Google Git
Sign in
flutter/third_party/openssl/refs/heads/upstream/master/./ssl/quic/quic_txp.c
blob: 72ac08c95daaf7b34e010d272ff67b99e7895681 [file] [edit]
/*
* Copyright 2022-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include "internal/quic_txp.h"
#include "internal/quic_fifd.h"
#include "internal/quic_stream_map.h"
#include "internal/quic_error.h"
#include "internal/common.h"
#include <openssl/err.h>
#define MIN_CRYPTO_HDR_SIZE 3
#define MIN_FRAME_SIZE_HANDSHAKE_DONE 1
#define MIN_FRAME_SIZE_MAX_DATA 2
#define MIN_FRAME_SIZE_ACK 5
#define MIN_FRAME_SIZE_CRYPTO (MIN_CRYPTO_HDR_SIZE + 1)
#define MIN_FRAME_SIZE_STREAM 3 /* minimum useful size (for non-FIN) */
#define MIN_FRAME_SIZE_MAX_STREAMS_BIDI 2
#define MIN_FRAME_SIZE_MAX_STREAMS_UNI 2
/*
* Packet Archetypes
* =================
*/
/* Generate normal packets containing most frame types, subject to EL. */
#define TX_PACKETISER_ARCHETYPE_NORMAL 0
/*
* A probe packet is different in that:
* - It bypasses CC, but *is* counted as in flight for purposes of CC;
* - It must be ACK-eliciting.
*/
#define TX_PACKETISER_ARCHETYPE_PROBE 1
/*
* An ACK-only packet is different in that:
* - It bypasses CC, and is considered a 'non-inflight' packet;
* - It may not contain anything other than an ACK frame, not even padding.
*/
#define TX_PACKETISER_ARCHETYPE_ACK_ONLY 2
#define TX_PACKETISER_ARCHETYPE_NUM 3
struct ossl_quic_tx_packetiser_st {
OSSL_QUIC_TX_PACKETISER_ARGS args;
/*
* Opaque initial token blob provided by caller. TXP frees using the
* callback when it is no longer needed.
*/
const unsigned char *initial_token;
size_t initial_token_len;
ossl_quic_initial_token_free_fn *initial_token_free_cb;
void *initial_token_free_cb_arg;
/* Subcomponents of the TXP that we own. */
QUIC_FIFD fifd; /* QUIC Frame-in-Flight Dispatcher */
/* Internal state. */
uint64_t next_pn[QUIC_PN_SPACE_NUM]; /* Next PN to use in given PN space. */
OSSL_TIME last_tx_time; /* Last time a packet was generated, or 0. */
size_t unvalidated_credit; /* Limit of data we can send until validated */
/* Internal state - frame (re)generation flags. */
unsigned int want_handshake_done : 1;
unsigned int want_max_data : 1;
unsigned int want_max_streams_bidi : 1;
unsigned int want_max_streams_uni : 1;
/* Internal state - frame (re)generation flags - per PN space. */
unsigned int want_ack : QUIC_PN_SPACE_NUM;
unsigned int force_ack_eliciting : QUIC_PN_SPACE_NUM;
/*
* Internal state - connection close terminal state.
* Once this is set, it is not unset unlike other want_ flags - we keep
* sending it in every packet.
*/
unsigned int want_conn_close : 1;
/* Has the handshake been completed? */
unsigned int handshake_complete : 1;
OSSL_QUIC_FRAME_CONN_CLOSE conn_close_frame;
/*
* Counts of the number of bytes received and sent while in the closing
* state.
*/
uint64_t closing_bytes_recv;
uint64_t closing_bytes_xmit;
/* Internal state - packet assembly. */
struct txp_el {
unsigned char *scratch; /* scratch buffer for packet assembly */
size_t scratch_len; /* number of bytes allocated for scratch */
OSSL_QTX_IOVEC *iovec; /* scratch iovec array for use with QTX */
size_t alloc_iovec; /* size of iovec array */
} el[QUIC_ENC_LEVEL_NUM];
/* Message callback related arguments */
ossl_msg_cb msg_callback;
void *msg_callback_arg;
SSL *msg_callback_ssl;
/* Callbacks. */
void (*ack_tx_cb)(const OSSL_QUIC_FRAME_ACK *ack,
uint32_t pn_space,
void *arg);
void *ack_tx_cb_arg;
};
/*
* The TX helper records state used while generating frames into packets. It
* enables serialization into the packet to be done "transactionally" where
* serialization of a frame can be rolled back if it fails midway (e.g. if it
* does not fit).
*/
struct tx_helper {
OSSL_QUIC_TX_PACKETISER *txp;
/*
* The Maximum Packet Payload Length in bytes. This is the amount of
* space we have to generate frames into.
*/
size_t max_ppl;
/*
* Number of bytes we have generated so far.
*/
size_t bytes_appended;
/*
* Number of scratch bytes in txp->scratch we have used so far. Some iovecs
* will reference this scratch buffer. When we need to use more of it (e.g.
* when we need to put frame headers somewhere), we append to the scratch
* buffer, resizing if necessary, and increase this accordingly.
*/
size_t scratch_bytes;
/*
* Bytes reserved in the MaxPPL budget. We keep this number of bytes spare
* until reserve_allowed is set to 1. Currently this is always at most 1, as
* a PING frame takes up one byte and this mechanism is only used to ensure
* we can encode a PING frame if we have been asked to ensure a packet is
* ACK-eliciting and we are unusure if we are going to add any other
* ACK-eliciting frames before we reach our MaxPPL budget.
*/
size_t reserve;
/*
* Number of iovecs we have currently appended. This is the number of
* entries valid in txp->iovec.
*/
size_t num_iovec;
/* The EL this TX helper is being used for. */
uint32_t enc_level;
/*
* Whether we are allowed to make use of the reserve bytes in our MaxPPL
* budget. This is used to ensure we have room to append a PING frame later
* if we need to. Once we know we will not need to append a PING frame, this
* is set to 1.
*/
unsigned int reserve_allowed : 1;
/*
* Set to 1 if we have appended a STREAM frame with an implicit length. If
* this happens we should never append another frame after that frame as it
* cannot be validly encoded. This is just a safety check.
*/
unsigned int done_implicit : 1;
struct {
/*
* The fields in this structure are valid if active is set, which means
* that a serialization transaction is currently in progress.
*/
unsigned char *data;
WPACKET wpkt;
unsigned int active : 1;
} txn;
};
static void tx_helper_rollback(struct tx_helper *h);
static int txp_el_ensure_iovec(struct txp_el *el, size_t num);
/* Initialises the TX helper. */
static int tx_helper_init(struct tx_helper *h, OSSL_QUIC_TX_PACKETISER *txp,
uint32_t enc_level, size_t max_ppl, size_t reserve)
{
if (reserve > max_ppl)
return 0;
h->txp = txp;
h->enc_level = enc_level;
h->max_ppl = max_ppl;
h->reserve = reserve;
h->num_iovec = 0;
h->bytes_appended = 0;
h->scratch_bytes = 0;
h->reserve_allowed = 0;
h->done_implicit = 0;
h->txn.data = NULL;
h->txn.active = 0;
if (max_ppl > h->txp->el[enc_level].scratch_len) {
unsigned char *scratch;
scratch = OPENSSL_realloc(h->txp->el[enc_level].scratch, max_ppl);
if (scratch == NULL)
return 0;
h->txp->el[enc_level].scratch = scratch;
h->txp->el[enc_level].scratch_len = max_ppl;
}
return 1;
}
static void tx_helper_cleanup(struct tx_helper *h)
{
if (h->txn.active)
tx_helper_rollback(h);
h->txp = NULL;
}
static void tx_helper_unrestrict(struct tx_helper *h)
{
h->reserve_allowed = 1;
}
/*
* Append an extent of memory to the iovec list. The memory must remain
* allocated until we finish generating the packet and call the QTX.
*
* In general, the buffers passed to this function will be from one of two
* ranges:
*
* - Application data contained in stream buffers managed elsewhere
* in the QUIC stack; or
*
* - Control frame data appended into txp->scratch using tx_helper_begin and
* tx_helper_commit.
*
*/
static int tx_helper_append_iovec(struct tx_helper *h,
const unsigned char *buf,
size_t buf_len)
{
struct txp_el *el = &h->txp->el[h->enc_level];
if (buf_len == 0)
return 1;
if (!ossl_assert(!h->done_implicit))
return 0;
if (!txp_el_ensure_iovec(el, h->num_iovec + 1))
return 0;
el->iovec[h->num_iovec].buf = buf;
el->iovec[h->num_iovec].buf_len = buf_len;
++h->num_iovec;
h->bytes_appended += buf_len;
return 1;
}
/*
* How many more bytes of space do we have left in our plaintext packet payload?
*/
static size_t tx_helper_get_space_left(struct tx_helper *h)
{
return h->max_ppl
- (h->reserve_allowed ? 0 : h->reserve) - h->bytes_appended;
}
/*
* Begin a control frame serialization transaction. This allows the
* serialization of the control frame to be backed out if it turns out it won't
* fit. Write the control frame to the returned WPACKET. Ensure you always
* call tx_helper_rollback or tx_helper_commit (or tx_helper_cleanup). Returns
* NULL on failure.
*/
static WPACKET *tx_helper_begin(struct tx_helper *h)
{
size_t space_left, len;
unsigned char *data;
struct txp_el *el = &h->txp->el[h->enc_level];
if (!ossl_assert(!h->txn.active))
return NULL;
if (!ossl_assert(!h->done_implicit))
return NULL;
data = (unsigned char *)el->scratch + h->scratch_bytes;
len = el->scratch_len - h->scratch_bytes;
space_left = tx_helper_get_space_left(h);
if (!ossl_assert(space_left <= len))
return NULL;
if (!WPACKET_init_static_len(&h->txn.wpkt, data, len, 0))
return NULL;
if (!WPACKET_set_max_size(&h->txn.wpkt, space_left)) {
WPACKET_cleanup(&h->txn.wpkt);
return NULL;
}
h->txn.data = data;
h->txn.active = 1;
return &h->txn.wpkt;
}
static void tx_helper_end(struct tx_helper *h, int success)
{
if (success)
WPACKET_finish(&h->txn.wpkt);
else
WPACKET_cleanup(&h->txn.wpkt);
h->txn.active = 0;
h->txn.data = NULL;
}
/* Abort a control frame serialization transaction. */
static void tx_helper_rollback(struct tx_helper *h)
{
if (!h->txn.active)
return;
tx_helper_end(h, 0);
}
/* Commit a control frame. */
static int tx_helper_commit(struct tx_helper *h)
{
size_t l = 0;
if (!h->txn.active)
return 0;
if (!WPACKET_get_total_written(&h->txn.wpkt, &l)) {
tx_helper_end(h, 0);
return 0;
}
if (!tx_helper_append_iovec(h, h->txn.data, l)) {
tx_helper_end(h, 0);
return 0;
}
if (h->txp->msg_callback != NULL && l > 0) {
uint64_t ftype;
int ctype = SSL3_RT_QUIC_FRAME_FULL;
PACKET pkt;
if (!PACKET_buf_init(&pkt, h->txn.data, l)
|| !ossl_quic_wire_peek_frame_header(&pkt, &ftype, NULL)) {
tx_helper_end(h, 0);
return 0;
}
if (ftype == OSSL_QUIC_FRAME_TYPE_PADDING)
ctype = SSL3_RT_QUIC_FRAME_PADDING;
else if (OSSL_QUIC_FRAME_TYPE_IS_STREAM(ftype)
|| ftype == OSSL_QUIC_FRAME_TYPE_CRYPTO)
ctype = SSL3_RT_QUIC_FRAME_HEADER;
h->txp->msg_callback(1, OSSL_QUIC1_VERSION, ctype, h->txn.data, l,
h->txp->msg_callback_ssl,
h->txp->msg_callback_arg);
}
h->scratch_bytes += l;
tx_helper_end(h, 1);
return 1;
}
struct archetype_data {
unsigned int allow_ack : 1;
unsigned int allow_ping : 1;
unsigned int allow_crypto : 1;
unsigned int allow_handshake_done : 1;
unsigned int allow_path_challenge : 1;
unsigned int allow_path_response : 1;
unsigned int allow_new_conn_id : 1;
unsigned int allow_retire_conn_id : 1;
unsigned int allow_stream_rel : 1;
unsigned int allow_conn_fc : 1;
unsigned int allow_conn_close : 1;
unsigned int allow_cfq_other : 1;
unsigned int allow_new_token : 1;
unsigned int allow_force_ack_eliciting : 1;
unsigned int allow_padding : 1;
unsigned int require_ack_eliciting : 1;
unsigned int bypass_cc : 1;
};
struct txp_pkt_geom {
size_t cmpl, cmppl, hwm, pkt_overhead;
uint32_t archetype;
struct archetype_data adata;
};
struct txp_pkt {
struct tx_helper h;
int h_valid;
QUIC_TXPIM_PKT *tpkt;
QUIC_STREAM *stream_head;
QUIC_PKT_HDR phdr;
struct txp_pkt_geom geom;
int force_pad;
};
static QUIC_SSTREAM *get_sstream_by_id(uint64_t stream_id, uint32_t pn_space,
void *arg);
static void on_regen_notify(uint64_t frame_type, uint64_t stream_id,
QUIC_TXPIM_PKT *pkt, void *arg);
static void on_confirm_notify(uint64_t frame_type, uint64_t stream_id,
QUIC_TXPIM_PKT *pkt, void *arg);
static void on_sstream_updated(uint64_t stream_id, void *arg);
static int sstream_is_pending(QUIC_SSTREAM *sstream);
static int txp_should_try_staging(OSSL_QUIC_TX_PACKETISER *txp,
uint32_t enc_level,
uint32_t archetype,
uint64_t cc_limit,
uint32_t *conn_close_enc_level);
static size_t txp_determine_pn_len(OSSL_QUIC_TX_PACKETISER *txp);
static int txp_determine_ppl_from_pl(OSSL_QUIC_TX_PACKETISER *txp,
size_t pl,
uint32_t enc_level,
size_t hdr_len,
size_t *r);
static size_t txp_get_mdpl(OSSL_QUIC_TX_PACKETISER *txp);
static int txp_generate_for_el(OSSL_QUIC_TX_PACKETISER *txp,
struct txp_pkt *pkt,
int chosen_for_conn_close);
static int txp_pkt_init(struct txp_pkt *pkt, OSSL_QUIC_TX_PACKETISER *txp,
uint32_t enc_level, uint32_t archetype,
size_t running_total);
static void txp_pkt_cleanup(struct txp_pkt *pkt, OSSL_QUIC_TX_PACKETISER *txp);
static int txp_pkt_postgen_update_pkt_overhead(struct txp_pkt *pkt,
OSSL_QUIC_TX_PACKETISER *txp);
static int txp_pkt_append_padding(struct txp_pkt *pkt,
OSSL_QUIC_TX_PACKETISER *txp, size_t num_bytes);
static int txp_pkt_commit(OSSL_QUIC_TX_PACKETISER *txp, struct txp_pkt *pkt,
uint32_t archetype, int *txpim_pkt_reffed);
static uint32_t txp_determine_archetype(OSSL_QUIC_TX_PACKETISER *txp,
uint64_t cc_limit);
/**
* Sets the validated state of a QUIC TX packetiser.
*
* This function marks the provided QUIC TX packetiser as having its credit
* fully validated by setting its `unvalidated_credit` field to `SIZE_MAX`.
*
* @param txp A pointer to the OSSL_QUIC_TX_PACKETISER structure to update.
*/
void ossl_quic_tx_packetiser_set_validated(OSSL_QUIC_TX_PACKETISER *txp)
{
txp->unvalidated_credit = SIZE_MAX;
return;
}
/**
* Adds unvalidated credit to a QUIC TX packetiser.
*
* This function increases the unvalidated credit of the provided QUIC TX
* packetiser. If the current unvalidated credit is not `SIZE_MAX`, the
* function adds three times the specified `credit` value, ensuring it does
* not exceed the maximum allowable value (`SIZE_MAX - 1`). If the addition
* would cause an overflow, the unvalidated credit is capped at
* `SIZE_MAX - 1`. If the current unvalidated credit is already `SIZE_MAX`,
* the function does nothing.
*
* @param txp A pointer to the OSSL_QUIC_TX_PACKETISER structure to update.
* @param credit The amount of credit to add, multiplied by 3.
*/
void ossl_quic_tx_packetiser_add_unvalidated_credit(OSSL_QUIC_TX_PACKETISER *txp,
size_t credit)
{
if (txp->unvalidated_credit != SIZE_MAX) {
if ((SIZE_MAX - txp->unvalidated_credit) > (credit * 3))
txp->unvalidated_credit += credit * 3;
else
txp->unvalidated_credit = SIZE_MAX - 1;
}
return;
}
/**
* Consumes unvalidated credit from a QUIC TX packetiser.
*
* This function decreases the unvalidated credit of the specified
* QUIC TX packetiser by the given `credit` value. If the unvalidated credit
* is set to `SIZE_MAX`, the function does nothing, as `SIZE_MAX` represents
* an unlimited credit state.
*
* @param txp A pointer to the OSSL_QUIC_TX_PACKETISER structure to update.
* @param credit The amount of credit to consume.
*/
void ossl_quic_tx_packetiser_consume_unvalidated_credit(OSSL_QUIC_TX_PACKETISER *txp,
size_t credit)
{
if (txp->unvalidated_credit != SIZE_MAX) {
if (txp->unvalidated_credit < credit)
txp->unvalidated_credit = 0;
else
txp->unvalidated_credit -= credit;
}
}
/**
* Checks if the QUIC TX packetiser has sufficient unvalidated credit.
*
* This function determines whether the unvalidated credit of the specified
* QUIC TX packetiser exceeds the required credit value (`req_credit`).
* If the unvalidated credit is greater than `req_credit`, the function
* returns 1 (true); otherwise, it returns 0 (false).
*
* @param txp A pointer to the OSSL_QUIC_TX_PACKETISER structure to check.
* @param req_credit The required credit value to compare against.
*
* @return 1 if the unvalidated credit exceeds `req_credit`, 0 otherwise.
*/
int ossl_quic_tx_packetiser_check_unvalidated_credit(OSSL_QUIC_TX_PACKETISER *txp,
size_t req_credit)
{
return (txp->unvalidated_credit > req_credit);
}
OSSL_QUIC_TX_PACKETISER *ossl_quic_tx_packetiser_new(const OSSL_QUIC_TX_PACKETISER_ARGS *args)
{
OSSL_QUIC_TX_PACKETISER *txp;
if (args == NULL
|| args->qtx == NULL
|| args->txpim == NULL
|| args->cfq == NULL
|| args->ackm == NULL
|| args->qsm == NULL
|| args->conn_txfc == NULL
|| args->conn_rxfc == NULL
|| args->max_streams_bidi_rxfc == NULL
|| args->max_streams_uni_rxfc == NULL
|| args->protocol_version == 0) {
ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
return NULL;
}
txp = OPENSSL_zalloc(sizeof(*txp));
if (txp == NULL)
return NULL;
txp->args = *args;
txp->last_tx_time = ossl_time_zero();
if (!ossl_quic_fifd_init(&txp->fifd,
txp->args.cfq, txp->args.ackm, txp->args.txpim,
get_sstream_by_id, txp,
on_regen_notify, txp,
on_confirm_notify, txp,
on_sstream_updated, txp,
args->get_qlog_cb,
args->get_qlog_cb_arg)) {
OPENSSL_free(txp);
return NULL;
}
return txp;
}
void ossl_quic_tx_packetiser_free(OSSL_QUIC_TX_PACKETISER *txp)
{
uint32_t enc_level;
if (txp == NULL)
return;
ossl_quic_tx_packetiser_set_initial_token(txp, NULL, 0, NULL, NULL);
ossl_quic_fifd_cleanup(&txp->fifd);
OPENSSL_free(txp->conn_close_frame.reason);
for (enc_level = QUIC_ENC_LEVEL_INITIAL;
enc_level < QUIC_ENC_LEVEL_NUM;
++enc_level) {
OPENSSL_free(txp->el[enc_level].iovec);
OPENSSL_free(txp->el[enc_level].scratch);
}
OPENSSL_free(txp);
}
/*
* Determine if an Initial packet token length is reasonable based on the
* current MDPL, returning 1 if it is OK.
*
* The real PMTU to the peer could differ from our (pessimistic) understanding
* of the PMTU, therefore it is possible we could receive an Initial token from
* a server in a Retry packet which is bigger than the MDPL. In this case it is
* impossible for us ever to make forward progress and we need to error out
* and fail the connection attempt.
*
* The specific boundary condition is complex: for example, after the size of
* the Initial token, there are the Initial packet header overheads and then
* encryption/AEAD tag overheads. After that, the minimum room for frame data in
* order to guarantee forward progress must be guaranteed. For example, a crypto
* stream needs to always be able to serialize at least one byte in a CRYPTO
* frame in order to make forward progress. Because the offset field of a CRYPTO
* frame uses a variable-length integer, the number of bytes needed to ensure
* this also varies.
*
* Rather than trying to get this boundary condition check actually right,
* require a reasonable amount of slack to avoid pathological behaviours. (After
* all, transmitting a CRYPTO stream one byte at a time is probably not
* desirable anyway.)
*
* We choose 160 bytes as the required margin, which is double the rough
* estimation of the minimum we would require to guarantee forward progress
* under worst case packet overheads.
*/
#define TXP_REQUIRED_TOKEN_MARGIN 160
static int txp_check_token_len(size_t token_len, size_t mdpl)
{
if (token_len == 0)
return 1;
if (token_len >= mdpl)
return 0;
if (TXP_REQUIRED_TOKEN_MARGIN >= mdpl)
/* (should not be possible because MDPL must be at least 1200) */
return 0;
if (token_len > mdpl - TXP_REQUIRED_TOKEN_MARGIN)
return 0;
return 1;
}
int ossl_quic_tx_packetiser_set_initial_token(OSSL_QUIC_TX_PACKETISER *txp,
const unsigned char *token,
size_t token_len,
ossl_quic_initial_token_free_fn *free_cb,
void *free_cb_arg)
{
if (!txp_check_token_len(token_len, txp_get_mdpl(txp)))
return 0;
if (txp->initial_token != NULL && txp->initial_token_free_cb != NULL)
txp->initial_token_free_cb(txp->initial_token, txp->initial_token_len,
txp->initial_token_free_cb_arg);
txp->initial_token = token;
txp->initial_token_len = token_len;
txp->initial_token_free_cb = free_cb;
txp->initial_token_free_cb_arg = free_cb_arg;
return 1;
}
int ossl_quic_tx_packetiser_set_protocol_version(OSSL_QUIC_TX_PACKETISER *txp,
uint32_t protocol_version)
{
txp->args.protocol_version = protocol_version;
return 1;
}
int ossl_quic_tx_packetiser_set_cur_dcid(OSSL_QUIC_TX_PACKETISER *txp,
const QUIC_CONN_ID *dcid)
{
if (dcid == NULL) {
ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
txp->args.cur_dcid = *dcid;
return 1;
}
int ossl_quic_tx_packetiser_set_cur_scid(OSSL_QUIC_TX_PACKETISER *txp,
const QUIC_CONN_ID *scid)
{
if (scid == NULL) {
ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
txp->args.cur_scid = *scid;
return 1;
}
/* Change the destination L4 address the TXP uses to send datagrams. */
int ossl_quic_tx_packetiser_set_peer(OSSL_QUIC_TX_PACKETISER *txp,
const BIO_ADDR *peer)
{
if (peer == NULL) {
BIO_ADDR_clear(&txp->args.peer);
return 1;
}
return BIO_ADDR_copy(&txp->args.peer, peer);
}
int ossl_quic_tx_packetiser_set_ack_delay_exponent(OSSL_QUIC_TX_PACKETISER *txp,
uint32_t exp)
{
if (exp > QUIC_MAX_ACK_DELAY_EXP) {
ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_INVALID_ARGUMENT);
return 0;
}
txp->args.ack_delay_exponent = exp;
return 1;
}
void ossl_quic_tx_packetiser_set_ack_tx_cb(OSSL_QUIC_TX_PACKETISER *txp,
void (*cb)(const OSSL_QUIC_FRAME_ACK *ack,
uint32_t pn_space,
void *arg),
void *cb_arg)
{
txp->ack_tx_cb = cb;
txp->ack_tx_cb_arg = cb_arg;
}
void ossl_quic_tx_packetiser_set_qlog_cb(OSSL_QUIC_TX_PACKETISER *txp,
QLOG *(*get_qlog_cb)(void *arg),
void *get_qlog_cb_arg)
{
ossl_quic_fifd_set_qlog_cb(&txp->fifd, get_qlog_cb, get_qlog_cb_arg);
}
int ossl_quic_tx_packetiser_discard_enc_level(OSSL_QUIC_TX_PACKETISER *txp,
uint32_t enc_level)
{
if (enc_level >= QUIC_ENC_LEVEL_NUM) {
ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_INVALID_ARGUMENT);
return 0;
}
if (enc_level != QUIC_ENC_LEVEL_0RTT)
txp->args.crypto[ossl_quic_enc_level_to_pn_space(enc_level)] = NULL;
return 1;
}
void ossl_quic_tx_packetiser_notify_handshake_complete(OSSL_QUIC_TX_PACKETISER *txp)
{
txp->handshake_complete = 1;
}
void ossl_quic_tx_packetiser_schedule_handshake_done(OSSL_QUIC_TX_PACKETISER *txp)
{
txp->want_handshake_done = 1;
}
void ossl_quic_tx_packetiser_schedule_ack_eliciting(OSSL_QUIC_TX_PACKETISER *txp,
uint32_t pn_space)
{
txp->force_ack_eliciting |= (1UL << pn_space);
}
void ossl_quic_tx_packetiser_schedule_ack(OSSL_QUIC_TX_PACKETISER *txp,
uint32_t pn_space)
{
txp->want_ack |= (1UL << pn_space);
}
#define TXP_ERR_INTERNAL 0 /* Internal (e.g. alloc) error */
#define TXP_ERR_SUCCESS 1 /* Success */
#define TXP_ERR_SPACE 2 /* Not enough room for another packet */
#define TXP_ERR_INPUT 3 /* Invalid/malformed input */
/*
* Generates a datagram by polling the various ELs to determine if they want to
* generate any frames, and generating a datagram which coalesces packets for
* any ELs which do.
*/
int ossl_quic_tx_packetiser_generate(OSSL_QUIC_TX_PACKETISER *txp,
QUIC_TXP_STATUS *status)
{
/*
* Called to generate one or more datagrams, each containing one or more
* packets.
*
* There are some tricky things to note here:
*
* - The TXP is only concerned with generating encrypted packets;
* other packets use a different path.
*
* - Any datagram containing an Initial packet must have a payload length
* (DPL) of at least 1200 bytes. This padding need not necessarily be
* found in the Initial packet.
*
* - It is desirable to be able to coalesce an Initial packet
* with a Handshake packet. Since, before generating the Handshake
* packet, we do not know how long it will be, we cannot know the
* correct amount of padding to ensure a DPL of at least 1200 bytes.
* Thus this padding must added to the Handshake packet (or whatever
* packet is the last in the datagram).
*
* - However, at the time that we generate the Initial packet,
* we do not actually know for sure that we will be followed
* in the datagram by another packet. For example, suppose we have
* some queued data (e.g. crypto stream data for the HANDSHAKE EL)
* it looks like we will want to send on the HANDSHAKE EL.
* We could assume padding will be placed in the Handshake packet
* subsequently and avoid adding any padding to the Initial packet
* (which would leave no room for the Handshake packet in the
* datagram).
*
* However, this is not actually a safe assumption. Suppose that we
* are using a link with a MDPL of 1200 bytes, the minimum allowed by
* QUIC. Suppose that the Initial packet consumes 1195 bytes in total.
* Since it is not possible to fit a Handshake packet in just 5 bytes,
* upon trying to add a Handshake packet after generating the Initial
* packet, we will discover we have no room to fit it! This is not a
* problem in itself as another datagram can be sent subsequently, but
* it is a problem because we were counting to use that packet to hold
* the essential padding. But if we have already finished encrypting
* the Initial packet, we cannot go and add padding to it anymore.
* This leaves us stuck.
*
* Because of this, we have to plan multiple packets simultaneously, such
* that we can start generating a Handshake (or 0-RTT or 1-RTT, or so on)
* packet while still having the option to go back and add padding to the
* Initial packet if it turns out to be needed.
*
* Trying to predict ahead of time (e.g. during Initial packet generation)
* whether we will successfully generate a subsequent packet is fraught with
* error as it relies on a large number of variables:
*
* - Do we have room to fit a packet header? (Consider that due to
* variable-length integer encoding this is highly variable and can even
* depend on payload length due to a variable-length Length field.)
*
* - Can we fit even a single one of the frames we want to put in this
* packet in the packet? (Each frame type has a bespoke encoding. While
* our encodings of some frame types are adaptive based on the available
* room - e.g. STREAM frames - ultimately all frame types have some
* absolute minimum number of bytes to be successfully encoded. For
* example, if after an Initial packet there is enough room to encode
* only one byte of frame data, it is quite likely we can't send any of
* the frames we wanted to send.) While this is not strictly a problem
* because we could just fill the packet with padding frames, this is a
* pointless packet and is wasteful.
*
* Thus we adopt a multi-phase architecture:
*
* 1. Archetype Selection: Determine desired packet archetype.
*
* 2. Packet Staging: Generation of packet information and packet payload
* data (frame data) into staging areas.
*
* 3. Packet Adjustment: Adjustment of staged packets, adding padding to
* the staged packets if needed.
*
* 4. Commit: The packets are sent to the QTX and recorded as having been
* sent to the FIFM.
*
*/
int res = 0, rc;
uint32_t archetype, enc_level;
uint32_t conn_close_enc_level = QUIC_ENC_LEVEL_NUM;
struct txp_pkt pkt[QUIC_ENC_LEVEL_NUM];
size_t pkts_done = 0;
uint64_t cc_limit = txp->args.cc_method->get_tx_allowance(txp->args.cc_data);
int need_padding = 0, txpim_pkt_reffed;
memset(status, 0, sizeof(*status));
for (enc_level = QUIC_ENC_LEVEL_INITIAL;
enc_level < QUIC_ENC_LEVEL_NUM;
++enc_level)
pkt[enc_level].h_valid = 0;
/*
* Should not be needed, but a sanity check in case anyone else has been
* using the QTX.
*/
ossl_qtx_finish_dgram(txp->args.qtx);
/* 1. Archetype Selection */
archetype = txp_determine_archetype(txp, cc_limit);
/* 2. Packet Staging */
for (enc_level = QUIC_ENC_LEVEL_INITIAL;
enc_level < QUIC_ENC_LEVEL_NUM;
++enc_level) {
size_t running_total = (enc_level > QUIC_ENC_LEVEL_INITIAL)
? pkt[enc_level - 1].geom.hwm
: 0;
pkt[enc_level].geom.hwm = running_total;
if (!txp_should_try_staging(txp, enc_level, archetype, cc_limit,
&conn_close_enc_level))
continue;
if (!txp_pkt_init(&pkt[enc_level], txp, enc_level, archetype,
running_total))
/*
* If this fails this is not a fatal error - it means the geometry
* planning determined there was not enough space for another
* packet. So just proceed with what we've already planned for.
*/
break;
rc = txp_generate_for_el(txp, &pkt[enc_level],
conn_close_enc_level == enc_level);
if (rc != TXP_ERR_SUCCESS)
goto out;
if (pkt[enc_level].force_pad)
/*
* txp_generate_for_el emitted a frame which forces packet padding.
*/
need_padding = 1;
pkt[enc_level].geom.hwm = running_total
+ pkt[enc_level].h.bytes_appended
+ pkt[enc_level].geom.pkt_overhead;
}
/* 3. Packet Adjustment */
if (pkt[QUIC_ENC_LEVEL_INITIAL].h_valid
&& pkt[QUIC_ENC_LEVEL_INITIAL].h.bytes_appended > 0)
/*
* We have an Initial packet in this datagram, so we need to make sure
* the total size of the datagram is adequate.
*/
need_padding = 1;
if (need_padding) {
size_t total_dgram_size = 0;
const size_t min_dpl = QUIC_MIN_INITIAL_DGRAM_LEN;
uint32_t pad_el = QUIC_ENC_LEVEL_NUM;
for (enc_level = QUIC_ENC_LEVEL_INITIAL;
enc_level < QUIC_ENC_LEVEL_NUM;
++enc_level)
if (pkt[enc_level].h_valid && pkt[enc_level].h.bytes_appended > 0) {
if (pad_el == QUIC_ENC_LEVEL_NUM
/*
* We might not be able to add padding, for example if we
* are using the ACK_ONLY archetype.
*/
&& pkt[enc_level].geom.adata.allow_padding
&& !pkt[enc_level].h.done_implicit)
pad_el = enc_level;
txp_pkt_postgen_update_pkt_overhead(&pkt[enc_level], txp);
total_dgram_size += pkt[enc_level].geom.pkt_overhead
+ pkt[enc_level].h.bytes_appended;
}
if (pad_el != QUIC_ENC_LEVEL_NUM && total_dgram_size < min_dpl) {
size_t deficit = min_dpl - total_dgram_size;
if (!txp_pkt_append_padding(&pkt[pad_el], txp, deficit))
goto out;
total_dgram_size += deficit;
/*
* Padding frames make a packet ineligible for being a non-inflight
* packet.
*/
pkt[pad_el].tpkt->ackm_pkt.is_inflight = 1;
}
/*
* If we have failed to make a datagram of adequate size, for example
* because we have a padding requirement but are using the ACK_ONLY
* archetype (because we are CC limited), which precludes us from
* sending padding, give up on generating the datagram - there is
* nothing we can do.
*/
if (total_dgram_size < min_dpl) {
res = 1;
goto out;
}
}
/* 4. Commit */
for (enc_level = QUIC_ENC_LEVEL_INITIAL;
enc_level < QUIC_ENC_LEVEL_NUM;
++enc_level) {
if (!pkt[enc_level].h_valid)
/* Did not attempt to generate a packet for this EL. */
continue;
if (pkt[enc_level].h.bytes_appended == 0)
/* Nothing was generated for this EL, so skip. */
continue;
if (!ossl_quic_tx_packetiser_check_unvalidated_credit(txp,
pkt[enc_level].h.bytes_appended)) {
res = TXP_ERR_SPACE;
goto out;
}
ossl_quic_tx_packetiser_consume_unvalidated_credit(txp, pkt[enc_level].h.bytes_appended);
rc = txp_pkt_commit(txp, &pkt[enc_level], archetype,
&txpim_pkt_reffed);
if (rc) {
status->sent_ack_eliciting
= status->sent_ack_eliciting
|| pkt[enc_level].tpkt->ackm_pkt.is_ack_eliciting;
if (enc_level == QUIC_ENC_LEVEL_HANDSHAKE)
status->sent_handshake
= (pkt[enc_level].h_valid
&& pkt[enc_level].h.bytes_appended > 0);
}
if (txpim_pkt_reffed)
pkt[enc_level].tpkt = NULL; /* don't free */
if (!rc)
goto out;
++pkts_done;
}
/* Flush & Cleanup */
res = 1;
out:
ossl_qtx_finish_dgram(txp->args.qtx);
for (enc_level = QUIC_ENC_LEVEL_INITIAL;
enc_level < QUIC_ENC_LEVEL_NUM;
++enc_level)
txp_pkt_cleanup(&pkt[enc_level], txp);
status->sent_pkt = pkts_done;
return res;
}
static const struct archetype_data archetypes[QUIC_ENC_LEVEL_NUM][TX_PACKETISER_ARCHETYPE_NUM] = {
/* EL 0(INITIAL) */
{
/* EL 0(INITIAL) - Archetype 0(NORMAL) */
{
/*allow_ack =*/1,
/*allow_ping =*/1,
/*allow_crypto =*/1,
/*allow_handshake_done =*/0,
/*allow_path_challenge =*/0,
/*allow_path_response =*/0,
/*allow_new_conn_id =*/0,
/*allow_retire_conn_id =*/0,
/*allow_stream_rel =*/0,
/*allow_conn_fc =*/0,
/*allow_conn_close =*/1,
/*allow_cfq_other =*/0,
/*allow_new_token =*/0,
/*allow_force_ack_eliciting =*/1,
/*allow_padding =*/1,
/*require_ack_eliciting =*/0,
/*bypass_cc =*/0,
},
/* EL 0(INITIAL) - Archetype 1(PROBE) */
{
/*allow_ack =*/1,
/*allow_ping =*/1,
/*allow_crypto =*/1,
/*allow_handshake_done =*/0,
/*allow_path_challenge =*/0,
/*allow_path_response =*/0,
/*allow_new_conn_id =*/0,
/*allow_retire_conn_id =*/0,
/*allow_stream_rel =*/0,
/*allow_conn_fc =*/0,
/*allow_conn_close =*/1,
/*allow_cfq_other =*/0,
/*allow_new_token =*/0,
/*allow_force_ack_eliciting =*/1,
/*allow_padding =*/1,
/*require_ack_eliciting =*/1,
/*bypass_cc =*/1,
},
/* EL 0(INITIAL) - Archetype 2(ACK_ONLY) */
{
/*allow_ack =*/1,
/*allow_ping =*/0,
/*allow_crypto =*/0,
/*allow_handshake_done =*/0,
/*allow_path_challenge =*/0,
/*allow_path_response =*/0,
/*allow_new_conn_id =*/0,
/*allow_retire_conn_id =*/0,
/*allow_stream_rel =*/0,
/*allow_conn_fc =*/0,
/*allow_conn_close =*/0,
/*allow_cfq_other =*/0,
/*allow_new_token =*/0,
/*allow_force_ack_eliciting =*/1,
/*allow_padding =*/0,
/*require_ack_eliciting =*/0,
/*bypass_cc =*/1,
},
},
/* EL 1(0RTT) */
{
/* EL 1(0RTT) - Archetype 0(NORMAL) */
{
/*allow_ack =*/0,
/*allow_ping =*/1,
/*allow_crypto =*/0,
/*allow_handshake_done =*/0,
/*allow_path_challenge =*/0,
/*allow_path_response =*/0,
/*allow_new_conn_id =*/1,
/*allow_retire_conn_id =*/1,
/*allow_stream_rel =*/1,
/*allow_conn_fc =*/1,
/*allow_conn_close =*/1,
/*allow_cfq_other =*/0,
/*allow_new_token =*/0,
/*allow_force_ack_eliciting =*/0,
/*allow_padding =*/1,
/*require_ack_eliciting =*/0,
/*bypass_cc =*/0,
},
/* EL 1(0RTT) - Archetype 1(PROBE) */
{
/*allow_ack =*/0,
/*allow_ping =*/1,
/*allow_crypto =*/0,
/*allow_handshake_done =*/0,
/*allow_path_challenge =*/0,
/*allow_path_response =*/0,
/*allow_new_conn_id =*/1,
/*allow_retire_conn_id =*/1,
/*allow_stream_rel =*/1,
/*allow_conn_fc =*/1,
/*allow_conn_close =*/1,
/*allow_cfq_other =*/0,
/*allow_new_token =*/0,
/*allow_force_ack_eliciting =*/0,
/*allow_padding =*/1,
/*require_ack_eliciting =*/1,
/*bypass_cc =*/1,
},
/* EL 1(0RTT) - Archetype 2(ACK_ONLY) */
{
/*allow_ack =*/0,
/*allow_ping =*/0,
/*allow_crypto =*/0,
/*allow_handshake_done =*/0,
/*allow_path_challenge =*/0,
/*allow_path_response =*/0,
/*allow_new_conn_id =*/0,
/*allow_retire_conn_id =*/0,
/*allow_stream_rel =*/0,
/*allow_conn_fc =*/0,
/*allow_conn_close =*/0,
/*allow_cfq_other =*/0,
/*allow_new_token =*/0,
/*allow_force_ack_eliciting =*/0,
/*allow_padding =*/0,
/*require_ack_eliciting =*/0,
/*bypass_cc =*/1,
},
},
/* EL (HANDSHAKE) */
{
/* EL 2(HANDSHAKE) - Archetype 0(NORMAL) */
{
/*allow_ack =*/1,
/*allow_ping =*/1,
/*allow_crypto =*/1,
/*allow_handshake_done =*/0,
/*allow_path_challenge =*/0,
/*allow_path_response =*/0,
/*allow_new_conn_id =*/0,
/*allow_retire_conn_id =*/0,
/*allow_stream_rel =*/0,
/*allow_conn_fc =*/0,
/*allow_conn_close =*/1,
/*allow_cfq_other =*/0,
/*allow_new_token =*/0,
/*allow_force_ack_eliciting =*/1,
/*allow_padding =*/1,
/*require_ack_eliciting =*/0,
/*bypass_cc =*/0,
},
/* EL 2(HANDSHAKE) - Archetype 1(PROBE) */
{
/*allow_ack =*/1,
/*allow_ping =*/1,
/*allow_crypto =*/1,
/*allow_handshake_done =*/0,
/*allow_path_challenge =*/0,
/*allow_path_response =*/0,
/*allow_new_conn_id =*/0,
/*allow_retire_conn_id =*/0,
/*allow_stream_rel =*/0,
/*allow_conn_fc =*/0,
/*allow_conn_close =*/1,
/*allow_cfq_other =*/0,
/*allow_new_token =*/0,
/*allow_force_ack_eliciting =*/1,
/*allow_padding =*/1,
/*require_ack_eliciting =*/1,
/*bypass_cc =*/1,
},
/* EL 2(HANDSHAKE) - Archetype 2(ACK_ONLY) */
{
/*allow_ack =*/1,
/*allow_ping =*/0,
/*allow_crypto =*/0,
/*allow_handshake_done =*/0,
/*allow_path_challenge =*/0,
/*allow_path_response =*/0,
/*allow_new_conn_id =*/0,
/*allow_retire_conn_id =*/0,
/*allow_stream_rel =*/0,
/*allow_conn_fc =*/0,
/*allow_conn_close =*/0,
/*allow_cfq_other =*/0,
/*allow_new_token =*/0,
/*allow_force_ack_eliciting =*/1,
/*allow_padding =*/0,
/*require_ack_eliciting =*/0,
/*bypass_cc =*/1,
},
},
/* EL 3(1RTT) */
{
/* EL 3(1RTT) - Archetype 0(NORMAL) */
{
/*allow_ack =*/1,
/*allow_ping =*/1,
/*allow_crypto =*/1,
/*allow_handshake_done =*/1,
/*allow_path_challenge =*/0,
/*allow_path_response =*/1,
/*allow_new_conn_id =*/1,
/*allow_retire_conn_id =*/1,
/*allow_stream_rel =*/1,
/*allow_conn_fc =*/1,
/*allow_conn_close =*/1,
/*allow_cfq_other =*/1,
/*allow_new_token =*/1,
/*allow_force_ack_eliciting =*/1,
/*allow_padding =*/1,
/*require_ack_eliciting =*/0,
/*bypass_cc =*/0,
},
/* EL 3(1RTT) - Archetype 1(PROBE) */
{
/*allow_ack =*/1,
/*allow_ping =*/1,
/*allow_crypto =*/1,
/*allow_handshake_done =*/1,
/*allow_path_challenge =*/0,
/*allow_path_response =*/1,
/*allow_new_conn_id =*/1,
/*allow_retire_conn_id =*/1,
/*allow_stream_rel =*/1,
/*allow_conn_fc =*/1,
/*allow_conn_close =*/1,
/*allow_cfq_other =*/1,
/*allow_new_token =*/1,
/*allow_force_ack_eliciting =*/1,
/*allow_padding =*/1,
/*require_ack_eliciting =*/1,
/*bypass_cc =*/1,
},
/* EL 3(1RTT) - Archetype 2(ACK_ONLY) */
{
/*allow_ack =*/1,
/*allow_ping =*/0,
/*allow_crypto =*/0,
/*allow_handshake_done =*/0,
/*allow_path_challenge =*/0,
/*allow_path_response =*/0,
/*allow_new_conn_id =*/0,
/*allow_retire_conn_id =*/0,
/*allow_stream_rel =*/0,
/*allow_conn_fc =*/0,
/*allow_conn_close =*/0,
/*allow_cfq_other =*/0,
/*allow_new_token =*/0,
/*allow_force_ack_eliciting =*/1,
/*allow_padding =*/0,
/*require_ack_eliciting =*/0,
/*bypass_cc =*/1,
} }
};
static int txp_get_archetype_data(uint32_t enc_level,
uint32_t archetype,
struct archetype_data *a)
{
if (enc_level >= QUIC_ENC_LEVEL_NUM
|| archetype >= TX_PACKETISER_ARCHETYPE_NUM)
return 0;
/* No need to avoid copying this as it should not exceed one int in size. */
*a = archetypes[enc_level][archetype];
return 1;
}
static int txp_determine_geometry(OSSL_QUIC_TX_PACKETISER *txp,
uint32_t archetype,
uint32_t enc_level,
size_t running_total,
QUIC_PKT_HDR *phdr,
struct txp_pkt_geom *geom)
{
size_t mdpl, cmpl, hdr_len;
/* Get information about packet archetype. */
if (!txp_get_archetype_data(enc_level, archetype, &geom->adata))
return 0;
/* Assemble packet header. */
phdr->type = ossl_quic_enc_level_to_pkt_type(enc_level);
phdr->spin_bit = 0;
phdr->pn_len = (unsigned int)txp_determine_pn_len(txp);
phdr->partial = 0;
phdr->fixed = 1;
phdr->reserved = 0;
phdr->version = txp->args.protocol_version;
phdr->dst_conn_id = txp->args.cur_dcid;
phdr->src_conn_id = txp->args.cur_scid;
/*
* We need to know the length of the payload to get an accurate header
* length for non-1RTT packets, because the Length field found in
* Initial/Handshake/0-RTT packets uses a variable-length encoding. However,
* we don't have a good idea of the length of our payload, because the
* length of the payload depends on the room in the datagram after fitting
* the header, which depends on the size of the header.
*
* In general, it does not matter if a packet is slightly shorter (because
* e.g. we predicted use of a 2-byte length field, but ended up only needing
* a 1-byte length field). However this does matter for Initial packets
* which must be at least 1200 bytes, which is also the assumed default MTU;
* therefore in many cases Initial packets will be padded to 1200 bytes,
* which means if we overestimated the header size, we will be short by a
* few bytes and the server will ignore the packet for being too short. In
* this case, however, such packets always *will* be padded to meet 1200
* bytes, which requires a 2-byte length field, so we don't actually need to
* worry about this. Thus we estimate the header length assuming a 2-byte
* length field here, which should in practice work well in all cases.
*/
phdr->len = OSSL_QUIC_VLINT_2B_MAX - phdr->pn_len;
if (enc_level == QUIC_ENC_LEVEL_INITIAL) {
phdr->token = txp->initial_token;
phdr->token_len = txp->initial_token_len;
} else {
phdr->token = NULL;
phdr->token_len = 0;
}
hdr_len = ossl_quic_wire_get_encoded_pkt_hdr_len(phdr->dst_conn_id.id_len,
phdr);
if (hdr_len == 0)
return 0;
/* MDPL: Maximum datagram payload length. */
mdpl = txp_get_mdpl(txp);
/*
* CMPL: Maximum encoded packet size we can put into this datagram given any
* previous packets coalesced into it.
*/
if (running_total > mdpl)
/* Should not be possible, but if it happens: */
cmpl = 0;
else
cmpl = mdpl - running_total;
/* CMPPL: Maximum amount we can put into the current packet payload */
if (!txp_determine_ppl_from_pl(txp, cmpl, enc_level, hdr_len, &geom->cmppl))
return 0;
geom->cmpl = cmpl;
geom->pkt_overhead = cmpl - geom->cmppl;
geom->archetype = archetype;
return 1;
}
static uint32_t txp_determine_archetype(OSSL_QUIC_TX_PACKETISER *txp,
uint64_t cc_limit)
{
OSSL_ACKM_PROBE_INFO *probe_info
= ossl_ackm_get0_probe_request(txp->args.ackm);
uint32_t pn_space;
/*
* If ACKM has requested probe generation (e.g. due to PTO), we generate a
* Probe-archetype packet. Actually, we determine archetype on a
* per-datagram basis, so if any EL wants a probe, do a pass in which
* we try and generate a probe (if needed) for all ELs.
*/
if (probe_info->anti_deadlock_initial > 0
|| probe_info->anti_deadlock_handshake > 0)
return TX_PACKETISER_ARCHETYPE_PROBE;
for (pn_space = QUIC_PN_SPACE_INITIAL;
pn_space < QUIC_PN_SPACE_NUM;
++pn_space)
if (probe_info->pto[pn_space] > 0)
return TX_PACKETISER_ARCHETYPE_PROBE;
/*
* If we are out of CC budget, we cannot send a normal packet,
* but we can do an ACK-only packet (potentially, if we
* want to send an ACK).
*/
if (cc_limit == 0)
return TX_PACKETISER_ARCHETYPE_ACK_ONLY;
/* All other packets. */
return TX_PACKETISER_ARCHETYPE_NORMAL;
}
static int txp_should_try_staging(OSSL_QUIC_TX_PACKETISER *txp,
uint32_t enc_level,
uint32_t archetype,
uint64_t cc_limit,
uint32_t *conn_close_enc_level)
{
struct archetype_data a;
uint32_t pn_space = ossl_quic_enc_level_to_pn_space(enc_level);
QUIC_CFQ_ITEM *cfq_item;
if (!ossl_qtx_is_enc_level_provisioned(txp->args.qtx, enc_level))
return 0;
if (!txp_get_archetype_data(enc_level, archetype, &a))
return 0;
if (!a.bypass_cc && cc_limit == 0)
/* CC not allowing us to send. */
return 0;
/*
* We can produce CONNECTION_CLOSE frames on any EL in principle, which
* means we need to choose which EL we would prefer to use. After a
* connection is fully established we have only one provisioned EL and this
* is a non-issue. Where multiple ELs are provisioned, it is possible the
* peer does not have the keys for the EL yet, which suggests in general it
* is preferable to use the lowest EL which is still provisioned.
*
* However (RFC 9000 s. 10.2.3 & 12.5) we are also required to not send
* application CONNECTION_CLOSE frames in non-1-RTT ELs, so as to not
* potentially leak application data on a connection which has yet to be
* authenticated. Thus when we have an application CONNECTION_CLOSE frame
* queued and need to send it on a non-1-RTT EL, we have to convert it
* into a transport CONNECTION_CLOSE frame which contains no application
* data. Since this loses information, it suggests we should use the 1-RTT
* EL to avoid this if possible, even if a lower EL is also available.
*
* At the same time, just because we have the 1-RTT EL provisioned locally
* does not necessarily mean the peer does, for example if a handshake
* CRYPTO frame has been lost. It is fairly important that CONNECTION_CLOSE
* is signalled in a way we know our peer can decrypt, as we stop processing
* connection retransmission logic for real after connection close and
* simply 'blindly' retransmit the same CONNECTION_CLOSE frame.
*
* This is not a major concern for clients, since if a client has a 1-RTT EL
* provisioned the server is guaranteed to also have a 1-RTT EL provisioned.
*
* TODO(QUIC FUTURE): Revisit this when when have reached a decision on how
* best to implement this
*/
if (*conn_close_enc_level > enc_level
&& *conn_close_enc_level != QUIC_ENC_LEVEL_1RTT)
*conn_close_enc_level = enc_level;
/* Do we need to send a PTO probe? */
if (a.allow_force_ack_eliciting) {
OSSL_ACKM_PROBE_INFO *probe_info
= ossl_ackm_get0_probe_request(txp->args.ackm);
if ((enc_level == QUIC_ENC_LEVEL_INITIAL
&& probe_info->anti_deadlock_initial > 0)
|| (enc_level == QUIC_ENC_LEVEL_HANDSHAKE
&& probe_info->anti_deadlock_handshake > 0)
|| probe_info->pto[pn_space] > 0)
return 1;
}
/* Does the crypto stream for this EL want to produce anything? */
if (a.allow_crypto && sstream_is_pending(txp->args.crypto[pn_space]))
return 1;
/* Does the ACKM for this PN space want to produce anything? */
if (a.allow_ack && (ossl_ackm_is_ack_desired(txp->args.ackm, pn_space) || (txp->want_ack & (1UL << pn_space)) != 0))
return 1;
/* Do we need to force emission of an ACK-eliciting packet? */
if (a.allow_force_ack_eliciting
&& (txp->force_ack_eliciting & (1UL << pn_space)) != 0)
return 1;
/* Does the connection-level RXFC want to produce a frame? */
if (a.allow_conn_fc && (txp->want_max_data || ossl_quic_rxfc_has_cwm_changed(txp->args.conn_rxfc, 0)))
return 1;
/* Do we want to produce a MAX_STREAMS frame? */
if (a.allow_conn_fc
&& (txp->want_max_streams_bidi
|| ossl_quic_rxfc_has_cwm_changed(txp->args.max_streams_bidi_rxfc,
0)
|| txp->want_max_streams_uni
|| ossl_quic_rxfc_has_cwm_changed(txp->args.max_streams_uni_rxfc,
0)))
return 1;
/* Do we want to produce a HANDSHAKE_DONE frame? */
if (a.allow_handshake_done && txp->want_handshake_done)
return 1;
/* Do we want to produce a CONNECTION_CLOSE frame? */
if (a.allow_conn_close && txp->want_conn_close && *conn_close_enc_level == enc_level)
/*
* This is a bit of a special case since CONNECTION_CLOSE can appear in
* most packet types, and when we decide we want to send it this status
* isn't tied to a specific EL. So if we want to send it, we send it
* only on the lowest non-dropped EL.
*/
return 1;
/* Does the CFQ have any frames queued for this PN space? */
if (enc_level != QUIC_ENC_LEVEL_0RTT)
for (cfq_item = ossl_quic_cfq_get_priority_head(txp->args.cfq, pn_space);
cfq_item != NULL;
cfq_item = ossl_quic_cfq_item_get_priority_next(cfq_item, pn_space)) {
uint64_t frame_type = ossl_quic_cfq_item_get_frame_type(cfq_item);
switch (frame_type) {
case OSSL_QUIC_FRAME_TYPE_NEW_CONN_ID:
if (a.allow_new_conn_id)
return 1;
break;
case OSSL_QUIC_FRAME_TYPE_RETIRE_CONN_ID:
if (a.allow_retire_conn_id)
return 1;
break;
case OSSL_QUIC_FRAME_TYPE_NEW_TOKEN:
if (a.allow_new_token)
return 1;
break;
case OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE:
if (a.allow_path_response)
return 1;
break;
default:
if (a.allow_cfq_other)
return 1;
break;
}
}
if (a.allow_stream_rel && txp->handshake_complete) {
QUIC_STREAM_ITER it;
/* If there are any active streams, 0/1-RTT wants to produce a packet.
* Whether a stream is on the active list is required to be precise
* (i.e., a stream is never on the active list if we cannot produce a
* frame for it), and all stream-related frames are governed by
* a.allow_stream_rel (i.e., if we can send one type of stream-related
* frame, we can send any of them), so we don't need to inspect
* individual streams on the active list, just confirm that the active
* list is non-empty.
*/
ossl_quic_stream_iter_init(&it, txp->args.qsm, 0);
if (it.stream != NULL)
return 1;
}
return 0;
}
static int sstream_is_pending(QUIC_SSTREAM *sstream)
{
OSSL_QUIC_FRAME_STREAM hdr;
OSSL_QTX_IOVEC iov[2];
size_t num_iov = OSSL_NELEM(iov);
return ossl_quic_sstream_get_stream_frame(sstream, 0, &hdr, iov, &num_iov);
}
/* Determine how many bytes we should use for the encoded PN. */
static size_t txp_determine_pn_len(OSSL_QUIC_TX_PACKETISER *txp)
{
return 4; /* TODO(QUIC FUTURE) */
}
/* Determine plaintext packet payload length from payload length. */
static int txp_determine_ppl_from_pl(OSSL_QUIC_TX_PACKETISER *txp,
size_t pl,
uint32_t enc_level,
size_t hdr_len,
size_t *r)
{
if (pl < hdr_len)
return 0;
pl -= hdr_len;
if (!ossl_qtx_calculate_plaintext_payload_len(txp->args.qtx, enc_level,
pl, &pl))
return 0;
*r = pl;
return 1;
}
static size_t txp_get_mdpl(OSSL_QUIC_TX_PACKETISER *txp)
{
return ossl_qtx_get_mdpl(txp->args.qtx);
}
static QUIC_SSTREAM *get_sstream_by_id(uint64_t stream_id, uint32_t pn_space,
void *arg)
{
OSSL_QUIC_TX_PACKETISER *txp = arg;
QUIC_STREAM *s;
if (stream_id == UINT64_MAX)
return txp->args.crypto[pn_space];
s = ossl_quic_stream_map_get_by_id(txp->args.qsm, stream_id);
if (s == NULL)
return NULL;
return s->sstream;
}
static void on_regen_notify(uint64_t frame_type, uint64_t stream_id,
QUIC_TXPIM_PKT *pkt, void *arg)
{
OSSL_QUIC_TX_PACKETISER *txp = arg;
switch (frame_type) {
case OSSL_QUIC_FRAME_TYPE_HANDSHAKE_DONE:
txp->want_handshake_done = 1;
break;
case OSSL_QUIC_FRAME_TYPE_MAX_DATA:
txp->want_max_data = 1;
break;
case OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_BIDI:
txp->want_max_streams_bidi = 1;
break;
case OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_UNI:
txp->want_max_streams_uni = 1;
break;
case OSSL_QUIC_FRAME_TYPE_ACK_WITH_ECN:
txp->want_ack |= (1UL << pkt->ackm_pkt.pkt_space);
break;
case OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA: {
QUIC_STREAM *s
= ossl_quic_stream_map_get_by_id(txp->args.qsm, stream_id);
if (s == NULL)
return;
s->want_max_stream_data = 1;
ossl_quic_stream_map_update_state(txp->args.qsm, s);
} break;
case OSSL_QUIC_FRAME_TYPE_STOP_SENDING: {
QUIC_STREAM *s
= ossl_quic_stream_map_get_by_id(txp->args.qsm, stream_id);
if (s == NULL)
return;
ossl_quic_stream_map_schedule_stop_sending(txp->args.qsm, s);
} break;
case OSSL_QUIC_FRAME_TYPE_RESET_STREAM: {
QUIC_STREAM *s
= ossl_quic_stream_map_get_by_id(txp->args.qsm, stream_id);
if (s == NULL)
return;
s->want_reset_stream = 1;
ossl_quic_stream_map_update_state(txp->args.qsm, s);
} break;
default:
assert(0);
break;
}
}
static int txp_need_ping(OSSL_QUIC_TX_PACKETISER *txp,
uint32_t pn_space,
const struct archetype_data *adata)
{
return adata->allow_ping
&& (adata->require_ack_eliciting
|| (txp->force_ack_eliciting & (1UL << pn_space)) != 0);
}
static int txp_pkt_init(struct txp_pkt *pkt, OSSL_QUIC_TX_PACKETISER *txp,
uint32_t enc_level, uint32_t archetype,
size_t running_total)
{
uint32_t pn_space = ossl_quic_enc_level_to_pn_space(enc_level);
if (!txp_determine_geometry(txp, archetype, enc_level,
running_total, &pkt->phdr, &pkt->geom))
return 0;
/*
* Initialise TX helper. If we must be ACK eliciting, reserve 1 byte for
* PING.
*/
if (!tx_helper_init(&pkt->h, txp, enc_level,
pkt->geom.cmppl,
txp_need_ping(txp, pn_space, &pkt->geom.adata) ? 1 : 0))
return 0;
pkt->h_valid = 1;
pkt->tpkt = NULL;
pkt->stream_head = NULL;
pkt->force_pad = 0;
return 1;
}
static void txp_pkt_cleanup(struct txp_pkt *pkt, OSSL_QUIC_TX_PACKETISER *txp)
{
if (!pkt->h_valid)
return;
tx_helper_cleanup(&pkt->h);
pkt->h_valid = 0;
if (pkt->tpkt != NULL) {
ossl_quic_txpim_pkt_release(txp->args.txpim, pkt->tpkt);
pkt->tpkt = NULL;
}
}
static int txp_pkt_postgen_update_pkt_overhead(struct txp_pkt *pkt,
OSSL_QUIC_TX_PACKETISER *txp)
{
/*
* After we have staged and generated our packets, but before we commit
* them, it is possible for the estimated packet overhead (packet header +
* AEAD tag size) to shrink slightly because we generated a short packet
* whose which can be represented in fewer bytes as a variable-length
* integer than we were (pessimistically) budgeting for. We need to account
* for this to ensure that we get our padding calculation exactly right.
*
* Update pkt_overhead to be accurate now that we know how much data is
* going in a packet.
*/
size_t hdr_len, ciphertext_len;
if (pkt->h.enc_level == QUIC_ENC_LEVEL_INITIAL)
/*
* Don't update overheads for the INITIAL EL - we have not finished
* appending padding to it and would potentially miscalculate the
* correct padding if we now update the pkt_overhead field to switch to
* e.g. a 1-byte length field in the packet header. Since we are padding
* to QUIC_MIN_INITIAL_DGRAM_LEN which requires a 2-byte length field,
* this is guaranteed to be moot anyway. See comment in
* txp_determine_geometry for more information.
*/
return 1;
if (!ossl_qtx_calculate_ciphertext_payload_len(txp->args.qtx, pkt->h.enc_level,
pkt->h.bytes_appended,
&ciphertext_len))
return 0;
pkt->phdr.len = ciphertext_len;
hdr_len = ossl_quic_wire_get_encoded_pkt_hdr_len(pkt->phdr.dst_conn_id.id_len,
&pkt->phdr);
pkt->geom.pkt_overhead = hdr_len + ciphertext_len - pkt->h.bytes_appended;
return 1;
}
static void on_confirm_notify(uint64_t frame_type, uint64_t stream_id,
QUIC_TXPIM_PKT *pkt, void *arg)
{
OSSL_QUIC_TX_PACKETISER *txp = arg;
switch (frame_type) {
case OSSL_QUIC_FRAME_TYPE_STOP_SENDING: {
QUIC_STREAM *s
= ossl_quic_stream_map_get_by_id(txp->args.qsm, stream_id);
if (s == NULL)
return;
s->acked_stop_sending = 1;
ossl_quic_stream_map_update_state(txp->args.qsm, s);
} break;
case OSSL_QUIC_FRAME_TYPE_RESET_STREAM: {
QUIC_STREAM *s
= ossl_quic_stream_map_get_by_id(txp->args.qsm, stream_id);
if (s == NULL)
return;
/*
* We must already be in RESET_SENT or RESET_RECVD if we are
* here, so we don't need to check state here.
*/
ossl_quic_stream_map_notify_reset_stream_acked(txp->args.qsm, s);
ossl_quic_stream_map_update_state(txp->args.qsm, s);
} break;
default:
assert(0);
break;
}
}
static int txp_pkt_append_padding(struct txp_pkt *pkt,
OSSL_QUIC_TX_PACKETISER *txp, size_t num_bytes)
{
WPACKET *wpkt;
if (num_bytes == 0)
return 1;
if (!ossl_assert(pkt->h_valid))
return 0;
if (!ossl_assert(pkt->tpkt != NULL))
return 0;
wpkt = tx_helper_begin(&pkt->h);
if (wpkt == NULL)
return 0;
if (!ossl_quic_wire_encode_padding(wpkt, num_bytes)) {
tx_helper_rollback(&pkt->h);
return 0;
}
if (!tx_helper_commit(&pkt->h))
return 0;
pkt->tpkt->ackm_pkt.num_bytes += num_bytes;
/* Cannot be non-inflight if we have a PADDING frame */
pkt->tpkt->ackm_pkt.is_inflight = 1;
return 1;
}
static void on_sstream_updated(uint64_t stream_id, void *arg)
{
OSSL_QUIC_TX_PACKETISER *txp = arg;
QUIC_STREAM *s;
s = ossl_quic_stream_map_get_by_id(txp->args.qsm, stream_id);
if (s == NULL)
return;
ossl_quic_stream_map_update_state(txp->args.qsm, s);
}
/*
* Returns 1 if we can send that many bytes in closing state, 0 otherwise.
* Also maintains the bytes sent state if it returns a success.
*/
static int try_commit_conn_close(OSSL_QUIC_TX_PACKETISER *txp, size_t n)
{
int res;
/* We can always send the first connection close frame */
if (txp->closing_bytes_recv == 0)
return 1;
/*
* RFC 9000 s. 10.2.1 Closing Connection State:
* To avoid being used for an amplification attack, such
* endpoints MUST limit the cumulative size of packets it sends
* to three times the cumulative size of the packets that are
* received and attributed to the connection.
* and:
* An endpoint in the closing state MUST either discard packets
* received from an unvalidated address or limit the cumulative
* size of packets it sends to an unvalidated address to three
* times the size of packets it receives from that address.
*/
res = txp->closing_bytes_xmit + n <= txp->closing_bytes_recv * 3;
/*
* Attribute the bytes to the connection, if we are allowed to send them
* and this isn't the first closing frame.
*/
if (res && txp->closing_bytes_recv != 0)
txp->closing_bytes_xmit += n;
return res;
}
void ossl_quic_tx_packetiser_record_received_closing_bytes(
OSSL_QUIC_TX_PACKETISER *txp, size_t n)
{
txp->closing_bytes_recv += n;
}
static int txp_generate_pre_token(OSSL_QUIC_TX_PACKETISER *txp,
struct txp_pkt *pkt,
int chosen_for_conn_close,
int *can_be_non_inflight)
{
const uint32_t enc_level = pkt->h.enc_level;
const uint32_t pn_space = ossl_quic_enc_level_to_pn_space(enc_level);
const struct archetype_data *a = &pkt->geom.adata;
QUIC_TXPIM_PKT *tpkt = pkt->tpkt;
struct tx_helper *h = &pkt->h;
const OSSL_QUIC_FRAME_ACK *ack;
OSSL_QUIC_FRAME_ACK ack2;
tpkt->ackm_pkt.largest_acked = QUIC_PN_INVALID;
/* ACK Frames (Regenerate) */
if (a->allow_ack
&& tx_helper_get_space_left(h) >= MIN_FRAME_SIZE_ACK
&& (((txp->want_ack & (1UL << pn_space)) != 0)
|| ossl_ackm_is_ack_desired(txp->args.ackm, pn_space))
&& (ack = ossl_ackm_get_ack_frame(txp->args.ackm, pn_space)) != NULL) {
WPACKET *wpkt = tx_helper_begin(h);
if (wpkt == NULL)
return 0;
/* We do not currently support ECN */
ack2 = *ack;
ack2.ecn_present = 0;
if (ossl_quic_wire_encode_frame_ack(wpkt,
txp->args.ack_delay_exponent,
&ack2)) {
if (!tx_helper_commit(h))
return 0;
tpkt->had_ack_frame = 1;
if (ack->num_ack_ranges > 0)
tpkt->ackm_pkt.largest_acked = ack->ack_ranges[0].end;
if (txp->ack_tx_cb != NULL)
txp->ack_tx_cb(&ack2, pn_space, txp->ack_tx_cb_arg);
} else {
tx_helper_rollback(h);
}
}
/* CONNECTION_CLOSE Frames (Regenerate) */
if (a->allow_conn_close && txp->want_conn_close && chosen_for_conn_close) {
WPACKET *wpkt = tx_helper_begin(h);
OSSL_QUIC_FRAME_CONN_CLOSE f, *pf = &txp->conn_close_frame;
size_t l;
if (wpkt == NULL)
return 0;
/*
* Application CONNECTION_CLOSE frames may only be sent in the
* Application PN space, as otherwise they may be sent before a
* connection is authenticated and leak application data. Therefore, if
* we need to send a CONNECTION_CLOSE frame in another PN space and were
* given an application CONNECTION_CLOSE frame, convert it into a
* transport CONNECTION_CLOSE frame, removing any sensitive application
* data.
*
* RFC 9000 s. 10.2.3: "A CONNECTION_CLOSE of type 0x1d MUST be replaced
* by a CONNECTION_CLOSE of type 0x1c when sending the frame in Initial
* or Handshake packets. Otherwise, information about the application
* state might be revealed. Endpoints MUST clear the value of the Reason
* Phrase field and SHOULD use the APPLICATION_ERROR code when
* converting to a CONNECTION_CLOSE of type 0x1c."
*/
if (pn_space != QUIC_PN_SPACE_APP && pf->is_app) {
pf = &f;
pf->is_app = 0;
pf->frame_type = 0;
pf->error_code = OSSL_QUIC_ERR_APPLICATION_ERROR;
pf->reason = NULL;
pf->reason_len = 0;
}
if (ossl_quic_wire_encode_frame_conn_close(wpkt, pf)
&& WPACKET_get_total_written(wpkt, &l)
&& try_commit_conn_close(txp, l)) {
if (!tx_helper_commit(h))
return 0;
tpkt->had_conn_close = 1;
*can_be_non_inflight = 0;
} else {
tx_helper_rollback(h);
}
}
return 1;
}
static int try_len(size_t space_left, size_t orig_len,
size_t base_hdr_len, size_t lenbytes,
uint64_t maxn, size_t *hdr_len, size_t *payload_len)
{
size_t n;
size_t maxn_ = maxn > SIZE_MAX ? SIZE_MAX : (size_t)maxn;
*hdr_len = base_hdr_len + lenbytes;
if (orig_len == 0 && space_left >= *hdr_len) {
*payload_len = 0;
return 1;
}
n = orig_len;
if (n > maxn_)
n = maxn_;
if (n + *hdr_len > space_left)
n = (space_left >= *hdr_len) ? space_left - *hdr_len : 0;
*payload_len = n;
return n > 0;
}
static int determine_len(size_t space_left, size_t orig_len,
size_t base_hdr_len,
uint64_t *hlen, uint64_t *len)
{
int ok = 0;
size_t chosen_payload_len = 0;
size_t chosen_hdr_len = 0;
size_t payload_len[4], hdr_len[4];
int i, valid[4] = { 0 };
valid[0] = try_len(space_left, orig_len, base_hdr_len,
1, OSSL_QUIC_VLINT_1B_MAX,
&hdr_len[0], &payload_len[0]);
valid[1] = try_len(space_left, orig_len, base_hdr_len,
2, OSSL_QUIC_VLINT_2B_MAX,
&hdr_len[1], &payload_len[1]);
valid[2] = try_len(space_left, orig_len, base_hdr_len,
4, OSSL_QUIC_VLINT_4B_MAX,
&hdr_len[2], &payload_len[2]);
valid[3] = try_len(space_left, orig_len, base_hdr_len,
8, OSSL_QUIC_VLINT_8B_MAX,
&hdr_len[3], &payload_len[3]);
for (i = OSSL_NELEM(valid) - 1; i >= 0; --i)
if (valid[i] && payload_len[i] >= chosen_payload_len) {
chosen_payload_len = payload_len[i];
chosen_hdr_len = hdr_len[i];
ok = 1;
}
*hlen = chosen_hdr_len;
*len = chosen_payload_len;
return ok;
}
/*
* Given a CRYPTO frame header with accurate chdr->len and a budget
* (space_left), try to find the optimal value of chdr->len to fill as much of
* the budget as possible. This is slightly hairy because larger values of
* chdr->len cause larger encoded sizes of the length field of the frame, which
* in turn mean less space available for payload data. We check all possible
* encodings and choose the optimal encoding.
*/
static int determine_crypto_len(struct tx_helper *h,
OSSL_QUIC_FRAME_CRYPTO *chdr,
size_t space_left,
uint64_t *hlen,
uint64_t *len)
{
size_t orig_len;
size_t base_hdr_len; /* CRYPTO header length without length field */
if (chdr->len > SIZE_MAX)
return 0;
orig_len = (size_t)chdr->len;
chdr->len = 0;
base_hdr_len = ossl_quic_wire_get_encoded_frame_len_crypto_hdr(chdr);
chdr->len = orig_len;
if (base_hdr_len == 0)
return 0;
--base_hdr_len;
return determine_len(space_left, orig_len, base_hdr_len, hlen, len);
}
static int determine_stream_len(struct tx_helper *h,
OSSL_QUIC_FRAME_STREAM *shdr,
size_t space_left,
uint64_t *hlen,
uint64_t *len)
{
size_t orig_len;
size_t base_hdr_len; /* STREAM header length without length field */
if (shdr->len > SIZE_MAX)
return 0;
orig_len = (size_t)shdr->len;
shdr->len = 0;
base_hdr_len = ossl_quic_wire_get_encoded_frame_len_stream_hdr(shdr);
shdr->len = orig_len;
if (base_hdr_len == 0)
return 0;
if (shdr->has_explicit_len)
--base_hdr_len;
return determine_len(space_left, orig_len, base_hdr_len, hlen, len);
}
static int txp_generate_crypto_frames(OSSL_QUIC_TX_PACKETISER *txp,
struct txp_pkt *pkt,
int *have_ack_eliciting)
{
const uint32_t enc_level = pkt->h.enc_level;
const uint32_t pn_space = ossl_quic_enc_level_to_pn_space(enc_level);
QUIC_TXPIM_PKT *tpkt = pkt->tpkt;
struct tx_helper *h = &pkt->h;
size_t num_stream_iovec;
OSSL_QUIC_FRAME_STREAM shdr = { 0 };
OSSL_QUIC_FRAME_CRYPTO chdr = { 0 };
OSSL_QTX_IOVEC iov[2];
uint64_t hdr_bytes;
WPACKET *wpkt;
QUIC_TXPIM_CHUNK chunk = { 0 };
size_t i, space_left;
for (i = 0;; ++i) {
space_left = tx_helper_get_space_left(h);
if (space_left < MIN_FRAME_SIZE_CRYPTO)
return 1; /* no point trying */
/* Do we have any CRYPTO data waiting? */
num_stream_iovec = OSSL_NELEM(iov);
if (!ossl_quic_sstream_get_stream_frame(txp->args.crypto[pn_space],
i, &shdr, iov,
&num_stream_iovec))
return 1; /* nothing to do */
/* Convert STREAM frame header to CRYPTO frame header */
chdr.offset = shdr.offset;
chdr.len = shdr.len;
if (chdr.len == 0)
return 1; /* nothing to do */
/* Find best fit (header length, payload length) combination. */
if (!determine_crypto_len(h, &chdr, space_left, &hdr_bytes,
&chdr.len))
return 1; /* can't fit anything */
/*
* Truncate IOVs to match our chosen length.
*
* The length cannot be more than SIZE_MAX because this length comes
* from our send stream buffer.
*/
ossl_quic_sstream_adjust_iov((size_t)chdr.len, iov, num_stream_iovec);
/*
* Ensure we have enough iovecs allocated (1 for the header, up to 2 for
* the stream data.)
*/
if (!txp_el_ensure_iovec(&txp->el[enc_level], h->num_iovec + 3))
return 0; /* alloc error */
/* Encode the header. */
wpkt = tx_helper_begin(h);
if (wpkt == NULL)
return 0; /* alloc error */
if (!ossl_quic_wire_encode_frame_crypto_hdr(wpkt, &chdr)) {
tx_helper_rollback(h);
return 1; /* can't fit */
}
if (!tx_helper_commit(h))
return 0; /* alloc error */
/* Add payload iovecs to the helper (infallible). */
for (i = 0; i < num_stream_iovec; ++i)
tx_helper_append_iovec(h, iov[i].buf, iov[i].buf_len);
*have_ack_eliciting = 1;
tx_helper_unrestrict(h); /* no longer need PING */
/* Log chunk to TXPIM. */
chunk.stream_id = UINT64_MAX; /* crypto stream */
chunk.start = chdr.offset;
chunk.end = chdr.offset + chdr.len - 1;
chunk.has_fin = 0; /* Crypto stream never ends */
if (!ossl_quic_txpim_pkt_append_chunk(tpkt, &chunk))
return 0; /* alloc error */
}
}
struct chunk_info {
OSSL_QUIC_FRAME_STREAM shdr;
uint64_t orig_len;
OSSL_QTX_IOVEC iov[2];
size_t num_stream_iovec;
int valid;
};
static int txp_plan_stream_chunk(OSSL_QUIC_TX_PACKETISER *txp,
struct tx_helper *h,
QUIC_SSTREAM *sstream,
QUIC_TXFC *stream_txfc,
size_t skip,
struct chunk_info *chunk,
uint64_t consumed)
{
uint64_t fc_credit, fc_swm, fc_limit;
chunk->num_stream_iovec = OSSL_NELEM(chunk->iov);
chunk->valid = ossl_quic_sstream_get_stream_frame(sstream, skip,
&chunk->shdr,
chunk->iov,
&chunk->num_stream_iovec);
if (!chunk->valid)
return 1;
if (!ossl_assert(chunk->shdr.len > 0 || chunk->shdr.is_fin))
/* Should only have 0-length chunk if FIN */
return 0;
chunk->orig_len = chunk->shdr.len;
/* Clamp according to connection and stream-level TXFC. */
fc_credit = ossl_quic_txfc_get_credit(stream_txfc, consumed);
fc_swm = ossl_quic_txfc_get_swm(stream_txfc);
fc_limit = fc_swm + fc_credit;
if (chunk->shdr.len > 0 && chunk->shdr.offset + chunk->shdr.len > fc_limit) {
chunk->shdr.len = (fc_limit <= chunk->shdr.offset)
? 0
: fc_limit - chunk->shdr.offset;
chunk->shdr.is_fin = 0;
}
if (chunk->shdr.len == 0 && !chunk->shdr.is_fin) {
/*
* Nothing to do due to TXFC. Since SSTREAM returns chunks in ascending
* order of offset we don't need to check any later chunks, so stop
* iterating here.
*/
chunk->valid = 0;
return 1;
}
return 1;
}
/*
* Returns 0 on fatal error (e.g. allocation failure), 1 on success.
* *packet_full is set to 1 if there is no longer enough room for another STREAM
* frame.
*/
static int txp_generate_stream_frames(OSSL_QUIC_TX_PACKETISER *txp,
struct txp_pkt *pkt,
uint64_t id,
QUIC_SSTREAM *sstream,
QUIC_TXFC *stream_txfc,
QUIC_STREAM *next_stream,
int *have_ack_eliciting,
int *packet_full,
uint64_t *new_credit_consumed,
uint64_t conn_consumed)
{
int rc = 0;
struct chunk_info chunks[2] = { 0 };
const uint32_t enc_level = pkt->h.enc_level;
QUIC_TXPIM_PKT *tpkt = pkt->tpkt;
struct tx_helper *h = &pkt->h;
OSSL_QUIC_FRAME_STREAM *shdr;
WPACKET *wpkt;
QUIC_TXPIM_CHUNK chunk;
size_t i, j, space_left;
int can_fill_payload, use_explicit_len;
int could_have_following_chunk;
uint64_t orig_len;
uint64_t hdr_len_implicit, payload_len_implicit;
uint64_t hdr_len_explicit, payload_len_explicit;
uint64_t fc_swm, fc_new_hwm;
fc_swm = ossl_quic_txfc_get_swm(stream_txfc);
fc_new_hwm = fc_swm;
/*
* Load the first two chunks if any offered by the send stream. We retrieve
* the next chunk in advance so we can determine if we need to send any more
* chunks from the same stream after this one, which is needed when
* determining when we can use an implicit length in a STREAM frame.
*/
for (i = 0; i < 2; ++i) {
if (!txp_plan_stream_chunk(txp, h, sstream, stream_txfc, i, &chunks[i],
conn_consumed))
goto err;
if (i == 0 && !chunks[i].valid) {
/* No chunks, nothing to do. */
rc = 1;
goto err;
}
chunks[i].shdr.stream_id = id;
}
for (i = 0;; ++i) {
space_left = tx_helper_get_space_left(h);
if (!chunks[i % 2].valid) {
/* Out of chunks; we're done. */
rc = 1;
goto err;
}
if (space_left < MIN_FRAME_SIZE_STREAM) {
*packet_full = 1;
rc = 1;
goto err;
}
if (!ossl_assert(!h->done_implicit))
/*
* Logic below should have ensured we didn't append an
* implicit-length unless we filled the packet or didn't have
* another stream to handle, so this should not be possible.
*/
goto err;
shdr = &chunks[i % 2].shdr;
orig_len = chunks[i % 2].orig_len;
if (i > 0)
/* Load next chunk for lookahead. */
if (!txp_plan_stream_chunk(txp, h, sstream, stream_txfc, i + 1,
&chunks[(i + 1) % 2], conn_consumed))
goto err;
/*
* Find best fit (header length, payload length) combination for if we
* use an implicit length.
*/
shdr->has_explicit_len = 0;
hdr_len_implicit = payload_len_implicit = 0;
if (!determine_stream_len(h, shdr, space_left,
&hdr_len_implicit, &payload_len_implicit)) {
*packet_full = 1;
rc = 1;
goto err; /* can't fit anything */
}
/*
* If there is a next stream, we don't use the implicit length so we can
* add more STREAM frames after this one, unless there is enough data
* for this STREAM frame to fill the packet.
*/
can_fill_payload = (hdr_len_implicit + payload_len_implicit
>= space_left);
/*
* Is there is a stream after this one, or another chunk pending
* transmission in this stream?
*/
could_have_following_chunk
= (next_stream != NULL || chunks[(i + 1) % 2].valid);
/* Choose between explicit or implicit length representations. */
use_explicit_len = !((can_fill_payload || !could_have_following_chunk)
&& !pkt->force_pad);
if (use_explicit_len) {
/*
* Find best fit (header length, payload length) combination for if
* we use an explicit length.
*/
shdr->has_explicit_len = 1;
hdr_len_explicit = payload_len_explicit = 0;
if (!determine_stream_len(h, shdr, space_left,
&hdr_len_explicit, &payload_len_explicit)) {
*packet_full = 1;
rc = 1;
goto err; /* can't fit anything */
}
shdr->len = payload_len_explicit;
} else {
*packet_full = 1;
shdr->has_explicit_len = 0;
shdr->len = payload_len_implicit;
}
/* If this is a FIN, don't keep filling the packet with more FINs. */
if (shdr->is_fin)
chunks[(i + 1) % 2].valid = 0;
/*
* We are now committed to our length (shdr->len can't change).
* If we truncated the chunk, clear the FIN bit.
*/
if (shdr->len < orig_len)
shdr->is_fin = 0;
/* Truncate IOVs to match our chosen length. */
ossl_quic_sstream_adjust_iov((size_t)shdr->len, chunks[i % 2].iov,
chunks[i % 2].num_stream_iovec);
/*
* Ensure we have enough iovecs allocated (1 for the header, up to 2 for
* the stream data.)
*/
if (!txp_el_ensure_iovec(&txp->el[enc_level], h->num_iovec + 3))
goto err; /* alloc error */
/* Encode the header. */
wpkt = tx_helper_begin(h);
if (wpkt == NULL)
goto err; /* alloc error */
if (!ossl_assert(ossl_quic_wire_encode_frame_stream_hdr(wpkt, shdr))) {
/* (Should not be possible.) */
tx_helper_rollback(h);
*packet_full = 1;
rc = 1;
goto err; /* can't fit */
}
if (!tx_helper_commit(h))
goto err; /* alloc error */
/* Add payload iovecs to the helper (infallible). */
for (j = 0; j < chunks[i % 2].num_stream_iovec; ++j)
tx_helper_append_iovec(h, chunks[i % 2].iov[j].buf,
chunks[i % 2].iov[j].buf_len);
*have_ack_eliciting = 1;
tx_helper_unrestrict(h); /* no longer need PING */
if (!shdr->has_explicit_len)
h->done_implicit = 1;
/* Log new TXFC credit which was consumed. */
if (shdr->len > 0 && shdr->offset + shdr->len > fc_new_hwm)
fc_new_hwm = shdr->offset + shdr->len;
/* Log chunk to TXPIM. */
chunk.stream_id = shdr->stream_id;
chunk.start = shdr->offset;
chunk.end = shdr->offset + shdr->len - 1;
chunk.has_fin = shdr->is_fin;
chunk.has_stop_sending = 0;
chunk.has_reset_stream = 0;
if (!ossl_quic_txpim_pkt_append_chunk(tpkt, &chunk))
goto err; /* alloc error */
if (shdr->len < orig_len) {
/*
* If we did not serialize all of this chunk we definitely do not
* want to try the next chunk
*/
rc = 1;
goto err;
}
}
err:
*new_credit_consumed = fc_new_hwm - fc_swm;
return rc;
}
static void txp_enlink_tmp(QUIC_STREAM **tmp_head, QUIC_STREAM *stream)
{
stream->txp_next = *tmp_head;
*tmp_head = stream;
}
static int txp_generate_stream_related(OSSL_QUIC_TX_PACKETISER *txp,
struct txp_pkt *pkt,
int *have_ack_eliciting,
QUIC_STREAM **tmp_head)
{
QUIC_STREAM_ITER it;
WPACKET *wpkt;
uint64_t cwm;
QUIC_STREAM *stream, *snext;
struct tx_helper *h = &pkt->h;
uint64_t conn_consumed = 0;
for (ossl_quic_stream_iter_init(&it, txp->args.qsm, 1);
it.stream != NULL;) {
stream = it.stream;
ossl_quic_stream_iter_next(&it);
snext = it.stream;
stream->txp_sent_fc = 0;
stream->txp_sent_stop_sending = 0;
stream->txp_sent_reset_stream = 0;
stream->txp_blocked = 0;
stream->txp_txfc_new_credit_consumed = 0;
/* Stream Abort Frames (STOP_SENDING, RESET_STREAM) */
if (stream->want_stop_sending) {
OSSL_QUIC_FRAME_STOP_SENDING f;
wpkt = tx_helper_begin(h);
if (wpkt == NULL)
return 0; /* alloc error */
f.stream_id = stream->id;
f.app_error_code = stream->stop_sending_aec;
if (!ossl_quic_wire_encode_frame_stop_sending(wpkt, &f)) {
tx_helper_rollback(h); /* can't fit */
txp_enlink_tmp(tmp_head, stream);
break;
}
if (!tx_helper_commit(h))
return 0; /* alloc error */
*have_ack_eliciting = 1;
tx_helper_unrestrict(h); /* no longer need PING */
stream->txp_sent_stop_sending = 1;
}
if (stream->want_reset_stream) {
OSSL_QUIC_FRAME_RESET_STREAM f;
if (!ossl_assert(stream->send_state == QUIC_SSTREAM_STATE_RESET_SENT))
return 0;
wpkt = tx_helper_begin(h);
if (wpkt == NULL)
return 0; /* alloc error */
f.stream_id = stream->id;
f.app_error_code = stream->reset_stream_aec;
if (!ossl_quic_stream_send_get_final_size(stream, &f.final_size))
return 0; /* should not be possible */
if (!ossl_quic_wire_encode_frame_reset_stream(wpkt, &f)) {
tx_helper_rollback(h); /* can't fit */
txp_enlink_tmp(tmp_head, stream);
break;
}
if (!tx_helper_commit(h))
return 0; /* alloc error */
*have_ack_eliciting = 1;
tx_helper_unrestrict(h); /* no longer need PING */
stream->txp_sent_reset_stream = 1;
/*
* The final size of the stream as indicated by RESET_STREAM is used
* to ensure a consistent view of flow control state by both
* parties; if we happen to send a RESET_STREAM that consumes more
* flow control credit, make sure we account for that.
*/
if (!ossl_assert(f.final_size <= ossl_quic_txfc_get_swm(&stream->txfc)))
return 0;
stream->txp_txfc_new_credit_consumed
= f.final_size - ossl_quic_txfc_get_swm(&stream->txfc);
}
/*
* Stream Flow Control Frames (MAX_STREAM_DATA)
*
* RFC 9000 s. 13.3: "An endpoint SHOULD stop sending MAX_STREAM_DATA
* frames when the receiving part of the stream enters a "Size Known" or
* "Reset Recvd" state." -- In practice, RECV is the only state
* in which it makes sense to generate more MAX_STREAM_DATA frames.
*/
if (stream->recv_state == QUIC_RSTREAM_STATE_RECV
&& (stream->want_max_stream_data
|| ossl_quic_rxfc_has_cwm_changed(&stream->rxfc, 0))) {
wpkt = tx_helper_begin(h);
if (wpkt == NULL)
return 0; /* alloc error */
cwm = ossl_quic_rxfc_get_cwm(&stream->rxfc);
if (!ossl_quic_wire_encode_frame_max_stream_data(wpkt, stream->id,
cwm)) {
tx_helper_rollback(h); /* can't fit */
txp_enlink_tmp(tmp_head, stream);
break;
}
if (!tx_helper_commit(h))
return 0; /* alloc error */
*have_ack_eliciting = 1;
tx_helper_unrestrict(h); /* no longer need PING */
stream->txp_sent_fc = 1;
}
/*
* Stream Data Frames (STREAM)
*
* RFC 9000 s. 3.3: A sender MUST NOT send a STREAM [...] frame for a
* stream in the "Reset Sent" state [or any terminal state]. We don't
* send any more STREAM frames if we are sending, have sent, or are
* planning to send, RESET_STREAM. The other terminal state is Data
* Recvd, but txp_generate_stream_frames() is guaranteed to generate
* nothing in this case.
*/
if (ossl_quic_stream_has_send_buffer(stream)
&& !ossl_quic_stream_send_is_reset(stream)) {
int packet_full = 0;
if (!ossl_assert(!stream->want_reset_stream))
return 0;
if (!txp_generate_stream_frames(txp, pkt,
stream->id, stream->sstream,
&stream->txfc,
snext,
have_ack_eliciting,
&packet_full,
&stream->txp_txfc_new_credit_consumed,
conn_consumed)) {
/* Fatal error (allocation, etc.) */
txp_enlink_tmp(tmp_head, stream);
return 0;
}
conn_consumed += stream->txp_txfc_new_credit_consumed;
if (packet_full) {
txp_enlink_tmp(tmp_head, stream);
break;
}
}
txp_enlink_tmp(tmp_head, stream);
}
return 1;
}
static int txp_generate_for_el(OSSL_QUIC_TX_PACKETISER *txp,
struct txp_pkt *pkt,
int chosen_for_conn_close)
{
int rc = TXP_ERR_SUCCESS;
const uint32_t enc_level = pkt->h.enc_level;
const uint32_t pn_space = ossl_quic_enc_level_to_pn_space(enc_level);
int have_ack_eliciting = 0, done_pre_token = 0;
const struct archetype_data a = pkt->geom.adata;
/*
* Cleared if we encode any non-ACK-eliciting frame type which rules out the
* packet being a non-inflight frame. This means any non-ACK ACK-eliciting
* frame, even PADDING frames. ACK eliciting frames always cause a packet to
* become ineligible for non-inflight treatment so it is not necessary to
* clear this in cases where have_ack_eliciting is set, as it is ignored in
* that case.
*/
int can_be_non_inflight = 1;
QUIC_CFQ_ITEM *cfq_item;
QUIC_TXPIM_PKT *tpkt = NULL;
struct tx_helper *h = &pkt->h;
/* Maximum PN reached? */
if (!ossl_quic_pn_valid(txp->next_pn[pn_space]))
goto fatal_err;
if (!ossl_assert(pkt->tpkt == NULL))
goto fatal_err;
if ((pkt->tpkt = tpkt = ossl_quic_txpim_pkt_alloc(txp->args.txpim)) == NULL)
goto fatal_err;
/*
* Frame Serialization
* ===================
*
* We now serialize frames into the packet in descending order of priority.
*/
/* HANDSHAKE_DONE (Regenerate) */
if (a.allow_handshake_done && txp->want_handshake_done
&& tx_helper_get_space_left(h) >= MIN_FRAME_SIZE_HANDSHAKE_DONE) {
WPACKET *wpkt = tx_helper_begin(h);
if (wpkt == NULL)
goto fatal_err;
if (ossl_quic_wire_encode_frame_handshake_done(wpkt)) {
tpkt->had_handshake_done_frame = 1;
have_ack_eliciting = 1;
if (!tx_helper_commit(h))
goto fatal_err;
tx_helper_unrestrict(h); /* no longer need PING */
} else {
tx_helper_rollback(h);
}
}
/* MAX_DATA (Regenerate) */
if (a.allow_conn_fc
&& (txp->want_max_data
|| ossl_quic_rxfc_has_cwm_changed(txp->args.conn_rxfc, 0))
&& tx_helper_get_space_left(h) >= MIN_FRAME_SIZE_MAX_DATA) {
WPACKET *wpkt = tx_helper_begin(h);
uint64_t cwm = ossl_quic_rxfc_get_cwm(txp->args.conn_rxfc);
if (wpkt == NULL)
goto fatal_err;
if (ossl_quic_wire_encode_frame_max_data(wpkt, cwm)) {
tpkt->had_max_data_frame = 1;
have_ack_eliciting = 1;
if (!tx_helper_commit(h))
goto fatal_err;
tx_helper_unrestrict(h); /* no longer need PING */
} else {
tx_helper_rollback(h);
}
}
/* MAX_STREAMS_BIDI (Regenerate) */
if (a.allow_conn_fc
&& (txp->want_max_streams_bidi
|| ossl_quic_rxfc_has_cwm_changed(txp->args.max_streams_bidi_rxfc, 0))
&& tx_helper_get_space_left(h) >= MIN_FRAME_SIZE_MAX_STREAMS_BIDI) {
WPACKET *wpkt = tx_helper_begin(h);
uint64_t max_streams
= ossl_quic_rxfc_get_cwm(txp->args.max_streams_bidi_rxfc);
if (wpkt == NULL)
goto fatal_err;
if (ossl_quic_wire_encode_frame_max_streams(wpkt, /*is_uni=*/0,
max_streams)) {
tpkt->had_max_streams_bidi_frame = 1;
have_ack_eliciting = 1;
if (!tx_helper_commit(h))
goto fatal_err;
tx_helper_unrestrict(h); /* no longer need PING */
} else {
tx_helper_rollback(h);
}
}
/* MAX_STREAMS_UNI (Regenerate) */
if (a.allow_conn_fc
&& (txp->want_max_streams_uni
|| ossl_quic_rxfc_has_cwm_changed(txp->args.max_streams_uni_rxfc, 0))
&& tx_helper_get_space_left(h) >= MIN_FRAME_SIZE_MAX_STREAMS_UNI) {
WPACKET *wpkt = tx_helper_begin(h);
uint64_t max_streams
= ossl_quic_rxfc_get_cwm(txp->args.max_streams_uni_rxfc);
if (wpkt == NULL)
goto fatal_err;
if (ossl_quic_wire_encode_frame_max_streams(wpkt, /*is_uni=*/1,
max_streams)) {
tpkt->had_max_streams_uni_frame = 1;
have_ack_eliciting = 1;
if (!tx_helper_commit(h))
goto fatal_err;
tx_helper_unrestrict(h); /* no longer need PING */
} else {
tx_helper_rollback(h);
}
}
/* GCR Frames */
for (cfq_item = ossl_quic_cfq_get_priority_head(txp->args.cfq, pn_space);
cfq_item != NULL;
cfq_item = ossl_quic_cfq_item_get_priority_next(cfq_item, pn_space)) {
uint64_t frame_type = ossl_quic_cfq_item_get_frame_type(cfq_item);
const unsigned char *encoded = ossl_quic_cfq_item_get_encoded(cfq_item);
size_t encoded_len = ossl_quic_cfq_item_get_encoded_len(cfq_item);
switch (frame_type) {
case OSSL_QUIC_FRAME_TYPE_NEW_CONN_ID:
if (!a.allow_new_conn_id)
continue;
break;
case OSSL_QUIC_FRAME_TYPE_RETIRE_CONN_ID:
if (!a.allow_retire_conn_id)
continue;
break;
case OSSL_QUIC_FRAME_TYPE_NEW_TOKEN:
if (!a.allow_new_token)
continue;
/*
* NEW_TOKEN frames are handled via GCR, but some
* Regenerate-strategy frames should come before them (namely
* ACK, CONNECTION_CLOSE, PATH_CHALLENGE and PATH_RESPONSE). If
* we find a NEW_TOKEN frame, do these now. If there are no
* NEW_TOKEN frames in the GCR queue we will handle these below.
*/
if (!done_pre_token)
if (txp_generate_pre_token(txp, pkt,
chosen_for_conn_close,
&can_be_non_inflight))
done_pre_token = 1;
break;
case OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE:
if (!a.allow_path_response)
continue;
/*
* RFC 9000 s. 8.2.2: An endpoint MUST expand datagrams that
* contain a PATH_RESPONSE frame to at least the smallest
* allowed maximum datagram size of 1200 bytes.
*/
pkt->force_pad = 1;
break;
default:
if (!a.allow_cfq_other)
continue;
break;
}
/*
* If the frame is too big, don't try to schedule any more GCR frames in
* this packet rather than sending subsequent ones out of order.
*/
if (encoded_len > tx_helper_get_space_left(h))
break;
if (!tx_helper_append_iovec(h, encoded, encoded_len))
goto fatal_err;
ossl_quic_txpim_pkt_add_cfq_item(tpkt, cfq_item);
if (ossl_quic_frame_type_is_ack_eliciting(frame_type)) {
have_ack_eliciting = 1;
tx_helper_unrestrict(h); /* no longer need PING */
}
}
/*
* If we didn't generate ACK, CONNECTION_CLOSE, PATH_CHALLENGE or
* PATH_RESPONSE (as desired) before, do so now.
*/
if (!done_pre_token)
if (txp_generate_pre_token(txp, pkt,
chosen_for_conn_close,
&can_be_non_inflight))
done_pre_token = 1;
/* CRYPTO Frames */
if (a.allow_crypto)
if (!txp_generate_crypto_frames(txp, pkt, &have_ack_eliciting))
goto fatal_err;
/* Stream-specific frames */
if (a.allow_stream_rel && txp->handshake_complete)
if (!txp_generate_stream_related(txp, pkt,
&have_ack_eliciting,
&pkt->stream_head))
goto fatal_err;
/* PING */
tx_helper_unrestrict(h);
if (!have_ack_eliciting && txp_need_ping(txp, pn_space, &a)) {
WPACKET *wpkt;
assert(h->reserve > 0);
wpkt = tx_helper_begin(h);
if (wpkt == NULL)
goto fatal_err;
if (!ossl_quic_wire_encode_frame_ping(wpkt)
|| !tx_helper_commit(h))
/*
* We treat a request to be ACK-eliciting as a requirement, so this
* is an error.
*/
goto fatal_err;
have_ack_eliciting = 1;
}
/* PADDING is added by ossl_quic_tx_packetiser_generate(). */
/*
* ACKM Data
* =========
*/
if (have_ack_eliciting)
can_be_non_inflight = 0;
/* ACKM Data */
tpkt->ackm_pkt.num_bytes = h->bytes_appended + pkt->geom.pkt_overhead;
tpkt->ackm_pkt.pkt_num = txp->next_pn[pn_space];
/* largest_acked is set in txp_generate_pre_token */
tpkt->ackm_pkt.pkt_space = pn_space;
tpkt->ackm_pkt.is_inflight = !can_be_non_inflight;
tpkt->ackm_pkt.is_ack_eliciting = have_ack_eliciting;
tpkt->ackm_pkt.is_pto_probe = 0;
tpkt->ackm_pkt.is_mtu_probe = 0;
tpkt->ackm_pkt.time = txp->args.now(txp->args.now_arg);
tpkt->pkt_type = pkt->phdr.type;
/* Done. */
return rc;
fatal_err:
/*
* Handler for fatal errors, i.e. errors causing us to abort the entire
* packet rather than just one frame. Examples of such errors include
* allocation errors.
*/
if (tpkt != NULL) {
ossl_quic_txpim_pkt_release(txp->args.txpim, tpkt);
pkt->tpkt = NULL;
}
return TXP_ERR_INTERNAL;
}
/*
* Commits and queues a packet for transmission. There is no backing out after
* this.
*
* This:
*
* - Sends the packet to the QTX for encryption and transmission;
*
* - Records the packet as having been transmitted in FIFM. ACKM is informed,
* etc. and the TXPIM record is filed.
*
* - Informs various subsystems of frames that were sent and clears frame
* wanted flags so that we do not generate the same frames again.
*
* Assumptions:
*
* - pkt is a txp_pkt for the correct EL;
*
* - pkt->tpkt is valid;
*
* - pkt->tpkt->ackm_pkt has been fully filled in;
*
* - Stream chunk records have been appended to pkt->tpkt for STREAM and
* CRYPTO frames, but not for RESET_STREAM or STOP_SENDING frames;
*
* - The chosen stream list for the packet can be fully walked from
* pkt->stream_head using stream->txp_next;
*
* - pkt->has_ack_eliciting is set correctly.
*
*/
static int txp_pkt_commit(OSSL_QUIC_TX_PACKETISER *txp,
struct txp_pkt *pkt,
uint32_t archetype,
int *txpim_pkt_reffed)
{
int rc = 1;
uint32_t enc_level = pkt->h.enc_level;
uint32_t pn_space = ossl_quic_enc_level_to_pn_space(enc_level);
QUIC_TXPIM_PKT *tpkt = pkt->tpkt;
QUIC_STREAM *stream;
OSSL_QTX_PKT txpkt;
struct archetype_data a;
*txpim_pkt_reffed = 0;
/* Cannot send a packet with an empty payload. */
if (pkt->h.bytes_appended == 0)
return 0;
if (!txp_get_archetype_data(enc_level, archetype, &a))
return 0;
/* Packet Information for QTX */
txpkt.hdr = &pkt->phdr;
txpkt.iovec = txp->el[enc_level].iovec;
txpkt.num_iovec = pkt->h.num_iovec;
txpkt.local = NULL;
txpkt.peer = BIO_ADDR_family(&txp->args.peer) == AF_UNSPEC
? NULL
: &txp->args.peer;
txpkt.pn = txp->next_pn[pn_space];
txpkt.flags = OSSL_QTX_PKT_FLAG_COALESCE; /* always try to coalesce */
/* Generate TXPIM chunks representing STOP_SENDING and RESET_STREAM frames. */
for (stream = pkt->stream_head; stream != NULL; stream = stream->txp_next)
if (stream->txp_sent_stop_sending || stream->txp_sent_reset_stream) {
/* Log STOP_SENDING/RESET_STREAM chunk to TXPIM. */
QUIC_TXPIM_CHUNK chunk;
chunk.stream_id = stream->id;
chunk.start = UINT64_MAX;
chunk.end = 0;
chunk.has_fin = 0;
chunk.has_stop_sending = stream->txp_sent_stop_sending;
chunk.has_reset_stream = stream->txp_sent_reset_stream;
if (!ossl_quic_txpim_pkt_append_chunk(tpkt, &chunk))
return 0; /* alloc error */
}
/* Dispatch to FIFD. */
if (!ossl_quic_fifd_pkt_commit(&txp->fifd, tpkt))
return 0;
/*
* Transmission and Post-Packet Generation Bookkeeping
* ===================================================
*
* No backing out anymore - at this point the ACKM has recorded the packet
* as having been sent, so we need to increment our next PN counter, or
* the ACKM will complain when we try to record a duplicate packet with
* the same PN later. At this point actually sending the packet may still
* fail. In this unlikely event it will simply be handled as though it
* were a lost packet.
*/
++txp->next_pn[pn_space];
*txpim_pkt_reffed = 1;
/* Send the packet. */
if (!ossl_qtx_write_pkt(txp->args.qtx, &txpkt))
return 0;
/*
* Record FC and stream abort frames as sent; deactivate streams which no
* longer have anything to do.
*/
for (stream = pkt->stream_head; stream != NULL; stream = stream->txp_next) {
if (stream->txp_sent_fc) {
stream->want_max_stream_data = 0;
ossl_quic_rxfc_has_cwm_changed(&stream->rxfc, 1);
}
if (stream->txp_sent_stop_sending)
stream->want_stop_sending = 0;
if (stream->txp_sent_reset_stream)
stream->want_reset_stream = 0;
if (stream->txp_txfc_new_credit_consumed > 0) {
if (!ossl_assert(ossl_quic_txfc_consume_credit(&stream->txfc,
stream->txp_txfc_new_credit_consumed)))
/*
* Should not be possible, but we should continue with our
* bookkeeping as we have already committed the packet to the
* FIFD. Just change the value we return.
*/
rc = 0;
stream->txp_txfc_new_credit_consumed = 0;
}
/*
* If we no longer need to generate any flow control (MAX_STREAM_DATA),
* STOP_SENDING or RESET_STREAM frames, nor any STREAM frames (because
* the stream is drained of data or TXFC-blocked), we can mark the
* stream as inactive.
*/
ossl_quic_stream_map_update_state(txp->args.qsm, stream);
if (ossl_quic_stream_has_send_buffer(stream)
&& !ossl_quic_sstream_has_pending(stream->sstream)
&& ossl_quic_sstream_get_final_size(stream->sstream, NULL))
/*
* Transition to DATA_SENT if stream has a final size and we have
* sent all data.
*/
ossl_quic_stream_map_notify_all_data_sent(txp->args.qsm, stream);
}
/* We have now sent the packet, so update state accordingly. */
if (tpkt->ackm_pkt.is_ack_eliciting)
txp->force_ack_eliciting &= ~(1UL << pn_space);
if (tpkt->had_handshake_done_frame)
txp->want_handshake_done = 0;
if (tpkt->had_max_data_frame) {
txp->want_max_data = 0;
ossl_quic_rxfc_has_cwm_changed(txp->args.conn_rxfc, 1);
}
if (tpkt->had_max_streams_bidi_frame) {
txp->want_max_streams_bidi = 0;
ossl_quic_rxfc_has_cwm_changed(txp->args.max_streams_bidi_rxfc, 1);
}
if (tpkt->had_max_streams_uni_frame) {
txp->want_max_streams_uni = 0;
ossl_quic_rxfc_has_cwm_changed(txp->args.max_streams_uni_rxfc, 1);
}
if (tpkt->had_ack_frame)
txp->want_ack &= ~(1UL << pn_space);
if (tpkt->had_conn_close)
txp->want_conn_close = 0;
/*
* Decrement probe request counts if we have sent a packet that meets
* the requirement of a probe, namely being ACK-eliciting.
*/
if (tpkt->ackm_pkt.is_ack_eliciting) {
OSSL_ACKM_PROBE_INFO *probe_info
= ossl_ackm_get0_probe_request(txp->args.ackm);
if (enc_level == QUIC_ENC_LEVEL_INITIAL
&& probe_info->anti_deadlock_initial > 0)
--probe_info->anti_deadlock_initial;
if (enc_level == QUIC_ENC_LEVEL_HANDSHAKE
&& probe_info->anti_deadlock_handshake > 0)
--probe_info->anti_deadlock_handshake;
if (a.allow_force_ack_eliciting /* (i.e., not for 0-RTT) */
&& probe_info->pto[pn_space] > 0)
--probe_info->pto[pn_space];
}
return rc;
}
/* Ensure the iovec array is at least num elements long. */
static int txp_el_ensure_iovec(struct txp_el *el, size_t num)
{
OSSL_QTX_IOVEC *iovec;
if (el->alloc_iovec >= num)
return 1;
num = el->alloc_iovec != 0 ? el->alloc_iovec * 2 : 8;
iovec = OPENSSL_realloc_array(el->iovec, num, sizeof(OSSL_QTX_IOVEC));
if (iovec == NULL)
return 0;
el->iovec = iovec;
el->alloc_iovec = num;
return 1;
}
int ossl_quic_tx_packetiser_schedule_conn_close(OSSL_QUIC_TX_PACKETISER *txp,
const OSSL_QUIC_FRAME_CONN_CLOSE *f)
{
char *reason = NULL;
size_t reason_len = f->reason_len;
size_t max_reason_len = txp_get_mdpl(txp) / 2;
if (txp->want_conn_close)
return 0;
/*
* Arbitrarily limit the length of the reason length string to half of the
* MDPL.
*/
if (reason_len > max_reason_len)
reason_len = max_reason_len;
if (reason_len > 0) {
reason = OPENSSL_memdup(f->reason, reason_len);
if (reason == NULL)
return 0;
}
txp->conn_close_frame = *f;
txp->conn_close_frame.reason = reason;
txp->conn_close_frame.reason_len = reason_len;
txp->want_conn_close = 1;
return 1;
}
void ossl_quic_tx_packetiser_set_msg_callback(OSSL_QUIC_TX_PACKETISER *txp,
ossl_msg_cb msg_callback,
SSL *msg_callback_ssl)
{
txp->msg_callback = msg_callback;
txp->msg_callback_ssl = msg_callback_ssl;
}
void ossl_quic_tx_packetiser_set_msg_callback_arg(OSSL_QUIC_TX_PACKETISER *txp,
void *msg_callback_arg)
{
txp->msg_callback_arg = msg_callback_arg;
}
QUIC_PN ossl_quic_tx_packetiser_get_next_pn(OSSL_QUIC_TX_PACKETISER *txp,
uint32_t pn_space)
{
if (pn_space >= QUIC_PN_SPACE_NUM)
return UINT64_MAX;
return txp->next_pn[pn_space];
}
OSSL_TIME ossl_quic_tx_packetiser_get_deadline(OSSL_QUIC_TX_PACKETISER *txp)
{
/*
* TXP-specific deadline computations which rely on TXP innards. This is in
* turn relied on by the QUIC_CHANNEL code to determine the channel event
* handling deadline.
*/
OSSL_TIME deadline = ossl_time_infinite();
uint32_t enc_level, pn_space;
/*
* ACK generation is not CC-gated - packets containing only ACKs are allowed
* to bypass CC. We want to generate ACK frames even if we are currently
* restricted by CC so the peer knows we have received data. The generate
* call will take care of selecting the correct packet archetype.
*/
for (enc_level = QUIC_ENC_LEVEL_INITIAL;
enc_level < QUIC_ENC_LEVEL_NUM;
++enc_level)
if (ossl_qtx_is_enc_level_provisioned(txp->args.qtx, enc_level)) {
pn_space = ossl_quic_enc_level_to_pn_space(enc_level);
deadline = ossl_time_min(deadline,
ossl_ackm_get_ack_deadline(txp->args.ackm, pn_space));
}
/* When will CC let us send more? */
if (txp->args.cc_method->get_tx_allowance(txp->args.cc_data) == 0)
deadline = ossl_time_min(deadline,
txp->args.cc_method->get_wakeup_deadline(txp->args.cc_data));
return deadline;
}