Line data Source code
1 : #ifndef HEADER_fd_src_waltz_quic_fd_quic_conn_h
2 : #define HEADER_fd_src_waltz_quic_fd_quic_conn_h
3 :
4 : #include "fd_quic.h"
5 : #include "fd_quic_ack_tx.h"
6 : #include "fd_quic_stream.h"
7 : #include "fd_quic_conn_id.h"
8 : #include "crypto/fd_quic_crypto_suites.h"
9 : #include "fd_quic_pkt_meta.h"
10 :
11 945492 : #define FD_QUIC_CONN_STATE_INVALID 0 /* dead object / freed */
12 345858 : #define FD_QUIC_CONN_STATE_HANDSHAKE 1 /* currently doing handshaking with peer */
13 91992 : #define FD_QUIC_CONN_STATE_HANDSHAKE_COMPLETE 2 /* handshake complete, confirming with peer */
14 43237644 : #define FD_QUIC_CONN_STATE_ACTIVE 3 /* connection established - data may be transferred */
15 42051 : #define FD_QUIC_CONN_STATE_PEER_CLOSE 4 /* peer requested close */
16 12405 : #define FD_QUIC_CONN_STATE_ABORT 5 /* connection terminating due to error */
17 42381 : #define FD_QUIC_CONN_STATE_CLOSE_PENDING 6 /* connection is closing */
18 109660403 : #define FD_QUIC_CONN_STATE_DEAD 7 /* connection about to be freed */
19 :
20 : #define FD_QUIC_REASON_CODES(X,SEP) \
21 0 : X(NO_ERROR , 0x00 , "No error" ) SEP \
22 0 : X(INTERNAL_ERROR , 0x01 , "Implementation error" ) SEP \
23 0 : X(CONNECTION_REFUSED , 0x02 , "Server refuses a connection" ) SEP \
24 0 : X(FLOW_CONTROL_ERROR , 0x03 , "Flow control error" ) SEP \
25 0 : X(STREAM_LIMIT_ERROR , 0x04 , "Too many streams opened" ) SEP \
26 0 : X(STREAM_STATE_ERROR , 0x05 , "Frame received in invalid stream state" ) SEP \
27 0 : X(FINAL_SIZE_ERROR , 0x06 , "Change to final size" ) SEP \
28 0 : X(FRAME_ENCODING_ERROR , 0x07 , "Frame encoding error" ) SEP \
29 0 : X(TRANSPORT_PARAMETER_ERROR , 0x08 , "Error in transport parameters" ) SEP \
30 0 : X(CONNECTION_ID_LIMIT_ERROR , 0x09 , "Too many connection IDs received" ) SEP \
31 0 : X(PROTOCOL_VIOLATION , 0x0a , "Generic protocol violation" ) SEP \
32 0 : X(INVALID_TOKEN , 0x0b , "Invalid Token received" ) SEP \
33 0 : X(APPLICATION_ERROR , 0x0c , "Application error" ) SEP \
34 0 : X(CRYPTO_BUFFER_EXCEEDED , 0x0d , "CRYPTO data buffer overflowed" ) SEP \
35 0 : X(KEY_UPDATE_ERROR , 0x0e , "Invalid packet protection update" ) SEP \
36 0 : X(AEAD_LIMIT_REACHED , 0x0f , "Excessive use of packet protection keys" ) SEP \
37 0 : X(NO_VIABLE_PATH , 0x10 , "No viable network path exists" ) SEP \
38 0 : X(CRYPTO_BASE , 0x100 , "0x0100-0x01ff CRYPTO_ERROR TLS alert code" ) SEP \
39 0 : X(HANDSHAKE_FAILURE , 0x128 , "Handshake failed" )
40 :
41 : enum {
42 : # define COMMA ,
43 : # define _(NAME,CODE,DESC) \
44 : FD_QUIC_CONN_REASON_##NAME = CODE
45 : FD_QUIC_REASON_CODES(_,COMMA)
46 : # undef _
47 : # undef COMMA
48 : };
49 :
50 : char const *
51 : fd_quic_conn_reason_name( uint reason );
52 :
53 :
54 : struct fd_quic_conn_stream_rx {
55 : ulong rx_hi_stream_id; /* highest RX stream ID sent by peer + 4 */
56 : ulong rx_sup_stream_id; /* highest allowed RX stream ID + 4 */
57 :
58 : ulong rx_max_data; /* the limit on the number of bytes the peer is allowed to send to us */
59 : ulong rx_tot_data; /* total of all bytes received across all streams and including implied bytes */
60 : ulong rx_max_data_ackd; /* max max_data acked by peer */
61 :
62 : ulong rx_max_streams_unidir_ackd; /* value of MAX_STREAMS acked for UNIDIR */
63 :
64 : long rx_streams_active; /* FIXME: This is a user scratch field, not in use by fd_quic */
65 :
66 : /* FIXME add a TLB */
67 : };
68 :
69 : typedef struct fd_quic_conn_stream_rx fd_quic_conn_stream_rx_t;
70 :
71 : struct fd_quic_conn {
72 : uint conn_idx; /* connection index */
73 : /* connections are sized at runtime */
74 : /* storing the index avoids a division */
75 : uint conn_gen; /* generation of this connection slot */
76 :
77 : fd_quic_t * quic;
78 : void * context; /* user context */
79 :
80 : uint server : 1; /* role from self POV: 0=client, 1=server */
81 : uint established : 1; /* used by clients to determine whether to
82 : switch the destination conn id used */
83 : uint transport_params_set : 1;
84 : uint called_conn_new : 1; /* whether we need to call conn_final on teardown */
85 : uint visited : 1; /* scratch bit, no strict definition */
86 : uint key_phase : 1;
87 : uint key_update : 1;
88 :
89 : /* Service queue dlist membership. All active conns (state not INVALID)
90 : are in a service queue, FD_QUIC_SVC_TYPE_WAIT by default.
91 : Free conns (svc_type==UINT_MAX) are members of a singly linked list
92 : (only src_next set) */
93 : uint svc_type; /* FD_QUIC_SVC_{...} or UINT_MAX */
94 : uint svc_prev;
95 : uint svc_next;
96 : ulong svc_time; /* service may be delayed until this timestamp */
97 :
98 : ulong our_conn_id;
99 :
100 : /* Save original retry_source_connection_id
101 : * This is used by clients to compare against the retry_source_connection_id
102 : * in the transport parameters as specified in rfc 9000 7.3 */
103 : fd_quic_conn_id_t retry_src_conn_id;
104 :
105 : /* Host network endpoint
106 : - for server, just a copy of config->net
107 : - for client, an allocated ephemeral UDP port */
108 : fd_quic_net_endpoint_t host;
109 :
110 : /* Peer network endpoints – have multiple connection ids and ip:port */
111 : /* TODO: footprint allows specifying conn_id_cnt but hardcoded limit used here */
112 : fd_quic_net_endpoint_t peer[1];
113 : fd_quic_conn_id_t peer_cids[1]; /* FIXME support new/retire conn ID */
114 :
115 : /* initial source connection id */
116 : ulong initial_source_conn_id;
117 :
118 : uint tx_max_datagram_sz; /* size of maximum datagram allowed by peer */
119 :
120 : /* handshake members */
121 : uint handshake_complete : 1; /* have we completed a successful handshake? */
122 : uint handshake_done_send : 1; /* do we need to send handshake-done to peer? */
123 : uint handshake_done_ackd : 1; /* was handshake_done ack'ed? */
124 : fd_quic_tls_hs_t * tls_hs;
125 :
126 : /* amount of handshake data already sent from head of queue */
127 : ulong hs_sent_bytes[4];
128 :
129 : /* amount of handshake data ack'ed by peer counted from head of queue */
130 : ulong hs_ackd_bytes[4];
131 :
132 : /* Keys for header and packet protection
133 : secrets: Contains 'master' secrets used to derive other keys
134 : keys[e][d]: Current pair of keys for each encryption level (e)
135 : and direction (d==0 is incoming, d==1 is outgoing)
136 : new_keys[e]: App keys to use for the next key update. Once app
137 : keys are available these are always kept up-to-date
138 : keys_avail: Bit set of available keys, LSB indexed by enc level */
139 : fd_quic_crypto_secrets_t secrets;
140 : fd_quic_crypto_keys_t keys[FD_QUIC_NUM_ENC_LEVELS][2];
141 : fd_quic_crypto_keys_t new_keys[2];
142 : uint keys_avail;
143 :
144 : fd_quic_stream_t send_streams[1]; /* sentinel of list of streams needing action */
145 : fd_quic_stream_t used_streams[1]; /* sentinel of list of used streams */
146 : /* invariant: an allocated stream must be in exactly one of the following lists:
147 : send_streams
148 : used_streams */
149 :
150 : /* stream id members */
151 : ulong tx_next_stream_id; /* stream ID to be used for new stream */
152 : ulong tx_sup_stream_id; /* highest allowed TX stream ID + 4 */
153 :
154 : fd_quic_stream_map_t * stream_map; /* map stream_id -> stream */
155 :
156 : /* packet number info
157 : each encryption level maps to a packet number space
158 : 0-RTT and 1-RTT both map to APPLICATION
159 : pkt_number[j] represents the minimum acceptable packet number
160 : "expected packet number"
161 : packets with a number lower than this will be dropped */
162 : ulong exp_pkt_number[3]; /* different packet number spaces:
163 : INITIAL, HANDSHAKE and APPLICATION */
164 : ulong pkt_number[3]; /* tx packet number by pn space */
165 : ulong last_pkt_number[3]; /* last (highest) packet numer seen */
166 :
167 : ushort ipv4_id; /* ipv4 id field */
168 :
169 : /* buffer to send next */
170 : /* rename tx_buf, since it's easy to confuse with stream->tx_buf */
171 : /* must be at least FD_QUIC_MAX_UDP_PAYLOAD_SZ */
172 : uchar tx_buf[2048];
173 : uchar * tx_ptr; /* ptr to free space in tx_scratch */
174 : ulong tx_sz; /* sz remaining at ptr */
175 :
176 : uint state;
177 : uint reason; /* quic reason for closing. see FD_QUIC_CONN_REASON_* */
178 : uint app_reason; /* application reason for closing */
179 :
180 : fd_quic_ack_gen_t ack_gen[1];
181 : ulong unacked_sz; /* Number of received stream frame payload bytes pending ACK */
182 : /* Resets to zero when conn is rescheduled or ACKs are sent */
183 :
184 : /* TODO find better name than pool */
185 : fd_quic_pkt_meta_pool_t pkt_meta_pool;
186 : fd_quic_pkt_meta_t * pkt_meta_mem; /* owns the memory */
187 :
188 : /* flow control */
189 : ulong tx_max_data; /* the limit on the number of bytes we are allowed
190 : to send to the peer across all streams */
191 : /* even if a bytes on a stream are not received,
192 : higher offsets received imply the usage of those bytes,
193 : and they count against the max */
194 : ulong tx_tot_data; /* total of all bytes received across all streams
195 : and including implied bytes */
196 :
197 : uint flags;
198 12099 : # define FD_QUIC_CONN_FLAGS_MAX_DATA (1u<<0u)
199 42420 : # define FD_QUIC_CONN_FLAGS_CLOSE_SENT (1u<<1u)
200 12099 : # define FD_QUIC_CONN_FLAGS_MAX_STREAMS_UNIDIR (1u<<2u)
201 14363015 : # define FD_QUIC_CONN_FLAGS_PING (1u<<4u)
202 14350916 : # define FD_QUIC_CONN_FLAGS_PING_SENT (1u<<5u)
203 :
204 : /* max stream data per stream type */
205 : ulong tx_initial_max_stream_data_uni;
206 :
207 : /* last tx packet num with max_data frame referring to this stream
208 : set to next_pkt_number to indicate a new max_data frame should be sent
209 : if we time out this packet (or possibly a later packet) we resend the frame
210 : and update this value */
211 : ulong upd_pkt_number;
212 :
213 : /* current round-trip-time (FIXME this never updates) */
214 : ulong rtt;
215 :
216 : /* highest peer encryption level */
217 : uchar peer_enc_level;
218 :
219 : /* idle timeout arguments */
220 : ulong idle_timeout;
221 : ulong last_activity;
222 :
223 : /* rx_limit_pktnum is the newest inflight packet number in which
224 : the current rx_{sup_stream_id,max_data} values were sent to the
225 : peer. (via MAX_STREAMS and MAX_DATA quota frames)
226 : FD_QUIC_PKT_NUM_UNUSED indicates that the peer ACked the latest
227 : quota update, and thus is in sync with the server.
228 : FD_QUIC_PKT_NUM_PENDING indicates that no packet with the current
229 : rx_{sup_stream_id,max_data} value was sent yet. Will trigger a
230 : send attempt at the next fd_quic_conn_tx call. */
231 : ulong rx_limit_pktnum;
232 :
233 : ulong token_len;
234 : uchar token[ FD_QUIC_RETRY_MAX_TOKEN_SZ ];
235 :
236 : fd_quic_conn_stream_rx_t srx[1];
237 : };
238 :
239 : FD_PROTOTYPES_BEGIN
240 :
241 : FD_FN_CONST static inline ulong
242 0 : fd_quic_conn_uid( fd_quic_conn_t const * conn ) {
243 0 : return ( (ulong)conn->conn_idx << 32UL ) | ( (ulong)conn->conn_gen );
244 0 : }
245 :
246 : FD_FN_CONST static inline uint
247 0 : fd_quic_conn_uid_idx( ulong conn_uid ) {
248 0 : return (uint)( conn_uid >> 32UL );
249 0 : }
250 :
251 : FD_FN_CONST static inline uint
252 0 : fd_quic_conn_uid_gen( ulong conn_uid ) {
253 0 : return (uint)( conn_uid & 0xffffffffUL );
254 0 : }
255 :
256 : /* returns the alignment requirement of fd_quic_conn_t */
257 : FD_FN_CONST ulong
258 : fd_quic_conn_align( void );
259 :
260 : /* returns the footprint of the connection object for given limits */
261 : FD_FN_PURE ulong
262 : fd_quic_conn_footprint( fd_quic_limits_t const * );
263 :
264 : /* called by fd_quic_new to initialize the connection objects
265 : used by fd_quic */
266 : fd_quic_conn_t *
267 : fd_quic_conn_new( void * mem,
268 : fd_quic_t * quic,
269 : fd_quic_limits_t const * limits );
270 :
271 : /* set the user-defined context value on the connection */
272 : void
273 : fd_quic_conn_set_context( fd_quic_conn_t * conn, void * context );
274 :
275 : /* get the user-defined context value from a connection */
276 : void *
277 : fd_quic_conn_get_context( fd_quic_conn_t * conn );
278 :
279 : FD_PROTOTYPES_END
280 :
281 : #endif /* HEADER_fd_src_waltz_quic_fd_quic_conn_h */
|
