2018-11-20 17:51:25 -05:00
package quic
import (
2018-11-23 11:04:53 -05:00
"bytes"
2018-11-20 17:51:25 -05:00
"crypto/tls"
"errors"
"fmt"
"io"
"net"
"sync"
2019-01-14 14:52:10 -05:00
"sync/atomic"
2018-11-20 17:51:25 -05:00
"time"
2019-01-17 09:33:18 -05:00
"v2ray.com/core/external/github.com/lucas-clemente/quic-go/internal/handshake"
"v2ray.com/core/external/github.com/lucas-clemente/quic-go/internal/protocol"
"v2ray.com/core/external/github.com/lucas-clemente/quic-go/internal/qerr"
"v2ray.com/core/external/github.com/lucas-clemente/quic-go/internal/utils"
"v2ray.com/core/external/github.com/lucas-clemente/quic-go/internal/wire"
2018-11-20 17:51:25 -05:00
)
// packetHandler handles packets
type packetHandler interface {
handlePacket ( * receivedPacket )
io . Closer
destroy ( error )
GetPerspective ( ) protocol . Perspective
}
type unknownPacketHandler interface {
handlePacket ( * receivedPacket )
closeWithError ( error ) error
}
type packetHandlerManager interface {
Add ( protocol . ConnectionID , packetHandler )
2018-11-23 11:04:53 -05:00
Retire ( protocol . ConnectionID )
2018-11-20 17:51:25 -05:00
Remove ( protocol . ConnectionID )
2018-11-23 11:04:53 -05:00
SetServer ( unknownPacketHandler )
2018-11-20 17:51:25 -05:00
CloseServer ( )
}
type quicSession interface {
Session
handlePacket ( * receivedPacket )
GetVersion ( ) protocol . VersionNumber
run ( ) error
destroy ( error )
2019-01-02 07:01:06 -05:00
closeForRecreating ( ) protocol . PacketNumber
2018-11-20 17:51:25 -05:00
closeRemote ( error )
}
type sessionRunner interface {
onHandshakeComplete ( Session )
2018-11-23 11:04:53 -05:00
retireConnectionID ( protocol . ConnectionID )
2018-11-20 17:51:25 -05:00
removeConnectionID ( protocol . ConnectionID )
}
type runner struct {
onHandshakeCompleteImpl func ( Session )
2018-11-23 11:04:53 -05:00
retireConnectionIDImpl func ( protocol . ConnectionID )
2018-11-20 17:51:25 -05:00
removeConnectionIDImpl func ( protocol . ConnectionID )
}
func ( r * runner ) onHandshakeComplete ( s Session ) { r . onHandshakeCompleteImpl ( s ) }
2018-11-23 11:04:53 -05:00
func ( r * runner ) retireConnectionID ( c protocol . ConnectionID ) { r . retireConnectionIDImpl ( c ) }
2018-11-20 17:51:25 -05:00
func ( r * runner ) removeConnectionID ( c protocol . ConnectionID ) { r . removeConnectionIDImpl ( c ) }
var _ sessionRunner = & runner { }
// A Listener of QUIC
type server struct {
mutex sync . Mutex
tlsConf * tls . Config
config * Config
conn net . PacketConn
// If the server is started with ListenAddr, we create a packet conn.
// If it is started with Listen, we take a packet conn as a parameter.
createdPacketConn bool
2018-11-23 11:04:53 -05:00
cookieGenerator * handshake . CookieGenerator
2018-11-20 17:51:25 -05:00
sessionHandler packetHandlerManager
2018-11-23 11:04:53 -05:00
// set as a member, so they can be set in the tests
newSession func ( connection , sessionRunner , protocol . ConnectionID /* original connection ID */ , protocol . ConnectionID /* destination connection ID */ , protocol . ConnectionID /* source connection ID */ , * Config , * tls . Config , * handshake . TransportParameters , utils . Logger , protocol . VersionNumber ) ( quicSession , error )
2018-11-20 17:51:25 -05:00
serverError error
errorChan chan struct { }
closed bool
2019-01-14 14:52:10 -05:00
sessionQueue chan Session
sessionQueueLen int32 // to be used as an atomic
2018-11-20 17:51:25 -05:00
sessionRunner sessionRunner
logger utils . Logger
}
var _ Listener = & server { }
var _ unknownPacketHandler = & server { }
// ListenAddr creates a QUIC server listening on a given address.
2018-11-27 09:29:03 -05:00
// The tls.Config must not be nil and must contain a certificate configuration.
// The quic.Config may be nil, in that case the default values will be used.
2018-11-20 17:51:25 -05:00
func ListenAddr ( addr string , tlsConf * tls . Config , config * Config ) ( Listener , error ) {
udpAddr , err := net . ResolveUDPAddr ( "udp" , addr )
if err != nil {
return nil , err
}
conn , err := net . ListenUDP ( "udp" , udpAddr )
if err != nil {
return nil , err
}
serv , err := listen ( conn , tlsConf , config )
if err != nil {
return nil , err
}
serv . createdPacketConn = true
return serv , nil
}
// Listen listens for QUIC connections on a given net.PacketConn.
2018-11-27 09:29:03 -05:00
// A single PacketConn only be used for a single call to Listen.
// The PacketConn can be used for simultaneous calls to Dial.
// QUIC connection IDs are used for demultiplexing the different connections.
// The tls.Config must not be nil and must contain a certificate configuration.
// The quic.Config may be nil, in that case the default values will be used.
2018-11-20 17:51:25 -05:00
func Listen ( conn net . PacketConn , tlsConf * tls . Config , config * Config ) ( Listener , error ) {
return listen ( conn , tlsConf , config )
}
func listen ( conn net . PacketConn , tlsConf * tls . Config , config * Config ) ( * server , error ) {
2018-11-30 08:41:11 -05:00
// TODO(#1655): only require that tls.Config.Certificates or tls.Config.GetCertificate is set
if tlsConf == nil || len ( tlsConf . Certificates ) == 0 {
return nil , errors . New ( "quic: Certificates not set in tls.Config" )
}
2018-11-20 17:51:25 -05:00
config = populateServerConfig ( config )
for _ , v := range config . Versions {
if ! protocol . IsValidVersion ( v ) {
return nil , fmt . Errorf ( "%s is not a valid QUIC version" , v )
}
}
sessionHandler , err := getMultiplexer ( ) . AddConn ( conn , config . ConnectionIDLength )
if err != nil {
return nil , err
}
s := & server {
conn : conn ,
tlsConf : tlsConf ,
config : config ,
sessionHandler : sessionHandler ,
2019-01-14 14:52:10 -05:00
sessionQueue : make ( chan Session ) ,
2018-11-20 17:51:25 -05:00
errorChan : make ( chan struct { } ) ,
2018-11-23 11:04:53 -05:00
newSession : newSession ,
2018-11-20 17:51:25 -05:00
logger : utils . DefaultLogger . WithPrefix ( "server" ) ,
}
2018-11-23 11:04:53 -05:00
if err := s . setup ( ) ; err != nil {
return nil , err
2018-11-20 17:51:25 -05:00
}
sessionHandler . SetServer ( s )
s . logger . Debugf ( "Listening for %s connections on %s" , conn . LocalAddr ( ) . Network ( ) , conn . LocalAddr ( ) . String ( ) )
return s , nil
}
2018-11-23 11:04:53 -05:00
func ( s * server ) setup ( ) error {
2018-11-20 17:51:25 -05:00
s . sessionRunner = & runner {
2019-01-14 14:52:10 -05:00
onHandshakeCompleteImpl : func ( sess Session ) {
go func ( ) {
atomic . AddInt32 ( & s . sessionQueueLen , 1 )
defer atomic . AddInt32 ( & s . sessionQueueLen , - 1 )
select {
case s . sessionQueue <- sess :
// blocks until the session is accepted
case <- sess . Context ( ) . Done ( ) :
// don't pass sessions that were already closed to Accept()
}
} ( )
} ,
retireConnectionIDImpl : s . sessionHandler . Retire ,
removeConnectionIDImpl : s . sessionHandler . Remove ,
2018-11-20 17:51:25 -05:00
}
2018-11-23 11:04:53 -05:00
cookieGenerator , err := handshake . NewCookieGenerator ( )
2018-11-20 17:51:25 -05:00
if err != nil {
return err
}
2018-11-23 11:04:53 -05:00
s . cookieGenerator = cookieGenerator
2018-11-20 17:51:25 -05:00
return nil
}
var defaultAcceptCookie = func ( clientAddr net . Addr , cookie * Cookie ) bool {
if cookie == nil {
return false
}
if time . Now ( ) . After ( cookie . SentTime . Add ( protocol . CookieExpiryTime ) ) {
return false
}
var sourceAddr string
if udpAddr , ok := clientAddr . ( * net . UDPAddr ) ; ok {
sourceAddr = udpAddr . IP . String ( )
} else {
sourceAddr = clientAddr . String ( )
}
return sourceAddr == cookie . RemoteAddr
}
// populateServerConfig populates fields in the quic.Config with their default values, if none are set
// it may be called with nil
func populateServerConfig ( config * Config ) * Config {
if config == nil {
config = & Config { }
}
versions := config . Versions
if len ( versions ) == 0 {
versions = protocol . SupportedVersions
}
vsa := defaultAcceptCookie
if config . AcceptCookie != nil {
vsa = config . AcceptCookie
}
handshakeTimeout := protocol . DefaultHandshakeTimeout
if config . HandshakeTimeout != 0 {
handshakeTimeout = config . HandshakeTimeout
}
idleTimeout := protocol . DefaultIdleTimeout
if config . IdleTimeout != 0 {
idleTimeout = config . IdleTimeout
}
maxReceiveStreamFlowControlWindow := config . MaxReceiveStreamFlowControlWindow
if maxReceiveStreamFlowControlWindow == 0 {
2018-11-23 11:04:53 -05:00
maxReceiveStreamFlowControlWindow = protocol . DefaultMaxReceiveStreamFlowControlWindow
2018-11-20 17:51:25 -05:00
}
maxReceiveConnectionFlowControlWindow := config . MaxReceiveConnectionFlowControlWindow
if maxReceiveConnectionFlowControlWindow == 0 {
2018-11-23 11:04:53 -05:00
maxReceiveConnectionFlowControlWindow = protocol . DefaultMaxReceiveConnectionFlowControlWindow
2018-11-20 17:51:25 -05:00
}
maxIncomingStreams := config . MaxIncomingStreams
if maxIncomingStreams == 0 {
maxIncomingStreams = protocol . DefaultMaxIncomingStreams
} else if maxIncomingStreams < 0 {
maxIncomingStreams = 0
}
maxIncomingUniStreams := config . MaxIncomingUniStreams
if maxIncomingUniStreams == 0 {
maxIncomingUniStreams = protocol . DefaultMaxIncomingUniStreams
} else if maxIncomingUniStreams < 0 {
maxIncomingUniStreams = 0
}
connIDLen := config . ConnectionIDLength
if connIDLen == 0 {
connIDLen = protocol . DefaultConnectionIDLength
}
return & Config {
Versions : versions ,
HandshakeTimeout : handshakeTimeout ,
IdleTimeout : idleTimeout ,
AcceptCookie : vsa ,
KeepAlive : config . KeepAlive ,
MaxReceiveStreamFlowControlWindow : maxReceiveStreamFlowControlWindow ,
MaxReceiveConnectionFlowControlWindow : maxReceiveConnectionFlowControlWindow ,
MaxIncomingStreams : maxIncomingStreams ,
MaxIncomingUniStreams : maxIncomingUniStreams ,
ConnectionIDLength : connIDLen ,
}
}
// Accept returns newly openend sessions
func ( s * server ) Accept ( ) ( Session , error ) {
var sess Session
select {
case sess = <- s . sessionQueue :
return sess , nil
case <- s . errorChan :
return nil , s . serverError
}
}
// Close the server
func ( s * server ) Close ( ) error {
s . mutex . Lock ( )
defer s . mutex . Unlock ( )
if s . closed {
return nil
}
return s . closeWithMutex ( )
}
func ( s * server ) closeWithMutex ( ) error {
s . sessionHandler . CloseServer ( )
if s . serverError == nil {
s . serverError = errors . New ( "server closed" )
}
var err error
// If the server was started with ListenAddr, we created the packet conn.
// We need to close it in order to make the go routine reading from that conn return.
if s . createdPacketConn {
err = s . conn . Close ( )
}
s . closed = true
close ( s . errorChan )
return err
}
func ( s * server ) closeWithError ( e error ) error {
s . mutex . Lock ( )
defer s . mutex . Unlock ( )
if s . closed {
return nil
}
s . serverError = e
return s . closeWithMutex ( )
}
// Addr returns the server's network address
func ( s * server ) Addr ( ) net . Addr {
return s . conn . LocalAddr ( )
}
func ( s * server ) handlePacket ( p * receivedPacket ) {
2018-11-27 09:29:03 -05:00
hdr := p . hdr
2018-11-20 17:51:25 -05:00
2018-11-23 11:04:53 -05:00
// send a Version Negotiation Packet if the client is speaking a different protocol version
if ! protocol . IsSupportedVersion ( s . config . Versions , hdr . Version ) {
2018-11-27 09:29:03 -05:00
go s . sendVersionNegotiationPacket ( p )
return
2018-11-20 17:51:25 -05:00
}
2018-11-23 11:04:53 -05:00
if hdr . Type == protocol . PacketTypeInitial {
go s . handleInitial ( p )
2019-01-02 07:01:06 -05:00
return
2018-11-20 17:51:25 -05:00
}
2019-01-02 07:01:06 -05:00
2018-11-23 11:04:53 -05:00
// TODO(#943): send Stateless Reset
2019-01-02 07:01:06 -05:00
p . buffer . Release ( )
2018-11-23 11:04:53 -05:00
}
2018-11-20 17:51:25 -05:00
2018-11-23 11:04:53 -05:00
func ( s * server ) handleInitial ( p * receivedPacket ) {
s . logger . Debugf ( "<- Received Initial packet." )
sess , connID , err := s . handleInitialImpl ( p )
if err != nil {
2019-01-02 07:01:06 -05:00
p . buffer . Release ( )
2018-11-23 11:04:53 -05:00
s . logger . Errorf ( "Error occurred handling initial packet: %s" , err )
return
}
2019-01-14 14:52:10 -05:00
if sess == nil { // a retry was done, or the connection attempt was rejected
2019-01-02 07:01:06 -05:00
p . buffer . Release ( )
2018-11-23 11:04:53 -05:00
return
2018-11-20 17:51:25 -05:00
}
2019-01-02 07:01:06 -05:00
// Don't put the packet buffer back if a new session was created.
// The session will handle the packet and take of that.
2018-11-23 11:04:53 -05:00
serverSession := newServerSession ( sess , s . config , s . logger )
s . sessionHandler . Add ( connID , serverSession )
}
2018-11-20 17:51:25 -05:00
2018-11-23 11:04:53 -05:00
func ( s * server ) handleInitialImpl ( p * receivedPacket ) ( quicSession , protocol . ConnectionID , error ) {
2018-11-27 09:29:03 -05:00
hdr := p . hdr
2018-11-23 11:04:53 -05:00
if len ( hdr . Token ) == 0 && hdr . DestConnectionID . Len ( ) < protocol . MinConnectionIDLenInitial {
return nil , nil , errors . New ( "dropping Initial packet with too short connection ID" )
}
2018-11-27 09:29:03 -05:00
if len ( p . data ) < protocol . MinInitialPacketSize {
2018-11-23 11:04:53 -05:00
return nil , nil , errors . New ( "dropping too small Initial packet" )
2018-11-20 17:51:25 -05:00
}
2018-11-23 11:04:53 -05:00
var cookie * Cookie
var origDestConnectionID protocol . ConnectionID
if len ( hdr . Token ) > 0 {
c , err := s . cookieGenerator . DecodeToken ( hdr . Token )
if err == nil {
cookie = & Cookie {
RemoteAddr : c . RemoteAddr ,
SentTime : c . SentTime ,
}
origDestConnectionID = c . OriginalDestConnectionID
}
}
if ! s . config . AcceptCookie ( p . remoteAddr , cookie ) {
// Log the Initial packet now.
// If no Retry is sent, the packet will be logged by the session.
2018-11-27 09:29:03 -05:00
( & wire . ExtendedHeader { Header : * p . hdr } ) . Log ( s . logger )
2018-11-23 11:04:53 -05:00
return nil , nil , s . sendRetry ( p . remoteAddr , hdr )
}
2019-01-14 14:52:10 -05:00
if queueLen := atomic . LoadInt32 ( & s . sessionQueueLen ) ; queueLen >= protocol . MaxAcceptQueueSize {
s . logger . Debugf ( "Rejecting new connection. Server currently busy. Accept queue length: %d (max %d)" , queueLen , protocol . MaxAcceptQueueSize )
return nil , nil , s . sendServerBusy ( p . remoteAddr , hdr )
}
2018-11-23 11:04:53 -05:00
connID , err := protocol . GenerateConnectionID ( s . config . ConnectionIDLength )
if err != nil {
return nil , nil , err
}
s . logger . Debugf ( "Changing connection ID to %s." , connID )
sess , err := s . createNewSession (
p . remoteAddr ,
origDestConnectionID ,
hdr . DestConnectionID ,
hdr . SrcConnectionID ,
connID ,
hdr . Version ,
)
if err != nil {
return nil , nil , err
}
sess . handlePacket ( p )
return sess , connID , nil
}
func ( s * server ) createNewSession (
remoteAddr net . Addr ,
origDestConnID protocol . ConnectionID ,
clientDestConnID protocol . ConnectionID ,
destConnID protocol . ConnectionID ,
srcConnID protocol . ConnectionID ,
version protocol . VersionNumber ,
) ( quicSession , error ) {
params := & handshake . TransportParameters {
InitialMaxStreamDataBidiLocal : protocol . InitialMaxStreamData ,
InitialMaxStreamDataBidiRemote : protocol . InitialMaxStreamData ,
InitialMaxStreamDataUni : protocol . InitialMaxStreamData ,
InitialMaxData : protocol . InitialMaxData ,
IdleTimeout : s . config . IdleTimeout ,
MaxBidiStreams : uint64 ( s . config . MaxIncomingStreams ) ,
MaxUniStreams : uint64 ( s . config . MaxIncomingUniStreams ) ,
DisableMigration : true ,
// TODO(#855): generate a real token
StatelessResetToken : bytes . Repeat ( [ ] byte { 42 } , 16 ) ,
OriginalConnectionID : origDestConnID ,
2018-11-20 17:51:25 -05:00
}
sess , err := s . newSession (
2018-11-23 11:04:53 -05:00
& conn { pconn : s . conn , currentAddr : remoteAddr } ,
2018-11-20 17:51:25 -05:00
s . sessionRunner ,
2018-11-23 11:04:53 -05:00
clientDestConnID ,
2018-11-20 17:51:25 -05:00
destConnID ,
srcConnID ,
s . config ,
2018-11-23 11:04:53 -05:00
s . tlsConf ,
params ,
2018-11-20 17:51:25 -05:00
s . logger ,
2018-11-23 11:04:53 -05:00
version ,
2018-11-20 17:51:25 -05:00
)
if err != nil {
2018-11-23 11:04:53 -05:00
return nil , err
2018-11-20 17:51:25 -05:00
}
go sess . run ( )
2018-11-23 11:04:53 -05:00
return sess , nil
}
func ( s * server ) sendRetry ( remoteAddr net . Addr , hdr * wire . Header ) error {
token , err := s . cookieGenerator . NewToken ( remoteAddr , hdr . DestConnectionID )
if err != nil {
return err
}
connID , err := protocol . GenerateConnectionID ( s . config . ConnectionIDLength )
if err != nil {
return err
}
2018-11-27 09:29:03 -05:00
replyHdr := & wire . ExtendedHeader { }
replyHdr . IsLongHeader = true
replyHdr . Type = protocol . PacketTypeRetry
replyHdr . Version = hdr . Version
replyHdr . SrcConnectionID = connID
replyHdr . DestConnectionID = hdr . SrcConnectionID
replyHdr . OrigDestConnectionID = hdr . DestConnectionID
replyHdr . Token = token
2018-11-23 11:04:53 -05:00
s . logger . Debugf ( "Changing connection ID to %s.\n-> Sending Retry" , connID )
replyHdr . Log ( s . logger )
buf := & bytes . Buffer { }
2018-11-27 09:29:03 -05:00
if err := replyHdr . Write ( buf , hdr . Version ) ; err != nil {
2018-11-23 11:04:53 -05:00
return err
}
if _ , err := s . conn . WriteTo ( buf . Bytes ( ) , remoteAddr ) ; err != nil {
s . logger . Debugf ( "Error sending Retry: %s" , err )
}
2018-11-20 17:51:25 -05:00
return nil
}
2019-01-14 14:52:10 -05:00
func ( s * server ) sendServerBusy ( remoteAddr net . Addr , hdr * wire . Header ) error {
sealer , _ , err := handshake . NewInitialAEAD ( hdr . DestConnectionID , protocol . PerspectiveServer )
if err != nil {
return err
}
packetBuffer := getPacketBuffer ( )
defer packetBuffer . Release ( )
buf := bytes . NewBuffer ( packetBuffer . Slice [ : 0 ] )
// TODO(#1567): use the SERVER_BUSY error code
ccf := & wire . ConnectionCloseFrame { ErrorCode : qerr . PeerGoingAway }
replyHdr := & wire . ExtendedHeader { }
replyHdr . IsLongHeader = true
replyHdr . Type = protocol . PacketTypeInitial
replyHdr . Version = hdr . Version
replyHdr . SrcConnectionID = hdr . DestConnectionID
replyHdr . DestConnectionID = hdr . SrcConnectionID
replyHdr . PacketNumberLen = protocol . PacketNumberLen4
replyHdr . Length = 4 /* packet number len */ + ccf . Length ( hdr . Version ) + protocol . ByteCount ( sealer . Overhead ( ) )
if err := replyHdr . Write ( buf , hdr . Version ) ; err != nil {
return err
}
payloadOffset := buf . Len ( )
if err := ccf . Write ( buf , hdr . Version ) ; err != nil {
return err
}
raw := buf . Bytes ( )
_ = sealer . Seal ( raw [ payloadOffset : payloadOffset ] , raw [ payloadOffset : ] , replyHdr . PacketNumber , raw [ : payloadOffset ] )
raw = raw [ 0 : buf . Len ( ) + sealer . Overhead ( ) ]
pnOffset := payloadOffset - int ( replyHdr . PacketNumberLen )
sealer . EncryptHeader (
raw [ pnOffset + 4 : pnOffset + 4 + 16 ] ,
& raw [ 0 ] ,
raw [ pnOffset : payloadOffset ] ,
)
replyHdr . Log ( s . logger )
wire . LogFrame ( s . logger , ccf , true )
if _ , err := s . conn . WriteTo ( raw , remoteAddr ) ; err != nil {
s . logger . Debugf ( "Error rejecting connection: %s" , err )
}
return nil
}
2018-11-27 09:29:03 -05:00
func ( s * server ) sendVersionNegotiationPacket ( p * receivedPacket ) {
2019-01-02 07:01:06 -05:00
defer p . buffer . Release ( )
2018-11-27 09:29:03 -05:00
hdr := p . hdr
s . logger . Debugf ( "Client offered version %s, sending Version Negotiation" , hdr . Version )
2018-11-23 11:04:53 -05:00
data , err := wire . ComposeVersionNegotiation ( hdr . SrcConnectionID , hdr . DestConnectionID , s . config . Versions )
if err != nil {
2018-11-27 09:29:03 -05:00
s . logger . Debugf ( "Error composing Version Negotiation: %s" , err )
return
}
if _ , err := s . conn . WriteTo ( data , p . remoteAddr ) ; err != nil {
s . logger . Debugf ( "Error sending Version Negotiation: %s" , err )
2018-11-20 17:51:25 -05:00
}
}