mirror of
https://github.com/v2fly/v2ray-core.git
synced 2025-01-17 23:06:30 -05:00
sync quic package. fixes #1503
This commit is contained in:
parent
86f8fe4eb4
commit
ab0ddd4313
14
vendor/github.com/lucas-clemente/quic-go/interface.go
generated
vendored
14
vendor/github.com/lucas-clemente/quic-go/interface.go
generated
vendored
@ -124,20 +124,22 @@ type Session interface {
|
|||||||
// AcceptUniStream returns the next unidirectional stream opened by the peer, blocking until one is available.
|
// AcceptUniStream returns the next unidirectional stream opened by the peer, blocking until one is available.
|
||||||
AcceptUniStream() (ReceiveStream, error)
|
AcceptUniStream() (ReceiveStream, error)
|
||||||
// OpenStream opens a new bidirectional QUIC stream.
|
// OpenStream opens a new bidirectional QUIC stream.
|
||||||
// It returns a special error when the peer's concurrent stream limit is reached.
|
|
||||||
// There is no signaling to the peer about new streams:
|
// There is no signaling to the peer about new streams:
|
||||||
// The peer can only accept the stream after data has been sent on the stream.
|
// The peer can only accept the stream after data has been sent on the stream.
|
||||||
// TODO(#1152): Enable testing for the special error
|
// If the error is non-nil, it satisfies the net.Error interface.
|
||||||
|
// When reaching the peer's stream limit, err.Temporary() will be true.
|
||||||
OpenStream() (Stream, error)
|
OpenStream() (Stream, error)
|
||||||
// OpenStreamSync opens a new bidirectional QUIC stream.
|
// OpenStreamSync opens a new bidirectional QUIC stream.
|
||||||
// It blocks until the peer's concurrent stream limit allows a new stream to be opened.
|
// It blocks until a new stream can be opened.
|
||||||
|
// If the error is non-nil, it satisfies the net.Error interface.
|
||||||
OpenStreamSync() (Stream, error)
|
OpenStreamSync() (Stream, error)
|
||||||
// OpenUniStream opens a new outgoing unidirectional QUIC stream.
|
// OpenUniStream opens a new outgoing unidirectional QUIC stream.
|
||||||
// It returns a special error when the peer's concurrent stream limit is reached.
|
// If the error is non-nil, it satisfies the net.Error interface.
|
||||||
// TODO(#1152): Enable testing for the special error
|
// When reaching the peer's stream limit, Temporary() will be true.
|
||||||
OpenUniStream() (SendStream, error)
|
OpenUniStream() (SendStream, error)
|
||||||
// OpenUniStreamSync opens a new outgoing unidirectional QUIC stream.
|
// OpenUniStreamSync opens a new outgoing unidirectional QUIC stream.
|
||||||
// It blocks until the peer's concurrent stream limit allows a new stream to be opened.
|
// It blocks until a new stream can be opened.
|
||||||
|
// If the error is non-nil, it satisfies the net.Error interface.
|
||||||
OpenUniStreamSync() (SendStream, error)
|
OpenUniStreamSync() (SendStream, error)
|
||||||
// LocalAddr returns the local address.
|
// LocalAddr returns the local address.
|
||||||
LocalAddr() net.Addr
|
LocalAddr() net.Addr
|
||||||
|
@ -74,7 +74,7 @@ func (h *receivedPacketHandler) ReceivedPacket(packetNumber protocol.PacketNumbe
|
|||||||
}
|
}
|
||||||
|
|
||||||
isMissing := h.isMissing(packetNumber)
|
isMissing := h.isMissing(packetNumber)
|
||||||
if packetNumber > h.largestObserved {
|
if packetNumber >= h.largestObserved {
|
||||||
h.largestObserved = packetNumber
|
h.largestObserved = packetNumber
|
||||||
h.largestObservedReceivedTime = rcvTime
|
h.largestObservedReceivedTime = rcvTime
|
||||||
}
|
}
|
||||||
|
12
vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/send_mode.go
generated
vendored
12
vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/send_mode.go
generated
vendored
@ -12,10 +12,8 @@ const (
|
|||||||
SendAck
|
SendAck
|
||||||
// SendRetransmission means that retransmissions should be sent
|
// SendRetransmission means that retransmissions should be sent
|
||||||
SendRetransmission
|
SendRetransmission
|
||||||
// SendRTO means that an RTO probe packet should be sent
|
// SendPTO means that a probe packet should be sent
|
||||||
SendRTO
|
SendPTO
|
||||||
// SendTLP means that a TLP probe packet should be sent
|
|
||||||
SendTLP
|
|
||||||
// SendAny means that any packet should be sent
|
// SendAny means that any packet should be sent
|
||||||
SendAny
|
SendAny
|
||||||
)
|
)
|
||||||
@ -28,10 +26,8 @@ func (s SendMode) String() string {
|
|||||||
return "ack"
|
return "ack"
|
||||||
case SendRetransmission:
|
case SendRetransmission:
|
||||||
return "retransmission"
|
return "retransmission"
|
||||||
case SendRTO:
|
case SendPTO:
|
||||||
return "rto"
|
return "pto"
|
||||||
case SendTLP:
|
|
||||||
return "tlp"
|
|
||||||
case SendAny:
|
case SendAny:
|
||||||
return "any"
|
return "any"
|
||||||
default:
|
default:
|
||||||
|
118
vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/sent_packet_handler.go
generated
vendored
118
vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/sent_packet_handler.go
generated
vendored
@ -17,16 +17,8 @@ const (
|
|||||||
// Maximum reordering in time space before time based loss detection considers a packet lost.
|
// Maximum reordering in time space before time based loss detection considers a packet lost.
|
||||||
// In fraction of an RTT.
|
// In fraction of an RTT.
|
||||||
timeReorderingFraction = 1.0 / 8
|
timeReorderingFraction = 1.0 / 8
|
||||||
// defaultRTOTimeout is the RTO time on new connections
|
// Timer granularity. The timer will not be set to a value smaller than granularity.
|
||||||
defaultRTOTimeout = 500 * time.Millisecond
|
granularity = time.Millisecond
|
||||||
// Minimum time in the future a tail loss probe alarm may be set for.
|
|
||||||
minTPLTimeout = 10 * time.Millisecond
|
|
||||||
// Maximum number of tail loss probes before an RTO fires.
|
|
||||||
maxTLPs = 2
|
|
||||||
// Minimum time in the future an RTO alarm may be set for.
|
|
||||||
minRTOTimeout = 200 * time.Millisecond
|
|
||||||
// maxRTOTimeout is the maximum RTO time
|
|
||||||
maxRTOTimeout = 60 * time.Second
|
|
||||||
)
|
)
|
||||||
|
|
||||||
type sentPacketHandler struct {
|
type sentPacketHandler struct {
|
||||||
@ -44,7 +36,6 @@ type sentPacketHandler struct {
|
|||||||
// example: we send an ACK for packets 90-100 with packet number 20
|
// example: we send an ACK for packets 90-100 with packet number 20
|
||||||
// once we receive an ACK from the peer for packet 20, the lowestPacketNotConfirmedAcked is 101
|
// once we receive an ACK from the peer for packet 20, the lowestPacketNotConfirmedAcked is 101
|
||||||
lowestPacketNotConfirmedAcked protocol.PacketNumber
|
lowestPacketNotConfirmedAcked protocol.PacketNumber
|
||||||
largestSentBeforeRTO protocol.PacketNumber
|
|
||||||
|
|
||||||
packetHistory *sentPacketHistory
|
packetHistory *sentPacketHistory
|
||||||
|
|
||||||
@ -56,17 +47,13 @@ type sentPacketHandler struct {
|
|||||||
rttStats *congestion.RTTStats
|
rttStats *congestion.RTTStats
|
||||||
|
|
||||||
handshakeComplete bool
|
handshakeComplete bool
|
||||||
|
|
||||||
// The number of times the crypto packets have been retransmitted without receiving an ack.
|
// The number of times the crypto packets have been retransmitted without receiving an ack.
|
||||||
cryptoCount uint32
|
cryptoCount uint32
|
||||||
|
// The number of times a PTO has been sent without receiving an ack.
|
||||||
// The number of times a TLP has been sent without receiving an ack.
|
ptoCount uint32
|
||||||
tlpCount uint32
|
// The number of PTO probe packets that should be sent.
|
||||||
allowTLP bool
|
numProbesToSend int
|
||||||
|
|
||||||
// The number of times an RTO has been sent without receiving an ack.
|
|
||||||
rtoCount uint32
|
|
||||||
// The number of RTO probe packets that should be sent.
|
|
||||||
numRTOs int
|
|
||||||
|
|
||||||
// The time at which the next packet will be considered lost based on early transmit or exceeding the reordering window in time.
|
// The time at which the next packet will be considered lost based on early transmit or exceeding the reordering window in time.
|
||||||
lossTime time.Time
|
lossTime time.Time
|
||||||
@ -173,10 +160,9 @@ func (h *sentPacketHandler) sentPacketImpl(packet *Packet) bool /* isRetransmitt
|
|||||||
packet.includedInBytesInFlight = true
|
packet.includedInBytesInFlight = true
|
||||||
h.bytesInFlight += packet.Length
|
h.bytesInFlight += packet.Length
|
||||||
packet.canBeRetransmitted = true
|
packet.canBeRetransmitted = true
|
||||||
if h.numRTOs > 0 {
|
if h.numProbesToSend > 0 {
|
||||||
h.numRTOs--
|
h.numProbesToSend--
|
||||||
}
|
}
|
||||||
h.allowTLP = false
|
|
||||||
}
|
}
|
||||||
h.congestion.OnPacketSent(packet.SendTime, h.bytesInFlight, packet.PacketNumber, packet.Length, isRetransmittable)
|
h.congestion.OnPacketSent(packet.SendTime, h.bytesInFlight, packet.PacketNumber, packet.Length, isRetransmittable)
|
||||||
|
|
||||||
@ -210,6 +196,9 @@ func (h *sentPacketHandler) ReceivedAck(ackFrame *wire.AckFrame, withPacketNumbe
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
if len(ackedPackets) == 0 {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
priorInFlight := h.bytesInFlight
|
priorInFlight := h.bytesInFlight
|
||||||
for _, p := range ackedPackets {
|
for _, p := range ackedPackets {
|
||||||
@ -235,6 +224,10 @@ func (h *sentPacketHandler) ReceivedAck(ackFrame *wire.AckFrame, withPacketNumbe
|
|||||||
if err := h.detectLostPackets(rcvTime, priorInFlight); err != nil {
|
if err := h.detectLostPackets(rcvTime, priorInFlight); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
h.ptoCount = 0
|
||||||
|
h.cryptoCount = 0
|
||||||
|
|
||||||
h.updateLossDetectionAlarm()
|
h.updateLossDetectionAlarm()
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
@ -310,15 +303,8 @@ func (h *sentPacketHandler) updateLossDetectionAlarm() {
|
|||||||
} else if !h.lossTime.IsZero() {
|
} else if !h.lossTime.IsZero() {
|
||||||
// Early retransmit timer or time loss detection.
|
// Early retransmit timer or time loss detection.
|
||||||
h.alarm = h.lossTime
|
h.alarm = h.lossTime
|
||||||
} else {
|
} else { // PTO alarm
|
||||||
// RTO or TLP alarm
|
h.alarm = h.lastSentRetransmittablePacketTime.Add(h.computePTOTimeout())
|
||||||
alarmDuration := h.computeRTOTimeout()
|
|
||||||
if h.tlpCount < maxTLPs {
|
|
||||||
tlpAlarm := h.computeTLPTimeout()
|
|
||||||
// if the RTO duration is shorter than the TLP duration, use the RTO duration
|
|
||||||
alarmDuration = utils.MinDuration(alarmDuration, tlpAlarm)
|
|
||||||
}
|
|
||||||
h.alarm = h.lastSentRetransmittablePacketTime.Add(alarmDuration)
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -346,6 +332,7 @@ func (h *sentPacketHandler) detectLostPackets(now time.Time, priorInFlight proto
|
|||||||
}
|
}
|
||||||
return true, nil
|
return true, nil
|
||||||
})
|
})
|
||||||
|
|
||||||
if h.logger.Debug() && len(lostPackets) > 0 {
|
if h.logger.Debug() && len(lostPackets) > 0 {
|
||||||
pns := make([]protocol.PacketNumber, len(lostPackets))
|
pns := make([]protocol.PacketNumber, len(lostPackets))
|
||||||
for i, p := range lostPackets {
|
for i, p := range lostPackets {
|
||||||
@ -399,21 +386,12 @@ func (h *sentPacketHandler) onVerifiedAlarm() error {
|
|||||||
}
|
}
|
||||||
// Early retransmit or time loss detection
|
// Early retransmit or time loss detection
|
||||||
err = h.detectLostPackets(time.Now(), h.bytesInFlight)
|
err = h.detectLostPackets(time.Now(), h.bytesInFlight)
|
||||||
} else if h.tlpCount < maxTLPs { // TLP
|
} else { // PTO
|
||||||
if h.logger.Debug() {
|
if h.logger.Debug() {
|
||||||
h.logger.Debugf("Loss detection alarm fired in TLP mode. TLP count: %d", h.tlpCount)
|
h.logger.Debugf("Loss detection alarm fired in PTO mode. PTO count: %d", h.ptoCount)
|
||||||
}
|
}
|
||||||
h.allowTLP = true
|
h.ptoCount++
|
||||||
h.tlpCount++
|
h.numProbesToSend += 2
|
||||||
} else { // RTO
|
|
||||||
if h.logger.Debug() {
|
|
||||||
h.logger.Debugf("Loss detection alarm fired in RTO mode. RTO count: %d", h.rtoCount)
|
|
||||||
}
|
|
||||||
if h.rtoCount == 0 {
|
|
||||||
h.largestSentBeforeRTO = h.lastSentPacketNumber
|
|
||||||
}
|
|
||||||
h.rtoCount++
|
|
||||||
h.numRTOs += 2
|
|
||||||
}
|
}
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
@ -454,15 +432,9 @@ func (h *sentPacketHandler) onPacketAcked(p *Packet, rcvTime time.Time) error {
|
|||||||
if p.includedInBytesInFlight {
|
if p.includedInBytesInFlight {
|
||||||
h.bytesInFlight -= p.Length
|
h.bytesInFlight -= p.Length
|
||||||
}
|
}
|
||||||
if h.rtoCount > 0 {
|
|
||||||
h.verifyRTO(p.PacketNumber)
|
|
||||||
}
|
|
||||||
if err := h.stopRetransmissionsFor(p); err != nil {
|
if err := h.stopRetransmissionsFor(p); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
h.rtoCount = 0
|
|
||||||
h.tlpCount = 0
|
|
||||||
h.cryptoCount = 0
|
|
||||||
return h.packetHistory.Remove(p.PacketNumber)
|
return h.packetHistory.Remove(p.PacketNumber)
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -480,18 +452,6 @@ func (h *sentPacketHandler) stopRetransmissionsFor(p *Packet) error {
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (h *sentPacketHandler) verifyRTO(pn protocol.PacketNumber) {
|
|
||||||
if pn <= h.largestSentBeforeRTO {
|
|
||||||
h.logger.Debugf("Spurious RTO detected. Received an ACK for %#x (largest sent before RTO: %#x)", pn, h.largestSentBeforeRTO)
|
|
||||||
// Replace SRTT with latest_rtt and increase the variance to prevent
|
|
||||||
// a spurious RTO from happening again.
|
|
||||||
h.rttStats.ExpireSmoothedMetrics()
|
|
||||||
return
|
|
||||||
}
|
|
||||||
h.logger.Debugf("RTO verified. Received an ACK for %#x (largest sent before RTO: %#x", pn, h.largestSentBeforeRTO)
|
|
||||||
h.congestion.OnRetransmissionTimeout(true)
|
|
||||||
}
|
|
||||||
|
|
||||||
func (h *sentPacketHandler) DequeuePacketForRetransmission() *Packet {
|
func (h *sentPacketHandler) DequeuePacketForRetransmission() *Packet {
|
||||||
if len(h.retransmissionQueue) == 0 {
|
if len(h.retransmissionQueue) == 0 {
|
||||||
return nil
|
return nil
|
||||||
@ -539,11 +499,8 @@ func (h *sentPacketHandler) SendMode() SendMode {
|
|||||||
}
|
}
|
||||||
return SendNone
|
return SendNone
|
||||||
}
|
}
|
||||||
if h.allowTLP {
|
if h.numProbesToSend > 0 {
|
||||||
return SendTLP
|
return SendPTO
|
||||||
}
|
|
||||||
if h.numRTOs > 0 {
|
|
||||||
return SendRTO
|
|
||||||
}
|
}
|
||||||
// Only send ACKs if we're congestion limited.
|
// Only send ACKs if we're congestion limited.
|
||||||
if cwnd := h.congestion.GetCongestionWindow(); h.bytesInFlight > cwnd {
|
if cwnd := h.congestion.GetCongestionWindow(); h.bytesInFlight > cwnd {
|
||||||
@ -570,9 +527,9 @@ func (h *sentPacketHandler) TimeUntilSend() time.Time {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (h *sentPacketHandler) ShouldSendNumPackets() int {
|
func (h *sentPacketHandler) ShouldSendNumPackets() int {
|
||||||
if h.numRTOs > 0 {
|
if h.numProbesToSend > 0 {
|
||||||
// RTO probes should not be paced, but must be sent immediately.
|
// RTO probes should not be paced, but must be sent immediately.
|
||||||
return h.numRTOs
|
return h.numProbesToSend
|
||||||
}
|
}
|
||||||
delay := h.congestion.TimeUntilSend(h.bytesInFlight)
|
delay := h.congestion.TimeUntilSend(h.bytesInFlight)
|
||||||
if delay == 0 || delay > protocol.MinPacingDelay {
|
if delay == 0 || delay > protocol.MinPacingDelay {
|
||||||
@ -610,27 +567,14 @@ func (h *sentPacketHandler) queuePacketForRetransmission(p *Packet) error {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (h *sentPacketHandler) computeCryptoTimeout() time.Duration {
|
func (h *sentPacketHandler) computeCryptoTimeout() time.Duration {
|
||||||
duration := utils.MaxDuration(2*h.rttStats.SmoothedOrInitialRTT(), minTPLTimeout)
|
duration := utils.MaxDuration(2*h.rttStats.SmoothedOrInitialRTT(), granularity)
|
||||||
// exponential backoff
|
// exponential backoff
|
||||||
// There's an implicit limit to this set by the crypto timeout.
|
// There's an implicit limit to this set by the crypto timeout.
|
||||||
return duration << h.cryptoCount
|
return duration << h.cryptoCount
|
||||||
}
|
}
|
||||||
|
|
||||||
func (h *sentPacketHandler) computeTLPTimeout() time.Duration {
|
func (h *sentPacketHandler) computePTOTimeout() time.Duration {
|
||||||
// TODO(#1236): include the max_ack_delay
|
// TODO(#1236): include the max_ack_delay
|
||||||
return utils.MaxDuration(h.rttStats.SmoothedOrInitialRTT()*3/2, minTPLTimeout)
|
duration := utils.MaxDuration(h.rttStats.SmoothedOrInitialRTT()+4*h.rttStats.MeanDeviation(), granularity)
|
||||||
}
|
return duration << h.ptoCount
|
||||||
|
|
||||||
func (h *sentPacketHandler) computeRTOTimeout() time.Duration {
|
|
||||||
var rto time.Duration
|
|
||||||
rtt := h.rttStats.SmoothedRTT()
|
|
||||||
if rtt == 0 {
|
|
||||||
rto = defaultRTOTimeout
|
|
||||||
} else {
|
|
||||||
rto = rtt + 4*h.rttStats.MeanDeviation()
|
|
||||||
}
|
|
||||||
rto = utils.MaxDuration(rto, minRTOTimeout)
|
|
||||||
// Exponential backoff
|
|
||||||
rto <<= h.rtoCount
|
|
||||||
return utils.MinDuration(rto, maxRTOTimeout)
|
|
||||||
}
|
}
|
||||||
|
60
vendor/github.com/lucas-clemente/quic-go/internal/handshake/aead.go
generated
vendored
60
vendor/github.com/lucas-clemente/quic-go/internal/handshake/aead.go
generated
vendored
@ -8,13 +8,12 @@ import (
|
|||||||
)
|
)
|
||||||
|
|
||||||
type sealer struct {
|
type sealer struct {
|
||||||
iv []byte
|
|
||||||
aead cipher.AEAD
|
aead cipher.AEAD
|
||||||
pnEncrypter cipher.Block
|
hpEncrypter cipher.Block
|
||||||
|
|
||||||
// use a single slice to avoid allocations
|
// use a single slice to avoid allocations
|
||||||
nonceBuf []byte
|
nonceBuf []byte
|
||||||
pnMask []byte
|
hpMask []byte
|
||||||
|
|
||||||
// short headers protect 5 bits in the first byte, long headers only 4
|
// short headers protect 5 bits in the first byte, long headers only 4
|
||||||
is1RTT bool
|
is1RTT bool
|
||||||
@ -22,41 +21,35 @@ type sealer struct {
|
|||||||
|
|
||||||
var _ Sealer = &sealer{}
|
var _ Sealer = &sealer{}
|
||||||
|
|
||||||
func newSealer(aead cipher.AEAD, iv []byte, pnEncrypter cipher.Block, is1RTT bool) Sealer {
|
func newSealer(aead cipher.AEAD, hpEncrypter cipher.Block, is1RTT bool) Sealer {
|
||||||
return &sealer{
|
return &sealer{
|
||||||
iv: iv,
|
|
||||||
aead: aead,
|
aead: aead,
|
||||||
nonceBuf: make([]byte, aead.NonceSize()),
|
nonceBuf: make([]byte, aead.NonceSize()),
|
||||||
is1RTT: is1RTT,
|
is1RTT: is1RTT,
|
||||||
pnEncrypter: pnEncrypter,
|
hpEncrypter: hpEncrypter,
|
||||||
pnMask: make([]byte, pnEncrypter.BlockSize()),
|
hpMask: make([]byte, hpEncrypter.BlockSize()),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *sealer) Seal(dst, src []byte, pn protocol.PacketNumber, ad []byte) []byte {
|
func (s *sealer) Seal(dst, src []byte, pn protocol.PacketNumber, ad []byte) []byte {
|
||||||
binary.BigEndian.PutUint64(s.nonceBuf[len(s.nonceBuf)-8:], uint64(pn))
|
binary.BigEndian.PutUint64(s.nonceBuf[len(s.nonceBuf)-8:], uint64(pn))
|
||||||
for i := 0; i < len(s.nonceBuf); i++ {
|
// The AEAD we're using here will be the qtls.aeadAESGCM13.
|
||||||
s.nonceBuf[i] ^= s.iv[i]
|
// It uses the nonce provided here and XOR it with the IV.
|
||||||
}
|
return s.aead.Seal(dst, s.nonceBuf, src, ad)
|
||||||
sealed := s.aead.Seal(dst, s.nonceBuf, src, ad)
|
|
||||||
for i := 0; i < len(s.nonceBuf); i++ {
|
|
||||||
s.nonceBuf[i] = 0
|
|
||||||
}
|
|
||||||
return sealed
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *sealer) EncryptHeader(sample []byte, firstByte *byte, pnBytes []byte) {
|
func (s *sealer) EncryptHeader(sample []byte, firstByte *byte, pnBytes []byte) {
|
||||||
if len(sample) != s.pnEncrypter.BlockSize() {
|
if len(sample) != s.hpEncrypter.BlockSize() {
|
||||||
panic("invalid sample size")
|
panic("invalid sample size")
|
||||||
}
|
}
|
||||||
s.pnEncrypter.Encrypt(s.pnMask, sample)
|
s.hpEncrypter.Encrypt(s.hpMask, sample)
|
||||||
if s.is1RTT {
|
if s.is1RTT {
|
||||||
*firstByte ^= s.pnMask[0] & 0x1f
|
*firstByte ^= s.hpMask[0] & 0x1f
|
||||||
} else {
|
} else {
|
||||||
*firstByte ^= s.pnMask[0] & 0xf
|
*firstByte ^= s.hpMask[0] & 0xf
|
||||||
}
|
}
|
||||||
for i := range pnBytes {
|
for i := range pnBytes {
|
||||||
pnBytes[i] ^= s.pnMask[i+1]
|
pnBytes[i] ^= s.hpMask[i+1]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -65,13 +58,12 @@ func (s *sealer) Overhead() int {
|
|||||||
}
|
}
|
||||||
|
|
||||||
type opener struct {
|
type opener struct {
|
||||||
iv []byte
|
|
||||||
aead cipher.AEAD
|
aead cipher.AEAD
|
||||||
pnDecrypter cipher.Block
|
pnDecrypter cipher.Block
|
||||||
|
|
||||||
// use a single slice to avoid allocations
|
// use a single slice to avoid allocations
|
||||||
nonceBuf []byte
|
nonceBuf []byte
|
||||||
pnMask []byte
|
hpMask []byte
|
||||||
|
|
||||||
// short headers protect 5 bits in the first byte, long headers only 4
|
// short headers protect 5 bits in the first byte, long headers only 4
|
||||||
is1RTT bool
|
is1RTT bool
|
||||||
@ -79,40 +71,34 @@ type opener struct {
|
|||||||
|
|
||||||
var _ Opener = &opener{}
|
var _ Opener = &opener{}
|
||||||
|
|
||||||
func newOpener(aead cipher.AEAD, iv []byte, pnDecrypter cipher.Block, is1RTT bool) Opener {
|
func newOpener(aead cipher.AEAD, pnDecrypter cipher.Block, is1RTT bool) Opener {
|
||||||
return &opener{
|
return &opener{
|
||||||
iv: iv,
|
|
||||||
aead: aead,
|
aead: aead,
|
||||||
nonceBuf: make([]byte, aead.NonceSize()),
|
nonceBuf: make([]byte, aead.NonceSize()),
|
||||||
is1RTT: is1RTT,
|
is1RTT: is1RTT,
|
||||||
pnDecrypter: pnDecrypter,
|
pnDecrypter: pnDecrypter,
|
||||||
pnMask: make([]byte, pnDecrypter.BlockSize()),
|
hpMask: make([]byte, pnDecrypter.BlockSize()),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (o *opener) Open(dst, src []byte, pn protocol.PacketNumber, ad []byte) ([]byte, error) {
|
func (o *opener) Open(dst, src []byte, pn protocol.PacketNumber, ad []byte) ([]byte, error) {
|
||||||
binary.BigEndian.PutUint64(o.nonceBuf[len(o.nonceBuf)-8:], uint64(pn))
|
binary.BigEndian.PutUint64(o.nonceBuf[len(o.nonceBuf)-8:], uint64(pn))
|
||||||
for i := 0; i < len(o.nonceBuf); i++ {
|
// The AEAD we're using here will be the qtls.aeadAESGCM13.
|
||||||
o.nonceBuf[i] ^= o.iv[i]
|
// It uses the nonce provided here and XOR it with the IV.
|
||||||
}
|
return o.aead.Open(dst, o.nonceBuf, src, ad)
|
||||||
opened, err := o.aead.Open(dst, o.nonceBuf, src, ad)
|
|
||||||
for i := 0; i < len(o.nonceBuf); i++ {
|
|
||||||
o.nonceBuf[i] = 0
|
|
||||||
}
|
|
||||||
return opened, err
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func (o *opener) DecryptHeader(sample []byte, firstByte *byte, pnBytes []byte) {
|
func (o *opener) DecryptHeader(sample []byte, firstByte *byte, pnBytes []byte) {
|
||||||
if len(sample) != o.pnDecrypter.BlockSize() {
|
if len(sample) != o.pnDecrypter.BlockSize() {
|
||||||
panic("invalid sample size")
|
panic("invalid sample size")
|
||||||
}
|
}
|
||||||
o.pnDecrypter.Encrypt(o.pnMask, sample)
|
o.pnDecrypter.Encrypt(o.hpMask, sample)
|
||||||
if o.is1RTT {
|
if o.is1RTT {
|
||||||
*firstByte ^= o.pnMask[0] & 0x1f
|
*firstByte ^= o.hpMask[0] & 0x1f
|
||||||
} else {
|
} else {
|
||||||
*firstByte ^= o.pnMask[0] & 0xf
|
*firstByte ^= o.hpMask[0] & 0xf
|
||||||
}
|
}
|
||||||
for i := range pnBytes {
|
for i := range pnBytes {
|
||||||
pnBytes[i] ^= o.pnMask[i+1]
|
pnBytes[i] ^= o.hpMask[i+1]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
38
vendor/github.com/lucas-clemente/quic-go/internal/handshake/crypto_setup.go
generated
vendored
38
vendor/github.com/lucas-clemente/quic-go/internal/handshake/crypto_setup.go
generated
vendored
@ -181,7 +181,7 @@ func newCryptoSetup(
|
|||||||
logger utils.Logger,
|
logger utils.Logger,
|
||||||
perspective protocol.Perspective,
|
perspective protocol.Perspective,
|
||||||
) (CryptoSetup, <-chan struct{} /* ClientHello written */, error) {
|
) (CryptoSetup, <-chan struct{} /* ClientHello written */, error) {
|
||||||
initialSealer, initialOpener, err := newInitialAEAD(connID, perspective)
|
initialSealer, initialOpener, err := NewInitialAEAD(connID, perspective)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, nil, err
|
return nil, nil, err
|
||||||
}
|
}
|
||||||
@ -410,28 +410,22 @@ func (h *cryptoSetup) ReadHandshakeMessage() ([]byte, error) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (h *cryptoSetup) SetReadKey(suite *qtls.CipherSuite, trafficSecret []byte) {
|
func (h *cryptoSetup) SetReadKey(suite *qtls.CipherSuite, trafficSecret []byte) {
|
||||||
key := qtls.HkdfExpandLabel(suite.Hash(), trafficSecret, []byte{}, "key", suite.KeyLen())
|
key := qtls.HkdfExpandLabel(suite.Hash(), trafficSecret, []byte{}, "quic key", suite.KeyLen())
|
||||||
iv := qtls.HkdfExpandLabel(suite.Hash(), trafficSecret, []byte{}, "iv", suite.IVLen())
|
iv := qtls.HkdfExpandLabel(suite.Hash(), trafficSecret, []byte{}, "quic iv", suite.IVLen())
|
||||||
pnKey := qtls.HkdfExpandLabel(suite.Hash(), trafficSecret, []byte{}, "pn", suite.KeyLen())
|
hpKey := qtls.HkdfExpandLabel(suite.Hash(), trafficSecret, []byte{}, "quic hp", suite.KeyLen())
|
||||||
pnDecrypter, err := aes.NewCipher(pnKey)
|
hpDecrypter, err := aes.NewCipher(hpKey)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
panic(fmt.Sprintf("error creating new AES cipher: %s", err))
|
panic(fmt.Sprintf("error creating new AES cipher: %s", err))
|
||||||
}
|
}
|
||||||
opener := newOpener(
|
|
||||||
suite.AEAD(key, iv),
|
|
||||||
iv,
|
|
||||||
pnDecrypter,
|
|
||||||
h.readEncLevel == protocol.Encryption1RTT,
|
|
||||||
)
|
|
||||||
|
|
||||||
switch h.readEncLevel {
|
switch h.readEncLevel {
|
||||||
case protocol.EncryptionInitial:
|
case protocol.EncryptionInitial:
|
||||||
h.readEncLevel = protocol.EncryptionHandshake
|
h.readEncLevel = protocol.EncryptionHandshake
|
||||||
h.handshakeOpener = opener
|
h.handshakeOpener = newOpener(suite.AEAD(key, iv), hpDecrypter, false)
|
||||||
h.logger.Debugf("Installed Handshake Read keys")
|
h.logger.Debugf("Installed Handshake Read keys")
|
||||||
case protocol.EncryptionHandshake:
|
case protocol.EncryptionHandshake:
|
||||||
h.readEncLevel = protocol.Encryption1RTT
|
h.readEncLevel = protocol.Encryption1RTT
|
||||||
h.opener = opener
|
h.opener = newOpener(suite.AEAD(key, iv), hpDecrypter, true)
|
||||||
h.logger.Debugf("Installed 1-RTT Read keys")
|
h.logger.Debugf("Installed 1-RTT Read keys")
|
||||||
default:
|
default:
|
||||||
panic("unexpected read encryption level")
|
panic("unexpected read encryption level")
|
||||||
@ -440,28 +434,22 @@ func (h *cryptoSetup) SetReadKey(suite *qtls.CipherSuite, trafficSecret []byte)
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (h *cryptoSetup) SetWriteKey(suite *qtls.CipherSuite, trafficSecret []byte) {
|
func (h *cryptoSetup) SetWriteKey(suite *qtls.CipherSuite, trafficSecret []byte) {
|
||||||
key := qtls.HkdfExpandLabel(suite.Hash(), trafficSecret, []byte{}, "key", suite.KeyLen())
|
key := qtls.HkdfExpandLabel(suite.Hash(), trafficSecret, []byte{}, "quic key", suite.KeyLen())
|
||||||
iv := qtls.HkdfExpandLabel(suite.Hash(), trafficSecret, []byte{}, "iv", suite.IVLen())
|
iv := qtls.HkdfExpandLabel(suite.Hash(), trafficSecret, []byte{}, "quic iv", suite.IVLen())
|
||||||
pnKey := qtls.HkdfExpandLabel(suite.Hash(), trafficSecret, []byte{}, "pn", suite.KeyLen())
|
hpKey := qtls.HkdfExpandLabel(suite.Hash(), trafficSecret, []byte{}, "quic hp", suite.KeyLen())
|
||||||
pnEncrypter, err := aes.NewCipher(pnKey)
|
hpEncrypter, err := aes.NewCipher(hpKey)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
panic(fmt.Sprintf("error creating new AES cipher: %s", err))
|
panic(fmt.Sprintf("error creating new AES cipher: %s", err))
|
||||||
}
|
}
|
||||||
sealer := newSealer(
|
|
||||||
suite.AEAD(key, iv),
|
|
||||||
iv,
|
|
||||||
pnEncrypter,
|
|
||||||
h.writeEncLevel == protocol.Encryption1RTT,
|
|
||||||
)
|
|
||||||
|
|
||||||
switch h.writeEncLevel {
|
switch h.writeEncLevel {
|
||||||
case protocol.EncryptionInitial:
|
case protocol.EncryptionInitial:
|
||||||
h.writeEncLevel = protocol.EncryptionHandshake
|
h.writeEncLevel = protocol.EncryptionHandshake
|
||||||
h.handshakeSealer = sealer
|
h.handshakeSealer = newSealer(suite.AEAD(key, iv), hpEncrypter, false)
|
||||||
h.logger.Debugf("Installed Handshake Write keys")
|
h.logger.Debugf("Installed Handshake Write keys")
|
||||||
case protocol.EncryptionHandshake:
|
case protocol.EncryptionHandshake:
|
||||||
h.writeEncLevel = protocol.Encryption1RTT
|
h.writeEncLevel = protocol.Encryption1RTT
|
||||||
h.sealer = sealer
|
h.sealer = newSealer(suite.AEAD(key, iv), hpEncrypter, true)
|
||||||
h.logger.Debugf("Installed 1-RTT Write keys")
|
h.logger.Debugf("Installed 1-RTT Write keys")
|
||||||
default:
|
default:
|
||||||
panic("unexpected write encryption level")
|
panic("unexpected write encryption level")
|
||||||
|
36
vendor/github.com/lucas-clemente/quic-go/internal/handshake/initial_aead.go
generated
vendored
36
vendor/github.com/lucas-clemente/quic-go/internal/handshake/initial_aead.go
generated
vendored
@ -3,7 +3,6 @@ package handshake
|
|||||||
import (
|
import (
|
||||||
"crypto"
|
"crypto"
|
||||||
"crypto/aes"
|
"crypto/aes"
|
||||||
"crypto/cipher"
|
|
||||||
|
|
||||||
"github.com/lucas-clemente/quic-go/internal/protocol"
|
"github.com/lucas-clemente/quic-go/internal/protocol"
|
||||||
"github.com/marten-seemann/qtls"
|
"github.com/marten-seemann/qtls"
|
||||||
@ -11,7 +10,8 @@ import (
|
|||||||
|
|
||||||
var quicVersion1Salt = []byte{0xef, 0x4f, 0xb0, 0xab, 0xb4, 0x74, 0x70, 0xc4, 0x1b, 0xef, 0xcf, 0x80, 0x31, 0x33, 0x4f, 0xae, 0x48, 0x5e, 0x09, 0xa0}
|
var quicVersion1Salt = []byte{0xef, 0x4f, 0xb0, 0xab, 0xb4, 0x74, 0x70, 0xc4, 0x1b, 0xef, 0xcf, 0x80, 0x31, 0x33, 0x4f, 0xae, 0x48, 0x5e, 0x09, 0xa0}
|
||||||
|
|
||||||
func newInitialAEAD(connID protocol.ConnectionID, pers protocol.Perspective) (Sealer, Opener, error) {
|
// NewInitialAEAD creates a new AEAD for Initial encryption / decryption.
|
||||||
|
func NewInitialAEAD(connID protocol.ConnectionID, pers protocol.Perspective) (Sealer, Opener, error) {
|
||||||
clientSecret, serverSecret := computeSecrets(connID)
|
clientSecret, serverSecret := computeSecrets(connID)
|
||||||
var mySecret, otherSecret []byte
|
var mySecret, otherSecret []byte
|
||||||
if pers == protocol.PerspectiveClient {
|
if pers == protocol.PerspectiveClient {
|
||||||
@ -21,34 +21,20 @@ func newInitialAEAD(connID protocol.ConnectionID, pers protocol.Perspective) (Se
|
|||||||
mySecret = serverSecret
|
mySecret = serverSecret
|
||||||
otherSecret = clientSecret
|
otherSecret = clientSecret
|
||||||
}
|
}
|
||||||
myKey, myPNKey, myIV := computeInitialKeyAndIV(mySecret)
|
myKey, myHPKey, myIV := computeInitialKeyAndIV(mySecret)
|
||||||
otherKey, otherPNKey, otherIV := computeInitialKeyAndIV(otherSecret)
|
otherKey, otherHPKey, otherIV := computeInitialKeyAndIV(otherSecret)
|
||||||
|
|
||||||
encrypterCipher, err := aes.NewCipher(myKey)
|
encrypter := qtls.AEADAESGCM13(myKey, myIV)
|
||||||
|
hpEncrypter, err := aes.NewCipher(myHPKey)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, nil, err
|
return nil, nil, err
|
||||||
}
|
}
|
||||||
encrypter, err := cipher.NewGCM(encrypterCipher)
|
decrypter := qtls.AEADAESGCM13(otherKey, otherIV)
|
||||||
|
hpDecrypter, err := aes.NewCipher(otherHPKey)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, nil, err
|
return nil, nil, err
|
||||||
}
|
}
|
||||||
pnEncrypter, err := aes.NewCipher(myPNKey)
|
return newSealer(encrypter, hpEncrypter, false), newOpener(decrypter, hpDecrypter, false), nil
|
||||||
if err != nil {
|
|
||||||
return nil, nil, err
|
|
||||||
}
|
|
||||||
decrypterCipher, err := aes.NewCipher(otherKey)
|
|
||||||
if err != nil {
|
|
||||||
return nil, nil, err
|
|
||||||
}
|
|
||||||
decrypter, err := cipher.NewGCM(decrypterCipher)
|
|
||||||
if err != nil {
|
|
||||||
return nil, nil, err
|
|
||||||
}
|
|
||||||
pnDecrypter, err := aes.NewCipher(otherPNKey)
|
|
||||||
if err != nil {
|
|
||||||
return nil, nil, err
|
|
||||||
}
|
|
||||||
return newSealer(encrypter, myIV, pnEncrypter, false), newOpener(decrypter, otherIV, pnDecrypter, false), nil
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func computeSecrets(connID protocol.ConnectionID) (clientSecret, serverSecret []byte) {
|
func computeSecrets(connID protocol.ConnectionID) (clientSecret, serverSecret []byte) {
|
||||||
@ -58,9 +44,9 @@ func computeSecrets(connID protocol.ConnectionID) (clientSecret, serverSecret []
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
func computeInitialKeyAndIV(secret []byte) (key, pnKey, iv []byte) {
|
func computeInitialKeyAndIV(secret []byte) (key, hpKey, iv []byte) {
|
||||||
key = qtls.HkdfExpandLabel(crypto.SHA256, secret, []byte{}, "quic key", 16)
|
key = qtls.HkdfExpandLabel(crypto.SHA256, secret, []byte{}, "quic key", 16)
|
||||||
pnKey = qtls.HkdfExpandLabel(crypto.SHA256, secret, []byte{}, "quic hp", 16)
|
hpKey = qtls.HkdfExpandLabel(crypto.SHA256, secret, []byte{}, "quic hp", 16)
|
||||||
iv = qtls.HkdfExpandLabel(crypto.SHA256, secret, []byte{}, "quic iv", 12)
|
iv = qtls.HkdfExpandLabel(crypto.SHA256, secret, []byte{}, "quic iv", 12)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
2
vendor/github.com/lucas-clemente/quic-go/internal/handshake/tls_extension.go
generated
vendored
2
vendor/github.com/lucas-clemente/quic-go/internal/handshake/tls_extension.go
generated
vendored
@ -10,7 +10,7 @@ import (
|
|||||||
"github.com/lucas-clemente/quic-go/internal/utils"
|
"github.com/lucas-clemente/quic-go/internal/utils"
|
||||||
)
|
)
|
||||||
|
|
||||||
const quicTLSExtensionType = 0xff5
|
const quicTLSExtensionType = 0xffa5
|
||||||
|
|
||||||
type clientHelloTransportParameters struct {
|
type clientHelloTransportParameters struct {
|
||||||
InitialVersion protocol.VersionNumber
|
InitialVersion protocol.VersionNumber
|
||||||
|
4
vendor/github.com/lucas-clemente/quic-go/internal/protocol/params.go
generated
vendored
4
vendor/github.com/lucas-clemente/quic-go/internal/protocol/params.go
generated
vendored
@ -53,6 +53,10 @@ const SkipPacketAveragePeriodLength PacketNumber = 500
|
|||||||
// MaxTrackedSkippedPackets is the maximum number of skipped packet numbers the SentPacketHandler keep track of for Optimistic ACK attack mitigation
|
// MaxTrackedSkippedPackets is the maximum number of skipped packet numbers the SentPacketHandler keep track of for Optimistic ACK attack mitigation
|
||||||
const MaxTrackedSkippedPackets = 10
|
const MaxTrackedSkippedPackets = 10
|
||||||
|
|
||||||
|
// MaxAcceptQueueSize is the maximum number of sessions that the server queues for accepting.
|
||||||
|
// If the queue is full, new connection attempts will be rejected.
|
||||||
|
const MaxAcceptQueueSize = 32
|
||||||
|
|
||||||
// CookieExpiryTime is the valid time of a cookie
|
// CookieExpiryTime is the valid time of a cookie
|
||||||
const CookieExpiryTime = 24 * time.Hour
|
const CookieExpiryTime = 24 * time.Hour
|
||||||
|
|
||||||
|
2
vendor/github.com/lucas-clemente/quic-go/internal/protocol/version.go
generated
vendored
2
vendor/github.com/lucas-clemente/quic-go/internal/protocol/version.go
generated
vendored
@ -18,7 +18,7 @@ const (
|
|||||||
|
|
||||||
// The version numbers, making grepping easier
|
// The version numbers, making grepping easier
|
||||||
const (
|
const (
|
||||||
VersionTLS VersionNumber = 101
|
VersionTLS VersionNumber = 0x51474fff
|
||||||
VersionWhatever VersionNumber = 1 // for when the version doesn't matter
|
VersionWhatever VersionNumber = 1 // for when the version doesn't matter
|
||||||
VersionUnknown VersionNumber = math.MaxUint32
|
VersionUnknown VersionNumber = math.MaxUint32
|
||||||
)
|
)
|
||||||
|
1
vendor/github.com/lucas-clemente/quic-go/internal/wire/extended_header.go
generated
vendored
1
vendor/github.com/lucas-clemente/quic-go/internal/wire/extended_header.go
generated
vendored
@ -15,7 +15,6 @@ type ExtendedHeader struct {
|
|||||||
Header
|
Header
|
||||||
|
|
||||||
typeByte byte
|
typeByte byte
|
||||||
Raw []byte
|
|
||||||
|
|
||||||
PacketNumberLen protocol.PacketNumberLen
|
PacketNumberLen protocol.PacketNumberLen
|
||||||
PacketNumber protocol.PacketNumber
|
PacketNumber protocol.PacketNumber
|
||||||
|
18
vendor/github.com/lucas-clemente/quic-go/packet_handler_map.go
generated
vendored
18
vendor/github.com/lucas-clemente/quic-go/packet_handler_map.go
generated
vendored
@ -186,10 +186,6 @@ func (h *packetHandlerMap) parsePacket(
|
|||||||
var counter int
|
var counter int
|
||||||
var lastConnID protocol.ConnectionID
|
var lastConnID protocol.ConnectionID
|
||||||
for len(data) > 0 {
|
for len(data) > 0 {
|
||||||
if counter > 0 && h.logger.Debug() {
|
|
||||||
h.logger.Debugf("Parsed a coalesced packet. Part %d: %d bytes", counter, len(packets[counter-1].data))
|
|
||||||
}
|
|
||||||
|
|
||||||
hdr, err := wire.ParseHeader(bytes.NewReader(data), h.connIDLen)
|
hdr, err := wire.ParseHeader(bytes.NewReader(data), h.connIDLen)
|
||||||
// drop the packet if we can't parse the header
|
// drop the packet if we can't parse the header
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -221,6 +217,12 @@ func (h *packetHandlerMap) parsePacket(
|
|||||||
data: data,
|
data: data,
|
||||||
buffer: buffer,
|
buffer: buffer,
|
||||||
})
|
})
|
||||||
|
|
||||||
|
// only log if this actually a coalesced packet
|
||||||
|
if h.logger.Debug() && (counter > 1 || len(rest) > 0) {
|
||||||
|
h.logger.Debugf("Parsed a coalesced packet. Part %d: %d bytes. Remaining: %d bytes.", counter, len(packets[counter-1].data), len(rest))
|
||||||
|
}
|
||||||
|
|
||||||
data = rest
|
data = rest
|
||||||
}
|
}
|
||||||
return packets, nil
|
return packets, nil
|
||||||
@ -252,11 +254,11 @@ func (h *packetHandlerMap) handleParsedPackets(packets []*receivedPacket) {
|
|||||||
// TODO(#943): send a stateless reset
|
// TODO(#943): send a stateless reset
|
||||||
h.logger.Debugf("received a short header packet with an unexpected connection ID %s", p.hdr.DestConnectionID)
|
h.logger.Debugf("received a short header packet with an unexpected connection ID %s", p.hdr.DestConnectionID)
|
||||||
break // a short header packet is always the last in a coalesced packet
|
break // a short header packet is always the last in a coalesced packet
|
||||||
|
|
||||||
}
|
}
|
||||||
if h.server != nil { // no server set
|
if h.server == nil { // no server set
|
||||||
|
h.logger.Debugf("received a packet with an unexpected connection ID %s", p.hdr.DestConnectionID)
|
||||||
|
continue
|
||||||
|
}
|
||||||
h.server.handlePacket(p)
|
h.server.handlePacket(p)
|
||||||
}
|
}
|
||||||
h.logger.Debugf("received a packet with an unexpected connection ID %s", p.hdr.DestConnectionID)
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
42
vendor/github.com/lucas-clemente/quic-go/packet_unpacker.go
generated
vendored
42
vendor/github.com/lucas-clemente/quic-go/packet_unpacker.go
generated
vendored
@ -6,7 +6,6 @@ import (
|
|||||||
|
|
||||||
"github.com/lucas-clemente/quic-go/internal/handshake"
|
"github.com/lucas-clemente/quic-go/internal/handshake"
|
||||||
"github.com/lucas-clemente/quic-go/internal/protocol"
|
"github.com/lucas-clemente/quic-go/internal/protocol"
|
||||||
"github.com/lucas-clemente/quic-go/internal/qerr"
|
|
||||||
"github.com/lucas-clemente/quic-go/internal/utils"
|
"github.com/lucas-clemente/quic-go/internal/utils"
|
||||||
"github.com/lucas-clemente/quic-go/internal/wire"
|
"github.com/lucas-clemente/quic-go/internal/wire"
|
||||||
)
|
)
|
||||||
@ -15,7 +14,7 @@ type unpackedPacket struct {
|
|||||||
packetNumber protocol.PacketNumber // the decoded packet number
|
packetNumber protocol.PacketNumber // the decoded packet number
|
||||||
hdr *wire.ExtendedHeader
|
hdr *wire.ExtendedHeader
|
||||||
encryptionLevel protocol.EncryptionLevel
|
encryptionLevel protocol.EncryptionLevel
|
||||||
frames []wire.Frame
|
data []byte
|
||||||
}
|
}
|
||||||
|
|
||||||
// The packetUnpacker unpacks QUIC packets.
|
// The packetUnpacker unpacks QUIC packets.
|
||||||
@ -56,6 +55,9 @@ func (u *packetUnpacker) Unpack(hdr *wire.Header, data []byte) (*unpackedPacket,
|
|||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
hdrLen := int(hdr.ParsedLen())
|
hdrLen := int(hdr.ParsedLen())
|
||||||
|
if len(data) < hdrLen+4+16 {
|
||||||
|
return nil, fmt.Errorf("Packet too small. Expected at least 20 bytes after the header, got %d", len(data)-hdrLen)
|
||||||
|
}
|
||||||
// The packet number can be up to 4 bytes long, but we won't know the length until we decrypt it.
|
// The packet number can be up to 4 bytes long, but we won't know the length until we decrypt it.
|
||||||
// 1. save a copy of the 4 bytes
|
// 1. save a copy of the 4 bytes
|
||||||
origPNBytes := make([]byte, 4)
|
origPNBytes := make([]byte, 4)
|
||||||
@ -66,18 +68,16 @@ func (u *packetUnpacker) Unpack(hdr *wire.Header, data []byte) (*unpackedPacket,
|
|||||||
&data[0],
|
&data[0],
|
||||||
data[hdrLen:hdrLen+4],
|
data[hdrLen:hdrLen+4],
|
||||||
)
|
)
|
||||||
|
|
||||||
// 3. parse the header (and learn the actual length of the packet number)
|
// 3. parse the header (and learn the actual length of the packet number)
|
||||||
extHdr, err := hdr.ParseExtended(r, u.version)
|
extHdr, err := hdr.ParseExtended(r, u.version)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("error parsing extended header: %s", err)
|
return nil, fmt.Errorf("error parsing extended header: %s", err)
|
||||||
}
|
}
|
||||||
extHdr.Raw = data[:hdrLen+int(extHdr.PacketNumberLen)]
|
extHdrLen := hdrLen + int(extHdr.PacketNumberLen)
|
||||||
// 4. if the packet number is shorter than 4 bytes, replace the remaining bytes with the copy we saved earlier
|
// 4. if the packet number is shorter than 4 bytes, replace the remaining bytes with the copy we saved earlier
|
||||||
if extHdr.PacketNumberLen != protocol.PacketNumberLen4 {
|
if extHdr.PacketNumberLen != protocol.PacketNumberLen4 {
|
||||||
copy(data[hdrLen+int(extHdr.PacketNumberLen):hdrLen+4], origPNBytes[int(extHdr.PacketNumberLen):])
|
copy(data[extHdrLen:hdrLen+4], origPNBytes[int(extHdr.PacketNumberLen):])
|
||||||
}
|
}
|
||||||
data = data[hdrLen+int(extHdr.PacketNumberLen):]
|
|
||||||
|
|
||||||
pn := protocol.DecodePacketNumber(
|
pn := protocol.DecodePacketNumber(
|
||||||
extHdr.PacketNumberLen,
|
extHdr.PacketNumberLen,
|
||||||
@ -85,7 +85,7 @@ func (u *packetUnpacker) Unpack(hdr *wire.Header, data []byte) (*unpackedPacket,
|
|||||||
extHdr.PacketNumber,
|
extHdr.PacketNumber,
|
||||||
)
|
)
|
||||||
|
|
||||||
decrypted, err := opener.Open(data[:0], data, pn, extHdr.Raw)
|
decrypted, err := opener.Open(data[extHdrLen:extHdrLen], data[extHdrLen:], pn, data[:extHdrLen])
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
@ -93,36 +93,10 @@ func (u *packetUnpacker) Unpack(hdr *wire.Header, data []byte) (*unpackedPacket,
|
|||||||
// Only do this after decrypting, so we are sure the packet is not attacker-controlled
|
// Only do this after decrypting, so we are sure the packet is not attacker-controlled
|
||||||
u.largestRcvdPacketNumber = utils.MaxPacketNumber(u.largestRcvdPacketNumber, pn)
|
u.largestRcvdPacketNumber = utils.MaxPacketNumber(u.largestRcvdPacketNumber, pn)
|
||||||
|
|
||||||
fs, err := u.parseFrames(decrypted)
|
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
|
|
||||||
return &unpackedPacket{
|
return &unpackedPacket{
|
||||||
hdr: extHdr,
|
hdr: extHdr,
|
||||||
packetNumber: pn,
|
packetNumber: pn,
|
||||||
encryptionLevel: encLevel,
|
encryptionLevel: encLevel,
|
||||||
frames: fs,
|
data: decrypted,
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (u *packetUnpacker) parseFrames(decrypted []byte) ([]wire.Frame, error) {
|
|
||||||
r := bytes.NewReader(decrypted)
|
|
||||||
if r.Len() == 0 {
|
|
||||||
return nil, qerr.MissingPayload
|
|
||||||
}
|
|
||||||
|
|
||||||
fs := make([]wire.Frame, 0, 2)
|
|
||||||
// Read all frames in the packet
|
|
||||||
for {
|
|
||||||
frame, err := wire.ParseNextFrame(r, u.version)
|
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
if frame == nil {
|
|
||||||
break
|
|
||||||
}
|
|
||||||
fs = append(fs, frame)
|
|
||||||
}
|
|
||||||
return fs, nil
|
|
||||||
}
|
|
||||||
|
73
vendor/github.com/lucas-clemente/quic-go/server.go
generated
vendored
73
vendor/github.com/lucas-clemente/quic-go/server.go
generated
vendored
@ -8,10 +8,12 @@ import (
|
|||||||
"io"
|
"io"
|
||||||
"net"
|
"net"
|
||||||
"sync"
|
"sync"
|
||||||
|
"sync/atomic"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/lucas-clemente/quic-go/internal/handshake"
|
"github.com/lucas-clemente/quic-go/internal/handshake"
|
||||||
"github.com/lucas-clemente/quic-go/internal/protocol"
|
"github.com/lucas-clemente/quic-go/internal/protocol"
|
||||||
|
"github.com/lucas-clemente/quic-go/internal/qerr"
|
||||||
"github.com/lucas-clemente/quic-go/internal/utils"
|
"github.com/lucas-clemente/quic-go/internal/utils"
|
||||||
"github.com/lucas-clemente/quic-go/internal/wire"
|
"github.com/lucas-clemente/quic-go/internal/wire"
|
||||||
)
|
)
|
||||||
@ -89,6 +91,7 @@ type server struct {
|
|||||||
closed bool
|
closed bool
|
||||||
|
|
||||||
sessionQueue chan Session
|
sessionQueue chan Session
|
||||||
|
sessionQueueLen int32 // to be used as an atomic
|
||||||
|
|
||||||
sessionRunner sessionRunner
|
sessionRunner sessionRunner
|
||||||
|
|
||||||
@ -149,7 +152,7 @@ func listen(conn net.PacketConn, tlsConf *tls.Config, config *Config) (*server,
|
|||||||
tlsConf: tlsConf,
|
tlsConf: tlsConf,
|
||||||
config: config,
|
config: config,
|
||||||
sessionHandler: sessionHandler,
|
sessionHandler: sessionHandler,
|
||||||
sessionQueue: make(chan Session, 5),
|
sessionQueue: make(chan Session),
|
||||||
errorChan: make(chan struct{}),
|
errorChan: make(chan struct{}),
|
||||||
newSession: newSession,
|
newSession: newSession,
|
||||||
logger: utils.DefaultLogger.WithPrefix("server"),
|
logger: utils.DefaultLogger.WithPrefix("server"),
|
||||||
@ -164,7 +167,18 @@ func listen(conn net.PacketConn, tlsConf *tls.Config, config *Config) (*server,
|
|||||||
|
|
||||||
func (s *server) setup() error {
|
func (s *server) setup() error {
|
||||||
s.sessionRunner = &runner{
|
s.sessionRunner = &runner{
|
||||||
onHandshakeCompleteImpl: func(sess Session) { s.sessionQueue <- sess },
|
onHandshakeCompleteImpl: func(sess Session) {
|
||||||
|
go func() {
|
||||||
|
atomic.AddInt32(&s.sessionQueueLen, 1)
|
||||||
|
defer atomic.AddInt32(&s.sessionQueueLen, -1)
|
||||||
|
select {
|
||||||
|
case s.sessionQueue <- sess:
|
||||||
|
// blocks until the session is accepted
|
||||||
|
case <-sess.Context().Done():
|
||||||
|
// don't pass sessions that were already closed to Accept()
|
||||||
|
}
|
||||||
|
}()
|
||||||
|
},
|
||||||
retireConnectionIDImpl: s.sessionHandler.Retire,
|
retireConnectionIDImpl: s.sessionHandler.Retire,
|
||||||
removeConnectionIDImpl: s.sessionHandler.Remove,
|
removeConnectionIDImpl: s.sessionHandler.Remove,
|
||||||
}
|
}
|
||||||
@ -333,7 +347,7 @@ func (s *server) handleInitial(p *receivedPacket) {
|
|||||||
s.logger.Errorf("Error occurred handling initial packet: %s", err)
|
s.logger.Errorf("Error occurred handling initial packet: %s", err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if sess == nil { // a retry was done
|
if sess == nil { // a retry was done, or the connection attempt was rejected
|
||||||
p.buffer.Release()
|
p.buffer.Release()
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
@ -371,6 +385,11 @@ func (s *server) handleInitialImpl(p *receivedPacket) (quicSession, protocol.Con
|
|||||||
return nil, nil, s.sendRetry(p.remoteAddr, hdr)
|
return nil, nil, s.sendRetry(p.remoteAddr, hdr)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if queueLen := atomic.LoadInt32(&s.sessionQueueLen); queueLen >= protocol.MaxAcceptQueueSize {
|
||||||
|
s.logger.Debugf("Rejecting new connection. Server currently busy. Accept queue length: %d (max %d)", queueLen, protocol.MaxAcceptQueueSize)
|
||||||
|
return nil, nil, s.sendServerBusy(p.remoteAddr, hdr)
|
||||||
|
}
|
||||||
|
|
||||||
connID, err := protocol.GenerateConnectionID(s.config.ConnectionIDLength)
|
connID, err := protocol.GenerateConnectionID(s.config.ConnectionIDLength)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, nil, err
|
return nil, nil, err
|
||||||
@ -460,6 +479,54 @@ func (s *server) sendRetry(remoteAddr net.Addr, hdr *wire.Header) error {
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (s *server) sendServerBusy(remoteAddr net.Addr, hdr *wire.Header) error {
|
||||||
|
sealer, _, err := handshake.NewInitialAEAD(hdr.DestConnectionID, protocol.PerspectiveServer)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
packetBuffer := getPacketBuffer()
|
||||||
|
defer packetBuffer.Release()
|
||||||
|
buf := bytes.NewBuffer(packetBuffer.Slice[:0])
|
||||||
|
|
||||||
|
// TODO(#1567): use the SERVER_BUSY error code
|
||||||
|
ccf := &wire.ConnectionCloseFrame{ErrorCode: qerr.PeerGoingAway}
|
||||||
|
|
||||||
|
replyHdr := &wire.ExtendedHeader{}
|
||||||
|
replyHdr.IsLongHeader = true
|
||||||
|
replyHdr.Type = protocol.PacketTypeInitial
|
||||||
|
replyHdr.Version = hdr.Version
|
||||||
|
replyHdr.SrcConnectionID = hdr.DestConnectionID
|
||||||
|
replyHdr.DestConnectionID = hdr.SrcConnectionID
|
||||||
|
replyHdr.PacketNumberLen = protocol.PacketNumberLen4
|
||||||
|
replyHdr.Length = 4 /* packet number len */ + ccf.Length(hdr.Version) + protocol.ByteCount(sealer.Overhead())
|
||||||
|
if err := replyHdr.Write(buf, hdr.Version); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
payloadOffset := buf.Len()
|
||||||
|
|
||||||
|
if err := ccf.Write(buf, hdr.Version); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
raw := buf.Bytes()
|
||||||
|
_ = sealer.Seal(raw[payloadOffset:payloadOffset], raw[payloadOffset:], replyHdr.PacketNumber, raw[:payloadOffset])
|
||||||
|
raw = raw[0 : buf.Len()+sealer.Overhead()]
|
||||||
|
|
||||||
|
pnOffset := payloadOffset - int(replyHdr.PacketNumberLen)
|
||||||
|
sealer.EncryptHeader(
|
||||||
|
raw[pnOffset+4:pnOffset+4+16],
|
||||||
|
&raw[0],
|
||||||
|
raw[pnOffset:payloadOffset],
|
||||||
|
)
|
||||||
|
|
||||||
|
replyHdr.Log(s.logger)
|
||||||
|
wire.LogFrame(s.logger, ccf, true)
|
||||||
|
if _, err := s.conn.WriteTo(raw, remoteAddr); err != nil {
|
||||||
|
s.logger.Debugf("Error rejecting connection: %s", err)
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
func (s *server) sendVersionNegotiationPacket(p *receivedPacket) {
|
func (s *server) sendVersionNegotiationPacket(p *receivedPacket) {
|
||||||
defer p.buffer.Release()
|
defer p.buffer.Release()
|
||||||
hdr := p.hdr
|
hdr := p.hdr
|
||||||
|
59
vendor/github.com/lucas-clemente/quic-go/session.go
generated
vendored
59
vendor/github.com/lucas-clemente/quic-go/session.go
generated
vendored
@ -1,12 +1,14 @@
|
|||||||
package quic
|
package quic
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"bytes"
|
||||||
"context"
|
"context"
|
||||||
"crypto/tls"
|
"crypto/tls"
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io"
|
"io"
|
||||||
"net"
|
"net"
|
||||||
|
"reflect"
|
||||||
"sync"
|
"sync"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
@ -495,14 +497,17 @@ func (s *session) handlePacketImpl(p *receivedPacket) bool /* was the packet suc
|
|||||||
}
|
}
|
||||||
|
|
||||||
packet, err := s.unpacker.Unpack(p.hdr, p.data)
|
packet, err := s.unpacker.Unpack(p.hdr, p.data)
|
||||||
// if the decryption failed, this might be a packet sent by an attacker
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if err == handshake.ErrOpenerNotYetAvailable {
|
if err == handshake.ErrOpenerNotYetAvailable {
|
||||||
|
// Sealer for this encryption level not yet available.
|
||||||
|
// Try again later.
|
||||||
wasQueued = true
|
wasQueued = true
|
||||||
s.tryQueueingUndecryptablePacket(p)
|
s.tryQueueingUndecryptablePacket(p)
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
s.closeLocal(err)
|
// This might be a packet injected by an attacker.
|
||||||
|
// Drop it.
|
||||||
|
s.logger.Debugf("Dropping packet that could not be unpacked. Unpack error: %s", err)
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -519,6 +524,10 @@ func (s *session) handlePacketImpl(p *receivedPacket) bool /* was the packet suc
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (s *session) handleUnpackedPacket(packet *unpackedPacket, rcvTime time.Time) error {
|
func (s *session) handleUnpackedPacket(packet *unpackedPacket, rcvTime time.Time) error {
|
||||||
|
if len(packet.data) == 0 {
|
||||||
|
return qerr.MissingPayload
|
||||||
|
}
|
||||||
|
|
||||||
// The server can change the source connection ID with the first Handshake packet.
|
// The server can change the source connection ID with the first Handshake packet.
|
||||||
if s.perspective == protocol.PerspectiveClient && !s.receivedFirstPacket && packet.hdr.IsLongHeader && !packet.hdr.SrcConnectionID.Equal(s.destConnID) {
|
if s.perspective == protocol.PerspectiveClient && !s.receivedFirstPacket && packet.hdr.IsLongHeader && !packet.hdr.SrcConnectionID.Equal(s.destConnID) {
|
||||||
s.logger.Debugf("Received first packet. Switching destination connection ID to: %s", packet.hdr.SrcConnectionID)
|
s.logger.Debugf("Received first packet. Switching destination connection ID to: %s", packet.hdr.SrcConnectionID)
|
||||||
@ -539,23 +548,34 @@ func (s *session) handleUnpackedPacket(packet *unpackedPacket, rcvTime time.Time
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// If this is a Retry packet, there's no need to send an ACK.
|
r := bytes.NewReader(packet.data)
|
||||||
// The session will be closed and recreated as soon as the crypto setup processed the HRR.
|
var isRetransmittable bool
|
||||||
if packet.hdr.Type != protocol.PacketTypeRetry {
|
for {
|
||||||
isRetransmittable := ackhandler.HasRetransmittableFrames(packet.frames)
|
frame, err := wire.ParseNextFrame(r, s.version)
|
||||||
if err := s.receivedPacketHandler.ReceivedPacket(packet.packetNumber, rcvTime, isRetransmittable); err != nil {
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if frame == nil {
|
||||||
|
break
|
||||||
|
}
|
||||||
|
if ackhandler.IsFrameRetransmittable(frame) {
|
||||||
|
isRetransmittable = true
|
||||||
|
}
|
||||||
|
if err := s.handleFrame(frame, packet.packetNumber, packet.encryptionLevel); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return s.handleFrames(packet.frames, packet.packetNumber, packet.encryptionLevel)
|
if err := s.receivedPacketHandler.ReceivedPacket(packet.packetNumber, rcvTime, isRetransmittable); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *session) handleFrames(fs []wire.Frame, pn protocol.PacketNumber, encLevel protocol.EncryptionLevel) error {
|
func (s *session) handleFrame(f wire.Frame, pn protocol.PacketNumber, encLevel protocol.EncryptionLevel) error {
|
||||||
for _, ff := range fs {
|
|
||||||
var err error
|
var err error
|
||||||
wire.LogFrame(s.logger, ff, false)
|
wire.LogFrame(s.logger, f, false)
|
||||||
switch frame := ff.(type) {
|
switch frame := f.(type) {
|
||||||
case *wire.CryptoFrame:
|
case *wire.CryptoFrame:
|
||||||
err = s.handleCryptoFrame(frame, encLevel)
|
err = s.handleCryptoFrame(frame, encLevel)
|
||||||
case *wire.StreamFrame:
|
case *wire.StreamFrame:
|
||||||
@ -589,15 +609,10 @@ func (s *session) handleFrames(fs []wire.Frame, pn protocol.PacketNumber, encLev
|
|||||||
// since we don't send new connection IDs, we don't expect retirements
|
// since we don't send new connection IDs, we don't expect retirements
|
||||||
err = errors.New("unexpected RETIRE_CONNECTION_ID frame")
|
err = errors.New("unexpected RETIRE_CONNECTION_ID frame")
|
||||||
default:
|
default:
|
||||||
return errors.New("Session BUG: unexpected frame type")
|
err = fmt.Errorf("unexpected frame type: %s", reflect.ValueOf(&frame).Elem().Type().Name())
|
||||||
}
|
}
|
||||||
|
|
||||||
if err != nil {
|
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
}
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
// handlePacket is called by the server with a new packet
|
// handlePacket is called by the server with a new packet
|
||||||
func (s *session) handlePacket(p *receivedPacket) {
|
func (s *session) handlePacket(p *receivedPacket) {
|
||||||
@ -787,11 +802,7 @@ func (s *session) handleCloseError(closeErr closeError) error {
|
|||||||
if closeErr.remote {
|
if closeErr.remote {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
// otherwise send a CONNECTION_CLOSE
|
||||||
if quicErr.ErrorCode == qerr.DecryptionFailure {
|
|
||||||
// TODO(#943): send a stateless reset
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
return s.sendConnectionClose(quicErr)
|
return s.sendConnectionClose(quicErr)
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -830,7 +841,7 @@ sendLoop:
|
|||||||
// There will only be a new ACK after receiving new packets.
|
// There will only be a new ACK after receiving new packets.
|
||||||
// SendAck is only returned when we're congestion limited, so we don't need to set the pacingt timer.
|
// SendAck is only returned when we're congestion limited, so we don't need to set the pacingt timer.
|
||||||
return s.maybeSendAckOnlyPacket()
|
return s.maybeSendAckOnlyPacket()
|
||||||
case ackhandler.SendTLP, ackhandler.SendRTO:
|
case ackhandler.SendPTO:
|
||||||
if err := s.sendProbePacket(); err != nil {
|
if err := s.sendProbePacket(); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
12
vendor/github.com/lucas-clemente/quic-go/streams_map.go
generated
vendored
12
vendor/github.com/lucas-clemente/quic-go/streams_map.go
generated
vendored
@ -1,7 +1,9 @@
|
|||||||
package quic
|
package quic
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"net"
|
||||||
|
|
||||||
"github.com/lucas-clemente/quic-go/internal/flowcontrol"
|
"github.com/lucas-clemente/quic-go/internal/flowcontrol"
|
||||||
"github.com/lucas-clemente/quic-go/internal/handshake"
|
"github.com/lucas-clemente/quic-go/internal/handshake"
|
||||||
@ -9,6 +11,16 @@ import (
|
|||||||
"github.com/lucas-clemente/quic-go/internal/wire"
|
"github.com/lucas-clemente/quic-go/internal/wire"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
type streamOpenErr struct{ error }
|
||||||
|
|
||||||
|
var _ net.Error = &streamOpenErr{}
|
||||||
|
|
||||||
|
func (e streamOpenErr) Temporary() bool { return e.error == errTooManyOpenStreams }
|
||||||
|
func (streamOpenErr) Timeout() bool { return false }
|
||||||
|
|
||||||
|
// errTooManyOpenStreams is used internally by the outgoing streams maps.
|
||||||
|
var errTooManyOpenStreams = errors.New("too many open streams")
|
||||||
|
|
||||||
type streamsMap struct {
|
type streamsMap struct {
|
||||||
perspective protocol.Perspective
|
perspective protocol.Perspective
|
||||||
|
|
||||||
|
14
vendor/github.com/lucas-clemente/quic-go/streams_map_outgoing_bidi.go
generated
vendored
14
vendor/github.com/lucas-clemente/quic-go/streams_map_outgoing_bidi.go
generated
vendored
@ -49,7 +49,11 @@ func (m *outgoingBidiStreamsMap) OpenStream() (streamI, error) {
|
|||||||
m.mutex.Lock()
|
m.mutex.Lock()
|
||||||
defer m.mutex.Unlock()
|
defer m.mutex.Unlock()
|
||||||
|
|
||||||
return m.openStreamImpl()
|
str, err := m.openStreamImpl()
|
||||||
|
if err != nil {
|
||||||
|
return nil, streamOpenErr{err}
|
||||||
|
}
|
||||||
|
return str, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (m *outgoingBidiStreamsMap) OpenStreamSync() (streamI, error) {
|
func (m *outgoingBidiStreamsMap) OpenStreamSync() (streamI, error) {
|
||||||
@ -59,10 +63,10 @@ func (m *outgoingBidiStreamsMap) OpenStreamSync() (streamI, error) {
|
|||||||
for {
|
for {
|
||||||
str, err := m.openStreamImpl()
|
str, err := m.openStreamImpl()
|
||||||
if err == nil {
|
if err == nil {
|
||||||
return str, err
|
return str, nil
|
||||||
}
|
}
|
||||||
if err != nil && err != qerr.TooManyOpenStreams {
|
if err != nil && err != errTooManyOpenStreams {
|
||||||
return nil, err
|
return nil, streamOpenErr{err}
|
||||||
}
|
}
|
||||||
m.cond.Wait()
|
m.cond.Wait()
|
||||||
}
|
}
|
||||||
@ -87,7 +91,7 @@ func (m *outgoingBidiStreamsMap) openStreamImpl() (streamI, error) {
|
|||||||
}
|
}
|
||||||
m.blockedSent = true
|
m.blockedSent = true
|
||||||
}
|
}
|
||||||
return nil, qerr.TooManyOpenStreams
|
return nil, errTooManyOpenStreams
|
||||||
}
|
}
|
||||||
s := m.newStream(m.nextStream)
|
s := m.newStream(m.nextStream)
|
||||||
m.streams[m.nextStream] = s
|
m.streams[m.nextStream] = s
|
||||||
|
14
vendor/github.com/lucas-clemente/quic-go/streams_map_outgoing_generic.go
generated
vendored
14
vendor/github.com/lucas-clemente/quic-go/streams_map_outgoing_generic.go
generated
vendored
@ -47,7 +47,11 @@ func (m *outgoingItemsMap) OpenStream() (item, error) {
|
|||||||
m.mutex.Lock()
|
m.mutex.Lock()
|
||||||
defer m.mutex.Unlock()
|
defer m.mutex.Unlock()
|
||||||
|
|
||||||
return m.openStreamImpl()
|
str, err := m.openStreamImpl()
|
||||||
|
if err != nil {
|
||||||
|
return nil, streamOpenErr{err}
|
||||||
|
}
|
||||||
|
return str, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (m *outgoingItemsMap) OpenStreamSync() (item, error) {
|
func (m *outgoingItemsMap) OpenStreamSync() (item, error) {
|
||||||
@ -57,10 +61,10 @@ func (m *outgoingItemsMap) OpenStreamSync() (item, error) {
|
|||||||
for {
|
for {
|
||||||
str, err := m.openStreamImpl()
|
str, err := m.openStreamImpl()
|
||||||
if err == nil {
|
if err == nil {
|
||||||
return str, err
|
return str, nil
|
||||||
}
|
}
|
||||||
if err != nil && err != qerr.TooManyOpenStreams {
|
if err != nil && err != errTooManyOpenStreams {
|
||||||
return nil, err
|
return nil, streamOpenErr{err}
|
||||||
}
|
}
|
||||||
m.cond.Wait()
|
m.cond.Wait()
|
||||||
}
|
}
|
||||||
@ -85,7 +89,7 @@ func (m *outgoingItemsMap) openStreamImpl() (item, error) {
|
|||||||
}
|
}
|
||||||
m.blockedSent = true
|
m.blockedSent = true
|
||||||
}
|
}
|
||||||
return nil, qerr.TooManyOpenStreams
|
return nil, errTooManyOpenStreams
|
||||||
}
|
}
|
||||||
s := m.newStream(m.nextStream)
|
s := m.newStream(m.nextStream)
|
||||||
m.streams[m.nextStream] = s
|
m.streams[m.nextStream] = s
|
||||||
|
14
vendor/github.com/lucas-clemente/quic-go/streams_map_outgoing_uni.go
generated
vendored
14
vendor/github.com/lucas-clemente/quic-go/streams_map_outgoing_uni.go
generated
vendored
@ -49,7 +49,11 @@ func (m *outgoingUniStreamsMap) OpenStream() (sendStreamI, error) {
|
|||||||
m.mutex.Lock()
|
m.mutex.Lock()
|
||||||
defer m.mutex.Unlock()
|
defer m.mutex.Unlock()
|
||||||
|
|
||||||
return m.openStreamImpl()
|
str, err := m.openStreamImpl()
|
||||||
|
if err != nil {
|
||||||
|
return nil, streamOpenErr{err}
|
||||||
|
}
|
||||||
|
return str, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (m *outgoingUniStreamsMap) OpenStreamSync() (sendStreamI, error) {
|
func (m *outgoingUniStreamsMap) OpenStreamSync() (sendStreamI, error) {
|
||||||
@ -59,10 +63,10 @@ func (m *outgoingUniStreamsMap) OpenStreamSync() (sendStreamI, error) {
|
|||||||
for {
|
for {
|
||||||
str, err := m.openStreamImpl()
|
str, err := m.openStreamImpl()
|
||||||
if err == nil {
|
if err == nil {
|
||||||
return str, err
|
return str, nil
|
||||||
}
|
}
|
||||||
if err != nil && err != qerr.TooManyOpenStreams {
|
if err != nil && err != errTooManyOpenStreams {
|
||||||
return nil, err
|
return nil, streamOpenErr{err}
|
||||||
}
|
}
|
||||||
m.cond.Wait()
|
m.cond.Wait()
|
||||||
}
|
}
|
||||||
@ -87,7 +91,7 @@ func (m *outgoingUniStreamsMap) openStreamImpl() (sendStreamI, error) {
|
|||||||
}
|
}
|
||||||
m.blockedSent = true
|
m.blockedSent = true
|
||||||
}
|
}
|
||||||
return nil, qerr.TooManyOpenStreams
|
return nil, errTooManyOpenStreams
|
||||||
}
|
}
|
||||||
s := m.newStream(m.nextStream)
|
s := m.newStream(m.nextStream)
|
||||||
m.streams[m.nextStream] = s
|
m.streams[m.nextStream] = s
|
||||||
|
@ -250,6 +250,11 @@ func aeadAESGCM12(key, fixedNonce []byte) cipher.AEAD {
|
|||||||
return ret
|
return ret
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// AEADAESGCM13 creates a new AES-GCM AEAD for TLS 1.3
|
||||||
|
func AEADAESGCM13(key, fixedNonce []byte) cipher.AEAD {
|
||||||
|
return aeadAESGCM13(key, fixedNonce)
|
||||||
|
}
|
||||||
|
|
||||||
func aeadAESGCM13(key, fixedNonce []byte) cipher.AEAD {
|
func aeadAESGCM13(key, fixedNonce []byte) cipher.AEAD {
|
||||||
aes, err := aes.NewCipher(key)
|
aes, err := aes.NewCipher(key)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
Loading…
Reference in New Issue
Block a user