negotiation packet which lacks packet + number and payload length fields. */ + len = 5 + 2; + } else { + if (!(pkt[0] & NGTCP2_FIXED_BIT_MASK)) { + return NGTCP2_ERR_INVALID_ARGUMENT; + } + + type = ngtcp2_pkt_get_type_long(pkt[0]); + switch (type) { + case NGTCP2_PKT_INITIAL: + len = 1 /* Token Length */ + NGTCP2_MIN_LONG_HEADERLEN - + 1; /* Cut packet number field */ + break; + case NGTCP2_PKT_RETRY: + /* Retry packet does not have packet number and length fields */ + len = 5 + 2; + break; + case NGTCP2_PKT_HANDSHAKE: + case NGTCP2_PKT_0RTT: + len = NGTCP2_MIN_LONG_HEADERLEN - 1; /* Cut packet number field */ + break; + default: + /* Unreachable */ + assert(0); + } + } + + if (pktlen < len) { + return NGTCP2_ERR_INVALID_ARGUMENT; + } + + p = &pkt[5]; + dcil = *p; + if (dcil > NGTCP2_MAX_CIDLEN) { + /* QUIC v1 implementation never expect to receive CID length more + than NGTCP2_MAX_CIDLEN. */ + return NGTCP2_ERR_INVALID_ARGUMENT; + } + len += dcil; + + if (pktlen < len) { + return NGTCP2_ERR_INVALID_ARGUMENT; + } + + p += 1 + dcil; + scil = *p; + if (scil > NGTCP2_MAX_CIDLEN) { + return NGTCP2_ERR_INVALID_ARGUMENT; + } + len += scil; + + if (pktlen < len) { + return NGTCP2_ERR_INVALID_ARGUMENT; + } + + p += 1 + scil; + + if (type == NGTCP2_PKT_INITIAL) { + /* Token Length */ + ntokenlen = ngtcp2_get_varint_len(p); + len += ntokenlen - 1; + + if (pktlen < len) { + return NGTCP2_ERR_INVALID_ARGUMENT; + } + + tokenlen = ngtcp2_get_varint(&ntokenlen, p); + len += tokenlen; + + if (pktlen < len) { + return NGTCP2_ERR_INVALID_ARGUMENT; + } + + p += ntokenlen; + + if (tokenlen) { + token = p; + } + + p += tokenlen; + } + + switch (type) { + case NGTCP2_PKT_VERSION_NEGOTIATION: + case NGTCP2_PKT_RETRY: + break; + default: + /* Length */ + n = ngtcp2_get_varint_len(p); + len += n - 1; + + if (pktlen < len) { + return NGTCP2_ERR_INVALID_ARGUMENT; + } + } + + dest->flags = NGTCP2_PKT_FLAG_LONG_FORM; + dest->type = type; + dest->version = version; + dest->pkt_num = 0; + dest->pkt_numlen = 0; + + p = &pkt[6]; + ngtcp2_cid_init(&dest->dcid, p, dcil); + p += dcil + 1; + ngtcp2_cid_init(&dest->scid, p, scil); + p += scil; + + dest->token = (uint8_t *)token; + dest->tokenlen = tokenlen; + p += ntokenlen + tokenlen; + + switch (type) { + case NGTCP2_PKT_VERSION_NEGOTIATION: + case NGTCP2_PKT_RETRY: + dest->len = 0; + break; + default: + dest->len = ngtcp2_get_varint(&n, p); + p += n; + } + + assert((size_t)(p - pkt) == len); + + return (ssize_t)len; +} + +ssize_t ngtcp2_pkt_decode_hd_short(ngtcp2_pkt_hd *dest, const uint8_t *pkt, + size_t pktlen, size_t dcidlen) { + size_t len = 1 + dcidlen; + const uint8_t *p = pkt; + + assert(dcidlen <= NGTCP2_MAX_CIDLEN); + + if (pktlen < len) { + return NGTCP2_ERR_INVALID_ARGUMENT; + } + + if ((pkt[0] & NGTCP2_HEADER_FORM_BIT) || + (pkt[0] & NGTCP2_FIXED_BIT_MASK) == 0) { + return NGTCP2_ERR_INVALID_ARGUMENT; + } + + p = &pkt[1]; + + dest->type = NGTCP2_PKT_SHORT; + + ngtcp2_cid_init(&dest->dcid, p, dcidlen); + p += dcidlen; + + /* Set 0 to SCID so that we don't accidentally reference it and gets + garbage. */ + ngtcp2_cid_zero(&dest->scid); + + dest->flags = NGTCP2_PKT_FLAG_NONE; + dest->version = 0; + dest->len = 0; + dest->pkt_num = 0; + dest->pkt_numlen = 0; + + assert((size_t)(p - pkt) == len); + + return (ssize_t)len; +} + +ssize_t ngtcp2_pkt_encode_hd_long(uint8_t *out, size_t outlen, + const ngtcp2_pkt_hd *hd) { + uint8_t *p; + size_t len = NGTCP2_MIN_LONG_HEADERLEN + hd->dcid.datalen + hd->scid.datalen - + 2; /* NGTCP2_MIN_LONG_HEADERLEN includes 1 byte for + len and 1 byte for packet number. */ + + if (hd->type != NGTCP2_PKT_RETRY) { + len += 2 /* Length */ + hd->pkt_numlen; + } + + if (hd->type == NGTCP2_PKT_INITIAL) { + len += ngtcp2_put_varint_len(hd->tokenlen) + hd->tokenlen; + } + + if (outlen < len) { + return NGTCP2_ERR_NOBUF; + } + + p = out; + + *p++ = NGTCP2_HEADER_FORM_BIT | NGTCP2_FIXED_BIT_MASK | + (uint8_t)(hd->type << 4) | (uint8_t)(hd->pkt_numlen - 1); + p = ngtcp2_put_uint32be(p, hd->version); + *p++ = (uint8_t)hd->dcid.datalen; + if (hd->dcid.datalen) { + p = ngtcp2_cpymem(p, hd->dcid.data, hd->dcid.datalen); + } + *p++ = (uint8_t)hd->scid.datalen; + if (hd->scid.datalen) { + p = ngtcp2_cpymem(p, hd->scid.data, hd->scid.datalen); + } + + if (hd->type == NGTCP2_PKT_INITIAL) { + p = ngtcp2_put_varint(p, hd->tokenlen); + if (hd->tokenlen) { + p = ngtcp2_cpymem(p, hd->token, hd->tokenlen); + } + } + + if (hd->type != NGTCP2_PKT_RETRY) { + p = ngtcp2_put_varint14(p, (uint16_t)hd->len); + p = ngtcp2_put_pkt_num(p, hd->pkt_num, hd->pkt_numlen); + } + + assert((size_t)(p - out) == len); + + return (ssize_t)len; +} + +ssize_t ngtcp2_pkt_encode_hd_short(uint8_t *out, size_t outlen, + const ngtcp2_pkt_hd *hd) { + uint8_t *p; + size_t len = 1 + hd->dcid.datalen + hd->pkt_numlen; + + if (outlen < len) { + return NGTCP2_ERR_NOBUF; + } + + p = out; + + *p = NGTCP2_FIXED_BIT_MASK | (uint8_t)(hd->pkt_numlen - 1); + if (hd->flags & NGTCP2_PKT_FLAG_KEY_PHASE) { + *p |= NGTCP2_SHORT_KEY_PHASE_BIT; + } + + ++p; + + if (hd->dcid.datalen) { + p = ngtcp2_cpymem(p, hd->dcid.data, hd->dcid.datalen); + } + + p = ngtcp2_put_pkt_num(p, hd->pkt_num, hd->pkt_numlen); + + assert((size_t)(p - out) == len); + + return (ssize_t)len; +} + +ssize_t ngtcp2_pkt_decode_frame(ngtcp2_frame *dest, const uint8_t *payload, + size_t payloadlen) { + uint8_t type; + + if (payloadlen == 0) { + return 0; + } + + type = payload[0]; + + switch (type) { + case NGTCP2_FRAME_PADDING: + return (ssize_t)ngtcp2_pkt_decode_padding_frame(&dest->padding, payload, + payloadlen); + case NGTCP2_FRAME_RESET_STREAM: + return ngtcp2_pkt_decode_reset_stream_frame(&dest->reset_stream, payload, + payloadlen); + case NGTCP2_FRAME_CONNECTION_CLOSE: + case NGTCP2_FRAME_CONNECTION_CLOSE_APP: + return ngtcp2_pkt_decode_connection_close_frame(&dest->connection_close, + payload, payloadlen); + case NGTCP2_FRAME_MAX_DATA: + return ngtcp2_pkt_decode_max_data_frame(&dest->max_data, payload, + payloadlen); + case NGTCP2_FRAME_MAX_STREAM_DATA: + return ngtcp2_pkt_decode_max_stream_data_frame(&dest->max_stream_data, + payload, payloadlen); + case NGTCP2_FRAME_MAX_STREAMS_BIDI: + case NGTCP2_FRAME_MAX_STREAMS_UNI: + return ngtcp2_pkt_decode_max_streams_frame(&dest->max_streams, payload, + payloadlen); + case NGTCP2_FRAME_PING: + return ngtcp2_pkt_decode_ping_frame(&dest->ping, payload, payloadlen); + case NGTCP2_FRAME_DATA_BLOCKED: + return ngtcp2_pkt_decode_data_blocked_frame(&dest->data_blocked, payload, + payloadlen); + case NGTCP2_FRAME_STREAM_DATA_BLOCKED: + return ngtcp2_pkt_decode_stream_data_blocked_frame( + &dest->stream_data_blocked, payload, payloadlen); + case NGTCP2_FRAME_STREAMS_BLOCKED_BIDI: + case NGTCP2_FRAME_STREAMS_BLOCKED_UNI: + return ngtcp2_pkt_decode_streams_blocked_frame(&dest->streams_blocked, + payload, payloadlen); + case NGTCP2_FRAME_NEW_CONNECTION_ID: + return ngtcp2_pkt_decode_new_connection_id_frame(&dest->new_connection_id, + payload, payloadlen); + case NGTCP2_FRAME_STOP_SENDING: + return ngtcp2_pkt_decode_stop_sending_frame(&dest->stop_sending, payload, + payloadlen); + case NGTCP2_FRAME_ACK: + return ngtcp2_pkt_decode_ack_frame(&dest->ack, payload, payloadlen); + case NGTCP2_FRAME_PATH_CHALLENGE: + return ngtcp2_pkt_decode_path_challenge_frame(&dest->path_challenge, + payload, payloadlen); + case NGTCP2_FRAME_PATH_RESPONSE: + return ngtcp2_pkt_decode_path_response_frame(&dest->path_response, payload, + payloadlen); + case NGTCP2_FRAME_CRYPTO: + return ngtcp2_pkt_decode_crypto_frame(&dest->crypto, payload, payloadlen); + case NGTCP2_FRAME_NEW_TOKEN: + return ngtcp2_pkt_decode_new_token_frame(&dest->new_token, payload, + payloadlen); + case NGTCP2_FRAME_RETIRE_CONNECTION_ID: + return ngtcp2_pkt_decode_retire_connection_id_frame( + &dest->retire_connection_id, payload, payloadlen); + default: + if (has_mask(type, NGTCP2_FRAME_STREAM)) { + return ngtcp2_pkt_decode_stream_frame(&dest->stream, payload, payloadlen); + } + return NGTCP2_ERR_FRAME_ENCODING; + } +} + +ssize_t ngtcp2_pkt_decode_stream_frame(ngtcp2_stream *dest, + const uint8_t *payload, + size_t payloadlen) { + uint8_t type; + size_t len = 1 + 1; + const uint8_t *p; + size_t datalen; + size_t ndatalen = 0; + size_t n; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + type = payload[0]; + + p = payload + 1; + + n = ngtcp2_get_varint_len(p); + len += n - 1; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p += n; + + if (type & NGTCP2_STREAM_OFF_BIT) { + ++len; + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + n = ngtcp2_get_varint_len(p); + len += n - 1; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p += n; + } + + if (type & NGTCP2_STREAM_LEN_BIT) { + ++len; + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + ndatalen = ngtcp2_get_varint_len(p); + len += ndatalen - 1; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + datalen = ngtcp2_get_varint(&ndatalen, p); + len += datalen; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + } else { + len = payloadlen; + } + + p = payload + 1; + + dest->type = NGTCP2_FRAME_STREAM; + dest->flags = (uint8_t)(type & ~NGTCP2_FRAME_STREAM); + dest->fin = (type & NGTCP2_STREAM_FIN_BIT) != 0; + dest->stream_id = (int64_t)ngtcp2_get_varint(&n, p); + p += n; + + if (type & NGTCP2_STREAM_OFF_BIT) { + dest->offset = ngtcp2_get_varint(&n, p); + p += n; + } else { + dest->offset = 0; + } + + if (type & NGTCP2_STREAM_LEN_BIT) { + p += ndatalen; + } else { + datalen = payloadlen - (size_t)(p - payload); + } + + if (datalen) { + dest->data[0].len = datalen; + dest->data[0].base = (uint8_t *)p; + dest->datacnt = 1; + p += datalen; + } else { + dest->datacnt = 0; + } + + assert((size_t)(p - payload) == len); + + return (ssize_t)len; +} + +ssize_t ngtcp2_pkt_decode_ack_frame(ngtcp2_ack *dest, const uint8_t *payload, + size_t payloadlen) { + size_t num_blks, max_num_blks; + size_t nnum_blks; + size_t len = 1 + 1 + 1 + 1 + 1; + const uint8_t *p; + size_t i, j; + ngtcp2_ack_blk *blk; + size_t n; + uint8_t type; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + type = payload[0]; + + p = payload + 1; + + /* Largest Acknowledged */ + n = ngtcp2_get_varint_len(p); + len += n - 1; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p += n; + + /* ACK Delay */ + n = ngtcp2_get_varint_len(p); + len += n - 1; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p += n; + + /* ACK Block Count */ + nnum_blks = ngtcp2_get_varint_len(p); + len += nnum_blks - 1; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + num_blks = ngtcp2_get_varint(&nnum_blks, p); + len += num_blks * (1 + 1); + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p += nnum_blks; + + /* First ACK Block */ + n = ngtcp2_get_varint_len(p); + len += n - 1; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p += n; + + for (i = 0; i < num_blks; ++i) { + /* Gap, and Additional ACK Block */ + for (j = 0; j < 2; ++j) { + n = ngtcp2_get_varint_len(p); + len += n - 1; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p += n; + } + } + + if (type == NGTCP2_FRAME_ACK_ECN) { + len += 3; + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + for (i = 0; i < 3; ++i) { + n = ngtcp2_get_varint_len(p); + len += n - 1; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p += n; + } + } + + /* TODO We might not decode all blocks. It could be very large. */ + max_num_blks = ngtcp2_min(NGTCP2_MAX_ACK_BLKS, num_blks); + + p = payload + 1; + + dest->type = type; + dest->largest_ack = (int64_t)ngtcp2_get_varint(&n, p); + p += n; + dest->ack_delay = ngtcp2_get_varint(&n, p); + /* This value will be assigned in the upper layer. */ + dest->ack_delay_unscaled = 0; + p += n; + dest->num_blks = max_num_blks; + p += nnum_blks; + dest->first_ack_blklen = ngtcp2_get_varint(&n, p); + p += n; + + for (i = 0; i < max_num_blks; ++i) { + blk = &dest->blks[i]; + blk->gap = ngtcp2_get_varint(&n, p); + p += n; + blk->blklen = ngtcp2_get_varint(&n, p); + p += n; + } + for (i = max_num_blks; i < num_blks; ++i) { + p += ngtcp2_get_varint_len(p); + p += ngtcp2_get_varint_len(p); + } + + if (type == NGTCP2_FRAME_ACK_ECN) { + /* Just parse ECN section for now */ + for (i = 0; i < 3; ++i) { + ngtcp2_get_varint(&n, p); + p += n; + } + } + + assert((size_t)(p - payload) == len); + + return (ssize_t)len; +} + +size_t ngtcp2_pkt_decode_padding_frame(ngtcp2_padding *dest, + const uint8_t *payload, + size_t payloadlen) { + const uint8_t *p, *ep; + + assert(payloadlen > 0); + + p = payload + 1; + ep = payload + payloadlen; + + for (; p != ep && *p == NGTCP2_FRAME_PADDING; ++p) + ; + + dest->type = NGTCP2_FRAME_PADDING; + dest->len = (size_t)(p - payload); + + return (size_t)(p - payload); +} + +ssize_t ngtcp2_pkt_decode_reset_stream_frame(ngtcp2_reset_stream *dest, + const uint8_t *payload, + size_t payloadlen) { + size_t len = 1 + 1 + 1 + 1; + const uint8_t *p; + size_t n; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p = payload + 1; + + n = ngtcp2_get_varint_len(p); + len += n - 1; + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + p += n; + n = ngtcp2_get_varint_len(p); + len += n - 1; + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + p += n; + n = ngtcp2_get_varint_len(p); + len += n - 1; + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p = payload + 1; + + dest->type = NGTCP2_FRAME_RESET_STREAM; + dest->stream_id = (int64_t)ngtcp2_get_varint(&n, p); + p += n; + dest->app_error_code = ngtcp2_get_varint(&n, p); + p += n; + dest->final_size = ngtcp2_get_varint(&n, p); + p += n; + + assert((size_t)(p - payload) == len); + + return (ssize_t)len; +} + +ssize_t ngtcp2_pkt_decode_connection_close_frame(ngtcp2_connection_close *dest, + const uint8_t *payload, + size_t payloadlen) { + size_t len = 1 + 1 + 1; + const uint8_t *p; + size_t reasonlen; + size_t nreasonlen; + size_t n; + uint8_t type; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + type = payload[0]; + + p = payload + 1; + + n = ngtcp2_get_varint_len(p); + len += n - 1; + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p += n; + + if (type == NGTCP2_FRAME_CONNECTION_CLOSE) { + ++len; + + n = ngtcp2_get_varint_len(p); + len += n - 1; + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p += n; + } + + nreasonlen = ngtcp2_get_varint_len(p); + len += nreasonlen - 1; + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + reasonlen = ngtcp2_get_varint(&nreasonlen, p); + len += reasonlen; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p = payload + 1; + + dest->type = type; + dest->error_code = ngtcp2_get_varint(&n, p); + p += n; + if (type == NGTCP2_FRAME_CONNECTION_CLOSE) { + dest->frame_type = ngtcp2_get_varint(&n, p); + p += n; + } else { + dest->frame_type = 0; + } + dest->reasonlen = reasonlen; + p += nreasonlen; + if (reasonlen == 0) { + dest->reason = NULL; + } else { + dest->reason = (uint8_t *)p; + p += reasonlen; + } + + assert((size_t)(p - payload) == len); + + return (ssize_t)len; +} + +ssize_t ngtcp2_pkt_decode_max_data_frame(ngtcp2_max_data *dest, + const uint8_t *payload, + size_t payloadlen) { + size_t len = 1 + 1; + const uint8_t *p; + size_t n; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p = payload + 1; + + n = ngtcp2_get_varint_len(p); + len += n - 1; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + dest->type = NGTCP2_FRAME_MAX_DATA; + dest->max_data = ngtcp2_get_varint(&n, p); + p += n; + + assert((size_t)(p - payload) == len); + + return (ssize_t)len; +} + +ssize_t ngtcp2_pkt_decode_max_stream_data_frame(ngtcp2_max_stream_data *dest, + const uint8_t *payload, + size_t payloadlen) { + size_t len = 1 + 1 + 1; + const uint8_t *p; + size_t n; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p = payload + 1; + + n = ngtcp2_get_varint_len(p); + len += n - 1; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p += n; + + n = ngtcp2_get_varint_len(p); + len += n - 1; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p = payload + 1; + + dest->type = NGTCP2_FRAME_MAX_STREAM_DATA; + dest->stream_id = (int64_t)ngtcp2_get_varint(&n, p); + p += n; + dest->max_stream_data = ngtcp2_get_varint(&n, p); + p += n; + + assert((size_t)(p - payload) == len); + + return (ssize_t)len; +} + +ssize_t ngtcp2_pkt_decode_max_streams_frame(ngtcp2_max_streams *dest, + const uint8_t *payload, + size_t payloadlen) { + size_t len = 1 + 1; + const uint8_t *p; + size_t n; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p = payload + 1; + + n = ngtcp2_get_varint_len(p); + len += n - 1; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + dest->type = payload[0]; + dest->max_streams = ngtcp2_get_varint(&n, p); + p += n; + + assert((size_t)(p - payload) == len); + + return (ssize_t)len; +} + +ssize_t ngtcp2_pkt_decode_ping_frame(ngtcp2_ping *dest, const uint8_t *payload, + size_t payloadlen) { + (void)payload; + (void)payloadlen; + + dest->type = NGTCP2_FRAME_PING; + return 1; +} + +ssize_t ngtcp2_pkt_decode_data_blocked_frame(ngtcp2_data_blocked *dest, + const uint8_t *payload, + size_t payloadlen) { + size_t len = 1 + 1; + const uint8_t *p; + size_t n; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p = payload + 1; + + n = ngtcp2_get_varint_len(p); + len += n - 1; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + dest->type = NGTCP2_FRAME_DATA_BLOCKED; + dest->offset = ngtcp2_get_varint(&n, p); + p += n; + + assert((size_t)(p - payload) == len); + + return (ssize_t)len; +} + +ssize_t +ngtcp2_pkt_decode_stream_data_blocked_frame(ngtcp2_stream_data_blocked *dest, + const uint8_t *payload, + size_t payloadlen) { + size_t len = 1 + 1 + 1; + const uint8_t *p; + size_t n; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p = payload + 1; + + n = ngtcp2_get_varint_len(p); + len += n - 1; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p += n; + + n = ngtcp2_get_varint_len(p); + len += n - 1; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p = payload + 1; + + dest->type = NGTCP2_FRAME_STREAM_DATA_BLOCKED; + dest->stream_id = (int64_t)ngtcp2_get_varint(&n, p); + p += n; + dest->offset = ngtcp2_get_varint(&n, p); + p += n; + + assert((size_t)(p - payload) == len); + + return (ssize_t)len; +} + +ssize_t ngtcp2_pkt_decode_streams_blocked_frame(ngtcp2_streams_blocked *dest, + const uint8_t *payload, + size_t payloadlen) { + size_t len = 1 + 1; + const uint8_t *p; + size_t n; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p = payload + 1; + + n = ngtcp2_get_varint_len(p); + len += n - 1; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + dest->type = payload[0]; + dest->stream_limit = ngtcp2_get_varint(&n, p); + p += n; + + assert((size_t)(p - payload) == len); + + return (ssize_t)len; +} + +ssize_t ngtcp2_pkt_decode_new_connection_id_frame( + ngtcp2_new_connection_id *dest, const uint8_t *payload, size_t payloadlen) { + size_t len = 1 + 1 + 1 + 1 + 16; + const uint8_t *p; + size_t n; + size_t cil; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p = payload + 1; + + n = ngtcp2_get_varint_len(p); + len += n - 1; + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p += n; + + n = ngtcp2_get_varint_len(p); + len += n - 1; + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p += n; + + cil = *p; + if (cil < NGTCP2_MIN_CIDLEN || cil > NGTCP2_MAX_CIDLEN) { + return NGTCP2_ERR_PROTO; + } + + len += cil; + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p = payload + 1; + + dest->type = NGTCP2_FRAME_NEW_CONNECTION_ID; + dest->seq = ngtcp2_get_varint(&n, p); + p += n; + dest->retire_prior_to = ngtcp2_get_varint(&n, p); + p += n + 1; + ngtcp2_cid_init(&dest->cid, p, cil); + p += cil; + memcpy(dest->stateless_reset_token, p, NGTCP2_STATELESS_RESET_TOKENLEN); + p += NGTCP2_STATELESS_RESET_TOKENLEN; + + assert((size_t)(p - payload) == len); + + return (ssize_t)len; +} + +ssize_t ngtcp2_pkt_decode_stop_sending_frame(ngtcp2_stop_sending *dest, + const uint8_t *payload, + size_t payloadlen) { + size_t len = 1 + 1 + 1; + const uint8_t *p; + size_t n; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p = payload + 1; + + n = ngtcp2_get_varint_len(p); + len += n - 1; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + p += n; + n = ngtcp2_get_varint_len(p); + len += n - 1; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p = payload + 1; + + dest->type = NGTCP2_FRAME_STOP_SENDING; + dest->stream_id = (int64_t)ngtcp2_get_varint(&n, p); + p += n; + dest->app_error_code = ngtcp2_get_varint(&n, p); + p += n; + + assert((size_t)(p - payload) == len); + + return (ssize_t)len; +} + +ssize_t ngtcp2_pkt_decode_path_challenge_frame(ngtcp2_path_challenge *dest, + const uint8_t *payload, + size_t payloadlen) { + size_t len = 1 + 8; + const uint8_t *p; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p = payload + 1; + + dest->type = NGTCP2_FRAME_PATH_CHALLENGE; + ngtcp2_cpymem(dest->data, p, sizeof(dest->data)); + p += sizeof(dest->data); + + assert((size_t)(p - payload) == len); + + return (ssize_t)len; +} + +ssize_t ngtcp2_pkt_decode_path_response_frame(ngtcp2_path_response *dest, + const uint8_t *payload, + size_t payloadlen) { + size_t len = 1 + 8; + const uint8_t *p; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p = payload + 1; + + dest->type = NGTCP2_FRAME_PATH_RESPONSE; + ngtcp2_cpymem(dest->data, p, sizeof(dest->data)); + p += sizeof(dest->data); + + assert((size_t)(p - payload) == len); + + return (ssize_t)len; +} + +ssize_t ngtcp2_pkt_decode_crypto_frame(ngtcp2_crypto *dest, + const uint8_t *payload, + size_t payloadlen) { + size_t len = 1 + 1 + 1; + const uint8_t *p; + size_t datalen; + size_t ndatalen; + size_t n; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p = payload + 1; + + n = ngtcp2_get_varint_len(p); + len += n - 1; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p += n; + + ndatalen = ngtcp2_get_varint_len(p); + len += ndatalen - 1; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + datalen = ngtcp2_get_varint(&ndatalen, p); + len += datalen; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p = payload + 1; + + dest->type = NGTCP2_FRAME_CRYPTO; + dest->offset = ngtcp2_get_varint(&n, p); + p += n; + dest->data[0].len = datalen; + p += ndatalen; + if (dest->data[0].len) { + dest->data[0].base = (uint8_t *)p; + p += dest->data[0].len; + dest->datacnt = 1; + } else { + dest->data[0].base = NULL; + dest->datacnt = 0; + } + + assert((size_t)(p - payload) == len); + + return (ssize_t)len; +} + +ssize_t ngtcp2_pkt_decode_new_token_frame(ngtcp2_new_token *dest, + const uint8_t *payload, + size_t payloadlen) { + size_t len = 1 + 1; + const uint8_t *p; + size_t n; + size_t datalen; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p = payload + 1; + + n = ngtcp2_get_varint_len(p); + len += n - 1; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + datalen = ngtcp2_get_varint(&n, p); + len += datalen; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + dest->type = NGTCP2_FRAME_NEW_TOKEN; + dest->tokenlen = datalen; + p += n; + dest->token = p; + p += dest->tokenlen; + + assert((size_t)(p - payload) == len); + + return (ssize_t)len; +} + +ssize_t +ngtcp2_pkt_decode_retire_connection_id_frame(ngtcp2_retire_connection_id *dest, + const uint8_t *payload, + size_t payloadlen) { + size_t len = 1 + 1; + const uint8_t *p; + size_t n; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + p = payload + 1; + + n = ngtcp2_get_varint_len(p); + len += n - 1; + + if (payloadlen < len) { + return NGTCP2_ERR_FRAME_ENCODING; + } + + dest->type = NGTCP2_FRAME_RETIRE_CONNECTION_ID; + dest->seq = ngtcp2_get_varint(&n, p); + p += n; + + assert((size_t)(p - payload) == len); + + return (ssize_t)len; +} + +ssize_t ngtcp2_pkt_encode_frame(uint8_t *out, size_t outlen, ngtcp2_frame *fr) { + switch (fr->type) { + case NGTCP2_FRAME_STREAM: + return ngtcp2_pkt_encode_stream_frame(out, outlen, &fr->stream); + case NGTCP2_FRAME_ACK: + return ngtcp2_pkt_encode_ack_frame(out, outlen, &fr->ack); + case NGTCP2_FRAME_PADDING: + return ngtcp2_pkt_encode_padding_frame(out, outlen, &fr->padding); + case NGTCP2_FRAME_RESET_STREAM: + return ngtcp2_pkt_encode_reset_stream_frame(out, outlen, &fr->reset_stream); + case NGTCP2_FRAME_CONNECTION_CLOSE: + case NGTCP2_FRAME_CONNECTION_CLOSE_APP: + return ngtcp2_pkt_encode_connection_close_frame(out, outlen, + &fr->connection_close); + case NGTCP2_FRAME_MAX_DATA: + return ngtcp2_pkt_encode_max_data_frame(out, outlen, &fr->max_data); + case NGTCP2_FRAME_MAX_STREAM_DATA: + return ngtcp2_pkt_encode_max_stream_data_frame(out, outlen, + &fr->max_stream_data); + case NGTCP2_FRAME_MAX_STREAMS_BIDI: + case NGTCP2_FRAME_MAX_STREAMS_UNI: + return ngtcp2_pkt_encode_max_streams_frame(out, outlen, &fr->max_streams); + case NGTCP2_FRAME_PING: + return ngtcp2_pkt_encode_ping_frame(out, outlen, &fr->ping); + case NGTCP2_FRAME_DATA_BLOCKED: + return ngtcp2_pkt_encode_data_blocked_frame(out, outlen, &fr->data_blocked); + case NGTCP2_FRAME_STREAM_DATA_BLOCKED: + return ngtcp2_pkt_encode_stream_data_blocked_frame( + out, outlen, &fr->stream_data_blocked); + case NGTCP2_FRAME_STREAMS_BLOCKED_BIDI: + case NGTCP2_FRAME_STREAMS_BLOCKED_UNI: + return ngtcp2_pkt_encode_streams_blocked_frame(out, outlen, + &fr->streams_blocked); + case NGTCP2_FRAME_NEW_CONNECTION_ID: + return ngtcp2_pkt_encode_new_connection_id_frame(out, outlen, + &fr->new_connection_id); + case NGTCP2_FRAME_STOP_SENDING: + return ngtcp2_pkt_encode_stop_sending_frame(out, outlen, &fr->stop_sending); + case NGTCP2_FRAME_PATH_CHALLENGE: + return ngtcp2_pkt_encode_path_challenge_frame(out, outlen, + &fr->path_challenge); + case NGTCP2_FRAME_PATH_RESPONSE: + return ngtcp2_pkt_encode_path_response_frame(out, outlen, + &fr->path_response); + case NGTCP2_FRAME_CRYPTO: + return ngtcp2_pkt_encode_crypto_frame(out, outlen, &fr->crypto); + case NGTCP2_FRAME_NEW_TOKEN: + return ngtcp2_pkt_encode_new_token_frame(out, outlen, &fr->new_token); + case NGTCP2_FRAME_RETIRE_CONNECTION_ID: + return ngtcp2_pkt_encode_retire_connection_id_frame( + out, outlen, &fr->retire_connection_id); + default: + return NGTCP2_ERR_INVALID_ARGUMENT; + } +} + +ssize_t ngtcp2_pkt_encode_stream_frame(uint8_t *out, size_t outlen, + ngtcp2_stream *fr) { + size_t len = 1; + uint8_t flags = NGTCP2_STREAM_LEN_BIT; + uint8_t *p; + size_t i; + size_t datalen = 0; + + if (fr->fin) { + flags |= NGTCP2_STREAM_FIN_BIT; + } + + if (fr->offset) { + flags |= NGTCP2_STREAM_OFF_BIT; + len += ngtcp2_put_varint_len(fr->offset); + } + + len += ngtcp2_put_varint_len((uint64_t)fr->stream_id); + + for (i = 0; i < fr->datacnt; ++i) { + datalen += fr->data[i].len; + } + + len += ngtcp2_put_varint_len(datalen); + len += datalen; + + if (outlen < len) { + return NGTCP2_ERR_NOBUF; + } + + p = out; + + *p++ = flags | NGTCP2_FRAME_STREAM; + + fr->flags = flags; + + p = ngtcp2_put_varint(p, (uint64_t)fr->stream_id); + + if (fr->offset) { + p = ngtcp2_put_varint(p, fr->offset); + } + + p = ngtcp2_put_varint(p, datalen); + + for (i = 0; i < fr->datacnt; ++i) { + assert(fr->data[i].len); + assert(fr->data[i].base); + p = ngtcp2_cpymem(p, fr->data[i].base, fr->data[i].len); + } + + assert((size_t)(p - out) == len); + + return (ssize_t)len; +} + +ssize_t ngtcp2_pkt_encode_ack_frame(uint8_t *out, size_t outlen, + ngtcp2_ack *fr) { + size_t len = 1 + ngtcp2_put_varint_len((uint64_t)fr->largest_ack) + + ngtcp2_put_varint_len(fr->ack_delay) + + ngtcp2_put_varint_len(fr->num_blks) + + ngtcp2_put_varint_len(fr->first_ack_blklen); + uint8_t *p; + size_t i; + const ngtcp2_ack_blk *blk; + + for (i = 0; i < fr->num_blks; ++i) { + blk = &fr->blks[i]; + len += ngtcp2_put_varint_len(blk->gap); + len += ngtcp2_put_varint_len(blk->blklen); + } + + if (outlen < len) { + return NGTCP2_ERR_NOBUF; + } + + p = out; + + *p++ = NGTCP2_FRAME_ACK; + p = ngtcp2_put_varint(p, (uint64_t)fr->largest_ack); + p = ngtcp2_put_varint(p, fr->ack_delay); + p = ngtcp2_put_varint(p, fr->num_blks); + p = ngtcp2_put_varint(p, fr->first_ack_blklen); + + for (i = 0; i < fr->num_blks; ++i) { + blk = &fr->blks[i]; + p = ngtcp2_put_varint(p, blk->gap); + p = ngtcp2_put_varint(p, blk->blklen); + } + + assert((size_t)(p - out) == len); + + return (ssize_t)len; +} + +ssize_t ngtcp2_pkt_encode_padding_frame(uint8_t *out, size_t outlen, + const ngtcp2_padding *fr) { + if (outlen < fr->len) { + return NGTCP2_ERR_NOBUF; + } + + memset(out, 0, fr->len); + + return (ssize_t)fr->len; +} + +ssize_t ngtcp2_pkt_encode_reset_stream_frame(uint8_t *out, size_t outlen, + const ngtcp2_reset_stream *fr) { + size_t len = 1 + ngtcp2_put_varint_len((uint64_t)fr->stream_id) + + ngtcp2_put_varint_len(fr->app_error_code) + + ngtcp2_put_varint_len(fr->final_size); + uint8_t *p; + + if (outlen < len) { + return NGTCP2_ERR_NOBUF; + } + + p = out; + + *p++ = NGTCP2_FRAME_RESET_STREAM; + p = ngtcp2_put_varint(p, (uint64_t)fr->stream_id); + p = ngtcp2_put_varint(p, fr->app_error_code); + p = ngtcp2_put_varint(p, fr->final_size); + + assert((size_t)(p - out) == len); + + return (ssize_t)len; +} + +ssize_t +ngtcp2_pkt_encode_connection_close_frame(uint8_t *out, size_t outlen, + const ngtcp2_connection_close *fr) { + size_t len = 1 + ngtcp2_put_varint_len(fr->error_code) + + (fr->type == NGTCP2_FRAME_CONNECTION_CLOSE + ? ngtcp2_put_varint_len(fr->frame_type) + : 0) + + ngtcp2_put_varint_len(fr->reasonlen) + fr->reasonlen; + uint8_t *p; + + if (outlen < len) { + return NGTCP2_ERR_NOBUF; + } + + p = out; + + *p++ = fr->type; + p = ngtcp2_put_varint(p, fr->error_code); + if (fr->type == NGTCP2_FRAME_CONNECTION_CLOSE) { + p = ngtcp2_put_varint(p, fr->frame_type); + } + p = ngtcp2_put_varint(p, fr->reasonlen); + if (fr->reasonlen) { + p = ngtcp2_cpymem(p, fr->reason, fr->reasonlen); + } + + assert((size_t)(p - out) == len); + + return (ssize_t)len; +} + +ssize_t ngtcp2_pkt_encode_max_data_frame(uint8_t *out, size_t outlen, + const ngtcp2_max_data *fr) { + size_t len = 1 + ngtcp2_put_varint_len(fr->max_data); + uint8_t *p; + + if (outlen < len) { + return NGTCP2_ERR_NOBUF; + } + + p = out; + + *p++ = NGTCP2_FRAME_MAX_DATA; + p = ngtcp2_put_varint(p, fr->max_data); + + assert((size_t)(p - out) == len); + + return (ssize_t)len; +} + +ssize_t +ngtcp2_pkt_encode_max_stream_data_frame(uint8_t *out, size_t outlen, + const ngtcp2_max_stream_data *fr) { + size_t len = 1 + ngtcp2_put_varint_len((uint64_t)fr->stream_id) + + ngtcp2_put_varint_len(fr->max_stream_data); + uint8_t *p; + + if (outlen < len) { + return NGTCP2_ERR_NOBUF; + } + + p = out; + + *p++ = NGTCP2_FRAME_MAX_STREAM_DATA; + p = ngtcp2_put_varint(p, (uint64_t)fr->stream_id); + p = ngtcp2_put_varint(p, fr->max_stream_data); + + assert((size_t)(p - out) == len); + + return (ssize_t)len; +} + +ssize_t ngtcp2_pkt_encode_max_streams_frame(uint8_t *out, size_t outlen, + const ngtcp2_max_streams *fr) { + size_t len = 1 + ngtcp2_put_varint_len(fr->max_streams); + uint8_t *p; + + if (outlen < len) { + return NGTCP2_ERR_NOBUF; + } + + p = out; + + *p++ = fr->type; + p = ngtcp2_put_varint(p, fr->max_streams); + + assert((size_t)(p - out) == len); + + return (ssize_t)len; +} + +ssize_t ngtcp2_pkt_encode_ping_frame(uint8_t *out, size_t outlen, + const ngtcp2_ping *fr) { + (void)fr; + + if (outlen < 1) { + return NGTCP2_ERR_NOBUF; + } + + *out++ = NGTCP2_FRAME_PING; + + return 1; +} + +ssize_t ngtcp2_pkt_encode_data_blocked_frame(uint8_t *out, size_t outlen, + const ngtcp2_data_blocked *fr) { + size_t len = 1 + ngtcp2_put_varint_len(fr->offset); + uint8_t *p; + + if (outlen < len) { + return NGTCP2_ERR_NOBUF; + } + + p = out; + + *p++ = NGTCP2_FRAME_DATA_BLOCKED; + p = ngtcp2_put_varint(p, fr->offset); + + assert((size_t)(p - out) == len); + + return (ssize_t)len; +} + +ssize_t ngtcp2_pkt_encode_stream_data_blocked_frame( + uint8_t *out, size_t outlen, const ngtcp2_stream_data_blocked *fr) { + size_t len = 1 + ngtcp2_put_varint_len((uint64_t)fr->stream_id) + + ngtcp2_put_varint_len(fr->offset); + uint8_t *p; + + if (outlen < len) { + return NGTCP2_ERR_NOBUF; + } + + p = out; + + *p++ = NGTCP2_FRAME_STREAM_DATA_BLOCKED; + p = ngtcp2_put_varint(p, (uint64_t)fr->stream_id); + p = ngtcp2_put_varint(p, fr->offset); + + assert((size_t)(p - out) == len); + + return (ssize_t)len; +} + +ssize_t +ngtcp2_pkt_encode_streams_blocked_frame(uint8_t *out, size_t outlen, + const ngtcp2_streams_blocked *fr) { + size_t len = 1 + ngtcp2_put_varint_len(fr->stream_limit); + uint8_t *p; + + if (outlen < len) { + return NGTCP2_ERR_NOBUF; + } + + p = out; + + *p++ = fr->type; + p = ngtcp2_put_varint(p, fr->stream_limit); + + assert((size_t)(p - out) == len); + + return (ssize_t)len; +} + +ssize_t +ngtcp2_pkt_encode_new_connection_id_frame(uint8_t *out, size_t outlen, + const ngtcp2_new_connection_id *fr) { + size_t len = 1 + ngtcp2_put_varint_len(fr->seq) + + ngtcp2_put_varint_len(fr->retire_prior_to) + 1 + + fr->cid.datalen + NGTCP2_STATELESS_RESET_TOKENLEN; + uint8_t *p; + + if (outlen < len) { + return NGTCP2_ERR_NOBUF; + } + + p = out; + + *p++ = NGTCP2_FRAME_NEW_CONNECTION_ID; + p = ngtcp2_put_varint(p, fr->seq); + p = ngtcp2_put_varint(p, fr->retire_prior_to); + *p++ = (uint8_t)fr->cid.datalen; + p = ngtcp2_cpymem(p, fr->cid.data, fr->cid.datalen); + p = ngtcp2_cpymem(p, fr->stateless_reset_token, + NGTCP2_STATELESS_RESET_TOKENLEN); + + assert((size_t)(p - out) == len); + + return (ssize_t)len; +} + +ssize_t ngtcp2_pkt_encode_stop_sending_frame(uint8_t *out, size_t outlen, + const ngtcp2_stop_sending *fr) { + size_t len = 1 + ngtcp2_put_varint_len((uint64_t)fr->stream_id) + + ngtcp2_put_varint_len(fr->app_error_code); + uint8_t *p; + + if (outlen < len) { + return NGTCP2_ERR_NOBUF; + } + + p = out; + + *p++ = NGTCP2_FRAME_STOP_SENDING; + p = ngtcp2_put_varint(p, (uint64_t)fr->stream_id); + p = ngtcp2_put_varint(p, fr->app_error_code); + + assert((size_t)(p - out) == len); + + return (ssize_t)len; +} + +ssize_t +ngtcp2_pkt_encode_path_challenge_frame(uint8_t *out, size_t outlen, + const ngtcp2_path_challenge *fr) { + size_t len = 1 + 8; + uint8_t *p; + + if (outlen < len) { + return NGTCP2_ERR_NOBUF; + } + + p = out; + + *p++ = NGTCP2_FRAME_PATH_CHALLENGE; + p = ngtcp2_cpymem(p, fr->data, sizeof(fr->data)); + + assert((size_t)(p - out) == len); + + return (ssize_t)len; +} + +ssize_t ngtcp2_pkt_encode_path_response_frame(uint8_t *out, size_t outlen, + const ngtcp2_path_response *fr) { + size_t len = 1 + 8; + uint8_t *p; + + if (outlen < len) { + return NGTCP2_ERR_NOBUF; + } + + p = out; + + *p++ = NGTCP2_FRAME_PATH_RESPONSE; + p = ngtcp2_cpymem(p, fr->data, sizeof(fr->data)); + + assert((size_t)(p - out) == len); + + return (ssize_t)len; +} + +ssize_t ngtcp2_pkt_encode_crypto_frame(uint8_t *out, size_t outlen, + const ngtcp2_crypto *fr) { + size_t len = 1; + uint8_t *p; + size_t i; + size_t datalen = 0; + + len += ngtcp2_put_varint_len(fr->offset); + + for (i = 0; i < fr->datacnt; ++i) { + datalen += fr->data[i].len; + } + + len += ngtcp2_put_varint_len(datalen); + len += datalen; + + if (outlen < len) { + return NGTCP2_ERR_NOBUF; + } + + p = out; + + *p++ = NGTCP2_FRAME_CRYPTO; + + p = ngtcp2_put_varint(p, fr->offset); + p = ngtcp2_put_varint(p, datalen); + + for (i = 0; i < fr->datacnt; ++i) { + assert(fr->data[i].base); + p = ngtcp2_cpymem(p, fr->data[i].base, fr->data[i].len); + } + + assert((size_t)(p - out) == len); + + return (ssize_t)len; +} + +ssize_t ngtcp2_pkt_encode_new_token_frame(uint8_t *out, size_t outlen, + const ngtcp2_new_token *fr) { + size_t len = 1 + ngtcp2_put_varint_len(fr->tokenlen) + fr->tokenlen; + uint8_t *p; + + if (outlen < len) { + return NGTCP2_ERR_NOBUF; + } + + p = out; + + *p++ = NGTCP2_FRAME_NEW_TOKEN; + + p = ngtcp2_put_varint(p, fr->tokenlen); + if (fr->tokenlen) { + p = ngtcp2_cpymem(p, fr->token, fr->tokenlen); + } + + assert((size_t)(p - out) == len); + + return (ssize_t)len; +} + +ssize_t ngtcp2_pkt_encode_retire_connection_id_frame( + uint8_t *out, size_t outlen, const ngtcp2_retire_connection_id *fr) { + size_t len = 1 + ngtcp2_put_varint_len(fr->seq); + uint8_t *p; + + if (outlen < len) { + return NGTCP2_ERR_NOBUF; + } + + p = out; + + *p++ = NGTCP2_FRAME_RETIRE_CONNECTION_ID; + + p = ngtcp2_put_varint(p, fr->seq); + + assert((size_t)(p - out) == len); + + return (ssize_t)len; +} + +ssize_t ngtcp2_pkt_write_version_negotiation( + uint8_t *dest, size_t destlen, uint8_t unused_random, const uint8_t *dcid, + size_t dcidlen, const uint8_t *scid, size_t scidlen, const uint32_t *sv, + size_t nsv) { + size_t len = 1 + 4 + 1 + dcidlen + 1 + scidlen + nsv * 4; + uint8_t *p; + size_t i; + + assert(dcidlen < 256); + assert(scidlen < 256); + + if (destlen < len) { + return NGTCP2_ERR_NOBUF; + } + + p = dest; + + *p++ = 0x80 | unused_random; + p = ngtcp2_put_uint32be(p, 0); + *p++ = (uint8_t)dcidlen; + if (dcidlen) { + p = ngtcp2_cpymem(p, dcid, dcidlen); + } + *p++ = (uint8_t)scidlen; + if (scidlen) { + p = ngtcp2_cpymem(p, scid, scidlen); + } + + for (i = 0; i < nsv; ++i) { + p = ngtcp2_put_uint32be(p, sv[i]); + } + + assert((size_t)(p - dest) == len); + + return (ssize_t)len; +} + +size_t ngtcp2_pkt_decode_version_negotiation(uint32_t *dest, + const uint8_t *payload, + size_t payloadlen) { + const uint8_t *end = payload + payloadlen; + + assert((payloadlen % sizeof(uint32_t)) == 0); + + for (; payload != end; payload += sizeof(uint32_t)) { + *dest++ = ngtcp2_get_uint32(payload); + } + + return payloadlen / sizeof(uint32_t); +} + +int ngtcp2_pkt_decode_stateless_reset(ngtcp2_pkt_stateless_reset *sr, + const uint8_t *payload, + size_t payloadlen) { + const uint8_t *p = payload; + + if (payloadlen < + NGTCP2_MIN_STATELESS_RESET_RANDLEN + NGTCP2_STATELESS_RESET_TOKENLEN) { + return NGTCP2_ERR_INVALID_ARGUMENT; + } + + sr->rand = p; + sr->randlen = payloadlen - NGTCP2_STATELESS_RESET_TOKENLEN; + p += sr->randlen; + sr->stateless_reset_token = p; + + return 0; +} + +int ngtcp2_pkt_decode_retry(ngtcp2_pkt_retry *dest, const uint8_t *payload, + size_t payloadlen) { + size_t len = 1; + const uint8_t *p = payload; + size_t odcil; + + if (payloadlen < len) { + return NGTCP2_ERR_INVALID_ARGUMENT; + } + + odcil = p[0]; + if (odcil > NGTCP2_MAX_CIDLEN) { + return NGTCP2_ERR_INVALID_ARGUMENT; + } + + len += odcil; + if (payloadlen < len) { + return NGTCP2_ERR_INVALID_ARGUMENT; + } + + ++p; + + ngtcp2_cid_init(&dest->odcid, p, odcil); + p += odcil; + + dest->tokenlen = (size_t)(payload + payloadlen - p); + if (dest->tokenlen) { + dest->token = p; + } else { + dest->token = NULL; + } + + return 0; +} + +int64_t ngtcp2_pkt_adjust_pkt_num(int64_t max_pkt_num, int64_t pkt_num, + size_t n) { + int64_t expected = max_pkt_num + 1; + int64_t win = (int64_t)1 << n; + int64_t hwin = win / 2; + int64_t mask = win - 1; + int64_t cand = (expected & ~mask) | pkt_num; + + if (cand <= expected - hwin) { + return cand + win; + } + if (cand > expected + hwin && cand > win) { + return cand - win; + } + return cand; +} + +int ngtcp2_pkt_validate_ack(ngtcp2_ack *fr) { + int64_t largest_ack = fr->largest_ack; + size_t i; + + if (largest_ack < (int64_t)fr->first_ack_blklen) { + return NGTCP2_ERR_ACK_FRAME; + } + + largest_ack -= (int64_t)fr->first_ack_blklen; + + for (i = 0; i < fr->num_blks; ++i) { + if (largest_ack < (int64_t)fr->blks[i].gap + 2) { + return NGTCP2_ERR_ACK_FRAME; + } + + largest_ack -= (int64_t)fr->blks[i].gap + 2; + + if (largest_ack < (int64_t)fr->blks[i].blklen) { + return NGTCP2_ERR_ACK_FRAME; + } + + largest_ack -= (int64_t)fr->blks[i].blklen; + } + + return 0; +} + +ssize_t ngtcp2_pkt_write_stateless_reset(uint8_t *dest, size_t destlen, + uint8_t *stateless_reset_token, + uint8_t *rand, size_t randlen) { + uint8_t *p; + + if (destlen < + NGTCP2_MIN_STATELESS_RESET_RANDLEN + NGTCP2_STATELESS_RESET_TOKENLEN) { + return NGTCP2_ERR_NOBUF; + } + + if (randlen < NGTCP2_MIN_STATELESS_RESET_RANDLEN) { + return NGTCP2_ERR_INVALID_ARGUMENT; + } + + p = dest; + + randlen = ngtcp2_min(destlen - NGTCP2_STATELESS_RESET_TOKENLEN, randlen); + + p = ngtcp2_cpymem(p, rand, randlen); + p = ngtcp2_cpymem(p, stateless_reset_token, NGTCP2_STATELESS_RESET_TOKENLEN); + *dest = (uint8_t)((*dest & 0x7fu) | 0x40u); + + return p - dest; +} + +ssize_t ngtcp2_pkt_write_retry(uint8_t *dest, size_t destlen, + const ngtcp2_pkt_hd *hd, const ngtcp2_cid *odcid, + const uint8_t *token, size_t tokenlen) { + uint8_t *p; + ssize_t nwrite; + + assert(hd->flags & NGTCP2_PKT_FLAG_LONG_FORM); + assert(hd->type == NGTCP2_PKT_RETRY); + assert(tokenlen > 0); + + /* Retry packet is sent at most once per one connection attempt. In + the first connection attempt, client has to send random DCID + which is at least 8 bytes long. */ + if (odcid->datalen < 8) { + return NGTCP2_ERR_INVALID_ARGUMENT; + } + + nwrite = ngtcp2_pkt_encode_hd_long(dest, destlen, hd); + if (nwrite < 0) { + return nwrite; + } + + if (destlen < + (size_t)nwrite + 1 /* ODCID Len */ + odcid->datalen + tokenlen) { + return NGTCP2_ERR_NOBUF; + } + + dest[0] &= 0xf0; + + p = dest + nwrite; + + *p++ = (uint8_t)odcid->datalen; + if (odcid->datalen) { + p = ngtcp2_cpymem(p, odcid->data, odcid->datalen); + } + + p = ngtcp2_cpymem(p, token, tokenlen); + + return p - dest; +} + +size_t ngtcp2_pkt_stream_max_datalen(int64_t stream_id, uint64_t offset, + size_t len, size_t left) { + size_t n = 1 /* type */ + ngtcp2_put_varint_len((uint64_t)stream_id) + + (offset ? ngtcp2_put_varint_len(offset) : 0); + + if (left <= n) { + return (size_t)-1; + } + + left -= n; + + if (left > 8 + 1073741823 && len > 1073741823) { + len = ngtcp2_min(len, 4611686018427387903lu); + return ngtcp2_min(len, left - 8); + } + + if (left > 4 + 16383 && len > 16383) { + len = ngtcp2_min(len, 1073741823); + return ngtcp2_min(len, left - 4); + } + + if (left > 2 + 63 && len > 63) { + len = ngtcp2_min(len, 16383); + return ngtcp2_min(len, left - 2); + } + + len = ngtcp2_min(len, 63); + return ngtcp2_min(len, left - 1); +} + +size_t ngtcp2_pkt_crypto_max_datalen(uint64_t offset, size_t len, size_t left) { + size_t n = 1 /* type */ + ngtcp2_put_varint_len(offset); + + if (left <= n) { + return (size_t)-1; + } + + left -= n; + + if (left > 8 + 1073741823 && len > 1073741823) { + len = ngtcp2_min(len, 4611686018427387903lu); + return ngtcp2_min(len, left - 8); + } + + if (left > 4 + 16383 && len > 16383) { + len = ngtcp2_min(len, 1073741823); + return ngtcp2_min(len, left - 4); + } + + if (left > 2 + 63 && len > 63) { + len = ngtcp2_min(len, 16383); + return ngtcp2_min(len, left - 2); + } + + len = ngtcp2_min(len, 63); + return ngtcp2_min(len, left - 1); +} + +uint8_t ngtcp2_pkt_get_type_long(uint8_t c) { + return (c & NGTCP2_LONG_TYPE_MASK) >> 4; +} + +int ngtcp2_pkt_verify_reserved_bits(uint8_t c) { + if (c & NGTCP2_HEADER_FORM_BIT) { + return (c & NGTCP2_LONG_RESERVED_BIT_MASK) == 0 ? 0 : NGTCP2_ERR_PROTO; + } + return (c & NGTCP2_SHORT_RESERVED_BIT_MASK) == 0 ? 0 : NGTCP2_ERR_PROTO; +} diff --git a/deps/ngtcp2/lib/ngtcp2_pkt.h b/deps/ngtcp2/lib/ngtcp2_pkt.h new file mode 100644 index 0000000000..1b93e46afe --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_pkt.h @@ -0,0 +1,1039 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGTCP2_PKT_H +#define NGTCP2_PKT_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +/* QUIC header macros */ +#define NGTCP2_HEADER_FORM_BIT 0x80 +#define NGTCP2_FIXED_BIT_MASK 0x40 +#define NGTCP2_PKT_NUMLEN_MASK 0x03 + +/* Long header specific macros */ +#define NGTCP2_LONG_TYPE_MASK 0x30 +#define NGTCP2_LONG_RESERVED_BIT_MASK 0x0c + +/* Short header specific macros */ +#define NGTCP2_SHORT_SPIN_BIT_MASK 0x20 +#define NGTCP2_SHORT_RESERVED_BIT_MASK 0x18 +#define NGTCP2_SHORT_KEY_PHASE_BIT 0x04 + +/* NGTCP2_SR_TYPE is a Type field of Stateless Reset. */ +#define NGTCP2_SR_TYPE 0x1f + +/* NGTCP2_MIN_LONG_HEADERLEN is the minimum length of long header. + That is (1|1|TT|RR|PP)<1> + VERSION<4> + DCIL<1> + SCIL<1> + + LENGTH<1> + PKN<1> */ +#define NGTCP2_MIN_LONG_HEADERLEN (1 + 4 + 1 + 1 + 1 + 1) + +#define NGTCP2_STREAM_FIN_BIT 0x01 +#define NGTCP2_STREAM_LEN_BIT 0x02 +#define NGTCP2_STREAM_OFF_BIT 0x04 + +/* NGTCP2_STREAM_OVERHEAD is the maximum number of bytes required + other than payload for STREAM frame. That is from type field to + the beginning of the payload. */ +#define NGTCP2_STREAM_OVERHEAD (1 + 8 + 8 + 8) + +/* NGTCP2_CRYPTO_OVERHEAD is the maximum number of bytes required + other than payload for CRYPTO frame. That is from type field to + the beginning of the payload. */ +#define NGTCP2_CRYPTO_OVERHEAD (1 + 8 + 8) + +/* NGTCP2_MIN_FRAME_PAYLOADLEN is the minimum frame payload length. */ +#define NGTCP2_MIN_FRAME_PAYLOADLEN 16 + +/* NGTCP2_MAX_VARINT is the maximum value which can be encoded in + variable-length integer encoding */ +#define NGTCP2_MAX_VARINT ((1ULL << 62) - 1) + +/* NGTCP2_MAX_SERVER_STREAM_ID_BIDI is the maximum bidirectional + server stream ID. */ +#define NGTCP2_MAX_SERVER_STREAM_ID_BIDI ((int64_t)0x3ffffffffffffffdll) +/* NGTCP2_MAX_CLIENT_STREAM_ID_BIDI is the maximum bidirectional + client stream ID. */ +#define NGTCP2_MAX_CLIENT_STREAM_ID_BIDI ((int64_t)0x3ffffffffffffffcll) +/* NGTCP2_MAX_SERVER_STREAM_ID_UNI is the maximum unidirectional + server stream ID. */ +#define NGTCP2_MAX_SERVER_STREAM_ID_UNI ((int64_t)0x3fffffffffffffffll) +/* NGTCP2_MAX_CLIENT_STREAM_ID_UNI is the maximum unidirectional + client stream ID. */ +#define NGTCP2_MAX_CLIENT_STREAM_ID_UNI ((int64_t)0x3ffffffffffffffell) + +/* NGTCP2_MAX_NUM_ACK_BLK is the maximum number of Additional ACK + blocks which this library can create, or decode. */ +#define NGTCP2_MAX_ACK_BLKS 255 + +/* NGTCP2_MAX_PKT_NUM is the maximum packet number. */ +#define NGTCP2_MAX_PKT_NUM ((int64_t)((1ll << 62) - 1)) + +typedef enum { + NGTCP2_FRAME_PADDING = 0x00, + NGTCP2_FRAME_PING = 0x01, + NGTCP2_FRAME_ACK = 0x02, + NGTCP2_FRAME_ACK_ECN = 0x03, + NGTCP2_FRAME_RESET_STREAM = 0x04, + NGTCP2_FRAME_STOP_SENDING = 0x05, + NGTCP2_FRAME_CRYPTO = 0x06, + NGTCP2_FRAME_NEW_TOKEN = 0x07, + NGTCP2_FRAME_STREAM = 0x08, + NGTCP2_FRAME_MAX_DATA = 0x10, + NGTCP2_FRAME_MAX_STREAM_DATA = 0x11, + NGTCP2_FRAME_MAX_STREAMS_BIDI = 0x12, + NGTCP2_FRAME_MAX_STREAMS_UNI = 0x13, + NGTCP2_FRAME_DATA_BLOCKED = 0x14, + NGTCP2_FRAME_STREAM_DATA_BLOCKED = 0x15, + NGTCP2_FRAME_STREAMS_BLOCKED_BIDI = 0x16, + NGTCP2_FRAME_STREAMS_BLOCKED_UNI = 0x17, + NGTCP2_FRAME_NEW_CONNECTION_ID = 0x18, + NGTCP2_FRAME_RETIRE_CONNECTION_ID = 0x19, + NGTCP2_FRAME_PATH_CHALLENGE = 0x1a, + NGTCP2_FRAME_PATH_RESPONSE = 0x1b, + NGTCP2_FRAME_CONNECTION_CLOSE = 0x1c, + NGTCP2_FRAME_CONNECTION_CLOSE_APP = 0x1d, +} ngtcp2_frame_type; + +typedef struct { + uint8_t type; + /** + * flags of decoded STREAM frame. This gets ignored when encoding + * STREAM frame. + */ + uint8_t flags; + uint8_t fin; + int64_t stream_id; + uint64_t offset; + /* datacnt is the number of elements that data contains. Although + the length of data is 1 in this definition, the library may + allocate extra bytes to hold more elements. */ + size_t datacnt; + /* data is the array of ngtcp2_vec which references data. */ + ngtcp2_vec data[1]; +} ngtcp2_stream; + +typedef struct { + uint64_t gap; + uint64_t blklen; +} ngtcp2_ack_blk; + +typedef struct { + uint8_t type; + int64_t largest_ack; + uint64_t ack_delay; + /** + * ack_delay_unscaled is an ack_delay multiplied by + * 2**ack_delay_component * NGTCP2_DURATION_TICK / + * NGTCP2_MICROSECONDS. + */ + ngtcp2_duration ack_delay_unscaled; + uint64_t first_ack_blklen; + size_t num_blks; + ngtcp2_ack_blk blks[1]; +} ngtcp2_ack; + +typedef struct { + uint8_t type; + /** + * The length of contiguous PADDING frames. + */ + size_t len; +} ngtcp2_padding; + +typedef struct { + uint8_t type; + int64_t stream_id; + uint64_t app_error_code; + uint64_t final_size; +} ngtcp2_reset_stream; + +typedef struct { + uint8_t type; + uint64_t error_code; + uint64_t frame_type; + size_t reasonlen; + uint8_t *reason; +} ngtcp2_connection_close; + +typedef struct { + uint8_t type; + /** + * max_data is Maximum Data. + */ + uint64_t max_data; +} ngtcp2_max_data; + +typedef struct { + uint8_t type; + int64_t stream_id; + uint64_t max_stream_data; +} ngtcp2_max_stream_data; + +typedef struct { + uint8_t type; + uint64_t max_streams; +} ngtcp2_max_streams; + +typedef struct { + uint8_t type; +} ngtcp2_ping; + +typedef struct { + uint8_t type; + uint64_t offset; +} ngtcp2_data_blocked; + +typedef struct { + uint8_t type; + int64_t stream_id; + uint64_t offset; +} ngtcp2_stream_data_blocked; + +typedef struct { + uint8_t type; + uint64_t stream_limit; +} ngtcp2_streams_blocked; + +typedef struct { + uint8_t type; + uint64_t seq; + uint64_t retire_prior_to; + ngtcp2_cid cid; + uint8_t stateless_reset_token[NGTCP2_STATELESS_RESET_TOKENLEN]; +} ngtcp2_new_connection_id; + +typedef struct { + uint8_t type; + int64_t stream_id; + uint64_t app_error_code; +} ngtcp2_stop_sending; + +typedef struct { + uint8_t type; + uint8_t data[8]; +} ngtcp2_path_challenge; + +typedef struct { + uint8_t type; + uint8_t data[8]; +} ngtcp2_path_response; + +typedef struct { + uint8_t type; + uint64_t offset; + /* datacnt is the number of elements that data contains. Although + the length of data is 1 in this definition, the library may + allocate extra bytes to hold more elements. */ + size_t datacnt; + /* data is the array of ngtcp2_vec which references data. */ + ngtcp2_vec data[1]; +} ngtcp2_crypto; + +typedef struct { + uint8_t type; + size_t tokenlen; + const uint8_t *token; +} ngtcp2_new_token; + +typedef struct { + uint8_t type; + uint64_t seq; +} ngtcp2_retire_connection_id; + +typedef union { + uint8_t type; + ngtcp2_stream stream; + ngtcp2_ack ack; + ngtcp2_padding padding; + ngtcp2_reset_stream reset_stream; + ngtcp2_connection_close connection_close; + ngtcp2_max_data max_data; + ngtcp2_max_stream_data max_stream_data; + ngtcp2_max_streams max_streams; + ngtcp2_ping ping; + ngtcp2_data_blocked data_blocked; + ngtcp2_stream_data_blocked stream_data_blocked; + ngtcp2_streams_blocked streams_blocked; + ngtcp2_new_connection_id new_connection_id; + ngtcp2_stop_sending stop_sending; + ngtcp2_path_challenge path_challenge; + ngtcp2_path_response path_response; + ngtcp2_crypto crypto; + ngtcp2_new_token new_token; + ngtcp2_retire_connection_id retire_connection_id; +} ngtcp2_frame; + +struct ngtcp2_pkt_chain; +typedef struct ngtcp2_pkt_chain ngtcp2_pkt_chain; + +/* + * ngtcp2_pkt_chain is the chain of incoming packets buffered. + */ +struct ngtcp2_pkt_chain { + ngtcp2_path_storage path; + ngtcp2_pkt_chain *next; + uint8_t *pkt; + size_t pktlen; + ngtcp2_tstamp ts; +}; + +/* + * ngtcp2_pkt_chain_new allocates ngtcp2_pkt_chain objects, and + * assigns its pointer to |*ppc|. The content of buffer pointed by + * |pkt| of length |pktlen| is copied into |*ppc|. The packet is + * obtained via the network |path|. The values of path->local and + * path->remote are copied into |*ppc|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +int ngtcp2_pkt_chain_new(ngtcp2_pkt_chain **ppc, const ngtcp2_path *path, + const uint8_t *pkt, size_t pktlen, ngtcp2_tstamp ts, + const ngtcp2_mem *mem); + +/* + * ngtcp2_pkt_chain_del deallocates |pc|. It also frees the memory + * pointed by |pc|. + */ +void ngtcp2_pkt_chain_del(ngtcp2_pkt_chain *pc, const ngtcp2_mem *mem); + +/* + * ngtcp2_pkt_hd_init initializes |hd| with the given values. If + * |dcid| and/or |scid| is NULL, DCID and SCID of |hd| is empty + * respectively. |pkt_numlen| is the number of bytes used to encode + * |pkt_num| and either 1, 2, or 4. + */ +void ngtcp2_pkt_hd_init(ngtcp2_pkt_hd *hd, uint8_t flags, uint8_t type, + const ngtcp2_cid *dcid, const ngtcp2_cid *scid, + int64_t pkt_num, size_t pkt_numlen, uint32_t version, + size_t len); + +/* + * ngtcp2_pkt_encode_hd_long encodes |hd| as QUIC long header into + * |out| which has length |outlen|. It returns the number of bytes + * written into |outlen| if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOBUF + * Buffer is too short + */ +ssize_t ngtcp2_pkt_encode_hd_long(uint8_t *out, size_t outlen, + const ngtcp2_pkt_hd *hd); + +/* + * ngtcp2_pkt_encode_hd_short encodes |hd| as QUIC short header into + * |out| which has length |outlen|. It returns the number of bytes + * written into |outlen| if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOBUF + * Buffer is too short + */ +ssize_t ngtcp2_pkt_encode_hd_short(uint8_t *out, size_t outlen, + const ngtcp2_pkt_hd *hd); + +/** + * @function + * + * `ngtcp2_pkt_decode_frame` decodes a QUIC frame from the buffer + * pointed by |payload| whose length is |payloadlen|. + * + * This function returns the number of bytes read to decode a single + * frame if it succeeds, or one of the following negative error codes: + * + * :enum:`NGTCP2_ERR_FRAME_ENCODING` + * Frame is badly formatted; or frame type is unknown. + */ +ssize_t ngtcp2_pkt_decode_frame(ngtcp2_frame *dest, const uint8_t *payload, + size_t payloadlen); + +/** + * @function + * + * `ngtcp2_pkt_encode_frame` encodes a frame |fm| into the buffer + * pointed by |out| of length |outlen|. + * + * This function returns the number of bytes written to the buffer, or + * one of the following negative error codes: + * + * :enum:`NGTCP2_ERR_NOBUF` + * Buffer does not have enough capacity to write a frame. + */ +ssize_t ngtcp2_pkt_encode_frame(uint8_t *out, size_t outlen, ngtcp2_frame *fr); + +/* + * ngtcp2_pkt_decode_version_negotiation decodes Version Negotiation + * packet payload |payload| of length |payloadlen|, and stores the + * result in |dest|. |dest| must have enough capacity to store the + * result. |payloadlen| also must be a multiple of sizeof(uint32_t). + * + * This function returns the number of versions written in |dest|. + */ +size_t ngtcp2_pkt_decode_version_negotiation(uint32_t *dest, + const uint8_t *payload, + size_t payloadlen); + +/* + * ngtcp2_pkt_decode_stateless_reset decodes Stateless Reset payload + * |payload| of length |payloadlen|. The |payload| must start with + * Stateless Reset Token. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_INVALID_ARGUMENT + * Payloadlen is too short. + */ +int ngtcp2_pkt_decode_stateless_reset(ngtcp2_pkt_stateless_reset *sr, + const uint8_t *payload, + size_t payloadlen); + +/* + * ngtcp2_pkt_decode_retry decodes Retry packet payload |payload| of + * length |payloadlen|. The |payload| must start with ODCID Len + * field. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_INVALID_ARGUMENT + * Payloadlen is too short. + */ +int ngtcp2_pkt_decode_retry(ngtcp2_pkt_retry *dest, const uint8_t *payload, + size_t payloadlen); + +/* + * ngtcp2_pkt_decode_stream_frame decodes STREAM frame from |payload| + * of length |payloadlen|. The result is stored in the object pointed + * by |dest|. STREAM frame must start at payload[0]. This function + * finishes when it decodes one STREAM frame, and returns the exact + * number of bytes read to decode a frame if it succeeds, or one of + * the following negative error codes: + * + * NGTCP2_ERR_FRAME_ENCODING + * Payload is too short to include STREAM frame. + */ +ssize_t ngtcp2_pkt_decode_stream_frame(ngtcp2_stream *dest, + const uint8_t *payload, + size_t payloadlen); + +/* + * ngtcp2_pkt_decode_ack_frame decodes ACK frame from |payload| of + * length |payloadlen|. The result is stored in the object pointed by + * |dest|. ACK frame must start at payload[0]. This function + * finishes when it decodes one ACK frame, and returns the exact + * number of bytes read to decode a frame if it succeeds, or one of + * the following negative error codes: + * + * NGTCP2_ERR_FRAME_ENCODING + * Payload is too short to include ACK frame. + */ +ssize_t ngtcp2_pkt_decode_ack_frame(ngtcp2_ack *dest, const uint8_t *payload, + size_t payloadlen); + +/* + * ngtcp2_pkt_decode_padding_frame decodes contiguous PADDING frames + * from |payload| of length |payloadlen|. It continues to parse + * frames as long as the frame type is PADDING. This finishes when it + * encounters the frame type which is not PADDING, or all input data + * is read. The first byte (payload[0]) must be NGTCP2_FRAME_PADDING. + * This function returns the exact number of bytes read to decode + * PADDING frames. + */ +size_t ngtcp2_pkt_decode_padding_frame(ngtcp2_padding *dest, + const uint8_t *payload, + size_t payloadlen); + +/* + * ngtcp2_pkt_decode_reset_stream_frame decodes RESET_STREAM frame + * from |payload| of length |payloadlen|. The result is stored in the + * object pointed by |dest|. RESET_STREAM frame must start at + * payload[0]. This function finishes when it decodes one + * RESET_STREAM frame, and returns the exact number of bytes read to + * decode a frame if it succeeds, or one of the following negative + * error codes: + * + * NGTCP2_ERR_FRAME_ENCODING + * Payload is too short to include RESET_STREAM frame. + */ +ssize_t ngtcp2_pkt_decode_reset_stream_frame(ngtcp2_reset_stream *dest, + const uint8_t *payload, + size_t payloadlen); + +/* + * ngtcp2_pkt_decode_connection_close_frame decodes CONNECTION_CLOSE + * frame from |payload| of length |payloadlen|. The result is stored + * in the object pointed by |dest|. CONNECTION_CLOSE frame must start + * at payload[0]. This function finishes it decodes one + * CONNECTION_CLOSE frame, and returns the exact number of bytes read + * to decode a frame if it succeeds, or one of the following negative + * error codes: + * + * NGTCP2_ERR_FRAME_ENCODING + * Payload is too short to include CONNECTION_CLOSE frame. + */ +ssize_t ngtcp2_pkt_decode_connection_close_frame(ngtcp2_connection_close *dest, + const uint8_t *payload, + size_t payloadlen); + +/* + * ngtcp2_pkt_decode_max_data_frame decodes MAX_DATA frame from + * |payload| of length |payloadlen|. The result is stored in the + * object pointed by |dest|. MAX_DATA frame must start at payload[0]. + * This function finishes when it decodes one MAX_DATA frame, and + * returns the exact number of bytes read to decode a frame if it + * succeeds, or one of the following negative error codes: + * + * NGTCP2_ERR_FRAME_ENCODING + * Payload is too short to include MAX_DATA frame. + */ +ssize_t ngtcp2_pkt_decode_max_data_frame(ngtcp2_max_data *dest, + const uint8_t *payload, + size_t payloadlen); + +/* + * ngtcp2_pkt_decode_max_stream_data_frame decodes MAX_STREAM_DATA + * frame from |payload| of length |payloadlen|. The result is stored + * in the object pointed by |dest|. MAX_STREAM_DATA frame must start + * at payload[0]. This function finishes when it decodes one + * MAX_STREAM_DATA frame, and returns the exact number of bytes read + * to decode a frame if it succeeds, or one of the following negative + * error codes: + * + * NGTCP2_ERR_FRAME_ENCODING + * Payload is too short to include MAX_STREAM_DATA frame. + */ +ssize_t ngtcp2_pkt_decode_max_stream_data_frame(ngtcp2_max_stream_data *dest, + const uint8_t *payload, + size_t payloadlen); + +/* + * ngtcp2_pkt_decode_max_streams_frame decodes MAX_STREAMS frame from + * |payload| of length |payloadlen|. The result is stored in the + * object pointed by |dest|. MAX_STREAMS frame must start at + * payload[0]. This function finishes when it decodes one MAX_STREAMS + * frame, and returns the exact number of bytes read to decode a frame + * if it succeeds, or one of the following negative error codes: + * + * NGTCP2_ERR_FRAME_ENCODING + * Payload is too short to include MAX_STREAMS frame. + */ +ssize_t ngtcp2_pkt_decode_max_streams_frame(ngtcp2_max_streams *dest, + const uint8_t *payload, + size_t payloadlen); + +/* + * ngtcp2_pkt_decode_ping_frame decodes PING frame from |payload| of + * length |payloadlen|. The result is stored in the object pointed by + * |dest|. PING frame must start at payload[0]. This function + * finishes when it decodes one PING frame, and returns the exact + * number of bytes read to decode a frame if it succeeds, or one of + * the following negative error codes: + * + * NGTCP2_ERR_FRAME_ENCODING + * Payload is too short to include PING frame. + */ +ssize_t ngtcp2_pkt_decode_ping_frame(ngtcp2_ping *dest, const uint8_t *payload, + size_t payloadlen); + +/* + * ngtcp2_pkt_decode_data_blocked_frame decodes DATA_BLOCKED frame + * from |payload| of length |payloadlen|. The result is stored in the + * object pointed by |dest|. DATA_BLOCKED frame must start at + * payload[0]. This function finishes when it decodes one + * DATA_BLOCKED frame, and returns the exact number of bytes read to + * decode a frame if it succeeds, or one of the following negative + * error codes: + * + * NGTCP2_ERR_FRAME_ENCODING + * Payload is too short to include DATA_BLOCKED frame. + */ +ssize_t ngtcp2_pkt_decode_data_blocked_frame(ngtcp2_data_blocked *dest, + const uint8_t *payload, + size_t payloadlen); + +/* + * ngtcp2_pkt_decode_stream_data_blocked_frame decodes + * STREAM_DATA_BLOCKED frame from |payload| of length |payloadlen|. + * The result is stored in the object pointed by |dest|. + * STREAM_DATA_BLOCKED frame must start at payload[0]. This function + * finishes when it decodes one STREAM_DATA_BLOCKED frame, and returns + * the exact number of bytes read to decode a frame if it succeeds, or + * one of the following negative error codes: + * + * NGTCP2_ERR_FRAME_ENCODING + * Payload is too short to include STREAM_DATA_BLOCKED frame. + */ +ssize_t +ngtcp2_pkt_decode_stream_data_blocked_frame(ngtcp2_stream_data_blocked *dest, + const uint8_t *payload, + size_t payloadlen); + +/* + * ngtcp2_pkt_decode_streams_blocked_frame decodes STREAMS_BLOCKED + * frame from |payload| of length |payloadlen|. The result is stored + * in the object pointed by |dest|. STREAMS_BLOCKED frame must start + * at payload[0]. This function finishes when it decodes one + * STREAMS_BLOCKED frame, and returns the exact number of bytes read + * to decode a frame if it succeeds, or one of the following negative + * error codes: + * + * NGTCP2_ERR_FRAME_ENCODING + * Payload is too short to include STREAMS_BLOCKED frame. + */ +ssize_t ngtcp2_pkt_decode_streams_blocked_frame(ngtcp2_streams_blocked *dest, + const uint8_t *payload, + size_t payloadlen); + +/* + * ngtcp2_pkt_decode_new_connection_id_frame decodes NEW_CONNECTION_ID + * frame from |payload| of length |payloadlen|. The result is stored + * in the object pointed by |dest|. NEW_CONNECTION_ID frame must + * start at payload[0]. This function finishes when it decodes one + * NEW_CONNECTION_ID frame, and returns the exact number of bytes read + * to decode a frame if it succeeds, or one of the following negative + * error codes: + * + * NGTCP2_ERR_FRAME_ENCODING + * Payload is too short to include NEW_CONNECTION_ID frame. + * NGTCP2_ERR_PROTO + * The length of CID is strictly less than 4 or greater than 18. + */ +ssize_t ngtcp2_pkt_decode_new_connection_id_frame( + ngtcp2_new_connection_id *dest, const uint8_t *payload, size_t payloadlen); + +/* + * ngtcp2_pkt_decode_stop_sending_frame decodes STOP_SENDING frame + * from |payload| of length |payloadlen|. The result is stored in the + * object pointed by |dest|. STOP_SENDING frame must start at + * payload[0]. This function finishes when it decodes one + * STOP_SENDING frame, and returns the exact number of bytes read to + * decode a frame if it succeeds, or one of the following negative + * error codes: + * + * NGTCP2_ERR_FRAME_ENCODING + * Payload is too short to include STOP_SENDING frame. + */ +ssize_t ngtcp2_pkt_decode_stop_sending_frame(ngtcp2_stop_sending *dest, + const uint8_t *payload, + size_t payloadlen); + +/* + * ngtcp2_pkt_decode_path_challenge_frame decodes PATH_CHALLENGE frame + * from |payload| of length |payloadlen|. The result is stored in the + * object pointed by |dest|. PATH_CHALLENGE frame must start at + * payload[0]. This function finishes when it decodes one + * PATH_CHALLENGE frame, and returns the exact number of bytes read to + * decode a frame if it succeeds, or one of the following negative + * error codes: + * + * NGTCP2_ERR_FRAME_ENCODING + * Payload is too short to include PATH_CHALLENGE frame. + */ +ssize_t ngtcp2_pkt_decode_path_challenge_frame(ngtcp2_path_challenge *dest, + const uint8_t *payload, + size_t payloadlen); + +/* + * ngtcp2_pkt_decode_path_response_frame decodes PATH_RESPONSE frame + * from |payload| of length |payloadlen|. The result is stored in the + * object pointed by |dest|. PATH_RESPONSE frame must start at + * payload[0]. This function finishes when it decodes one + * PATH_RESPONSE frame, and returns the exact number of bytes read to + * decode a frame if it succeeds, or one of the following negative + * error codes: + * + * NGTCP2_ERR_FRAME_ENCODING + * Payload is too short to include PATH_RESPONSE frame. + */ +ssize_t ngtcp2_pkt_decode_path_response_frame(ngtcp2_path_response *dest, + const uint8_t *payload, + size_t payloadlen); + +/* + * ngtcp2_pkt_decode_crypto_frame decodes CRYPTO frame from |payload| + * of length |payloadlen|. The result is stored in the object pointed + * by |dest|. CRYPTO frame must start at payload[0]. This function + * finishes when it decodes one CRYPTO frame, and returns the exact + * number of bytes read to decode a frame if it succeeds, or one of + * the following negative error codes: + * + * NGTCP2_ERR_FRAME_ENCODING + * Payload is too short to include CRYPTO frame. + */ +ssize_t ngtcp2_pkt_decode_crypto_frame(ngtcp2_crypto *dest, + const uint8_t *payload, + size_t payloadlen); + +/* + * ngtcp2_pkt_decode_new_token_frame decodes NEW_TOKEN frame from + * |payload| of length |payloadlen|. The result is stored in the + * object pointed by |dest|. NEW_TOKEN frame must start at + * payload[0]. This function finishes when it decodes one NEW_TOKEN + * frame, and returns the exact number of bytes read to decode a frame + * if it succeeds, or one of the following negative error codes: + * + * NGTCP2_ERR_FRAME_ENCODING + * Payload is too short to include NEW_TOKEN frame. + */ +ssize_t ngtcp2_pkt_decode_new_token_frame(ngtcp2_new_token *dest, + const uint8_t *payload, + size_t payloadlen); + +/* + * ngtcp2_pkt_decode_retire_connection_id_frame decodes RETIRE_CONNECTION_ID + * frame from |payload| of length |payloadlen|. The result is stored in the + * object pointed by |dest|. RETIRE_CONNECTION_ID frame must start at + * payload[0]. This function finishes when it decodes one RETIRE_CONNECTION_ID + * frame, and returns the exact number of bytes read to decode a frame + * if it succeeds, or one of the following negative error codes: + * + * NGTCP2_ERR_FRAME_ENCODING + * Payload is too short to include RETIRE_CONNECTION_ID frame. + */ +ssize_t +ngtcp2_pkt_decode_retire_connection_id_frame(ngtcp2_retire_connection_id *dest, + const uint8_t *payload, + size_t payloadlen); + +/* + * ngtcp2_pkt_encode_stream_frame encodes STREAM frame |fr| into the + * buffer pointed by |out| of length |outlen|. + * + * This function assigns & + * ~NGTCP2_FRAME_STREAM to fr->flags. + * + * This function returns the number of bytes written if it succeeds, + * or one of the following negative error codes: + * + * NGTCP2_ERR_NOBUF + * Buffer does not have enough capacity to write a frame. + */ +ssize_t ngtcp2_pkt_encode_stream_frame(uint8_t *out, size_t outlen, + ngtcp2_stream *fr); + +/* + * ngtcp2_pkt_encode_ack_frame encodes ACK frame |fr| into the buffer + * pointed by |out| of length |outlen|. + * + * This function assigns & + * ~NGTCP2_FRAME_ACK to fr->flags. + * + * This function returns the number of bytes written if it succeeds, + * or one of the following negative error codes: + * + * NGTCP2_ERR_NOBUF + * Buffer does not have enough capacity to write a frame. + */ +ssize_t ngtcp2_pkt_encode_ack_frame(uint8_t *out, size_t outlen, + ngtcp2_ack *fr); + +/* + * ngtcp2_pkt_encode_padding_frame encodes PADDING frame |fr| into the + * buffer pointed by |out| of length |outlen|. + * + * This function encodes consecutive fr->len PADDING frames. + * + * This function returns the number of bytes written if it succeeds, + * or one of the following negative error codes: + * + * NGTCP2_ERR_NOBUF + * Buffer does not have enough capacity to write frame(s). + */ +ssize_t ngtcp2_pkt_encode_padding_frame(uint8_t *out, size_t outlen, + const ngtcp2_padding *fr); + +/* + * ngtcp2_pkt_encode_reset_stream_frame encodes RESET_STREAM frame + * |fr| into the buffer pointed by |out| of length |buflen|. + * + * This function returns the number of bytes written if it succeeds, + * or one of the following negative error codes: + * + * NGTCP2_ERR_NOBUF + * Buffer does not have enough capacity to write a frame. + */ +ssize_t ngtcp2_pkt_encode_reset_stream_frame(uint8_t *out, size_t outlen, + const ngtcp2_reset_stream *fr); + +/* + * ngtcp2_pkt_encode_connection_close_frame encodes CONNECTION_CLOSE + * frame |fr| into the buffer pointed by |out| of length |outlen|. + * + * This function returns the number of bytes written if it succeeds, + * or one of the following negative error codes: + * + * NGTCP2_ERR_NOBUF + * Buffer does not have enough capacity to write a frame. + */ +ssize_t +ngtcp2_pkt_encode_connection_close_frame(uint8_t *out, size_t outlen, + const ngtcp2_connection_close *fr); + +/* + * ngtcp2_pkt_encode_max_data_frame encodes MAX_DATA frame |fr| into + * the buffer pointed by |out| of length |outlen|. + * + * This function returns the number of bytes written if it succeeds, + * or one of the following negative error codes: + * + * NGTCP2_ERR_NOBUF + * Buffer does not have enough capacity to write a frame. + */ +ssize_t ngtcp2_pkt_encode_max_data_frame(uint8_t *out, size_t outlen, + const ngtcp2_max_data *fr); + +/* + * ngtcp2_pkt_encode_max_stream_data_frame encodes MAX_STREAM_DATA + * frame |fr| into the buffer pointed by |out| of length |outlen|. + * + * This function returns the number of bytes written if it succeeds, + * or one of the following negative error codes: + * + * NGTCP2_ERR_NOBUF + * Buffer does not have enough capacity to write a frame. + */ +ssize_t +ngtcp2_pkt_encode_max_stream_data_frame(uint8_t *out, size_t outlen, + const ngtcp2_max_stream_data *fr); + +/* + * ngtcp2_pkt_encode_max_streams_frame encodes MAX_STREAMS + * frame |fr| into the buffer pointed by |out| of length |outlen|. + * + * This function returns the number of bytes written if it succeeds, + * or one of the following negative error codes: + * + * NGTCP2_ERR_NOBUF + * Buffer does not have enough capacity to write a frame. + */ +ssize_t ngtcp2_pkt_encode_max_streams_frame(uint8_t *out, size_t outlen, + const ngtcp2_max_streams *fr); + +/* + * ngtcp2_pkt_encode_ping_frame encodes PING frame |fr| into the + * buffer pointed by |out| of length |outlen|. + * + * This function returns the number of bytes written if it succeeds, + * or one of the following negative error codes: + * + * NGTCP2_ERR_NOBUF + * Buffer does not have enough capacity to write a frame. + */ +ssize_t ngtcp2_pkt_encode_ping_frame(uint8_t *out, size_t outlen, + const ngtcp2_ping *fr); + +/* + * ngtcp2_pkt_encode_data_blocked_frame encodes DATA_BLOCKED frame + * |fr| into the buffer pointed by |out| of length |outlen|. + * + * This function returns the number of bytes written if it succeeds, + * or one of the following negative error codes: + * + * NGTCP2_ERR_NOBUF + * Buffer does not have enough capacity to write a frame. + */ +ssize_t ngtcp2_pkt_encode_data_blocked_frame(uint8_t *out, size_t outlen, + const ngtcp2_data_blocked *fr); + +/* + * ngtcp2_pkt_encode_stream_data_blocked_frame encodes + * STREAM_DATA_BLOCKED frame |fr| into the buffer pointed by |out| of + * length |outlen|. + * + * This function returns the number of bytes written if it succeeds, + * or one of the following negative error codes: + * + * NGTCP2_ERR_NOBUF + * Buffer does not have enough capacity to write a frame. + */ +ssize_t ngtcp2_pkt_encode_stream_data_blocked_frame( + uint8_t *out, size_t outlen, const ngtcp2_stream_data_blocked *fr); + +/* + * ngtcp2_pkt_encode_streams_blocked_frame encodes STREAMS_BLOCKED + * frame |fr| into the buffer pointed by |out| of length |outlen|. + * + * This function returns the number of bytes written if it succeeds, + * or one of the following negative error codes: + * + * NGTCP2_ERR_NOBUF + * Buffer does not have enough capacity to write a frame. + */ +ssize_t +ngtcp2_pkt_encode_streams_blocked_frame(uint8_t *out, size_t outlen, + const ngtcp2_streams_blocked *fr); + +/* + * ngtcp2_pkt_encode_new_connection_id_frame encodes NEW_CONNECTION_ID + * frame |fr| into the buffer pointed by |out| of length |outlen|. + * + * This function returns the number of bytes written if it succeeds, + * or one of the following negative error codes: + * + * NGTCP2_ERR_NOBUF + * Buffer does not have enough capacity to write a frame. + */ +ssize_t +ngtcp2_pkt_encode_new_connection_id_frame(uint8_t *out, size_t outlen, + const ngtcp2_new_connection_id *fr); + +/* + * ngtcp2_pkt_encode_stop_sending_frame encodes STOP_SENDING frame + * |fr| into the buffer pointed by |out| of length |outlen|. + * + * This function returns the number of bytes written if it succeeds, + * or one of the following negative error codes: + * + * NGTCP2_ERR_NOBUF + * Buffer does not have enough capacity to write a frame. + */ +ssize_t ngtcp2_pkt_encode_stop_sending_frame(uint8_t *out, size_t outlen, + const ngtcp2_stop_sending *fr); + +/* + * ngtcp2_pkt_encode_path_challenge_frame encodes PATH_CHALLENGE frame + * |fr| into the buffer pointed by |out| of length |outlen|. + * + * This function returns the number of bytes written if it succeeds, + * or one of the following negative error codes: + * + * NGTCP2_ERR_NOBUF + * Buffer does not have enough capacity to write a frame. + */ +ssize_t ngtcp2_pkt_encode_path_challenge_frame(uint8_t *out, size_t outlen, + const ngtcp2_path_challenge *fr); + +/* + * ngtcp2_pkt_encode_path_response_frame encodes PATH_RESPONSE frame + * |fr| into the buffer pointed by |out| of length |outlen|. + * + * This function returns the number of bytes written if it succeeds, + * or one of the following negative error codes: + * + * NGTCP2_ERR_NOBUF + * Buffer does not have enough capacity to write a frame. + */ +ssize_t ngtcp2_pkt_encode_path_response_frame(uint8_t *out, size_t outlen, + const ngtcp2_path_response *fr); + +/* + * ngtcp2_pkt_encode_crypto_frame encodes CRYPTO frame |fr| into the + * buffer pointed by |out| of length |outlen|. + * + * This function returns the number of bytes written if it succeeds, + * or one of the following negative error codes: + * + * NGTCP2_ERR_NOBUF + * Buffer does not have enough capacity to write a frame. + */ +ssize_t ngtcp2_pkt_encode_crypto_frame(uint8_t *out, size_t outlen, + const ngtcp2_crypto *fr); + +/* + * ngtcp2_pkt_encode_new_token_frame encodes NEW_TOKEN frame |fr| into + * the buffer pointed by |out| of length |outlen|. + * + * This function returns the number of bytes written if it succeeds, + * or one of the following negative error codes: + * + * NGTCP2_ERR_NOBUF + * Buffer does not have enough capacity to write a frame. + */ +ssize_t ngtcp2_pkt_encode_new_token_frame(uint8_t *out, size_t outlen, + const ngtcp2_new_token *fr); + +/* + * ngtcp2_pkt_encode_retire_connection_id_frame encodes RETIRE_CONNECTION_ID + * frame |fr| into the buffer pointed by |out| of length |outlen|. + * + * This function returns the number of bytes written if it succeeds, + * or one of the following negative error codes: + * + * NGTCP2_ERR_NOBUF + * Buffer does not have enough capacity to write a frame. + */ +ssize_t ngtcp2_pkt_encode_retire_connection_id_frame( + uint8_t *out, size_t outlen, const ngtcp2_retire_connection_id *fr); + +/* + * ngtcp2_pkt_adjust_pkt_num find the full 64 bits packet number for + * |pkt_num|, which is expected to be least significant |n| bits. The + * |max_pkt_num| is the highest successfully authenticated packet + * number. + */ +int64_t ngtcp2_pkt_adjust_pkt_num(int64_t max_pkt_num, int64_t pkt_num, + size_t n); + +/* + * ngtcp2_pkt_validate_ack checks that ack is malformed or not. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_ACK_FRAME + * ACK frame is malformed + */ +int ngtcp2_pkt_validate_ack(ngtcp2_ack *fr); + +/* + * ngtcp2_pkt_stream_max_datalen returns the maximum number of bytes + * which can be sent for stream denoted by |stream_id|. |offset| is + * an offset of within the stream. |len| is the estimated number of + * bytes to be sent. |left| is the size of buffer. If |left| is too + * small to write STREAM frame, this function returns (size_t)-1. + */ +size_t ngtcp2_pkt_stream_max_datalen(int64_t stream_id, uint64_t offset, + size_t len, size_t left); + +/* + * ngtcp2_pkt_crypto_max_datalen returns the maximum number of bytes + * which can be sent for crypto stream. |offset| is an offset of + * within the crypto stream. |len| is the estimated number of bytes + * to be sent. |left| is the size of buffer. If |left| is too small + * to write CRYPTO frame, this function returns (size_t)-1. + */ +size_t ngtcp2_pkt_crypto_max_datalen(uint64_t offset, size_t len, size_t left); + +/* + * ngtcp2_pkt_verify_reserved_bits verifies that the first byte |c| of + * the packet header has the correct reserved bits. + * + * This function returns 0 if it succeeds, or the following negative + * error codes: + * + * NGTCP2_ERR_PROTO + * Reserved bits has wrong value. + */ +int ngtcp2_pkt_verify_reserved_bits(uint8_t c); + +#endif /* NGTCP2_PKT_H */ diff --git a/deps/ngtcp2/lib/ngtcp2_ppe.c b/deps/ngtcp2/lib/ngtcp2_ppe.c new file mode 100644 index 0000000000..e0f8e22cf2 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_ppe.c @@ -0,0 +1,213 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "ngtcp2_ppe.h" + +#include +#include + +#include "ngtcp2_str.h" +#include "ngtcp2_conv.h" +#include "ngtcp2_conn.h" +#include "ngtcp2_macro.h" + +void ngtcp2_ppe_init(ngtcp2_ppe *ppe, uint8_t *out, size_t outlen, + ngtcp2_crypto_ctx *cctx) { + ngtcp2_buf_init(&ppe->buf, out, outlen); + + ppe->hdlen = 0; + ppe->len_offset = 0; + ppe->pkt_num_offset = 0; + ppe->pkt_numlen = 0; + ppe->pkt_num = 0; + ppe->sample_offset = 0; + ppe->ctx = cctx; +} + +int ngtcp2_ppe_encode_hd(ngtcp2_ppe *ppe, const ngtcp2_pkt_hd *hd) { + ssize_t rv; + ngtcp2_buf *buf = &ppe->buf; + ngtcp2_crypto_ctx *ctx = ppe->ctx; + + if (ngtcp2_buf_left(buf) < ctx->aead_overhead) { + return NGTCP2_ERR_NOBUF; + } + + if (hd->flags & NGTCP2_PKT_FLAG_LONG_FORM) { + ppe->len_offset = 1 + 4 + 1 + hd->dcid.datalen + 1 + hd->scid.datalen; + if (hd->type == NGTCP2_PKT_INITIAL) { + ppe->len_offset += ngtcp2_put_varint_len(hd->tokenlen) + hd->tokenlen; + } + ppe->pkt_num_offset = ppe->len_offset + 2; + rv = ngtcp2_pkt_encode_hd_long( + buf->last, ngtcp2_buf_left(buf) - ctx->aead_overhead, hd); + } else { + ppe->pkt_num_offset = 1 + hd->dcid.datalen; + rv = ngtcp2_pkt_encode_hd_short( + buf->last, ngtcp2_buf_left(buf) - ctx->aead_overhead, hd); + } + if (rv < 0) { + return (int)rv; + } + + ppe->sample_offset = ppe->pkt_num_offset + 4; + + buf->last += rv; + + ppe->pkt_numlen = hd->pkt_numlen; + ppe->hdlen = (size_t)rv; + + ppe->pkt_num = hd->pkt_num; + + return 0; +} + +int ngtcp2_ppe_encode_frame(ngtcp2_ppe *ppe, ngtcp2_frame *fr) { + ssize_t rv; + ngtcp2_buf *buf = &ppe->buf; + ngtcp2_crypto_ctx *ctx = ppe->ctx; + + if (ngtcp2_buf_left(buf) < ctx->aead_overhead) { + return NGTCP2_ERR_NOBUF; + } + + rv = ngtcp2_pkt_encode_frame(buf->last, + ngtcp2_buf_left(buf) - ctx->aead_overhead, fr); + if (rv < 0) { + return (int)rv; + } + + buf->last += rv; + + return 0; +} + +ssize_t ngtcp2_ppe_final(ngtcp2_ppe *ppe, const uint8_t **ppkt) { + ssize_t nwrite; + ngtcp2_buf *buf = &ppe->buf; + ngtcp2_crypto_ctx *ctx = ppe->ctx; + ngtcp2_conn *conn = ctx->user_data; + uint8_t *payload = buf->begin + ppe->hdlen; + size_t payloadlen = ngtcp2_buf_len(buf) - ppe->hdlen; + size_t destlen = (size_t)(buf->end - buf->begin) - ppe->hdlen; + uint8_t mask[NGTCP2_HP_SAMPLELEN]; + uint8_t *p; + size_t i; + + assert(ppe->ctx->encrypt); + assert(ppe->ctx->hp_mask); + + if (ppe->len_offset) { + ngtcp2_put_varint14( + buf->begin + ppe->len_offset, + (uint16_t)(payloadlen + ppe->pkt_numlen + ctx->aead_overhead)); + } + + ngtcp2_crypto_create_nonce(ppe->nonce, ctx->ckm->iv.base, ctx->ckm->iv.len, + ppe->pkt_num); + + nwrite = ppe->ctx->encrypt(conn, payload, destlen, payload, payloadlen, + ctx->ckm->key.base, ctx->ckm->key.len, ppe->nonce, + ctx->ckm->iv.len, buf->begin, ppe->hdlen, + conn->user_data); + if (nwrite < 0) { + return NGTCP2_ERR_CALLBACK_FAILURE; + } + + buf->last = payload + nwrite; + + /* TODO Check that we have enough space to get sample */ + assert(ppe->sample_offset + NGTCP2_HP_SAMPLELEN <= ngtcp2_buf_len(buf)); + + nwrite = ppe->ctx->hp_mask(conn, mask, sizeof(mask), ctx->hp->base, + ctx->hp->len, buf->begin + ppe->sample_offset, + NGTCP2_HP_SAMPLELEN, conn->user_data); + if (nwrite < NGTCP2_HP_MASKLEN) { + return NGTCP2_ERR_CALLBACK_FAILURE; + } + + p = buf->begin; + if (*p & NGTCP2_HEADER_FORM_BIT) { + *p = (uint8_t)(*p ^ (mask[0] & 0x0f)); + } else { + *p = (uint8_t)(*p ^ (mask[0] & 0x1f)); + } + + p = buf->begin + ppe->pkt_num_offset; + for (i = 0; i < ppe->pkt_numlen; ++i) { + *(p + i) ^= mask[i + 1]; + } + + if (ppkt != NULL) { + *ppkt = buf->begin; + } + + return (ssize_t)ngtcp2_buf_len(buf); +} + +size_t ngtcp2_ppe_left(ngtcp2_ppe *ppe) { + ngtcp2_crypto_ctx *ctx = ppe->ctx; + + if (ngtcp2_buf_left(&ppe->buf) < ctx->aead_overhead) { + return 0; + } + + return ngtcp2_buf_left(&ppe->buf) - ctx->aead_overhead; +} + +size_t ngtcp2_ppe_padding(ngtcp2_ppe *ppe) { + ngtcp2_crypto_ctx *ctx = ppe->ctx; + ngtcp2_buf *buf = &ppe->buf; + size_t len; + + assert(ngtcp2_buf_left(buf) >= ctx->aead_overhead); + + len = ngtcp2_buf_left(buf) - ctx->aead_overhead; + memset(buf->last, 0, len); + buf->last += len; + + return len; +} + +size_t ngtcp2_ppe_padding_hp_sample(ngtcp2_ppe *ppe) { + ngtcp2_crypto_ctx *ctx = ppe->ctx; + ngtcp2_buf *buf = &ppe->buf; + size_t max_samplelen; + size_t len = 0; + + max_samplelen = ngtcp2_buf_len(buf) + ctx->aead_overhead - ppe->sample_offset; + if (max_samplelen < NGTCP2_HP_SAMPLELEN) { + len = NGTCP2_HP_SAMPLELEN - max_samplelen; + assert(ngtcp2_ppe_left(ppe) >= len); + memset(buf->last, 0, len); + buf->last += len; + } + + return len; +} + +int ngtcp2_ppe_ensure_hp_sample(ngtcp2_ppe *ppe) { + ngtcp2_buf *buf = &ppe->buf; + return ngtcp2_buf_left(buf) >= (4 - ppe->pkt_numlen) + NGTCP2_HP_SAMPLELEN; +} diff --git a/deps/ngtcp2/lib/ngtcp2_ppe.h b/deps/ngtcp2/lib/ngtcp2_ppe.h new file mode 100644 index 0000000000..ab1e885362 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_ppe.h @@ -0,0 +1,135 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGTCP2_PPE_H +#define NGTCP2_PPE_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include "ngtcp2_pkt.h" +#include "ngtcp2_buf.h" +#include "ngtcp2_crypto.h" + +/* + * ngtcp2_ppe is the Protected Packet Encoder. + */ +typedef struct { + ngtcp2_buf buf; + ngtcp2_crypto_ctx *ctx; + /* hdlen is the number of bytes for packet header written in buf. */ + size_t hdlen; + /* len_offset is the offset to Length field. */ + size_t len_offset; + /* pkt_num_offset is the offset to packet number field. */ + size_t pkt_num_offset; + /* pkt_numlen is the number of bytes used to encode a packet + number */ + size_t pkt_numlen; + /* sample_offset is the offset to sample for packet number + encryption. */ + size_t sample_offset; + /* pkt_num is the packet number written in buf. */ + int64_t pkt_num; + /* nonce is the buffer to store nonce. It should be equal or longer + than then length of IV. */ + uint8_t nonce[32]; +} ngtcp2_ppe; + +/* + * ngtcp2_ppe_init initializes |ppe| with the given buffer. + */ +void ngtcp2_ppe_init(ngtcp2_ppe *ppe, uint8_t *out, size_t outlen, + ngtcp2_crypto_ctx *cctx); + +/* + * ngtcp2_ppe_encode_hd encodes |hd|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOBUF + * The buffer is too small. + */ +int ngtcp2_ppe_encode_hd(ngtcp2_ppe *ppe, const ngtcp2_pkt_hd *hd); + +/* + * ngtcp2_ppe_encode_frame encodes |fr|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOBUF + * The buffer is too small. + */ +int ngtcp2_ppe_encode_frame(ngtcp2_ppe *ppe, ngtcp2_frame *fr); + +/* + * ngtcp2_ppe_final encrypts QUIC packet payload. If |**ppkt| is not + * NULL, the pointer to the packet is assigned to it. + * + * This function returns the length of QUIC packet, including header, + * and payload if it succeeds, or one of the following negative error + * codes: + * + * NGTCP2_ERR_CALLBACK_FAILURE + * User-defined callback function failed. + */ +ssize_t ngtcp2_ppe_final(ngtcp2_ppe *ppe, const uint8_t **ppkt); + +/* + * ngtcp2_ppe_left returns the number of bytes left to write + * additional frames. This does not count AEAD overhead. + */ +size_t ngtcp2_ppe_left(ngtcp2_ppe *ppe); + +/** + * @function + * + * `ngtcp2_ppe_padding` encodes PADDING frames to the end of the + * buffer. This function returns the number of bytes padded. + */ +size_t ngtcp2_ppe_padding(ngtcp2_ppe *ppe); + +/* + * ngtcp2_ppe_padding_hp_sample adds PADDING frame if the current + * payload does not have enough space for header protection sample. + * This function should be called just before calling + * ngtcp2_ppe_final(). + * + * This function returns the number of bytes added as padding. + */ +size_t ngtcp2_ppe_padding_hp_sample(ngtcp2_ppe *ppe); + +/* + * ngtcp2_ppe_ensure_hp_sample returns nonzero if the buffer has + * enough space for header protection sample. This should be called + * right after packet header is written. + */ +int ngtcp2_ppe_ensure_hp_sample(ngtcp2_ppe *ppe); + +#endif /* NGTCP2_PPE_H */ diff --git a/deps/ngtcp2/lib/ngtcp2_pq.c b/deps/ngtcp2/lib/ngtcp2_pq.c new file mode 100644 index 0000000000..5e1003d794 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_pq.c @@ -0,0 +1,164 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * Copyright (c) 2012 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "ngtcp2_pq.h" + +#include + +#include "ngtcp2_macro.h" + +void ngtcp2_pq_init(ngtcp2_pq *pq, ngtcp2_less less, const ngtcp2_mem *mem) { + pq->mem = mem; + pq->capacity = 0; + pq->q = NULL; + pq->length = 0; + pq->less = less; +} + +void ngtcp2_pq_free(ngtcp2_pq *pq) { + ngtcp2_mem_free(pq->mem, pq->q); + pq->q = NULL; +} + +static void swap(ngtcp2_pq *pq, size_t i, size_t j) { + ngtcp2_pq_entry *a = pq->q[i]; + ngtcp2_pq_entry *b = pq->q[j]; + + pq->q[i] = b; + b->index = i; + pq->q[j] = a; + a->index = j; +} + +static void bubble_up(ngtcp2_pq *pq, size_t index) { + size_t parent; + while (index != 0) { + parent = (index - 1) / 2; + if (!pq->less(pq->q[index], pq->q[parent])) { + return; + } + swap(pq, parent, index); + index = parent; + } +} + +int ngtcp2_pq_push(ngtcp2_pq *pq, ngtcp2_pq_entry *item) { + if (pq->capacity <= pq->length) { + void *nq; + size_t ncapacity; + + ncapacity = ngtcp2_max(4, (pq->capacity * 2)); + + nq = ngtcp2_mem_realloc(pq->mem, pq->q, + ncapacity * sizeof(ngtcp2_pq_entry *)); + if (nq == NULL) { + return NGTCP2_ERR_NOMEM; + } + pq->capacity = ncapacity; + pq->q = nq; + } + pq->q[pq->length] = item; + item->index = pq->length; + ++pq->length; + bubble_up(pq, pq->length - 1); + return 0; +} + +ngtcp2_pq_entry *ngtcp2_pq_top(ngtcp2_pq *pq) { + assert(pq->length); + return pq->q[0]; +} + +static void bubble_down(ngtcp2_pq *pq, size_t index) { + size_t i, j, minindex; + for (;;) { + j = index * 2 + 1; + minindex = index; + for (i = 0; i < 2; ++i, ++j) { + if (j >= pq->length) { + break; + } + if (pq->less(pq->q[j], pq->q[minindex])) { + minindex = j; + } + } + if (minindex == index) { + return; + } + swap(pq, index, minindex); + index = minindex; + } +} + +void ngtcp2_pq_pop(ngtcp2_pq *pq) { + if (pq->length > 0) { + pq->q[0] = pq->q[pq->length - 1]; + pq->q[0]->index = 0; + --pq->length; + bubble_down(pq, 0); + } +} + +void ngtcp2_pq_remove(ngtcp2_pq *pq, ngtcp2_pq_entry *item) { + assert(pq->q[item->index] == item); + + if (item->index == 0) { + ngtcp2_pq_pop(pq); + return; + } + + if (item->index == pq->length - 1) { + --pq->length; + return; + } + + pq->q[item->index] = pq->q[pq->length - 1]; + pq->q[item->index]->index = item->index; + --pq->length; + + if (pq->less(item, pq->q[item->index])) { + bubble_down(pq, item->index); + } else { + bubble_up(pq, item->index); + } +} + +int ngtcp2_pq_empty(ngtcp2_pq *pq) { return pq->length == 0; } + +size_t ngtcp2_pq_size(ngtcp2_pq *pq) { return pq->length; } + +int ngtcp2_pq_each(ngtcp2_pq *pq, ngtcp2_pq_item_cb fun, void *arg) { + size_t i; + + if (pq->length == 0) { + return 0; + } + for (i = 0; i < pq->length; ++i) { + if ((*fun)(pq->q[i], arg)) { + return 1; + } + } + return 0; +} diff --git a/deps/ngtcp2/lib/ngtcp2_pq.h b/deps/ngtcp2/lib/ngtcp2_pq.h new file mode 100644 index 0000000000..b7e4a77ba5 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_pq.h @@ -0,0 +1,126 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * Copyright (c) 2012 nghttp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGTCP2_PQ_H +#define NGTCP2_PQ_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include "ngtcp2_mem.h" + +/* Implementation of priority queue */ + +/* NGTCP2_PQ_BAD_INDEX is the priority queue index which indicates + that an entry is not queued. Assigning this value to + ngtcp2_pq_entry.index can check that the entry is queued or not. */ +#define NGTCP2_PQ_BAD_INDEX SIZE_MAX + +typedef struct { + size_t index; +} ngtcp2_pq_entry; + +/* "less" function, return nonzero if |lhs| is less than |rhs|. */ +typedef int (*ngtcp2_less)(const ngtcp2_pq_entry *lhs, + const ngtcp2_pq_entry *rhs); + +typedef struct { + /* The pointer to the pointer to the item stored */ + ngtcp2_pq_entry **q; + /* Memory allocator */ + const ngtcp2_mem *mem; + /* The number of items stored */ + size_t length; + /* The maximum number of items this pq can store. This is + automatically extended when length is reached to this value. */ + size_t capacity; + /* The less function between items */ + ngtcp2_less less; +} ngtcp2_pq; + +/* + * Initializes priority queue |pq| with compare function |cmp|. + */ +void ngtcp2_pq_init(ngtcp2_pq *pq, ngtcp2_less less, const ngtcp2_mem *mem); + +/* + * Deallocates any resources allocated for |pq|. The stored items are + * not freed by this function. + */ +void ngtcp2_pq_free(ngtcp2_pq *pq); + +/* + * Adds |item| to the priority queue |pq|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +int ngtcp2_pq_push(ngtcp2_pq *pq, ngtcp2_pq_entry *item); + +/* + * Returns item at the top of the queue |pq|. It is undefined if the + * queue is empty. + */ +ngtcp2_pq_entry *ngtcp2_pq_top(ngtcp2_pq *pq); + +/* + * Pops item at the top of the queue |pq|. The popped item is not + * freed by this function. + */ +void ngtcp2_pq_pop(ngtcp2_pq *pq); + +/* + * Returns nonzero if the queue |pq| is empty. + */ +int ngtcp2_pq_empty(ngtcp2_pq *pq); + +/* + * Returns the number of items in the queue |pq|. + */ +size_t ngtcp2_pq_size(ngtcp2_pq *pq); + +typedef int (*ngtcp2_pq_item_cb)(ngtcp2_pq_entry *item, void *arg); + +/* + * Applys |fun| to each item in |pq|. The |arg| is passed as arg + * parameter to callback function. This function must not change the + * ordering key. If the return value from callback is nonzero, this + * function returns 1 immediately without iterating remaining items. + * Otherwise this function returns 0. + */ +int ngtcp2_pq_each(ngtcp2_pq *pq, ngtcp2_pq_item_cb fun, void *arg); + +/* + * Removes |item| from priority queue. + */ +void ngtcp2_pq_remove(ngtcp2_pq *pq, ngtcp2_pq_entry *item); + +#endif /* NGTCP2_PQ_H */ diff --git a/deps/ngtcp2/lib/ngtcp2_psl.c b/deps/ngtcp2/lib/ngtcp2_psl.c new file mode 100644 index 0000000000..54a8e894d5 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_psl.c @@ -0,0 +1,621 @@ +/* + * ngtcp2 + * + * Copyright (c) 2018 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "ngtcp2_psl.h" + +#include +#include +#include +#include + +#include "ngtcp2_macro.h" +#include "ngtcp2_mem.h" + +int ngtcp2_psl_init(ngtcp2_psl *psl, const ngtcp2_mem *mem) { + ngtcp2_psl_blk *head; + + psl->mem = mem; + psl->head = ngtcp2_mem_malloc(mem, sizeof(ngtcp2_psl_blk)); + if (!psl->head) { + return NGTCP2_ERR_NOMEM; + } + psl->front = psl->head; + psl->n = 0; + + head = psl->head; + + head->next = NULL; + head->n = 1; + head->leaf = 1; + head->nodes[0].range.begin = UINT64_MAX; + head->nodes[0].range.end = UINT64_MAX; + head->nodes[0].data = NULL; + + return 0; +} + +/* + * free_blk frees |blk| recursively. + */ +static void free_blk(ngtcp2_psl_blk *blk, const ngtcp2_mem *mem) { + size_t i; + + if (!blk->leaf) { + for (i = 0; i < blk->n; ++i) { + free_blk(blk->nodes[i].blk, mem); + } + } + + ngtcp2_mem_free(mem, blk); +} + +void ngtcp2_psl_free(ngtcp2_psl *psl) { + if (!psl) { + return; + } + + free_blk(psl->head, psl->mem); +} + +/* + * psl_split_blk splits |blk| into 2 ngtcp2_psl_blk objects. The new + * ngtcp2_psl_blk is always the "right" block. + * + * It returns the pointer to the ngtcp2_psl_blk created which is the + * located at the right of |blk|, or NULL which indicates out of + * memory error. + */ +static ngtcp2_psl_blk *psl_split_blk(ngtcp2_psl *psl, ngtcp2_psl_blk *blk) { + ngtcp2_psl_blk *rblk; + + rblk = ngtcp2_mem_malloc(psl->mem, sizeof(ngtcp2_psl_blk)); + if (rblk == NULL) { + return NULL; + } + + rblk->next = blk->next; + blk->next = rblk; + rblk->leaf = blk->leaf; + + rblk->n = blk->n / 2; + + memcpy(rblk->nodes, &blk->nodes[blk->n - rblk->n], + sizeof(ngtcp2_psl_node) * rblk->n); + + blk->n -= rblk->n; + + assert(blk->n >= NGTCP2_PSL_MIN_NBLK); + assert(rblk->n >= NGTCP2_PSL_MIN_NBLK); + + return rblk; +} + +/* + * psl_split_node splits a node included in |blk| at the position |i| + * into 2 adjacent nodes. The new node is always inserted at the + * position |i+1|. + * + * It returns 0 if it succeeds, or one of the following negative error + * codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +static int psl_split_node(ngtcp2_psl *psl, ngtcp2_psl_blk *blk, size_t i) { + ngtcp2_psl_blk *lblk = blk->nodes[i].blk, *rblk; + + rblk = psl_split_blk(psl, lblk); + if (rblk == NULL) { + return NGTCP2_ERR_NOMEM; + } + + memmove(&blk->nodes[i + 2], &blk->nodes[i + 1], + sizeof(ngtcp2_psl_node) * (blk->n - (i + 1))); + + blk->nodes[i + 1].blk = rblk; + + ++blk->n; + + blk->nodes[i].range = lblk->nodes[lblk->n - 1].range; + blk->nodes[i + 1].range = rblk->nodes[rblk->n - 1].range; + + return 0; +} + +/* + * psl_split_head splits a head (root) block. It increases the height + * of skip list by 1. + * + * It returns 0 if it succeeds, or one of the following negative error + * codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +static int psl_split_head(ngtcp2_psl *psl) { + ngtcp2_psl_blk *rblk = NULL, *lblk, *nhead = NULL; + + rblk = psl_split_blk(psl, psl->head); + if (rblk == NULL) { + return NGTCP2_ERR_NOMEM; + } + + lblk = psl->head; + + nhead = ngtcp2_mem_malloc(psl->mem, sizeof(ngtcp2_psl_blk)); + if (nhead == NULL) { + ngtcp2_mem_free(psl->mem, rblk); + return NGTCP2_ERR_NOMEM; + } + nhead->next = NULL; + nhead->n = 2; + nhead->leaf = 0; + + nhead->nodes[0].range = lblk->nodes[lblk->n - 1].range; + nhead->nodes[0].blk = lblk; + nhead->nodes[1].range = rblk->nodes[rblk->n - 1].range; + nhead->nodes[1].blk = rblk; + + psl->head = nhead; + + return 0; +} + +/* + * insert_node inserts a node whose range is |range| with the + * associated |data| at the index of |i|. This function assumes that + * the number of nodes contained by |blk| is strictly less than + * NGTCP2_PSL_MAX_NBLK. + */ +static void insert_node(ngtcp2_psl_blk *blk, size_t i, + const ngtcp2_range *range, void *data) { + ngtcp2_psl_node *node; + + assert(blk->n < NGTCP2_PSL_MAX_NBLK); + + memmove(&blk->nodes[i + 1], &blk->nodes[i], + sizeof(ngtcp2_psl_node) * (blk->n - i)); + + node = &blk->nodes[i]; + node->range = *range; + node->data = data; + + ++blk->n; +} + +static int range_intersect(const ngtcp2_range *a, const ngtcp2_range *b) { + return ngtcp2_max(a->begin, b->begin) < ngtcp2_min(a->end, b->end); +} + +int ngtcp2_psl_insert(ngtcp2_psl *psl, ngtcp2_psl_it *it, + const ngtcp2_range *range, void *data) { + ngtcp2_psl_blk *blk = psl->head; + ngtcp2_psl_node *node; + size_t i; + int rv; + + if (blk->n == NGTCP2_PSL_MAX_NBLK) { + rv = psl_split_head(psl); + if (rv != 0) { + return rv; + } + blk = psl->head; + } + + for (;;) { + for (i = 0, node = &blk->nodes[i]; node->range.begin < range->begin; + ++i, ++node) + ; + + assert(!range_intersect(&node->range, range)); + + if (blk->leaf) { + insert_node(blk, i, range, data); + ++psl->n; + if (it) { + ngtcp2_psl_it_init(it, blk, i); + } + return 0; + } + + if (node->blk->n == NGTCP2_PSL_MAX_NBLK) { + rv = psl_split_node(psl, blk, i); + if (rv != 0) { + return rv; + } + if (node->range.begin < range->begin) { + node = &blk->nodes[i + 1]; + } + } + + blk = node->blk; + } +} + +/* + * remove_node removes the node included in |blk| at the index of |i|. + */ +static void remove_node(ngtcp2_psl_blk *blk, size_t i) { + memmove(&blk->nodes[i], &blk->nodes[i + 1], + sizeof(ngtcp2_psl_node) * (blk->n - (i + 1))); + + --blk->n; +} + +/* + * psl_merge_node merges 2 nodes which are the nodes at the index of + * |i| and |i + 1|. + * + * If |blk| is the direct descendant of head (root) block and the head + * block contains just 2 nodes, the merged block becomes head block, + * which decreases the height of |psl| by 1. + * + * This function returns the pointer to the merged block. + */ +static ngtcp2_psl_blk *psl_merge_node(ngtcp2_psl *psl, ngtcp2_psl_blk *blk, + size_t i) { + ngtcp2_psl_blk *lblk, *rblk; + + assert(i + 1 < blk->n); + + lblk = blk->nodes[i].blk; + rblk = blk->nodes[i + 1].blk; + + assert(lblk->n + rblk->n < NGTCP2_PSL_MAX_NBLK); + + memcpy(&lblk->nodes[lblk->n], &rblk->nodes[0], + sizeof(ngtcp2_psl_node) * rblk->n); + + lblk->n += rblk->n; + lblk->next = rblk->next; + + ngtcp2_mem_free(psl->mem, rblk); + + if (psl->head == blk && blk->n == 2) { + ngtcp2_mem_free(psl->mem, psl->head); + psl->head = lblk; + } else { + remove_node(blk, i + 1); + blk->nodes[i].range = lblk->nodes[lblk->n - 1].range; + } + + return lblk; +} + +/* + * psl_relocate_node replaces the key at the index |*pi| in + * *pblk->nodes with something other without violating contract. It + * might involve merging 2 nodes or moving a node to left or right. + * + * It assigns the index of the block in |*pblk| where the node is + * moved to |*pi|. If merging 2 nodes occurs and it becomes new head, + * the new head is assigned to |*pblk| and it still contains the key. + * The caller should handle this situation. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +static int psl_relocate_node(ngtcp2_psl *psl, ngtcp2_psl_blk **pblk, + size_t *pi) { + ngtcp2_psl_blk *blk = *pblk; + size_t i = *pi; + ngtcp2_psl_node *node = &blk->nodes[i]; + ngtcp2_psl_node *rnode = &blk->nodes[i + 1]; + size_t j; + int rv; + + assert(i + 1 < blk->n); + + if (node->blk->n == NGTCP2_PSL_MIN_NBLK && + node->blk->n + rnode->blk->n < NGTCP2_PSL_MAX_NBLK) { + j = node->blk->n - 1; + blk = psl_merge_node(psl, blk, i); + if (blk != psl->head) { + return 0; + } + *pblk = blk; + i = j; + if (blk->leaf) { + *pi = i; + return 0; + } + node = &blk->nodes[i]; + rnode = &blk->nodes[i + 1]; + + if (node->blk->n == NGTCP2_PSL_MIN_NBLK && + node->blk->n + rnode->blk->n < NGTCP2_PSL_MAX_NBLK) { + j = node->blk->n - 1; + blk = psl_merge_node(psl, blk, i); + assert(blk != psl->head); + *pi = j; + return 0; + } + } + + if (node->blk->n < rnode->blk->n) { + node->blk->nodes[node->blk->n] = rnode->blk->nodes[0]; + memmove(&rnode->blk->nodes[0], &rnode->blk->nodes[1], + sizeof(ngtcp2_psl_node) * (rnode->blk->n - 1)); + --rnode->blk->n; + ++node->blk->n; + node->range = node->blk->nodes[node->blk->n - 1].range; + *pi = i; + return 0; + } + + if (rnode->blk->n == NGTCP2_PSL_MAX_NBLK) { + rv = psl_split_node(psl, blk, i + 1); + if (rv != 0) { + return rv; + } + } + + memmove(&rnode->blk->nodes[1], &rnode->blk->nodes[0], + sizeof(ngtcp2_psl_node) * rnode->blk->n); + + rnode->blk->nodes[0] = node->blk->nodes[node->blk->n - 1]; + ++rnode->blk->n; + + --node->blk->n; + + node->range = node->blk->nodes[node->blk->n - 1].range; + + *pi = i + 1; + return 0; +} + +/* + * shift_left moves the first node in blk->nodes[i]->blk->nodes to + * blk->nodes[i - 1]->blk->nodes. + */ +static void shift_left(ngtcp2_psl_blk *blk, size_t i) { + ngtcp2_psl_node *lnode, *rnode; + + assert(i > 0); + + lnode = &blk->nodes[i - 1]; + rnode = &blk->nodes[i]; + + assert(lnode->blk->n < NGTCP2_PSL_MAX_NBLK); + assert(rnode->blk->n > NGTCP2_PSL_MIN_NBLK); + + lnode->blk->nodes[lnode->blk->n] = rnode->blk->nodes[0]; + lnode->range = lnode->blk->nodes[lnode->blk->n].range; + ++lnode->blk->n; + + --rnode->blk->n; + memmove(&rnode->blk->nodes[0], &rnode->blk->nodes[1], + sizeof(ngtcp2_psl_node) * rnode->blk->n); +} + +/* + * shift_right moves the last node in blk->nodes[i]->blk->nodes to + * blk->nodes[i + 1]->blk->nodes. + */ +static void shift_right(ngtcp2_psl_blk *blk, size_t i) { + ngtcp2_psl_node *lnode, *rnode; + + assert(i < blk->n - 1); + + lnode = &blk->nodes[i]; + rnode = &blk->nodes[i + 1]; + + assert(lnode->blk->n > NGTCP2_PSL_MIN_NBLK); + assert(rnode->blk->n < NGTCP2_PSL_MAX_NBLK); + + memmove(&rnode->blk->nodes[1], &rnode->blk->nodes[0], + sizeof(ngtcp2_psl_node) * rnode->blk->n); + ++rnode->blk->n; + rnode->blk->nodes[0] = lnode->blk->nodes[lnode->blk->n - 1]; + + --lnode->blk->n; + lnode->range = lnode->blk->nodes[lnode->blk->n - 1].range; +} + +int ngtcp2_psl_remove(ngtcp2_psl *psl, ngtcp2_psl_it *it, + const ngtcp2_range *range) { + ngtcp2_psl_blk *blk = psl->head, *lblk, *rblk; + ngtcp2_psl_node *node; + size_t i, j; + int rv; + + if (!blk->leaf && blk->n == NGTCP2_PSL_MAX_NBLK) { + rv = psl_split_head(psl); + if (rv != 0) { + return rv; + } + blk = psl->head; + } + + for (;;) { + for (i = 0, node = &blk->nodes[i]; node->range.begin < range->begin; + ++i, ++node) + ; + + if (blk->leaf) { + assert(i < blk->n); + remove_node(blk, i); + --psl->n; + if (it) { + if (blk->n == i) { + ngtcp2_psl_it_init(it, blk->next, 0); + } else { + ngtcp2_psl_it_init(it, blk, i); + } + } + return 0; + } + + if (node->blk->n == NGTCP2_PSL_MAX_NBLK) { + rv = psl_split_node(psl, blk, i); + if (rv != 0) { + return rv; + } + if (node->range.begin < range->begin) { + ++i; + node = &blk->nodes[i]; + } + } + + if (ngtcp2_range_eq(&node->range, range)) { + rv = psl_relocate_node(psl, &blk, &i); + if (rv != 0) { + return rv; + } + if (!blk->leaf) { + node = &blk->nodes[i]; + blk = node->blk; + } + } else if (node->blk->n == NGTCP2_PSL_MIN_NBLK) { + j = i == 0 ? 0 : i - 1; + + lblk = blk->nodes[j].blk; + rblk = blk->nodes[j + 1].blk; + + if (lblk->n + rblk->n < NGTCP2_PSL_MAX_NBLK) { + blk = psl_merge_node(psl, blk, j); + } else { + if (i == j) { + shift_left(blk, j + 1); + } else { + shift_right(blk, j); + } + blk = node->blk; + } + } else { + blk = node->blk; + } + } +} + +ngtcp2_psl_it ngtcp2_psl_lower_bound(ngtcp2_psl *psl, + const ngtcp2_range *range) { + ngtcp2_psl_blk *blk = psl->head; + ngtcp2_psl_node *node; + size_t i; + + for (;;) { + for (i = 0, node = &blk->nodes[i]; node->range.begin < range->begin && + !range_intersect(&node->range, range); + ++i, node = &blk->nodes[i]) + ; + + if (blk->leaf) { + ngtcp2_psl_it it = {blk, i}; + return it; + } + + blk = node->blk; + } +} + +void ngtcp2_psl_update_range(ngtcp2_psl *psl, const ngtcp2_range *old_range, + const ngtcp2_range *new_range) { + ngtcp2_psl_blk *blk = psl->head; + ngtcp2_psl_node *node; + size_t i; + + assert(old_range->begin <= new_range->begin); + assert(new_range->end <= old_range->end); + + for (;;) { + for (i = 0, node = &blk->nodes[i]; node->range.begin < old_range->begin; + ++i, node = &blk->nodes[i]) + ; + + if (blk->leaf) { + assert(ngtcp2_range_eq(&node->range, old_range)); + node->range = *new_range; + return; + } + + if (ngtcp2_range_eq(&node->range, old_range)) { + node->range = *new_range; + } else { + assert(!range_intersect(&node->range, old_range)); + } + + blk = node->blk; + } +} + +static void psl_print(ngtcp2_psl *psl, const ngtcp2_psl_blk *blk, + size_t level) { + size_t i; + + fprintf(stderr, "LV=%zu n=%zu\n", level, blk->n); + + if (blk->leaf) { + for (i = 0; i < blk->n; ++i) { + fprintf(stderr, " [%" PRIu64 ", %" PRIu64 ")", blk->nodes[i].range.begin, + blk->nodes[i].range.end); + } + fprintf(stderr, "\n"); + return; + } + + for (i = 0; i < blk->n; ++i) { + psl_print(psl, blk->nodes[i].blk, level + 1); + } +} + +void ngtcp2_psl_print(ngtcp2_psl *psl) { psl_print(psl, psl->head, 0); } + +ngtcp2_psl_it ngtcp2_psl_begin(const ngtcp2_psl *psl) { + ngtcp2_psl_it it = {psl->front, 0}; + return it; +} + +size_t ngtcp2_psl_len(ngtcp2_psl *psl) { return psl->n; } + +void ngtcp2_psl_it_init(ngtcp2_psl_it *it, const ngtcp2_psl_blk *blk, + size_t i) { + it->blk = blk; + it->i = i; +} + +void *ngtcp2_psl_it_get(const ngtcp2_psl_it *it) { + return it->blk->nodes[it->i].data; +} + +void ngtcp2_psl_it_next(ngtcp2_psl_it *it) { + assert(!ngtcp2_psl_it_end(it)); + + if (++it->i == it->blk->n) { + it->blk = it->blk->next; + it->i = 0; + } +} + +int ngtcp2_psl_it_end(const ngtcp2_psl_it *it) { + ngtcp2_range end = {UINT64_MAX, UINT64_MAX}; + return ngtcp2_range_eq(&end, &it->blk->nodes[it->i].range); +} + +ngtcp2_range ngtcp2_psl_it_range(const ngtcp2_psl_it *it) { + return it->blk->nodes[it->i].range; +} diff --git a/deps/ngtcp2/lib/ngtcp2_psl.h b/deps/ngtcp2/lib/ngtcp2_psl.h new file mode 100644 index 0000000000..f0310a87e4 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_psl.h @@ -0,0 +1,231 @@ +/* + * ngtcp2 + * + * Copyright (c) 2018 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGTCP2_PSL_H +#define NGTCP2_PSL_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include + +#include "ngtcp2_range.h" + +/* + * Skip List implementation inspired by + * https://github.com/jabr/olio/blob/master/skiplist.c + */ + +#define NGTCP2_PSL_DEGR 8 +/* NGTCP2_PSL_MAX_NBLK is the maximum number of nodes which a single + block can contain. */ +#define NGTCP2_PSL_MAX_NBLK (2 * NGTCP2_PSL_DEGR - 1) +/* NGTCP2_PSL_MIN_NBLK is the minimum number of nodes which a single + block other than root must contains. */ +#define NGTCP2_PSL_MIN_NBLK (NGTCP2_PSL_DEGR - 1) + +struct ngtcp2_psl_node; +typedef struct ngtcp2_psl_node ngtcp2_psl_node; + +struct ngtcp2_psl_blk; +typedef struct ngtcp2_psl_blk ngtcp2_psl_blk; + +/* + * ngtcp2_psl_node is a node which contains either ngtcp2_psl_blk or + * opaque data. If a node is an internal node, it contains + * ngtcp2_psl_blk. Otherwise, it has data. The invariant is that the + * range of internal node dictates the maximum range in its + * descendants, and the corresponding leaf node must exist. + */ +struct ngtcp2_psl_node { + ngtcp2_range range; + union { + ngtcp2_psl_blk *blk; + void *data; + }; +}; + +/* + * ngtcp2_psl_blk contains ngtcp2_psl_node objects. + */ +struct ngtcp2_psl_blk { + /* next points to the next block if leaf field is nonzero. */ + ngtcp2_psl_blk *next; + /* n is the number of nodes this object contains in nodes. */ + size_t n; + /* leaf is nonzero if this block contains leaf nodes. */ + int leaf; + ngtcp2_psl_node nodes[NGTCP2_PSL_MAX_NBLK]; +}; + +struct ngtcp2_psl_it; +typedef struct ngtcp2_psl_it ngtcp2_psl_it; + +/* + * ngtcp2_psl_it is a forward iterator to iterate nodes. + */ +struct ngtcp2_psl_it { + const ngtcp2_psl_blk *blk; + size_t i; +}; + +struct ngtcp2_psl; +typedef struct ngtcp2_psl ngtcp2_psl; + +/* + * ngtcp2_psl is a deterministic paged skip list. + */ +struct ngtcp2_psl { + /* head points to the root block. */ + ngtcp2_psl_blk *head; + /* front points to the first leaf block. */ + ngtcp2_psl_blk *front; + size_t n; + const ngtcp2_mem *mem; +}; + +/* + * ngtcp2_psl_init initializes |psl|. + * + * It returns 0 if it succeeds, or one of the following negative error + * codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +int ngtcp2_psl_init(ngtcp2_psl *psl, const ngtcp2_mem *mem); + +/* + * ngtcp2_psl_free frees resources allocated for |psl|. If |psl| is + * NULL, this function does nothing. It does not free the memory + * region pointed by |psl| itself. + */ +void ngtcp2_psl_free(ngtcp2_psl *psl); + +/* + * ngtcp2_psl_insert inserts |range| with its associated |data|. On + * successful insertion, the iterator points to the inserted node is + * stored in |*it|. + * + * This function assumes that the existing ranges do not intersect + * with |range|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +int ngtcp2_psl_insert(ngtcp2_psl *psl, ngtcp2_psl_it *it, + const ngtcp2_range *range, void *data); + +/* + * ngtcp2_psl_remove removes the |range| from |psl|. It assumes such + * the range is included in |psl|. + * + * This function assigns the iterator to |*it|, which points to the + * node which is located at the right next of the removed node if |it| + * is not NULL. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +int ngtcp2_psl_remove(ngtcp2_psl *psl, ngtcp2_psl_it *it, + const ngtcp2_range *range); + +/* + * ngtcp2_psl_update_range replaces the range of nodes which has + * |old_range| with |new_range|. |old_range| must include + * |new_range|. + */ +void ngtcp2_psl_update_range(ngtcp2_psl *psl, const ngtcp2_range *old_range, + const ngtcp2_range *new_range); + +/* + * ngtcp2_psl_lower_bound returns the iterator which points to the + * first node whose range intersects with |range|. If there is no + * such node, it returns the iterator which satisfies + * ngtcp2_psl_it_end(it) != 0. + */ +ngtcp2_psl_it ngtcp2_psl_lower_bound(ngtcp2_psl *psl, + const ngtcp2_range *range); + +/* + * ngtcp2_psl_begin returns the iterator which points to the first + * node. If there is no node in |psl|, it returns the iterator which + * satisfies ngtcp2_psl_it_end(it) != 0. + */ +ngtcp2_psl_it ngtcp2_psl_begin(const ngtcp2_psl *psl); + +/* + * ngtcp2_psl_len returns the number of elements stored in |ksl|. + */ +size_t ngtcp2_psl_len(ngtcp2_psl *psl); + +/* + * ngtcp2_psl_print prints its internal state in stderr. This + * function should be used for the debugging purpose only. + */ +void ngtcp2_psl_print(ngtcp2_psl *psl); + +/* + * ngtcp2_psl_it_init initializes |it|. + */ +void ngtcp2_psl_it_init(ngtcp2_psl_it *it, const ngtcp2_psl_blk *blk, size_t i); + +/* + * ngtcp2_psl_it_get returns the data associated to the node which + * |it| points to. If this function is called when + * ngtcp2_psl_it_end(it) returns nonzero, it returns NULL. + */ +void *ngtcp2_psl_it_get(const ngtcp2_psl_it *it); + +/* + * ngtcp2_psl_it_next advances the iterator by one. It is undefined + * if this function is called when ngtcp2_psl_it_end(it) returns + * nonzero. + */ +void ngtcp2_psl_it_next(ngtcp2_psl_it *it); + +/* + * ngtcp2_psl_it_end returns nonzero if |it| points to the beyond the + * last node. + */ +int ngtcp2_psl_it_end(const ngtcp2_psl_it *it); + +/* + * ngtcp2_psl_range returns the range of the node which |it| points + * to. It is OK to call this function when ngtcp2_psl_it_end(it) + * returns nonzero. In this case, this function returns {UINT64_MAX, + * UINT64_MAX}. + */ +ngtcp2_range ngtcp2_psl_it_range(const ngtcp2_psl_it *it); + +#endif /* NGTCP2_PSL_H */ diff --git a/deps/ngtcp2/lib/ngtcp2_pv.c b/deps/ngtcp2/lib/ngtcp2_pv.c new file mode 100644 index 0000000000..171f02dc43 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_pv.c @@ -0,0 +1,155 @@ +/* + * ngtcp2 + * + * Copyright (c) 2019 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "ngtcp2_pv.h" + +#include + +#include "ngtcp2_mem.h" +#include "ngtcp2_log.h" +#include "ngtcp2_macro.h" +#include "ngtcp2_addr.h" + +void ngtcp2_pv_entry_init(ngtcp2_pv_entry *pvent, const uint8_t *data, + ngtcp2_tstamp expiry) { + memcpy(pvent->data, data, sizeof(pvent->data)); + pvent->expiry = expiry; +} + +int ngtcp2_pv_new(ngtcp2_pv **ppv, const ngtcp2_dcid *dcid, + ngtcp2_duration timeout, uint8_t flags, ngtcp2_log *log, + const ngtcp2_mem *mem) { + int rv; + + (*ppv) = ngtcp2_mem_malloc(mem, sizeof(ngtcp2_pv)); + if (*ppv == NULL) { + return NGTCP2_ERR_NOMEM; + } + + rv = ngtcp2_ringbuf_init(&(*ppv)->ents, NGTCP2_PV_MAX_ENTRIES, + sizeof(ngtcp2_pv_entry), mem); + if (rv != 0) { + ngtcp2_mem_free(mem, *ppv); + return 0; + } + + ngtcp2_dcid_copy(&(*ppv)->dcid, dcid); + + (*ppv)->mem = mem; + (*ppv)->log = log; + (*ppv)->timeout = timeout; + (*ppv)->started_ts = 0; + (*ppv)->loss_count = 0; + (*ppv)->flags = flags; + + return 0; +} + +void ngtcp2_pv_del(ngtcp2_pv *pv) { + if (pv == NULL) { + return; + } + ngtcp2_ringbuf_free(&pv->ents); + ngtcp2_mem_free(pv->mem, pv); +} + +void ngtcp2_pv_ensure_start(ngtcp2_pv *pv, ngtcp2_tstamp ts) { + if (pv->started_ts) { + return; + } + pv->started_ts = ts; +} + +void ngtcp2_pv_add_entry(ngtcp2_pv *pv, const uint8_t *data, + ngtcp2_tstamp expiry) { + ngtcp2_pv_entry *ent = ngtcp2_ringbuf_push_back(&pv->ents); + ngtcp2_pv_entry_init(ent, data, expiry); +} + +int ngtcp2_pv_full(ngtcp2_pv *pv) { return ngtcp2_ringbuf_full(&pv->ents); } + +int ngtcp2_pv_validate(ngtcp2_pv *pv, const uint8_t *data) { + size_t len = ngtcp2_ringbuf_len(&pv->ents); + size_t i; + ngtcp2_pv_entry *ent; + + if (len == 0) { + return NGTCP2_ERR_INVALID_STATE; + } + + for (i = 0; i < len; ++i) { + ent = ngtcp2_ringbuf_get(&pv->ents, i); + if (memcmp(ent->data, data, sizeof(ent->data)) == 0) { + ngtcp2_log_info(pv->log, NGTCP2_LOG_EVENT_PTV, "path has been validated"); + return 0; + } + } + + return NGTCP2_ERR_INVALID_ARGUMENT; +} + +void ngtcp2_pv_handle_entry_expiry(ngtcp2_pv *pv, ngtcp2_tstamp ts) { + ngtcp2_pv_entry *ent; + + if (ngtcp2_ringbuf_len(&pv->ents) == 0) { + return; + } + + ent = ngtcp2_ringbuf_get(&pv->ents, 0); + if (ent->expiry <= ts) { + ++pv->loss_count; + + ngtcp2_ringbuf_pop_front(&pv->ents); + + for (; ngtcp2_ringbuf_len(&pv->ents);) { + ent = ngtcp2_ringbuf_get(&pv->ents, 0); + if (ent->expiry <= ts) { + ngtcp2_ringbuf_pop_front(&pv->ents); + continue; + } + break; + } + } +} + +int ngtcp2_pv_validation_timed_out(ngtcp2_pv *pv, ngtcp2_tstamp ts) { + return pv->started_ts + pv->timeout <= ts; +} + +ngtcp2_tstamp ngtcp2_pv_next_expiry(ngtcp2_pv *pv) { + ngtcp2_tstamp t = UINT64_MAX; + ngtcp2_pv_entry *ent; + + if (pv->started_ts) { + t = pv->started_ts + pv->timeout; + } + + if (ngtcp2_ringbuf_len(&pv->ents) == 0) { + return t; + } + + ent = ngtcp2_ringbuf_get(&pv->ents, 0); + + return ngtcp2_min(t, ent->expiry); +} diff --git a/deps/ngtcp2/lib/ngtcp2_pv.h b/deps/ngtcp2/lib/ngtcp2_pv.h new file mode 100644 index 0000000000..e3b4bc2146 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_pv.h @@ -0,0 +1,170 @@ +/* + * ngtcp2 + * + * Copyright (c) 2019 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGTCP2_PV_H +#define NGTCP2_PV_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include "ngtcp2_cid.h" +#include "ngtcp2_ringbuf.h" + +/* NGTCP2_PV_MAX_ENTRIES is the maximum number of entries that + ngtcp2_pv can contain. It must be power of 2. */ +#define NGTCP2_PV_MAX_ENTRIES 4 + +struct ngtcp2_log; +typedef struct ngtcp2_log ngtcp2_log; + +struct ngtcp2_frame_chain; +typedef struct ngtcp2_frame_chain ngtcp2_frame_chain; + +typedef struct { + /* expiry is the timestamp when this PATH_CHALLENGE expires. */ + ngtcp2_tstamp expiry; + /* data is a byte string included in PATH_CHALLENGE. */ + uint8_t data[8]; +} ngtcp2_pv_entry; + +void ngtcp2_pv_entry_init(ngtcp2_pv_entry *pvent, const uint8_t *data, + ngtcp2_tstamp expiry); + +typedef enum { + NGTCP2_PV_FLAG_NONE, + /* NGTCP2_PV_FLAG_DONT_CARE indicates that the outcome of the path + validation does not matter. */ + NGTCP2_PV_FLAG_DONT_CARE = 0x01, + /* NGTCP2_PV_FLAG_RETIRE_DCID_ON_FINISH indicates that DCID should + be retired after path validation is aborted or failed. DCID is + not retired if path validation succeeds. */ + NGTCP2_PV_FLAG_RETIRE_DCID_ON_FINISH = 0x02, + /* NGTCP2_PV_FLAG_FALLBACK_ON_FAILURE indicates that fallback DCID + is available in ngtcp2_pv. If path validation fails, fallback to + the fallback DCID. If path validation succeeds, fallback DCID is + retired. */ + NGTCP2_PV_FLAG_FALLBACK_ON_FAILURE = 0x04, +} ngtcp2_pv_flag; + +struct ngtcp2_pv; +typedef struct ngtcp2_pv ngtcp2_pv; + +/* + * ngtcp2_pv is the context of a single path validation. + */ +struct ngtcp2_pv { + const ngtcp2_mem *mem; + ngtcp2_log *log; + /* dcid is DCID and path this path validation uses. */ + ngtcp2_dcid dcid; + /* fallback_dcid is the usually validated DCID and used as a + fallback if this path validation fails. */ + ngtcp2_dcid fallback_dcid; + /* ents is the ring buffer of ngtcp2_pv_entry */ + ngtcp2_ringbuf ents; + /* timeout is the duration within which this path validation should + succeed. */ + ngtcp2_duration timeout; + /* started_ts is the timestamp this path validation starts. */ + ngtcp2_tstamp started_ts; + /* loss_count is the number of lost PATH_CHALLENGE */ + size_t loss_count; + /* flags is bitwise-OR of zero or more of ngtcp2_pv_flag. */ + uint8_t flags; +}; + +/* + * ngtcp2_pv_new creates new ngtcp2_pv object and assigns its pointer + * to |*ppv|. This function makes a copy of |dcid|. |timeout| is a + * duration within which this path validation must succeed. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory + */ +int ngtcp2_pv_new(ngtcp2_pv **ppv, const ngtcp2_dcid *dcid, + ngtcp2_duration timeout, uint8_t flags, ngtcp2_log *log, + const ngtcp2_mem *mem); + +/* + * ngtcp2_pv_del deallocates |pv|. This function frees memory |pv| + * points too. + */ +void ngtcp2_pv_del(ngtcp2_pv *pv); + +/* + * ngtcp2_pv_ensure_start sets started_ts field to |ts| if it is zero. + */ +void ngtcp2_pv_ensure_start(ngtcp2_pv *pv, ngtcp2_tstamp ts); + +/* + * ngtcp2_pv_add_entry adds new entry with |data|. |expiry| is the + * expiry time of the entry. + */ +void ngtcp2_pv_add_entry(ngtcp2_pv *pv, const uint8_t *data, + ngtcp2_tstamp expiry); + +/* + * ngtcp2_pv_full returns nonzero if |pv| is full of ngtcp2_pv_entry. + */ +int ngtcp2_pv_full(ngtcp2_pv *pv); + +/* + * ngtcp2_pv_validate validates that the received |data| matches the + * one of the existing entry. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_PATH_VALIDATION_FAILED + * path validation has failed and must be abandoned + * NGTCP2_ERR_INVALID_STATE + * |pv| includes no entry + * NGTCP2_ERR_INVALID_ARGUMENT + * |pv| does not have an entry which has |data| and |path| + */ +int ngtcp2_pv_validate(ngtcp2_pv *pv, const uint8_t *data); + +/* + * ngtcp2_pv_handle_entry_expiry checks expiry for each entry. + */ +void ngtcp2_pv_handle_entry_expiry(ngtcp2_pv *pv, ngtcp2_tstamp ts); + +/* + * ngtcp2_pv_validation_timed_out returns nonzero if the path + * validation fails because of timeout. + */ +int ngtcp2_pv_validation_timed_out(ngtcp2_pv *pv, ngtcp2_tstamp ts); + +/* + * ngtcp2_pv_next_expiry returns the earliest expiry. + */ +ngtcp2_tstamp ngtcp2_pv_next_expiry(ngtcp2_pv *pv); + +#endif /* NGTCP2_PV_H */ diff --git a/deps/ngtcp2/lib/ngtcp2_range.c b/deps/ngtcp2/lib/ngtcp2_range.c new file mode 100644 index 0000000000..9379496b7d --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_range.c @@ -0,0 +1,61 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "ngtcp2_range.h" +#include "ngtcp2_macro.h" + +void ngtcp2_range_init(ngtcp2_range *r, uint64_t begin, uint64_t end) { + r->begin = begin; + r->end = end; +} + +ngtcp2_range ngtcp2_range_intersect(const ngtcp2_range *a, + const ngtcp2_range *b) { + ngtcp2_range r = {0, 0}; + uint64_t begin = ngtcp2_max(a->begin, b->begin); + uint64_t end = ngtcp2_min(a->end, b->end); + if (begin < end) { + ngtcp2_range_init(&r, begin, end); + } + return r; +} + +uint64_t ngtcp2_range_len(const ngtcp2_range *r) { return r->end - r->begin; } + +int ngtcp2_range_eq(const ngtcp2_range *a, const ngtcp2_range *b) { + return a->begin == b->begin && a->end == b->end; +} + +void ngtcp2_range_cut(ngtcp2_range *left, ngtcp2_range *right, + const ngtcp2_range *a, const ngtcp2_range *b) { + /* Assume that b is included in a */ + left->begin = a->begin; + left->end = b->begin; + right->begin = b->end; + right->end = a->end; +} + +int ngtcp2_range_not_after(const ngtcp2_range *a, const ngtcp2_range *b) { + return a->end <= b->end; +} diff --git a/deps/ngtcp2/lib/ngtcp2_range.h b/deps/ngtcp2/lib/ngtcp2_range.h new file mode 100644 index 0000000000..96b9a54b28 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_range.h @@ -0,0 +1,80 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGTCP2_RANGE_H +#define NGTCP2_RANGE_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +/* + * ngtcp2_range represents half-closed range [begin, end). + */ +typedef struct { + uint64_t begin; + uint64_t end; +} ngtcp2_range; + +/* + * ngtcp2_range_init initializes |r| with the range [|begin|, |end|). + */ +void ngtcp2_range_init(ngtcp2_range *r, uint64_t begin, uint64_t end); + +/* + * ngtcp2_range_intersect returns the intersection of |a| and |b|. If + * they do not overlap, it returns empty range. + */ +ngtcp2_range ngtcp2_range_intersect(const ngtcp2_range *a, + const ngtcp2_range *b); + +/* + * ngtcp2_range_len returns the length of |r|. + */ +uint64_t ngtcp2_range_len(const ngtcp2_range *r); + +/* + * ngtcp2_range_eq returns nonzero if |a| equals |b|, such that + * a->begin == b->begin, and a->end == b->end hold. + */ +int ngtcp2_range_eq(const ngtcp2_range *a, const ngtcp2_range *b); + +/* + * ngtcp2_range_cut returns the left and right range after removing + * |b| from |a|. This function assumes that |a| completely includes + * |b|. In other words, a->begin <= b->begin and b->end <= a->end + * hold. + */ +void ngtcp2_range_cut(ngtcp2_range *left, ngtcp2_range *right, + const ngtcp2_range *a, const ngtcp2_range *b); + +/* + * ngtcp2_range_not_after returns nonzero if the right edge of |a| + * does not go beyond of the right edge of |b|. + */ +int ngtcp2_range_not_after(const ngtcp2_range *a, const ngtcp2_range *b); + +#endif /* NGTCP2_RANGE_H */ diff --git a/deps/ngtcp2/lib/ngtcp2_ringbuf.c b/deps/ngtcp2/lib/ngtcp2_ringbuf.c new file mode 100644 index 0000000000..cf51643c0f --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_ringbuf.c @@ -0,0 +1,107 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "ngtcp2_ringbuf.h" + +#include +#ifdef WIN32 +# include +#endif + +#include "ngtcp2_macro.h" +#include "ngtcp2_net.h" + +int ngtcp2_ringbuf_init(ngtcp2_ringbuf *rb, size_t nmemb, size_t size, + const ngtcp2_mem *mem) { +#ifdef WIN32 + assert(1 == __popcnt((unsigned int)nmemb)); +#else + assert(1 == __builtin_popcount((unsigned int)nmemb)); +#endif + + rb->buf = ngtcp2_mem_malloc(mem, nmemb * size); + if (rb->buf == NULL) { + return NGTCP2_ERR_NOMEM; + } + + rb->mem = mem; + rb->nmemb = nmemb; + rb->size = size; + rb->first = 0; + rb->len = 0; + + return 0; +} + +void ngtcp2_ringbuf_free(ngtcp2_ringbuf *rb) { + if (rb == NULL) { + return; + } + + ngtcp2_mem_free(rb->mem, rb->buf); +} + +void *ngtcp2_ringbuf_push_front(ngtcp2_ringbuf *rb) { + rb->first = (rb->first - 1) & (rb->nmemb - 1); + rb->len = ngtcp2_min(rb->nmemb, rb->len + 1); + + return (void *)&rb->buf[rb->first * rb->size]; +} + +void *ngtcp2_ringbuf_push_back(ngtcp2_ringbuf *rb) { + size_t offset = (rb->first + rb->len) & (rb->nmemb - 1); + + if (rb->len == rb->nmemb) { + rb->first = (rb->first + 1) & (rb->nmemb - 1); + } else { + ++rb->len; + } + + return (void *)&rb->buf[offset * rb->size]; +} + +void ngtcp2_ringbuf_pop_front(ngtcp2_ringbuf *rb) { + rb->first = (rb->first + 1) & (rb->nmemb - 1); + --rb->len; +} + +void ngtcp2_ringbuf_pop_back(ngtcp2_ringbuf *rb) { + assert(rb->len); + --rb->len; +} + +void ngtcp2_ringbuf_resize(ngtcp2_ringbuf *rb, size_t len) { + assert(len <= rb->nmemb); + rb->len = len; +} + +void *ngtcp2_ringbuf_get(ngtcp2_ringbuf *rb, size_t offset) { + assert(offset < rb->len); + offset = (rb->first + offset) & (rb->nmemb - 1); + return &rb->buf[offset * rb->size]; +} + +size_t ngtcp2_ringbuf_len(ngtcp2_ringbuf *rb) { return rb->len; } + +int ngtcp2_ringbuf_full(ngtcp2_ringbuf *rb) { return rb->len == rb->nmemb; } diff --git a/deps/ngtcp2/lib/ngtcp2_ringbuf.h b/deps/ngtcp2/lib/ngtcp2_ringbuf.h new file mode 100644 index 0000000000..05e9a577f1 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_ringbuf.h @@ -0,0 +1,110 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGTCP2_RINGBUF_H +#define NGTCP2_RINGBUF_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include "ngtcp2_mem.h" + +typedef struct { + /* buf points to the underlying buffer. */ + uint8_t *buf; + const ngtcp2_mem *mem; + /* nmemb is the number of elements that can be stored in this ring + buffer. */ + size_t nmemb; + /* size is the size of each element. */ + size_t size; + /* first is the offset to the first element. */ + size_t first; + /* len is the number of elements actually stored. */ + size_t len; +} ngtcp2_ringbuf; + +/* + * ngtcp2_ringbuf_init initializes |rb|. |nmemb| is the number of + * elements that can be stored in this buffer. |size| is the size of + * each element. |size| must be power of 2. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +int ngtcp2_ringbuf_init(ngtcp2_ringbuf *rb, size_t nmemb, size_t size, + const ngtcp2_mem *mem); + +/* + * ngtcp2_ringbuf_free frees resources allocated for |rb|. This + * function does not free the memory pointed by |rb|. + */ +void ngtcp2_ringbuf_free(ngtcp2_ringbuf *rb); + +/* ngtcp2_ringbuf_push_front moves the offset to the first element in + the buffer backward, and returns the pointer to the element. + Caller can store data to the buffer pointed by the returned + pointer. If this action exceeds the capacity of the ring buffer, + the last element is silently overwritten, and rb->len remains + unchanged. */ +void *ngtcp2_ringbuf_push_front(ngtcp2_ringbuf *rb); + +/* ngtcp2_ringbuf_push_back moves the offset to the last element in + the buffer forward, and returns the pointer to the element. Caller + can store data to the buffer pointed by the returned pointer. If + this action exceeds the capacity of the ring buffer, the first + element is silently overwritten, and rb->len remains unchanged. */ +void *ngtcp2_ringbuf_push_back(ngtcp2_ringbuf *rb); + +/* + * ngtcp2_ringbuf_pop_front removes first element in |rb|. + */ +void ngtcp2_ringbuf_pop_front(ngtcp2_ringbuf *rb); + +/* + * ngtcp2_ringbuf_pop_back removes the last element in |rb|. + */ +void ngtcp2_ringbuf_pop_back(ngtcp2_ringbuf *rb); + +/* ngtcp2_ringbuf_resize changes the number of elements stored. This + does not change the capacity of the underlying buffer. */ +void ngtcp2_ringbuf_resize(ngtcp2_ringbuf *rb, size_t len); + +/* ngtcp2_ringbuf_get returns the pointer to the element at + |offset|. */ +void *ngtcp2_ringbuf_get(ngtcp2_ringbuf *rb, size_t offset); + +/* ngtcp2_ringbuf_len returns the number of elements stored. */ +size_t ngtcp2_ringbuf_len(ngtcp2_ringbuf *rb); + +/* ngtcp2_ringbuf_full returns nonzero if |rb| is full. */ +int ngtcp2_ringbuf_full(ngtcp2_ringbuf *rb); + +#endif /* NGTCP2_RINGBUF_H */ diff --git a/deps/ngtcp2/lib/ngtcp2_rob.c b/deps/ngtcp2/lib/ngtcp2_rob.c new file mode 100644 index 0000000000..6c0aca7e90 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_rob.c @@ -0,0 +1,338 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "ngtcp2_rob.h" + +#include +#include + +#include "ngtcp2_macro.h" + +int ngtcp2_rob_gap_new(ngtcp2_rob_gap **pg, uint64_t begin, uint64_t end, + const ngtcp2_mem *mem) { + *pg = ngtcp2_mem_malloc(mem, sizeof(ngtcp2_rob_gap)); + if (*pg == NULL) { + return NGTCP2_ERR_NOMEM; + } + + (*pg)->range.begin = begin; + (*pg)->range.end = end; + + return 0; +} + +void ngtcp2_rob_gap_del(ngtcp2_rob_gap *g, const ngtcp2_mem *mem) { + ngtcp2_mem_free(mem, g); +} + +int ngtcp2_rob_data_new(ngtcp2_rob_data **pd, uint64_t offset, size_t chunk, + const ngtcp2_mem *mem) { + *pd = ngtcp2_mem_malloc(mem, sizeof(ngtcp2_rob_data) + chunk); + if (*pd == NULL) { + return NGTCP2_ERR_NOMEM; + } + + (*pd)->range.begin = offset; + (*pd)->range.end = offset + chunk; + (*pd)->begin = (uint8_t *)(*pd) + sizeof(ngtcp2_rob_data); + (*pd)->end = (*pd)->begin + chunk; + + return 0; +} + +void ngtcp2_rob_data_del(ngtcp2_rob_data *d, const ngtcp2_mem *mem) { + ngtcp2_mem_free(mem, d); +} + +int ngtcp2_rob_init(ngtcp2_rob *rob, size_t chunk, const ngtcp2_mem *mem) { + int rv; + ngtcp2_rob_gap *g; + ngtcp2_ksl_key key; + + rv = ngtcp2_ksl_init(&rob->gapksl, ngtcp2_ksl_range_compar, + sizeof(ngtcp2_range), mem); + if (rv != 0) { + goto fail_gapksl_ksl_init; + } + + rv = ngtcp2_rob_gap_new(&g, 0, UINT64_MAX, mem); + if (rv != 0) { + goto fail_rob_gap_new; + } + + rv = ngtcp2_ksl_insert(&rob->gapksl, NULL, + ngtcp2_ksl_key_ptr(&key, &g->range), g); + if (rv != 0) { + goto fail_gapksl_ksl_insert; + } + + rv = ngtcp2_ksl_init(&rob->dataksl, ngtcp2_ksl_range_compar, + sizeof(ngtcp2_range), mem); + if (rv != 0) { + goto fail_dataksl_ksl_init; + } + + rob->chunk = chunk; + rob->mem = mem; + + return 0; + +fail_dataksl_ksl_init: +fail_gapksl_ksl_insert: + ngtcp2_rob_gap_del(g, mem); +fail_rob_gap_new: + ngtcp2_ksl_free(&rob->gapksl); +fail_gapksl_ksl_init: + return rv; +} + +void ngtcp2_rob_free(ngtcp2_rob *rob) { + ngtcp2_ksl_it it; + + if (rob == NULL) { + return; + } + + for (it = ngtcp2_ksl_begin(&rob->dataksl); !ngtcp2_ksl_it_end(&it); + ngtcp2_ksl_it_next(&it)) { + ngtcp2_rob_data_del(ngtcp2_ksl_it_get(&it), rob->mem); + } + + for (it = ngtcp2_ksl_begin(&rob->gapksl); !ngtcp2_ksl_it_end(&it); + ngtcp2_ksl_it_next(&it)) { + ngtcp2_rob_gap_del(ngtcp2_ksl_it_get(&it), rob->mem); + } + + ngtcp2_ksl_free(&rob->dataksl); + ngtcp2_ksl_free(&rob->gapksl); +} + +static int rob_write_data(ngtcp2_rob *rob, uint64_t offset, const uint8_t *data, + size_t len) { + size_t n; + int rv; + ngtcp2_rob_data *d; + ngtcp2_range range = {offset, offset + len}; + ngtcp2_ksl_it it; + ngtcp2_ksl_key key; + + for (it = ngtcp2_ksl_lower_bound_compar(&rob->dataksl, + ngtcp2_ksl_key_ptr(&key, &range), + ngtcp2_ksl_range_exclusive_compar); + len; ngtcp2_ksl_it_next(&it)) { + if (ngtcp2_ksl_it_end(&it)) { + d = NULL; + } else { + d = ngtcp2_ksl_it_get(&it); + } + + if (d == NULL || offset < d->range.begin) { + rv = ngtcp2_rob_data_new(&d, (offset / rob->chunk) * rob->chunk, + rob->chunk, rob->mem); + if (rv != 0) { + return rv; + } + + rv = ngtcp2_ksl_insert(&rob->dataksl, &it, + ngtcp2_ksl_key_ptr(&key, &d->range), d); + if (rv != 0) { + ngtcp2_rob_data_del(d, rob->mem); + return rv; + } + } else if (d->range.begin + rob->chunk < offset) { + assert(0); + } + n = ngtcp2_min(len, d->range.begin + rob->chunk - offset); + memcpy(d->begin + (offset - d->range.begin), data, n); + offset += n; + data += n; + len -= n; + } + + return 0; +} + +int ngtcp2_rob_push(ngtcp2_rob *rob, uint64_t offset, const uint8_t *data, + size_t datalen) { + int rv; + ngtcp2_rob_gap *g; + ngtcp2_range m, l, r, q = {offset, offset + datalen}; + ngtcp2_ksl_it it; + ngtcp2_ksl_key key, old_key; + + it = ngtcp2_ksl_lower_bound_compar(&rob->gapksl, ngtcp2_ksl_key_ptr(&key, &q), + ngtcp2_ksl_range_exclusive_compar); + + for (; !ngtcp2_ksl_it_end(&it);) { + g = ngtcp2_ksl_it_get(&it); + + m = ngtcp2_range_intersect(&q, &g->range); + if (!ngtcp2_range_len(&m)) { + break; + } + if (ngtcp2_range_eq(&g->range, &m)) { + ngtcp2_ksl_remove(&rob->gapksl, &it, ngtcp2_ksl_key_ptr(&key, &g->range)); + ngtcp2_rob_gap_del(g, rob->mem); + rv = rob_write_data(rob, m.begin, data + (m.begin - offset), + ngtcp2_range_len(&m)); + if (rv != 0) { + return rv; + } + + continue; + } + ngtcp2_range_cut(&l, &r, &g->range, &m); + if (ngtcp2_range_len(&l)) { + ngtcp2_ksl_update_key(&rob->gapksl, + ngtcp2_ksl_key_ptr(&old_key, &g->range), + ngtcp2_ksl_key_ptr(&key, &l)); + g->range = l; + + if (ngtcp2_range_len(&r)) { + ngtcp2_rob_gap *ng; + rv = ngtcp2_rob_gap_new(&ng, r.begin, r.end, rob->mem); + if (rv != 0) { + return rv; + } + rv = ngtcp2_ksl_insert(&rob->gapksl, &it, + ngtcp2_ksl_key_ptr(&key, &ng->range), ng); + if (rv != 0) { + ngtcp2_rob_gap_del(ng, rob->mem); + return rv; + } + } + } else if (ngtcp2_range_len(&r)) { + ngtcp2_ksl_update_key(&rob->gapksl, + ngtcp2_ksl_key_ptr(&old_key, &g->range), + ngtcp2_ksl_key_ptr(&key, &r)); + g->range = r; + } + rv = rob_write_data(rob, m.begin, data + (m.begin - offset), + ngtcp2_range_len(&m)); + if (rv != 0) { + return rv; + } + ngtcp2_ksl_it_next(&it); + } + return 0; +} + +int ngtcp2_rob_remove_prefix(ngtcp2_rob *rob, uint64_t offset) { + ngtcp2_rob_gap *g; + ngtcp2_rob_data *d; + ngtcp2_ksl_it it; + ngtcp2_ksl_key key, old_key; + + it = ngtcp2_ksl_begin(&rob->gapksl); + + for (; !ngtcp2_ksl_it_end(&it);) { + g = ngtcp2_ksl_it_get(&it); + if (offset <= g->range.begin) { + break; + } + if (offset < g->range.end) { + ngtcp2_range r = {offset, g->range.end}; + ngtcp2_ksl_update_key(&rob->gapksl, + ngtcp2_ksl_key_ptr(&old_key, &g->range), + ngtcp2_ksl_key_ptr(&key, &r)); + g->range.begin = offset; + break; + } + ngtcp2_ksl_remove(&rob->gapksl, &it, ngtcp2_ksl_key_ptr(&key, &g->range)); + ngtcp2_rob_gap_del(g, rob->mem); + } + + it = ngtcp2_ksl_begin(&rob->dataksl); + + for (; !ngtcp2_ksl_it_end(&it);) { + d = ngtcp2_ksl_it_get(&it); + if (offset < d->range.begin + rob->chunk) { + return 0; + } + ngtcp2_ksl_remove(&rob->dataksl, &it, ngtcp2_ksl_key_ptr(&key, &d->range)); + ngtcp2_rob_data_del(d, rob->mem); + } + + return 0; +} + +size_t ngtcp2_rob_data_at(ngtcp2_rob *rob, const uint8_t **pdest, + uint64_t offset) { + ngtcp2_rob_gap *g; + ngtcp2_rob_data *d; + ngtcp2_ksl_it it; + + it = ngtcp2_ksl_begin(&rob->gapksl); + if (ngtcp2_ksl_it_end(&it)) { + return 0; + } + + g = ngtcp2_ksl_it_get(&it); + + if (g->range.begin <= offset) { + return 0; + } + + it = ngtcp2_ksl_begin(&rob->dataksl); + d = ngtcp2_ksl_it_get(&it); + + assert(d); + assert(d->range.begin <= offset); + assert(offset < d->range.begin + rob->chunk); + + *pdest = d->begin + (offset - d->range.begin); + + return ngtcp2_min(g->range.begin, d->range.begin + rob->chunk) - offset; +} + +void ngtcp2_rob_pop(ngtcp2_rob *rob, uint64_t offset, size_t len) { + ngtcp2_ksl_it it; + ngtcp2_ksl_key key; + ngtcp2_rob_data *d; + + it = ngtcp2_ksl_begin(&rob->dataksl); + d = ngtcp2_ksl_it_get(&it); + + assert(d); + + if (offset + len < d->range.begin + rob->chunk) { + return; + } + + ngtcp2_ksl_remove(&rob->dataksl, NULL, ngtcp2_ksl_key_ptr(&key, &d->range)); + ngtcp2_rob_data_del(d, rob->mem); +} + +uint64_t ngtcp2_rob_first_gap_offset(ngtcp2_rob *rob) { + ngtcp2_ksl_it it = ngtcp2_ksl_begin(&rob->gapksl); + ngtcp2_rob_gap *g; + + if (ngtcp2_ksl_it_end(&it)) { + return UINT64_MAX; + } + + g = ngtcp2_ksl_it_get(&it); + + return g->range.begin; +} diff --git a/deps/ngtcp2/lib/ngtcp2_rob.h b/deps/ngtcp2/lib/ngtcp2_rob.h new file mode 100644 index 0000000000..28ae1da6b7 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_rob.h @@ -0,0 +1,198 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGTCP2_ROB_H +#define NGTCP2_ROB_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include "ngtcp2_mem.h" +#include "ngtcp2_range.h" +#include "ngtcp2_ksl.h" + +struct ngtcp2_rob_gap; +typedef struct ngtcp2_rob_gap ngtcp2_rob_gap; + +/* + * ngtcp2_rob_gap represents the gap, which is the range of stream + * data that is not received yet. + */ +struct ngtcp2_rob_gap { + /* range is the range of this gap. */ + ngtcp2_range range; +}; + +/* + * ngtcp2_rob_gap_new allocates new ngtcp2_rob_gap object, and assigns + * its pointer to |*pg|. The caller should call ngtcp2_rob_gap_del to + * delete it when it is no longer used. The range of the gap is + * [begin, end). |mem| is custom memory allocator to allocate memory. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +int ngtcp2_rob_gap_new(ngtcp2_rob_gap **pg, uint64_t begin, uint64_t end, + const ngtcp2_mem *mem); + +/* + * ngtcp2_rob_gap_del deallocates |g|. It deallocates the memory + * pointed by |g| it self. |mem| is custom memory allocator to + * deallocate memory. + */ +void ngtcp2_rob_gap_del(ngtcp2_rob_gap *g, const ngtcp2_mem *mem); + +struct ngtcp2_rob_data; +typedef struct ngtcp2_rob_data ngtcp2_rob_data; + +/* + * ngtcp2_rob_data holds the buffered stream data. + */ +struct ngtcp2_rob_data { + /* range is the range of this gap. */ + ngtcp2_range range; + /* begin points to the buffer. */ + uint8_t *begin; + /* end points to the one beyond of the last byte of the buffer */ + uint8_t *end; +}; + +/* + * ngtcp2_rob_data_new allocates new ngtcp2_rob_data object, and + * assigns its pointer to |*pd|. The caller should call + * ngtcp2_rob_data_del to delete it when it is no longer used. + * |offset| is the stream offset of the first byte of this data. + * |chunk| is the size of the buffer. |offset| must be multiple of + * |chunk|. |mem| is custom memory allocator to allocate memory. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +int ngtcp2_rob_data_new(ngtcp2_rob_data **pd, uint64_t offset, size_t chunk, + const ngtcp2_mem *mem); + +/* + * ngtcp2_rob_data_del deallocates |d|. It deallocates the memory + * pointed by |d| itself. |mem| is custom memory allocator to + * deallocate memory. + */ +void ngtcp2_rob_data_del(ngtcp2_rob_data *d, const ngtcp2_mem *mem); + +/* + * ngtcp2_rob is the reorder buffer which reassembles stream data + * received in out of order. + */ +typedef struct { + /* gapksl maintains the range of offset which is not received + yet. Initially, its range is [0, UINT64_MAX). */ + ngtcp2_ksl gapksl; + /* dataksl maintains the list of buffers which store received data + ordered by stream offset. */ + ngtcp2_ksl dataksl; + /* mem is custom memory allocator */ + const ngtcp2_mem *mem; + /* chunk is the size of each buffer in data field */ + size_t chunk; +} ngtcp2_rob; + +/* + * ngtcp2_rob_init initializes |rob|. |chunk| is the size of buffer + * per chunk. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +int ngtcp2_rob_init(ngtcp2_rob *rob, size_t chunk, const ngtcp2_mem *mem); + +/* + * ngtcp2_rob_free frees resources allocated for |rob|. + */ +void ngtcp2_rob_free(ngtcp2_rob *rob); + +/* + * ngtcp2_rob_push adds new data of length |datalen| at the stream + * offset |offset|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory + */ +int ngtcp2_rob_push(ngtcp2_rob *rob, uint64_t offset, const uint8_t *data, + size_t datalen); + +/* + * ngtcp2_rob_remove_prefix removes gap up to |offset|, exclusive. It + * also removes data buffer if it is completely included in |offset|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory + */ +int ngtcp2_rob_remove_prefix(ngtcp2_rob *rob, uint64_t offset); + +/* + * ngtcp2_rob_data_at stores the pointer to the buffer of stream + * offset |offset| to |*pdest| if it is available, and returns the + * valid length of available data. If no data is available, it + * returns 0. + */ +size_t ngtcp2_rob_data_at(ngtcp2_rob *rob, const uint8_t **pdest, + uint64_t offset); + +/* + * ngtcp2_rob_pop clears data at stream offset |offset| of length + * |len|. + * + * |offset| must be the offset given in ngtcp2_rob_data_at. |len| + * must be the return value of ngtcp2_rob_data_at when |offset| is + * passed. + * + * Caller should call this function from offset 0 in non-decreasing + * order. + */ +void ngtcp2_rob_pop(ngtcp2_rob *rob, uint64_t offset, size_t len); + +/* + * ngtcp2_rob_first_gap_offset returns the offset to the first gap. + * If there is no gap, it returns UINT64_MAX. + */ +uint64_t ngtcp2_rob_first_gap_offset(ngtcp2_rob *rob); + +#endif /* NGTCP2_ROB_H */ diff --git a/deps/ngtcp2/lib/ngtcp2_rtb.c b/deps/ngtcp2/lib/ngtcp2_rtb.c new file mode 100644 index 0000000000..68528c3cc8 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_rtb.c @@ -0,0 +1,650 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "ngtcp2_rtb.h" + +#include +#include + +#include "ngtcp2_macro.h" +#include "ngtcp2_conn.h" +#include "ngtcp2_log.h" +#include "ngtcp2_vec.h" +#include "ngtcp2_cc.h" + +int ngtcp2_frame_chain_new(ngtcp2_frame_chain **pfrc, const ngtcp2_mem *mem) { + *pfrc = ngtcp2_mem_malloc(mem, sizeof(ngtcp2_frame_chain)); + if (*pfrc == NULL) { + return NGTCP2_ERR_NOMEM; + } + + ngtcp2_frame_chain_init(*pfrc); + + return 0; +} + +int ngtcp2_frame_chain_extralen_new(ngtcp2_frame_chain **pfrc, size_t extralen, + const ngtcp2_mem *mem) { + *pfrc = ngtcp2_mem_malloc(mem, sizeof(ngtcp2_frame_chain) + extralen); + if (*pfrc == NULL) { + return NGTCP2_ERR_NOMEM; + } + + ngtcp2_frame_chain_init(*pfrc); + + return 0; +} + +int ngtcp2_frame_chain_stream_datacnt_new(ngtcp2_frame_chain **pfrc, + size_t datacnt, + const ngtcp2_mem *mem) { + size_t need = sizeof(ngtcp2_vec) * (datacnt - 1); + size_t avail = sizeof(ngtcp2_frame) - sizeof(ngtcp2_stream); + + if (datacnt > 0 && need > avail) { + return ngtcp2_frame_chain_extralen_new(pfrc, need - avail, mem); + } + + return ngtcp2_frame_chain_new(pfrc, mem); +} + +int ngtcp2_frame_chain_crypto_datacnt_new(ngtcp2_frame_chain **pfrc, + size_t datacnt, + const ngtcp2_mem *mem) { + size_t need = sizeof(ngtcp2_vec) * (datacnt - 1); + size_t avail = sizeof(ngtcp2_frame) - sizeof(ngtcp2_crypto); + + if (datacnt > 0 && need > avail) { + return ngtcp2_frame_chain_extralen_new(pfrc, need - avail, mem); + } + + return ngtcp2_frame_chain_new(pfrc, mem); +} + +void ngtcp2_frame_chain_del(ngtcp2_frame_chain *frc, const ngtcp2_mem *mem) { + ngtcp2_mem_free(mem, frc); +} + +void ngtcp2_frame_chain_init(ngtcp2_frame_chain *frc) { frc->next = NULL; } + +void ngtcp2_frame_chain_list_del(ngtcp2_frame_chain *frc, + const ngtcp2_mem *mem) { + ngtcp2_frame_chain *next; + + for (; frc;) { + next = frc->next; + ngtcp2_mem_free(mem, frc); + frc = next; + } +} + +static void frame_chain_insert(ngtcp2_frame_chain **pfrc, + ngtcp2_frame_chain *frc) { + ngtcp2_frame_chain **plast; + + for (plast = &frc; *plast; plast = &(*plast)->next) + ; + + *plast = *pfrc; + *pfrc = frc; +} + +int ngtcp2_rtb_entry_new(ngtcp2_rtb_entry **pent, const ngtcp2_pkt_hd *hd, + ngtcp2_frame_chain *frc, ngtcp2_tstamp ts, + size_t pktlen, uint8_t flags, const ngtcp2_mem *mem) { + (*pent) = ngtcp2_mem_calloc(mem, 1, sizeof(ngtcp2_rtb_entry)); + if (*pent == NULL) { + return NGTCP2_ERR_NOMEM; + } + + (*pent)->hd.pkt_num = hd->pkt_num; + (*pent)->hd.type = hd->type; + (*pent)->hd.flags = hd->flags; + (*pent)->frc = frc; + (*pent)->ts = ts; + (*pent)->pktlen = pktlen; + (*pent)->flags = flags; + + return 0; +} + +void ngtcp2_rtb_entry_del(ngtcp2_rtb_entry *ent, const ngtcp2_mem *mem) { + if (ent == NULL) { + return; + } + + ngtcp2_frame_chain_list_del(ent->frc, mem); + + ngtcp2_mem_free(mem, ent); +} + +static int greater(const ngtcp2_ksl_key *lhs, const ngtcp2_ksl_key *rhs) { + return *lhs->i > *rhs->i; +} + +void ngtcp2_rtb_init(ngtcp2_rtb *rtb, ngtcp2_crypto_level crypto_level, + ngtcp2_strm *crypto, ngtcp2_default_cc *cc, + ngtcp2_log *log, const ngtcp2_mem *mem) { + ngtcp2_ksl_init(&rtb->ents, greater, sizeof(int64_t), mem); + rtb->crypto = crypto; + rtb->cc = cc; + rtb->log = log; + rtb->mem = mem; + rtb->largest_acked_tx_pkt_num = -1; + rtb->num_ack_eliciting = 0; + rtb->loss_time = 0; + rtb->crypto_level = crypto_level; +} + +void ngtcp2_rtb_free(ngtcp2_rtb *rtb) { + ngtcp2_ksl_it it; + + if (rtb == NULL) { + return; + } + + it = ngtcp2_ksl_begin(&rtb->ents); + + for (; !ngtcp2_ksl_it_end(&it); ngtcp2_ksl_it_next(&it)) { + ngtcp2_rtb_entry_del(ngtcp2_ksl_it_get(&it), rtb->mem); + } + + ngtcp2_ksl_free(&rtb->ents); +} + +static void rtb_on_add(ngtcp2_rtb *rtb, ngtcp2_rtb_entry *ent) { + rtb->cc->ccs->bytes_in_flight += ent->pktlen; + + if (ent->flags & NGTCP2_RTB_FLAG_ACK_ELICITING) { + ++rtb->num_ack_eliciting; + } +} + +static void rtb_on_remove(ngtcp2_rtb *rtb, ngtcp2_rtb_entry *ent) { + if (ent->flags & NGTCP2_RTB_FLAG_ACK_ELICITING) { + assert(rtb->num_ack_eliciting); + --rtb->num_ack_eliciting; + } + + assert(rtb->cc->ccs->bytes_in_flight >= ent->pktlen); + rtb->cc->ccs->bytes_in_flight -= ent->pktlen; +} + +static void rtb_on_pkt_lost(ngtcp2_rtb *rtb, ngtcp2_frame_chain **pfrc, + ngtcp2_rtb_entry *ent) { + if (ent->flags & NGTCP2_RTB_FLAG_PROBE) { + /* We don't care if probe packet is lost. */ + } else { + ngtcp2_log_pkt_lost(rtb->log, ent->hd.pkt_num, ent->hd.type, ent->hd.flags, + ent->ts); + + if (ent->flags & NGTCP2_RTB_FLAG_CRYPTO_TIMEOUT_RETRANSMITTED) { + ngtcp2_log_info(rtb->log, NGTCP2_LOG_EVENT_RCV, + "pkn=%" PRId64 " CRYPTO has already been retransmitted", + ent->hd.pkt_num); + } + + /* PADDING only (or PADDING + ACK ) packets will have NULL + ent->frc. */ + if (ent->frc && + !(ent->flags & NGTCP2_RTB_FLAG_CRYPTO_TIMEOUT_RETRANSMITTED)) { + /* TODO Reconsider the order of pfrc */ + frame_chain_insert(pfrc, ent->frc); + ent->frc = NULL; + } + } + ngtcp2_rtb_entry_del(ent, rtb->mem); +} + +int ngtcp2_rtb_add(ngtcp2_rtb *rtb, ngtcp2_rtb_entry *ent) { + int rv; + ngtcp2_ksl_key key; + + ent->next = NULL; + + rv = ngtcp2_ksl_insert(&rtb->ents, NULL, + ngtcp2_ksl_key_ptr(&key, &ent->hd.pkt_num), ent); + if (rv != 0) { + return rv; + } + + rtb_on_add(rtb, ent); + + return 0; +} + +ngtcp2_ksl_it ngtcp2_rtb_head(ngtcp2_rtb *rtb) { + return ngtcp2_ksl_begin(&rtb->ents); +} + +static void rtb_remove(ngtcp2_rtb *rtb, ngtcp2_ksl_it *it, + ngtcp2_rtb_entry *ent) { + ngtcp2_ksl_key key; + + ngtcp2_ksl_remove(&rtb->ents, it, ngtcp2_ksl_key_ptr(&key, &ent->hd.pkt_num)); + rtb_on_remove(rtb, ent); + ngtcp2_rtb_entry_del(ent, rtb->mem); +} + +static int rtb_call_acked_stream_offset(ngtcp2_rtb *rtb, ngtcp2_rtb_entry *ent, + ngtcp2_conn *conn) { + ngtcp2_frame_chain *frc; + uint64_t prev_stream_offset, stream_offset; + ngtcp2_strm *strm; + int rv; + size_t datalen; + ngtcp2_strm *crypto = rtb->crypto; + + for (frc = ent->frc; frc; frc = frc->next) { + switch (frc->fr.type) { + case NGTCP2_FRAME_STREAM: + strm = ngtcp2_conn_find_stream(conn, frc->fr.stream.stream_id); + if (strm == NULL) { + break; + } + prev_stream_offset = + ngtcp2_gaptr_first_gap_offset(&strm->tx.acked_offset); + rv = ngtcp2_gaptr_push( + &strm->tx.acked_offset, frc->fr.stream.offset, + ngtcp2_vec_len(frc->fr.stream.data, frc->fr.stream.datacnt)); + if (rv != 0) { + return rv; + } + + if (conn->callbacks.acked_stream_data_offset) { + stream_offset = ngtcp2_gaptr_first_gap_offset(&strm->tx.acked_offset); + datalen = stream_offset - prev_stream_offset; + if (datalen == 0 && !frc->fr.stream.fin) { + break; + } + + rv = conn->callbacks.acked_stream_data_offset( + conn, strm->stream_id, prev_stream_offset, datalen, conn->user_data, + strm->stream_user_data); + if (rv != 0) { + return NGTCP2_ERR_CALLBACK_FAILURE; + } + } + + rv = ngtcp2_conn_close_stream_if_shut_rdwr(conn, strm, NGTCP2_NO_ERROR); + if (rv != 0) { + return rv; + } + break; + case NGTCP2_FRAME_CRYPTO: + prev_stream_offset = + ngtcp2_gaptr_first_gap_offset(&crypto->tx.acked_offset); + rv = ngtcp2_gaptr_push( + &crypto->tx.acked_offset, frc->fr.crypto.offset, + ngtcp2_vec_len(frc->fr.crypto.data, frc->fr.crypto.datacnt)); + if (rv != 0) { + return rv; + } + + if (conn->callbacks.acked_crypto_offset) { + stream_offset = ngtcp2_gaptr_first_gap_offset(&crypto->tx.acked_offset); + datalen = stream_offset - prev_stream_offset; + if (datalen == 0) { + break; + } + + rv = conn->callbacks.acked_crypto_offset(conn, rtb->crypto_level, + prev_stream_offset, datalen, + conn->user_data); + if (rv != 0) { + return NGTCP2_ERR_CALLBACK_FAILURE; + } + } + break; + case NGTCP2_FRAME_RESET_STREAM: + strm = ngtcp2_conn_find_stream(conn, frc->fr.reset_stream.stream_id); + if (strm == NULL) { + break; + } + strm->flags |= NGTCP2_STRM_FLAG_RST_ACKED; + rv = ngtcp2_conn_close_stream_if_shut_rdwr(conn, strm, NGTCP2_NO_ERROR); + if (rv != 0) { + return rv; + } + break; + } + } + return 0; +} + +static void rtb_on_pkt_acked(ngtcp2_rtb *rtb, ngtcp2_rtb_entry *ent) { + ngtcp2_cc_pkt pkt; + + ngtcp2_default_cc_on_pkt_acked( + rtb->cc, ngtcp2_cc_pkt_init(&pkt, ent->hd.pkt_num, ent->pktlen, ent->ts)); +} + +ssize_t ngtcp2_rtb_recv_ack(ngtcp2_rtb *rtb, const ngtcp2_ack *fr, + ngtcp2_conn *conn, ngtcp2_tstamp ts) { + ngtcp2_rtb_entry *ent; + int64_t largest_ack = fr->largest_ack, min_ack; + size_t i; + int rv; + ngtcp2_ksl_it it; + ngtcp2_ksl_key key; + ssize_t num_acked = 0; + int largest_pkt_acked = 0; + int rtt_updated = 0; + ngtcp2_tstamp largest_pkt_sent_ts = 0; + + rtb->largest_acked_tx_pkt_num = + ngtcp2_max(rtb->largest_acked_tx_pkt_num, largest_ack); + + /* Assume that ngtcp2_pkt_validate_ack(fr) returns 0 */ + it = ngtcp2_ksl_lower_bound(&rtb->ents, + ngtcp2_ksl_key_ptr(&key, &largest_ack)); + if (ngtcp2_ksl_it_end(&it)) { + return 0; + } + + min_ack = largest_ack - (int64_t)fr->first_ack_blklen; + + for (; !ngtcp2_ksl_it_end(&it);) { + key = ngtcp2_ksl_it_key(&it); + if (min_ack <= *key.i && *key.i <= largest_ack) { + ent = ngtcp2_ksl_it_get(&it); + if (conn) { + rv = rtb_call_acked_stream_offset(rtb, ent, conn); + if (rv != 0) { + return rv; + } + if (largest_ack == *key.i) { + largest_pkt_sent_ts = ent->ts; + largest_pkt_acked = 1; + } + if (!rtt_updated && largest_pkt_acked && + (ent->flags & NGTCP2_RTB_FLAG_ACK_ELICITING)) { + rtt_updated = 1; + ngtcp2_conn_update_rtt(conn, ts - largest_pkt_sent_ts, + fr->ack_delay_unscaled); + } + rtb_on_pkt_acked(rtb, ent); + /* At this point, it is invalided because rtb->ents might be + modified. */ + } + rtb_remove(rtb, &it, ent); + ++num_acked; + continue; + } + break; + } + + for (i = 0; i < fr->num_blks;) { + largest_ack = min_ack - (int64_t)fr->blks[i].gap - 2; + min_ack = largest_ack - (int64_t)fr->blks[i].blklen; + + it = ngtcp2_ksl_lower_bound(&rtb->ents, + ngtcp2_ksl_key_ptr(&key, &largest_ack)); + if (ngtcp2_ksl_it_end(&it)) { + break; + } + + for (; !ngtcp2_ksl_it_end(&it);) { + key = ngtcp2_ksl_it_key(&it); + if (*key.i < min_ack) { + break; + } + ent = ngtcp2_ksl_it_get(&it); + if (conn) { + rv = rtb_call_acked_stream_offset(rtb, ent, conn); + if (rv != 0) { + return rv; + } + if (!rtt_updated && largest_pkt_acked && + (ent->flags & NGTCP2_RTB_FLAG_ACK_ELICITING)) { + rtt_updated = 1; + ngtcp2_conn_update_rtt(conn, ts - largest_pkt_sent_ts, + fr->ack_delay_unscaled); + } + rtb_on_pkt_acked(rtb, ent); + } + rtb_remove(rtb, &it, ent); + ++num_acked; + } + + ++i; + } + + return num_acked; +} + +static int rtb_pkt_lost(ngtcp2_rtb *rtb, const ngtcp2_rtb_entry *ent, + uint64_t loss_delay, ngtcp2_tstamp lost_send_time) { + if (ent->ts <= lost_send_time || + rtb->largest_acked_tx_pkt_num >= ent->hd.pkt_num + NGTCP2_PKT_THRESHOLD) { + return 1; + } + + if (rtb->loss_time == 0) { + rtb->loss_time = ent->ts + loss_delay; + } else { + rtb->loss_time = ngtcp2_min(rtb->loss_time, ent->ts + loss_delay); + } + + return 0; +} + +/* + * rtb_compute_pkt_loss_delay computes delay until packet is + * considered lost in NGTCP2_DURATION_TICK resolution. + */ +static ngtcp2_duration compute_pkt_loss_delay(const ngtcp2_rcvry_stat *rcs) { + /* 9/8 is kTimeThreshold */ + ngtcp2_duration loss_delay = (ngtcp2_duration)( + ngtcp2_max((double)rcs->latest_rtt, rcs->smoothed_rtt) * 9 / 8); + return ngtcp2_max(loss_delay, NGTCP2_GRANULARITY); +} + +void ngtcp2_rtb_detect_lost_pkt(ngtcp2_rtb *rtb, ngtcp2_frame_chain **pfrc, + ngtcp2_rcvry_stat *rcs, ngtcp2_duration pto, + ngtcp2_tstamp ts) { + ngtcp2_rtb_entry *ent; + ngtcp2_duration loss_delay; + ngtcp2_tstamp lost_send_time; + ngtcp2_ksl_it it; + ngtcp2_tstamp latest_ts, oldest_ts; + int64_t last_lost_pkt_num; + ngtcp2_ksl_key key; + + rtb->loss_time = 0; + loss_delay = compute_pkt_loss_delay(rcs); + lost_send_time = ts - loss_delay; + + it = ngtcp2_ksl_lower_bound( + &rtb->ents, ngtcp2_ksl_key_ptr(&key, &rtb->largest_acked_tx_pkt_num)); + for (; !ngtcp2_ksl_it_end(&it); ngtcp2_ksl_it_next(&it)) { + ent = ngtcp2_ksl_it_get(&it); + + if (rtb_pkt_lost(rtb, ent, loss_delay, lost_send_time)) { + /* All entries from ent are considered to be lost. */ + latest_ts = oldest_ts = ent->ts; + last_lost_pkt_num = ent->hd.pkt_num; + + for (; !ngtcp2_ksl_it_end(&it);) { + ent = ngtcp2_ksl_it_get(&it); + ngtcp2_ksl_remove(&rtb->ents, &it, + ngtcp2_ksl_key_ptr(&key, &ent->hd.pkt_num)); + + if (last_lost_pkt_num == ent->hd.pkt_num + 1) { + last_lost_pkt_num = ent->hd.pkt_num; + } else { + last_lost_pkt_num = -1; + } + + oldest_ts = ent->ts; + rtb_on_remove(rtb, ent); + rtb_on_pkt_lost(rtb, pfrc, ent); + } + + ngtcp2_default_cc_congestion_event(rtb->cc, latest_ts, ts); + + if (last_lost_pkt_num != -1) { + ngtcp2_default_cc_handle_persistent_congestion( + rtb->cc, latest_ts - oldest_ts, pto); + } + + return; + } + } +} + +void ngtcp2_rtb_remove_all(ngtcp2_rtb *rtb, ngtcp2_frame_chain **pfrc) { + ngtcp2_rtb_entry *ent; + ngtcp2_ksl_it it; + ngtcp2_ksl_key key; + + it = ngtcp2_ksl_begin(&rtb->ents); + + for (; !ngtcp2_ksl_it_end(&it);) { + ent = ngtcp2_ksl_it_get(&it); + + /* TODO Should we check NGTCP2_RTB_FLAG_PROBE here? */ + + ngtcp2_log_pkt_lost(rtb->log, ent->hd.pkt_num, ent->hd.type, ent->hd.flags, + ent->ts); + + rtb_on_remove(rtb, ent); + ngtcp2_ksl_remove(&rtb->ents, &it, + ngtcp2_ksl_key_ptr(&key, &ent->hd.pkt_num)); + + if (!(ent->flags & NGTCP2_RTB_FLAG_CRYPTO_TIMEOUT_RETRANSMITTED)) { + frame_chain_insert(pfrc, ent->frc); + ent->frc = NULL; + } else { + ngtcp2_log_info(rtb->log, NGTCP2_LOG_EVENT_RCV, + "pkn=%" PRId64 " CRYPTO has already been retransmitted", + ent->hd.pkt_num); + } + + ngtcp2_rtb_entry_del(ent, rtb->mem); + } +} + +int ngtcp2_rtb_on_crypto_timeout(ngtcp2_rtb *rtb, ngtcp2_frame_chain **pfrc) { + ngtcp2_rtb_entry *ent; + ngtcp2_ksl_it it; + ngtcp2_frame_chain *nfrc; + ngtcp2_frame_chain *frc; + ngtcp2_ksl_it gapit; + ngtcp2_range gap, range; + ngtcp2_crypto *fr; + int all_acked; + int rv; + ngtcp2_ksl_key key; + + it = ngtcp2_ksl_begin(&rtb->ents); + + for (; !ngtcp2_ksl_it_end(&it);) { + ent = ngtcp2_ksl_it_get(&it); + + if ((ent->flags & NGTCP2_RTB_FLAG_PROBE) || + !(ent->flags & NGTCP2_RTB_FLAG_CRYPTO_PKT)) { + ngtcp2_ksl_it_next(&it); + continue; + } + + all_acked = 1; + + for (frc = ent->frc; frc; frc = frc->next) { + assert(frc->fr.type == NGTCP2_FRAME_CRYPTO); + + fr = &frc->fr.crypto; + + /* Don't resend CRYPTO frame if the whole region it contains has + been acknowledged */ + gapit = ngtcp2_gaptr_get_first_gap_after(&rtb->crypto->tx.acked_offset, + fr->offset); + gap = *(ngtcp2_range *)ngtcp2_ksl_it_key(&gapit).ptr; + + range.begin = fr->offset; + range.end = fr->offset + ngtcp2_vec_len(fr->data, fr->datacnt); + range = ngtcp2_range_intersect(&range, &gap); + if (ngtcp2_range_len(&range) == 0) { + continue; + } + + all_acked = 0; + + if (!(ent->flags & NGTCP2_RTB_FLAG_CRYPTO_TIMEOUT_RETRANSMITTED)) { + rv = ngtcp2_frame_chain_crypto_datacnt_new( + &nfrc, frc->fr.crypto.datacnt, rtb->mem); + if (rv != 0) { + return rv; + } + + nfrc->fr = frc->fr; + ngtcp2_vec_clone(nfrc->fr.crypto.data, frc->fr.crypto.data, + frc->fr.crypto.datacnt); + + frame_chain_insert(pfrc, nfrc); + } + } + + if (all_acked) { + /* If the frames that ent contains have been acknowledged, + remove it from rtb. Otherwise crypto timer keeps firing. */ + rtb_on_remove(rtb, ent); + ngtcp2_ksl_remove(&rtb->ents, &it, + ngtcp2_ksl_key_ptr(&key, &ent->hd.pkt_num)); + ngtcp2_rtb_entry_del(ent, rtb->mem); + continue; + } + + ent->flags |= NGTCP2_RTB_FLAG_CRYPTO_TIMEOUT_RETRANSMITTED; + + ngtcp2_ksl_it_next(&it); + } + + return 0; +} + +int ngtcp2_rtb_empty(ngtcp2_rtb *rtb) { + return ngtcp2_ksl_len(&rtb->ents) == 0; +} + +void ngtcp2_rtb_clear(ngtcp2_rtb *rtb) { + ngtcp2_ksl_it it; + ngtcp2_rtb_entry *ent; + + it = ngtcp2_ksl_begin(&rtb->ents); + + for (; !ngtcp2_ksl_it_end(&it); ngtcp2_ksl_it_next(&it)) { + ent = ngtcp2_ksl_it_get(&it); + rtb->cc->ccs->bytes_in_flight -= ent->pktlen; + ngtcp2_rtb_entry_del(ent, rtb->mem); + } + ngtcp2_ksl_clear(&rtb->ents); + + rtb->largest_acked_tx_pkt_num = -1; + rtb->num_ack_eliciting = 0; +} + +size_t ngtcp2_rtb_num_ack_eliciting(ngtcp2_rtb *rtb) { + return rtb->num_ack_eliciting; +} diff --git a/deps/ngtcp2/lib/ngtcp2_rtb.h b/deps/ngtcp2/lib/ngtcp2_rtb.h new file mode 100644 index 0000000000..13b6104326 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_rtb.h @@ -0,0 +1,306 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGTCP2_RTB_H +#define NGTCP2_RTB_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include "ngtcp2_pkt.h" +#include "ngtcp2_ksl.h" +#include "ngtcp2_pq.h" + +struct ngtcp2_conn; +typedef struct ngtcp2_conn ngtcp2_conn; + +struct ngtcp2_frame_chain; +typedef struct ngtcp2_frame_chain ngtcp2_frame_chain; + +struct ngtcp2_log; +typedef struct ngtcp2_log ngtcp2_log; + +struct ngtcp2_default_cc; +typedef struct ngtcp2_default_cc ngtcp2_default_cc; + +struct ngtcp2_strm; +typedef struct ngtcp2_strm ngtcp2_strm; + +/* + * ngtcp2_frame_chain chains frames in a single packet. + */ +struct ngtcp2_frame_chain { + ngtcp2_frame_chain *next; + ngtcp2_frame fr; +}; + +/* NGTCP2_MAX_STREAM_DATACNT is the maximum number of ngtcp2_vec that + a ngtcp2_stream can include. */ +#define NGTCP2_MAX_STREAM_DATACNT 256 + +/* NGTCP2_MAX_CRYPTO_DATACNT is the maximum number of ngtcp2_vec that + a ngtcp2_crypto can include. */ +#define NGTCP2_MAX_CRYPTO_DATACNT 8 + +/* + * ngtcp2_frame_chain_new allocates ngtcp2_frame_chain object and + * assigns its pointer to |*pfrc|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +int ngtcp2_frame_chain_new(ngtcp2_frame_chain **pfrc, const ngtcp2_mem *mem); + +/* + * ngtcp2_frame_chain_extralen_new works like ngtcp2_frame_chain_new, + * but it allocates extra memory |extralen| in order to extend + * ngtcp2_frame. + */ +int ngtcp2_frame_chain_extralen_new(ngtcp2_frame_chain **pfrc, size_t extralen, + const ngtcp2_mem *mem); + +/* + * ngtcp2_frame_chain_stream_datacnt_new works like + * ngtcp2_frame_chain_new, but it allocates enough data to store + * additional |datacnt| - 1 ngtcp2_vec object after ngtcp2_stream + * object. If |datacnt| equals to 1, ngtcp2_frame_chain_new is called + * internally. + */ +int ngtcp2_frame_chain_stream_datacnt_new(ngtcp2_frame_chain **pfrc, + size_t datacnt, + const ngtcp2_mem *mem); + +/* + * ngtcp2_frame_chain_crypto_datacnt_new works like + * ngtcp2_frame_chain_new, but it allocates enough data to store + * additional |datacnt| - 1 ngtcp2_vec object after ngtcp2_crypto + * object. If |datacnt| equals to 1, ngtcp2_frame_chain_new is called + * internally. + */ +int ngtcp2_frame_chain_crypto_datacnt_new(ngtcp2_frame_chain **pfrc, + size_t datacnt, + const ngtcp2_mem *mem); + +/* + * ngtcp2_frame_chain_del deallocates |frc|. It also deallocates the + * memory pointed by |frc|. + */ +void ngtcp2_frame_chain_del(ngtcp2_frame_chain *frc, const ngtcp2_mem *mem); + +/* + * ngtcp2_frame_chain_init initializes |frc|. + */ +void ngtcp2_frame_chain_init(ngtcp2_frame_chain *frc); + +/* + * ngtcp2_frame_chain_list_del deletes |frc|, and all objects + * connected by next field. + */ +void ngtcp2_frame_chain_list_del(ngtcp2_frame_chain *frc, + const ngtcp2_mem *mem); + +typedef enum { + NGTCP2_RTB_FLAG_NONE = 0x00, + /* NGTCP2_RTB_FLAG_PROBE indicates that the entry includes a probe + packet. */ + NGTCP2_RTB_FLAG_PROBE = 0x01, + /* NGTCP2_RTB_FLAG_CRYPTO_PKT indicates that the entry includes + handshake CRYPTO frame. */ + NGTCP2_RTB_FLAG_CRYPTO_PKT = 0x02, + /* NGTCP2_RTB_FLAG_ACK_ELICITING indicates that the entry elicits + acknowledgement. */ + NGTCP2_RTB_FLAG_ACK_ELICITING = 0x04, + /* NGTCP2_RTB_FLAG_CRYPTO_TIMEOUT_RETRANSMITTED indicates that the + CRYPTO frames have been retransmitted. */ + NGTCP2_RTB_FLAG_CRYPTO_TIMEOUT_RETRANSMITTED = 0x08, +} ngtcp2_rtb_flag; + +struct ngtcp2_rtb_entry; +typedef struct ngtcp2_rtb_entry ngtcp2_rtb_entry; + +/* + * ngtcp2_rtb_entry is an object stored in ngtcp2_rtb. It corresponds + * to the one packet which is waiting for its ACK. + */ +struct ngtcp2_rtb_entry { + ngtcp2_rtb_entry *next; + + struct { + int64_t pkt_num; + uint8_t type; + uint8_t flags; + } hd; + ngtcp2_frame_chain *frc; + /* ts is the time point when a packet included in this entry is sent + to a peer. */ + ngtcp2_tstamp ts; + /* pktlen is the length of QUIC packet */ + size_t pktlen; + /* flags is bitwise-OR of zero or more of ngtcp2_rtb_flag. */ + uint8_t flags; +}; + +/* + * ngtcp2_rtb_entry_new allocates ngtcp2_rtb_entry object, and assigns + * its pointer to |*pent|. On success, |*pent| takes ownership of + * |frc|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory. + */ +int ngtcp2_rtb_entry_new(ngtcp2_rtb_entry **pent, const ngtcp2_pkt_hd *hd, + ngtcp2_frame_chain *frc, ngtcp2_tstamp ts, + size_t pktlen, uint8_t flags, const ngtcp2_mem *mem); + +/* + * ngtcp2_rtb_entry_del deallocates |ent|. It also frees memory + * pointed by |ent|. + */ +void ngtcp2_rtb_entry_del(ngtcp2_rtb_entry *ent, const ngtcp2_mem *mem); + +/* + * ngtcp2_rtb tracks sent packets, and its ACK timeout for + * retransmission. + */ +typedef struct { + /* ents includes ngtcp2_rtb_entry sorted by decreasing order of + packet number. */ + ngtcp2_ksl ents; + /* crypto is CRYPTO stream. */ + ngtcp2_strm *crypto; + ngtcp2_default_cc *cc; + ngtcp2_log *log; + const ngtcp2_mem *mem; + /* largest_acked_tx_pkt_num is the largest packet number + acknowledged by the peer. */ + int64_t largest_acked_tx_pkt_num; + size_t num_ack_eliciting; + ngtcp2_tstamp loss_time; + /* crypto_level is encryption level which |crypto| belongs to. */ + ngtcp2_crypto_level crypto_level; +} ngtcp2_rtb; + +/* + * ngtcp2_rtb_init initializes |rtb|. + */ +void ngtcp2_rtb_init(ngtcp2_rtb *rtb, ngtcp2_crypto_level crypto_level, + ngtcp2_strm *crypto, ngtcp2_default_cc *cc, + ngtcp2_log *log, const ngtcp2_mem *mem); + +/* + * ngtcp2_rtb_free deallocates resources allocated for |rtb|. + */ +void ngtcp2_rtb_free(ngtcp2_rtb *rtb); + +/* + * ngtcp2_rtb_add adds |ent| to |rtb|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory + */ +int ngtcp2_rtb_add(ngtcp2_rtb *rtb, ngtcp2_rtb_entry *ent); + +/* + * ngtcp2_rtb_head returns the iterator which points to the entry + * which has the largest packet number. If there is no entry, + * returned value satisfies ngtcp2_ksl_it_end(&it) != 0. + */ +ngtcp2_ksl_it ngtcp2_rtb_head(ngtcp2_rtb *rtb); + +/* + * ngtcp2_rtb_recv_ack removes acked ngtcp2_rtb_entry from |rtb|. + * |pkt_num| is a packet number which includes |fr|. + * + * This function returns the number of newly acknowledged packets if + * it succeeds, or one of the following negative error codes: + * + * NGTCP2_ERR_CALLBACK_FAILURE + * User callback failed + * NGTCP2_ERR_NOMEM + * Out of memory + */ +ssize_t ngtcp2_rtb_recv_ack(ngtcp2_rtb *rtb, const ngtcp2_ack *fr, + ngtcp2_conn *conn, ngtcp2_tstamp ts); + +/* + * ngtcp2_rtb_detect_lost_pkt detects lost packets and prepends the + * frames contained them to |*pfrc|. Even when this function fails, + * some frames might be prepended to |*pfrc| and the caller should + * handle them. |pto| is PTO. + */ +void ngtcp2_rtb_detect_lost_pkt(ngtcp2_rtb *rtb, ngtcp2_frame_chain **pfrc, + ngtcp2_rcvry_stat *rcs, ngtcp2_duration pto, + ngtcp2_tstamp ts); + +/* + * ngtcp2_rtb_remove_all removes all packets from |rtb| and prepends + * all frames to |*pfrc|. Even when this function fails, some frames + * might be prepended to |*pfrc| and the caller should handle them. + */ +void ngtcp2_rtb_remove_all(ngtcp2_rtb *rtb, ngtcp2_frame_chain **pfrc); + +/* + * ngtcp2_rtb_on_crypto_timeout copies all unacknowledged CRYPTO + * frames and links them to |*pfrc|. The affected ngtcp2_rtb_entry + * will have NGTCP2_RTB_FLAG_CRYPTO_TIMEOUT_RETRANSMITTED set. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory + */ +int ngtcp2_rtb_on_crypto_timeout(ngtcp2_rtb *rtb, ngtcp2_frame_chain **pfrc); + +/* + * ngtcp2_rtb_empty returns nonzero if |rtb| have no entry. + */ +int ngtcp2_rtb_empty(ngtcp2_rtb *rtb); + +/* + * ngtcp2_rtb_clear removes all ngtcp2_rtb_entry objects. + * bytes_in_flight, largest_acked_tx_pkt_num, and num_ack_eliciting + * are also reset to their initial value. + */ +void ngtcp2_rtb_clear(ngtcp2_rtb *rtb); + +/* + * ngtcp2_rtb_num_ack_eliciting returns the number of ACK eliciting + * entries. + */ +size_t ngtcp2_rtb_num_ack_eliciting(ngtcp2_rtb *rtb); + +#endif /* NGTCP2_RTB_H */ diff --git a/deps/ngtcp2/lib/ngtcp2_str.c b/deps/ngtcp2/lib/ngtcp2_str.c new file mode 100644 index 0000000000..e26e7a9a51 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_str.c @@ -0,0 +1,98 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "ngtcp2_str.h" + +#include +#include + +uint8_t *ngtcp2_cpymem(uint8_t *dest, const uint8_t *src, size_t n) { + memcpy(dest, src, n); + return dest + n; +} + +uint8_t *ngtcp2_setmem(uint8_t *dest, uint8_t b, size_t n) { + memset(dest, b, n); + return dest + n; +} + +#define LOWER_XDIGITS "0123456789abcdef" + +uint8_t *ngtcp2_encode_hex(uint8_t *dest, const uint8_t *data, size_t len) { + size_t i; + uint8_t *p = dest; + + for (i = 0; i < len; ++i) { + *p++ = (uint8_t)LOWER_XDIGITS[data[i] >> 4]; + *p++ = (uint8_t)LOWER_XDIGITS[data[i] & 0xf]; + } + + *p = '\0'; + + return dest; +} + +char *ngtcp2_encode_printable_ascii(char *dest, const uint8_t *data, + size_t len) { + size_t i; + char *p = dest; + uint8_t c; + + for (i = 0; i < len; ++i) { + c = data[i]; + if (0x20 <= c && c <= 0x7e) { + *p++ = (char)c; + } else { + *p++ = '.'; + } + } + + *p = '\0'; + + return dest; +} + +int ngtcp2_verify_stateless_retry_token(const uint8_t *want, + const uint8_t *got) { + size_t i; + int rv; + + /* We consider that token with all bits not set is invalid. */ + for (i = 0; i < NGTCP2_STATELESS_RESET_TOKENLEN; ++i) { + if (got[i] != 0) { + break; + } + } + + if (i == NGTCP2_STATELESS_RESET_TOKENLEN) { + return NGTCP2_ERR_INVALID_ARGUMENT; + } + + rv = 0; + for (i = 0; i < NGTCP2_STATELESS_RESET_TOKENLEN; ++i) { + rv |= want[i] ^ got[i]; + } + + return rv == 0 ? 0 : NGTCP2_ERR_INVALID_ARGUMENT; +} diff --git a/deps/ngtcp2/lib/ngtcp2_str.h b/deps/ngtcp2/lib/ngtcp2_str.h new file mode 100644 index 0000000000..5f8c5bd510 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_str.h @@ -0,0 +1,79 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGTCP2_STR_H +#define NGTCP2_STR_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +/* ngtcp2_array is a fixed size array. */ +typedef struct { + /* base points to the beginning of the buffer. */ + uint8_t *base; + /* len is the capacity of the buffer. */ + size_t len; +} ngtcp2_array; + +uint8_t *ngtcp2_cpymem(uint8_t *dest, const uint8_t *src, size_t n); + +/* + * ngtcp2_setmem writes a string of length |n| consisting only |b| to + * the buffer pointed by |dest|. It returns dest + n; + */ +uint8_t *ngtcp2_setmem(uint8_t *dest, uint8_t b, size_t n); +/* + * ngtcp2_encode_hex encodes |data| of length |len| in hex string. It + * writes additional NULL bytes at the end of the buffer. The buffer + * pointed by |dest| must have at least |len| * 2 + 1 bytes space. + * This function returns |dest|. + */ +uint8_t *ngtcp2_encode_hex(uint8_t *dest, const uint8_t *data, size_t len); + +/* + * ngtcp2_encode_printable_ascii encodes |data| of length |len| in + * |dest| in the following manner: printable ascii characters are + * copied as is. The other characters are converted to ".". It + * writes additional NULL bytes at the end of the buffer. |dest| must + * have at least |len| + 1 bytes. This function returns |dest|. + */ +char *ngtcp2_encode_printable_ascii(char *dest, const uint8_t *data, + size_t len); + +/* + * ngtcp2_verify_stateless_retry_token verifies stateless retry token + * |want| and |got|. This function returns 0 if |want| equals |got| + * and |got| is not all zero, or one of the following negative error + * codes: + * + * NGTCP2_ERR_INVALID_ARGUMENT + * Token does not match; or token is all zero. + */ +int ngtcp2_verify_stateless_retry_token(const uint8_t *want, + const uint8_t *got); + +#endif /* NGTCP2_STR_H */ diff --git a/deps/ngtcp2/lib/ngtcp2_strm.c b/deps/ngtcp2/lib/ngtcp2_strm.c new file mode 100644 index 0000000000..00723eb329 --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_strm.c @@ -0,0 +1,326 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "ngtcp2_strm.h" + +#include +#include + +#include "ngtcp2_rtb.h" +#include "ngtcp2_pkt.h" +#include "ngtcp2_vec.h" +#include "ngtcp2_macro.h" + +static int offset_less(const ngtcp2_ksl_key *lhs, const ngtcp2_ksl_key *rhs) { + return *lhs->i < *rhs->i; +} + +int ngtcp2_strm_init(ngtcp2_strm *strm, int64_t stream_id, uint32_t flags, + uint64_t max_rx_offset, uint64_t max_tx_offset, + void *stream_user_data, const ngtcp2_mem *mem) { + int rv; + + strm->cycle = 0; + strm->tx.offset = 0; + strm->tx.max_offset = max_tx_offset; + strm->rx.last_offset = 0; + strm->stream_id = stream_id; + strm->flags = flags; + strm->stream_user_data = stream_user_data; + strm->rx.max_offset = strm->rx.unsent_max_offset = max_rx_offset; + strm->me.key = (uint64_t)stream_id; + strm->me.next = NULL; + strm->pe.index = NGTCP2_PQ_BAD_INDEX; + strm->mem = mem; + strm->app_error_code = 0; + + rv = ngtcp2_gaptr_init(&strm->tx.acked_offset, mem); + if (rv != 0) { + goto fail_gaptr_init; + } + + rv = ngtcp2_rob_init(&strm->rx.rob, 8 * 1024, mem); + if (rv != 0) { + goto fail_rob_init; + } + + rv = ngtcp2_ksl_init(&strm->tx.streamfrq, offset_less, sizeof(uint64_t), mem); + if (rv != 0) { + goto fail_tx_streamfrq_init; + } + + return 0; + +fail_tx_streamfrq_init: + ngtcp2_rob_free(&strm->rx.rob); +fail_rob_init: + ngtcp2_gaptr_free(&strm->tx.acked_offset); +fail_gaptr_init: + return rv; +} + +void ngtcp2_strm_free(ngtcp2_strm *strm) { + ngtcp2_ksl_it it; + + if (strm == NULL) { + return; + } + + for (it = ngtcp2_ksl_begin(&strm->tx.streamfrq); !ngtcp2_ksl_it_end(&it); + ngtcp2_ksl_it_next(&it)) { + ngtcp2_frame_chain_del(ngtcp2_ksl_it_get(&it), strm->mem); + } + + ngtcp2_ksl_free(&strm->tx.streamfrq); + ngtcp2_rob_free(&strm->rx.rob); + ngtcp2_gaptr_free(&strm->tx.acked_offset); +} + +uint64_t ngtcp2_strm_rx_offset(ngtcp2_strm *strm) { + return ngtcp2_rob_first_gap_offset(&strm->rx.rob); +} + +int ngtcp2_strm_recv_reordering(ngtcp2_strm *strm, const uint8_t *data, + size_t datalen, uint64_t offset) { + return ngtcp2_rob_push(&strm->rx.rob, offset, data, datalen); +} + +void ngtcp2_strm_shutdown(ngtcp2_strm *strm, uint32_t flags) { + strm->flags |= flags & NGTCP2_STRM_FLAG_SHUT_RDWR; +} + +int ngtcp2_strm_streamfrq_push(ngtcp2_strm *strm, ngtcp2_frame_chain *frc) { + ngtcp2_ksl_key key; + + assert(frc->fr.type == NGTCP2_FRAME_STREAM); + assert(frc->next == NULL); + + return ngtcp2_ksl_insert(&strm->tx.streamfrq, NULL, + ngtcp2_ksl_key_ptr(&key, &frc->fr.stream.offset), + frc); +} + +int ngtcp2_strm_streamfrq_pop(ngtcp2_strm *strm, ngtcp2_frame_chain **pfrc, + size_t left) { + ngtcp2_stream *fr, *nfr; + ngtcp2_frame_chain *frc, *nfrc; + int rv; + size_t nmerged; + size_t datalen; + ngtcp2_vec a[NGTCP2_MAX_STREAM_DATACNT]; + ngtcp2_vec b[NGTCP2_MAX_STREAM_DATACNT]; + size_t acnt, bcnt; + ngtcp2_ksl_it it; + ngtcp2_ksl_key key, old_key; + uint64_t old_offset; + + if (ngtcp2_ksl_len(&strm->tx.streamfrq) == 0) { + *pfrc = NULL; + return 0; + } + + it = ngtcp2_ksl_begin(&strm->tx.streamfrq); + frc = ngtcp2_ksl_it_get(&it); + fr = &frc->fr.stream; + + datalen = ngtcp2_vec_len(fr->data, fr->datacnt); + + if (left == 0) { + /* datalen could be zero if 0 length STREAM has been sent */ + if (datalen || ngtcp2_ksl_len(&strm->tx.streamfrq) > 1) { + *pfrc = NULL; + return 0; + } + } + + ngtcp2_ksl_remove(&strm->tx.streamfrq, NULL, + ngtcp2_ksl_key_ptr(&key, &fr->offset)); + + if (datalen > left) { + ngtcp2_vec_clone(a, fr->data, fr->datacnt); + acnt = fr->datacnt; + + bcnt = 0; + ngtcp2_vec_split(a, &acnt, b, &bcnt, left, NGTCP2_MAX_STREAM_DATACNT); + + assert(acnt > 0); + assert(bcnt > 0); + + rv = ngtcp2_frame_chain_stream_datacnt_new(&nfrc, bcnt, strm->mem); + if (rv != 0) { + assert(ngtcp2_err_is_fatal(rv)); + ngtcp2_frame_chain_del(frc, strm->mem); + return rv; + } + + nfr = &nfrc->fr.stream; + nfr->type = NGTCP2_FRAME_STREAM; + nfr->flags = 0; + nfr->fin = fr->fin; + nfr->stream_id = fr->stream_id; + nfr->offset = fr->offset + left; + nfr->datacnt = bcnt; + ngtcp2_vec_clone(nfr->data, b, bcnt); + + rv = ngtcp2_ksl_insert(&strm->tx.streamfrq, NULL, + ngtcp2_ksl_key_ptr(&key, &nfr->offset), nfrc); + if (rv != 0) { + assert(ngtcp2_err_is_fatal(rv)); + ngtcp2_frame_chain_del(nfrc, strm->mem); + ngtcp2_frame_chain_del(frc, strm->mem); + return rv; + } + + rv = ngtcp2_frame_chain_stream_datacnt_new(&nfrc, acnt, strm->mem); + if (rv != 0) { + assert(ngtcp2_err_is_fatal(rv)); + ngtcp2_frame_chain_del(frc, strm->mem); + return rv; + } + + nfr = &nfrc->fr.stream; + *nfr = *fr; + nfr->fin = 0; + nfr->datacnt = acnt; + ngtcp2_vec_clone(nfr->data, a, acnt); + + ngtcp2_frame_chain_del(frc, strm->mem); + + *pfrc = nfrc; + + return 0; + } + + left -= datalen; + + ngtcp2_vec_clone(a, fr->data, fr->datacnt); + acnt = fr->datacnt; + + for (; left && ngtcp2_ksl_len(&strm->tx.streamfrq);) { + it = ngtcp2_ksl_begin(&strm->tx.streamfrq); + nfrc = ngtcp2_ksl_it_get(&it); + nfr = &nfrc->fr.stream; + + if (nfr->offset != fr->offset + datalen) { + assert(fr->offset + datalen < nfr->offset); + break; + } + + if (nfr->fin && nfr->datacnt == 0) { + fr->fin = 1; + ngtcp2_ksl_remove(&strm->tx.streamfrq, NULL, + ngtcp2_ksl_key_ptr(&key, &nfr->offset)); + ngtcp2_frame_chain_del(nfrc, strm->mem); + break; + } + + nmerged = ngtcp2_vec_merge(a, &acnt, nfr->data, &nfr->datacnt, left, + NGTCP2_MAX_STREAM_DATACNT); + if (nmerged == 0) { + break; + } + + datalen += nmerged; + left -= nmerged; + + if (nfr->datacnt == 0) { + fr->fin = nfr->fin; + ngtcp2_ksl_remove(&strm->tx.streamfrq, NULL, + ngtcp2_ksl_key_ptr(&key, &nfr->offset)); + ngtcp2_frame_chain_del(nfrc, strm->mem); + continue; + } + + old_offset = nfr->offset; + nfr->offset += nmerged; + + ngtcp2_ksl_update_key(&strm->tx.streamfrq, + ngtcp2_ksl_key_ptr(&old_key, &old_offset), + ngtcp2_ksl_key_ptr(&key, &nfr->offset)); + + break; + } + + if (acnt == fr->datacnt) { + if (acnt > 0) { + fr->data[acnt - 1] = a[acnt - 1]; + } + + *pfrc = frc; + return 0; + } + + assert(acnt > fr->datacnt); + + rv = ngtcp2_frame_chain_stream_datacnt_new(&nfrc, acnt, strm->mem); + if (rv != 0) { + ngtcp2_frame_chain_del(frc, strm->mem); + return rv; + } + + nfr = &nfrc->fr.stream; + *nfr = *fr; + nfr->datacnt = acnt; + ngtcp2_vec_clone(nfr->data, a, acnt); + + ngtcp2_frame_chain_del(frc, strm->mem); + + *pfrc = nfrc; + + return 0; +} + +ngtcp2_frame_chain *ngtcp2_strm_streamfrq_top(ngtcp2_strm *strm) { + ngtcp2_ksl_it it; + + assert(ngtcp2_ksl_len(&strm->tx.streamfrq)); + + it = ngtcp2_ksl_begin(&strm->tx.streamfrq); + return ngtcp2_ksl_it_get(&it); +} + +int ngtcp2_strm_streamfrq_empty(ngtcp2_strm *strm) { + return ngtcp2_ksl_len(&strm->tx.streamfrq) == 0; +} + +void ngtcp2_strm_streamfrq_clear(ngtcp2_strm *strm) { + ngtcp2_frame_chain *frc; + ngtcp2_ksl_it it; + + for (it = ngtcp2_ksl_begin(&strm->tx.streamfrq); !ngtcp2_ksl_it_end(&it); + ngtcp2_ksl_it_next(&it)) { + frc = ngtcp2_ksl_it_get(&it); + ngtcp2_frame_chain_del(frc, strm->mem); + } + ngtcp2_ksl_clear(&strm->tx.streamfrq); +} + +int ngtcp2_strm_is_tx_queued(ngtcp2_strm *strm) { + return strm->pe.index != NGTCP2_PQ_BAD_INDEX; +} + +int ngtcp2_strm_is_all_tx_data_acked(ngtcp2_strm *strm) { + return ngtcp2_gaptr_first_gap_offset(&strm->tx.acked_offset) == + strm->tx.offset; +} diff --git a/deps/ngtcp2/lib/ngtcp2_strm.h b/deps/ngtcp2/lib/ngtcp2_strm.h new file mode 100644 index 0000000000..67d49e519e --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_strm.h @@ -0,0 +1,219 @@ +/* + * ngtcp2 + * + * Copyright (c) 2017 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGTCP2_STRM_H +#define NGTCP2_STRM_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include "ngtcp2_rob.h" +#include "ngtcp2_map.h" +#include "ngtcp2_gaptr.h" +#include "ngtcp2_ksl.h" +#include "ngtcp2_pq.h" + +struct ngtcp2_frame_chain; +typedef struct ngtcp2_frame_chain ngtcp2_frame_chain; + +typedef enum { + NGTCP2_STRM_FLAG_NONE = 0, + /* NGTCP2_STRM_FLAG_SHUT_RD indicates that further reception of + stream data is not allowed. */ + NGTCP2_STRM_FLAG_SHUT_RD = 0x01, + /* NGTCP2_STRM_FLAG_SHUT_WR indicates that further transmission of + stream data is not allowed. */ + NGTCP2_STRM_FLAG_SHUT_WR = 0x02, + NGTCP2_STRM_FLAG_SHUT_RDWR = + NGTCP2_STRM_FLAG_SHUT_RD | NGTCP2_STRM_FLAG_SHUT_WR, + /* NGTCP2_STRM_FLAG_SENT_RST indicates that RST_STREAM is sent from + the local endpoint. In this case, NGTCP2_STRM_FLAG_SHUT_WR is + also set. */ + NGTCP2_STRM_FLAG_SENT_RST = 0x04, + /* NGTCP2_STRM_FLAG_SENT_RST indicates that RST_STREAM is received + from the remote endpoint. In this case, NGTCP2_STRM_FLAG_SHUT_RD + is also set. */ + NGTCP2_STRM_FLAG_RECV_RST = 0x08, + /* NGTCP2_STRM_FLAG_STOP_SENDING indicates that STOP_SENDING is sent + from the local endpoint. */ + NGTCP2_STRM_FLAG_STOP_SENDING = 0x10, + /* NGTCP2_STRM_FLAG_RST_ACKED indicates that the outgoing RST_STREAM + is acknowledged by peer. */ + NGTCP2_STRM_FLAG_RST_ACKED = 0x20, +} ngtcp2_strm_flags; + +struct ngtcp2_strm; +typedef struct ngtcp2_strm ngtcp2_strm; + +struct ngtcp2_strm { + ngtcp2_map_entry me; + ngtcp2_pq_entry pe; + uint64_t cycle; + + struct { + /* acked_offset tracks acknowledged outgoing data. */ + ngtcp2_gaptr acked_offset; + /* streamfrq contains STREAM frame for retransmission. The flow + control credits have been paid when they are transmitted first + time. There are no restriction regarding flow control for + retransmission. */ + ngtcp2_ksl streamfrq; + /* offset is the next offset of outgoing data. In other words, it + is the number of bytes sent in this stream without + duplication. */ + uint64_t offset; + /* max_tx_offset is the maximum offset that local endpoint can + send for this stream. */ + uint64_t max_offset; + } tx; + + struct { + /* rob is the reorder buffer for incoming stream data. The data + received in out of order is buffered and sorted by its offset + in this object. */ + ngtcp2_rob rob; + /* last_offset is the largest offset of stream data received for + this stream. */ + uint64_t last_offset; + /* max_offset is the maximum offset that remote endpoint can send + to this stream. */ + uint64_t max_offset; + /* unsent_max_offset is the maximum offset that remote endpoint + can send to this stream, and it is not notified to the remote + endpoint. unsent_max_offset >= max_offset must be hold. */ + uint64_t unsent_max_offset; + } rx; + + const ngtcp2_mem *mem; + int64_t stream_id; + void *stream_user_data; + /* flags is bit-wise OR of zero or more of ngtcp2_strm_flags. */ + uint32_t flags; + /* app_error_code is an error code the local endpoint sent in + RST_STREAM or STOP_SENDING. */ + uint64_t app_error_code; +}; + +/* + * ngtcp2_strm_init initializes |strm|. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory + */ +int ngtcp2_strm_init(ngtcp2_strm *strm, int64_t stream_id, uint32_t flags, + uint64_t max_rx_offset, uint64_t max_tx_offset, + void *stream_user_data, const ngtcp2_mem *mem); + +/* + * ngtcp2_strm_free deallocates memory allocated for |strm|. This + * function does not free the memory pointed by |strm| itself. + */ +void ngtcp2_strm_free(ngtcp2_strm *strm); + +/* + * ngtcp2_strm_rx_offset returns the minimum offset of stream data + * which is not received yet. + */ +uint64_t ngtcp2_strm_rx_offset(ngtcp2_strm *strm); + +/* + * ngtcp2_strm_recv_reordering handles reordered data. + * + * It returns 0 if it succeeds, or one of the following negative error + * codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory + */ +int ngtcp2_strm_recv_reordering(ngtcp2_strm *strm, const uint8_t *data, + size_t datalen, uint64_t offset); + +/* + * ngtcp2_strm_shutdown shutdowns |strm|. |flags| should be + * NGTCP2_STRM_FLAG_SHUT_RD, and/or NGTCP2_STRM_FLAG_SHUT_WR. + */ +void ngtcp2_strm_shutdown(ngtcp2_strm *strm, uint32_t flags); + +/* + * ngtcp2_strm_streamfrq_push pushes |frc| to streamfrq for + * retransmission. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory + */ +int ngtcp2_strm_streamfrq_push(ngtcp2_strm *strm, ngtcp2_frame_chain *frc); + +/* + * ngtcp2_strm_streamfrq_pop pops the first ngtcp2_frame_chain and + * assigns it to |*pfrc|. This function splits into or merges several + * ngtcp2_frame_chain objects so that the returned ngtcp2_frame_chain + * has at most |left| data length. If there is no frames to send, + * this function returns 0 and |*pfrc| is NULL. + * + * This function returns 0 if it succeeds, or one of the following + * negative error codes: + * + * NGTCP2_ERR_NOMEM + * Out of memory + */ +int ngtcp2_strm_streamfrq_pop(ngtcp2_strm *strm, ngtcp2_frame_chain **pfrc, + size_t left); + +/* + * ngtcp2_strm_streamfrq_top returns the first ngtcp2_frame_chain. + * The queue must not be empty. + */ +ngtcp2_frame_chain *ngtcp2_strm_streamfrq_top(ngtcp2_strm *strm); + +/* + * ngtcp2_strm_streamfrq_empty returns nonzero if streamfrq is empty. + */ +int ngtcp2_strm_streamfrq_empty(ngtcp2_strm *strm); + +/* + * ngtcp2_strm_streamfrq_clear removes all frames from streamfrq. + */ +void ngtcp2_strm_streamfrq_clear(ngtcp2_strm *strm); + +/* + * ngtcp2_strm_is_tx_queued returns nonzero if |strm| is queued. + */ +int ngtcp2_strm_is_tx_queued(ngtcp2_strm *strm); + +/* + * ngtcp2_strm_is_all_tx_data_acked returns nonzero if all outgoing + * data for |strm| which have sent so far have been acknowledged. + */ +int ngtcp2_strm_is_all_tx_data_acked(ngtcp2_strm *strm); + +#endif /* NGTCP2_STRM_H */ diff --git a/deps/ngtcp2/lib/ngtcp2_vec.c b/deps/ngtcp2/lib/ngtcp2_vec.c new file mode 100644 index 0000000000..415097b7ac --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_vec.c @@ -0,0 +1,221 @@ +/* + * ngtcp2 + * + * Copyright (c) 2018 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "ngtcp2_vec.h" + +#include +#include + +#include "ngtcp2_str.h" + +int ngtcp2_vec_new(ngtcp2_vec **pvec, const uint8_t *data, size_t datalen, + const ngtcp2_mem *mem) { + size_t len; + uint8_t *p; + + len = sizeof(ngtcp2_vec) + datalen; + + *pvec = ngtcp2_mem_malloc(mem, len); + if (*pvec == NULL) { + return NGTCP2_ERR_NOMEM; + } + + p = (uint8_t *)(*pvec) + sizeof(ngtcp2_vec); + (*pvec)->base = p; + (*pvec)->len = datalen; + /* p = */ ngtcp2_cpymem(p, data, datalen); + + return 0; +} + +void ngtcp2_vec_del(ngtcp2_vec *vec, const ngtcp2_mem *mem) { + ngtcp2_mem_free(mem, vec); +} + +size_t ngtcp2_vec_len(const ngtcp2_vec *vec, size_t n) { + size_t i; + size_t res = 0; + + for (i = 0; i < n; ++i) { + res += vec[i].len; + } + + return res; +} + +ssize_t ngtcp2_vec_split(ngtcp2_vec *src, size_t *psrccnt, ngtcp2_vec *dst, + size_t *pdstcnt, size_t left, size_t maxcnt) { + size_t i; + size_t srccnt = *psrccnt; + size_t nmove; + size_t extra = 0; + + for (i = 0; i < srccnt; ++i) { + if (left >= src[i].len) { + left -= src[i].len; + continue; + } + + if (*pdstcnt && src[srccnt - 1].base + src[srccnt - 1].len == dst[0].base) { + if (*pdstcnt + srccnt - i - 1 > maxcnt) { + return -1; + } + + dst[0].len += src[srccnt - 1].len; + dst[0].base = src[srccnt - 1].base; + extra = src[srccnt - 1].len; + --srccnt; + } else if (*pdstcnt + srccnt - i > maxcnt) { + return -1; + } + + if (left == 0) { + *psrccnt = i; + } else { + *psrccnt = i + 1; + } + + nmove = srccnt - i; + memmove(dst + nmove, dst, sizeof(ngtcp2_vec) * (*pdstcnt)); + *pdstcnt += nmove; + memcpy(dst, src + i, sizeof(ngtcp2_vec) * nmove); + + dst[0].len -= left; + dst[0].base += left; + src[i].len = left; + + if (nmove == 0) { + extra -= left; + } + + return (ssize_t)(ngtcp2_vec_len(dst, nmove) + extra); + } + + return 0; +} + +size_t ngtcp2_vec_merge(ngtcp2_vec *dst, size_t *pdstcnt, ngtcp2_vec *src, + size_t *psrccnt, size_t left, size_t maxcnt) { + size_t orig_left = left; + size_t i; + ngtcp2_vec *a, *b; + + assert(maxcnt); + + if (*pdstcnt == 0) { + if (*psrccnt == 0) { + return 0; + } + + a = &dst[0]; + b = &src[0]; + + if (left >= b->len) { + *a = *b; + ++*pdstcnt; + left -= b->len; + i = 1; + } else { + a->len = left; + a->base = b->base; + + b->len -= left; + b->base += left; + + return left; + } + } else { + i = 0; + } + + for (; left && i < *psrccnt; ++i) { + a = &dst[*pdstcnt - 1]; + b = &src[i]; + + if (left >= b->len) { + if (a->base + a->len == b->base) { + a->len += b->len; + } else if (*pdstcnt == maxcnt) { + break; + } else { + dst[(*pdstcnt)++] = *b; + } + left -= b->len; + continue; + } + + if (a->base + a->len == b->base) { + a->len += left; + } else if (*pdstcnt == maxcnt) { + break; + } else { + dst[*pdstcnt].len = left; + dst[*pdstcnt].base = b->base; + ++*pdstcnt; + } + + b->len -= left; + b->base += left; + left = 0; + + break; + } + + memmove(src, src + i, sizeof(ngtcp2_vec) * (*psrccnt - i)); + *psrccnt -= i; + + return orig_left - left; +} + +size_t ngtcp2_vec_copy(ngtcp2_vec *dst, size_t *pnwritten, size_t dstcnt, + const ngtcp2_vec *src, size_t srccnt, size_t left) { + size_t i, j; + size_t len = left; + + *pnwritten = 0; + + for (i = 0, j = 0; left > 0 && i < srccnt && j < dstcnt;) { + if (src[i].len == 0) { + ++i; + continue; + } + dst[j] = src[i]; + if (dst[j].len > left) { + dst[j].len = left; + *pnwritten = len; + return j + 1; + } + left -= dst[j].len; + ++i; + ++j; + } + + *pnwritten = len - left; + + return j; +} + +void ngtcp2_vec_clone(ngtcp2_vec *dst, const ngtcp2_vec *src, size_t cnt) { + memcpy(dst, src, sizeof(ngtcp2_vec) * cnt); +} diff --git a/deps/ngtcp2/lib/ngtcp2_vec.h b/deps/ngtcp2/lib/ngtcp2_vec.h new file mode 100644 index 0000000000..131e59797a --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_vec.h @@ -0,0 +1,96 @@ +/* + * ngtcp2 + * + * Copyright (c) 2018 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifndef NGTCP2_VEC_H +#define NGTCP2_VEC_H + +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +#include "ngtcp2_mem.h" + +/* + * ngtcp2_vec_new allocates and initializes |*pvec| with given |data| + * of length |datalen|. This function allocates memory for |*pvec| + * and the given data with a single allocation, and the contents + * pointed by |data| is copied into the allocated memory space. To + * free the allocated memory, call ngtcp2_vec_del. + */ +int ngtcp2_vec_new(ngtcp2_vec **pvec, const uint8_t *data, size_t datalen, + const ngtcp2_mem *mem); + +/* + * ngtcp2_vec_del frees the memory allocated by |vec| which is + * allocated and initialized by ngtcp2_vec_new. + */ +void ngtcp2_vec_del(ngtcp2_vec *vec, const ngtcp2_mem *mem); + +/* + * ngtcp2_vec_len returns the sum of length in |vec| of |n| elements. + */ +size_t ngtcp2_vec_len(const ngtcp2_vec *vec, size_t n); + +/* + * ngtcp2_vec_split splits |src| to |dst| so that the sum of the + * length in |src| does not exceed |left| bytes. The |maxcnt| is the + * maximum number of elements which |dst| array can contain. The + * caller must set |*psrccnt| to the number of elements of |src|. + * Similarly, the caller must set |*pdstcnt| to the number of elements + * of |dst|. The split does not necessarily occur at the boundary of + * ngtcp2_vec object. After split has done, this function updates + * |*psrccnt| and |*pdstcnt|. This function returns the number of + * bytes moved from |src| to |dst|. If split cannot be made because + * doing so exceeds |maxcnt|, this function returns -1. + */ +ssize_t ngtcp2_vec_split(ngtcp2_vec *src, size_t *psrccnt, ngtcp2_vec *dst, + size_t *pdstcnt, size_t left, size_t maxcnt); + +/* + * ngtcp2_vec_merge merges |src| into |dst| by moving at most |left| + * bytes from |src|. The |maxcnt| is the maximum number of elements + * which |dst| array can contain. The caller must set |*pdstcnt| to + * the number of elements of |dst|. Similarly, the caller must set + * |*psrccnt| to the number of elements of |src|. After merge has + * done, this function updates |*psrccnt| and |*pdstcnt|. This + * function returns the number of bytes moved from |src| to |dst|. + */ +size_t ngtcp2_vec_merge(ngtcp2_vec *dst, size_t *pdstcnt, ngtcp2_vec *src, + size_t *psrccnt, size_t left, size_t maxcnt); + +/* + * ngtcp2_vec_copy copies |src| of length |srccnt| to |dst| of length + * |dstcnt|. The total number of bytes which the copied ngtcp2_vec + * refers to is at most |left| and is assigned to |*pnwritten|. The + * empty elements in |src| are ignored. This function returns the + * number of elements copied. + */ +size_t ngtcp2_vec_copy(ngtcp2_vec *dst, size_t *pnwritten, size_t dstcnt, + const ngtcp2_vec *src, size_t srccnt, size_t left); + +void ngtcp2_vec_clone(ngtcp2_vec *dst, const ngtcp2_vec *src, size_t cnt); + +#endif /* NGTCP2_VEC_H */ diff --git a/deps/ngtcp2/lib/ngtcp2_version.c b/deps/ngtcp2/lib/ngtcp2_version.c new file mode 100644 index 0000000000..40f3ae3f9e --- /dev/null +++ b/deps/ngtcp2/lib/ngtcp2_version.c @@ -0,0 +1,39 @@ +/* + * ngtcp2 + * + * Copyright (c) 2019 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#ifdef HAVE_CONFIG_H +# include +#endif /* HAVE_CONFIG_H */ + +#include + +static ngtcp2_info version = {NGTCP2_VERSION_AGE, NGTCP2_VERSION_NUM, + NGTCP2_VERSION}; + +ngtcp2_info *ngtcp2_version(int least_version) { + if (least_version > NGTCP2_VERSION_NUM) { + return NULL; + } + return &version; +} diff --git a/deps/ngtcp2/ngtcp2.gyp b/deps/ngtcp2/ngtcp2.gyp new file mode 100644 index 0000000000..8aed749607 --- /dev/null +++ b/deps/ngtcp2/ngtcp2.gyp @@ -0,0 +1,66 @@ +{ + 'target_defaults': { + 'defines': [ + '_U_=' + ] + }, + 'targets': [ + { + 'target_name': 'ngtcp2', + 'type': 'static_library', + 'include_dirs': ['lib/includes'], + 'defines': [ + 'BUILDING_NGTCP2', + 'NGTCP2_STATICLIB', + ], + 'conditions': [ + ['OS=="win"', { + 'defines': [ + 'WIN32', + '_WINDOWS', + 'HAVE_CONFIG_H', + ], + 'msvs_settings': { + 'VCCLCompilerTool': { + 'CompileAs': '1' + }, + }, + }], + ], + 'direct_dependent_settings': { + 'defines': [ 'NGTCP2_STATICLIB' ], + 'include_dirs': [ 'lib/includes' ] + }, + 'sources': [ + 'lib/ngtcp2_acktr.c', + 'lib/ngtcp2_addr.c', + 'lib/ngtcp2_buf.c', + 'lib/ngtcp2_cc.c', + 'lib/ngtcp2_cid.c', + 'lib/ngtcp2_conn.c', + 'lib/ngtcp2_conv.c', + 'lib/ngtcp2_crypto.c', + 'lib/ngtcp2_err.c', + 'lib/ngtcp2_gaptr.c', + 'lib/ngtcp2_idtr.c', + 'lib/ngtcp2_ksl.c', + 'lib/ngtcp2_log.c', + 'lib/ngtcp2_map.c', + 'lib/ngtcp2_mem.c', + 'lib/ngtcp2_path.c', + 'lib/ngtcp2_pkt.c', + 'lib/ngtcp2_ppe.c', + 'lib/ngtcp2_pq.c', + 'lib/ngtcp2_psl.c', + 'lib/ngtcp2_pv.c', + 'lib/ngtcp2_range.c', + 'lib/ngtcp2_ringbuf.c', + 'lib/ngtcp2_rob.c', + 'lib/ngtcp2_rtb.c', + 'lib/ngtcp2_str.c', + 'lib/ngtcp2_strm.c', + 'lib/ngtcp2_vec.c', + ] + } + ] +} diff --git a/doc/api/errors.md b/doc/api/errors.md index cf21c142d6..5579a6a6ed 100644 --- a/doc/api/errors.md +++ b/doc/api/errors.md @@ -1618,6 +1618,66 @@ A non-context-aware native addon was loaded in a process that disallows them. A given value is out of the accepted range. + +### ERR_QUIC_ERROR + +TBD + + +### ERR_QUICCLIENTSESSION_FAILED + +TBD + + +### ERR_QUICCLIENTSESSION_FAILED_SETSOCKET + +TBD + + +### ERR_QUICSESSION_DESTROYED + +TBD + + +### ERR_QUICSESSION_INVALID_DCID + +TBD + + +### ERR_QUICSESSION_UPDATEKEY + +TBD + + +### ERR_QUICSESSION_VERSION_NEGOTIATION + +TBD + + +### ERR_QUICSOCKET_CLOSING + +TBD + + +### ERR_QUICSOCKET_DESTROYED + +TBD + + +### ERR_QUICSOCKET_LISTENING + +TBD + + +### ERR_QUICSOCKET_UNBOUND + +TBD + + +### ERR_QUICSTREAM_OPEN_FAILED + +TBD + ### ERR_REQUIRE_ESM @@ -2115,6 +2175,16 @@ removed: v10.0.0 Used when a failure occurs sending an individual frame on the HTTP/2 session. + +### ERR_QUIC_TLS13_REQUIRED + + +Used when a failure occurs sending an individual frame on the HTTP/2 +session. + ### ERR_HTTP2_HEADERS_OBJECT + +> Stability: 1 - Experimental + +The `quic` module provides an implementation of the QUIC protocol. To +access it: + +```js +const quic = require('quic'); +``` + +## Example + +```js +'use strict'; + +const key = getTLSKeySomehow(); +const cert = getTLSCertSomehow(); + +const { createSocket } = require('quic'); + +// Create the QUIC UDP IPv4 socket bound to local IP port 1234 +const socket = createSocket({ port: 1234 }); + +// Tell the socket to operate as a server using the given +// key and certificate to secure new connections. +socket.listen({ key, cert }); + +socket.on('session', (session) => { + // A new server side session has been created! + + session.on('secure', () => { + // Once the TLS handshake is completed, we can + // open streams... + const uni = session.openStream({ halfOpen: true }); + uni.write('hi '); + uni.end('from the server!'); + }); + + // The peer opened a new stream! + session.on('stream', (stream) => { + // Let's say hello + stream.end('Hello World'); + + // Let's see what the peer has to say... + stream.setEncoding('utf8'); + stream.on('data', console.log); + stream.on('end', () => console.log('stream ended')); + }); +}); + +socket.on('listening', () => { + // The socket is listening for sessions! +}); +``` + +## quic.createSocket([options]) + + +* `options` {Object} + * `address` {string} The local address to bind to. This may be an IPv4 or IPv6 + address or a hostname. If a hostname is given, it will be resolved to an IP + address. + * `client` {Object} A default configuration for QUIC client sessions created + using `quicsocket.connect()`. + * `lookup` {Function} A custom DNS lookup function. Default `dns.lookup()`. + * `maxConnectionsPerHost` {number} The maximum number of inbound connections + per remote host. Default: `100`. + * `port` {number} The local port to bind to. + * `retryTokenTimeout` {number} The maximum number of *seconds* for retry token + validation. Default: `10` seconds. + * `server` {Object} A default configuration for QUIC server sessions. + * `type` {string} Either `'udp4'` or `'upd6'` to use either IPv4 or IPv6, + respectively. + * `validateAddress` {boolean} When `true`, the `QuicSocket` will use explicit + address validation using a QUIC `RETRY` frame when listening for new server + sessions. Default: `false`. + * `validateAddressLRU` {boolean} When `true`, validation will be skipped if + the address has been recently validated. Currently, only the 10 most + recently validated addresses are remembered. Setting `validateAddressLRU` + to `true`, will enable the `validateAddress` option as well. Default: + `false`. + +Creates a new `QuicSocket` instance. + +## Class: QuicSession exends EventEmitter + +* Extends: {EventEmitter} + +The `QuicSession` is an abstract base class that defines events, methods, and +properties that are shared by both `QuicClientSession` and `QuicServerSession`. + +Users will not create instances of `QuicSession` directly. + +### Event: `'close'` + + +Emiitted after the `QuicSession` has been destroyed. + +### Event: `'error'` + + +Emitted immediately before the `'close'` event if the `QuicSession` was +destroyed with an error. + + +### Event: `'keylog'` + + +Emitted when key material is generated or received by a `QuicSession` +(typically during or immediately following the handshake process). This keying +material can be stored for debugging, as it allows captured TLS traffic to be +decrypted. It may be emitted multiple times per `QuicSession` instance. + +The callback will be invoked with a single argument: + +* `line` Line of ASCII text, in NSS SSLKEYLOGFILE format. + +A typical use case is to append received lines to a common text file, which is +later used by software (such as Wireshark) to decrypt the traffic: + +```js +const log = fs.createWriteStream('/tmp/ssl-keys.log', { flags: 'a' }); +// ... +session.on('keylog', (line) => log.write(line)); +``` + +### Event: `'pathValidation'` + + +Emitted when a path validation result has been determined. This event +is strictly informational. When path validation is successful, the +`QuicSession` will automatically update to use the new validated path. + +The callback will be invoked with three arguments: + +* `result` {string} Either `'failure'` or `'success'`, denoting the status + of the path challenge. +* `local` {Object} The local address component of the tested path. +* `remote` {Object} The remote address component of the tested path. + +### Event: `'secure'` + + +Emitted after the TLS handshake has been completed. + +The callback will be invoked with two arguments: + +* `servername` {string} The SNI servername requested by the client. +* `alpnProtocol` {string} The negotiated ALPN protocol. +* `cipher` {Object} Information about the selected cipher algorithm. + * `name` {string} The cipher algorithm name. + * `version` {string} The TLS version (currently always `'TLSv1.3'`). + +These will also be available using the `quicsession.servername`, +`quicsession.alpnProtocol`, and `quicsession.cipher` properties. + +### Event: `'stream'` + + +Emitted when a new `QuicStream` has been initiated by the connected peer. + + +### quicsession.alpnProtocol + + +* Type: {string} + +The ALPN protocol identifier negotiated for this session. + +### quicsession.cipher + + +* Type: {Object} + * `name` {string} The cipher algorithm name. + * `type` {string} The TLS version (currently always `'TLSv1.3'`). + +Information about the cipher algorithm selected for the session. + +### quicsession.close([callback]) + + +* `callback` {Function} Callback invoked when the close operation is completed + +Begins a graceful close of the `QuicSession`. Existing `QuicStream` instances +will be permitted to close naturally. New `QuicStream` instances will not be +permitted. Once all `QuicStream` instances have closed, the `QuicSession` +instance will be destroyed. + +### quicsession.closing + + +* Type: {boolean} + +Set to `true` if the `QuicSession` is in the process of a graceful shutdown. + +### quicsession.destroy([error]) + + +* `error` {any} + +Destroys the `QuicSession` immediately causing the `close` event to be emitted. +If `error` is not `undefined`, the `error` event will be emitted immediately +before the `close` event. + +Any `QuicStream` instances that are still opened will be abruptly closed. + +### quicsession.destroyed + + +* Type: {boolean} + +Set to `true` if the `QuicSession` has been destroyed. + +### quicsession.getCertificate() + + +* Returns: {Object} A [Certificate Object][]. + +Returns an object representing the *local* certificate. The returned object has +some properties corresponding to the fields of the certificate. + +If there is no local certificate, or if the `QuicSession` has been destroyed, +an empty object will be returned. + +### quicsession.getPeerCertificate([detailed]) + + +* `detailed` {boolean} Include the full certificate chain if `true`, otherwise + include just the peer's certificate. **Default**: `false`. +* Returns: {Object} A [Certificate Object][]. + +Returns an object representing the peer's certificate. If the peer does not +provide a certificate, or if the `QuicSession` has been destroyed, an empty +object will be returned. + +If the full certificate chain was requested (`details` equals `true`), each +certificate will include an `issuerCertificate` property containing an object +representing the issuer's certificate. + +### quicsession.handshakeComplete + + +* Type: {boolean} + +Set to `true` if the TLS handshake has completed. + +### quicsession.maxStreams + + +* Type: {Object} + * `uni` {number} The maximum number of unidirectional streams. + * `bidi` {number} The maximum number of bidirectional streams. + +The highest cumulative number of bidirectional and unidirectional streams +that can currently be opened. The values are set initially by configuration +parameters when the `QuicSession` is created, then updated over the lifespan +of the `QuicSession` as the connected peer allows new streams to be created. + +### quicsession.openStream([options]) + +* `options` {Object} + * `halfOpen` {boolean} Set to `true` to open a unidirectional stream, `false` + to open a bidirectional stream. **Default**: `true`. + * `highWaterMark` {number} +* Returns: {QuicStream} + +Returns a new `QuicStream`. + +An error will be thrown if the `QuicSession` has been destroyed or is in the +process of a graceful shutdown. + +### quicsession.ping() + + +The `ping()` method will trigger the underlying QUIC connection to serialize +any frames currently pending in the outbound queue if it is able to do so. +This has the effect of keeping the connection with the peer active and resets +the idle and retransmission timers. The `ping()` method is a best-effort +that ignores any errors that may occur during the serialization and send +operations. There is no return value and there is no way to monitor the status +of the `ping()` operation. + +### quicsession.servername + + +* Type: {string} + +The SNI servername requested for this session by the client. + +### quicsession.socket + + +* Type: {QuicSocket} + +The `QuicSocket` the `QuicSession` is associated with. + +### quicsession.updateKey() + + +* Returns: {boolean} `true` if the key update operation is successfully + initiated. + +Initiates QuicSession key update. + +## Class: QuicClientSession extends QuicSession + + +* Extends: {QuicSession} + +The `QuicClientSession` class implements the client side of a QUIC connection. +Instances are created using the `quicsocket.connect()` method. + +### Event: `'OCSPResponse'` + + +Emitted when the `QuicClientSession` receives a requested OCSP certificate +status response from the QUIC server peer. + +The callback is invoked with a single argument: + +* `response` {Buffer} + +Node.js does not perform any automatic validation or processing of the +response. + +### Event: `'sessionTicket'` + + +The `'sessionTicket'` event is emitted when a new TLS session ticket has been +generated for the current `QuicClientSession`. The callback is invoked with +three arguments: + +* `sessionID` {Buffer} The serialized session ticket identifier. +* `sessionTicket` {Buffer} The serialized session ticket. +* `remoteTransportParams` {Buffer} The serialized remote transport parameters + provided by the QUIC server. + +The `sessionTicket` and `remoteTransportParams` are useful when creating a new +`QuicClientSession` to more quickly resume an existing session. + + +### quicclientsession.ephemeralKeyInfo + + +* Type: {Object} + +An object representing the type, name, and size of parameter of an ephemeral +key exchange in Perfect Forward Secrecy on a client connection. It is an +empty object when the key exchange is not ephemeral. The supported types are +`'DH'` and `'ECDH'`. The `name` property is available only when type is +`'ECDH'`. + +For example: `{ type: 'ECDH', name: 'prime256v1', size: 256 }`. + +### quicclientsession.ready + + +* Type: {boolean} + +Set to `true` if the `QuicClientSession` is ready for use. False if the +`QuicSocket` has not yet been bound. + +### quicclientsession.setSocket(socket, callback]) + + +* `socket` {QuicSocket} A `QuicSocket` instance to move this session to. +* `callback` {Function} A callback function that will be invoked once the + migration to the new `QuicSocket` is complete. + +Migrates the `QuicClientSession` to the given `QuicSocket` instance. If the new +`QuicSocket` has not yet been bound to a local UDP port, it will be bound prior +to attempting the migration. If the `QuicClientSession` is not yet ready to +migrate, the callback will be invoked with an `Error` using the code +`ERR_QUICCLIENTSESSION_FAILED_SETSOCKET`. + +## Class: QuicServerSession extends QuicSession + + +* Extends: {QuicSession} + +The `QuicServerSession` class implements the server side of a QUIC connection. +Instances are created internally and are emitted using the `QuicSocket` +`'session'` event. + +### Event: `'clientHello'` + + +Emitted at the start of the TLS handshake when the `QuicServerSession` receives +the initial TLS Client Hello. + +The event handler is given a callback function that *must* be invoked for the +handshake to continue. + +The callback is invoked with four arguments: + +* `alpn` {string} The ALPN protocol identifier requested by the client. +* `servername` {string} The SNI servername requested by the client. +* `ciphers` {string[]} The list of TLS cipher algorithms requested by the + client. +* `callback` {Function} A callback function that must be called in order for + the TLS handshake to continue. + +### Event: `'OCSPRequest'` + + +Emitted when the `QuicServerSession` has received a OCSP certificate status +request as part of the TLS handshake. + +The callback is invoked with three arguments: + +* `servername` {string} +* `context` {tls.SecureContext} +* `callback` {Function} + +The callback *must* be invoked in order for the TLS handshake to continue. + +## Class: QuicSocket + + +New instances of `QuicSocket` are created using the `quic.createSocket()` +method. + +Once created, a `QuicSocket` can be configured to work as both a client and a +server. + +### Event: `'close'` + + +Emitted after the `QuicSocket` has been destroyed and is no longer usable. + +### Event: `'error'` + + +Emitted before the `'close'` event if the `QuicSocket` was destroyed with an +`error`. + +### Event: `'ready'` + + +Emitted once the `QuicSocket` has been bound to a local UDP port. + +### Event: `'session'` + + +Emitted when a new `QuicServerSession` has been created. + +### quicsocket.addMembership(address, iface) + + +* `address` {string} +* `iface` {string} + +Tells the kernel to join a multicast group at the given `multicastAddress` and +`multicastInterface` using the `IP_ADD_MEMBERSHIP` socket option. If the +`multicastInterface` argument is not specified, the operating system will +choose one interface and will add membership to it. To add membership to every +available interface, call `quicsocket.addMembership()` multiple times, once per +interface. + + +### quicsocket.address + + +* Type: Address + +An object containing the address information for a bound `QuicSocket`. + +The object will contain the properties: + +* `address` {string} The local IPv4 or IPv6 address to which the `QuicSocket` is + bound. +* `family` {string} Either `'IPv4'` or `'IPv6'`. +* `port` {number} The local IP port to which the `QuicSocket` is bound. + +If the `QuicSocket` is not bound, `quicsocket.address` is an empty object. + +### quicsocket.bound + + +* Type: {boolean} + +Will be `true` if the `QuicSocket` has been successfully bound to the local UDP +port. + +### quicsocket.close([callback]) + + +* `callback` {Function} + +Gracefully closes the `QuicSocket`. Existing `QuicSession` instances will be +permitted to close naturally. New `QuicClientSession` and `QuicServerSession` +instances will not be allowed. + +### quicsocket.connect([options]) + + +* `options` {Object} + * `address` {string} The domain name or IP address of the QUIC server + endpoint. + * `alpn` {string} An ALPN protocol identifier. + * `ca` {string|string[]|Buffer|Buffer[]} Optionally override the trusted CA + certificates. Default is to trust the well-known CAs curated by Mozilla. + Mozilla's CAs are completely replaced when CAs are explicitly specified + using this option. The value can be a string or `Buffer`, or an `Array` of + strings and/or `Buffer`s. Any string or `Buffer` can contain multiple PEM + CAs concatenated together. The peer's certificate must be chainable to a CA + trusted by the server for the connection to be authenticated. When using + certificates that are not chainable to a well-known CA, the certificate's CA + must be explicitly specified as a trusted or the connection will fail to + authenticate. + If the peer uses a certificate that doesn't match or chain to one of the + default CAs, use the `ca` option to provide a CA certificate that the peer's + certificate can match or chain to. + For self-signed certificates, the certificate is its own CA, and must be + provided. + For PEM encoded certificates, supported types are "TRUSTED CERTIFICATE", + "X509 CERTIFICATE", and "CERTIFICATE". + * `cert` {string|string[]|Buffer|Buffer[]} Cert chains in PEM format. One cert + chain should be provided per private key. Each cert chain should consist of + the PEM formatted certificate for a provided private `key`, followed by the + PEM formatted intermediate certificates (if any), in order, and not + including the root CA (the root CA must be pre-known to the peer, see `ca`). + When providing multiple cert chains, they do not have to be in the same + order as their private keys in `key`. If the intermediate certificates are + not provided, the peer will not be able to validate the certificate, and the + handshake will fail. + * `ciphers` {string} Cipher suite specification, replacing the default. For + more information, see [modifying the default cipher suite][]. Permitted + ciphers can be obtained via [`tls.getCiphers()`][]. Cipher names must be + uppercased in order for OpenSSL to accept them. + * `clientCertEngine` {string} Name of an OpenSSL engine which can provide the + client certificate. + * `crl` {string|string[]|Buffer|Buffer[]} PEM formatted CRLs (Certificate + Revocation Lists). + * `dhparam` {string|Buffer} Diffie Hellman parameters, required for + [Perfect Forward Secrecy][]. Use `openssl dhparam` to create the parameters. + The key length must be greater than or equal to 1024 bits, otherwise an + error will be thrown. It is strongly recommended to use 2048 bits or larger + for stronger security. If omitted or invalid, the parameters are silently + discarded and DHE ciphers will not be available. + * `ecdhCurve` {string} A string describing a named curve or a colon separated + list of curve NIDs or names, for example `P-521:P-384:P-256`, to use for + ECDH key agreement. Set to `auto` to select the + curve automatically. Use [`crypto.getCurves()`][] to obtain a list of + available curve names. On recent releases, `openssl ecparam -list_curves` + will also display the name and description of each available elliptic curve. + **Default:** [`tls.DEFAULT_ECDH_CURVE`]. + * `honorCipherOrder` {boolean} Attempt to use the server's cipher suite + preferences instead of the client's. When `true`, causes + `SSL_OP_CIPHER_SERVER_PREFERENCE` to be set in `secureOptions`, see + [OpenSSL Options][] for more information. + * `idleTimeout` {number} + * `ipv6Only` {boolean} + * `key` {string|string[]|Buffer|Buffer[]|Object[]} Private keys in PEM format. + PEM allows the option of private keys being encrypted. Encrypted keys will + be decrypted with `options.passphrase`. Multiple keys using different + algorithms can be provided either as an array of unencrypted key strings or + buffers, or an array of objects in the form `{pem: [, + passphrase: ]}`. The object form can only occur in an array. + `object.passphrase` is optional. Encrypted keys will be decrypted with + `object.passphrase` if provided, or `options.passphrase` if it is not. + * `activeConnectionIdLimit` {number} + * `maxAckDelay` {number} + * `maxCryptoBuffer` {number} + * `maxData` {number} + * `maxPacketSize` {number} + * `maxStreamDataBidiLocal` {number} + * `maxStreamDataBidiRemote` {number} + * `maxStreamDataUni` {number} + * `maxStreamsBidi` {number} + * `maxStreamsUni` {number} + * `passphrase` {string} Shared passphrase used for a single private key and/or + a PFX. + * `pfx` {string|string[]|Buffer|Buffer[]|Object[]} PFX or PKCS12 encoded + private key and certificate chain. `pfx` is an alternative to providing + `key` and `cert` individually. PFX is usually encrypted, if it is, + `passphrase` will be used to decrypt it. Multiple PFX can be provided either + as an array of unencrypted PFX buffers, or an array of objects in the form + `{buf: [, passphrase: ]}`. The object form can only + occur in an array. `object.passphrase` is optional. Encrypted PFX will be + decrypted with `object.passphrase` if provided, or `options.passphrase` if + it is not. + * `port` {number} The IP port of the remote QUIC server. + * `preferredAddressPolicy` {string} `'accept'` or `'reject'`. + * `remoteTransportParams` {Buffer|TypedArray|DataView} The serialized remote + transport parameters from a previously established session. These would + have been provided as part of the `'sessionTicket'` event on a previous + `QuicClientSession` object. + * `requestOCSP` {boolean} If `true`, specifies that the OCSP status request + extension will be added to the client hello and an `'OCSPResponse'` event + will be emitted before establishing a secure communication. + * `secureOptions` {number} Optionally affect the OpenSSL protocol behavior, + which is not usually necessary. This should be used carefully if at all! + Value is a numeric bitmask of the `SSL_OP_*` options from + [OpenSSL Options][]. + * `servername` {string} The SNI servername. + * `sessionIdContext` {string} Opaque identifier used by servers to ensure + session state is not shared between applications. Unused by clients. + * `sessionTicket`: {Buffer|TypedArray|DataView} The serialized TLS Session + Ticket from a previously established session. These would have been + provided as part of the `'sessionTicket`' event on a previous + `QuicClientSession` object. + * `type`: {string} Identifies the type of UDP socket. The value must either + be `'udp4'`, indicating UDP over IPv4, or `'udp6'`, indicating UDP over + IPv6. Defaults to `'udp4'`. + +Create a new `QuicClientSession`. + +### quicsocket.destroy([error]) + + +* `error` {any} + +Destroys the `QuicSocket` then emits the `'close'` event when done. The `'error'` +event will be emitted after `'close'` if the `error` is not `undefined`. + +### quicsocket.destroyed + + +* Type: {boolean} + +Will be `true` if the `QuicSocket` has been destroyed. + +### quicsocket.dropMembership(address, iface) + + +* `address` {string} +* `iface` {string} + +Instructs the kernel to leave a multicast group at `multicastAddress` using the +`IP_DROP_MEMBERSHIP` socket option. This method is automatically called by the +kernel when the socket is closed or the process terminates, so most apps will +never have reason to call this. + +If `multicastInterface` is not specified, the operating system will attempt to +drop membership on all valid interfaces. + +### quicsocket.fd + + +* Type: {integer} + +The system file descriptor the `QuicSocket` is bound to. This property +is not set on Windows. + +### quicsocket.listen([options][, callback]) + + +* `options` {Object} + * `alpn` {string} An ALPN protocol identifier. + * `ca` {string|string[]|Buffer|Buffer[]} Optionally override the trusted CA + certificates. Default is to trust the well-known CAs curated by Mozilla. + Mozilla's CAs are completely replaced when CAs are explicitly specified + using this option. The value can be a string or `Buffer`, or an `Array` of + strings and/or `Buffer`s. Any string or `Buffer` can contain multiple PEM + CAs concatenated together. The peer's certificate must be chainable to a CA + trusted by the server for the connection to be authenticated. When using + certificates that are not chainable to a well-known CA, the certificate's CA + must be explicitly specified as a trusted or the connection will fail to + authenticate. + If the peer uses a certificate that doesn't match or chain to one of the + default CAs, use the `ca` option to provide a CA certificate that the peer's + certificate can match or chain to. + For self-signed certificates, the certificate is its own CA, and must be + provided. + For PEM encoded certificates, supported types are "TRUSTED CERTIFICATE", + "X509 CERTIFICATE", and "CERTIFICATE". + * `cert` {string|string[]|Buffer|Buffer[]} Cert chains in PEM format. One cert + chain should be provided per private key. Each cert chain should consist of + the PEM formatted certificate for a provided private `key`, followed by the + PEM formatted intermediate certificates (if any), in order, and not + including the root CA (the root CA must be pre-known to the peer, see `ca`). + When providing multiple cert chains, they do not have to be in the same + order as their private keys in `key`. If the intermediate certificates are + not provided, the peer will not be able to validate the certificate, and the + handshake will fail. + * `ciphers` {string} Cipher suite specification, replacing the default. For + more information, see [modifying the default cipher suite][]. Permitted + ciphers can be obtained via [`tls.getCiphers()`][]. Cipher names must be + uppercased in order for OpenSSL to accept them. + * `clientCertEngine` {string} Name of an OpenSSL engine which can provide the + client certificate. + * `crl` {string|string[]|Buffer|Buffer[]} PEM formatted CRLs (Certificate + Revocation Lists). + * `dhparam` {string|Buffer} Diffie Hellman parameters, required for + [Perfect Forward Secrecy][]. Use `openssl dhparam` to create the parameters. + The key length must be greater than or equal to 1024 bits, otherwise an + error will be thrown. It is strongly recommended to use 2048 bits or larger + for stronger security. If omitted or invalid, the parameters are silently + discarded and DHE ciphers will not be available. + * `ecdhCurve` {string} A string describing a named curve or a colon separated + list of curve NIDs or names, for example `P-521:P-384:P-256`, to use for + ECDH key agreement. Set to `auto` to select the + curve automatically. Use [`crypto.getCurves()`][] to obtain a list of + available curve names. On recent releases, `openssl ecparam -list_curves` + will also display the name and description of each available elliptic curve. + **Default:** [`tls.DEFAULT_ECDH_CURVE`]. + * `honorCipherOrder` {boolean} Attempt to use the server's cipher suite + preferences instead of the client's. When `true`, causes + `SSL_OP_CIPHER_SERVER_PREFERENCE` to be set in `secureOptions`, see + [OpenSSL Options][] for more information. + * `idleTimeout` {number} + * `key` {string|string[]|Buffer|Buffer[]|Object[]} Private keys in PEM format. + PEM allows the option of private keys being encrypted. Encrypted keys will + be decrypted with `options.passphrase`. Multiple keys using different + algorithms can be provided either as an array of unencrypted key strings or + buffers, or an array of objects in the form `{pem: [, + passphrase: ]}`. The object form can only occur in an array. + `object.passphrase` is optional. Encrypted keys will be decrypted with + `object.passphrase` if provided, or `options.passphrase` if it is not. + * `activeConnectionIdLimit` {number} + * `maxAckDelay` {number} + * `maxCryptoBuffer` {number} + * `maxData` {number} + * `maxPacketSize` {number} + * `maxStreamsBidi` {number} + * `maxStreamsUni` {number} + * `maxStreamDataBidiLocal` {number} + * `maxStreamDataBidiRemote` {number} + * `maxStreamDataUni` {number} + * `passphrase` {string} Shared passphrase used for a single private key + and/or a PFX. + * `pfx` {string|string[]|Buffer|Buffer[]|Object[]} PFX or PKCS12 encoded + private key and certificate chain. `pfx` is an alternative to providing + `key` and `cert` individually. PFX is usually encrypted, if it is, + `passphrase` will be used to decrypt it. Multiple PFX can be provided either + as an array of unencrypted PFX buffers, or an array of objects in the form + `{buf: [, passphrase: ]}`. The object form can only + occur in an array. `object.passphrase` is optional. Encrypted PFX will be + decrypted with `object.passphrase` if provided, or `options.passphrase` if + it is not. + * `preferredAddress` {Object} + * `address` {string} + * `port` {number} + * `type` {string} `'udp4'` or `'udp6'`. + * `requestCert` {boolean} Request a certificate used to authenticate the + client. + * `rejectUnauthorized` {boolean} If not `false` the server will reject any + connection which is not authorized with the list of supplied CAs. This + option only has an effect if `requestCert` is `true`. Default: `true`. + * `secureOptions` {number} Optionally affect the OpenSSL protocol behavior, + which is not usually necessary. This should be used carefully if at all! + Value is a numeric bitmask of the `SSL_OP_*` options from + [OpenSSL Options][]. + * `sessionIdContext` {string} Opaque identifier used by servers to ensure + session state is not shared between applications. Unused by clients. + +* `callback` {Function} + +Listen for new peer-initiated sessions. + +If a `callback` is given, it is registered as a handler for the +`'session'` event. + +### quicsocket.pending + + +* Type: {boolean} + +Set to `true` if the socket is not yet bound to the local UDP port. + +### quicsocket.ref() + + +### quicsocket.setBroadcast([on]) + + +* `on` {boolean} + +Sets or clears the `SO_BROADCAST` socket option. When set to `true`, UDP +packets may be sent to a local interface's broadcast address. + +### quicsocket.setMulticastLoopback([on]) + + +* `on` {boolean} + +Sets or clears the `IP_MULTICAST_LOOP` socket option. When set to `true`, +multicast packets will also be received on the local interface. + +### quicsocket.setMulticastInterface(iface) + + +* `iface` {string} + +All references to scope in this section are referring to IPv6 Zone Indices, +which are defined by [RFC 4007][]. In string form, an IP with a scope index +is written as `'IP%scope'` where scope is an interface name or interface +number. + +Sets the default outgoing multicast interface of the socket to a chosen +interface or back to system interface selection. The multicastInterface must +be a valid string representation of an IP from the socket's family. + +For IPv4 sockets, this should be the IP configured for the desired physical +interface. All packets sent to multicast on the socket will be sent on the +interface determined by the most recent successful use of this call. + +For IPv6 sockets, multicastInterface should include a scope to indicate the +interface as in the examples that follow. In IPv6, individual send calls can +also use explicit scope in addresses, so only packets sent to a multicast +address without specifying an explicit scope are affected by the most recent +successful use of this call. + +#### Examples: IPv6 Outgoing Multicast Interface + +On most systems, where scope format uses the interface name: + +```js +const socket = quic.createSocket({ type: 'udp6', port: 1234 }); + +socket.on('ready', () => { + socket.setMulticastInterface('::%eth1'); +}); +``` + +On Windows, where scope format uses an interface number: + +```js +const socket = quic.createSocket({ type: 'udp6', port: 1234 }); + +socket.on('ready', () => { + socket.setMulticastInterface('::%2'); +}); +``` + +#### Example: IPv4 Outgoing Multicast Interface + +All systems use an IP of the host on the desired physical interface: + +```js +const socket = quic.createSocket({ type: 'udp4', port: 1234 }); + +socket.on('ready', () => { + socket.setMulticastInterface('10.0.0.2'); +}); +``` + +#### Call Results# + +A call on a socket that is not ready to send or no longer open may throw a +Not running Error. + +If multicastInterface can not be parsed into an IP then an `EINVAL` System +Error is thrown. + +On IPv4, if `multicastInterface` is a valid address but does not match any +interface, or if the address does not match the family then a System Error +such as `EADDRNOTAVAIL` or `EPROTONOSUP` is thrown. + +On IPv6, most errors with specifying or omitting scope will result in the +socket continuing to use (or returning to) the system's default interface +selection. + +A socket's address family's ANY address (IPv4 `'0.0.0.0'` or IPv6 `'::'`) +can be used to return control of the sockets default outgoing interface to +the system for future multicast packets. + +### quicsocket.setMulticastTTL(ttl) + + +* `ttl` {number} + +Sets the `IP_MULTICAST_TTL` socket option. While TTL generally stands for +"Time to Live", in this context it specifies the number of IP hops that a +packet is allowed to travel through, specifically for multicast traffic. Each +router or gateway that forwards a packet decrements the TTL. If the TTL is +decremented to `0` by a router, it will not be forwarded. + +The argument passed to `socket.setMulticastTTL()` is a number of hops between +`0` and `255`. The default on most systems is `1` but can vary. + +### quicsocket.setServerBusy([on]) + + +* `on` {boolean} When `true`, the `QuicSocket` will reject new connections. + **Defaults**: `true`. + +Calling `setServerBusy()` or `setServerBusy(true)` will tell the `QuicSocket` +to reject all new incoming connection requests using the `SERVER_BUSY` QUIC +error code. To begin receiving connections again, disable busy mode by calling +`setServerBusy(false)`. + +### quicsocket.setTTL(ttl) + + +* `ttl` {number} + +Sets the `IP_TTL` socket option. While TTL generally stands for "Time to Live", +in this context it specifies the number of IP hops that a packet is allowed to +travel through. Each router or gateway that forwards a packet decrements the +TTL. If the TTL is decremented to `0` by a router, it will not be forwarded. +Changing TTL values is typically done for network probes or when multicasting. + +The argument to `socket.setTTL()` is a number of hops between `1` and `255`. +The default on most systems is `64` but can vary. + +### quicsocket.unref(); + + + +## Class: QuicStream extends stream.Duplex + + +* Extends: {stream.Duplex} + +### Event: `'abort'` + + +Emitted when the `QuicStream` is close abruptly before the readable +or writable side has closed naturally. + +The callback is invoked with two arguments: + +* `code` {number} The QUIC application error code used to terminate the stream. +* `finalSize` {number} The total number of bytes received by the `QuicStream` + as of the moment the stream was closed. + +### Event: `'close'` + + +### Event: `'data'` + + +### Event: `'end'` + + +### Event: `'error'` + + +### Event: `'readable'` + + +### quicstream.bidirectional + + +* Type: {boolean} + +Set to `true` if the `QuicStream` is bidirectional. + +### quicstream.clientInitiated + + +* Type: {boolean} + +Set to `true` if the `QuicStream` was initiated by a `QuicClientSession` +instance. + +### quicstream.id + + +* Type: {number} + +The numeric identifier of the `QuicStream`. + +### quicstream.serverInitiated + + +* Type: {boolean} + +Set to `true` if the `QuicStream` was initiated by a `QuicServerSession` +instance. + +### quicstream.session + + +* Type: {QuicSession} + +The `QuicServerSession` or `QuicClientSession`. + +### quicstream.unidirectional + + +* Type: {boolean} + +Set to `true` if the `QuicStream` is unidirectional. + + + +[RFC 4007]: https://tools.ietf.org/html/rfc4007 +[Certificate Object]: https://nodejs.org/dist/latest-v12.x/docs/api/tls.html#tls_certificate_object diff --git a/lib/internal/errors.js b/lib/internal/errors.js index ad12d99c7c..3f8cde8e7d 100644 --- a/lib/internal/errors.js +++ b/lib/internal/errors.js @@ -1125,6 +1125,53 @@ E('ERR_OUT_OF_RANGE', msg += ` It must be ${range}. Received ${received}`; return msg; }, RangeError); +E('ERR_QUICCLIENTSESSION_FAILED', + 'Failed to create a new QuicClientSession: %s', Error); +E('ERR_QUICCLIENTSESSION_FAILED_SETSOCKET', + 'Failed to set the QuicSocket', Error); +E('ERR_QUICSESSION_DESTROYED', + 'Cannot call %s after a QuicSession has been destroyed', Error); +E('ERR_QUICSESSION_INVALID_DCID', 'Invalid DCID value: %s', Error); +E('ERR_QUICSESSION_UPDATEKEY', 'Unable to update QuicSession keys', Error); +E('ERR_QUICSESSION_VERSION_NEGOTIATION', + (version, requestedVersions, supportedVersions) => { + return 'QUIC session received version negotiation from server. ' + + `Version: ${version}. Requested: ${requestedVersions.join(', ')} ` + + `Supported: ${supportedVersions.join(', ')}`; + }, + Error); +E('ERR_QUICSOCKET_CLOSING', + 'Cannot call %s while a QuicSocket is closing', Error); +E('ERR_QUICSOCKET_DESTROYED', + 'Cannot call %s after a QuicSocket has been destroyed', Error); +E('ERR_QUICSOCKET_LISTENING', + 'This QuicSocket is already listening', Error); +E('ERR_QUICSOCKET_UNBOUND', + 'Cannot call %s before a QuicSocket has been bound', Error); +E('ERR_QUICSTREAM_OPEN_FAILED', 'Opening a new QuicStream failed', Error); +E('ERR_QUIC_ERROR', function(code, family) { + const { + constants: { + QUIC_ERROR_APPLICATION, + QUIC_ERROR_CRYPTO, + QUIC_ERROR_SESSION, + } + } = internalBinding('quic'); + let familyType = 'unknown'; + switch (family) { + case QUIC_ERROR_APPLICATION: + familyType = 'application'; + break; + case QUIC_ERROR_CRYPTO: + familyType = 'crypto'; + break; + case QUIC_ERROR_SESSION: + familyType = 'session'; + break; + } + return `QUIC session closed with ${familyType} error code ${code}`; +}, Error); +E('ERR_QUIC_TLS13_REQUIRED', 'QUIC requires TLS version 1.3', Error); E('ERR_REQUIRE_ESM', (filename, parentPath = null, packageJsonPath = null) => { let msg = `Must use import to load ES Module: ${filename}`; diff --git a/lib/internal/histogram.js b/lib/internal/histogram.js new file mode 100644 index 0000000000..39e3dd472a --- /dev/null +++ b/lib/internal/histogram.js @@ -0,0 +1,70 @@ +'use strict'; + +const { + customInspectSymbol: kInspect, +} = require('internal/util'); + +const { format } = require('util'); + +const kHandle = Symbol('kHandle'); +const kDestroy = Symbol('kDestroy'); + +class Histogram { + constructor(internal) { + this[kHandle] = internal; + } + + [kInspect]() { + const obj = { + min: this.min, + max: this.max, + mean: this.mean, + exceeds: this.exceeds, + stddev: this.stddev, + percentiles: this.percentiles, + }; + return `Histogram ${format(obj)}`; + } + + get min() { + return this[kHandle] ? this[kHandle].min() : undefined; + } + + get max() { + return this[kHandle] ? this[kHandle].max() : undefined; + } + + get mean() { + return this[kHandle] ? this[kHandle].mean() : undefined; + } + + get exceeds() { + return this[kHandle] ? this[kHandle].exceeds() : undefined; + } + + get stddev() { + return this[kHandle] ? this[kHandle].stddev() : undefined; + } + + percentile(percentile) { + return this[kHandle] ? this[kHandle].percentile(percentile) : undefined; + } + + get percentiles() { + const map = new Map(); + if (this[kHandle]) + this[kHandle].percentiles(map); + return map; + } + + reset() { + if (this[kHandle]) + this[kHandle].reset(); + } + + [kDestroy]() { + this[kHandle] = undefined; + } +} + +module.exports = { Histogram, kDestroy: kDestroy }; diff --git a/lib/internal/modules/cjs/helpers.js b/lib/internal/modules/cjs/helpers.js index 2d73219a77..32cfdab50e 100644 --- a/lib/internal/modules/cjs/helpers.js +++ b/lib/internal/modules/cjs/helpers.js @@ -112,9 +112,9 @@ function stripBOM(content) { const builtinLibs = [ 'assert', 'async_hooks', 'buffer', 'child_process', 'cluster', 'crypto', 'dgram', 'dns', 'domain', 'events', 'fs', 'http', 'http2', 'https', 'net', - 'os', 'path', 'perf_hooks', 'punycode', 'querystring', 'readline', 'repl', - 'stream', 'string_decoder', 'tls', 'trace_events', 'tty', 'url', 'util', - 'v8', 'vm', 'worker_threads', 'zlib' + 'os', 'path', 'perf_hooks', 'punycode', 'quic', 'querystring', 'readline', + 'repl', 'stream', 'string_decoder', 'tls', 'trace_events', 'tty', 'url', + 'util', 'v8', 'vm', 'worker_threads', 'zlib' ]; if (internalBinding('config').experimentalWasi) { diff --git a/lib/internal/quic/core.js b/lib/internal/quic/core.js new file mode 100644 index 0000000000..144a2bb3a4 --- /dev/null +++ b/lib/internal/quic/core.js @@ -0,0 +1,2443 @@ +'use strict'; + +/* eslint-disable no-use-before-define */ + +const { + assertCrypto, + customInspectSymbol: kInspect, +} = require('internal/util'); + +assertCrypto(); + +const { Buffer } = require('buffer'); +const { isArrayBufferView } = require('internal/util/types'); +const { + getAllowUnauthorized, + getSocketType, + lookup4, + lookup6, + validateCloseCode, + validateTransportParams, + validateQuicClientSessionOptions, + validateQuicSocketOptions, +} = require('internal/quic/util'); +const util = require('util'); +const assert = require('internal/assert'); +const EventEmitter = require('events'); +const { Duplex } = require('stream'); +const { + createSecureContext: _createSecureContext +} = require('tls'); +const { + translatePeerCertificate +} = require('_tls_common'); +const { + defaultTriggerAsyncIdScope, // eslint-disable-line no-unused-vars + symbols: { + async_id_symbol, + owner_symbol, + }, +} = require('internal/async_hooks'); + +const { + writeGeneric, + writevGeneric, + onStreamRead, + kAfterAsyncWrite, + kMaybeDestroy, + kUpdateTimer, + kHandle, + setStreamTimeout // eslint-disable-line no-unused-vars +} = require('internal/stream_base_commons'); + +const { + ShutdownWrap, + kReadBytesOrError, // eslint-disable-line no-unused-vars + streamBaseState // eslint-disable-line no-unused-vars +} = internalBinding('stream_wrap'); + +const { + codes: { + ERR_INVALID_ARG_TYPE, + ERR_INVALID_ARG_VALUE, + ERR_INVALID_CALLBACK, + ERR_OUT_OF_RANGE, + ERR_QUIC_ERROR, + ERR_QUICSESSION_DESTROYED, + ERR_QUICSESSION_VERSION_NEGOTIATION, + ERR_QUICSOCKET_CLOSING, + ERR_QUICSOCKET_DESTROYED, + ERR_QUICSOCKET_LISTENING, + ERR_QUICCLIENTSESSION_FAILED, + ERR_QUICCLIENTSESSION_FAILED_SETSOCKET, + ERR_QUICSESSION_UPDATEKEY, + ERR_QUICSTREAM_OPEN_FAILED, + ERR_TLS_DH_PARAM_SIZE, + }, + errnoException, + exceptionWithHostPort +} = require('internal/errors'); + +const { + QuicSocket: QuicSocketHandle, + initSecureContext, + initSecureContextClient, + createClientSession: _createClientSession, + openBidirectionalStream: _openBidirectionalStream, + openUnidirectionalStream: _openUnidirectionalStream, + sessionConfig, + setCallbacks, + constants: { + AF_INET, + AF_INET6, + UV_UDP_IPV6ONLY, + UV_UDP_REUSEADDR, + NGTCP2_ALPN_H3, + NGTCP2_MAX_CIDLEN, + NGTCP2_MIN_CIDLEN, + IDX_QUIC_SESSION_ACTIVE_CONNECTION_ID_LIMIT, + IDX_QUIC_SESSION_MAX_STREAM_DATA_BIDI_LOCAL, + IDX_QUIC_SESSION_MAX_STREAM_DATA_BIDI_REMOTE, + IDX_QUIC_SESSION_MAX_STREAM_DATA_UNI, + IDX_QUIC_SESSION_MAX_DATA, + IDX_QUIC_SESSION_MAX_STREAMS_BIDI, + IDX_QUIC_SESSION_MAX_STREAMS_UNI, + IDX_QUIC_SESSION_IDLE_TIMEOUT, + IDX_QUIC_SESSION_MAX_PACKET_SIZE, + IDX_QUIC_SESSION_MAX_CRYPTO_BUFFER, + IDX_QUIC_SESSION_CONFIG_COUNT, + IDX_QUIC_SESSION_MAX_PACKET_SIZE_DEFAULT, + IDX_QUIC_SESSION_MAX_ACK_DELAY, + IDX_QUIC_SESSION_STATE_CERT_ENABLED, + IDX_QUIC_SESSION_STATE_CLIENT_HELLO_ENABLED, + IDX_QUIC_SESSION_STATE_PATH_VALIDATED_ENABLED, + IDX_QUIC_SESSION_STATE_KEYLOG_ENABLED, + IDX_QUIC_SESSION_STATE_MAX_STREAMS_BIDI, + IDX_QUIC_SESSION_STATE_MAX_STREAMS_UNI, + ERR_INVALID_REMOTE_TRANSPORT_PARAMS, + ERR_INVALID_TLS_SESSION_TICKET, + NGTCP2_PATH_VALIDATION_RESULT_FAILURE, + NGTCP2_NO_ERROR, + QUIC_ERROR_APPLICATION, + QUICSERVERSESSION_OPTION_REJECT_UNAUTHORIZED, + QUICSERVERSESSION_OPTION_REQUEST_CERT, + QUICCLIENTSESSION_OPTION_REQUEST_OCSP, + QUICCLIENTSESSION_OPTION_VERIFY_HOSTNAME_IDENTITY, + QUICSOCKET_OPTIONS_VALIDATE_ADDRESS, + QUICSOCKET_OPTIONS_VALIDATE_ADDRESS_LRU, + } +} = internalBinding('quic'); + +const { + Histogram, + kDestroy: kDestroyHistogram +} = require('internal/histogram'); + +const DEFAULT_QUIC_CIPHERS = 'TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:' + + 'TLS_CHACHA20_POLY1305_SHA256'; +const DEFAULT_GROUPS = 'P-256:X25519:P-384:P-521'; + +const emit = EventEmitter.prototype.emit; + +const kAddSession = Symbol('kAddSession'); +const kAddStream = Symbol('kAddStream'); +const kClose = Symbol('kClose'); +const kCert = Symbol('kCert'); +const kClientHello = Symbol('kClientHello'); +const kContinueBind = Symbol('kContinueBind'); +const kContinueConnect = Symbol('kContinueConnect'); +const kContinueListen = Symbol('kContinueListen'); +const kDestroy = Symbol('kDestroy'); +const kHandshake = Symbol('kHandshake'); +const kHandshakePost = Symbol('kHandshakePost'); +const kInit = Symbol('kInit'); +const kMaybeBind = Symbol('kMaybeBind'); +const kMaybeReady = Symbol('kMaybeReady'); +const kReady = Symbol('kReady'); +const kReceiveStart = Symbol('kReceiveStart'); +const kReceiveStop = Symbol('kReceiveStop'); +const kRemoveSession = Symbol('kRemove'); +const kRemoveStream = Symbol('kRemoveStream'); +const kServerBusy = Symbol('kServerBusy'); +const kSetHandle = Symbol('kSetHandle'); +const kSetSocket = Symbol('kSetSocket'); +const kStreamClose = Symbol('kStreamClose'); +const kStreamReset = Symbol('kStreamReset'); +const kTrackWriteState = Symbol('kTrackWriteState'); +const kVersionNegotiation = Symbol('kVersionNegotiation'); +const kWriteGeneric = Symbol('kWriteGeneric'); + +const kSocketUnbound = 0; +const kSocketPending = 1; +const kSocketBound = 2; +const kSocketClosing = 3; +const kSocketDestroyed = 4; + +let diagnosticPacketLossWarned = false; + +function setConfigField(val, index) { + if (typeof val === 'number') { + sessionConfig[index] = val; + return 1 << index; + } + return 0; +} + +function setTransportParams(config) { + const { + activeConnectionIdLimit, + maxStreamDataBidiLocal, + maxStreamDataBidiRemote, + maxStreamDataUni, + maxData, + maxStreamsBidi, + maxStreamsUni, + idleTimeout, + maxPacketSize, + maxAckDelay, + maxCryptoBuffer, + } = { ...config }; + + const flags = setConfigField(activeConnectionIdLimit, + IDX_QUIC_SESSION_ACTIVE_CONNECTION_ID_LIMIT) | + setConfigField(maxStreamDataBidiLocal, + IDX_QUIC_SESSION_MAX_STREAM_DATA_BIDI_LOCAL) | + setConfigField(maxStreamDataBidiRemote, + IDX_QUIC_SESSION_MAX_STREAM_DATA_BIDI_REMOTE) | + setConfigField(maxStreamDataUni, + IDX_QUIC_SESSION_MAX_STREAM_DATA_UNI) | + setConfigField(maxData, IDX_QUIC_SESSION_MAX_DATA) | + setConfigField(maxStreamsBidi, + IDX_QUIC_SESSION_MAX_STREAMS_BIDI) | + setConfigField(maxStreamsUni, + IDX_QUIC_SESSION_MAX_STREAMS_UNI) | + setConfigField(idleTimeout, IDX_QUIC_SESSION_IDLE_TIMEOUT) | + setConfigField(maxAckDelay, IDX_QUIC_SESSION_MAX_ACK_DELAY) | + setConfigField(maxPacketSize, + IDX_QUIC_SESSION_MAX_PACKET_SIZE) | + setConfigField(maxCryptoBuffer, + IDX_QUIC_SESSION_MAX_CRYPTO_BUFFER); + + sessionConfig[IDX_QUIC_SESSION_CONFIG_COUNT] = flags; +} + +// Called when the socket has been bound and is ready for use +function onSocketReady(fd) { + this[owner_symbol][kReady](fd); +} + +// Called when the socket is closed +function onSocketClose() { + this[owner_symbol].destroy(); +} + +// Called when an error occurs on the socket +function onSocketError(err) { + this[owner_symbol].destroy(errnoException(err)); +} + +function onSocketServerBusy(on) { + this[owner_symbol][kServerBusy](!!on); +} + +// Called when a new QuicSession is ready to use +function onSessionReady(sessionHandle) { + const socket = this[owner_symbol]; + const session = new QuicServerSession(socket, sessionHandle); + process.nextTick(emit.bind(socket, 'session', session)); +} + +function onSessionClose(code, family) { + // During an immediate close, all currently open QuicStreams are + // abruptly closed. If they are still writable or readable, an abort + // event will be emitted, and RESET_STREAM and STOP_SENDING frames + // will be transmitted as necessary. Once streams have been + // shutdown, a CONNECTION_CLOSE frame will be sent and the + // session will enter the closing period, after which it will + // be destroyed either when the idle timeout expires, the + // QuicSession is silently closed, or destroy is called. + this[owner_symbol][kClose](family, code); +} + +// This callback is invoked at the start of the TLS handshake to provide +// some basic information about the ALPN, SNI, and Ciphers that are +// being requested. It is only called if the 'clientHello' event is +// listened for. +function onSessionClientHello(alpn, servername, ciphers) { + this[owner_symbol][kClientHello]( + alpn, + servername, + ciphers, + (err, ...args) => { + if (err) { + this[owner_symbol].destroy(err); + return; + } + try { + this.onClientHelloDone(...args); + } catch (err) { + this[owner_symbol].destroy(err); + } + }); +} + +// This callback is only ever invoked for QuicServerSession instances, +// and is used to trigger OCSP request processing when needed. The +// user callback must invoke .onCertDone() in order for the +// TLS handshake to continue. +function onSessionCert(servername) { + this[owner_symbol][kCert](servername, (err, context, ocspResponse) => { + if (err) { + this[owner_symbol].destroy(err); + return; + } + if (context != null && !context.context) { + this[owner_symbol].destroy( + new ERR_INVALID_ARG_TYPE( + 'context', + 'SecureContext', + context)); + } + if (ocspResponse != null) { + if (typeof ocspResponse === 'string') + ocspResponse = Buffer.from(ocspResponse); + if (!isArrayBufferView(ocspResponse)) { + this[owner_symbol].destroy( + new ERR_INVALID_ARG_TYPE( + 'ocspResponse', + ['string', 'Buffer', 'TypedArray', 'DataView'], + ocspResponse)); + } + } + try { + this.onCertDone(context ? context.context : undefined, ocspResponse); + } catch (err) { + this[owner_symbol].destroy(err); + } + }); +} + +// This callback is only ever invoked for QuicClientSession instances, +// and is used to deliver the OCSP response as provided by the server. +// If the requestOCSP configuration option is false, this will never +// be called. +function onSessionStatus(response) { + this[owner_symbol][kCert](response); +} + +function onSessionHandshake( + servername, + alpn, + cipher, + cipherVersion, + maxPacketLength, + verifyErrorReason, + verifyErrorCode) { + this[owner_symbol][kHandshake]( + servername, + alpn, + cipher, + cipherVersion, + maxPacketLength, + verifyErrorReason, + verifyErrorCode); +} + +function onSessionTicket(sessionID, sessionTicket, transportParams) { + if (this[owner_symbol]) { + process.nextTick( + emit.bind( + this[owner_symbol], + 'sessionTicket', + sessionID, + sessionTicket, + transportParams)); + } +} + +function onSessionPathValidation(res, local, remote) { + const session = this[owner_symbol]; + if (session) { + process.nextTick( + emit.bind( + session, + 'pathValidation', + res === NGTCP2_PATH_VALIDATION_RESULT_FAILURE ? 'failure' : 'success', + local, + remote)); + } +} + +// Called when an error occurs in a QuicSession +function onSessionError(error) { + if (this[owner_symbol]) { + this[owner_symbol].destroy(error); + } +} + +function onSessionVersionNegotiation( + version, + requestedVersions, + supportedVersions) { + if (this[owner_symbol]) { + this[owner_symbol][kVersionNegotiation]( + version, + requestedVersions, + supportedVersions); + } +} + +function onSessionKeylog(line) { + if (this[owner_symbol]) { + this[owner_symbol].emit('keylog', line); + } +} + +// Called when a new QuicStream is ready to use +function onStreamReady(streamHandle, id) { + const session = this[owner_symbol]; + + // onStreamReady should never be called if the stream is in a closing + // state because new streams should not have been accepted at the C++ + // level. + assert(!session.closing); + + // TODO(@jasnell): Get default options from session + const uni = id & 0b10; + const stream = new QuicStream({ writable: !uni }, session, id, streamHandle); + if (uni) + stream.end(); + session[kAddStream](id, stream); + process.nextTick(emit.bind(session, 'stream', stream)); +} + +// Called when a stream is closed on the C++ side and +// needs to be destroyed on the JavaScript side. +function onStreamClose(id, appErrorCode) { + this[owner_symbol][kStreamClose](id, appErrorCode); +} + +function onStreamReset(id, appErrorCode, finalSize) { + this[owner_symbol][kStreamReset](id, appErrorCode, finalSize); +} + +// Called when an error occurs in a QuicStream +function onStreamError(streamHandle, error) { + streamHandle[owner_symbol].destroy(error); +} + +function onSessionSilentClose(statelessReset, code, family) { + // During a silent close, all currently open QuicStreams are abruptly + // closed. If they are still writable or readable, an abort event will be + // emitted, otherwise the stream is just destroyed. No RESET_STREAM or + // STOP_SENDING is transmitted to the peer. + this[owner_symbol][kDestroy](statelessReset, family, code); +} + +// Register the callbacks with the QUIC internal binding. +setCallbacks({ + onSocketReady, + onSocketClose, + onSocketError, + onSocketServerBusy, + onSessionReady, + onSessionCert, + onSessionClientHello, + onSessionClose, + onSessionError, + onSessionHandshake, + onSessionKeylog, + onSessionSilentClose, + onSessionStatus, + onSessionTicket, + onSessionVersionNegotiation, + onStreamReady, + onStreamClose, + onStreamError, + onStreamReset, + onSessionPathValidation, +}); + +function afterLookup(callback, err, ip) { + if (err) { + this.destroy(err); + return; + } + this[kContinueBind](ip, callback); +} + +function connectAfterLookup(type, err, ip) { + if (err) { + this.destroy(err); + return; + } + this[kContinueConnect](type, ip); +} + +function afterPreferredAddressLookup( + transportParams, + port, + type, + err, + address) { + if (err) { + this.destroy(err); + return; + } + this[kContinueListen](transportParams, { address, port, type }); +} + +function continueListen(transportParams, lookup) { + const { preferredAddress } = transportParams; + + if (preferredAddress && typeof preferredAddress === 'object') { + const { + address, + port, + type = 'udp4', + } = { ...preferredAddress }; + const typeVal = getSocketType(type); + // If preferred address is set, we need to perform a lookup on it + // to get the IP address. Only after that lookup completes can we + // continue with the listen operation, passing in the resolved + // preferred address. + lookup( + address || (typeVal === AF_INET6 ? '::' : '0.0.0.0'), + afterPreferredAddressLookup.bind(this, transportParams, port, typeVal)); + return; + } + // If preferred address is not set, we can skip directly to the listen + this[kContinueListen](transportParams); +} + +function connectAfterBind(session, lookup, address, type) { + lookup( + address || (type === AF_INET6 ? '::' : '0.0.0.0'), + connectAfterLookup.bind(session, type)); +} + +function createSecureContext(options, init_cb) { + const { + ca, + cert, + ciphers = DEFAULT_QUIC_CIPHERS, + clientCertEngine, + crl, + dhparam, + ecdhCurve, + groups = DEFAULT_GROUPS, + honorCipherOrder, + key, + passphrase, + pfx, + sessionIdContext, + secureProtocol + } = { ...options }; + + if (typeof ciphers !== 'string') + throw new ERR_INVALID_ARG_TYPE('option.ciphers', 'string', ciphers); + if (typeof groups !== 'string') + throw new ERR_INVALID_ARG_TYPE('option.groups', 'string', groups); + + const sc = _createSecureContext({ + secureProtocol, + ca, + cert, + ciphers: ciphers || DEFAULT_QUIC_CIPHERS, + clientCertEngine, + crl, + dhparam, + ecdhCurve, + honorCipherOrder, + key, + passphrase, + pfx, + sessionIdContext + }); + // Perform additional QUIC specific initialization on the SecureContext + init_cb(sc.context, groups || DEFAULT_GROUPS); + return sc; +} + +function onNewListener(event) { + if (this[kHandle] === undefined || this.listenerCount(event) !== 0) + return; + + switch (event) { + case 'keylog': + this[kHandle].state[IDX_QUIC_SESSION_STATE_KEYLOG_ENABLED] = 1; + break; + case 'clientHello': + this[kHandle].state[IDX_QUIC_SESSION_STATE_CLIENT_HELLO_ENABLED] = 1; + break; + case 'pathValidation': + this[kHandle].state[IDX_QUIC_SESSION_STATE_PATH_VALIDATED_ENABLED] = 1; + break; + case 'OCSPRequest': + this[kHandle].state[IDX_QUIC_SESSION_STATE_CERT_ENABLED] = 1; + break; + } +} + +function onRemoveListener(event) { + if (this[kHandle] === undefined || this.listenerCount(event) !== 0) + return; + + switch (event) { + case 'keylog': + this[kHandle].state[IDX_QUIC_SESSION_STATE_KEYLOG_ENABLED] = 0; + break; + case 'clientHello': + this[kHandle].state[IDX_QUIC_SESSION_STATE_CLIENT_HELLO_ENABLED] = 0; + break; + case 'pathValidation': + this[kHandle].state[IDX_QUIC_SESSION_STATE_PATH_VALIDATED_ENABLED] = 0; + break; + case 'OCSPRequest': + this[kHandle].state[IDX_QUIC_SESSION_STATE_CERT_ENABLED] = 0; + break; + } +} + +// QuicSocket wraps a UDP socket plus the associated TLS context and QUIC +// Protocol state. There may be *multiple* QUIC connections (QuicSession) +// associated with a single QuicSocket. +class QuicSocket extends EventEmitter { + #address = undefined; + #autoClose = undefined; + #client = undefined; + #fd = undefined; + #ipv6Only = undefined; + #lookup = undefined; + #port = undefined; + #reuseAddr = undefined; + #server = undefined; + #serverBusy = false; + #serverListening = false; + #serverSecureContext = undefined; + #sessions = new Set(); + #state = kSocketUnbound; + #type = undefined; + #alpn = undefined; + #stats = undefined; + + constructor(options) { + const { + // The local IP address or hostname to bind to + address, + + // True if the QuicSocket should automatically enter a graceful shutdown + // if it is not listening as a server and the last QuicClientSession + // closes + autoClose, + + // Default configuration for QuicClientSessions + client, + + // True if only IPv6 should be used + ipv6Only, + + // A custom function used to resolve hostname to IP + lookup, + + // The maximum number of connections per host + maxConnectionsPerHost, + + // The local IP port to bind to + port, + + reuseAddr, + + // The maximum number of seconds for retry token + retryTokenTimeout, + + // Default configuration for QuicServerSessions + server, + + // 'udp4' or 'udp6' + type, + + // True if address verification should be used. + validateAddress, + + // True if an LRU should be used for add validation + validateAddressLRU, + } = validateQuicSocketOptions(options || {}); + super(); + const socketOptions = + (validateAddress ? QUICSOCKET_OPTIONS_VALIDATE_ADDRESS : 0) | + (validateAddressLRU ? QUICSOCKET_OPTIONS_VALIDATE_ADDRESS_LRU : 0); + const handle = + new QuicSocketHandle( + socketOptions, + retryTokenTimeout, + maxConnectionsPerHost); + handle[owner_symbol] = this; + this[async_id_symbol] = handle.getAsyncId(); + this[kSetHandle](handle); + this.#address = address || (type === AF_INET6 ? '::' : '0.0.0.0'); + this.#autoClose = autoClose; + this.#client = client; + this.#ipv6Only = !!ipv6Only; + this.#lookup = lookup || (type === AF_INET6 ? lookup6 : lookup4); + this.#port = port || 0; + this.#reuseAddr = reuseAddr; + this.#server = server; + this.#type = type; + } + + [kSetHandle](handle) { + this[kHandle] = handle; + } + + [kInspect]() { + const obj = { + address: this.address, + fd: this.#fd, + sessions: this.#sessions, + type: this.#type + }; + return `QuicSocket ${util.format(obj)}`; + } + + [kAddSession](session) { + this.#sessions.add(session); + } + + [kRemoveSession](session) { + this.#sessions.delete(session); + } + + // Bind the UDP socket on demand, only if it hasn't already been bound. + // Function is a non-op if the socket is already bound + [kMaybeBind](callback = () => {}) { + // This socket will be in a pending state until it is bound. Once bound, + // the this[kReady]() method will be called, switching the state to + // kSocketBound and notifying the associated sessions + // TODO(@jasnell): If the socket is already bound, the callback should + // be invoked with an error. + if (this.#state !== kSocketUnbound) + return; + this.#state = kSocketPending; + this.#lookup(this.#address, afterLookup.bind(this, callback)); + } + + // Called by the afterLookup callback to continue the binding operation + // after the DNS lookup of the address has been completed. + [kContinueBind](ip, callback) { + const flags = + (this.#reuseAddr ? UV_UDP_REUSEADDR : 0) || + (this.#ipv6Only ? UV_UDP_IPV6ONLY : 0); + const ret = this[kHandle].bind(this.#type, ip, this.#port || 0, flags); + if (ret) { + this.destroy(exceptionWithHostPort(ret, 'bind', ip, this.#port || 0)); + return; + } + + if (typeof callback === 'function') + callback(); + } + + // The kReady function is called after the socket has been bound to the + // local port. It signals when the various sessions may begin + // doing the various things they do. + [kReady](fd) { + this.#state = kSocketBound; + this.#fd = fd; + for (const session of this.#sessions) + session[kReady](); + process.nextTick(emit.bind(this, 'ready')); + } + + // A socket should only be put into the receiving state if there is a + // listening server or an active client. This will be called on demand + // when needed. + [kReceiveStart]() { + this[kHandle].receiveStart(); + } + + // The socket should be moved to a not receiving state if there is no + // listening server and no active sessions. This will be called on demand + // when needed. + [kReceiveStop]() { + this[kHandle].receiveStop(); + } + + // The kContinueListen function is called after all of the necessary + // DNS lookups have been performed and we're ready to let the C++ + // internals begin listening for new QuicServerSession instances. + [kContinueListen](transportParams, preferredAddress) { + const { + address, + port, + type = AF_INET, + } = { ...preferredAddress }; + const { + rejectUnauthorized = !getAllowUnauthorized(), + requestCert = false, + } = transportParams; + + // Transport Parameters are passed to the C++ side using a shared array. + setTransportParams(transportParams); + + const options = + (rejectUnauthorized ? QUICSERVERSESSION_OPTION_REJECT_UNAUTHORIZED : 0) | + (requestCert ? QUICSERVERSESSION_OPTION_REQUEST_CERT : 0); + + // When the handle is told to listen, it will begin acting as a QUIC + // server and will emit session events whenever a new QuicServerSession + // is created. + this[kHandle].listen( + this.#serverSecureContext.context, + address, + type, + port, + this.#alpn, + options); + process.nextTick(emit.bind(this, 'listening')); + } + + + // Begin listening for server connections. The callback that may be + // passed to this function is registered as a handler for the + // on('session') event. Errors may be thrown synchronously by this + // function. + listen(options, callback) { + if (typeof options === 'function') { + callback = options; + options = {}; + } + + if (callback && typeof callback !== 'function') + throw new ERR_INVALID_CALLBACK(); + + if (this.#serverListening) + throw new ERR_QUICSOCKET_LISTENING(); + + if (this.#state === kSocketDestroyed) + throw new ERR_QUICSOCKET_DESTROYED('listen'); + + if (this.#state === kSocketClosing) + throw new ERR_QUICSOCKET_CLOSING('listen'); + + // Bind the QuicSocket to the local port if it hasn't been bound already. + this[kMaybeBind](); + + options = { + secureProtocol: 'TLSv1_3_server_method', + ...this.#server, + ...options + }; + + const { alpn = NGTCP2_ALPN_H3 } = options; + // The ALPN protocol identifier is strictly required. + if (typeof alpn !== 'string') + throw new ERR_INVALID_ARG_TYPE('options.alpn', 'string', alpn); + + // If the callback function is provided, it is registered as a + // handler for the on('session') event and will be called whenever + // there is a new QuicServerSession instance created. + if (callback) + this.on('session', callback); + + // Store the secure context so that it is not garbage collected + // while we still need to make use of it. + // TODO(@jasnell): We could store a reference at the C++ level instead + // since we do not need to access this anywhere else. + this.#serverSecureContext = createSecureContext(options, initSecureContext); + this.#serverListening = true; + this.#alpn = alpn; + const doListen = + continueListen.bind( + this, + validateTransportParams(options, NGTCP2_MAX_CIDLEN, NGTCP2_MIN_CIDLEN), + this.#lookup); + + // If the QuicSocket is already bound, we'll begin listening + // immediately. If we're still pending, however, wait until + // the 'ready' event is emitted, then carry on. + // TODO(@jasnell): Move the on ready handling to the kReady function + // to avoid having to register the handler here. + if (this.#state === kSocketPending) { + this.on('ready', doListen); + return; + } + doListen(); + } + + // Creates and returns a new QuicClientSession. + connect(options, callback) { + if (typeof options === 'function') { + callback = options; + options = undefined; + } + + options = { + ...this.#client, + ...options + }; + + const { + type = 'udp4', + address, + } = options; + + if (this.#state === kSocketDestroyed) + throw new ERR_QUICSOCKET_DESTROYED('connect'); + + if (this.#state === kSocketClosing) + throw new ERR_QUICSOCKET_CLOSING('connect'); + + const session = new QuicClientSession(this, options); + + // TODO(@jasnell): This likely should listen for the secure event + // rather than the ready event + if (typeof callback === 'function') + session.on('ready', callback); + + this[kMaybeBind]( + connectAfterBind.bind( + this, + session, + this.#lookup, + address, + getSocketType(type))); + + return session; + } + + // kDestroy is called to actually free the QuicSocket resources and + // cause the error and close events to be emitted. + [kDestroy](error) { + const handle = this[kHandle]; + if (handle !== undefined) { + this[kSetHandle](); + handle[owner_symbol] = undefined; + handle.close((err) => { + // If an error occurs while attempting to close, it will take + // precedence over any original error specified on the args + // TODO(@jasnell): Alternatively we might set the original + // error as a property on the new error. + if (err) error = err; + + // Capture a copy of the stats as they will no longer be + // available once this function returns. + this.#stats = new BigInt64Array(handle.stats); + + if (error) process.nextTick(emit.bind(this, 'error', error)); + process.nextTick(emit.bind(this, 'close')); + }); + } + } + + // kMaybeDestroy is called one or more times after the close() method + // is called. The QuicSocket will be destroyed if there are no remaining + // open sessions. + [kMaybeDestroy]() { + if (this.#state !== kSocketDestroyed && this.#sessions.size === 0) { + this.destroy(); + return true; + } + return false; + } + + [kServerBusy](on) { + this.#serverBusy = on; + process.nextTick(emit.bind(this, 'busy', on)); + } + + // Initiate a Graceful Close of the QuicSocket. + // Existing QuicClientSession and QuicServerSession instances will be + // permitted to close naturally and gracefully on their own. + // The QuicSocket will be immediately closed and freed as soon as there + // are no additional session instances remaining. If there are no + // QuicClientSession or QuicServerSession instances, the QuicSocket + // will be immediately closed. + // + // If specified, the callback will be registered for once('close'). + // + // No additional QuicServerSession instances will be accepted from + // remote peers, and calls to connect() to create QuicClientSession + // instances will fail. The QuicSocket will be otherwise usable in + // every other way. + // + // Subsequent calls to close(callback) will register the close callback + // if one is defined but will otherwise do nothing. + // + // Once initiated, a graceful close cannot be canceled. The graceful + // close can be interupted, however, by abruptly destroying the + // QuicSocket using the destroy() method. + // + // If close() is called before the QuicSocket has been bound (before + // either connect() or listen() have been called, or the QuicSocket + // is still in the pending state, the callback is registered for the + // once('close') event (if specified) and the QuicSocket is destroyed + // immediately. + close(callback) { + if (this.#state === kSocketDestroyed) + throw new ERR_QUICSOCKET_DESTROYED('close'); + + // If a callback function is specified, it is registered as a + // handler for the once('close') event. If the close occurs + // immediately, the close event will be emitted as soon as the + // process.nextTick queue is processed. Otherwise, the close + // event will occur at some unspecified time in the near future. + if (callback) { + if (typeof callback !== 'function') + throw new ERR_INVALID_CALLBACK(); + this.once('close', callback); + } + + // If we are already closing, do nothing else and wait + // for the close event to be invoked. + if (this.#state === kSocketClosing) + return; + + // If the QuicSocket is otherwise not bound to the local + // port, destroy the QuicSocket immediately. + if (this.#state !== kSocketBound) { + this.destroy(); + } + + // Mark the QuicSocket as closing to prevent re-entry + this.#state = kSocketClosing; + + // Otherwise, gracefully close each QuicSession, with + // [kMaybeDestroy]() being called after each closes. + const maybeDestroy = this[kMaybeDestroy].bind(this); + + // Tell the underlying QuicSocket C++ object to stop + // listening for new QuicServerSession connections. + // New initial connection packets for currently unknown + // DCID's will be ignored. + if (this[kHandle]) { + this[kHandle].stopListening(); + } + this.#serverListening = false; + + // If there are no sessions, calling maybeDestroy + // will immediately and synchronously destroy the + // QuicSocket. + if (maybeDestroy()) + return; + + // If we got this far, there a QuicClientSession and + // QuicServerSession instances still, we need to trigger + // a graceful close for each of them. As each closes, + // they will call the kMaybeDestroy function. When there + // are no remaining session instances, the QuicSocket + // will be closed and destroyed. + for (const session of this.#sessions) + session.close(maybeDestroy); + } + + // Initiate an abrupt close and destruction of the QuicSocket. + // Existing QuicClientSession and QuicServerSession instances will be + // immediately closed. If error is specified, it will be forwarded + // to each of the session instances. + // + // When the session instances are closed, an attempt to send a final + // CONNECTION_CLOSE will be made. + // + // The JavaScript QuicSocket object will be marked destroyed and will + // become unusable. As soon as all pending outbound UDP packets are + // flushed from the QuicSocket's queue, the QuicSocket C++ instance + // will be destroyed and freed from memory. + destroy(error) { + // If the QuicSocket is already destroyed, do nothing + if (this.#state === kSocketDestroyed) + return; + + // Mark the QuicSocket as being destroyed. + this.#state = kSocketDestroyed; + + // Immediately close any sessions that may be remaining. + // If the udp socket is in a state where it is able to do so, + // a final attempt to send CONNECTION_CLOSE frames for each + // closed session will be made. + for (const session of this.#sessions) + session.destroy(error); + + this[kDestroy](error); + } + + ref() { + if (this.#state === kSocketDestroyed) + throw new ERR_QUICSOCKET_DESTROYED('ref'); + this[kHandle].ref(); + return this; + } + + unref() { + if (this.#state === kSocketDestroyed) + throw new ERR_QUICSOCKET_DESTROYED('unref'); + this[kHandle].unref(); + return this; + } + + get serverSecureContext() { + return this.#serverSecureContext; + } + + get address() { + const out = {}; + if (this.#state !== kSocketDestroyed) { + const err = this[kHandle].getsockname(out); + // If err is returned, socket is not bound. + // Return empty object + if (err) + return {}; + } + return out; + } + + get bound() { + return this.#state === kSocketBound; + } + + get closing() { + return this.#state === kSocketClosing; + } + + get destroyed() { + return this.#state === kSocketDestroyed; + } + + get fd() { + return this.#fd; + } + + get pending() { + return this.#state === kSocketPending; + } + + setTTL(ttl) { + if (this.#state === kSocketDestroyed) + throw new ERR_QUICSOCKET_DESTROYED('setTTL'); + if (typeof ttl !== 'number') + throw new ERR_INVALID_ARG_TYPE('ttl', 'number', ttl); + if (ttl < 1 || ttl > 255) + throw new ERR_INVALID_ARG_VALUE('ttl', ttl); + const err = this[kHandle].setTTL(ttl); + if (err) + throw errnoException(err, 'dropMembership'); + return this; + } + + setMulticastTTL(ttl) { + if (this.#state === kSocketDestroyed) + throw new ERR_QUICSOCKET_DESTROYED('setMulticastTTL'); + if (typeof ttl !== 'number') + throw new ERR_INVALID_ARG_TYPE('ttl', 'number', ttl); + if (ttl < 1 || ttl > 255) + throw new ERR_INVALID_ARG_VALUE('ttl', ttl); + const err = this[kHandle].setMulticastTTL(ttl); + if (err) + throw errnoException(err, 'dropMembership'); + return this; + } + + setBroadcast(on = true) { + if (this.#state === kSocketDestroyed) + throw new ERR_QUICSOCKET_DESTROYED('setBroadcast'); + if (typeof on !== 'boolean') + throw new ERR_INVALID_ARG_TYPE('on', 'boolean', on); + const err = this[kHandle].setBroadcast(on); + if (err) + throw errnoException(err, 'dropMembership'); + return this; + } + + setMulticastLoopback(on = true) { + if (this.#state === kSocketDestroyed) + throw new ERR_QUICSOCKET_DESTROYED('setMulticastLoopback'); + if (typeof on !== 'boolean') + throw new ERR_INVALID_ARG_TYPE('on', 'boolean', on); + const err = this[kHandle].setMulticastLoopback(on); + if (err) + throw errnoException(err, 'dropMembership'); + return this; + } + + setMulticastInterface(iface) { + if (this.#state === kSocketDestroyed) + throw new ERR_QUICSOCKET_DESTROYED('setMulticastInterface'); + if (typeof iface !== 'string') + throw new ERR_INVALID_ARG_TYPE('iface', 'string', iface); + const err = this[kHandle].setMulticastInterface(iface); + if (err) + throw errnoException(err, 'dropMembership'); + return this; + } + + addMembership(address, iface) { + if (this.#state === kSocketDestroyed) + throw new ERR_QUICSOCKET_DESTROYED('addMembership'); + if (typeof address !== 'string') + throw new ERR_INVALID_ARG_TYPE('address', 'string', address); + if (typeof iface !== 'string') + throw new ERR_INVALID_ARG_TYPE('iface', 'string', iface); + const err = this[kHandle].addMembership(address, iface); + if (err) + throw errnoException(err, 'addMembership'); + return this; + } + + dropMembership(address, iface) { + if (this.#state === kSocketDestroyed) + throw new ERR_QUICSOCKET_DESTROYED('dropMembership'); + if (typeof address !== 'string') + throw new ERR_INVALID_ARG_TYPE('address', 'string', address); + if (typeof iface !== 'string') + throw new ERR_INVALID_ARG_TYPE('iface', 'string', iface); + const err = this[kHandle].dropMembership(address, iface); + if (err) + throw errnoException(err, 'dropMembership'); + return this; + } + + // Marking a server as busy will cause all new + // connection attempts to fail with a SERVER_BUSY CONNECTION_CLOSE. + setServerBusy(on = true) { + if (this.#state === kSocketDestroyed) + throw new ERR_QUICSOCKET_DESTROYED('setBroadcast'); + if (typeof on !== 'boolean') + throw new ERR_INVALID_ARG_TYPE('on', 'boolean', on); + this[kHandle].setServerBusy(on); + } + + get duration() { + const now = process.hrtime.bigint(); + const stats = this.#stats || this[kHandle].stats; + return now - stats[0]; + } + + get boundDuration() { + const now = process.hrtime.bigint(); + const stats = this.#stats || this[kHandle].stats; + return now - stats[1]; + } + + get listenDuration() { + const now = process.hrtime.bigint(); + const stats = this.#stats || this[kHandle].stats; + return now - stats[2]; + } + + get bytesReceived() { + const stats = this.#stats || this[kHandle].stats; + return stats[3]; + } + + get bytesSent() { + const stats = this.#stats || this[kHandle].stats; + return stats[4]; + } + + get packetsReceived() { + const stats = this.#stats || this[kHandle].stats; + return stats[5]; + } + + get packetsSent() { + const stats = this.#stats || this[kHandle].stats; + return stats[6]; + } + + get serverBusy() { + return this.#serverBusy; + } + + get serverSessions() { + const stats = this.#stats || this[kHandle].stats; + return stats[7]; + } + + get clientSessions() { + const stats = this.#stats || this[kHandle].stats; + return stats[8]; + } + + setDiagnosticPacketLoss(options) { + if (this.#state === kSocketDestroyed) + throw new ERR_QUICSOCKET_DESTROYED('setDiagnosticPacketLoss'); + const { + rx = 0.0, + tx = 0.0 + } = { ...options }; + if (typeof rx !== 'number') + throw new ERR_INVALID_ARG_TYPE('options.rx', 'number', rx); + if (typeof tx !== 'number') + throw new ERR_INVALID_ARG_TYPE('options.tx', 'number', rx); + if (rx < 0.0 || rx > 1.0) + throw new ERR_OUT_OF_RANGE('options.rx', '0.0 <= n <= 1.0', rx); + if (tx < 0.0 || tx > 1.0) + throw new ERR_OUT_OF_RANGE('options.tx', '0.0 <= n <= 1.0', tx); + if (rx > 0.0 || tx > 0.0 && !diagnosticPacketLossWarned) { + diagnosticPacketLossWarned = true; + process.emitWarning( + 'QuicSocket diagnostic packet loss is enabled. Received or ' + + 'transmitted packets will be randomly ignored to simulate ' + + 'network packet loss.'); + } + this[kHandle].setDiagnosticPacketLoss(rx, tx); + } +} + +class QuicSession extends EventEmitter { + #alpn = undefined; + #cipher = undefined; + #cipherVersion = undefined; + #closeCode = NGTCP2_NO_ERROR; + #closeFamily = QUIC_ERROR_APPLICATION; + #closing = false; + #destroyed = false; + #handshakeComplete = false; + #maxPacketLength = IDX_QUIC_SESSION_MAX_PACKET_SIZE_DEFAULT; + #recoveryStats = undefined; + #servername = undefined; + #socket = undefined; + #statelessReset = false; + #stats = undefined; + #streams = new Map(); + #verifyErrorReason = undefined; + #verifyErrorCode = undefined; + #handshakeAckHistogram = undefined; + #handshakeContinuationHistogram = undefined; + + constructor(socket, servername, alpn) { + super(); + this.on('newListener', onNewListener); + this.on('removeListener', onRemoveListener); + this.#socket = socket; + socket[kAddSession](this); + this.#servername = servername; + this.#alpn = alpn; + } + + [kSetHandle](handle) { + this[kHandle] = handle; + if (handle !== undefined) { + this.#handshakeAckHistogram = + new Histogram(handle.crypto_rx_ack); + this.#handshakeContinuationHistogram = + new Histogram(handle.crypto_handshake_rate); + } else { + if (this.#handshakeAckHistogram) + this.#handshakeAckHistogram[kDestroyHistogram](); + if (this.#handshakeContinuationHistogram) + this.#handshakeContinuationHistogram[kDestroyHistogram](); + } + } + + [kVersionNegotiation](version, requestedVersions, supportedVersions) { + const err = + new ERR_QUICSESSION_VERSION_NEGOTIATION( + version, + requestedVersions, + supportedVersions); + err.detail = { + version, + requestedVersions, + supportedVersions, + }; + this.destroy(err); + } + + [kDestroy](statelessReset, family, code) { + this.#statelessReset = !!statelessReset; + this.#closeCode = code; + this.#closeFamily = family; + this.destroy(); + } + + [kClose](family, code) { + // Immediate close has been initiated for the session. Any + // still open QuicStreams must be abandoned and shutdown + // with RESET_STREAM and STOP_SENDING frames transmitted + // as appropriate. Once the streams have been shutdown, a + // CONNECTION_CLOSE will be generated and sent, switching + // the session into the closing period. + + // Do nothing if the QuicSession has already been destroyed. + if (this.#destroyed) + return; + + // Set the close code and family so we can keep track. + this.#closeCode = code; + this.#closeFamily = family; + + // Shutdown all of the remaining streams + for (const stream of this.#streams.values()) + stream[kClose](family, code); + + // By this point, all necessary RESET_STREAM and + // STOP_SENDING frames ought to have been sent, + // so now we just trigger sending of the + // CONNECTION_CLOSE frame. + this[kHandle].close(family, code); + } + + [kStreamClose](id, code) { + const stream = this.#streams.get(id); + if (stream === undefined) + return; + + stream.destroy(); + } + + [kStreamReset](id, code, finalSize) { + const stream = this.#streams.get(id); + if (stream === undefined) + return; + + stream[kStreamReset](code, finalSize); + } + + [kInspect]() { + const obj = { + alpn: this.#alpn, + cipher: this.cipher, + closing: this.closing, + closeCode: this.closeCode, + destroyed: this.destroyed, + maxStreams: this.maxStreams, + servername: this.servername, + streams: this.#streams.size, + stats: { + handshakeAck: this.handshakeAckHistogram, + handshakeContinuation: this.handshakeContinuationHistogram, + } + }; + return `${this.constructor.name} ${util.format(obj)}`; + } + + [kSetSocket](socket) { + this.#socket = socket; + } + + [kHandshake]( + servername, + alpn, + cipher, + cipherVersion, + maxPacketLength, + verifyErrorReason, + verifyErrorCode) { + this.#handshakeComplete = true; + this.#servername = servername; + this.#alpn = alpn; + this.#cipher = cipher; + this.#cipherVersion = cipherVersion; + this.#maxPacketLength = maxPacketLength; + this.#verifyErrorReason = verifyErrorReason; + this.#verifyErrorCode = verifyErrorCode; + + if (!this[kHandshakePost]()) + return; + + process.nextTick( + emit.bind(this, 'secure', servername, alpn, this.cipher)); + } + + [kHandshakePost]() { + // Non-op for the default case. QuicClientSession + // overrides this with some client-side specific + // checks + return true; + } + + [kRemoveStream](stream) { + this.#streams.delete(stream.id); + } + + [kAddStream](id, stream) { + stream.once('close', this[kMaybeDestroy].bind(this)); + this.#streams.set(id, stream); + } + + // The QuicSession will be destroyed if closing has been + // called and there are no remaining streams + [kMaybeDestroy]() { + if (this.#closing && this.#streams.size === 0) + this.destroy(); + } + + // Closing allows any existing QuicStream's to complete + // normally but disallows any new QuicStreams from being + // opened. Calls to openStream() will fail, and new streams + // from the peer will be rejected/ignored. + close(callback) { + if (this.#destroyed) + throw new ERR_QUICSESSION_DESTROYED('close'); + + if (callback) { + if (typeof callback !== 'function') + throw new ERR_INVALID_CALLBACK(); + this.once('close', callback); + } + + // If we're already closing, do nothing else. + // Callback will be invoked once the session + // has been destroyed + if (this.#closing) + return; + + this.#closing = true; + this[kHandle].gracefulClose(); + + // See if we can close immediately. + this[kMaybeDestroy](); + } + + // Destroying synchronously shuts down and frees the + // QuicSession immediately, even if there are still open + // streams. + // + // A CONNECTION_CLOSE packet is sent to the + // connected peer and the session is immediately + // destroyed. + // + // If destroy is called with an error argument, the + // 'error' event is emitted on next tick. + // + // Once destroyed, and after the 'error' event (if any), + // the close event is emitted on next tick. + destroy(error) { + // Destroy can only be called once. Multiple calls will be ignored + if (this.#destroyed) + return; + this.#destroyed = true; + this.#closing = false; + + if (typeof error === 'number' || + (error != null && + typeof error === 'object' && + !(error instanceof Error))) { + const { + closeCode, + closeFamily + } = validateCloseCode(error); + this.#closeCode = closeCode; + this.#closeFamily = closeFamily; + error = new ERR_QUIC_ERROR(closeCode, closeFamily); + } + + // Destroy any remaining streams immediately. + for (const stream of this.#streams.values()) + stream.destroy(error); + + this.removeListener('newListener', onNewListener); + this.removeListener('removeListener', onRemoveListener); + + const handle = this[kHandle]; + if (handle !== undefined) { + handle[owner_symbol] = undefined; + this[kSetHandle](); + // Copy the stats and recoveryStats for use after destruction + this.#stats = new BigInt64Array(handle.stats); + this.#recoveryStats = new Float64Array(handle.recoveryStats); + // Calling destroy will cause a CONNECTION_CLOSE to be + // sent to the peer and will destroy the QuicSession + // handler immediately. + handle.destroy(this.#closeCode, this.#closeFamily); + } + + // Remove the QuicSession JavaScript object from the + // associated QuicSocket. + this.#socket[kRemoveSession](this); + this.#socket = undefined; + + if (error) process.nextTick(emit.bind(this, 'error', error)); + process.nextTick(emit.bind(this, 'close')); + } + + get maxStreams() { + let bidi = 0; + let uni = 0; + if (this[kHandle]) { + bidi = this[kHandle].state[IDX_QUIC_SESSION_STATE_MAX_STREAMS_BIDI]; + uni = this[kHandle].state[IDX_QUIC_SESSION_STATE_MAX_STREAMS_UNI]; + } + return { bidi, uni }; + } + + get address() { + return this.#socket ? this.#socket.address : {}; + } + + get authenticated() { + // Specifically check for null. Undefined means the check has not + // been performed yet, another other value other than null means + // there was an error + return this.#verifyErrorReason === null; + } + + get authenticationError() { + if (this.authenticated) + return undefined; + // eslint-disable-next-line no-restricted-syntax + const err = new Error(this.#verifyErrorReason); + const code = `ERR_QUIC_VERIFY_${this.#verifyErrorCode}`; + err.name = `Error [${code}]`; + err.code = code; + return err; + } + + get remoteAddress() { + const out = {}; + if (this[kHandle]) + this[kHandle].getRemoteAddress(out); + return out; + } + + get handshakeComplete() { + return this.#handshakeComplete; + } + + get alpnProtocol() { + return this.#alpn; + } + + get cipher() { + const name = this.#cipher; + const version = this.#cipherVersion; + return this.handshakeComplete ? { name, version } : {}; + } + + getCertificate() { + return this[kHandle] ? + translatePeerCertificate(this[kHandle].getCertificate() || {}) : {}; + } + + getPeerCertificate(detailed = false) { + return this[kHandle] ? + translatePeerCertificate( + this[kHandle].getPeerCertificate(detailed) || {}) : {}; + } + + ping() { + if (!this[kHandle]) + throw new ERR_QUICSESSION_DESTROYED('ping'); + this[kHandle].ping(); + } + + get servername() { + return this.#servername; + } + + get destroyed() { + return this.#destroyed; + } + + get closing() { + return this.#closing; + } + + get closeCode() { + return { + code: this.#closeCode, + family: this.#closeFamily + }; + } + + get socket() { + return this.#socket; + } + + get statelessReset() { + return this.#statelessReset; + } + + openStream(options) { + if (this.#destroyed || this.#closing) + throw new ERR_QUICSESSION_DESTROYED('openStream'); + const { + halfOpen = false, + highWaterMark, + } = { ...options }; + if (halfOpen !== undefined && typeof halfOpen !== 'boolean') + throw new ERR_INVALID_ARG_TYPE('options.halfOpen', 'boolean', halfOpen); + + const handle = + halfOpen ? + _openUnidirectionalStream(this[kHandle]) : + _openBidirectionalStream(this[kHandle]); + if (handle === undefined) + throw new ERR_QUICSTREAM_OPEN_FAILED(); + + const id = handle.id(); + const stream = new QuicStream( + { + highWaterMark, + readable: !halfOpen + }, + this, + id, + handle); + if (halfOpen) { + stream.push(null); + stream.read(); + } + this[kAddStream](id, stream); + return stream; + } + + get duration() { + const now = process.hrtime.bigint(); + const stats = this.#stats || this[kHandle].stats; + return now - stats[0]; + } + + get handshakeDuration() { + const stats = this.#stats || this[kHandle].stats; + const end = + this.handshakeComplete ? + stats[4] : process.hrtime.bigint(); + return end - stats[1]; + } + + get bytesReceived() { + const stats = this.#stats || this[kHandle].stats; + return stats[8]; + } + + get bytesSent() { + const stats = this.#stats || this[kHandle].stats; + return stats[9]; + } + + get bidiStreamCount() { + const stats = this.#stats || this[kHandle].stats; + return stats[10]; + } + + get uniStreamCount() { + const stats = this.#stats || this[kHandle].stats; + return stats[11]; + } + + get peerInitiatedStreamCount() { + const stats = this.#stats || this[kHandle].stats; + return stats[12]; + } + + get selfInitiatedStreamCount() { + const stats = this.#stats || this[kHandle].stats; + return stats[13]; + } + + get keyUpdateCount() { + const stats = this.#stats || this[kHandle].stats; + return stats[14]; + } + + get minRTT() { + const stats = this.#recoveryStats || this[kHandle].recoveryStats; + return stats[0]; + } + + get latestRTT() { + const stats = this.#recoveryStats || this[kHandle].recoveryStats; + return stats[1]; + } + + get smoothedRTT() { + const stats = this.#recoveryStats || this[kHandle].recoveryStats; + return stats[2]; + } + + updateKey() { + // Initiates a key update for the connection. + if (this.#destroyed || this.#closing) + throw new ERR_QUICSESSION_DESTROYED('updateKey'); + if (!this.handshakeComplete) + throw new ERR_QUICSESSION_UPDATEKEY(); + return this[kHandle].updateKey(); + } + + get handshakeAckHistogram() { + return this.#handshakeAckHistogram; + } + + get handshakeContinuationHistogram() { + return this.#handshakeContinuationHistogram; + } + + // TODO(addaleax): This is a temporary solution for testing and should be + // removed later. + removeFromSocket() { + return this[kHandle].removeFromSocket(); + } +} + +class QuicServerSession extends QuicSession { + #contexts = []; + constructor(socket, handle) { + super(socket); + this[kSetHandle](handle); + handle[owner_symbol] = this; + } + + [kClientHello](alpn, servername, ciphers, callback) { + this.emit( + 'clientHello', + alpn, + servername, + ciphers, + callback.bind(this[kHandle])); + } + + [kReady]() { + process.nextTick(emit.bind(this, 'ready')); + } + + [kCert](servername, callback) { + const { serverSecureContext } = this.socket; + let { context } = serverSecureContext; + + for (var i = 0; i < this.#contexts.length; i++) { + const elem = this.#contexts[i]; + if (elem[0].test(servername)) { + context = elem[1]; + break; + } + } + + this.emit( + 'OCSPRequest', + servername, + context, + callback.bind(this[kHandle])); + } + + addContext(servername, context = {}) { + if (typeof servername !== 'string') + throw new ERR_INVALID_ARG_TYPE('servername', 'string', servername); + + if (context == null || typeof context !== 'object') + throw new ERR_INVALID_ARG_TYPE('context', 'Object', context); + + const re = new RegExp('^' + + servername.replace(/([.^$+?\-\\[\]{}])/g, '\\$1') + .replace(/\*/g, '[^.]*') + + '$'); + this.#contexts.push([re, _createSecureContext(context)]); + } +} + +function setSocketAfterBind(socket, callback) { + if (socket.destroyed) { + callback(new ERR_QUICSOCKET_DESTROYED('setSocket')); + return; + } + + if (!this[kHandle].setSocket(socket[kHandle])) { + callback(new ERR_QUICCLIENTSESSION_FAILED_SETSOCKET()); + return; + } + + if (this.socket) { + this.socket[kRemoveSession](this); + this[kSetSocket](undefined); + } + socket[kAddSession](this); + this[kSetSocket](socket); + + callback(); +} + +let warnedVerifyHostnameIdentity; + +class QuicClientSession extends QuicSession { + #dcid = undefined; + #handleReady = false; + #ipv6Only = undefined; + #minDHSize = undefined; + #port = undefined; + #remoteTransportParams = undefined; + #requestOCSP = undefined; + #secureContext = undefined; + #sessionTicket = undefined; + #socketReady = false; + #transportParams = undefined; + #preferredAddressPolicy; + #verifyHostnameIdentity = true; + + constructor(socket, options) { + const sc_options = { + secureProtocol: 'TLSv1_3_client_method', + ...options + }; + const { + alpn, + dcid, + ipv6Only, + minDHSize, + port, + preferredAddressPolicy, + remoteTransportParams, + requestOCSP, + servername, + sessionTicket, + verifyHostnameIdentity, + } = validateQuicClientSessionOptions(options); + + if (!verifyHostnameIdentity && !warnedVerifyHostnameIdentity) { + warnedVerifyHostnameIdentity = true; + process.emitWarning( + 'QUIC hostname identity verification is disabled. This violates QUIC ' + + 'specification requirements and reduces security. Hostname identity ' + + 'verification should only be disabled for debugging purposes.' + ); + } + + super(socket, servername, alpn); + this.#dcid = dcid; + this.#ipv6Only = ipv6Only; + this.#minDHSize = minDHSize; + this.#port = port || 0; + this.#preferredAddressPolicy = preferredAddressPolicy; + this.#remoteTransportParams = remoteTransportParams; + this.#requestOCSP = requestOCSP; + this.#secureContext = + createSecureContext( + sc_options, + initSecureContextClient); + this.#sessionTicket = sessionTicket; + this.#transportParams = validateTransportParams(options); + this.#verifyHostnameIdentity = verifyHostnameIdentity; + } + + [kHandshakePost]() { + const { type, size } = this.ephemeralKeyInfo; + if (type === 'DH' && size < this.#minDHSize) { + this.destroy(new ERR_TLS_DH_PARAM_SIZE(size)); + return false; + } + + // TODO(@jasnell): QUIC *requires* that the client verify the + // identity of the server so we'll need to do that here. + // The current implementation of tls.checkServerIdentity is + // less than great and could be rewritten to speed it up + // significantly by running at the C++ layer. As it is + // currently, the method pulls the peer cert data, converts + // it to a javascript object, then processes the javascript + // object... which is more expensive than what is strictly + // necessary. + // + // See: _tls_wrap.js onConnectSecure function + + return true; + } + + [kContinueConnect](type, ip) { + const flags = this.#ipv6Only ? UV_UDP_IPV6ONLY : 0; + setTransportParams(this.#transportParams); + + const options = + (this.#verifyHostnameIdentity ? + QUICCLIENTSESSION_OPTION_VERIFY_HOSTNAME_IDENTITY : 0) | + (this.#requestOCSP ? + QUICCLIENTSESSION_OPTION_REQUEST_OCSP : 0); + + const handle = + _createClientSession( + this.socket[kHandle], + type, + ip, + this.#port, + flags, + this.#secureContext.context, + this.servername || ip, + this.#remoteTransportParams, + this.#sessionTicket, + this.#dcid, + this.#preferredAddressPolicy, + this.alpnProtocol, + options); + // We no longer need these, unset them so + // memory can be garbage collected. + this.#remoteTransportParams = undefined; + this.#sessionTicket = undefined; + this.#dcid = undefined; + if (typeof handle === 'number') { + let reason; + switch (handle) { + case ERR_INVALID_REMOTE_TRANSPORT_PARAMS: + reason = 'Invalid Remote Transport Params'; + break; + case ERR_INVALID_TLS_SESSION_TICKET: + reason = 'Invalid TLS Session Ticket'; + break; + default: + reason = `${handle}`; + } + this.destroy(new ERR_QUICCLIENTSESSION_FAILED(reason)); + return; + } + this[kInit](handle); + } + + [kInit](handle) { + this[kSetHandle](handle); + handle[owner_symbol] = this; + this.#handleReady = true; + this[kMaybeReady](); + } + + [kReady]() { + this.#socketReady = true; + this[kMaybeReady](); + } + + [kCert](response) { + this.emit('OCSPResponse', response); + } + + [kMaybeReady]() { + if (this.#socketReady && this.#handleReady) + process.nextTick(emit.bind(this, 'ready')); + } + + get ready() { + return this.#handleReady && this.#socketReady; + } + + get ephemeralKeyInfo() { + return this[kHandle] !== undefined ? + this[kHandle].getEphemeralKeyInfo() : + {}; + } + + setSocket(socket, callback) { + if (!(socket instanceof QuicSocket)) + throw new ERR_INVALID_ARG_TYPE('socket', 'QuicSocket', socket); + + if (typeof callback !== 'function') + throw new ERR_INVALID_CALLBACK(); + + socket[kMaybeBind](setSocketAfterBind.bind(this, socket, callback)); + } +} + +function afterShutdown() { + this.callback(); +} + +function streamOnResume() { + if (!this.destroyed) + this[kHandle].readStart(); +} + +function streamOnPause() { + if (!this.destroyed /* && !this.pending */) + this[kHandle].readStop(); +} + +class QuicStream extends Duplex { + #closed = false; + #aborted = false; + #didRead = false; + #id = undefined; + #resetCode = undefined; + #resetFinalSize = undefined; + #session = undefined; + #dataRateHistogram = undefined; + #dataSizeHistogram = undefined; + #dataAckHistogram = undefined; + + constructor(options, session, id, handle) { + super({ + ...options, + allowHalfOpen: true, + decodeStrings: true, + emitClose: true + }); + handle.onread = onStreamRead; + handle[owner_symbol] = this; + this[async_id_symbol] = handle.getAsyncId(); + this[kSetHandle](handle); + this.#id = id; + this.#session = session; + this._readableState.readingMore = true; + this.on('pause', streamOnPause); + + // See src/node_quic_stream.h for an explanation + // of the initial states for unidirectional streams. + if (this.unidirectional) { + if (session instanceof QuicServerSession) { + if (this.serverInitiated) { + // Close the readable side + this.push(null); + this.read(); + } else { + // Close the writable side + this.end(); + } + } else if (this.serverInitiated) { + // Close the writable side + this.end(); + } else { + this.push(null); + this.read(); + } + } + } + + [kSetHandle](handle) { + this[kHandle] = handle; + if (handle !== undefined) { + this.#dataRateHistogram = new Histogram(handle.data_rx_rate); + this.#dataSizeHistogram = new Histogram(handle.data_rx_size); + this.#dataAckHistogram = new Histogram(handle.data_rx_ack); + } else { + if (this.#dataRateHistogram) + this.#dataRateHistogram[kDestroyHistogram](); + if (this.#dataSizeHistogram) + this.#dataSizeHistogram[kDestroyHistogram](); + if (this.#dataAckHistogram) + this.#dataAckHistogram[kDestroyHistogram](); + } + } + + [kStreamReset](code, finalSize) { + this.#resetCode = code | 0; + this.#resetFinalSize = finalSize | 0; + this.push(null); + this.read(); + } + + [kClose](family, code) { + // Trigger the abrupt shutdown of the stream. If the stream is + // already no-longer readable or writable, this does nothing. If + // the stream is readable or writable, then the abort event will + // be emitted immediately after triggering the send of the + // RESET_STREAM and STOP_SENDING frames. The stream will no longer + // be readable or writable, but will not be immediately destroyed + // as we need to wait until ngtcp2 recognizes the stream as + // having been closed to be destroyed. + + // Do nothing if we've already been destroyed + if (this.destroyed || this.#closed) + return; + + this.#closed = true; + + this.#aborted = this.readable || this.writable; + + // Trigger scheduling of the RESET_STREAM and STOP_SENDING frames + // as appropriate. Notify ngtcp2 that the stream is to be shutdown. + // Once sent, the stream will be closed and destroyed as soon as + // the shutdown is acknowledged by the peer. + this[kHandle].shutdownStream(code, family); + + // Close down the readable side of the stream + if (this.readable) { + this.push(null); + this.read(); + } + + // It is important to call shutdown on the handle before shutting + // down the writable side of the stream in order to prevent an + // empty STREAM frame with fin set to be sent to the peer. + if (this.writable) + this.end(); + + // Finally, emit the abort event if necessary + if (this.#aborted) + process.nextTick(emit.bind(this, 'abort', code, family)); + } + + get aborted() { + return this.#aborted; + } + + get serverInitiated() { + return !!(this.#id & 0b01); + } + + get clientInitiated() { + return !this.serverInitiated; + } + + get unidirectional() { + return !!(this.#id & 0b10); + } + + get bidirectional() { + return !this.unidirectional; + } + + [kAfterAsyncWrite]({ bytes }) { + // TODO(@jasnell): Implement this + } + + [kInspect]() { + const direction = this.bidirectional ? 'bidirectional' : 'unidirectional'; + const initiated = this.serverInitiated ? 'server' : 'client'; + const obj = { + id: this.#id, + direction, + initiated, + writableState: this._writableState, + readableState: this._readableState, + stats: { + dataRate: this.dataRateHistogram, + dataSize: this.dataSizeHistogram, + dataAck: this.dataAckHistogram, + } + }; + return `QuicStream ${util.format(obj)}`; + } + + [kTrackWriteState](stream, bytes) { + // TODO(@jasnell): Not yet sure what we want to do with these + // this.#writeQueueSize += bytes; + // this.#writeQueueSize += bytes; + // this[kHandle].chunksSentSinceLastWrite = 0; + } + + [kWriteGeneric](writev, data, encoding, cb) { + if (this.destroyed) + return; + + this[kUpdateTimer](); + const req = (writev) ? + writevGeneric(this, data, cb) : + writeGeneric(this, data, encoding, cb); + + this[kTrackWriteState](this, req.bytes); + } + + _write(data, encoding, cb) { + this[kWriteGeneric](false, data, encoding, cb); + } + + _writev(data, cb) { + this[kWriteGeneric](true, data, '', cb); + } + + // Called when the last chunk of data has been + // acknowledged by the peer and end has been + // called. By calling shutdown, we're telling + // the native side that no more data will be + // coming so that a fin stream packet can be + // sent. + _final(cb) { + const handle = this[kHandle]; + if (handle === undefined) { + cb(); + return; + } + + const req = new ShutdownWrap(); + req.oncomplete = afterShutdown; + req.callback = cb; + req.handle = handle; + const err = handle.shutdown(req); + if (err === 1) + return afterShutdown.call(req, 0); + } + + _read(nread) { + if (this.destroyed) { + this.push(null); + return; + } + if (!this.#didRead) { + this._readableState.readingMore = false; + this.#didRead = true; + } + + streamOnResume.call(this); + } + + get resetReceived() { + return (this.#resetCode !== undefined) ? + { code: this.#resetCode | 0, finalSize: this.#resetFinalSize | 0 } : + undefined; + } + + get bufferSize() { + // TODO(@jasnell): Implement this + return undefined; + } + + get id() { + return this.#id; + } + + close(code) { + this[kClose](QUIC_ERROR_APPLICATION, code); + } + + get session() { + return this.#session; + } + + _destroy(error, callback) { + this.#session[kRemoveStream](this); + const handle = this[kHandle]; + // Do not use handle after this point as the underlying C++ + // object has been destroyed. Any attempt to use the object + // will segfault and crash the process. + if (handle !== undefined) + handle.destroy(); + callback(error); + } + + _onTimeout() { + // TODO(@jasnell): Implement this + } + + [kUpdateTimer]() { + // TODO(@jasnell): Implement this later + } + + get dataRateHistogram() { + return this.#dataRateHistogram; + } + + get dataSizeHistogram() { + return this.#dataSizeHistogram; + } + + get dataAckHistogram() { + return this.#dataAckHistogram; + } +} + +function createSocket(options = {}) { + if (options == null || typeof options !== 'object') + throw new ERR_INVALID_ARG_TYPE('options', 'Object', options); + return new QuicSocket(options); +} + +module.exports = { + createSocket +}; + +/* eslint-enable no-use-before-define */ + +// A single QuicSocket may act as both a Server and a Client. +// There are two kinds of sessions: +// * QuicServerSession +// * QuicClientSession +// +// It is important to understand that QUIC sessions are +// independent of the QuicSocket. A default configuration +// for QuicServerSession and QuicClientSessions may be +// set when the QuicSocket is created, but the actual +// configuration for a particular QuicSession instance is +// not set until the session itself is created. +// +// QuicSockets and QuicSession instances have distinct +// configuration options that apply independently: +// +// QuicSocket Options: +// * `lookup` {Function} A function used to resolve DNS names. +// * `type` {string} Either `'udp4'` or `'udp6'`, defaults to +// `'udp4'`. +// * `port` {number} The local IP port the QuicSocket will +// bind to. +// * `address` {string} The local IP address or hostname that +// the QuicSocket will bind to. If a hostname is given, the +// `lookup` function will be invoked to resolve an IP address. +// * `ipv6Only` +// * `reuseAddr` +// +// Keep in mind that while all QUIC network traffic is encrypted +// using TLS 1.3, every QuicSession maintains it's own SecureContext +// that is completely independent of the QuicSocket. Every +// QuicServerSession and QuicClientSession could, in theory, +// use a completely different TLS 1.3 configuration. To keep it +// simple, however, we use the same SecureContext for all QuicServerSession +// instances, but that may be something we want to revisit later. +// +// Every QuicSession has two sets of configuration parameters: +// * Options +// * Transport Parameters +// +// Options establish implementation specific operation parameters, +// such as the default highwatermark for new QuicStreams. Transport +// Parameters are QUIC specific and are passed to the peer as part +// of the TLS handshake. +// +// Every QuicSession may have separate options and transport +// parameters, even within the same QuicSocket, so the configuration +// must be established when the session is created. +// +// When creating a QuicSocket, it is possible to set a default +// configuration for both QuicServerSession and QuicClientSession +// options. +// +// const soc = createSocket({ +// type: 'udp4', +// port: 0, +// server: { +// // QuicServerSession configuration defaults +// }, +// client: { +// // QuicClientSession configuration defaults +// } +// }); +// +// When calling listen() on the created QuicSocket, the server +// specific configuration that will be used for all new +// QuicServerSession instances will be given, with the values +// provided to createSocket() using the server option used +// as a default. +// +// When calling connect(), the client specific configuration +// will be given, with the values provided to the createSocket() +// using the client option used as a default. + + +// Some lifecycle documentation for the various objects: +// +// QuicSocket +// Close +// * Close all existing Sessions +// * Do not allow any new Sessions (inbound or outbound) +// * Destroy once there are no more sessions + +// Destroy +// * Destroy all remaining sessions +// * Destroy and free the QuicSocket handle immediately +// * If Error, emit Error event +// * Emit Close event + +// QuicClientSession +// Close +// * Allow existing Streams to complete normally +// * Do not allow any new Streams (inbound or outbound) +// * Destroy once there are no more streams + +// Destroy +// * Send CONNECTION_CLOSE +// * Destroy all remaining Streams +// * Remove Session from Parent Socket +// * Destroy and free the QuicSession handle immediately +// * If Error, emit Error event +// * Emit Close event + +// QuicServerSession +// Close +// * Allow existing Streams to complete normally +// * Do not allow any new Streams (inbound or outbound) +// * Destroy once there are no more streams +// Destroy +// * Send CONNECTION_CLOSE +// * Destroy all remaining Streams +// * Remove Session from Parent Socket +// * Destroy and free the QuicSession handle immediately +// * If Error, emit Error event +// * Emit Close event + +// QuicStream +// Destroy +// * Remove Stream From Parent Session +// * Destroy and free the QuicStream handle immediately +// * If Error, emit Error event +// * Emit Close event diff --git a/lib/internal/quic/util.js b/lib/internal/quic/util.js new file mode 100644 index 0000000000..c92fb9627d --- /dev/null +++ b/lib/internal/quic/util.js @@ -0,0 +1,400 @@ +'use strict'; + +const { + codes: { + ERR_INVALID_ARG_TYPE, + ERR_INVALID_ARG_VALUE, + ERR_OUT_OF_RANGE, + ERR_QUICSESSION_INVALID_DCID, + }, +} = require('internal/errors'); + +const { Buffer } = require('buffer'); +const { isArrayBufferView } = require('internal/util/types'); +const { + isLegalPort, + isIP, +} = require('internal/net'); + +const { + constants: { + AF_INET, + AF_INET6, + DEFAULT_RETRYTOKEN_EXPIRATION, + DEFAULT_MAX_CONNECTIONS_PER_HOST, + MAX_RETRYTOKEN_EXPIRATION, + MIN_RETRYTOKEN_EXPIRATION, + MINIMUM_MAX_CRYPTO_BUFFER, + NGTCP2_NO_ERROR, + NGTCP2_MAX_CIDLEN, + NGTCP2_MIN_CIDLEN, + QUIC_PREFERRED_ADDRESS_IGNORE, + QUIC_PREFERRED_ADDRESS_ACCEPT, + QUIC_ERROR_APPLICATION, + } +} = internalBinding('quic'); + +let warnOnAllowUnauthorized = true; +let dns; + +function lazyDNS() { + if (!dns) + dns = require('dns'); + return dns; +} + +function getAllowUnauthorized() { + const allowUnauthorized = process.env.NODE_TLS_REJECT_UNAUTHORIZED === '0'; + + if (allowUnauthorized && warnOnAllowUnauthorized) { + warnOnAllowUnauthorized = false; + process.emitWarning( + 'Setting the NODE_TLS_REJECT_UNAUTHORIZED ' + + 'environment variable to \'0\' makes TLS connections ' + + 'and HTTPS requests insecure by disabling ' + + 'certificate verification.'); + } + return allowUnauthorized; +} + +function getSocketType(type) { + switch (type) { + case 'udp4': return AF_INET; + case 'udp6': return AF_INET6; + } + throw new ERR_INVALID_ARG_VALUE('options.type', type); +} + +function lookup4(address, callback) { + const { lookup } = lazyDNS(); + lookup(address || '127.0.0.1', 4, callback); +} + +function lookup6(address, callback) { + const { lookup } = lazyDNS(); + lookup(address || '::1', 6, callback); +} + +function validateCloseCode(code) { + let closeCode; + let closeFamily; + if (code != null && typeof code === 'object') { + closeCode = code.code || NGTCP2_NO_ERROR; + closeFamily = code.family || QUIC_ERROR_APPLICATION; + } else if (typeof code === 'number') { + closeCode = code; + closeFamily = QUIC_ERROR_APPLICATION; + } else { + throw new ERR_INVALID_ARG_TYPE('code', ['number', 'Object'], code); + } + return { + closeCode, + closeFamily + }; +} + +function validateBindOptions(port, address) { + if (!isLegalPort(port)) { + throw new ERR_INVALID_ARG_VALUE( + 'options.port', port, 'is not a valid IP port'); + } + if (address != null && typeof address !== 'string') + throw new ERR_INVALID_ARG_TYPE('options.address', 'string', address); +} + +function validateNumberInRange(val, name, range) { + if (val === undefined) + return; + if (!Number.isSafeInteger(val)) + throw new ERR_INVALID_ARG_TYPE(name, 'safe integer', val); + if (val < 0) + throw new ERR_OUT_OF_RANGE(name, range, val); +} + +function validateNumberInBoundedRange(val, name, min, max) { + if (val === undefined) + return; + if (!Number.isSafeInteger(val)) + throw new ERR_INVALID_ARG_TYPE(name, 'safe integer', val); + if (val < min || val > max) + throw new ERR_OUT_OF_RANGE(name, `${min} <= ${name} <= ${max}`, val); +} + +function validateTransportParams(params) { + const { + activeConnectionIdLimit, + maxStreamDataBidiLocal, + maxStreamDataBidiRemote, + maxStreamDataUni, + maxData, + maxStreamsBidi, + maxStreamsUni, + idleTimeout, + maxPacketSize, + maxAckDelay, + maxCryptoBuffer, + preferredAddress, + rejectUnauthorized, + requestCert, + } = { ...params }; + validateNumberInBoundedRange( + activeConnectionIdLimit, + 'options.activeConnectionIdLimit', + 10, + Number.MAX_SAFE_INTEGER); + validateNumberInRange( + maxStreamDataBidiLocal, + 'options.maxStreamDataBidiLocal', + '>=0'); + validateNumberInRange( + maxStreamDataBidiRemote, + 'options.maxStreamDataBidiRemote', + '>=0'); + validateNumberInRange( + maxStreamDataUni, + 'options.maxStreamDataUni', + '>=0'); + validateNumberInRange( + maxData, + 'options.maxData', + '>=0'); + validateNumberInRange( + maxStreamsBidi, + 'options.maxStreamsBidi', + '>=0'); + validateNumberInRange( + maxStreamsUni, + 'options.maxStreamsUni', + '>=0'); + validateNumberInRange( + idleTimeout, + 'options.idleTimeout', + '>=0'); + validateNumberInRange( + maxPacketSize, + 'options.maxPacketSize', + '>=0'); + validateNumberInRange( + maxAckDelay, + 'options.maxAckDelay', + '>=0'); + validateNumberInBoundedRange( + maxCryptoBuffer, + 'options.maxCryptoBuffer', + MINIMUM_MAX_CRYPTO_BUFFER, + Number.MAX_SAFE_INTEGER); + return { + activeConnectionIdLimit, + maxStreamDataBidiLocal, + maxStreamDataBidiRemote, + maxStreamDataUni, + maxData, + maxStreamsBidi, + maxStreamsUni, + idleTimeout, + maxPacketSize, + maxAckDelay, + maxCryptoBuffer, + preferredAddress, + rejectUnauthorized, + requestCert, + }; +} + +function validateQuicClientSessionOptions(options) { + const { + address, + alpn = '', + dcid: dcid_value, + ipv6Only = false, + minDHSize = 1024, + port = 0, + preferredAddressPolicy = 'ignore', + remoteTransportParams, + requestOCSP = false, + servername = address, + sessionTicket, + verifyHostnameIdentity = true, + } = { ...options }; + + if (typeof minDHSize !== 'number') + throw new ERR_INVALID_ARG_TYPE( + 'options.minDHSize', 'number', minDHSize); + + if (!isLegalPort(port)) { + throw new ERR_INVALID_ARG_VALUE( + 'options.port', port, + 'is not a valid IP port'); + } + + if (servername && typeof servername !== 'string') { + throw new ERR_INVALID_ARG_TYPE( + 'options.servername', 'string', servername); + } + if (isIP(servername)) { + throw new ERR_INVALID_ARG_VALUE( + 'options.servername', servername, 'cannot be an IP address'); + } + + if (remoteTransportParams && !isArrayBufferView(remoteTransportParams)) { + throw new ERR_INVALID_ARG_TYPE( + 'options.remoteTransportParams', + ['Buffer', 'TypedArray', 'DataView'], + remoteTransportParams); + } + if (sessionTicket && !isArrayBufferView(sessionTicket)) { + throw new ERR_INVALID_ARG_TYPE( + 'options.sessionTicket', + ['Buffer', 'TypedArray', 'DataView'], + sessionTicket); + } + + if (typeof alpn !== 'string') + throw new ERR_INVALID_ARG_TYPE('options.alpn', 'string', alpn); + + let dcid; + if (dcid_value !== undefined) { + if (typeof dcid_value === 'string') { + // If it's a string, it must be a hex encoded string + try { + dcid = Buffer.from(dcid_value, 'hex'); + } catch { + throw new ERR_QUICSESSION_INVALID_DCID(dcid); + } + } else if (!isArrayBufferView(dcid_value)) { + throw new ERR_INVALID_ARG_TYPE( + 'options.dcid', + ['string', 'Buffer', 'TypedArray', 'DataView'], + dcid); + } else { + dcid = dcid_value; + } + if (dcid.length > NGTCP2_MAX_CIDLEN || + dcid.length < NGTCP2_MIN_CIDLEN) { + throw new ERR_QUICSESSION_INVALID_DCID(dcid.toString('hex')); + } + } + + if (preferredAddressPolicy !== undefined && + typeof preferredAddressPolicy !== 'string') { + throw new ERR_INVALID_ARG_TYPE( + 'options.preferredAddressPolicy', + 'string', + preferredAddressPolicy); + } + + if (typeof requestOCSP !== 'boolean') { + throw new ERR_INVALID_ARG_TYPE( + 'options.requestOCSP', + 'boolean', + requestOCSP); + } + + if (typeof verifyHostnameIdentity !== 'boolean') { + throw new ERR_INVALID_ARG_TYPE( + 'options.verifyHostnameIdentity', + 'boolean', + verifyHostnameIdentity); + } + + return { + address, + alpn, + dcid, + ipv6Only, + minDHSize, + port, + preferredAddressPolicy: + preferredAddressPolicy === 'accept' ? + QUIC_PREFERRED_ADDRESS_ACCEPT : + QUIC_PREFERRED_ADDRESS_IGNORE, + remoteTransportParams, + requestOCSP, + servername, + sessionTicket, + verifyHostnameIdentity, + }; +} + +function validateQuicSocketOptions(options) { + const { + address, + autoClose = false, + client, + ipv6Only = false, + lookup, + maxConnectionsPerHost = DEFAULT_MAX_CONNECTIONS_PER_HOST, + port = 0, + reuseAddr = false, + server, + type = 'udp4', + validateAddress = false, + validateAddressLRU = false, + retryTokenTimeout = DEFAULT_RETRYTOKEN_EXPIRATION, + } = { ...options }; + validateBindOptions(port, address); + if (typeof type !== 'string') + throw new ERR_INVALID_ARG_TYPE('options.type', 'string', type); + if (lookup !== undefined && typeof lookup !== 'function') + throw new ERR_INVALID_ARG_TYPE('options.lookup', 'Function', lookup); + if (typeof ipv6Only !== 'boolean') + throw new ERR_INVALID_ARG_TYPE('options.ipv6Only', 'boolean', ipv6Only); + if (typeof reuseAddr !== 'boolean') + throw new ERR_INVALID_ARG_TYPE('options.reuseAddr', 'boolean', reuseAddr); + if (typeof validateAddress !== 'boolean') { + throw new ERR_INVALID_ARG_TYPE( + 'options.validateAddress', + 'boolean', + validateAddress); + } + if (typeof validateAddressLRU !== 'boolean') { + throw new ERR_INVALID_ARG_TYPE( + 'options.validateAddressLRU', + 'boolean', + validateAddressLRU); + } + if (typeof autoClose !== 'boolean') { + throw new ERR_INVALID_ARG_TYPE( + 'options.autoClose', + 'boolean', + autoClose); + } + validateNumberInBoundedRange( + retryTokenTimeout, + 'options.retryTokenTimeout', + MIN_RETRYTOKEN_EXPIRATION, + MAX_RETRYTOKEN_EXPIRATION); + validateNumberInBoundedRange( + maxConnectionsPerHost, + 'options.maxConnectionsPerHost', + 1, Number.MAX_SAFE_INTEGER); + return { + address, + autoClose, + client, + ipv6Only, + lookup, + maxConnectionsPerHost, + port, + retryTokenTimeout, + reuseAddr, + server, + type: getSocketType(type), + validateAddress: validateAddress || validateAddressLRU, + validateAddressLRU, + }; +} + + +module.exports = { + getAllowUnauthorized, + getSocketType, + lookup4, + lookup6, + validateBindOptions, + validateCloseCode, + validateNumberInRange, + validateTransportParams, + validateQuicClientSessionOptions, + validateQuicSocketOptions, +}; diff --git a/lib/internal/stream_base_commons.js b/lib/internal/stream_base_commons.js index 800ba4cefd..d85159aece 100644 --- a/lib/internal/stream_base_commons.js +++ b/lib/internal/stream_base_commons.js @@ -101,7 +101,7 @@ function onWriteComplete(status) { this.callback(null); } -function createWriteWrap(handle) { +function createWriteWrap(handle, callback) { const req = new WriteWrap(); req.handle = handle; @@ -109,12 +109,13 @@ function createWriteWrap(handle) { req.async = false; req.bytes = 0; req.buffer = null; + req.callback = callback; return req; } function writevGeneric(self, data, cb) { - const req = createWriteWrap(self[kHandle]); + const req = createWriteWrap(self[kHandle], cb); const allBuffers = data.allBuffers; let chunks; if (allBuffers) { @@ -134,29 +135,28 @@ function writevGeneric(self, data, cb) { // Retain chunks if (err === 0) req._chunks = chunks; - afterWriteDispatched(self, req, err, cb); + afterWriteDispatched(self, req, err); return req; } function writeGeneric(self, data, encoding, cb) { - const req = createWriteWrap(self[kHandle]); + const req = createWriteWrap(self[kHandle], cb); const err = handleWriteReq(req, data, encoding); - - afterWriteDispatched(self, req, err, cb); + afterWriteDispatched(self, req, err); return req; } -function afterWriteDispatched(self, req, err, cb) { +function afterWriteDispatched(self, req, err) { req.bytes = streamBaseState[kBytesWritten]; req.async = !!streamBaseState[kLastWriteWasAsync]; if (err !== 0) - return self.destroy(errnoException(err, 'write', req.error), cb); + return self.destroy( + errnoException(err, 'write', req.error), + req.callback()); - if (!req.async) { - cb(); - } else { - req.callback = cb; + if (!req.async && typeof req.callback === 'function') { + req.callback(); } } diff --git a/lib/quic.js b/lib/quic.js new file mode 100644 index 0000000000..ca96385abf --- /dev/null +++ b/lib/quic.js @@ -0,0 +1,12 @@ +'use strict'; + +const { + createSocket +} = require('internal/quic/core'); + +module.exports = { createSocket }; + +process.emitWarning( + 'QUIC protocol support is experimental and not yet ' + + 'supported for production use', + 'ExperimentalWarning'); diff --git a/node.gyp b/node.gyp index 7b971b5739..c56a1c75dd 100644 --- a/node.gyp +++ b/node.gyp @@ -1,5 +1,6 @@ { 'variables': { + 'experimental_quic': 'false', 'v8_use_siphash%': 0, 'v8_trace_maps%': 0, 'node_use_dtrace%': 'false', @@ -17,6 +18,7 @@ 'node_shared_cares%': 'false', 'node_shared_libuv%': 'false', 'node_shared_nghttp2%': 'false', + 'node_shared_ngtcp2%': 'false', 'node_use_openssl%': 'true', 'node_shared_openssl%': 'false', 'node_v8_options%': '', @@ -61,6 +63,7 @@ 'lib/process.js', 'lib/punycode.js', 'lib/querystring.js', + 'lib/quic.js', 'lib/readline.js', 'lib/repl.js', 'lib/stream.js', @@ -130,6 +133,7 @@ 'lib/internal/fs/sync_write_stream.js', 'lib/internal/fs/utils.js', 'lib/internal/fs/watchers.js', + 'lib/internal/histogram.js', 'lib/internal/http.js', 'lib/internal/idna.js', 'lib/internal/inspector_async_hook.js', @@ -173,6 +177,8 @@ 'lib/internal/process/task_queues.js', 'lib/internal/querystring.js', 'lib/internal/readline/utils.js', + 'lib/internal/quic/core.js', + 'lib/internal/quic/util.js', 'lib/internal/repl.js', 'lib/internal/repl/await.js', 'lib/internal/repl/history.js', @@ -522,6 +528,7 @@ 'src/fs_event_wrap.cc', 'src/handle_wrap.cc', 'src/heap_utils.cc', + 'src/histogram.cc', 'src/js_native_api.h', 'src/js_native_api_types.h', 'src/js_native_api_v8.cc', @@ -811,7 +818,7 @@ 'src/node_crypto_clienthello-inl.h', 'src/node_crypto_groups.h', 'src/tls_wrap.cc', - 'src/tls_wrap.h' + 'src/tls_wrap.h', ], }], [ 'node_report=="true"', { @@ -831,6 +838,26 @@ }], ], }], + [ 'node_use_openssl=="true" and experimental_quic==1', { + 'defines': ['NODE_EXPERIMENTAL_QUIC=1'], + 'sources': [ + 'src/node_quic_buffer.h', + 'src/node_quic_crypto.h', + 'src/node_quic_session.h', + 'src/node_quic_session-inl.h', + 'src/node_quic_socket.h', + 'src/node_quic_stream.h', + 'src/node_quic_util.h', + 'src/node_quic_state.h', + 'src/node_quic_crypto.cc', + 'src/node_quic_session.cc', + 'src/node_quic_socket.cc', + 'src/node_quic_stream.cc', + 'src/node_quic_util.cc', + 'src/node_quic.cc', + ] + } + ], [ 'node_use_large_pages=="true" and OS in "linux freebsd mac"', { 'defines': [ 'NODE_ENABLE_LARGE_CODE_PAGES=1' ], # The current implementation of Large Pages is under Linux. @@ -1108,6 +1135,7 @@ 'test/cctest/test_linked_binding.cc', 'test/cctest/test_per_process.cc', 'test/cctest/test_platform.cc', + 'test/cctest/test_report_util.cc', 'test/cctest/test_traced_value.cc', 'test/cctest/test_util.cc', 'test/cctest/test_url.cc', @@ -1119,10 +1147,19 @@ 'HAVE_OPENSSL=1', ], }], + [ 'node_use_openssl=="true" and experimental_quic==1', { + 'defines': [ + 'NODE_EXPERIMENTAL_QUIC=1', + ], + 'sources': [ + 'test/cctest/test_quic_buffer.cc', + 'test/cctest/test_quic_verifyhostnameidentity.cc' + ] + }], ['v8_enable_inspector==1', { 'sources': [ 'test/cctest/test_inspector_socket.cc', - 'test/cctest/test_inspector_socket_server.cc' + 'test/cctest/test_inspector_socket_server.cc', ], 'defines': [ 'HAVE_INSPECTOR=1', diff --git a/node.gypi b/node.gypi index 6954352b5e..2fe6f8491b 100644 --- a/node.gypi +++ b/node.gypi @@ -180,6 +180,12 @@ 'dependencies': [ 'deps/nghttp2/nghttp2.gyp:nghttp2' ], }], + [ 'node_use_openssl=="true" and experimental_quic==1 and node_shared_ngtcp2=="false"', { + 'dependencies': [ + 'deps/ngtcp2/ngtcp2.gyp:ngtcp2', + 'deps/nghttp3/nghttp3.gyp:nghttp3' ], + }], + [ 'node_shared_brotli=="false"', { 'dependencies': [ 'deps/brotli/brotli.gyp:brotli' ], }], diff --git a/src/aliased_buffer.h b/src/aliased_buffer.h index b083fb68e6..1f38830cba 100644 --- a/src/aliased_buffer.h +++ b/src/aliased_buffer.h @@ -32,6 +32,31 @@ template ::value>> class AliasedBufferBase { public: + /** + * Create an AliasedBufferBase over an existing buffer + */ + AliasedBufferBase( + v8::Isolate* isolate, + const size_t count, + NativeT* buffer) : + isolate_(isolate), + count_(count), + byte_offset_(0), + buffer_(buffer) { + CHECK_GT(count, 0); + const v8::HandleScope handle_scope(isolate_); + const size_t size_in_bytes = + MultiplyWithOverflowCheck(sizeof(NativeT), count); + v8::Local ab = + v8::ArrayBuffer::New( + isolate_, + buffer, + size_in_bytes); + + v8::Local js_array = V8T::New(ab, byte_offset_, count); + js_array_ = v8::Global(isolate, js_array); + } + AliasedBufferBase(v8::Isolate* isolate, const size_t count) : isolate_(isolate), count_(count), byte_offset_(0) { CHECK_GT(count, 0); diff --git a/src/async_wrap.h b/src/async_wrap.h index dd82497a25..b78cf4fc78 100644 --- a/src/async_wrap.h +++ b/src/async_wrap.h @@ -58,6 +58,10 @@ namespace node { V(PROCESSWRAP) \ V(PROMISE) \ V(QUERYWRAP) \ + V(QUICCLIENTSESSION) \ + V(QUICSERVERSESSION) \ + V(QUICSOCKET) \ + V(QUICSTREAM) \ V(SHUTDOWNWRAP) \ V(SIGNALWRAP) \ V(STATWATCHER) \ diff --git a/src/debug_utils.h b/src/debug_utils.h index db01cacba6..3f96ad0aac 100644 --- a/src/debug_utils.h +++ b/src/debug_utils.h @@ -48,6 +48,22 @@ inline void Debug(Environment* env, Debug(env, cat, format.c_str(), std::forward(args)...); } +inline void Debug(Environment* env, + DebugCategory cat, + const char* format, + va_list args) { + if (!UNLIKELY(env->debug_enabled(cat))) + return; + vfprintf(stderr, format, args); +} + +inline void Debug(Environment* env, + DebugCategory cat, + const std::string& format, + va_list args) { + Debug(env, cat, format.c_str(), args); +} + // Used internally by the 'real' Debug(AsyncWrap*, ...) functions below, so that // the FORCE_INLINE flag on them doesn't apply to the contents of this function // as well. diff --git a/src/env-inl.h b/src/env-inl.h index d75b4ea743..a2fc9e2c1b 100644 --- a/src/env-inl.h +++ b/src/env-inl.h @@ -598,6 +598,17 @@ inline void Environment::set_http2_state( http2_state_ = std::move(buffer); } +#if HAVE_OPENSSL && defined(NODE_EXPERIMENTAL_QUIC) +inline QuicState* Environment::quic_state() const { + return quic_state_.get(); +} + +inline void Environment::set_quic_state(std::unique_ptr buffer) { + CHECK(!quic_state_); // Should be set only once. + quic_state_ = std::move(buffer); +} +#endif + bool Environment::debug_enabled(DebugCategory category) const { DCHECK_GE(static_cast(category), 0); DCHECK_LT(static_cast(category), @@ -922,6 +933,10 @@ inline void AllocatedBuffer::Resize(size_t len) { buffer_ = uv_buf_init(new_data, len); } +inline bool AllocatedBuffer::empty() { + return env_ == nullptr; +} + inline uv_buf_t AllocatedBuffer::release() { uv_buf_t ret = buffer_; buffer_ = uv_buf_init(nullptr, 0); diff --git a/src/env.h b/src/env.h index b3f1243f77..2285ecaa19 100644 --- a/src/env.h +++ b/src/env.h @@ -29,6 +29,9 @@ #include "inspector_agent.h" #include "inspector_profiler.h" #endif +#if HAVE_OPENSSL && defined(NODE_EXPERIMENTAL_QUIC) +#include "node_quic_state.h" +#endif #include "handle_wrap.h" #include "node.h" #include "node_binding.h" @@ -326,10 +329,12 @@ constexpr size_t kFsStatsBufferLength = V(promise_string, "promise") \ V(pubkey_string, "pubkey") \ V(query_string, "query") \ + V(quic_alpn_string, "h3-22") \ V(raw_string, "raw") \ V(read_host_object_string, "_readHostObject") \ V(readable_string, "readable") \ V(reason_string, "reason") \ + V(recovery_stats_string, "recoveryStats") \ V(refresh_string, "refresh") \ V(regexp_string, "regexp") \ V(rename_string, "rename") \ @@ -353,6 +358,8 @@ constexpr size_t kFsStatsBufferLength = V(stack_string, "stack") \ V(standard_name_string, "standardName") \ V(start_time_string, "startTime") \ + V(state_string, "state") \ + V(stats_string, "stats") \ V(status_string, "status") \ V(stdio_string, "stdio") \ V(subject_string, "subject") \ @@ -385,6 +392,16 @@ constexpr size_t kFsStatsBufferLength = V(x_forwarded_string, "x-forwarded-for") \ V(zero_return_string, "ZERO_RETURN") +#if HAVE_OPENSSL && defined(NODE_EXPERIMENTAL_QUIC) +# define QUIC_ENVIRONMENT_STRONG_PERSISTENT_TEMPLATES(V) \ + V(quicclientsession_constructor_template, v8::ObjectTemplate) \ + V(quicserversession_constructor_template, v8::ObjectTemplate) \ + V(quicserverstream_constructor_template, v8::ObjectTemplate) \ + V(quicsocketsendwrap_constructor_template, v8::ObjectTemplate) +#else +# define QUIC_ENVIRONMENT_STRONG_PERSISTENT_TEMPLATES(V) +#endif + #define ENVIRONMENT_STRONG_PERSISTENT_TEMPLATES(V) \ V(as_callback_data_template, v8::FunctionTemplate) \ V(async_wrap_ctor_template, v8::FunctionTemplate) \ @@ -396,6 +413,7 @@ constexpr size_t kFsStatsBufferLength = V(filehandlereadwrap_template, v8::ObjectTemplate) \ V(fsreqpromise_constructor_template, v8::ObjectTemplate) \ V(handle_wrap_ctor_template, v8::FunctionTemplate) \ + V(histogram_ctor_template, v8::ObjectTemplate) \ V(http2settings_constructor_template, v8::ObjectTemplate) \ V(http2stream_constructor_template, v8::ObjectTemplate) \ V(http2ping_constructor_template, v8::ObjectTemplate) \ @@ -411,7 +429,34 @@ constexpr size_t kFsStatsBufferLength = V(streambaseoutputstream_constructor_template, v8::ObjectTemplate) \ V(tcp_constructor_template, v8::FunctionTemplate) \ V(tty_constructor_template, v8::FunctionTemplate) \ - V(write_wrap_template, v8::ObjectTemplate) + V(write_wrap_template, v8::ObjectTemplate) \ + QUIC_ENVIRONMENT_STRONG_PERSISTENT_TEMPLATES(V) + +#if HAVE_OPENSSL && defined(NODE_EXPERIMENTAL_QUIC) +# define QUIC_ENVIRONMENT_STRONG_PERSISTENT_VALUES(V) \ + V(quic_on_socket_close_function, v8::Function) \ + V(quic_on_socket_error_function, v8::Function) \ + V(quic_on_socket_ready_function, v8::Function) \ + V(quic_on_socket_server_busy_function, v8::Function) \ + V(quic_on_session_cert_function, v8::Function) \ + V(quic_on_session_client_hello_function, v8::Function) \ + V(quic_on_session_close_function, v8::Function) \ + V(quic_on_session_error_function, v8::Function) \ + V(quic_on_session_handshake_function, v8::Function) \ + V(quic_on_session_keylog_function, v8::Function) \ + V(quic_on_session_path_validation_function, v8::Function) \ + V(quic_on_session_ready_function, v8::Function) \ + V(quic_on_session_silent_close_function, v8::Function) \ + V(quic_on_session_status_function, v8::Function) \ + V(quic_on_session_ticket_function, v8::Function) \ + V(quic_on_session_version_negotiation_function, v8::Function) \ + V(quic_on_stream_close_function, v8::Function) \ + V(quic_on_stream_error_function, v8::Function) \ + V(quic_on_stream_ready_function, v8::Function) \ + V(quic_on_stream_reset_function, v8::Function) +#else +# define QUIC_ENVIRONMENT_STRONG_PERSISTENT_VALUES(V) +#endif #define ENVIRONMENT_STRONG_PERSISTENT_VALUES(V) \ V(as_callback_data, v8::Object) \ @@ -459,7 +504,8 @@ constexpr size_t kFsStatsBufferLength = V(tls_wrap_constructor_function, v8::Function) \ V(trace_category_state_function, v8::Function) \ V(udp_constructor_function, v8::Function) \ - V(url_constructor_function, v8::Function) + V(url_constructor_function, v8::Function) \ + QUIC_ENVIRONMENT_STRONG_PERSISTENT_VALUES(V) class Environment; @@ -543,7 +589,8 @@ struct ContextInfo { NODE_ASYNC_PROVIDER_TYPES(V) \ V(INSPECTOR_SERVER) \ V(INSPECTOR_PROFILER) \ - V(WASI) + V(NGTCP2_DEBUG) \ + V(WASI) \ enum class DebugCategory { #define V(name) name, @@ -561,6 +608,7 @@ struct AllocatedBuffer { inline ~AllocatedBuffer(); inline void Resize(size_t len); + inline bool empty(); inline uv_buf_t release(); inline char* data(); inline const char* data() const; @@ -1035,6 +1083,11 @@ class Environment : public MemoryRetainer { inline http2::Http2State* http2_state() const; inline void set_http2_state(std::unique_ptr state); +#if HAVE_OPENSSL && defined(NODE_EXPERIMENTAL_QUIC) + inline QuicState* quic_state() const; + inline void set_quic_state(std::unique_ptr state); +#endif + inline bool debug_enabled(DebugCategory category) const; inline void set_debug_enabled(DebugCategory category, bool enabled); void set_debug_categories(const std::string& cats, bool enabled); @@ -1371,6 +1424,9 @@ class Environment : public MemoryRetainer { char* http_parser_buffer_ = nullptr; bool http_parser_buffer_in_use_ = false; std::unique_ptr http2_state_; +#if HAVE_OPENSSL && defined(NODE_EXPERIMENTAL_QUIC) + std::unique_ptr quic_state_; +#endif bool debug_enabled_[static_cast(DebugCategory::CATEGORY_COUNT)] = {0}; diff --git a/src/handle_wrap.cc b/src/handle_wrap.cc index f5d622fc25..9981d1836b 100644 --- a/src/handle_wrap.cc +++ b/src/handle_wrap.cc @@ -99,6 +99,10 @@ void HandleWrap::MarkAsUninitialized() { state_ = kClosed; } +void HandleWrap::MarkAsClosing() { + state_ = kClosing; +} + HandleWrap::HandleWrap(Environment* env, Local object, diff --git a/src/handle_wrap.h b/src/handle_wrap.h index 612874aa2e..dd9890d33d 100644 --- a/src/handle_wrap.h +++ b/src/handle_wrap.h @@ -86,15 +86,18 @@ class HandleWrap : public AsyncWrap { void MarkAsInitialized(); void MarkAsUninitialized(); + void MarkAsClosing(); + bool IsInitialized() { return state_ == kInitialized; } inline bool IsHandleClosing() const { return state_ == kClosing || state_ == kClosed; } + static void OnClose(uv_handle_t* handle); + private: friend class Environment; friend void GetActiveHandles(const v8::FunctionCallbackInfo&); - static void OnClose(uv_handle_t* handle); // handle_wrap_queue_ needs to be at a fixed offset from the start of the // class because it is used by src/node_postmortem_metadata.cc to calculate diff --git a/src/histogram-inl.h b/src/histogram-inl.h index 3135041f73..e02b619b3c 100644 --- a/src/histogram-inl.h +++ b/src/histogram-inl.h @@ -4,58 +4,112 @@ #if defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS #include "histogram.h" +#include "base_object-inl.h" #include "node_internals.h" namespace node { -inline Histogram::Histogram(int64_t lowest, int64_t highest, int figures) { +Histogram::Histogram(int64_t lowest, int64_t highest, int figures) { CHECK_EQ(0, hdr_init(lowest, highest, figures, &histogram_)); } -inline Histogram::~Histogram() { +Histogram::~Histogram() { hdr_close(histogram_); } -inline void Histogram::Reset() { +void Histogram::Reset() { hdr_reset(histogram_); } -inline bool Histogram::Record(int64_t value) { +bool Histogram::Record(int64_t value) { return hdr_record_value(histogram_, value); } -inline int64_t Histogram::Min() { +int64_t Histogram::Min() { return hdr_min(histogram_); } -inline int64_t Histogram::Max() { +int64_t Histogram::Max() { return hdr_max(histogram_); } -inline double Histogram::Mean() { +double Histogram::Mean() { return hdr_mean(histogram_); } -inline double Histogram::Stddev() { +double Histogram::Stddev() { return hdr_stddev(histogram_); } -inline double Histogram::Percentile(double percentile) { +double Histogram::Percentile(double percentile) { CHECK_GT(percentile, 0); CHECK_LE(percentile, 100); - return hdr_value_at_percentile(histogram_, percentile); + return static_cast(hdr_value_at_percentile(histogram_, percentile)); } -inline void Histogram::Percentiles(std::function fn) { +template +void Histogram::Percentiles(Iterator&& fn) { hdr_iter iter; hdr_iter_percentile_init(&iter, histogram_, 1); while (hdr_iter_next(&iter)) { double key = iter.specifics.percentiles.percentile; - double value = iter.value; + double value = static_cast(iter.value); fn(key, value); } } +HistogramBase::HistogramBase( + Environment* env, + v8::Local wrap, + int64_t lowest, + int64_t highest, + int figures) + : BaseObject(env, wrap), + Histogram(lowest, highest, figures) { + MakeWeak(); +} + +bool HistogramBase::RecordDelta() { + uint64_t time = uv_hrtime(); + bool ret = true; + if (prev_ > 0) { + int64_t delta = time - prev_; + if (delta > 0) { + ret = Record(delta); + TraceDelta(delta); + if (!ret) { + if (exceeds_ < 0xFFFFFFFF) + exceeds_++; + TraceExceeds(delta); + } + } + } + prev_ = time; + return ret; +} + +void HistogramBase::ResetState() { + Reset(); + exceeds_ = 0; + prev_ = 0; +} + +BaseObjectPtr HistogramBase::New( + Environment* env, + int64_t lowest, + int64_t highest, + int figures) { + CHECK_LE(lowest, highest); + CHECK_GT(figures, 0); + v8::Local obj; + auto tmpl = env->histogram_ctor_template(); + if (!tmpl->NewInstance(env->context()).ToLocal(&obj)) + return {}; + + return MakeDetachedBaseObject( + env, obj, lowest, highest, figures); +} + } // namespace node #endif // defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS diff --git a/src/histogram.cc b/src/histogram.cc new file mode 100644 index 0000000000..253fd58f82 --- /dev/null +++ b/src/histogram.cc @@ -0,0 +1,111 @@ +#include "histogram.h" // NOLINT(build/include_inline) +#include "histogram-inl.h" +#include "memory_tracker-inl.h" + +namespace node { + +using v8::FunctionCallbackInfo; +using v8::FunctionTemplate; +using v8::Local; +using v8::Map; +using v8::Number; +using v8::ObjectTemplate; +using v8::String; +using v8::Value; + +void HistogramBase::MemoryInfo(MemoryTracker* tracker) const { + tracker->TrackFieldWithSize("histogram", GetMemorySize()); +} + +void HistogramBase::HistogramMin(const FunctionCallbackInfo& args) { + HistogramBase* histogram; + ASSIGN_OR_RETURN_UNWRAP(&histogram, args.Holder()); + double value = static_cast(histogram->Min()); + args.GetReturnValue().Set(value); +} + +void HistogramBase::HistogramMax(const FunctionCallbackInfo& args) { + HistogramBase* histogram; + ASSIGN_OR_RETURN_UNWRAP(&histogram, args.Holder()); + double value = static_cast(histogram->Max()); + args.GetReturnValue().Set(value); +} + +void HistogramBase::HistogramMean(const FunctionCallbackInfo& args) { + HistogramBase* histogram; + ASSIGN_OR_RETURN_UNWRAP(&histogram, args.Holder()); + args.GetReturnValue().Set(histogram->Mean()); +} + +void HistogramBase::HistogramExceeds(const FunctionCallbackInfo& args) { + HistogramBase* histogram; + ASSIGN_OR_RETURN_UNWRAP(&histogram, args.Holder()); + double value = static_cast(histogram->Exceeds()); + args.GetReturnValue().Set(value); +} + +void HistogramBase::HistogramStddev(const FunctionCallbackInfo& args) { + HistogramBase* histogram; + ASSIGN_OR_RETURN_UNWRAP(&histogram, args.Holder()); + args.GetReturnValue().Set(histogram->Stddev()); +} + +void HistogramBase::HistogramPercentile( + const FunctionCallbackInfo& args) { + HistogramBase* histogram; + ASSIGN_OR_RETURN_UNWRAP(&histogram, args.Holder()); + CHECK(args[0]->IsNumber()); + double percentile = args[0].As()->Value(); + args.GetReturnValue().Set(histogram->Percentile(percentile)); +} + +void HistogramBase::HistogramPercentiles( + const FunctionCallbackInfo& args) { + Environment* env = Environment::GetCurrent(args); + HistogramBase* histogram; + ASSIGN_OR_RETURN_UNWRAP(&histogram, args.Holder()); + CHECK(args[0]->IsMap()); + Local map = args[0].As(); + histogram->Percentiles([&](double key, double value) { + map->Set( + env->context(), + Number::New(env->isolate(), key), + Number::New(env->isolate(), value)).IsEmpty(); + }); +} + +void HistogramBase::HistogramReset(const FunctionCallbackInfo& args) { + HistogramBase* histogram; + ASSIGN_OR_RETURN_UNWRAP(&histogram, args.Holder()); + histogram->ResetState(); +} + +void HistogramBase::Initialize(Environment* env) { + // Guard against multiple initializations + if (!env->histogram_ctor_template().IsEmpty()) + return; + + Local classname = + FIXED_ONE_BYTE_STRING(env->isolate(), "Histogram"); + + Local histogram = + FunctionTemplate::New(env->isolate()); + histogram->SetClassName(classname); + + Local histogramt = + histogram->InstanceTemplate(); + + histogramt->SetInternalFieldCount(1); + env->SetProtoMethod(histogram, "exceeds", HistogramExceeds); + env->SetProtoMethod(histogram, "min", HistogramMin); + env->SetProtoMethod(histogram, "max", HistogramMax); + env->SetProtoMethod(histogram, "mean", HistogramMean); + env->SetProtoMethod(histogram, "stddev", HistogramStddev); + env->SetProtoMethod(histogram, "percentile", HistogramPercentile); + env->SetProtoMethod(histogram, "percentiles", HistogramPercentiles); + env->SetProtoMethod(histogram, "reset", HistogramReset); + + env->set_histogram_ctor_template(histogramt); +} + +} // namespace node diff --git a/src/histogram.h b/src/histogram.h index eb94af5da2..e1ee75f5f0 100644 --- a/src/histogram.h +++ b/src/histogram.h @@ -3,6 +3,7 @@ #if defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS +#include "base_object.h" #include "hdr_histogram.h" #include #include @@ -21,7 +22,11 @@ class Histogram { inline double Mean(); inline double Stddev(); inline double Percentile(double percentile); - inline void Percentiles(std::function fn); + + // Iterator is a function type that takes two doubles as argument, one for + // percentile and one for the value at that percentile. + template + inline void Percentiles(Iterator&& fn); size_t GetMemorySize() const { return hdr_get_memory_size(histogram_); @@ -31,6 +36,52 @@ class Histogram { hdr_histogram* histogram_; }; +class HistogramBase : public BaseObject, public Histogram { + public: + virtual ~HistogramBase() = default; + + inline virtual void TraceDelta(int64_t delta) {} + inline virtual void TraceExceeds(int64_t delta) {} + + inline bool RecordDelta(); + inline void ResetState(); + + int64_t Exceeds() { return exceeds_; } + + void MemoryInfo(MemoryTracker* tracker) const override; + SET_MEMORY_INFO_NAME(HistogramBase) + SET_SELF_SIZE(HistogramBase) + + static void HistogramMin(const v8::FunctionCallbackInfo& args); + static void HistogramMax(const v8::FunctionCallbackInfo& args); + static void HistogramMean(const v8::FunctionCallbackInfo& args); + static void HistogramExceeds(const v8::FunctionCallbackInfo& args); + static void HistogramStddev(const v8::FunctionCallbackInfo& args); + static void HistogramPercentile( + const v8::FunctionCallbackInfo& args); + static void HistogramPercentiles( + const v8::FunctionCallbackInfo& args); + static void HistogramReset(const v8::FunctionCallbackInfo& args); + static void Initialize(Environment* env); + + static inline BaseObjectPtr New( + Environment* env, + int64_t lowest, + int64_t highest, + int figures = 3); + + inline HistogramBase( + Environment* env, + v8::Local wrap, + int64_t lowest, + int64_t highest, + int figures = 3); + + private: + int64_t exceeds_ = 0; + uint64_t prev_ = 0; +}; + } // namespace node #endif // defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS diff --git a/src/node_binding.cc b/src/node_binding.cc index 82836585c5..7ee9d2647e 100644 --- a/src/node_binding.cc +++ b/src/node_binding.cc @@ -7,8 +7,14 @@ #if HAVE_OPENSSL #define NODE_BUILTIN_OPENSSL_MODULES(V) V(crypto) V(tls_wrap) +#if defined(NODE_EXPERIMENTAL_QUIC) +#define NODE_BUILTIN_QUIC_MODULES(V) V(quic) +#else +#define NODE_BUILTIN_QUIC_MODULES(V) +#endif #else #define NODE_BUILTIN_OPENSSL_MODULES(V) +#define NODE_BUILTIN_QUIC_MODULES(V) #endif #if NODE_HAVE_I18N_SUPPORT @@ -92,6 +98,7 @@ #define NODE_BUILTIN_MODULES(V) \ NODE_BUILTIN_STANDARD_MODULES(V) \ NODE_BUILTIN_OPENSSL_MODULES(V) \ + NODE_BUILTIN_QUIC_MODULES(V) \ NODE_BUILTIN_ICU_MODULES(V) \ NODE_BUILTIN_REPORT_MODULES(V) \ NODE_BUILTIN_PROFILER_MODULES(V) \ diff --git a/src/node_crypto.cc b/src/node_crypto.cc index c53c5c4ccc..323ecf1a83 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc @@ -110,11 +110,6 @@ using v8::Value; # define IS_OCB_MODE(mode) ((mode) == EVP_CIPH_OCB_MODE) #endif -struct StackOfX509Deleter { - void operator()(STACK_OF(X509)* p) const { sk_X509_pop_free(p, X509_free); } -}; -using StackOfX509 = std::unique_ptr; - struct StackOfXASN1Deleter { void operator()(STACK_OF(ASN1_OBJECT)* p) const { sk_ASN1_OBJECT_pop_free(p, ASN1_OBJECT_free); @@ -122,12 +117,6 @@ struct StackOfXASN1Deleter { }; using StackOfASN1 = std::unique_ptr; -// OPENSSL_free is a macro, so we need a wrapper function. -struct OpenSSLBufferDeleter { - void operator()(char* pointer) const { OPENSSL_free(pointer); } -}; -using OpenSSLBuffer = std::unique_ptr; - static const char* const root_certs[] = { #include "node_root_certs.h" // NOLINT(build/include_order) }; @@ -139,34 +128,48 @@ static X509_STORE* root_cert_store; static bool extra_root_certs_loaded = false; // Just to generate static methods -template void SSLWrap::AddMethods(Environment* env, - Local t); -template void SSLWrap::ConfigureSecureContext(SecureContext* sc); -template int SSLWrap::SetCACerts(SecureContext* sc); -template void SSLWrap::MemoryInfo(MemoryTracker* tracker) const; -template SSL_SESSION* SSLWrap::GetSessionCallback( - SSL* s, - const unsigned char* key, - int len, - int* copy); -template int SSLWrap::NewSessionCallback(SSL* s, - SSL_SESSION* sess); -template void SSLWrap::KeylogCallback(const SSL* s, - const char* line); -template void SSLWrap::OnClientHello( - void* arg, - const ClientHelloParser::ClientHello& hello); -template int SSLWrap::TLSExtStatusCallback(SSL* s, void* arg); -template void SSLWrap::DestroySSL(); -template int SSLWrap::SSLCertCallback(SSL* s, void* arg); -template void SSLWrap::WaitForCertCb(CertCb cb, void* arg); -template int SSLWrap::SelectALPNCallback( - SSL* s, - const unsigned char** out, - unsigned char* outlen, - const unsigned char* in, - unsigned int inlen, +#define V(name) \ + template void SSLWrap::AddMethods( \ + Environment* env, \ + Local t); \ + template void SSLWrap::ConfigureSecureContext( \ + SecureContext* sc); \ + template int SSLWrap::SetCACerts( \ + SecureContext* sc); \ + template void SSLWrap::MemoryInfo(MemoryTracker* tracker) const; \ + template SSL_SESSION* SSLWrap::GetSessionCallback( \ + SSL* s, \ + const unsigned char* key, \ + int len, \ + int* copy); \ + template int SSLWrap::NewSessionCallback( \ + SSL* s, \ + SSL_SESSION* sess); \ + template void SSLWrap::KeylogCallback( \ + const SSL* s, \ + const char* line); \ + template void SSLWrap::OnClientHello( \ + void* arg, \ + const ClientHelloParser::ClientHello& hello); \ + template int SSLWrap::TLSExtStatusCallback( \ + SSL* s, \ + void* arg); \ + template void SSLWrap::DestroySSL(); \ + template int SSLWrap::SSLCertCallback( \ + SSL* s, \ + void* arg); \ + template void SSLWrap::WaitForCertCb( \ + CertCb cb, \ + void* arg); \ + template int SSLWrap::SelectALPNCallback( \ + SSL* s, \ + const unsigned char** out, \ + unsigned char* outlen, \ + const unsigned char* in, \ + unsigned int inlen, \ void* arg); +SSLWRAP_TYPES(V) +#undef V static int PasswordCallback(char* buf, int size, int rwflag, void* u) { const char* passphrase = static_cast(u); @@ -386,7 +389,7 @@ void ThrowCryptoError(Environment* env, unsigned long err, // NOLINT(runtime/int) // Default, only used if there is no SSL `err` which can // be used to create a long-style message string. - const char* message = nullptr) { + const char* message) { char message_buffer[128] = {0}; if (err != 0 || message == nullptr) { ERR_error_string_n(err, message_buffer, sizeof(message_buffer)); @@ -453,15 +456,6 @@ bool EntropySource(unsigned char* buffer, size_t length) { return RAND_bytes(buffer, length) != -1; } - -template -static T* MallocOpenSSL(size_t count) { - void* mem = OPENSSL_malloc(MultiplyWithOverflowCheck(count, sizeof(T))); - CHECK_IMPLIES(mem == nullptr, count == 0); - return static_cast(mem); -} - - void SecureContext::Initialize(Environment* env, Local target) { Local t = env->NewFunctionTemplate(New); t->InstanceTemplate()->SetInternalFieldCount(1); @@ -634,6 +628,17 @@ void SecureContext::Init(const FunctionCallbackInfo& args) { min_version = TLS1_2_VERSION; max_version = TLS1_2_VERSION; method = TLS_client_method(); + } else if (strcmp(*sslmethod, "TLSv1_3_method") == 0) { + min_version = TLS1_3_VERSION; + max_version = TLS1_3_VERSION; + } else if (strcmp(*sslmethod, "TLSv1_3_server_method") == 0) { + min_version = TLS1_3_VERSION; + max_version = TLS1_3_VERSION; + method = TLS_server_method(); + } else if (strcmp(*sslmethod, "TLSv1_3_client_method") == 0) { + min_version = TLS1_3_VERSION; + max_version = TLS1_3_VERSION; + method = TLS_client_method(); } else { const std::string msg("Unknown method: "); THROW_ERR_TLS_INVALID_PROTOCOL_METHOD(env, (msg + * sslmethod).c_str()); @@ -1012,7 +1017,6 @@ static X509_STORE* NewRootCertStore() { X509_STORE_add_cert(store, cert); } } - return store; } @@ -1970,7 +1974,7 @@ static MaybeLocal ECPointToBuffer(Environment* env, } -static Local X509ToObject(Environment* env, X509* cert) { +Local X509ToObject(Environment* env, X509* cert) { EscapableHandleScope scope(env->isolate()); Local context = env->context(); Local info = Object::New(env->isolate()); @@ -2192,10 +2196,10 @@ static Local X509ToObject(Environment* env, X509* cert) { } -static Local AddIssuerChainToObject(X509Pointer* cert, - Local object, - StackOfX509&& peer_certs, - Environment* const env) { +Local AddIssuerChainToObject(X509Pointer* cert, + Local object, + StackOfX509&& peer_certs, + Environment* const env) { Local context = env->isolate()->GetCurrentContext(); cert->reset(sk_X509_delete(peer_certs.get(), 0)); for (;;) { @@ -2223,8 +2227,8 @@ static Local AddIssuerChainToObject(X509Pointer* cert, } -static StackOfX509 CloneSSLCerts(X509Pointer&& cert, - const STACK_OF(X509)* const ssl_certs) { +StackOfX509 CloneSSLCerts(X509Pointer&& cert, + const STACK_OF(X509)* const ssl_certs) { StackOfX509 peer_certs(sk_X509_new(nullptr)); if (cert) sk_X509_push(peer_certs.get(), cert.release()); @@ -2239,14 +2243,14 @@ static StackOfX509 CloneSSLCerts(X509Pointer&& cert, } -static Local GetLastIssuedCert(X509Pointer* cert, - const SSLPointer& ssl, - Local issuer_chain, - Environment* const env) { +Local GetLastIssuedCert(X509Pointer* cert, + SSL* ssl, + Local issuer_chain, + Environment* const env) { Local context = env->isolate()->GetCurrentContext(); while (X509_check_issued(cert->get(), cert->get()) != X509_V_OK) { X509* ca; - if (SSL_CTX_get_issuer(SSL_get_SSL_CTX(ssl.get()), cert->get(), &ca) <= 0) + if (SSL_CTX_get_issuer(SSL_get_SSL_CTX(ssl), cert->get(), &ca) <= 0) break; Local ca_info = X509ToObject(env, ca); @@ -2295,7 +2299,7 @@ void SSLWrap::GetPeerCertificate( issuer_chain = AddIssuerChainToObject(&cert, result, std::move(peer_certs), env); - issuer_chain = GetLastIssuedCert(&cert, w->ssl_, issuer_chain, env); + issuer_chain = GetLastIssuedCert(&cert, w->ssl_.get(), issuer_chain, env); // Last certificate should be self-signed. if (X509_check_issued(cert.get(), cert.get()) == X509_V_OK) issuer_chain->Set(env->context(), diff --git a/src/node_crypto.h b/src/node_crypto.h index b57dc29de2..ac47b494ca 100644 --- a/src/node_crypto.h +++ b/src/node_crypto.h @@ -78,6 +78,12 @@ using ECKeyPointer = DeleteFnPtr; using DHPointer = DeleteFnPtr; using ECDSASigPointer = DeleteFnPtr; +// OPENSSL_free is a macro, so we need a wrapper function. +struct OpenSSLBufferDeleter { + void operator()(char* pointer) const { OPENSSL_free(pointer); } +}; +using OpenSSLBuffer = std::unique_ptr; + extern int VerifyCallback(int preverify_ok, X509_STORE_CTX* ctx); extern void UseExtraCaCerts(const std::string& file); @@ -92,6 +98,8 @@ class SecureContext : public BaseObject { static void Initialize(Environment* env, v8::Local target); + SSL_CTX* operator*() const { return ctx_.get(); } + // TODO(joyeecheung): track the memory used by OpenSSL types SET_NO_MEMORY_INFO() SET_MEMORY_INFO_NAME(SecureContext) @@ -193,6 +201,9 @@ class SecureContext : public BaseObject { } }; +#define SSLWRAP_TYPES(V) \ + V(TLSWrap) + // SSLWrap implicitly depends on the inheriting class' handle having an // internal pointer to the Base class. template @@ -840,6 +851,39 @@ void SetEngine(const v8::FunctionCallbackInfo& args); #endif // !OPENSSL_NO_ENGINE void InitCrypto(v8::Local target); +void ThrowCryptoError(Environment* env, + unsigned long err, // NOLINT(runtime/int) + const char* message = nullptr); + +struct StackOfX509Deleter { + void operator()(STACK_OF(X509)* p) const { sk_X509_pop_free(p, X509_free); } +}; +using StackOfX509 = std::unique_ptr; + +v8::Local X509ToObject( + Environment* env, + X509* cert); +StackOfX509 CloneSSLCerts( + X509Pointer&& cert, + const STACK_OF(X509)* const ssl_certs); +v8::Local AddIssuerChainToObject( + X509Pointer* cert, + v8::Local object, + StackOfX509&& peer_certs, + Environment* const env); +v8::Local GetLastIssuedCert( + X509Pointer* cert, + SSL* ssl, + v8::Local issuer_chain, + Environment* const env); + +template +inline T* MallocOpenSSL(size_t count) { + void* mem = OPENSSL_malloc(MultiplyWithOverflowCheck(count, sizeof(T))); + CHECK_IMPLIES(mem == nullptr, count == 0); + return static_cast(mem); +} + } // namespace crypto } // namespace node diff --git a/src/node_metadata.cc b/src/node_metadata.cc index 8d0a725de4..4841163f2a 100644 --- a/src/node_metadata.cc +++ b/src/node_metadata.cc @@ -11,6 +11,10 @@ #if HAVE_OPENSSL #include +#if defined(NODE_EXPERIMENTAL_QUIC) +#include +#include +#endif #endif // HAVE_OPENSSL #ifdef NODE_HAVE_I18N_SUPPORT @@ -89,6 +93,10 @@ Metadata::Versions::Versions() { #if HAVE_OPENSSL openssl = GetOpenSSLVersion(); +#if defined(NODE_EXPERIMENTAL_QUIC) + ngtcp2 = NGTCP2_VERSION; + nghttp3 = NGHTTP3_VERSION; +#endif #endif #ifdef NODE_HAVE_I18N_SUPPORT diff --git a/src/node_metadata.h b/src/node_metadata.h index bf7e5d3ff4..7e9f522d21 100644 --- a/src/node_metadata.h +++ b/src/node_metadata.h @@ -34,8 +34,14 @@ namespace node { #if HAVE_OPENSSL #define NODE_VERSIONS_KEY_CRYPTO(V) V(openssl) +#if defined(NODE_EXPERIMENTAL_QUIC) +#define NODE_VERSIONS_KEY_QUIC(V) V(ngtcp2) V(nghttp3) +#else +#define NODE_VERSIONS_KEY_QUIC(V) +#endif #else #define NODE_VERSIONS_KEY_CRYPTO(V) +#define NODE_VERSIONS_KEY_QUIC(V) #endif #ifdef NODE_HAVE_I18N_SUPPORT @@ -51,6 +57,7 @@ namespace node { #define NODE_VERSIONS_KEYS(V) \ NODE_VERSIONS_KEYS_BASE(V) \ NODE_VERSIONS_KEY_CRYPTO(V) \ + NODE_VERSIONS_KEY_QUIC(V) \ NODE_VERSIONS_KEY_INTL(V) class Metadata { diff --git a/src/node_native_module.cc b/src/node_native_module.cc index 814adb620d..2d05c34069 100644 --- a/src/node_native_module.cc +++ b/src/node_native_module.cc @@ -87,11 +87,16 @@ void NativeModuleLoader::InitializeModuleCategories() { "crypto", "https", "http2", +#if !defined(NODE_EXPERIMENTAL_QUIC) + "quic", +#endif "tls", "_tls_common", "_tls_wrap", "internal/http2/core", "internal/http2/compat", + "internal/quic/core", + "internal/quic/util", "internal/policy/manifest", "internal/process/policy", "internal/streams/lazy_transform", diff --git a/src/node_quic.cc b/src/node_quic.cc new file mode 100755 index 0000000000..3f1f1d71e8 --- /dev/null +++ b/src/node_quic.cc @@ -0,0 +1,285 @@ +#include "debug_utils.h" +#include "node.h" +#include "env-inl.h" +#include "histogram-inl.h" +#include "node_crypto.h" // SecureContext +#include "node_process.h" +#include "node_quic_crypto.h" +#include "node_quic_session-inl.h" +#include "node_quic_socket.h" +#include "node_quic_stream.h" +#include "node_quic_state.h" +#include "node_quic_util.h" + +#include +#include + +namespace node { + +using crypto::SecureContext; +using v8::Context; +using v8::DontDelete; +using v8::Function; +using v8::FunctionCallbackInfo; +using v8::HandleScope; +using v8::Isolate; +using v8::Local; +using v8::Object; +using v8::ReadOnly; +using v8::Value; + +namespace quic { + +namespace { +// Register the JavaScript callbacks the internal binding will use to report +// status and updates. This is called only once when the quic module is loaded. +void QuicSetCallbacks(const FunctionCallbackInfo& args) { + Environment* env = Environment::GetCurrent(args); + CHECK(args[0]->IsObject()); + Local obj = args[0].As(); + +#define SETFUNCTION(name, callback) \ + do { \ + Local fn; \ + CHECK(obj->Get(env->context(), \ + FIXED_ONE_BYTE_STRING(env->isolate(), name)).ToLocal(&fn));\ + CHECK(fn->IsFunction()); \ + env->set_quic_on_##callback##_function(fn.As()); \ + } while (0) + + SETFUNCTION("onSocketReady", socket_ready); + SETFUNCTION("onSocketClose", socket_close); + SETFUNCTION("onSocketError", socket_error); + SETFUNCTION("onSessionReady", session_ready); + SETFUNCTION("onSessionCert", session_cert); + SETFUNCTION("onSessionClientHello", session_client_hello); + SETFUNCTION("onSessionClose", session_close); + SETFUNCTION("onSessionError", session_error); + SETFUNCTION("onSessionHandshake", session_handshake); + SETFUNCTION("onSessionKeylog", session_keylog); + SETFUNCTION("onSessionPathValidation", session_path_validation); + SETFUNCTION("onSessionSilentClose", session_silent_close); + SETFUNCTION("onSessionStatus", session_status); + SETFUNCTION("onSessionTicket", session_ticket); + SETFUNCTION("onSessionVersionNegotiation", session_version_negotiation); + SETFUNCTION("onStreamReady", stream_ready); + SETFUNCTION("onStreamClose", stream_close); + SETFUNCTION("onStreamError", stream_error); + SETFUNCTION("onStreamReset", stream_reset); + SETFUNCTION("onSocketServerBusy", socket_server_busy); + +#undef SETFUNCTION +} + + +// Sets QUIC specific configuration options for the SecureContext. +// It's entirely likely that there's a better way to do this, but +// for now this works. +void QuicInitSecureContext(const FunctionCallbackInfo& args) { + Environment* env = Environment::GetCurrent(args); + CHECK(args[0]->IsObject()); // Secure Context + CHECK(args[1]->IsString()); // groups + SecureContext* sc; + ASSIGN_OR_RETURN_UNWRAP(&sc, args[0].As(), + args.GetReturnValue().Set(UV_EBADF)); + + constexpr auto ssl_opts = (SSL_OP_ALL & ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS) | + SSL_OP_SINGLE_ECDH_USE | + SSL_OP_CIPHER_SERVER_PREFERENCE | + SSL_OP_NO_ANTI_REPLAY; + SSL_CTX_set_options(**sc, ssl_opts); + SSL_CTX_clear_options(**sc, SSL_OP_ENABLE_MIDDLEBOX_COMPAT); + SSL_CTX_set_mode(**sc, SSL_MODE_RELEASE_BUFFERS | SSL_MODE_QUIC_HACK); + SSL_CTX_set_default_verify_paths(**sc); + SSL_CTX_set_max_early_data(**sc, std::numeric_limits::max()); + SSL_CTX_set_alpn_select_cb(**sc, ALPN_Select_Proto_CB, nullptr); + SSL_CTX_set_client_hello_cb(**sc, Client_Hello_CB, nullptr); + SSL_CTX_set_tlsext_status_cb(**sc, TLS_Status_Callback); + SSL_CTX_set_tlsext_status_arg(**sc, nullptr); + CHECK_EQ( + SSL_CTX_add_custom_ext( + **sc, + NGTCP2_TLSEXT_QUIC_TRANSPORT_PARAMETERS, + SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS, + Server_Transport_Params_Add_CB, + Transport_Params_Free_CB, nullptr, + Server_Transport_Params_Parse_CB, + nullptr), 1); + + const node::Utf8Value groups(env->isolate(), args[1]); + if (!SSL_CTX_set1_groups_list(**sc, *groups)) { + unsigned long err = ERR_get_error(); // NOLINT(runtime/int) + if (!err) + return env->ThrowError("Failed to set groups"); + return crypto::ThrowCryptoError(env, err); + } +} + +void QuicInitSecureContextClient(const FunctionCallbackInfo& args) { + Environment* env = Environment::GetCurrent(args); + CHECK(args[0]->IsObject()); // Secure Context + CHECK(args[1]->IsString()); // groups + SecureContext* sc; + ASSIGN_OR_RETURN_UNWRAP(&sc, args[0].As(), + args.GetReturnValue().Set(UV_EBADF)); + + SSL_CTX_set_mode(**sc, SSL_MODE_QUIC_HACK); + SSL_CTX_clear_options(**sc, SSL_OP_ENABLE_MIDDLEBOX_COMPAT); + SSL_CTX_set_default_verify_paths(**sc); + SSL_CTX_set_tlsext_status_cb(**sc, TLS_Status_Callback); + SSL_CTX_set_tlsext_status_arg(**sc, nullptr); + + CHECK_EQ(SSL_CTX_add_custom_ext( + **sc, + NGTCP2_TLSEXT_QUIC_TRANSPORT_PARAMETERS, + SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS, + Client_Transport_Params_Add_CB, + Transport_Params_Free_CB, + nullptr, + Client_Transport_Params_Parse_CB, + nullptr), 1); + + + const node::Utf8Value groups(env->isolate(), args[1]); + if (!SSL_CTX_set1_groups_list(**sc, *groups)) { + unsigned long err = ERR_get_error(); // NOLINT(runtime/int) + if (!err) + return env->ThrowError("Failed to set groups"); + return crypto::ThrowCryptoError(env, err); + } + + SSL_CTX_set_session_cache_mode( + **sc, SSL_SESS_CACHE_CLIENT | SSL_SESS_CACHE_NO_INTERNAL_STORE); + SSL_CTX_sess_set_new_cb(**sc, [](SSL* ssl, SSL_SESSION* session) { + QuicClientSession* s = + static_cast( + SSL_get_app_data(ssl)); + return s->SetSession(session); + }); +} +} // namespace + + +void Initialize(Local target, + Local unused, + Local context, + void* priv) { + Environment* env = Environment::GetCurrent(context); + Isolate* isolate = env->isolate(); + HandleScope scope(isolate); + + HistogramBase::Initialize(env); + + std::unique_ptr state(new QuicState(isolate)); +#define SET_STATE_TYPEDARRAY(name, field) \ + target->Set(context, \ + FIXED_ONE_BYTE_STRING(isolate, (name)), \ + (field)).FromJust() + SET_STATE_TYPEDARRAY( + "sessionConfig", state->quicsessionconfig_buffer.GetJSArray()); +#undef SET_STATE_TYPEDARRAY + + env->set_quic_state(std::move(state)); + + QuicSocket::Initialize(env, target, context); + QuicServerSession::Initialize(env, target, context); + QuicClientSession::Initialize(env, target, context); + QuicStream::Initialize(env, target, context); + + env->SetMethod(target, + "setCallbacks", + QuicSetCallbacks); + env->SetMethod(target, + "initSecureContext", + QuicInitSecureContext); + env->SetMethod(target, + "initSecureContextClient", + QuicInitSecureContextClient); + + Local constants = Object::New(env->isolate()); + NODE_DEFINE_CONSTANT(constants, AF_INET); + NODE_DEFINE_CONSTANT(constants, AF_INET6); + NODE_DEFINE_CONSTANT(constants, DEFAULT_MAX_STREAM_DATA_BIDI_LOCAL); + NODE_DEFINE_CONSTANT(constants, DEFAULT_RETRYTOKEN_EXPIRATION); + NODE_DEFINE_CONSTANT(constants, DEFAULT_MAX_CONNECTIONS_PER_HOST); + NODE_DEFINE_CONSTANT(constants, IDX_QUIC_SESSION_STATE_CERT_ENABLED); + NODE_DEFINE_CONSTANT(constants, IDX_QUIC_SESSION_STATE_CLIENT_HELLO_ENABLED); + NODE_DEFINE_CONSTANT(constants, + IDX_QUIC_SESSION_STATE_PATH_VALIDATED_ENABLED); + NODE_DEFINE_CONSTANT(constants, IDX_QUIC_SESSION_STATE_KEYLOG_ENABLED); + NODE_DEFINE_CONSTANT(constants, IDX_QUIC_SESSION_STATE_MAX_STREAMS_BIDI); + NODE_DEFINE_CONSTANT(constants, IDX_QUIC_SESSION_STATE_MAX_STREAMS_UNI); + NODE_DEFINE_CONSTANT(constants, MAX_RETRYTOKEN_EXPIRATION); + NODE_DEFINE_CONSTANT(constants, MIN_RETRYTOKEN_EXPIRATION); + NODE_DEFINE_CONSTANT(constants, NGTCP2_MAX_CIDLEN); + NODE_DEFINE_CONSTANT(constants, NGTCP2_MIN_CIDLEN); + NODE_DEFINE_CONSTANT(constants, NGTCP2_NO_ERROR); + NODE_DEFINE_CONSTANT(constants, NGTCP2_PROTO_VER); + NODE_DEFINE_CONSTANT(constants, QUIC_ERROR_APPLICATION); + NODE_DEFINE_CONSTANT(constants, QUIC_ERROR_CRYPTO); + NODE_DEFINE_CONSTANT(constants, QUIC_ERROR_SESSION); + NODE_DEFINE_CONSTANT(constants, QUIC_PREFERRED_ADDRESS_ACCEPT); + NODE_DEFINE_CONSTANT(constants, QUIC_PREFERRED_ADDRESS_IGNORE); + NODE_DEFINE_CONSTANT(constants, NGTCP2_DEFAULT_MAX_ACK_DELAY); + NODE_DEFINE_CONSTANT(constants, NGTCP2_PATH_VALIDATION_RESULT_FAILURE); + NODE_DEFINE_CONSTANT(constants, NGTCP2_PATH_VALIDATION_RESULT_SUCCESS); + NODE_DEFINE_CONSTANT(constants, SSL_OP_ALL); + NODE_DEFINE_CONSTANT(constants, SSL_OP_CIPHER_SERVER_PREFERENCE); + NODE_DEFINE_CONSTANT(constants, SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS); + NODE_DEFINE_CONSTANT(constants, SSL_OP_NO_ANTI_REPLAY); + NODE_DEFINE_CONSTANT(constants, SSL_OP_SINGLE_ECDH_USE); + NODE_DEFINE_CONSTANT(constants, TLS1_3_VERSION); + NODE_DEFINE_CONSTANT(constants, UV_EBADF); + NODE_DEFINE_CONSTANT(constants, UV_UDP_IPV6ONLY); + NODE_DEFINE_CONSTANT(constants, UV_UDP_REUSEADDR); + + NODE_DEFINE_CONSTANT(constants, IDX_QUIC_SESSION_ACTIVE_CONNECTION_ID_LIMIT); + NODE_DEFINE_CONSTANT(constants, IDX_QUIC_SESSION_MAX_STREAM_DATA_BIDI_LOCAL); + NODE_DEFINE_CONSTANT(constants, IDX_QUIC_SESSION_MAX_STREAM_DATA_BIDI_REMOTE); + NODE_DEFINE_CONSTANT(constants, IDX_QUIC_SESSION_MAX_STREAM_DATA_UNI); + NODE_DEFINE_CONSTANT(constants, IDX_QUIC_SESSION_MAX_DATA); + NODE_DEFINE_CONSTANT(constants, IDX_QUIC_SESSION_MAX_STREAMS_BIDI); + NODE_DEFINE_CONSTANT(constants, IDX_QUIC_SESSION_MAX_STREAMS_UNI); + NODE_DEFINE_CONSTANT(constants, IDX_QUIC_SESSION_IDLE_TIMEOUT); + NODE_DEFINE_CONSTANT(constants, IDX_QUIC_SESSION_MAX_PACKET_SIZE); + NODE_DEFINE_CONSTANT(constants, IDX_QUIC_SESSION_ACK_DELAY_EXPONENT); + NODE_DEFINE_CONSTANT(constants, IDX_QUIC_SESSION_DISABLE_MIGRATION); + NODE_DEFINE_CONSTANT(constants, IDX_QUIC_SESSION_MAX_ACK_DELAY); + NODE_DEFINE_CONSTANT(constants, IDX_QUIC_SESSION_MAX_CRYPTO_BUFFER); + NODE_DEFINE_CONSTANT(constants, IDX_QUIC_SESSION_CONFIG_COUNT); + + NODE_DEFINE_CONSTANT(constants, MIN_MAX_CRYPTO_BUFFER); + + NODE_DEFINE_CONSTANT( + constants, + QUICSERVERSESSION_OPTION_REJECT_UNAUTHORIZED); + NODE_DEFINE_CONSTANT( + constants, + QUICSERVERSESSION_OPTION_REQUEST_CERT); + NODE_DEFINE_CONSTANT( + constants, + QUICCLIENTSESSION_OPTION_REQUEST_OCSP); + NODE_DEFINE_CONSTANT( + constants, + QUICCLIENTSESSION_OPTION_VERIFY_HOSTNAME_IDENTITY); + NODE_DEFINE_CONSTANT( + constants, + QUICSOCKET_OPTIONS_VALIDATE_ADDRESS); + NODE_DEFINE_CONSTANT( + constants, + QUICSOCKET_OPTIONS_VALIDATE_ADDRESS_LRU); + + target->Set(context, + env->constants_string(), + constants).FromJust(); + + constants->DefineOwnProperty(context, + FIXED_ONE_BYTE_STRING(isolate, NODE_STRINGIFY_HELPER(NGTCP2_ALPN_H3)), + FIXED_ONE_BYTE_STRING(isolate, NGTCP2_ALPN_H3), + static_cast(ReadOnly | DontDelete)).Check(); +} + +} // namespace quic +} // namespace node + +NODE_MODULE_CONTEXT_AWARE_INTERNAL(quic, node::quic::Initialize) diff --git a/src/node_quic_buffer.h b/src/node_quic_buffer.h new file mode 100644 index 0000000000..ec29699c8a --- /dev/null +++ b/src/node_quic_buffer.h @@ -0,0 +1,441 @@ +#ifndef SRC_NODE_QUIC_BUFFER_H_ +#define SRC_NODE_QUIC_BUFFER_H_ + +#if defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS + +#include "memory_tracker-inl.h" +#include "ngtcp2/ngtcp2.h" +#include "node.h" +#include "node_internals.h" +#include "util.h" +#include "uv.h" +#include "v8.h" + +#include +#include +#include + +namespace node { +namespace quic { + +// QuicBuffer an internal linked list of uv_buf_t instances +// representing data that is to be sent. All data in the +// Buffer has to be retained until it is Consumed or Canceled. +// For QUIC, the data is not consumed until an explicit ack +// is received or we know that we do not need the data. + +typedef std::function done_cb; + +// Default non-op done handler. +inline void default_quic_buffer_chunk_done(int status) {} + +inline bool IsEmptyBuffer(const uv_buf_t& buf) { + return buf.len == 0 || buf.base == nullptr; +} + +// A quic_buffer_chunk contains the actual buffered data +// along with a callback, and optional V8 object that +// should be kept alive as long as the chunk is alive. +struct quic_buffer_chunk : public MemoryRetainer { + MallocedBuffer data_buf; + uv_buf_t buf; + done_cb done = default_quic_buffer_chunk_done; + size_t offset = 0; + size_t roffset = 0; + bool done_called = false; + v8::Global keep_alive; + std::unique_ptr next; + + quic_buffer_chunk( + MallocedBuffer&& buf_, + done_cb done_, + v8::Local keep_alive_) + : quic_buffer_chunk(uv_buf_init(reinterpret_cast(buf_.data), + buf_.size), + done_, + keep_alive_) { + data_buf = std::move(buf_); + } + + explicit quic_buffer_chunk(uv_buf_t buf_) : buf(buf_) {} + + quic_buffer_chunk( + uv_buf_t buf_, + done_cb done_, + v8::Local keep_alive_) + : quic_buffer_chunk(buf_) { + done = std::move(done_); + if (!keep_alive.IsEmpty()) + keep_alive.Reset(keep_alive_->GetIsolate(), keep_alive_); + } + + ~quic_buffer_chunk() override { + CHECK(done_called); + } + + void Done(int status) { + done_called = true; + std::move(done)(status); + } + + void MemoryInfo(MemoryTracker* tracker) const override { + tracker->TrackFieldWithSize("buf", buf.len); + } + + SET_MEMORY_INFO_NAME(quic_buffer_chunk) + SET_SELF_SIZE(quic_buffer_chunk) +}; + +// A QuicBuffer is a linked-list of quic_buffer_chunk instances. +// There are three significant pointers: root_, head_, and tail_. +// * root_ is the base of the linked list +// * head_ is a pointer to the current read position of the linked list +// * tail_ is a pointer to the current write position of the linked list +// Items are dropped from the linked list only when either Consume() or +// Cancel() is called. Consume() will consume a given number of bytes up +// to, but not including the read head_. Cancel() will consume all remaining +// bytes in the linked list. As whole quic_buffer_chunk instances are +// consumed, the corresponding Done callback will be invoked, allowing +// any memory to be freed up. +// +// Use SeekHead(n) to advance the read head_ forward n positions. +// +// DrainInto() will drain the remaining quic_buffer_chunk instances +// into a vector and will advance the read head_ to the end of the +// QuicBuffer. The function will return the number of positions drained +// which would then be passed to SeekHead(n) to advance the read head. +// +// QuicBuffer supports move assignment that will completely reset the source. +// That is, +// QuicBuffer buf1; +// QuicBuffer buf2; +// buf2 = std::move(buf1); +// +// Will reset the state of buf2 to that of buf1, then reset buf1 +// +// There is also an overloaded += operator that will append the source +// content to the destination and reset the source. +// That is, +// QuicBuffer buf1; +// QuicBuffer buf2; +// buf2 += std::move(buf1); +// +// Will append the contents of buf1 to buf2, then reset buf1 +class QuicBuffer : public MemoryRetainer { + public: + QuicBuffer() + : head_(nullptr), + tail_(nullptr), + size_(0), + count_(0), + length_(0), + rlength_(0) {} + + QuicBuffer(QuicBuffer&& src) noexcept + : head_(src.head_), + tail_(src.tail_), + size_(src.size_), + count_(src.count_), + length_(src.length_), + rlength_(src.rlength_) { + root_ = std::move(src.root_); + src.head_ = nullptr; + src.tail_ = nullptr; + src.size_ = 0; + src.length_ = 0; + src.rlength_ = 0; + } + + QuicBuffer& operator=(QuicBuffer&& src) noexcept { + if (this == &src) return *this; + this->~QuicBuffer(); + return *new(this) QuicBuffer(std::move(src)); + } + + QuicBuffer& operator+=(QuicBuffer&& src) noexcept { + if (tail_ == nullptr) { + // If this thing is empty, just do a move... + return *this = std::move(src); + } + + tail_->next = std::move(src.root_); + // If head_ is null, then it had been read to the + // end, set the new head_ equal to the appended + // root. + if (head_ == nullptr) + head_ = tail_->next.get(); + tail_ = src.tail_; + length_ += src.length_; + rlength_ += src.length_; + size_ += src.size_; + count_ += src.size_; + src.head_ = nullptr; + src.tail_ = nullptr; + src.size_ = 0; + src.length_ = 0; + src.rlength_ = 0; + return *this; + } + + ~QuicBuffer() override { + Cancel(); // Cancel the remaining data + CHECK_EQ(length_, 0); + } + + size_t Copy(uv_buf_t* bufs, size_t nbufs) { + size_t total = 0; + for (size_t n = 0; n < nbufs; n++) { + MallocedBuffer data(bufs[n].len); + memcpy(data.data, bufs[n].base, bufs[n].len); + total += bufs[n].len; + Push(std::move(data)); + } + return total; + } + + // Push one or more uv_buf_t instances into the buffer. + // the done_cb callback will be invoked when the last + // uv_buf_t in the bufs array is consumed and popped out + // of the internal linked list. The keep_alive allows a reference to a + // JS object to be kept around until the final uv_buf_t + // is consumed. + size_t Push( + uv_buf_t* bufs, + size_t nbufs, + done_cb done = default_quic_buffer_chunk_done, + v8::Local keep_alive = v8::Local()) { + size_t len = 0; + if (nbufs == 0 || bufs == nullptr || IsEmptyBuffer(bufs[0])) { + done(0); + return 0; + } + size_t n = 0; + while (nbufs > 1) { + if (!IsEmptyBuffer(bufs[n])) { + Push(bufs[n]); + length_ += bufs[n].len; + rlength_ += bufs[n].len; + len += bufs[n].len; + } + n++; + nbufs--; + } + length_ += bufs[n].len; + rlength_ += bufs[n].len; + len += bufs[n].len; + Push(bufs[n], done, keep_alive); + return len; + } + + // Push a single malloc buf into the buffer. + // The done_cb will be invoked when the buf is consumed + // and popped out of the internal linked list. The keep_alive allows a + // reference to a JS object to be kept around until the + // final uv_buf_t is consumed. + size_t Push( + MallocedBuffer&& buffer, + done_cb done = default_quic_buffer_chunk_done, + v8::Local keep_alive = v8::Local()) { + if (buffer.size == 0) { + done(0); + return 0; + } + length_ += buffer.size; + rlength_ += buffer.size; + Push(new quic_buffer_chunk(std::move(buffer), done, keep_alive)); + return buffer.size; + } + + // Consume the given number of bytes within the buffer. If amount is + // negative, all buffered bytes that are available to be consumed are + // consumed. + void Consume(ssize_t amount = -1) { Consume(0, amount); } + + // Cancels the remaining bytes within the buffer + size_t Cancel(int status = UV_ECANCELED) { + size_t remaining = Length(); + Consume(status, -1); + return remaining; + } + + // The total buffered bytes + size_t Length() { + return length_; + } + + size_t RemainingLength() { + return rlength_; + } + + // The total number of buffers + size_t Size() { + return size_; + } + + // The number of buffers remaining to be read + size_t ReadRemaining() { + return count_; + } + + // Drain the remaining buffers into the given vector. + // The function will return the number of positions the + // read head_ can be advanced. + size_t DrainInto(std::vector* list, size_t* length = nullptr) { + return DrainInto([&](uv_buf_t buf) { list->push_back(buf); }, length); + } + + size_t DrainInto(std::vector* list, size_t* length = nullptr) { + return DrainInto([&](uv_buf_t buf) { + list->push_back(ngtcp2_vec { + reinterpret_cast(buf.base), buf.len }); + }, length); + } + + // Returns the current read head or an empty buffer if + // we're empty + uv_buf_t Head() { + if (head_ == nullptr) + return uv_buf_init(nullptr, 0); + return uv_buf_init( + head_->buf.base + head_->roffset, + head_->buf.len - head_->roffset); + } + + // Moves the current read head forward the given + // number of buffers. If amount is greater than + // the number of buffers remaining, move to the + // end, and return the actual number advanced. + size_t SeekHead(size_t amount = 1) { + size_t n = 0; + size_t amt = amount; + while (head_ != nullptr && amt > 0) { + head_ = head_->next.get(); + n++; + amt--; + count_--; + rlength_ -= head_ == nullptr ? 0 : head_->buf.len; + } + return n; + } + + void SeekHeadOffset(ssize_t amount) { + if (amount < 0) + return; + size_t amt = std::min(amount < 0 ? length_ : amount, length_); + while (head_ && amt > 0) { + size_t len = head_->buf.len - head_->roffset; + // If the remaining length in the head is greater than the + // amount we're seeking, just adjust the roffset + if (len > amt) { + head_->roffset += amt; + rlength_ -= amt; + break; + } + // Otherwise, decrement the amt and advance the read head + // one space and iterate from there. + amt -= len; + rlength_ -= len; + head_ = head_->next.get(); + } + } + + void MemoryInfo(MemoryTracker* tracker) const override { + tracker->TrackFieldWithSize("length", length_); + } + SET_MEMORY_INFO_NAME(QuicBuffer); + SET_SELF_SIZE(QuicBuffer); + + private: + template + size_t DrainInto(Fn&& add_to_list, size_t* length) { + size_t len = 0; + bool seen_head = false; + quic_buffer_chunk* pos = head_; + if (pos == nullptr) + return 0; + if (length != nullptr) *length = 0; + while (pos != nullptr) { + size_t datalen = pos->buf.len - pos->roffset; + if (length != nullptr) *length += datalen; + add_to_list(uv_buf_init(pos->buf.base + pos->roffset, datalen)); + if (pos == head_) seen_head = true; + if (seen_head) len++; + pos = pos->next.get(); + } + return len; + } + + + void Push(quic_buffer_chunk* chunk) { + size_++; + count_++; + if (!tail_) { + root_.reset(chunk); + head_ = tail_ = root_.get(); + } else { + tail_->next.reset(chunk); + tail_ = tail_->next.get(); + if (!head_) + head_ = tail_; + } + } + + void Push(uv_buf_t buf) { + Push(new quic_buffer_chunk(buf)); + } + + void Push(uv_buf_t buf, done_cb done, v8::Local keep_alive) { + Push(new quic_buffer_chunk(buf, done, keep_alive)); + } + + bool Pop(int status = 0) { + if (!root_) + return false; + std::unique_ptr root(std::move(root_)); + root_ = std::move(root.get()->next); + size_--; + + if (head_ == root.get()) + head_ = root_.get(); + if (tail_ == root.get()) + tail_ = root_.get(); + + root->Done(status); + return true; + } + + void Consume(int status, ssize_t amount) { + size_t amt = std::min(amount < 0 ? length_ : amount, length_); + while (root_ && amt > 0) { + auto root = root_.get(); + // Never allow for partial consumption of head when using a + // non-cancel status + // if (status == 0 && head_ == root) + // break; + size_t len = root->buf.len - root->offset; + if (len > amt) { + length_ -= amt; + root->offset += amt; + break; + } + length_ -= len; + amt -= len; + Pop(status); + } + } + + std::unique_ptr root_; + quic_buffer_chunk* head_; // Current Read Position + quic_buffer_chunk* tail_; // Current Write Position + size_t size_; + size_t count_; + size_t length_; + size_t rlength_; +}; + +} // namespace quic +} // namespace node + +#endif // NODE_WANT_INTERNALS + +#endif // SRC_NODE_QUIC_BUFFER_H_ diff --git a/src/node_quic_crypto.cc b/src/node_quic_crypto.cc new file mode 100644 index 0000000000..d0cb2e8a24 --- /dev/null +++ b/src/node_quic_crypto.cc @@ -0,0 +1,1808 @@ +#include "node_quic_crypto.h" +#include "env-inl.h" +#include "node_crypto.h" +#include "node_quic_session-inl.h" +#include "node_quic_util.h" +#include "node_url.h" +#include "string_bytes.h" +#include "v8.h" + +#include +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include + +namespace node { + +using v8::Array; +using v8::Local; +using v8::Object; +using v8::String; +using v8::Value; + +namespace quic { + +namespace { +int BIO_Write(BIO* b, const char* buf, int len) { + return -1; +} + +int BIO_Read(BIO* b, char* buf, int len) { + BIO_clear_retry_flags(b); + QuicSession* session = static_cast(BIO_get_data(b)); + len = session->ReadPeerHandshake(reinterpret_cast(buf), len); + if (len == 0) { + BIO_set_retry_read(b); + return -1; + } + return len; +} + +int BIO_Puts(BIO* b, const char* str) { + return BIO_Write(b, str, strlen(str)); +} + +int BIO_Gets(BIO* b, char* buf, int len) { + return -1; +} + +long BIO_Ctrl( // NOLINT(runtime/int) + BIO* b, + int cmd, + long num, // NOLINT(runtime/int) + void* ptr) { + return cmd == BIO_CTRL_FLUSH ? 1 : 0; +} + +int BIO_Create(BIO* b) { + BIO_set_init(b, 1); + return 1; +} + +int BIO_Destroy(BIO* b) { + return b == nullptr ? 0 : 1; +} +} // namespace + +BIO_METHOD* CreateBIOMethod() { + static BIO_METHOD* method = nullptr; + + if (method == nullptr) { + method = BIO_meth_new(BIO_TYPE_FD, "bio"); + BIO_meth_set_write(method, BIO_Write); + BIO_meth_set_read(method, BIO_Read); + BIO_meth_set_puts(method, BIO_Puts); + BIO_meth_set_gets(method, BIO_Gets); + BIO_meth_set_ctrl(method, BIO_Ctrl); + BIO_meth_set_create(method, BIO_Create); + BIO_meth_set_destroy(method, BIO_Destroy); + } + return method; +} + +// TODO(@jasnell): Replace with ngtcp2_crypto_aead_keylen once +// we move to ngtcp2_crypto.h +size_t aead_key_length(const CryptoContext* ctx) { + return static_cast(EVP_CIPHER_key_length(ctx->aead)); +} + +// TODO(@jasnell): Replace with ngtcp2_crypto_aead_noncelen once +// we move to ngtcp2_crypto.h +size_t aead_nonce_length(const CryptoContext* ctx) { + return static_cast(EVP_CIPHER_iv_length(ctx->aead)); +} + +// TODO(@jasnell): Replace with ngtcp2_crypto_packet_protection_ivlen +// once we move to ngtcp2_crypto.h +size_t packet_protection_ivlen(const CryptoContext* ctx) { + size_t noncelen = aead_nonce_length(ctx); + return std::max(static_cast(8), noncelen); +} + +// TODO(@jasnell): Replace with ngtcp2_crypto_aead_taglen once +// we move to ngtcp2_crypto.h +size_t aead_tag_length(const CryptoContext* ctx) { + if (ctx->aead == EVP_aes_128_gcm() || + ctx->aead == EVP_aes_256_gcm()) { + return EVP_GCM_TLS_TAG_LEN; + } + if (ctx->aead == EVP_chacha20_poly1305()) { + return EVP_CHACHAPOLY_TLS_TAG_LEN; + } + if (ctx->aead == EVP_aes_128_ccm()) { + return EVP_CCM_TLS_TAG_LEN; + } + return 0; +} + +// TODO(@jasnell): Replace with ngtcp2_crypto_ctx_initial once +// we move to ngtcp2_crypto.h +void SetupInitialCryptoContext(CryptoContext* context) { + context->aead = EVP_aes_128_gcm(); + context->hp = EVP_aes_128_ctr(); + context->md = EVP_sha256(); +} + +// TODO(@jasnell): Remove once we move to ngtcp2_crypto.h +const EVP_CIPHER* crypto_ssl_get_aead(SSL* ssl) { + switch (SSL_CIPHER_get_id(SSL_get_current_cipher(ssl))) { + case TLS1_3_CK_AES_128_GCM_SHA256: + return EVP_aes_128_gcm(); + case TLS1_3_CK_AES_256_GCM_SHA384: + return EVP_aes_256_gcm(); + case TLS1_3_CK_CHACHA20_POLY1305_SHA256: + return EVP_chacha20_poly1305(); + case TLS1_3_CK_AES_128_CCM_SHA256: + return EVP_aes_128_ccm(); + default: + return nullptr; + } +} + +// TODO(@jasnell): Remove once we move to ngtcp2_crypto.h +const EVP_CIPHER* crypto_ssl_get_hp(SSL* ssl) { + switch (SSL_CIPHER_get_id(SSL_get_current_cipher(ssl))) { + case TLS1_3_CK_AES_128_GCM_SHA256: + case TLS1_3_CK_AES_128_CCM_SHA256: + return EVP_aes_128_ctr(); + case TLS1_3_CK_AES_256_GCM_SHA384: + return EVP_aes_256_ctr(); + case TLS1_3_CK_CHACHA20_POLY1305_SHA256: + return EVP_chacha20(); + default: + return nullptr; + } +} + +// TODO(@jasnell): Remove once we move to ngtcp2_crypto.h +const EVP_MD* crypto_ssl_get_md(SSL* ssl) { + switch (SSL_CIPHER_get_id(SSL_get_current_cipher(ssl))) { + case TLS1_3_CK_AES_128_GCM_SHA256: + case TLS1_3_CK_CHACHA20_POLY1305_SHA256: + case TLS1_3_CK_AES_128_CCM_SHA256: + return EVP_sha256(); + case TLS1_3_CK_AES_256_GCM_SHA384: + return EVP_sha384(); + default: + return nullptr; + } +} + +// TODO(@jasnell): Replace with ngtcp2_crypto_ctx_tls once +// we move to ngtcp2_crypto +void SetupCryptoContext(CryptoContext* ctx, SSL* ssl) { + ctx->aead = crypto_ssl_get_aead(ssl); + ctx->md = crypto_ssl_get_md(ssl); + ctx->hp = crypto_ssl_get_hp(ssl); +} + +// TODO(@jasnell): Replace with ngtcp2_crypto_hkdf_extract once +// we move to ngtcp2_crypto +bool HKDF_Extract( + uint8_t* dest, + size_t destlen, + const CryptoContext* ctx, + const uint8_t* secret, + size_t secretlen, + const uint8_t* salt, + size_t saltlen) { + PKeyCtxPointer pctx(EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, nullptr)); + return + pctx && + EVP_PKEY_derive_init(pctx.get()) == 1 && + EVP_PKEY_CTX_hkdf_mode( + pctx.get(), + EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY) == 1 && + EVP_PKEY_CTX_set_hkdf_md(pctx.get(), ctx->md) == 1 && + EVP_PKEY_CTX_set1_hkdf_salt(pctx.get(), salt, saltlen) == 1 && + EVP_PKEY_CTX_set1_hkdf_key(pctx.get(), secret, secretlen) == 1 && + EVP_PKEY_derive(pctx.get(), dest, &destlen) == 1; +} + +// TODO(@jasnell): Remove once we move to ngtcp2_crypto +bool HKDF_Expand( + uint8_t* dest, + size_t destlen, + const CryptoContext* ctx, + const uint8_t* secret, + size_t secretlen, + const uint8_t* info, + size_t infolen) { + PKeyCtxPointer pctx(EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, nullptr)); + + return + pctx && + EVP_PKEY_derive_init(pctx.get()) == 1 && + EVP_PKEY_CTX_hkdf_mode( + pctx.get(), + EVP_PKEY_HKDEF_MODE_EXPAND_ONLY) == 1 && + EVP_PKEY_CTX_set_hkdf_md(pctx.get(), ctx->md) == 1 && + EVP_PKEY_CTX_set1_hkdf_salt(pctx.get(), "", 0) == 1 && + EVP_PKEY_CTX_set1_hkdf_key(pctx.get(), secret, secretlen) == 1 && + EVP_PKEY_CTX_add1_hkdf_info(pctx.get(), info, infolen) == 1 && + EVP_PKEY_derive(pctx.get(), dest, &destlen) == 1; +} + +// TODO(@jasnell): Replace with ngtcp2_crypto_hkdf_expand_label +// once we move to ngtcp2_crypto +bool HKDF_Expand_Label( + uint8_t* dest, + size_t destlen, + const CryptoContext* ctx, + const uint8_t* secret, + size_t secretlen, + const uint8_t* label, + size_t labellen) { + static const uint8_t LABEL[] = "tls13 "; + uint8_t info[256]; + uint8_t* p = info; + + *p++ = static_cast(destlen / 256); + *p++ = static_cast(destlen % 256); + *p++ = static_cast(sizeof(LABEL) - 1 + labellen); + memcpy(p, LABEL, sizeof(LABEL) - 1); + p += sizeof(LABEL) - 1; + memcpy(p, label, labellen); + p += labellen; + *p++ = 0; + + return HKDF_Expand( + dest, + destlen, + ctx, + secret, + secretlen, + info, + static_cast(p - info)); +} + +// TODO(@jasnell): Replace with ngtcp2_crypto_encrypt once +// we move to ngtcp2_crypto +ssize_t Encrypt( + uint8_t* dest, + size_t destlen, + const uint8_t* plaintext, + size_t plaintextlen, + const CryptoContext* ctx, + const uint8_t* key, + size_t keylen, + const uint8_t* nonce, + size_t noncelen, + const uint8_t* ad, + size_t adlen) { + size_t taglen = aead_tag_length(ctx); + + if (destlen < plaintextlen + taglen) + return -1; + + CipherCtxPointer actx(EVP_CIPHER_CTX_new()); + CHECK(actx); + + size_t outlen = 0; + int len; + + if (EVP_EncryptInit_ex(actx.get(), ctx->aead, nullptr, nullptr, nullptr) != 1) + return NGTCP2_ERR_CRYPTO; + + if (EVP_CIPHER_CTX_ctrl(actx.get(), EVP_CTRL_AEAD_SET_IVLEN, + noncelen, nullptr) != 1) { + return NGTCP2_ERR_CRYPTO; + } + + if (EVP_EncryptInit_ex(actx.get(), nullptr, nullptr, key, nonce) != 1) + return NGTCP2_ERR_CRYPTO; + + if (EVP_EncryptUpdate(actx.get(), nullptr, &len, ad, adlen) != 1) + return NGTCP2_ERR_CRYPTO; + + if (EVP_EncryptUpdate(actx.get(), dest, &len, plaintext, plaintextlen) != 1) + return NGTCP2_ERR_CRYPTO; + + outlen = len; + + if (EVP_EncryptFinal_ex(actx.get(), dest + outlen, &len) != 1) + return NGTCP2_ERR_CRYPTO; + + outlen += len; + + CHECK_LE(outlen + taglen, destlen); + + if (EVP_CIPHER_CTX_ctrl(actx.get(), EVP_CTRL_AEAD_GET_TAG, taglen, + dest + outlen) != 1) { + return NGTCP2_ERR_CRYPTO; + } + + outlen += taglen; + + return outlen; +} + +// TODO(@jasnell): Replace with ngtcp2_crypto_decrypt once +// we move to ngtcp2_crypto +ssize_t Decrypt( + uint8_t* dest, + size_t destlen, + const uint8_t* ciphertext, + size_t ciphertextlen, + const CryptoContext* ctx, + const uint8_t* key, + size_t keylen, + const uint8_t* nonce, + size_t noncelen, + const uint8_t* ad, + size_t adlen) { + size_t taglen = aead_tag_length(ctx); + + if (taglen > ciphertextlen || destlen + taglen < ciphertextlen) + return -1; + + ciphertextlen -= taglen; + auto tag = ciphertext + ciphertextlen; + + CipherCtxPointer actx(EVP_CIPHER_CTX_new()); + CHECK(actx); + + size_t outlen; + int len; + + if (EVP_DecryptInit_ex(actx.get(), ctx->aead, nullptr, nullptr, nullptr) != 1) + return NGTCP2_ERR_TLS_DECRYPT; + + if (EVP_CIPHER_CTX_ctrl(actx.get(), EVP_CTRL_AEAD_SET_IVLEN, + noncelen, nullptr) != 1) { + return NGTCP2_ERR_TLS_DECRYPT; + } + + if (EVP_DecryptInit_ex(actx.get(), nullptr, nullptr, key, nonce) != 1) + return NGTCP2_ERR_TLS_DECRYPT; + + if (EVP_DecryptUpdate(actx.get(), nullptr, &len, ad, adlen) != 1) + return NGTCP2_ERR_TLS_DECRYPT; + + if (EVP_DecryptUpdate(actx.get(), dest, &len, ciphertext, ciphertextlen) != 1) + return NGTCP2_ERR_TLS_DECRYPT; + + outlen = len; + + if (EVP_CIPHER_CTX_ctrl(actx.get(), EVP_CTRL_AEAD_SET_TAG, + taglen, const_cast(tag)) != 1) { + return NGTCP2_ERR_TLS_DECRYPT; + } + + if (EVP_DecryptFinal_ex(actx.get(), dest + outlen, &len) != 1) + return NGTCP2_ERR_TLS_DECRYPT; + + outlen += len; + + return outlen; +} + +// TODO(@jasnell): Replace with ngtcp2_crypto_hp_mask once +// we move to ngtcp2_crypto +ssize_t HP_Mask( + uint8_t* dest, + size_t destlen, + const CryptoContext* ctx, + const uint8_t* key, + size_t keylen, + const uint8_t* sample, + size_t samplelen) { + static constexpr uint8_t PLAINTEXT[] = "\x00\x00\x00\x00\x00"; + + DeleteFnPtr actx; + actx.reset(EVP_CIPHER_CTX_new()); + CHECK(actx); + + size_t outlen = 0; + int len; + + if (EVP_EncryptInit_ex(actx.get(), ctx->hp, nullptr, key, sample) != 1) + return NGTCP2_ERR_CRYPTO; + + if (EVP_EncryptUpdate(actx.get(), dest, &len, PLAINTEXT, + strsize(PLAINTEXT)) != 1) { + return NGTCP2_ERR_CRYPTO; + } + + CHECK_EQ(len, 5); + + outlen = len; + + if (EVP_EncryptFinal_ex(actx.get(), dest + outlen, &len) != 1) + return NGTCP2_ERR_CRYPTO; + + CHECK_EQ(len, 0); + + return outlen; +} + +// TODO(@jasnell): Remove once we move to ngtcp2_crypto +bool DeriveInitialSecrets( + uint8_t* rx_secret, + uint8_t* tx_secret, + uint8_t* initial_secret, + const ngtcp2_cid* dcid, + ngtcp2_crypto_side side) { + + static const uint8_t CLABEL[] = "client in"; + static const uint8_t SLABEL[] = "server in"; + uint8_t initial_secret_buf[NGTCP2_CRYPTO_INITIAL_SECRETLEN]; + uint8_t* client_secret; + uint8_t* server_secret; + CryptoContext ctx; + SetupInitialCryptoContext(&ctx); + + if (!initial_secret) + initial_secret = initial_secret_buf; + + + if (!HKDF_Extract( + initial_secret, + NGTCP2_CRYPTO_INITIAL_SECRETLEN, + &ctx, + dcid->data, + dcid->datalen, + reinterpret_cast(NGTCP2_INITIAL_SALT), + sizeof(NGTCP2_INITIAL_SALT) - 1)) { + return false; + } + + switch (side) { + case NGTCP2_CRYPTO_SIDE_SERVER: + client_secret = rx_secret; + server_secret = tx_secret; + break; + case NGTCP2_CRYPTO_SIDE_CLIENT: + client_secret = tx_secret; + server_secret = rx_secret; + break; + default: + UNREACHABLE(); + } + + return + HKDF_Expand_Label( + client_secret, + NGTCP2_CRYPTO_INITIAL_SECRETLEN, + &ctx, + initial_secret, + NGTCP2_CRYPTO_INITIAL_SECRETLEN, + CLABEL, + sizeof(CLABEL) - 1) && + HKDF_Expand_Label( + server_secret, + NGTCP2_CRYPTO_INITIAL_SECRETLEN, + &ctx, + initial_secret, + NGTCP2_CRYPTO_INITIAL_SECRETLEN, + SLABEL, + sizeof(SLABEL) - 1); +} + +// TODO(@jasnell): Remove once we move to ngtcp2_crypto +bool DerivePacketProtectionKey( + uint8_t* key, + uint8_t* iv, + uint8_t* hp_key, + const CryptoContext* ctx, + const uint8_t* secret, + size_t secretlen) { + static const uint8_t KEY_LABEL[] = "quic key"; + static const uint8_t IV_LABEL[] = "quic iv"; + static const uint8_t HP_KEY_LABEL[] = "quic hp"; + size_t keylen = aead_key_length(ctx); + size_t ivlen = packet_protection_ivlen(ctx); + + return + HKDF_Expand_Label( + key, + keylen, + ctx, + secret, + secretlen, + KEY_LABEL, + sizeof(KEY_LABEL) - 1) && + HKDF_Expand_Label( + iv, + ivlen, + ctx, + secret, + secretlen, + IV_LABEL, + sizeof(IV_LABEL) - 1) && + (hp_key == nullptr || + HKDF_Expand_Label( + hp_key, + keylen, + ctx, + secret, + secretlen, + HP_KEY_LABEL, + sizeof(HP_KEY_LABEL) - 1)); +} + +// TODO(@jasnell): Replace with ngtcp2_crypto_derive_and_install_initial_key +// once we move to ngtcp2_crypto +bool DeriveAndInstallInitialKey( + ngtcp2_conn* conn, + const ngtcp2_cid* dcid, + ngtcp2_crypto_side side) { + InitialSecret rx_secret; + InitialSecret tx_secret; + InitialKey rx_key; + InitialKey tx_key; + InitialIV rx_iv; + InitialIV tx_iv; + InitialKey rx_hp; + InitialKey tx_hp; + + CryptoContext ctx; + SetupInitialCryptoContext(&ctx); + + return + DeriveInitialSecrets( + rx_secret.data(), + tx_secret.data(), + nullptr, + dcid, + side) && + DerivePacketProtectionKey( + rx_key.data(), + rx_iv.data(), + rx_hp.data(), + &ctx, + rx_secret.data(), + NGTCP2_CRYPTO_INITIAL_SECRETLEN) && + DerivePacketProtectionKey( + tx_key.data(), + tx_iv.data(), + tx_hp.data(), + &ctx, + tx_secret.data(), + NGTCP2_CRYPTO_INITIAL_SECRETLEN) && + ngtcp2_conn_install_initial_tx_keys( + conn, + tx_key.data(), + NGTCP2_CRYPTO_INITIAL_KEYLEN, + tx_iv.data(), + NGTCP2_CRYPTO_INITIAL_IVLEN, + tx_hp.data(), + NGTCP2_CRYPTO_INITIAL_KEYLEN) == 0 && + ngtcp2_conn_install_initial_rx_keys( + conn, + rx_key.data(), + NGTCP2_CRYPTO_INITIAL_KEYLEN, + rx_iv.data(), + NGTCP2_CRYPTO_INITIAL_IVLEN, + rx_hp.data(), + NGTCP2_CRYPTO_INITIAL_KEYLEN) == 0; +} + +// TODO(@jasnell): Remove once we move to ngtcp2_crypto +bool UpdateTrafficSecret( + SessionSecret* dest, + std::vector* secret, + const CryptoContext* ctx) { + + static constexpr uint8_t LABEL[] = "traffic upd"; + + CHECK_GE(dest->size(), secret->size()); + + return HKDF_Expand_Label( + dest->data(), + secret->size(), + ctx, + secret->data(), + secret->size(), + LABEL, + strsize(LABEL)); +} + +// TODO(@jasnell): Replace with ngtcp2_crypto_update_and_install_key +// once we move to ngtcp2_crypto +bool UpdateAndInstallKey( + ngtcp2_conn* conn, + std::vector* current_rx_secret, + std::vector* current_tx_secret, + size_t secretlen, + const CryptoContext* ctx) { + SessionSecret rx_secret; + SessionSecret tx_secret; + SessionKey rx_key; + SessionIV rx_iv; + SessionKey tx_key; + SessionIV tx_iv; + + size_t keylen = aead_key_length(ctx); + size_t ivlen = packet_protection_ivlen(ctx); + + if (!UpdateTrafficSecret(&rx_secret, current_rx_secret, ctx) || + !DerivePacketProtectionKey( + rx_key.data(), + rx_iv.data(), + nullptr, + ctx, + rx_secret.data(), + secretlen) || + !UpdateTrafficSecret(&tx_secret, current_tx_secret, ctx) || + !DerivePacketProtectionKey( + tx_key.data(), + tx_iv.data(), + nullptr, + ctx, + tx_secret.data(), + secretlen)) { + return false; + } + + current_rx_secret->assign(std::begin(rx_secret), std::end(rx_secret)); + current_tx_secret->assign(std::begin(tx_secret), std::end(tx_secret)); + + return + ngtcp2_conn_update_rx_key( + conn, + rx_key.data(), + keylen, + rx_iv.data(), + ivlen) == 0 && + ngtcp2_conn_update_tx_key( + conn, + tx_key.data(), + keylen, + tx_iv.data(), + ivlen) == 0; +} + +bool DeriveTokenKey( + uint8_t* token_key, + uint8_t* token_iv, + const uint8_t* rand_data, + size_t rand_datalen, + const CryptoContext* context, + std::array* token_secret) { + TokenSecret secret; + + return + HKDF_Extract( + secret.data(), + secret.size(), + context, + token_secret->data(), + token_secret->size(), + rand_data, + rand_datalen) && + DerivePacketProtectionKey( + token_key, + token_iv, + nullptr, + context, + secret.data(), + secret.size()); +} + +bool MessageDigest( + std::array* dest, + const std::array& rand) { + const EVP_MD* meth = EVP_sha256(); + DeleteFnPtr ctx; + ctx.reset(EVP_MD_CTX_new()); + CHECK(ctx); + + if (EVP_DigestInit_ex(ctx.get(), meth, nullptr) != 1) + return false; + + if (EVP_DigestUpdate(ctx.get(), rand.data(), rand.size()) != 1) + return false; + + unsigned int mdlen = EVP_MD_size(meth); + + return EVP_DigestFinal_ex(ctx.get(), dest->data(), &mdlen) == 1; +} + +bool GenerateRandData(uint8_t* buf, size_t len) { + std::array rand; + std::array md; + EntropySource(rand.data(), rand.size()); + + if (!MessageDigest(&md, rand)) + return false; + + CHECK_LE(len, md.size()); + std::copy_n(std::begin(md), len, buf); + return true; +} + +void ClearTLSError() { + ERR_clear_error(); +} + +const char* TLSErrorString(int code) { + return ERR_error_string(code, nullptr); +} + +void InstallEarlyKeys( + ngtcp2_conn* connection, + size_t keylen, + size_t ivlen, + const SessionKey& key, + const SessionIV& iv, + const SessionKey& hp) { + CHECK_EQ( + ngtcp2_conn_install_early_keys( + connection, + key.data(), + keylen, + iv.data(), + ivlen, + hp.data(), + keylen), 0); +} + +void InstallHandshakeRXKeys( + ngtcp2_conn* connection, + size_t keylen, + size_t ivlen, + const SessionKey& key, + const SessionIV& iv, + const SessionKey& hp) { + CHECK_EQ( + ngtcp2_conn_install_handshake_rx_keys( + connection, + key.data(), + keylen, + iv.data(), + ivlen, + hp.data(), + keylen), 0); +} + +void InstallHandshakeTXKeys( + ngtcp2_conn* connection, + size_t keylen, + size_t ivlen, + const SessionKey& key, + const SessionIV& iv, + const SessionKey& hp) { + CHECK_EQ( + ngtcp2_conn_install_handshake_tx_keys( + connection, + key.data(), + keylen, + iv.data(), + ivlen, + hp.data(), + keylen), 0); +} + +void InstallRXKeys( + ngtcp2_conn* connection, + size_t keylen, + size_t ivlen, + const SessionKey& key, + const SessionIV& iv, + const SessionKey& hp) { + CHECK_EQ( + ngtcp2_conn_install_rx_keys( + connection, + key.data(), + keylen, + iv.data(), + ivlen, + hp.data(), + keylen), 0); +} + +void InstallTXKeys( + ngtcp2_conn* connection, + size_t keylen, + size_t ivlen, + const SessionKey& key, + const SessionIV& iv, + const SessionKey& hp) { + CHECK_EQ( + ngtcp2_conn_install_tx_keys( + connection, + key.data(), + keylen, + iv.data(), + ivlen, + hp.data(), + keylen), 0); +} + +// MessageCB provides a hook into the TLS handshake dataflow. Currently, it +// is used to capture TLS alert codes (errors) and to collect the TLS handshake +// data that is to be sent. +void MessageCB( + int write_p, + int version, + int content_type, + const void* buf, + size_t len, + SSL* ssl, + void* arg) { + if (!write_p) + return; + + QuicSession* session = static_cast(arg); + + switch (content_type) { + case SSL3_RT_HANDSHAKE: { + session->WriteHandshake(reinterpret_cast(buf), len); + break; + } + case SSL3_RT_ALERT: { + const uint8_t* msg = reinterpret_cast(buf); + CHECK_EQ(len, 2); + if (msg[0] == 2) + session->SetTLSAlert(msg[1]); + break; + } + } +} + +void LogSecret( + SSL* ssl, + int name, + const unsigned char* secret, + size_t secretlen) { + if (auto keylog_cb = SSL_CTX_get_keylog_callback(SSL_get_SSL_CTX(ssl))) { + unsigned char crandom[32]; + if (SSL_get_client_random(ssl, crandom, 32) != 32) + return; + std::string line; + switch (name) { + case SSL_KEY_CLIENT_EARLY_TRAFFIC: + line = "QUIC_CLIENT_EARLY_TRAFFIC_SECRET"; + break; + case SSL_KEY_CLIENT_HANDSHAKE_TRAFFIC: + line = "QUIC_CLIENT_HANDSHAKE_TRAFFIC_SECRET"; + break; + case SSL_KEY_CLIENT_APPLICATION_TRAFFIC: + line = "QUIC_CLIENT_TRAFFIC_SECRET_0"; + break; + case SSL_KEY_SERVER_HANDSHAKE_TRAFFIC: + line = "QUIC_SERVER_HANDSHAKE_TRAFFIC_SECRET"; + break; + case SSL_KEY_SERVER_APPLICATION_TRAFFIC: + line = "QUIC_SERVER_TRAFFIC_SECRET_0"; + break; + default: + return; + } + + line += " " + StringBytes::hex_encode( + reinterpret_cast(crandom), 32); + line += " " + StringBytes::hex_encode( + reinterpret_cast(secret), secretlen); + keylog_cb(ssl, line.c_str()); + } +} + +int CertCB(SSL* ssl, void* arg) { + QuicSession* session = static_cast(arg); + return session->OnCert(); +} + +// KeyCB provides a hook into the keying process of the TLS handshake, +// triggering registration of the keys associated with the TLS session. +int KeyCB( + SSL* ssl, + int name, + const unsigned char* secret, + size_t secretlen, + void* arg) { + QuicSession* session = static_cast(arg); + + // Output the secret to the keylog + LogSecret(ssl, name, secret, secretlen); + + return session->OnKey(name, secret, secretlen) ? 1 : 0; +} + +int ClearTLS(SSL* ssl, bool continue_on_error) { + std::array buf; + size_t nread; + for (;;) { + int err = SSL_read_ex(ssl, buf.data(), buf.size(), &nread); + if (err == 1) { + if (continue_on_error) + continue; + return NGTCP2_ERR_PROTO; + } + int code = SSL_get_error(ssl, 0); + switch (code) { + case SSL_ERROR_WANT_READ: + case SSL_ERROR_WANT_WRITE: + case SSL_ERROR_WANT_CLIENT_HELLO_CB: + case SSL_ERROR_WANT_X509_LOOKUP: + return 0; + case SSL_ERROR_SSL: + case SSL_ERROR_ZERO_RETURN: + return NGTCP2_ERR_CRYPTO; + default: + return NGTCP2_ERR_CRYPTO; + } + } + return 0; +} + +int DoTLSHandshake(SSL* ssl) { + int err = SSL_do_handshake(ssl); + if (err <= 0) { + err = SSL_get_error(ssl, err); + switch (err) { + case SSL_ERROR_WANT_READ: + case SSL_ERROR_WANT_WRITE: + // For the next two, the handshake has been suspended but + // the data was otherwise successfully read, so return 0 + // here but the handshake won't continue until we trigger + // things on our side. + case SSL_ERROR_WANT_CLIENT_HELLO_CB: + case SSL_ERROR_WANT_X509_LOOKUP: + return 0; + case SSL_ERROR_SSL: + return NGTCP2_ERR_CRYPTO; + default: + return NGTCP2_ERR_CRYPTO; + } + } + return err; +} + +int DoTLSReadEarlyData(SSL* ssl) { + std::array buf; + size_t nread; + int err = SSL_read_early_data(ssl, buf.data(), buf.size(), &nread); + switch (err) { + case SSL_READ_EARLY_DATA_ERROR: { + int code = SSL_get_error(ssl, err); + switch (code) { + case SSL_ERROR_WANT_READ: + case SSL_ERROR_WANT_WRITE: + // For the next two, the handshake has been suspended but + // the data was otherwise successfully read, so return 0 + // here but the handshake won't continue until we trigger + // things on our side. + case SSL_ERROR_WANT_CLIENT_HELLO_CB: + case SSL_ERROR_WANT_X509_LOOKUP: + return 0; + case SSL_ERROR_SSL: + return NGTCP2_ERR_CRYPTO; + default: + return NGTCP2_ERR_CRYPTO; + } + break; + } + case SSL_READ_EARLY_DATA_SUCCESS: + if (nread > 0) + return NGTCP2_ERR_PROTO; + break; + case SSL_READ_EARLY_DATA_FINISH: + break; + } + return 0; +} + +Local GetClientHelloCiphers( + Environment* env, + SSL* ssl) { + const unsigned char* buf; + size_t len = SSL_client_hello_get0_ciphers(ssl, &buf); + std::vector> ciphers_array; + for (size_t n = 0; n < len; n += 2) { + const SSL_CIPHER* cipher = SSL_CIPHER_find(ssl, buf); + buf += 2; + const char* cipher_name = SSL_CIPHER_get_name(cipher); + const char* cipher_version = SSL_CIPHER_get_version(cipher); + Local obj = Object::New(env->isolate()); + USE(obj->Set( + env->context(), + env->name_string(), + OneByteString(env->isolate(), cipher_name))); + USE(obj->Set( + env->context(), + env->version_string(), + OneByteString(env->isolate(), cipher_version))); + ciphers_array.push_back(obj); + } + return Array::New(env->isolate(), ciphers_array.data(), ciphers_array.size()); +} + +const char* GetClientHelloServerName(SSL* ssl) { + const unsigned char* buf; + size_t len; + size_t rem; + + if (!SSL_client_hello_get0_ext(ssl, TLSEXT_TYPE_server_name, &buf, &rem) || + rem <= 2) + return nullptr; + + len = *(buf++) << 8; + len += *(buf++); + if (len + 2 != rem) + return nullptr; + rem = len; + + if (rem == 0 || *buf++ != TLSEXT_NAMETYPE_host_name) + return nullptr; + rem--; + if (rem <= 2) + return nullptr; + len = *(buf++) << 8; + len += *(buf++); + if (len + 2 > rem) + return nullptr; + rem = len; + return reinterpret_cast(buf); +} + +const char* GetClientHelloALPN(SSL* ssl) { + const unsigned char* buf; + size_t len; + size_t rem; + + if (!SSL_client_hello_get0_ext( + ssl, + TLSEXT_TYPE_application_layer_protocol_negotiation, + &buf, &rem) || rem < 2) { + return nullptr; + } + + len = (buf[0] << 8) | buf[1]; + if (len + 2 != rem) + return nullptr; + buf += 3; + return reinterpret_cast(buf); +} + +int UseSNIContext(SSL* ssl, crypto::SecureContext* context) { + SSL_CTX* ctx = context->ctx_.get(); + X509* x509 = SSL_CTX_get0_certificate(ctx); + EVP_PKEY* pkey = SSL_CTX_get0_privatekey(ctx); + STACK_OF(X509)* chain; + + int err = SSL_CTX_get0_chain_certs(ctx, &chain); + if (err) + err = SSL_use_certificate(ssl, x509); + if (err) + err = SSL_use_PrivateKey(ssl, pkey); + if (err && chain != nullptr) + err = SSL_set1_chain(ssl, chain); + return err; +} + +int Client_Hello_CB( + SSL* ssl, + int* tls_alert, + void* arg) { + QuicSession* session = static_cast(SSL_get_app_data(ssl)); + int ret = session->OnClientHello(); + switch (ret) { + case 0: + return 1; + case -1: + return -1; + default: + *tls_alert = ret; + return 0; + } +} + +int ALPN_Select_Proto_CB( + SSL* ssl, + const unsigned char** out, + unsigned char* outlen, + const unsigned char* in, + unsigned int inlen, + void* arg) { + QuicSession* session = static_cast(SSL_get_app_data(ssl)); + const uint8_t* alpn; + size_t alpnlen; + uint32_t version = session->GetNegotiatedVersion(); + + switch (version) { + case NGTCP2_PROTO_VER: + alpn = reinterpret_cast(session->GetALPN().c_str()); + alpnlen = session->GetALPN().length(); + break; + default: + // Unexpected QUIC protocol version + return SSL_TLSEXT_ERR_NOACK; + } + + for (auto p = in, end = in + inlen; p + alpnlen < end; p += *p + 1) { + if (std::equal(alpn, alpn + alpnlen, p)) { + *out = p + 1; + *outlen = *p; + return SSL_TLSEXT_ERR_OK; + } + } + + *out = alpn + 1; + *outlen = alpn[0]; + + return SSL_TLSEXT_ERR_OK; +} + +int Client_Transport_Params_Add_CB( + SSL* ssl, + unsigned int ext_type, + unsigned int context, + const unsigned char** out, + size_t* outlen, + X509* x, + size_t chainidx, + int* al, + void* add_arg) { + QuicSession* session = static_cast(SSL_get_app_data(ssl)); + + ngtcp2_transport_params params; + session->GetLocalTransportParams(¶ms); + + constexpr size_t bufsize = 64; + auto buf = std::make_unique(bufsize); + + auto nwrite = ngtcp2_encode_transport_params( + buf.get(), bufsize, + NGTCP2_TRANSPORT_PARAMS_TYPE_CLIENT_HELLO, + ¶ms); + if (nwrite < 0) { + // Error encoding transport params + *al = SSL_AD_INTERNAL_ERROR; + return -1; + } + + *out = buf.release(); + *outlen = static_cast(nwrite); + + return 1; +} + +int TLS_Status_Callback(SSL* ssl, void* arg) { + QuicSession* session = static_cast(SSL_get_app_data(ssl)); + return session->OnTLSStatus(); +} + +int Server_Transport_Params_Add_CB( + SSL* ssl, + unsigned int ext_type, + unsigned int context, + const unsigned char** out, + size_t* outlen, + X509* x, + size_t chainidx, + int* al, + void* add_arg) { + QuicSession* session = static_cast(SSL_get_app_data(ssl)); + + ngtcp2_transport_params params; + session->GetLocalTransportParams(¶ms); + + constexpr size_t bufsize = 512; + + auto buf = std::make_unique(bufsize); + + ssize_t nwrite = ngtcp2_encode_transport_params( + buf.get(), bufsize, + NGTCP2_TRANSPORT_PARAMS_TYPE_ENCRYPTED_EXTENSIONS, + ¶ms); + if (nwrite < 0) { + // Error encoding transport params + *al = SSL_AD_INTERNAL_ERROR; + return -1; + } + + *out = buf.release(); + *outlen = static_cast(nwrite); + + return 1; +} + +void Transport_Params_Free_CB( + SSL* ssl, + unsigned int ext_type, + unsigned int context, + const unsigned char* out, + void* add_arg) { + delete[] reinterpret_cast(out); +} + +int Client_Transport_Params_Parse_CB( + SSL* ssl, + unsigned int ext_type, + unsigned int context, + const unsigned char* in, + size_t inlen, + X509* x, + size_t chainidx, + int* al, + void* parse_arg) { + QuicSession* session = static_cast(SSL_get_app_data(ssl)); + + ngtcp2_transport_params params; + + if (ngtcp2_decode_transport_params( + ¶ms, + NGTCP2_TRANSPORT_PARAMS_TYPE_ENCRYPTED_EXTENSIONS, + in, inlen) != 0) { + *al = SSL_AD_ILLEGAL_PARAMETER; + return -1; + } + + if (session->SetRemoteTransportParams(¶ms) != 0) { + *al = SSL_AD_ILLEGAL_PARAMETER; + return -1; + } + + return 1; +} + +int Server_Transport_Params_Parse_CB( + SSL* ssl, + unsigned int ext_type, + unsigned int context, + const unsigned char* in, + size_t inlen, + X509* x, + size_t chainidx, + int* al, + void* parse_arg) { + if (context != SSL_EXT_CLIENT_HELLO) { + *al = SSL_AD_ILLEGAL_PARAMETER; + return -1; + } + + QuicSession* session = static_cast(SSL_get_app_data(ssl)); + + ngtcp2_transport_params params; + + if (ngtcp2_decode_transport_params( + ¶ms, + NGTCP2_TRANSPORT_PARAMS_TYPE_CLIENT_HELLO, + in, inlen) != 0) { + // Error decoding transport params + *al = SSL_AD_ILLEGAL_PARAMETER; + return -1; + } + + if (session->SetRemoteTransportParams(¶ms) != 0) { + *al = SSL_AD_ILLEGAL_PARAMETER; + return -1; + } + + return 1; +} + +bool GenerateRetryToken( + uint8_t* token, + size_t* tokenlen, + const sockaddr* addr, + const ngtcp2_cid* ocid, + std::array* token_secret) { + std::array plaintext; + + CryptoContext ctx; + SetupInitialCryptoContext(&ctx); + + const size_t addrlen = SocketAddress::GetAddressLen(addr); + size_t keylen = aead_key_length(&ctx); + size_t ivlen = packet_protection_ivlen(&ctx); + + uint64_t now = uv_hrtime(); + + auto p = std::begin(plaintext); + p = std::copy_n(reinterpret_cast(addr), addrlen, p); + p = std::copy_n(reinterpret_cast(&now), sizeof(now), p); + p = std::copy_n(ocid->data, ocid->datalen, p); + + std::array rand_data; + TokenKey token_key; + TokenIV token_iv; + + if (!GenerateRandData(rand_data.data(), TOKEN_RAND_DATALEN)) + return false; + + if (!DeriveTokenKey( + token_key.data(), + token_iv.data(), + rand_data.data(), + TOKEN_RAND_DATALEN, + &ctx, + token_secret)) { + return false; + } + + ssize_t n = + Encrypt( + token, *tokenlen, + plaintext.data(), std::distance(std::begin(plaintext), p), + &ctx, + token_key.data(), + keylen, + token_iv.data(), + ivlen, + reinterpret_cast(addr), addrlen); + + if (n < 0) + return false; + + memcpy(token + n, rand_data.data(), rand_data.size()); + *tokenlen = n + rand_data.size(); + return true; +} + +bool InvalidRetryToken( + Environment* env, + ngtcp2_cid* ocid, + const ngtcp2_pkt_hd* hd, + const sockaddr* addr, + std::array* token_secret, + uint64_t verification_expiration) { + + CryptoContext ctx; + SetupInitialCryptoContext(&ctx); + + size_t keylen = aead_key_length(&ctx); + size_t ivlen = packet_protection_ivlen(&ctx); + const size_t addrlen = SocketAddress::GetAddressLen(addr); + + if (hd->tokenlen < TOKEN_RAND_DATALEN) + return true; + + uint8_t* rand_data = hd->token + hd->tokenlen - TOKEN_RAND_DATALEN; + uint8_t* ciphertext = hd->token; + size_t ciphertextlen = hd->tokenlen - TOKEN_RAND_DATALEN; + + TokenKey token_key; + TokenIV token_iv; + + if (!DeriveTokenKey( + token_key.data(), + token_iv.data(), + rand_data, + TOKEN_RAND_DATALEN, + &ctx, + token_secret)) { + return true; + } + + std::array plaintext; + + ssize_t n = + Decrypt( + plaintext.data(), plaintext.size(), + ciphertext, ciphertextlen, + &ctx, + token_key.data(), + keylen, + token_iv.data(), + ivlen, + reinterpret_cast(addr), addrlen); + + // Will also cover case where n is negative + if (static_cast(n) < addrlen + sizeof(uint64_t)) + return true; + + ssize_t cil = static_cast(n) - addrlen - sizeof(uint64_t); + if (cil != 0 && (cil < NGTCP2_MIN_CIDLEN || cil > NGTCP2_MAX_CIDLEN)) + return true; + + if (memcmp(plaintext.data(), addr, addrlen) != 0) + return true; + + + uint64_t t; + memcpy(&t, plaintext.data() + addrlen, sizeof(uint64_t)); + + uint64_t now = uv_hrtime(); + + // 10-second window by default, but configurable for each + // QuicSocket instance with a MIN_RETRYTOKEN_EXPIRATION second + // minimum and a MAX_RETRYTOKEN_EXPIRATION second maximum. + if (t + verification_expiration * NGTCP2_SECONDS < now) + return true; + + ngtcp2_cid_init(ocid, plaintext.data() + addrlen + sizeof(uint64_t), cil); + + return false; +} + +int VerifyPeerCertificate(SSL* ssl) { + int err = X509_V_ERR_UNSPECIFIED; + if (X509* peer_cert = SSL_get_peer_certificate(ssl)) { + X509_free(peer_cert); + err = SSL_get_verify_result(ssl); + } + return err; +} + +std::string GetCertificateCN(X509* cert) { + X509_NAME* subject = X509_get_subject_name(cert); + if (subject != nullptr) { + int nid = OBJ_txt2nid("CN"); + int idx = X509_NAME_get_index_by_NID(subject, nid, -1); + if (idx != -1) { + X509_NAME_ENTRY* cn = X509_NAME_get_entry(subject, idx); + if (cn != nullptr) { + ASN1_STRING* cn_str = X509_NAME_ENTRY_get_data(cn); + if (cn_str != nullptr) { + return std::string(reinterpret_cast( + ASN1_STRING_get0_data(cn_str))); + } + } + } + } + return std::string(); +} + +std::unordered_multimap GetCertificateAltNames( + X509* cert) { + std::unordered_multimap map; + crypto::BIOPointer bio(BIO_new(BIO_s_mem())); + BUF_MEM* mem; + int idx = X509_get_ext_by_NID(cert, NID_subject_alt_name, -1); + if (idx < 0) // There is no subject alt name + return map; + + X509_EXTENSION* ext = X509_get_ext(cert, idx); + CHECK_NOT_NULL(ext); + const X509V3_EXT_METHOD* method = X509V3_EXT_get(ext); + CHECK_EQ(method, X509V3_EXT_get_nid(NID_subject_alt_name)); + + GENERAL_NAMES* names = static_cast(X509V3_EXT_d2i(ext)); + if (names == nullptr) // There are no names + return map; + + for (int i = 0; i < sk_GENERAL_NAME_num(names); i++) { + USE(BIO_reset(bio.get())); + GENERAL_NAME* gen = sk_GENERAL_NAME_value(names, i); + if (gen->type == GEN_DNS) { + ASN1_IA5STRING* name = gen->d.dNSName; + BIO_write(bio.get(), name->data, name->length); + BIO_get_mem_ptr(bio.get(), &mem); + map.emplace("dns", std::string(mem->data, mem->length)); + } else { + STACK_OF(CONF_VALUE)* nval = i2v_GENERAL_NAME( + const_cast(method), gen, nullptr); + if (nval == nullptr) + continue; + X509V3_EXT_val_prn(bio.get(), nval, 0, 0); + sk_CONF_VALUE_pop_free(nval, X509V3_conf_free); + BIO_get_mem_ptr(bio.get(), &mem); + std::string value(mem->data, mem->length); + if (value.compare(0, 11, "IP Address:") == 0) { + map.emplace("ip", value.substr(11)); + } else if (value.compare(0, 4, "URI:") == 0) { + url::URL url(value.substr(4)); + if (url.flags() & url::URL_FLAGS_CANNOT_BE_BASE || + url.flags() & url::URL_FLAGS_FAILED) { + continue; // Skip this one + } + map.emplace("uri", url.host()); + } + } + } + sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free); + bio.reset(); + return map; +} + +bool SplitHostname( + const char* hostname, + std::vector* parts, + const char delim) { + static std::string check_str = + "\x21\x22\x23\x24\x25\x26\x27\x28\x29\x2A\x2B\x2C\x2D\x2E\x2F\x30" + "\x31\x32\x33\x34\x35\x36\x37\x38\x39\x3A\x3B\x3C\x3D\x3E\x3F\x40" + "\x41\x42\x43\x44\x45\x46\x47\x48\x49\x4A\x4B\x4C\x4D\x4E\x4F\x50" + "\x51\x52\x53\x54\x55\x56\x57\x58\x59\x5A\x5B\x5C\x5D\x5E\x5F\x60" + "\x61\x62\x63\x64\x65\x66\x67\x68\x69\x6A\x6B\x6C\x6D\x6E\x6F\x70" + "\x71\x72\x73\x74\x75\x76\x77\x78\x79\x7A\x7B\x7C\x7D\x7E\x7F"; + + std::stringstream str(hostname); + std::string part; + while (getline(str, part, delim)) { + // if (part.length() == 0 || + // part.find_first_not_of(check_str) != std::string::npos) { + // return false; + // } + for (size_t n = 0; n < part.length(); n++) { + if (part[n] >= 'A' && part[n] <= 'Z') + part[n] = (part[n] | 0x20); // Lower case the letter + if (check_str.find(part[n]) == std::string::npos) + return false; + } + parts->push_back(part); + } + return true; +} + + +bool CheckCertNames( + const std::vector& host_parts, + const std::string& name, + bool use_wildcard) { + + if (name.length() == 0) + return false; + + std::vector name_parts; + if (!SplitHostname(name.c_str(), &name_parts)) + return false; + + if (name_parts.size() != host_parts.size()) + return false; + + for (size_t n = host_parts.size() - 1; n > 0; --n) { + if (host_parts[n] != name_parts[n]) + return false; + } + + if (name_parts[0].find("*") == std::string::npos || + name_parts[0].find("xn--") != std::string::npos) { + return host_parts[0] == name_parts[0]; + } + + if (!use_wildcard) + return false; + + std::vector sub_parts; + SplitHostname(name_parts[0].c_str(), &sub_parts, '*'); + + if (sub_parts.size() > 2) + return false; + + if (name_parts.size() <= 2) + return false; + + std::string prefix; + std::string suffix; + if (sub_parts.size() == 2) { + prefix = sub_parts[0]; + suffix = sub_parts[1]; + } else { + prefix = ""; + suffix = sub_parts[0]; + } + + if (prefix.length() + suffix.length() > host_parts[0].length()) + return false; + + if (host_parts[0].compare(0, prefix.length(), prefix)) + return false; + + if (host_parts[0].compare( + host_parts[0].length() - suffix.length(), + suffix.length(), suffix)) { + return false; + } + + return true; +} + +int VerifyHostnameIdentity( + const char* hostname, + const std::string& cert_cn, + const std::unordered_multimap& altnames) { + + int err = X509_V_ERR_HOSTNAME_MISMATCH; + + // 1. If the hostname is an IP address (v4 or v6), the certificate is valid + // if and only if there is an 'IP Address:' alt name specifying the same + // IP address. The IP address must be canonicalized to ensure a proper + // check. It's possible that the X509_check_ip_asc covers this. If so, + // we can remove this check. + + if (SocketAddress::numeric_host(hostname)) { + auto ips = altnames.equal_range("ip"); + for (auto ip = ips.first; ip != ips.second; ++ip) { + if (ip->second.compare(hostname) == 0) { + // Success! + return 0; + } + } + // No match, and since the hostname is an IP address, skip any + // further checks + return err; + } + + auto dns_names = altnames.equal_range("dns"); + auto uri_names = altnames.equal_range("uri"); + + size_t dns_count = std::distance(dns_names.first, dns_names.second); + size_t uri_count = std::distance(uri_names.first, uri_names.second); + + std::vector host_parts; + SplitHostname(hostname, &host_parts); + + // 2. If there no 'DNS:' or 'URI:' Alt names, if the certificate has a + // Subject, then we need to extract the CN field from the Subject. and + // check that the hostname matches the CN, taking into consideration + // the possibility of a wildcard in the CN. If there is a match, congrats, + // we have a valid certificate. Return and be happy. + + if (dns_count == 0 && uri_count == 0) { + if (cert_cn.length() > 0 && CheckCertNames(host_parts, cert_cn)) + return 0; + // No match, and since there are no dns or uri entries, return + return err; + } + + // 3. If, however, there are 'DNS:' and 'URI:' Alt names, things become more + // complicated. Essentially, we need to iterate through each 'DNS:' and + // 'URI:' Alt name to find one that matches. The 'DNS:' Alt names are + // relatively simple but may include wildcards. The 'URI:' Alt names + // require the name to be parsed as a URL, then extract the hostname from + // the URL, which is then checked against the hostname. If you find a + // match, yay! Return and be happy. (Note, it's possible that the 'DNS:' + // check in this step is redundant to the X509_check_host check. If so, + // we can simplify by removing those checks here.) + + // First, let's check dns names + for (auto name = dns_names.first; name != dns_names.second; ++name) { + if (name->first.length() > 0 && + CheckCertNames(host_parts, name->second)) { + return 0; + } + } + + // Then, check uri names + for (auto name = uri_names.first; name != uri_names.second; ++name) { + if (name->first.length() > 0 && + CheckCertNames(host_parts, name->second, false)) { + return 0; + } + } + + // 4. Failing all of the previous checks, we assume the certificate is + // invalid for an unspecified reason. + return err; +} + +int VerifyHostnameIdentity(SSL* ssl, const char* hostname) { + int err = X509_V_ERR_HOSTNAME_MISMATCH; + crypto::X509Pointer cert(SSL_get_peer_certificate(ssl)); + if (!cert) + return err; + + // There are several pieces of information we need from the cert at this point + // 1. The Subject (if it exists) + // 2. The collection of Alt Names (if it exists) + // + // The certificate may have many Alt Names. We only care about the ones that + // are prefixed with 'DNS:', 'URI:', or 'IP Address:'. We might check + // additional ones later but we'll start with these. + // + // Ideally, we'd be able to *just* use OpenSSL's built in name checking for + // this (SSL_set1_host and X509_check_host) but it does not appear to do + // checking on URI or IP Address Alt names, which is unfortunate. We need + // both of those to retain compatibility with the peer identity verification + // Node.js already does elsewhere. At the very least, we'll use + // X509_check_host here first as a first step. If it is successful, awesome, + // there's nothing else for us to do. Return and be happy! + if (X509_check_host( + cert.get(), + hostname, + strlen(hostname), + X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT | + X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS | + X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS, + nullptr) > 0) { + return 0; + } + + if (X509_check_ip_asc( + cert.get(), + hostname, + X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT) > 0) { + return 0; + } + + // If we've made it this far, then we have to perform a more check + return VerifyHostnameIdentity( + hostname, + GetCertificateCN(cert.get()), + GetCertificateAltNames(cert.get())); +} + +const char* X509ErrorCode(int err) { + const char* code = "UNSPECIFIED"; +#define CASE_X509_ERR(CODE) case X509_V_ERR_##CODE: code = #CODE; break; + switch (err) { + CASE_X509_ERR(UNABLE_TO_GET_ISSUER_CERT) + CASE_X509_ERR(UNABLE_TO_GET_CRL) + CASE_X509_ERR(UNABLE_TO_DECRYPT_CERT_SIGNATURE) + CASE_X509_ERR(UNABLE_TO_DECRYPT_CRL_SIGNATURE) + CASE_X509_ERR(UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY) + CASE_X509_ERR(CERT_SIGNATURE_FAILURE) + CASE_X509_ERR(CRL_SIGNATURE_FAILURE) + CASE_X509_ERR(CERT_NOT_YET_VALID) + CASE_X509_ERR(CERT_HAS_EXPIRED) + CASE_X509_ERR(CRL_NOT_YET_VALID) + CASE_X509_ERR(CRL_HAS_EXPIRED) + CASE_X509_ERR(ERROR_IN_CERT_NOT_BEFORE_FIELD) + CASE_X509_ERR(ERROR_IN_CERT_NOT_AFTER_FIELD) + CASE_X509_ERR(ERROR_IN_CRL_LAST_UPDATE_FIELD) + CASE_X509_ERR(ERROR_IN_CRL_NEXT_UPDATE_FIELD) + CASE_X509_ERR(OUT_OF_MEM) + CASE_X509_ERR(DEPTH_ZERO_SELF_SIGNED_CERT) + CASE_X509_ERR(SELF_SIGNED_CERT_IN_CHAIN) + CASE_X509_ERR(UNABLE_TO_GET_ISSUER_CERT_LOCALLY) + CASE_X509_ERR(UNABLE_TO_VERIFY_LEAF_SIGNATURE) + CASE_X509_ERR(CERT_CHAIN_TOO_LONG) + CASE_X509_ERR(CERT_REVOKED) + CASE_X509_ERR(INVALID_CA) + CASE_X509_ERR(PATH_LENGTH_EXCEEDED) + CASE_X509_ERR(INVALID_PURPOSE) + CASE_X509_ERR(CERT_UNTRUSTED) + CASE_X509_ERR(CERT_REJECTED) + CASE_X509_ERR(HOSTNAME_MISMATCH) + } +#undef CASE_X509_ERR + return code; +} + +// Get the SNI hostname requested by the client for the session +Local GetServerName( + Environment* env, + SSL* ssl, + const char* host_name) { + Local servername; + if (host_name != nullptr) { + servername = String::NewFromUtf8( + env->isolate(), + host_name, + v8::NewStringType::kNormal).ToLocalChecked(); + } + return servername; +} + +// Get the ALPN protocol identifier that was negotiated for the session +Local GetALPNProtocol(Environment* env, SSL* ssl) { + Local alpn; + const unsigned char* alpn_buf = nullptr; + unsigned int alpnlen; + + SSL_get0_alpn_selected(ssl, &alpn_buf, &alpnlen); + if (alpnlen == sizeof(NGTCP2_ALPN_H3) - 2 && + memcmp(alpn_buf, NGTCP2_ALPN_H3 + 1, sizeof(NGTCP2_ALPN_H3) - 2) == 0) { + alpn = env->quic_alpn_string(); + } else { + alpn = OneByteString(env->isolate(), alpn_buf, alpnlen); + } + return alpn; +} + +Local GetCipherName(Environment* env, SSL* ssl) { + Local cipher; + const SSL_CIPHER* c = SSL_get_current_cipher(ssl); + if (c != nullptr) { + const char* cipher_name = SSL_CIPHER_get_name(c); + cipher = OneByteString(env->isolate(), cipher_name); + } + return cipher; +} + +Local GetCipherVersion(Environment* env, SSL* ssl) { + Local version; + // Get the cipher and version + const SSL_CIPHER* c = SSL_get_current_cipher(ssl); + if (c != nullptr) { + const char* cipher_version = SSL_CIPHER_get_version(c); + version = OneByteString(env->isolate(), cipher_version); + } + return version; +} + +} // namespace quic +} // namespace node diff --git a/src/node_quic_crypto.h b/src/node_quic_crypto.h new file mode 100644 index 0000000000..8d0b096a6f --- /dev/null +++ b/src/node_quic_crypto.h @@ -0,0 +1,374 @@ +#ifndef SRC_NODE_QUIC_CRYPTO_H_ +#define SRC_NODE_QUIC_CRYPTO_H_ + +#if defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS + +#include "node_crypto.h" +#include "node_quic_util.h" +#include "node_url.h" +#include "v8.h" + +#include +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include + +namespace node { + +using crypto::EntropySource; + +namespace quic { + +// TODO(@jasnell): Remove once we move to ngtcp2_crypto +#define NGTCP2_CRYPTO_INITIAL_SECRETLEN 32 +#define NGTCP2_CRYPTO_INITIAL_KEYLEN 16 +#define NGTCP2_CRYPTO_INITIAL_IVLEN 12 +#define NGTCP2_CRYPTO_SECRETLEN 64 +#define NGTCP2_CRYPTO_KEYLEN 64 +#define NGTCP2_CRYPTO_IVLEN 64 +#define NGTCP2_CRYPTO_TOKEN_SECRETLEN 32 +#define NGTCP2_CRYPTO_TOKEN_KEYLEN 32 +#define NGTCP2_CRYPTO_TOKEN_IVLEN 32 + +using PKeyCtxPointer = DeleteFnPtr; +using CipherCtxPointer = DeleteFnPtr; + +using InitialSecret = std::array; +using InitialKey = std::array; +using InitialIV = std::array; +using SessionSecret = std::array; +using SessionKey = std::array; +using SessionIV = std::array; +using TokenSecret = std::array; +using TokenKey = std::array; +using TokenIV = std::array; + +struct CryptoContext { + const EVP_CIPHER* aead; + const EVP_CIPHER* hp; + const EVP_MD* md; +}; + +// TODO(@jasnell): Remove once we move to ngtcp2_crypto +enum ngtcp2_crypto_side { + /** + * ``NGTCP2_CRYPTO_SIDE_CLIENT`` indicates that the application is + * client. + */ + NGTCP2_CRYPTO_SIDE_CLIENT, + /** + * ``NGTCP2_CRYPTO_SIDE_SERVER`` indicates that the application is + * server. + */ + NGTCP2_CRYPTO_SIDE_SERVER +}; + +BIO_METHOD* CreateBIOMethod(); + +// TODO(@jasnell): Replace with ngtcp2_crypto_aead_keylen once +// we move to ngtcp2_crypto.h +size_t aead_key_length(const CryptoContext* ctx); + +// TODO(@jasnell): Replace with ngtcp2_crypto_packet_protection_ivlen +// once we move to ngtcp2_crypto.h +size_t packet_protection_ivlen(const CryptoContext* ctx); + +// TODO(@jasnell): Replace with ngtcp2_crypto_aead_taglen once +// we move to ngtcp2_crypto.h +size_t aead_tag_length(const CryptoContext* ctx); + +// TODO(@jasnell): Replace with ngtcp2_crypto_ctx_initial once +// we move to ngtcp2_crypto.h +void SetupInitialCryptoContext(CryptoContext* context); + +// TODO(@jasnell): Replace with ngtcp2_crypto_ctx_tls once +// we move to ngtcp2_crypto +void SetupCryptoContext(CryptoContext* ctx, SSL* ssl); + +// TODO(@jasnell): Replace with ngtcp2_crypto_encrypt once +// we move to ngtcp2_crypto +ssize_t Encrypt( + uint8_t* dest, + size_t destlen, + const uint8_t* plaintext, + size_t plaintextlen, + const CryptoContext* ctx, + const uint8_t* key, + size_t keylen, + const uint8_t* nonce, + size_t noncelen, + const uint8_t* ad, + size_t adlen); + +// TODO(@jasnell): Replace with ngtcp2_crypto_decrypt once +// we move to ngtcp2_crypto +ssize_t Decrypt( + uint8_t* dest, + size_t destlen, + const uint8_t* ciphertext, + size_t ciphertextlen, + const CryptoContext* ctx, + const uint8_t* key, + size_t keylen, + const uint8_t* nonce, + size_t noncelen, + const uint8_t* ad, + size_t adlen); + +// TODO(@jasnell): Replace with ngtcp2_crypto_hp_mask once +// we move to ngtcp2_crypto +ssize_t HP_Mask( + uint8_t* dest, + size_t destlen, + const CryptoContext* ctx, + const uint8_t* key, + size_t keylen, + const uint8_t* sample, + size_t samplelen); + + +// TODO(@jasnell): Remove once we move to ngtcp2_crypto +bool DerivePacketProtectionKey( + uint8_t* key, + uint8_t* iv, + uint8_t* hp_key, + const CryptoContext* ctx, + const uint8_t* secret, + size_t secretlen); + +// TODO(@jasnell): Replace with ngtcp2_crypto_derive_and_install_initial_key +// once we move to ngtcp2_crypto +bool DeriveAndInstallInitialKey( + ngtcp2_conn* conn, + const ngtcp2_cid* dcid, + ngtcp2_crypto_side side); + +// TODO(@jasnell): Replace with ngtcp2_crypto_update_and_install_key +// once we move to ngtcp2_crypto +bool UpdateAndInstallKey( + ngtcp2_conn* conn, + std::vector* current_rx_secret, + std::vector* current_tx_secret, + size_t secretlen, + const CryptoContext* ctx); + +void ClearTLSError(); + +// TODO(@jasnell): Remove once we move to ngtcp2_crypto +void InstallEarlyKeys( + ngtcp2_conn* connection, + size_t keylen, + size_t ivlen, + const SessionKey& key, + const SessionIV& iv, + const SessionKey& hp); + +// TODO(@jasnell): Remove once we move to ngtcp2_crypto +void InstallHandshakeRXKeys( + ngtcp2_conn* connection, + size_t keylen, + size_t ivlen, + const SessionKey& key, + const SessionIV& iv, + const SessionKey& hp); + +// TODO(@jasnell): Remove once we move to ngtcp2_crypto +void InstallHandshakeTXKeys( + ngtcp2_conn* connection, + size_t keylen, + size_t ivlen, + const SessionKey& key, + const SessionIV& iv, + const SessionKey& hp); + +// TODO(@jasnell): Remove once we move to ngtcp2_crypto +void InstallRXKeys( + ngtcp2_conn* connection, + size_t keylen, + size_t ivlen, + const SessionKey& key, + const SessionIV& iv, + const SessionKey& hp); + +// TODO(@jasnell): Remove once we move to ngtcp2_crypto +void InstallTXKeys( + ngtcp2_conn* connection, + size_t keylen, + size_t ivlen, + const SessionKey& key, + const SessionIV& iv, + const SessionKey& hp); + +// MessageCB provides a hook into the TLS handshake dataflow. Currently, it +// is used to capture TLS alert codes (errors) and to collect the TLS handshake +// data that is to be sent. +void MessageCB( + int write_p, + int version, + int content_type, + const void* buf, + size_t len, + SSL* ssl, + void* arg); + +int CertCB(SSL* ssl, void* arg); + +// KeyCB provides a hook into the keying process of the TLS handshake, +// triggering registration of the keys associated with the TLS session. +int KeyCB( + SSL* ssl, + int name, + const unsigned char* secret, + size_t secretlen, + void* arg); + +int ClearTLS(SSL* ssl, bool continue_on_error = false); + +int DoTLSHandshake(SSL* ssl); + +int DoTLSReadEarlyData(SSL* ssl); + +v8::Local GetClientHelloCiphers( + Environment* env, + SSL* ssl); + +const char* GetClientHelloServerName(SSL* ssl); + +const char* GetClientHelloALPN(SSL* ssl); + +int UseSNIContext(SSL* ssl, crypto::SecureContext* context); + +int Client_Hello_CB( + SSL* ssl, + int* tls_alert, + void* arg); + +int ALPN_Select_Proto_CB( + SSL* ssl, + const unsigned char** out, + unsigned char* outlen, + const unsigned char* in, + unsigned int inlen, + void* arg); + +int Client_Transport_Params_Add_CB( + SSL* ssl, + unsigned int ext_type, + unsigned int context, + const unsigned char** out, + size_t* outlen, + X509* x, + size_t chainidx, + int* al, + void* add_arg); + +int TLS_Status_Callback(SSL* ssl, void* arg); + +int Server_Transport_Params_Add_CB( + SSL* ssl, + unsigned int ext_type, + unsigned int context, + const unsigned char** out, + size_t* outlen, + X509* x, + size_t chainidx, + int* al, + void* add_arg); + +void Transport_Params_Free_CB( + SSL* ssl, + unsigned int ext_type, + unsigned int context, + const unsigned char* out, + void* add_arg); + +int Client_Transport_Params_Parse_CB( + SSL* ssl, + unsigned int ext_type, + unsigned int context, + const unsigned char* in, + size_t inlen, + X509* x, + size_t chainidx, + int* al, + void* parse_arg); + +int Server_Transport_Params_Parse_CB( + SSL* ssl, + unsigned int ext_type, + unsigned int context, + const unsigned char* in, + size_t inlen, + X509* x, + size_t chainidx, + int* al, + void* parse_arg); + +bool GenerateRetryToken( + uint8_t* token, + size_t* tokenlen, + const sockaddr* addr, + const ngtcp2_cid* ocid, + std::array* token_secret); + +bool InvalidRetryToken( + Environment* env, + ngtcp2_cid* ocid, + const ngtcp2_pkt_hd* hd, + const sockaddr* addr, + std::array* token_secret, + uint64_t verification_expiration); + +int VerifyPeerCertificate(SSL* ssl); + +std::string GetCertificateCN(X509* cert); + +std::unordered_multimap GetCertificateAltNames( + X509* cert); + +bool SplitHostname( + const char* hostname, + std::vector* parts, + const char delim = '.'); + + +bool CheckCertNames( + const std::vector& host_parts, + const std::string& name, + bool use_wildcard = true); + +int VerifyHostnameIdentity( + const char* hostname, + const std::string& cert_cn, + const std::unordered_multimap& altnames); + +int VerifyHostnameIdentity(SSL* ssl, const char* hostname); + +const char* X509ErrorCode(int err); + +// Get the SNI hostname requested by the client for the session +v8::Local GetServerName( + Environment* env, + SSL* ssl, + const char* host_name); + +// Get the ALPN protocol identifier that was negotiated for the session +v8::Local GetALPNProtocol(Environment* env, SSL* ssl); + +v8::Local GetCipherName(Environment* env, SSL* ssl); + +v8::Local GetCipherVersion(Environment* env, SSL* ssl); +} // namespace quic +} // namespace node + +#endif // NODE_WANT_INTERNALS +#endif // SRC_NODE_QUIC_CRYPTO_H_ diff --git a/src/node_quic_session-inl.h b/src/node_quic_session-inl.h new file mode 100644 index 0000000000..11f0b89f46 --- /dev/null +++ b/src/node_quic_session-inl.h @@ -0,0 +1,79 @@ +#ifndef SRC_NODE_QUIC_SESSION_INL_H_ +#define SRC_NODE_QUIC_SESSION_INL_H_ + +#if defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS + +#include "node_quic_session.h" +#include "node_quic_socket.h" + +#include + +namespace node { + +namespace quic { + +void QuicSession::CheckAllocatedSize(size_t previous_size) const { + CHECK_GE(current_ngtcp2_memory_, previous_size); +} + +void QuicSession::IncreaseAllocatedSize(size_t size) { + current_ngtcp2_memory_ += size; +} + +void QuicSession::DecreaseAllocatedSize(size_t size) { + current_ngtcp2_memory_ -= size; +} + +void QuicSession::SetTLSAlert(int err) { + SetLastError(InitQuicError(QUIC_ERROR_CRYPTO, err)); +} + +void QuicSession::SetLastError(QuicError error) { + last_error_ = error; +} + +void QuicSession::SetLastError(QuicErrorFamily family, uint64_t code) { + SetLastError({ family, code }); +} + +void QuicSession::SetLastError(QuicErrorFamily family, int code) { + SetLastError(family, ngtcp2_err_infer_quic_transport_error_code(code)); +} + +bool QuicSession::IsInClosingPeriod() { + return ngtcp2_conn_is_in_closing_period(Connection()); +} + +bool QuicSession::IsInDrainingPeriod() { + return ngtcp2_conn_is_in_draining_period(Connection()); +} + +bool QuicSession::HasStream(int64_t id) { + return streams_.find(id) != std::end(streams_); +} + +QuicError QuicSession::GetLastError() const { return last_error_; } + +bool QuicSession::IsGracefullyClosing() const { + return IsFlagSet(QUICSESSION_FLAG_GRACEFUL_CLOSING); +} + +bool QuicSession::IsDestroyed() const { + return IsFlagSet(QUICSESSION_FLAG_DESTROYED); +} + +void QuicSession::StartGracefulClose() { + SetFlag(QUICSESSION_FLAG_GRACEFUL_CLOSING); + session_stats_.closing_at = uv_hrtime(); +} + +QuicSocket* QuicSession::Socket() const { + return socket_.get(); +} + +} // namespace quic +} // namespace node + +#endif // defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS + +#endif // SRC_NODE_QUIC_SESSION_INL_H_ diff --git a/src/node_quic_session.cc b/src/node_quic_session.cc new file mode 100644 index 0000000000..cb23f47d88 --- /dev/null +++ b/src/node_quic_session.cc @@ -0,0 +1,3716 @@ +#include "aliased_buffer.h" +#include "debug_utils.h" +#include "env-inl.h" +#include "ngtcp2/ngtcp2.h" +#include "node.h" +#include "node_buffer.h" +#include "node_crypto.h" +#include "node_internals.h" +#include "node_mem-inl.h" +#include "node_quic_crypto.h" +#include "node_quic_session.h" // NOLINT(build/include_inline) +#include "node_quic_session-inl.h" +#include "node_quic_socket.h" +#include "node_quic_stream.h" +#include "node_quic_state.h" +#include "node_quic_util.h" +#include "v8.h" +#include "uv.h" + +#include + +#include +#include +#include +#include +#include + +namespace node { + +using crypto::EntropySource; +using crypto::SecureContext; + +using v8::Array; +using v8::ArrayBufferView; +using v8::Context; +using v8::Function; +using v8::FunctionCallbackInfo; +using v8::FunctionTemplate; +using v8::HandleScope; +using v8::Integer; +using v8::Local; +using v8::Number; +using v8::Object; +using v8::ObjectTemplate; +using v8::PropertyAttribute; +using v8::String; +using v8::Undefined; +using v8::Value; + +namespace quic { + +// Forwards detailed(verbose) debugging information from ngtcp2. Enabled using +// the NODE_DEBUG_NATIVE=NGTCP2_DEBUG category. +static void Ngtcp2DebugLog(void* user_data, const char* fmt, ...) { + QuicSession* session = static_cast(user_data); + va_list ap; + va_start(ap, fmt); + std::string format(fmt, strlen(fmt) + 1); + format[strlen(fmt)] = '\n'; + Debug(session->env(), DebugCategory::NGTCP2_DEBUG, format, ap); + va_end(ap); +} + +inline void SetConfig(Environment* env, int idx, uint64_t* val) { + AliasedFloat64Array& buffer = env->quic_state()->quicsessionconfig_buffer; + uint64_t flags = static_cast(buffer[IDX_QUIC_SESSION_CONFIG_COUNT]); + if (flags & (1ULL << idx)) + *val = static_cast(buffer[idx]); +} + +void QuicSessionConfig::ResetToDefaults() { + ngtcp2_settings_default(&settings_); + settings_.initial_ts = uv_hrtime(); + settings_.log_printf = Ngtcp2DebugLog; + settings_.active_connection_id_limit = DEFAULT_ACTIVE_CONNECTION_ID_LIMIT; + settings_.max_stream_data_bidi_local = DEFAULT_MAX_STREAM_DATA_BIDI_LOCAL; + settings_.max_stream_data_bidi_remote = DEFAULT_MAX_STREAM_DATA_BIDI_REMOTE; + settings_.max_stream_data_uni = DEFAULT_MAX_STREAM_DATA_UNI; + settings_.max_data = DEFAULT_MAX_DATA; + settings_.max_streams_bidi = DEFAULT_MAX_STREAMS_BIDI; + settings_.max_streams_uni = DEFAULT_MAX_STREAMS_UNI; + settings_.idle_timeout = DEFAULT_IDLE_TIMEOUT; + settings_.max_packet_size = NGTCP2_MAX_PKT_SIZE; + settings_.max_ack_delay = NGTCP2_DEFAULT_MAX_ACK_DELAY; + settings_.disable_migration = 0; + settings_.preferred_address_present = 0; + settings_.stateless_reset_token_present = 0; + max_crypto_buffer_ = DEFAULT_MAX_CRYPTO_BUFFER; +} + +// Sets the QuicSessionConfig using an AliasedBuffer for efficiency. +void QuicSessionConfig::Set(Environment* env, + const sockaddr* preferred_addr) { + ResetToDefaults(); + + SetConfig(env, IDX_QUIC_SESSION_ACTIVE_CONNECTION_ID_LIMIT, + &settings_.active_connection_id_limit); + SetConfig(env, IDX_QUIC_SESSION_MAX_STREAM_DATA_BIDI_LOCAL, + &settings_.max_stream_data_bidi_local); + SetConfig(env, IDX_QUIC_SESSION_MAX_STREAM_DATA_BIDI_REMOTE, + &settings_.max_stream_data_bidi_remote); + SetConfig(env, IDX_QUIC_SESSION_MAX_STREAM_DATA_UNI, + &settings_.max_stream_data_uni); + SetConfig(env, IDX_QUIC_SESSION_MAX_DATA, + &settings_.max_data); + SetConfig(env, IDX_QUIC_SESSION_MAX_STREAMS_BIDI, + &settings_.max_streams_bidi); + SetConfig(env, IDX_QUIC_SESSION_MAX_STREAMS_UNI, + &settings_.max_streams_uni); + SetConfig(env, IDX_QUIC_SESSION_IDLE_TIMEOUT, + &settings_.idle_timeout); + SetConfig(env, IDX_QUIC_SESSION_MAX_PACKET_SIZE, + &settings_.max_packet_size); + SetConfig(env, IDX_QUIC_SESSION_MAX_ACK_DELAY, + &settings_.max_ack_delay); + + SetConfig(env, IDX_QUIC_SESSION_MAX_CRYPTO_BUFFER, + &max_crypto_buffer_); + max_crypto_buffer_ = std::max(max_crypto_buffer_, MIN_MAX_CRYPTO_BUFFER); + + if (preferred_addr != nullptr) { + settings_.preferred_address_present = 1; + switch (preferred_addr->sa_family) { + case AF_INET: { + auto& dest = settings_.preferred_address.ipv4_addr; + memcpy( + &dest, + &(reinterpret_cast(preferred_addr)->sin_addr), + sizeof(dest)); + settings_.preferred_address.ipv4_port = + SocketAddress::GetPort(preferred_addr); + break; + } + case AF_INET6: { + auto& dest = settings_.preferred_address.ipv6_addr; + memcpy( + &dest, + &(reinterpret_cast(preferred_addr)->sin6_addr), + sizeof(dest)); + settings_.preferred_address.ipv6_port = + SocketAddress::GetPort(preferred_addr); + break; + } + default: + UNREACHABLE(); + } + } +} + +void QuicSessionConfig::GenerateStatelessResetToken() { + settings_.stateless_reset_token_present = 1; + EntropySource( + settings_.stateless_reset_token, + arraysize(settings_.stateless_reset_token)); +} + +void QuicSessionConfig::GeneratePreferredAddressToken(ngtcp2_cid* pscid) { + if (!settings_.preferred_address_present) + return; + EntropySource( + settings_.preferred_address.stateless_reset_token, + arraysize(settings_.preferred_address.stateless_reset_token)); + + pscid->datalen = NGTCP2_SV_SCIDLEN; + EntropySource(pscid->data, pscid->datalen); + settings_.preferred_address.cid = *pscid; +} + +// QuicSession is an abstract base class that defines the code used by both +// server and client sessions. +QuicSession::QuicSession( + ngtcp2_crypto_side side, + QuicSocket* socket, + Local wrap, + SecureContext* ctx, + AsyncWrap::ProviderType provider_type, + const std::string& alpn, + uint32_t options, + uint64_t initial_connection_close) + : AsyncWrap(socket->env(), wrap, provider_type), + alloc_info_(MakeAllocator()), + side_(side), + socket_(socket), + alpn_(alpn), + options_(options), + initial_connection_close_(initial_connection_close), + idle_(new Timer(socket->env(), [this]() { OnIdleTimeout(); })), + retransmit_(new Timer(socket->env(), [this]() { MaybeTimeout(); })), + state_(env()->isolate(), IDX_QUIC_SESSION_STATE_COUNT), + crypto_rx_ack_( + HistogramBase::New( + socket->env(), + 1, std::numeric_limits::max())), + crypto_handshake_rate_( + HistogramBase::New( + socket->env(), + 1, std::numeric_limits::max())), + stats_buffer_( + socket->env()->isolate(), + sizeof(session_stats_) / sizeof(uint64_t), + reinterpret_cast(&session_stats_)), + recovery_stats_buffer_( + socket->env()->isolate(), + sizeof(recovery_stats_) / sizeof(double), + reinterpret_cast(&recovery_stats_)) { + ssl_.reset(SSL_new(ctx->ctx_.get())); + SSL_CTX_set_keylog_callback(ctx->ctx_.get(), OnKeylog); + CHECK(ssl_); + + session_stats_.created_at = uv_hrtime(); + + if (wrap->DefineOwnProperty( + env()->context(), + env()->state_string(), + state_.GetJSArray(), + PropertyAttribute::ReadOnly).IsNothing()) return; + + if (wrap->DefineOwnProperty( + env()->context(), + env()->stats_string(), + stats_buffer_.GetJSArray(), + PropertyAttribute::ReadOnly).IsNothing()) return; + + if (wrap->DefineOwnProperty( + env()->context(), + env()->recovery_stats_string(), + recovery_stats_buffer_.GetJSArray(), + PropertyAttribute::ReadOnly).IsNothing()) return; + + if (wrap->DefineOwnProperty( + env()->context(), + FIXED_ONE_BYTE_STRING(env()->isolate(), "crypto_rx_ack"), + crypto_rx_ack_->object(), + PropertyAttribute::ReadOnly).IsNothing()) return; + + if (wrap->DefineOwnProperty( + env()->context(), + FIXED_ONE_BYTE_STRING(env()->isolate(), "crypto_handshake_rate"), + crypto_handshake_rate_->object(), + PropertyAttribute::ReadOnly).IsNothing()) return; + + // TODO(@jasnell): memory accounting + // env_->isolate()->AdjustAmountOfExternalAllocatedMemory(kExternalSize); +} + +QuicSession::~QuicSession() { + CHECK(!Ngtcp2CallbackScope::InNgtcp2CallbackScope(this)); + + uint64_t sendbuf_length = sendbuf_.Cancel(); + uint64_t handshake_length = handshake_.Cancel(); + uint64_t txbuf_length = txbuf_.Cancel(); + + Debug(this, + "Destroyed.\n" + " Duration: %" PRIu64 "\n" + " Handshake Started: %" PRIu64 "\n" + " Handshake Completed: %" PRIu64 "\n" + " Bytes Received: %" PRIu64 "\n" + " Bytes Sent: %" PRIu64 "\n" + " Bidi Stream Count: %" PRIu64 "\n" + " Uni Stream Count: %" PRIu64 "\n" + " Streams In Count: %" PRIu64 "\n" + " Streams Out Count: %" PRIu64 "\n" + " Remaining sendbuf_: %" PRIu64 "\n" + " Remaining handshake_: %" PRIu64 "\n" + " Remaining txbuf_: %" PRIu64 "\n", + uv_hrtime() - session_stats_.created_at, + session_stats_.handshake_start_at, + session_stats_.handshake_completed_at, + session_stats_.bytes_received, + session_stats_.bytes_sent, + session_stats_.bidi_stream_count, + session_stats_.uni_stream_count, + session_stats_.streams_in_count, + session_stats_.streams_out_count, + sendbuf_length, + handshake_length, + txbuf_length); +} + +std::string QuicSession::diagnostic_name() const { + return std::string("QuicSession ") + + (Side() == NGTCP2_CRYPTO_SIDE_SERVER ? "Server" : "Client") + + " (" + std::to_string(static_cast(get_async_id())) + ")"; +} + +// Locate the QuicStream with the given id or return nullptr +QuicStream* QuicSession::FindStream(int64_t id) { + auto it = streams_.find(id); + if (it == std::end(streams_)) + return nullptr; + return it->second.get(); +} + +void QuicSession::AckedCryptoOffset(size_t datalen) { + // It is possible for the QuicSession to have been destroyed but not yet + // deconstructed. In such cases, we want to ignore the callback as there + // is nothing to do but wait for further cleanup to happen. + if (UNLIKELY(IsFlagSet(QUICSESSION_FLAG_DESTROYED))) + return; + Debug(this, "Acknowledging %d crypto bytes", datalen); + + // Consumes (frees) the given number of bytes in the handshake buffer. + handshake_.Consume(datalen); + + // Update the statistics for the handshake, allowing us to track + // how long the handshake is taking to be acknowledged. A malicious + // peer could potentially force the QuicSession to hold on to + // crypto data for a long time by not sending an acknowledgement. + // The histogram will allow us to track the time periods between + // acknowlegements. + uint64_t now = uv_hrtime(); + if (session_stats_.handshake_acked_at > 0) + crypto_rx_ack_->Record(now - session_stats_.handshake_acked_at); + session_stats_.handshake_acked_at = now; +} + +void QuicSession::AckedStreamDataOffset( + int64_t stream_id, + uint64_t offset, + size_t datalen) { + // It is possible for the QuicSession to have been destroyed but not yet + // deconstructed. In such cases, we want to ignore the callback as there + // is nothing to do but wait for further cleanup to happen. + if (UNLIKELY(IsFlagSet(QUICSESSION_FLAG_DESTROYED))) + return; + Debug(this, + "Received acknowledgement for %" PRIu64 + " bytes of stream %" PRId64 " data", + datalen, stream_id); + + QuicStream* stream = FindStream(stream_id); + // It is possible that the QuicStream has already been destroyed and + // removed from the collection. In such cases, we want to ignore the + // callback as there is nothing further to do. + if (LIKELY(stream != nullptr)) + stream->AckedDataOffset(offset, datalen); +} + +// Add the given QuicStream to this QuicSession's collection of streams. All +// streams added must be removed before the QuicSession instance is freed. +void QuicSession::AddStream(BaseObjectPtr stream) { + DCHECK(!IsFlagSet(QUICSESSION_FLAG_GRACEFUL_CLOSING)); + Debug(this, "Adding stream %" PRId64 " to session.", stream->GetID()); + streams_.emplace(stream->GetID(), stream); + + // Update tracking statistics for the number of streams associated with + // this session. + switch (stream->GetOrigin()) { + case QuicStream::QuicStreamOrigin::QUIC_STREAM_CLIENT: + if (Side() == NGTCP2_CRYPTO_SIDE_SERVER) + IncrementStat(1, &session_stats_, &session_stats::streams_in_count); + else + IncrementStat(1, &session_stats_, &session_stats::streams_out_count); + break; + case QuicStream::QuicStreamOrigin::QUIC_STREAM_SERVER: + if (Side() == NGTCP2_CRYPTO_SIDE_SERVER) + IncrementStat(1, &session_stats_, &session_stats::streams_out_count); + else + IncrementStat(1, &session_stats_, &session_stats::streams_in_count); + } + IncrementStat(1, &session_stats_, &session_stats::streams_out_count); + switch (stream->GetDirection()) { + case QuicStream::QuicStreamDirection::QUIC_STREAM_BIRECTIONAL: + IncrementStat(1, &session_stats_, &session_stats::bidi_stream_count); + break; + case QuicStream::QuicStreamDirection::QUIC_STREAM_UNIDIRECTIONAL: + IncrementStat(1, &session_stats_, &session_stats::uni_stream_count); + break; + } +} + +// Every QUIC session will have multiple CIDs associated with it. +void QuicSession::AssociateCID(ngtcp2_cid* cid) { + QuicCID id(cid); + QuicCID scid(scid_); + Socket()->AssociateCID(&id, &scid); +} + +// Like the silent close, the immediate close must start with +// the JavaScript side, first shutting down any existing +// streams before entering the closing period. Unlike silent +// close, however, all streams are closed using proper +// STOP_SENDING and RESET_STREAM frames and a CONNECTION_CLOSE +// frame is ultimately sent to the peer. This makes the +// naming a bit of a misnomer in that the connection is +// not immediately torn down, but is allowed to drain +// properly per the QUIC spec description of "immediate close". +void QuicSession::ImmediateClose() { + // Calling either ImmediateClose or SilentClose will cause + // the QUICSESSION_FLAG_CLOSING to be set. In either case, + // we should never re-enter ImmediateClose or SilentClose. + CHECK(!IsFlagSet(QUICSESSION_FLAG_CLOSING)); + SetFlag(QUICSESSION_FLAG_CLOSING); + + QuicError last_error = GetLastError(); + Debug(this, "Immediate close with code %" PRIu64 " (%s)", + last_error.code, + ErrorFamilyName(last_error.family)); + + HandleScope scope(env()->isolate()); + Context::Scope context_scope(env()->context()); + + Local argv[] = { + Number::New(env()->isolate(), static_cast(last_error.code)), + Integer::New(env()->isolate(), last_error.family) + }; + + // Grab a shared pointer to this to prevent the QuicSession + // from being freed while the MakeCallback is running. + BaseObjectPtr ptr(this); + MakeCallback(env()->quic_on_session_close_function(), arraysize(argv), argv); +} + +// Creates a new stream object and passes it off to the javascript side. +// This has to be called from within a handlescope/contextscope. +QuicStream* QuicSession::CreateStream(int64_t stream_id) { + CHECK(!IsFlagSet(QUICSESSION_FLAG_DESTROYED)); + CHECK(!IsFlagSet(QUICSESSION_FLAG_GRACEFUL_CLOSING)); + CHECK(!IsFlagSet(QUICSESSION_FLAG_CLOSING)); + + BaseObjectPtr stream = QuicStream::New(this, stream_id); + CHECK(stream); + Local argv[] = { + stream->object(), + Number::New(env()->isolate(), static_cast(stream_id)) + }; + + // Grab a shared pointer to this to prevent the QuicSession + // from being freed while the MakeCallback is running. + BaseObjectPtr ptr(this); + MakeCallback(env()->quic_on_stream_ready_function(), arraysize(argv), argv); + return stream.get(); +} + +// Mark the QuicSession instance destroyed. After this is called, +// the QuicSession instance will be generally unusable but most +// likely will not be immediately freed. +void QuicSession::Destroy() { + if (IsFlagSet(QUICSESSION_FLAG_DESTROYED)) + return; + Debug(this, "Destroying"); + + // If we're not in the closing or draining periods, + // then we should at least attempt to send a connection + // close to the peer. + // TODO(@jasnell): If the connection close happens to occur + // while we're still at the start of the TLS handshake, a + // CONNECTION_CLOSE is not going to be sent because ngtcp2 + // currently does not yet support it. That will need to be + // addressed. + if (!Ngtcp2CallbackScope::InNgtcp2CallbackScope(this) && + !IsInClosingPeriod() && + !IsInDrainingPeriod()) { + Debug(this, "Making attempt to send a connection close"); + SetLastError(QUIC_ERROR_SESSION, NGTCP2_NO_ERROR); + SendConnectionClose(); + } + + // Streams should have already been destroyed by this point. + CHECK(streams_.empty()); + + // Mark the session destroyed. + SetFlag(QUICSESSION_FLAG_DESTROYED); + SetFlag(QUICSESSION_FLAG_CLOSING, false); + SetFlag(QUICSESSION_FLAG_GRACEFUL_CLOSING, false); + + // Stop and free the idle and retransmission timers if they are active. + StopIdleTimer(); + StopRetransmitTimer(); + + // The QuicSession instances are kept alive using + // BaseObjectPtr. The only persistent BaseObjectPtr + // is the map in the associated QuicSocket. Removing + // the QuicSession from the QuicSocket will free + // that pointer, allowing the QuicSession to be + // deconstructed once the stack unwinds and any + // remaining shared_ptr instances fall out of scope. + RemoveFromSocket(); +} + +ssize_t QuicSession::DoDecrypt( + uint8_t* dest, + size_t destlen, + const uint8_t* ciphertext, + size_t ciphertextlen, + const uint8_t* key, + size_t keylen, + const uint8_t* nonce, + size_t noncelen, + const uint8_t* ad, + size_t adlen) { + if (IsFlagSet(QUICSESSION_FLAG_DESTROYED)) + return NGTCP2_ERR_CALLBACK_FAILURE; + ssize_t nwrite = Decrypt( + dest, destlen, + ciphertext, ciphertextlen, + &crypto_ctx_, + key, keylen, + nonce, noncelen, + ad, adlen); + return nwrite >= 0 ? + nwrite : + static_cast(NGTCP2_ERR_TLS_DECRYPT); +} + +ssize_t QuicSession::DoEncrypt( + uint8_t* dest, + size_t destlen, + const uint8_t* plaintext, + size_t plaintextlen, + const uint8_t* key, + size_t keylen, + const uint8_t* nonce, + size_t noncelen, + const uint8_t* ad, + size_t adlen) { + if (IsFlagSet(QUICSESSION_FLAG_DESTROYED)) + return NGTCP2_ERR_CALLBACK_FAILURE; + ssize_t nwrite = Encrypt( + dest, destlen, + plaintext, plaintextlen, + &crypto_ctx_, + key, keylen, + nonce, noncelen, + ad, adlen); + return nwrite >= 0 ? + nwrite : + static_cast(NGTCP2_ERR_CALLBACK_FAILURE); +} + +ssize_t QuicSession::DoHPMask( + uint8_t* dest, + size_t destlen, + const uint8_t* key, + size_t keylen, + const uint8_t* sample, + size_t samplelen) { + if (IsFlagSet(QUICSESSION_FLAG_DESTROYED)) + return NGTCP2_ERR_CALLBACK_FAILURE; + ssize_t nwrite = HP_Mask( + dest, destlen, + &crypto_ctx_, + key, keylen, + sample, samplelen); + return nwrite >= 0 ? + nwrite : + static_cast(NGTCP2_ERR_CALLBACK_FAILURE); +} + +ssize_t QuicSession::DoHSDecrypt( + uint8_t* dest, + size_t destlen, + const uint8_t* ciphertext, + size_t ciphertextlen, + const uint8_t* key, + size_t keylen, + const uint8_t* nonce, + size_t noncelen, + const uint8_t* ad, + size_t adlen) { + if (IsFlagSet(QUICSESSION_FLAG_DESTROYED)) + return NGTCP2_ERR_CALLBACK_FAILURE; + CryptoContext ctx; + SetupInitialCryptoContext(&ctx); + ssize_t nwrite = Decrypt( + dest, destlen, + ciphertext, ciphertextlen, + &ctx, + key, keylen, + nonce, noncelen, + ad, adlen); + return nwrite >= 0 ? + nwrite : + static_cast(NGTCP2_ERR_TLS_DECRYPT); +} + +ssize_t QuicSession::DoHSEncrypt( + uint8_t* dest, + size_t destlen, + const uint8_t* plaintext, + size_t plaintextlen, + const uint8_t* key, + size_t keylen, + const uint8_t* nonce, + size_t noncelen, + const uint8_t* ad, + size_t adlen) { + if (IsFlagSet(QUICSESSION_FLAG_DESTROYED)) + return NGTCP2_ERR_CALLBACK_FAILURE; + CryptoContext ctx; + SetupInitialCryptoContext(&ctx); + ssize_t nwrite = Encrypt( + dest, destlen, + plaintext, plaintextlen, + &ctx, + key, keylen, + nonce, noncelen, + ad, adlen); + return nwrite >= 0 ? + nwrite : + static_cast(NGTCP2_ERR_CALLBACK_FAILURE); +} + +ssize_t QuicSession::DoInHPMask( + uint8_t* dest, + size_t destlen, + const uint8_t* key, + size_t keylen, + const uint8_t* sample, + size_t samplelen) { + if (IsFlagSet(QUICSESSION_FLAG_DESTROYED)) + return NGTCP2_ERR_CALLBACK_FAILURE; + CryptoContext ctx; + SetupInitialCryptoContext(&ctx); + ssize_t nwrite = HP_Mask( + dest, destlen, + &ctx, + key, keylen, + sample, samplelen); + return nwrite >= 0 ? + nwrite : + static_cast(NGTCP2_ERR_CALLBACK_FAILURE); +} + +void QuicSession::ExtendMaxStreamData(int64_t stream_id, uint64_t max_data) { + Debug(this, + "Extending max stream %" PRId64 " data to %" PRIu64, + stream_id, max_data); +} + +void QuicSession::ExtendMaxStreamsUni(uint64_t max_streams) { + Debug(this, "Setting max unidirectional streams to %" PRIu64, max_streams); + state_[IDX_QUIC_SESSION_STATE_MAX_STREAMS_UNI] = + static_cast(max_streams); +} + +void QuicSession::ExtendMaxStreamsBidi(uint64_t max_streams) { + Debug(this, "Setting max bidirectional streams to %" PRIu64, max_streams); + state_[IDX_QUIC_SESSION_STATE_MAX_STREAMS_BIDI] = + static_cast(max_streams); +} + +void QuicSession::ExtendStreamOffset(QuicStream* stream, size_t amount) { + Debug(this, "Extending max stream %" PRId64 " offset by %d bytes", + stream->GetID(), amount); + ngtcp2_conn_extend_max_stream_offset( + Connection(), + stream->GetID(), + amount); +} + +// Copies the local transport params into the given struct for serialization. +void QuicSession::GetLocalTransportParams(ngtcp2_transport_params* params) { + CHECK(!IsFlagSet(QUICSESSION_FLAG_DESTROYED)); + ngtcp2_conn_get_local_transport_params(Connection(), params); +} + +// Gets the QUIC version negotiated for this QuicSession +uint32_t QuicSession::GetNegotiatedVersion() { + CHECK(!IsFlagSet(QUICSESSION_FLAG_DESTROYED)); + return ngtcp2_conn_get_negotiated_version(Connection()); +} + +// Generates and associates a new connection ID for this QuicSession. +// ngtcp2 will call this multiple times at the start of a new connection +// in order to build a pool of available CIDs. +int QuicSession::GetNewConnectionID( + ngtcp2_cid* cid, + uint8_t* token, + size_t cidlen) { + DCHECK(!IsFlagSet(QUICSESSION_FLAG_DESTROYED)); + cid->datalen = cidlen; + // cidlen shouldn't ever be zero here but just in case that + // behavior changes in ngtcp2 in the future... + if (cidlen > 0) + EntropySource(cid->data, cidlen); + EntropySource(token, NGTCP2_STATELESS_RESET_TOKENLEN); + AssociateCID(cid); + return 0; +} + +void QuicSession::HandleError() { + sendbuf_.Cancel(); + if (!SendConnectionClose()) { + SetLastError(QUIC_ERROR_SESSION, NGTCP2_ERR_INTERNAL); + ImmediateClose(); + } +} + +// The HandshakeCompleted function is called by ngtcp2 once it +// determines that the TLS Handshake is done. The only thing we +// need to do at this point is let the javascript side know. +void QuicSession::HandshakeCompleted() { + session_stats_.handshake_completed_at = uv_hrtime(); + + SetLocalCryptoLevel(NGTCP2_CRYPTO_LEVEL_APP); + HandleScope scope(env()->isolate()); + Context::Scope context_scope(env()->context()); + + const char* host_name = + SSL_get_servername( + ssl_.get(), + TLSEXT_NAMETYPE_host_name); + + Local servername = GetServerName(env(), ssl_.get(), host_name); + Local alpn = GetALPNProtocol(env(), ssl_.get()); + Local cipher = GetCipherName(env(), ssl_.get()); + Local version = GetCipherVersion(env(), ssl_.get()); + Local maxPacketLength = Integer::New(env()->isolate(), max_pktlen_); + + // Verify the identity of the peer (this check varies based on whether + // or not this is a client or server session. See the specific implementation + // of VerifyPeerIdentity() for either. + Local verifyErrorReason = v8::Null(env()->isolate()); + Local verifyErrorCode = v8::Null(env()->isolate()); + int verifyError = VerifyPeerIdentity(host_name); + if (verifyError != 0) { + const char* reason = X509_verify_cert_error_string(verifyError); + verifyErrorReason = OneByteString(env()->isolate(), reason); + verifyErrorCode = + OneByteString(env()->isolate(), X509ErrorCode(verifyError)); + } + + Local argv[] = { + servername, + alpn, + cipher, + version, + maxPacketLength, + verifyErrorReason, + verifyErrorCode + }; + + // Grab a shared pointer to this to prevent the QuicSession + // from being freed while the MakeCallback is running. + BaseObjectPtr ptr(this); + MakeCallback(env()->quic_on_session_handshake_function(), + arraysize(argv), + argv); +} + +bool QuicSession::InitiateUpdateKey() { + DCHECK(!IsFlagSet(QUICSESSION_FLAG_DESTROYED)); + DCHECK(!IsFlagSet(QUICSESSION_FLAG_CLOSING)); + DCHECK(!IsFlagSet(QUICSESSION_FLAG_KEYUPDATE)); + Debug(this, "Initiating a key update"); + return UpdateKey() && ngtcp2_conn_initiate_key_update(Connection()) == 0; + // TODO(@jasnell): If we're not within a ngtcp2 callback when this is + // called, we likely need to manually trigger a send operation. Need + // to verify. +} + +// Initialize the TLS context for this QuicSession. This +// is called exactly once during the construction and +// initialization of the QuicSession +void QuicSession::InitTLS() { + Debug(this, "Initializing TLS."); + BIO* bio = BIO_new(CreateBIOMethod()); + BIO_set_data(bio, this); + SSL_set_bio(ssl(), bio, bio); + SSL_set_app_data(ssl(), this); + SSL_set_msg_callback(ssl(), MessageCB); + SSL_set_msg_callback_arg(ssl(), this); + SSL_set_key_callback(ssl(), KeyCB, this); + SSL_set_cert_cb(ssl(), CertCB, this); + // The verification may be overriden in InitTLS_Post + SSL_set_verify(ssl(), SSL_VERIFY_NONE, crypto::VerifyCallback); + + // Servers and Clients do slightly different things at + // this point. Both QuicClientSession and QuicServerSession + // override the InitTLS_Post function to carry on with + // the TLS initialization. + InitTLS_Post(); +} + +bool QuicSession::IsHandshakeCompleted() { + DCHECK(!IsFlagSet(QUICSESSION_FLAG_DESTROYED)); + return ngtcp2_conn_get_handshake_completed(Connection()); +} + +// TLS Keylogging is enabled per-QuicSession by attaching an handler to the +// "keylog" event. Each keylog line is emitted to JavaScript where it can +// be routed to whatever destination makes sense. Typically, this will be +// to a keylog file that can be consumed by tools like Wireshark to intercept +// and decrypt QUIC network traffic. +void QuicSession::Keylog(const char* line) { + if (LIKELY(state_[IDX_QUIC_SESSION_STATE_KEYLOG_ENABLED] == 0)) + return; + + HandleScope handle_scope(env()->isolate()); + Context::Scope context_scope(env()->context()); + const size_t size = strlen(line); + Local line_bf = Buffer::Copy(env(), line, 1 + size).ToLocalChecked(); + char* data = Buffer::Data(line_bf); + data[size] = '\n'; + + // Grab a shared pointer to this to prevent the QuicSession + // from being freed while the MakeCallback is running. + BaseObjectPtr ptr(this); + MakeCallback(env()->quic_on_session_keylog_function(), 1, &line_bf); +} + +// When a QuicSession hits the idle timeout, it is to be silently and +// immediately closed without attempting to send any additional data to +// the peer. All existing streams are abandoned and closed. +void QuicSession::OnIdleTimeout() { + if (IsFlagSet(QUICSESSION_FLAG_DESTROYED)) + return; + Debug(this, "Idle timeout"); + return SilentClose(); +} + +// Once OpenSSL adopts the BoringSSL QUIC apis (and we're able to pick those +// up) then we will get rx and tx keys in a single callback and this entire +// method will change. For now, we have to handle the keys one at a time, +// which is going to make working with the ngtcp2 api a bit more difficult +// since it's moving to a model where it assumes both rx and tx keys are +// available at the same time. +bool QuicSession::OnKey(int name, const uint8_t* secret, size_t secretlen) { + typedef void (*install_fn)(ngtcp2_conn* conn, + size_t keylen, + size_t ivlen, + const SessionKey& key, + const SessionIV& iv, + const SessionKey& hp); + std::vector* client_secret; + std::vector* server_secret; + install_fn install_server_handshake_key; + install_fn install_client_handshake_key; + install_fn install_server_key; + install_fn install_client_key; + SessionKey key; + SessionIV iv; + SessionKey hp; + + SetupCryptoContext(&crypto_ctx_, ssl()); + size_t keylen = aead_key_length(&crypto_ctx_); + size_t ivlen = packet_protection_ivlen(&crypto_ctx_); + + switch (Side()) { + case NGTCP2_CRYPTO_SIDE_SERVER: + client_secret = &rx_secret_; + server_secret = &tx_secret_; + install_server_handshake_key = InstallHandshakeTXKeys; + install_client_handshake_key = InstallHandshakeRXKeys; + install_server_key = InstallTXKeys; + install_client_key = InstallRXKeys; + break; + case NGTCP2_CRYPTO_SIDE_CLIENT: + client_secret = &tx_secret_; + server_secret = &rx_secret_; + install_server_handshake_key = InstallHandshakeRXKeys; + install_client_handshake_key = InstallHandshakeTXKeys; + install_server_key = InstallRXKeys; + install_client_key = InstallTXKeys; + break; + default: + UNREACHABLE(); + } + + if (!DerivePacketProtectionKey( + key.data(), + iv.data(), + hp.data(), + &crypto_ctx_, + secret, + secretlen)) { + return false; + } + ngtcp2_conn_set_aead_overhead(Connection(), aead_tag_length(&crypto_ctx_)); + + switch (name) { + case SSL_KEY_CLIENT_EARLY_TRAFFIC: + InstallEarlyKeys(Connection(), keylen, ivlen, key, iv, hp); + break; + case SSL_KEY_CLIENT_HANDSHAKE_TRAFFIC: + install_client_handshake_key(Connection(), keylen, ivlen, key, iv, hp); + SetClientCryptoLevel(NGTCP2_CRYPTO_LEVEL_HANDSHAKE); + break; + case SSL_KEY_CLIENT_APPLICATION_TRAFFIC: + client_secret->assign(secret, secret + secretlen); + install_client_key(Connection(), keylen, ivlen, key, iv, hp); + SetClientCryptoLevel(NGTCP2_CRYPTO_LEVEL_APP); + break; + case SSL_KEY_SERVER_HANDSHAKE_TRAFFIC: + install_server_handshake_key(Connection(), keylen, ivlen, key, iv, hp); + SetServerCryptoLevel(NGTCP2_CRYPTO_LEVEL_HANDSHAKE); + break; + case SSL_KEY_SERVER_APPLICATION_TRAFFIC: + server_secret->assign(secret, secret + secretlen); + install_server_key(Connection(), keylen, ivlen, key, iv, hp); + SetServerCryptoLevel(NGTCP2_CRYPTO_LEVEL_APP); + break; + } + + return true; +} + + +void QuicSession::MaybeTimeout() { + if (IsFlagSet(QUICSESSION_FLAG_DESTROYED)) + return; + uint64_t now = uv_hrtime(); + bool transmit = false; + if (ngtcp2_conn_loss_detection_expiry(Connection()) <= now) { + Debug(this, "Retransmitting due to loss detection"); + CHECK_EQ(ngtcp2_conn_on_loss_detection_timer(Connection(), now), 0); + IncrementStat( + 1, &session_stats_, + &session_stats::loss_retransmit_count); + transmit = true; + } else if (ngtcp2_conn_ack_delay_expiry(Connection()) <= now) { + Debug(this, "Retransmitting due to ack delay"); + ngtcp2_conn_cancel_expired_ack_delay_timer(Connection(), now); + IncrementStat( + 1, &session_stats_, + &session_stats::ack_delay_retransmit_count); + transmit = true; + } + if (transmit) + SendPendingData(); +} + +bool QuicSession::OpenBidirectionalStream(int64_t* stream_id) { + DCHECK(!IsFlagSet(QUICSESSION_FLAG_DESTROYED)); + DCHECK(!IsFlagSet(QUICSESSION_FLAG_CLOSING)); + DCHECK(!IsFlagSet(QUICSESSION_FLAG_GRACEFUL_CLOSING)); + return ngtcp2_conn_open_bidi_stream(Connection(), stream_id, nullptr) == 0; +} + +bool QuicSession::OpenUnidirectionalStream(int64_t* stream_id) { + DCHECK(!IsFlagSet(QUICSESSION_FLAG_DESTROYED)); + DCHECK(!IsFlagSet(QUICSESSION_FLAG_CLOSING)); + DCHECK(!IsFlagSet(QUICSESSION_FLAG_GRACEFUL_CLOSING)); + if (ngtcp2_conn_open_uni_stream(Connection(), stream_id, nullptr)) + return false; + ngtcp2_conn_shutdown_stream_read(Connection(), *stream_id, 0); + return true; +} + +void QuicSession::PathValidation( + const ngtcp2_path* path, + ngtcp2_path_validation_result res) { + if (res == NGTCP2_PATH_VALIDATION_RESULT_SUCCESS) { + Debug(this, + "Path validation succeeded. Updating local and remote addresses"); + SetLocalAddress(&path->local); + remote_address_.Update(&path->remote); + IncrementStat( + 1, &session_stats_, + &session_stats::path_validation_success_count); + } else { + IncrementStat( + 1, &session_stats_, + &session_stats::path_validation_failure_count); + } + + // Only emit the callback if there is a handler for the pathValidation + // event on the JavaScript QuicSession object. + if (LIKELY(state_[IDX_QUIC_SESSION_STATE_PATH_VALIDATED_ENABLED] == 0)) + return; + + // This is a fairly expensive operation because both the local and + // remote addresses have to converted into JavaScript objects. We + // only do this if a pathValidation handler is registered. + HandleScope scope(env()->isolate()); + Local context = env()->context(); + Context::Scope context_scope(context); + Local argv[] = { + Integer::New(env()->isolate(), res), + AddressToJS(env(), reinterpret_cast(path->local.addr)), + AddressToJS(env(), reinterpret_cast(path->remote.addr)) + }; + // Grab a shared pointer to this to prevent the QuicSession + // from being freed while the MakeCallback is running. + BaseObjectPtr ptr(this); + MakeCallback( + env()->quic_on_session_path_validation_function(), + arraysize(argv), + argv); +} + +// Calling Ping will trigger the ngtcp2_conn to serialize any +// packets it currently has pending along with a probe frame +// that should keep the connection alive. This is a fire and +// forget and any errors that may occur will be ignored. The +// idle_timeout and retransmit timers will be updated. If Ping +// is called while processing an ngtcp2 callback, or if the +// closing or draining period has started, this is a non-op. +void QuicSession::Ping() { + if (Ngtcp2CallbackScope::InNgtcp2CallbackScope(this) || + IsFlagSet(QUICSESSION_FLAG_DESTROYED) || + IsFlagSet(QUICSESSION_FLAG_CLOSING) || + IsInClosingPeriod() || + IsInDrainingPeriod()) { + return; + } + // TODO(@jasnell): We might want to revisit whether to handle + // errors right here. For now, we're ignoring them with the + // intent of capturing them elsewhere. + WritePackets("ping"); + UpdateIdleTimer(); + ScheduleRetransmit(); +} + +// Reads a chunk of received peer TLS handshake data for processing +size_t QuicSession::ReadPeerHandshake(uint8_t* buf, size_t buflen) { + size_t n = std::min(buflen, peer_handshake_.size() - ncread_); + std::copy_n(std::begin(peer_handshake_) + ncread_, n, buf); + ncread_ += n; + return n; +} + +bool QuicSession::Receive( + ssize_t nread, + const uint8_t* data, + const struct sockaddr* addr, + unsigned int flags) { + if (IsFlagSet(QUICSESSION_FLAG_DESTROYED)) { + Debug(this, "Ignoring packet because session is destroyed"); + return false; + } + + Debug(this, "Receiving QUIC packet."); + IncrementStat(nread, &session_stats_, &session_stats::bytes_received); + + // Closing period starts once ngtcp2 has detected that the session + // is being shutdown locally. Note that this is different that the + // IsFlagSet(QUICSESSION_FLAG_GRACEFUL_CLOSING) function, which + // indicates a graceful shutdown that allows the session and streams + // to finish naturally. When IsInClosingPeriod is true, ngtcp2 is + // actively in the process of shutting down the connection and a + // CONNECTION_CLOSE has already been sent. The only thing we can do + // at this point is either ignore the packet or send another + // CONNECTION_CLOSE. + if (IsInClosingPeriod()) { + Debug(this, "QUIC packet received while in closing period."); + IncrementConnectionCloseAttempts(); + if (!ShouldAttemptConnectionClose()) { + Debug(this, "Not sending connection close"); + return false; + } + Debug(this, "Sending connection close"); + return SendConnectionClose(); + } + + // When IsInDrainingPeriod is true, ngtcp2 has received a + // connection close and we are simply discarding received packets. + // No outbound packets may be sent. Return true here because + // the packet was correctly processed, even tho it is being + // ignored. + if (IsInDrainingPeriod()) { + Debug(this, "QUIC packet received while in draining period."); + return true; + } + + // It's possible for the remote address to change from one + // packet to the next so we have to look at the addr on + // every packet. + remote_address_.Copy(addr); + QuicPath path(Socket()->GetLocalAddress(), &remote_address_); + + { + // These are within a scope to ensure that the InternalCallbackScope + // and HandleScope are both exited before continuing on with the + // function. This allows any nextTicks and queued tasks to be processed + // before we continue. + Debug(this, "Processing received packet"); + HandleScope handle_scope(env()->isolate()); + InternalCallbackScope callback_scope(this); + if (!ReceivePacket(&path, data, nread)) { + if (initial_connection_close_ == NGTCP2_NO_ERROR) { + Debug(this, "Failure processing received packet (code %" PRIu64 ")", + GetLastError().code); + HandleError(); + return false; + } else { + // When initial_connection_close_ is some value other than + // NGTCP2_NO_ERROR, then the QuicSession is going to be + // immediately responded to with a CONNECTION_CLOSE and + // no additional processing will be performed. + Debug(this, "Initial connection close with code %" PRIu64, + initial_connection_close_); + SetLastError(QUIC_ERROR_SESSION, initial_connection_close_); + SendConnectionClose(); + return true; + } + } + } + + if (IsFlagSet(QUICSESSION_FLAG_DESTROYED)) { + Debug(this, "Session was destroyed while processing the received packet"); + // If the QuicSession has been destroyed but it is not + // in the closing period, a CONNECTION_CLOSE has not yet + // been sent to the peer. Let's attempt to send one. + if (!IsInClosingPeriod() && !IsInDrainingPeriod()) { + Debug(this, "Attempting to send connection close"); + SetLastError(QUIC_ERROR_SESSION, NGTCP2_NO_ERROR); + SendConnectionClose(); + } + return true; + } + + // Only send pending data if we haven't entered draining mode. + // We enter the draining period when a CONNECTION_CLOSE has been + // received from the remote peer. + if (IsInDrainingPeriod()) { + Debug(this, "In draining period after processing packet"); + // If processing the packet puts us into draining period, there's + // absolutely nothing left for us to do except silently close + // and destroy this QuicSession. + SilentClose(); + return true; + } else { + Debug(this, "Sending pending data after processing packet"); + SendPendingData(); + } + + UpdateIdleTimer(); + UpdateRecoveryStats(); + Debug(this, "Successfully processed received packet"); + return true; +} + +// Called by ngtcp2 when a chunk of peer TLS handshake data is received. +// For every chunk, we move the TLS handshake further along until it +// is complete. +int QuicSession::ReceiveCryptoData( + ngtcp2_crypto_level crypto_level, + uint64_t offset, + const uint8_t* data, + size_t datalen) { + if (IsFlagSet(QUICSESSION_FLAG_DESTROYED)) + return NGTCP2_ERR_CALLBACK_FAILURE; + Debug(this, "Receiving %d bytes of crypto data.", datalen); + + int err = WritePeerHandshake(crypto_level, data, datalen); + if (err < 0) + return err; + + // If the handshake is not yet completed, incrementally advance + // the handshake process. + if (!IsHandshakeCompleted()) + return TLSHandshake(); + + // It's possible that not all of the data was consumed. Anything + // that's remaining needs to be read but is not used. + return TLSRead(); +} + +// The ReceiveClientInitial function is called by ngtcp2 when +// a new connection has been initiated. The very first step to +// establishing a communication channel is to setup the keys +// that will be used to secure the communication. +bool QuicSession::ReceiveClientInitial(const ngtcp2_cid* dcid) { + if (UNLIKELY(IsFlagSet(QUICSESSION_FLAG_DESTROYED))) + return false; + Debug(this, "Receiving client initial parameters."); + return DeriveAndInstallInitialKey( + Connection(), + dcid, + NGTCP2_CRYPTO_SIDE_SERVER) && + initial_connection_close_ == NGTCP2_NO_ERROR; +} + +bool QuicSession::ReceivePacket( + QuicPath* path, + const uint8_t* data, + ssize_t nread) { + DCHECK(!Ngtcp2CallbackScope::InNgtcp2CallbackScope(this)); + + // If the QuicSession has been destroyed, we're not going + // to process any more packets for it. + if (IsFlagSet(QUICSESSION_FLAG_DESTROYED)) + return true; + + uint64_t now = uv_hrtime(); + session_stats_.session_received_at = now; + int err = ngtcp2_conn_read_pkt(Connection(), **path, data, nread, now); + if (err < 0) { + switch (err) { + case NGTCP2_ERR_DRAINING: + case NGTCP2_ERR_RECV_VERSION_NEGOTIATION: + break; + default: + SetLastError(QUIC_ERROR_SESSION, err); + return false; + } + } + return true; +} + +// Called by ngtcp2 when a chunk of stream data has been received. If +// the stream does not yet exist, it is created, then the data is +// forwarded on. +void QuicSession::ReceiveStreamData( + int64_t stream_id, + int fin, + const uint8_t* data, + size_t datalen, + uint64_t offset) { + // QUIC does not permit zero-length stream packets if + // fin is not set. ngtcp2 prevents these from coming + // through but just in case of regression in that impl, + // let's double check and simply ignore such packets + // so we do not commit any resources. + if (UNLIKELY(fin == 0 && datalen == 0)) + return; + + if (IsFlagSet(QUICSESSION_FLAG_DESTROYED)) + return; + + OnScopeLeave leave([&]() { + // This extends the flow control window for the entire session + // but not for the individual Stream. Stream flow control is + // only expanded as data is read on the JavaScript side. + ngtcp2_conn_extend_max_offset(Connection(), datalen); + }); + + HandleScope scope(env()->isolate()); + Context::Scope context_scope(env()->context()); + + QuicStream* stream = FindStream(stream_id); + if (stream == nullptr) { + // Shutdown the stream explicitly if the session is being closed. + if (IsFlagSet(QUICSESSION_FLAG_GRACEFUL_CLOSING)) { + ngtcp2_conn_shutdown_stream(Connection(), stream_id, NGTCP2_ERR_CLOSING); + return; + } + + // One potential DOS attack vector is to send a bunch of + // empty stream frames to commit resources. Check that + // here. Essentially, we only want to create a new stream + // if the datalen is greater than 0, otherwise, we ignore + // the packet. + if (datalen == 0) + return; + + stream = CreateStream(stream_id); + } + CHECK_NOT_NULL(stream); + stream->ReceiveData(fin, data, datalen, offset); +} + +// Removes the given connection id from the QuicSession. +void QuicSession::RemoveConnectionID(const ngtcp2_cid* cid) { + if (!IsFlagSet(QUICSESSION_FLAG_DESTROYED)) + DisassociateCID(cid); +} + +// Removes the QuicSession from the current socket. This is +// done with when the session is being destroyed or being +// migrated to another QuicSocket. It is important to keep in mind +// that the QuicSocket uses a BaseObjectPtr for the QuicSession. +// If the session is removed and there are no other references held, +// the session object will be destroyed automatically. +void QuicSession::RemoveFromSocket() { + std::vector cids(ngtcp2_conn_get_num_scid(Connection())); + ngtcp2_conn_get_scid(Connection(), cids.data()); + + for (auto &cid : cids) { + QuicCID id(&cid); + socket_->DisassociateCID(&id); + } + + Debug(this, "Removed from the QuicSocket."); + QuicCID scid(scid_); + socket_->RemoveSession(&scid, **GetRemoteAddress()); + socket_.reset(); +} + +// Removes the given stream from the QuicSession. All streams must +// be removed before the QuicSession is destroyed. +void QuicSession::RemoveStream(int64_t stream_id) { + Debug(this, "Removing stream %" PRId64, stream_id); + + // This will have the side effect of destroying the QuicStream + // instance. + streams_.erase(stream_id); + // Ensure that the stream state is closed and discarded by ngtcp2 + // Be sure to call this after removing the stream from the map + // above so that when ngtcp2 closes the stream, the callback does + // not attempt to loop back around and destroy the already removed + // QuicStream instance. Typically, the stream is already going to + // be closed by this point. + ngtcp2_conn_shutdown_stream(Connection(), stream_id, NGTCP2_NO_ERROR); +} + +// Schedule the retransmission timer +void QuicSession::ScheduleRetransmit() { + uint64_t now = uv_hrtime(); + uint64_t expiry = ngtcp2_conn_get_expiry(Connection()); + uint64_t interval = (expiry < now) ? 1 : ((expiry - now) / 1000000UL); + Debug(this, "Scheduling the retransmit timer for %" PRIu64, interval); + UpdateRetransmitTimer(interval); +} + +void QuicSession::UpdateRetransmitTimer(uint64_t timeout) { + DCHECK_NOT_NULL(retransmit_); + retransmit_->Update(timeout); +} + +namespace { +void Consume(ngtcp2_vec** pvec, size_t* pcnt, size_t len) { + ngtcp2_vec* v = *pvec; + size_t cnt = *pcnt; + + for (; cnt > 0; --cnt, ++v) { + if (v->len > len) { + v->len -= len; + v->base += len; + break; + } + len -= v->len; + } + + *pvec = v; + *pcnt = cnt; +} + +int IsEmpty(const ngtcp2_vec* vec, size_t cnt) { + size_t i; + for (i = 0; i < cnt && vec[i].len == 0; ++i) {} + return i == cnt; +} +} // anonymous namespace + +// Sends buffered stream data. +bool QuicSession::SendStreamData(QuicStream* stream) { + // Because SendStreamData calls ngtcp2_conn_writev_streams, + // it is not permitted to be called while we are running within + // an ngtcp2 callback function. + CHECK(!Ngtcp2CallbackScope::InNgtcp2CallbackScope(this)); + + // No stream data may be serialized and sent if: + // - the QuicSession is destroyed + // - the QuicStream was never writable, + // - a final stream frame has already been sent, + // - the QuicSession is in the draining period, + // - the QuicSession is in the closing period, or + // - we are blocked from sending any data because of flow control + if (IsFlagSet(QUICSESSION_FLAG_DESTROYED) || + !stream->WasEverWritable() || + stream->HasSentFin() || + IsInDrainingPeriod() || + IsInClosingPeriod() || + ngtcp2_conn_get_max_data_left(Connection()) == 0) { + return true; + } + + ssize_t ndatalen = 0; + QuicPathStorage path; + + std::vector vec; + + // remaining is the total number of bytes stored in the vector + // that are remaining to be serialized. + size_t remaining = stream->DrainInto(&vec); + Debug(stream, "Sending %d bytes of stream data. Still writable? %s", + remaining, + stream->IsWritable()?"yes":"no"); + + // c and v are used to track the current serialization position + // for each iteration of the for(;;) loop below. + size_t c = vec.size(); + ngtcp2_vec* v = vec.data(); + + // If there is no stream data and we're not sending fin, + // Just return without doing anything. + if (c == 0 && stream->IsWritable()) { + Debug(stream, "There is no stream data to send"); + return true; + } + + for (;;) { + Debug(stream, "Starting packet serialization. Remaining? %d", remaining); + MallocedBuffer dest(max_pktlen_); + ssize_t nwrite = + ngtcp2_conn_writev_stream( + Connection(), + &path.path, + dest.data, + max_pktlen_, + &ndatalen, + NGTCP2_WRITE_STREAM_FLAG_NONE, + stream->GetID(), + stream->IsWritable() ? 0 : 1, + reinterpret_cast(v), + c, + uv_hrtime()); + + if (nwrite <= 0) { + switch (nwrite) { + case 0: + // If zero is returned, we've hit congestion limits. We need to stop + // serializing data and try again later to empty the queue once the + // congestion window has expanded. + Debug(stream, "Congestion limit reached"); + return true; + case NGTCP2_ERR_PKT_NUM_EXHAUSTED: + // There is a finite number of packets that can be sent + // per connection. Once those are exhausted, there's + // absolutely nothing we can do except immediately + // and silently tear down the QuicSession. This has + // to be silent because we can't even send a + // CONNECTION_CLOSE since even those require a + // packet number. + SilentClose(); + return false; + case NGTCP2_ERR_STREAM_DATA_BLOCKED: + Debug(stream, "Stream data blocked"); + return true; + case NGTCP2_ERR_EARLY_DATA_REJECTED: + Debug(stream, "Early data rejected"); + return true; + case NGTCP2_ERR_STREAM_SHUT_WR: + Debug(stream, "Stream writable side is closed"); + return true; + case NGTCP2_ERR_STREAM_NOT_FOUND: + Debug(stream, "Stream does not exist"); + return true; + default: + Debug(stream, "Error writing packet. Code %" PRIu64, nwrite); + SetLastError(QUIC_ERROR_SESSION, static_cast(nwrite)); + return false; + } + } + + if (ndatalen > 0) { + remaining -= ndatalen; + Debug(stream, + "%" PRIu64 " stream bytes serialized into packet. %d remaining", + ndatalen, + remaining); + Consume(&v, &c, ndatalen); + stream->Commit(ndatalen); + } + + Debug(stream, "Sending %" PRIu64 " bytes in serialized packet", nwrite); + dest.Realloc(nwrite); + sendbuf_.Push(std::move(dest)); + remote_address_.Update(&path.path.remote); + + if (!SendPacket("stream data")) + return false; + + if (IsEmpty(v, c)) { + // fin will have been set if all of the data has been + // encoded in the packet and IsWritable() returns false. + if (!stream->IsWritable()) { + Debug(stream, "Final stream has been sent"); + stream->SetFinSent(); + } + break; + } + } + + return true; +} + +// Transmits the current contents of the internal sendbuf_ to the peer. +bool QuicSession::SendPacket(const char* diagnostic_label) { + CHECK(!IsFlagSet(QUICSESSION_FLAG_DESTROYED)); + CHECK(!IsInDrainingPeriod()); + // Move the contents of sendbuf_ to the tail of txbuf_ and reset sendbuf_ + if (sendbuf_.Length() > 0) { + IncrementStat( + sendbuf_.Length(), + &session_stats_, + &session_stats::bytes_sent); + txbuf_ += std::move(sendbuf_); + } + // There's nothing to send, so let's not try + if (txbuf_.Length() == 0 || Socket() == nullptr) + return true; + Debug(this, "There are %" PRIu64 " bytes in txbuf_ to send", txbuf_.Length()); + session_stats_.session_sent_at = uv_hrtime(); + ScheduleRetransmit(); + int err = Socket()->SendPacket( + *remote_address_, + &txbuf_, + BaseObjectPtr(this), + diagnostic_label); + if (err != 0) { + SetLastError(QUIC_ERROR_SESSION, err); + return false; + } + return true; +} + +// Sends any pending handshake or session packet data. +void QuicSession::SendPendingData() { + // Do not proceed if: + // * We are in the ngtcp2 callback scope + // * The QuicSession has been destroyed + // * The QuicSession is in the draining period + // * The QuicSession is a server in the closing period + if (Ngtcp2CallbackScope::InNgtcp2CallbackScope(this) || + IsFlagSet(QUICSESSION_FLAG_DESTROYED) || + IsInDrainingPeriod() || + (Side() == NGTCP2_CRYPTO_SIDE_SERVER && IsInClosingPeriod())) { + return; + } + + // If there's anything currently in the sendbuf_, send it before + // serializing anything else. + if (!SendPacket("pending session data")) + return HandleError(); + + // Try purging any pending stream data + // TODO(@jasnell): Right now this iterates through the streams + // in the order they were created. Later, we'll want to implement + // a prioritization scheme to allow higher priority streams to + // be serialized first. + for (const auto& stream : streams_) { + if (!SendStreamData(stream.second.get())) + return HandleError(); + + // Check to make sure QuicSession state did not change in this + // iteration + if (IsInDrainingPeriod() || + IsInClosingPeriod() || + IsFlagSet(QUICSESSION_FLAG_DESTROYED)) { + return; + } + } + + // Otherwise, serialize and send any packets waiting in the queue. + if (!WritePackets("pending session data - write packets")) + HandleError(); +} + +// Notifies the ngtcp2_conn that the TLS handshake is completed. +void QuicSession::SetHandshakeCompleted() { + DCHECK(!IsFlagSet(QUICSESSION_FLAG_DESTROYED)); + ngtcp2_conn_handshake_completed(Connection()); +} + +void QuicSession::SetLocalAddress(const ngtcp2_addr* addr) { + DCHECK(!IsFlagSet(QUICSESSION_FLAG_DESTROYED)); + ngtcp2_conn_set_local_addr(Connection(), addr); +} + +// Set the transport parameters received from the remote peer +int QuicSession::SetRemoteTransportParams(ngtcp2_transport_params* params) { + DCHECK(!IsFlagSet(QUICSESSION_FLAG_DESTROYED)); + StoreRemoteTransportParams(params); + return ngtcp2_conn_set_remote_transport_params(Connection(), params); +} + +int QuicSession::ShutdownStream(int64_t stream_id, uint64_t code) { + // First, update the internal ngtcp2 state of the given stream + // and schedule the STOP_SENDING and RESET_STREAM frames as + // appropriate. + CHECK_EQ( + ngtcp2_conn_shutdown_stream( + Connection(), + stream_id, + code), 0); + + // If ShutdownStream is called outside of an ngtcp2 callback, + // we need to trigger SendPendingData manually to cause the + // RESET_STREAM and STOP_SENDING frames to be transmitted. + if (!Ngtcp2CallbackScope::InNgtcp2CallbackScope(this)) + SendPendingData(); + + return 0; +} + +// Silent Close must start with the JavaScript side, which must +// clean up state, abort any still existing QuicSessions, then +// destroy the handle when done. The most important characteristic +// of the SilentClose is that no frames are sent to the peer. +// +// When a valid stateless reset is received, the connection is +// immediately and unrecoverably closed at the ngtcp2 level. +// Specifically, it will be put into the draining_period so +// absolutely no frames can be sent. What we need to do is +// notify the JavaScript side and destroy the connection with +// a flag set that indicates stateless reset. +void QuicSession::SilentClose(bool stateless_reset) { + // Calling either ImmediateClose or SilentClose will cause + // the QUICSESSION_FLAG_CLOSING to be set. In either case, + // we should never re-enter ImmediateClose or SilentClose. + CHECK(!IsFlagSet(QUICSESSION_FLAG_CLOSING)); + SetFlag(QUICSESSION_FLAG_SILENT_CLOSE); + SetFlag(QUICSESSION_FLAG_CLOSING); + + QuicError last_error = GetLastError(); + Debug(this, + "Silent close with %s code %" PRIu64 " (stateless reset? %s)", + ErrorFamilyName(last_error.family), + last_error.code, + stateless_reset ? "yes" : "no"); + + HandleScope scope(env()->isolate()); + Context::Scope context_scope(env()->context()); + + Local argv[] = { + stateless_reset ? v8::True(env()->isolate()) : v8::False(env()->isolate()), + Number::New(env()->isolate(), static_cast(last_error.code)), + Integer::New(env()->isolate(), last_error.family) + }; + + // Grab a shared pointer to this to prevent the QuicSession + // from being freed while the MakeCallback is running. + BaseObjectPtr ptr(this); + MakeCallback( + env()->quic_on_session_silent_close_function(), arraysize(argv), argv); +} + +// Called by ngtcp2 when a stream has been closed. If the stream does +// not exist, the close is ignored. +void QuicSession::StreamClose(int64_t stream_id, uint64_t app_error_code) { + if (IsFlagSet(QUICSESSION_FLAG_DESTROYED)) + return; + + if (!HasStream(stream_id)) + return; + + Debug(this, "Closing stream %" PRId64 " with code %" PRIu64, + stream_id, + app_error_code); + + HandleScope scope(env()->isolate()); + Context::Scope context_scope(env()->context()); + + Local argv[] = { + Number::New(env()->isolate(), static_cast(stream_id)), + Number::New(env()->isolate(), static_cast(app_error_code)) + }; + + // Grab a shared pointer to this to prevent the QuicSession + // from being freed while the MakeCallback is running. + BaseObjectPtr ptr(this); + MakeCallback(env()->quic_on_stream_close_function(), arraysize(argv), argv); +} + +void QuicSession::StopIdleTimer() { + CHECK_NOT_NULL(idle_); + idle_->Stop(); +} + +void QuicSession::StopRetransmitTimer() { + CHECK_NOT_NULL(retransmit_); + retransmit_->Stop(); +} + +// Called by ngtcp2 when a stream has been opened. All we do is log +// the activity here. We do not want to actually commit any resources +// until data is received for the stream. This allows us to prevent +// a stream commitment attack. The only exception is shutting the +// stream down explicitly if we are in a graceful close period. +void QuicSession::StreamOpen(int64_t stream_id) { + if (IsFlagSet(QUICSESSION_FLAG_GRACEFUL_CLOSING)) { + ngtcp2_conn_shutdown_stream( + Connection(), + stream_id, + NGTCP2_ERR_CLOSING); + } + Debug(this, "Stream %" PRId64 " opened but not yet created.", stream_id); +} + +// Called when the QuicSession has received a RESET_STREAM frame from the +// peer, indicating that it will no longer send additional frames for the +// stream. If the stream is not yet known, reset is ignored. If the stream +// has already received a STREAM frame with fin set, the stream reset is +// ignored (the QUIC spec permits implementations to handle this situation +// however they want.) If the stream has not yet received a STREAM frame +// with the fin set, then the RESET_STREAM causes the readable side of the +// stream to be abruptly closed and any additional stream frames that may +// be received will be discarded if their offset is greater than final_size. +// On the JavaScript side, receiving a C is undistinguishable from +// a normal end-of-stream. No additional data events will be emitted, the +// end event will be emitted, and the readable side of the duplex will be +// closed. +// +// If the stream is still writable, no additional action is taken. If, +// however, the writable side of the stream has been closed (or was never +// open in the first place as in the case of peer-initiated unidirectional +// streams), the reset will cause the stream to be immediately destroyed. +void QuicSession::StreamReset( + int64_t stream_id, + uint64_t final_size, + uint64_t app_error_code) { + if (IsFlagSet(QUICSESSION_FLAG_DESTROYED)) + return; + + if (!HasStream(stream_id)) + return; + + Debug(this, + "Reset stream %" PRId64 " with code %" PRIu64 + " and final size %" PRIu64, + stream_id, + app_error_code, + final_size); + + HandleScope scope(env()->isolate()); + Context::Scope context_scope(env()->context()); + + Local argv[] = { + Number::New(env()->isolate(), static_cast(stream_id)), + Number::New(env()->isolate(), static_cast(app_error_code)), + Number::New(env()->isolate(), static_cast(final_size)) + }; + // Grab a shared pointer to this to prevent the QuicSession + // from being freed while the MakeCallback is running. + BaseObjectPtr ptr(this); + MakeCallback(env()->quic_on_stream_reset_function(), arraysize(argv), argv); +} + +// Incrementally performs the TLS handshake. This function is called +// multiple times while handshake data is being passed back and forth +// between the peers. +int QuicSession::TLSHandshake() { + if (IsFlagSet(QUICSESSION_FLAG_DESTROYED)) + return 0; + + ClearTLSError(); + + int err; + uint64_t now = uv_hrtime(); + if (!IsFlagSet(QUICSESSION_FLAG_INITIAL)) { + Debug(this, "TLS handshake starting"); + session_stats_.handshake_start_at = now; + err = TLSHandshake_Initial(); + if (err != 0) + return err; + } else { + Debug(this, "TLS handshake continuing"); + uint64_t ts = + session_stats_.handshake_continue_at > 0 ? + session_stats_.handshake_continue_at : + session_stats_.handshake_start_at; + crypto_handshake_rate_->Record(now - ts); + } + session_stats_.handshake_continue_at = now; + + // If DoTLSHandshake returns 0 or negative, the handshake + // is not yet complete. + err = DoTLSHandshake(ssl()); + if (err <= 0) + return err; + + err = TLSHandshake_Complete(); + if (err != 0) + return err; + + Debug(this, "TLS Handshake completed."); + SetHandshakeCompleted(); + return 0; +} + +// It's possible for TLS handshake to contain extra data that is not +// consumed by ngtcp2. That's ok and the data is just extraneous. We just +// read it and throw it away, unless there's an error. +int QuicSession::TLSRead() { + ClearTLSError(); + return ClearTLS(ssl(), Side() != NGTCP2_CRYPTO_SIDE_SERVER); +} + +void QuicSession::UpdateIdleTimer() { + CHECK_NOT_NULL(idle_); + uint64_t timeout = ngtcp2_conn_get_idle_timeout(Connection()) / 1000000UL; + Debug(this, "Updating idle timeout to %" PRIu64, timeout); + idle_->Update(timeout); +} + +void QuicSession::WriteHandshake(const uint8_t* data, size_t datalen) { + if (IsFlagSet(QUICSESSION_FLAG_DESTROYED)) + return; + Debug(this, "Writing %d bytes of handshake data.", datalen); + MallocedBuffer buffer(datalen); + memcpy(buffer.data, data, datalen); + CHECK_EQ( + ngtcp2_conn_submit_crypto_data( + Connection(), + tx_crypto_level_, + buffer.data, datalen), 0); + handshake_.Push(std::move(buffer)); +} + +// Write any packets current pending for the ngtcp2 connection based on +// the current state of the QuicSession. If the QuicSession is in the +// closing period, only CONNECTION_CLOSE packets may be written. If the +// QuicSession is in the draining period, no packets may be written. +// +// Packets are flushed to the underlying QuicSocket uv_udp_t as soon +// as they are written. The WritePackets method may cause zero or more +// packets to be serialized. +// +// If there are any acks or retransmissions pending, those will be +// serialized at this point as well. However, WritePackets does not +// serialize stream data that is being sent initially. +bool QuicSession::WritePackets(const char* diagnostic_label) { + CHECK(!Ngtcp2CallbackScope::InNgtcp2CallbackScope(this)); + CHECK(!IsFlagSet(QUICSESSION_FLAG_DESTROYED)); + + // During the draining period, we must not send any frames at all. + if (IsInDrainingPeriod()) + return true; + + // During the closing period, we are only permitted to send + // CONNECTION_CLOSE frames. + if (IsInClosingPeriod()) + return SendConnectionClose(); + + // Otherwise, serialize and send pending frames + QuicPathStorage path; + for (;;) { + MallocedBuffer data(max_pktlen_); + ssize_t nwrite = + ngtcp2_conn_write_pkt( + Connection(), + &path.path, + data.data, + max_pktlen_, + uv_hrtime()); + if (nwrite <= 0) { + switch (nwrite) { + case 0: + return true; + case NGTCP2_ERR_PKT_NUM_EXHAUSTED: + // There is a finite number of packets that can be sent + // per connection. Once those are exhausted, there's + // absolutely nothing we can do except immediately + // and silently tear down the QuicSession. This has + // to be silent because we can't even send a + // CONNECTION_CLOSE since even those require a + // packet number. + SilentClose(); + return false; + default: + SetLastError(QUIC_ERROR_SESSION, static_cast(nwrite)); + return false; + } + } + + data.Realloc(nwrite); + remote_address_.Update(&path.path.remote); + sendbuf_.Push(std::move(data)); + if (!SendPacket(diagnostic_label)) + return false; + } +} + +// Writes peer handshake data to the internal buffer +int QuicSession::WritePeerHandshake( + ngtcp2_crypto_level crypto_level, + const uint8_t* data, + size_t datalen) { + if (rx_crypto_level_ != crypto_level) + return NGTCP2_ERR_CRYPTO; + if (peer_handshake_.size() + datalen > max_crypto_buffer_) + return NGTCP2_ERR_CRYPTO_BUFFER_EXCEEDED; + Debug(this, "Writing %d bytes of peer handshake data.", datalen); + std::copy_n(data, datalen, std::back_inserter(peer_handshake_)); + return 0; +} + +// Called by ngtcp2 when the QuicSession keys need to be updated. This may +// happen multiple times through the lifetime of the QuicSession. +bool QuicSession::UpdateKey() { + if (IsFlagSet(QUICSESSION_FLAG_DESTROYED)) + return false; + + // There's no user code that should be able to run while UpdateKey + // is running, but we need to gate on it just to be safe. + OnScopeLeave leave([&]() { SetFlag(QUICSESSION_FLAG_KEYUPDATE, false); }); + CHECK(!IsFlagSet(QUICSESSION_FLAG_KEYUPDATE)); + SetFlag(QUICSESSION_FLAG_KEYUPDATE); + Debug(this, "Updating keys."); + + IncrementStat(1, &session_stats_, &session_stats::keyupdate_count); + + return UpdateAndInstallKey( + Connection(), + &rx_secret_, + &tx_secret_, + rx_secret_.size(), + &crypto_ctx_); +} + + +// QuicServerSession +QuicServerSession::InitialPacketResult QuicServerSession::Accept( + ngtcp2_pkt_hd* hd, + const uint8_t* data, + ssize_t nread) { + // The initial packet is too short and not a valid QUIC packet. + if (static_cast(nread) < MIN_INITIAL_QUIC_PKT_SIZE) + return PACKET_IGNORE; + + switch (ngtcp2_accept(hd, data, nread)) { + case -1: + return PACKET_IGNORE; + case 1: + return PACKET_VERSION; + } + return PACKET_OK; +} + +// The QuicServerSession specializes the QuicSession with server specific +// behaviors. The key differentiator between client and server lies with +// the TLS Handshake and certain aspects of stream state management. +// Fortunately, ngtcp2 takes care of most of the differences for us, +// so most of the overrides here deal with TLS handshake differences. +QuicServerSession::QuicServerSession( + QuicSocket* socket, + QuicSessionConfig* config, + Local wrap, + const ngtcp2_cid* rcid, + const struct sockaddr* addr, + const ngtcp2_cid* dcid, + const ngtcp2_cid* ocid, + uint32_t version, + const std::string& alpn, + uint32_t options, + uint64_t initial_connection_close) : + QuicSession( + NGTCP2_CRYPTO_SIDE_SERVER, + socket, + wrap, + socket->GetServerSecureContext(), + AsyncWrap::PROVIDER_QUICSERVERSESSION, + alpn, + options, + initial_connection_close), + rcid_(*rcid) { + Init(config, addr, dcid, ocid, version); +} + +BaseObjectPtr QuicServerSession::New( + QuicSocket* socket, + QuicSessionConfig* config, + const ngtcp2_cid* rcid, + const struct sockaddr* addr, + const ngtcp2_cid* dcid, + const ngtcp2_cid* ocid, + uint32_t version, + const std::string& alpn, + uint32_t options, + uint64_t initial_connection_close) { + Local obj; + if (!socket->env() + ->quicserversession_constructor_template() + ->NewInstance(socket->env()->context()).ToLocal(&obj)) { + return {}; + } + BaseObjectPtr session = + MakeDetachedBaseObject( + socket, + config, + obj, + rcid, + addr, + dcid, + ocid, + version, + alpn, + options, + initial_connection_close); + + session->AddToSocket(socket); + return session; +} + + +void QuicServerSession::AddToSocket(QuicSocket* socket) { + QuicCID scid(scid_); + QuicCID rcid(rcid_); + socket->AddSession(&scid, BaseObjectPtr(this)); + socket->AssociateCID(&rcid, &scid); + + if (pscid_.datalen) { + QuicCID pscid(pscid_); + socket->AssociateCID(&pscid, &scid); + } +} + +void QuicServerSession::DisassociateCID(const ngtcp2_cid* cid) { + QuicCID id(cid); + Socket()->DisassociateCID(&id); +} + +void QuicServerSession::Init( + QuicSessionConfig* config, + const struct sockaddr* addr, + const ngtcp2_cid* dcid, + const ngtcp2_cid* ocid, + uint32_t version) { + + CHECK_NULL(connection_); + + ExtendMaxStreamsBidi(config->max_streams_bidi()); + ExtendMaxStreamsUni(config->max_streams_uni()); + + remote_address_.Copy(addr); + max_pktlen_ = SocketAddress::GetMaxPktLen(addr); + + InitTLS(); + + QuicSessionConfig cfg = *config; + cfg.GenerateStatelessResetToken(); + cfg.GeneratePreferredAddressToken(pscid()); + max_crypto_buffer_ = cfg.GetMaxCryptoBuffer(); + + EntropySource(scid_.data, NGTCP2_SV_SCIDLEN); + scid_.datalen = NGTCP2_SV_SCIDLEN; + + QuicPath path(Socket()->GetLocalAddress(), &remote_address_); + + ngtcp2_conn* conn; + CHECK_EQ( + ngtcp2_conn_server_new( + &conn, + dcid, + &scid_, + *path, + version, + &callbacks, + *cfg, + &alloc_info_, + static_cast(this)), 0); + + if (ocid) + ngtcp2_conn_set_retry_ocid(conn, ocid); + connection_.reset(conn); + + UpdateIdleTimer(); +} + +void QuicServerSession::InitTLS_Post() { + SSL_set_accept_state(ssl()); + + if (IsOptionSet(QUICSERVERSESSION_OPTION_REQUEST_CERT)) { + int verify_mode = SSL_VERIFY_PEER; + if (IsOptionSet(QUICSERVERSESSION_OPTION_REJECT_UNAUTHORIZED)) + verify_mode |= SSL_VERIFY_FAIL_IF_NO_PEER_CERT; + SSL_set_verify(ssl(), verify_mode, crypto::VerifyCallback); + } +} + +void QuicSessionOnClientHelloDone(const FunctionCallbackInfo& args) { + QuicSession* session; + ASSIGN_OR_RETURN_UNWRAP(&session, args.Holder()); + session->OnClientHelloDone(); +} + +void QuicServerSession::OnClientHelloDone() { + // Continue the TLS handshake when this function exits + // otherwise it will stall and fail. + TLSHandshakeScope handshake(this, QUICSESSION_FLAG_CLIENT_HELLO_CB_RUNNING); + // Disable the callback at this point so we don't loop continuously + state_[IDX_QUIC_SESSION_STATE_CLIENT_HELLO_ENABLED] = 0; +} + +// If a 'clientHello' event listener is registered on the JavaScript +// QuicServerSession object, the STATE_CLIENT_HELLO_ENABLED state +// will be set and the OnClientHello will cause the 'clientHello' +// event to be emitted. +// +// The 'clientHello' callback will be given it's own callback function +// that must be called when the client has completed handling the event. +// The handshake will not continue until it is called. +// +// The intent here is to allow user code the ability to modify or +// replace the SecurityContext based on the server name, ALPN, or +// other handshake characteristics. +// +// The user can also set a 'cert' event handler that will be called +// when the peer certificate is received, allowing additional tweaks +// and verifications to be performed. +int QuicServerSession::OnClientHello() { + if (LIKELY(state_[IDX_QUIC_SESSION_STATE_CLIENT_HELLO_ENABLED] == 0)) + return 0; + + TLSHandshakeCallbackScope callback_scope(this); + + // Not an error but does suspend the handshake until we're ready to go. + // A callback function is passed to the JavaScript function below that + // must be called in order to turn QUICSESSION_FLAG_CLIENT_HELLO_CB_RUNNING + // off. Once that callback is invoked, the TLS Handshake will resume. + // It is recommended that the user not take a long time to invoke the + // callback in order to avoid stalling out the QUIC connection. + if (IsFlagSet(QUICSESSION_FLAG_CLIENT_HELLO_CB_RUNNING)) + return -1; + + HandleScope scope(env()->isolate()); + Context::Scope context_scope(env()->context()); + SetFlag(QUICSESSION_FLAG_CLIENT_HELLO_CB_RUNNING); + + const char* server_name = nullptr; + const char* alpn = nullptr; + int* exts; + size_t len; + SSL_client_hello_get1_extensions_present(ssl(), &exts, &len); + for (size_t n = 0; n < len; n++) { + switch (exts[n]) { + case TLSEXT_TYPE_server_name: + server_name = GetClientHelloServerName(ssl()); + break; + case TLSEXT_TYPE_application_layer_protocol_negotiation: + alpn = GetClientHelloALPN(ssl()); + break; + } + } + OPENSSL_free(exts); + + Local argv[] = { + Undefined(env()->isolate()), + Undefined(env()->isolate()), + GetClientHelloCiphers(env(), ssl()) + }; + + if (alpn != nullptr) { + argv[0] = String::NewFromUtf8( + env()->isolate(), + alpn, + v8::NewStringType::kNormal).ToLocalChecked(); + } + if (server_name != nullptr) { + argv[1] = String::NewFromUtf8( + env()->isolate(), + server_name, + v8::NewStringType::kNormal).ToLocalChecked(); + } + + // Grab a shared pointer to this to prevent the QuicSession + // from being freed while the MakeCallback is running. + BaseObjectPtr ptr(this); + MakeCallback( + env()->quic_on_session_client_hello_function(), + arraysize(argv), argv); + + return IsFlagSet(QUICSESSION_FLAG_CLIENT_HELLO_CB_RUNNING) ? -1 : 0; +} + +// This callback is invoked by user code after completing handling +// of the 'OCSPRequest' event. The callback is invoked with two +// possible arguments, both of which are optional +// 1. A replacement SecureContext +// 2. An OCSP response +void QuicSessionOnCertDone(const FunctionCallbackInfo& args) { + Environment* env = Environment::GetCurrent(args); + QuicServerSession* session; + ASSIGN_OR_RETURN_UNWRAP(&session, args.Holder()); + + Local cons = env->secure_context_constructor_template(); + crypto::SecureContext* context = nullptr; + if (args[0]->IsObject() && cons->HasInstance(args[0])) + context = Unwrap(args[0].As()); + session->OnCertDone(context, args[1]); +} + +// The OnCertDone function is called by the QuicSessionOnCertDone +// function when usercode is done handling the OCSPRequest event. +void QuicServerSession::OnCertDone( + crypto::SecureContext* context, + Local ocsp_response) { + Debug(this, "OCSPRequest completed. Context Provided? %s, OCSP Provided? %s", + context != nullptr ? "Yes" : "No", + ocsp_response->IsArrayBufferView() ? "Yes" : "No"); + // Continue the TLS handshake when this function exits + // otherwise it will stall and fail. + TLSHandshakeScope handshake_scope(this, QUICSESSION_FLAG_CERT_CB_RUNNING); + // Disable the callback at this point so we don't loop continuously + state_[IDX_QUIC_SESSION_STATE_CERT_ENABLED] = 0; + + if (context != nullptr) { + int err = UseSNIContext(ssl(), context); + if (!err) { + unsigned long err = ERR_get_error(); // NOLINT(runtime/int) + if (!err) + return env()->ThrowError("CertCbDone"); // TODO(@jasnell): revisit + return crypto::ThrowCryptoError(env(), err); + } + } + + if (ocsp_response->IsArrayBufferView()) + ocsp_response_.Reset(env()->isolate(), ocsp_response.As()); +} + +// The OnCert callback provides an opportunity to prompt the server to +// perform on OCSP request on behalf of the client (when the client +// requests it). If there is a listener for the 'OCSPRequest' event +// on the JavaScript side, the IDX_QUIC_SESSION_STATE_CERT_ENABLED +// session state slot will equal 1, which will cause the callback to +// be invoked. The callback will be given a reference to a JavaScript +// function that must be called in order for the TLS handshake to +// continue. +int QuicServerSession::OnCert() { + Debug(this, "Is there an OCSPRequest handler registered? %s", + state_[IDX_QUIC_SESSION_STATE_CERT_ENABLED] == 0 ? "No" : "Yes"); + if (LIKELY(state_[IDX_QUIC_SESSION_STATE_CERT_ENABLED] == 0)) + return 1; + + TLSHandshakeCallbackScope callback_scope(this); + + // As in node_crypto.cc, this is not an error, but does suspend the + // handshake to continue when OnCerb is complete. + if (IsFlagSet(QUICSESSION_FLAG_CERT_CB_RUNNING)) + return -1; + + HandleScope handle_scope(env()->isolate()); + Context::Scope context_scope(env()->context()); + + Local servername_str; + const bool ocsp = + (SSL_get_tlsext_status_type(ssl()) == TLSEXT_STATUSTYPE_ocsp); + Debug(this, "Is the client requesting OCSP? %s", ocsp ? "Yes" : "No"); + + // If status type is not ocsp, there's nothing further to do here. + // Save ourselves the callback into JavaScript and continue the + // handshake. + if (!ocsp) + return 1; + + const char* servername = SSL_get_servername(ssl(), TLSEXT_NAMETYPE_host_name); + + SetFlag(QUICSESSION_FLAG_CERT_CB_RUNNING); + Local argv[] = { + servername == nullptr ? + String::Empty(env()->isolate()) : + OneByteString( + env()->isolate(), + servername, + strlen(servername)) + }; + + // Grab a shared pointer to this to prevent the QuicSession + // from being freed while the MakeCallback is running. + BaseObjectPtr ptr(this); + MakeCallback(env()->quic_on_session_cert_function(), arraysize(argv), argv); + + return IsFlagSet(QUICSESSION_FLAG_CERT_CB_RUNNING) ? -1 : 1; +} + +// When the client has requested OSCP, this function will be called to provide +// the OSCP response. The OnCert() callback should have already been called +// by this point if any data is to be provided. If it hasn't, and ocsp_response_ +// is empty, no OCSP response will be sent. +int QuicServerSession::OnTLSStatus() { + Debug(this, "Asking for OCSP status to send. Is there a response? %s", + ocsp_response_.IsEmpty() ? "No" : "Yes"); + + if (ocsp_response_.IsEmpty()) + return SSL_TLSEXT_ERR_NOACK; + + HandleScope scope(env()->isolate()); + + Local obj = + PersistentToLocal::Default( + env()->isolate(), + ocsp_response_); + size_t len = obj->ByteLength(); + + unsigned char* data = crypto::MallocOpenSSL(len); + obj->CopyContents(data, len); + + Debug(this, "The OCSP Response is %d bytes in length.", len); + + if (!SSL_set_tlsext_status_ocsp_resp(ssl(), data, len)) + OPENSSL_free(data); + ocsp_response_.Reset(); + + return SSL_TLSEXT_ERR_OK; +} + +void QuicSession::UpdateRecoveryStats() { + ngtcp2_rcvry_stat stat; + ngtcp2_conn_get_rcvry_stat(Connection(), &stat); + recovery_stats_.min_rtt = static_cast(stat.min_rtt); + recovery_stats_.latest_rtt = static_cast(stat.latest_rtt); + recovery_stats_.smoothed_rtt = static_cast(stat.smoothed_rtt); +} + +// The QuicSocket maintains a map of BaseObjectPtr's that keep +// the QuicSession instance alive. Once socket_->RemoveSession() +// is called, the QuicSession instance will be freed if there are +// no other references being held. +void QuicServerSession::RemoveFromSocket() { + QuicCID rcid(rcid_); + socket_->DisassociateCID(&rcid); + + if (pscid_.datalen > 0) { + QuicCID pscid(pscid_); + socket_->DisassociateCID(&pscid); + } + + QuicSession::RemoveFromSocket(); +} + +// Transmits the CONNECTION_CLOSE to the peer, signaling +// the end of this QuicSession. +bool QuicServerSession::SendConnectionClose() { + CHECK(!Ngtcp2CallbackScope::InNgtcp2CallbackScope(this)); + + // Do not send any frames at all if we're in the draining period + // or in the middle of a silent close + if (IsInDrainingPeriod() || IsFlagSet(QUICSESSION_FLAG_SILENT_CLOSE)) + return true; + + // If we're not already in the closing period, + // first attempt to write any pending packets, then + // start the closing period. If closing period has + // already started, skip this. + if (!IsInClosingPeriod() && + (!WritePackets("server connection close - write packets") || + !StartClosingPeriod())) { + return false; + } + + UpdateIdleTimer(); + CHECK_GT(conn_closebuf_.size, 0); + sendbuf_.Cancel(); + // We don't use std::move here because we do not want + // to reset conn_closebuf_. Instead, we keep it around + // so we can send it again if we have to. + uv_buf_t buf = + uv_buf_init( + reinterpret_cast(conn_closebuf_.data), + conn_closebuf_.size); + sendbuf_.Push(&buf, 1); + return SendPacket("server connection close"); +} + +bool QuicServerSession::StartClosingPeriod() { + if (IsFlagSet(QUICSESSION_FLAG_DESTROYED)) + return false; + if (IsInClosingPeriod()) + return true; + + StopRetransmitTimer(); + UpdateIdleTimer(); + + sendbuf_.Cancel(); + + QuicError error = GetLastError(); + Debug(this, "Closing period has started. Error %d", error.code); + + // Once the CONNECTION_CLOSE packet is written, + // IsInClosingPeriod will return true. + conn_closebuf_ = MallocedBuffer(max_pktlen_); + ssize_t nwrite = + SelectCloseFn(error.family)( + Connection(), + nullptr, + conn_closebuf_.data, + max_pktlen_, + error.code, + uv_hrtime()); + if (nwrite < 0) { + if (nwrite == NGTCP2_ERR_PKT_NUM_EXHAUSTED) + SilentClose(); + else + SetLastError(QUIC_ERROR_SESSION, static_cast(nwrite)); + return false; + } + conn_closebuf_.Realloc(nwrite); + return true; +} + +int QuicServerSession::TLSHandshake_Initial() { + SetFlag(QUICSESSION_FLAG_INITIAL); + return DoTLSReadEarlyData(ssl()); +} + +// For the server-side, we only care that the client provided +// certificate is signed by some entity the server trusts. +// Any additional checks can be performed in usercode on the +// JavaScript side. +int QuicServerSession::VerifyPeerIdentity(const char* hostname) { + return VerifyPeerCertificate(ssl()); +} + + +// QuicClientSession + +// The QuicClientSession class provides a specialization of QuicSession that +// implements client-specific behaviors. Most of the client-specific stuff is +// limited to TLS and early data +QuicClientSession::QuicClientSession( + QuicSocket* socket, + v8::Local wrap, + const struct sockaddr* addr, + uint32_t version, + SecureContext* context, + const char* hostname, + uint32_t port, + Local early_transport_params, + Local session_ticket, + Local dcid, + SelectPreferredAddressPolicy select_preferred_address_policy, + const std::string& alpn, + uint32_t options) : + QuicSession( + NGTCP2_CRYPTO_SIDE_CLIENT, + socket, + wrap, + context, + AsyncWrap::PROVIDER_QUICCLIENTSESSION, + alpn, + options), + version_(version), + port_(port), + select_preferred_address_policy_(select_preferred_address_policy), + hostname_(hostname) { + CHECK(Init(addr, version, early_transport_params, session_ticket, dcid)); +} + +BaseObjectPtr QuicClientSession::New( + QuicSocket* socket, + const struct sockaddr* addr, + uint32_t version, + SecureContext* context, + const char* hostname, + uint32_t port, + Local early_transport_params, + Local session_ticket, + Local dcid, + SelectPreferredAddressPolicy select_preferred_address_policy, + const std::string& alpn, + uint32_t options) { + Local obj; + if (!socket->env() + ->quicclientsession_constructor_template() + ->NewInstance(socket->env()->context()).ToLocal(&obj)) { + return {}; + } + + BaseObjectPtr session = + MakeDetachedBaseObject( + socket, + obj, + addr, + version, + context, + hostname, + port, + early_transport_params, + session_ticket, + dcid, + select_preferred_address_policy, + alpn, + options); + + session->AddToSocket(socket); + session->TLSHandshake(); + return session; +} + +void QuicClientSession::AddToSocket(QuicSocket* socket) { + QuicCID scid(scid_); + socket->AddSession(&scid, BaseObjectPtr(this)); + + std::vector cids(ngtcp2_conn_get_num_scid(Connection())); + ngtcp2_conn_get_scid(Connection(), cids.data()); + for (const ngtcp2_cid& cid : cids) { + QuicCID id(&cid); + socket->AssociateCID(&id, &scid); + } +} + +void QuicClientSession::VersionNegotiation( + const ngtcp2_pkt_hd* hd, + const uint32_t* sv, + size_t nsv) { + if (IsFlagSet(QUICSESSION_FLAG_DESTROYED)) + return; + HandleScope scope(env()->isolate()); + Local context = env()->context(); + Context::Scope context_scope(context); + + Local versions = Array::New(env()->isolate(), nsv); + for (size_t n = 0; n < nsv; n++) { + USE(versions->Set( + env()->context(), n, + Integer::New(env()->isolate(), sv[n]))); + } + + Local supportedVersions = Array::New(env()->isolate(), 1); + USE(supportedVersions->Set( + env()->context(), 0, + Integer::New(env()->isolate(), NGTCP2_PROTO_VER))); + + Local argv[] = { + Integer::New(env()->isolate(), version_), + versions, + supportedVersions + }; + + // Grab a shared pointer to this to prevent the QuicSession + // from being freed while the MakeCallback is running. + BaseObjectPtr ptr(this); + MakeCallback( + env()->quic_on_session_version_negotiation_function(), + arraysize(argv), argv); +} + +void QuicClientSession::HandleError() { + if (connection_ && !IsInClosingPeriod()) { + QuicSession::HandleError(); + } +} + +bool QuicClientSession::Init( + const struct sockaddr* addr, + uint32_t version, + Local early_transport_params, + Local session_ticket, + Local dcid_value) { + + CHECK_NULL(connection_); + + remote_address_.Copy(addr); + max_pktlen_ = SocketAddress::GetMaxPktLen(addr); + + InitTLS(); + + QuicSessionConfig config(env()); + max_crypto_buffer_ = config.GetMaxCryptoBuffer(); + ExtendMaxStreamsBidi(config.max_streams_bidi()); + ExtendMaxStreamsUni(config.max_streams_uni()); + + scid_.datalen = NGTCP2_MAX_CIDLEN; + EntropySource(scid_.data, scid_.datalen); + + ngtcp2_cid dcid; + if (dcid_value->IsArrayBufferView()) { + ArrayBufferViewContents sbuf( + dcid_value.As()); + CHECK_LE(sbuf.length(), NGTCP2_MAX_CIDLEN); + CHECK_GE(sbuf.length(), NGTCP2_MIN_CIDLEN); + memcpy(dcid.data, sbuf.data(), sbuf.length()); + dcid.datalen = sbuf.length(); + } else { + dcid.datalen = NGTCP2_MAX_CIDLEN; + EntropySource(dcid.data, dcid.datalen); + } + + QuicPath path(Socket()->GetLocalAddress(), &remote_address_); + + ngtcp2_conn* conn; + CHECK_EQ( + ngtcp2_conn_client_new( + &conn, + &dcid, + &scid_, + *path, + version, + &callbacks, + *config, + &alloc_info_, + static_cast(this)), 0); + + connection_.reset(conn); + + CHECK(SetupInitialCryptoContext()); + + // Remote Transport Params + if (early_transport_params->IsArrayBufferView()) { + if (SetEarlyTransportParams(early_transport_params)) { + Debug(this, "Using provided early transport params."); + SetOption(QUICCLIENTSESSION_OPTION_RESUME); + } else { + Debug(this, "Ignoring invalid early transport params."); + } + } + + // Session Ticket + if (session_ticket->IsArrayBufferView()) { + if (SetSession(session_ticket)) { + Debug(this, "Using provided session ticket."); + SetOption(QUICCLIENTSESSION_OPTION_RESUME); + } else { + Debug(this, "Ignoring provided session ticket."); + } + } + + UpdateIdleTimer(); + return true; +} + +bool QuicClientSession::SelectPreferredAddress( + ngtcp2_addr* dest, + const ngtcp2_preferred_addr* paddr) { + switch (select_preferred_address_policy_) { + case QUIC_PREFERRED_ADDRESS_ACCEPT: { + SocketAddress* local_address = Socket()->GetLocalAddress(); + uv_getaddrinfo_t req; + + if (!SocketAddress::ResolvePreferredAddress( + env(), local_address->GetFamily(), + paddr, &req)) { + return false; + } + + if (req.addrinfo == nullptr) + return false; + + dest->addrlen = req.addrinfo->ai_addrlen; + memcpy(dest->addr, req.addrinfo->ai_addr, req.addrinfo->ai_addrlen); + uv_freeaddrinfo(req.addrinfo); + break; + } + case QUIC_PREFERRED_ADDRESS_IGNORE: + // Fall-through + break; + } + return true; +} + +int QuicClientSession::SetSession(SSL_SESSION* session) { + CHECK(!IsFlagSet(QUICSESSION_FLAG_DESTROYED)); + int size = i2d_SSL_SESSION(session, nullptr); + if (size > SecureContext::kMaxSessionSize) + return 0; + + HandleScope scope(env()->isolate()); + Context::Scope context_scope(env()->context()); + + unsigned int session_id_length; + const unsigned char* session_id_data = + SSL_SESSION_get_id(session, &session_id_length); + + Local argv[] = { + Buffer::Copy( + env(), + reinterpret_cast(session_id_data), + session_id_length).ToLocalChecked(), + v8::Undefined(env()->isolate()), + v8::Undefined(env()->isolate()) + }; + + AllocatedBuffer session_ticket = env()->AllocateManaged(size); + unsigned char* session_data = + reinterpret_cast(session_ticket.data()); + memset(session_data, 0, size); + i2d_SSL_SESSION(session, &session_data); + if (!session_ticket.empty()) + argv[1] = session_ticket.ToBuffer().ToLocalChecked(); + + if (has_transport_params_) { + argv[2] = Buffer::Copy( + env(), + reinterpret_cast(&transport_params_), + sizeof(transport_params_)).ToLocalChecked(); + } + // Grab a shared pointer to this to prevent the QuicSession + // from being freed while the MakeCallback is running. + BaseObjectPtr ptr(this); + MakeCallback(env()->quic_on_session_ticket_function(), arraysize(argv), argv); + + return 1; +} + +bool QuicClientSession::SetSocket(QuicSocket* socket, bool nat_rebinding) { + CHECK(!IsFlagSet(QUICSESSION_FLAG_DESTROYED)); + CHECK(!IsFlagSet(QUICSESSION_FLAG_GRACEFUL_CLOSING)); + if (socket == nullptr || socket == socket_.get()) + return true; + + // Step 1: Add this Session to the given Socket + AddToSocket(socket); + + // Step 2: Remove this Session from the current Socket + RemoveFromSocket(); + + // Step 3: Update the internal references + socket_.reset(socket); + socket->ReceiveStart(); + + // Step 4: Update ngtcp2 + SocketAddress* local_address = socket->GetLocalAddress(); + if (nat_rebinding) { + ngtcp2_addr addr = local_address->ToAddr(); + ngtcp2_conn_set_local_addr(Connection(), &addr); + } else { + QuicPath path(local_address, &remote_address_); + if (ngtcp2_conn_initiate_migration( + Connection(), + *path, + uv_hrtime()) != 0) { + return false; + } + } + + SendPendingData(); + return true; +} + +void QuicClientSession::StoreRemoteTransportParams( + ngtcp2_transport_params* params) { + CHECK(!IsFlagSet(QUICSESSION_FLAG_DESTROYED)); + transport_params_ = *params; + has_transport_params_ = true; +} + +void QuicClientSession::InitTLS_Post() { + SSL_set_connect_state(ssl()); + + Debug(this, "Using %s as the ALPN protocol.", GetALPN().c_str() + 1); + const uint8_t* alpn = reinterpret_cast(GetALPN().c_str()); + size_t alpnlen = GetALPN().length(); + SSL_set_alpn_protos(ssl(), alpn, alpnlen); + + // If the hostname is an IP address and we have no additional + // information, use localhost. + + if (SocketAddress::numeric_host(hostname_.c_str())) { + // TODO(@jasnell): Should we do this at all? If the host is numeric, + // the we likely shouldn't set the SNI at all. + Debug(this, "Using localhost as fallback hostname."); + SSL_set_tlsext_host_name(ssl(), "localhost"); + } else { + SSL_set_tlsext_host_name(ssl(), hostname_.c_str()); + } + + // Are we going to request OCSP status? + if (IsOptionSet(QUICCLIENTSESSION_OPTION_REQUEST_OCSP)) { + Debug(this, "Request OCSP status from the server."); + SSL_set_tlsext_status_type(ssl(), TLSEXT_STATUSTYPE_ocsp); + } +} + + +// During TLS handshake, if the client has requested OCSP status, this +// function will be invoked when the response has been received from +// the server. +int QuicClientSession::OnTLSStatus() { + HandleScope scope(env()->isolate()); + Context::Scope context_scope(env()->context()); + + const unsigned char* resp; + int len = SSL_get_tlsext_status_ocsp_resp(ssl(), &resp); + Debug(this, "An OCSP Response of %d bytes has been received.", len); + Local arg; + if (resp == nullptr) { + arg = Undefined(env()->isolate()); + } else { + arg = Buffer::Copy(env(), reinterpret_cast(resp), len) + .ToLocalChecked(); + } + // Grab a shared pointer to this to prevent the QuicSession + // from being freed while the MakeCallback is running. + BaseObjectPtr ptr(this); + MakeCallback(env()->quic_on_session_status_function(), 1, &arg); + return 1; +} + +// A HelloRetry will effectively restart the TLS handshake process +// by generating new initial crypto material. +bool QuicClientSession::ReceiveRetry() { + if (IsFlagSet(QUICSESSION_FLAG_DESTROYED)) + return false; + Debug(this, "A retry packet was received. Restarting the handshake."); + IncrementStat(1, &session_stats_, &session_stats::retry_count); + return SetupInitialCryptoContext(); +} + +// Transmits either a protocol or application connection +// close to the peer. The choice of which is send is +// based on the current value of last_error_. +bool QuicClientSession::SendConnectionClose() { + CHECK(!Ngtcp2CallbackScope::InNgtcp2CallbackScope(this)); + + // Do not send any frames if we are in the draining period or + // if we're in middle of a silent close + if (IsInDrainingPeriod() || IsFlagSet(QUICSESSION_FLAG_SILENT_CLOSE)) + return true; + + UpdateIdleTimer(); + MallocedBuffer data(max_pktlen_); + sendbuf_.Cancel(); + QuicError error = GetLastError(); + + if (!WritePackets("client connection close - write packets")) + return false; + + ssize_t nwrite = + SelectCloseFn(error.family)( + Connection(), + nullptr, + data.data, + max_pktlen_, + error.code, + uv_hrtime()); + if (nwrite < 0) { + Debug(this, "Error writing connection close: %d", nwrite); + SetLastError(QUIC_ERROR_SESSION, static_cast(nwrite)); + return false; + } + data.Realloc(nwrite); + sendbuf_.Push(std::move(data)); + return SendPacket("client connection close"); +} + +// When resuming a client session, the serialized transport parameters from +// the prior session must be provided. This is set during construction +// of the QuicClientSession object. +bool QuicClientSession::SetEarlyTransportParams(Local buffer) { + ArrayBufferViewContents sbuf(buffer.As()); + ngtcp2_transport_params params; + if (sbuf.length() != sizeof(ngtcp2_transport_params)) + return false; + memcpy(¶ms, sbuf.data(), sizeof(ngtcp2_transport_params)); + ngtcp2_conn_set_early_remote_transport_params(Connection(), ¶ms); + return true; +} + +// When resuming a client session, the serialized session ticket from +// the prior session must be provided. This is set during construction +// of the QuicClientSession object. +bool QuicClientSession::SetSession(Local buffer) { + ArrayBufferViewContents sbuf(buffer.As()); + const unsigned char* p = sbuf.data(); + crypto::SSLSessionPointer s(d2i_SSL_SESSION(nullptr, &p, sbuf.length())); + return s != nullptr && SSL_set_session(ssl_.get(), s.get()) == 1; +} + +// The TLS handshake kicks off when the QuicClientSession is created. +// The very first step is to setup the initial crypto context on the +// client side by creating the initial keying material. +bool QuicClientSession::SetupInitialCryptoContext() { + Debug(this, "Setting up initial crypto context"); + return DeriveAndInstallInitialKey( + Connection(), + ngtcp2_conn_get_dcid(Connection()), + NGTCP2_CRYPTO_SIDE_CLIENT); +} + +int QuicClientSession::TLSHandshake_Complete() { + if (IsOptionSet(QUICCLIENTSESSION_OPTION_RESUME) && + SSL_get_early_data_status(ssl()) != SSL_EARLY_DATA_ACCEPTED) { + Debug(this, "Early data was rejected."); + int err = ngtcp2_conn_early_data_rejected(Connection()); + if (err != 0) { + Debug(this, + "Failure notifying ngtcp2 about early data rejection. Error %d", + err); + } + return err; + } + return TLSRead(); +} + +int QuicClientSession::TLSHandshake_Initial() { + if (IsOptionSet(QUICCLIENTSESSION_OPTION_RESUME) && + SSL_SESSION_get_max_early_data(SSL_get_session(ssl()))) { + size_t nwrite; + int err = SSL_write_early_data(ssl(), "", 0, &nwrite); + if (err == 0) { + err = SSL_get_error(ssl(), err); + switch (err) { + case SSL_ERROR_SSL: + Debug(this, "TLS Handshake Error: %s", + ERR_error_string(ERR_get_error(), nullptr)); + break; + default: + Debug(this, "TLS Handshake Error: %d", err); + } + return -1; + } + } + SetFlag(QUICSESSION_FLAG_INITIAL); + return 0; +} + +int QuicClientSession::VerifyPeerIdentity(const char* hostname) { + // First, check that the certificate is signed by an entity the client + // trusts (as configured in the secure context). If not, return early. + int err = VerifyPeerCertificate(ssl()); + if (err) + return err; + + // Second, check that the hostname matches the cert subject/altnames + // This check is a QUIC requirement. However, for debugging purposes, + // we allow it to be turned off via config. When turned off, a process + // warning should be emitted. + if (LIKELY(IsOptionSet(QUICCLIENTSESSION_OPTION_VERIFY_HOSTNAME_IDENTITY))) { + return VerifyHostnameIdentity( + ssl(), + hostname != nullptr ? hostname : hostname_.c_str()); + } + return 0; +} + +// Static ngtcp2 callbacks are registered when ngtcp2 when a new ngtcp2_conn is +// created. These are static functions that, for the most part, simply defer to +// a QuicSession instance that is passed through as user_data. + +// Called by ngtcp2 upon creation of a new client connection +// to initiate the TLS handshake. +int QuicSession::OnClientInitial( + ngtcp2_conn* conn, + void* user_data) { + QuicSession* session = static_cast(user_data); + QuicSession::Ngtcp2CallbackScope callback_scope(session); + return session->TLSHandshake() == 0 ? 0 : NGTCP2_ERR_CALLBACK_FAILURE; +} + +// Called by ngtcp2 for a new server connection when the initial +// crypto handshake from the client has been received. +int QuicSession::OnReceiveClientInitial( + ngtcp2_conn* conn, + const ngtcp2_cid* dcid, + void* user_data) { + QuicSession* session = static_cast(user_data); + QuicSession::Ngtcp2CallbackScope callback_scope(session); + return session->ReceiveClientInitial(dcid) ? + 0 : NGTCP2_ERR_CALLBACK_FAILURE; +} + +// Called by ngtcp2 for both client and server connections when +// TLS handshake data has been received. +int QuicSession::OnReceiveCryptoData( + ngtcp2_conn* conn, + ngtcp2_crypto_level crypto_level, + uint64_t offset, + const uint8_t* data, + size_t datalen, + void* user_data) { + QuicSession* session = static_cast(user_data); + QuicSession::Ngtcp2CallbackScope callback_scope(session); + return static_cast( + session->ReceiveCryptoData(crypto_level, offset, data, datalen)); +} + +// Called by ngtcp2 for a client connection when the server has +// sent a retry packet. +int QuicSession::OnReceiveRetry( + ngtcp2_conn* conn, + const ngtcp2_pkt_hd* hd, + const ngtcp2_pkt_retry* retry, + void* user_data) { + QuicSession* session = static_cast(user_data); + QuicSession::Ngtcp2CallbackScope callback_scope(session); + return session->ReceiveRetry() ? 0 : NGTCP2_ERR_CALLBACK_FAILURE; +} + +// Called by ngtcp2 for both client and server connections +// when a request to extend the maximum number of bidirectional +// streams has been received. +int QuicSession::OnExtendMaxStreamsBidi( + ngtcp2_conn* conn, + uint64_t max_streams, + void* user_data) { + QuicSession* session = static_cast(user_data); + QuicSession::Ngtcp2CallbackScope callback_scope(session); + session->ExtendMaxStreamsBidi(max_streams); + return 0; +} + +// Called by ngtcp2 for both client and server connections +// when a request to extend the maximum number of unidirectional +// streams has been received +int QuicSession::OnExtendMaxStreamsUni( + ngtcp2_conn* conn, + uint64_t max_streams, + void* user_data) { + QuicSession* session = static_cast(user_data); + QuicSession::Ngtcp2CallbackScope callback_scope(session); + session->ExtendMaxStreamsUni(max_streams); + return 0; +} + +int QuicSession::OnExtendMaxStreamData( + ngtcp2_conn* conn, + int64_t stream_id, + uint64_t max_data, + void* user_data, + void* stream_user_data) { + QuicSession* session = static_cast(user_data); + QuicSession::Ngtcp2CallbackScope callback_scope(session); + session->ExtendMaxStreamData(stream_id, max_data); + return 0; +} + +// Called by ngtcp2 for both client and server connections +// when ngtcp2 has determined that the TLS handshake has +// been completed. +int QuicSession::OnHandshakeCompleted( + ngtcp2_conn* conn, + void* user_data) { + QuicSession* session = static_cast(user_data); + QuicSession::Ngtcp2CallbackScope callback_scope(session); + session->HandshakeCompleted(); + return 0; +} + +// Called by ngtcp2 when TLS handshake data needs to be +// encrypted prior to sending. +ssize_t QuicSession::OnDoHSEncrypt( + ngtcp2_conn* conn, + uint8_t* dest, + size_t destlen, + const uint8_t* plaintext, + size_t plaintextlen, + const uint8_t* key, + size_t keylen, + const uint8_t* nonce, + size_t noncelen, + const uint8_t* ad, + size_t adlen, + void* user_data) { + QuicSession* session = static_cast(user_data); + QuicSession::Ngtcp2CallbackScope callback_scope(session); + return session->DoHSEncrypt( + dest, destlen, + plaintext, plaintextlen, + key, keylen, + nonce, noncelen, + ad, adlen); +} + +// Called by ngtcp2 when encrypted TLS handshake data has +// been received. +ssize_t QuicSession::OnDoHSDecrypt( + ngtcp2_conn* conn, + uint8_t* dest, + size_t destlen, + const uint8_t* ciphertext, + size_t ciphertextlen, + const uint8_t* key, + size_t keylen, + const uint8_t* nonce, + size_t noncelen, + const uint8_t* ad, + size_t adlen, + void* user_data) { + QuicSession* session = static_cast(user_data); + QuicSession::Ngtcp2CallbackScope callback_scope(session); + return session->DoHSDecrypt( + dest, destlen, + ciphertext, ciphertextlen, + key, keylen, + nonce, noncelen, + ad, adlen); +} + +// Called by ngtcp2 when non-TLS handshake data needs to be +// encrypted prior to sending. +ssize_t QuicSession::OnDoEncrypt( + ngtcp2_conn* conn, + uint8_t* dest, + size_t destlen, + const uint8_t* plaintext, + size_t plaintextlen, + const uint8_t* key, + size_t keylen, + const uint8_t* nonce, + size_t noncelen, + const uint8_t* ad, + size_t adlen, + void* user_data) { + QuicSession* session = static_cast(user_data); + QuicSession::Ngtcp2CallbackScope callback_scope(session); + return session->DoEncrypt( + dest, destlen, + plaintext, plaintextlen, + key, keylen, + nonce, noncelen, + ad, adlen); +} + +// Called by ngtcp2 when encrypted non-TLS handshake data +// has been received. +ssize_t QuicSession::OnDoDecrypt( + ngtcp2_conn* conn, + uint8_t* dest, + size_t destlen, + const uint8_t* ciphertext, + size_t ciphertextlen, + const uint8_t* key, + size_t keylen, + const uint8_t* nonce, + size_t noncelen, + const uint8_t* ad, + size_t adlen, + void* user_data) { + QuicSession* session = static_cast(user_data); + QuicSession::Ngtcp2CallbackScope callback_scope(session); + return session->DoDecrypt( + dest, destlen, + ciphertext, ciphertextlen, + key, keylen, + nonce, noncelen, + ad, adlen); +} + +ssize_t QuicSession::OnDoInHPMask( + ngtcp2_conn* conn, + uint8_t* dest, + size_t destlen, + const uint8_t* key, + size_t keylen, + const uint8_t* sample, + size_t samplelen, + void* user_data) { + QuicSession* session = static_cast(user_data); + QuicSession::Ngtcp2CallbackScope callback_scope(session); + return session->DoInHPMask( + dest, destlen, + key, keylen, + sample, samplelen); +} + +ssize_t QuicSession::OnDoHPMask( + ngtcp2_conn* conn, + uint8_t* dest, + size_t destlen, + const uint8_t* key, + size_t keylen, + const uint8_t* sample, + size_t samplelen, + void* user_data) { + QuicSession* session = static_cast(user_data); + QuicSession::Ngtcp2CallbackScope callback_scope(session); + return session->DoHPMask( + dest, destlen, + key, keylen, + sample, samplelen); +} + +// Called by ngtcp2 when a chunk of stream data has been received. +int QuicSession::OnReceiveStreamData( + ngtcp2_conn* conn, + int64_t stream_id, + int fin, + uint64_t offset, + const uint8_t* data, + size_t datalen, + void* user_data, + void* stream_user_data) { + QuicSession* session = static_cast(user_data); + QuicSession::Ngtcp2CallbackScope callback_scope(session); + session->ReceiveStreamData(stream_id, fin, data, datalen, offset); + return 0; +} + +// Called by ngtcp2 when a new stream has been opened +int QuicSession::OnStreamOpen( + ngtcp2_conn* conn, + int64_t stream_id, + void* user_data) { + QuicSession* session = static_cast(user_data); + session->StreamOpen(stream_id); + return 0; +} + +// Called by ngtcp2 when an acknowledgement for a chunk of +// TLS handshake data has been received. +int QuicSession::OnAckedCryptoOffset( + ngtcp2_conn* conn, + ngtcp2_crypto_level crypto_level, + uint64_t offset, + size_t datalen, + void* user_data) { + QuicSession* session = static_cast(user_data); + QuicSession::Ngtcp2CallbackScope callback_scope(session); + session->AckedCryptoOffset(datalen); + return 0; +} + +// Called by ngtcp2 when an acknowledgement for a chunk of +// stream data has been received. +int QuicSession::OnAckedStreamDataOffset( + ngtcp2_conn* conn, + int64_t stream_id, + uint64_t offset, + size_t datalen, + void* user_data, + void* stream_user_data) { + QuicSession* session = static_cast(user_data); + QuicSession::Ngtcp2CallbackScope callback_scope(session); + session->AckedStreamDataOffset(stream_id, offset, datalen); + return 0; +} + +// Called by ngtcp2 for a client connection when the server +// has indicated a preferred address in the transport +// params. +// For now, there are two modes: we can accept the preferred address +// or we can reject it. Later, we may want to implement a callback +// to ask the user if they want to accept the preferred address or +// not. +int QuicSession::OnSelectPreferredAddress( + ngtcp2_conn* conn, + ngtcp2_addr* dest, + const ngtcp2_preferred_addr* paddr, + void* user_data) { + QuicSession* session = static_cast(user_data); + QuicSession::Ngtcp2CallbackScope callback_scope(session); + return session->SelectPreferredAddress(dest, paddr) ? + 0 : NGTCP2_ERR_CALLBACK_FAILURE; +} + +// Called by ngtcp2 when a stream has been closed for any reason. +int QuicSession::OnStreamClose( + ngtcp2_conn* conn, + int64_t stream_id, + uint64_t app_error_code, + void* user_data, + void* stream_user_data) { + QuicSession* session = static_cast(user_data); + QuicSession::Ngtcp2CallbackScope callback_scope(session); + session->StreamClose(stream_id, app_error_code); + return 0; +} + +int QuicSession::OnStreamReset( + ngtcp2_conn* conn, + int64_t stream_id, + uint64_t final_size, + uint64_t app_error_code, + void* user_data, + void* stream_user_data) { + QuicSession* session = static_cast(user_data); + QuicSession::Ngtcp2CallbackScope callback_scope(session); + session->StreamReset(stream_id, final_size, app_error_code); + return 0; +} + +// Called by ngtcp2 when it needs to generate some random data +int QuicSession::OnRand( + ngtcp2_conn* conn, + uint8_t* dest, + size_t destlen, + ngtcp2_rand_ctx ctx, + void* user_data) { + EntropySource(dest, destlen); + return 0; +} + +// When a new client connection is established, ngtcp2 will call +// this multiple times to generate a pool of connection IDs to use. +int QuicSession::OnGetNewConnectionID( + ngtcp2_conn* conn, + ngtcp2_cid* cid, + uint8_t* token, + size_t cidlen, + void* user_data) { + QuicSession* session = static_cast(user_data); + QuicSession::Ngtcp2CallbackScope callback_scope(session); + session->GetNewConnectionID(cid, token, cidlen); + return 0; +} + +// Called by ngtcp2 to trigger a key update for the connection. +int QuicSession::OnUpdateKey( + ngtcp2_conn* conn, + void* user_data) { + QuicSession* session = static_cast(user_data); + QuicSession::Ngtcp2CallbackScope callback_scope(session); + return session->UpdateKey() ? 0 : NGTCP2_ERR_CALLBACK_FAILURE; +} + +// When a connection is closed, ngtcp2 will call this multiple +// times to remove connection IDs. +int QuicSession::OnRemoveConnectionID( + ngtcp2_conn* conn, + const ngtcp2_cid* cid, + void* user_data) { + QuicSession* session = static_cast(user_data); + QuicSession::Ngtcp2CallbackScope callback_scope(session); + session->RemoveConnectionID(cid); + return 0; +} + +// Called by ngtcp2 to perform path validation. Path validation +// is necessary to ensure that a packet is originating from the +// expected source. +int QuicSession::OnPathValidation( + ngtcp2_conn* conn, + const ngtcp2_path* path, + ngtcp2_path_validation_result res, + void* user_data) { + QuicSession* session = static_cast(user_data); + QuicSession::Ngtcp2CallbackScope callback_scope(session); + session->PathValidation(path, res); + return 0; +} + +int QuicSession::OnVersionNegotiation( + ngtcp2_conn* conn, + const ngtcp2_pkt_hd* hd, + const uint32_t* sv, + size_t nsv, + void* user_data) { + QuicSession* session = static_cast(user_data); + QuicSession::Ngtcp2CallbackScope callback_scope(session); + session->VersionNegotiation(hd, sv, nsv); + return 0; +} + +void QuicSession::OnKeylog(const SSL* ssl, const char* line) { + QuicSession* session = static_cast(SSL_get_app_data(ssl)); + session->Keylog(line); +} + +int QuicSession::OnStatelessReset( + ngtcp2_conn* conn, + const ngtcp2_pkt_stateless_reset* sr, + void* user_data) { + QuicSession* session = static_cast(user_data); + session->SilentClose(true); + return 0; +} + +const ngtcp2_conn_callbacks QuicServerSession::callbacks = { + nullptr, + OnReceiveClientInitial, + OnReceiveCryptoData, + OnHandshakeCompleted, + nullptr, // recv_version_negotiation + OnDoHSEncrypt, + OnDoHSDecrypt, + OnDoEncrypt, + OnDoDecrypt, + OnDoInHPMask, + OnDoHPMask, + OnReceiveStreamData, + OnAckedCryptoOffset, + OnAckedStreamDataOffset, + OnStreamOpen, + OnStreamClose, + OnStatelessReset, + nullptr, // recv_retry + nullptr, // extend_max_streams_bidi + nullptr, // extend_max_streams_uni + OnRand, + OnGetNewConnectionID, + OnRemoveConnectionID, + OnUpdateKey, + OnPathValidation, + nullptr, // select_preferred_addr + OnStreamReset, + OnExtendMaxStreamsBidi, + OnExtendMaxStreamsUni, + OnExtendMaxStreamData +}; + +const ngtcp2_conn_callbacks QuicClientSession::callbacks = { + OnClientInitial, + nullptr, + OnReceiveCryptoData, + OnHandshakeCompleted, + OnVersionNegotiation, + OnDoHSEncrypt, + OnDoHSDecrypt, + OnDoEncrypt, + OnDoDecrypt, + OnDoInHPMask, + OnDoHPMask, + OnReceiveStreamData, + OnAckedCryptoOffset, + OnAckedStreamDataOffset, + OnStreamOpen, + OnStreamClose, + OnStatelessReset, + OnReceiveRetry, + OnExtendMaxStreamsBidi, + OnExtendMaxStreamsUni, + OnRand, + OnGetNewConnectionID, + OnRemoveConnectionID, + OnUpdateKey, + OnPathValidation, + OnSelectPreferredAddress, + OnStreamReset, + OnExtendMaxStreamsBidi, + OnExtendMaxStreamsUni, + OnExtendMaxStreamData +}; + + +// JavaScript API + +namespace { +void QuicSessionSetSocket(const FunctionCallbackInfo& args) { + QuicClientSession* session; + ASSIGN_OR_RETURN_UNWRAP(&session, args.Holder()); + CHECK(args[0]->IsObject()); + QuicSocket* socket; + ASSIGN_OR_RETURN_UNWRAP(&socket, args[0].As()); + args.GetReturnValue().Set(session->SetSocket(socket)); +} + +// Perform an immediate close on the QuicSession, causing a +// CONNECTION_CLOSE frame to be scheduled and sent and starting +// the closing period for this session. The name "ImmediateClose" +// is a bit of an unfortunate misnomer as the session will not +// be immediately shutdown. The naming is pulled from the QUIC +// spec to indicate a state where the session immediately enters +// the closing period, but the session will not be destroyed +// until either the idle timeout fires or destroy is explicitly +// called. +void QuicSessionClose(const FunctionCallbackInfo& args) { + Environment* env = Environment::GetCurrent(args); + QuicSession* session; + ASSIGN_OR_RETURN_UNWRAP(&session, args.Holder()); + int family = QUIC_ERROR_SESSION; + uint64_t code = ExtractErrorCode(env, args[0]); + if (!args[1]->Int32Value(env->context()).To(&family)) return; + session->SetLastError(static_cast(family), code); + session->SendConnectionClose(); +} + +// GracefulClose flips a flag that prevents new local streams +// from being opened and new remote streams from being received. It is +// important to note that this does *NOT* send a CONNECTION_CLOSE packet +// to the peer. Existing streams are permitted to close gracefully. +void QuicSessionGracefulClose(const FunctionCallbackInfo& args) { + QuicSession* session; + ASSIGN_OR_RETURN_UNWRAP(&session, args.Holder()); + session->StartGracefulClose(); +} + +// Destroying the QuicSession will trigger sending of a CONNECTION_CLOSE +// packet, after which the QuicSession will be immediately torn down. +void QuicSessionDestroy(const FunctionCallbackInfo& args) { + Environment* env = Environment::GetCurrent(args); + QuicSession* session; + ASSIGN_OR_RETURN_UNWRAP(&session, args.Holder()); + int code = 0; + int family = QUIC_ERROR_SESSION; + if (!args[0]->Int32Value(env->context()).To(&code)) return; + if (!args[1]->Int32Value(env->context()).To(&family)) return; + session->SetLastError(static_cast(family), code); + session->Destroy(); +} + +// TODO(@jasnell): Consolidate shared code with node_crypto +void QuicSessionGetEphemeralKeyInfo(const FunctionCallbackInfo& args) { + QuicClientSession* session; + ASSIGN_OR_RETURN_UNWRAP(&session, args.Holder()); + Environment* env = Environment::GetCurrent(args); + Local context = env->context(); + + CHECK(session->ssl()); + + Local info = Object::New(env->isolate()); + + EVP_PKEY* raw_key; + if (SSL_get_server_tmp_key(session->ssl(), &raw_key)) { + crypto::EVPKeyPointer key(raw_key); + int kid = EVP_PKEY_id(key.get()); + switch (kid) { + case EVP_PKEY_DH: + info->Set(context, env->type_string(), + FIXED_ONE_BYTE_STRING(env->isolate(), "DH")).FromJust(); + info->Set(context, env->size_string(), + Integer::New(env->isolate(), EVP_PKEY_bits(key.get()))) + .FromJust(); + break; + case EVP_PKEY_EC: + case EVP_PKEY_X25519: + case EVP_PKEY_X448: + { + const char* curve_name; + if (kid == EVP_PKEY_EC) { + EC_KEY* ec = EVP_PKEY_get1_EC_KEY(key.get()); + int nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec)); + curve_name = OBJ_nid2sn(nid); + EC_KEY_free(ec); + } else { + curve_name = OBJ_nid2sn(kid); + } + info->Set(context, env->type_string(), + FIXED_ONE_BYTE_STRING(env->isolate(), "ECDH")).FromJust(); + info->Set(context, env->name_string(), + OneByteString(args.GetIsolate(), + curve_name)).FromJust(); + info->Set(context, env->size_string(), + Integer::New(env->isolate(), + EVP_PKEY_bits(key.get()))).FromJust(); + } + break; + default: + break; + } + } + + return args.GetReturnValue().Set(info); +} + +// TODO(@jasnell): Consolidate with shared code in node_crypto +void QuicSessionGetPeerCertificate(const FunctionCallbackInfo& args) { + QuicSession* session; + ASSIGN_OR_RETURN_UNWRAP(&session, args.Holder()); + Environment* env = session->env(); + + crypto::ClearErrorOnReturn clear_error_on_return; + + Local result; + // Used to build the issuer certificate chain. + Local issuer_chain; + + // NOTE: This is because of the odd OpenSSL behavior. On client `cert_chain` + // contains the `peer_certificate`, but on server it doesn't. + crypto::X509Pointer cert( + session->Side() == NGTCP2_CRYPTO_SIDE_SERVER ? + SSL_get_peer_certificate(session->ssl()) : nullptr); + STACK_OF(X509)* ssl_certs = SSL_get_peer_cert_chain(session->ssl()); + if (!cert && (ssl_certs == nullptr || sk_X509_num(ssl_certs) == 0)) + goto done; + + // Short result requested. + if (args.Length() < 1 || !args[0]->IsTrue()) { + result = + crypto::X509ToObject( + env, + cert ? cert.get() : sk_X509_value(ssl_certs, 0)); + goto done; + } + + if (auto peer_certs = crypto::CloneSSLCerts(std::move(cert), ssl_certs)) { + // First and main certificate. + crypto::X509Pointer cert(sk_X509_value(peer_certs.get(), 0)); + CHECK(cert); + result = crypto::X509ToObject(env, cert.release()); + + issuer_chain = + crypto::AddIssuerChainToObject( + &cert, result, + std::move(peer_certs), env); + issuer_chain = crypto::GetLastIssuedCert(&cert, + session->ssl(), + issuer_chain, env); + // Last certificate should be self-signed. + if (X509_check_issued(cert.get(), cert.get()) == X509_V_OK) + issuer_chain->Set(env->context(), + env->issuercert_string(), + issuer_chain).FromJust(); + } + + done: + args.GetReturnValue().Set(result); +} + +void QuicSessionGetRemoteAddress( + const FunctionCallbackInfo& args) { + QuicSession* session; + ASSIGN_OR_RETURN_UNWRAP(&session, args.Holder()); + Environment* env = session->env(); + CHECK(args[0]->IsObject()); + args.GetReturnValue().Set( + AddressToJS(env, **session->GetRemoteAddress(), args[0].As())); +} + +// TODO(@jasnell): Reconcile with shared code in node_crypto +void QuicSessionGetCertificate( + const FunctionCallbackInfo& args) { + QuicSession* session; + ASSIGN_OR_RETURN_UNWRAP(&session, args.Holder()); + Environment* env = session->env(); + + crypto::ClearErrorOnReturn clear_error_on_return; + + Local result; + + X509* cert = SSL_get_certificate(session->ssl()); + + if (cert != nullptr) + result = crypto::X509ToObject(env, cert); + + args.GetReturnValue().Set(result); +} + +void QuicSessionPing(const FunctionCallbackInfo& args) { + QuicSession* session; + ASSIGN_OR_RETURN_UNWRAP(&session, args.Holder()); + session->Ping(); +} + +// TODO(addaleax): This is a temporary solution for testing and should be +// removed later. +void QuicSessionRemoveFromSocket(const FunctionCallbackInfo& args) { + QuicSession* session; + ASSIGN_OR_RETURN_UNWRAP(&session, args.Holder()); + session->RemoveFromSocket(); +} + +void QuicSessionUpdateKey(const FunctionCallbackInfo& args) { + QuicSession* session; + ASSIGN_OR_RETURN_UNWRAP(&session, args.Holder()); + args.GetReturnValue().Set(session->InitiateUpdateKey()); +} + +void NewQuicClientSession(const FunctionCallbackInfo& args) { + Environment* env = Environment::GetCurrent(args); + CHECK(args[0]->IsObject()); + QuicSocket* socket; + ASSIGN_OR_RETURN_UNWRAP(&socket, args[0].As()); + + node::Utf8Value address(args.GetIsolate(), args[2]); + int32_t family; + uint32_t port, flags; + if (!args[1]->Int32Value(env->context()).To(&family) || + !args[3]->Uint32Value(env->context()).To(&port) || + !args[4]->Uint32Value(env->context()).To(&flags)) + return; + + // Secure Context + CHECK(args[5]->IsObject()); + SecureContext* sc; + ASSIGN_OR_RETURN_UNWRAP(&sc, args[5].As()); + + // SNI Servername + node::Utf8Value servername(args.GetIsolate(), args[6]); + + sockaddr_storage addr; + int err = SocketAddress::ToSockAddr(family, *address, port, &addr); + if (err != 0) + return args.GetReturnValue().Set(err); + + int select_preferred_address_policy = QUIC_PREFERRED_ADDRESS_IGNORE; + if (!args[10]->Int32Value(env->context()) + .To(&select_preferred_address_policy)) return; + + std::string alpn(NGTCP2_ALPN_H3); + if (args[11]->IsString()) { + Utf8Value val(env->isolate(), args[11]); + alpn = val.length(); + alpn += *val; + } + + uint32_t options = QUICCLIENTSESSION_OPTION_VERIFY_HOSTNAME_IDENTITY; + if (!args[12]->Uint32Value(env->context()).To(&options)) return; + + socket->ReceiveStart(); + + BaseObjectPtr session = + QuicClientSession::New( + socket, + const_cast(reinterpret_cast(&addr)), + NGTCP2_PROTO_VER, sc, + *servername, + port, + args[7], + args[8], + args[9], + static_cast + (select_preferred_address_policy), + alpn, + options); + + session->SendPendingData(); + + args.GetReturnValue().Set(session->object()); +} + +// Add methods that are shared by both QuicServerSession and +// QuicClientSession +void AddMethods(Environment* env, Local session) { + env->SetProtoMethod(session, "close", QuicSessionClose); + env->SetProtoMethod(session, "destroy", QuicSessionDestroy); + env->SetProtoMethod(session, "getRemoteAddress", QuicSessionGetRemoteAddress); + env->SetProtoMethod(session, "getCertificate", QuicSessionGetCertificate); + env->SetProtoMethod(session, "getPeerCertificate", + QuicSessionGetPeerCertificate); + env->SetProtoMethod(session, "gracefulClose", QuicSessionGracefulClose); + env->SetProtoMethod(session, "updateKey", QuicSessionUpdateKey); + env->SetProtoMethod(session, "ping", QuicSessionPing); + env->SetProtoMethod(session, "removeFromSocket", QuicSessionRemoveFromSocket); + env->SetProtoMethod(session, "onClientHelloDone", + QuicSessionOnClientHelloDone); + env->SetProtoMethod(session, "onCertDone", QuicSessionOnCertDone); +} +} // namespace + +void QuicServerSession::Initialize( + Environment* env, + Local target, + Local context) { + Local class_name = + FIXED_ONE_BYTE_STRING(env->isolate(), "QuicServerSession"); + Local session = FunctionTemplate::New(env->isolate()); + session->SetClassName(class_name); + session->Inherit(AsyncWrap::GetConstructorTemplate(env)); + Local sessiont = session->InstanceTemplate(); + sessiont->SetInternalFieldCount(1); + sessiont->Set(env->owner_symbol(), Null(env->isolate())); + AddMethods(env, session); + env->set_quicserversession_constructor_template(sessiont); +} + +void QuicClientSession::Initialize( + Environment* env, + Local target, + Local context) { + Local class_name = + FIXED_ONE_BYTE_STRING(env->isolate(), "QuicClientSession"); + Local session = FunctionTemplate::New(env->isolate()); + session->SetClassName(class_name); + session->Inherit(AsyncWrap::GetConstructorTemplate(env)); + Local sessiont = session->InstanceTemplate(); + sessiont->SetInternalFieldCount(1); + sessiont->Set(env->owner_symbol(), Null(env->isolate())); + AddMethods(env, session); + env->SetProtoMethod(session, + "getEphemeralKeyInfo", + QuicSessionGetEphemeralKeyInfo); + env->SetProtoMethod(session, + "setSocket", + QuicSessionSetSocket); + env->set_quicclientsession_constructor_template(sessiont); + + env->SetMethod(target, "createClientSession", NewQuicClientSession); +} + +} // namespace quic +} // namespace node diff --git a/src/node_quic_session.h b/src/node_quic_session.h new file mode 100644 index 0000000000..ec317bf5e0 --- /dev/null +++ b/src/node_quic_session.h @@ -0,0 +1,1237 @@ +#ifndef SRC_NODE_QUIC_SESSION_H_ +#define SRC_NODE_QUIC_SESSION_H_ + +#if defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS + +#include "aliased_buffer.h" +#include "async_wrap.h" +#include "env.h" +#include "handle_wrap.h" +#include "histogram-inl.h" +#include "node.h" +#include "node_crypto.h" +#include "node_mem.h" +#include "node_quic_crypto.h" +#include "node_quic_util.h" +#include "v8.h" +#include "uv.h" + +#include +#include + +#include +#include +#include + +namespace node { +namespace quic { + +using ConnectionPointer = DeleteFnPtr; + +class QuicClientSession; +class QuicServerSession; +class QuicSocket; +class QuicStream; + +// The QuicSessionConfig class holds the initial transport parameters and +// configuration options set by the JavaScript side when either a +// QuicClientSession or QuicServerSession is created. Instances are +// stack created and use a combination of an AliasedBuffer to pass +// the numeric settings quickly (see node_quic_state.h) and passed +// in non-numeric settings (e.g. preferred_addr). +class QuicSessionConfig { + public: + QuicSessionConfig() { + ResetToDefaults(); + } + + explicit QuicSessionConfig(Environment* env) : QuicSessionConfig() { + Set(env); + } + + QuicSessionConfig(const QuicSessionConfig& config) { + settings_ = config.settings_; + max_crypto_buffer_ = config.max_crypto_buffer_; + settings_.initial_ts = uv_hrtime(); + } + + uint64_t max_streams_bidi() const { + return settings_.max_streams_bidi; + } + + uint64_t max_streams_uni() const { + return settings_.max_streams_uni; + } + + void ResetToDefaults(); + + // QuicSessionConfig::Set() pulls values out of the AliasedBuffer + // defined in node_quic_state.h and stores the values in settings_. + // If preferred_addr is not nullptr, it is copied into the + // settings_.preferred_addr field + void Set(Environment* env, + const struct sockaddr* preferred_addr = nullptr); + + // Generates the stateless reset token for the settings_ + void GenerateStatelessResetToken(); + + // If the preferred address is set, generates the associated tokens + void GeneratePreferredAddressToken(ngtcp2_cid* pscid); + + uint64_t GetMaxCryptoBuffer() const { return max_crypto_buffer_; } + + const ngtcp2_settings* operator*() const { return &settings_; } + + private: + uint64_t max_crypto_buffer_ = DEFAULT_MAX_CRYPTO_BUFFER; + ngtcp2_settings settings_; +}; + +// Options to alter the behavior of various functions on the +// QuicServerSession. These are set on the QuicSocket when +// the listen() function is called and are passed to the +// constructor of the QuicServerSession. +enum QuicServerSessionOptions : uint32_t { + // When set, instructs the QuicServerSession to reject + // client authentication certs that cannot be verified. + QUICSERVERSESSION_OPTION_REJECT_UNAUTHORIZED = 0x1, + + // When set, instructs the QuicServerSession to request + // a client authentication cert + QUICSERVERSESSION_OPTION_REQUEST_CERT = 0x2 +}; + +// Options to alter the behavior of various functions on the +// QuicClientSession. These are set on the QuicClientSession +// constructor. +enum QuicClientSessionOptions : uint32_t { + // When set, instructs the QuicClientSession to include an + // OCSP request in the initial TLS handshake + QUICCLIENTSESSION_OPTION_REQUEST_OCSP = 0x1, + + // When set, instructs the QuicClientSession to verify the + // hostname identity. This is required by QUIC and enabled + // by default. We allow disabling it only for debugging + // purposes. + QUICCLIENTSESSION_OPTION_VERIFY_HOSTNAME_IDENTITY = 0x2, + + // When set, instructs the QuicClientSession to perform + // additional checks on TLS session resumption. + QUICCLIENTSESSION_OPTION_RESUME = 0x4 +}; + + +// The QuicSessionState enums are used with the QuicSession's +// private state_ array. This is exposed to JavaScript via an +// aliased buffer and is used to communicate various types of +// state efficiently across the native/JS boundary. +enum QuicSessionState : int { + // Communicates whether a 'keylog' event listener has been + // registered on the JavaScript QuicSession object. The + // value will be either 1 or 0. When set to 1, the native + // code will emit TLS keylog entries to the JavaScript + // side triggering the 'keylog' event once for each line. + IDX_QUIC_SESSION_STATE_KEYLOG_ENABLED, + + // Communicates whether a 'clientHello' event listener has + // been registered on the JavaScript QuicServerSession. + // The value will be either 1 or 0. When set to 1, the + // native code will callout to the JavaScript side causing + // the 'clientHello' event to be emitted. This is only + // used on QuicServerSession instances. + IDX_QUIC_SESSION_STATE_CLIENT_HELLO_ENABLED, + + // Communicates whether a 'cert' event listener has been + // registered on the JavaScript QuicSession. The value will + // be either 1 or 0. When set to 1, the native code will + // callout to the JavaScript side causing the 'cert' event + // to be emitted. + IDX_QUIC_SESSION_STATE_CERT_ENABLED, + + // Communicates whether a 'pathValidation' event listener + // has been registered on the JavaScript QuicSession. The + // value will be either 1 or 0. When set to 1, the native + // code will callout to the JavaScript side causing the + // 'pathValidation' event to be emitted + IDX_QUIC_SESSION_STATE_PATH_VALIDATED_ENABLED, + + // Communicates the current max cumulative number of + // bidi and uni streams that may be opened on the session + IDX_QUIC_SESSION_STATE_MAX_STREAMS_BIDI, + IDX_QUIC_SESSION_STATE_MAX_STREAMS_UNI, + + // Just the number of session state enums for use when + // creating the AliasedBuffer. + IDX_QUIC_SESSION_STATE_COUNT +}; + +// The QuicSession class is an virtual class that serves as +// the basis for both QuicServerSession and QuicClientSession. +// It implements the functionality that is shared for both +// QUIC clients and servers. +// +// QUIC sessions are virtual connections that exchange data +// back and forth between peer endpoints via UDP. Every QuicSession +// has an associated TLS context and all data transfered between +// the peers is always encrypted. Unlike TLS over TCP, however, +// The QuicSession uses a session identifier that is independent +// of both the local *and* peer IP address, allowing a QuicSession +// to persist across changes in the network (one of the key features +// of QUIC). QUIC sessions also support 0RTT, implement error +// correction mechanisms to recover from lost packets, and flow +// control. In other words, there's quite a bit going on within +// a QuicSession object. +class QuicSession : public AsyncWrap, + public mem::NgLibMemoryManager { + public: + static const int kInitialClientBufferLength = 4096; + + QuicSession( + // The QuicSocket that created this session. Note that + // it is possible to replace this socket later, after + // the TLS handshake has completed. The QuicSession + // should never assume that the socket will always + // remain the same. + ngtcp2_crypto_side side, + QuicSocket* socket, + v8::Local wrap, + crypto::SecureContext* ctx, + AsyncWrap::ProviderType provider_type, + // QUIC is generally just a transport. The ALPN identifier + // is used to specify the application protocol that is + // layered on top. If not specified, this will default + // to the HTTP/3 identifier. For QUIC, the alpn identifier + // is always required. + const std::string& alpn, + uint32_t options = 0, + uint64_t initial_connection_close = NGTCP2_NO_ERROR); + ~QuicSession() override; + + std::string diagnostic_name() const override; + + inline QuicError GetLastError() const; + inline void SetTLSAlert(int err); + + // Returns true if StartGracefulClose() has been called and the + // QuicSession is currently in the process of a graceful close. + inline bool IsGracefullyClosing() const; + + // Returns true if Destroy() has been called and the + // QuicSession is no longer usable. + inline bool IsDestroyed() const; + + // Starting a GracefulClose disables the ability to open or accept + // new streams for this session. Existing streams are allowed to + // close naturally on their own. Once called, the QuicSession will + // be immediately closed once there are no remaining streams. Note + // that no notification is given to the connecting peer that we're + // in a graceful closing state. A CONNECTION_CLOSE will be sent only + // once ImmediateClose() is called. + inline void StartGracefulClose(); + + const std::string& GetALPN() const { return alpn_; } + + // Returns the associated peer's address. Note that this + // value can change over the lifetime of the QuicSession. + // The fact that the session is not tied intrinsically to + // a single address is one of the benefits of QUIC. + const SocketAddress* GetRemoteAddress() const { return &remote_address_; } + + const ngtcp2_cid* scid() const { return &scid_; } + + inline QuicSocket* Socket() const; + + SSL* ssl() { return ssl_.get(); } + + ngtcp2_conn* Connection() { return connection_.get(); } + + void AddStream(BaseObjectPtr stream); + + // Immediately discards the state of the QuicSession + // and renders the QuicSession instance completely + // unusable. + void Destroy(); + void ExtendStreamOffset(QuicStream* stream, size_t amount); + void GetLocalTransportParams(ngtcp2_transport_params* params); + uint32_t GetNegotiatedVersion(); + bool InitiateUpdateKey(); + bool IsHandshakeCompleted(); + void MaybeTimeout(); + void OnIdleTimeout(); + bool OnKey(int name, const uint8_t* secret, size_t secretlen); + bool OpenBidirectionalStream(int64_t* stream_id); + bool OpenUnidirectionalStream(int64_t* stream_id); + void Ping(); + size_t ReadPeerHandshake(uint8_t* buf, size_t buflen); + bool Receive( + ssize_t nread, + const uint8_t* data, + const struct sockaddr* addr, + unsigned int flags); + void ReceiveStreamData( + int64_t stream_id, + int fin, + const uint8_t* data, + size_t datalen, + uint64_t offset); + void RemoveStream(int64_t stream_id); + void SendPendingData(); + bool SendStreamData(QuicStream* stream); + inline void SetLastError( + QuicError error = { + QUIC_ERROR_SESSION, + NGTCP2_NO_ERROR + }); + inline void SetLastError(QuicErrorFamily family, uint64_t error_code); + inline void SetLastError(QuicErrorFamily family, int error_code); + int SetRemoteTransportParams(ngtcp2_transport_params* params); + + // ShutdownStream will cause ngtcp2 to queue a + // RESET_STREAM and STOP_SENDING frame, as appropriate, + // for the given stream_id. For a locally-initiated + // unidirectional stream, only a RESET_STREAM frame + // will be scheduled and the stream will be immediately + // closed. For a bi-directional stream, a STOP_SENDING + // frame will be sent. + // + // It is important to note that the QuicStream is + // not destroyed immediately following ShutdownStream. + // The sending QuicSession will not close the stream + // until the RESET_STREAM is acknowledged. + // + // Once the RESET_STREAM is sent, the QuicSession + // should not send any new frames for the stream, + // and all inbound stream frames should be discarded. + // Once ngtcp2 receives the appropriate notification + // that the RESET_STREAM has been acknowledged, the + // stream will be closed. + // + // Once the stream has been closed, it will be + // destroyed and memory will be freed. User code + // can request that a stream be immediately and + // abruptly destroyed without calling ShutdownStream. + // Likewise, an idle timeout may cause the stream + // to be silently destroyed without calling + // ShutdownStream. + int ShutdownStream( + int64_t stream_id, + uint64_t error_code = NGTCP2_APP_NOERROR); + int TLSRead(); + ngtcp2_crypto_side Side() const { return side_; } + void WriteHandshake(const uint8_t* data, size_t datalen); + + // These may be implemented by QuicSession types + virtual void HandleError(); + virtual int OnClientHello() { return 0; } + virtual void OnClientHelloDone() {} + virtual int OnCert() { return 1; } + virtual void OnCertDone( + crypto::SecureContext* context, + v8::Local ocsp_response) {} + virtual void RemoveFromSocket(); + virtual int TLSHandshake_Complete() { return 0; } + + // These must be implemented by QuicSession types + virtual void AddToSocket(QuicSocket* socket) = 0; + virtual int OnTLSStatus() = 0; + virtual bool SendConnectionClose() = 0; + virtual int TLSHandshake_Initial() = 0; + + // Implementation for mem::NgLibMemoryManager + inline void CheckAllocatedSize(size_t previous_size) const; + inline void IncreaseAllocatedSize(size_t size); + inline void DecreaseAllocatedSize(size_t size); + + // Tracks whether or not we are currently within an ngtcp2 callback + // function. Certain ngtcp2 APIs are not supposed to be called when + // within a callback. We use this as a gate to check. + class Ngtcp2CallbackScope { + public: + explicit Ngtcp2CallbackScope(QuicSession* session) : session_(session) { + CHECK(!InNgtcp2CallbackScope(session)); + session_->SetFlag(QUICSESSION_FLAG_NGTCP2_CALLBACK); + } + + ~Ngtcp2CallbackScope() { + session_->SetFlag(QUICSESSION_FLAG_NGTCP2_CALLBACK, false); + } + + static bool InNgtcp2CallbackScope(QuicSession* session) { + return session->IsFlagSet(QUICSESSION_FLAG_NGTCP2_CALLBACK); + } + + private: + QuicSession* session_; + }; + + private: + // Returns true if the QuicSession has entered the + // closing period following a call to ImmediateClose. + // While true, the QuicSession is only permitted to + // transmit CONNECTION_CLOSE frames until either the + // idle timeout period elapses or until the QuicSession + // is explicitly destroyed. + inline bool IsInClosingPeriod(); + + // Returns true if the QuicSession has received a + // CONNECTION_CLOSE frame from the peer. Once in + // the draining period, the QuicSession is not + // permitted to send any frames to the peer. The + // QuicSession will be silently closed after either + // the idle timeout period elapses or until the + // QuicSession is explicitly destroyed. + inline bool IsInDrainingPeriod(); + QuicStream* FindStream(int64_t id); + inline bool HasStream(int64_t id); + + bool IsHandshakeSuspended() const { + return IsFlagSet(QUICSESSION_FLAG_CERT_CB_RUNNING) || + IsFlagSet(QUICSESSION_FLAG_CLIENT_HELLO_CB_RUNNING); + } + + void AckedCryptoOffset(size_t datalen); + void AckedStreamDataOffset( + int64_t stream_id, + uint64_t offset, + size_t datalen); + void AssociateCID(ngtcp2_cid* cid); + + // Immediately close the QuicSession. All currently open + // streams are implicitly reset and closed with RESET_STREAM + // and STOP_SENDING frames transmitted as necessary. A + // CONNECTION_CLOSE frame will be sent and the session + // will enter the closing period until either the idle + // timeout period elapses or until the QuicSession is + // explicitly destroyed. During the closing period, + // the only frames that may be transmitted to the peer + // are repeats of the already sent CONNECTION_CLOSE. + // + // The CONNECTION_CLOSE will use the error code set using + // the most recent call to SetLastError() + void ImmediateClose(); + + // Silently, and immediately close the QuicSession. This is + // generally only done during an idle timeout. That is, per + // the QUIC specification, if the session remains idle for + // longer than both the advertised idle timeout and three + // times the current probe timeout (PTO). In such cases, all + // currently open streams are implicitly reset and closed + // without sending corresponding RESET_STREAM and + // STOP_SENDING frames, the connection state is + // discarded, and the QuicSession is destroyed without + // sending a CONNECTION_CLOSE frame. + // + // Silent close may also be used to explicitly destroy + // a QuicSession that has either already entered the + // closing or draining periods; or in response to user + // code requests to forcefully terminate a QuicSession + // without transmitting any additional frames to the + // peer. + void SilentClose(bool stateless_reset = false); + QuicStream* CreateStream(int64_t stream_id); + ssize_t DoHSEncrypt( + uint8_t* dest, + size_t destlen, + const uint8_t* plaintext, + size_t plaintextlen, + const uint8_t* key, + size_t keylen, + const uint8_t* nonce, + size_t noncelen, + const uint8_t* ad, + size_t adlen); + ssize_t DoHSDecrypt( + uint8_t* dest, + size_t destlen, + const uint8_t* ciphertext, + size_t ciphertextlen, + const uint8_t* key, + size_t keylen, + const uint8_t* nonce, + size_t noncelen, + const uint8_t* ad, + size_t adlen); + ssize_t DoEncrypt( + uint8_t* dest, + size_t destlen, + const uint8_t* plaintext, + size_t plaintextlen, + const uint8_t* key, + size_t keylen, + const uint8_t* nonce, + size_t noncelen, + const uint8_t* ad, + size_t adlen); + ssize_t DoDecrypt( + uint8_t* dest, + size_t destlen, + const uint8_t* ciphertext, + size_t ciphertextlen, + const uint8_t* key, + size_t keylen, + const uint8_t* nonce, + size_t noncelen, + const uint8_t* ad, + size_t adlen); + ssize_t DoInHPMask( + uint8_t* dest, + size_t destlen, + const uint8_t* key, + size_t keylen, + const uint8_t* sample, + size_t samplelen); + ssize_t DoHPMask( + uint8_t* dest, + size_t destlen, + const uint8_t* key, + size_t keylen, + const uint8_t* sample, + size_t samplelen); + void ExtendMaxStreamData(int64_t stream_id, uint64_t max_data); + void ExtendMaxStreams(bool bidi, uint64_t max_streams); + void ExtendMaxStreamsUni(uint64_t max_streams); + void ExtendMaxStreamsBidi(uint64_t max_streams); + int GetNewConnectionID(ngtcp2_cid* cid, uint8_t* token, size_t cidlen); + void HandshakeCompleted(); + void InitTLS(); + void Keylog(const char* line); + void PathValidation( + const ngtcp2_path* path, + ngtcp2_path_validation_result res); + bool ReceiveClientInitial(const ngtcp2_cid* dcid); + int ReceiveCryptoData( + ngtcp2_crypto_level crypto_level, + uint64_t offset, + const uint8_t* data, + size_t datalen); + bool ReceivePacket(QuicPath* path, const uint8_t* data, ssize_t nread); + void RemoveConnectionID(const ngtcp2_cid* cid); + void ScheduleRetransmit(); + bool SendPacket(const char* diagnostic_label = nullptr); + void SetHandshakeCompleted(); + void SetLocalAddress(const ngtcp2_addr* addr); + void StreamClose(int64_t stream_id, uint64_t app_error_code); + void StreamOpen(int64_t stream_id); + void StreamReset( + int64_t stream_id, + uint64_t final_size, + uint64_t app_error_code); + int TLSHandshake(); + bool UpdateKey(); + bool WritePackets(const char* diagnostic_label = nullptr); + int WritePeerHandshake( + ngtcp2_crypto_level crypto_level, + const uint8_t* data, + size_t datalen); + void UpdateRecoveryStats(); + + virtual void DisassociateCID(const ngtcp2_cid* cid) {} + virtual bool ReceiveRetry() { return true; } + virtual bool SelectPreferredAddress( + ngtcp2_addr* dest, + const ngtcp2_preferred_addr* paddr) { return true; } + virtual void StoreRemoteTransportParams(ngtcp2_transport_params* params) {} + virtual void VersionNegotiation( + const ngtcp2_pkt_hd* hd, + const uint32_t* sv, + size_t nsv) {} + + virtual void InitTLS_Post() = 0; + virtual ngtcp2_crypto_level GetServerCryptoLevel() = 0; + virtual ngtcp2_crypto_level GetClientCryptoLevel() = 0; + virtual void SetServerCryptoLevel(ngtcp2_crypto_level level) = 0; + virtual void SetClientCryptoLevel(ngtcp2_crypto_level level) = 0; + virtual void SetLocalCryptoLevel(ngtcp2_crypto_level level) = 0; + virtual int VerifyPeerIdentity(const char* hostname) = 0; + + // static ngtcp2 callbacks + static int OnClientInitial( + ngtcp2_conn* conn, + void* user_data); + static int OnReceiveClientInitial( + ngtcp2_conn* conn, + const ngtcp2_cid* dcid, + void* user_data); + static int OnReceiveCryptoData( + ngtcp2_conn* conn, + ngtcp2_crypto_level crypto_level, + uint64_t offset, + const uint8_t* data, + size_t datalen, + void* user_data); + static int OnHandshakeCompleted( + ngtcp2_conn* conn, + void* user_data); + static ssize_t OnDoHSEncrypt( + ngtcp2_conn* conn, + uint8_t* dest, + size_t destlen, + const uint8_t* plaintext, + size_t plaintextlen, + const uint8_t* key, + size_t keylen, + const uint8_t* nonce, + size_t noncelen, + const uint8_t* ad, + size_t adlen, + void* user_data); + static ssize_t OnDoHSDecrypt( + ngtcp2_conn* conn, + uint8_t* dest, + size_t destlen, + const uint8_t* ciphertext, + size_t ciphertextlen, + const uint8_t* key, + size_t keylen, + const uint8_t* nonce, + size_t noncelen, + const uint8_t* ad, + size_t adlen, + void* user_data); + static ssize_t OnDoEncrypt( + ngtcp2_conn* conn, + uint8_t* dest, + size_t destlen, + const uint8_t* plaintext, + size_t plaintextlen, + const uint8_t* key, + size_t keylen, + const uint8_t* nonce, + size_t noncelen, + const uint8_t* ad, + size_t adlen, + void* user_data); + static ssize_t OnDoDecrypt( + ngtcp2_conn* conn, + uint8_t* dest, + size_t destlen, + const uint8_t* ciphertext, + size_t ciphertextlen, + const uint8_t* key, + size_t keylen, + const uint8_t* nonce, + size_t noncelen, + const uint8_t* ad, + size_t adlen, + void* user_data); + static ssize_t OnDoInHPMask( + ngtcp2_conn* conn, + uint8_t* dest, + size_t destlen, + const uint8_t* key, + size_t keylen, + const uint8_t* sample, + size_t samplelen, + void* user_data); + static ssize_t OnDoHPMask( + ngtcp2_conn* conn, + uint8_t* dest, + size_t destlen, + const uint8_t* key, + size_t keylen, + const uint8_t* sample, + size_t samplelen, + void* user_data); + static int OnReceiveStreamData( + ngtcp2_conn* conn, + int64_t stream_id, + int fin, + uint64_t offset, + const uint8_t* data, + size_t datalen, + void* user_data, + void* stream_user_data); + static int OnReceiveRetry( + ngtcp2_conn* conn, + const ngtcp2_pkt_hd* hd, + const ngtcp2_pkt_retry* retry, + void* user_data); + static int OnAckedCryptoOffset( + ngtcp2_conn* conn, + ngtcp2_crypto_level crypto_level, + uint64_t offset, + size_t datalen, + void* user_data); + static int OnAckedStreamDataOffset( + ngtcp2_conn* conn, + int64_t stream_id, + uint64_t offset, + size_t datalen, + void* user_data, + void* stream_user_data); + static int OnSelectPreferredAddress( + ngtcp2_conn* conn, + ngtcp2_addr* dest, + const ngtcp2_preferred_addr* paddr, + void* user_data); + static int OnStreamClose( + ngtcp2_conn* conn, + int64_t stream_id, + uint64_t app_error_code, + void* user_data, + void* stream_user_data); + static int OnStreamOpen( + ngtcp2_conn* conn, + int64_t stream_id, + void* user_data); + static int OnStreamReset( + ngtcp2_conn* conn, + int64_t stream_id, + uint64_t final_size, + uint64_t app_error_code, + void* user_data, + void* stream_user_data); + static int OnRand( + ngtcp2_conn* conn, + uint8_t* dest, + size_t destlen, + ngtcp2_rand_ctx ctx, + void* user_data); + static int OnGetNewConnectionID( + ngtcp2_conn* conn, + ngtcp2_cid* cid, + uint8_t* token, + size_t cidlen, + void* user_data); + static int OnRemoveConnectionID( + ngtcp2_conn* conn, + const ngtcp2_cid* cid, + void* user_data); + static int OnUpdateKey( + ngtcp2_conn* conn, + void* user_data); + static int OnPathValidation( + ngtcp2_conn* conn, + const ngtcp2_path* path, + ngtcp2_path_validation_result res, + void* user_data); + static int OnExtendMaxStreamsUni( + ngtcp2_conn* conn, + uint64_t max_streams, + void* user_data); + static int OnExtendMaxStreamsBidi( + ngtcp2_conn* conn, + uint64_t max_streams, + void* user_data); + static int OnExtendMaxStreamData( + ngtcp2_conn* conn, + int64_t stream_id, + uint64_t max_data, + void* user_data, + void* stream_user_data); + static int OnVersionNegotiation( + ngtcp2_conn* conn, + const ngtcp2_pkt_hd* hd, + const uint32_t* sv, + size_t nsv, + void* user_data); + static void OnKeylog(const SSL* ssl, const char* line); + static int OnStatelessReset( + ngtcp2_conn* conn, + const ngtcp2_pkt_stateless_reset* sr, + void* user_data); + + void UpdateIdleTimer(); + void UpdateRetransmitTimer(uint64_t timeout); + void StopRetransmitTimer(); + void StopIdleTimer(); + + enum QuicSessionFlags : uint32_t { + // Initial state when a QuicSession is created but nothing yet done. + QUICSESSION_FLAG_INITIAL = 0x1, + + // Set while the QuicSession is in the process of an Immediate + // or silent close. + QUICSESSION_FLAG_CLOSING = 0x2, + + // Set while the QuicSession is in the process of a graceful close. + QUICSESSION_FLAG_GRACEFUL_CLOSING = 0x4, + + // Set when the QuicSession has been destroyed (but not + // yet freed) + QUICSESSION_FLAG_DESTROYED = 0x8, + + // Set while the QuicSession is in a KeyUpdate (to prevent reentrance) + QUICSESSION_FLAG_KEYUPDATE = 0x10, + + // Set while the QuicSession is in the cert callback + QUICSESSION_FLAG_CERT_CB_RUNNING = 0x20, + + // Set while the QuicSession is in the client hello callback + QUICSESSION_FLAG_CLIENT_HELLO_CB_RUNNING = 0x40, + + // Set while the QuicSession is executing a TLS callback + QUICSESSION_FLAG_TLS_CALLBACK = 0x80, + + // Set while the QuicSession is executing an ngtcp2 callback + QUICSESSION_FLAG_NGTCP2_CALLBACK = 0x100, + + // Set if the QuicSession is in the middle of a silent close + // (that is, a CONNECTION_CLOSE should not be sent) + QUICSESSION_FLAG_SILENT_CLOSE = 0x200 + }; + + void SetFlag(QuicSessionFlags flag, bool on = true) { + if (on) + flags_ |= flag; + else + flags_ &= ~flag; + } + + bool IsFlagSet(QuicSessionFlags flag) const { + return flags_ & flag; + } + + void SetOption(uint32_t option, bool on = true) { + if (on) + options_ |= option; + else + options_ &= ~option; + } + + bool IsOptionSet(uint32_t option) const { + return options_ & option; + } + + void IncrementConnectionCloseAttempts() { + if (connection_close_attempts_ < kMaxSizeT) + connection_close_attempts_++; + } + + bool ShouldAttemptConnectionClose() { + if (connection_close_attempts_ == connection_close_limit_) { + if (connection_close_limit_ * 2 <= kMaxSizeT) + connection_close_limit_ *= 2; + else + connection_close_limit_ = kMaxSizeT; + return true; + } + return false; + } + + typedef ssize_t(*ngtcp2_close_fn)( + ngtcp2_conn* conn, + ngtcp2_path* path, + uint8_t* dest, + size_t destlen, + uint64_t error_code, + ngtcp2_tstamp ts); + + static inline ngtcp2_close_fn SelectCloseFn(QuicErrorFamily family) { + if (family == QUIC_ERROR_APPLICATION) + return ngtcp2_conn_write_application_close; + return ngtcp2_conn_write_connection_close; + } + + ngtcp2_mem alloc_info_; + + ngtcp2_crypto_side side_; + BaseObjectWeakPtr socket_; + std::string alpn_; + + ngtcp2_crypto_level rx_crypto_level_ = NGTCP2_CRYPTO_LEVEL_INITIAL; + ngtcp2_crypto_level tx_crypto_level_ = NGTCP2_CRYPTO_LEVEL_INITIAL; + QuicError last_error_ = { QUIC_ERROR_SESSION, NGTCP2_NO_ERROR }; + + crypto::SSLPointer ssl_; + ConnectionPointer connection_; + SocketAddress remote_address_; + + uint32_t flags_ = 0; + uint32_t options_; + uint64_t initial_connection_close_; + size_t max_pktlen_ = 0; + size_t ncread_ = 0; + size_t max_crypto_buffer_ = DEFAULT_MAX_CRYPTO_BUFFER; + size_t current_ngtcp2_memory_ = 0; + size_t connection_close_attempts_ = 0; + size_t connection_close_limit_ = 1; + + TimerPointer idle_; + TimerPointer retransmit_; + + CryptoContext crypto_ctx_{}; + std::vector tx_secret_; + std::vector rx_secret_; + ngtcp2_cid scid_; + + // The sendbuf_ is a temporary holding for data being collected + // to send. On send, the contents of the sendbuf_ will be + // transfered to the txbuf_ + QuicBuffer sendbuf_; + + // The handshake_ is a temporary holding for outbound TLS handshake + // data. On send, the contents of the handshake_ will be + // transfered to the txbuf_ + QuicBuffer handshake_; + + // The txbuf_ contains all of the data that has been passed off + // to the QuicSocket. The data will remain in the txbuf_ until + // it is successfully sent. + QuicBuffer txbuf_; + + // Temporary holding for inbound TLS handshake data. + std::vector peer_handshake_; + + std::map> streams_; + + AliasedFloat64Array state_; + + struct session_stats { + // The timestamp at which the session was created + uint64_t created_at; + // The timestamp at which the handshake was started + uint64_t handshake_start_at; + // The timestamp at which the most recent handshake + // message was sent + uint64_t handshake_send_at; + // The timestamp at which the most recent handshake + // message was received + uint64_t handshake_continue_at; + // The timestamp at which handshake completed + uint64_t handshake_completed_at; + // The timestamp at which the handshake was most recently acked + uint64_t handshake_acked_at; + // The timestamp at which the most recently sent + // non-handshake packets were sent + uint64_t session_sent_at; + // The timestamp at which the most recently received + // non-handshake packets were received + uint64_t session_received_at; + // The timestamp at which a graceful close was started + uint64_t closing_at; + // The total number of bytes received (and not ignored) + // by this QuicSession + uint64_t bytes_received; + // The total number of bytes sent by this QuicSession + uint64_t bytes_sent; + // The total bidirectional stream count + uint64_t bidi_stream_count; + // The total unidirectional stream count + uint64_t uni_stream_count; + // The total number of peer-initiated streams + uint64_t streams_in_count; + // The total number of local-initiated streams + uint64_t streams_out_count; + // The total number of keyupdates + uint64_t keyupdate_count; + // The total number of retries received + uint64_t retry_count; + // The total number of loss detection retransmissions + uint64_t loss_retransmit_count; + // The total number of ack delay retransmissions + uint64_t ack_delay_retransmit_count; + // The total number of successful path validations + uint64_t path_validation_success_count; + // The total number of failed path validations + uint64_t path_validation_failure_count; + }; + session_stats session_stats_{}; + + // crypto_rx_ack_ measures the elapsed time between crypto acks + // for this stream. This data can be used to detect peers that are + // generally taking too long to acknowledge crypto data. + BaseObjectPtr crypto_rx_ack_; + + // crypto_handshake_rate_ measures the elapsed time between + // crypto continuation steps. This data can be used to detect + // peers that are generally taking too long to carry out the + // handshake + BaseObjectPtr crypto_handshake_rate_; + + struct recovery_stats { + double min_rtt; + double latest_rtt; + double smoothed_rtt; + }; + recovery_stats recovery_stats_{}; + + AliasedBigUint64Array stats_buffer_; + AliasedFloat64Array recovery_stats_buffer_; + + template + void IncrementSocketStat( + uint64_t amount, + session_stats* a, + Members... mems) { + IncrementStat(amount, a, mems...); + } + + class TLSHandshakeCallbackScope { + public: + explicit TLSHandshakeCallbackScope(QuicSession* session) : + session_(session) { + session_->SetFlag(QUICSESSION_FLAG_TLS_CALLBACK); + } + + ~TLSHandshakeCallbackScope() { + session_->SetFlag(QUICSESSION_FLAG_TLS_CALLBACK, false); + } + + static bool IsInTLSHandshakeCallback(QuicSession* session) { + return session->IsFlagSet(QUICSESSION_FLAG_TLS_CALLBACK); + } + + private: + QuicSession* session_; + }; + + class TLSHandshakeScope { + public: + TLSHandshakeScope(QuicSession* session, QuicSessionFlags monitor) : + session_{session}, + monitor_(monitor) {} + + ~TLSHandshakeScope() { + if (session_->IsHandshakeSuspended()) { + // There are a couple of monitor fields in QuicSession + // (cert_cb_running_ and client_hello_cb_running_). + // When one of those are true, IsHandshakeSuspended + // will be true. We set the monitor to false so we + // can keep the handshake going when the TLS Handshake + // is continued. + session_->SetFlag(monitor_, false); + // Only continue the TLS handshake if we are not currently running + // synchronously within the TLS handshake function. This can happen + // when the callback function passed to the clientHello and cert + // event handlers is called synchronously. If the function is called + // asynchronously, then we have to manually continue the handshake. + if (!TLSHandshakeCallbackScope::IsInTLSHandshakeCallback(session_)) { + session_->TLSHandshake(); + session_->SendPendingData(); + } + } + } + + private: + QuicSession* session_; + QuicSessionFlags monitor_; + }; + + friend class QuicServerSession; + friend class QuicClientSession; +}; + +class QuicServerSession : public QuicSession { + public: + enum InitialPacketResult : int { + PACKET_OK, + PACKET_IGNORE, + PACKET_VERSION + }; + + static InitialPacketResult Accept( + ngtcp2_pkt_hd* hd, + const uint8_t* data, + ssize_t nread); + + static void Initialize( + Environment* env, + v8::Local target, + v8::Local context); + + static BaseObjectPtr New( + QuicSocket* socket, + QuicSessionConfig* config, + const ngtcp2_cid* rcid, + const struct sockaddr* addr, + const ngtcp2_cid* dcid, + const ngtcp2_cid* ocid, + uint32_t version, + const std::string& alpn = NGTCP2_ALPN_H3, + uint32_t options = 0, + uint64_t initial_connection_close = NGTCP2_NO_ERROR); + + void AddToSocket(QuicSocket* socket) override; + void Init( + QuicSessionConfig* config, + const struct sockaddr* addr, + const ngtcp2_cid* dcid, + const ngtcp2_cid* ocid, + uint32_t version); + int OnCert() override; + void OnCertDone( + crypto::SecureContext* context, + v8::Local ocsp_response) override; + int OnClientHello() override; + void OnClientHelloDone() override; + int OnTLSStatus() override; + + // Serializes and sends a CONNECTION_CLOSE frame as appropriate. + bool SendConnectionClose() override; + + const ngtcp2_cid* rcid() const { return &rcid_; } + ngtcp2_cid* pscid() { return &pscid_; } + + void MemoryInfo(MemoryTracker* tracker) const override {} + SET_MEMORY_INFO_NAME(QuicServerSession) + SET_SELF_SIZE(QuicServerSession) + + QuicServerSession( + QuicSocket* socket, + QuicSessionConfig* config, + v8::Local wrap, + const ngtcp2_cid* rcid, + const struct sockaddr* addr, + const ngtcp2_cid* dcid, + const ngtcp2_cid* ocid, + uint32_t version, + const std::string& alpn, + uint32_t options, + uint64_t initial_connection_close); + + private: + void DisassociateCID(const ngtcp2_cid* cid) override; + void InitTLS_Post() override; + void RemoveFromSocket() override; + + int TLSHandshake_Initial() override; + int VerifyPeerIdentity(const char* hostname) override; + + bool StartClosingPeriod(); + + ngtcp2_crypto_level GetServerCryptoLevel() override { + return tx_crypto_level_; + } + + ngtcp2_crypto_level GetClientCryptoLevel() override { + return rx_crypto_level_; + } + + void SetServerCryptoLevel(ngtcp2_crypto_level level) override { + tx_crypto_level_ = level; + } + + void SetClientCryptoLevel(ngtcp2_crypto_level level) override { + rx_crypto_level_ = level; + } + + void SetLocalCryptoLevel(ngtcp2_crypto_level level) override { + SetServerCryptoLevel(level); + } + + ngtcp2_cid pscid_{}; + ngtcp2_cid rcid_; + + MallocedBuffer conn_closebuf_; + v8::Global ocsp_response_; + + static const ngtcp2_conn_callbacks callbacks; + + friend class QuicSession; +}; + +class QuicClientSession : public QuicSession { + public: + static void Initialize( + Environment* env, + v8::Local target, + v8::Local context); + + static BaseObjectPtr New( + QuicSocket* socket, + const struct sockaddr* addr, + uint32_t version, + crypto::SecureContext* context, + const char* hostname, + uint32_t port, + v8::Local early_transport_params, + v8::Local session_ticket, + v8::Local dcid, + SelectPreferredAddressPolicy select_preferred_address_policy = + QUIC_PREFERRED_ADDRESS_IGNORE, + const std::string& alpn = NGTCP2_ALPN_H3, + uint32_t options = 0); + + QuicClientSession( + QuicSocket* socket, + v8::Local wrap, + const struct sockaddr* addr, + uint32_t version, + crypto::SecureContext* context, + const char* hostname, + uint32_t port, + v8::Local early_transport_params, + v8::Local session_ticket, + v8::Local dcid, + SelectPreferredAddressPolicy select_preferred_address_policy, + const std::string& alpn, + uint32_t options); + + void AddToSocket(QuicSocket* socket) override; + int OnTLSStatus() override; + + bool SetEarlyTransportParams(v8::Local buffer); + bool SetSocket(QuicSocket* socket, bool nat_rebinding = false); + int SetSession(SSL_SESSION* session); + bool SetSession(v8::Local buffer); + + bool SendConnectionClose() override; + + void MemoryInfo(MemoryTracker* tracker) const override {} + SET_MEMORY_INFO_NAME(QuicClientSession) + SET_SELF_SIZE(QuicClientSession) + + private: + void HandleError() override; + void InitTLS_Post() override; + bool ReceiveRetry() override; + bool SelectPreferredAddress( + ngtcp2_addr* dest, + const ngtcp2_preferred_addr* paddr) override; + void StoreRemoteTransportParams(ngtcp2_transport_params* params) override; + int TLSHandshake_Complete() override; + int TLSHandshake_Initial() override; + int VerifyPeerIdentity(const char* hostname) override; + void VersionNegotiation( + const ngtcp2_pkt_hd* hd, + const uint32_t* sv, + size_t nsv) override; + + bool Init( + const struct sockaddr* addr, + uint32_t version, + v8::Local early_transport_params, + v8::Local session_ticket, + v8::Local dcid); + bool SetupInitialCryptoContext(); + + ngtcp2_crypto_level GetServerCryptoLevel() override { + return rx_crypto_level_; + } + + ngtcp2_crypto_level GetClientCryptoLevel() override { + return tx_crypto_level_; + } + + void SetServerCryptoLevel(ngtcp2_crypto_level level) override { + rx_crypto_level_ = level; + } + + void SetClientCryptoLevel(ngtcp2_crypto_level level) override { + tx_crypto_level_ = level; + } + + void SetLocalCryptoLevel(ngtcp2_crypto_level level) override { + SetClientCryptoLevel(level); + } + + uint32_t version_; + uint32_t port_; + SelectPreferredAddressPolicy select_preferred_address_policy_; + std::string hostname_; + + ngtcp2_transport_params transport_params_; + bool has_transport_params_; + + + static const ngtcp2_conn_callbacks callbacks; + + friend class QuicSession; +}; + +} // namespace quic +} // namespace node + +#endif // NODE_WANT_INTERNALS +#endif // SRC_NODE_QUIC_SESSION_H_ diff --git a/src/node_quic_socket.cc b/src/node_quic_socket.cc new file mode 100644 index 0000000000..f7d808df26 --- /dev/null +++ b/src/node_quic_socket.cc @@ -0,0 +1,1312 @@ +#include "async_wrap-inl.h" +#include "debug_utils.h" +#include "env-inl.h" +#include "nghttp2/nghttp2.h" +#include "node.h" +#include "node_crypto.h" +#include "node_internals.h" +#include "node_mem-inl.h" +#include "node_quic_crypto.h" +#include "node_quic_session-inl.h" +#include "node_quic_socket.h" +#include "node_quic_util.h" +#include "util.h" +#include "uv.h" +#include "v8.h" + +#include + +namespace node { + +using crypto::EntropySource; +using crypto::SecureContext; + +using v8::Boolean; +using v8::Context; +using v8::FunctionCallbackInfo; +using v8::FunctionTemplate; +using v8::HandleScope; +using v8::Integer; +using v8::Isolate; +using v8::Local; +using v8::Number; +using v8::Object; +using v8::PropertyAttribute; +using v8::String; +using v8::Value; + +namespace quic { + +namespace { +inline uint32_t GenerateReservedVersion( + const sockaddr* addr, + uint32_t version) { + socklen_t addrlen = SocketAddress::GetAddressLen(addr); + uint32_t h = 0x811C9DC5u; + const uint8_t* p = reinterpret_cast(addr); + const uint8_t* ep = p + addrlen; + for (; p != ep; ++p) { + h ^= *p; + h *= 0x01000193u; + } + version = htonl(version); + p = reinterpret_cast(&version); + ep = p + sizeof(version); + for (; p != ep; ++p) { + h ^= *p; + h *= 0x01000193u; + } + h &= 0xf0f0f0f0u; + h |= 0x0a0a0a0au; + return h; +} +} // namespace + +QuicSocket::QuicSocket( + Environment* env, + Local wrap, + uint64_t retry_token_expiration, + size_t max_connections_per_host, + uint32_t options) : + HandleWrap(env, wrap, + reinterpret_cast(&handle_), + AsyncWrap::PROVIDER_QUICSOCKET), + alloc_info_(MakeAllocator()), + options_(options), + max_connections_per_host_(max_connections_per_host), + retry_token_expiration_(retry_token_expiration), + server_alpn_(NGTCP2_ALPN_H3), + stats_buffer_( + env->isolate(), + sizeof(socket_stats_) / sizeof(uint64_t), + reinterpret_cast(&socket_stats_)) { + CHECK_EQ(uv_udp_init(env->event_loop(), &handle_), 0); + Debug(this, "New QuicSocket created."); + + EntropySource(token_secret_.data(), token_secret_.size()); + socket_stats_.created_at = uv_hrtime(); + + USE(wrap->DefineOwnProperty( + env->context(), + env->stats_string(), + stats_buffer_.GetJSArray(), + PropertyAttribute::ReadOnly)); +} + +QuicSocket::~QuicSocket() { + uint64_t now = uv_hrtime(); + Debug(this, + "QuicSocket destroyed.\n" + " Duration: %" PRIu64 "\n" + " Bound Duration: %" PRIu64 "\n" + " Listen Duration: %" PRIu64 "\n" + " Bytes Received: %" PRIu64 "\n" + " Bytes Sent: %" PRIu64 "\n" + " Packets Received: %" PRIu64 "\n" + " Packets Sent: %" PRIu64 "\n" + " Packets Ignored: %" PRIu64 "\n" + " Server Sessions: %" PRIu64 "\n" + " Client Sessions: %" PRIu64 "\n", + now - socket_stats_.created_at, + socket_stats_.bound_at > 0 ? now - socket_stats_.bound_at : 0, + socket_stats_.listen_at > 0 ? now - socket_stats_.listen_at : 0, + socket_stats_.bytes_received, + socket_stats_.bytes_sent, + socket_stats_.packets_received, + socket_stats_.packets_sent, + socket_stats_.packets_ignored, + socket_stats_.server_sessions, + socket_stats_.client_sessions); +} + +void QuicSocket::MemoryInfo(MemoryTracker* tracker) const { + // TODO(@jasnell): Implement memory tracking information +} + +void QuicSocket::AddSession( + QuicCID* cid, + BaseObjectPtr session) { + sessions_[cid->ToStr()] = session; + IncrementSocketAddressCounter(**session->GetRemoteAddress()); + IncrementSocketStat( + 1, &socket_stats_, + session->Side() == NGTCP2_CRYPTO_SIDE_SERVER ? + &socket_stats::server_sessions : + &socket_stats::client_sessions); +} + +void QuicSocket::AssociateCID( + QuicCID* cid, + QuicCID* scid) { + dcid_to_scid_.emplace(cid->ToStr(), scid->ToStr()); +} + +int QuicSocket::Bind( + const char* address, + uint32_t port, + uint32_t flags, + int family) { + Debug(this, + "Binding to address %s, port %d, with flags %d, and family %d", + address, port, flags, family); + + HandleScope scope(env()->isolate()); + Context::Scope context_scope(env()->context()); + + sockaddr_storage addr; + int err = SocketAddress::ToSockAddr(family, address, port, &addr); + if (err != 0) + return err; + + Local arg = Undefined(env()->isolate()); + + err = + uv_udp_bind( + &handle_, + reinterpret_cast(&addr), + flags); + if (err != 0) { + Debug(this, "Bind failed. Error %d", err); + arg = Integer::New(env()->isolate(), err); + MakeCallback(env()->quic_on_socket_error_function(), 1, &arg); + return 0; + } + + local_address_.Set(&handle_); + +#if !defined(_WIN32) + int fd = UV_EBADF; + uv_fileno(reinterpret_cast(&handle_), &fd); + if (fd != UV_EBADF) + arg = Integer::New(env()->isolate(), fd); +#endif + + MakeCallback(env()->quic_on_socket_ready_function(), 1, &arg); + socket_stats_.bound_at = uv_hrtime(); + return 0; +} + +// If there are no pending QuicSocket::SendWrap callbacks, the +// QuicSocket instance will be closed immediately and the +// close callback will be invoked. Otherwise, the QuicSocket +// will be marked as pending close and will close as soon as +// the final remaining QuicSocket::SendWrap callback is invoked. +// This design ensures that packets that have been sent down to +// the libuv level are processed even tho we are shutting down. +// +// TODO(@jasnell): We will want to implement an additional function +// that will close things down immediately, canceling any still +// pending operations. +void QuicSocket::Close(Local close_callback) { + if (!IsInitialized() || IsFlagSet(QUICSOCKET_FLAGS_PENDING_CLOSE)) + return; + SetFlag(QUICSOCKET_FLAGS_PENDING_CLOSE); + Debug(this, "Closing"); + + CHECK_EQ(false, persistent().IsEmpty()); + if (!close_callback.IsEmpty() && close_callback->IsFunction()) { + object()->Set(env()->context(), + env()->handle_onclose_symbol(), + close_callback).Check(); + } + + // Attempt to close immediately. + MaybeClose(); +} + +// A QuicSocket can close if there are no pending udp send +// callbacks and QuicSocket::Close() has been called. +void QuicSocket::MaybeClose() { + if (!IsInitialized() || + !IsFlagSet(QUICSOCKET_FLAGS_PENDING_CLOSE) || + HasPendingCallbacks()) + return; + + CHECK_EQ(false, persistent().IsEmpty()); + + Debug(this, "Closing the libuv handle"); + + // Close the libuv handle first. The OnClose handler + // will free the QuicSocket instance after it invokes + // the close callback, letting the JavaScript side know + // that the handle is being freed. + uv_close(GetHandle(), OnClose); + MarkAsClosing(); +} + + +void QuicSocket::DisassociateCID(QuicCID* cid) { + Debug(this, "Removing associations for cid %s", cid->ToHex().c_str()); + dcid_to_scid_.erase(cid->ToStr()); +} + +void QuicSocket::Listen( + SecureContext* sc, + const sockaddr* preferred_address, + const std::string& alpn, + uint32_t options) { + CHECK_NOT_NULL(sc); + CHECK_NULL(server_secure_context_); + CHECK(!IsFlagSet(QUICSOCKET_FLAGS_SERVER_LISTENING)); + Debug(this, "Starting to listen."); + server_session_config_.Set(env(), preferred_address); + server_secure_context_ = sc; + server_alpn_ = alpn; + server_options_ = options; + SetFlag(QUICSOCKET_FLAGS_SERVER_LISTENING); + socket_stats_.listen_at = uv_hrtime(); + ReceiveStart(); +} + +// StopListening is called when the QuicSocket is no longer +// accepting new server connections. Typically, this is called +// when the QuicSocket enters a graceful closing state where +// existing sessions are allowed to close naturally but new +// sessions are rejected. +void QuicSocket::StopListening() { + if (!IsFlagSet(QUICSOCKET_FLAGS_SERVER_LISTENING)) + return; + Debug(this, "Stop listening."); + SetFlag(QUICSOCKET_FLAGS_SERVER_LISTENING, false); +} + +void QuicSocket::OnAlloc( + uv_handle_t* handle, + size_t suggested_size, + uv_buf_t* buf) { + QuicSocket* socket = + ContainerOf(&QuicSocket::handle_, reinterpret_cast(handle)); + *buf = socket->env()->AllocateManaged(suggested_size).release(); +} + +void QuicSocket::OnRecv( + uv_udp_t* handle, + ssize_t nread, + const uv_buf_t* buf_, + const struct sockaddr* addr, + unsigned int flags) { + QuicSocket* socket = ContainerOf(&QuicSocket::handle_, handle); + AllocatedBuffer buf(socket->env(), *buf_); + + if (nread == 0) + return; + + if (nread < 0) { + Debug(socket, "Reading data from UDP socket failed. Error %d", nread); + Environment* env = socket->env(); + HandleScope scope(env->isolate()); + Context::Scope context_scope(env->context()); + Local arg = Number::New(env->isolate(), static_cast(nread)); + socket->MakeCallback(env->quic_on_socket_error_function(), 1, &arg); + return; + } + + socket->Receive(nread, std::move(buf), addr, flags); +} + +void QuicSocket::Receive( + ssize_t nread, + AllocatedBuffer buf, + const struct sockaddr* addr, + unsigned int flags) { + Debug(this, "Receiving %d bytes from the UDP socket.", nread); + + // When diagnostic packet loss is enabled, the packet will be randomly + // dropped based on the rx_loss_ probability. + if (UNLIKELY(IsDiagnosticPacketLoss(rx_loss_))) { + Debug(this, "Simulating received packet loss."); + return; + } + + IncrementSocketStat(nread, &socket_stats_, &socket_stats::bytes_received); + + const uint8_t* data = reinterpret_cast(buf.data()); + + uint32_t pversion; + const uint8_t* pdcid; + size_t pdcidlen; + const uint8_t* pscid; + size_t pscidlen; + + if (ngtcp2_pkt_decode_version_cid( + &pversion, + &pdcid, + &pdcidlen, + &pscid, + &pscidlen, + data, nread, NGTCP2_SV_SCIDLEN) < 0) { + // There's nothing we can do here but ignore the packet. The packet + // is likely not a QUIC packet or is malformed in some way. + IncrementSocketStat(1, &socket_stats_, &socket_stats::packets_ignored); + return; + } + + if (pdcidlen > NGTCP2_MAX_CIDLEN || pscidlen > NGTCP2_MAX_CIDLEN) { + // QUIC currently requires CID lengths of max NGTCP2_MAX_CIDLEN. The + // ngtcp2 API allows non-standard lengths, and we may want to allow + // non-standard lengths later. But for now, we're going to ignore any + // packet with a non-standard CID length. + IncrementSocketStat(1, &socket_stats_, &socket_stats::packets_ignored); + return; + } + + QuicCID dcid(pdcid, pdcidlen); + QuicCID scid(pscid, pscidlen); + + std::string dcid_hex = dcid.ToHex(); + std::string dcid_str = dcid.ToStr(); + Debug(this, "Received a QUIC packet for dcid %s", dcid_hex.c_str()); + + // Grabbing a shared pointer to prevent the QuicSession from + // desconstructing while we're still using it. The session may + // end up being destroyed, however, so we have to make sure + // we're checking for that. + BaseObjectPtr session; + + // Identify the appropriate handler + auto session_it = sessions_.find(dcid_str); + if (session_it == std::end(sessions_)) { + auto scid_it = dcid_to_scid_.find(dcid_str); + if (scid_it == std::end(dcid_to_scid_)) { + Debug(this, "There is no existing session for dcid %s", dcid_hex.c_str()); + + // TODO(@jasnell): If the DCID was previously known, and there is a + // known stateless reset token, then we should we ought to be able + // to send a stateless reset at this point. It's likely that the + // endpoint crashed and the peer is still trying to send data. + // Currently, however, we don't keep track of previously used CID's + // and their reset tokens so we can't implement this yet. A proper + // implementation will track CIDs and reset tokens but only across + // a single restart. These will be associated with the local address + // (that is, a QuicSocket bound to one local port should never use + // the CIDs and reset tokens from a QuicSocket bound to another). + // It's not entirely clear how this should be implemented. + + // AcceptInitialPacket will first validate that the packet can be + // accepted, then create a new QuicServerSession instance if able + // to do so. If a new instance cannot be created (for any reason), + // the session shared_ptr will be empty on return. + session = AcceptInitialPacket( + pversion, + &dcid, + &scid, + nread, + data, + addr, + flags); + + // There are many reasons why a QuicServerSession could not be + // created. The most common will be invalid packets or incorrect + // QUIC version. In any of these cases, however, to prevent a + // potential attacker from causing us to consume resources, + // we're just going to ignore the packet. It is possible that + // the AcceptInitialPacket sent a version negotiation packet, + // or (in the future) a CONNECTION_CLOSE packet. + if (!session) { + Debug(this, "Could not initialize a new QuicServerSession."); + IncrementSocketStat(1, &socket_stats_, &socket_stats::packets_ignored); + return; + } + } else { + session_it = sessions_.find(scid_it->second); + session = session_it->second; + CHECK_NE(session_it, std::end(sessions_)); + } + } else { + session = session_it->second; + } + + CHECK(session); + + // If the packet could not successfully processed for any reason (possibly + // due to being malformed or malicious in some way) we ignore it completely. + if (!session->Receive(nread, data, addr, flags)) { + IncrementSocketStat(1, &socket_stats_, &socket_stats::packets_ignored); + return; + } + + IncrementSocketStat(1, &socket_stats_, &socket_stats::packets_received); +} + +int QuicSocket::ReceiveStart() { + int err = uv_udp_recv_start(&handle_, OnAlloc, OnRecv); + if (err == UV_EALREADY) + err = 0; + return err; +} + +int QuicSocket::ReceiveStop() { + return uv_udp_recv_stop(&handle_); +} + +void QuicSocket::RemoveSession(QuicCID* cid, const sockaddr* addr) { + sessions_.erase(cid->ToStr()); + DecrementSocketAddressCounter(addr); +} + +void QuicSocket::ReportSendError(int error) { + HandleScope scope(env()->isolate()); + Context::Scope context_scope(env()->context()); + Local arg = Integer::New(env()->isolate(), error); + MakeCallback(env()->quic_on_socket_error_function(), 1, &arg); + return; +} + +void QuicSocket::SendInitialConnectionClose( + uint32_t version, + uint64_t error_code, + QuicCID* dcid, + const sockaddr* addr) { + + // ngtcp2 currently does not provide a convenient API for serializing + // CONNECTION_CLOSE packets on an initial frame that does not have + // a ngtcp2_conn initialized, so we have to create one with a simple + // default configuration and use it to serialize the frame. + + ngtcp2_cid scid; + EntropySource(scid.data, NGTCP2_SV_SCIDLEN); + scid.datalen = NGTCP2_SV_SCIDLEN; + + SocketAddress remote_address; + remote_address.Copy(addr); + QuicPath path(GetLocalAddress(), &remote_address); + + ngtcp2_conn_callbacks callbacks; + + ngtcp2_settings settings; + ngtcp2_settings_default(&settings); + + ngtcp2_conn* conn; + ngtcp2_conn_server_new( + &conn, + **dcid, + &scid, + *path, + version, + &callbacks, + &settings, + &alloc_info_, + nullptr); + + SendWrapStack* req = + new SendWrapStack( + this, + addr, + NGTCP2_MAX_PKTLEN_IPV6, + "initial cc"); + + ssize_t nwrite = + ngtcp2_conn_write_connection_close( + conn, + *path, + req->buffer(), + NGTCP2_MAX_PKTLEN_IPV6, + error_code, + uv_hrtime()); + + // Be sure the delete the connection pointer once the connection frame + // is serialized. We won't be using this one any longer. + ngtcp2_conn_del(conn); + + if (nwrite > 0) { + req->SetLength(nwrite); + if (req->Send() != 0) delete req; // TODO(addaleax): Better error handling? + } +} + +void QuicSocket::SendVersionNegotiation( + uint32_t version, + QuicCID* dcid, + QuicCID* scid, + const sockaddr* addr) { + SendWrapStack* req = + new SendWrapStack( + this, + addr, + NGTCP2_MAX_PKTLEN_IPV6, + "version negotiation"); + + std::array sv; + sv[0] = GenerateReservedVersion(addr, version); + sv[1] = NGTCP2_PROTO_VER; + + uint8_t unused_random; + EntropySource(&unused_random, 1); + + ssize_t nwrite = ngtcp2_pkt_write_version_negotiation( + req->buffer(), + NGTCP2_MAX_PKTLEN_IPV6, + unused_random, + dcid->data(), + dcid->length(), + scid->data(), + scid->length(), + sv.data(), + sv.size()); + if (nwrite < 0) + return; + req->SetLength(nwrite); + if (req->Send() != 0) delete req; // TODO(addaleax): Better error handling? +} + +ssize_t QuicSocket::SendRetry( + uint32_t version, + QuicCID* dcid, + QuicCID* scid, + const sockaddr* addr) { + SendWrapStack* req = + new SendWrapStack( + this, + addr, + NGTCP2_MAX_PKTLEN_IPV6, + "retry"); + + std::array token; + size_t tokenlen = token.size(); + + if (!GenerateRetryToken( + token.data(), &tokenlen, + addr, + **dcid, + &token_secret_)) { + return -1; + } + + ngtcp2_pkt_hd hd; + hd.version = version; + hd.flags = NGTCP2_PKT_FLAG_LONG_FORM; + hd.type = NGTCP2_PKT_RETRY; + hd.pkt_num = 0; + hd.token = nullptr; + hd.tokenlen = 0; + hd.len = 0; + hd.dcid = ***scid; + hd.scid.datalen = NGTCP2_SV_SCIDLEN; + + EntropySource(hd.scid.data, NGTCP2_SV_SCIDLEN); + + ssize_t nwrite = + ngtcp2_pkt_write_retry( + req->buffer(), + NGTCP2_MAX_PKTLEN_IPV4, + &hd, + **dcid, + token.data(), + tokenlen); + if (nwrite <= 0) + return nwrite; + req->SetLength(nwrite); + + int err = req->Send(); + if (err != 0) delete req; + return err; +} + +namespace { + SocketAddress::Hash addr_hash; +}; + +void QuicSocket::SetValidatedAddress(const sockaddr* addr) { + if (IsOptionSet(QUICSOCKET_OPTIONS_VALIDATE_ADDRESS_LRU)) { + // Remove the oldest item if we've hit the LRU limit + validated_addrs_.push_back(addr_hash(addr)); + if (validated_addrs_.size() > MAX_VALIDATE_ADDRESS_LRU) + validated_addrs_.pop_front(); + } +} + +bool QuicSocket::IsValidatedAddress(const sockaddr* addr) const { + if (IsOptionSet(QUICSOCKET_OPTIONS_VALIDATE_ADDRESS_LRU)) { + auto res = std::find(std::begin(validated_addrs_), + std::end(validated_addrs_), + addr_hash(addr)); + return res != std::end(validated_addrs_); + } + return false; +} + +BaseObjectPtr QuicSocket::AcceptInitialPacket( + uint32_t version, + QuicCID* dcid, + QuicCID* scid, + ssize_t nread, + const uint8_t* data, + const struct sockaddr* addr, + unsigned int flags) { + HandleScope handle_scope(env()->isolate()); + Context::Scope context_scope(env()->context()); + ngtcp2_pkt_hd hd; + ngtcp2_cid ocid; + ngtcp2_cid* ocid_ptr = nullptr; + uint64_t initial_connection_close = NGTCP2_NO_ERROR; + + if (!IsFlagSet(QUICSOCKET_FLAGS_SERVER_LISTENING)) { + Debug(this, "QuicSocket is not listening"); + return {}; + } + + // Perform some initial checks on the packet to see if it is an + // acceptable initial packet with the right QUIC version. + switch (QuicServerSession::Accept(&hd, data, nread)) { + case QuicServerSession::InitialPacketResult::PACKET_VERSION: + SendVersionNegotiation(version, dcid, scid, addr); + // Fall-through to ignore packet + case QuicServerSession::InitialPacketResult::PACKET_IGNORE: + return {}; + case QuicServerSession::InitialPacketResult::PACKET_OK: + break; + } + + // If the server is busy, new connections will be shut down immediately + // after the initial keys are installed. + if (IsFlagSet(QUICSOCKET_FLAGS_SERVER_BUSY)) { + Debug(this, "QuicSocket is busy"); + initial_connection_close = NGTCP2_SERVER_BUSY; + } + + // Check to see if the number of connections for this peer has been exceeded. + // If the count has been exceeded, shutdown the connection immediately + // after the initial keys are installed. + if (GetCurrentSocketAddressCounter(addr) >= max_connections_per_host_) { + Debug(this, "Connection count for address exceeded"); + initial_connection_close = NGTCP2_SERVER_BUSY; + } + + // QUIC has address validation built in to the handshake but allows for + // an additional explicit validation request using RETRY frames. If we + // are using explicit validation, we check for the existence of a valid + // retry token in the packet. If one does not exist, we send a retry with + // a new token. If it does exist, and if it's valid, we grab the original + // cid and continue. + // + // If initial_connection_close is not NGTCP2_NO_ERROR, skip address + // validation since we're going to reject the connection anyway. + if (initial_connection_close == NGTCP2_NO_ERROR && + IsOptionSet(QUICSOCKET_OPTIONS_VALIDATE_ADDRESS) && + hd.type == NGTCP2_PKT_INITIAL) { + // If the VALIDATE_ADDRESS_LRU option is set, IsValidatedAddress + // will check to see if the given address is in the validated_addrs_ + // LRU cache. If it is, we'll skip the validation step entirely. + // The VALIDATE_ADDRESS_LRU option is disable by default. + if (!IsValidatedAddress(addr)) { + Debug(this, "Performing explicit address validation."); + if (InvalidRetryToken( + env(), + &ocid, + &hd, + addr, + &token_secret_, + retry_token_expiration_)) { + Debug(this, "A valid retry token was not found. Sending retry."); + SendRetry(version, dcid, scid, addr); + return {}; + } + Debug(this, "A valid retry token was found. Continuing."); + SetValidatedAddress(addr); + ocid_ptr = &ocid; + } else { + Debug(this, "Skipping validation for recently validated address."); + } + } + + BaseObjectPtr session = + QuicServerSession::New( + this, + &server_session_config_, + **dcid, + addr, + **scid, + ocid_ptr, + version, + server_alpn_, + server_options_, + initial_connection_close); + Local arg = session->object(); + MakeCallback(env()->quic_on_session_ready_function(), 1, &arg); + + // The above MakeCallback will notify the JavaScript side that a new + // QuicServerSession has been created in an event emitted on nextTick. + // The user may destroy() the QuicServerSession in that event but that + // won't impact the code here. + + return session; +} + +void QuicSocket::IncrementSocketAddressCounter(const sockaddr* addr) { + addr_counts_[addr]++; +} + +void QuicSocket::DecrementSocketAddressCounter(const sockaddr* addr) { + auto it = addr_counts_.find(addr); + if (it == std::end(addr_counts_)) + return; + it->second--; + // Remove the address if the counter reaches zero again. + if (it->second == 0) + addr_counts_.erase(addr); +} + +size_t QuicSocket::GetCurrentSocketAddressCounter(const sockaddr* addr) { + auto it = addr_counts_.find(addr); + if (it == std::end(addr_counts_)) + return 0; + return it->second; +} + +void QuicSocket::SetServerBusy(bool on) { + Debug(this, "Turning Server Busy Response %s", on ? "on" : "off"); + SetFlag(QUICSOCKET_FLAGS_SERVER_BUSY, on); + + HandleScope handle_scope(env()->isolate()); + Context::Scope context_scope(env()->context()); + Local arg = Boolean::New(env()->isolate(), on); + MakeCallback(env()->quic_on_socket_server_busy_function(), 1, &arg); +} + +int QuicSocket::SetTTL(int ttl) { + Debug(this, "Setting UDP TTL to %d", ttl); + return uv_udp_set_ttl(&handle_, ttl); +} + +int QuicSocket::SetMulticastTTL(int ttl) { + Debug(this, "Setting UDP Multicast TTL to %d", ttl); + return uv_udp_set_multicast_ttl(&handle_, ttl); +} + +int QuicSocket::SetBroadcast(bool on) { + Debug(this, "Turning UDP Broadcast %s", on ? "on" : "off"); + return uv_udp_set_broadcast(&handle_, on ? 1 : 0); +} + +int QuicSocket::SetMulticastLoopback(bool on) { + Debug(this, "Turning UDP Multicast Loopback %s", on ? "on" : "off"); + return uv_udp_set_multicast_loop(&handle_, on ? 1 : 0); +} + +int QuicSocket::SetMulticastInterface(const char* iface) { + Debug(this, "Setting the UDP Multicast Interface to %s", iface); + return uv_udp_set_multicast_interface(&handle_, iface); +} + +int QuicSocket::AddMembership(const char* address, const char* iface) { + Debug(this, "Joining UDP group: address %s, iface %s", address, iface); + return uv_udp_set_membership(&handle_, address, iface, UV_JOIN_GROUP); +} + +int QuicSocket::DropMembership(const char* address, const char* iface) { + Debug(this, "Leaving UDP group: address %s, iface %s", address, iface); + return uv_udp_set_membership(&handle_, address, iface, UV_LEAVE_GROUP); +} + +int QuicSocket::SendPacket( + const sockaddr* dest, + QuicBuffer* buffer, + BaseObjectPtr session, + const char* diagnostic_label) { + // If there is no data in the buffer, + // or no data remaining to be read, + // do nothing to avoid allocating + // a SendWrap... + if (buffer->Length() == 0 || buffer->RemainingLength() == 0) + return 0; + + char host[INET6_ADDRSTRLEN]; + SocketAddress::GetAddress(dest, host, sizeof(host)); + Debug(this, "Sending to %s at port %d", host, SocketAddress::GetPort(dest)); + + QuicSocket::SendWrap* wrap = + new QuicSocket::SendWrap( + this, + dest, + buffer, + session, + diagnostic_label); + int err = wrap->Send(); + if (err != 0) delete wrap; + return err; +} + +void QuicSocket::OnSend( + int status, + size_t length, + const char* diagnostic_label) { + IncrementSocketStat( + length, + &socket_stats_, + &socket_stats::bytes_sent); + IncrementSocketStat( + 1, + &socket_stats_, + &socket_stats::packets_sent); + + Debug(this, "Packet sent status: %d (label: %s)", + status, + diagnostic_label != nullptr ? diagnostic_label : "unspecified"); + + DecrementPendingCallbacks(); + MaybeClose(); +} + +QuicSocket::SendWrapBase::SendWrapBase( + QuicSocket* socket, + const sockaddr* dest, + const char* diagnostic_label) : + socket_(socket), + diagnostic_label_(diagnostic_label) { + req_.data = this; + address_.Copy(dest); + socket->IncrementPendingCallbacks(); +} + + +void QuicSocket::SendWrapBase::OnSend(uv_udp_send_t* req, int status) { + std::unique_ptr wrap( + static_cast(req->data)); + wrap->Done(status); +} + +bool QuicSocket::SendWrapBase::IsDiagnosticPacketLoss() { + if (Socket()->IsDiagnosticPacketLoss(Socket()->tx_loss_)) { + Debug(Socket(), "Simulating transmitted packet loss."); + Done(0); + return true; + } + return false; +} + +void QuicSocket::SendWrapBase::Done(int status) { + socket_->env()->DecreaseWaitingRequestCounter(); + socket_->OnSend(status, Length(), diagnostic_label()); +} + +QuicSocket::SendWrapStack::SendWrapStack( + QuicSocket* socket, + const sockaddr* dest, + size_t len, + const char* diagnostic_label) : + SendWrapBase(socket, dest, diagnostic_label) { + buf_.AllocateSufficientStorage(len); +} + +int QuicSocket::SendWrapStack::Send() { + Debug(Socket(), "Sending %" PRIu64 " bytes (label: %s)", + buf_.length(), + diagnostic_label()); + + CHECK_GT(buf_.length(), 0); + + // If DiagnosticPacketLoss returns true, it will call Done() internally + if (UNLIKELY(IsDiagnosticPacketLoss())) + return 0; + + uv_buf_t buf = + uv_buf_init( + reinterpret_cast(*buf_), + buf_.length()); + + int err = uv_udp_send( + req(), + &Socket()->handle_, + &buf, 1, + **Address(), + OnSend); + // As this does not inherit from ReqWrap, we have to manage the request + // counter manually. + if (err == 0) Socket()->env()->IncreaseWaitingRequestCounter(); + return err; +} + +// The QuicSocket::SendWrap will maintain a std::weak_ref +// pointer to the buffer given to it. +QuicSocket::SendWrap::SendWrap( + QuicSocket* socket, + SocketAddress* dest, + QuicBuffer* buffer, + BaseObjectPtr session, + const char* diagnostic_label) + : SendWrap(socket, **dest, buffer, session, diagnostic_label) {} + +QuicSocket::SendWrap::SendWrap( + QuicSocket* socket, + const sockaddr* dest, + QuicBuffer* buffer, + BaseObjectPtr session, + const char* diagnostic_label) + : SendWrapBase(socket, dest, diagnostic_label), + buffer_(buffer), + session_(session) {} + +void QuicSocket::SendWrap::Done(int status) { + // If the weak_ref to the QuicBuffer is still valid + // consume the data, otherwise, do nothing + if (status == 0) { + Debug(Socket(), "Consuming %" PRId64 " bytes (label: %s)", + length_, + diagnostic_label()); + buffer_->Consume(length_); + } else { + Debug(Socket(), "Cancelling %" PRId64 " bytes (status: %d, label: %s)", + length_, + status, + diagnostic_label()); + buffer_->Cancel(status); + } + SendWrapBase::Done(status); +} + +// Sending will take the current content of the QuicBuffer +// and forward it off to the uv_udp_t handle. +int QuicSocket::SendWrap::Send() { + // Remaining Length should never be zero at this point + CHECK_GT(buffer_->RemainingLength(), 0); + + std::vector vec; + size_t len = buffer_->DrainInto(&vec, &length_); + + // len should never be zero + CHECK_GT(len, 0); + + Debug(Socket(), + "Sending %" PRIu64 " bytes (label: %s)", + length_, + diagnostic_label()); + + // If DiagnosticPacketLoss returns true, it will call Done() internally + if (UNLIKELY(IsDiagnosticPacketLoss())) + return 0; + + int err = uv_udp_send( + req(), + &(Socket()->handle_), + vec.data(), + vec.size(), + **Address(), + OnSend); + + if (err == 0) { + // As this does not inherit from ReqWrap, we have to manage the request + // counter manually. + Socket()->env()->IncreaseWaitingRequestCounter(); + Debug(Socket(), "Advancing read head %" PRIu64, length_); + buffer_->SeekHeadOffset(length_); + } + return err; +} + + + +bool QuicSocket::IsDiagnosticPacketLoss(double prob) { + if (LIKELY(prob == 0.0)) return false; + unsigned char c = 255; + EntropySource(&c, 1); + return (static_cast(c) / 255) < prob; +} + +void QuicSocket::SetDiagnosticPacketLoss(double rx, double tx) { + rx_loss_ = rx; + tx_loss_ = tx; +} + +void QuicSocket::CheckAllocatedSize(size_t previous_size) const { + CHECK_GE(current_ngtcp2_memory_, previous_size); +} + +void QuicSocket::IncreaseAllocatedSize(size_t size) { + current_ngtcp2_memory_ += size; +} + +void QuicSocket::DecreaseAllocatedSize(size_t size) { + current_ngtcp2_memory_ -= size; +} + +// JavaScript API +namespace { +void NewQuicSocket(const FunctionCallbackInfo& args) { + Environment* env = Environment::GetCurrent(args); + CHECK(args.IsConstructCall()); + + uint32_t options; + uint32_t retry_token_expiration; + uint32_t max_connections_per_host; + + if (!args[0]->Uint32Value(env->context()).To(&options) || + !args[1]->Uint32Value(env->context()).To(&retry_token_expiration) || + !args[2]->Uint32Value(env->context()).To(&max_connections_per_host)) { + return; + } + CHECK_GE(retry_token_expiration, MIN_RETRYTOKEN_EXPIRATION); + CHECK_LE(retry_token_expiration, MAX_RETRYTOKEN_EXPIRATION); + + new QuicSocket( + env, + args.This(), + retry_token_expiration, + max_connections_per_host, + options); +} + +// Enabling diagnostic packet loss enables a mode where the QuicSocket +// instance will randomly ignore received packets in order to simulate +// packet loss. This is not an API that should be enabled in production +// but is useful when debugging and diagnosing performance issues. +// Diagnostic packet loss is enabled by setting either the tx or rx +// arguments to a value between 0.0 and 1.0. Setting both values to 0.0 +// disables the mechanism. +void QuicSocketSetDiagnosticPacketLoss( + const FunctionCallbackInfo& args) { + Environment* env = Environment::GetCurrent(args); + QuicSocket* socket; + ASSIGN_OR_RETURN_UNWRAP(&socket, args.Holder()); + double rx, tx; + if (!args[0]->NumberValue(env->context()).To(&rx) || + !args[1]->NumberValue(env->context()).To(&tx)) return; + CHECK_GE(rx, 0.0f); + CHECK_GE(tx, 0.0f); + CHECK_LE(rx, 1.0f); + CHECK_LE(tx, 1.0f); + socket->SetDiagnosticPacketLoss(rx, tx); +} + +void QuicSocketAddMembership(const FunctionCallbackInfo& args) { + Environment* env = Environment::GetCurrent(args); + QuicSocket* socket; + ASSIGN_OR_RETURN_UNWRAP(&socket, args.Holder(), + args.GetReturnValue().Set(UV_EBADF)); + CHECK_EQ(args.Length(), 2); + CHECK(args[0]->IsString()); + CHECK(args[1]->IsString()); + + Utf8Value address(env->isolate(), args[0]); + Utf8Value iface(env->isolate(), args[1]); + args.GetReturnValue().Set(socket->AddMembership(*address, *iface)); +} + +void QuicSocketBind(const FunctionCallbackInfo& args) { + Environment* env = Environment::GetCurrent(args); + QuicSocket* socket; + ASSIGN_OR_RETURN_UNWRAP(&socket, args.Holder(), + args.GetReturnValue().Set(UV_EBADF)); + + CHECK_EQ(args.Length(), 4); + + node::Utf8Value address(args.GetIsolate(), args[1]); + int32_t type; + uint32_t port, flags; + if (!args[0]->Int32Value(env->context()).To(&type) || + !args[2]->Uint32Value(env->context()).To(&port) || + !args[3]->Uint32Value(env->context()).To(&flags)) + return; + CHECK(type == AF_INET || type == AF_INET6); + + args.GetReturnValue().Set(socket->Bind(*address, port, flags, type)); +} + +void QuicSocketDestroy(const FunctionCallbackInfo& args) { + QuicSocket* socket; + ASSIGN_OR_RETURN_UNWRAP(&socket, args.Holder()); + socket->ReceiveStop(); +} + +void QuicSocketDropMembership(const FunctionCallbackInfo& args) { + Environment* env = Environment::GetCurrent(args); + QuicSocket* socket; + ASSIGN_OR_RETURN_UNWRAP(&socket, args.Holder(), + args.GetReturnValue().Set(UV_EBADF)); + CHECK_EQ(args.Length(), 2); + CHECK(args[0]->IsString()); + CHECK(args[1]->IsString()); + + Utf8Value address(env->isolate(), args[0]); + Utf8Value iface(env->isolate(), args[1]); + args.GetReturnValue().Set(socket->DropMembership(*address, *iface)); +} + +void QuicSocketListen(const FunctionCallbackInfo& args) { + Environment* env = Environment::GetCurrent(args); + QuicSocket* socket; + ASSIGN_OR_RETURN_UNWRAP(&socket, args.Holder(), + args.GetReturnValue().Set(UV_EBADF)); + CHECK(args[0]->IsObject() && + env->secure_context_constructor_template()->HasInstance(args[0])); + SecureContext* sc; + ASSIGN_OR_RETURN_UNWRAP(&sc, args[0].As(), + args.GetReturnValue().Set(UV_EBADF)); + + SocketAddress* local = socket->GetLocalAddress(); + sockaddr_storage preferred_address_storage; + const sockaddr* preferred_address = local != nullptr ? **local : nullptr; + if (args[1]->IsString()) { + node::Utf8Value preferred_address_host(args.GetIsolate(), args[1]); + int32_t preferred_address_family; + uint32_t preferred_address_port; + if (!args[2]->Int32Value(env->context()).To(&preferred_address_family) || + !args[3]->Uint32Value(env->context()).To(&preferred_address_port)) + return; + if (SocketAddress::ToSockAddr( + preferred_address_family, + *preferred_address_host, + preferred_address_port, + &preferred_address_storage) == 0) { + preferred_address = + reinterpret_cast(&preferred_address_storage); + } + } + + std::string alpn(NGTCP2_ALPN_H3); + if (args[4]->IsString()) { + Utf8Value val(env->isolate(), args[4]); + alpn = val.length(); + alpn += *val; + } + + uint32_t options = 0; + if (!args[5]->Uint32Value(env->context()).To(&options)) return; + + socket->Listen(sc, preferred_address, alpn, options); +} + +void QuicSocketStopListening(const FunctionCallbackInfo& args) { + QuicSocket* socket; + ASSIGN_OR_RETURN_UNWRAP(&socket, args.Holder()); + socket->StopListening(); +} + +void QuicSocketReceiveStart(const FunctionCallbackInfo& args) { + QuicSocket* socket; + ASSIGN_OR_RETURN_UNWRAP(&socket, args.Holder(), + args.GetReturnValue().Set(UV_EBADF)); + args.GetReturnValue().Set(socket->ReceiveStart()); +} + +void QuicSocketReceiveStop(const FunctionCallbackInfo& args) { + QuicSocket* socket; + ASSIGN_OR_RETURN_UNWRAP(&socket, args.Holder(), + args.GetReturnValue().Set(UV_EBADF)); + args.GetReturnValue().Set(socket->ReceiveStop()); +} + +void QuicSocketSetBroadcast(const FunctionCallbackInfo& args) { + QuicSocket* socket; + ASSIGN_OR_RETURN_UNWRAP(&socket, args.Holder(), + args.GetReturnValue().Set(UV_EBADF)); + CHECK_EQ(args.Length(), 1); + args.GetReturnValue().Set(socket->SetBroadcast(args[0]->IsTrue())); +} + +void QuicSocketSetMulticastInterface(const FunctionCallbackInfo& args) { + Environment* env = Environment::GetCurrent(args); + QuicSocket* socket; + ASSIGN_OR_RETURN_UNWRAP(&socket, args.Holder(), + args.GetReturnValue().Set(UV_EBADF)); + CHECK_EQ(args.Length(), 1); + CHECK(args[0]->IsString()); + + Utf8Value iface(env->isolate(), args[0]); + args.GetReturnValue().Set(socket->SetMulticastInterface(*iface)); +} + +void QuicSocketSetMulticastLoopback(const FunctionCallbackInfo& args) { + QuicSocket* socket; + ASSIGN_OR_RETURN_UNWRAP(&socket, args.Holder(), + args.GetReturnValue().Set(UV_EBADF)); + CHECK_EQ(args.Length(), 1); + args.GetReturnValue().Set(socket->SetMulticastLoopback(args[0]->IsTrue())); +} + +void QuicSocketSetServerBusy(const FunctionCallbackInfo& args) { + QuicSocket* socket; + ASSIGN_OR_RETURN_UNWRAP(&socket, args.Holder()); + CHECK_EQ(args.Length(), 1); + socket->SetServerBusy(args[0]->IsTrue()); +} + +void QuicSocketSetMulticastTTL(const FunctionCallbackInfo& args) { + Environment* env = Environment::GetCurrent(args); + QuicSocket* socket; + ASSIGN_OR_RETURN_UNWRAP(&socket, args.Holder(), + args.GetReturnValue().Set(UV_EBADF)); + CHECK_EQ(args.Length(), 1); + int ttl; + if (!args[0]->Int32Value(env->context()).To(&ttl)) + return; + args.GetReturnValue().Set(socket->SetMulticastTTL(ttl)); +} + +void QuicSocketSetTTL(const FunctionCallbackInfo& args) { + Environment* env = Environment::GetCurrent(args); + QuicSocket* socket; + ASSIGN_OR_RETURN_UNWRAP(&socket, args.Holder(), + args.GetReturnValue().Set(UV_EBADF)); + CHECK_EQ(args.Length(), 1); + int ttl; + if (!args[0]->Int32Value(env->context()).To(&ttl)) + return; + args.GetReturnValue().Set(socket->SetTTL(ttl)); +} +} // namespace + +void QuicSocket::Initialize( + Environment* env, + Local target, + Local context) { + Isolate* isolate = env->isolate(); + Local class_name = FIXED_ONE_BYTE_STRING(isolate, "QuicSocket"); + Local socket = env->NewFunctionTemplate(NewQuicSocket); + socket->SetClassName(class_name); + socket->InstanceTemplate()->SetInternalFieldCount(1); + socket->InstanceTemplate()->Set(env->owner_symbol(), Null(isolate)); + env->SetProtoMethod(socket, + "addMembership", + QuicSocketAddMembership); + env->SetProtoMethod(socket, + "bind", + QuicSocketBind); + env->SetProtoMethod(socket, + "destroy", + QuicSocketDestroy); + env->SetProtoMethod(socket, + "dropMembership", + QuicSocketDropMembership); + env->SetProtoMethod(socket, + "getsockname", + node::GetSockOrPeerName); + env->SetProtoMethod(socket, + "listen", + QuicSocketListen); + env->SetProtoMethod(socket, + "receiveStart", + QuicSocketReceiveStart); + env->SetProtoMethod(socket, + "receiveStop", + QuicSocketReceiveStop); + env->SetProtoMethod(socket, + "setDiagnosticPacketLoss", + QuicSocketSetDiagnosticPacketLoss); + env->SetProtoMethod(socket, + "setTTL", + QuicSocketSetTTL); + env->SetProtoMethod(socket, + "setBroadcast", + QuicSocketSetBroadcast); + env->SetProtoMethod(socket, + "setMulticastInterface", + QuicSocketSetMulticastInterface); + env->SetProtoMethod(socket, + "setMulticastTTL", + QuicSocketSetMulticastTTL); + env->SetProtoMethod(socket, + "setMulticastLoopback", + QuicSocketSetMulticastLoopback); + env->SetProtoMethod(socket, + "setServerBusy", + QuicSocketSetServerBusy); + env->SetProtoMethod(socket, + "stopListening", + QuicSocketStopListening); + socket->Inherit(HandleWrap::GetConstructorTemplate(env)); + target->Set(context, class_name, + socket->GetFunction(env->context()).ToLocalChecked()).FromJust(); +} + +} // namespace quic +} // namespace node diff --git a/src/node_quic_socket.h b/src/node_quic_socket.h new file mode 100644 index 0000000000..85f5bf1c09 --- /dev/null +++ b/src/node_quic_socket.h @@ -0,0 +1,430 @@ +#ifndef SRC_NODE_QUIC_SOCKET_H_ +#define SRC_NODE_QUIC_SOCKET_H_ + +#if defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS + +#include "node.h" +#include "node_crypto.h" // SSLWrap +#include "node_internals.h" +#include "ngtcp2/ngtcp2.h" +#include "node_quic_session.h" +#include "node_quic_util.h" +#include "env.h" +#include "handle_wrap.h" +#include "v8.h" +#include "uv.h" + +#include +#include +#include +#include + +namespace node { + +using v8::Context; +using v8::FunctionCallbackInfo; +using v8::Local; +using v8::Object; +using v8::Value; + +namespace quic { + +static constexpr size_t MAX_VALIDATE_ADDRESS_LRU = 10; + +enum QuicSocketOptions : uint32_t { + // When enabled the QuicSocket will validate the address + // using a RETRY packet to the peer. + QUICSOCKET_OPTIONS_VALIDATE_ADDRESS = 0x1, + + // When enabled, and the VALIDATE_ADDRESS option is also + // set, the QuicSocket will use an LRU cache to track + // validated addresses. Address validation will be skipped + // if the address is currently in the cache. + QUICSOCKET_OPTIONS_VALIDATE_ADDRESS_LRU = 0x2, +}; + +class QuicSocket : public HandleWrap, + public mem::NgLibMemoryManager { + public: + static void Initialize( + Environment* env, + Local target, + Local context); + + QuicSocket( + Environment* env, + Local wrap, + uint64_t retry_token_expiration, + size_t max_connections_per_host, + uint32_t options = 0); + ~QuicSocket() override; + + SocketAddress* GetLocalAddress() { return &local_address_; } + + void Close( + v8::Local close_callback = v8::Local()) override; + + void MaybeClose(); + + int AddMembership( + const char* address, + const char* iface); + void AddSession( + QuicCID* cid, + BaseObjectPtr session); + void AssociateCID( + QuicCID* cid, + QuicCID* scid); + int Bind( + const char* address, + uint32_t port, + uint32_t flags, + int family); + void DisassociateCID( + QuicCID* cid); + int DropMembership( + const char* address, + const char* iface); + void Listen( + crypto::SecureContext* context, + const sockaddr* preferred_address = nullptr, + const std::string& alpn = NGTCP2_ALPN_H3, + uint32_t options = 0); + int ReceiveStart(); + int ReceiveStop(); + void RemoveSession( + QuicCID* cid, + const sockaddr* addr); + void ReportSendError( + int error); + int SetBroadcast( + bool on); + int SetMulticastInterface( + const char* iface); + int SetMulticastLoopback( + bool on); + int SetMulticastTTL( + int ttl); + int SetTTL( + int ttl); + int SendPacket( + const sockaddr* dest, + QuicBuffer* buf, + BaseObjectPtr session, + const char* diagnostic_label = nullptr); + void SetServerBusy(bool on); + void SetDiagnosticPacketLoss(double rx = 0.0, double tx = 0.0); + void StopListening(); + + crypto::SecureContext* GetServerSecureContext() { + return server_secure_context_; + } + + const uv_udp_t* operator*() const { return &handle_; } + + void MemoryInfo(MemoryTracker* tracker) const override; + SET_MEMORY_INFO_NAME(QuicSocket) + SET_SELF_SIZE(QuicSocket) + + // Implementation for mem::NgLibMemoryManager + void CheckAllocatedSize(size_t previous_size) const; + void IncreaseAllocatedSize(size_t size); + void DecreaseAllocatedSize(size_t size); + + private: + static void OnAlloc( + uv_handle_t* handle, + size_t suggested_size, + uv_buf_t* buf); + + static void OnRecv( + uv_udp_t* handle, + ssize_t nread, + const uv_buf_t* buf, + const struct sockaddr* addr, + unsigned int flags); + + void Receive( + ssize_t nread, + AllocatedBuffer buf, + const struct sockaddr* addr, + unsigned int flags); + + void SendInitialConnectionClose( + uint32_t version, + uint64_t error_code, + QuicCID* dcid, + const sockaddr* addr); + + void SendVersionNegotiation( + uint32_t version, + QuicCID* dcid, + QuicCID* scid, + const sockaddr* addr); + + void OnSend( + int status, + size_t length, + const char* diagnostic_label); + + void SetValidatedAddress(const sockaddr* addr); + bool IsValidatedAddress(const sockaddr* addr) const; + + BaseObjectPtr AcceptInitialPacket( + uint32_t version, + QuicCID* dcid, + QuicCID* scid, + ssize_t nread, + const uint8_t* data, + const struct sockaddr* addr, + unsigned int flags); + ssize_t SendRetry( + uint32_t version, + QuicCID* dcid, + QuicCID* scid, + const sockaddr* addr); + + void IncrementSocketAddressCounter(const sockaddr* addr); + void DecrementSocketAddressCounter(const sockaddr* addr); + size_t GetCurrentSocketAddressCounter(const sockaddr* addr); + + void IncrementPendingCallbacks() { pending_callbacks_++; } + void DecrementPendingCallbacks() { pending_callbacks_--; } + bool HasPendingCallbacks() { return pending_callbacks_ > 0; } + + template + friend void node::GetSockOrPeerName( + const v8::FunctionCallbackInfo&); + + // Returns true if, and only if, diagnostic packet loss is enabled + // and the current packet should be artificially considered lost. + bool IsDiagnosticPacketLoss(double prob); + + // Fields and TypeDefs + typedef uv_udp_t HandleType; + + enum QuicSocketFlags : uint32_t { + QUICSOCKET_FLAGS_NONE = 0x0, + + // Indicates that the QuicSocket has entered a graceful + // closing phase, indicating that no additional + QUICSOCKET_FLAGS_GRACEFUL_CLOSE = 0x1, + QUICSOCKET_FLAGS_PENDING_CLOSE = 0x2, + QUICSOCKET_FLAGS_SERVER_LISTENING = 0x4, + QUICSOCKET_FLAGS_SERVER_BUSY = 0x8, + }; + + void SetFlag(QuicSocketFlags flag, bool on = true) { + if (on) + flags_ |= flag; + else + flags_ &= ~flag; + } + + bool IsFlagSet(QuicSocketFlags flag) const { + return flags_ & flag; + } + + void SetOption(QuicSocketOptions option, bool on = true) { + if (on) + options_ |= option; + else + options_ &= ~option; + } + + bool IsOptionSet(QuicSocketOptions option) const { + return options_ & option; + } + + ngtcp2_mem alloc_info_; + uv_udp_t handle_; + uint32_t flags_ = QUICSOCKET_FLAGS_NONE; + uint32_t options_; + uint32_t server_options_; + + size_t pending_callbacks_ = 0; + size_t max_connections_per_host_; + size_t current_ngtcp2_memory_ = 0; + + uint64_t retry_token_expiration_; + + // Used to specify diagnostic packet loss probabilities + double rx_loss_ = 0.0; + double tx_loss_ = 0.0; + + SocketAddress local_address_; + QuicSessionConfig server_session_config_; + crypto::SecureContext* server_secure_context_ = nullptr; + std::string server_alpn_; + std::unordered_map> sessions_; + std::unordered_map dcid_to_scid_; + std::array token_secret_; + + // Counts the number of active connections per remote + // address. A custom std::hash specialization for + // sockaddr instances is used. Values are incremented + // when a QuicSession is added to the socket, and + // decremented when the QuicSession is removed. If the + // value reaches the value of max_connections_per_host_, + // attempts to create new connections will be ignored + // until the value falls back below the limit. + std::unordered_map + addr_counts_; + + // The validated_addrs_ vector is used as an LRU cache for + // validated addresses only when the VALIDATE_ADDRESS_LRU + // option is set. + typedef size_t SocketAddressHash; + std::deque validated_addrs_; + + struct socket_stats { + // The timestamp at which the socket was created + uint64_t created_at; + // The timestamp at which the socket was bound + uint64_t bound_at; + // The timestamp at which the socket began listening + uint64_t listen_at; + // The total number of bytes received (and not ignored) + // by this QuicSocket instance. + uint64_t bytes_received; + + // The total number of bytes successfully sent by this + // QuicSocket instance. + uint64_t bytes_sent; + + // The total number of packets received (and not ignored) + // by this QuicSocket instance. + uint64_t packets_received; + + // The total number of packets ignored by this QuicSocket + // instance. Packets are ignored if they are invalid in + // some way. A high number of ignored packets could signal + // a buggy or malicious peer. + uint64_t packets_ignored; + + // The total number of packets successfully sent by this + // QuicSocket instance. + uint64_t packets_sent; + + // The total number of QuicServerSessions that have been + // associated with this QuicSocket instance. + uint64_t server_sessions; + + // The total number of QuicClientSessions that have been + // associated with this QuicSocket instance. + uint64_t client_sessions; + }; + socket_stats socket_stats_{0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; + + AliasedBigUint64Array stats_buffer_; + + template + void IncrementSocketStat( + uint64_t amount, + socket_stats* a, + Members... mems) { + static uint64_t max = std::numeric_limits::max(); + uint64_t current = access(a, mems...); + uint64_t delta = std::min(amount, max - current); + access(a, mems...) += delta; + } + + class SendWrapBase { + public: + SendWrapBase( + QuicSocket* socket, + const sockaddr* dest, + const char* diagnostic_label = nullptr); + + virtual ~SendWrapBase() = default; + + virtual void Done(int status); + + virtual int Send() = 0; + + uv_udp_send_t* operator*() { return &req_; } + + uv_udp_send_t* req() { return &req_; } + + QuicSocket* Socket() { return socket_.get(); } + + SocketAddress* Address() { return &address_; } + + const char* diagnostic_label() const { return diagnostic_label_; } + + static void OnSend( + uv_udp_send_t* req, + int status); + + virtual size_t Length() = 0; + + bool IsDiagnosticPacketLoss(); + + private: + uv_udp_send_t req_; + BaseObjectPtr socket_; + SocketAddress address_; + const char* diagnostic_label_; + }; + + // The SendWrap drains the given QuicBuffer and sends it to the + // uv_udp_t handle. When the async operation completes, the done_cb + // is invoked with the status and the user_data forwarded on. + class SendWrap : public SendWrapBase { + public: + SendWrap( + QuicSocket* socket, + SocketAddress* dest, + QuicBuffer* buffer, + BaseObjectPtr session, + const char* diagnostic_label = nullptr); + + SendWrap( + QuicSocket* socket, + const sockaddr* dest, + QuicBuffer* buffer, + BaseObjectPtr session, + const char* diagnostic_label = nullptr); + + void Done(int status) override; + + int Send() override; + + size_t Length() override { return length_; } + + private: + QuicBuffer* buffer_; + BaseObjectPtr session_; + size_t length_ = 0; + }; + + class SendWrapStack : public SendWrapBase { + public: + SendWrapStack( + QuicSocket* socket, + const sockaddr* dest, + size_t len, + const char* diagnostic_label = nullptr); + + int Send() override; + + uint8_t* buffer() { return *buf_; } + + void SetLength(size_t len) { + buf_.SetLength(len); + } + + size_t Length() override { return buf_.length(); } + + private: + MaybeStackBuffer buf_; + }; +}; + +} // namespace quic +} // namespace node + +#endif // defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS + +#endif // SRC_NODE_QUIC_SOCKET_H_ diff --git a/src/node_quic_state.h b/src/node_quic_state.h new file mode 100644 index 0000000000..2772c763ec --- /dev/null +++ b/src/node_quic_state.h @@ -0,0 +1,54 @@ +#ifndef SRC_NODE_QUIC_STATE_H_ +#define SRC_NODE_QUIC_STATE_H_ + +#if defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS + +#include "aliased_buffer.h" + +namespace node { + +enum QuicSessionConfigIndex : int { + IDX_QUIC_SESSION_ACTIVE_CONNECTION_ID_LIMIT, + IDX_QUIC_SESSION_MAX_STREAM_DATA_BIDI_LOCAL, + IDX_QUIC_SESSION_MAX_STREAM_DATA_BIDI_REMOTE, + IDX_QUIC_SESSION_MAX_STREAM_DATA_UNI, + IDX_QUIC_SESSION_MAX_DATA, + IDX_QUIC_SESSION_MAX_STREAMS_BIDI, + IDX_QUIC_SESSION_MAX_STREAMS_UNI, + IDX_QUIC_SESSION_IDLE_TIMEOUT, + IDX_QUIC_SESSION_MAX_PACKET_SIZE, + IDX_QUIC_SESSION_ACK_DELAY_EXPONENT, + IDX_QUIC_SESSION_DISABLE_MIGRATION, + IDX_QUIC_SESSION_MAX_ACK_DELAY, + IDX_QUIC_SESSION_MAX_CRYPTO_BUFFER, + IDX_QUIC_SESSION_CONFIG_COUNT +}; + +class QuicState { + public: + explicit QuicState(v8::Isolate* isolate) : + root_buffer( + isolate, + sizeof(quic_state_internal)), + quicsessionconfig_buffer( + isolate, + offsetof(quic_state_internal, quicsessionconfig_buffer), + IDX_QUIC_SESSION_CONFIG_COUNT + 1, + root_buffer) { + } + + AliasedUint8Array root_buffer; + AliasedFloat64Array quicsessionconfig_buffer; + + private: + struct quic_state_internal { + // doubles first so that they are always sizeof(double)-aligned + double quicsessionconfig_buffer[IDX_QUIC_SESSION_CONFIG_COUNT + 1]; + }; +}; + +} // namespace node + +#endif // defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS + +#endif // SRC_NODE_QUIC_STATE_H_ diff --git a/src/node_quic_stream.cc b/src/node_quic_stream.cc new file mode 100644 index 0000000000..dd6c2574a4 --- /dev/null +++ b/src/node_quic_stream.cc @@ -0,0 +1,465 @@ +#include "async_wrap-inl.h" +#include "debug_utils.h" +#include "env-inl.h" +#include "node.h" +#include "node_buffer.h" +#include "node_internals.h" +#include "stream_base-inl.h" +#include "node_quic_session-inl.h" +#include "node_quic_stream.h" +#include "node_quic_socket.h" +#include "node_quic_util.h" +#include "v8.h" +#include "uv.h" + +#include +#include + +namespace node { + +using v8::Context; +using v8::FunctionCallbackInfo; +using v8::FunctionTemplate; +using v8::Isolate; +using v8::Local; +using v8::Object; +using v8::ObjectTemplate; +using v8::String; +using v8::Value; + +namespace quic { + +QuicStream::QuicStream( + QuicSession* session, + Local wrap, + int64_t stream_id) + : AsyncWrap(session->env(), wrap, AsyncWrap::PROVIDER_QUICSTREAM), + StreamBase(session->env()), + session_(session), + stream_id_(stream_id), + data_rx_rate_( + HistogramBase::New( + session->env(), + 1, std::numeric_limits::max())), + data_rx_size_( + HistogramBase::New( + session->env(), + 1, NGTCP2_MAX_PKT_SIZE)), + data_rx_ack_( + HistogramBase::New( + session->env(), + 1, std::numeric_limits::max())), + stats_buffer_( + session->env()->isolate(), + sizeof(stream_stats_) / sizeof(uint64_t), + reinterpret_cast(&stream_stats_)) { + CHECK_NOT_NULL(session); + Debug(this, "Created"); + StreamBase::AttachToObject(GetObject()); + stream_stats_.created_at = uv_hrtime(); + + if (wrap->DefineOwnProperty( + env()->context(), + env()->stats_string(), + stats_buffer_.GetJSArray(), + PropertyAttribute::ReadOnly).IsNothing()) return; + + if (wrap->DefineOwnProperty( + env()->context(), + FIXED_ONE_BYTE_STRING(env()->isolate(), "data_rx_rate"), + data_rx_rate_->object(), + PropertyAttribute::ReadOnly).IsNothing()) return; + + if (wrap->DefineOwnProperty( + env()->context(), + FIXED_ONE_BYTE_STRING(env()->isolate(), "data_rx_size"), + data_rx_size_->object(), + PropertyAttribute::ReadOnly).IsNothing()) return; + + if (wrap->DefineOwnProperty( + env()->context(), + FIXED_ONE_BYTE_STRING(env()->isolate(), "data_rx_ack"), + data_rx_ack_->object(), + PropertyAttribute::ReadOnly).IsNothing()) return; +} + +std::string QuicStream::diagnostic_name() const { + return std::string("QuicStream ") + std::to_string(GetID()) + + " (" + std::to_string(static_cast(get_async_id())) + + ", " + session_->diagnostic_name() + ")"; +} + +void QuicStream::Destroy() { + if (IsDestroyed()) + return; + SetDestroyed(); + SetReadClose(); + SetWriteClose(); + + uint64_t now = uv_hrtime(); + Debug(this, + "Destroying.\n" + " Duration: %" PRIu64 "\n" + " Bytes Received: %" PRIu64 "\n" + " Bytes Sent: %" PRIu64, + now - stream_stats_.created_at, + stream_stats_.bytes_received, + stream_stats_.bytes_sent); + + // If there is data currently buffered in the streambuf_, + // then cancel will call out to invoke an arbitrary + // JavaScript callback (the on write callback). Within + // that callback, however, the QuicStream will no longer + // be usable to send or receive data. + streambuf_.Cancel(); + CHECK_EQ(streambuf_.Length(), 0); + + // The QuicSession maintains a map of std::unique_ptrs to + // QuicStream instances. Removing this here will cause + // this QuicStream object to be deconstructed, so the + // QuicStream object will no longer exist after this point. + session_->RemoveStream(stream_id_); +} + +// Do shutdown is called when the JS stream writable side is closed. +// If we're not within an ngtcp2 callback, this will trigger the +// QuicSession to send any pending data. Any time after this is +// called, a final stream frame will be sent for this QuicStream, +// but it may not be sent right away. +int QuicStream::DoShutdown(ShutdownWrap* req_wrap) { + if (IsDestroyed()) + return UV_EPIPE; + Debug(this, "Shutdown writable side"); + // Do nothing if the stream was already shutdown. Specifically, + // we should not attempt to send anything on the QuicSession + if (!IsWritable()) + return UV_EPIPE; + stream_stats_.closing_at = uv_hrtime(); + SetWriteClose(); + + // If we're not currently within an ngtcp2 callback, then we need to + // tell the QuicSession to initiate serialization and sending of any + // pending frames. + if (!QuicSession::Ngtcp2CallbackScope::InNgtcp2CallbackScope(session_.get())) + session_->SendStreamData(this); + + return 1; +} + +int QuicStream::DoWrite( + WriteWrap* req_wrap, + uv_buf_t* bufs, + size_t nbufs, + uv_stream_t* send_handle) { + CHECK_NULL(send_handle); + + // A write should not have happened if we've been destroyed or + // the QuicStream is no longer (or was never) writable. + if (IsDestroyed() || !IsWritable()) { + req_wrap->Done(UV_EPIPE); + return 0; + } + + // The list of buffers will be appended onto streambuf_ without + // copying. Those will remain in that buffer until the serialized + // stream frames are acknowledged. + uint64_t length = + streambuf_.Push( + bufs, + nbufs, + [req_wrap](int status) { + // This callback function will be invoked once this + // complete batch of buffers has been acknowledged + // by the peer. This will have the side effect of + // blocking additional pending writes from the + // javascript side, so writing data to the stream + // will be throttled by how quickly the peer is + // able to acknowledge stream packets. This is good + // in the sense of providing back-pressure, but + // also means that writes will be significantly + // less performant unless written in batches. + req_wrap->Done(status); + }, + req_wrap->object()); + Debug(this, "Queuing %" PRIu64 " bytes of data from %d buffers", + length, nbufs); + IncrementStat(length, &stream_stats_, &stream_stats::bytes_sent); + stream_stats_.stream_sent_at = uv_hrtime(); + + // If we're not within an ngtcp2 callback, go ahead and send + // the pending stream data. Otherwise, the data will be flushed + // once the ngtcp2 callback scope exits and all streams with + // data pending are flushed. + if (!QuicSession::Ngtcp2CallbackScope::InNgtcp2CallbackScope(session_.get())) + session_->SendStreamData(this); + + // IncrementAvailableOutboundLength(len); + return 0; +} + +// AckedDataOffset is called when ngtcp2 has received an acknowledgement +// for one or more stream frames for this QuicStream. This will cause +// data stored in the streambuf_ outbound queue to be consumed and may +// result in the JavaScript callback for the write to be invoked. +void QuicStream::AckedDataOffset(uint64_t offset, size_t datalen) { + if (IsDestroyed()) + return; + + // ngtcp2 guarantees that offset must always be greater + // than the previously received offset, but let's just + // make sure that holds. + CHECK_GE(offset, max_offset_ack_); + max_offset_ack_ = offset; + + Debug(this, "Acknowledging %d bytes", datalen); + + // Consumes the given number of bytes in the buffer. This may + // have the side-effect of causing the onwrite callback to be + // invoked if a complete chunk of buffered data has been acknowledged. + streambuf_.Consume(datalen); + + uint64_t now = uv_hrtime(); + if (stream_stats_.stream_acked_at > 0) + data_rx_ack_->Record(now - stream_stats_.stream_acked_at); + stream_stats_.stream_acked_at = now; +} + +void QuicStream::Commit(ssize_t amount) { + CHECK(!IsDestroyed()); + streambuf_.SeekHeadOffset(amount); +} + +size_t QuicStream::DrainInto(std::vector* vec) { + CHECK(!IsDestroyed()); + size_t length = 0; + streambuf_.DrainInto(vec, &length); + return length; +} + +inline void QuicStream::IncrementAvailableOutboundLength(size_t amount) { + available_outbound_length_ += amount; +} + +inline void QuicStream::DecrementAvailableOutboundLength(size_t amount) { + available_outbound_length_ -= amount; +} + +int QuicStream::ReadStart() { + CHECK(!this->IsDestroyed()); + CHECK(IsReadable()); + SetReadStart(); + SetReadResume(); + session_->ExtendStreamOffset(this, inbound_consumed_data_while_paused_); + return 0; +} + +int QuicStream::ReadStop() { + CHECK(!this->IsDestroyed()); + CHECK(IsReadable()); + SetReadPause(); + return 0; +} + +// Passes chunks of data on to the JavaScript side as soon as they are +// received but only if we're still readable. The caller of this must have a +// HandleScope. +// +// Note that this is pushing data to the JS side regardless of whether +// anything is listening. For flow-control, we only send window updates +// to the sending peer if the stream is in flowing mode, so the sender +// should not be sending too much data. +void QuicStream::ReceiveData( + int fin, + const uint8_t* data, + size_t datalen, + uint64_t offset) { + CHECK(!IsDestroyed()); + Debug(this, "Receiving %d bytes. Final? %s. Readable? %s", + datalen, + fin ? "yes" : "no", + IsReadable() ? "yes" : "no"); + + // If the QuicStream is not (or was never) readable, just ignore the chunk. + if (!IsReadable()) + return; + + // ngtcp2 guarantees that datalen will only be 0 if fin is set. + // Let's just make sure. + CHECK(datalen > 0 || fin == 1); + + // ngtcp2 guarantees that offset is always greater than the previously + // received offset. Let's just make sure. + CHECK_GE(offset, max_offset_); + max_offset_ = offset; + + if (datalen > 0) { + // IncrementStats will update the data_rx_rate_ and data_rx_size_ + // histograms. These will provide data necessary to detect and + // prevent Slow Send DOS attacks specifically by allowing us to + // see if a connection is sending very small chunks of data at very + // slow speeds. It is important to emphasize, however, that slow send + // rates may be perfectly legitimate so we cannot simply take blanket + // action when slow rates are detected. Nor can we reliably define what + // a slow rate even is! Will will need to determine some reasonable + // default and allow user code to change the default as well as determine + // what action to take. The current strategy will be to trigger an event + // on the stream when data transfer rates are likely to be considered too + // slow. + IncrementStats(datalen); + while (datalen > 0) { + uv_buf_t buf = EmitAlloc(datalen); + size_t avail = std::min(static_cast(buf.len), datalen); + + // For now, we're allocating and copying. Once we determine if we can + // safely switch to a non-allocated mode like we do with http2 streams, + // we can make this branch more efficient by using the LIKELY + // optimization. The way ngtcp2 currently works, however, we have + // to memcpy here. + if (UNLIKELY(buf.base == nullptr)) + buf.base = reinterpret_cast(const_cast(data)); + else + memcpy(buf.base, data, avail); + data += avail; + datalen -= avail; + // Capture read_paused before EmitRead in case user code callbacks + // alter the state when EmitRead is called. + bool read_paused = IsReadPaused(); + EmitRead(avail, buf); + // Reading can be paused while we are processing. If that's + // the case, we still want to acknowledge the current bytes + // so that pausing does not throw off our flow control. + if (read_paused) + inbound_consumed_data_while_paused_ += avail; + else + session_->ExtendStreamOffset(this, avail); + } + } + + // When fin != 0, we've received that last chunk of data for this + // stream, indicating that the stream will no longer be readable. + if (fin) { + SetFinReceived(); + EmitRead(UV_EOF); + } +} + +inline void QuicStream::IncrementStats(size_t datalen) { + uint64_t len = static_cast(datalen); + IncrementStat(len, &stream_stats_, &stream_stats::bytes_received); + + uint64_t now = uv_hrtime(); + if (stream_stats_.stream_received_at > 0) + data_rx_rate_->Record(now - stream_stats_.stream_received_at); + stream_stats_.stream_received_at = now; + data_rx_size_->Record(len); +} + +void QuicStream::Shutdown(uint64_t app_error_code) { + // On calling shutdown, the stream will no longer be + // readable or writable, all any pending data in the + // streambuf_ will be canceled, and all data pending + // to be acknowledged at the ngtcp2 level will be + // abandoned. + SetReadClose(); + SetWriteClose(); + session_->ShutdownStream(GetID(), app_error_code); +} + +BaseObjectPtr QuicStream::New( + QuicSession* session, int64_t stream_id) { + Local obj; + if (!session->env() + ->quicserverstream_constructor_template() + ->NewInstance(session->env()->context()).ToLocal(&obj)) { + return {}; + } + BaseObjectPtr stream = + MakeDetachedBaseObject(session, obj, stream_id); + session->AddStream(stream); + return stream; +} + +// JavaScript API +namespace { +void QuicStreamGetID(const FunctionCallbackInfo& args) { + QuicStream* stream; + ASSIGN_OR_RETURN_UNWRAP(&stream, args.Holder()); + args.GetReturnValue().Set(static_cast(stream->GetID())); +} + +void OpenUnidirectionalStream(const FunctionCallbackInfo& args) { + CHECK(!args.IsConstructCall()); + CHECK(args[0]->IsObject()); + QuicSession* session; + ASSIGN_OR_RETURN_UNWRAP(&session, args[0].As()); + + int64_t stream_id; + if (!session->OpenUnidirectionalStream(&stream_id)) + return; + + BaseObjectPtr stream = QuicStream::New(session, stream_id); + args.GetReturnValue().Set(stream->object()); +} + +void OpenBidirectionalStream(const FunctionCallbackInfo& args) { + CHECK(!args.IsConstructCall()); + CHECK(args[0]->IsObject()); + QuicSession* session; + ASSIGN_OR_RETURN_UNWRAP(&session, args[0].As()); + + int64_t stream_id; + if (!session->OpenBidirectionalStream(&stream_id)) + return; + + BaseObjectPtr stream = QuicStream::New(session, stream_id); + args.GetReturnValue().Set(stream->object()); +} + +void QuicStreamDestroy(const FunctionCallbackInfo& args) { + QuicStream* stream; + ASSIGN_OR_RETURN_UNWRAP(&stream, args.Holder()); + stream->Destroy(); +} + +void QuicStreamShutdown(const FunctionCallbackInfo& args) { + Environment* env = Environment::GetCurrent(args); + QuicStream* stream; + ASSIGN_OR_RETURN_UNWRAP(&stream, args.Holder()); + + uint32_t family = QUIC_ERROR_APPLICATION; + uint64_t code = ExtractErrorCode(env, args[0]); + if (!args[1]->Uint32Value(env->context()).To(&family)) return; + + stream->Shutdown( + family == QUIC_ERROR_APPLICATION ? + code : static_cast(NGTCP2_NO_ERROR)); +} +} // namespace + +void QuicStream::Initialize( + Environment* env, + Local target, + Local context) { + Isolate* isolate = env->isolate(); + Local class_name = FIXED_ONE_BYTE_STRING(isolate, "QuicStream"); + Local stream = FunctionTemplate::New(env->isolate()); + stream->SetClassName(class_name); + stream->Inherit(AsyncWrap::GetConstructorTemplate(env)); + StreamBase::AddMethods(env, stream); + Local streamt = stream->InstanceTemplate(); + streamt->SetInternalFieldCount(StreamBase::kStreamBaseFieldCount); + streamt->Set(env->owner_symbol(), Null(env->isolate())); + env->SetProtoMethod(stream, "destroy", QuicStreamDestroy); + env->SetProtoMethod(stream, "shutdownStream", QuicStreamShutdown); + env->SetProtoMethod(stream, "id", QuicStreamGetID); + env->set_quicserverstream_constructor_template(streamt); + target->Set(env->context(), + class_name, + stream->GetFunction(env->context()).ToLocalChecked()).FromJust(); + + env->SetMethod(target, "openBidirectionalStream", OpenBidirectionalStream); + env->SetMethod(target, "openUnidirectionalStream", OpenUnidirectionalStream); +} + +} // namespace quic +} // namespace node diff --git a/src/node_quic_stream.h b/src/node_quic_stream.h new file mode 100644 index 0000000000..3fbe524638 --- /dev/null +++ b/src/node_quic_stream.h @@ -0,0 +1,410 @@ +#ifndef SRC_NODE_QUIC_STREAM_H_ +#define SRC_NODE_QUIC_STREAM_H_ + +#if defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS + +#include "memory_tracker-inl.h" +#include "async_wrap.h" +#include "env.h" +#include "histogram-inl.h" +#include "node_quic_util.h" +#include "stream_base-inl.h" +#include "v8.h" + +#include + +namespace node { +namespace quic { + +class QuicSession; +class QuicServerSession; + +// QuicStream's are simple data flows that, fortunately, do not +// require much. They may be: +// +// * Bidirectional or Unidirectional +// * Server or Client Initiated +// +// The flow direction and origin of the stream are important in +// determining the write and read state (Open or Closed). Specifically: +// +// A Unidirectional stream originating with the Server is: +// +// * Server Writable (Open) but not Client Writable (Closed) +// * Client Readable (Open) but not Server Readable (Closed) +// +// Likewise, a Unidirectional stream originating with the +// Client is: +// +// * Client Writable (Open) but not Server Writable (Closed) +// * Server Readable (Open) but not Client Readable (Closed) +// +// Bidirectional Stream States +// +------------+--------------+--------------------+---------------------+ +// | | Initiated By | Initial Read State | Initial Write State | +// +------------+--------------+--------------------+---------------------+ +// | On Server | Server | Open | Open | +// +------------+--------------+--------------------+---------------------+ +// | On Server | Client | Open | Open | +// +------------+--------------+--------------------+---------------------+ +// | On Client | Server | Open | Open | +// +------------+--------------+--------------------+---------------------+ +// | On Client | Client | Open | Open | +// +------------+--------------+--------------------+---------------------+ +// +// Unidirectional Stream States +// +------------+--------------+--------------------+---------------------+ +// | | Initiated By | Initial Read State | Initial Write State | +// +------------+--------------+--------------------+---------------------+ +// | On Server | Server | Closed | Open | +// +------------+--------------+--------------------+---------------------+ +// | On Server | Client | Open | Closed | +// +------------+--------------+--------------------+---------------------+ +// | On Client | Server | Open | Closed | +// +------------+--------------+--------------------+---------------------+ +// | On Client | Client | Closed | Open | +// +------------+--------------+--------------------+---------------------+ +// +// All data sent via the QuicStream is buffered internally until either +// receipt is acknowledged from the peer or attempts to send are abandoned. +// +// A QuicStream may be in a fully Closed (Read and Write) state but still +// have unacknowledged data in it's outbound queue. +// +// A QuicStream is gracefully closed when (a) both Read and Write states +// are Closed, (b) all queued data has been acknowledged. +// +// The JavaScript Writable side of the QuicStream may be shutdown before +// all pending queued data has been serialized to frames. During this state, +// no additional data may be queued to send. +// +// The Write state of a QuicStream will not be closed while there is still +// pending writes on the JavaScript side. +// +// The QuicStream may be forcefully closed immediately using destroy(err). +// This causes all queued data and pending JavaScript writes to be +// abandoned, and causes the QuicStream to be immediately closed at the +// ngtcp2 level. +class QuicStream : public AsyncWrap, public StreamBase { + public: + enum QuicStreamStates : uint32_t { + // QuicStream is fully open. Readable and Writable + QUICSTREAM_FLAG_INITIAL = 0x0, + + // QuicStream Read State is closed because a final stream frame + // has been received from the peer or the QuicStream is unidirectional + // outbound only (i.e. it was never readable) + QUICSTREAM_FLAG_READ_CLOSED = 0x1, + + // QuicStream Write State is closed. There may still be data + // in the outbound queue waiting to be serialized or acknowledged. + // No additional data may be added to the queue, however, and a + // final stream packet will be sent once all of the data in the + // queue has been serialized. + QUICSTREAM_FLAG_WRITE_CLOSED = 0x2, + + // JavaScript side has switched into flowing mode (Readable side) + QUICSTREAM_FLAG_READ_STARTED = 0x4, + + // JavaScript side has paused the flow of data (Readable side) + QUICSTREAM_FLAG_READ_PAUSED = 0x8, + + // QuicStream has received a final stream frame (Readable side) + QUICSTREAM_FLAG_FIN = 0x10, + + // QuicStream has sent a final stream frame (Writable side) + QUICSTREAM_FLAG_FIN_SENT = 0x20, + + // QuicStream has been destroyed + QUICSTREAM_FLAG_DESTROYED = 0x40 + }; + + enum QuicStreamDirection { + // The QuicStream is readable and writable in both directions + QUIC_STREAM_BIRECTIONAL, + + // The QuicStream is writable and readable in only one direction. + // The direction depends on the QuicStreamOrigin. + QUIC_STREAM_UNIDIRECTIONAL + }; + + enum QuicStreamOrigin { + // The QuicStream was created by the server. + QUIC_STREAM_SERVER, + + // The QuicStream was created by the client. + QUIC_STREAM_CLIENT + }; + + + static void Initialize( + Environment* env, + v8::Local target, + v8::Local context); + + static BaseObjectPtr New( + QuicSession* session, int64_t stream_id); + + std::string diagnostic_name() const override; + + inline QuicStreamDirection GetDirection() const { + return stream_id_ & 0b10 ? + QUIC_STREAM_UNIDIRECTIONAL : + QUIC_STREAM_BIRECTIONAL; + } + + inline QuicStreamOrigin GetOrigin() const { + return stream_id_ & 0b01 ? + QUIC_STREAM_SERVER : + QUIC_STREAM_CLIENT; + } + + int64_t GetID() const { return stream_id_; } + + inline bool IsDestroyed() const { + return flags_ & QUICSTREAM_FLAG_DESTROYED; + } + + // The QUICSTREAM_FLAG_FIN flag will be set only when a final stream + // frame has been received from the peer. + inline bool HasReceivedFin() const { + return flags_ & QUICSTREAM_FLAG_FIN; + } + + // The QUICSTREAM_FLAG_FIN_SENT flag will be set only when a final + // stream frame has been transmitted to the peer. Once sent, no + // additional data may be transmitted to the peer. If HasSentFin + // is set, IsWritable() can be assumed to be false. + inline bool HasSentFin() const { + return flags_ & QUICSTREAM_FLAG_FIN_SENT; + } + + // WasEverWritable returns true if it is a bidirectional stream, + // or a Unidirectional stream originating from the local peer. + // If WasEverWritable() is false, then no stream frames should + // ever be sent from the local peer, including final stream frames. + inline bool WasEverWritable() const { + if (GetDirection() == QUIC_STREAM_UNIDIRECTIONAL) { + return session_->Side() == NGTCP2_CRYPTO_SIDE_SERVER ? + GetOrigin() == QUIC_STREAM_SERVER : + GetOrigin() == QUIC_STREAM_CLIENT; + } + return true; + } + + // A QuicStream will not be writable if: + // - The QUICSTREAM_FLAG_WRITE_CLOSED flag is set or + // - It is a Unidirectional stream originating from the peer + inline bool IsWritable() const { + if (flags_ & QUICSTREAM_FLAG_WRITE_CLOSED) + return false; + + return WasEverWritable(); + } + + // WasEverReadable returns true if it is a bidirectional stream, + // or a Unidirectional stream originating from the remote + // peer. + inline bool WasEverReadable() const { + if (GetDirection() == QUIC_STREAM_UNIDIRECTIONAL) { + return session_->Side() == NGTCP2_CRYPTO_SIDE_SERVER ? + GetOrigin() == QUIC_STREAM_CLIENT : + GetOrigin() == QUIC_STREAM_SERVER; + } + + return true; + } + + // A QuicStream will not be readable if: + // - The QUICSTREAM_FLAG_READ_CLOSED flag is set or + // - It is a Unidirectional stream originating from the local peer. + inline bool IsReadable() const { + if (flags_ & QUICSTREAM_FLAG_READ_CLOSED) + return false; + + return WasEverReadable(); + } + + inline bool IsReadStarted() const { + return flags_ & QUICSTREAM_FLAG_READ_STARTED; + } + + inline bool IsReadPaused() const { + return flags_ & QUICSTREAM_FLAG_READ_PAUSED; + } + + bool IsAlive() override { + return !IsDestroyed() && !IsClosing(); + } + + bool IsClosing() override { + return !IsWritable() && !IsReadable(); + } + + // Records the fact that a final stream frame has been + // serialized and sent to the peer. There still may be + // unacknowledged data in the outbound queue, but no + // additional frames may be sent for the stream other + // than reset stream. + inline void SetFinSent() { + CHECK(!IsWritable()); + flags_ |= QUICSTREAM_FLAG_FIN_SENT; + } + + // IsWriteFinished will return true if a final stream frame + // has been sent and all data has been acknowledged (the + // send buffer is empty). + inline bool IsWriteFinished() { + return HasSentFin() && streambuf_.Length() == 0; + } + + QuicSession* Session() const { return session_.get(); } + + virtual void AckedDataOffset(uint64_t offset, size_t datalen); + + virtual void Destroy(); + + int DoWrite( + WriteWrap* req_wrap, + uv_buf_t* bufs, + size_t nbufs, + uv_stream_t* send_handle) override; + + inline void IncrementAvailableOutboundLength(size_t amount); + inline void DecrementAvailableOutboundLength(size_t amount); + + virtual void ReceiveData( + int fin, + const uint8_t* data, + size_t datalen, + uint64_t offset); + + // Required for StreamBase + int ReadStart() override; + + // Required for StreamBase + int ReadStop() override; + + // Required for StreamBase + int DoShutdown(ShutdownWrap* req_wrap) override; + + void Shutdown(uint64_t app_error_code); + + void Commit(ssize_t amount); + + size_t DrainInto(std::vector* vec); + + AsyncWrap* GetAsyncWrap() override { return this; } + + void MemoryInfo(MemoryTracker* tracker) const override { + tracker->TrackField("buffer", &streambuf_); + } + + SET_MEMORY_INFO_NAME(QuicStream) + SET_SELF_SIZE(QuicStream) + + QuicStream( + QuicSession* session, + v8::Local target, + int64_t stream_id); + + private: + // Called only when a final stream frame has been received from + // the peer. This has the side effect of marking the readable + // side of the stream closed. No additional data will be received + // on this QuicStream. + inline void SetFinReceived() { + flags_ |= QUICSTREAM_FLAG_FIN; + SetReadClose(); + } + + // SetWriteClose is called either when the QuicStream is created + // and is unidirectional from the peer, or when DoShutdown is called. + // This will indicate that the writable side of the QuicStream is + // closed and that no data will be pushed to the outbound queue. + inline void SetWriteClose() { + flags_ |= QUICSTREAM_FLAG_WRITE_CLOSED; + } + + // Called when no additional data can be received on the QuicStream. + inline void SetReadClose() { + flags_ |= QUICSTREAM_FLAG_READ_CLOSED; + } + + inline void SetReadStart() { + flags_ |= QUICSTREAM_FLAG_READ_STARTED; + } + + inline void SetReadPause() { + flags_ |= QUICSTREAM_FLAG_READ_PAUSED; + } + + inline void SetReadResume() { + flags_ &= QUICSTREAM_FLAG_READ_PAUSED; + } + + inline void SetDestroyed() { + flags_ |= QUICSTREAM_FLAG_DESTROYED; + } + + inline void IncrementStats(size_t datalen); + + BaseObjectWeakPtr session_; + int64_t stream_id_; + uint64_t max_offset_ = 0; + uint64_t max_offset_ack_ = 0; + uint32_t flags_ = QUICSTREAM_FLAG_INITIAL; + + QuicBuffer streambuf_; + size_t available_outbound_length_ = 0; + size_t inbound_consumed_data_while_paused_ = 0; + + struct stream_stats { + // The timestamp at which the stream was created + uint64_t created_at; + // The timestamp at which the stream most recently sent data + uint64_t stream_sent_at; + // The timestamp at which the stream most recently received data + uint64_t stream_received_at; + // The timestamp at which the stream most recently received an + // acknowledgement for data + uint64_t stream_acked_at; + // The timestamp at which a graceful close started + uint64_t closing_at; + // The total number of bytes received + uint64_t bytes_received; + // The total number of bytes sent + uint64_t bytes_sent; + }; + stream_stats stream_stats_{0, 0, 0, 0, 0, 0, 0}; + + // data_rx_rate_ measures the elapsed time between data packets + // for this stream. When used in combination with the data_rx_size, + // this can be used to track the overall data throughput over time + // for the stream. Specifically, this can be used to detect + // potentially bad acting peers that are sending many small chunks + // of data too slowly in an attempt to DOS the peer. + BaseObjectPtr data_rx_rate_; + + // data_rx_size_ measures the size of data packets for this stream + // over time. When used in combination with the data_rx_rate_, + // this can be used to track the overall data throughout over time + // for the stream. Specifically, this can be used to detect + // potentially bad acting peers that are sending many small chunks + // of data too slowly in an attempt to DOS the peer. + BaseObjectPtr data_rx_size_; + + // data_rx_ack_ measures the elapsed time between data acks + // for this stream. This data can be used to detect peers that are + // generally taking too long to acknowledge sent stream data. + BaseObjectPtr data_rx_ack_; + + AliasedBigUint64Array stats_buffer_; +}; + +} // namespace quic +} // namespace node + +#endif // NODE_WANT_INTERNALS + +#endif // SRC_NODE_QUIC_STREAM_H_ diff --git a/src/node_quic_util.cc b/src/node_quic_util.cc new file mode 100644 index 0000000000..1a028d5931 --- /dev/null +++ b/src/node_quic_util.cc @@ -0,0 +1,30 @@ +#include "node_quic_util.h" +#include "env-inl.h" +#include "util-inl.h" +#include "uv.h" + +namespace node { +namespace quic { + +void Timer::Free(Timer* timer) { + timer->env_->CloseHandle( + reinterpret_cast(&timer->timer_), + [&](uv_handle_t* timer) { + Timer* t = ContainerOf( + &Timer::timer_, + reinterpret_cast(timer)); + delete t; + }); +} + +void Timer::OnTimeout(uv_timer_t* timer) { + Timer* t = ContainerOf(&Timer::timer_, timer); + t->fn_(); +} + +void Timer::CleanupHook(void* data) { + Free(static_cast(data)); +} + +} // namespace quic +} // namespace node diff --git a/src/node_quic_util.h b/src/node_quic_util.h new file mode 100644 index 0000000000..cb3ae0866e --- /dev/null +++ b/src/node_quic_util.h @@ -0,0 +1,443 @@ +#ifndef SRC_NODE_QUIC_UTIL_H_ +#define SRC_NODE_QUIC_UTIL_H_ + +#if defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS + +#include "node_quic_buffer.h" +#include "string_bytes.h" +#include "uv.h" +#include "v8.h" + +#include +#include + +#include +#include +#include + +namespace node { +namespace quic { + +constexpr uint64_t NGTCP2_APP_NOERROR = 0xff00; + +constexpr size_t MIN_INITIAL_QUIC_PKT_SIZE = 1200; +constexpr size_t NGTCP2_SV_SCIDLEN = NGTCP2_MAX_CIDLEN; +constexpr size_t TOKEN_RAND_DATALEN = 16; +constexpr size_t TOKEN_SECRETLEN = 16; + +constexpr size_t kMaxSizeT = std::numeric_limits::max(); +constexpr size_t DEFAULT_MAX_CONNECTIONS_PER_HOST = 100; +constexpr uint64_t MIN_MAX_CRYPTO_BUFFER = 4096; +constexpr uint64_t MIN_RETRYTOKEN_EXPIRATION = 1; +constexpr uint64_t MAX_RETRYTOKEN_EXPIRATION = 60; +constexpr uint64_t DEFAULT_MAX_CRYPTO_BUFFER = MIN_MAX_CRYPTO_BUFFER * 4; +constexpr uint64_t DEFAULT_ACTIVE_CONNECTION_ID_LIMIT = 10; +constexpr uint64_t DEFAULT_MAX_STREAM_DATA_BIDI_LOCAL = 256 * 1024; +constexpr uint64_t DEFAULT_MAX_STREAM_DATA_BIDI_REMOTE = 256 * 1024; +constexpr uint64_t DEFAULT_MAX_STREAM_DATA_UNI = 256 * 1024; +constexpr uint64_t DEFAULT_MAX_DATA = 1 * 1024 * 1024; +constexpr uint64_t DEFAULT_MAX_STREAMS_BIDI = 100; +constexpr uint64_t DEFAULT_MAX_STREAMS_UNI = 3; +constexpr uint64_t DEFAULT_IDLE_TIMEOUT = 10 * 1000; +constexpr uint64_t DEFAULT_RETRYTOKEN_EXPIRATION = 10ULL; + +enum SelectPreferredAddressPolicy : int { + // Ignore the server-provided preferred address + QUIC_PREFERRED_ADDRESS_IGNORE, + // Accept the server-provided preferred address + QUIC_PREFERRED_ADDRESS_ACCEPT +}; + +// Fun hash combine trick based on a variadic template that +// I came across a while back but can't remember where. Will add an attribution +// if I can find the source. +inline void hash_combine(size_t* seed) { } + +template +inline void hash_combine(size_t* seed, const T& value, Args... rest) { + *seed ^= std::hash{}(value) + 0x9e3779b9 + (*seed << 6) + (*seed >> 2); + hash_combine(seed, rest...); +} + +// QUIC error codes generally fall into two distinct namespaces: +// Connection Errors and Application Errors. Connection errors +// are further subdivided into Crypto and non-Crypto. Application +// errors are entirely specific to the QUIC application being +// used. An easy rule of thumb is that Application errors are +// semantically associated with the ALPN identifier negotiated +// for the QuicSession. So, if a connection is closed with +// family: QUIC_ERROR_APPLICATION and code: 123, you have to +// look at the ALPN identifier to determine exactly what it +// means. Connection (Session) and Crypto errors, on the other +// hand, share the same meaning regardless of the ALPN. +enum QuicErrorFamily : int { + QUIC_ERROR_SESSION, + QUIC_ERROR_CRYPTO, + QUIC_ERROR_APPLICATION +}; + +struct QuicError { + QuicErrorFamily family; + uint64_t code; + inline QuicError( + QuicErrorFamily family_ = QUIC_ERROR_SESSION, + uint64_t code_ = NGTCP2_NO_ERROR) : + family(family_), code(code_) {} +}; + +inline QuicError InitQuicError( + QuicErrorFamily family = QUIC_ERROR_SESSION, + int code_ = NGTCP2_NO_ERROR) { + QuicError error; + error.family = family; + switch (family) { + case QUIC_ERROR_CRYPTO: + code_ |= NGTCP2_CRYPTO_ERROR; + // Fall-through... + case QUIC_ERROR_SESSION: + error.code = ngtcp2_err_infer_quic_transport_error_code(code_); + break; + case QUIC_ERROR_APPLICATION: + error.code = code_; + } + return error; +} + +inline uint64_t ExtractErrorCode(Environment* env, v8::Local arg) { + uint64_t code = NGTCP2_APP_NOERROR; + if (arg->IsBigInt()) { + code = arg.As()->Int64Value(); + } else if (arg->IsNumber()) { + double num = 0; + USE(arg->NumberValue(env->context()).To(&num)); + code = static_cast(num); + } + return code; +} + +inline const char* ErrorFamilyName(QuicErrorFamily family) { + switch (family) { + case QUIC_ERROR_SESSION: + return "Session"; + case QUIC_ERROR_APPLICATION: + return "Application"; + case QUIC_ERROR_CRYPTO: + return "Crypto"; + default: + return ""; + } +} + +class SocketAddress { + public: + // std::hash specialization for sockaddr instances (ipv4 or ipv6) used + // for tracking the number of connections per client. + struct Hash { + size_t operator()(const sockaddr* addr) const { + size_t hash = 0; + switch (addr->sa_family) { + case AF_INET: { + const sockaddr_in* ipv4 = + reinterpret_cast(addr); + hash_combine(&hash, ipv4->sin_port, ipv4->sin_addr.s_addr); + break; + } + case AF_INET6: { + const sockaddr_in6* ipv6 = + reinterpret_cast(addr); + const uint64_t* a = + reinterpret_cast(&ipv6->sin6_addr); + hash_combine(&hash, ipv6->sin6_port, a[0], a[1]); + break; + } + default: + UNREACHABLE(); + } + return hash; + } + }; + + static bool numeric_host(const char* hostname) { + return numeric_host(hostname, AF_INET) || numeric_host(hostname, AF_INET6); + } + + static bool numeric_host(const char* hostname, int family) { + std::array dst; + return inet_pton(family, hostname, dst.data()) == 1; + } + + static size_t GetMaxPktLen(const sockaddr* addr) { + return addr->sa_family == AF_INET6 ? + NGTCP2_MAX_PKTLEN_IPV6 : + NGTCP2_MAX_PKTLEN_IPV4; + } + + static bool ResolvePreferredAddress( + Environment* env, + int local_address_family, + const ngtcp2_preferred_addr* paddr, + uv_getaddrinfo_t* req) { + int af; + const uint8_t* binaddr; + uint16_t port; + constexpr uint8_t empty_addr[] = {0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0}; + + if (local_address_family == AF_INET && + memcmp(empty_addr, paddr->ipv4_addr, sizeof(paddr->ipv4_addr)) != 0) { + af = AF_INET; + binaddr = paddr->ipv4_addr; + port = paddr->ipv4_port; + } else if (local_address_family == AF_INET6 && + memcmp(empty_addr, + paddr->ipv6_addr, + sizeof(paddr->ipv6_addr)) != 0) { + af = AF_INET6; + binaddr = paddr->ipv6_addr; + port = paddr->ipv6_port; + } else { + return false; + } + + char host[NI_MAXHOST]; + if (uv_inet_ntop(af, binaddr, host, sizeof(host)) == 0) + return false; + + addrinfo hints{}; + hints.ai_flags = AI_NUMERICHOST | AI_NUMERICSERV; + hints.ai_family = af; + hints.ai_socktype = SOCK_DGRAM; + + return + uv_getaddrinfo( + env->event_loop(), + req, + nullptr, + host, + std::to_string(port).c_str(), + &hints) == 0; + } + + static int ToSockAddr( + int32_t family, + const char* host, + uint32_t port, + sockaddr_storage* addr) { + CHECK(family == AF_INET || family == AF_INET6); + switch (family) { + case AF_INET: + return uv_ip4_addr(host, port, reinterpret_cast(addr)); + case AF_INET6: + return uv_ip6_addr(host, port, reinterpret_cast(addr)); + default: + CHECK(0 && "unexpected address family"); + } + } + + static int GetPort(const sockaddr* addr) { + return ntohs(addr->sa_family == AF_INET ? + reinterpret_cast(addr)->sin_port : + reinterpret_cast(addr)->sin6_port); + } + + static void GetAddress(const sockaddr* addr, char* host, size_t host_len) { + const void* src = addr->sa_family == AF_INET ? + static_cast( + &(reinterpret_cast(addr)->sin_addr)) : + static_cast( + &(reinterpret_cast(addr)->sin6_addr)); + uv_inet_ntop(addr->sa_family, src, host, host_len); + } + + static size_t GetAddressLen(const sockaddr* addr) { + return + addr->sa_family == AF_INET6 ? + sizeof(sockaddr_in6) : + sizeof(sockaddr_in); + } + + static size_t GetAddressLen(const sockaddr_storage* addr) { + return + addr->ss_family == AF_INET6 ? + sizeof(sockaddr_in6) : + sizeof(sockaddr_in); + } + + void Copy(SocketAddress* addr) { + Copy(**addr); + } + + void Copy(const sockaddr* source) { + memcpy(&address_, source, GetAddressLen(source)); + } + + void Set(uv_udp_t* handle) { + int addrlen = sizeof(address_); + CHECK_EQ(uv_udp_getsockname( + handle, + reinterpret_cast(&address_), + &addrlen), 0); + } + + void Update(const ngtcp2_addr* addr) { + memcpy(&address_, addr->addr, addr->addrlen); + } + + const sockaddr* operator*() const { + return reinterpret_cast(&address_); + } + + ngtcp2_addr ToAddr() { + return ngtcp2_addr{Size(), reinterpret_cast(&address_), nullptr}; + } + + size_t Size() { + return GetAddressLen(&address_); + } + + int GetFamily() { return address_.ss_family; } + + private: + sockaddr_storage address_; +}; + +class QuicPath { + public: + QuicPath( + SocketAddress* local, + SocketAddress* remote) : + path_({ local->ToAddr(), remote->ToAddr() }) {} + + ngtcp2_path* operator*() { return &path_; } + + private: + ngtcp2_path path_; +}; + +struct QuicPathStorage { + QuicPathStorage() { + path.local.addr = local_addrbuf.data(); + path.remote.addr = remote_addrbuf.data(); + } + + ngtcp2_path path; + std::array local_addrbuf; + std::array remote_addrbuf; +}; + +class QuicCID { + public: + explicit QuicCID(ngtcp2_cid* cid) : cid_(*cid) {} + explicit QuicCID(const ngtcp2_cid* cid) : cid_(*cid) {} + explicit QuicCID(const ngtcp2_cid& cid) : cid_(cid) {} + QuicCID(const uint8_t* cid, size_t len) { + ngtcp2_cid_init(&cid_, cid, len); + } + + std::string ToStr() const { + return std::string(cid_.data, cid_.data + cid_.datalen); + } + + std::string ToHex() const { + MaybeStackBuffer dest; + dest.AllocateSufficientStorage(cid_.datalen * 2); + dest.SetLengthAndZeroTerminate(cid_.datalen * 2); + size_t written = StringBytes::hex_encode( + reinterpret_cast(cid_.data), + cid_.datalen, + *dest, + dest.length()); + return std::string(*dest, written); + } + + const ngtcp2_cid* operator*() const { return &cid_; } + + uint8_t* data() { return cid_.data; } + size_t length() const { return cid_.datalen; } + + private: + ngtcp2_cid cid_; +}; + +// https://stackoverflow.com/questions/33701430/template-function-to-access-struct-members +template +decltype(auto) access(C* cls, T C::*member) { + return (cls->*member); +} + +template +decltype(auto) access(C* cls, T C::*member, Mems... rest) { + return access((cls->*member), rest...); +} + +template +void IncrementStat( + uint64_t amount, + A* a, + Members... mems) { + static uint64_t max = std::numeric_limits::max(); + uint64_t current = access(a, mems...); + uint64_t delta = std::min(amount, max - current); + access(a, mems...) += delta; +} + +// Simple timer wrapper that is used to implement the internals +// for idle and retransmission timeouts. Call Update to start or +// reset the timer; Stop to halt the timer. +class Timer { + public: + explicit Timer(Environment* env, std::function fn) + : stopped_(false), + env_(env), + fn_(fn) { + uv_timer_init(env_->event_loop(), &timer_); + timer_.data = this; + env->AddCleanupHook(CleanupHook, this); + } + + ~Timer() { + env_->RemoveCleanupHook(CleanupHook, this); + } + + // Stops the timer with the side effect of the timer no longer being usable. + // It will be cleaned up and the Timer object will be destroyed. + void Stop() { + if (stopped_) + return; + stopped_ = true; + + if (timer_.data == this) { + uv_timer_stop(&timer_); + timer_.data = nullptr; + } + } + + // If the timer is not currently active, interval must be either 0 or greater. + // If the timer is already active, interval is ignored. + void Update(uint64_t interval) { + if (stopped_) + return; + uv_timer_start(&timer_, OnTimeout, interval, interval); + uv_unref(reinterpret_cast(&timer_)); + } + + static void Free(Timer* timer); + + private: + static void OnTimeout(uv_timer_t* timer); + static void CleanupHook(void* data); + + bool stopped_; + Environment* env_; + std::function fn_; + uv_timer_t timer_; +}; + +using TimerPointer = DeleteFnPtr; + +} // namespace quic +} // namespace node + +#endif // NOE_WANT_INTERNALS + +#endif // SRC_NODE_QUIC_UTIL_H_ diff --git a/src/string_bytes.cc b/src/string_bytes.cc index f8d7243e5d..c35b889b6a 100644 --- a/src/string_bytes.cc +++ b/src/string_bytes.cc @@ -31,6 +31,7 @@ #include // memcpy #include +#include #include // When creating strings >= this length v8's gc spins up and consumes @@ -587,7 +588,11 @@ static void force_ascii(const char* src, char* dst, size_t len) { } -static size_t hex_encode(const char* src, size_t slen, char* dst, size_t dlen) { +size_t StringBytes::hex_encode( + const char* src, + size_t slen, + char* dst, + size_t dlen) { // We know how much we'll write, just make sure that there's space. CHECK(dlen >= slen * 2 && "not enough space provided for hex encode"); @@ -603,6 +608,12 @@ static size_t hex_encode(const char* src, size_t slen, char* dst, size_t dlen) { return dlen; } +std::string StringBytes::hex_encode(const char* src, size_t slen) { + size_t dlen = slen * 2; + std::string dst(dlen, '\0'); + hex_encode(src, slen, &dst[0], dlen); + return dst; +} #define CHECK_BUFLEN_IN_RANGE(len) \ do { \ diff --git a/src/string_bytes.h b/src/string_bytes.h index 5ef05fc48c..69bb828e01 100644 --- a/src/string_bytes.h +++ b/src/string_bytes.h @@ -29,6 +29,8 @@ #include "v8.h" #include "env-inl.h" +#include + namespace node { class StringBytes { @@ -97,6 +99,13 @@ class StringBytes { enum encoding encoding, v8::Local* error); + static size_t hex_encode(const char* src, + size_t slen, + char* dst, + size_t dlen); + + static std::string hex_encode(const char* src, size_t slen); + private: static size_t WriteUCS2(v8::Isolate* isolate, char* buf, diff --git a/src/util.h b/src/util.h index 2f6c17fc32..75f9b58f18 100644 --- a/src/util.h +++ b/src/util.h @@ -549,6 +549,11 @@ struct MallocedBuffer { size = new_size; } + void Realloc(size_t new_size) { + Truncate(new_size); + data = UncheckedRealloc(data, new_size); + } + inline bool is_empty() const { return data == nullptr; } MallocedBuffer() : data(nullptr), size(0) {} @@ -703,6 +708,11 @@ constexpr size_t arraysize(const T (&)[N]) { return N; } +template +constexpr size_t strsize(const T (&)[N]) { + return N - 1; +} + // Round up a to the next highest multiple of b. template constexpr T RoundUp(T a, T b) { diff --git a/test/cctest/test_quic_buffer.cc b/test/cctest/test_quic_buffer.cc new file mode 100644 index 0000000000..8f1bc9700e --- /dev/null +++ b/test/cctest/test_quic_buffer.cc @@ -0,0 +1,352 @@ +#include "node_quic_buffer.h" +#include "util-inl.h" +#include "uv.h" + +#include "gtest/gtest.h" +#include +#include + +using node::quic::QuicBuffer; + +class TestBuffer { + public: + explicit TestBuffer(size_t size, int val = 0) { + buf_.AllocateSufficientStorage(size); + buf_.SetLength(size); + memset(*buf_, val, size); + } + + ~TestBuffer() { + CHECK_EQ(true, done_); + } + + uv_buf_t ToUVBuf() { + return uv_buf_init(*buf_, buf_.length()); + } + + void Done() { + CHECK_EQ(false, done_); + done_ = true; + } + + private: + node::MaybeStackBuffer buf_; + bool done_ = false; +}; + +TEST(QuicBuffer, Simple) { + char data[100]; + memset(&data, 0, node::arraysize(data)); + uv_buf_t buf = uv_buf_init(data, node::arraysize(data)); + + bool done = false; + + QuicBuffer buffer; + buffer.Push(&buf, 1, [&](int status) { + EXPECT_EQ(0, status); + done = true; + }); + + buffer.Consume(100); + CHECK_EQ(0, buffer.Length()); + CHECK_EQ(0, buffer.Size()); + + // We have to move the read head forward in order to consume + buffer.SeekHead(1); + buffer.Consume(100); + CHECK_EQ(0, buffer.Length()); + CHECK_EQ(0, buffer.Size()); + CHECK_EQ(true, done); +} + +TEST(QuicBuffer, ConsumeMore) { + char data[100]; + memset(&data, 0, node::arraysize(data)); + uv_buf_t buf = uv_buf_init(data, node::arraysize(data)); + + bool done = false; + + QuicBuffer buffer; + buffer.Push(&buf, 1, [&](int status) { + EXPECT_EQ(0, status); + done = true; + }); + + buffer.SeekHead(); + buffer.Consume(150); // Consume more than what was buffered + CHECK_EQ(true, done); + CHECK_EQ(0, buffer.Length()); + CHECK_EQ(0, buffer.Size()); +} + +TEST(QuicBuffer, Multiple) { + TestBuffer buf1(100); + TestBuffer buf2(50, 1); + + auto cb = [](int status, TestBuffer* test_buffer) { + test_buffer->Done(); + }; + + QuicBuffer buffer; + { + uv_buf_t b = buf1.ToUVBuf(); + buffer.Push(&b, 1, [&](int status) { cb(status, &buf1); }); + } + { + uv_buf_t b = buf2.ToUVBuf(); + buffer.Push(&b, 1, [&](int status) { cb(status, &buf2); }); + } + + buffer.SeekHead(2); + + buffer.Consume(25); + CHECK_EQ(125, buffer.Length()); + CHECK_EQ(2, buffer.Size()); + + buffer.Consume(100); + CHECK_EQ(25, buffer.Length()); + CHECK_EQ(1, buffer.Size()); + + buffer.Consume(25); + CHECK_EQ(0, buffer.Length()); + CHECK_EQ(0, buffer.Size()); +} + + +TEST(QuicBuffer, Multiple2) { + char* ptr = new char[100]; + memset(ptr, 0, 50); + memset(ptr + 50, 1, 50); + + uv_buf_t bufs[] = { + uv_buf_init(ptr, 50), + uv_buf_init(ptr + 50, 50) + }; + + int count = 0; + + QuicBuffer buffer; + buffer.Push( + bufs, node::arraysize(bufs), + [&](int status) { + count++; + CHECK_EQ(0, status); + delete[] ptr; + }); + buffer.SeekHead(node::arraysize(bufs)); + + buffer.Consume(25); + CHECK_EQ(2, buffer.Size()); + CHECK_EQ(75, buffer.Length()); + buffer.Consume(25); + CHECK_EQ(1, buffer.Size()); + CHECK_EQ(50, buffer.Length()); + buffer.Consume(25); + CHECK_EQ(1, buffer.Size()); + CHECK_EQ(25, buffer.Length()); + buffer.Consume(25); + CHECK_EQ(0, buffer.Size()); + CHECK_EQ(0, buffer.Length()); + + // The callback was only called once tho + CHECK_EQ(1, count); +} + +TEST(QuicBuffer, Cancel) { + char* ptr = new char[100]; + memset(ptr, 0, 50); + memset(ptr + 50, 1, 50); + + uv_buf_t bufs[] = { + uv_buf_init(ptr, 50), + uv_buf_init(ptr + 50, 50) + }; + + int count = 0; + + QuicBuffer buffer; + buffer.Push( + bufs, node::arraysize(bufs), + [&](int status) { + count++; + CHECK_EQ(UV_ECANCELED, status); + delete[] ptr; + }); + + buffer.SeekHead(); + buffer.Consume(25); + CHECK_EQ(2, buffer.Size()); + CHECK_EQ(75, buffer.Length()); + buffer.Cancel(); + CHECK_EQ(0, buffer.Size()); + CHECK_EQ(0, buffer.Length()); + + // The callback was only called once tho + CHECK_EQ(1, count); +} + +TEST(QuicBuffer, Multiple3) { + TestBuffer buf1(100); + TestBuffer buf2(50, 1); + TestBuffer buf3(50, 2); + + auto cb = [](int status, TestBuffer* test_buffer) { + test_buffer->Done(); + }; + + QuicBuffer buffer; + { + uv_buf_t b = buf1.ToUVBuf(); + buffer.Push(&b, 1, [&](int status) { cb(status, &buf1); }); + } + { + uv_buf_t b = buf2.ToUVBuf(); + buffer.Push(&b, 1, [&](int status) { cb(status, &buf2); }); + } + CHECK_EQ(150, buffer.Length()); + CHECK_EQ(2, buffer.Size()); + + buffer.SeekHead(2); + + buffer.Consume(25); + CHECK_EQ(125, buffer.Length()); + CHECK_EQ(2, buffer.Size()); + + buffer.Consume(100); + CHECK_EQ(25, buffer.Length()); + CHECK_EQ(1, buffer.Size()); + + { + uv_buf_t b = buf2.ToUVBuf(); + buffer.Push(&b, 1, [&](int status) { cb(status, &buf3); }); + } + + CHECK_EQ(75, buffer.Length()); + CHECK_EQ(2, buffer.Size()); + + buffer.SeekHead(); + buffer.Consume(75); + CHECK_EQ(0, buffer.Length()); + CHECK_EQ(0, buffer.Size()); +} + +TEST(QuicBuffer, Move) { + QuicBuffer buffer1; + QuicBuffer buffer2; + + char data[100]; + memset(&data, 0, node::arraysize(data)); + uv_buf_t buf = uv_buf_init(data, node::arraysize(data)); + + buffer1.Push(&buf, 1); + + CHECK_EQ(100, buffer1.Length()); + CHECK_EQ(1, buffer1.Size()); + + buffer2 = std::move(buffer1); + CHECK_EQ(0, buffer1.Length()); + CHECK_EQ(0, buffer1.Size()); + CHECK_EQ(100, buffer2.Length()); + CHECK_EQ(1, buffer2.Size()); +} + +TEST(QuicBuffer, Append) { + QuicBuffer buffer1; + QuicBuffer buffer2; + + { + char data[100]; + memset(&data, 0, node::arraysize(data)); + uv_buf_t buf = uv_buf_init(data, node::arraysize(data)); + + buffer1.Push(&buf, 1); + } + + { + char data[100]; + memset(&data, 1, node::arraysize(data)); + uv_buf_t buf = uv_buf_init(data, node::arraysize(data)); + + buffer2.Push(&buf, 1); + } + + CHECK_EQ(100, buffer1.Length()); + CHECK_EQ(1, buffer1.Size()); + CHECK_EQ(100, buffer2.Length()); + CHECK_EQ(1, buffer2.Size()); + + buffer2 += std::move(buffer1); + + CHECK_EQ(0, buffer1.Length()); + CHECK_EQ(0, buffer1.Size()); + CHECK_EQ(200, buffer2.Length()); + CHECK_EQ(2, buffer2.Size()); +} + +TEST(QuicBuffer, MallocedBuffer) { + uint8_t* data = node::Malloc(100); + int count = 0; + auto cb = [&](int status) { + count++; + }; + + QuicBuffer buffer; + buffer.Push(node::MallocedBuffer(data, 100), cb); + CHECK_EQ(1, buffer.Size()); + CHECK_EQ(100, buffer.Length()); + + std::vector vec; + size_t len = buffer.DrainInto(&vec); + CHECK_EQ(1, vec.size()); + buffer.SeekHead(len); + + buffer.Consume(50); + CHECK_EQ(1, buffer.Size()); + CHECK_EQ(50, buffer.Length()); + CHECK_EQ(0, count); + + buffer.Consume(50); + CHECK_EQ(0, buffer.Size()); + CHECK_EQ(0, buffer.Length()); + CHECK_EQ(1, count); +} + +TEST(QuicBuffer, Head) { + uint8_t* data = node::Malloc(100); + memset(data, 0, 100); + QuicBuffer buffer; + buffer.Push(node::MallocedBuffer(data, 100)); + CHECK_EQ(1, buffer.Size()); + + // buffer.Head() returns the current read head + { + uv_buf_t buf = buffer.Head(); + CHECK_EQ(100, buf.len); + CHECK_EQ(0, buf.base[0]); + } + + buffer.Consume(50); + CHECK_EQ(1, buffer.Size()); + + { + uv_buf_t buf = buffer.Head(); + CHECK_EQ(100, buf.len); + CHECK_EQ(0, buf.base[0]); + } + + // Seeking the head to the end will + // result in an empty head + buffer.SeekHead(); + { + uv_buf_t buf = buffer.Head(); + CHECK_EQ(0, buf.len); + CHECK_EQ(nullptr, buf.base); + } + // But the buffer will still have unconsumed data + CHECK_EQ(50, buffer.Length()); + CHECK_EQ(1, buffer.Size()); + + buffer.Consume(100); + CHECK_EQ(0, buffer.Length()); + CHECK_EQ(0, buffer.Size()); +} diff --git a/test/cctest/test_quic_verifyhostnameidentity.cc b/test/cctest/test_quic_verifyhostnameidentity.cc new file mode 100644 index 0000000000..2c7d1e232a --- /dev/null +++ b/test/cctest/test_quic_verifyhostnameidentity.cc @@ -0,0 +1,347 @@ + +#include "base_object-inl.h" +#include "node_quic_crypto.h" +#include "util.h" +#include "gtest/gtest.h" + +#include + +#include +#include +#include + +using node::quic::VerifyHostnameIdentity; + +enum altname_type { + TYPE_DNS, + TYPE_IP, + TYPE_URI +}; + +struct altname { + altname_type type; + const char* name; +}; + +void ToAltNamesMap( + const altname* names, + size_t names_len, + std::unordered_multimap* map) { + for (size_t n = 0; n < names_len; n++) { + switch (names[n].type) { + case TYPE_DNS: + map->emplace("dns", names[n].name); + continue; + case TYPE_IP: + map->emplace("ip", names[n].name); + continue; + case TYPE_URI: + map->emplace("uri", names[n].name); + continue; + } + } +} + +TEST(QuicCrypto, BasicCN_1) { + std::unordered_multimap altnames; + CHECK_EQ(VerifyHostnameIdentity("a.com", std::string("a.com"), altnames), 0); +} + +TEST(QuicCrypto, BasicCN_2) { + std::unordered_multimap altnames; + CHECK_EQ(VerifyHostnameIdentity("a.com", std::string("A.com"), altnames), 0); +} + +TEST(QuicCrypto, BasicCN_3_Fail) { + std::unordered_multimap altnames; + CHECK_EQ( + VerifyHostnameIdentity("a.com", std::string("b.com"), altnames), + X509_V_ERR_HOSTNAME_MISMATCH); +} + +TEST(QuicCrypto, BasicCN_4) { + std::unordered_multimap altnames; + CHECK_EQ(VerifyHostnameIdentity("a.com", std::string("a.com."), altnames), 0); +} + +TEST(QuicCrypto, BasicCN_5_Fail) { + std::unordered_multimap altnames; + CHECK_EQ( + VerifyHostnameIdentity("a.com", std::string(".a.com"), altnames), + X509_V_ERR_HOSTNAME_MISMATCH); +} + +TEST(QuicCrypto, BasicCN_6_Fail) { + std::unordered_multimap altnames; + CHECK_EQ( + VerifyHostnameIdentity("8.8.8.8", std::string("8.8.8.8"), altnames), + X509_V_ERR_HOSTNAME_MISMATCH); +} + +TEST(QuicCrypto, BasicCN_7_Fail) { + std::unordered_multimap altnames; + altnames.emplace("dns", "8.8.8.8"); + CHECK_EQ( + VerifyHostnameIdentity("8.8.8.8", std::string("8.8.8.8"), altnames), + X509_V_ERR_HOSTNAME_MISMATCH); +} + +TEST(QuicCrypto, BasicCN_8_Fail) { + std::unordered_multimap altnames; + altnames.emplace("uri", "8.8.8.8"); + CHECK_EQ( + VerifyHostnameIdentity("8.8.8.8", std::string("8.8.8.8"), altnames), + X509_V_ERR_HOSTNAME_MISMATCH); +} + +TEST(QuicCrypto, BasicCN_9) { + std::unordered_multimap altnames; + altnames.emplace("ip", "8.8.8.8"); + CHECK_EQ( + VerifyHostnameIdentity("8.8.8.8", std::string("8.8.8.8"), altnames), 0); +} + +TEST(QuicCrypto, BasicCN_10_Fail) { + std::unordered_multimap altnames; + altnames.emplace("ip", "8.8.8.8/24"); + CHECK_EQ( + VerifyHostnameIdentity("8.8.8.8", std::string("8.8.8.8"), altnames), + X509_V_ERR_HOSTNAME_MISMATCH); +} + +TEST(QuicCrypto, BasicCN_11) { + std::unordered_multimap altnames; + CHECK_EQ( + VerifyHostnameIdentity("b.a.com", std::string("*.a.com"), altnames), 0); +} + +TEST(QuicCrypto, BasicCN_12_Fail) { + std::unordered_multimap altnames; + CHECK_EQ( + VerifyHostnameIdentity("ba.com", std::string("*.a.com"), altnames), + X509_V_ERR_HOSTNAME_MISMATCH); +} + +TEST(QuicCrypto, BasicCN_13_Fail) { + std::unordered_multimap altnames; + CHECK_EQ( + VerifyHostnameIdentity("\n.a.com", std::string("*.a.com"), altnames), + X509_V_ERR_HOSTNAME_MISMATCH); +} + +TEST(QuicCrypto, BasicCN_14_Fail) { + std::unordered_multimap altnames; + altnames.emplace("dns", "omg.com"); + CHECK_EQ( + VerifyHostnameIdentity("b.a.com", std::string("*.a.com"), altnames), + X509_V_ERR_HOSTNAME_MISMATCH); +} + +TEST(QuicCrypto, BasicCN_15_Fail) { + std::unordered_multimap altnames; + CHECK_EQ( + VerifyHostnameIdentity("b.a.com", std::string("b*b.a.com"), altnames), + X509_V_ERR_HOSTNAME_MISMATCH); +} + +TEST(QuicCrypto, BasicCN_16_Fail) { + std::unordered_multimap altnames; + CHECK_EQ( + VerifyHostnameIdentity("b.a.com", std::string(), altnames), + X509_V_ERR_HOSTNAME_MISMATCH); +} + +TEST(QuicCrypto, BasicCN_17) { + // TODO(@jasnell): This should test multiple CN's. The code is only + // implemented to support one. Need to fix + std::unordered_multimap altnames; + CHECK_EQ( + VerifyHostnameIdentity("foo.com", std::string("foo.com"), altnames), 0); +} + +TEST(QuicCrypto, BasicCN_18_Fail) { + std::unordered_multimap altnames; + altnames.emplace("dns", "*"); + CHECK_EQ( + VerifyHostnameIdentity("a.com", std::string("b.com"), altnames), + X509_V_ERR_HOSTNAME_MISMATCH); +} + +TEST(QuicCrypto, BasicCN_19_Fail) { + std::unordered_multimap altnames; + altnames.emplace("dns", "*.com"); + CHECK_EQ( + VerifyHostnameIdentity("a.com", std::string("b.com"), altnames), + X509_V_ERR_HOSTNAME_MISMATCH); +} + +TEST(QuicCrypto, BasicCN_20) { + std::unordered_multimap altnames; + altnames.emplace("dns", "*.co.uk"); + CHECK_EQ( + VerifyHostnameIdentity("a.co.uk", std::string("b.com"), altnames), 0); +} + +TEST(QuicCrypto, BasicCN_21_Fail) { + std::unordered_multimap altnames; + altnames.emplace("dns", "*.a.com"); + CHECK_EQ( + VerifyHostnameIdentity("a.com", std::string("a.com"), altnames), + X509_V_ERR_HOSTNAME_MISMATCH); +} + +TEST(QuicCrypto, BasicCN_22_Fail) { + std::unordered_multimap altnames; + altnames.emplace("dns", "*.a.com"); + CHECK_EQ( + VerifyHostnameIdentity("a.com", std::string("b.com"), altnames), + X509_V_ERR_HOSTNAME_MISMATCH); +} + +TEST(QuicCrypto, BasicCN_23) { + std::unordered_multimap altnames; + altnames.emplace("dns", "a.com"); + CHECK_EQ( + VerifyHostnameIdentity("a.com", std::string("b.com"), altnames), 0); +} + +TEST(QuicCrypto, BasicCN_24) { + std::unordered_multimap altnames; + altnames.emplace("dns", "A.COM"); + CHECK_EQ( + VerifyHostnameIdentity("a.com", std::string("b.com"), altnames), 0); +} + +TEST(QuicCrypto, BasicCN_25_Fail) { + std::unordered_multimap altnames; + altnames.emplace("dns", "*.a.com"); + CHECK_EQ( + VerifyHostnameIdentity("a.com", std::string(), altnames), + X509_V_ERR_HOSTNAME_MISMATCH); +} + +TEST(QuicCrypto, BasicCN_26) { + std::unordered_multimap altnames; + altnames.emplace("dns", "*.a.com"); + CHECK_EQ( + VerifyHostnameIdentity("b.a.com", std::string(), altnames), 0); +} + +TEST(QuicCrypto, BasicCN_27_Fail) { + std::unordered_multimap altnames; + altnames.emplace("dns", "*.a.com"); + CHECK_EQ( + VerifyHostnameIdentity("c.b.a.com", std::string(), altnames), + X509_V_ERR_HOSTNAME_MISMATCH); +} + +TEST(QuicCrypto, BasicCN_28) { + std::unordered_multimap altnames; + altnames.emplace("dns", "*b.a.com"); + CHECK_EQ( + VerifyHostnameIdentity("b.a.com", std::string(), altnames), 0); +} + +TEST(QuicCrypto, BasicCN_29) { + std::unordered_multimap altnames; + altnames.emplace("dns", "*b.a.com"); + CHECK_EQ( + VerifyHostnameIdentity("a-cb.a.com", std::string(), altnames), 0); +} + +TEST(QuicCrypto, BasicCN_30_Fail) { + std::unordered_multimap altnames; + altnames.emplace("dns", "*b.a.com"); + CHECK_EQ( + VerifyHostnameIdentity("a.b.a.com", std::string(), altnames), + X509_V_ERR_HOSTNAME_MISMATCH); +} + + +TEST(QuicCrypto, BasicCN_31) { + std::unordered_multimap altnames; + altnames.emplace("dns", "*b.a.com"); + altnames.emplace("dns", "a.b.a.com"); + CHECK_EQ( + VerifyHostnameIdentity("a.b.a.com", std::string(), altnames), 0); +} + + +TEST(QuicCrypto, BasicCN_32) { + std::unordered_multimap altnames; + altnames.emplace("uri", "a.b.a.com"); + CHECK_EQ( + VerifyHostnameIdentity("a.b.a.com", std::string(), altnames), 0); +} + +TEST(QuicCrypto, BasicCN_33_Fail) { + std::unordered_multimap altnames; + altnames.emplace("uri", "*.b.a.com"); + CHECK_EQ( + VerifyHostnameIdentity("a.b.a.com", std::string(), altnames), + X509_V_ERR_HOSTNAME_MISMATCH); +} + +// // Invalid URI +// { +// host: 'a.b.a.com', cert: { +// subjectaltname: 'URI:http://[a.b.a.com]/', +// subject: {} +// } +// }, + +TEST(QuicCrypto, BasicCN_35_Fail) { + std::unordered_multimap altnames; + altnames.emplace("ip", "127.0.0.1"); + CHECK_EQ( + VerifyHostnameIdentity("a.b.a.com", std::string(), altnames), + X509_V_ERR_HOSTNAME_MISMATCH); +} + +TEST(QuicCrypto, BasicCN_36) { + std::unordered_multimap altnames; + altnames.emplace("ip", "127.0.0.1"); + CHECK_EQ( + VerifyHostnameIdentity("127.0.0.1", std::string(), altnames), 0); +} + +TEST(QuicCrypto, BasicCN_37_Fail) { + std::unordered_multimap altnames; + altnames.emplace("ip", "127.0.0.1"); + CHECK_EQ( + VerifyHostnameIdentity("127.0.0.2", std::string(), altnames), + X509_V_ERR_HOSTNAME_MISMATCH); +} + +TEST(QuicCrypto, BasicCN_38_Fail) { + std::unordered_multimap altnames; + altnames.emplace("dns", "a.com"); + CHECK_EQ( + VerifyHostnameIdentity("127.0.0.1", std::string(), altnames), + X509_V_ERR_HOSTNAME_MISMATCH); +} + +TEST(QuicCrypto, BasicCN_39_Fail) { + std::unordered_multimap altnames; + altnames.emplace("dns", "a.com"); + CHECK_EQ( + VerifyHostnameIdentity("localhost", std::string("localhost"), altnames), + X509_V_ERR_HOSTNAME_MISMATCH); +} + +TEST(QuicCrypto, BasicCN_40) { + std::unordered_multimap altnames; + CHECK_EQ( + VerifyHostnameIdentity( + "xn--bcher-kva.example.com", + std::string("*.example.com"), altnames), 0); +} + +TEST(QuicCrypto, BasicCN_41_Fail) { + std::unordered_multimap altnames; + CHECK_EQ( + VerifyHostnameIdentity( + "xn--bcher-kva.example.com", + std::string("xn--*.example.com"), altnames), + X509_V_ERR_HOSTNAME_MISMATCH); +} diff --git a/test/common/index.js b/test/common/index.js index 1be7872081..51973457c0 100644 --- a/test/common/index.js +++ b/test/common/index.js @@ -46,6 +46,7 @@ if (isMainThread) const noop = () => {}; const hasCrypto = Boolean(process.versions.openssl); +const hasQuic = Boolean(process.versions.ngtcp2); // Check for flags. Skip this for workers (both, the `cluster` module and // `worker_threads`) and child processes. @@ -753,6 +754,7 @@ module.exports = { getTTYfd, hasIntl, hasCrypto, + hasQuic, hasIPv6, hasMultiLocalhost, isAIX, diff --git a/test/parallel/test-module-cjs-helpers.js b/test/parallel/test-module-cjs-helpers.js index 12de65598e..cadb5f9936 100644 --- a/test/parallel/test-module-cjs-helpers.js +++ b/test/parallel/test-module-cjs-helpers.js @@ -5,5 +5,5 @@ require('../common'); const assert = require('assert'); const { builtinLibs } = require('internal/modules/cjs/helpers'); -const expectedLibs = process.features.inspector ? 34 : 33; +const expectedLibs = process.features.inspector ? 35 : 34; assert.strictEqual(builtinLibs.length, expectedLibs); diff --git a/test/parallel/test-process-versions.js b/test/parallel/test-process-versions.js index 14484293dc..194704f9e1 100644 --- a/test/parallel/test-process-versions.js +++ b/test/parallel/test-process-versions.js @@ -2,11 +2,23 @@ const common = require('../common'); const assert = require('assert'); -const expected_keys = ['ares', 'brotli', 'modules', 'node', - 'uv', 'v8', 'zlib', 'nghttp2', 'napi', 'llhttp']; +const expected_keys = [ + 'ares', + 'brotli', + 'modules', + 'node', + 'uv', + 'v8', + 'zlib', + 'nghttp2', + 'nghttp3', + 'napi', + 'llhttp' +]; if (common.hasCrypto) { expected_keys.push('openssl'); + expected_keys.push('ngtcp2'); } if (common.hasIntl) { diff --git a/test/parallel/test-quic-binding.js b/test/parallel/test-quic-binding.js new file mode 100644 index 0000000000..337b443de7 --- /dev/null +++ b/test/parallel/test-quic-binding.js @@ -0,0 +1,17 @@ +// Flags: --expose-internals +'use strict'; + +const common = require('../common'); +if (!common.hasQuic) + common.skip('missing quic'); + +const assert = require('assert'); +const { internalBinding } = require('internal/test/binding'); + +const quic = internalBinding('quic'); +assert(quic); + +// Version numbers used to identify IETF drafts are created by adding the draft +// number to 0xff0000, in this case 13 (19). +assert.strictEqual(quic.constants.NGTCP2_PROTO_VER.toString(16), 'ff000016'); +assert.strictEqual(quic.constants.NGTCP2_ALPN_H3, '\u0005h3-22'); diff --git a/test/parallel/test-quic-client-server.js b/test/parallel/test-quic-client-server.js new file mode 100644 index 0000000000..232c626d2b --- /dev/null +++ b/test/parallel/test-quic-client-server.js @@ -0,0 +1,364 @@ +// Flags: --expose-internals +'use strict'; + +// Tests a simple QUIC client/server round-trip + +const common = require('../common'); +if (!common.hasQuic) + common.skip('missing quic'); + +const { internalBinding } = require('internal/test/binding'); +const { + constants: { + NGTCP2_NO_ERROR, + QUIC_ERROR_APPLICATION, + } +} = internalBinding('quic'); + +const { Buffer } = require('buffer'); +const Countdown = require('../common/countdown'); +const assert = require('assert'); +const fs = require('fs'); +const fixtures = require('../common/fixtures'); +const key = fixtures.readKey('agent1-key.pem', 'binary'); +const cert = fixtures.readKey('agent1-cert.pem', 'binary'); +const ca = fixtures.readKey('ca1-cert.pem', 'binary'); +const { debuglog } = require('util'); +const debug = debuglog('test'); + +const filedata = fs.readFileSync(__filename, { encoding: 'utf8' }); + +const { createSocket } = require('quic'); + +const kServerPort = process.env.NODE_DEBUG_KEYLOG ? 5678 : 0; +const kClientPort = process.env.NODE_DEBUG_KEYLOG ? 5679 : 0; + +let client; +const server = createSocket({ port: kServerPort, validateAddress: true }); + +// Diagnostic Packet Loss allows packets to be randomly ignored +// to simulate network packet loss conditions. This is not a +// feature that should be turned on in production unless the +// intent is to simulate loss to gather performance data or +// debug issues. The values for rx and tx must be between +// 0.0 and 1.0 (inclusive) +server.setDiagnosticPacketLoss({ rx: 0.00, tx: 0.00 }); + +const unidata = ['I wonder if it worked.', 'test']; +const kServerName = 'agent2'; // Intentionally the wrong servername +const kALPN = 'zzz'; // ALPN can be overriden to whatever we want + + +const kKeylogs = [ + /QUIC_SERVER_HANDSHAKE_TRAFFIC_SECRET.*/, + /SERVER_HANDSHAKE_TRAFFIC_SECRET.*/, + /QUIC_CLIENT_HANDSHAKE_TRAFFIC_SECRET.*/, + /CLIENT_HANDSHAKE_TRAFFIC_SECRET.*/, + /QUIC_SERVER_TRAFFIC_SECRET_0.*/, + /EXPORTER_SECRET.*/, + /SERVER_TRAFFIC_SECRET_0.*/, + /QUIC_CLIENT_TRAFFIC_SECRET_0.*/, + /CLIENT_TRAFFIC_SECRET_0.*/, +]; + + +const countdown = new Countdown(2, () => { + debug('Countdown expired. Destroying sockets'); + server.close(); + client.close(); +}); + +server.listen({ + key, + cert, + ca, + requestCert: true, + rejectUnauthorized: false, + alpn: kALPN, + maxCryptoBuffer: 4096, +}); +server.on('session', common.mustCall((session) => { + debug('QuicServerSession Created'); + + assert.strictEqual(session.maxStreams.bidi, 100); + assert.strictEqual(session.maxStreams.uni, 3); + + { + const { + address, + family, + port + } = session.remoteAddress; + assert.strictEqual(port, client.address.port); + assert.strictEqual(family, client.address.family); + debug(`QuicServerSession Client ${family} address ${address}:${port}`); + } + + session.on('clientHello', common.mustCall( + (alpn, servername, ciphers, cb) => { + assert.strictEqual(alpn, kALPN); + assert.strictEqual(servername, kServerName); + assert.strictEqual(ciphers.length, 4); + cb(); + })); + + session.on('OCSPRequest', common.mustCall( + (servername, context, cb) => { + debug('QuicServerSession received a OCSP request'); + assert.strictEqual(servername, kServerName); + + // This will be a SecureContext. By default it will + // be the SecureContext used to create the QuicSession. + // If the user wishes to do something with it, it can, + // but if it wishes to pass in a new SecureContext, + // it can pass it in as the second argument to the + // callback below. + assert(context); + debug('QuicServerSession Certificate: ', context.getCertificate()); + debug('QuicServerSession Issuer: ', context.getIssuer()); + + // The callback can be invoked asynchronously + // TODO(@jasnell): Using setImmediate here causes the test + // to fail, but it shouldn't. Investigate why. + process.nextTick(() => { + // The first argument is a potential error, + // in which case the session will be destroyed + // immediately. + // The second is an optional new SecureContext + // The third is the ocsp response. + // All arguments are optional + cb(null, null, Buffer.from('hello')); + }); + })); + + session.on('keylog', common.mustCall((line) => { + assert(kKeylogs.shift().test(line)); + }, kKeylogs.length)); + + if (process.env.NODE_DEBUG_KEYLOG) { + const kl = fs.createWriteStream(process.env.NODE_DEBUG_KEYLOG); + session.on('keylog', kl.write.bind(kl)); + } + + session.on('secure', common.mustCall((servername, alpn, cipher) => { + // Should not error and should return true... also shouldn't + // cause anything else to fail. + assert(session.updateKey()); + + debug('QuicServerSession TLS Handshake Complete'); + debug(' Server name: %s', servername); + debug(' ALPN: %s', alpn); + debug(' Cipher: %s, %s', cipher.name, cipher.version); + assert.strictEqual(session.servername, servername); + assert.strictEqual(servername, kServerName); + assert.strictEqual(session.alpnProtocol, alpn); + assert.strictEqual(session.getPeerCertificate().subject.CN, 'agent1'); + + debug('QuicServerSession client is %sauthenticated', + session.authenticated ? '' : 'not '); + assert(session.authenticated); + assert.strictEqual(session.authenticationError, undefined); + + const uni = session.openStream({ halfOpen: true }); + uni.write(unidata[0]); + uni.end(unidata[1]); + debug('Unidirectional, Server-initiated stream %d opened', uni.id); + uni.on('data', common.mustNotCall()); + uni.on('finish', common.mustCall()); + uni.on('close', common.mustCall()); + uni.on('end', common.mustCall()); + })); + + session.on('stream', common.mustCall((stream) => { + debug('Bidirectional, Client-initiated stream %d received', stream.id); + const file = fs.createReadStream(__filename); + let data = ''; + file.pipe(stream); + stream.setEncoding('utf8'); + stream.on('data', (chunk) => { + data += chunk; + + debug('Server: min data rate: %f', stream.dataRateHistogram.min); + debug('Server: max data rate: %f', stream.dataRateHistogram.max); + debug('Server: data rate 50%: %f', + stream.dataRateHistogram.percentile(50)); + debug('Server: data rate 99%: %f', + stream.dataRateHistogram.percentile(99)); + + debug('Server: min data size: %f', stream.dataSizeHistogram.min); + debug('Server: max data size: %f', stream.dataSizeHistogram.max); + debug('Server: data size 50%: %f', + stream.dataSizeHistogram.percentile(50)); + debug('Server: data size 99%: %f', + stream.dataSizeHistogram.percentile(99)); + }); + stream.on('end', common.mustCall(() => { + assert.strictEqual(data, filedata); + debug('Server received expected data for stream %d', stream.id); + })); + stream.on('close', common.mustCall()); + stream.on('finish', common.mustCall()); + })); + + session.on('close', common.mustCall(() => { + const { + code, + family + } = session.closeCode; + debug(`Server session closed with code ${code} (family: ${family})`); + assert.strictEqual(code, NGTCP2_NO_ERROR); + assert.strictEqual(family, QUIC_ERROR_APPLICATION); + })); +})); + +server.on('ready', common.mustCall(() => { + debug('Server is listening on port %d', server.address.port); + client = createSocket({ + port: kClientPort, + client: { + key, + cert, + ca, + alpn: kALPN, + } + }); + + client.on('close', () => { + debug('Client closing. Duration', client.duration); + debug(' Bound duration', + client.boundDuration); + debug(' Bytes Sent/Received: %d/%d', + client.bytesSent, + client.bytesReceived); + debug(' Packets Sent/Received: %d/%d', + client.packetsSent, + client.packetsReceived); + debug(' Sessions:', client.clientSessions); + }); + + const req = client.connect({ + address: 'localhost', + port: server.address.port, + servername: kServerName, + requestOCSP: true, + }); + + assert.strictEqual(req.servername, kServerName); + + req.on('OCSPResponse', common.mustCall((response) => { + debug(`QuicClientSession OCSP response: "${response.toString()}"`); + assert.strictEqual(response.toString(), 'hello'); + })); + + req.on('sessionTicket', common.mustCall((id, ticket, params) => { + debug('Session ticket received'); + assert(id instanceof Buffer); + assert(ticket instanceof Buffer); + assert(params instanceof Buffer); + debug(' ID: %s', id.toString('hex')); + debug(' Ticket: %s', ticket.toString('hex')); + debug(' Params: %s', params.toString('hex')); + }, 2)); + + req.on('secure', common.mustCall((servername, alpn, cipher) => { + debug('QuicClientSession TLS Handshake Complete'); + debug(' Server name: %s', servername); + debug(' ALPN: %s', alpn); + debug(' Cipher: %s, %s', cipher.name, cipher.version); + assert.strictEqual(servername, kServerName); + assert.strictEqual(req.servername, kServerName); + assert.strictEqual(alpn, kALPN); + assert.strictEqual(req.alpnProtocol, kALPN); + assert(req.ephemeralKeyInfo); + assert(req.getPeerCertificate()); + + debug('Client, min handshake ack: %f', + req.handshakeAckHistogram.min); + debug('Client, max handshake ack: %f', + req.handshakeAckHistogram.max); + debug('Client, min handshake rate: %f', + req.handshakeContinuationHistogram.min); + debug('Client, max handshake rate: %f', + req.handshakeContinuationHistogram.max); + + // The server's identity won't be valid because the requested + // SNI hostname does not match the certificate used. + debug('QuicClientSession server is %sauthenticated', + req.authenticated ? '' : 'not '); + assert(!req.authenticated); + common.expectsError(() => { throw req.authenticationError; }, { + code: 'ERR_QUIC_VERIFY_HOSTNAME_MISMATCH', + message: 'Hostname mismatch' + }); + + { + const { + address, + family, + port + } = req.remoteAddress; + assert.strictEqual(port, server.address.port); + assert.strictEqual(family, server.address.family); + debug(`QuicClientSession Server ${family} address ${address}:${port}`); + } + + const file = fs.createReadStream(__filename); + const stream = req.openStream(); + file.pipe(stream); + let data = ''; + stream.resume(); + stream.setEncoding('utf8'); + stream.on('data', (chunk) => data += chunk); + stream.on('finish', common.mustCall()); + stream.on('end', common.mustCall(() => { + assert.strictEqual(data, filedata); + debug('Client received expected data for stream %d', stream.id); + })); + stream.on('close', common.mustCall(() => { + debug('Bidirectional, Client-initiated stream %d closed', stream.id); + countdown.dec(); + })); + debug('Bidirectional, Client-initiated stream %d opened', stream.id); + })); + + req.on('stream', common.mustCall((stream) => { + debug('Unidirectional, Server-initiated stream %d received', stream.id); + let data = ''; + stream.setEncoding('utf8'); + stream.on('data', (chunk) => data += chunk); + stream.on('end', common.mustCall(() => { + assert.strictEqual(data, unidata.join('')); + debug('Client received expected data for stream %d', stream.id); + })); + stream.on('close', common.mustCall(() => { + debug('Unidirectional, Server-initiated stream %d closed', stream.id); + countdown.dec(); + })); + })); + + req.on('close', common.mustCall(() => { + const { + code, + family + } = req.closeCode; + debug(`Client session closed with code ${code} (family: ${family})`); + assert.strictEqual(code, NGTCP2_NO_ERROR); + assert.strictEqual(family, QUIC_ERROR_APPLICATION); + })); +})); + +server.on('listening', common.mustCall()); +server.on('close', () => { + debug('Server closing. Duration', server.duration); + debug(' Bound duration:', + server.boundDuration); + debug(' Listen duration:', + server.listenDuration); + debug(' Bytes Sent/Received: %d/%d', + server.bytesSent, + server.bytesReceived); + debug(' Packets Sent/Received: %d/%d', + server.packetsSent, + server.packetsReceived); + debug(' Sessions:', server.serverSessions); +}); diff --git a/test/parallel/test-quic-createsocket-err.js b/test/parallel/test-quic-createsocket-err.js new file mode 100644 index 0000000000..ddbf1acac7 --- /dev/null +++ b/test/parallel/test-quic-createsocket-err.js @@ -0,0 +1,111 @@ +'use strict'; + +// Test QuicSocket constructor option errors + +const common = require('../common'); +if (!common.hasQuic) + common.skip('missing quic'); + +const assert = require('assert'); + +const { createSocket } = require('quic'); + +// Test invalid QuicSocket options argument +[1, 'test', false, 1n, null].forEach((i) => { + assert.throws(() => createSocket(i), { + code: 'ERR_INVALID_ARG_TYPE' + }); +}); + +// Test invalid QuicSocket port argument option +[-1, 'test', 1n, {}, [], NaN, false].forEach((port) => { + assert.throws(() => createSocket({ port }), { + code: 'ERR_INVALID_ARG_VALUE' + }); +}); + +// Test invalid QuicSocket addressargument option +[-1, 10, 1n, {}, [], NaN, false].forEach((address) => { + assert.throws(() => createSocket({ address }), { + code: 'ERR_INVALID_ARG_TYPE' + }); +}); + +// Test invalid QuicSocket type argument option +[1, false, 1n, {}, null, NaN].forEach((type) => { + assert.throws(() => createSocket({ type }), { + code: 'ERR_INVALID_ARG_TYPE' + }); +}); + +// Test invalid QuicSocket lookup argument option +[1, false, NaN, 1n, null, {}, []].forEach((lookup) => { + assert.throws(() => createSocket({ lookup }), { + code: 'ERR_INVALID_ARG_TYPE' + }); +}); + +// Test invalid QuicSocket ipv6Only argument option +[1, NaN, 1n, null, {}, []].forEach((ipv6Only) => { + assert.throws(() => createSocket({ ipv6Only }), { + code: 'ERR_INVALID_ARG_TYPE' + }); +}); + +// Test invalid QuicSocket reuseAddr argument option +[1, NaN, 1n, null, {}, []].forEach((reuseAddr) => { + assert.throws(() => createSocket({ reuseAddr }), { + code: 'ERR_INVALID_ARG_TYPE' + }); +}); + +// Test invalid QuicSocket reuseAddr argument option +[1, NaN, 1n, null, {}, []].forEach((validateAddress) => { + assert.throws(() => createSocket({ validateAddress }), { + code: 'ERR_INVALID_ARG_TYPE' + }); +}); + +// Test invalid QuicSocket reuseAddr argument option +[1, NaN, 1n, null, {}, []].forEach((reuseAddr) => { + assert.throws(() => createSocket({ reuseAddr }), { + code: 'ERR_INVALID_ARG_TYPE' + }); +}); + +// Test invalid QuicSocket retryTokenTimeout option +[0, 61].forEach((retryTokenTimeout) => { + assert.throws(() => createSocket({ retryTokenTimeout }), { + code: 'ERR_OUT_OF_RANGE' + }); +}); + +// Test invalid QuicSocket retryTokenTimeout option +['test', null, NaN, 1n, {}, [], false].forEach((retryTokenTimeout) => { + assert.throws(() => createSocket({ retryTokenTimeout }), { + code: 'ERR_INVALID_ARG_TYPE' + }); +}); + +// Test invalid QuicSocket maxConnectionsPerHost option +[0].forEach((maxConnectionsPerHost) => { + assert.throws(() => createSocket({ maxConnectionsPerHost }), { + code: 'ERR_OUT_OF_RANGE' + }); +}); + +// Test invalid QuicSocket maxConnectionsPerHost option +[ + Number.MAX_SAFE_INTEGER + 1, + 'test', + null, + NaN, + 1n, + {}, + [], + false +].forEach((maxConnectionsPerHost) => { + assert.throws(() => createSocket({ maxConnectionsPerHost }), { + code: 'ERR_INVALID_ARG_TYPE' + }); +}); diff --git a/test/parallel/test-quic-packetloss.js b/test/parallel/test-quic-packetloss.js new file mode 100644 index 0000000000..78bd4a3894 --- /dev/null +++ b/test/parallel/test-quic-packetloss.js @@ -0,0 +1,101 @@ +// Flags: --expose-internals +'use strict'; + +// This test is not yet working correctly because data +// retransmission and the requisite data buffering is +// not yet working correctly +const common = require('../common'); +if (!common.hasQuic) + common.skip('missing quic'); + +const Countdown = require('../common/countdown'); +const assert = require('assert'); +const fixtures = require('../common/fixtures'); +const key = fixtures.readKey('agent1-key.pem', 'binary'); +const cert = fixtures.readKey('agent1-cert.pem', 'binary'); +const ca = fixtures.readKey('ca1-cert.pem', 'binary'); +const { debuglog } = require('util'); +const debug = debuglog('test'); + +const { createSocket } = require('quic'); + +let client; +const server = createSocket({ type: 'udp4', port: 0 }); + +const kServerName = 'agent1'; +const kALPN = 'echo'; + +const kData = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'; + +const countdown = new Countdown(1, () => { + debug('Countdown expired. Destroying sockets'); + server.close(); + client.close(); +}); + +server.listen({ + key, + cert, + ca, + alpn: kALPN +}); +server.on('session', common.mustCall((session) => { + debug('QuicServerSession Created'); + + session.on('stream', common.mustCall((stream) => { + debug('Bidirectional, Client-initiated stream %d received', stream.id); + stream.pipe(stream); + })); + +})); + +server.on('ready', common.mustCall(() => { + debug('Server is listening on port %d', server.address.port); + client = createSocket({ port: 0 }); + + const req = client.connect({ + address: 'localhost', + key, + cert, + ca, + alpn: kALPN, + port: server.address.port, + servername: kServerName, + }); + + req.on('secure', common.mustCall((servername, alpn, cipher) => { + debug('QuicClientSession TLS Handshake Complete'); + + // Set for 20% received packet loss on the server + server.setDiagnosticPacketLoss({ rx: 0.2 }); + + const stream = req.openStream(); + + let n = 0; + function sendChunk() { + if (n < kData.length) { + stream.write(kData[n++], common.mustCall()); + setImmediate(sendChunk); + } else { + stream.end(); + } + } + sendChunk(); + + let data = ''; + stream.resume(); + stream.setEncoding('utf8'); + stream.on('data', (chunk) => data += chunk); + stream.on('end', common.mustCall(() => { + console.log(data, data.length); + assert.strictEqual(data, kData); + })); + + stream.on('close', common.mustCall(() => { + debug('Bidirectional, Client-initiated stream %d closed', stream.id); + countdown.dec(); + })); + + debug('Bidirectional, Client-initiated stream %d opened', stream.id); + })); +})); diff --git a/test/parallel/test-quic-process-cleanup.js b/test/parallel/test-quic-process-cleanup.js new file mode 100644 index 0000000000..4396cf0b36 --- /dev/null +++ b/test/parallel/test-quic-process-cleanup.js @@ -0,0 +1,73 @@ +'use strict'; +const common = require('../common'); +if (!common.hasQuic) + common.skip('missing quic'); + +// Test that shutting down a process containing an active QUIC server behaves +// well. We use Workers because they have a more clearly defined shutdown +// sequence and we can stop execution at any point. + +const quic = require('quic'); +const { isMainThread, Worker, workerData } = require('worker_threads'); + +if (isMainThread) { + new Worker(__filename, { workerData: { removeFromSocket: true } }); + new Worker(__filename, { workerData: { removeFromSocket: false } }); + return; +} + +const fixtures = require('../common/fixtures'); +const key = fixtures.readKey('agent1-key.pem', 'binary'); +const cert = fixtures.readKey('agent1-cert.pem', 'binary'); +const ca = fixtures.readKey('ca1-cert.pem', 'binary'); + +const server = quic.createSocket({ port: 0, validateAddress: true }); + +server.listen({ + key, + cert, + ca, + rejectUnauthorized: false, + maxCryptoBuffer: 4096, + alpn: 'meow' +}); + +server.on('session', common.mustCall((session) => { + session.on('secure', common.mustCall((servername, alpn, cipher) => { + const stream = session.openStream({ halfOpen: false }); + stream.write('Hi!'); + stream.on('data', common.mustNotCall()); + stream.on('finish', common.mustNotCall()); + stream.on('close', common.mustNotCall()); + stream.on('end', common.mustNotCall()); + })); + + session.on('close', common.mustNotCall()); +})); + +server.on('ready', common.mustCall(() => { + const client = quic.createSocket({ + port: 0, + client: { + key, + cert, + ca, + alpn: 'meow' + } + }); + + const req = client.connect({ + address: 'localhost', + port: server.address.port + }); + + req.on('stream', common.mustCall(() => { + if (workerData.removeFromSocket) + req.removeFromSocket(); + process.exit(); + })); + + req.on('close', common.mustNotCall()); +})); + +server.on('close', common.mustNotCall()); diff --git a/test/parallel/test-quic-quicsocket.js b/test/parallel/test-quic-quicsocket.js new file mode 100644 index 0000000000..80130033aa --- /dev/null +++ b/test/parallel/test-quic-quicsocket.js @@ -0,0 +1,148 @@ +// Flags: --no-warnings +'use strict'; + +// Test QuicSocket constructor option errors. + +const common = require('../common'); +if (!common.hasQuic) + common.skip('missing quic'); + +const assert = require('assert'); + +const { createSocket } = require('quic'); + +const socket = createSocket(); +assert(socket); + +// Before listen is called, serverSecureContext is always undefined. +assert.strictEqual(socket.serverSecureContext, undefined); + +// Socket is not bound, so address should be empty +assert.deepStrictEqual(socket.address, {}); + +// Socket is not bound +assert(!socket.bound); + +// Socket is not pending +assert(!socket.pending); + +// Socket is not destroyed +assert(!socket.destroyed); + +assert.strictEqual(typeof socket.duration, 'bigint'); +assert.strictEqual(typeof socket.boundDuration, 'bigint'); +assert.strictEqual(typeof socket.listenDuration, 'bigint'); +assert.strictEqual(typeof socket.bytesReceived, 'bigint'); +assert.strictEqual(socket.bytesReceived, 0n); +assert.strictEqual(socket.bytesSent, 0n); +assert.strictEqual(socket.packetsReceived, 0n); +assert.strictEqual(socket.packetsSent, 0n); +assert.strictEqual(socket.serverSessions, 0n); +assert.strictEqual(socket.clientSessions, 0n); + +// Will throw because the QuicSocket is not bound +{ + const err = { code: 'EBADF' }; + assert.throws(() => socket.setTTL(1), err); + assert.throws(() => socket.setMulticastTTL(1), err); + assert.throws(() => socket.setBroadcast(), err); + assert.throws(() => socket.setMulticastLoopback(), err); + assert.throws(() => socket.setMulticastInterface('0.0.0.0'), err); + // assert.throws(() => socket.addMembership('127.0.0.1', '127.0.0.1'), err); + // assert.throws(() => socket.dropMembership('127.0.0.1', '127.0.0.1'), err); +} + +['test', null, {}, [], 1n, false].forEach((rx) => { + assert.throws(() => socket.setDiagnosticPacketLoss({ rx }), { + code: 'ERR_INVALID_ARG_TYPE' + }); +}); + +['test', null, {}, [], 1n, false].forEach((tx) => { + assert.throws(() => socket.setDiagnosticPacketLoss({ tx }), { + code: 'ERR_INVALID_ARG_TYPE' + }); +}); + +assert.throws(() => socket.setDiagnosticPacketLoss({ rx: -1 }), { + code: 'ERR_OUT_OF_RANGE' +}); + +assert.throws(() => socket.setDiagnosticPacketLoss({ rx: 1.1 }), { + code: 'ERR_OUT_OF_RANGE' +}); + +assert.throws(() => socket.setDiagnosticPacketLoss({ tx: -1 }), { + code: 'ERR_OUT_OF_RANGE' +}); + +assert.throws(() => socket.setDiagnosticPacketLoss({ tx: 1.1 }), { + code: 'ERR_OUT_OF_RANGE' +}); + +[1, 1n, false, [], {}, null].forEach((alpn) => { + assert.throws(() => socket.listen({ alpn }), { + code: 'ERR_INVALID_ARG_TYPE' + }); +}); + +[1, 1n, false, [], {}, null].forEach((ciphers) => { + assert.throws(() => socket.listen({ ciphers }), { + code: 'ERR_INVALID_ARG_TYPE' + }); +}); + +[1, 1n, false, [], {}, null].forEach((groups) => { + assert.throws(() => socket.listen({ groups }), { + code: 'ERR_INVALID_ARG_TYPE' + }); +}); + +socket.listen({ alpn: 'zzz' }); +assert(socket.pending); + +socket.on('ready', common.mustCall(() => { + assert(socket.bound); + + // QuicSocket is already listening. + assert.throws(() => socket.listen(), { + code: 'ERR_QUICSOCKET_LISTENING' + }); + + assert.strictEqual(typeof socket.address.address, 'string'); + assert.strictEqual(typeof socket.address.port, 'number'); + assert.strictEqual(typeof socket.address.family, 'string'); + + // On Windows, fd will always be undefined. + if (common.isWindows) + assert.strictEqual(socket.fd, undefined); + else + assert.strictEqual(typeof socket.fd, 'number'); + + socket.setTTL(1); + socket.setMulticastTTL(1); + socket.setBroadcast(); + socket.setBroadcast(true); + socket.setBroadcast(false); + [1, 'test', {}, NaN, 1n, null].forEach((i) => { + assert.throws(() => socket.setBroadcast(i), { + code: 'ERR_INVALID_ARG_TYPE' + }); + }); + + socket.setMulticastLoopback(); + socket.setMulticastLoopback(true); + socket.setMulticastLoopback(false); + [1, 'test', {}, NaN, 1n, null].forEach((i) => { + assert.throws(() => socket.setMulticastLoopback(i), { + code: 'ERR_INVALID_ARG_TYPE' + }); + }); + + socket.setMulticastInterface('0.0.0.0'); + + socket.setDiagnosticPacketLoss({ rx: 0.5, tx: 0.5 }); + + socket.destroy(); + assert(socket.destroyed); +})); diff --git a/test/parallel/test-quic-serverbusy.js b/test/parallel/test-quic-serverbusy.js new file mode 100644 index 0000000000..f97dc19ed8 --- /dev/null +++ b/test/parallel/test-quic-serverbusy.js @@ -0,0 +1,74 @@ +// Flags: --expose-internals +'use strict'; + +// Tests QUIC server busy support + +const common = require('../common'); +if (!common.hasQuic) + common.skip('missing quic'); + +const assert = require('assert'); +const fixtures = require('../common/fixtures'); +const key = fixtures.readKey('agent1-key.pem', 'binary'); +const cert = fixtures.readKey('agent1-cert.pem', 'binary'); +const ca = fixtures.readKey('ca1-cert.pem', 'binary'); + +const { debuglog } = require('util'); +const debug = debuglog('test'); + +const { createSocket } = require('quic'); + +const kServerPort = process.env.NODE_DEBUG_KEYLOG ? 5678 : 0; +const kClientPort = process.env.NODE_DEBUG_KEYLOG ? 5679 : 0; +const kALPN = 'zzz'; // ALPN can be overriden to whatever we want + +// TODO(@jasnell): Implementation of this test is not yet complete. +// Once the feature is fully implemented, this test will need to be +// revisited. + +let client; +const server = createSocket({ + port: kServerPort, + server: { key, cert, ca, alpn: kALPN } +}); + +server.on('busy', common.mustCall((busy) => { + assert.strictEqual(busy, true); +})); + +server.setServerBusy(); +server.listen(); + +server.on('session', common.mustCall((session) => { + session.on('stream', common.mustNotCall()); + session.on('close', common.mustCall()); +})); + +server.on('ready', common.mustCall(() => { + debug('Server is listening on port %d', server.address.port); + client = createSocket({ + port: kClientPort, + client: { key, cert, ca, alpn: kALPN } + }); + + client.on('close', common.mustCall()); + + const req = client.connect({ + address: 'localhost', + port: server.address.port, + }); + + // The client session is going to be destroyed before + // the handshake can complete so the secure event will + // never emit. + req.on('secure', common.mustNotCall()); + + req.on('close', common.mustCall(() => { + server.close(); + client.close(); + })); +})); + +server.on('listening', common.mustCall()); + +server.on('close', common.mustCall()); diff --git a/test/parallel/test-quic-session-destroy.js b/test/parallel/test-quic-session-destroy.js new file mode 100644 index 0000000000..bb05b6ada2 --- /dev/null +++ b/test/parallel/test-quic-session-destroy.js @@ -0,0 +1,73 @@ +'use strict'; + +// Test that destroying a QuicStream immediately and synchronously +// after creation does not crash the process and closes the streams +// abruptly on both ends of the connection. + +const common = require('../common'); +if (!common.hasQuic) + common.skip('missing quic'); + +const fs = require('fs'); +const fixtures = require('../common/fixtures'); +const key = fixtures.readKey('agent1-key.pem', 'binary'); +const cert = fixtures.readKey('agent1-cert.pem', 'binary'); +const ca = fixtures.readKey('ca1-cert.pem', 'binary'); +const { debuglog } = require('util'); +const debug = debuglog('test'); + +const { createSocket } = require('quic'); + +const kServerPort = process.env.NODE_DEBUG_KEYLOG ? 5678 : 0; +const kClientPort = process.env.NODE_DEBUG_KEYLOG ? 5679 : 0; + +const kServerName = 'agent2'; // Intentionally the wrong servername +const kALPN = 'zzz'; // ALPN can be overriden to whatever we want + +let client; +const server = createSocket({ port: kServerPort }); + +server.listen({ key, cert, ca, alpn: kALPN }); + +server.on('session', common.mustCall((session) => { + debug('QuicServerSession Created'); + + if (process.env.NODE_DEBUG_KEYLOG) { + const kl = fs.createWriteStream(process.env.NODE_DEBUG_KEYLOG); + session.on('keylog', kl.write.bind(kl)); + } + + session.on('close', common.mustCall(() => { + client.close(); + server.close(); + })); + session.on('stream', common.mustNotCall()); + + // Prematurely destroy the session without waiting for the + // handshake to complete. + session.destroy(); +})); + +server.on('ready', common.mustCall(() => { + debug('Server is listening on port %d', server.address.port); + + client = createSocket({ + port: kClientPort, + client: { key, cert, ca, alpn: kALPN } + }); + + client.on('close', common.mustCall(() => { + debug('Client closing. Duration', client.duration); + })); + + const req = client.connect({ + address: 'localhost', + port: server.address.port, + servername: kServerName, + }); + + req.on('secure', common.mustNotCall()); + req.on('close', common.mustCall()); +})); + +server.on('listening', common.mustCall()); diff --git a/test/parallel/test-quic-simple-client-migrate.js b/test/parallel/test-quic-simple-client-migrate.js new file mode 100644 index 0000000000..630845587b --- /dev/null +++ b/test/parallel/test-quic-simple-client-migrate.js @@ -0,0 +1,118 @@ +// Flags: --expose-internals +'use strict'; + +const common = require('../common'); +if (!common.hasQuic) + common.skip('missing quic'); + +const Countdown = require('../common/countdown'); +const assert = require('assert'); +const fixtures = require('../common/fixtures'); +const key = fixtures.readKey('agent1-key.pem', 'binary'); +const cert = fixtures.readKey('agent1-cert.pem', 'binary'); +const ca = fixtures.readKey('ca1-cert.pem', 'binary'); +const { debuglog } = require('util'); +const debug = debuglog('test'); + +const { createSocket } = require('quic'); + +let client; +let client2; +const server = createSocket({ type: 'udp4', port: 0 }); +const kServerName = 'agent1'; +const kALPN = 'zzz'; + +const countdown = new Countdown(2, () => { + debug('Countdown expired. Destroying sockets'); + server.close(); + client2.close(); +}); + +server.listen({ + key, + cert, + ca, + alpn: kALPN +}); +server.on('session', common.mustCall((session) => { + debug('QuicServerSession Created'); + + session.on('stream', common.mustCall((stream) => { + debug('Bidirectional, Client-initiated stream %d received', stream.id); + stream.pipe(stream); + + const uni = session.openStream({ halfOpen: true }); + uni.end('Hello from the server'); + })); + +})); + +server.on('ready', common.mustCall(() => { + debug('Server is listening on port %d', server.address.port); + client = createSocket({ port: 0 }); + client2 = createSocket({ port: 0 }); + + const req = client.connect({ + key, + cert, + ca, + address: 'localhost', + port: server.address.port, + servername: kServerName, + alpn: kALPN, + }); + + client.on('close', () => debug('Client closing')); + + req.on('secure', common.mustCall((servername, alpn, cipher) => { + debug('QuicClientSession TLS Handshake Complete'); + + const stream = req.openStream(); + // Send some data on one connection... + stream.write('Hello '); + + // Wait just a bit, then migrate to a different + // QuicSocket and continue sending. + setTimeout(() => { + req.setSocket(client2, (err) => { + assert(!err); + debug('Client 1 port is %d', client.address.port); + debug('Client 2 port is %d', client2.address.port); + client.close(); + + stream.end('from the client'); + let data = ''; + stream.resume(); + stream.setEncoding('utf8'); + stream.on('data', (chunk) => data += chunk); + stream.on('end', common.mustCall(() => { + assert.strictEqual(data, 'Hello from the client'); + debug('Client received expected data for stream %d', stream.id); + })); + stream.on('close', common.mustCall(() => { + debug('Bidirectional, Client-initiated stream %d closed', stream.id); + countdown.dec(); + })); + debug('Bidirectional, Client-initiated stream %d opened', stream.id); + }); + }, common.platformTimeout(100)); + })); + + req.on('stream', common.mustCall((stream) => { + debug('Unidirectional, Server-initiated stream %d received', stream.id); + let data = ''; + stream.setEncoding('utf8'); + stream.on('data', (chunk) => data += chunk); + stream.on('end', common.mustCall(() => { + assert.strictEqual(data, 'Hello from the server'); + debug('Client received expected data for stream %d', stream.id); + })); + stream.on('close', common.mustCall(() => { + debug('Unidirectional, Server-initiated stream %d closed', stream.id); + countdown.dec(); + })); + })); +})); + +server.on('listening', common.mustCall()); +server.on('close', () => debug('Server closing')); diff --git a/test/parallel/test-quic-socket-close.js b/test/parallel/test-quic-socket-close.js new file mode 100644 index 0000000000..0a98805f57 --- /dev/null +++ b/test/parallel/test-quic-socket-close.js @@ -0,0 +1,30 @@ +'use strict'; + +const common = require('../common'); +if (!common.hasQuic) + common.skip('missing quic'); + +const assert = require('assert'); +const { createSocket } = require('quic'); + +const kClientPort = process.env.NODE_DEBUG_KEYLOG ? 5679 : 0; + +{ + const socket = createSocket({ + port: kClientPort, + }); + socket.close(); + assert.throws(() => socket.close(), { + code: 'ERR_QUICSOCKET_DESTROYED', + name: 'Error', + message: 'Cannot call close after a QuicSocket has been destroyed' + }); +} + +{ + const socket = createSocket({ + port: kClientPort, + }); + + socket.close(common.mustCall(() => {})); +} diff --git a/test/parallel/test-quic-stream-close-early.js b/test/parallel/test-quic-stream-close-early.js new file mode 100644 index 0000000000..ba9dbbedb1 --- /dev/null +++ b/test/parallel/test-quic-stream-close-early.js @@ -0,0 +1,141 @@ +// Flags: --expose-internals +'use strict'; + +const common = require('../common'); +if (!common.hasQuic) + common.skip('missing quic'); + +const Countdown = require('../common/countdown'); +const assert = require('assert'); +const fixtures = require('../common/fixtures'); +const key = fixtures.readKey('agent1-key.pem', 'binary'); +const cert = fixtures.readKey('agent1-cert.pem', 'binary'); +const ca = fixtures.readKey('ca1-cert.pem', 'binary'); +const { debuglog } = require('util'); +const debug = debuglog('test'); +const fs = require('fs'); + +const { createSocket } = require('quic'); + +const kServerPort = process.env.NODE_DEBUG_KEYLOG ? 5678 : 0; +const kClientPort = process.env.NODE_DEBUG_KEYLOG ? 5679 : 0; + +let client; +const server = createSocket({ port: kServerPort }); + +const kServerName = 'agent1'; +const kALPN = 'zzz'; + +const countdown = new Countdown(2, () => { + debug('Countdown expired. Destroying sockets'); + server.close(); + client.close(); +}); + +server.listen({ key, cert, ca, alpn: kALPN }); + +server.on('session', common.mustCall((session) => { + debug('QuicServerSession Created'); + + if (process.env.NODE_DEBUG_KEYLOG) { + const kl = fs.createWriteStream(process.env.NODE_DEBUG_KEYLOG); + session.on('keylog', kl.write.bind(kl)); + } + + session.on('secure', common.mustCall((servername, alpn, cipher) => { + const uni = session.openStream({ halfOpen: true }); + uni.write('hi', common.mustCall()); + uni.close(3); + + uni.on('abort', common.mustCall((code, finalSize) => { + debug('Undirectional, Server-initiated stream %d aborted', uni.id); + assert.strictEqual(code, 3); + assert.strictEqual(finalSize, 2); + })); + + uni.on('data', common.mustNotCall()); + + uni.on('end', common.mustCall(() => { + debug('Undirectional, Server-initiated stream %d ended on server', + uni.id); + })); + uni.on('close', common.mustCall(() => { + debug('Unidirectional, Server-initiated stream %d closed on server', + uni.id); + })); + uni.on('error', common.mustNotCall()); + + debug('Unidirectional, Server-initiated stream %d opened', uni.id); + })); + + session.on('stream', common.mustNotCall()); + session.on('close', common.mustCall()); +})); + +server.on('ready', common.mustCall(() => { + debug('Server is listening on port %d', server.address.port); + client = createSocket({ + port: kClientPort, + client: { key, cert, ca, alpn: kALPN } + }); + + const req = client.connect({ + address: 'localhost', + port: server.address.port, + servername: kServerName, + }); + + req.on('secure', common.mustCall((servername, alpn, cipher) => { + debug('QuicClientSession TLS Handshake Complete'); + + const stream = req.openStream(); + + // TODO(@jasnell): The close happens synchronously, before any + // data for the stream is actually flushed our to the connected + // peer. + stream.write('hello', common.mustCall()); + stream.close(1); + + // The abort event should emit because the stream closed abruptly + // before the stream was finished. + stream.on('abort', common.mustCall((code, finalSize) => { + debug('Bidirectional, Client-initated stream %d aborted', stream.id); + assert.strictEqual(code, 1); + countdown.dec(); + })); + + stream.on('end', common.mustCall(() => { + debug('Bidirectional, Client-initiated stream %d ended on client', + stream.id); + })); + + stream.on('close', common.mustCall(() => { + debug('Bidirectional, Client-initiated stream %d closed on client', + stream.id); + })); + + debug('Bidirectional, Client-initiated stream %d opened', stream.id); + })); + + req.on('stream', common.mustCall((stream) => { + debug('Unidirectional, Server-initiated stream %d received', stream.id); + stream.on('abort', common.mustNotCall()); + stream.on('data', common.mustCall((chunk) => { + assert.strictEqual(chunk.toString(), 'hi'); + })); + stream.on('end', common.mustCall(() => { + debug('Unidirectional, Server-initiated stream %d ended on client', + stream.id); + })); + stream.on('close', common.mustCall(() => { + debug('Unidirectional, Server-initiated stream %d closed on client', + stream.id); + countdown.dec(); + })); + })); + + req.on('close', common.mustCall()); +})); + +server.on('listening', common.mustCall()); +server.on('close', common.mustCall()); diff --git a/test/parallel/test-quic-stream-destroy.js b/test/parallel/test-quic-stream-destroy.js new file mode 100644 index 0000000000..e052d077af --- /dev/null +++ b/test/parallel/test-quic-stream-destroy.js @@ -0,0 +1,91 @@ +'use strict'; + +// Test that destroying a QuicStream immediately and synchronously +// after creation does not crash the process and closes the streams +// abruptly on both ends of the connection. + +const common = require('../common'); +if (!common.hasQuic) + common.skip('missing quic'); + +const assert = require('assert'); +const fs = require('fs'); +const fixtures = require('../common/fixtures'); +const key = fixtures.readKey('agent1-key.pem', 'binary'); +const cert = fixtures.readKey('agent1-cert.pem', 'binary'); +const ca = fixtures.readKey('ca1-cert.pem', 'binary'); +const { debuglog } = require('util'); +const debug = debuglog('test'); + +const { createSocket } = require('quic'); + +const kServerPort = process.env.NODE_DEBUG_KEYLOG ? 5678 : 0; +const kClientPort = process.env.NODE_DEBUG_KEYLOG ? 5679 : 0; + +const kServerName = 'agent2'; // Intentionally the wrong servername +const kALPN = 'zzz'; // ALPN can be overriden to whatever we want + +const server = createSocket({ port: kServerPort }); + +server.listen({ key, cert, ca, alpn: kALPN }); + +server.on('session', common.mustCall((session) => { + debug('QuicServerSession Created'); + + if (process.env.NODE_DEBUG_KEYLOG) { + const kl = fs.createWriteStream(process.env.NODE_DEBUG_KEYLOG); + session.on('keylog', kl.write.bind(kl)); + } + + session.on('stream', common.mustCall((stream) => { + stream.destroy(); + stream.on('close', common.mustCall()); + stream.on('error', common.mustNotCall()); + // Abort will not be called in this case because close() + // is not used. The stream is just immediately destroyed + // and no longer available for use. + stream.on('abort', common.mustNotCall()); + assert(stream.destroyed); + })); +})); + +server.on('ready', common.mustCall(() => { + debug('Server is listening on port %d', server.address.port); + + const client = createSocket({ + port: kClientPort, + client: { key, cert, ca, alpn: kALPN } + }); + + client.on('close', common.mustCall(() => { + debug('Client closing. Duration', client.duration); + })); + + const req = client.connect({ + address: 'localhost', + port: server.address.port, + servername: kServerName, + }); + + req.on('secure', common.mustCall((servername, alpn, cipher) => { + debug('QuicClientSession TLS Handshake Complete'); + + const stream = req.openStream(); + stream.write('foo'); + + stream.on('finish', common.mustNotCall()); + stream.on('data', common.mustNotCall()); + stream.on('end', common.mustCall()); + + stream.on('close', common.mustCall(() => { + debug('Stream closed on client side'); + assert(stream.destroyed); + client.close(); + server.close(); + })); + })); + + req.on('close', common.mustCall()); +})); + +server.on('listening', common.mustCall()); diff --git a/test/parallel/test-quic-stream-identifiers.js b/test/parallel/test-quic-stream-identifiers.js new file mode 100644 index 0000000000..e440109d29 --- /dev/null +++ b/test/parallel/test-quic-stream-identifiers.js @@ -0,0 +1,155 @@ +'use strict'; + +// Tests that both client and server can open +// bidirectional and unidirectional streams, +// and that the properties for each are set +// accordingly. +// +// +------+----------------------------------+ +// | ID | Stream Type | +// +------+----------------------------------+ +// | 0 | Client-Initiated, Bidirectional | +// | | | +// | 1 | Server-Initiated, Bidirectional | +// | | | +// | 2 | Client-Initiated, Unidirectional | +// | | | +// | 3 | Server-Initiated, Unidirectional | +// +------+----------------------------------+ + +const common = require('../common'); +if (!common.hasQuic) + common.skip('missing quic'); + +const Countdown = require('../common/countdown'); +const assert = require('assert'); +const fixtures = require('../common/fixtures'); +const key = fixtures.readKey('agent8-key.pem', 'binary'); +const cert = fixtures.readKey('agent8-cert.pem', 'binary'); +const { debuglog } = require('util'); +const debug = debuglog('test'); + +const { createSocket } = require('quic'); + +let client; +const server = createSocket({ type: 'udp4', port: 0 }); + +const countdown = new Countdown(4, () => { + debug('Countdown expired. Closing sockets'); + server.close(); + client.close(); +}); + +const closeHandler = common.mustCall(() => countdown.dec(), 4); + +server.listen({ key, cert, alpn: 'zzz' }); +server.on('session', common.mustCall((session) => { + debug('QuicServerSession created'); + session.on('secure', common.mustCall(() => { + debug('QuicServerSession TLS Handshake Completed.'); + const uni = session.openStream({ halfOpen: true }); + uni.end('test'); + debug('Unidirectional, Server-initiated stream %d opened', uni.id); + + const bidi = session.openStream(); + bidi.end('test'); + bidi.resume(); + bidi.on('end', common.mustCall()); + debug('Bidirectional, Server-initiated stream %d opened', bidi.id); + + assert.strictEqual(uni.id, 3); + assert(uni.unidirectional); + assert(uni.serverInitiated); + assert(!uni.bidirectional); + assert(!uni.clientInitiated); + + assert.strictEqual(bidi.id, 1); + assert(bidi.bidirectional); + assert(bidi.serverInitiated); + assert(!bidi.unidirectional); + assert(!bidi.clientInitiated); + })); + + session.on('stream', common.mustCall((stream) => { + assert(stream.clientInitiated); + assert(!stream.serverInitiated); + switch (stream.id) { + case 0: + debug('Bidirectional, Client-initiated stream %d received', stream.id); + assert(stream.bidirectional); + assert(!stream.unidirectional); + stream.end('test'); + break; + case 2: + debug('Unidirectional, Client-initiated stream %d receieved', + stream.id); + assert(stream.unidirectional); + assert(!stream.bidirectional); + break; + } + stream.resume(); + stream.on('end', common.mustCall()); + }, 2)); +})); + +server.on('ready', common.mustCall(() => { + debug('Server listening on port %d', server.address.port); + client = createSocket({ type: 'udp4', port: 0 }); + const req = client.connect({ + type: 'udp4', + address: 'localhost', + port: server.address.port, + rejectUnauthorized: false, + maxStreamsUni: 10, + alpn: 'zzz', + }); + + req.on('secure', common.mustCall(() => { + debug('QuicClientSession TLS Handshake Completed'); + const bidi = req.openStream(); + bidi.end('test'); + bidi.resume(); + bidi.on('close', closeHandler); + assert.strictEqual(bidi.id, 0); + debug('Bidirectional, Client-initiated stream %d opened', bidi.id); + + assert(bidi.clientInitiated); + assert(bidi.bidirectional); + assert(!bidi.serverInitiated); + assert(!bidi.unidirectional); + + const uni = req.openStream({ halfOpen: true }); + uni.end('test'); + uni.on('close', closeHandler); + assert.strictEqual(uni.id, 2); + debug('Unidirectional, Client-initiated stream %d opened', uni.id); + + assert(uni.clientInitiated); + assert(!uni.bidirectional); + assert(!uni.serverInitiated); + assert(uni.unidirectional); + })); + + req.on('stream', common.mustCall((stream) => { + assert(stream.serverInitiated); + assert(!stream.clientInitiated); + switch (stream.id) { + case 1: + debug('Bidirectional, Server-initiated stream %d received', stream.id); + assert(!stream.unidirectional); + assert(stream.bidirectional); + stream.end(); + break; + case 3: + debug('Unidirectional, Server-initiated stream %d received', stream.id); + assert(stream.unidirectional); + assert(!stream.bidirectional); + } + stream.resume(); + stream.on('end', common.mustCall()); + stream.on('close', closeHandler); + }, 2)); + +})); + +server.on('listening', common.mustCall()); diff --git a/test/sequential/test-async-wrap-getasyncid.js b/test/sequential/test-async-wrap-getasyncid.js index 7e9f77cd7a..5b000f5116 100644 --- a/test/sequential/test-async-wrap-getasyncid.js +++ b/test/sequential/test-async-wrap-getasyncid.js @@ -45,6 +45,11 @@ const { getSystemErrorName } = require('util'); delete providers.STREAMPIPE; delete providers.MESSAGEPORT; delete providers.WORKER; + // TODO(danbev): Test for these + delete providers.QUICCLIENTSESSION; + delete providers.QUICSERVERSESSION; + delete providers.QUICSOCKET; + delete providers.QUICSTREAM; if (!common.isMainThread) delete providers.INSPECTORJSBINDING; delete providers.KEYPAIRGENREQUEST; diff --git a/tools/doc/type-parser.js b/tools/doc/type-parser.js index ef4499e50f..664fe48f58 100644 --- a/tools/doc/type-parser.js +++ b/tools/doc/type-parser.js @@ -117,6 +117,9 @@ const customTypesMap = { 'perf_hooks.html#perf_hooks_class_performanceobserver', 'PerformanceObserverEntryList': 'perf_hooks.html#perf_hooks_class_performanceobserverentrylist', + 'QuicSession': 'quic_class_quicserversession_extends_quicsession', + 'QuicSocket': 'quic.html#quic_quic_createsocket_options', + 'QuicStream': 'quic_class_quicstream_extends_stream_duplex', 'readline.Interface': 'readline.html#readline_class_interface', diff --git a/vcbuild.bat b/vcbuild.bat index 1e142a658b..7dbc038397 100644 --- a/vcbuild.bat +++ b/vcbuild.bat @@ -69,6 +69,7 @@ set openssl_no_asm= set doc= set extra_msbuild_args= set exit_code=0 +set experimental_quic= :next-arg if "%1"=="" goto args-done @@ -146,6 +147,7 @@ if /i "%1"=="cctest" set cctest=1&goto arg-ok if /i "%1"=="openssl-no-asm" set openssl_no_asm=1&goto arg-ok if /i "%1"=="doc" set doc=1&goto arg-ok if /i "%1"=="binlog" set extra_msbuild_args=/binaryLogger:%config%\node.binlog&goto arg-ok +if /i "%1"=="experimental-quic" set experimental_quic=1&goto arg-ok echo Error: invalid command line option `%1`. exit /b 1 @@ -199,6 +201,7 @@ if defined config_flags set configure_flags=%configure_flags% %config_flags% if defined target_arch set configure_flags=%configure_flags% --dest-cpu=%target_arch% if defined openssl_no_asm set configure_flags=%configure_flags% --openssl-no-asm if defined DEBUG_HELPER set configure_flags=%configure_flags% --verbose +if defined experimental_quic set configure_flags=%configure_flags% --experimental-quic if "%target_arch%"=="x86" if "%PROCESSOR_ARCHITECTURE%"=="AMD64" set configure_flags=%configure_flags% --no-cross-compiling if not exist "%~dp0deps\icu" goto no-depsicu @@ -704,7 +707,7 @@ del .used_configure_flags goto exit :help -echo vcbuild.bat [debug/release] [msi] [doc] [test/test-all/test-addons/test-js-native-api/test-node-api/test-benchmark/test-internet/test-pummel/test-simple/test-message/test-tick-processor/test-known-issues/test-node-inspect/test-check-deopts/test-npm/test-async-hooks/test-v8/test-v8-intl/test-v8-benchmarks/test-v8-all] [ignore-flaky] [static/dll] [noprojgen] [projgen] [small-icu/full-icu/without-intl] [nobuild] [nosnapshot] [noetw] [ltcg] [licensetf] [sign] [ia32/x86/x64/arm64] [vs2017] [download-all] [enable-vtune] [lint/lint-ci/lint-js/lint-js-ci/lint-md] [lint-md-build] [package] [build-release] [upload] [no-NODE-OPTIONS] [link-module path-to-module] [debug-http2] [debug-nghttp2] [clean] [cctest] [no-cctest] [openssl-no-asm] +echo vcbuild.bat [debug/release] [msi] [doc] [test/test-all/test-addons/test-js-native-api/test-node-api/test-benchmark/test-internet/test-pummel/test-simple/test-message/test-tick-processor/test-known-issues/test-node-inspect/test-check-deopts/test-npm/test-async-hooks/test-v8/test-v8-intl/test-v8-benchmarks/test-v8-all] [ignore-flaky] [static/dll] [noprojgen] [projgen] [small-icu/full-icu/without-intl] [nobuild] [nosnapshot] [noetw] [ltcg] [licensetf] [sign] [ia32/x86/x64/arm64] [vs2017] [download-all] [enable-vtune] [lint/lint-ci/lint-js/lint-js-ci/lint-md] [lint-md-build] [package] [build-release] [upload] [no-NODE-OPTIONS] [link-module path-to-module] [debug-http2] [debug-nghttp2] [clean] [cctest] [no-cctest] [openssl-no-asm] [experimental-quic] echo Examples: echo vcbuild.bat : builds release build echo vcbuild.bat debug : builds debug build From fd87b2f92c8bb0d87b282ed455163a5b83140cfc Mon Sep 17 00:00:00 2001 From: James M Snell Date: Fri, 1 Feb 2019 15:41:08 -0800 Subject: [PATCH 005/110] deps: Add interface required to implement QUIC draft-17 Ported from https://github.com/tatsuhiro-t/openssl/commit/920a331423f69f14b4871e35b476ea4fd573993a PR-URL: https://github.com/nodejs/quic/pull/6 Reviewed-By: Daniel Bevenius --- deps/openssl/openssl/include/openssl/ssl.h | 19 +++ .../openssl/openssl/ssl/record/rec_layer_s3.c | 136 ++++++++++++++++++ deps/openssl/openssl/ssl/s3_msg.c | 13 +- deps/openssl/openssl/ssl/ssl_lib.c | 10 ++ deps/openssl/openssl/ssl/ssl_locl.h | 3 + deps/openssl/openssl/ssl/tls13_enc.c | 50 +++++++ deps/openssl/openssl/util/libssl.num | 1 + 7 files changed, 229 insertions(+), 3 deletions(-) diff --git a/deps/openssl/openssl/include/openssl/ssl.h b/deps/openssl/openssl/include/openssl/ssl.h index 6724ccf2d2..2a536b01ca 100644 --- a/deps/openssl/openssl/include/openssl/ssl.h +++ b/deps/openssl/openssl/include/openssl/ssl.h @@ -507,6 +507,11 @@ typedef int (*SSL_verify_cb)(int preverify_ok, X509_STORE_CTX *x509_ctx); */ # define SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG 0x00000400U +/* + * Support QUIC Hack + */ +# define SSL_MODE_QUIC_HACK 0x00000800U + /* Cert related flags */ /* * Many implementations ignore some aspects of the TLS standards such as @@ -634,6 +639,20 @@ void SSL_set_msg_callback(SSL *ssl, # define SSL_CTX_set_msg_callback_arg(ctx, arg) SSL_CTX_ctrl((ctx), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg)) # define SSL_set_msg_callback_arg(ssl, arg) SSL_ctrl((ssl), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg)) +typedef enum { + SSL_KEY_CLIENT_EARLY_TRAFFIC, + SSL_KEY_CLIENT_HANDSHAKE_TRAFFIC, + SSL_KEY_CLIENT_APPLICATION_TRAFFIC, + SSL_KEY_SERVER_HANDSHAKE_TRAFFIC, + SSL_KEY_SERVER_APPLICATION_TRAFFIC +} OSSL_KEY_TYPE; + +void SSL_set_key_callback(SSL *ssl, + int (*cb)(SSL *ssl, int name, + const unsigned char *secret, + size_t secretlen, void *arg), + void *arg); + # define SSL_get_extms_support(s) \ SSL_ctrl((s),SSL_CTRL_GET_EXTMS_SUPPORT,0,NULL) diff --git a/deps/openssl/openssl/ssl/record/rec_layer_s3.c b/deps/openssl/openssl/ssl/record/rec_layer_s3.c index 982a06089c..6d55303dd5 100644 --- a/deps/openssl/openssl/ssl/record/rec_layer_s3.c +++ b/deps/openssl/openssl/ssl/record/rec_layer_s3.c @@ -10,6 +10,7 @@ #include #include #include +#include #include "../ssl_locl.h" #include #include @@ -347,6 +348,22 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, size_t len, int i; size_t tmpwrit; + if (s->mode & SSL_MODE_QUIC_HACK) { + /* If we have an alert to send, lets send it */ + if (s->s3->alert_dispatch) { + i = s->method->ssl_dispatch_alert(s); + if (i <= 0) { + /* SSLfatal() already called if appropriate */ + return i; + } + } + + s->rwstate = SSL_WRITING; + *written = len; + + return 1; + } + s->rwstate = SSL_NOTHING; tot = s->rlayer.wnum; /* @@ -667,6 +684,10 @@ int do_ssl3_write(SSL *s, int type, const unsigned char *buf, size_t totlen = 0, len, wpinited = 0; size_t j; + if (s->mode & SSL_MODE_QUIC_HACK) { + assert(0); + } + for (j = 0; j < numpipes; j++) totlen += pipelens[j]; /* @@ -1131,6 +1152,10 @@ int ssl3_write_pending(SSL *s, int type, const unsigned char *buf, size_t len, size_t currbuf = 0; size_t tmpwrit = 0; + if (s->mode & SSL_MODE_QUIC_HACK) { + assert(0); + } + if ((s->rlayer.wpend_tot > len) || (!(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER) && (s->rlayer.wpend_buf != buf)) @@ -1234,6 +1259,117 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, } } + if (s->mode & SSL_MODE_QUIC_HACK) { + /* In QUIC, we only expect handshake protocol. Alerts are + notified by decicated API function. */ + if (!ossl_statem_get_in_handshake(s)) { + /* We found handshake data, so we're going back into init */ + ossl_statem_set_in_init(s, 1); + + i = s->handshake_func(s); + /* SSLfatal() already called if appropriate */ + if (i < 0) + return i; + if (i == 0) { + return -1; + } + *readbytes = 0; + return 1; + } + + if (s->rlayer.packet_length == 0) { + if (rbuf->left < 4) { + if (rbuf->len - rbuf->offset < 4 - rbuf->left) { + memmove(rbuf->buf, rbuf->buf + rbuf->offset - rbuf->left, + rbuf->left); + rbuf->offset = rbuf->left; + } + s->rwstate = SSL_READING; + /* TODO(size_t): Convert this function */ + ret = BIO_read(s->rbio, rbuf->buf + rbuf->offset, + rbuf->len - rbuf->offset); + if (ret < 0) { + return -1; + } + /* TODO Check this is really ok */ + if (ret == 0) { + *readbytes = 0; + return 1; + } + + rbuf->left += ret; + rbuf->offset += ret; + + if (rbuf->left < 4) { + *readbytes = 0; + return 1; + } + rbuf->offset -= rbuf->left; + } + + switch (rbuf->buf[rbuf->offset]) { + case SSL3_MT_CLIENT_HELLO: + case SSL3_MT_SERVER_HELLO: + case SSL3_MT_NEWSESSION_TICKET: + case SSL3_MT_END_OF_EARLY_DATA: + case SSL3_MT_ENCRYPTED_EXTENSIONS: + case SSL3_MT_CERTIFICATE: + case SSL3_MT_CERTIFICATE_REQUEST: + case SSL3_MT_CERTIFICATE_VERIFY: + case SSL3_MT_FINISHED: + case SSL3_MT_KEY_UPDATE: + case SSL3_MT_MESSAGE_HASH: + break; + default: + SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_READ_BYTES, + ERR_R_INTERNAL_ERROR); + return -1; + } + + s->rlayer.packet_length = (rbuf->buf[rbuf->offset + 1] << 16) + + (rbuf->buf[rbuf->offset + 2] << 8) + + rbuf->buf[rbuf->offset + 3] + 4; + } + + if (s->rlayer.packet_length) { + size_t n; + + n = len < s->rlayer.packet_length ? len : s->rlayer.packet_length; + if (rbuf->left == 0) { + s->rwstate = SSL_READING; + ret = BIO_read(s->rbio, buf, n); + if (ret >= 0) { + s->rlayer.packet_length -= ret; + *readbytes = ret; + if (recvd_type) { + *recvd_type = SSL3_RT_HANDSHAKE; + } + return 1; + } + return -1; + } + + n = n < rbuf->left ? n : rbuf->left; + + memcpy(buf, rbuf->buf + rbuf->offset, n); + rbuf->offset += n; + rbuf->left -= n; + s->rlayer.packet_length -= n; + if (rbuf->left == 0) { + rbuf->offset = 0; + } + *readbytes = n; + if (recvd_type) { + *recvd_type = SSL3_RT_HANDSHAKE; + } + return 1; + } + + SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_READ_BYTES, + ERR_R_INTERNAL_ERROR); + return -1; + } + if ((type && (type != SSL3_RT_APPLICATION_DATA) && (type != SSL3_RT_HANDSHAKE)) || (peek && (type != diff --git a/deps/openssl/openssl/ssl/s3_msg.c b/deps/openssl/openssl/ssl/s3_msg.c index 42382547fb..14e030d8db 100644 --- a/deps/openssl/openssl/ssl/s3_msg.c +++ b/deps/openssl/openssl/ssl/s3_msg.c @@ -74,9 +74,16 @@ int ssl3_dispatch_alert(SSL *s) size_t written; s->s3->alert_dispatch = 0; - alertlen = 2; - i = do_ssl3_write(s, SSL3_RT_ALERT, &s->s3->send_alert[0], &alertlen, 1, 0, - &written); + + if (!(s->mode & SSL_MODE_QUIC_HACK)) { + alertlen = 2; + i = do_ssl3_write(s, SSL3_RT_ALERT, &s->s3->send_alert[0], &alertlen, 1, + 0, &written); + } else { + s->rwstate = SSL_WRITING; + i = 1; + } + if (i <= 0) { s->s3->alert_dispatch = 1; } else { diff --git a/deps/openssl/openssl/ssl/ssl_lib.c b/deps/openssl/openssl/ssl/ssl_lib.c index ac820cf9fe..3879b59a4b 100644 --- a/deps/openssl/openssl/ssl/ssl_lib.c +++ b/deps/openssl/openssl/ssl/ssl_lib.c @@ -4327,6 +4327,16 @@ void SSL_set_msg_callback(SSL *ssl, SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb); } +void SSL_set_key_callback(SSL *ssl, + int (*cb)(SSL *ssl, int name, + const unsigned char *secret, + size_t secretlen, void *arg), + void *arg) +{ + ssl->key_callback = cb; + ssl->key_callback_arg = arg; +} + void SSL_CTX_set_not_resumable_session_callback(SSL_CTX *ctx, int (*cb) (SSL *ssl, int diff --git a/deps/openssl/openssl/ssl/ssl_locl.h b/deps/openssl/openssl/ssl/ssl_locl.h index 25875c9f6d..7c5e24c960 100644 --- a/deps/openssl/openssl/ssl/ssl_locl.h +++ b/deps/openssl/openssl/ssl/ssl_locl.h @@ -1125,6 +1125,9 @@ struct ssl_st { void (*msg_callback) (int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg); void *msg_callback_arg; + int (*key_callback)(SSL *ssl, int name, const unsigned char *secret, + size_t secretlen, void *arg); + void *key_callback_arg; int hit; /* reusing a previous session */ X509_VERIFY_PARAM *param; /* Per connection DANE state */ diff --git a/deps/openssl/openssl/ssl/tls13_enc.c b/deps/openssl/openssl/ssl/tls13_enc.c index b5f57a02f7..098c46cb1f 100644 --- a/deps/openssl/openssl/ssl/tls13_enc.c +++ b/deps/openssl/openssl/ssl/tls13_enc.c @@ -671,6 +671,56 @@ int tls13_change_cipher_state(SSL *s, int which) goto err; } + if (s->key_callback) { + int type; + if (label == client_early_traffic) { + type = SSL_KEY_CLIENT_EARLY_TRAFFIC; + } else if (label == client_handshake_traffic) { + type = SSL_KEY_CLIENT_HANDSHAKE_TRAFFIC; + } else if (label == client_application_traffic) { + type = SSL_KEY_CLIENT_APPLICATION_TRAFFIC; + } else if (label == server_handshake_traffic) { + type = SSL_KEY_SERVER_HANDSHAKE_TRAFFIC; + } else if (label == server_application_traffic) { + type = SSL_KEY_SERVER_APPLICATION_TRAFFIC; + } else { + SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS13_CHANGE_CIPHER_STATE, + ERR_R_INTERNAL_ERROR); + goto err; + } + if (!s->key_callback(s, type, secret, hashlen, s->key_callback_arg)) { + SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS13_CHANGE_CIPHER_STATE, + ERR_R_INTERNAL_ERROR); + goto err; + } + + if (s->server) { + switch (type) { + case SSL_KEY_CLIENT_HANDSHAKE_TRAFFIC: + case SSL_KEY_CLIENT_APPLICATION_TRAFFIC: + if (s->rlayer.rbuf.left) { + SSLfatal(s, SSL_AD_INTERNAL_ERROR, + SSL_F_TLS13_CHANGE_CIPHER_STATE, + ERR_R_INTERNAL_ERROR); + goto err; + } + break; + } + } else { + switch (type) { + case SSL_KEY_SERVER_HANDSHAKE_TRAFFIC: + case SSL_KEY_SERVER_APPLICATION_TRAFFIC: + if (s->rlayer.rbuf.left) { + SSLfatal(s, SSL_AD_INTERNAL_ERROR, + SSL_F_TLS13_CHANGE_CIPHER_STATE, + ERR_R_INTERNAL_ERROR); + goto err; + } + break; + } + } + } + if (label == server_application_traffic) { memcpy(s->server_app_traffic_secret, secret, hashlen); /* Now we create the exporter master secret */ diff --git a/deps/openssl/openssl/util/libssl.num b/deps/openssl/openssl/util/libssl.num index 297522c363..a07b2f5bbf 100644 --- a/deps/openssl/openssl/util/libssl.num +++ b/deps/openssl/openssl/util/libssl.num @@ -498,3 +498,4 @@ SSL_CTX_get_recv_max_early_data 498 1_1_1 EXIST::FUNCTION: SSL_CTX_set_recv_max_early_data 499 1_1_1 EXIST::FUNCTION: SSL_CTX_set_post_handshake_auth 500 1_1_1 EXIST::FUNCTION: SSL_get_signature_type_nid 501 1_1_1a EXIST::FUNCTION: +SSL_set_key_callback 502 3_0_0 EXIST::FUNCTION: From b26804b665f1e6752e81bbfe928c092926c68d54 Mon Sep 17 00:00:00 2001 From: James M Snell Date: Fri, 1 Feb 2019 15:45:42 -0800 Subject: [PATCH 006/110] deps: Remove EOED when SSL_MODE_QUIC_HACK is enabled Ported from https://github.com/tatsuhiro-t/openssl/commit/920a331423f69f14b4871e35b476ea4fd573993a PR-URL: https://github.com/nodejs/quic/pull/6 Reviewed-By: Daniel Bevenius --- deps/openssl/openssl/ssl/ssl_lib.c | 6 ++++++ deps/openssl/openssl/ssl/statem/statem_clnt.c | 3 ++- deps/openssl/openssl/ssl/statem/statem_srvr.c | 12 +++++++++++- 3 files changed, 19 insertions(+), 2 deletions(-) diff --git a/deps/openssl/openssl/ssl/ssl_lib.c b/deps/openssl/openssl/ssl/ssl_lib.c index 3879b59a4b..e4a68af961 100644 --- a/deps/openssl/openssl/ssl/ssl_lib.c +++ b/deps/openssl/openssl/ssl/ssl_lib.c @@ -1816,6 +1816,12 @@ int SSL_read_early_data(SSL *s, void *buf, size_t num, size_t *readbytes) ret = SSL_accept(s); if (ret <= 0) { /* NBIO or error */ + if ((s->mode & SSL_MODE_QUIC_HACK) + && s->ext.early_data == SSL_EARLY_DATA_ACCEPTED) { + *readbytes = 0; + return SSL_READ_EARLY_DATA_FINISH; + } + s->early_data_state = SSL_EARLY_DATA_ACCEPT_RETRY; return SSL_READ_EARLY_DATA_ERROR; } diff --git a/deps/openssl/openssl/ssl/statem/statem_clnt.c b/deps/openssl/openssl/ssl/statem/statem_clnt.c index 6410414fb6..8df77b28e1 100644 --- a/deps/openssl/openssl/ssl/statem/statem_clnt.c +++ b/deps/openssl/openssl/ssl/statem/statem_clnt.c @@ -450,7 +450,8 @@ static WRITE_TRAN ossl_statem_client13_write_transition(SSL *s) return WRITE_TRAN_CONTINUE; case TLS_ST_PENDING_EARLY_DATA_END: - if (s->ext.early_data == SSL_EARLY_DATA_ACCEPTED) { + if (!(s->mode & SSL_MODE_QUIC_HACK) + && s->ext.early_data == SSL_EARLY_DATA_ACCEPTED) { st->hand_state = TLS_ST_CW_END_OF_EARLY_DATA; return WRITE_TRAN_CONTINUE; } diff --git a/deps/openssl/openssl/ssl/statem/statem_srvr.c b/deps/openssl/openssl/ssl/statem/statem_srvr.c index 8cf9c40d15..ddc67864c0 100644 --- a/deps/openssl/openssl/ssl/statem/statem_srvr.c +++ b/deps/openssl/openssl/ssl/statem/statem_srvr.c @@ -57,7 +57,8 @@ static int ossl_statem_server13_read_transition(SSL *s, int mt) return 1; } break; - } else if (s->ext.early_data == SSL_EARLY_DATA_ACCEPTED) { + } else if (!(s->mode & SSL_MODE_QUIC_HACK) + && s->ext.early_data == SSL_EARLY_DATA_ACCEPTED) { if (mt == SSL3_MT_END_OF_EARLY_DATA) { st->hand_state = TLS_ST_SR_END_OF_EARLY_DATA; return 1; @@ -939,6 +940,15 @@ WORK_STATE ossl_statem_server_post_work(SSL *s, WORK_STATE wst) SSL3_CC_APPLICATION | SSL3_CHANGE_CIPHER_SERVER_WRITE)) /* SSLfatal() already called */ return WORK_ERROR; + + if ((s->mode & SSL_MODE_QUIC_HACK) + && s->ext.early_data == SSL_EARLY_DATA_ACCEPTED) { + s->early_data_state = SSL_EARLY_DATA_FINISHED_READING; + if (!s->method->ssl3_enc->change_cipher_state( + s, SSL3_CC_HANDSHAKE | SSL3_CHANGE_CIPHER_SERVER_READ)) + /* SSLfatal() already called */ + return WORK_ERROR; + } } break; From 455f96554a4366fc174007e249418758d3458314 Mon Sep 17 00:00:00 2001 From: Anna Henningsen Date: Tue, 1 Oct 2019 20:17:36 +0200 Subject: [PATCH 007/110] quic: support memory tracking Fixes: https://github.com/nodejs/quic/issues/59 PR-URL: https://github.com/nodejs/quic/pull/145 Reviewed-By: James M Snell --- src/node_quic_session.cc | 28 ++++++ src/node_quic_session.h | 8 +- src/node_quic_socket.cc | 8 +- src/node_quic_stream.cc | 8 ++ src/node_quic_stream.h | 4 +- src/node_quic_util.h | 8 +- test/pummel/test-heapdump-quic.js | 144 ++++++++++++++++++++++++++++++ 7 files changed, 200 insertions(+), 8 deletions(-) create mode 100644 test/pummel/test-heapdump-quic.js diff --git a/src/node_quic_session.cc b/src/node_quic_session.cc index cb23f47d88..41472d974f 100644 --- a/src/node_quic_session.cc +++ b/src/node_quic_session.cc @@ -1883,6 +1883,24 @@ bool QuicSession::UpdateKey() { &crypto_ctx_); } +void QuicSession::MemoryInfo(MemoryTracker* tracker) const { + tracker->TrackField("alpn", alpn_); + tracker->TrackField("idle", idle_); + tracker->TrackField("retransmit", retransmit_); + tracker->TrackField("rx_secret", rx_secret_); + tracker->TrackField("tx_secret", tx_secret_); + tracker->TrackField("sendbuf", sendbuf_); + tracker->TrackField("handshake", handshake_); + tracker->TrackField("txbuf", txbuf_); + tracker->TrackField("peer_handshake", peer_handshake_); + tracker->TrackField("streams", streams_); + tracker->TrackField("state", state_); + tracker->TrackField("crypto_rx_ack", crypto_rx_ack_); + tracker->TrackField("crypto_handshake_rate", crypto_handshake_rate_); + tracker->TrackField("stats_buffer", stats_buffer_); + tracker->TrackField("recovery_stats_buffer", recovery_stats_buffer_); + tracker->TrackFieldWithSize("current_ngtcp2_memory", current_ngtcp2_memory_); +} // QuicServerSession QuicServerSession::InitialPacketResult QuicServerSession::Accept( @@ -2376,6 +2394,11 @@ int QuicServerSession::VerifyPeerIdentity(const char* hostname) { return VerifyPeerCertificate(ssl()); } +void QuicServerSession::MemoryInfo(MemoryTracker* tracker) const { + QuicSession::MemoryInfo(tracker); + tracker->TrackField("conn_closebuf", conn_closebuf_); + tracker->TrackField("ocsp_response", ocsp_response_); +} // QuicClientSession @@ -2888,6 +2911,11 @@ int QuicClientSession::VerifyPeerIdentity(const char* hostname) { return 0; } +void QuicClientSession::MemoryInfo(MemoryTracker* tracker) const { + QuicSession::MemoryInfo(tracker); + tracker->TrackField("hostname", hostname_); +} + // Static ngtcp2 callbacks are registered when ngtcp2 when a new ngtcp2_conn is // created. These are static functions that, for the most part, simply defer to // a QuicSession instance that is passed through as user_data. diff --git a/src/node_quic_session.h b/src/node_quic_session.h index ec317bf5e0..b79cfce0c0 100644 --- a/src/node_quic_session.h +++ b/src/node_quic_session.h @@ -364,6 +364,8 @@ class QuicSession : public AsyncWrap, QuicSession* session_; }; + void MemoryInfo(MemoryTracker* tracker) const override; + private: // Returns true if the QuicSession has entered the // closing period following a call to ImmediateClose. @@ -1063,7 +1065,8 @@ class QuicServerSession : public QuicSession { const ngtcp2_cid* rcid() const { return &rcid_; } ngtcp2_cid* pscid() { return &pscid_; } - void MemoryInfo(MemoryTracker* tracker) const override {} + void MemoryInfo(MemoryTracker* tracker) const override; + SET_MEMORY_INFO_NAME(QuicServerSession) SET_SELF_SIZE(QuicServerSession) @@ -1168,7 +1171,8 @@ class QuicClientSession : public QuicSession { bool SendConnectionClose() override; - void MemoryInfo(MemoryTracker* tracker) const override {} + void MemoryInfo(MemoryTracker* tracker) const override; + SET_MEMORY_INFO_NAME(QuicClientSession) SET_SELF_SIZE(QuicClientSession) diff --git a/src/node_quic_socket.cc b/src/node_quic_socket.cc index f7d808df26..b6e7af6904 100644 --- a/src/node_quic_socket.cc +++ b/src/node_quic_socket.cc @@ -120,7 +120,13 @@ QuicSocket::~QuicSocket() { } void QuicSocket::MemoryInfo(MemoryTracker* tracker) const { - // TODO(@jasnell): Implement memory tracking information + tracker->TrackField("sessions", sessions_); + tracker->TrackField("dcid_to_scid", dcid_to_scid_); + tracker->TrackFieldWithSize("addr_counts", + addr_counts_.size() * (sizeof(sockaddr*) + sizeof(size_t))); + tracker->TrackField("validated_addrs", validated_addrs_); + tracker->TrackField("stats_buffer", stats_buffer_); + tracker->TrackFieldWithSize("current_ngtcp2_memory", current_ngtcp2_memory_); } void QuicSocket::AddSession( diff --git a/src/node_quic_stream.cc b/src/node_quic_stream.cc index dd6c2574a4..fa6df71669 100644 --- a/src/node_quic_stream.cc +++ b/src/node_quic_stream.cc @@ -379,6 +379,14 @@ BaseObjectPtr QuicStream::New( return stream; } +void QuicStream::MemoryInfo(MemoryTracker* tracker) const { + tracker->TrackField("buffer", &streambuf_); + tracker->TrackField("data_rx_rate", data_rx_rate_); + tracker->TrackField("data_rx_size", data_rx_size_); + tracker->TrackField("data_rx_ack", data_rx_ack_); + tracker->TrackField("stats_buffer", stats_buffer_); +} + // JavaScript API namespace { void QuicStreamGetID(const FunctionCallbackInfo& args) { diff --git a/src/node_quic_stream.h b/src/node_quic_stream.h index 3fbe524638..c67cee3890 100644 --- a/src/node_quic_stream.h +++ b/src/node_quic_stream.h @@ -296,9 +296,7 @@ class QuicStream : public AsyncWrap, public StreamBase { AsyncWrap* GetAsyncWrap() override { return this; } - void MemoryInfo(MemoryTracker* tracker) const override { - tracker->TrackField("buffer", &streambuf_); - } + void MemoryInfo(MemoryTracker* tracker) const override; SET_MEMORY_INFO_NAME(QuicStream) SET_SELF_SIZE(QuicStream) diff --git a/src/node_quic_util.h b/src/node_quic_util.h index cb3ae0866e..b8acc86bc2 100644 --- a/src/node_quic_util.h +++ b/src/node_quic_util.h @@ -384,7 +384,7 @@ void IncrementStat( // Simple timer wrapper that is used to implement the internals // for idle and retransmission timeouts. Call Update to start or // reset the timer; Stop to halt the timer. -class Timer { +class Timer final : public MemoryRetainer { public: explicit Timer(Environment* env, std::function fn) : stopped_(false), @@ -395,7 +395,7 @@ class Timer { env->AddCleanupHook(CleanupHook, this); } - ~Timer() { + ~Timer() override { env_->RemoveCleanupHook(CleanupHook, this); } @@ -423,6 +423,10 @@ class Timer { static void Free(Timer* timer); + SET_NO_MEMORY_INFO() + SET_MEMORY_INFO_NAME(Timer) + SET_SELF_SIZE(Timer) + private: static void OnTimeout(uv_timer_t* timer); static void CleanupHook(void* data); diff --git a/test/pummel/test-heapdump-quic.js b/test/pummel/test-heapdump-quic.js new file mode 100644 index 0000000000..a3305091d7 --- /dev/null +++ b/test/pummel/test-heapdump-quic.js @@ -0,0 +1,144 @@ +// Flags: --expose-internals +'use strict'; +const common = require('../common'); +if (!common.hasQuic) + common.skip('missing quic'); + +const quic = require('quic'); + +const { recordState } = require('../common/heap'); +const fixtures = require('../common/fixtures'); +const key = fixtures.readKey('agent1-key.pem', 'binary'); +const cert = fixtures.readKey('agent1-cert.pem', 'binary'); +const ca = fixtures.readKey('ca1-cert.pem', 'binary'); + +{ + const state = recordState(); + state.validateSnapshotNodes('Node / QuicStream', []); + state.validateSnapshotNodes('Node / QuicSession', []); + state.validateSnapshotNodes('Node / QuicSocket', []); +} + +const server = quic.createSocket({ port: 0, validateAddress: true }); + +server.listen({ + key, + cert, + ca, + rejectUnauthorized: false, + maxCryptoBuffer: 4096, + alpn: 'meow' +}); + +server.on('session', common.mustCall((session) => { + session.on('secure', common.mustCall((servername, alpn, cipher) => { + // eslint-disable-next-line no-unused-vars + const stream = session.openStream({ halfOpen: false }); + + const state = recordState(); + + state.validateSnapshotNodes('Node / QuicSocket', [ + { + children: [ + { node_name: 'QuicSocket', edge_name: 'wrapped' }, + { node_name: 'BigUint64Array', edge_name: 'stats_buffer' }, + { node_name: 'Node / sessions', edge_name: 'sessions' }, + { node_name: 'Node / dcid_to_scid', edge_name: 'dcid_to_scid' }, + ] + } + ], { loose: true }); + + state.validateSnapshotNodes('Node / QuicStream', [ + { + children: [ + { node_name: 'QuicStream', edge_name: 'wrapped' }, + { node_name: 'BigUint64Array', edge_name: 'stats_buffer' }, + { node_name: 'Node / QuicBuffer', edge_name: 'buffer' }, + { node_name: 'Node / HistogramBase', edge_name: 'data_rx_rate' }, + { node_name: 'Node / HistogramBase', edge_name: 'data_rx_size' }, + { node_name: 'Node / HistogramBase', edge_name: 'data_rx_ack' } + ] + } + ], { loose: true }); + + state.validateSnapshotNodes('Node / QuicBuffer', [ + { + children: [ + { node_name: 'Node / length', edge_name: 'length' } + ] + } + ], { loose: true }); + + state.validateSnapshotNodes('Node / QuicServerSession', [ + { + children: [ + { node_name: 'QuicServerSession', edge_name: 'wrapped' }, + { node_name: 'Node / rx_secret', edge_name: 'rx_secret' }, + { node_name: 'Node / tx_secret', edge_name: 'tx_secret' }, + { node_name: 'Node / HistogramBase', edge_name: 'crypto_rx_ack' }, + { node_name: 'Node / HistogramBase', + edge_name: 'crypto_handshake_rate' }, + { node_name: 'Node / Timer', edge_name: 'retransmit' }, + { node_name: 'Node / Timer', edge_name: 'idle' }, + { node_name: 'Node / QuicBuffer', edge_name: 'sendbuf' }, + { node_name: 'Node / QuicBuffer', edge_name: 'txbuf' }, + { node_name: 'Node / peer_handshake', edge_name: 'peer_handshake' }, + { node_name: 'Float64Array', edge_name: 'recovery_stats_buffer' }, + { node_name: 'BigUint64Array', edge_name: 'stats_buffer' }, + { node_name: 'Node / current_ngtcp2_memory', + edge_name: 'current_ngtcp2_memory' }, + { node_name: 'Node / streams', edge_name: 'streams' }, + { node_name: 'Node / QuicBuffer', edge_name: 'handshake' }, + { node_name: 'Node / std::basic_string', edge_name: 'alpn' }, + { node_name: 'Float64Array', edge_name: 'state' }, + ] + } + ], { loose: true }); + + state.validateSnapshotNodes('Node / QuicClientSession', [ + { + children: [ + { node_name: 'QuicClientSession', edge_name: 'wrapped' }, + { node_name: 'Node / rx_secret', edge_name: 'rx_secret' }, + { node_name: 'Node / tx_secret', edge_name: 'tx_secret' }, + { node_name: 'Node / HistogramBase', edge_name: 'crypto_rx_ack' }, + { node_name: 'Node / HistogramBase', + edge_name: 'crypto_handshake_rate' }, + { node_name: 'Node / Timer', edge_name: 'retransmit' }, + { node_name: 'Node / Timer', edge_name: 'idle' }, + { node_name: 'Node / QuicBuffer', edge_name: 'sendbuf' }, + { node_name: 'Node / QuicBuffer', edge_name: 'txbuf' }, + { node_name: 'Node / peer_handshake', edge_name: 'peer_handshake' }, + { node_name: 'Float64Array', edge_name: 'recovery_stats_buffer' }, + { node_name: 'BigUint64Array', edge_name: 'stats_buffer' }, + { node_name: 'Node / current_ngtcp2_memory', + edge_name: 'current_ngtcp2_memory' }, + { node_name: 'Node / QuicBuffer', edge_name: 'handshake' }, + { node_name: 'Node / std::basic_string', edge_name: 'alpn' }, + { node_name: 'Node / std::basic_string', edge_name: 'hostname' }, + { node_name: 'Float64Array', edge_name: 'state' }, + ] + } + ], { loose: true }); + + session.destroy(); + server.close(); + })); +})); + +server.on('ready', common.mustCall(() => { + const client = quic.createSocket({ + port: 0, + client: { + key, + cert, + ca, + alpn: 'meow' + } + }); + + client.connect({ + address: 'localhost', + port: server.address.port + }).on('close', common.mustCall(() => client.close())); +})); From acadf023c6b04eedc678b8ce9e1e9a0656d5e1ad Mon Sep 17 00:00:00 2001 From: Daniel Bevenius Date: Thu, 3 Oct 2019 09:30:54 +0200 Subject: [PATCH 008/110] doc: fix lint issues in quic.md PR-URL: https://github.com/nodejs/quic/pull/147 Reviewed-By: James M Snell Reviewed-By: Trivikram Kamat --- doc/api/quic.md | 7 ------- 1 file changed, 7 deletions(-) diff --git a/doc/api/quic.md b/doc/api/quic.md index a8410c168b..80a45709f6 100644 --- a/doc/api/quic.md +++ b/doc/api/quic.md @@ -113,7 +113,6 @@ added: REPLACEME Emitted immediately before the `'close'` event if the `QuicSession` was destroyed with an error. - ### Event: `'keylog'` - ## Class: QuicStream extends stream.Duplex + +* `fd` {number|FileHandle} A readable file descriptor. +* `options` {Object} + * `offset` {number} The offset position at which to begin reading. + Default: `-1`. + * `length` {number} The amount of data from the fd to send. + Default: `-1`. + +Instead of using a `Quicstream` as a writable stream, send data from a given file +descriptor. + +If `offset` is set to a non-negative number, reading starts from that position +and the file offset will not be advanced. +If `length` is set to a non-negative number, it gives the maximum number of +bytes that are read from the file. + +The file descriptor or `FileHandle` is not closed when the stream is closed, +so it will need to be closed manually once it is no longer needed. +Using the same file descriptor concurrently for multiple streams +is not supported and may result in data loss. Re-using a file descriptor +after a stream has finished is supported. + +### quicstream.sendFile(path[, options]) + + +* `path` {string|Buffer|URL} +* `options` {Object} + * `onError` {Function} Callback function invoked in the case of an + error before send. + * `offset` {number} The offset position at which to begin reading. + Default: `-1`. + * `length` {number} The amount of data from the fd to send. + Default: `-1`. + +Instead of using a `QuicStream` as a writable stream, send data from a given file +path. + +The `options.onError` callback will be called if the file could not be opened. +If `offset` is set to a non-negative number, reading starts from that position. +If `length` is set to a non-negative number, it gives the maximum number of +bytes that are read from the file. + ### quicstream.unidirectional -Emitted when the `QuicStream` is close abruptly before the readable +Emitted when the `QuicStream` is closed abruptly before the readable or writable side has closed naturally. The callback is invoked with two arguments: @@ -1040,6 +1040,9 @@ The callback is invoked with two arguments: added: REPLACEME --> +Emitted when the `QuicStream` has is completely closed and the underlying +resources have been freed. + ### Event: `'data'` +### Event: `'informationalHeaders'` + + +Emitted when the `QuicStream` has received a block of informational headers. + +Support for headers depends entirely on the QUIC Application used as identified +by the `alpn` configuration option. In QUIC Applications that support headers, +informational header blocks typically come before initial headers. + +The event handler is invoked with a single argument representing the block of +Headers as an object. + +```js +stream('informationalHeaders', (headers) => { + // Use headers +}); +``` + +### Event: `'initialHeaders'` + + +Emitted when the `QuicStream` has received a block of initial headers. + +Support for headers depends entirely on the QUIC Application used as identified +by the `alpn` configuration option. HTTP/3, for instance, supports two kinds of +initial headers: request headers for HTTP request messages and response headers +for HTTP response messages. For HTTP/3 QUIC streams, request and response +headers are each emitted using the `'initialHeaders'` event. + +The event handler is invoked with a single argument representing the block of +Headers as an object. + +```js +stream('initialHeaders', (headers) => { + // Use headers +}); +``` + +### Event: `'trailingHeaders'` + + +Emitted when the `QuicStream` has received a block of trailing headers. + +Support for headers depends entirely on the QUIC Application used as identified +by the `alpn` configuration option. Trailing headers typically follow any data +transmitted on the `QuicStream`, and therefore typically emit sometime after the +last `'data'` event but before the `'close'` event. The precise timing may +vary from one QUIC application to another. + +The event handler is invoked with a single argument representing the block of +Headers as an object. + +```js +stream('trailingHeaders', (headers) => { + // Use headers +}); +``` + ### Event: `'readable'` + +Emitted when the underlying `QuicSession` has emitted its `secure` event +this stream has received its id, which is accessible as `stream.id` once this +event is emitted. + ### Event: `'trailingHeaders'` + +* {boolean} + +This property is `true` if the underlying session is not finished yet, +i.e. before the `'ready'` event is emitted. + ### quicstream.serverInitiated + +* `jsonChunk` {string} A JSON fragment. + +Emitted if the `qlog: true` option was passed to `quicsocket.connect()` or +`quic.createSocket()` functions. + +The argument is a JSON fragment according to the [qlog standard][]. + ### Event: `'secure'` @@ -69,7 +253,7 @@ added: REPLACEME using `quicsocket.connect()`. * `lookup` {Function} A custom DNS lookup function. Default `dns.lookup()`. * `maxConnectionsPerHost` {number} The maximum number of inbound connections - per remote host. Default: `100`. + allowed per remote host. Default: `100`. * `port` {number} The local port to bind to. * `qlog` {boolean} Whether to emit ['qlog'][] events for incoming sessions. (For outgoing client sessions, set `client.qlog`.) Default: `false`. @@ -88,9 +272,10 @@ added: REPLACEME `false`. * `ipv6Only` {boolean} -Creates a new `QuicSocket` instance. +The `quic.createSocket()` function is used to create new `QuicSocket` instances +associated with a local UDP address. -## Class: QuicSession exends EventEmitter +### Class: QuicSession exends EventEmitter @@ -101,14 +286,14 @@ properties that are shared by both `QuicClientSession` and `QuicServerSession`. Users will not create instances of `QuicSession` directly. -### Event: `'close'` +#### Event: `'close'` -Emiitted after the `QuicSession` has been destroyed. +Emiitted after the `QuicSession` has been destroyed and is no longer usable. -### Event: `'error'` +#### Event: `'error'`d @@ -116,7 +301,11 @@ added: REPLACEME Emitted immediately before the `'close'` event if the `QuicSession` was destroyed with an error. -### Event: `'keylog'` +The callback will be invoked with a single argument: + +* `error` {Object} An `Error` object. + +#### Event: `'keylog'` @@ -139,7 +328,7 @@ const log = fs.createWriteStream('/tmp/ssl-keys.log', { flags: 'a' }); session.on('keylog', (line) => log.write(line)); ``` -### Event: `'pathValidation'` +#### Event: `'pathValidation'` @@ -155,7 +344,7 @@ The callback will be invoked with three arguments: * `local` {Object} The local address component of the tested path. * `remote` {Object} The remote address component of the tested path. -### Event: `'qlog'` +#### Event: `'qlog'` @@ -167,7 +356,7 @@ Emitted if the `qlog: true` option was passed to `quicsocket.connect()` or The argument is a JSON fragment according to the [qlog standard][]. -### Event: `'secure'` +#### Event: `'secure'` @@ -185,14 +374,39 @@ The callback will be invoked with two arguments: These will also be available using the `quicsession.servername`, `quicsession.alpnProtocol`, and `quicsession.cipher` properties. -### Event: `'stream'` +#### Event: `'stream'` Emitted when a new `QuicStream` has been initiated by the connected peer. -### quicsession.alpnProtocol +#### quicsession.ackDelayRetransmitCount + + +* Type: {BigInt} + +A `BigInt` representing the number of retranmissions caused by delayed +acknowledgements. + +#### quicsession.address + + +* Type: {Object} + * `address` {string} The local IPv4 or IPv6 address to which the `QuicSession` + is bound. + * `family` {string} Either `'IPv4'` or `'IPv6'`. + * `port` {number} The local IP port to which the `QuicSocket` is bound. + +An object containing the local address information for the `QuicSocket` to which +the `QuicSession` is currently associated. + + +#### quicsession.alpnProtocol @@ -201,7 +415,61 @@ added: REPLACEME The ALPN protocol identifier negotiated for this session. -### quicsession.cipher +#### quicsession.authenticated + +* Type: {boolean} + +True if the certificate provided by the peer during the TLS 1.3 +handshake has been verified. + +#### quicsession.authenticationError + +* Type: {Object} An error object + +If `quicsession.authenticated` is false, returns an `Error` object +representing the reason the peer certificate verification failed. + +#### quicsession.bidiStreamCount + + +* Type: {BigInt} + +A `BigInt` representing the total number of bidirectional streams +created for this `QuicSession`. + +#### quicsession.bytesInFlight + + +* Type: {number} + +The total number of unacknoledged bytes this QUIC endpoint has tramitted +to the connected peer. + +#### quicsession.bytesReceived + + +* Type: {BigInt} + +A `BigInt` representing the total number of bytes received from the peer. + +#### quicsession.bytesSent + + +* Type: {BigInt} + +A `BigInt` representing the total number of bytes sent to the peer. + +#### quicsession.cipher @@ -212,7 +480,7 @@ added: REPLACEME Information about the cipher algorithm selected for the session. -### quicsession.close([callback]) +#### quicsession.close([callback]) @@ -224,7 +492,17 @@ will be permitted to close naturally. New `QuicStream` instances will not be permitted. Once all `QuicStream` instances have closed, the `QuicSession` instance will be destroyed. -### quicsession.closing +#### quicsession.closeCode + +* Type: {Object} + * `code` {number} The error code reported when the `QuicSession` closed. + * `family` {number} The type of error code reported (`0` indicates a QUIC + protocol level error, `1` indicates a TLS error, `2` represents an + application level error.) + +#### quicsession.closing @@ -233,7 +511,7 @@ added: REPLACEME Set to `true` if the `QuicSession` is in the process of a graceful shutdown. -### quicsession.destroy([error]) +#### quicsession.destroy([error]) @@ -246,7 +524,7 @@ before the `close` event. Any `QuicStream` instances that are still opened will be abruptly closed. -### quicsession.destroyed +#### quicsession.destroyed @@ -255,7 +533,16 @@ added: REPLACEME Set to `true` if the `QuicSession` has been destroyed. -### quicsession.getCertificate() +#### quicsession.duration + + +* Type: {BigInt} + +A `BigInt` representing the length of time the `QuicSession` was active. + +#### quicsession.getCertificate() @@ -268,7 +555,7 @@ some properties corresponding to the fields of the certificate. If there is no local certificate, or if the `QuicSession` has been destroyed, an empty object will be returned. -### quicsession.getPeerCertificate([detailed]) +#### quicsession.getPeerCertificate([detailed]) @@ -285,7 +572,21 @@ If the full certificate chain was requested (`details` equals `true`), each certificate will include an `issuerCertificate` property containing an object representing the issuer's certificate. -### quicsession.handshakeComplete +#### quicsession.handshakeAckHistogram + + +TBD + +#### quicsession.handshakeContinuationHistogram + + +TBD + +#### quicsession.handshakeComplete @@ -294,7 +595,65 @@ added: REPLACEME Set to `true` if the TLS handshake has completed. -### quicsession.maxStreams +#### quicsession.handshakeDuration + + +* Type: {BigInt} + +A `BigInt` representing the length of time taken to complete the TLS handshake. + +#### quicsession.keyUpdateCount + + +* Type: {BigInt} + +A `BigInt` representing the number of key update operations that have +occured. + +#### quicsession.latestRTT + + +* Type: {BigInt} + +The most recently recorded RTT for this `QuicSession`. + +#### quicsession.lossRetransmitCount + + +* Type: {BigInt} + +A `BigInt` representing the number of lost-packet retranmissions that have been +performed on this `QuicSession`. + +#### quicsession.maxDataLeft + + +* Type: {Number} + +The total number of bytes the `QuicSession` is *currently* allowed to +send to the connected peer. + +#### quicsession.maxInFlightBytes + + +* Type: {BigInt} + +A `BigInt` representing the maximum number of in flight bytes recorded +for this `QuicSession`. + +#### quicsession.maxStreams @@ -308,7 +667,16 @@ that can currently be opened. The values are set initially by configuration parameters when the `QuicSession` is created, then updated over the lifespan of the `QuicSession` as the connected peer allows new streams to be created. -### quicsession.openStream([options]) +#### quicsession.minRTT + + +* Type: {BigInt} + +The minimum RTT recorded so far for this `QuicSession`. + +#### quicsession.openStream([options]) @@ -323,7 +691,7 @@ Returns a new `QuicStream`. An error will be thrown if the `QuicSession` has been destroyed or is in the process of a graceful shutdown. -### quicsession.ping() +#### quicsession.ping() @@ -336,7 +704,40 @@ that ignores any errors that may occur during the serialization and send operations. There is no return value and there is no way to monitor the status of the `ping()` operation. -### quicsession.servername +#### quicsession.peerInitiatedStreamCount + + +* Type: {BigInt} + +A `BigInt` representing the total number of `QuicStreams` initated by the +connected peer. + +#### quicsession.remoteAddress + + +* Type: {Object} + * `address` {string} The local IPv4 or IPv6 address to which the `QuicSession` + is connected. + * `family` {string} Either `'IPv4'` or `'IPv6'`. + * `port` {number} The local IP port to which the `QuicSocket` is bound. + +An object containing the remote address information for the connected peer. + +#### quicsession.selfInitiatedStreamCount + + +* Type: {BigInt} + +A `BigInt` representing the total number of `QuicStream` instances initiated +by this `QuicSession`. + +#### quicsession.servername @@ -345,7 +746,16 @@ added: REPLACEME The SNI servername requested for this session by the client. -### quicsession.socket +#### quicsession.smoothedRTT + + +* Type: {BigInt} + +The modified RTT calculated for this `QuicSession`. + +#### quicsession.socket @@ -354,7 +764,26 @@ added: REPLACEME The `QuicSocket` the `QuicSession` is associated with. -### quicsession.updateKey() +#### quicsession.statelessReset + + +* Type: {Boolean} + +True if the `QuicSession` was closed due to QUIC stateless reset. + +#### quicsession.uniStreamCount + + +* Type: {BigInt} + +A `BigInt` representing the total number of unidirectional streams +created on this `QuicSession`. + +#### quicsession.updateKey() @@ -364,7 +793,7 @@ added: REPLACEME Initiates QuicSession key update. -## Class: QuicClientSession extends QuicSession +### Class: QuicClientSession extends QuicSession @@ -374,7 +803,7 @@ added: REPLACEME The `QuicClientSession` class implements the client side of a QUIC connection. Instances are created using the `quicsocket.connect()` method. -### Event: `'OCSPResponse'` +#### Event: `'OCSPResponse'` @@ -389,7 +818,7 @@ The callback is invoked with a single argument: Node.js does not perform any automatic validation or processing of the response. -### Event: `'sessionTicket'` +#### Event: `'sessionTicket'` @@ -406,7 +835,7 @@ three arguments: The `sessionTicket` and `remoteTransportParams` are useful when creating a new `QuicClientSession` to more quickly resume an existing session. -### quicclientsession.ephemeralKeyInfo +#### quicclientsession.ephemeralKeyInfo @@ -421,7 +850,7 @@ empty object when the key exchange is not ephemeral. The supported types are For example: `{ type: 'ECDH', name: 'prime256v1', size: 256 }`. -### quicclientsession.ready +#### quicclientsession.ready @@ -431,7 +860,7 @@ added: REPLACEME Set to `true` if the `QuicClientSession` is ready for use. False if the `QuicSocket` has not yet been bound. -### quicclientsession.setSocket(socket, callback]) +#### quicclientsession.setSocket(socket, callback]) @@ -446,7 +875,7 @@ to attempting the migration. If the `QuicClientSession` is not yet ready to migrate, the callback will be invoked with an `Error` using the code `ERR_QUICCLIENTSESSION_FAILED_SETSOCKET`. -## Class: QuicServerSession extends QuicSession +### Class: QuicServerSession extends QuicSession @@ -457,7 +886,7 @@ The `QuicServerSession` class implements the server side of a QUIC connection. Instances are created internally and are emitted using the `QuicSocket` `'session'` event. -### Event: `'clientHello'` +#### Event: `'clientHello'` @@ -477,7 +906,7 @@ The callback is invoked with four arguments: * `callback` {Function} A callback function that must be called in order for the TLS handshake to continue. -### Event: `'OCSPRequest'` +#### Event: `'OCSPRequest'` @@ -493,7 +922,17 @@ The callback is invoked with three arguments: The callback *must* be invoked in order for the TLS handshake to continue. -## Class: QuicSocket +#### quicserversession.addContext(servername[, context]) + + +* `servername` {String} A DNS name to associate with the given context. +* `context` {Object} A TLS SecureContext to associate with the `servername`. + +TBD + +### Class: QuicSocket @@ -504,14 +943,14 @@ method. Once created, a `QuicSocket` can be configured to work as both a client and a server. -### Event: `'close'` +#### Event: `'close'` Emitted after the `QuicSocket` has been destroyed and is no longer usable. -### Event: `'error'` +#### Event: `'error'` @@ -519,21 +958,21 @@ added: REPLACEME Emitted before the `'close'` event if the `QuicSocket` was destroyed with an `error`. -### Event: `'ready'` +#### Event: `'ready'` Emitted once the `QuicSocket` has been bound to a local UDP port. -### Event: `'session'` +#### Event: `'session'` Emitted when a new `QuicServerSession` has been created. -### quicsocket.addMembership(address, iface) +#### quicsocket.addMembership(address, iface) @@ -548,7 +987,7 @@ choose one interface and will add membership to it. To add membership to every available interface, call `quicsocket.addMembership()` multiple times, once per interface. -### quicsocket.address +#### quicsocket.address @@ -566,7 +1005,7 @@ The object will contain the properties: If the `QuicSocket` is not bound, `quicsocket.address` is an empty object. -### quicsocket.bound +#### quicsocket.bound @@ -576,7 +1015,7 @@ added: REPLACEME Will be `true` if the `QuicSocket` has been successfully bound to the local UDP port. -### quicsocket.close([callback]) +#### quicsocket.close([callback]) @@ -587,7 +1026,7 @@ Gracefully closes the `QuicSocket`. Existing `QuicSession` instances will be permitted to close naturally. New `QuicClientSession` and `QuicServerSession` instances will not be allowed. -### quicsocket.connect([options]) +#### quicsocket.connect([options]) @@ -713,7 +1152,7 @@ Create a new `QuicClientSession`. This function can be called multiple times to create sessions associated with different endpoints on the same client endpoint. -### quicsocket.destroy([error]) +#### quicsocket.destroy([error]) @@ -723,7 +1162,7 @@ added: REPLACEME Destroys the `QuicSocket` then emits the `'close'` event when done. The `'error'` event will be emitted after `'close'` if the `error` is not `undefined`. -### quicsocket.destroyed +#### quicsocket.destroyed @@ -732,7 +1171,7 @@ added: REPLACEME Will be `true` if the `QuicSocket` has been destroyed. -### quicsocket.dropMembership(address, iface) +#### quicsocket.dropMembership(address, iface) @@ -748,7 +1187,7 @@ never have reason to call this. If `multicastInterface` is not specified, the operating system will attempt to drop membership on all valid interfaces. -### quicsocket.fd +#### quicsocket.fd @@ -758,7 +1197,7 @@ added: REPLACEME The system file descriptor the `QuicSocket` is bound to. This property is not set on Windows. -### quicsocket.listen([options][, callback]) +#### quicsocket.listen([options][, callback]) @@ -869,7 +1308,7 @@ Listen for new peer-initiated sessions. If a `callback` is given, it is registered as a handler for the `'session'` event. -### quicsocket.pending +#### quicsocket.pending @@ -878,12 +1317,12 @@ added: REPLACEME Set to `true` if the socket is not yet bound to the local UDP port. -### quicsocket.ref() +#### quicsocket.ref() -### quicsocket.setBroadcast([on]) +#### quicsocket.setBroadcast([on]) @@ -893,7 +1332,7 @@ added: REPLACEME Sets or clears the `SO_BROADCAST` socket option. When set to `true`, UDP packets may be sent to a local interface's broadcast address. -### quicsocket.setMulticastLoopback([on]) +#### quicsocket.setMulticastLoopback([on]) @@ -903,7 +1342,7 @@ added: REPLACEME Sets or clears the `IP_MULTICAST_LOOP` socket option. When set to `true`, multicast packets will also be received on the local interface. -### quicsocket.setMulticastInterface(iface) +#### quicsocket.setMulticastInterface(iface) @@ -929,7 +1368,7 @@ also use explicit scope in addresses, so only packets sent to a multicast address without specifying an explicit scope are affected by the most recent successful use of this call. -#### Examples: IPv6 Outgoing Multicast Interface +##### Examples: IPv6 Outgoing Multicast Interface @@ -953,7 +1392,7 @@ socket.on('ready', () => { }); ``` -#### Example: IPv4 Outgoing Multicast Interface +##### Example: IPv4 Outgoing Multicast Interface @@ -967,7 +1406,7 @@ socket.on('ready', () => { }); ``` -#### Call Results +##### Call Results A call on a socket that is not ready to send or no longer open may throw a Not running Error. @@ -987,7 +1426,7 @@ A socket's address family's ANY address (IPv4 `'0.0.0.0'` or IPv6 `'::'`) can be used to return control of the sockets default outgoing interface to the system for future multicast packets. -### quicsocket.setMulticastTTL(ttl) +#### quicsocket.setMulticastTTL(ttl) @@ -1003,7 +1442,7 @@ decremented to `0` by a router, it will not be forwarded. The argument passed to `socket.setMulticastTTL()` is a number of hops between `0` and `255`. The default on most systems is `1` but can vary. -### quicsocket.setServerBusy([on]) +#### quicsocket.setServerBusy([on]) @@ -1016,7 +1455,7 @@ to reject all new incoming connection requests using the `SERVER_BUSY` QUIC error code. To begin receiving connections again, disable busy mode by calling `setServerBusy(false)`. -### quicsocket.setTTL(ttl) +#### quicsocket.setTTL(ttl) @@ -1032,19 +1471,19 @@ Changing TTL values is typically done for network probes or when multicasting. The argument to `socket.setTTL()` is a number of hops between `1` and `255`. The default on most systems is `64` but can vary. -### quicsocket.unref(); +#### quicsocket.unref(); -## Class: QuicStream extends stream.Duplex +### Class: QuicStream extends stream.Duplex * Extends: {stream.Duplex} -### Event: `'abort'` +#### Event: `'abort'` @@ -1058,7 +1497,7 @@ The callback is invoked with two arguments: * `finalSize` {number} The total number of bytes received by the `QuicStream` as of the moment the stream was closed. -### Event: `'close'` +#### Event: `'close'` @@ -1066,22 +1505,22 @@ added: REPLACEME Emitted when the `QuicStream` has is completely closed and the underlying resources have been freed. -### Event: `'data'` +#### Event: `'data'` -### Event: `'end'` +#### Event: `'end'` -### Event: `'error'` +#### Event: `'error'` -### Event: `'informationalHeaders'` +#### Event: `'informationalHeaders'` @@ -1101,7 +1540,7 @@ stream('informationalHeaders', (headers) => { }); ``` -### Event: `'initialHeaders'` +#### Event: `'initialHeaders'` @@ -1123,7 +1562,7 @@ stream('initialHeaders', (headers) => { }); ``` -### Event: `'ready'` +#### Event: `'ready'` @@ -1132,7 +1571,7 @@ Emitted when the underlying `QuicSession` has emitted its `secure` event this stream has received its id, which is accessible as `stream.id` once this event is emitted. -### Event: `'trailingHeaders'` +#### Event: `'trailingHeaders'` @@ -1154,12 +1593,20 @@ stream('trailingHeaders', (headers) => { }); ``` -### Event: `'readable'` +#### Event: `'readable'` -### quicstream.bidirectional +#### quicstream.aborted + +* Type: {boolean} + +True if dataflow on the `QuicStream` was prematured terminated. + +#### quicstream.bidirectional @@ -1168,7 +1615,7 @@ added: REPLACEME Set to `true` if the `QuicStream` is bidirectional. -### quicstream.clientInitiated +#### quicstream.clientInitiated @@ -1178,7 +1625,36 @@ added: REPLACEME Set to `true` if the `QuicStream` was initiated by a `QuicClientSession` instance. -### quicstream.id +#### quicstream.close(code) + + +* `code` {number} + +Closes the `QuicStream`. + +#### quicstream.dataAckHistogram + + +TBD + +#### quicstream.dataRateHistogram + + +TBD + +#### quicstream.dataSizeHistogram + +TBD + +#### quicstream.id @@ -1187,7 +1663,7 @@ added: REPLACEME The numeric identifier of the `QuicStream`. -### quicstream.pending +#### quicstream.pending @@ -1197,7 +1673,7 @@ added: REPLACEME This property is `true` if the underlying session is not finished yet, i.e. before the `'ready'` event is emitted. -### quicstream.serverInitiated +#### quicstream.serverInitiated @@ -1207,7 +1683,7 @@ added: REPLACEME Set to `true` if the `QuicStream` was initiated by a `QuicServerSession` instance. -### quicstream.session +#### quicstream.session @@ -1216,7 +1692,7 @@ added: REPLACEME The `QuicServerSession` or `QuicClientSession`. -### quicstream.sendFD(fd[, options]) +#### quicstream.sendFD(fd[, options]) @@ -1242,7 +1718,7 @@ Using the same file descriptor concurrently for multiple streams is not supported and may result in data loss. Re-using a file descriptor after a stream has finished is supported. -### quicstream.sendFile(path[, options]) +#### quicstream.sendFile(path[, options]) @@ -1264,7 +1740,31 @@ If `offset` is set to a non-negative number, reading starts from that position. If `length` is set to a non-negative number, it gives the maximum number of bytes that are read from the file. -### quicstream.unidirectional +#### quicstream.submitInformationalHeaders(headers) + +* {headers} {Object} + +TBD + +#### quicstream.submitInitialHeaders(headers) + +* {headers} {Object} + +TBD + +#### quicstream.submitTrailingHeaders(headers) + +* {headers} {Object} + +TBD + +#### quicstream.unidirectional From 046a0d0970e45ca4b268e544b40f7ccaebea5cc6 Mon Sep 17 00:00:00 2001 From: James M Snell Date: Tue, 3 Dec 2019 17:56:04 -0800 Subject: [PATCH 092/110] quic: address multiple nits PR-URL: https://github.com/nodejs/quic/pull/207 Reviewed-By: https://github.com/nodejs/quic/pull/207 --- doc/api/quic.md | 16 ++++++++-------- src/node_quic_session.cc | 2 +- src/node_quic_session.h | 4 +++- src/node_sockaddr-inl.h | 4 ++-- 4 files changed, 14 insertions(+), 12 deletions(-) diff --git a/doc/api/quic.md b/doc/api/quic.md index 09bd518847..d8a65e7910 100644 --- a/doc/api/quic.md +++ b/doc/api/quic.md @@ -58,7 +58,7 @@ socket.on('listening', () => { ## QUIC Basics -QUIC is a UDP-based network transport protocol that includes built in security +QUIC is a UDP-based network transport protocol that includes built-in security via TLS 1.3, flow control, error correction, connection migration, multiplexing, and more. @@ -388,7 +388,7 @@ added: REPLACEME * Type: {BigInt} -A `BigInt` representing the number of retranmissions caused by delayed +A `BigInt` representing the number of retransmissions caused by delayed acknowledgements. #### quicsession.address @@ -448,7 +448,7 @@ added: REPLACEME * Type: {number} -The total number of unacknoledged bytes this QUIC endpoint has tramitted +The total number of unacknowledged bytes this QUIC endpoint has transmitted to the connected peer. #### quicsession.bytesReceived @@ -630,7 +630,7 @@ added: REPLACEME * Type: {BigInt} -A `BigInt` representing the number of lost-packet retranmissions that have been +A `BigInt` representing the number of lost-packet retransmissions that have been performed on this `QuicSession`. #### quicsession.maxDataLeft @@ -650,7 +650,7 @@ added: REPLACEME * Type: {BigInt} -A `BigInt` representing the maximum number of in flight bytes recorded +A `BigInt` representing the maximum number of in-flight bytes recorded for this `QuicSession`. #### quicsession.maxStreams @@ -711,7 +711,7 @@ added: REPLACEME * Type: {BigInt} -A `BigInt` representing the total number of `QuicStreams` initated by the +A `BigInt` representing the total number of `QuicStreams` initiated by the connected peer. #### quicsession.remoteAddress @@ -928,7 +928,7 @@ added: REPLACEME --> * `servername` {String} A DNS name to associate with the given context. -* `context` {Object} A TLS SecureContext to associate with the `servername`. +* `context` {tls.SecureContext} A TLS SecureContext to associate with the `servername`. TBD @@ -1604,7 +1604,7 @@ added: REPLACEME --> * Type: {boolean} -True if dataflow on the `QuicStream` was prematured terminated. +True if dataflow on the `QuicStream` was prematurely terminated. #### quicstream.bidirectional + +* Type: {BigInt} + +A `BigInt` representing the total number of times the `QuicSession` has +been blocked from sending stream data due to flow control. + +Such blocks indicate that transmitted stream data is not being consumed +quickly enough by the connected peer. + #### quicsession.bytesInFlight + +* Type: {BigInt} + +A `BigInt` representing the total number of bytes received for this +`QuicStream`. + +#### quicstream.bytesSent + + +* Type: {BigInt} + +A `BigInt` representing the total number of bytes sent by this +`QuicStream`. + #### quicstream.clientInitiated TBD +#### quicstream.duration + + +* Type: {BigInt} + +A `BigInt` representing the length of time the `QuicStream` has been active. + #### quicstream.id + +* Type: {BigInt} + +A `BigInt` representing the maximum extended data offset that has been +reported to the connected peer. + #### quicstream.pending + +* Type: {BigInt} + +A `BitInt` representing the length of time this `QuicSocket` has been bound +to a local port. + +#### quicsocket.bytesReceived + + +* Type: {BigInt} + +A `BitInt` representing the number of bytes received by this `QuicSocket`. + +#### quicsocket.bytesSent + + +* Type: {BigInt} + +A `BitInt` representing the number of bytes sent by this `QuicSocket`. + +#### quicsocket.clientSessions + + +* Type: {BigInt} + +A `BitInt` representing the number of client `QuicSession` instances that +have been associated with this `QuicSocket`. + #### quicsocket.close([callback]) + +* Type: {BigInt} + +A `BitInt` representing the length of time this `QuicSocket` has been active, + #### quicsocket.fd + +* Type: {BigInt} + +A `BitInt` representing the length of time this `QuicSocket` has been listening +for connections. + +#### quicsocket.packetsIgnored + + +* Type: {BigInt} + +A `BitInt` representing the number of packets received by this `QuicSocket` that +have been ignored. + +#### quicsocket.packetsReceived + + +* Type: {BigInt} + +A `BitInt` representing the number of packets successfully received by this +`QuicSocket`. + +#### quicsocket.packetsSent + + +* Type: {BigInt} + +A `BitInt` representing the number of packets sent by this `QuicSocket`. + #### quicsocket.pending + +* Type: {BigInt} + +A `BitInt` representing the number of server `QuicSession` instances that +have been associated with this `QuicSocket`. + +#### quicsocket.setDiagnosticPacketLoss(options) + + +* `options` {Object} + * `rx` {double} A value in the range `0.0` to `1.0` that specifies the + probability of received packet loss. + * `tx` {double} A value in the range `0.0` to `1.0` that specifies the + probability of transmitted packet loss. + +The `quicsocket.setDiagnosticPacketLoss()` method is a diagnostic only tool +that can be used to *simulate* packet loss conditions for this `QuicSocket` +by artificially dropping received or transmitted packets. + +This method is *not* to be used in production applications. + #### quicsocket.setMulticastLoopback([on]) + +* Type: {BigInt} + +A `BigInt` that represents the number of stateless resets that have been sent. + #### quicsocket.unref(); -* Type: {Number} +* Type: {number} The total number of bytes the `QuicSession` is *currently* allowed to send to the connected peer. @@ -781,7 +781,7 @@ The `QuicSocket` the `QuicSession` is associated with. added: REPLACEME --> -* Type: {Boolean} +* Type: {boolean} True if the `QuicSession` was closed due to QUIC stateless reset. @@ -939,7 +939,7 @@ The callback *must* be invoked in order for the TLS handshake to continue. added: REPLACEME --> -* `servername` {String} A DNS name to associate with the given context. +* `servername` {string} A DNS name to associate with the given context. * `context` {tls.SecureContext} A TLS SecureContext to associate with the `servername`. TBD @@ -1441,14 +1441,14 @@ A `BitInt` representing the number of server `QuicSession` instances that have been associated with this `QuicSocket`. #### quicsocket.setDiagnosticPacketLoss(options) - * `options` {Object} - * `rx` {double} A value in the range `0.0` to `1.0` that specifies the + * `rx` {number} A value in the range `0.0` to `1.0` that specifies the probability of received packet loss. - * `tx` {double} A value in the range `0.0` to `1.0` that specifies the + * `tx` {number} A value in the range `0.0` to `1.0` that specifies the probability of transmitted packet loss. The `quicsocket.setDiagnosticPacketLoss()` method is a diagnostic only tool @@ -1917,7 +1917,7 @@ bytes that are read from the file. -* {headers} {Object} +* `headers` {Object} TBD @@ -1925,7 +1925,7 @@ TBD -* {headers} {Object} +* `headers` {Object} TBD @@ -1933,7 +1933,7 @@ TBD -* {headers} {Object} +* `headers` {Object} TBD diff --git a/tools/doc/type-parser.js b/tools/doc/type-parser.js index 664fe48f58..a21c92b5c9 100644 --- a/tools/doc/type-parser.js +++ b/tools/doc/type-parser.js @@ -15,8 +15,8 @@ const jsPrimitives = { const jsGlobalObjectsUrl = `${jsDocPrefix}Reference/Global_Objects/`; const jsGlobalTypes = [ - 'Array', 'ArrayBuffer', 'ArrayBufferView', 'DataView', 'Date', 'Error', - 'EvalError', 'Function', 'Map', 'Object', 'Promise', 'RangeError', + 'Array', 'ArrayBuffer', 'ArrayBufferView', 'BigInt', 'DataView', 'Date', + 'Error', 'EvalError', 'Function', 'Map', 'Object', 'Promise', 'RangeError', 'ReferenceError', 'RegExp', 'Set', 'SharedArrayBuffer', 'SyntaxError', 'TypeError', 'TypedArray', 'URIError', 'Uint8Array', 'WebAssembly.Instance', ]; From 3bd75b5f9a34547296e386a2875819fe4aecc9ca Mon Sep 17 00:00:00 2001 From: Daniel Bevenius Date: Tue, 10 Dec 2019 13:09:46 +0100 Subject: [PATCH 109/110] src: fix lint-cpp issues PR-URL: https://github.com/nodejs/quic/pull/224 Reviewed-By: Anna Henningsen --- src/node_crypto.cc | 1 - src/node_crypto_common.cc | 1 - src/node_quic_crypto.cc | 3 --- src/node_quic_http3_application.cc | 3 +-- src/node_quic_session.cc | 1 - src/node_quic_socket.cc | 3 +-- src/node_quic_stream.cc | 5 ++--- src/node_quic_stream.h | 2 +- src/node_quic_util.h | 2 +- src/node_sockaddr-inl.h | 2 -- 10 files changed, 6 insertions(+), 17 deletions(-) diff --git a/src/node_crypto.cc b/src/node_crypto.cc index 34f44a522d..9ffadf0619 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc @@ -32,7 +32,6 @@ #include "tls_wrap.h" // TLSWrap #include "async_wrap-inl.h" -#include "base_object-inl.h" #include "env-inl.h" #include "memory_tracker-inl.h" #include "string_bytes.h" diff --git a/src/node_crypto_common.cc b/src/node_crypto_common.cc index 7ad1337ae8..e2fed6d680 100644 --- a/src/node_crypto_common.cc +++ b/src/node_crypto_common.cc @@ -18,7 +18,6 @@ namespace node { using v8::Array; using v8::Context; using v8::Integer; -using v8::Isolate; using v8::Local; using v8::Object; using v8::Value; diff --git a/src/node_quic_crypto.cc b/src/node_quic_crypto.cc index b3cd484037..4f7f2224da 100644 --- a/src/node_quic_crypto.cc +++ b/src/node_quic_crypto.cc @@ -28,10 +28,7 @@ namespace node { using crypto::EntropySource; -using v8::Array; -using v8::Integer; using v8::Local; -using v8::Object; using v8::String; using v8::Value; diff --git a/src/node_quic_http3_application.cc b/src/node_quic_http3_application.cc index 176c1cac65..940f1b5ba2 100644 --- a/src/node_quic_http3_application.cc +++ b/src/node_quic_http3_application.cc @@ -16,7 +16,6 @@ namespace node { using v8::Eternal; using v8::MaybeLocal; -using v8::Number; using v8::String; using v8::Value; @@ -510,7 +509,7 @@ bool Http3Application::SendPendingData() { // } // continue; } - //Session()->SetLastError(QUIC_ERROR_APPLICATION, nwrite); + // Session()->SetLastError(QUIC_ERROR_APPLICATION, nwrite); return false; } diff --git a/src/node_quic_session.cc b/src/node_quic_session.cc index 9ce3e6c278..365d59db26 100644 --- a/src/node_quic_session.cc +++ b/src/node_quic_session.cc @@ -607,7 +607,6 @@ void JSQuicSessionListener::OnSessionTicket(int size, SSL_SESSION* session) { Session()->MakeCallback( env->quic_on_session_ticket_function(), arraysize(argv), argv); - } void JSQuicSessionListener::OnSessionSilentClose( diff --git a/src/node_quic_socket.cc b/src/node_quic_socket.cc index c6de5f33f6..0927dac7f8 100644 --- a/src/node_quic_socket.cc +++ b/src/node_quic_socket.cc @@ -599,8 +599,7 @@ bool QuicSocket::SendStatelessReset( NGTCP2_MAX_PKTLEN_IPV4, token, random, - RANDLEN - ); + RANDLEN); if (nwrite <= 0) return false; buf.Realloc(nwrite); diff --git a/src/node_quic_stream.cc b/src/node_quic_stream.cc index dab2ff4714..f4950ceefd 100644 --- a/src/node_quic_stream.cc +++ b/src/node_quic_stream.cc @@ -23,7 +23,6 @@ using v8::Array; using v8::Context; using v8::FunctionCallbackInfo; using v8::FunctionTemplate; -using v8::Integer; using v8::Isolate; using v8::Local; using v8::Object; @@ -336,9 +335,9 @@ void QuicStream::ReceiveData( // Reading can be paused while we are processing. If that's // the case, we still want to acknowledge the current bytes // so that pausing does not throw off our flow control. - if (read_paused) + if (read_paused) { inbound_consumed_data_while_paused_ += avail; - else { + } else { IncrementStat( avail, &stream_stats_, diff --git a/src/node_quic_stream.h b/src/node_quic_stream.h index bd522e2643..b3a659fa5c 100644 --- a/src/node_quic_stream.h +++ b/src/node_quic_stream.h @@ -55,7 +55,7 @@ enum QuicStreamStatsIdx : int { // pair. QuicApplication implementations that support headers // per stream must create a specialization of the Header class. class QuicHeader { - public: + public: QuicHeader() {} virtual ~QuicHeader() {} diff --git a/src/node_quic_util.h b/src/node_quic_util.h index 5741bee0d8..cc9499d01e 100644 --- a/src/node_quic_util.h +++ b/src/node_quic_util.h @@ -88,7 +88,7 @@ struct QuicError { inline QuicError( int32_t family_ = QUIC_ERROR_SESSION, uint64_t code_ = NGTCP2_NO_ERROR); - inline QuicError(ngtcp2_connection_close_error_code code); + explicit inline QuicError(ngtcp2_connection_close_error_code code); inline QuicError( Environment* env, v8::Local codeArg, diff --git a/src/node_sockaddr-inl.h b/src/node_sockaddr-inl.h index 24dd9a9e9a..a1968a675e 100644 --- a/src/node_sockaddr-inl.h +++ b/src/node_sockaddr-inl.h @@ -12,7 +12,6 @@ namespace node { -namespace { // Fun hash combine trick based on a variadic template that // I came across a while back but can't remember where. Will add an attribution // if I can find the source. @@ -23,7 +22,6 @@ inline void hash_combine(size_t* seed, const T& value, Args... rest) { *seed ^= std::hash{}(value) + 0x9e3779b9 + (*seed << 6) + (*seed >> 2); hash_combine(seed, rest...); } -} // namespace size_t SocketAddress::Hash::operator()(const sockaddr* addr) const { size_t hash = 0; From e86a500d40d46ed167a6bdd8ad02ed076e2c9e46 Mon Sep 17 00:00:00 2001 From: Anna Henningsen Date: Thu, 17 Oct 2019 01:39:35 +0200 Subject: [PATCH 110/110] [WIP] benchmark: add basic QUIC benchmark --- benchmark/quic/quic-pipe.js | 73 +++++++++++++++++++++++++++++++++++++ 1 file changed, 73 insertions(+) create mode 100644 benchmark/quic/quic-pipe.js diff --git a/benchmark/quic/quic-pipe.js b/benchmark/quic/quic-pipe.js new file mode 100644 index 0000000000..6e81629506 --- /dev/null +++ b/benchmark/quic/quic-pipe.js @@ -0,0 +1,73 @@ +// Test the speed of .pipe() with QUIC sockets +'use strict'; + +const common = require('../common.js'); +const quic = require('quic'); +const fixtures = require('../../test/common/fixtures'); + +const key = fixtures.readKey('agent1-key.pem', 'binary'); +const cert = fixtures.readKey('agent1-cert.pem', 'binary'); +const ca = fixtures.readKey('ca1-cert.pem', 'binary'); + +const bench = common.createBenchmark(main, { + dur: [5], +}); + +function main({ dur, len, type }) { + const server = quic.createSocket({ port: 0, validateAddress: true }); + + server.listen({ + key, + cert, + ca, + rejectUnauthorized: false, + alpn: 'meow' + }); + + server.on('session', (session) => { + session.on('stream', (stream) => { + stream.pipe(stream); + }); + }); + + const buffer = Buffer.alloc(102400); + let received = 0; + + server.on('ready', () => { + const client = quic.createSocket({ + port: 0, + client: { + key, + cert, + ca, + alpn: 'meow' + } + }); + + const req = client.connect({ + address: 'localhost', + port: server.address.port + }); + + req.on('secure', () => { + const stream = req.openStream({ halfOpen: false }); + stream.on('data', (chunk) => received += chunk.length); + + function write() { + stream.write(buffer, write); + } + + bench.start(); + write(); + + setTimeout(() => { + // Multiply by 2 since we're sending it first one way + // then then back again. + const bytes = received * 2; + const gbits = (bytes * 8) / (1024 * 1024 * 1024); + bench.end(gbits); + process.exit(0); + }, dur * 1000); + }); + }); +}